diff options
Diffstat (limited to 'src/crypto/pkcs8/pkcs8.c')
-rw-r--r-- | src/crypto/pkcs8/pkcs8.c | 255 |
1 files changed, 139 insertions, 116 deletions
diff --git a/src/crypto/pkcs8/pkcs8.c b/src/crypto/pkcs8/pkcs8.c index 843c74d..8067c91 100644 --- a/src/crypto/pkcs8/pkcs8.c +++ b/src/crypto/pkcs8/pkcs8.c @@ -69,6 +69,7 @@ #include <openssl/mem.h> #include <openssl/x509.h> +#include "internal.h" #include "../bytestring/internal.h" #include "../evp/internal.h" @@ -200,7 +201,7 @@ static int pkcs12_key_gen_raw(const uint8_t *pass_raw, size_t pass_raw_len, } err: - OPENSSL_PUT_ERROR(PKCS8, pkcs12_key_gen_raw, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(PKCS8, ERR_R_MALLOC_FAILURE); end: OPENSSL_free(Ai); @@ -227,14 +228,14 @@ static int pkcs12_pbe_keyivgen(EVP_CIPHER_CTX *ctx, const uint8_t *pass_raw, /* Extract useful info from parameter */ if (param == NULL || param->type != V_ASN1_SEQUENCE || param->value.sequence == NULL) { - OPENSSL_PUT_ERROR(PKCS8, pkcs12_pbe_keyivgen, PKCS8_R_DECODE_ERROR); + OPENSSL_PUT_ERROR(PKCS8, PKCS8_R_DECODE_ERROR); return 0; } pbuf = param->value.sequence->data; pbe = d2i_PBEPARAM(NULL, &pbuf, param->value.sequence->length); if (pbe == NULL) { - OPENSSL_PUT_ERROR(PKCS8, pkcs12_pbe_keyivgen, PKCS8_R_DECODE_ERROR); + OPENSSL_PUT_ERROR(PKCS8, PKCS8_R_DECODE_ERROR); return 0; } @@ -247,13 +248,13 @@ static int pkcs12_pbe_keyivgen(EVP_CIPHER_CTX *ctx, const uint8_t *pass_raw, salt_len = pbe->salt->length; if (!pkcs12_key_gen_raw(pass_raw, pass_raw_len, salt, salt_len, PKCS12_KEY_ID, iterations, EVP_CIPHER_key_length(cipher), key, md)) { - OPENSSL_PUT_ERROR(PKCS8, pkcs12_pbe_keyivgen, PKCS8_R_KEY_GEN_ERROR); + OPENSSL_PUT_ERROR(PKCS8, PKCS8_R_KEY_GEN_ERROR); PBEPARAM_free(pbe); return 0; } if (!pkcs12_key_gen_raw(pass_raw, pass_raw_len, salt, salt_len, PKCS12_IV_ID, iterations, EVP_CIPHER_iv_length(cipher), iv, md)) { - OPENSSL_PUT_ERROR(PKCS8, pkcs12_pbe_keyivgen, PKCS8_R_KEY_GEN_ERROR); + OPENSSL_PUT_ERROR(PKCS8, PKCS8_R_KEY_GEN_ERROR); PBEPARAM_free(pbe); return 0; } @@ -274,42 +275,93 @@ struct pbe_suite { const EVP_CIPHER* (*cipher_func)(void); const EVP_MD* (*md_func)(void); keygen_func keygen; + int flags; }; +#define PBE_UCS2_CONVERT_PASSWORD 0x1 + static const struct pbe_suite kBuiltinPBE[] = { { - NID_pbe_WithSHA1And40BitRC2_CBC, EVP_rc2_40_cbc, EVP_sha1, pkcs12_pbe_keyivgen, + NID_pbe_WithSHA1And40BitRC2_CBC, EVP_rc2_40_cbc, EVP_sha1, + pkcs12_pbe_keyivgen, PBE_UCS2_CONVERT_PASSWORD }, { NID_pbe_WithSHA1And128BitRC4, EVP_rc4, EVP_sha1, pkcs12_pbe_keyivgen, + PBE_UCS2_CONVERT_PASSWORD }, { NID_pbe_WithSHA1And3_Key_TripleDES_CBC, EVP_des_ede3_cbc, EVP_sha1, - pkcs12_pbe_keyivgen, + pkcs12_pbe_keyivgen, PBE_UCS2_CONVERT_PASSWORD + }, + { + NID_pbes2, NULL, NULL, PKCS5_v2_PBE_keyivgen, 0 }, }; +static const struct pbe_suite *get_pbe_suite(int pbe_nid) { + unsigned i; + for (i = 0; i < sizeof(kBuiltinPBE) / sizeof(kBuiltinPBE[0]); i++) { + if (kBuiltinPBE[i].pbe_nid == pbe_nid) { + return &kBuiltinPBE[i]; + } + } + + return NULL; +} + +/* pass_to_pass_raw performs a password conversion (possibly a no-op) + * appropriate to the supplied |pbe_nid|. The input |pass| is treated as a + * NUL-terminated string if |pass_len| is -1, otherwise it is treated as a + * buffer of the specified length. If the supplied PBE NID sets the + * |PBE_UCS2_CONVERT_PASSWORD| flag, the supplied |pass| will be converted to + * UCS-2. + * + * It sets |*out_pass_raw| to a new buffer that must be freed by the caller. It + * returns one on success and zero on error. */ +static int pass_to_pass_raw(int pbe_nid, const char *pass, int pass_len, + uint8_t **out_pass_raw, size_t *out_pass_raw_len) { + if (pass == NULL) { + *out_pass_raw = NULL; + *out_pass_raw_len = 0; + return 1; + } + + if (pass_len == -1) { + pass_len = strlen(pass); + } else if (pass_len < 0 || pass_len > 2000000000) { + OPENSSL_PUT_ERROR(PKCS8, ERR_R_OVERFLOW); + return 0; + } + + const struct pbe_suite *suite = get_pbe_suite(pbe_nid); + if (suite != NULL && (suite->flags & PBE_UCS2_CONVERT_PASSWORD)) { + if (!ascii_to_ucs2(pass, pass_len, out_pass_raw, out_pass_raw_len)) { + OPENSSL_PUT_ERROR(PKCS8, PKCS8_R_DECODE_ERROR); + return 0; + } + } else { + *out_pass_raw = BUF_memdup(pass, pass_len); + if (*out_pass_raw == NULL) { + OPENSSL_PUT_ERROR(PKCS8, ERR_R_MALLOC_FAILURE); + return 0; + } + *out_pass_raw_len = (size_t)pass_len; + } + + return 1; +} + static int pbe_cipher_init(ASN1_OBJECT *pbe_obj, const uint8_t *pass_raw, size_t pass_raw_len, ASN1_TYPE *param, EVP_CIPHER_CTX *ctx, int is_encrypt) { const EVP_CIPHER *cipher; const EVP_MD *md; - unsigned i; - - const struct pbe_suite *suite = NULL; - const int pbe_nid = OBJ_obj2nid(pbe_obj); - - for (i = 0; i < sizeof(kBuiltinPBE) / sizeof(struct pbe_suite); i++) { - if (kBuiltinPBE[i].pbe_nid == pbe_nid) { - suite = &kBuiltinPBE[i]; - break; - } - } + const struct pbe_suite *suite = get_pbe_suite(OBJ_obj2nid(pbe_obj)); if (suite == NULL) { char obj_str[80]; - OPENSSL_PUT_ERROR(PKCS8, pbe_cipher_init, PKCS8_R_UNKNOWN_ALGORITHM); + OPENSSL_PUT_ERROR(PKCS8, PKCS8_R_UNKNOWN_ALGORITHM); if (!pbe_obj) { strncpy(obj_str, "NULL", sizeof(obj_str)); } else { @@ -324,7 +376,7 @@ static int pbe_cipher_init(ASN1_OBJECT *pbe_obj, } else { cipher = suite->cipher_func(); if (!cipher) { - OPENSSL_PUT_ERROR(PKCS8, pbe_cipher_init, PKCS8_R_UNKNOWN_CIPHER); + OPENSSL_PUT_ERROR(PKCS8, PKCS8_R_UNKNOWN_CIPHER); return 0; } } @@ -334,14 +386,14 @@ static int pbe_cipher_init(ASN1_OBJECT *pbe_obj, } else { md = suite->md_func(); if (!md) { - OPENSSL_PUT_ERROR(PKCS8, pbe_cipher_init, PKCS8_R_UNKNOWN_DIGEST); + OPENSSL_PUT_ERROR(PKCS8, PKCS8_R_UNKNOWN_DIGEST); return 0; } } if (!suite->keygen(ctx, pass_raw, pass_raw_len, param, cipher, md, is_encrypt)) { - OPENSSL_PUT_ERROR(PKCS8, pbe_cipher_init, PKCS8_R_KEYGEN_FAILURE); + OPENSSL_PUT_ERROR(PKCS8, PKCS8_R_KEYGEN_FAILURE); return 0; } @@ -362,32 +414,32 @@ static int pbe_crypt(const X509_ALGOR *algor, if (!pbe_cipher_init(algor->algorithm, pass_raw, pass_raw_len, algor->parameter, &ctx, is_encrypt)) { - OPENSSL_PUT_ERROR(PKCS8, pbe_crypt, PKCS8_R_UNKNOWN_CIPHER_ALGORITHM); + OPENSSL_PUT_ERROR(PKCS8, PKCS8_R_UNKNOWN_CIPHER_ALGORITHM); return 0; } block_size = EVP_CIPHER_CTX_block_size(&ctx); if (in_len + block_size < in_len) { - OPENSSL_PUT_ERROR(PKCS8, pbe_crypt, PKCS8_R_TOO_LONG); + OPENSSL_PUT_ERROR(PKCS8, PKCS8_R_TOO_LONG); goto err; } buf = OPENSSL_malloc(in_len + block_size); if (buf == NULL) { - OPENSSL_PUT_ERROR(PKCS8, pbe_crypt, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(PKCS8, ERR_R_MALLOC_FAILURE); goto err; } if (!EVP_CipherUpdate(&ctx, buf, &n, in, in_len)) { OPENSSL_free(buf); - OPENSSL_PUT_ERROR(PKCS8, pbe_crypt, ERR_R_EVP_LIB); + OPENSSL_PUT_ERROR(PKCS8, ERR_R_EVP_LIB); goto err; } *out_len = n; if (!EVP_CipherFinal_ex(&ctx, buf + n, &n)) { OPENSSL_free(buf); - OPENSSL_PUT_ERROR(PKCS8, pbe_crypt, ERR_R_EVP_LIB); + OPENSSL_PUT_ERROR(PKCS8, ERR_R_EVP_LIB); goto err; } *out_len += n; @@ -410,14 +462,14 @@ static void *pkcs12_item_decrypt_d2i(X509_ALGOR *algor, const ASN1_ITEM *it, if (!pbe_crypt(algor, pass_raw, pass_raw_len, oct->data, oct->length, &out, &out_len, 0 /* decrypt */)) { - OPENSSL_PUT_ERROR(PKCS8, pkcs12_item_decrypt_d2i, PKCS8_R_CRYPT_ERROR); + OPENSSL_PUT_ERROR(PKCS8, PKCS8_R_CRYPT_ERROR); return NULL; } p = out; ret = ASN1_item_d2i(NULL, &p, out_len, it); OPENSSL_cleanse(out, out_len); if (!ret) { - OPENSSL_PUT_ERROR(PKCS8, pkcs12_item_decrypt_d2i, PKCS8_R_DECODE_ERROR); + OPENSSL_PUT_ERROR(PKCS8, PKCS8_R_DECODE_ERROR); } OPENSSL_free(out); return ret; @@ -427,19 +479,12 @@ PKCS8_PRIV_KEY_INFO *PKCS8_decrypt(X509_SIG *pkcs8, const char *pass, int pass_len) { uint8_t *pass_raw = NULL; size_t pass_raw_len = 0; - PKCS8_PRIV_KEY_INFO *ret; - - if (pass) { - if (pass_len == -1) { - pass_len = strlen(pass); - } - if (!ascii_to_ucs2(pass, pass_len, &pass_raw, &pass_raw_len)) { - OPENSSL_PUT_ERROR(PKCS8, PKCS8_decrypt, PKCS8_R_DECODE_ERROR); - return NULL; - } + if (!pass_to_pass_raw(OBJ_obj2nid(pkcs8->algor->algorithm), pass, pass_len, + &pass_raw, &pass_raw_len)) { + return NULL; } - ret = PKCS8_decrypt_pbe(pkcs8, pass_raw, pass_raw_len); + PKCS8_PRIV_KEY_INFO *ret = PKCS8_decrypt_pbe(pkcs8, pass_raw, pass_raw_len); if (pass_raw) { OPENSSL_cleanse(pass_raw, pass_raw_len); @@ -466,17 +511,17 @@ static ASN1_OCTET_STRING *pkcs12_item_i2d_encrypt(X509_ALGOR *algor, oct = M_ASN1_OCTET_STRING_new(); if (oct == NULL) { - OPENSSL_PUT_ERROR(PKCS8, pkcs12_item_i2d_encrypt, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(PKCS8, ERR_R_MALLOC_FAILURE); return NULL; } in_len = ASN1_item_i2d(obj, &in, it); if (!in) { - OPENSSL_PUT_ERROR(PKCS8, pkcs12_item_i2d_encrypt, PKCS8_R_ENCODE_ERROR); + OPENSSL_PUT_ERROR(PKCS8, PKCS8_R_ENCODE_ERROR); return NULL; } if (!pbe_crypt(algor, pass_raw, pass_raw_len, in, in_len, &oct->data, &crypt_len, 1 /* encrypt */)) { - OPENSSL_PUT_ERROR(PKCS8, pkcs12_item_i2d_encrypt, PKCS8_R_ENCRYPT_ERROR); + OPENSSL_PUT_ERROR(PKCS8, PKCS8_R_ENCRYPT_ERROR); OPENSSL_free(in); return NULL; } @@ -491,20 +536,12 @@ X509_SIG *PKCS8_encrypt(int pbe_nid, const EVP_CIPHER *cipher, const char *pass, int iterations, PKCS8_PRIV_KEY_INFO *p8inf) { uint8_t *pass_raw = NULL; size_t pass_raw_len = 0; - X509_SIG *ret; - - if (pass) { - if (pass_len == -1) { - pass_len = strlen(pass); - } - if (!ascii_to_ucs2(pass, pass_len, &pass_raw, &pass_raw_len)) { - OPENSSL_PUT_ERROR(PKCS8, PKCS8_encrypt, PKCS8_R_DECODE_ERROR); - return NULL; - } + if (!pass_to_pass_raw(pbe_nid, pass, pass_len, &pass_raw, &pass_raw_len)) { + return NULL; } - ret = PKCS8_encrypt_pbe(pbe_nid, pass_raw, pass_raw_len, - salt, salt_len, iterations, p8inf); + X509_SIG *ret = PKCS8_encrypt_pbe(pbe_nid, cipher, pass_raw, pass_raw_len, + salt, salt_len, iterations, p8inf); if (pass_raw) { OPENSSL_cleanse(pass_raw, pass_raw_len); @@ -513,7 +550,7 @@ X509_SIG *PKCS8_encrypt(int pbe_nid, const EVP_CIPHER *cipher, const char *pass, return ret; } -X509_SIG *PKCS8_encrypt_pbe(int pbe_nid, +X509_SIG *PKCS8_encrypt_pbe(int pbe_nid, const EVP_CIPHER *cipher, const uint8_t *pass_raw, size_t pass_raw_len, uint8_t *salt, size_t salt_len, int iterations, PKCS8_PRIV_KEY_INFO *p8inf) { @@ -522,13 +559,17 @@ X509_SIG *PKCS8_encrypt_pbe(int pbe_nid, pkcs8 = X509_SIG_new(); if (pkcs8 == NULL) { - OPENSSL_PUT_ERROR(PKCS8, PKCS8_encrypt_pbe, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(PKCS8, ERR_R_MALLOC_FAILURE); goto err; } - pbe = PKCS5_pbe_set(pbe_nid, iterations, salt, salt_len); + if (pbe_nid == -1) { + pbe = PKCS5_pbe2_set(cipher, iterations, salt, salt_len); + } else { + pbe = PKCS5_pbe_set(pbe_nid, iterations, salt, salt_len); + } if (!pbe) { - OPENSSL_PUT_ERROR(PKCS8, PKCS8_encrypt_pbe, ERR_R_ASN1_LIB); + OPENSSL_PUT_ERROR(PKCS8, ERR_R_ASN1_LIB); goto err; } @@ -538,7 +579,7 @@ X509_SIG *PKCS8_encrypt_pbe(int pbe_nid, pkcs8->digest = pkcs12_item_i2d_encrypt( pbe, ASN1_ITEM_rptr(PKCS8_PRIV_KEY_INFO), pass_raw, pass_raw_len, p8inf); if (!pkcs8->digest) { - OPENSSL_PUT_ERROR(PKCS8, PKCS8_encrypt_pbe, PKCS8_R_ENCRYPT_ERROR); + OPENSSL_PUT_ERROR(PKCS8, PKCS8_R_ENCRYPT_ERROR); goto err; } @@ -560,13 +601,12 @@ EVP_PKEY *EVP_PKCS82PKEY(PKCS8_PRIV_KEY_INFO *p8) { pkey = EVP_PKEY_new(); if (pkey == NULL) { - OPENSSL_PUT_ERROR(PKCS8, EVP_PKCS82PKEY, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(PKCS8, ERR_R_MALLOC_FAILURE); return NULL; } if (!EVP_PKEY_set_type(pkey, OBJ_obj2nid(algoid))) { - OPENSSL_PUT_ERROR(PKCS8, EVP_PKCS82PKEY, - PKCS8_R_UNSUPPORTED_PRIVATE_KEY_ALGORITHM); + OPENSSL_PUT_ERROR(PKCS8, PKCS8_R_UNSUPPORTED_PRIVATE_KEY_ALGORITHM); i2t_ASN1_OBJECT(obj_tmp, 80, algoid); ERR_add_error_data(2, "TYPE=", obj_tmp); goto error; @@ -574,11 +614,11 @@ EVP_PKEY *EVP_PKCS82PKEY(PKCS8_PRIV_KEY_INFO *p8) { if (pkey->ameth->priv_decode) { if (!pkey->ameth->priv_decode(pkey, p8)) { - OPENSSL_PUT_ERROR(PKCS8, EVP_PKCS82PKEY, PKCS8_R_PRIVATE_KEY_DECODE_ERROR); + OPENSSL_PUT_ERROR(PKCS8, PKCS8_R_PRIVATE_KEY_DECODE_ERROR); goto error; } } else { - OPENSSL_PUT_ERROR(PKCS8, EVP_PKCS82PKEY, PKCS8_R_METHOD_NOT_SUPPORTED); + OPENSSL_PUT_ERROR(PKCS8, PKCS8_R_METHOD_NOT_SUPPORTED); goto error; } @@ -594,7 +634,7 @@ PKCS8_PRIV_KEY_INFO *EVP_PKEY2PKCS8(EVP_PKEY *pkey) { p8 = PKCS8_PRIV_KEY_INFO_new(); if (p8 == NULL) { - OPENSSL_PUT_ERROR(PKCS8, EVP_PKEY2PKCS8, ERR_R_MALLOC_FAILURE); + OPENSSL_PUT_ERROR(PKCS8, ERR_R_MALLOC_FAILURE); return NULL; } p8->broken = PKCS8_OK; @@ -602,17 +642,15 @@ PKCS8_PRIV_KEY_INFO *EVP_PKEY2PKCS8(EVP_PKEY *pkey) { if (pkey->ameth) { if (pkey->ameth->priv_encode) { if (!pkey->ameth->priv_encode(p8, pkey)) { - OPENSSL_PUT_ERROR(PKCS8, EVP_PKEY2PKCS8, - PKCS8_R_PRIVATE_KEY_ENCODE_ERROR); + OPENSSL_PUT_ERROR(PKCS8, PKCS8_R_PRIVATE_KEY_ENCODE_ERROR); goto error; } } else { - OPENSSL_PUT_ERROR(PKCS8, EVP_PKEY2PKCS8, PKCS8_R_METHOD_NOT_SUPPORTED); + OPENSSL_PUT_ERROR(PKCS8, PKCS8_R_METHOD_NOT_SUPPORTED); goto error; } } else { - OPENSSL_PUT_ERROR(PKCS8, EVP_PKEY2PKCS8, - PKCS8_R_UNSUPPORTED_PRIVATE_KEY_ALGORITHM); + OPENSSL_PUT_ERROR(PKCS8, PKCS8_R_UNSUPPORTED_PRIVATE_KEY_ALGORITHM); goto error; } return p8; @@ -646,8 +684,7 @@ static int PKCS12_handle_content_infos(CBS *content_infos, * pkcs7-encryptedData and a pkcs7-data) and depth 1 (the various PKCS#12 * bags). */ if (depth > 3) { - OPENSSL_PUT_ERROR(PKCS8, PKCS12_handle_content_infos, - PKCS8_R_PKCS12_TOO_DEEPLY_NESTED); + OPENSSL_PUT_ERROR(PKCS8, PKCS8_R_PKCS12_TOO_DEEPLY_NESTED); return 0; } @@ -656,6 +693,7 @@ static int PKCS12_handle_content_infos(CBS *content_infos, * conversion cannot see through those wrappings. So each time we step * through one we need to convert to DER again. */ if (!CBS_asn1_ber_to_der(content_infos, &der_bytes, &der_len)) { + OPENSSL_PUT_ERROR(PKCS8, PKCS8_R_BAD_PKCS12_DATA); return 0; } @@ -666,16 +704,14 @@ static int PKCS12_handle_content_infos(CBS *content_infos, } if (!CBS_get_asn1(&in, &in, CBS_ASN1_SEQUENCE)) { - OPENSSL_PUT_ERROR(PKCS8, PKCS12_handle_content_infos, - PKCS8_R_BAD_PKCS12_DATA); + OPENSSL_PUT_ERROR(PKCS8, PKCS8_R_BAD_PKCS12_DATA); goto err; } while (CBS_len(&in) > 0) { CBS content_info; if (!CBS_get_asn1(&in, &content_info, CBS_ASN1_SEQUENCE)) { - OPENSSL_PUT_ERROR(PKCS8, PKCS12_handle_content_infos, - PKCS8_R_BAD_PKCS12_DATA); + OPENSSL_PUT_ERROR(PKCS8, PKCS8_R_BAD_PKCS12_DATA); goto err; } @@ -705,8 +741,7 @@ static int PKCS12_handle_content_info(CBS *content_info, unsigned depth, if (!CBS_get_asn1(content_info, &content_type, CBS_ASN1_OBJECT) || !CBS_get_asn1(content_info, &wrapped_contents, CBS_ASN1_CONTEXT_SPECIFIC | CBS_ASN1_CONSTRUCTED | 0)) { - OPENSSL_PUT_ERROR(PKCS8, PKCS12_handle_content_info, - PKCS8_R_BAD_PKCS12_DATA); + OPENSSL_PUT_ERROR(PKCS8, PKCS8_R_BAD_PKCS12_DATA); goto err; } @@ -734,14 +769,12 @@ static int PKCS12_handle_content_info(CBS *content_info, unsigned depth, !CBS_get_asn1_element(&eci, &ai, CBS_ASN1_SEQUENCE) || !CBS_get_asn1(&eci, &encrypted_contents, CBS_ASN1_CONTEXT_SPECIFIC | 0)) { - OPENSSL_PUT_ERROR(PKCS8, PKCS12_handle_content_info, - PKCS8_R_BAD_PKCS12_DATA); + OPENSSL_PUT_ERROR(PKCS8, PKCS8_R_BAD_PKCS12_DATA); goto err; } if (OBJ_cbs2nid(&contents_type) != NID_pkcs7_data) { - OPENSSL_PUT_ERROR(PKCS8, PKCS12_handle_content_info, - PKCS8_R_BAD_PKCS12_DATA); + OPENSSL_PUT_ERROR(PKCS8, PKCS8_R_BAD_PKCS12_DATA); goto err; } @@ -752,8 +785,7 @@ static int PKCS12_handle_content_info(CBS *content_info, unsigned depth, } if (inp != CBS_data(&ai) + CBS_len(&ai)) { X509_ALGOR_free(algor); - OPENSSL_PUT_ERROR(PKCS8, PKCS12_handle_content_info, - PKCS8_R_BAD_PKCS12_DATA); + OPENSSL_PUT_ERROR(PKCS8, PKCS8_R_BAD_PKCS12_DATA); goto err; } @@ -773,8 +805,7 @@ static int PKCS12_handle_content_info(CBS *content_info, unsigned depth, if (!CBS_get_asn1(&wrapped_contents, &octet_string_contents, CBS_ASN1_OCTETSTRING)) { - OPENSSL_PUT_ERROR(PKCS8, PKCS12_handle_content_info, - PKCS8_R_BAD_PKCS12_DATA); + OPENSSL_PUT_ERROR(PKCS8, PKCS8_R_BAD_PKCS12_DATA); goto err; } @@ -787,8 +818,7 @@ static int PKCS12_handle_content_info(CBS *content_info, unsigned depth, X509_SIG *encrypted = NULL; if (*ctx->out_key) { - OPENSSL_PUT_ERROR(PKCS8, PKCS12_handle_content_info, - PKCS8_R_MULTIPLE_PRIVATE_KEYS_IN_PKCS12); + OPENSSL_PUT_ERROR(PKCS8, PKCS8_R_MULTIPLE_PRIVATE_KEYS_IN_PKCS12); goto err; } @@ -796,13 +826,11 @@ static int PKCS12_handle_content_info(CBS *content_info, unsigned depth, * structure as one and so |X509_SIG| is reused to store it. */ encrypted = d2i_X509_SIG(NULL, &inp, CBS_len(&wrapped_contents)); if (encrypted == NULL) { - OPENSSL_PUT_ERROR(PKCS8, PKCS12_handle_content_info, - PKCS8_R_BAD_PKCS12_DATA); + OPENSSL_PUT_ERROR(PKCS8, PKCS8_R_BAD_PKCS12_DATA); goto err; } if (inp != CBS_data(&wrapped_contents) + CBS_len(&wrapped_contents)) { - OPENSSL_PUT_ERROR(PKCS8, PKCS12_handle_content_info, - PKCS8_R_BAD_PKCS12_DATA); + OPENSSL_PUT_ERROR(PKCS8, PKCS8_R_BAD_PKCS12_DATA); X509_SIG_free(encrypted); goto err; } @@ -828,8 +856,7 @@ static int PKCS12_handle_content_info(CBS *content_info, unsigned depth, !CBS_get_asn1(&cert_bag, &wrapped_cert, CBS_ASN1_CONTEXT_SPECIFIC | CBS_ASN1_CONSTRUCTED | 0) || !CBS_get_asn1(&wrapped_cert, &cert, CBS_ASN1_OCTETSTRING)) { - OPENSSL_PUT_ERROR(PKCS8, PKCS12_handle_content_info, - PKCS8_R_BAD_PKCS12_DATA); + OPENSSL_PUT_ERROR(PKCS8, PKCS8_R_BAD_PKCS12_DATA); goto err; } @@ -837,13 +864,11 @@ static int PKCS12_handle_content_info(CBS *content_info, unsigned depth, const uint8_t *inp = CBS_data(&cert); X509 *x509 = d2i_X509(NULL, &inp, CBS_len(&cert)); if (!x509) { - OPENSSL_PUT_ERROR(PKCS8, PKCS12_handle_content_info, - PKCS8_R_BAD_PKCS12_DATA); + OPENSSL_PUT_ERROR(PKCS8, PKCS8_R_BAD_PKCS12_DATA); goto err; } if (inp != CBS_data(&cert) + CBS_len(&cert)) { - OPENSSL_PUT_ERROR(PKCS8, PKCS12_handle_content_info, - PKCS8_R_BAD_PKCS12_DATA); + OPENSSL_PUT_ERROR(PKCS8, PKCS8_R_BAD_PKCS12_DATA); X509_free(x509); goto err; } @@ -875,6 +900,7 @@ int PKCS12_get_key_and_certs(EVP_PKEY **out_key, STACK_OF(X509) *out_certs, /* The input may be in BER format. */ if (!CBS_asn1_ber_to_der(ber_in, &der_bytes, &der_len)) { + OPENSSL_PUT_ERROR(PKCS8, PKCS8_R_BAD_PKCS12_DATA); return 0; } if (der_bytes != NULL) { @@ -891,28 +917,27 @@ int PKCS12_get_key_and_certs(EVP_PKEY **out_key, STACK_OF(X509) *out_certs, if (!CBS_get_asn1(&in, &pfx, CBS_ASN1_SEQUENCE) || CBS_len(&in) != 0 || !CBS_get_asn1_uint64(&pfx, &version)) { - OPENSSL_PUT_ERROR(PKCS8, PKCS12_get_key_and_certs, PKCS8_R_BAD_PKCS12_DATA); + OPENSSL_PUT_ERROR(PKCS8, PKCS8_R_BAD_PKCS12_DATA); goto err; } if (version < 3) { - OPENSSL_PUT_ERROR(PKCS8, PKCS12_get_key_and_certs, - PKCS8_R_BAD_PKCS12_VERSION); + OPENSSL_PUT_ERROR(PKCS8, PKCS8_R_BAD_PKCS12_VERSION); goto err; } if (!CBS_get_asn1(&pfx, &authsafe, CBS_ASN1_SEQUENCE)) { - OPENSSL_PUT_ERROR(PKCS8, PKCS12_get_key_and_certs, PKCS8_R_BAD_PKCS12_DATA); + OPENSSL_PUT_ERROR(PKCS8, PKCS8_R_BAD_PKCS12_DATA); goto err; } if (CBS_len(&pfx) == 0) { - OPENSSL_PUT_ERROR(PKCS8, PKCS12_get_key_and_certs, PKCS8_R_MISSING_MAC); + OPENSSL_PUT_ERROR(PKCS8, PKCS8_R_MISSING_MAC); goto err; } if (!CBS_get_asn1(&pfx, &mac_data, CBS_ASN1_SEQUENCE)) { - OPENSSL_PUT_ERROR(PKCS8, PKCS12_get_key_and_certs, PKCS8_R_BAD_PKCS12_DATA); + OPENSSL_PUT_ERROR(PKCS8, PKCS8_R_BAD_PKCS12_DATA); goto err; } @@ -921,7 +946,7 @@ int PKCS12_get_key_and_certs(EVP_PKEY **out_key, STACK_OF(X509) *out_certs, if (!CBS_get_asn1(&authsafe, &content_type, CBS_ASN1_OBJECT) || !CBS_get_asn1(&authsafe, &wrapped_authsafes, CBS_ASN1_CONTEXT_SPECIFIC | CBS_ASN1_CONSTRUCTED | 0)) { - OPENSSL_PUT_ERROR(PKCS8, PKCS12_get_key_and_certs, PKCS8_R_BAD_PKCS12_DATA); + OPENSSL_PUT_ERROR(PKCS8, PKCS8_R_BAD_PKCS12_DATA); goto err; } @@ -929,13 +954,12 @@ int PKCS12_get_key_and_certs(EVP_PKEY **out_key, STACK_OF(X509) *out_certs, * latter indicates that it's signed by a public key, which isn't * supported. */ if (OBJ_cbs2nid(&content_type) != NID_pkcs7_data) { - OPENSSL_PUT_ERROR(PKCS8, PKCS12_get_key_and_certs, - PKCS8_R_PKCS12_PUBLIC_KEY_INTEGRITY_NOT_SUPPORTED); + OPENSSL_PUT_ERROR(PKCS8, PKCS8_R_PKCS12_PUBLIC_KEY_INTEGRITY_NOT_SUPPORTED); goto err; } if (!CBS_get_asn1(&wrapped_authsafes, &authsafes, CBS_ASN1_OCTETSTRING)) { - OPENSSL_PUT_ERROR(PKCS8, PKCS12_get_key_and_certs, PKCS8_R_BAD_PKCS12_DATA); + OPENSSL_PUT_ERROR(PKCS8, PKCS8_R_BAD_PKCS12_DATA); goto err; } @@ -943,7 +967,7 @@ int PKCS12_get_key_and_certs(EVP_PKEY **out_key, STACK_OF(X509) *out_certs, ctx.out_certs = out_certs; if (!ascii_to_ucs2(password, strlen(password), &ctx.password, &ctx.password_len)) { - OPENSSL_PUT_ERROR(PKCS8, PKCS12_get_key_and_certs, PKCS8_R_DECODE_ERROR); + OPENSSL_PUT_ERROR(PKCS8, PKCS8_R_DECODE_ERROR); goto err; } @@ -962,7 +986,7 @@ int PKCS12_get_key_and_certs(EVP_PKEY **out_key, STACK_OF(X509) *out_certs, !CBS_get_asn1(&hash_type_seq, &hash_oid, CBS_ASN1_OBJECT) || !CBS_get_asn1(&mac, &expected_mac, CBS_ASN1_OCTETSTRING) || !CBS_get_asn1(&mac_data, &salt, CBS_ASN1_OCTETSTRING)) { - OPENSSL_PUT_ERROR(PKCS8, PKCS12_get_key_and_certs, PKCS8_R_BAD_PKCS12_DATA); + OPENSSL_PUT_ERROR(PKCS8, PKCS8_R_BAD_PKCS12_DATA); goto err; } @@ -971,8 +995,7 @@ int PKCS12_get_key_and_certs(EVP_PKEY **out_key, STACK_OF(X509) *out_certs, if (CBS_len(&mac_data) > 0) { if (!CBS_get_asn1_uint64(&mac_data, &iterations) || iterations > INT_MAX) { - OPENSSL_PUT_ERROR(PKCS8, PKCS12_get_key_and_certs, - PKCS8_R_BAD_PKCS12_DATA); + OPENSSL_PUT_ERROR(PKCS8, PKCS8_R_BAD_PKCS12_DATA); goto err; } } @@ -980,7 +1003,7 @@ int PKCS12_get_key_and_certs(EVP_PKEY **out_key, STACK_OF(X509) *out_certs, hash_nid = OBJ_cbs2nid(&hash_oid); if (hash_nid == NID_undef || (md = EVP_get_digestbynid(hash_nid)) == NULL) { - OPENSSL_PUT_ERROR(PKCS8, PKCS12_get_key_and_certs, PKCS8_R_UNKNOWN_HASH); + OPENSSL_PUT_ERROR(PKCS8, PKCS8_R_UNKNOWN_HASH); goto err; } @@ -996,8 +1019,7 @@ int PKCS12_get_key_and_certs(EVP_PKEY **out_key, STACK_OF(X509) *out_certs, } if (!CBS_mem_equal(&expected_mac, hmac, hmac_len)) { - OPENSSL_PUT_ERROR(PKCS8, PKCS12_get_key_and_certs, - PKCS8_R_INCORRECT_PASSWORD); + OPENSSL_PUT_ERROR(PKCS8, PKCS8_R_INCORRECT_PASSWORD); goto err; } } @@ -1126,6 +1148,7 @@ int PKCS12_parse(const PKCS12 *p12, const char *password, EVP_PKEY **out_pkey, if (!ca_certs) { ca_certs = sk_X509_new_null(); if (ca_certs == NULL) { + OPENSSL_PUT_ERROR(PKCS8, ERR_R_MALLOC_FAILURE); return 0; } ca_certs_alloced = 1; |