1e1051a39Sopenharmony_ci/* 2e1051a39Sopenharmony_ci * Copyright 2020-2021 The OpenSSL Project Authors. All Rights Reserved. 3e1051a39Sopenharmony_ci * 4e1051a39Sopenharmony_ci * Licensed under the Apache License 2.0 (the "License"). You may not use 5e1051a39Sopenharmony_ci * this file except in compliance with the License. You can obtain a copy 6e1051a39Sopenharmony_ci * in the file LICENSE in the source distribution or at 7e1051a39Sopenharmony_ci * https://www.openssl.org/source/license.html 8e1051a39Sopenharmony_ci */ 9e1051a39Sopenharmony_ci 10e1051a39Sopenharmony_ci#include <stdio.h> 11e1051a39Sopenharmony_ci#include <string.h> 12e1051a39Sopenharmony_ci#include <stdlib.h> 13e1051a39Sopenharmony_ci 14e1051a39Sopenharmony_ci#include "internal/nelem.h" 15e1051a39Sopenharmony_ci 16e1051a39Sopenharmony_ci#include <openssl/pkcs12.h> 17e1051a39Sopenharmony_ci#include <openssl/x509.h> 18e1051a39Sopenharmony_ci#include <openssl/x509v3.h> 19e1051a39Sopenharmony_ci#include <openssl/pem.h> 20e1051a39Sopenharmony_ci 21e1051a39Sopenharmony_ci#include "../testutil.h" 22e1051a39Sopenharmony_ci#include "pkcs12.h" /* from the same directory */ 23e1051a39Sopenharmony_ci 24e1051a39Sopenharmony_ci/* Set this to > 0 write test data to file */ 25e1051a39Sopenharmony_cistatic int write_files = 0; 26e1051a39Sopenharmony_ci 27e1051a39Sopenharmony_cistatic int legacy = 0; 28e1051a39Sopenharmony_ci 29e1051a39Sopenharmony_cistatic OSSL_LIB_CTX *test_ctx = NULL; 30e1051a39Sopenharmony_cistatic const char *test_propq = NULL; 31e1051a39Sopenharmony_ci 32e1051a39Sopenharmony_ci/* ------------------------------------------------------------------------- 33e1051a39Sopenharmony_ci * Local function declarations 34e1051a39Sopenharmony_ci */ 35e1051a39Sopenharmony_ci 36e1051a39Sopenharmony_cistatic int add_attributes(PKCS12_SAFEBAG *bag, const PKCS12_ATTR *attrs); 37e1051a39Sopenharmony_ci 38e1051a39Sopenharmony_cistatic void generate_p12(PKCS12_BUILDER *pb, const PKCS12_ENC *mac); 39e1051a39Sopenharmony_cistatic int write_p12(PKCS12 *p12, const char *outfile); 40e1051a39Sopenharmony_ci 41e1051a39Sopenharmony_cistatic PKCS12 *from_bio_p12(BIO *bio, const PKCS12_ENC *mac); 42e1051a39Sopenharmony_cistatic PKCS12 *read_p12(const char *infile, const PKCS12_ENC *mac); 43e1051a39Sopenharmony_cistatic int check_p12_mac(PKCS12 *p12, const PKCS12_ENC *mac); 44e1051a39Sopenharmony_cistatic int check_asn1_string(const ASN1_TYPE *av, const char *txt); 45e1051a39Sopenharmony_cistatic int check_attrs(const STACK_OF(X509_ATTRIBUTE) *bag_attrs, const PKCS12_ATTR *attrs); 46e1051a39Sopenharmony_ci 47e1051a39Sopenharmony_ci 48e1051a39Sopenharmony_ci/* -------------------------------------------------------------------------- 49e1051a39Sopenharmony_ci * Global settings 50e1051a39Sopenharmony_ci */ 51e1051a39Sopenharmony_ci 52e1051a39Sopenharmony_civoid PKCS12_helper_set_write_files(int enable) 53e1051a39Sopenharmony_ci{ 54e1051a39Sopenharmony_ci write_files = enable; 55e1051a39Sopenharmony_ci} 56e1051a39Sopenharmony_ci 57e1051a39Sopenharmony_civoid PKCS12_helper_set_legacy(int enable) 58e1051a39Sopenharmony_ci{ 59e1051a39Sopenharmony_ci legacy = enable; 60e1051a39Sopenharmony_ci} 61e1051a39Sopenharmony_ci 62e1051a39Sopenharmony_civoid PKCS12_helper_set_libctx(OSSL_LIB_CTX *libctx) 63e1051a39Sopenharmony_ci{ 64e1051a39Sopenharmony_ci test_ctx = libctx; 65e1051a39Sopenharmony_ci} 66e1051a39Sopenharmony_ci 67e1051a39Sopenharmony_civoid PKCS12_helper_set_propq(const char *propq) 68e1051a39Sopenharmony_ci{ 69e1051a39Sopenharmony_ci test_propq = propq; 70e1051a39Sopenharmony_ci} 71e1051a39Sopenharmony_ci 72e1051a39Sopenharmony_ci 73e1051a39Sopenharmony_ci/* -------------------------------------------------------------------------- 74e1051a39Sopenharmony_ci * Test data load functions 75e1051a39Sopenharmony_ci */ 76e1051a39Sopenharmony_ci 77e1051a39Sopenharmony_cistatic X509 *load_cert_asn1(const unsigned char *bytes, int len) 78e1051a39Sopenharmony_ci{ 79e1051a39Sopenharmony_ci X509 *cert = NULL; 80e1051a39Sopenharmony_ci 81e1051a39Sopenharmony_ci cert = d2i_X509(NULL, &bytes, len); 82e1051a39Sopenharmony_ci if (!TEST_ptr(cert)) 83e1051a39Sopenharmony_ci goto err; 84e1051a39Sopenharmony_cierr: 85e1051a39Sopenharmony_ci return cert; 86e1051a39Sopenharmony_ci} 87e1051a39Sopenharmony_ci 88e1051a39Sopenharmony_cistatic EVP_PKEY *load_pkey_asn1(const unsigned char *bytes, int len) 89e1051a39Sopenharmony_ci{ 90e1051a39Sopenharmony_ci EVP_PKEY *pkey = NULL; 91e1051a39Sopenharmony_ci 92e1051a39Sopenharmony_ci pkey = d2i_AutoPrivateKey(NULL, &bytes, len); 93e1051a39Sopenharmony_ci if (!TEST_ptr(pkey)) 94e1051a39Sopenharmony_ci goto err; 95e1051a39Sopenharmony_cierr: 96e1051a39Sopenharmony_ci return pkey; 97e1051a39Sopenharmony_ci} 98e1051a39Sopenharmony_ci 99e1051a39Sopenharmony_ci/* ------------------------------------------------------------------------- 100e1051a39Sopenharmony_ci * PKCS12 builder 101e1051a39Sopenharmony_ci */ 102e1051a39Sopenharmony_ci 103e1051a39Sopenharmony_ciPKCS12_BUILDER *new_pkcs12_builder(const char *filename) 104e1051a39Sopenharmony_ci{ 105e1051a39Sopenharmony_ci PKCS12_BUILDER *pb = OPENSSL_malloc(sizeof(PKCS12_BUILDER)); 106e1051a39Sopenharmony_ci if (!TEST_ptr(pb)) 107e1051a39Sopenharmony_ci return NULL; 108e1051a39Sopenharmony_ci 109e1051a39Sopenharmony_ci pb->filename = filename; 110e1051a39Sopenharmony_ci pb->success = 1; 111e1051a39Sopenharmony_ci return pb; 112e1051a39Sopenharmony_ci} 113e1051a39Sopenharmony_ci 114e1051a39Sopenharmony_ciint end_pkcs12_builder(PKCS12_BUILDER *pb) 115e1051a39Sopenharmony_ci{ 116e1051a39Sopenharmony_ci int result = pb->success; 117e1051a39Sopenharmony_ci 118e1051a39Sopenharmony_ci OPENSSL_free(pb); 119e1051a39Sopenharmony_ci return result; 120e1051a39Sopenharmony_ci} 121e1051a39Sopenharmony_ci 122e1051a39Sopenharmony_ci 123e1051a39Sopenharmony_civoid start_pkcs12(PKCS12_BUILDER *pb) 124e1051a39Sopenharmony_ci{ 125e1051a39Sopenharmony_ci pb->safes = NULL; 126e1051a39Sopenharmony_ci} 127e1051a39Sopenharmony_ci 128e1051a39Sopenharmony_ci 129e1051a39Sopenharmony_civoid end_pkcs12(PKCS12_BUILDER *pb) 130e1051a39Sopenharmony_ci{ 131e1051a39Sopenharmony_ci if (!pb->success) 132e1051a39Sopenharmony_ci return; 133e1051a39Sopenharmony_ci generate_p12(pb, NULL); 134e1051a39Sopenharmony_ci} 135e1051a39Sopenharmony_ci 136e1051a39Sopenharmony_ci 137e1051a39Sopenharmony_civoid end_pkcs12_with_mac(PKCS12_BUILDER *pb, const PKCS12_ENC *mac) 138e1051a39Sopenharmony_ci{ 139e1051a39Sopenharmony_ci if (!pb->success) 140e1051a39Sopenharmony_ci return; 141e1051a39Sopenharmony_ci generate_p12(pb, mac); 142e1051a39Sopenharmony_ci} 143e1051a39Sopenharmony_ci 144e1051a39Sopenharmony_ci 145e1051a39Sopenharmony_ci/* Generate the PKCS12 encoding and write to memory bio */ 146e1051a39Sopenharmony_cistatic void generate_p12(PKCS12_BUILDER *pb, const PKCS12_ENC *mac) 147e1051a39Sopenharmony_ci{ 148e1051a39Sopenharmony_ci PKCS12 *p12; 149e1051a39Sopenharmony_ci EVP_MD *md = NULL; 150e1051a39Sopenharmony_ci 151e1051a39Sopenharmony_ci if (!pb->success) 152e1051a39Sopenharmony_ci return; 153e1051a39Sopenharmony_ci 154e1051a39Sopenharmony_ci pb->p12bio = BIO_new(BIO_s_mem()); 155e1051a39Sopenharmony_ci if (!TEST_ptr(pb->p12bio)) { 156e1051a39Sopenharmony_ci pb->success = 0; 157e1051a39Sopenharmony_ci return; 158e1051a39Sopenharmony_ci } 159e1051a39Sopenharmony_ci if (legacy) 160e1051a39Sopenharmony_ci p12 = PKCS12_add_safes(pb->safes, 0); 161e1051a39Sopenharmony_ci else 162e1051a39Sopenharmony_ci p12 = PKCS12_add_safes_ex(pb->safes, 0, test_ctx, test_propq); 163e1051a39Sopenharmony_ci if (!TEST_ptr(p12)) { 164e1051a39Sopenharmony_ci pb->success = 0; 165e1051a39Sopenharmony_ci goto err; 166e1051a39Sopenharmony_ci } 167e1051a39Sopenharmony_ci sk_PKCS7_pop_free(pb->safes, PKCS7_free); 168e1051a39Sopenharmony_ci 169e1051a39Sopenharmony_ci if (mac != NULL) { 170e1051a39Sopenharmony_ci if (legacy) 171e1051a39Sopenharmony_ci md = (EVP_MD *)EVP_get_digestbynid(mac->nid); 172e1051a39Sopenharmony_ci else 173e1051a39Sopenharmony_ci md = EVP_MD_fetch(test_ctx, OBJ_nid2sn(mac->nid), test_propq); 174e1051a39Sopenharmony_ci 175e1051a39Sopenharmony_ci if (!TEST_true(PKCS12_set_mac(p12, mac->pass, strlen(mac->pass), 176e1051a39Sopenharmony_ci NULL, 0, mac->iter, md))) { 177e1051a39Sopenharmony_ci pb->success = 0; 178e1051a39Sopenharmony_ci goto err; 179e1051a39Sopenharmony_ci } 180e1051a39Sopenharmony_ci } 181e1051a39Sopenharmony_ci i2d_PKCS12_bio(pb->p12bio, p12); 182e1051a39Sopenharmony_ci 183e1051a39Sopenharmony_ci /* Can write to file here for debug */ 184e1051a39Sopenharmony_ci if (write_files) 185e1051a39Sopenharmony_ci write_p12(p12, pb->filename); 186e1051a39Sopenharmony_cierr: 187e1051a39Sopenharmony_ci if (!legacy && md != NULL) 188e1051a39Sopenharmony_ci EVP_MD_free(md); 189e1051a39Sopenharmony_ci PKCS12_free(p12); 190e1051a39Sopenharmony_ci} 191e1051a39Sopenharmony_ci 192e1051a39Sopenharmony_ci 193e1051a39Sopenharmony_cistatic int write_p12(PKCS12 *p12, const char *outfile) 194e1051a39Sopenharmony_ci{ 195e1051a39Sopenharmony_ci int ret = 0; 196e1051a39Sopenharmony_ci BIO *out = BIO_new_file(outfile, "w"); 197e1051a39Sopenharmony_ci 198e1051a39Sopenharmony_ci if (out == NULL) 199e1051a39Sopenharmony_ci goto err; 200e1051a39Sopenharmony_ci 201e1051a39Sopenharmony_ci if (!TEST_int_eq(i2d_PKCS12_bio(out, p12), 1)) 202e1051a39Sopenharmony_ci goto err; 203e1051a39Sopenharmony_ci ret = 1; 204e1051a39Sopenharmony_cierr: 205e1051a39Sopenharmony_ci BIO_free(out); 206e1051a39Sopenharmony_ci return ret; 207e1051a39Sopenharmony_ci} 208e1051a39Sopenharmony_ci 209e1051a39Sopenharmony_cistatic PKCS12 *from_bio_p12(BIO *bio, const PKCS12_ENC *mac) 210e1051a39Sopenharmony_ci{ 211e1051a39Sopenharmony_ci PKCS12 *p12 = NULL; 212e1051a39Sopenharmony_ci 213e1051a39Sopenharmony_ci /* Supply a p12 with library context/propq to the d2i decoder*/ 214e1051a39Sopenharmony_ci if (!legacy) { 215e1051a39Sopenharmony_ci p12 = PKCS12_init_ex(NID_pkcs7_data, test_ctx, test_propq); 216e1051a39Sopenharmony_ci if (!TEST_ptr(p12)) 217e1051a39Sopenharmony_ci goto err; 218e1051a39Sopenharmony_ci } 219e1051a39Sopenharmony_ci p12 = d2i_PKCS12_bio(bio, &p12); 220e1051a39Sopenharmony_ci BIO_free(bio); 221e1051a39Sopenharmony_ci if (!TEST_ptr(p12)) 222e1051a39Sopenharmony_ci goto err; 223e1051a39Sopenharmony_ci if (mac == NULL) { 224e1051a39Sopenharmony_ci if (!TEST_false(PKCS12_mac_present(p12))) 225e1051a39Sopenharmony_ci goto err; 226e1051a39Sopenharmony_ci } else { 227e1051a39Sopenharmony_ci if (!check_p12_mac(p12, mac)) 228e1051a39Sopenharmony_ci goto err; 229e1051a39Sopenharmony_ci } 230e1051a39Sopenharmony_ci return p12; 231e1051a39Sopenharmony_cierr: 232e1051a39Sopenharmony_ci PKCS12_free(p12); 233e1051a39Sopenharmony_ci return NULL; 234e1051a39Sopenharmony_ci} 235e1051a39Sopenharmony_ci 236e1051a39Sopenharmony_ci 237e1051a39Sopenharmony_ci/* For use with existing files */ 238e1051a39Sopenharmony_cistatic PKCS12 *read_p12(const char *infile, const PKCS12_ENC *mac) 239e1051a39Sopenharmony_ci{ 240e1051a39Sopenharmony_ci PKCS12 *p12 = NULL; 241e1051a39Sopenharmony_ci BIO *in = BIO_new_file(infile, "r"); 242e1051a39Sopenharmony_ci 243e1051a39Sopenharmony_ci if (in == NULL) 244e1051a39Sopenharmony_ci goto err; 245e1051a39Sopenharmony_ci p12 = d2i_PKCS12_bio(in, NULL); 246e1051a39Sopenharmony_ci BIO_free(in); 247e1051a39Sopenharmony_ci if (!TEST_ptr(p12)) 248e1051a39Sopenharmony_ci goto err; 249e1051a39Sopenharmony_ci if (mac == NULL) { 250e1051a39Sopenharmony_ci if (!TEST_false(PKCS12_mac_present(p12))) 251e1051a39Sopenharmony_ci goto err; 252e1051a39Sopenharmony_ci } else { 253e1051a39Sopenharmony_ci if (!check_p12_mac(p12, mac)) 254e1051a39Sopenharmony_ci goto err; 255e1051a39Sopenharmony_ci } 256e1051a39Sopenharmony_ci return p12; 257e1051a39Sopenharmony_cierr: 258e1051a39Sopenharmony_ci PKCS12_free(p12); 259e1051a39Sopenharmony_ci return NULL; 260e1051a39Sopenharmony_ci} 261e1051a39Sopenharmony_ci 262e1051a39Sopenharmony_cistatic int check_p12_mac(PKCS12 *p12, const PKCS12_ENC *mac) 263e1051a39Sopenharmony_ci{ 264e1051a39Sopenharmony_ci return TEST_true(PKCS12_mac_present(p12)) 265e1051a39Sopenharmony_ci && TEST_true(PKCS12_verify_mac(p12, mac->pass, strlen(mac->pass))); 266e1051a39Sopenharmony_ci} 267e1051a39Sopenharmony_ci 268e1051a39Sopenharmony_ci 269e1051a39Sopenharmony_ci/* ------------------------------------------------------------------------- 270e1051a39Sopenharmony_ci * PKCS7 content info builder 271e1051a39Sopenharmony_ci */ 272e1051a39Sopenharmony_ci 273e1051a39Sopenharmony_civoid start_contentinfo(PKCS12_BUILDER *pb) 274e1051a39Sopenharmony_ci{ 275e1051a39Sopenharmony_ci pb->bags = NULL; 276e1051a39Sopenharmony_ci} 277e1051a39Sopenharmony_ci 278e1051a39Sopenharmony_ci 279e1051a39Sopenharmony_civoid end_contentinfo(PKCS12_BUILDER *pb) 280e1051a39Sopenharmony_ci{ 281e1051a39Sopenharmony_ci if (pb->success && pb->bags != NULL) { 282e1051a39Sopenharmony_ci if (!TEST_true(PKCS12_add_safe(&pb->safes, pb->bags, -1, 0, NULL))) 283e1051a39Sopenharmony_ci pb->success = 0; 284e1051a39Sopenharmony_ci } 285e1051a39Sopenharmony_ci sk_PKCS12_SAFEBAG_pop_free(pb->bags, PKCS12_SAFEBAG_free); 286e1051a39Sopenharmony_ci pb->bags = NULL; 287e1051a39Sopenharmony_ci} 288e1051a39Sopenharmony_ci 289e1051a39Sopenharmony_ci 290e1051a39Sopenharmony_civoid end_contentinfo_encrypted(PKCS12_BUILDER *pb, const PKCS12_ENC *enc) 291e1051a39Sopenharmony_ci{ 292e1051a39Sopenharmony_ci if (pb->success && pb->bags != NULL) { 293e1051a39Sopenharmony_ci if (legacy) { 294e1051a39Sopenharmony_ci if (!TEST_true(PKCS12_add_safe(&pb->safes, pb->bags, enc->nid, 295e1051a39Sopenharmony_ci enc->iter, enc->pass))) 296e1051a39Sopenharmony_ci pb->success = 0; 297e1051a39Sopenharmony_ci } else { 298e1051a39Sopenharmony_ci if (!TEST_true(PKCS12_add_safe_ex(&pb->safes, pb->bags, enc->nid, 299e1051a39Sopenharmony_ci enc->iter, enc->pass, test_ctx, 300e1051a39Sopenharmony_ci test_propq))) 301e1051a39Sopenharmony_ci pb->success = 0; 302e1051a39Sopenharmony_ci } 303e1051a39Sopenharmony_ci } 304e1051a39Sopenharmony_ci sk_PKCS12_SAFEBAG_pop_free(pb->bags, PKCS12_SAFEBAG_free); 305e1051a39Sopenharmony_ci pb->bags = NULL; 306e1051a39Sopenharmony_ci} 307e1051a39Sopenharmony_ci 308e1051a39Sopenharmony_ci 309e1051a39Sopenharmony_cistatic STACK_OF(PKCS12_SAFEBAG) *decode_contentinfo(STACK_OF(PKCS7) *safes, int idx, const PKCS12_ENC *enc) 310e1051a39Sopenharmony_ci{ 311e1051a39Sopenharmony_ci STACK_OF(PKCS12_SAFEBAG) *bags = NULL; 312e1051a39Sopenharmony_ci int bagnid; 313e1051a39Sopenharmony_ci PKCS7 *p7 = sk_PKCS7_value(safes, idx); 314e1051a39Sopenharmony_ci 315e1051a39Sopenharmony_ci if (!TEST_ptr(p7)) 316e1051a39Sopenharmony_ci goto err; 317e1051a39Sopenharmony_ci 318e1051a39Sopenharmony_ci bagnid = OBJ_obj2nid(p7->type); 319e1051a39Sopenharmony_ci if (enc) { 320e1051a39Sopenharmony_ci if (!TEST_int_eq(bagnid, NID_pkcs7_encrypted)) 321e1051a39Sopenharmony_ci goto err; 322e1051a39Sopenharmony_ci bags = PKCS12_unpack_p7encdata(p7, enc->pass, strlen(enc->pass)); 323e1051a39Sopenharmony_ci } else { 324e1051a39Sopenharmony_ci if (!TEST_int_eq(bagnid, NID_pkcs7_data)) 325e1051a39Sopenharmony_ci goto err; 326e1051a39Sopenharmony_ci bags = PKCS12_unpack_p7data(p7); 327e1051a39Sopenharmony_ci } 328e1051a39Sopenharmony_ci if (!TEST_ptr(bags)) 329e1051a39Sopenharmony_ci goto err; 330e1051a39Sopenharmony_ci 331e1051a39Sopenharmony_ci return bags; 332e1051a39Sopenharmony_cierr: 333e1051a39Sopenharmony_ci return NULL; 334e1051a39Sopenharmony_ci} 335e1051a39Sopenharmony_ci 336e1051a39Sopenharmony_ci 337e1051a39Sopenharmony_ci/* ------------------------------------------------------------------------- 338e1051a39Sopenharmony_ci * PKCS12 safeBag/attribute builder 339e1051a39Sopenharmony_ci */ 340e1051a39Sopenharmony_ci 341e1051a39Sopenharmony_cistatic int add_attributes(PKCS12_SAFEBAG *bag, const PKCS12_ATTR *attrs) 342e1051a39Sopenharmony_ci{ 343e1051a39Sopenharmony_ci int ret = 0; 344e1051a39Sopenharmony_ci int attr_nid; 345e1051a39Sopenharmony_ci const PKCS12_ATTR *p_attr = attrs; 346e1051a39Sopenharmony_ci 347e1051a39Sopenharmony_ci if (attrs == NULL) 348e1051a39Sopenharmony_ci return 1; 349e1051a39Sopenharmony_ci 350e1051a39Sopenharmony_ci while (p_attr->oid != NULL) { 351e1051a39Sopenharmony_ci TEST_info("Adding attribute %s = %s", p_attr->oid, p_attr->value); 352e1051a39Sopenharmony_ci attr_nid = OBJ_txt2nid(p_attr->oid); 353e1051a39Sopenharmony_ci 354e1051a39Sopenharmony_ci if (attr_nid == NID_friendlyName) { 355e1051a39Sopenharmony_ci if (!TEST_true(PKCS12_add_friendlyname(bag, p_attr->value, -1))) 356e1051a39Sopenharmony_ci goto err; 357e1051a39Sopenharmony_ci } else if (attr_nid == NID_localKeyID) { 358e1051a39Sopenharmony_ci if (!TEST_true(PKCS12_add_localkeyid(bag, (unsigned char *)p_attr->value, 359e1051a39Sopenharmony_ci strlen(p_attr->value)))) 360e1051a39Sopenharmony_ci goto err; 361e1051a39Sopenharmony_ci } else { 362e1051a39Sopenharmony_ci /* Custom attribute values limited to ASCII in these tests */ 363e1051a39Sopenharmony_ci if (!TEST_true(PKCS12_add1_attr_by_txt(bag, p_attr->oid, MBSTRING_ASC, 364e1051a39Sopenharmony_ci (unsigned char *)p_attr->value, 365e1051a39Sopenharmony_ci strlen(p_attr->value)))) 366e1051a39Sopenharmony_ci goto err; 367e1051a39Sopenharmony_ci } 368e1051a39Sopenharmony_ci p_attr++; 369e1051a39Sopenharmony_ci } 370e1051a39Sopenharmony_ci ret = 1; 371e1051a39Sopenharmony_cierr: 372e1051a39Sopenharmony_ci return ret; 373e1051a39Sopenharmony_ci} 374e1051a39Sopenharmony_ci 375e1051a39Sopenharmony_civoid add_certbag(PKCS12_BUILDER *pb, const unsigned char *bytes, int len, 376e1051a39Sopenharmony_ci const PKCS12_ATTR *attrs) 377e1051a39Sopenharmony_ci{ 378e1051a39Sopenharmony_ci PKCS12_SAFEBAG *bag = NULL; 379e1051a39Sopenharmony_ci X509 *cert = NULL; 380e1051a39Sopenharmony_ci char *name; 381e1051a39Sopenharmony_ci 382e1051a39Sopenharmony_ci if (!pb->success) 383e1051a39Sopenharmony_ci return; 384e1051a39Sopenharmony_ci 385e1051a39Sopenharmony_ci cert = load_cert_asn1(bytes, len); 386e1051a39Sopenharmony_ci if (!TEST_ptr(cert)) { 387e1051a39Sopenharmony_ci pb->success = 0; 388e1051a39Sopenharmony_ci return; 389e1051a39Sopenharmony_ci } 390e1051a39Sopenharmony_ci 391e1051a39Sopenharmony_ci name = X509_NAME_oneline(X509_get_subject_name(cert), NULL, 0); 392e1051a39Sopenharmony_ci TEST_info("Adding certificate <%s>", name); 393e1051a39Sopenharmony_ci OPENSSL_free(name); 394e1051a39Sopenharmony_ci 395e1051a39Sopenharmony_ci bag = PKCS12_add_cert(&pb->bags, cert); 396e1051a39Sopenharmony_ci if (!TEST_ptr(bag)) { 397e1051a39Sopenharmony_ci pb->success = 0; 398e1051a39Sopenharmony_ci goto err; 399e1051a39Sopenharmony_ci } 400e1051a39Sopenharmony_ci 401e1051a39Sopenharmony_ci if (!TEST_true(add_attributes(bag, attrs))) { 402e1051a39Sopenharmony_ci pb->success = 0; 403e1051a39Sopenharmony_ci goto err; 404e1051a39Sopenharmony_ci } 405e1051a39Sopenharmony_cierr: 406e1051a39Sopenharmony_ci X509_free(cert); 407e1051a39Sopenharmony_ci} 408e1051a39Sopenharmony_ci 409e1051a39Sopenharmony_civoid add_keybag(PKCS12_BUILDER *pb, const unsigned char *bytes, int len, 410e1051a39Sopenharmony_ci const PKCS12_ATTR *attrs, const PKCS12_ENC *enc) 411e1051a39Sopenharmony_ci{ 412e1051a39Sopenharmony_ci PKCS12_SAFEBAG *bag = NULL; 413e1051a39Sopenharmony_ci EVP_PKEY *pkey = NULL; 414e1051a39Sopenharmony_ci 415e1051a39Sopenharmony_ci if (!pb->success) 416e1051a39Sopenharmony_ci return; 417e1051a39Sopenharmony_ci 418e1051a39Sopenharmony_ci TEST_info("Adding key"); 419e1051a39Sopenharmony_ci 420e1051a39Sopenharmony_ci pkey = load_pkey_asn1(bytes, len); 421e1051a39Sopenharmony_ci if (!TEST_ptr(pkey)) { 422e1051a39Sopenharmony_ci pb->success = 0; 423e1051a39Sopenharmony_ci return; 424e1051a39Sopenharmony_ci } 425e1051a39Sopenharmony_ci 426e1051a39Sopenharmony_ci if (legacy) 427e1051a39Sopenharmony_ci bag = PKCS12_add_key(&pb->bags, pkey, 0 /*keytype*/, enc->iter, enc->nid, enc->pass); 428e1051a39Sopenharmony_ci else 429e1051a39Sopenharmony_ci bag = PKCS12_add_key_ex(&pb->bags, pkey, 0 /*keytype*/, enc->iter, enc->nid, enc->pass, 430e1051a39Sopenharmony_ci test_ctx, test_propq); 431e1051a39Sopenharmony_ci if (!TEST_ptr(bag)) { 432e1051a39Sopenharmony_ci pb->success = 0; 433e1051a39Sopenharmony_ci goto err; 434e1051a39Sopenharmony_ci } 435e1051a39Sopenharmony_ci if (!add_attributes(bag, attrs)) 436e1051a39Sopenharmony_ci pb->success = 0; 437e1051a39Sopenharmony_cierr: 438e1051a39Sopenharmony_ci EVP_PKEY_free(pkey); 439e1051a39Sopenharmony_ci} 440e1051a39Sopenharmony_ci 441e1051a39Sopenharmony_civoid add_secretbag(PKCS12_BUILDER *pb, int secret_nid, const char *secret, 442e1051a39Sopenharmony_ci const PKCS12_ATTR *attrs) 443e1051a39Sopenharmony_ci{ 444e1051a39Sopenharmony_ci PKCS12_SAFEBAG *bag = NULL; 445e1051a39Sopenharmony_ci 446e1051a39Sopenharmony_ci if (!pb->success) 447e1051a39Sopenharmony_ci return; 448e1051a39Sopenharmony_ci 449e1051a39Sopenharmony_ci TEST_info("Adding secret <%s>", secret); 450e1051a39Sopenharmony_ci 451e1051a39Sopenharmony_ci bag = PKCS12_add_secret(&pb->bags, secret_nid, (const unsigned char *)secret, strlen(secret)); 452e1051a39Sopenharmony_ci if (!TEST_ptr(bag)) { 453e1051a39Sopenharmony_ci pb->success = 0; 454e1051a39Sopenharmony_ci return; 455e1051a39Sopenharmony_ci } 456e1051a39Sopenharmony_ci if (!add_attributes(bag, attrs)) 457e1051a39Sopenharmony_ci pb->success = 0; 458e1051a39Sopenharmony_ci} 459e1051a39Sopenharmony_ci 460e1051a39Sopenharmony_ci 461e1051a39Sopenharmony_ci/* ------------------------------------------------------------------------- 462e1051a39Sopenharmony_ci * PKCS12 structure checking 463e1051a39Sopenharmony_ci */ 464e1051a39Sopenharmony_ci 465e1051a39Sopenharmony_cistatic int check_asn1_string(const ASN1_TYPE *av, const char *txt) 466e1051a39Sopenharmony_ci{ 467e1051a39Sopenharmony_ci int ret = 0; 468e1051a39Sopenharmony_ci char *value = NULL; 469e1051a39Sopenharmony_ci 470e1051a39Sopenharmony_ci if (!TEST_ptr(av)) 471e1051a39Sopenharmony_ci goto err; 472e1051a39Sopenharmony_ci 473e1051a39Sopenharmony_ci switch (av->type) { 474e1051a39Sopenharmony_ci case V_ASN1_BMPSTRING: 475e1051a39Sopenharmony_ci value = OPENSSL_uni2asc(av->value.bmpstring->data, 476e1051a39Sopenharmony_ci av->value.bmpstring->length); 477e1051a39Sopenharmony_ci if (!TEST_str_eq(txt, (char *)value)) 478e1051a39Sopenharmony_ci goto err; 479e1051a39Sopenharmony_ci break; 480e1051a39Sopenharmony_ci 481e1051a39Sopenharmony_ci case V_ASN1_UTF8STRING: 482e1051a39Sopenharmony_ci if (!TEST_mem_eq(txt, strlen(txt), (char *)av->value.utf8string->data, 483e1051a39Sopenharmony_ci av->value.utf8string->length)) 484e1051a39Sopenharmony_ci goto err; 485e1051a39Sopenharmony_ci break; 486e1051a39Sopenharmony_ci 487e1051a39Sopenharmony_ci case V_ASN1_OCTET_STRING: 488e1051a39Sopenharmony_ci if (!TEST_mem_eq(txt, strlen(txt), 489e1051a39Sopenharmony_ci (char *)av->value.octet_string->data, 490e1051a39Sopenharmony_ci av->value.octet_string->length)) 491e1051a39Sopenharmony_ci goto err; 492e1051a39Sopenharmony_ci break; 493e1051a39Sopenharmony_ci 494e1051a39Sopenharmony_ci default: 495e1051a39Sopenharmony_ci /* Tests do not support other attribute types currently */ 496e1051a39Sopenharmony_ci goto err; 497e1051a39Sopenharmony_ci } 498e1051a39Sopenharmony_ci ret = 1; 499e1051a39Sopenharmony_cierr: 500e1051a39Sopenharmony_ci OPENSSL_free(value); 501e1051a39Sopenharmony_ci return ret; 502e1051a39Sopenharmony_ci} 503e1051a39Sopenharmony_ci 504e1051a39Sopenharmony_cistatic int check_attrs(const STACK_OF(X509_ATTRIBUTE) *bag_attrs, const PKCS12_ATTR *attrs) 505e1051a39Sopenharmony_ci{ 506e1051a39Sopenharmony_ci int ret = 0; 507e1051a39Sopenharmony_ci X509_ATTRIBUTE *attr; 508e1051a39Sopenharmony_ci ASN1_TYPE *av; 509e1051a39Sopenharmony_ci int i, j; 510e1051a39Sopenharmony_ci char attr_txt[100]; 511e1051a39Sopenharmony_ci 512e1051a39Sopenharmony_ci for (i = 0; i < sk_X509_ATTRIBUTE_num(bag_attrs); i++) { 513e1051a39Sopenharmony_ci const PKCS12_ATTR *p_attr = attrs; 514e1051a39Sopenharmony_ci ASN1_OBJECT *attr_obj; 515e1051a39Sopenharmony_ci 516e1051a39Sopenharmony_ci attr = sk_X509_ATTRIBUTE_value(bag_attrs, i); 517e1051a39Sopenharmony_ci attr_obj = X509_ATTRIBUTE_get0_object(attr); 518e1051a39Sopenharmony_ci OBJ_obj2txt(attr_txt, 100, attr_obj, 0); 519e1051a39Sopenharmony_ci 520e1051a39Sopenharmony_ci while(p_attr->oid != NULL) { 521e1051a39Sopenharmony_ci /* Find a matching attribute type */ 522e1051a39Sopenharmony_ci if (strcmp(p_attr->oid, attr_txt) == 0) { 523e1051a39Sopenharmony_ci if (!TEST_int_eq(X509_ATTRIBUTE_count(attr), 1)) 524e1051a39Sopenharmony_ci goto err; 525e1051a39Sopenharmony_ci 526e1051a39Sopenharmony_ci for (j = 0; j < X509_ATTRIBUTE_count(attr); j++) 527e1051a39Sopenharmony_ci { 528e1051a39Sopenharmony_ci av = X509_ATTRIBUTE_get0_type(attr, j); 529e1051a39Sopenharmony_ci if (!TEST_true(check_asn1_string(av, p_attr->value))) 530e1051a39Sopenharmony_ci goto err; 531e1051a39Sopenharmony_ci } 532e1051a39Sopenharmony_ci break; 533e1051a39Sopenharmony_ci } 534e1051a39Sopenharmony_ci p_attr++; 535e1051a39Sopenharmony_ci } 536e1051a39Sopenharmony_ci } 537e1051a39Sopenharmony_ci ret = 1; 538e1051a39Sopenharmony_cierr: 539e1051a39Sopenharmony_ci return ret; 540e1051a39Sopenharmony_ci} 541e1051a39Sopenharmony_ci 542e1051a39Sopenharmony_civoid check_certbag(PKCS12_BUILDER *pb, const unsigned char *bytes, int len, 543e1051a39Sopenharmony_ci const PKCS12_ATTR *attrs) 544e1051a39Sopenharmony_ci{ 545e1051a39Sopenharmony_ci X509 *x509 = NULL; 546e1051a39Sopenharmony_ci X509 *ref_x509 = NULL; 547e1051a39Sopenharmony_ci const PKCS12_SAFEBAG *bag; 548e1051a39Sopenharmony_ci 549e1051a39Sopenharmony_ci if (!pb->success) 550e1051a39Sopenharmony_ci return; 551e1051a39Sopenharmony_ci 552e1051a39Sopenharmony_ci bag = sk_PKCS12_SAFEBAG_value(pb->bags, pb->bag_idx++); 553e1051a39Sopenharmony_ci if (!TEST_ptr(bag)) { 554e1051a39Sopenharmony_ci pb->success = 0; 555e1051a39Sopenharmony_ci return; 556e1051a39Sopenharmony_ci } 557e1051a39Sopenharmony_ci if (!check_attrs(PKCS12_SAFEBAG_get0_attrs(bag), attrs) 558e1051a39Sopenharmony_ci || !TEST_int_eq(PKCS12_SAFEBAG_get_nid(bag), NID_certBag) 559e1051a39Sopenharmony_ci || !TEST_int_eq(PKCS12_SAFEBAG_get_bag_nid(bag), NID_x509Certificate)) { 560e1051a39Sopenharmony_ci pb->success = 0; 561e1051a39Sopenharmony_ci return; 562e1051a39Sopenharmony_ci } 563e1051a39Sopenharmony_ci x509 = PKCS12_SAFEBAG_get1_cert(bag); 564e1051a39Sopenharmony_ci if (!TEST_ptr(x509)) { 565e1051a39Sopenharmony_ci pb->success = 0; 566e1051a39Sopenharmony_ci goto err; 567e1051a39Sopenharmony_ci } 568e1051a39Sopenharmony_ci ref_x509 = load_cert_asn1(bytes, len); 569e1051a39Sopenharmony_ci if (!TEST_false(X509_cmp(x509, ref_x509))) 570e1051a39Sopenharmony_ci pb->success = 0; 571e1051a39Sopenharmony_cierr: 572e1051a39Sopenharmony_ci X509_free(x509); 573e1051a39Sopenharmony_ci X509_free(ref_x509); 574e1051a39Sopenharmony_ci} 575e1051a39Sopenharmony_ci 576e1051a39Sopenharmony_civoid check_keybag(PKCS12_BUILDER *pb, const unsigned char *bytes, int len, 577e1051a39Sopenharmony_ci const PKCS12_ATTR *attrs, const PKCS12_ENC *enc) 578e1051a39Sopenharmony_ci{ 579e1051a39Sopenharmony_ci EVP_PKEY *pkey = NULL; 580e1051a39Sopenharmony_ci EVP_PKEY *ref_pkey = NULL; 581e1051a39Sopenharmony_ci PKCS8_PRIV_KEY_INFO *p8; 582e1051a39Sopenharmony_ci const PKCS8_PRIV_KEY_INFO *p8c; 583e1051a39Sopenharmony_ci const PKCS12_SAFEBAG *bag; 584e1051a39Sopenharmony_ci 585e1051a39Sopenharmony_ci if (!pb->success) 586e1051a39Sopenharmony_ci return; 587e1051a39Sopenharmony_ci 588e1051a39Sopenharmony_ci bag = sk_PKCS12_SAFEBAG_value(pb->bags, pb->bag_idx++); 589e1051a39Sopenharmony_ci if (!TEST_ptr(bag)) { 590e1051a39Sopenharmony_ci pb->success = 0; 591e1051a39Sopenharmony_ci return; 592e1051a39Sopenharmony_ci } 593e1051a39Sopenharmony_ci 594e1051a39Sopenharmony_ci if (!check_attrs(PKCS12_SAFEBAG_get0_attrs(bag), attrs)) { 595e1051a39Sopenharmony_ci pb->success = 0; 596e1051a39Sopenharmony_ci return; 597e1051a39Sopenharmony_ci } 598e1051a39Sopenharmony_ci 599e1051a39Sopenharmony_ci switch (PKCS12_SAFEBAG_get_nid(bag)) { 600e1051a39Sopenharmony_ci case NID_keyBag: 601e1051a39Sopenharmony_ci p8c = PKCS12_SAFEBAG_get0_p8inf(bag); 602e1051a39Sopenharmony_ci if (!TEST_ptr(pkey = EVP_PKCS82PKEY(p8c))) { 603e1051a39Sopenharmony_ci pb->success = 0; 604e1051a39Sopenharmony_ci goto err; 605e1051a39Sopenharmony_ci } 606e1051a39Sopenharmony_ci break; 607e1051a39Sopenharmony_ci 608e1051a39Sopenharmony_ci case NID_pkcs8ShroudedKeyBag: 609e1051a39Sopenharmony_ci if (legacy) 610e1051a39Sopenharmony_ci p8 = PKCS12_decrypt_skey(bag, enc->pass, strlen(enc->pass)); 611e1051a39Sopenharmony_ci else 612e1051a39Sopenharmony_ci p8 = PKCS12_decrypt_skey_ex(bag, enc->pass, strlen(enc->pass), test_ctx, test_propq); 613e1051a39Sopenharmony_ci if (!TEST_ptr(p8)) { 614e1051a39Sopenharmony_ci pb->success = 0; 615e1051a39Sopenharmony_ci goto err; 616e1051a39Sopenharmony_ci } 617e1051a39Sopenharmony_ci if (!TEST_ptr(pkey = EVP_PKCS82PKEY(p8))) { 618e1051a39Sopenharmony_ci PKCS8_PRIV_KEY_INFO_free(p8); 619e1051a39Sopenharmony_ci pb->success = 0; 620e1051a39Sopenharmony_ci goto err; 621e1051a39Sopenharmony_ci } 622e1051a39Sopenharmony_ci PKCS8_PRIV_KEY_INFO_free(p8); 623e1051a39Sopenharmony_ci break; 624e1051a39Sopenharmony_ci 625e1051a39Sopenharmony_ci default: 626e1051a39Sopenharmony_ci pb->success = 0; 627e1051a39Sopenharmony_ci goto err; 628e1051a39Sopenharmony_ci } 629e1051a39Sopenharmony_ci 630e1051a39Sopenharmony_ci /* PKEY compare returns 1 for match */ 631e1051a39Sopenharmony_ci ref_pkey = load_pkey_asn1(bytes, len); 632e1051a39Sopenharmony_ci if (!TEST_true(EVP_PKEY_eq(pkey, ref_pkey))) 633e1051a39Sopenharmony_ci pb->success = 0; 634e1051a39Sopenharmony_cierr: 635e1051a39Sopenharmony_ci EVP_PKEY_free(pkey); 636e1051a39Sopenharmony_ci EVP_PKEY_free(ref_pkey); 637e1051a39Sopenharmony_ci} 638e1051a39Sopenharmony_ci 639e1051a39Sopenharmony_civoid check_secretbag(PKCS12_BUILDER *pb, int secret_nid, const char *secret, const PKCS12_ATTR *attrs) 640e1051a39Sopenharmony_ci{ 641e1051a39Sopenharmony_ci const PKCS12_SAFEBAG *bag; 642e1051a39Sopenharmony_ci 643e1051a39Sopenharmony_ci if (!pb->success) 644e1051a39Sopenharmony_ci return; 645e1051a39Sopenharmony_ci 646e1051a39Sopenharmony_ci bag = sk_PKCS12_SAFEBAG_value(pb->bags, pb->bag_idx++); 647e1051a39Sopenharmony_ci if (!TEST_ptr(bag)) { 648e1051a39Sopenharmony_ci pb->success = 0; 649e1051a39Sopenharmony_ci return; 650e1051a39Sopenharmony_ci } 651e1051a39Sopenharmony_ci 652e1051a39Sopenharmony_ci if (!check_attrs(PKCS12_SAFEBAG_get0_attrs(bag), attrs) 653e1051a39Sopenharmony_ci || !TEST_int_eq(PKCS12_SAFEBAG_get_nid(bag), NID_secretBag) 654e1051a39Sopenharmony_ci || !TEST_int_eq(PKCS12_SAFEBAG_get_bag_nid(bag), secret_nid) 655e1051a39Sopenharmony_ci || !TEST_true(check_asn1_string(PKCS12_SAFEBAG_get0_bag_obj(bag), secret))) 656e1051a39Sopenharmony_ci pb->success = 0; 657e1051a39Sopenharmony_ci} 658e1051a39Sopenharmony_ci 659e1051a39Sopenharmony_ci 660e1051a39Sopenharmony_civoid start_check_pkcs12(PKCS12_BUILDER *pb) 661e1051a39Sopenharmony_ci{ 662e1051a39Sopenharmony_ci PKCS12 *p12; 663e1051a39Sopenharmony_ci 664e1051a39Sopenharmony_ci if (!pb->success) 665e1051a39Sopenharmony_ci return; 666e1051a39Sopenharmony_ci 667e1051a39Sopenharmony_ci p12 = from_bio_p12(pb->p12bio, NULL); 668e1051a39Sopenharmony_ci if (!TEST_ptr(p12)) { 669e1051a39Sopenharmony_ci pb->success = 0; 670e1051a39Sopenharmony_ci return; 671e1051a39Sopenharmony_ci } 672e1051a39Sopenharmony_ci pb->safes = PKCS12_unpack_authsafes(p12); 673e1051a39Sopenharmony_ci if (!TEST_ptr(pb->safes)) 674e1051a39Sopenharmony_ci pb->success = 0; 675e1051a39Sopenharmony_ci 676e1051a39Sopenharmony_ci pb->safe_idx = 0; 677e1051a39Sopenharmony_ci PKCS12_free(p12); 678e1051a39Sopenharmony_ci} 679e1051a39Sopenharmony_ci 680e1051a39Sopenharmony_civoid start_check_pkcs12_with_mac(PKCS12_BUILDER *pb, const PKCS12_ENC *mac) 681e1051a39Sopenharmony_ci{ 682e1051a39Sopenharmony_ci PKCS12 *p12; 683e1051a39Sopenharmony_ci 684e1051a39Sopenharmony_ci if (!pb->success) 685e1051a39Sopenharmony_ci return; 686e1051a39Sopenharmony_ci 687e1051a39Sopenharmony_ci p12 = from_bio_p12(pb->p12bio, mac); 688e1051a39Sopenharmony_ci if (!TEST_ptr(p12)) { 689e1051a39Sopenharmony_ci pb->success = 0; 690e1051a39Sopenharmony_ci return; 691e1051a39Sopenharmony_ci } 692e1051a39Sopenharmony_ci pb->safes = PKCS12_unpack_authsafes(p12); 693e1051a39Sopenharmony_ci if (!TEST_ptr(pb->safes)) 694e1051a39Sopenharmony_ci pb->success = 0; 695e1051a39Sopenharmony_ci 696e1051a39Sopenharmony_ci pb->safe_idx = 0; 697e1051a39Sopenharmony_ci PKCS12_free(p12); 698e1051a39Sopenharmony_ci} 699e1051a39Sopenharmony_ci 700e1051a39Sopenharmony_civoid start_check_pkcs12_file(PKCS12_BUILDER *pb) 701e1051a39Sopenharmony_ci{ 702e1051a39Sopenharmony_ci PKCS12 *p12; 703e1051a39Sopenharmony_ci 704e1051a39Sopenharmony_ci if (!pb->success) 705e1051a39Sopenharmony_ci return; 706e1051a39Sopenharmony_ci 707e1051a39Sopenharmony_ci p12 = read_p12(pb->filename, NULL); 708e1051a39Sopenharmony_ci if (!TEST_ptr(p12)) { 709e1051a39Sopenharmony_ci pb->success = 0; 710e1051a39Sopenharmony_ci return; 711e1051a39Sopenharmony_ci } 712e1051a39Sopenharmony_ci pb->safes = PKCS12_unpack_authsafes(p12); 713e1051a39Sopenharmony_ci if (!TEST_ptr(pb->safes)) 714e1051a39Sopenharmony_ci pb->success = 0; 715e1051a39Sopenharmony_ci 716e1051a39Sopenharmony_ci pb->safe_idx = 0; 717e1051a39Sopenharmony_ci PKCS12_free(p12); 718e1051a39Sopenharmony_ci} 719e1051a39Sopenharmony_ci 720e1051a39Sopenharmony_civoid start_check_pkcs12_file_with_mac(PKCS12_BUILDER *pb, const PKCS12_ENC *mac) 721e1051a39Sopenharmony_ci{ 722e1051a39Sopenharmony_ci PKCS12 *p12; 723e1051a39Sopenharmony_ci 724e1051a39Sopenharmony_ci if (!pb->success) 725e1051a39Sopenharmony_ci return; 726e1051a39Sopenharmony_ci 727e1051a39Sopenharmony_ci p12 = read_p12(pb->filename, mac); 728e1051a39Sopenharmony_ci if (!TEST_ptr(p12)) { 729e1051a39Sopenharmony_ci pb->success = 0; 730e1051a39Sopenharmony_ci return; 731e1051a39Sopenharmony_ci } 732e1051a39Sopenharmony_ci pb->safes = PKCS12_unpack_authsafes(p12); 733e1051a39Sopenharmony_ci if (!TEST_ptr(pb->safes)) 734e1051a39Sopenharmony_ci pb->success = 0; 735e1051a39Sopenharmony_ci 736e1051a39Sopenharmony_ci pb->safe_idx = 0; 737e1051a39Sopenharmony_ci PKCS12_free(p12); 738e1051a39Sopenharmony_ci} 739e1051a39Sopenharmony_ci 740e1051a39Sopenharmony_civoid end_check_pkcs12(PKCS12_BUILDER *pb) 741e1051a39Sopenharmony_ci{ 742e1051a39Sopenharmony_ci if (!pb->success) 743e1051a39Sopenharmony_ci return; 744e1051a39Sopenharmony_ci 745e1051a39Sopenharmony_ci sk_PKCS7_pop_free(pb->safes, PKCS7_free); 746e1051a39Sopenharmony_ci} 747e1051a39Sopenharmony_ci 748e1051a39Sopenharmony_ci 749e1051a39Sopenharmony_civoid start_check_contentinfo(PKCS12_BUILDER *pb) 750e1051a39Sopenharmony_ci{ 751e1051a39Sopenharmony_ci if (!pb->success) 752e1051a39Sopenharmony_ci return; 753e1051a39Sopenharmony_ci 754e1051a39Sopenharmony_ci pb->bag_idx = 0; 755e1051a39Sopenharmony_ci pb->bags = decode_contentinfo(pb->safes, pb->safe_idx++, NULL); 756e1051a39Sopenharmony_ci if (!TEST_ptr(pb->bags)) { 757e1051a39Sopenharmony_ci pb->success = 0; 758e1051a39Sopenharmony_ci return; 759e1051a39Sopenharmony_ci } 760e1051a39Sopenharmony_ci TEST_info("Decoding %d bags", sk_PKCS12_SAFEBAG_num(pb->bags)); 761e1051a39Sopenharmony_ci} 762e1051a39Sopenharmony_ci 763e1051a39Sopenharmony_civoid start_check_contentinfo_encrypted(PKCS12_BUILDER *pb, const PKCS12_ENC *enc) 764e1051a39Sopenharmony_ci{ 765e1051a39Sopenharmony_ci if (!pb->success) 766e1051a39Sopenharmony_ci return; 767e1051a39Sopenharmony_ci 768e1051a39Sopenharmony_ci pb->bag_idx = 0; 769e1051a39Sopenharmony_ci pb->bags = decode_contentinfo(pb->safes, pb->safe_idx++, enc); 770e1051a39Sopenharmony_ci if (!TEST_ptr(pb->bags)) { 771e1051a39Sopenharmony_ci pb->success = 0; 772e1051a39Sopenharmony_ci return; 773e1051a39Sopenharmony_ci } 774e1051a39Sopenharmony_ci TEST_info("Decoding %d bags", sk_PKCS12_SAFEBAG_num(pb->bags)); 775e1051a39Sopenharmony_ci} 776e1051a39Sopenharmony_ci 777e1051a39Sopenharmony_ci 778e1051a39Sopenharmony_civoid end_check_contentinfo(PKCS12_BUILDER *pb) 779e1051a39Sopenharmony_ci{ 780e1051a39Sopenharmony_ci if (!pb->success) 781e1051a39Sopenharmony_ci return; 782e1051a39Sopenharmony_ci 783e1051a39Sopenharmony_ci if (!TEST_int_eq(sk_PKCS12_SAFEBAG_num(pb->bags), pb->bag_idx)) 784e1051a39Sopenharmony_ci pb->success = 0; 785e1051a39Sopenharmony_ci sk_PKCS12_SAFEBAG_pop_free(pb->bags, PKCS12_SAFEBAG_free); 786e1051a39Sopenharmony_ci pb->bags = NULL; 787e1051a39Sopenharmony_ci} 788e1051a39Sopenharmony_ci 789e1051a39Sopenharmony_ci 790