#include <openssl/opensslconf.h>#include <stdio.h>#include <stdlib.h>#include <string.h>#include "apps.h"#include <openssl/crypto.h>#include <openssl/err.h>#include <openssl/pem.h>#include <openssl/pkcs12.h>Go to the source code of this file.
Defines | |
| #define | PROG pkcs12_main |
| #define | NOKEYS 0x1 |
| #define | NOCERTS 0x2 |
| #define | INFO 0x4 |
| #define | CLCERTS 0x8 |
| #define | CACERTS 0x10 |
Functions | |
| int | get_cert_chain (X509 *cert, X509_STORE *store, STACK_OF(X509)**chain) |
| int | dump_certs_keys_p12 (BIO *out, PKCS12 *p12, char *pass, int passlen, int options, char *pempass) |
| int | dump_certs_pkeys_bags (BIO *out, STACK_OF(PKCS12_SAFEBAG)*bags, char *pass, int passlen, int options, char *pempass) |
| int | dump_certs_pkeys_bag (BIO *out, PKCS12_SAFEBAG *bags, char *pass, int passlen, int options, char *pempass) |
| int | print_attribs (BIO *out, STACK_OF(X509_ATTRIBUTE)*attrlst, const char *name) |
| void | hex_prin (BIO *out, unsigned char *buf, int len) |
| int | alg_print (BIO *x, X509_ALGOR *alg) |
| int | cert_load (BIO *in, STACK_OF(X509)*sk) |
| int | MAIN (int, char **) |
Variables | |
| const EVP_CIPHER * | enc |
|
|
Definition at line 80 of file pkcs12.c. Referenced by dump_certs_pkeys_bag(). |
|
|
Definition at line 79 of file pkcs12.c. Referenced by dump_certs_pkeys_bag(). |
|
|
|
|
|
|
|
|
|
|
|
|
|
||||||||||||
|
Definition at line 823 of file pkcs12.c. References X509_algor_st::algorithm, ASN1_INTEGER_get(), BIO_printf(), PBEPARAM_st::iter, OBJ_nid2ln(), OBJ_obj2nid(), p, X509_algor_st::parameter, and asn1_type_st::value. Referenced by dump_certs_keys_p12(), and dump_certs_pkeys_bag(). 00824 { 00825 PBEPARAM *pbe; 00826 const unsigned char *p; 00827 p = alg->parameter->value.sequence->data; 00828 pbe = d2i_PBEPARAM (NULL, &p, alg->parameter->value.sequence->length); 00829 BIO_printf (bio_err, "%s, Iteration %ld\n", 00830 OBJ_nid2ln(OBJ_obj2nid(alg->algorithm)), 00831 ASN1_INTEGER_get(pbe->iter)); 00832 PBEPARAM_free (pbe); 00833 return 0; 00834 }
|
|
||||||||||||
|
Definition at line 838 of file pkcs12.c. References CRYPTO_pop_info(), CRYPTO_push_info, ERR_clear_error(), and sk_X509_push. 00839 { 00840 int ret; 00841 X509 *cert; 00842 ret = 0; 00843 #ifdef CRYPTO_MDEBUG 00844 CRYPTO_push_info("cert_load(): reading one cert"); 00845 #endif 00846 while((cert = PEM_read_bio_X509(in, NULL, NULL, NULL))) { 00847 #ifdef CRYPTO_MDEBUG 00848 CRYPTO_pop_info(); 00849 #endif 00850 ret = 1; 00851 sk_X509_push(sk, cert); 00852 #ifdef CRYPTO_MDEBUG 00853 CRYPTO_push_info("cert_load(): reading one cert"); 00854 #endif 00855 } 00856 #ifdef CRYPTO_MDEBUG 00857 CRYPTO_pop_info(); 00858 #endif 00859 if(ret) ERR_clear_error(); 00860 return ret; 00861 }
|
|
||||||||||||||||||||||||||||
|
Definition at line 670 of file pkcs12.c. References alg_print(), BIO_printf(), pkcs7_st::d, dump_certs_pkeys_bags(), NID_pkcs7_data, NID_pkcs7_encrypted, OBJ_obj2nid(), sk_PKCS12_SAFEBAG_pop_free, sk_PKCS7_num, sk_PKCS7_pop_free, sk_PKCS7_value, STACK_OF, and pkcs7_st::type. 00672 { 00673 STACK_OF(PKCS7) *asafes = NULL; 00674 STACK_OF(PKCS12_SAFEBAG) *bags; 00675 int i, bagnid; 00676 int ret = 0; 00677 PKCS7 *p7; 00678 00679 if (!( asafes = PKCS12_unpack_authsafes(p12))) return 0; 00680 for (i = 0; i < sk_PKCS7_num (asafes); i++) { 00681 p7 = sk_PKCS7_value (asafes, i); 00682 bagnid = OBJ_obj2nid (p7->type); 00683 if (bagnid == NID_pkcs7_data) { 00684 bags = PKCS12_unpack_p7data(p7); 00685 if (options & INFO) BIO_printf (bio_err, "PKCS7 Data\n"); 00686 } else if (bagnid == NID_pkcs7_encrypted) { 00687 if (options & INFO) { 00688 BIO_printf(bio_err, "PKCS7 Encrypted data: "); 00689 alg_print(bio_err, 00690 p7->d.encrypted->enc_data->algorithm); 00691 } 00692 bags = PKCS12_unpack_p7encdata(p7, pass, passlen); 00693 } else continue; 00694 if (!bags) goto err; 00695 if (!dump_certs_pkeys_bags (out, bags, pass, passlen, 00696 options, pempass)) { 00697 sk_PKCS12_SAFEBAG_pop_free (bags, PKCS12_SAFEBAG_free); 00698 goto err; 00699 } 00700 sk_PKCS12_SAFEBAG_pop_free (bags, PKCS12_SAFEBAG_free); 00701 bags = NULL; 00702 } 00703 ret = 1; 00704 00705 err: 00706 00707 if (asafes) 00708 sk_PKCS7_pop_free (asafes, PKCS7_free); 00709 return ret; 00710 }
|
|
||||||||||||||||||||||||||||
|
Definition at line 726 of file pkcs12.c. References alg_print(), BIO_printf(), CACERTS, CLCERTS, dump_cert_text(), dump_certs_pkeys_bags(), EVP_PKCS82PKEY(), EVP_PKEY_free(), i2a_ASN1_OBJECT(), M_PKCS12_bag_type, M_PKCS12_cert_bag_type, NID_certBag, NID_keyBag, NID_localKeyID, NID_pkcs8ShroudedKeyBag, NID_safeContentsBag, NID_x509Certificate, PKCS12_certbag2x509(), PKCS12_decrypt_skey(), PKCS12_get_attr, print_attribs(), PKCS12_SAFEBAG::type, and PKCS12_SAFEBAG::value. Referenced by dump_certs_pkeys_bags(). 00728 { 00729 EVP_PKEY *pkey; 00730 PKCS8_PRIV_KEY_INFO *p8; 00731 X509 *x509; 00732 00733 switch (M_PKCS12_bag_type(bag)) 00734 { 00735 case NID_keyBag: 00736 if (options & INFO) BIO_printf (bio_err, "Key bag\n"); 00737 if (options & NOKEYS) return 1; 00738 print_attribs (out, bag->attrib, "Bag Attributes"); 00739 p8 = bag->value.keybag; 00740 if (!(pkey = EVP_PKCS82PKEY (p8))) return 0; 00741 print_attribs (out, p8->attributes, "Key Attributes"); 00742 PEM_write_bio_PrivateKey (out, pkey, enc, NULL, 0, NULL, pempass); 00743 EVP_PKEY_free(pkey); 00744 break; 00745 00746 case NID_pkcs8ShroudedKeyBag: 00747 if (options & INFO) { 00748 BIO_printf (bio_err, "Shrouded Keybag: "); 00749 alg_print (bio_err, bag->value.shkeybag->algor); 00750 } 00751 if (options & NOKEYS) return 1; 00752 print_attribs (out, bag->attrib, "Bag Attributes"); 00753 if (!(p8 = PKCS12_decrypt_skey(bag, pass, passlen))) 00754 return 0; 00755 if (!(pkey = EVP_PKCS82PKEY (p8))) { 00756 PKCS8_PRIV_KEY_INFO_free(p8); 00757 return 0; 00758 } 00759 print_attribs (out, p8->attributes, "Key Attributes"); 00760 PKCS8_PRIV_KEY_INFO_free(p8); 00761 PEM_write_bio_PrivateKey (out, pkey, enc, NULL, 0, NULL, pempass); 00762 EVP_PKEY_free(pkey); 00763 break; 00764 00765 case NID_certBag: 00766 if (options & INFO) BIO_printf (bio_err, "Certificate bag\n"); 00767 if (options & NOCERTS) return 1; 00768 if (PKCS12_get_attr(bag, NID_localKeyID)) { 00769 if (options & CACERTS) return 1; 00770 } else if (options & CLCERTS) return 1; 00771 print_attribs (out, bag->attrib, "Bag Attributes"); 00772 if (M_PKCS12_cert_bag_type(bag) != NID_x509Certificate ) 00773 return 1; 00774 if (!(x509 = PKCS12_certbag2x509(bag))) return 0; 00775 dump_cert_text (out, x509); 00776 PEM_write_bio_X509 (out, x509); 00777 X509_free(x509); 00778 break; 00779 00780 case NID_safeContentsBag: 00781 if (options & INFO) BIO_printf (bio_err, "Safe Contents bag\n"); 00782 print_attribs (out, bag->attrib, "Bag Attributes"); 00783 return dump_certs_pkeys_bags (out, bag->value.safes, pass, 00784 passlen, options, pempass); 00785 00786 default: 00787 BIO_printf (bio_err, "Warning unsupported bag type: "); 00788 i2a_ASN1_OBJECT (bio_err, bag->type); 00789 BIO_printf (bio_err, "\n"); 00790 return 1; 00791 break; 00792 } 00793 return 1; 00794 }
|
|
||||||||||||||||||||||||||||
|
Definition at line 712 of file pkcs12.c. References dump_certs_pkeys_bag(), sk_PKCS12_SAFEBAG_num, and sk_PKCS12_SAFEBAG_value. Referenced by dump_certs_keys_p12(), and dump_certs_pkeys_bag(). 00714 { 00715 int i; 00716 for (i = 0; i < sk_PKCS12_SAFEBAG_num (bags); i++) { 00717 if (!dump_certs_pkeys_bag (out, 00718 sk_PKCS12_SAFEBAG_value (bags, i), 00719 pass, passlen, 00720 options, pempass)) 00721 return 0; 00722 } 00723 return 1; 00724 }
|
|
||||||||||||||||
|
Definition at line 800 of file pkcs12.c. References STACK_OF, X509_STORE_CTX_cleanup(), X509_STORE_CTX_get_error(), X509_STORE_CTX_init(), and X509_verify_cert(). 00801 { 00802 X509_STORE_CTX store_ctx; 00803 STACK_OF(X509) *chn; 00804 int i; 00805 00806 /* FIXME: Should really check the return status of X509_STORE_CTX_init 00807 * for an error, but how that fits into the return value of this 00808 * function is less obvious. */ 00809 X509_STORE_CTX_init(&store_ctx, store, cert, NULL); 00810 if (X509_verify_cert(&store_ctx) <= 0) { 00811 i = X509_STORE_CTX_get_error (&store_ctx); 00812 goto err; 00813 } 00814 chn = X509_STORE_CTX_get1_chain(&store_ctx); 00815 i = 0; 00816 *chain = chn; 00817 err: 00818 X509_STORE_CTX_cleanup(&store_ctx); 00819 00820 return i; 00821 }
|
|
||||||||||||||||
|
Definition at line 920 of file pkcs12.c. References BIO_printf(). Referenced by print_attribs(). 00921 { 00922 int i; 00923 for (i = 0; i < len; i++) BIO_printf (out, "%02X ", buf[i]); 00924 }
|
|
||||||||||||
|
|
|
||||||||||||||||
|
Definition at line 865 of file pkcs12.c. References attr, BIO_printf(), hex_prin(), i2a_ASN1_OBJECT(), NID_undef, OBJ_nid2ln(), OBJ_obj2nid(), x509_attributes_st::object, OPENSSL_free, sk_ASN1_TYPE_num, sk_ASN1_TYPE_value, sk_X509_ATTRIBUTE_num, sk_X509_ATTRIBUTE_value, asn1_type_st::type, uni2asc(), V_ASN1_BIT_STRING, V_ASN1_BMPSTRING, V_ASN1_OCTET_STRING, asn1_type_st::value, and x509_attributes_st::value. Referenced by dump_certs_pkeys_bag(). 00866 { 00867 X509_ATTRIBUTE *attr; 00868 ASN1_TYPE *av; 00869 char *value; 00870 int i, attr_nid; 00871 if(!attrlst) { 00872 BIO_printf(out, "%s: <No Attributes>\n", name); 00873 return 1; 00874 } 00875 if(!sk_X509_ATTRIBUTE_num(attrlst)) { 00876 BIO_printf(out, "%s: <Empty Attributes>\n", name); 00877 return 1; 00878 } 00879 BIO_printf(out, "%s\n", name); 00880 for(i = 0; i < sk_X509_ATTRIBUTE_num(attrlst); i++) { 00881 attr = sk_X509_ATTRIBUTE_value(attrlst, i); 00882 attr_nid = OBJ_obj2nid(attr->object); 00883 BIO_printf(out, " "); 00884 if(attr_nid == NID_undef) { 00885 i2a_ASN1_OBJECT (out, attr->object); 00886 BIO_printf(out, ": "); 00887 } else BIO_printf(out, "%s: ", OBJ_nid2ln(attr_nid)); 00888 00889 if(sk_ASN1_TYPE_num(attr->value.set)) { 00890 av = sk_ASN1_TYPE_value(attr->value.set, 0); 00891 switch(av->type) { 00892 case V_ASN1_BMPSTRING: 00893 value = uni2asc(av->value.bmpstring->data, 00894 av->value.bmpstring->length); 00895 BIO_printf(out, "%s\n", value); 00896 OPENSSL_free(value); 00897 break; 00898 00899 case V_ASN1_OCTET_STRING: 00900 hex_prin(out, av->value.octet_string->data, 00901 av->value.octet_string->length); 00902 BIO_printf(out, "\n"); 00903 break; 00904 00905 case V_ASN1_BIT_STRING: 00906 hex_prin(out, av->value.bit_string->data, 00907 av->value.bit_string->length); 00908 BIO_printf(out, "\n"); 00909 break; 00910 00911 default: 00912 BIO_printf(out, "<Unsupported tag %d>\n", av->type); 00913 break; 00914 } 00915 } else BIO_printf(out, "<No Values>\n"); 00916 } 00917 return 1; 00918 }
|
|
|
Definition at line 73 of file pkcs12.c. Referenced by _des_crypt(), asn1_enc_free(), asn1_enc_init(), asn1_enc_restore(), asn1_enc_save(), client_master_key(), DES_ncbc_encrypt(), dtls1_enc(), dtls1_send_client_key_exchange(), kssl_check_authent(), main(), PEM_get_EVP_CIPHER_INFO(), ssl3_enc(), ssl3_get_client_key_exchange(), ssl3_send_client_key_exchange(), SSL_CIPHER_description(), and tls1_enc(). |