static int keyBag_parser(hx509_context context, struct hx509_collector *c, const void *data, size_t length, const PKCS12_Attributes *attrs) { const PKCS12_Attribute *attr; PKCS8PrivateKeyInfo ki; const heim_octet_string *os = NULL; int ret; attr = find_attribute(attrs, &asn1_oid_id_pkcs_9_at_localKeyId); if (attr) os = &attr->attrValues; ret = decode_PKCS8PrivateKeyInfo(data, length, &ki, NULL); if (ret) return ret; _hx509_collector_private_key_add(context, c, &ki.privateKeyAlgorithm, NULL, &ki.privateKey, os); free_PKCS8PrivateKeyInfo(&ki); return 0; }
static int parse_pkcs8_private_key(hx509_context context, const char *fn, struct hx509_collector *c, const hx509_pem_header *headers, const void *data, size_t length, const AlgorithmIdentifier *ai) { PKCS8PrivateKeyInfo ki; heim_octet_string keydata; int ret; ret = decode_PKCS8PrivateKeyInfo(data, length, &ki, NULL); if (ret) return ret; keydata.data = rk_UNCONST(data); keydata.length = length; ret = _hx509_collector_private_key_add(context, c, &ki.privateKeyAlgorithm, NULL, &ki.privateKey, &keydata); free_PKCS8PrivateKeyInfo(&ki); return ret; }
static int store_func(hx509_context context, void *ctx, hx509_cert c) { PKCS12_AuthenticatedSafe *as = ctx; PKCS12_OctetString os; PKCS12_CertBag cb; size_t size; int ret; memset(&os, 0, sizeof(os)); memset(&cb, 0, sizeof(cb)); os.data = NULL; os.length = 0; ret = hx509_cert_binary(context, c, &os); if (ret) return ret; ASN1_MALLOC_ENCODE(PKCS12_OctetString, cb.certValue.data,cb.certValue.length, &os, &size, ret); free(os.data); if (ret) goto out; ret = der_copy_oid(&asn1_oid_id_pkcs_9_at_certTypes_x509, &cb.certType); if (ret) { free_PKCS12_CertBag(&cb); goto out; } ASN1_MALLOC_ENCODE(PKCS12_CertBag, os.data, os.length, &cb, &size, ret); free_PKCS12_CertBag(&cb); if (ret) goto out; ret = addBag(context, as, &asn1_oid_id_pkcs12_certBag, os.data, os.length); if (_hx509_cert_private_key_exportable(c)) { hx509_private_key key = _hx509_cert_private_key(c); PKCS8PrivateKeyInfo pki; memset(&pki, 0, sizeof(pki)); ret = der_parse_hex_heim_integer("00", &pki.version); if (ret) return ret; ret = _hx509_private_key_oid(context, key, &pki.privateKeyAlgorithm.algorithm); if (ret) { free_PKCS8PrivateKeyInfo(&pki); return ret; } ret = _hx509_private_key_export(context, _hx509_cert_private_key(c), HX509_KEY_FORMAT_DER, &pki.privateKey); if (ret) { free_PKCS8PrivateKeyInfo(&pki); return ret; } /* set attribute, asn1_oid_id_pkcs_9_at_localKeyId */ ASN1_MALLOC_ENCODE(PKCS8PrivateKeyInfo, os.data, os.length, &pki, &size, ret); free_PKCS8PrivateKeyInfo(&pki); if (ret) return ret; ret = addBag(context, as, &asn1_oid_id_pkcs12_keyBag, os.data, os.length); if (ret) return ret; } out: return ret; }