static int
keyBag_parser(hx509_context context,
struct hx509_collector *c,
const void *data, size_t length,
const PKCS12_Attributes *attrs)
{
const PKCS12_Attribute *attr;
PKCS8PrivateKeyInfo ki;
const heim_octet_string *os = NULL;
int ret;
attr = find_attribute(attrs, &asn1_oid_id_pkcs_9_at_localKeyId);
if (attr)
os = &attr->attrValues;
ret = decode_PKCS8PrivateKeyInfo(data, length, &ki, NULL);
if (ret)
return ret;
_hx509_collector_private_key_add(context,
c,
&ki.privateKeyAlgorithm,
NULL,
&ki.privateKey,
os);
free_PKCS8PrivateKeyInfo(&ki);
return 0;
}
static int
parse_pkcs8_private_key(hx509_context context, const char *fn,
struct hx509_collector *c,
const hx509_pem_header *headers,
const void *data, size_t length,
const AlgorithmIdentifier *ai)
{
PKCS8PrivateKeyInfo ki;
heim_octet_string keydata;
int ret;
ret = decode_PKCS8PrivateKeyInfo(data, length, &ki, NULL);
if (ret)
return ret;
keydata.data = rk_UNCONST(data);
keydata.length = length;
ret = _hx509_collector_private_key_add(context,
c,
&ki.privateKeyAlgorithm,
NULL,
&ki.privateKey,
&keydata);
free_PKCS8PrivateKeyInfo(&ki);
return ret;
}
static int
store_func(hx509_context context, void *ctx, hx509_cert c)
{
PKCS12_AuthenticatedSafe *as = ctx;
PKCS12_OctetString os;
PKCS12_CertBag cb;
size_t size;
int ret;
memset(&os, 0, sizeof(os));
memset(&cb, 0, sizeof(cb));
os.data = NULL;
os.length = 0;
ret = hx509_cert_binary(context, c, &os);
if (ret)
return ret;
ASN1_MALLOC_ENCODE(PKCS12_OctetString,
cb.certValue.data,cb.certValue.length,
&os, &size, ret);
free(os.data);
if (ret)
goto out;
ret = der_copy_oid(&asn1_oid_id_pkcs_9_at_certTypes_x509, &cb.certType);
if (ret) {
free_PKCS12_CertBag(&cb);
goto out;
}
ASN1_MALLOC_ENCODE(PKCS12_CertBag, os.data, os.length,
&cb, &size, ret);
free_PKCS12_CertBag(&cb);
if (ret)
goto out;
ret = addBag(context, as, &asn1_oid_id_pkcs12_certBag, os.data, os.length);
if (_hx509_cert_private_key_exportable(c)) {
hx509_private_key key = _hx509_cert_private_key(c);
PKCS8PrivateKeyInfo pki;
memset(&pki, 0, sizeof(pki));
ret = der_parse_hex_heim_integer("00", &pki.version);
if (ret)
return ret;
ret = _hx509_private_key_oid(context, key,
&pki.privateKeyAlgorithm.algorithm);
if (ret) {
free_PKCS8PrivateKeyInfo(&pki);
return ret;
}
ret = _hx509_private_key_export(context,
_hx509_cert_private_key(c),
HX509_KEY_FORMAT_DER,
&pki.privateKey);
if (ret) {
free_PKCS8PrivateKeyInfo(&pki);
return ret;
}
/* set attribute, asn1_oid_id_pkcs_9_at_localKeyId */
ASN1_MALLOC_ENCODE(PKCS8PrivateKeyInfo, os.data, os.length,
&pki, &size, ret);
free_PKCS8PrivateKeyInfo(&pki);
if (ret)
return ret;
ret = addBag(context, as, &asn1_oid_id_pkcs12_keyBag, os.data, os.length);
if (ret)
return ret;
}
out:
return ret;
}
