/*
* Parse an encoded NSS_P12_SafeContents. This could be either
* present as plaintext in an AuthSafe or decrypted.
*/
static int safeContentsParse(pkcs12_context * context, const SecAsn1Item *contentsBlob)
{
p12DecodeLog("safeContentsParse");
NSS_P12_SafeContents sc;
memset(&sc, 0, sizeof(sc));
require_noerr(decode_item(context, contentsBlob, NSS_P12_SafeContentsTemplate,
&sc), out);
unsigned numBags = nssArraySize((const void **)sc.bags);
unsigned int dex;
for(dex=0; dex<numBags; dex++) {
NSS_P12_SafeBag *bag = sc.bags[dex];
assert(bag != NULL);
/* ensure that *something* is there */
require(bag->bagValue.keyBag != NULL, out);
/*
* Break out to individual bag type
*/
switch(bag->type) {
case BT_ShroudedKeyBag:
require_noerr(shroudedKeyBagParse(context, bag), out);
break;
case BT_CertBag:
require_noerr(certBagParse(context, bag), out);
break;
case BT_KeyBag:
/* keyBagParse(bag); */
p12DecodeLog("Unhandled BT_KeyBag");
break;
case BT_CrlBag:
/* crlBagParse(bag); */
p12DecodeLog("Unhandled BT_CrlBag");
break;
case BT_SecretBag:
/* secretBagParse(bag); */
p12DecodeLog("Unhandled BT_SecretBag");
break;
case BT_SafeContentsBag:
/* safeContentsBagParse(bag); */
p12DecodeLog("Unhandled BT_SafeContentsBag");
break;
default:
p12DecodeLog("Unknown bag type");
goto out;
break;
}
}
return 0;
out:
return -1;
}
/*
* Parse an encoded NSS_P12_SafeContents. This could be either
* present as plaintext in an AuthSafe or decrypted.
*/
void P12Coder::safeContentsParse(
const CSSM_DATA &contentsBlob,
SecNssCoder &localCdr)
{
p12DecodeLog("safeContentsParse");
NSS_P12_SafeContents sc;
memset(&sc, 0, sizeof(sc));
if(localCdr.decodeItem(contentsBlob, NSS_P12_SafeContentsTemplate,
&sc)) {
p12ErrorLog("Error decoding SafeContents\n");
P12_THROW_DECODE;
}
unsigned numBags = nssArraySize((const void **)sc.bags);
for(unsigned dex=0; dex<numBags; dex++) {
NSS_P12_SafeBag *bag = sc.bags[dex];
assert(bag != NULL);
/* ensure that *something* is there */
if(bag->bagValue.keyBag == NULL) {
p12ErrorLog("safeContentsParse: Empty SafeBag\n");
P12_THROW_DECODE;
}
/*
* Break out to individual bag type
*/
switch(bag->type) {
case BT_KeyBag:
keyBagParse(*bag, localCdr);
break;
case BT_ShroudedKeyBag:
shroudedKeyBagParse(*bag, localCdr);
break;
case BT_CertBag:
certBagParse(*bag, localCdr);
break;
case BT_CrlBag:
crlBagParse(*bag, localCdr);
break;
case BT_SecretBag:
secretBagParse(*bag ,localCdr);
break;
case BT_SafeContentsBag:
safeContentsBagParse(*bag, localCdr);
break;
default:
p12ErrorLog("unknown p12 BagType (%u)\n",
(unsigned)bag->type);
P12_THROW_DECODE;
}
}
}
/*
* Parse an encoded NSS_P12_SafeContents. This could be either
* present as plaintext in an AuthSafe or decrypted.
*/
static int safeContentsParse(
const CSSM_DATA &contentsBlob,
P12ParseInfo &pinfo,
unsigned depth) // print indent depth
{
NSS_P12_SafeContents sc;
memset(&sc, 0, sizeof(sc));
if(pinfo.mCoder.decodeItem(contentsBlob, NSS_P12_SafeContentsTemplate,
&sc)) {
printf("***Error decoding SafeContents\n");
return 1;
}
unsigned numBags = nssArraySize((const void **)sc.bags);
doIndent(depth);
printf("SafeContents num bags %u\n", numBags);
int rtn = 0;
for(unsigned dex=0; dex<numBags; dex++) {
NSS_P12_SafeBag *bag = sc.bags[dex];
doIndent(depth);
printf("Bag %u:\n", dex);
/* common stuff here */
doIndent(depth+3);
printf("bagId = %s\n", oidStr(bag->bagId, pinfo.mParser));
doIndent(depth+3);
printf("type = %s\n", p12BagTypeStr(bag->type));
unsigned numAttrs = nssArraySize((const void**)bag->bagAttrs);
if(numAttrs) {
doIndent(depth+3);
printf("numAttrs = %u\n", numAttrs);
for(unsigned i=0; i<numAttrs; i++) {
doIndent(depth+3);
printf("attr[%u]:\n", i);
attrParse(bag->bagAttrs[i], pinfo, depth+6);
}
}
/*
* Now break out to individual bag type
*
* This hacked line breaks when we have a real key bag defined
*/
unsigned defaultLen = (unsigned)bag->bagValue.keyBag->Length;
switch(bag->type) {
case BT_KeyBag:
doIndent(depth+3);
printf("KeyBag: size %u\n", defaultLen);
break;
case BT_ShroudedKeyBag:
doIndent(depth+3);
printf("ShroudedKeyBag:\n");
rtn = shroudedKeyBagParse(bag->bagValue.shroudedKeyBag,
pinfo,
depth+6);
break;
case BT_CertBag:
doIndent(depth+3);
printf("CertBag:\n");
rtn = certBagParse(bag->bagValue.certBag,
pinfo,
depth+6);
break;
case BT_CrlBag:
doIndent(depth+3);
printf("CrlBag:\n");
rtn = crlBagParse(bag->bagValue.crlBag,
pinfo,
depth+6);
break;
case BT_SecretBag:
doIndent(depth+3);
printf("SecretBag: size %u\n", defaultLen);
break;
case BT_SafeContentsBag:
doIndent(depth+3);
printf("SafeContentsBag: size %u\n", defaultLen);
break;
default:
doIndent(depth+3);
printf("===Warning: unknownBagType (%u)\n",
(unsigned)bag->type);
break;
}
if(rtn) {
break;
}
}
return rtn;
}
