/* * ShroudedKeyBag parser w/decrypt */ static int shroudedKeyBagParse(pkcs12_context * context, const NSS_P12_SafeBag *safeBag) { p12DecodeLog("Found shrouded key bag"); const NSS_P12_ShroudedKeyBag *keyBag = safeBag->bagValue.shroudedKeyBag; SecAsn1Item ptext = {0, NULL}; require_noerr_quiet(p12Decrypt(context, &keyBag->algorithm, &keyBag->encryptedData, &ptext), out); /* Decode PKCS#8 formatted private key */ NSS_PrivateKeyInfo pki; memset(&pki, 0, sizeof(pki)); require_noerr(decode_item(context, &ptext, kSecAsn1PrivateKeyInfoTemplate, &pki), out); DERItem algorithm = { pki.algorithm.algorithm.Data, pki.algorithm.algorithm.Length }; require(DEROidCompare(&oidRsa, &algorithm), out); CFDataRef keyData = CFDataCreate(kCFAllocatorDefault, pki.privateKey.Data, pki.privateKey.Length); require_noerr(emit_item(context, safeBag->bagAttrs, CFSTR("key"), keyData), out); CFRelease(keyData); return 0; out: return -1; }
/* * CertBag parser */ static int certBagParse(pkcs12_context * context, const NSS_P12_SafeBag *safeBag) { p12DecodeLog("found certBag"); NSS_P12_CertBag *certBag = safeBag->bagValue.certBag; switch(certBag->type) { case CT_X509: { /* certType = CSSM_CERT_X_509v3; certEncoding = CSSM_CERT_ENCODING_DER; */ CFDataRef certData = CFDataCreate(kCFAllocatorDefault, certBag->certValue.Data, certBag->certValue.Length); require_noerr(emit_item(context, safeBag->bagAttrs, CFSTR("cert"), certData), out); CFRelease(certData); break; } case CT_SDSI: /* certType = CSSM_CERT_SDSIv1; */ /* it's base64 encoded - no value for that in this enum */ break; default: return -1; } return 0; out: return -1; }
static void map_phrases(FILE *of, egg_token *t) { egg_token *ge; egg_token *ph; egg_token *phn; egg_token *def; egg_token *seq; egg_token *it; egg_token *defcon; egg_token *seqcon; char *sphn = NULL; char *s; // Sanity check parameters if (!of) return; if (!t) return; // Emit XML node for the phrase map fprintf(of, " <phrase-map>\n"); // Search for each grammar-element and emit the phrase map for the // phrase that is contained in each grammar-element // Get first grammar-element ge = egg_token_find(t, egg_token_type_grammar_element); while (ge) { // Get it's phrase ph = egg_token_find(ge->descendant, egg_token_type_phrase); if (ph) { // Get the phrase's name phn = egg_token_find(ph->descendant, egg_token_type_phrase_name); if (phn) sphn = egg_token_to_string(phn->descendant, NULL); // Get the phrase's definition def = egg_token_find(ph->descendant, egg_token_type_definition); if (def) { // Get the first sequence in the definition seq = egg_token_find(def->descendant, egg_token_type_sequence); if (seq) { // Emit the XML for the phrase fprintf(of, " <phrase>\n"); fprintf(of, " <name>%s</name>\n", sphn); fprintf(of, " <sequence>\n"); it = egg_token_find(seq->descendant, egg_token_type_item); emit_item(of, it); // Get any subsequent items in this sequence seqcon = egg_token_find(def->descendant, egg_token_type_sequence_continuation); while (seqcon) { it = egg_token_find(seqcon->descendant, egg_token_type_item); emit_item(of, it); seqcon = seqcon->next; } // Emit the closure for this sequence fprintf(of, " </sequence>\n"); // Look for subsequent sequences in definition defcon = egg_token_find(def->descendant, egg_token_type_definition_continuation); while (defcon) { // Grab the sequence seq = egg_token_find(defcon->descendant, egg_token_type_sequence); if (seq) { // Emit the XML for this sequence fprintf(of, " <sequence>\n"); it = egg_token_find(seq->descendant, egg_token_type_item); emit_item(of, it); // Get any subsequent items in this sequence seqcon = egg_token_find(def->descendant, egg_token_type_sequence_continuation); while (seqcon) { it = egg_token_find(seqcon->descendant, egg_token_type_item); emit_item(of, it); seqcon = seqcon->next; } // Emit the closure for this sequence fprintf(of, " </sequence>\n"); } defcon = defcon->next; } // Emit the closure for the entire phrase fprintf(of, " </phrase>\n"); } } } if (sphn) { free(sphn); sphn = NULL; } ge = ge->next; } // Emit the closure for the completed phrase-map fprintf(of, " </phrase-map>\n"); return; }