/* * Parse an encoded NSS_P12_SafeContents. This could be either * present as plaintext in an AuthSafe or decrypted. */ static int safeContentsParse(pkcs12_context * context, const SecAsn1Item *contentsBlob) { p12DecodeLog("safeContentsParse"); NSS_P12_SafeContents sc; memset(&sc, 0, sizeof(sc)); require_noerr(decode_item(context, contentsBlob, NSS_P12_SafeContentsTemplate, &sc), out); unsigned numBags = nssArraySize((const void **)sc.bags); unsigned int dex; for(dex=0; dex<numBags; dex++) { NSS_P12_SafeBag *bag = sc.bags[dex]; assert(bag != NULL); /* ensure that *something* is there */ require(bag->bagValue.keyBag != NULL, out); /* * Break out to individual bag type */ switch(bag->type) { case BT_ShroudedKeyBag: require_noerr(shroudedKeyBagParse(context, bag), out); break; case BT_CertBag: require_noerr(certBagParse(context, bag), out); break; case BT_KeyBag: /* keyBagParse(bag); */ p12DecodeLog("Unhandled BT_KeyBag"); break; case BT_CrlBag: /* crlBagParse(bag); */ p12DecodeLog("Unhandled BT_CrlBag"); break; case BT_SecretBag: /* secretBagParse(bag); */ p12DecodeLog("Unhandled BT_SecretBag"); break; case BT_SafeContentsBag: /* safeContentsBagParse(bag); */ p12DecodeLog("Unhandled BT_SafeContentsBag"); break; default: p12DecodeLog("Unknown bag type"); goto out; break; } } return 0; out: return -1; }
/* * Parse an encoded NSS_P12_SafeContents. This could be either * present as plaintext in an AuthSafe or decrypted. */ void P12Coder::safeContentsParse( const CSSM_DATA &contentsBlob, SecNssCoder &localCdr) { p12DecodeLog("safeContentsParse"); NSS_P12_SafeContents sc; memset(&sc, 0, sizeof(sc)); if(localCdr.decodeItem(contentsBlob, NSS_P12_SafeContentsTemplate, &sc)) { p12ErrorLog("Error decoding SafeContents\n"); P12_THROW_DECODE; } unsigned numBags = nssArraySize((const void **)sc.bags); for(unsigned dex=0; dex<numBags; dex++) { NSS_P12_SafeBag *bag = sc.bags[dex]; assert(bag != NULL); /* ensure that *something* is there */ if(bag->bagValue.keyBag == NULL) { p12ErrorLog("safeContentsParse: Empty SafeBag\n"); P12_THROW_DECODE; } /* * Break out to individual bag type */ switch(bag->type) { case BT_KeyBag: keyBagParse(*bag, localCdr); break; case BT_ShroudedKeyBag: shroudedKeyBagParse(*bag, localCdr); break; case BT_CertBag: certBagParse(*bag, localCdr); break; case BT_CrlBag: crlBagParse(*bag, localCdr); break; case BT_SecretBag: secretBagParse(*bag ,localCdr); break; case BT_SafeContentsBag: safeContentsBagParse(*bag, localCdr); break; default: p12ErrorLog("unknown p12 BagType (%u)\n", (unsigned)bag->type); P12_THROW_DECODE; } } }
/* * Parse an encoded NSS_P12_SafeContents. This could be either * present as plaintext in an AuthSafe or decrypted. */ static int safeContentsParse( const CSSM_DATA &contentsBlob, P12ParseInfo &pinfo, unsigned depth) // print indent depth { NSS_P12_SafeContents sc; memset(&sc, 0, sizeof(sc)); if(pinfo.mCoder.decodeItem(contentsBlob, NSS_P12_SafeContentsTemplate, &sc)) { printf("***Error decoding SafeContents\n"); return 1; } unsigned numBags = nssArraySize((const void **)sc.bags); doIndent(depth); printf("SafeContents num bags %u\n", numBags); int rtn = 0; for(unsigned dex=0; dex<numBags; dex++) { NSS_P12_SafeBag *bag = sc.bags[dex]; doIndent(depth); printf("Bag %u:\n", dex); /* common stuff here */ doIndent(depth+3); printf("bagId = %s\n", oidStr(bag->bagId, pinfo.mParser)); doIndent(depth+3); printf("type = %s\n", p12BagTypeStr(bag->type)); unsigned numAttrs = nssArraySize((const void**)bag->bagAttrs); if(numAttrs) { doIndent(depth+3); printf("numAttrs = %u\n", numAttrs); for(unsigned i=0; i<numAttrs; i++) { doIndent(depth+3); printf("attr[%u]:\n", i); attrParse(bag->bagAttrs[i], pinfo, depth+6); } } /* * Now break out to individual bag type * * This hacked line breaks when we have a real key bag defined */ unsigned defaultLen = (unsigned)bag->bagValue.keyBag->Length; switch(bag->type) { case BT_KeyBag: doIndent(depth+3); printf("KeyBag: size %u\n", defaultLen); break; case BT_ShroudedKeyBag: doIndent(depth+3); printf("ShroudedKeyBag:\n"); rtn = shroudedKeyBagParse(bag->bagValue.shroudedKeyBag, pinfo, depth+6); break; case BT_CertBag: doIndent(depth+3); printf("CertBag:\n"); rtn = certBagParse(bag->bagValue.certBag, pinfo, depth+6); break; case BT_CrlBag: doIndent(depth+3); printf("CrlBag:\n"); rtn = crlBagParse(bag->bagValue.crlBag, pinfo, depth+6); break; case BT_SecretBag: doIndent(depth+3); printf("SecretBag: size %u\n", defaultLen); break; case BT_SafeContentsBag: doIndent(depth+3); printf("SafeContentsBag: size %u\n", defaultLen); break; default: doIndent(depth+3); printf("===Warning: unknownBagType (%u)\n", (unsigned)bag->type); break; } if(rtn) { break; } } return rtn; }