1//! PKCS #12 archives.
2
3use foreign_types::{ForeignType, ForeignTypeRef};
4use libc::c_int;
5use std::ffi::CString;
6use std::ptr;
7
8use crate::error::ErrorStack;
9#[cfg(not(boringssl))]
10use crate::hash::MessageDigest;
11use crate::nid::Nid;
12use crate::pkey::{HasPrivate, PKey, PKeyRef, Private};
13use crate::stack::Stack;
14use crate::util::ForeignTypeExt;
15use crate::x509::{X509Ref, X509};
16use crate::{cvt, cvt_p};
17use openssl_macros::corresponds;
18
19foreign_type_and_impl_send_sync! {
20 type CType = ffi::PKCS12;
21 fn drop = ffi::PKCS12_free;
22
23 pub struct Pkcs12;
24 pub struct Pkcs12Ref;
25}
26
27impl Pkcs12Ref {
28 to_der! {
29 /// Serializes the `Pkcs12` to its standard DER encoding.
30 #[corresponds(i2d_PKCS12)]
31 to_der,
32 ffi::i2d_PKCS12
33 }
34
35 /// Deprecated.
36 #[deprecated(note = "Use parse2 instead", since = "0.10.46")]
37 #[allow(deprecated)]
38 pub fn parse(&self, pass: &str) -> Result<ParsedPkcs12, ErrorStack> {
39 let parsed = self.parse2(pass)?;
40
41 Ok(ParsedPkcs12 {
42 pkey: parsed.pkey.unwrap(),
43 cert: parsed.cert.unwrap(),
44 chain: parsed.ca,
45 })
46 }
47
48 /// Extracts the contents of the `Pkcs12`.
49 #[corresponds(PKCS12_parse)]
50 pub fn parse2(&self, pass: &str) -> Result<ParsedPkcs12_2, ErrorStack> {
51 unsafe {
52 let pass = CString::new(pass.as_bytes()).unwrap();
53
54 let mut pkey = ptr::null_mut();
55 let mut cert = ptr::null_mut();
56 let mut ca = ptr::null_mut();
57
58 cvt(ffi::PKCS12_parse(
59 self.as_ptr(),
60 pass.as_ptr(),
61 &mut pkey,
62 &mut cert,
63 &mut ca,
64 ))?;
65
66 let pkey = PKey::from_ptr_opt(pkey);
67 let cert = X509::from_ptr_opt(cert);
68 let ca = Stack::from_ptr_opt(ca);
69
70 Ok(ParsedPkcs12_2 { pkey, cert, ca })
71 }
72 }
73}
74
75impl Pkcs12 {
76 from_der! {
77 /// Deserializes a DER-encoded PKCS#12 archive.
78 #[corresponds(d2i_PKCS12)]
79 from_der,
80 Pkcs12,
81 ffi::d2i_PKCS12
82 }
83
84 /// Creates a new builder for a protected pkcs12 certificate.
85 ///
86 /// This uses the defaults from the OpenSSL library:
87 ///
88 /// * `nid_key` - `AES_256_CBC` (3.0.0+) or `PBE_WITHSHA1AND3_KEY_TRIPLEDES_CBC`
89 /// * `nid_cert` - `AES_256_CBC` (3.0.0+) or `PBE_WITHSHA1AND40BITRC2_CBC`
90 /// * `iter` - `2048`
91 /// * `mac_iter` - `2048`
92 /// * `mac_md` - `SHA-256` (3.0.0+) or `SHA-1` (`SHA-1` only for BoringSSL)
93 pub fn builder() -> Pkcs12Builder {
94 ffi::init();
95
96 Pkcs12Builder {
97 name: None,
98 pkey: None,
99 cert: None,
100 ca: None,
101 nid_key: Nid::UNDEF,
102 nid_cert: Nid::UNDEF,
103 iter: ffi::PKCS12_DEFAULT_ITER,
104 mac_iter: ffi::PKCS12_DEFAULT_ITER,
105 #[cfg(not(boringssl))]
106 mac_md: None,
107 }
108 }
109}
110
111#[deprecated(note = "Use ParsedPkcs12_2 instead", since = "0.10.46")]
112pub struct ParsedPkcs12 {
113 pub pkey: PKey<Private>,
114 pub cert: X509,
115 pub chain: Option<Stack<X509>>,
116}
117
118pub struct ParsedPkcs12_2 {
119 pub pkey: Option<PKey<Private>>,
120 pub cert: Option<X509>,
121 pub ca: Option<Stack<X509>>,
122}
123
124pub struct Pkcs12Builder {
125 // FIXME borrow
126 name: Option<CString>,
127 pkey: Option<PKey<Private>>,
128 cert: Option<X509>,
129 ca: Option<Stack<X509>>,
130 nid_key: Nid,
131 nid_cert: Nid,
132 iter: c_int,
133 mac_iter: c_int,
134 // FIXME remove
135 #[cfg(not(boringssl))]
136 mac_md: Option<MessageDigest>,
137}
138
139impl Pkcs12Builder {
140 /// The `friendlyName` used for the certificate and private key.
141 pub fn name(&mut self, name: &str) -> &mut Self {
142 self.name = Some(CString::new(name).unwrap());
143 self
144 }
145
146 /// The private key.
147 pub fn pkey<T>(&mut self, pkey: &PKeyRef<T>) -> &mut Self
148 where
149 T: HasPrivate,
150 {
151 let new_pkey = unsafe { PKeyRef::from_ptr(pkey.as_ptr()) };
152 self.pkey = Some(new_pkey.to_owned());
153 self
154 }
155
156 /// The certificate.
157 pub fn cert(&mut self, cert: &X509Ref) -> &mut Self {
158 self.cert = Some(cert.to_owned());
159 self
160 }
161
162 /// An additional set of certificates to include in the archive beyond the one provided to
163 /// `build`.
164 pub fn ca(&mut self, ca: Stack<X509>) -> &mut Self {
165 self.ca = Some(ca);
166 self
167 }
168
169 /// The encryption algorithm that should be used for the key
170 pub fn key_algorithm(&mut self, nid: Nid) -> &mut Self {
171 self.nid_key = nid;
172 self
173 }
174
175 /// The encryption algorithm that should be used for the cert
176 pub fn cert_algorithm(&mut self, nid: Nid) -> &mut Self {
177 self.nid_cert = nid;
178 self
179 }
180
181 /// Key iteration count, default is 2048 as of this writing
182 pub fn key_iter(&mut self, iter: u32) -> &mut Self {
183 self.iter = iter as c_int;
184 self
185 }
186
187 /// MAC iteration count, default is the same as key_iter.
188 ///
189 /// Old implementations don't understand MAC iterations greater than 1, (pre 1.0.1?), if such
190 /// compatibility is required this should be set to 1.
191 pub fn mac_iter(&mut self, mac_iter: u32) -> &mut Self {
192 self.mac_iter = mac_iter as c_int;
193 self
194 }
195
196 /// MAC message digest type
197 #[cfg(not(boringssl))]
198 pub fn mac_md(&mut self, md: MessageDigest) -> &mut Self {
199 self.mac_md = Some(md);
200 self
201 }
202
203 /// Deprecated.
204 #[deprecated(
205 note = "Use Self::{name, pkey, cert, build2} instead.",
206 since = "0.10.46"
207 )]
208 pub fn build<T>(
209 mut self,
210 password: &str,
211 friendly_name: &str,
212 pkey: &PKeyRef<T>,
213 cert: &X509Ref,
214 ) -> Result<Pkcs12, ErrorStack>
215 where
216 T: HasPrivate,
217 {
218 self.name(friendly_name)
219 .pkey(pkey)
220 .cert(cert)
221 .build2(password)
222 }
223
224 /// Builds the PKCS#12 object.
225 #[corresponds(PKCS12_create)]
226 pub fn build2(&self, password: &str) -> Result<Pkcs12, ErrorStack> {
227 unsafe {
228 let pass = CString::new(password).unwrap();
229 let pass = pass.as_ptr();
230 let friendly_name = self.name.as_ref().map_or(ptr::null(), |p| p.as_ptr());
231 let pkey = self.pkey.as_ref().map_or(ptr::null(), |p| p.as_ptr());
232 let cert = self.cert.as_ref().map_or(ptr::null(), |p| p.as_ptr());
233 let ca = self
234 .ca
235 .as_ref()
236 .map(|ca| ca.as_ptr())
237 .unwrap_or(ptr::null_mut());
238 let nid_key = self.nid_key.as_raw();
239 let nid_cert = self.nid_cert.as_raw();
240
241 // According to the OpenSSL docs, keytype is a non-standard extension for MSIE,
242 // It's values are KEY_SIG or KEY_EX, see the OpenSSL docs for more information:
243 // https://www.openssl.org/docs/manmaster/crypto/PKCS12_create.html
244 let keytype = 0;
245
246 let pkcs12 = cvt_p(ffi::PKCS12_create(
247 pass as *mut _,
248 friendly_name as *mut _,
249 pkey as *mut _,
250 cert as *mut _,
251 ca,
252 nid_key,
253 nid_cert,
254 self.iter,
255 self.mac_iter,
256 keytype,
257 ))
258 .map(Pkcs12)?;
259
260 #[cfg(not(boringssl))]
261 // BoringSSL does not support overriding the MAC and will always
262 // use SHA-1
263 {
264 let md_type = self
265 .mac_md
266 .map(|md_type| md_type.as_ptr())
267 .unwrap_or(ptr::null());
268
269 cvt(ffi::PKCS12_set_mac(
270 pkcs12.as_ptr(),
271 pass,
272 -1,
273 ptr::null_mut(),
274 0,
275 self.mac_iter,
276 md_type,
277 ))?;
278 }
279
280 Ok(pkcs12)
281 }
282 }
283}
284
285#[cfg(test)]
286mod test {
287 use crate::asn1::Asn1Time;
288 use crate::hash::MessageDigest;
289 use crate::nid::Nid;
290 use crate::pkey::PKey;
291 use crate::rsa::Rsa;
292 use crate::x509::extension::KeyUsage;
293 use crate::x509::{X509Name, X509};
294
295 use super::*;
296
297 #[test]
298 fn parse() {
299 #[cfg(ossl300)]
300 let _provider = crate::provider::Provider::try_load(None, "legacy", true).unwrap();
301
302 let der = include_bytes!("../test/identity.p12");
303 let pkcs12 = Pkcs12::from_der(der).unwrap();
304 let parsed = pkcs12.parse2("mypass").unwrap();
305
306 assert_eq!(
307 hex::encode(parsed.cert.unwrap().digest(MessageDigest::sha1()).unwrap()),
308 "59172d9313e84459bcff27f967e79e6e9217e584"
309 );
310
311 let chain = parsed.ca.unwrap();
312 assert_eq!(chain.len(), 1);
313 assert_eq!(
314 hex::encode(chain[0].digest(MessageDigest::sha1()).unwrap()),
315 "c0cbdf7cdd03c9773e5468e1f6d2da7d5cbb1875"
316 );
317 }
318
319 #[test]
320 fn parse_empty_chain() {
321 #[cfg(ossl300)]
322 let _provider = crate::provider::Provider::try_load(None, "legacy", true).unwrap();
323
324 let der = include_bytes!("../test/keystore-empty-chain.p12");
325 let pkcs12 = Pkcs12::from_der(der).unwrap();
326 let parsed = pkcs12.parse2("cassandra").unwrap();
327 if let Some(stack) = parsed.ca {
328 assert_eq!(stack.len(), 0);
329 }
330 }
331
332 #[test]
333 fn create() {
334 let subject_name = "ns.example.com";
335 let rsa = Rsa::generate(2048).unwrap();
336 let pkey = PKey::from_rsa(rsa).unwrap();
337
338 let mut name = X509Name::builder().unwrap();
339 name.append_entry_by_nid(Nid::COMMONNAME, subject_name)
340 .unwrap();
341 let name = name.build();
342
343 let key_usage = KeyUsage::new().digital_signature().build().unwrap();
344
345 let mut builder = X509::builder().unwrap();
346 builder.set_version(2).unwrap();
347 builder
348 .set_not_before(&Asn1Time::days_from_now(0).unwrap())
349 .unwrap();
350 builder
351 .set_not_after(&Asn1Time::days_from_now(365).unwrap())
352 .unwrap();
353 builder.set_subject_name(&name).unwrap();
354 builder.set_issuer_name(&name).unwrap();
355 builder.append_extension(key_usage).unwrap();
356 builder.set_pubkey(&pkey).unwrap();
357 builder.sign(&pkey, MessageDigest::sha256()).unwrap();
358 let cert = builder.build();
359
360 let pkcs12 = Pkcs12::builder()
361 .name(subject_name)
362 .pkey(&pkey)
363 .cert(&cert)
364 .build2("mypass")
365 .unwrap();
366 let der = pkcs12.to_der().unwrap();
367
368 let pkcs12 = Pkcs12::from_der(&der).unwrap();
369 let parsed = pkcs12.parse2("mypass").unwrap();
370
371 assert_eq!(
372 &*parsed.cert.unwrap().digest(MessageDigest::sha1()).unwrap(),
373 &*cert.digest(MessageDigest::sha1()).unwrap()
374 );
375 assert!(parsed.pkey.unwrap().public_eq(&pkey));
376 }
377
378 #[test]
379 fn create_only_ca() {
380 let ca = include_bytes!("../test/root-ca.pem");
381 let ca = X509::from_pem(ca).unwrap();
382 let mut chain = Stack::new().unwrap();
383 chain.push(ca).unwrap();
384
385 let pkcs12 = Pkcs12::builder().ca(chain).build2("hunter2").unwrap();
386 let parsed = pkcs12.parse2("hunter2").unwrap();
387
388 assert!(parsed.cert.is_none());
389 assert!(parsed.pkey.is_none());
390 assert_eq!(parsed.ca.unwrap().len(), 1);
391 }
392}
393