summaryrefslogtreecommitdiffstats
path: root/src/file_pfx.c
blob: c2054df3041099b85d76911e52480a0a98374466 (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
/*

    File: file_pfx.c

    Copyright (C) 2008 Christophe GRENIER <grenier@cgsecurity.org>
  
    This software is free software; you can redistribute it and/or modify
    it under the terms of the GNU General Public License as published by
    the Free Software Foundation; either version 2 of the License, or
    (at your option) any later version.
  
    This program is distributed in the hope that it will be useful,
    but WITHOUT ANY WARRANTY; without even the implied warranty of
    MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
    GNU General Public License for more details.
  
    You should have received a copy of the GNU General Public License along
    with this program; if not, write the Free Software Foundation, Inc., 51
    Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.

 */

#if !defined(SINGLE_FORMAT) || defined(SINGLE_FORMAT_pfx)
#ifdef HAVE_CONFIG_H
#include <config.h>
#endif
#ifdef HAVE_STRING_H
#include <string.h>
#endif
#include <stdio.h>
#include "types.h"
#include "filegen.h"

/*@ requires valid_register_header_check(file_stat); */
static void register_header_check_pfx(file_stat_t *file_stat);

const file_hint_t file_hint_pfx= {
  .extension="pfx",
  .description="PKCS#12 keys",
  .max_filesize=PHOTOREC_MAX_FILE_SIZE,
  .recover=1,
  .enable_by_default=1,
  .register_header_check=&register_header_check_pfx
};

/* A pfx file are PKCS#12 data encoded following ASN.1 DER
 *
 * PKCS #12: Personal Information Exchange Syntax Standard
 * ftp://ftp.rsasecurity.com/pub/pkcs/pkcs-12/pkcs-12v1.pdf
 *
 * For the recovery PhotoRec assumes
 * - the file is smaller than 65535+4 bytes
 * - PKCS #7 ContentInfo contentType=data
 *
 *  0:d=0  hl=4 l=XXXX cons: SEQUENCE
 *    30 82 XX XX	XXXX + 4 = filesize
 *  4:d=1  hl=2 l=   1 prim: INTEGER
 *    02 01 03		version 3
 *  7:d=1  hl=4 l=XXXX cons: SEQUENCE
 *    30 82 XX XX
 * 11:d=2  hl=2 l=   9 prim: OBJECT            :pkcs7-data
 *    06 09 2a 86 48 86 f7 0d 01 07 01
 *    A PKCS #7 ContentInfo, whose contentType is signedData in
 *    public-key integrity mode and data in password integrity mode.
 *    Here, contentType=data
 */

/*@
  @ requires buffer_size >= 9;
  @ requires separation: \separated(&file_hint_pfx, buffer+(..), file_recovery, file_recovery_new);
  @ requires valid_header_check_param(buffer, buffer_size, safe_header_only, file_recovery, file_recovery_new);
  @ ensures  valid_header_check_result(\result, file_recovery_new);
  @ assigns  *file_recovery_new;
  @*/
static int header_check_pfx(const unsigned char *buffer, const unsigned int buffer_size, const unsigned int safe_header_only, const file_recovery_t *file_recovery, file_recovery_t *file_recovery_new)
{
  if(buffer[0]==0x30 && buffer[1]==0x82 &&
      buffer[4]==0x02 && buffer[5]==0x01 && buffer[6]==0x03 &&
      buffer[7]==0x30 && buffer[8]==0x82)
  {
    const uint64_t size=((buffer[2])<<8) + buffer[3] + 4;
    if(size < 11 + 11)
      return 0;
    reset_file_recovery(file_recovery_new);
    file_recovery_new->extension=file_hint_pfx.extension;
    file_recovery_new->calculated_file_size=size;
    file_recovery_new->data_check=&data_check_size;
    file_recovery_new->file_check=&file_check_size;
    return 1;
  }
  return 0;
}

static void register_header_check_pfx(file_stat_t *file_stat)
{
  static const unsigned char pfx_header[11]= {
    0x06, 0x09,
    0x2a, 0x86, 0x48, 0x86, 0xf7, 0x0d, 0x01, 0x07, 0x01
  };
  register_header_check(11, pfx_header,sizeof(pfx_header), &header_check_pfx, file_stat);
}
#endif