Add support for PKCS12_set_mac

[samuel40791765]

Issues:

Addresses CryptoAlg-2821

Description of changes:

Ruby has added a binding for an additional function called PKCS12_set_mac in it's master branch: ruby/ruby@c79b435 This was discovered prior to the PR for Ruby's CI integration with the master branch being merged: #2071

OpenSSL's implementation of the function directly sets a designated mac field within the PKCS12 structure. Our PKCS12 structure is folded into a string of bytes along with its length and there aren't any available fields for us to directly set. This means that AWS-LC's implementation of PKCS12_set_mac has to parse the proper contents from PKCS12 and rerun the key and mac generation with the new parameters provided.

Call-outs:

1. The parsing logic is similar to PKCS12_get_key_and_certs, but the logic can't be shared. This is because we need to maintain pointers to certain parts of the CBS parsers in PKCS12_set_mac, so that we can properly rewrite the contents later.
2. I've abstracted the key and mac generation in PKCS12_create and PKCS12_set_mac to a single function called pkcs12_gen_and_write_mac.
3. OpenSSL 3.0 uses SHA-256 as the default hash, yet OpenSSL 1.1.1 uses SHA1. TODO: Make a decision

Testing:

New Tests

By submitting this pull request, I confirm that my contribution is made under the terms of the Apache 2.0 license and the ISC license.

[codecov-commenter]

Codecov Report

Attention: Patch coverage is 85.08772% with 17 lines in your changes missing coverage. Please review.

Project coverage is 78.97%. Comparing base (cc9c9f0) to head (3deaf76).

Files with missing lines	Patch %	Lines
crypto/pkcs8/pkcs8_x509.c	78.20%	17 Missing ⚠️

Additional details and impacted files

@@           Coverage Diff           @@
##             main    #2128   +/-   ##
=======================================
  Coverage   78.97%   78.97%           
=======================================
  Files         611      611           
  Lines      105552   105632   +80     
  Branches    14950    14951    +1     
=======================================
+ Hits        83361    83425   +64     
- Misses      21538    21558   +20     
+ Partials      653      649    -4     

☔ View full report in Codecov by Sentry.
📢 Have feedback on the report? Share it here.

[skmcgrail]

Minor style feedback on tests, non-blocking.

[WillChilds-Klein]

what is "authsafe"? i don't see it mentioned anywhere in the overview

[samuel40791765]

authsafe is the ASN1 content that we need to run HMAC against. It's a field defined within the PFX syntax for PKCS12: https://datatracker.ietf.org/doc/html/rfc7292#section-4
It has the ContentInfo type, which is defined in another RFC: https://datatracker.ietf.org/doc/html/rfc2315#section-7.

I didn't go into further explanation here, since we have prior art/documentation in our parsers. I also tried sharing the code here, but both parsers need slightly different information extracted.

[WillChilds-Klein]

why | 0?

[samuel40791765]

Great question, 0 is the explicit tag that corresponds to this field. We use CBS_ASN1_CONSTRUCTED to OR into a tag to look up the constructed bit.

Other usages of CBS_ASN1_CONSTRUCTED follow a similar pattern: https://github.com/search?q=repo%3Aaws/aws-lc%20CBS_ASN1_CONSTRUCTED&type=code