1cca6fc52SDaniel Fojt /* $OpenBSD: cms_lcl.h,v 1.12 2019/10/04 18:03:56 tb Exp $ */ 2cca6fc52SDaniel Fojt /* 3cca6fc52SDaniel Fojt * Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL 4cca6fc52SDaniel Fojt * project. 5cca6fc52SDaniel Fojt */ 6cca6fc52SDaniel Fojt /* ==================================================================== 7cca6fc52SDaniel Fojt * Copyright (c) 2008 The OpenSSL Project. All rights reserved. 8cca6fc52SDaniel Fojt * 9cca6fc52SDaniel Fojt * Redistribution and use in source and binary forms, with or without 10cca6fc52SDaniel Fojt * modification, are permitted provided that the following conditions 11cca6fc52SDaniel Fojt * are met: 12cca6fc52SDaniel Fojt * 13cca6fc52SDaniel Fojt * 1. Redistributions of source code must retain the above copyright 14cca6fc52SDaniel Fojt * notice, this list of conditions and the following disclaimer. 15cca6fc52SDaniel Fojt * 16cca6fc52SDaniel Fojt * 2. Redistributions in binary form must reproduce the above copyright 17cca6fc52SDaniel Fojt * notice, this list of conditions and the following disclaimer in 18cca6fc52SDaniel Fojt * the documentation and/or other materials provided with the 19cca6fc52SDaniel Fojt * distribution. 20cca6fc52SDaniel Fojt * 21cca6fc52SDaniel Fojt * 3. All advertising materials mentioning features or use of this 22cca6fc52SDaniel Fojt * software must display the following acknowledgment: 23cca6fc52SDaniel Fojt * "This product includes software developed by the OpenSSL Project 24cca6fc52SDaniel Fojt * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" 25cca6fc52SDaniel Fojt * 26cca6fc52SDaniel Fojt * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to 27cca6fc52SDaniel Fojt * endorse or promote products derived from this software without 28cca6fc52SDaniel Fojt * prior written permission. For written permission, please contact 29cca6fc52SDaniel Fojt * licensing@OpenSSL.org. 30cca6fc52SDaniel Fojt * 31cca6fc52SDaniel Fojt * 5. Products derived from this software may not be called "OpenSSL" 32cca6fc52SDaniel Fojt * nor may "OpenSSL" appear in their names without prior written 33cca6fc52SDaniel Fojt * permission of the OpenSSL Project. 34cca6fc52SDaniel Fojt * 35cca6fc52SDaniel Fojt * 6. Redistributions of any form whatsoever must retain the following 36cca6fc52SDaniel Fojt * acknowledgment: 37cca6fc52SDaniel Fojt * "This product includes software developed by the OpenSSL Project 38cca6fc52SDaniel Fojt * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" 39cca6fc52SDaniel Fojt * 40cca6fc52SDaniel Fojt * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY 41cca6fc52SDaniel Fojt * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 42cca6fc52SDaniel Fojt * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR 43cca6fc52SDaniel Fojt * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR 44cca6fc52SDaniel Fojt * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, 45cca6fc52SDaniel Fojt * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT 46cca6fc52SDaniel Fojt * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; 47cca6fc52SDaniel Fojt * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 48cca6fc52SDaniel Fojt * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, 49cca6fc52SDaniel Fojt * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) 50cca6fc52SDaniel Fojt * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED 51cca6fc52SDaniel Fojt * OF THE POSSIBILITY OF SUCH DAMAGE. 52cca6fc52SDaniel Fojt * ==================================================================== 53cca6fc52SDaniel Fojt */ 54cca6fc52SDaniel Fojt 55cca6fc52SDaniel Fojt #ifndef HEADER_CMS_LCL_H 56cca6fc52SDaniel Fojt #define HEADER_CMS_LCL_H 57cca6fc52SDaniel Fojt 58cca6fc52SDaniel Fojt #include <openssl/x509.h> 59cca6fc52SDaniel Fojt 60cca6fc52SDaniel Fojt /* 61cca6fc52SDaniel Fojt * Cryptographic message syntax (CMS) structures: taken from RFC3852 62cca6fc52SDaniel Fojt */ 63cca6fc52SDaniel Fojt 64cca6fc52SDaniel Fojt /* Forward references */ 65cca6fc52SDaniel Fojt 66cca6fc52SDaniel Fojt typedef struct CMS_IssuerAndSerialNumber_st CMS_IssuerAndSerialNumber; 67cca6fc52SDaniel Fojt typedef struct CMS_EncapsulatedContentInfo_st CMS_EncapsulatedContentInfo; 68cca6fc52SDaniel Fojt typedef struct CMS_SignerIdentifier_st CMS_SignerIdentifier; 69cca6fc52SDaniel Fojt typedef struct CMS_SignedData_st CMS_SignedData; 70cca6fc52SDaniel Fojt typedef struct CMS_OtherRevocationInfoFormat_st CMS_OtherRevocationInfoFormat; 71cca6fc52SDaniel Fojt typedef struct CMS_OriginatorInfo_st CMS_OriginatorInfo; 72cca6fc52SDaniel Fojt typedef struct CMS_EncryptedContentInfo_st CMS_EncryptedContentInfo; 73cca6fc52SDaniel Fojt typedef struct CMS_EnvelopedData_st CMS_EnvelopedData; 74cca6fc52SDaniel Fojt typedef struct CMS_DigestedData_st CMS_DigestedData; 75cca6fc52SDaniel Fojt typedef struct CMS_EncryptedData_st CMS_EncryptedData; 76cca6fc52SDaniel Fojt typedef struct CMS_AuthenticatedData_st CMS_AuthenticatedData; 77cca6fc52SDaniel Fojt typedef struct CMS_CompressedData_st CMS_CompressedData; 78cca6fc52SDaniel Fojt typedef struct CMS_OtherCertificateFormat_st CMS_OtherCertificateFormat; 79cca6fc52SDaniel Fojt typedef struct CMS_KeyTransRecipientInfo_st CMS_KeyTransRecipientInfo; 80cca6fc52SDaniel Fojt typedef struct CMS_OriginatorPublicKey_st CMS_OriginatorPublicKey; 81cca6fc52SDaniel Fojt typedef struct CMS_OriginatorIdentifierOrKey_st CMS_OriginatorIdentifierOrKey; 82cca6fc52SDaniel Fojt typedef struct CMS_KeyAgreeRecipientInfo_st CMS_KeyAgreeRecipientInfo; 83cca6fc52SDaniel Fojt typedef struct CMS_RecipientKeyIdentifier_st CMS_RecipientKeyIdentifier; 84cca6fc52SDaniel Fojt typedef struct CMS_KeyAgreeRecipientIdentifier_st 85cca6fc52SDaniel Fojt CMS_KeyAgreeRecipientIdentifier; 86cca6fc52SDaniel Fojt typedef struct CMS_KEKIdentifier_st CMS_KEKIdentifier; 87cca6fc52SDaniel Fojt typedef struct CMS_KEKRecipientInfo_st CMS_KEKRecipientInfo; 88cca6fc52SDaniel Fojt typedef struct CMS_PasswordRecipientInfo_st CMS_PasswordRecipientInfo; 89cca6fc52SDaniel Fojt typedef struct CMS_OtherRecipientInfo_st CMS_OtherRecipientInfo; 90cca6fc52SDaniel Fojt typedef struct CMS_ReceiptsFrom_st CMS_ReceiptsFrom; 91cca6fc52SDaniel Fojt 92cca6fc52SDaniel Fojt struct CMS_ContentInfo_st { 93cca6fc52SDaniel Fojt ASN1_OBJECT *contentType; 94cca6fc52SDaniel Fojt union { 95cca6fc52SDaniel Fojt ASN1_OCTET_STRING *data; 96cca6fc52SDaniel Fojt CMS_SignedData *signedData; 97cca6fc52SDaniel Fojt CMS_EnvelopedData *envelopedData; 98cca6fc52SDaniel Fojt CMS_DigestedData *digestedData; 99cca6fc52SDaniel Fojt CMS_EncryptedData *encryptedData; 100cca6fc52SDaniel Fojt CMS_AuthenticatedData *authenticatedData; 101cca6fc52SDaniel Fojt CMS_CompressedData *compressedData; 102cca6fc52SDaniel Fojt ASN1_TYPE *other; 103cca6fc52SDaniel Fojt /* Other types ... */ 104cca6fc52SDaniel Fojt void *otherData; 105cca6fc52SDaniel Fojt } d; 106cca6fc52SDaniel Fojt }; 107cca6fc52SDaniel Fojt 108cca6fc52SDaniel Fojt DECLARE_STACK_OF(CMS_CertificateChoices) 109cca6fc52SDaniel Fojt 110cca6fc52SDaniel Fojt struct CMS_SignedData_st { 111cca6fc52SDaniel Fojt long version; 112cca6fc52SDaniel Fojt STACK_OF(X509_ALGOR) *digestAlgorithms; 113cca6fc52SDaniel Fojt CMS_EncapsulatedContentInfo *encapContentInfo; 114cca6fc52SDaniel Fojt STACK_OF(CMS_CertificateChoices) *certificates; 115cca6fc52SDaniel Fojt STACK_OF(CMS_RevocationInfoChoice) *crls; 116cca6fc52SDaniel Fojt STACK_OF(CMS_SignerInfo) *signerInfos; 117cca6fc52SDaniel Fojt }; 118cca6fc52SDaniel Fojt 119cca6fc52SDaniel Fojt struct CMS_EncapsulatedContentInfo_st { 120cca6fc52SDaniel Fojt ASN1_OBJECT *eContentType; 121cca6fc52SDaniel Fojt ASN1_OCTET_STRING *eContent; 122cca6fc52SDaniel Fojt /* Set to 1 if incomplete structure only part set up */ 123cca6fc52SDaniel Fojt int partial; 124cca6fc52SDaniel Fojt }; 125cca6fc52SDaniel Fojt 126cca6fc52SDaniel Fojt struct CMS_SignerInfo_st { 127cca6fc52SDaniel Fojt long version; 128cca6fc52SDaniel Fojt CMS_SignerIdentifier *sid; 129cca6fc52SDaniel Fojt X509_ALGOR *digestAlgorithm; 130cca6fc52SDaniel Fojt STACK_OF(X509_ATTRIBUTE) *signedAttrs; 131cca6fc52SDaniel Fojt X509_ALGOR *signatureAlgorithm; 132cca6fc52SDaniel Fojt ASN1_OCTET_STRING *signature; 133cca6fc52SDaniel Fojt STACK_OF(X509_ATTRIBUTE) *unsignedAttrs; 134cca6fc52SDaniel Fojt /* Signing certificate and key */ 135cca6fc52SDaniel Fojt X509 *signer; 136cca6fc52SDaniel Fojt EVP_PKEY *pkey; 137cca6fc52SDaniel Fojt /* Digest and public key context for alternative parameters */ 138cca6fc52SDaniel Fojt EVP_MD_CTX *mctx; 139cca6fc52SDaniel Fojt EVP_PKEY_CTX *pctx; 140cca6fc52SDaniel Fojt }; 141cca6fc52SDaniel Fojt 142cca6fc52SDaniel Fojt struct CMS_SignerIdentifier_st { 143cca6fc52SDaniel Fojt int type; 144cca6fc52SDaniel Fojt union { 145cca6fc52SDaniel Fojt CMS_IssuerAndSerialNumber *issuerAndSerialNumber; 146cca6fc52SDaniel Fojt ASN1_OCTET_STRING *subjectKeyIdentifier; 147cca6fc52SDaniel Fojt } d; 148cca6fc52SDaniel Fojt }; 149cca6fc52SDaniel Fojt 150cca6fc52SDaniel Fojt struct CMS_EnvelopedData_st { 151cca6fc52SDaniel Fojt long version; 152cca6fc52SDaniel Fojt CMS_OriginatorInfo *originatorInfo; 153cca6fc52SDaniel Fojt STACK_OF(CMS_RecipientInfo) *recipientInfos; 154cca6fc52SDaniel Fojt CMS_EncryptedContentInfo *encryptedContentInfo; 155cca6fc52SDaniel Fojt STACK_OF(X509_ATTRIBUTE) *unprotectedAttrs; 156cca6fc52SDaniel Fojt }; 157cca6fc52SDaniel Fojt 158cca6fc52SDaniel Fojt struct CMS_OriginatorInfo_st { 159cca6fc52SDaniel Fojt STACK_OF(CMS_CertificateChoices) *certificates; 160cca6fc52SDaniel Fojt STACK_OF(CMS_RevocationInfoChoice) *crls; 161cca6fc52SDaniel Fojt }; 162cca6fc52SDaniel Fojt 163cca6fc52SDaniel Fojt struct CMS_EncryptedContentInfo_st { 164cca6fc52SDaniel Fojt ASN1_OBJECT *contentType; 165cca6fc52SDaniel Fojt X509_ALGOR *contentEncryptionAlgorithm; 166cca6fc52SDaniel Fojt ASN1_OCTET_STRING *encryptedContent; 167cca6fc52SDaniel Fojt /* Content encryption algorithm and key */ 168cca6fc52SDaniel Fojt const EVP_CIPHER *cipher; 169cca6fc52SDaniel Fojt unsigned char *key; 170cca6fc52SDaniel Fojt size_t keylen; 171cca6fc52SDaniel Fojt /* Set to 1 if we are debugging decrypt and don't fake keys for MMA */ 172cca6fc52SDaniel Fojt int debug; 173cca6fc52SDaniel Fojt /* Set to 1 if we have no cert and need exta safety measures for MMA */ 174cca6fc52SDaniel Fojt int havenocert; 175cca6fc52SDaniel Fojt }; 176cca6fc52SDaniel Fojt 177cca6fc52SDaniel Fojt struct CMS_RecipientInfo_st { 178cca6fc52SDaniel Fojt int type; 179cca6fc52SDaniel Fojt union { 180cca6fc52SDaniel Fojt CMS_KeyTransRecipientInfo *ktri; 181cca6fc52SDaniel Fojt CMS_KeyAgreeRecipientInfo *kari; 182cca6fc52SDaniel Fojt CMS_KEKRecipientInfo *kekri; 183cca6fc52SDaniel Fojt CMS_PasswordRecipientInfo *pwri; 184cca6fc52SDaniel Fojt CMS_OtherRecipientInfo *ori; 185cca6fc52SDaniel Fojt } d; 186cca6fc52SDaniel Fojt }; 187cca6fc52SDaniel Fojt 188cca6fc52SDaniel Fojt typedef CMS_SignerIdentifier CMS_RecipientIdentifier; 189cca6fc52SDaniel Fojt 190cca6fc52SDaniel Fojt struct CMS_KeyTransRecipientInfo_st { 191cca6fc52SDaniel Fojt long version; 192cca6fc52SDaniel Fojt CMS_RecipientIdentifier *rid; 193cca6fc52SDaniel Fojt X509_ALGOR *keyEncryptionAlgorithm; 194cca6fc52SDaniel Fojt ASN1_OCTET_STRING *encryptedKey; 195cca6fc52SDaniel Fojt /* Recipient Key and cert */ 196cca6fc52SDaniel Fojt X509 *recip; 197cca6fc52SDaniel Fojt EVP_PKEY *pkey; 198cca6fc52SDaniel Fojt /* Public key context for this operation */ 199cca6fc52SDaniel Fojt EVP_PKEY_CTX *pctx; 200cca6fc52SDaniel Fojt }; 201cca6fc52SDaniel Fojt 202cca6fc52SDaniel Fojt struct CMS_KeyAgreeRecipientInfo_st { 203cca6fc52SDaniel Fojt long version; 204cca6fc52SDaniel Fojt CMS_OriginatorIdentifierOrKey *originator; 205cca6fc52SDaniel Fojt ASN1_OCTET_STRING *ukm; 206cca6fc52SDaniel Fojt X509_ALGOR *keyEncryptionAlgorithm; 207cca6fc52SDaniel Fojt STACK_OF(CMS_RecipientEncryptedKey) *recipientEncryptedKeys; 208cca6fc52SDaniel Fojt /* Public key context associated with current operation */ 209cca6fc52SDaniel Fojt EVP_PKEY_CTX *pctx; 210cca6fc52SDaniel Fojt /* Cipher context for CEK wrapping */ 211cca6fc52SDaniel Fojt EVP_CIPHER_CTX *ctx; 212cca6fc52SDaniel Fojt }; 213cca6fc52SDaniel Fojt 214cca6fc52SDaniel Fojt struct CMS_OriginatorIdentifierOrKey_st { 215cca6fc52SDaniel Fojt int type; 216cca6fc52SDaniel Fojt union { 217cca6fc52SDaniel Fojt CMS_IssuerAndSerialNumber *issuerAndSerialNumber; 218cca6fc52SDaniel Fojt ASN1_OCTET_STRING *subjectKeyIdentifier; 219cca6fc52SDaniel Fojt CMS_OriginatorPublicKey *originatorKey; 220cca6fc52SDaniel Fojt } d; 221cca6fc52SDaniel Fojt }; 222cca6fc52SDaniel Fojt 223cca6fc52SDaniel Fojt struct CMS_OriginatorPublicKey_st { 224cca6fc52SDaniel Fojt X509_ALGOR *algorithm; 225cca6fc52SDaniel Fojt ASN1_BIT_STRING *publicKey; 226cca6fc52SDaniel Fojt }; 227cca6fc52SDaniel Fojt 228cca6fc52SDaniel Fojt struct CMS_RecipientEncryptedKey_st { 229cca6fc52SDaniel Fojt CMS_KeyAgreeRecipientIdentifier *rid; 230cca6fc52SDaniel Fojt ASN1_OCTET_STRING *encryptedKey; 231cca6fc52SDaniel Fojt /* Public key associated with this recipient */ 232cca6fc52SDaniel Fojt EVP_PKEY *pkey; 233cca6fc52SDaniel Fojt }; 234cca6fc52SDaniel Fojt 235cca6fc52SDaniel Fojt struct CMS_KeyAgreeRecipientIdentifier_st { 236cca6fc52SDaniel Fojt int type; 237cca6fc52SDaniel Fojt union { 238cca6fc52SDaniel Fojt CMS_IssuerAndSerialNumber *issuerAndSerialNumber; 239cca6fc52SDaniel Fojt CMS_RecipientKeyIdentifier *rKeyId; 240cca6fc52SDaniel Fojt } d; 241cca6fc52SDaniel Fojt }; 242cca6fc52SDaniel Fojt 243cca6fc52SDaniel Fojt struct CMS_RecipientKeyIdentifier_st { 244cca6fc52SDaniel Fojt ASN1_OCTET_STRING *subjectKeyIdentifier; 245cca6fc52SDaniel Fojt ASN1_GENERALIZEDTIME *date; 246cca6fc52SDaniel Fojt CMS_OtherKeyAttribute *other; 247cca6fc52SDaniel Fojt }; 248cca6fc52SDaniel Fojt 249cca6fc52SDaniel Fojt struct CMS_KEKRecipientInfo_st { 250cca6fc52SDaniel Fojt long version; 251cca6fc52SDaniel Fojt CMS_KEKIdentifier *kekid; 252cca6fc52SDaniel Fojt X509_ALGOR *keyEncryptionAlgorithm; 253cca6fc52SDaniel Fojt ASN1_OCTET_STRING *encryptedKey; 254cca6fc52SDaniel Fojt /* Extra info: symmetric key to use */ 255cca6fc52SDaniel Fojt unsigned char *key; 256cca6fc52SDaniel Fojt size_t keylen; 257cca6fc52SDaniel Fojt }; 258cca6fc52SDaniel Fojt 259cca6fc52SDaniel Fojt struct CMS_KEKIdentifier_st { 260cca6fc52SDaniel Fojt ASN1_OCTET_STRING *keyIdentifier; 261cca6fc52SDaniel Fojt ASN1_GENERALIZEDTIME *date; 262cca6fc52SDaniel Fojt CMS_OtherKeyAttribute *other; 263cca6fc52SDaniel Fojt }; 264cca6fc52SDaniel Fojt 265cca6fc52SDaniel Fojt struct CMS_PasswordRecipientInfo_st { 266cca6fc52SDaniel Fojt long version; 267cca6fc52SDaniel Fojt X509_ALGOR *keyDerivationAlgorithm; 268cca6fc52SDaniel Fojt X509_ALGOR *keyEncryptionAlgorithm; 269cca6fc52SDaniel Fojt ASN1_OCTET_STRING *encryptedKey; 270cca6fc52SDaniel Fojt /* Extra info: password to use */ 271cca6fc52SDaniel Fojt unsigned char *pass; 272cca6fc52SDaniel Fojt size_t passlen; 273cca6fc52SDaniel Fojt }; 274cca6fc52SDaniel Fojt 275cca6fc52SDaniel Fojt struct CMS_OtherRecipientInfo_st { 276cca6fc52SDaniel Fojt ASN1_OBJECT *oriType; 277cca6fc52SDaniel Fojt ASN1_TYPE *oriValue; 278cca6fc52SDaniel Fojt }; 279cca6fc52SDaniel Fojt 280cca6fc52SDaniel Fojt struct CMS_DigestedData_st { 281cca6fc52SDaniel Fojt long version; 282cca6fc52SDaniel Fojt X509_ALGOR *digestAlgorithm; 283cca6fc52SDaniel Fojt CMS_EncapsulatedContentInfo *encapContentInfo; 284cca6fc52SDaniel Fojt ASN1_OCTET_STRING *digest; 285cca6fc52SDaniel Fojt }; 286cca6fc52SDaniel Fojt 287cca6fc52SDaniel Fojt struct CMS_EncryptedData_st { 288cca6fc52SDaniel Fojt long version; 289cca6fc52SDaniel Fojt CMS_EncryptedContentInfo *encryptedContentInfo; 290cca6fc52SDaniel Fojt STACK_OF(X509_ATTRIBUTE) *unprotectedAttrs; 291cca6fc52SDaniel Fojt }; 292cca6fc52SDaniel Fojt 293cca6fc52SDaniel Fojt struct CMS_AuthenticatedData_st { 294cca6fc52SDaniel Fojt long version; 295cca6fc52SDaniel Fojt CMS_OriginatorInfo *originatorInfo; 296cca6fc52SDaniel Fojt STACK_OF(CMS_RecipientInfo) *recipientInfos; 297cca6fc52SDaniel Fojt X509_ALGOR *macAlgorithm; 298cca6fc52SDaniel Fojt X509_ALGOR *digestAlgorithm; 299cca6fc52SDaniel Fojt CMS_EncapsulatedContentInfo *encapContentInfo; 300cca6fc52SDaniel Fojt STACK_OF(X509_ATTRIBUTE) *authAttrs; 301cca6fc52SDaniel Fojt ASN1_OCTET_STRING *mac; 302cca6fc52SDaniel Fojt STACK_OF(X509_ATTRIBUTE) *unauthAttrs; 303cca6fc52SDaniel Fojt }; 304cca6fc52SDaniel Fojt 305cca6fc52SDaniel Fojt struct CMS_CompressedData_st { 306cca6fc52SDaniel Fojt long version; 307cca6fc52SDaniel Fojt X509_ALGOR *compressionAlgorithm; 308cca6fc52SDaniel Fojt STACK_OF(CMS_RecipientInfo) *recipientInfos; 309cca6fc52SDaniel Fojt CMS_EncapsulatedContentInfo *encapContentInfo; 310cca6fc52SDaniel Fojt }; 311cca6fc52SDaniel Fojt 312cca6fc52SDaniel Fojt struct CMS_RevocationInfoChoice_st { 313cca6fc52SDaniel Fojt int type; 314cca6fc52SDaniel Fojt union { 315cca6fc52SDaniel Fojt X509_CRL *crl; 316cca6fc52SDaniel Fojt CMS_OtherRevocationInfoFormat *other; 317cca6fc52SDaniel Fojt } d; 318cca6fc52SDaniel Fojt }; 319cca6fc52SDaniel Fojt 320cca6fc52SDaniel Fojt #define CMS_REVCHOICE_CRL 0 321cca6fc52SDaniel Fojt #define CMS_REVCHOICE_OTHER 1 322cca6fc52SDaniel Fojt 323cca6fc52SDaniel Fojt struct CMS_OtherRevocationInfoFormat_st { 324cca6fc52SDaniel Fojt ASN1_OBJECT *otherRevInfoFormat; 325cca6fc52SDaniel Fojt ASN1_TYPE *otherRevInfo; 326cca6fc52SDaniel Fojt }; 327cca6fc52SDaniel Fojt 328cca6fc52SDaniel Fojt struct CMS_CertificateChoices { 329cca6fc52SDaniel Fojt int type; 330cca6fc52SDaniel Fojt union { 331cca6fc52SDaniel Fojt X509 *certificate; 332cca6fc52SDaniel Fojt ASN1_STRING *extendedCertificate; /* Obsolete */ 333cca6fc52SDaniel Fojt ASN1_STRING *v1AttrCert; /* Left encoded for now */ 334cca6fc52SDaniel Fojt ASN1_STRING *v2AttrCert; /* Left encoded for now */ 335cca6fc52SDaniel Fojt CMS_OtherCertificateFormat *other; 336cca6fc52SDaniel Fojt } d; 337cca6fc52SDaniel Fojt }; 338cca6fc52SDaniel Fojt 339cca6fc52SDaniel Fojt #define CMS_CERTCHOICE_CERT 0 340cca6fc52SDaniel Fojt #define CMS_CERTCHOICE_EXCERT 1 341cca6fc52SDaniel Fojt #define CMS_CERTCHOICE_V1ACERT 2 342cca6fc52SDaniel Fojt #define CMS_CERTCHOICE_V2ACERT 3 343cca6fc52SDaniel Fojt #define CMS_CERTCHOICE_OTHER 4 344cca6fc52SDaniel Fojt 345cca6fc52SDaniel Fojt struct CMS_OtherCertificateFormat_st { 346cca6fc52SDaniel Fojt ASN1_OBJECT *otherCertFormat; 347cca6fc52SDaniel Fojt ASN1_TYPE *otherCert; 348cca6fc52SDaniel Fojt }; 349cca6fc52SDaniel Fojt 350cca6fc52SDaniel Fojt /* 351cca6fc52SDaniel Fojt * This is also defined in pkcs7.h but we duplicate it to allow the CMS code 352cca6fc52SDaniel Fojt * to be independent of PKCS#7 353cca6fc52SDaniel Fojt */ 354cca6fc52SDaniel Fojt 355cca6fc52SDaniel Fojt struct CMS_IssuerAndSerialNumber_st { 356cca6fc52SDaniel Fojt X509_NAME *issuer; 357cca6fc52SDaniel Fojt ASN1_INTEGER *serialNumber; 358cca6fc52SDaniel Fojt }; 359cca6fc52SDaniel Fojt 360cca6fc52SDaniel Fojt struct CMS_OtherKeyAttribute_st { 361cca6fc52SDaniel Fojt ASN1_OBJECT *keyAttrId; 362cca6fc52SDaniel Fojt ASN1_TYPE *keyAttr; 363cca6fc52SDaniel Fojt }; 364cca6fc52SDaniel Fojt 365cca6fc52SDaniel Fojt /* ESS structures */ 366cca6fc52SDaniel Fojt 367cca6fc52SDaniel Fojt #ifdef HEADER_X509V3_H 368cca6fc52SDaniel Fojt 369cca6fc52SDaniel Fojt struct CMS_ReceiptRequest_st { 370cca6fc52SDaniel Fojt ASN1_OCTET_STRING *signedContentIdentifier; 371cca6fc52SDaniel Fojt CMS_ReceiptsFrom *receiptsFrom; 372cca6fc52SDaniel Fojt STACK_OF(GENERAL_NAMES) *receiptsTo; 373cca6fc52SDaniel Fojt }; 374cca6fc52SDaniel Fojt 375cca6fc52SDaniel Fojt struct CMS_ReceiptsFrom_st { 376cca6fc52SDaniel Fojt int type; 377cca6fc52SDaniel Fojt union { 378cca6fc52SDaniel Fojt long allOrFirstTier; 379cca6fc52SDaniel Fojt STACK_OF(GENERAL_NAMES) *receiptList; 380cca6fc52SDaniel Fojt } d; 381cca6fc52SDaniel Fojt }; 382cca6fc52SDaniel Fojt #endif 383cca6fc52SDaniel Fojt 384cca6fc52SDaniel Fojt struct CMS_Receipt_st { 385cca6fc52SDaniel Fojt long version; 386cca6fc52SDaniel Fojt ASN1_OBJECT *contentType; 387cca6fc52SDaniel Fojt ASN1_OCTET_STRING *signedContentIdentifier; 388cca6fc52SDaniel Fojt ASN1_OCTET_STRING *originatorSignatureValue; 389cca6fc52SDaniel Fojt }; 390cca6fc52SDaniel Fojt 391cca6fc52SDaniel Fojt CMS_ContentInfo *CMS_ContentInfo_new(void); 392cca6fc52SDaniel Fojt void CMS_ContentInfo_free(CMS_ContentInfo *a); 393cca6fc52SDaniel Fojt CMS_ContentInfo *d2i_CMS_ContentInfo(CMS_ContentInfo **a, const unsigned char **in, long len); 394cca6fc52SDaniel Fojt int i2d_CMS_ContentInfo(CMS_ContentInfo *a, unsigned char **out); 395cca6fc52SDaniel Fojt extern const ASN1_ITEM CMS_ContentInfo_it; 396cca6fc52SDaniel Fojt extern const ASN1_ITEM CMS_SignerInfo_it; 397cca6fc52SDaniel Fojt extern const ASN1_ITEM CMS_IssuerAndSerialNumber_it; 398cca6fc52SDaniel Fojt extern const ASN1_ITEM CMS_Attributes_Sign_it; 399cca6fc52SDaniel Fojt extern const ASN1_ITEM CMS_Attributes_Verify_it; 400cca6fc52SDaniel Fojt extern const ASN1_ITEM CMS_RecipientInfo_it; 401cca6fc52SDaniel Fojt extern const ASN1_ITEM CMS_PasswordRecipientInfo_it; 402cca6fc52SDaniel Fojt CMS_IssuerAndSerialNumber *CMS_IssuerAndSerialNumber_new(void); 403cca6fc52SDaniel Fojt void CMS_IssuerAndSerialNumber_free(CMS_IssuerAndSerialNumber *a); 404cca6fc52SDaniel Fojt 405cca6fc52SDaniel Fojt #define CMS_SIGNERINFO_ISSUER_SERIAL 0 406cca6fc52SDaniel Fojt #define CMS_SIGNERINFO_KEYIDENTIFIER 1 407cca6fc52SDaniel Fojt 408cca6fc52SDaniel Fojt #define CMS_RECIPINFO_ISSUER_SERIAL 0 409cca6fc52SDaniel Fojt #define CMS_RECIPINFO_KEYIDENTIFIER 1 410cca6fc52SDaniel Fojt 411cca6fc52SDaniel Fojt #define CMS_REK_ISSUER_SERIAL 0 412cca6fc52SDaniel Fojt #define CMS_REK_KEYIDENTIFIER 1 413cca6fc52SDaniel Fojt 414cca6fc52SDaniel Fojt #define CMS_OIK_ISSUER_SERIAL 0 415cca6fc52SDaniel Fojt #define CMS_OIK_KEYIDENTIFIER 1 416cca6fc52SDaniel Fojt #define CMS_OIK_PUBKEY 2 417cca6fc52SDaniel Fojt 418cca6fc52SDaniel Fojt BIO *cms_content_bio(CMS_ContentInfo *cms); 419cca6fc52SDaniel Fojt 420cca6fc52SDaniel Fojt CMS_ContentInfo *cms_Data_create(void); 421cca6fc52SDaniel Fojt 422cca6fc52SDaniel Fojt CMS_ContentInfo *cms_DigestedData_create(const EVP_MD *md); 423cca6fc52SDaniel Fojt BIO *cms_DigestedData_init_bio(CMS_ContentInfo *cms); 424cca6fc52SDaniel Fojt int cms_DigestedData_do_final(CMS_ContentInfo *cms, BIO *chain, int verify); 425cca6fc52SDaniel Fojt 426cca6fc52SDaniel Fojt BIO *cms_SignedData_init_bio(CMS_ContentInfo *cms); 427cca6fc52SDaniel Fojt int cms_SignedData_final(CMS_ContentInfo *cms, BIO *chain); 428cca6fc52SDaniel Fojt int cms_set1_SignerIdentifier(CMS_SignerIdentifier *sid, X509 *cert, int type); 429cca6fc52SDaniel Fojt int cms_SignerIdentifier_get0_signer_id(CMS_SignerIdentifier *sid, 430cca6fc52SDaniel Fojt ASN1_OCTET_STRING **keyid, X509_NAME **issuer, ASN1_INTEGER **sno); 431cca6fc52SDaniel Fojt int cms_SignerIdentifier_cert_cmp(CMS_SignerIdentifier *sid, X509 *cert); 432cca6fc52SDaniel Fojt 433cca6fc52SDaniel Fojt CMS_ContentInfo *cms_CompressedData_create(int comp_nid); 434cca6fc52SDaniel Fojt BIO *cms_CompressedData_init_bio(CMS_ContentInfo *cms); 435cca6fc52SDaniel Fojt 436cca6fc52SDaniel Fojt BIO *cms_DigestAlgorithm_init_bio(X509_ALGOR *digestAlgorithm); 437cca6fc52SDaniel Fojt int cms_DigestAlgorithm_find_ctx(EVP_MD_CTX *mctx, BIO *chain, 438cca6fc52SDaniel Fojt X509_ALGOR *mdalg); 439cca6fc52SDaniel Fojt 440cca6fc52SDaniel Fojt int cms_ias_cert_cmp(CMS_IssuerAndSerialNumber *ias, X509 *cert); 441cca6fc52SDaniel Fojt int cms_keyid_cert_cmp(ASN1_OCTET_STRING *keyid, X509 *cert); 442cca6fc52SDaniel Fojt int cms_set1_ias(CMS_IssuerAndSerialNumber **pias, X509 *cert); 443cca6fc52SDaniel Fojt int cms_set1_keyid(ASN1_OCTET_STRING **pkeyid, X509 *cert); 444cca6fc52SDaniel Fojt 445cca6fc52SDaniel Fojt BIO *cms_EncryptedContent_init_bio(CMS_EncryptedContentInfo *ec); 446cca6fc52SDaniel Fojt BIO *cms_EncryptedData_init_bio(CMS_ContentInfo *cms); 447cca6fc52SDaniel Fojt int cms_EncryptedContent_init(CMS_EncryptedContentInfo *ec, 448cca6fc52SDaniel Fojt const EVP_CIPHER *cipher, const unsigned char *key, size_t keylen); 449cca6fc52SDaniel Fojt 450cca6fc52SDaniel Fojt int cms_Receipt_verify(CMS_ContentInfo *cms, CMS_ContentInfo *req_cms); 451cca6fc52SDaniel Fojt int cms_msgSigDigest_add1(CMS_SignerInfo *dest, CMS_SignerInfo *src); 452cca6fc52SDaniel Fojt ASN1_OCTET_STRING *cms_encode_Receipt(CMS_SignerInfo *si); 453cca6fc52SDaniel Fojt 454cca6fc52SDaniel Fojt BIO *cms_EnvelopedData_init_bio(CMS_ContentInfo *cms); 455cca6fc52SDaniel Fojt CMS_EnvelopedData *cms_get0_enveloped(CMS_ContentInfo *cms); 456cca6fc52SDaniel Fojt int cms_env_asn1_ctrl(CMS_RecipientInfo *ri, int cmd); 457cca6fc52SDaniel Fojt int cms_pkey_get_ri_type(EVP_PKEY *pk); 458cca6fc52SDaniel Fojt /* KARI routines */ 459cca6fc52SDaniel Fojt int cms_RecipientInfo_kari_init(CMS_RecipientInfo *ri, X509 *recip, 460cca6fc52SDaniel Fojt EVP_PKEY *pk, unsigned int flags); 461cca6fc52SDaniel Fojt int cms_RecipientInfo_kari_encrypt(CMS_ContentInfo *cms, CMS_RecipientInfo *ri); 462cca6fc52SDaniel Fojt 463cca6fc52SDaniel Fojt /* PWRI routines */ 464cca6fc52SDaniel Fojt int cms_RecipientInfo_pwri_crypt(CMS_ContentInfo *cms, CMS_RecipientInfo *ri, 465cca6fc52SDaniel Fojt int en_de); 466cca6fc52SDaniel Fojt 467cca6fc52SDaniel Fojt extern const ASN1_ITEM CMS_CertificateChoices_it; 468cca6fc52SDaniel Fojt extern const ASN1_ITEM CMS_DigestedData_it; 469cca6fc52SDaniel Fojt extern const ASN1_ITEM CMS_EncryptedData_it; 470cca6fc52SDaniel Fojt extern const ASN1_ITEM CMS_EnvelopedData_it; 471cca6fc52SDaniel Fojt extern const ASN1_ITEM CMS_KEKRecipientInfo_it; 472cca6fc52SDaniel Fojt extern const ASN1_ITEM CMS_KeyAgreeRecipientInfo_it; 473cca6fc52SDaniel Fojt extern const ASN1_ITEM CMS_KeyTransRecipientInfo_it; 474cca6fc52SDaniel Fojt extern const ASN1_ITEM CMS_OriginatorPublicKey_it; 475cca6fc52SDaniel Fojt extern const ASN1_ITEM CMS_OtherKeyAttribute_it; 476cca6fc52SDaniel Fojt extern const ASN1_ITEM CMS_Receipt_it; 477cca6fc52SDaniel Fojt extern const ASN1_ITEM CMS_ReceiptRequest_it; 478cca6fc52SDaniel Fojt extern const ASN1_ITEM CMS_RecipientEncryptedKey_it; 479cca6fc52SDaniel Fojt extern const ASN1_ITEM CMS_RecipientKeyIdentifier_it; 480cca6fc52SDaniel Fojt extern const ASN1_ITEM CMS_RevocationInfoChoice_it; 481cca6fc52SDaniel Fojt extern const ASN1_ITEM CMS_SignedData_it; 482cca6fc52SDaniel Fojt extern const ASN1_ITEM CMS_CompressedData_it; 483cca6fc52SDaniel Fojt 484cca6fc52SDaniel Fojt #endif 485