OpenSSL  1.0.1c
 All Classes Files Functions Variables Typedefs Enumerations Enumerator Macros
cms_lcl.h
Go to the documentation of this file.
1 /* crypto/cms/cms_lcl.h */
2 /* Written by Dr Stephen N Henson ([email protected]) for the OpenSSL
3  * project.
4  */
5 /* ====================================================================
6  * Copyright (c) 2008 The OpenSSL Project. All rights reserved.
7  *
8  * Redistribution and use in source and binary forms, with or without
9  * modification, are permitted provided that the following conditions
10  * are met:
11  *
12  * 1. Redistributions of source code must retain the above copyright
13  * notice, this list of conditions and the following disclaimer.
14  *
15  * 2. Redistributions in binary form must reproduce the above copyright
16  * notice, this list of conditions and the following disclaimer in
17  * the documentation and/or other materials provided with the
18  * distribution.
19  *
20  * 3. All advertising materials mentioning features or use of this
21  * software must display the following acknowledgment:
22  * "This product includes software developed by the OpenSSL Project
23  * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
24  *
25  * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
26  * endorse or promote products derived from this software without
27  * prior written permission. For written permission, please contact
28  * [email protected].
29  *
30  * 5. Products derived from this software may not be called "OpenSSL"
31  * nor may "OpenSSL" appear in their names without prior written
32  * permission of the OpenSSL Project.
33  *
34  * 6. Redistributions of any form whatsoever must retain the following
35  * acknowledgment:
36  * "This product includes software developed by the OpenSSL Project
37  * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
38  *
39  * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
40  * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
41  * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
42  * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
43  * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
44  * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
45  * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
46  * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
47  * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
48  * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
49  * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
50  * OF THE POSSIBILITY OF SUCH DAMAGE.
51  * ====================================================================
52  */
53 
54 #ifndef HEADER_CMS_LCL_H
55 #define HEADER_CMS_LCL_H
56 
57 #ifdef __cplusplus
58 extern "C" {
59 #endif
60 
61 #include <openssl/x509.h>
62 
63 /* Cryptographic message syntax (CMS) structures: taken
64  * from RFC3852
65  */
66 
67 /* Forward references */
68 
69 typedef struct CMS_IssuerAndSerialNumber_st CMS_IssuerAndSerialNumber;
70 typedef struct CMS_EncapsulatedContentInfo_st CMS_EncapsulatedContentInfo;
71 typedef struct CMS_SignerIdentifier_st CMS_SignerIdentifier;
72 typedef struct CMS_SignedData_st CMS_SignedData;
73 typedef struct CMS_OtherRevocationInfoFormat_st CMS_OtherRevocationInfoFormat;
74 typedef struct CMS_OriginatorInfo_st CMS_OriginatorInfo;
75 typedef struct CMS_EncryptedContentInfo_st CMS_EncryptedContentInfo;
76 typedef struct CMS_EnvelopedData_st CMS_EnvelopedData;
77 typedef struct CMS_DigestedData_st CMS_DigestedData;
78 typedef struct CMS_EncryptedData_st CMS_EncryptedData;
79 typedef struct CMS_AuthenticatedData_st CMS_AuthenticatedData;
80 typedef struct CMS_CompressedData_st CMS_CompressedData;
81 typedef struct CMS_OtherCertificateFormat_st CMS_OtherCertificateFormat;
82 typedef struct CMS_KeyTransRecipientInfo_st CMS_KeyTransRecipientInfo;
83 typedef struct CMS_OriginatorPublicKey_st CMS_OriginatorPublicKey;
84 typedef struct CMS_OriginatorIdentifierOrKey_st CMS_OriginatorIdentifierOrKey;
85 typedef struct CMS_KeyAgreeRecipientInfo_st CMS_KeyAgreeRecipientInfo;
86 typedef struct CMS_OtherKeyAttribute_st CMS_OtherKeyAttribute;
87 typedef struct CMS_RecipientKeyIdentifier_st CMS_RecipientKeyIdentifier;
88 typedef struct CMS_KeyAgreeRecipientIdentifier_st CMS_KeyAgreeRecipientIdentifier;
89 typedef struct CMS_RecipientEncryptedKey_st CMS_RecipientEncryptedKey;
90 typedef struct CMS_KEKIdentifier_st CMS_KEKIdentifier;
91 typedef struct CMS_KEKRecipientInfo_st CMS_KEKRecipientInfo;
92 typedef struct CMS_PasswordRecipientInfo_st CMS_PasswordRecipientInfo;
93 typedef struct CMS_OtherRecipientInfo_st CMS_OtherRecipientInfo;
94 typedef struct CMS_ReceiptsFrom_st CMS_ReceiptsFrom;
95 
96 struct CMS_ContentInfo_st
97  {
98  ASN1_OBJECT *contentType;
99  union {
100  ASN1_OCTET_STRING *data;
101  CMS_SignedData *signedData;
102  CMS_EnvelopedData *envelopedData;
103  CMS_DigestedData *digestedData;
104  CMS_EncryptedData *encryptedData;
105  CMS_AuthenticatedData *authenticatedData;
106  CMS_CompressedData *compressedData;
107  ASN1_TYPE *other;
108  /* Other types ... */
109  void *otherData;
110  } d;
111  };
112 
113 struct CMS_SignedData_st
114  {
115  long version;
116  STACK_OF(X509_ALGOR) *digestAlgorithms;
117  CMS_EncapsulatedContentInfo *encapContentInfo;
118  STACK_OF(CMS_CertificateChoices) *certificates;
119  STACK_OF(CMS_RevocationInfoChoice) *crls;
120  STACK_OF(CMS_SignerInfo) *signerInfos;
121  };
122 
123 struct CMS_EncapsulatedContentInfo_st
124  {
125  ASN1_OBJECT *eContentType;
126  ASN1_OCTET_STRING *eContent;
127  /* Set to 1 if incomplete structure only part set up */
128  int partial;
129  };
130 
131 struct CMS_SignerInfo_st
132  {
133  long version;
134  CMS_SignerIdentifier *sid;
135  X509_ALGOR *digestAlgorithm;
136  STACK_OF(X509_ATTRIBUTE) *signedAttrs;
137  X509_ALGOR *signatureAlgorithm;
138  ASN1_OCTET_STRING *signature;
139  STACK_OF(X509_ATTRIBUTE) *unsignedAttrs;
140  /* Signing certificate and key */
141  X509 *signer;
142  EVP_PKEY *pkey;
143  };
144 
145 struct CMS_SignerIdentifier_st
146  {
147  int type;
148  union {
149  CMS_IssuerAndSerialNumber *issuerAndSerialNumber;
150  ASN1_OCTET_STRING *subjectKeyIdentifier;
151  } d;
152  };
153 
154 struct CMS_EnvelopedData_st
155  {
156  long version;
157  CMS_OriginatorInfo *originatorInfo;
158  STACK_OF(CMS_RecipientInfo) *recipientInfos;
159  CMS_EncryptedContentInfo *encryptedContentInfo;
160  STACK_OF(X509_ATTRIBUTE) *unprotectedAttrs;
161  };
162 
163 struct CMS_OriginatorInfo_st
164  {
165  STACK_OF(CMS_CertificateChoices) *certificates;
166  STACK_OF(CMS_RevocationInfoChoice) *crls;
167  };
168 
169 struct CMS_EncryptedContentInfo_st
170  {
171  ASN1_OBJECT *contentType;
172  X509_ALGOR *contentEncryptionAlgorithm;
173  ASN1_OCTET_STRING *encryptedContent;
174  /* Content encryption algorithm and key */
175  const EVP_CIPHER *cipher;
176  unsigned char *key;
177  size_t keylen;
178  /* Set to 1 if we are debugging decrypt and don't fake keys for MMA */
179  int debug;
180  };
181 
182 struct CMS_RecipientInfo_st
183  {
184  int type;
185  union {
186  CMS_KeyTransRecipientInfo *ktri;
187  CMS_KeyAgreeRecipientInfo *kari;
188  CMS_KEKRecipientInfo *kekri;
189  CMS_PasswordRecipientInfo *pwri;
190  CMS_OtherRecipientInfo *ori;
191  } d;
192  };
193 
194 typedef CMS_SignerIdentifier CMS_RecipientIdentifier;
195 
196 struct CMS_KeyTransRecipientInfo_st
197  {
198  long version;
199  CMS_RecipientIdentifier *rid;
200  X509_ALGOR *keyEncryptionAlgorithm;
201  ASN1_OCTET_STRING *encryptedKey;
202  /* Recipient Key and cert */
203  X509 *recip;
204  EVP_PKEY *pkey;
205  };
206 
207 struct CMS_KeyAgreeRecipientInfo_st
208  {
209  long version;
210  CMS_OriginatorIdentifierOrKey *originator;
211  ASN1_OCTET_STRING *ukm;
212  X509_ALGOR *keyEncryptionAlgorithm;
213  STACK_OF(CMS_RecipientEncryptedKey) *recipientEncryptedKeys;
214  };
215 
216 struct CMS_OriginatorIdentifierOrKey_st
217  {
218  int type;
219  union {
220  CMS_IssuerAndSerialNumber *issuerAndSerialNumber;
221  ASN1_OCTET_STRING *subjectKeyIdentifier;
222  CMS_OriginatorPublicKey *originatorKey;
223  } d;
224  };
225 
226 struct CMS_OriginatorPublicKey_st
227  {
228  X509_ALGOR *algorithm;
229  ASN1_BIT_STRING *publicKey;
230  };
231 
232 struct CMS_RecipientEncryptedKey_st
233  {
234  CMS_KeyAgreeRecipientIdentifier *rid;
235  ASN1_OCTET_STRING *encryptedKey;
236  };
237 
238 struct CMS_KeyAgreeRecipientIdentifier_st
239  {
240  int type;
241  union {
242  CMS_IssuerAndSerialNumber *issuerAndSerialNumber;
243  CMS_RecipientKeyIdentifier *rKeyId;
244  } d;
245  };
246 
247 struct CMS_RecipientKeyIdentifier_st
248  {
249  ASN1_OCTET_STRING *subjectKeyIdentifier;
250  ASN1_GENERALIZEDTIME *date;
251  CMS_OtherKeyAttribute *other;
252  };
253 
254 struct CMS_KEKRecipientInfo_st
255  {
256  long version;
257  CMS_KEKIdentifier *kekid;
258  X509_ALGOR *keyEncryptionAlgorithm;
259  ASN1_OCTET_STRING *encryptedKey;
260  /* Extra info: symmetric key to use */
261  unsigned char *key;
262  size_t keylen;
263  };
264 
265 struct CMS_KEKIdentifier_st
266  {
267  ASN1_OCTET_STRING *keyIdentifier;
268  ASN1_GENERALIZEDTIME *date;
269  CMS_OtherKeyAttribute *other;
270  };
271 
272 struct CMS_PasswordRecipientInfo_st
273  {
274  long version;
275  X509_ALGOR *keyDerivationAlgorithm;
276  X509_ALGOR *keyEncryptionAlgorithm;
277  ASN1_OCTET_STRING *encryptedKey;
278  /* Extra info: password to use */
279  unsigned char *pass;
280  size_t passlen;
281  };
282 
283 struct CMS_OtherRecipientInfo_st
284  {
285  ASN1_OBJECT *oriType;
286  ASN1_TYPE *oriValue;
287  };
288 
289 struct CMS_DigestedData_st
290  {
291  long version;
292  X509_ALGOR *digestAlgorithm;
293  CMS_EncapsulatedContentInfo *encapContentInfo;
294  ASN1_OCTET_STRING *digest;
295  };
296 
297 struct CMS_EncryptedData_st
298  {
299  long version;
300  CMS_EncryptedContentInfo *encryptedContentInfo;
301  STACK_OF(X509_ATTRIBUTE) *unprotectedAttrs;
302  };
303 
304 struct CMS_AuthenticatedData_st
305  {
306  long version;
307  CMS_OriginatorInfo *originatorInfo;
308  STACK_OF(CMS_RecipientInfo) *recipientInfos;
309  X509_ALGOR *macAlgorithm;
310  X509_ALGOR *digestAlgorithm;
311  CMS_EncapsulatedContentInfo *encapContentInfo;
312  STACK_OF(X509_ATTRIBUTE) *authAttrs;
313  ASN1_OCTET_STRING *mac;
314  STACK_OF(X509_ATTRIBUTE) *unauthAttrs;
315  };
316 
317 struct CMS_CompressedData_st
318  {
319  long version;
320  X509_ALGOR *compressionAlgorithm;
321  STACK_OF(CMS_RecipientInfo) *recipientInfos;
322  CMS_EncapsulatedContentInfo *encapContentInfo;
323  };
324 
325 struct CMS_RevocationInfoChoice_st
326  {
327  int type;
328  union {
329  X509_CRL *crl;
330  CMS_OtherRevocationInfoFormat *other;
331  } d;
332  };
333 
334 #define CMS_REVCHOICE_CRL 0
335 #define CMS_REVCHOICE_OTHER 1
336 
337 struct CMS_OtherRevocationInfoFormat_st
338  {
339  ASN1_OBJECT *otherRevInfoFormat;
340  ASN1_TYPE *otherRevInfo;
341  };
342 
343 struct CMS_CertificateChoices
344  {
345  int type;
346  union {
347  X509 *certificate;
348  ASN1_STRING *extendedCertificate; /* Obsolete */
349  ASN1_STRING *v1AttrCert; /* Left encoded for now */
350  ASN1_STRING *v2AttrCert; /* Left encoded for now */
351  CMS_OtherCertificateFormat *other;
352  } d;
353  };
354 
355 #define CMS_CERTCHOICE_CERT 0
356 #define CMS_CERTCHOICE_EXCERT 1
357 #define CMS_CERTCHOICE_V1ACERT 2
358 #define CMS_CERTCHOICE_V2ACERT 3
359 #define CMS_CERTCHOICE_OTHER 4
360 
361 struct CMS_OtherCertificateFormat_st
362  {
363  ASN1_OBJECT *otherCertFormat;
364  ASN1_TYPE *otherCert;
365  };
366 
367 /* This is also defined in pkcs7.h but we duplicate it
368  * to allow the CMS code to be independent of PKCS#7
369  */
370 
371 struct CMS_IssuerAndSerialNumber_st
372  {
373  X509_NAME *issuer;
374  ASN1_INTEGER *serialNumber;
375  };
376 
377 struct CMS_OtherKeyAttribute_st
378  {
379  ASN1_OBJECT *keyAttrId;
380  ASN1_TYPE *keyAttr;
381  };
382 
383 /* ESS structures */
384 
385 #ifdef HEADER_X509V3_H
386 
387 struct CMS_ReceiptRequest_st
388  {
389  ASN1_OCTET_STRING *signedContentIdentifier;
390  CMS_ReceiptsFrom *receiptsFrom;
391  STACK_OF(GENERAL_NAMES) *receiptsTo;
392  };
393 
394 
395 struct CMS_ReceiptsFrom_st
396  {
397  int type;
398  union
399  {
400  long allOrFirstTier;
401  STACK_OF(GENERAL_NAMES) *receiptList;
402  } d;
403  };
404 #endif
405 
406 struct CMS_Receipt_st
407  {
408  long version;
409  ASN1_OBJECT *contentType;
410  ASN1_OCTET_STRING *signedContentIdentifier;
411  ASN1_OCTET_STRING *originatorSignatureValue;
412  };
413 
414 DECLARE_ASN1_FUNCTIONS(CMS_ContentInfo)
415 DECLARE_ASN1_ITEM(CMS_SignerInfo)
416 DECLARE_ASN1_ITEM(CMS_IssuerAndSerialNumber)
417 DECLARE_ASN1_ITEM(CMS_Attributes_Sign)
418 DECLARE_ASN1_ITEM(CMS_Attributes_Verify)
419 DECLARE_ASN1_ITEM(CMS_RecipientInfo)
420 DECLARE_ASN1_ITEM(CMS_PasswordRecipientInfo)
421 DECLARE_ASN1_ALLOC_FUNCTIONS(CMS_IssuerAndSerialNumber)
422 
423 #define CMS_SIGNERINFO_ISSUER_SERIAL 0
424 #define CMS_SIGNERINFO_KEYIDENTIFIER 1
425 
426 #define CMS_RECIPINFO_ISSUER_SERIAL 0
427 #define CMS_RECIPINFO_KEYIDENTIFIER 1
428 
429 BIO *cms_content_bio(CMS_ContentInfo *cms);
430 
431 CMS_ContentInfo *cms_Data_create(void);
432 
433 CMS_ContentInfo *cms_DigestedData_create(const EVP_MD *md);
434 BIO *cms_DigestedData_init_bio(CMS_ContentInfo *cms);
435 int cms_DigestedData_do_final(CMS_ContentInfo *cms, BIO *chain, int verify);
436 
437 BIO *cms_SignedData_init_bio(CMS_ContentInfo *cms);
438 int cms_SignedData_final(CMS_ContentInfo *cms, BIO *chain);
439 int cms_set1_SignerIdentifier(CMS_SignerIdentifier *sid, X509 *cert, int type);
440 int cms_SignerIdentifier_get0_signer_id(CMS_SignerIdentifier *sid,
441  ASN1_OCTET_STRING **keyid,
442  X509_NAME **issuer, ASN1_INTEGER **sno);
443 int cms_SignerIdentifier_cert_cmp(CMS_SignerIdentifier *sid, X509 *cert);
444 
445 CMS_ContentInfo *cms_CompressedData_create(int comp_nid);
446 BIO *cms_CompressedData_init_bio(CMS_ContentInfo *cms);
447 
448 void cms_DigestAlgorithm_set(X509_ALGOR *alg, const EVP_MD *md);
449 BIO *cms_DigestAlgorithm_init_bio(X509_ALGOR *digestAlgorithm);
450 int cms_DigestAlgorithm_find_ctx(EVP_MD_CTX *mctx, BIO *chain,
451  X509_ALGOR *mdalg);
452 
453 BIO *cms_EncryptedContent_init_bio(CMS_EncryptedContentInfo *ec);
454 BIO *cms_EncryptedData_init_bio(CMS_ContentInfo *cms);
455 int cms_EncryptedContent_init(CMS_EncryptedContentInfo *ec,
456  const EVP_CIPHER *cipher,
457  const unsigned char *key, size_t keylen);
458 
459 int cms_Receipt_verify(CMS_ContentInfo *cms, CMS_ContentInfo *req_cms);
460 int cms_msgSigDigest_add1(CMS_SignerInfo *dest, CMS_SignerInfo *src);
461 ASN1_OCTET_STRING *cms_encode_Receipt(CMS_SignerInfo *si);
462 
463 BIO *cms_EnvelopedData_init_bio(CMS_ContentInfo *cms);
464 CMS_EnvelopedData *cms_get0_enveloped(CMS_ContentInfo *cms);
465 
466 /* PWRI routines */
467 int cms_RecipientInfo_pwri_crypt(CMS_ContentInfo *cms, CMS_RecipientInfo *ri,
468  int en_de);
469 
470 #ifdef __cplusplus
471 }
472 #endif
473 #endif
Generated on Thu Jan 10 2013 09:53:35 for OpenSSL by   doxygen 1.8.2