| 1 | /* |
|---|---|
| 2 | * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved. |
| 3 | * |
| 4 | * Licensed under the OpenSSL license (the "License"). You may not use |
| 5 | * this file except in compliance with the License. You can obtain a copy |
| 6 | * in the file LICENSE in the source distribution or at |
| 7 | * https://www.openssl.org/source/license.html |
| 8 | */ |
| 9 | |
| 10 | #ifndef HEADER_PKCS7_H |
| 11 | # define HEADER_PKCS7_H |
| 12 | |
| 13 | # include <openssl/asn1.h> |
| 14 | # include <openssl/bio.h> |
| 15 | # include <openssl/e_os2.h> |
| 16 | |
| 17 | # include <openssl/symhacks.h> |
| 18 | # include <openssl/ossl_typ.h> |
| 19 | # include <openssl/pkcs7err.h> |
| 20 | |
| 21 | #ifdef __cplusplus |
| 22 | extern "C"{ |
| 23 | #endif |
| 24 | |
| 25 | /*- |
| 26 | Encryption_ID DES-CBC |
| 27 | Digest_ID MD5 |
| 28 | Digest_Encryption_ID rsaEncryption |
| 29 | Key_Encryption_ID rsaEncryption |
| 30 | */ |
| 31 | |
| 32 | typedef struct pkcs7_issuer_and_serial_st { |
| 33 | X509_NAME *issuer; |
| 34 | ASN1_INTEGER *serial; |
| 35 | } PKCS7_ISSUER_AND_SERIAL; |
| 36 | |
| 37 | typedef struct pkcs7_signer_info_st { |
| 38 | ASN1_INTEGER *version; /* version 1 */ |
| 39 | PKCS7_ISSUER_AND_SERIAL *issuer_and_serial; |
| 40 | X509_ALGOR *digest_alg; |
| 41 | STACK_OF(X509_ATTRIBUTE) *auth_attr; /* [ 0 ] */ |
| 42 | X509_ALGOR *digest_enc_alg; |
| 43 | ASN1_OCTET_STRING *enc_digest; |
| 44 | STACK_OF(X509_ATTRIBUTE) *unauth_attr; /* [ 1 ] */ |
| 45 | /* The private key to sign with */ |
| 46 | EVP_PKEY *pkey; |
| 47 | } PKCS7_SIGNER_INFO; |
| 48 | |
| 49 | DEFINE_STACK_OF(PKCS7_SIGNER_INFO) |
| 50 | |
| 51 | typedef struct pkcs7_recip_info_st { |
| 52 | ASN1_INTEGER *version; /* version 0 */ |
| 53 | PKCS7_ISSUER_AND_SERIAL *issuer_and_serial; |
| 54 | X509_ALGOR *key_enc_algor; |
| 55 | ASN1_OCTET_STRING *enc_key; |
| 56 | X509 *cert; /* get the pub-key from this */ |
| 57 | } PKCS7_RECIP_INFO; |
| 58 | |
| 59 | DEFINE_STACK_OF(PKCS7_RECIP_INFO) |
| 60 | |
| 61 | typedef struct pkcs7_signed_st { |
| 62 | ASN1_INTEGER *version; /* version 1 */ |
| 63 | STACK_OF(X509_ALGOR) *md_algs; /* md used */ |
| 64 | STACK_OF(X509) *cert; /* [ 0 ] */ |
| 65 | STACK_OF(X509_CRL) *crl; /* [ 1 ] */ |
| 66 | STACK_OF(PKCS7_SIGNER_INFO) *signer_info; |
| 67 | struct pkcs7_st *contents; |
| 68 | } PKCS7_SIGNED; |
| 69 | /* |
| 70 | * The above structure is very very similar to PKCS7_SIGN_ENVELOPE. How about |
| 71 | * merging the two |
| 72 | */ |
| 73 | |
| 74 | typedef struct pkcs7_enc_content_st { |
| 75 | ASN1_OBJECT *content_type; |
| 76 | X509_ALGOR *algorithm; |
| 77 | ASN1_OCTET_STRING *enc_data; /* [ 0 ] */ |
| 78 | const EVP_CIPHER *cipher; |
| 79 | } PKCS7_ENC_CONTENT; |
| 80 | |
| 81 | typedef struct pkcs7_enveloped_st { |
| 82 | ASN1_INTEGER *version; /* version 0 */ |
| 83 | STACK_OF(PKCS7_RECIP_INFO) *recipientinfo; |
| 84 | PKCS7_ENC_CONTENT *enc_data; |
| 85 | } PKCS7_ENVELOPE; |
| 86 | |
| 87 | typedef struct pkcs7_signedandenveloped_st { |
| 88 | ASN1_INTEGER *version; /* version 1 */ |
| 89 | STACK_OF(X509_ALGOR) *md_algs; /* md used */ |
| 90 | STACK_OF(X509) *cert; /* [ 0 ] */ |
| 91 | STACK_OF(X509_CRL) *crl; /* [ 1 ] */ |
| 92 | STACK_OF(PKCS7_SIGNER_INFO) *signer_info; |
| 93 | PKCS7_ENC_CONTENT *enc_data; |
| 94 | STACK_OF(PKCS7_RECIP_INFO) *recipientinfo; |
| 95 | } PKCS7_SIGN_ENVELOPE; |
| 96 | |
| 97 | typedef struct pkcs7_digest_st { |
| 98 | ASN1_INTEGER *version; /* version 0 */ |
| 99 | X509_ALGOR *md; /* md used */ |
| 100 | struct pkcs7_st *contents; |
| 101 | ASN1_OCTET_STRING *digest; |
| 102 | } PKCS7_DIGEST; |
| 103 | |
| 104 | typedef struct pkcs7_encrypted_st { |
| 105 | ASN1_INTEGER *version; /* version 0 */ |
| 106 | PKCS7_ENC_CONTENT *enc_data; |
| 107 | } PKCS7_ENCRYPT; |
| 108 | |
| 109 | typedef struct pkcs7_st { |
| 110 | /* |
| 111 | * The following is non NULL if it contains ASN1 encoding of this |
| 112 | * structure |
| 113 | */ |
| 114 | unsigned char *asn1; |
| 115 | long length; |
| 116 | # define PKCS7_S_HEADER 0 |
| 117 | # define PKCS7_S_BODY 1 |
| 118 | # define PKCS7_S_TAIL 2 |
| 119 | int state; /* used during processing */ |
| 120 | int detached; |
| 121 | ASN1_OBJECT *type; |
| 122 | /* content as defined by the type */ |
| 123 | /* |
| 124 | * all encryption/message digests are applied to the 'contents', leaving |
| 125 | * out the 'type' field. |
| 126 | */ |
| 127 | union { |
| 128 | char *ptr; |
| 129 | /* NID_pkcs7_data */ |
| 130 | ASN1_OCTET_STRING *data; |
| 131 | /* NID_pkcs7_signed */ |
| 132 | PKCS7_SIGNED *sign; |
| 133 | /* NID_pkcs7_enveloped */ |
| 134 | PKCS7_ENVELOPE *enveloped; |
| 135 | /* NID_pkcs7_signedAndEnveloped */ |
| 136 | PKCS7_SIGN_ENVELOPE *signed_and_enveloped; |
| 137 | /* NID_pkcs7_digest */ |
| 138 | PKCS7_DIGEST *digest; |
| 139 | /* NID_pkcs7_encrypted */ |
| 140 | PKCS7_ENCRYPT *encrypted; |
| 141 | /* Anything else */ |
| 142 | ASN1_TYPE *other; |
| 143 | } d; |
| 144 | } PKCS7; |
| 145 | |
| 146 | DEFINE_STACK_OF(PKCS7) |
| 147 | |
| 148 | # define PKCS7_OP_SET_DETACHED_SIGNATURE 1 |
| 149 | # define PKCS7_OP_GET_DETACHED_SIGNATURE 2 |
| 150 | |
| 151 | # define PKCS7_get_signed_attributes(si) ((si)->auth_attr) |
| 152 | # define PKCS7_get_attributes(si) ((si)->unauth_attr) |
| 153 | |
| 154 | # define PKCS7_type_is_signed(a) (OBJ_obj2nid((a)->type) == NID_pkcs7_signed) |
| 155 | # define PKCS7_type_is_encrypted(a) (OBJ_obj2nid((a)->type) == NID_pkcs7_encrypted) |
| 156 | # define PKCS7_type_is_enveloped(a) (OBJ_obj2nid((a)->type) == NID_pkcs7_enveloped) |
| 157 | # define PKCS7_type_is_signedAndEnveloped(a) \ |
| 158 | (OBJ_obj2nid((a)->type) == NID_pkcs7_signedAndEnveloped) |
| 159 | # define PKCS7_type_is_data(a) (OBJ_obj2nid((a)->type) == NID_pkcs7_data) |
| 160 | # define PKCS7_type_is_digest(a) (OBJ_obj2nid((a)->type) == NID_pkcs7_digest) |
| 161 | |
| 162 | # define PKCS7_set_detached(p,v) \ |
| 163 | PKCS7_ctrl(p,PKCS7_OP_SET_DETACHED_SIGNATURE,v,NULL) |
| 164 | # define PKCS7_get_detached(p) \ |
| 165 | PKCS7_ctrl(p,PKCS7_OP_GET_DETACHED_SIGNATURE,0,NULL) |
| 166 | |
| 167 | # define PKCS7_is_detached(p7) (PKCS7_type_is_signed(p7) && PKCS7_get_detached(p7)) |
| 168 | |
| 169 | /* S/MIME related flags */ |
| 170 | |
| 171 | # define PKCS7_TEXT 0x1 |
| 172 | # define PKCS7_NOCERTS 0x2 |
| 173 | # define PKCS7_NOSIGS 0x4 |
| 174 | # define PKCS7_NOCHAIN 0x8 |
| 175 | # define PKCS7_NOINTERN 0x10 |
| 176 | # define PKCS7_NOVERIFY 0x20 |
| 177 | # define PKCS7_DETACHED 0x40 |
| 178 | # define PKCS7_BINARY 0x80 |
| 179 | # define PKCS7_NOATTR 0x100 |
| 180 | # define PKCS7_NOSMIMECAP 0x200 |
| 181 | # define PKCS7_NOOLDMIMETYPE 0x400 |
| 182 | # define PKCS7_CRLFEOL 0x800 |
| 183 | # define PKCS7_STREAM 0x1000 |
| 184 | # define PKCS7_NOCRL 0x2000 |
| 185 | # define PKCS7_PARTIAL 0x4000 |
| 186 | # define PKCS7_REUSE_DIGEST 0x8000 |
| 187 | # define PKCS7_NO_DUAL_CONTENT 0x10000 |
| 188 | |
| 189 | /* Flags: for compatibility with older code */ |
| 190 | |
| 191 | # define SMIME_TEXT PKCS7_TEXT |
| 192 | # define SMIME_NOCERTS PKCS7_NOCERTS |
| 193 | # define SMIME_NOSIGS PKCS7_NOSIGS |
| 194 | # define SMIME_NOCHAIN PKCS7_NOCHAIN |
| 195 | # define SMIME_NOINTERN PKCS7_NOINTERN |
| 196 | # define SMIME_NOVERIFY PKCS7_NOVERIFY |
| 197 | # define SMIME_DETACHED PKCS7_DETACHED |
| 198 | # define SMIME_BINARY PKCS7_BINARY |
| 199 | # define SMIME_NOATTR PKCS7_NOATTR |
| 200 | |
| 201 | /* CRLF ASCII canonicalisation */ |
| 202 | # define SMIME_ASCIICRLF 0x80000 |
| 203 | |
| 204 | DECLARE_ASN1_FUNCTIONS(PKCS7_ISSUER_AND_SERIAL) |
| 205 | |
| 206 | int PKCS7_ISSUER_AND_SERIAL_digest(PKCS7_ISSUER_AND_SERIAL *data, |
| 207 | const EVP_MD *type, unsigned char *md, |
| 208 | unsigned int *len); |
| 209 | # ifndef OPENSSL_NO_STDIO |
| 210 | PKCS7 *d2i_PKCS7_fp(FILE *fp, PKCS7 **p7); |
| 211 | int i2d_PKCS7_fp(FILE *fp, PKCS7 *p7); |
| 212 | # endif |
| 213 | PKCS7 *PKCS7_dup(PKCS7 *p7); |
| 214 | PKCS7 *d2i_PKCS7_bio(BIO *bp, PKCS7 **p7); |
| 215 | int i2d_PKCS7_bio(BIO *bp, PKCS7 *p7); |
| 216 | int i2d_PKCS7_bio_stream(BIO *out, PKCS7 *p7, BIO *in, int flags); |
| 217 | int PEM_write_bio_PKCS7_stream(BIO *out, PKCS7 *p7, BIO *in, int flags); |
| 218 | |
| 219 | DECLARE_ASN1_FUNCTIONS(PKCS7_SIGNER_INFO) |
| 220 | DECLARE_ASN1_FUNCTIONS(PKCS7_RECIP_INFO) |
| 221 | DECLARE_ASN1_FUNCTIONS(PKCS7_SIGNED) |
| 222 | DECLARE_ASN1_FUNCTIONS(PKCS7_ENC_CONTENT) |
| 223 | DECLARE_ASN1_FUNCTIONS(PKCS7_ENVELOPE) |
| 224 | DECLARE_ASN1_FUNCTIONS(PKCS7_SIGN_ENVELOPE) |
| 225 | DECLARE_ASN1_FUNCTIONS(PKCS7_DIGEST) |
| 226 | DECLARE_ASN1_FUNCTIONS(PKCS7_ENCRYPT) |
| 227 | DECLARE_ASN1_FUNCTIONS(PKCS7) |
| 228 | |
| 229 | DECLARE_ASN1_ITEM(PKCS7_ATTR_SIGN) |
| 230 | DECLARE_ASN1_ITEM(PKCS7_ATTR_VERIFY) |
| 231 | |
| 232 | DECLARE_ASN1_NDEF_FUNCTION(PKCS7) |
| 233 | DECLARE_ASN1_PRINT_FUNCTION(PKCS7) |
| 234 | |
| 235 | long PKCS7_ctrl(PKCS7 *p7, int cmd, long larg, char *parg); |
| 236 | |
| 237 | int PKCS7_set_type(PKCS7 *p7, int type); |
| 238 | int PKCS7_set0_type_other(PKCS7 *p7, int type, ASN1_TYPE *other); |
| 239 | int PKCS7_set_content(PKCS7 *p7, PKCS7 *p7_data); |
| 240 | int PKCS7_SIGNER_INFO_set(PKCS7_SIGNER_INFO *p7i, X509 *x509, EVP_PKEY *pkey, |
| 241 | const EVP_MD *dgst); |
| 242 | int PKCS7_SIGNER_INFO_sign(PKCS7_SIGNER_INFO *si); |
| 243 | int PKCS7_add_signer(PKCS7 *p7, PKCS7_SIGNER_INFO *p7i); |
| 244 | int PKCS7_add_certificate(PKCS7 *p7, X509 *x509); |
| 245 | int PKCS7_add_crl(PKCS7 *p7, X509_CRL *x509); |
| 246 | int PKCS7_content_new(PKCS7 *p7, int nid); |
| 247 | int PKCS7_dataVerify(X509_STORE *cert_store, X509_STORE_CTX *ctx, |
| 248 | BIO *bio, PKCS7 *p7, PKCS7_SIGNER_INFO *si); |
| 249 | int PKCS7_signatureVerify(BIO *bio, PKCS7 *p7, PKCS7_SIGNER_INFO *si, |
| 250 | X509 *x509); |
| 251 | |
| 252 | BIO *PKCS7_dataInit(PKCS7 *p7, BIO *bio); |
| 253 | int PKCS7_dataFinal(PKCS7 *p7, BIO *bio); |
| 254 | BIO *PKCS7_dataDecode(PKCS7 *p7, EVP_PKEY *pkey, BIO *in_bio, X509 *pcert); |
| 255 | |
| 256 | PKCS7_SIGNER_INFO *PKCS7_add_signature(PKCS7 *p7, X509 *x509, |
| 257 | EVP_PKEY *pkey, const EVP_MD *dgst); |
| 258 | X509 *PKCS7_cert_from_signer_info(PKCS7 *p7, PKCS7_SIGNER_INFO *si); |
| 259 | int PKCS7_set_digest(PKCS7 *p7, const EVP_MD *md); |
| 260 | STACK_OF(PKCS7_SIGNER_INFO) *PKCS7_get_signer_info(PKCS7 *p7); |
| 261 | |
| 262 | PKCS7_RECIP_INFO *PKCS7_add_recipient(PKCS7 *p7, X509 *x509); |
| 263 | void PKCS7_SIGNER_INFO_get0_algs(PKCS7_SIGNER_INFO *si, EVP_PKEY **pk, |
| 264 | X509_ALGOR **pdig, X509_ALGOR **psig); |
| 265 | void PKCS7_RECIP_INFO_get0_alg(PKCS7_RECIP_INFO *ri, X509_ALGOR **penc); |
| 266 | int PKCS7_add_recipient_info(PKCS7 *p7, PKCS7_RECIP_INFO *ri); |
| 267 | int PKCS7_RECIP_INFO_set(PKCS7_RECIP_INFO *p7i, X509 *x509); |
| 268 | int PKCS7_set_cipher(PKCS7 *p7, const EVP_CIPHER *cipher); |
| 269 | int PKCS7_stream(unsigned char ***boundary, PKCS7 *p7); |
| 270 | |
| 271 | PKCS7_ISSUER_AND_SERIAL *PKCS7_get_issuer_and_serial(PKCS7 *p7, int idx); |
| 272 | ASN1_OCTET_STRING *PKCS7_digest_from_attributes(STACK_OF(X509_ATTRIBUTE) *sk); |
| 273 | int PKCS7_add_signed_attribute(PKCS7_SIGNER_INFO *p7si, int nid, int type, |
| 274 | void *data); |
| 275 | int PKCS7_add_attribute(PKCS7_SIGNER_INFO *p7si, int nid, int atrtype, |
| 276 | void *value); |
| 277 | ASN1_TYPE *PKCS7_get_attribute(PKCS7_SIGNER_INFO *si, int nid); |
| 278 | ASN1_TYPE *PKCS7_get_signed_attribute(PKCS7_SIGNER_INFO *si, int nid); |
| 279 | int PKCS7_set_signed_attributes(PKCS7_SIGNER_INFO *p7si, |
| 280 | STACK_OF(X509_ATTRIBUTE) *sk); |
| 281 | int PKCS7_set_attributes(PKCS7_SIGNER_INFO *p7si, |
| 282 | STACK_OF(X509_ATTRIBUTE) *sk); |
| 283 | |
| 284 | PKCS7 *PKCS7_sign(X509 *signcert, EVP_PKEY *pkey, STACK_OF(X509) *certs, |
| 285 | BIO *data, int flags); |
| 286 | |
| 287 | PKCS7_SIGNER_INFO *PKCS7_sign_add_signer(PKCS7 *p7, |
| 288 | X509 *signcert, EVP_PKEY *pkey, |
| 289 | const EVP_MD *md, int flags); |
| 290 | |
| 291 | int PKCS7_final(PKCS7 *p7, BIO *data, int flags); |
| 292 | int PKCS7_verify(PKCS7 *p7, STACK_OF(X509) *certs, X509_STORE *store, |
| 293 | BIO *indata, BIO *out, int flags); |
| 294 | STACK_OF(X509) *PKCS7_get0_signers(PKCS7 *p7, STACK_OF(X509) *certs, |
| 295 | int flags); |
| 296 | PKCS7 *PKCS7_encrypt(STACK_OF(X509) *certs, BIO *in, const EVP_CIPHER *cipher, |
| 297 | int flags); |
| 298 | int PKCS7_decrypt(PKCS7 *p7, EVP_PKEY *pkey, X509 *cert, BIO *data, |
| 299 | int flags); |
| 300 | |
| 301 | int PKCS7_add_attrib_smimecap(PKCS7_SIGNER_INFO *si, |
| 302 | STACK_OF(X509_ALGOR) *cap); |
| 303 | STACK_OF(X509_ALGOR) *PKCS7_get_smimecap(PKCS7_SIGNER_INFO *si); |
| 304 | int PKCS7_simple_smimecap(STACK_OF(X509_ALGOR) *sk, int nid, int arg); |
| 305 | |
| 306 | int PKCS7_add_attrib_content_type(PKCS7_SIGNER_INFO *si, ASN1_OBJECT *coid); |
| 307 | int PKCS7_add0_attrib_signing_time(PKCS7_SIGNER_INFO *si, ASN1_TIME *t); |
| 308 | int PKCS7_add1_attrib_digest(PKCS7_SIGNER_INFO *si, |
| 309 | const unsigned char *md, int mdlen); |
| 310 | |
| 311 | int SMIME_write_PKCS7(BIO *bio, PKCS7 *p7, BIO *data, int flags); |
| 312 | PKCS7 *SMIME_read_PKCS7(BIO *bio, BIO **bcont); |
| 313 | |
| 314 | BIO *BIO_new_PKCS7(BIO *out, PKCS7 *p7); |
| 315 | |
| 316 | # ifdef __cplusplus |
| 317 | } |
| 318 | # endif |
| 319 | #endif |
| 320 |
Generated while processing netbsd/crypto/external/bsd/heimdal/dist/lib/gssapi/krb5/8003.c
Generated on 2019-Jul-19 from project netbsd revision f9da89e0d
Powered by 
Code Browser 2.1
Generator usage only permitted with license.