| lh | 9ed821d | 2023-04-07 01:36:19 -0700 | [diff] [blame^] | 1 | /* |
| 2 | * Copyright 2008-2019 The OpenSSL Project Authors. All Rights Reserved. |
| 3 | * |
| 4 | * Licensed under the OpenSSL license (the "License"). You may not use |
| 5 | * this file except in compliance with the License. You can obtain a copy |
| 6 | * in the file LICENSE in the source distribution or at |
| 7 | * https://www.openssl.org/source/license.html |
| 8 | */ |
| 9 | |
| 10 | #ifndef HEADER_CMS_H |
| 11 | # define HEADER_CMS_H |
| 12 | |
| 13 | # include <openssl/opensslconf.h> |
| 14 | |
| 15 | # ifndef OPENSSL_NO_CMS |
| 16 | # include <openssl/x509.h> |
| 17 | # include <openssl/x509v3.h> |
| 18 | # include <openssl/cmserr.h> |
| 19 | # ifdef __cplusplus |
| 20 | extern "C" { |
| 21 | # endif |
| 22 | |
| 23 | typedef struct CMS_ContentInfo_st CMS_ContentInfo; |
| 24 | typedef struct CMS_SignerInfo_st CMS_SignerInfo; |
| 25 | typedef struct CMS_CertificateChoices CMS_CertificateChoices; |
| 26 | typedef struct CMS_RevocationInfoChoice_st CMS_RevocationInfoChoice; |
| 27 | typedef struct CMS_RecipientInfo_st CMS_RecipientInfo; |
| 28 | typedef struct CMS_ReceiptRequest_st CMS_ReceiptRequest; |
| 29 | typedef struct CMS_Receipt_st CMS_Receipt; |
| 30 | typedef struct CMS_RecipientEncryptedKey_st CMS_RecipientEncryptedKey; |
| 31 | typedef struct CMS_OtherKeyAttribute_st CMS_OtherKeyAttribute; |
| 32 | |
| 33 | DEFINE_STACK_OF(CMS_SignerInfo) |
| 34 | DEFINE_STACK_OF(CMS_RecipientEncryptedKey) |
| 35 | DEFINE_STACK_OF(CMS_RecipientInfo) |
| 36 | DEFINE_STACK_OF(CMS_RevocationInfoChoice) |
| 37 | DECLARE_ASN1_FUNCTIONS(CMS_ContentInfo) |
| 38 | DECLARE_ASN1_FUNCTIONS(CMS_ReceiptRequest) |
| 39 | DECLARE_ASN1_PRINT_FUNCTION(CMS_ContentInfo) |
| 40 | |
| 41 | # define CMS_SIGNERINFO_ISSUER_SERIAL 0 |
| 42 | # define CMS_SIGNERINFO_KEYIDENTIFIER 1 |
| 43 | |
| 44 | # define CMS_RECIPINFO_NONE -1 |
| 45 | # define CMS_RECIPINFO_TRANS 0 |
| 46 | # define CMS_RECIPINFO_AGREE 1 |
| 47 | # define CMS_RECIPINFO_KEK 2 |
| 48 | # define CMS_RECIPINFO_PASS 3 |
| 49 | # define CMS_RECIPINFO_OTHER 4 |
| 50 | |
| 51 | /* S/MIME related flags */ |
| 52 | |
| 53 | # define CMS_TEXT 0x1 |
| 54 | # define CMS_NOCERTS 0x2 |
| 55 | # define CMS_NO_CONTENT_VERIFY 0x4 |
| 56 | # define CMS_NO_ATTR_VERIFY 0x8 |
| 57 | # define CMS_NOSIGS \ |
| 58 | (CMS_NO_CONTENT_VERIFY|CMS_NO_ATTR_VERIFY) |
| 59 | # define CMS_NOINTERN 0x10 |
| 60 | # define CMS_NO_SIGNER_CERT_VERIFY 0x20 |
| 61 | # define CMS_NOVERIFY 0x20 |
| 62 | # define CMS_DETACHED 0x40 |
| 63 | # define CMS_BINARY 0x80 |
| 64 | # define CMS_NOATTR 0x100 |
| 65 | # define CMS_NOSMIMECAP 0x200 |
| 66 | # define CMS_NOOLDMIMETYPE 0x400 |
| 67 | # define CMS_CRLFEOL 0x800 |
| 68 | # define CMS_STREAM 0x1000 |
| 69 | # define CMS_NOCRL 0x2000 |
| 70 | # define CMS_PARTIAL 0x4000 |
| 71 | # define CMS_REUSE_DIGEST 0x8000 |
| 72 | # define CMS_USE_KEYID 0x10000 |
| 73 | # define CMS_DEBUG_DECRYPT 0x20000 |
| 74 | # define CMS_KEY_PARAM 0x40000 |
| 75 | # define CMS_ASCIICRLF 0x80000 |
| 76 | |
| 77 | const ASN1_OBJECT *CMS_get0_type(const CMS_ContentInfo *cms); |
| 78 | |
| 79 | BIO *CMS_dataInit(CMS_ContentInfo *cms, BIO *icont); |
| 80 | int CMS_dataFinal(CMS_ContentInfo *cms, BIO *bio); |
| 81 | |
| 82 | ASN1_OCTET_STRING **CMS_get0_content(CMS_ContentInfo *cms); |
| 83 | int CMS_is_detached(CMS_ContentInfo *cms); |
| 84 | int CMS_set_detached(CMS_ContentInfo *cms, int detached); |
| 85 | |
| 86 | # ifdef HEADER_PEM_H |
| 87 | DECLARE_PEM_rw_const(CMS, CMS_ContentInfo) |
| 88 | # endif |
| 89 | int CMS_stream(unsigned char ***boundary, CMS_ContentInfo *cms); |
| 90 | CMS_ContentInfo *d2i_CMS_bio(BIO *bp, CMS_ContentInfo **cms); |
| 91 | int i2d_CMS_bio(BIO *bp, CMS_ContentInfo *cms); |
| 92 | |
| 93 | BIO *BIO_new_CMS(BIO *out, CMS_ContentInfo *cms); |
| 94 | int i2d_CMS_bio_stream(BIO *out, CMS_ContentInfo *cms, BIO *in, int flags); |
| 95 | int PEM_write_bio_CMS_stream(BIO *out, CMS_ContentInfo *cms, BIO *in, |
| 96 | int flags); |
| 97 | CMS_ContentInfo *SMIME_read_CMS(BIO *bio, BIO **bcont); |
| 98 | int SMIME_write_CMS(BIO *bio, CMS_ContentInfo *cms, BIO *data, int flags); |
| 99 | |
| 100 | int CMS_final(CMS_ContentInfo *cms, BIO *data, BIO *dcont, |
| 101 | unsigned int flags); |
| 102 | |
| 103 | CMS_ContentInfo *CMS_sign(X509 *signcert, EVP_PKEY *pkey, |
| 104 | STACK_OF(X509) *certs, BIO *data, |
| 105 | unsigned int flags); |
| 106 | |
| 107 | CMS_ContentInfo *CMS_sign_receipt(CMS_SignerInfo *si, |
| 108 | X509 *signcert, EVP_PKEY *pkey, |
| 109 | STACK_OF(X509) *certs, unsigned int flags); |
| 110 | |
| 111 | int CMS_data(CMS_ContentInfo *cms, BIO *out, unsigned int flags); |
| 112 | CMS_ContentInfo *CMS_data_create(BIO *in, unsigned int flags); |
| 113 | |
| 114 | int CMS_digest_verify(CMS_ContentInfo *cms, BIO *dcont, BIO *out, |
| 115 | unsigned int flags); |
| 116 | CMS_ContentInfo *CMS_digest_create(BIO *in, const EVP_MD *md, |
| 117 | unsigned int flags); |
| 118 | |
| 119 | int CMS_EncryptedData_decrypt(CMS_ContentInfo *cms, |
| 120 | const unsigned char *key, size_t keylen, |
| 121 | BIO *dcont, BIO *out, unsigned int flags); |
| 122 | |
| 123 | CMS_ContentInfo *CMS_EncryptedData_encrypt(BIO *in, const EVP_CIPHER *cipher, |
| 124 | const unsigned char *key, |
| 125 | size_t keylen, unsigned int flags); |
| 126 | |
| 127 | int CMS_EncryptedData_set1_key(CMS_ContentInfo *cms, const EVP_CIPHER *ciph, |
| 128 | const unsigned char *key, size_t keylen); |
| 129 | |
| 130 | int CMS_verify(CMS_ContentInfo *cms, STACK_OF(X509) *certs, |
| 131 | X509_STORE *store, BIO *dcont, BIO *out, unsigned int flags); |
| 132 | |
| 133 | int CMS_verify_receipt(CMS_ContentInfo *rcms, CMS_ContentInfo *ocms, |
| 134 | STACK_OF(X509) *certs, |
| 135 | X509_STORE *store, unsigned int flags); |
| 136 | |
| 137 | STACK_OF(X509) *CMS_get0_signers(CMS_ContentInfo *cms); |
| 138 | |
| 139 | CMS_ContentInfo *CMS_encrypt(STACK_OF(X509) *certs, BIO *in, |
| 140 | const EVP_CIPHER *cipher, unsigned int flags); |
| 141 | |
| 142 | int CMS_decrypt(CMS_ContentInfo *cms, EVP_PKEY *pkey, X509 *cert, |
| 143 | BIO *dcont, BIO *out, unsigned int flags); |
| 144 | |
| 145 | int CMS_decrypt_set1_pkey(CMS_ContentInfo *cms, EVP_PKEY *pk, X509 *cert); |
| 146 | int CMS_decrypt_set1_key(CMS_ContentInfo *cms, |
| 147 | unsigned char *key, size_t keylen, |
| 148 | const unsigned char *id, size_t idlen); |
| 149 | int CMS_decrypt_set1_password(CMS_ContentInfo *cms, |
| 150 | unsigned char *pass, ossl_ssize_t passlen); |
| 151 | |
| 152 | STACK_OF(CMS_RecipientInfo) *CMS_get0_RecipientInfos(CMS_ContentInfo *cms); |
| 153 | int CMS_RecipientInfo_type(CMS_RecipientInfo *ri); |
| 154 | EVP_PKEY_CTX *CMS_RecipientInfo_get0_pkey_ctx(CMS_RecipientInfo *ri); |
| 155 | CMS_ContentInfo *CMS_EnvelopedData_create(const EVP_CIPHER *cipher); |
| 156 | CMS_RecipientInfo *CMS_add1_recipient_cert(CMS_ContentInfo *cms, |
| 157 | X509 *recip, unsigned int flags); |
| 158 | int CMS_RecipientInfo_set0_pkey(CMS_RecipientInfo *ri, EVP_PKEY *pkey); |
| 159 | int CMS_RecipientInfo_ktri_cert_cmp(CMS_RecipientInfo *ri, X509 *cert); |
| 160 | int CMS_RecipientInfo_ktri_get0_algs(CMS_RecipientInfo *ri, |
| 161 | EVP_PKEY **pk, X509 **recip, |
| 162 | X509_ALGOR **palg); |
| 163 | int CMS_RecipientInfo_ktri_get0_signer_id(CMS_RecipientInfo *ri, |
| 164 | ASN1_OCTET_STRING **keyid, |
| 165 | X509_NAME **issuer, |
| 166 | ASN1_INTEGER **sno); |
| 167 | |
| 168 | CMS_RecipientInfo *CMS_add0_recipient_key(CMS_ContentInfo *cms, int nid, |
| 169 | unsigned char *key, size_t keylen, |
| 170 | unsigned char *id, size_t idlen, |
| 171 | ASN1_GENERALIZEDTIME *date, |
| 172 | ASN1_OBJECT *otherTypeId, |
| 173 | ASN1_TYPE *otherType); |
| 174 | |
| 175 | int CMS_RecipientInfo_kekri_get0_id(CMS_RecipientInfo *ri, |
| 176 | X509_ALGOR **palg, |
| 177 | ASN1_OCTET_STRING **pid, |
| 178 | ASN1_GENERALIZEDTIME **pdate, |
| 179 | ASN1_OBJECT **potherid, |
| 180 | ASN1_TYPE **pothertype); |
| 181 | |
| 182 | int CMS_RecipientInfo_set0_key(CMS_RecipientInfo *ri, |
| 183 | unsigned char *key, size_t keylen); |
| 184 | |
| 185 | int CMS_RecipientInfo_kekri_id_cmp(CMS_RecipientInfo *ri, |
| 186 | const unsigned char *id, size_t idlen); |
| 187 | |
| 188 | int CMS_RecipientInfo_set0_password(CMS_RecipientInfo *ri, |
| 189 | unsigned char *pass, |
| 190 | ossl_ssize_t passlen); |
| 191 | |
| 192 | CMS_RecipientInfo *CMS_add0_recipient_password(CMS_ContentInfo *cms, |
| 193 | int iter, int wrap_nid, |
| 194 | int pbe_nid, |
| 195 | unsigned char *pass, |
| 196 | ossl_ssize_t passlen, |
| 197 | const EVP_CIPHER *kekciph); |
| 198 | |
| 199 | int CMS_RecipientInfo_decrypt(CMS_ContentInfo *cms, CMS_RecipientInfo *ri); |
| 200 | int CMS_RecipientInfo_encrypt(CMS_ContentInfo *cms, CMS_RecipientInfo *ri); |
| 201 | |
| 202 | int CMS_uncompress(CMS_ContentInfo *cms, BIO *dcont, BIO *out, |
| 203 | unsigned int flags); |
| 204 | CMS_ContentInfo *CMS_compress(BIO *in, int comp_nid, unsigned int flags); |
| 205 | |
| 206 | int CMS_set1_eContentType(CMS_ContentInfo *cms, const ASN1_OBJECT *oid); |
| 207 | const ASN1_OBJECT *CMS_get0_eContentType(CMS_ContentInfo *cms); |
| 208 | |
| 209 | CMS_CertificateChoices *CMS_add0_CertificateChoices(CMS_ContentInfo *cms); |
| 210 | int CMS_add0_cert(CMS_ContentInfo *cms, X509 *cert); |
| 211 | int CMS_add1_cert(CMS_ContentInfo *cms, X509 *cert); |
| 212 | STACK_OF(X509) *CMS_get1_certs(CMS_ContentInfo *cms); |
| 213 | |
| 214 | CMS_RevocationInfoChoice *CMS_add0_RevocationInfoChoice(CMS_ContentInfo *cms); |
| 215 | int CMS_add0_crl(CMS_ContentInfo *cms, X509_CRL *crl); |
| 216 | int CMS_add1_crl(CMS_ContentInfo *cms, X509_CRL *crl); |
| 217 | STACK_OF(X509_CRL) *CMS_get1_crls(CMS_ContentInfo *cms); |
| 218 | |
| 219 | int CMS_SignedData_init(CMS_ContentInfo *cms); |
| 220 | CMS_SignerInfo *CMS_add1_signer(CMS_ContentInfo *cms, |
| 221 | X509 *signer, EVP_PKEY *pk, const EVP_MD *md, |
| 222 | unsigned int flags); |
| 223 | EVP_PKEY_CTX *CMS_SignerInfo_get0_pkey_ctx(CMS_SignerInfo *si); |
| 224 | EVP_MD_CTX *CMS_SignerInfo_get0_md_ctx(CMS_SignerInfo *si); |
| 225 | STACK_OF(CMS_SignerInfo) *CMS_get0_SignerInfos(CMS_ContentInfo *cms); |
| 226 | |
| 227 | void CMS_SignerInfo_set1_signer_cert(CMS_SignerInfo *si, X509 *signer); |
| 228 | int CMS_SignerInfo_get0_signer_id(CMS_SignerInfo *si, |
| 229 | ASN1_OCTET_STRING **keyid, |
| 230 | X509_NAME **issuer, ASN1_INTEGER **sno); |
| 231 | int CMS_SignerInfo_cert_cmp(CMS_SignerInfo *si, X509 *cert); |
| 232 | int CMS_set1_signers_certs(CMS_ContentInfo *cms, STACK_OF(X509) *certs, |
| 233 | unsigned int flags); |
| 234 | void CMS_SignerInfo_get0_algs(CMS_SignerInfo *si, EVP_PKEY **pk, |
| 235 | X509 **signer, X509_ALGOR **pdig, |
| 236 | X509_ALGOR **psig); |
| 237 | ASN1_OCTET_STRING *CMS_SignerInfo_get0_signature(CMS_SignerInfo *si); |
| 238 | int CMS_SignerInfo_sign(CMS_SignerInfo *si); |
| 239 | int CMS_SignerInfo_verify(CMS_SignerInfo *si); |
| 240 | int CMS_SignerInfo_verify_content(CMS_SignerInfo *si, BIO *chain); |
| 241 | |
| 242 | int CMS_add_smimecap(CMS_SignerInfo *si, STACK_OF(X509_ALGOR) *algs); |
| 243 | int CMS_add_simple_smimecap(STACK_OF(X509_ALGOR) **algs, |
| 244 | int algnid, int keysize); |
| 245 | int CMS_add_standard_smimecap(STACK_OF(X509_ALGOR) **smcap); |
| 246 | |
| 247 | int CMS_signed_get_attr_count(const CMS_SignerInfo *si); |
| 248 | int CMS_signed_get_attr_by_NID(const CMS_SignerInfo *si, int nid, |
| 249 | int lastpos); |
| 250 | int CMS_signed_get_attr_by_OBJ(const CMS_SignerInfo *si, const ASN1_OBJECT *obj, |
| 251 | int lastpos); |
| 252 | X509_ATTRIBUTE *CMS_signed_get_attr(const CMS_SignerInfo *si, int loc); |
| 253 | X509_ATTRIBUTE *CMS_signed_delete_attr(CMS_SignerInfo *si, int loc); |
| 254 | int CMS_signed_add1_attr(CMS_SignerInfo *si, X509_ATTRIBUTE *attr); |
| 255 | int CMS_signed_add1_attr_by_OBJ(CMS_SignerInfo *si, |
| 256 | const ASN1_OBJECT *obj, int type, |
| 257 | const void *bytes, int len); |
| 258 | int CMS_signed_add1_attr_by_NID(CMS_SignerInfo *si, |
| 259 | int nid, int type, |
| 260 | const void *bytes, int len); |
| 261 | int CMS_signed_add1_attr_by_txt(CMS_SignerInfo *si, |
| 262 | const char *attrname, int type, |
| 263 | const void *bytes, int len); |
| 264 | void *CMS_signed_get0_data_by_OBJ(CMS_SignerInfo *si, const ASN1_OBJECT *oid, |
| 265 | int lastpos, int type); |
| 266 | |
| 267 | int CMS_unsigned_get_attr_count(const CMS_SignerInfo *si); |
| 268 | int CMS_unsigned_get_attr_by_NID(const CMS_SignerInfo *si, int nid, |
| 269 | int lastpos); |
| 270 | int CMS_unsigned_get_attr_by_OBJ(const CMS_SignerInfo *si, |
| 271 | const ASN1_OBJECT *obj, int lastpos); |
| 272 | X509_ATTRIBUTE *CMS_unsigned_get_attr(const CMS_SignerInfo *si, int loc); |
| 273 | X509_ATTRIBUTE *CMS_unsigned_delete_attr(CMS_SignerInfo *si, int loc); |
| 274 | int CMS_unsigned_add1_attr(CMS_SignerInfo *si, X509_ATTRIBUTE *attr); |
| 275 | int CMS_unsigned_add1_attr_by_OBJ(CMS_SignerInfo *si, |
| 276 | const ASN1_OBJECT *obj, int type, |
| 277 | const void *bytes, int len); |
| 278 | int CMS_unsigned_add1_attr_by_NID(CMS_SignerInfo *si, |
| 279 | int nid, int type, |
| 280 | const void *bytes, int len); |
| 281 | int CMS_unsigned_add1_attr_by_txt(CMS_SignerInfo *si, |
| 282 | const char *attrname, int type, |
| 283 | const void *bytes, int len); |
| 284 | void *CMS_unsigned_get0_data_by_OBJ(CMS_SignerInfo *si, ASN1_OBJECT *oid, |
| 285 | int lastpos, int type); |
| 286 | |
| 287 | int CMS_get1_ReceiptRequest(CMS_SignerInfo *si, CMS_ReceiptRequest **prr); |
| 288 | CMS_ReceiptRequest *CMS_ReceiptRequest_create0(unsigned char *id, int idlen, |
| 289 | int allorfirst, |
| 290 | STACK_OF(GENERAL_NAMES) |
| 291 | *receiptList, STACK_OF(GENERAL_NAMES) |
| 292 | *receiptsTo); |
| 293 | int CMS_add1_ReceiptRequest(CMS_SignerInfo *si, CMS_ReceiptRequest *rr); |
| 294 | void CMS_ReceiptRequest_get0_values(CMS_ReceiptRequest *rr, |
| 295 | ASN1_STRING **pcid, |
| 296 | int *pallorfirst, |
| 297 | STACK_OF(GENERAL_NAMES) **plist, |
| 298 | STACK_OF(GENERAL_NAMES) **prto); |
| 299 | int CMS_RecipientInfo_kari_get0_alg(CMS_RecipientInfo *ri, |
| 300 | X509_ALGOR **palg, |
| 301 | ASN1_OCTET_STRING **pukm); |
| 302 | STACK_OF(CMS_RecipientEncryptedKey) |
| 303 | *CMS_RecipientInfo_kari_get0_reks(CMS_RecipientInfo *ri); |
| 304 | |
| 305 | int CMS_RecipientInfo_kari_get0_orig_id(CMS_RecipientInfo *ri, |
| 306 | X509_ALGOR **pubalg, |
| 307 | ASN1_BIT_STRING **pubkey, |
| 308 | ASN1_OCTET_STRING **keyid, |
| 309 | X509_NAME **issuer, |
| 310 | ASN1_INTEGER **sno); |
| 311 | |
| 312 | int CMS_RecipientInfo_kari_orig_id_cmp(CMS_RecipientInfo *ri, X509 *cert); |
| 313 | |
| 314 | int CMS_RecipientEncryptedKey_get0_id(CMS_RecipientEncryptedKey *rek, |
| 315 | ASN1_OCTET_STRING **keyid, |
| 316 | ASN1_GENERALIZEDTIME **tm, |
| 317 | CMS_OtherKeyAttribute **other, |
| 318 | X509_NAME **issuer, ASN1_INTEGER **sno); |
| 319 | int CMS_RecipientEncryptedKey_cert_cmp(CMS_RecipientEncryptedKey *rek, |
| 320 | X509 *cert); |
| 321 | int CMS_RecipientInfo_kari_set0_pkey(CMS_RecipientInfo *ri, EVP_PKEY *pk); |
| 322 | EVP_CIPHER_CTX *CMS_RecipientInfo_kari_get0_ctx(CMS_RecipientInfo *ri); |
| 323 | int CMS_RecipientInfo_kari_decrypt(CMS_ContentInfo *cms, |
| 324 | CMS_RecipientInfo *ri, |
| 325 | CMS_RecipientEncryptedKey *rek); |
| 326 | |
| 327 | int CMS_SharedInfo_encode(unsigned char **pder, X509_ALGOR *kekalg, |
| 328 | ASN1_OCTET_STRING *ukm, int keylen); |
| 329 | |
| 330 | /* Backward compatibility for spelling errors. */ |
| 331 | # define CMS_R_UNKNOWN_DIGEST_ALGORITM CMS_R_UNKNOWN_DIGEST_ALGORITHM |
| 332 | # define CMS_R_UNSUPPORTED_RECPIENTINFO_TYPE \ |
| 333 | CMS_R_UNSUPPORTED_RECIPIENTINFO_TYPE |
| 334 | |
| 335 | # ifdef __cplusplus |
| 336 | } |
| 337 | # endif |
| 338 | # endif |
| 339 | #endif |