[thirdparty/openssl.git] / crypto / cms / cms_lcl.h

/* crypto/cms/cms_lcl.h */
/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
 * project.
 */
/* ====================================================================
 * Copyright (c) 2008 The OpenSSL Project.  All rights reserved.
 *
 * Redistribution and use in source and binary forms, with or without
 * modification, are permitted provided that the following conditions
 * are met:
 *
 * 1. Redistributions of source code must retain the above copyright
 *    notice, this list of conditions and the following disclaimer. 
 *
 * 2. Redistributions in binary form must reproduce the above copyright
 *    notice, this list of conditions and the following disclaimer in
 *    the documentation and/or other materials provided with the
 *    distribution.
 *
 * 3. All advertising materials mentioning features or use of this
 *    software must display the following acknowledgment:
 *    "This product includes software developed by the OpenSSL Project
 *    for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
 *
 * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
 *    endorse or promote products derived from this software without
 *    prior written permission. For written permission, please contact
 *    licensing@OpenSSL.org.
 *
 * 5. Products derived from this software may not be called "OpenSSL"
 *    nor may "OpenSSL" appear in their names without prior written
 *    permission of the OpenSSL Project.
 *
 * 6. Redistributions of any form whatsoever must retain the following
 *    acknowledgment:
 *    "This product includes software developed by the OpenSSL Project
 *    for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
 *
 * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
 * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
 * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE OpenSSL PROJECT OR
 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
 * OF THE POSSIBILITY OF SUCH DAMAGE.
 * ====================================================================
 */

#ifndef HEADER_CMS_LCL_H
#define HEADER_CMS_LCL_H

#ifdef __cplusplus
extern "C" {
#endif

#include <openssl/x509.h>

/* Cryptographic message syntax (CMS) structures: taken
 * from RFC3852
 */

/* Forward references */

typedef struct CMS_IssuerAndSerialNumber_st CMS_IssuerAndSerialNumber;
typedef struct CMS_EncapsulatedContentInfo_st CMS_EncapsulatedContentInfo;
typedef struct CMS_SignerIdentifier_st CMS_SignerIdentifier;
typedef struct CMS_SignedData_st CMS_SignedData;
typedef struct CMS_OtherRevocationInfoFormat_st CMS_OtherRevocationInfoFormat;
typedef struct CMS_OriginatorInfo_st CMS_OriginatorInfo;
typedef struct CMS_EncryptedContentInfo_st CMS_EncryptedContentInfo;
typedef struct CMS_EnvelopedData_st CMS_EnvelopedData;
typedef struct CMS_DigestedData_st CMS_DigestedData;
typedef struct CMS_EncryptedData_st CMS_EncryptedData;
typedef struct CMS_AuthenticatedData_st CMS_AuthenticatedData;
typedef struct CMS_CompressedData_st CMS_CompressedData;
typedef struct CMS_OtherCertificateFormat_st CMS_OtherCertificateFormat;
typedef struct CMS_KeyTransRecipientInfo_st CMS_KeyTransRecipientInfo;
typedef struct CMS_OriginatorPublicKey_st CMS_OriginatorPublicKey;
typedef struct CMS_OriginatorIdentifierOrKey_st CMS_OriginatorIdentifierOrKey;
typedef struct CMS_KeyAgreeRecipientInfo_st CMS_KeyAgreeRecipientInfo;
typedef struct CMS_OtherKeyAttribute_st CMS_OtherKeyAttribute;
typedef struct CMS_RecipientKeyIdentifier_st CMS_RecipientKeyIdentifier;
typedef struct CMS_KeyAgreeRecipientIdentifier_st CMS_KeyAgreeRecipientIdentifier;
typedef struct CMS_RecipientEncryptedKey_st CMS_RecipientEncryptedKey;
typedef struct CMS_KEKIdentifier_st CMS_KEKIdentifier;
typedef struct CMS_KEKRecipientInfo_st CMS_KEKRecipientInfo;
typedef struct CMS_PasswordRecipientInfo_st CMS_PasswordRecipientInfo;
typedef struct CMS_OtherRecipientInfo_st CMS_OtherRecipientInfo;
typedef struct CMS_RecipientInfo_st CMS_RecipientInfo;

struct CMS_ContentInfo_st
	{
	ASN1_OBJECT *contentType;
	union	{
		ASN1_OCTET_STRING *data;
		CMS_SignedData *signedData;
		CMS_EnvelopedData *envelopedData;
		CMS_DigestedData *digestedData;
		CMS_EncryptedData *encryptedData;
		CMS_AuthenticatedData *authenticatedData;
		CMS_CompressedData *compressedData;
		ASN1_TYPE *other;
		/* Other types ... */
		void *otherData;
		} d;
	};

struct CMS_SignedData_st
	{
	long version;
	STACK_OF(X509_ALGOR) *digestAlgorithms;
	CMS_EncapsulatedContentInfo *encapContentInfo;
	STACK_OF(CMS_CertificateChoices) *certificates;
	STACK_OF(CMS_RevocationInfoChoice) *crls;
	STACK_OF(CMS_SignerInfo) *signerInfos;
	};
 
struct CMS_EncapsulatedContentInfo_st
	{
	ASN1_OBJECT *eContentType;
	ASN1_OCTET_STRING *eContent;
	};

struct CMS_SignerInfo_st
	{
	long version;
	CMS_SignerIdentifier *sid;
	X509_ALGOR *digestAlgorithm;
	STACK_OF(X509_ATTRIBUTE) *signedAttrs;
	X509_ALGOR *signatureAlgorithm;
	ASN1_OCTET_STRING *signature;
	STACK_OF(X509_ATTRIBUTE) *unsignedAttrs;
	/* Signing certificate and key */
	X509 *signer;
	EVP_PKEY *pkey;
	};

struct CMS_SignerIdentifier_st
	{
	int type;
	union	{
		CMS_IssuerAndSerialNumber *issuerAndSerialNumber;
		ASN1_OCTET_STRING *subjectKeyIdentifier;
		} d;
	};

struct CMS_EnvelopedData_st
	{
	long version;
	CMS_OriginatorInfo *originatorInfo;
	STACK_OF(CMS_RecipientInfo) *recipientInfos;
	CMS_EncryptedContentInfo *encryptedContentInfo;
	STACK_OF(X509_ATTRIBUTE) *unprotectedAttrs;
	};

struct CMS_OriginatorInfo_st
	{
	STACK_OF(CMS_CertificateChoices) *certificates;
	STACK_OF(CMS_RevocationInfoChoice) *crls;
	};

struct CMS_EncryptedContentInfo_st
	{
	ASN1_OBJECT *contentType;
	X509_ALGOR *contentEncryptionAlgorithm;
	ASN1_OCTET_STRING *encryptedContent;
	/* Content encryption algorithm and key */
	const EVP_CIPHER *cipher;
	unsigned char *key;
	size_t keylen;
	};

struct CMS_RecipientInfo_st
	{
 	int type;
 	union	{
  	 	CMS_KeyTransRecipientInfo *ktri;
   		CMS_KeyAgreeRecipientInfo *kari;
   		CMS_KEKRecipientInfo *kekri;
		CMS_PasswordRecipientInfo *pwri;
		CMS_OtherRecipientInfo *ori;
		} d;
	};

#define CMS_RECIPINFO_TRANS		0
#define CMS_RECIPINFO_AGREE		1
#define CMS_RECIPINFO_KEK		2
#define CMS_RECIPINFO_PASS		3
#define CMS_RECIPINFO_OTHER		4

typedef CMS_SignerIdentifier CMS_RecipientIdentifier;

struct CMS_KeyTransRecipientInfo_st
	{
	long version;
	CMS_RecipientIdentifier *rid;
	X509_ALGOR *keyEncryptionAlgorithm;
	ASN1_OCTET_STRING *encryptedKey;
	/* Recipient Key and cert */
	X509 *recip;
	EVP_PKEY *pkey;
	};

struct CMS_KeyAgreeRecipientInfo_st
	{
	long version;
	CMS_OriginatorIdentifierOrKey *originator;
	ASN1_OCTET_STRING *ukm;
 	X509_ALGOR *keyEncryptionAlgorithm;
	STACK_OF(CMS_RecipientEncryptedKey) *recipientEncryptedKeys;
	};

struct CMS_OriginatorIdentifierOrKey_st
	{
	int type;
	union	{
		CMS_IssuerAndSerialNumber *issuerAndSerialNumber;
		ASN1_OCTET_STRING *subjectKeyIdentifier;
		CMS_OriginatorPublicKey *originatorKey;
		} d;
	};

struct CMS_OriginatorPublicKey_st
	{
	X509_ALGOR *algorithm;
	ASN1_BIT_STRING *publicKey;
	};

struct CMS_RecipientEncryptedKey_st
	{
 	CMS_KeyAgreeRecipientIdentifier *rid;
 	ASN1_OCTET_STRING *encryptedKey;
	};

struct CMS_KeyAgreeRecipientIdentifier_st
	{
	int type;
	union	{
		CMS_IssuerAndSerialNumber *issuerAndSerialNumber;
		CMS_RecipientKeyIdentifier *rKeyId;
		} d;
	};

struct CMS_RecipientKeyIdentifier_st
	{
 	ASN1_OCTET_STRING *subjectKeyIdentifier;
 	ASN1_GENERALIZEDTIME *date;
 	CMS_OtherKeyAttribute *other;
	};

struct CMS_KEKRecipientInfo_st
	{
 	long version;
 	CMS_KEKIdentifier *kekid;
 	X509_ALGOR *keyEncryptionAlgorithm;
 	ASN1_OCTET_STRING *encryptedKey;
	/* Extra info: symmetric key to use */
	unsigned char *key;
	size_t keylen;
	};

struct CMS_KEKIdentifier_st
	{
 	ASN1_OCTET_STRING *keyIdentifier;
 	ASN1_GENERALIZEDTIME *date;
 	CMS_OtherKeyAttribute *other;
	};

struct CMS_PasswordRecipientInfo_st
	{
 	long version;
 	X509_ALGOR *keyDerivationAlgorithm;
 	X509_ALGOR *keyEncryptionAlgorithm;
 	ASN1_OCTET_STRING *encryptedKey;
	};

struct CMS_OtherRecipientInfo_st
	{
 	ASN1_OBJECT *oriType;
 	ASN1_TYPE *oriValue;
	};

struct CMS_DigestedData_st
	{
	long version;
	X509_ALGOR *digestAlgorithm;
	CMS_EncapsulatedContentInfo *encapContentInfo;
	ASN1_OCTET_STRING *digest;
	};

struct CMS_EncryptedData_st
	{
	long version;
	CMS_EncryptedContentInfo *encryptedContentInfo;
	STACK_OF(X509_ATTRIBUTE) *unprotectedAttrs;
	};

struct CMS_AuthenticatedData_st
	{
	long version;
	CMS_OriginatorInfo *originatorInfo;
	STACK_OF(CMS_RecipientInfo) *recipientInfos;
	X509_ALGOR *macAlgorithm;
	X509_ALGOR *digestAlgorithm;
	CMS_EncapsulatedContentInfo *encapContentInfo;
	STACK_OF(X509_ATTRIBUTE) *authAttrs;
	ASN1_OCTET_STRING *mac;
	STACK_OF(X509_ATTRIBUTE) *unauthAttrs;
	};

struct CMS_CompressedData_st
	{
	long version;
	X509_ALGOR *compressionAlgorithm;
	STACK_OF(CMS_RecipientInfo) *recipientInfos;
	CMS_EncapsulatedContentInfo *encapContentInfo;
	};

struct CMS_RevocationInfoChoice_st
	{
	int type;
	union	{
		X509_CRL *crl;
		CMS_OtherRevocationInfoFormat *other;
		} d;
	};

#define CMS_REVCHOICE_CRL		0
#define CMS_REVCHOICE_OTHER		1

struct CMS_OtherRevocationInfoFormat_st
	{
	ASN1_OBJECT *otherRevInfoFormat;
 	ASN1_TYPE *otherRevInfo;
	};

struct CMS_CertificateChoices
	{
	int type;
		union {
		X509 *certificate;
		ASN1_STRING *extendedCertificate;	/* Obsolete */
		ASN1_STRING *v1AttrCert;	/* Left encoded for now */
		ASN1_STRING *v2AttrCert;	/* Left encoded for now */
		CMS_OtherCertificateFormat *other;
		} d;
	};

#define CMS_CERTCHOICE_CERT		0
#define CMS_CERTCHOICE_EXCERT		1
#define CMS_CERTCHOICE_V1ACERT		2
#define CMS_CERTCHOICE_V2ACERT		3
#define CMS_CERTCHOICE_OTHER		4

struct CMS_OtherCertificateFormat_st
	{
	ASN1_OBJECT *otherCertFormat;
 	ASN1_TYPE *otherCert;
	};

/* This is also defined in pkcs7.h but we duplicate it
 * to allow the CMS code to be independent of PKCS#7
 */

struct CMS_IssuerAndSerialNumber_st
	{
	X509_NAME *issuer;
	ASN1_INTEGER *serialNumber;
	};

struct CMS_OtherKeyAttribute_st
	{
	ASN1_OBJECT *keyAttrId;
 	ASN1_TYPE *keyAttr;
	};

DECLARE_ASN1_FUNCTIONS(CMS_ContentInfo)
DECLARE_ASN1_ITEM(CMS_SignerInfo)
DECLARE_ASN1_ITEM(CMS_IssuerAndSerialNumber)
DECLARE_ASN1_ITEM(CMS_Attributes_Sign)
DECLARE_ASN1_ITEM(CMS_Attributes_Verify)
DECLARE_ASN1_ALLOC_FUNCTIONS(CMS_IssuerAndSerialNumber)

#define CMS_SIGNERINFO_ISSUER_SERIAL	0
#define CMS_SIGNERINFO_KEYIDENTIFIER	1

#define CMS_RECIPINFO_ISSUER_SERIAL	0
#define CMS_RECIPINFO_KEYIDENTIFIER	1

BIO *cms_content_bio(CMS_ContentInfo *cms);

CMS_ContentInfo *cms_Data_create(void);

CMS_ContentInfo *cms_DigestedData_create(const EVP_MD *md);
BIO *cms_DigestedData_init_bio(CMS_ContentInfo *cms);
int cms_DigestedData_do_final(CMS_ContentInfo *cms, BIO *chain, int verify);

BIO *cms_SignedData_init_bio(CMS_ContentInfo *cms);
int cms_SignedData_final(CMS_ContentInfo *cms, BIO *chain);
int cms_set1_SignerIdentifier(CMS_SignerIdentifier *sid, X509 *cert, int type);
int cms_SignerIdentifier_get0_signer_id(CMS_SignerIdentifier *sid,
					ASN1_OCTET_STRING **keyid,
					X509_NAME **issuer, ASN1_INTEGER **sno);
int cms_SignerIdentifier_cert_cmp(CMS_SignerIdentifier *sid, X509 *cert);

CMS_ContentInfo *cms_CompressedData_create(int comp_nid);
BIO *cms_CompressedData_init_bio(CMS_ContentInfo *cms);

void cms_DigestAlgorithm_set(X509_ALGOR *alg, const EVP_MD *md);
BIO *cms_DigestAlgorithm_init_bio(X509_ALGOR *digestAlgorithm);
int cms_DigestAlgorithm_find_ctx(EVP_MD_CTX *mctx, BIO *chain,
					X509_ALGOR *mdalg);

BIO *cms_EncryptedContent_encrypt_bio(CMS_EncryptedContentInfo *ec);
BIO *cms_EncryptedContent_decrypt_bio(CMS_EncryptedContentInfo *ec);
BIO *cms_EncryptedData_init_bio(CMS_ContentInfo *cms);
	
#ifdef  __cplusplus
}
#endif
#endif
Commit	Line	Data
8931b30d DSH	1	/* crypto/cms/cms_lcl.h */
	2	/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
	3	* project.
	4	*/
	5	/* ====================================================================
	6	* Copyright (c) 2008 The OpenSSL Project. All rights reserved.
	7	*
	8	* Redistribution and use in source and binary forms, with or without
	9	* modification, are permitted provided that the following conditions
	10	* are met:
	11	*
	12	* 1. Redistributions of source code must retain the above copyright
	13	* notice, this list of conditions and the following disclaimer.
	14	*
	15	* 2. Redistributions in binary form must reproduce the above copyright
	16	* notice, this list of conditions and the following disclaimer in
	17	* the documentation and/or other materials provided with the
	18	* distribution.
	19	*
	20	* 3. All advertising materials mentioning features or use of this
	21	* software must display the following acknowledgment:
	22	* "This product includes software developed by the OpenSSL Project
	23	* for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
	24	*
	25	* 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
	26	* endorse or promote products derived from this software without
	27	* prior written permission. For written permission, please contact
	28	* licensing@OpenSSL.org.
	29	*
	30	* 5. Products derived from this software may not be called "OpenSSL"
	31	* nor may "OpenSSL" appear in their names without prior written
	32	* permission of the OpenSSL Project.
	33	*
	34	* 6. Redistributions of any form whatsoever must retain the following
	35	* acknowledgment:
	36	* "This product includes software developed by the OpenSSL Project
	37	* for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
	38	*
	39	* THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
	40	* EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
	41	* IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
	42	* PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
	43	* ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
	44	* SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
	45	* NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
	46	* LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
	47	* HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
	48	* STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
	49	* ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
	50	* OF THE POSSIBILITY OF SUCH DAMAGE.
	51	* ====================================================================
	52	*/
	53
	54	#ifndef HEADER_CMS_LCL_H
	55	#define HEADER_CMS_LCL_H
	56
	57	#ifdef __cplusplus
	58	extern "C" {
	59	#endif
	60
	61	#include <openssl/x509.h>
	62
	63	/* Cryptographic message syntax (CMS) structures: taken
	64	* from RFC3852
65	*/
66
67	/* Forward references */
68
69	typedef struct CMS_IssuerAndSerialNumber_st CMS_IssuerAndSerialNumber;
70	typedef struct CMS_EncapsulatedContentInfo_st CMS_EncapsulatedContentInfo;
71	typedef struct CMS_SignerIdentifier_st CMS_SignerIdentifier;
72	typedef struct CMS_SignedData_st CMS_SignedData;
73	typedef struct CMS_OtherRevocationInfoFormat_st CMS_OtherRevocationInfoFormat;
74	typedef struct CMS_OriginatorInfo_st CMS_OriginatorInfo;
75	typedef struct CMS_EncryptedContentInfo_st CMS_EncryptedContentInfo;
76	typedef struct CMS_EnvelopedData_st CMS_EnvelopedData;
77	typedef struct CMS_DigestedData_st CMS_DigestedData;
78	typedef struct CMS_EncryptedData_st CMS_EncryptedData;
79	typedef struct CMS_AuthenticatedData_st CMS_AuthenticatedData;
80	typedef struct CMS_CompressedData_st CMS_CompressedData;
81	typedef struct CMS_OtherCertificateFormat_st CMS_OtherCertificateFormat;
82	typedef struct CMS_KeyTransRecipientInfo_st CMS_KeyTransRecipientInfo;
83	typedef struct CMS_OriginatorPublicKey_st CMS_OriginatorPublicKey;
84	typedef struct CMS_OriginatorIdentifierOrKey_st CMS_OriginatorIdentifierOrKey;
85	typedef struct CMS_KeyAgreeRecipientInfo_st CMS_KeyAgreeRecipientInfo;
86	typedef struct CMS_OtherKeyAttribute_st CMS_OtherKeyAttribute;
87	typedef struct CMS_RecipientKeyIdentifier_st CMS_RecipientKeyIdentifier;
88	typedef struct CMS_KeyAgreeRecipientIdentifier_st CMS_KeyAgreeRecipientIdentifier;
89	typedef struct CMS_RecipientEncryptedKey_st CMS_RecipientEncryptedKey;
90	typedef struct CMS_KEKIdentifier_st CMS_KEKIdentifier;
91	typedef struct CMS_KEKRecipientInfo_st CMS_KEKRecipientInfo;
92	typedef struct CMS_PasswordRecipientInfo_st CMS_PasswordRecipientInfo;
93	typedef struct CMS_OtherRecipientInfo_st CMS_OtherRecipientInfo;
94	typedef struct CMS_RecipientInfo_st CMS_RecipientInfo;
95
96	struct CMS_ContentInfo_st
97	{
98	ASN1_OBJECT *contentType;
99	union {
100	ASN1_OCTET_STRING *data;
101	CMS_SignedData *signedData;
102	CMS_EnvelopedData *envelopedData;
103	CMS_DigestedData *digestedData;
104	CMS_EncryptedData *encryptedData;
105	CMS_AuthenticatedData *authenticatedData;
106	CMS_CompressedData *compressedData;
107	ASN1_TYPE *other;
108	/* Other types ... */
109	void *otherData;
110	} d;
111	};
112
113	struct CMS_SignedData_st
114	{
115	long version;
116	STACK_OF(X509_ALGOR) *digestAlgorithms;
117	CMS_EncapsulatedContentInfo *encapContentInfo;
118	STACK_OF(CMS_CertificateChoices) *certificates;
119	STACK_OF(CMS_RevocationInfoChoice) *crls;
120	STACK_OF(CMS_SignerInfo) *signerInfos;
121	};
122
123	struct CMS_EncapsulatedContentInfo_st
124	{
125	ASN1_OBJECT *eContentType;
126	ASN1_OCTET_STRING *eContent;
127	};
128
129	struct CMS_SignerInfo_st
130	{
131	long version;
132	CMS_SignerIdentifier *sid;
133	X509_ALGOR *digestAlgorithm;
134	STACK_OF(X509_ATTRIBUTE) *signedAttrs;
135	X509_ALGOR *signatureAlgorithm;
136	ASN1_OCTET_STRING *signature;
137	STACK_OF(X509_ATTRIBUTE) *unsignedAttrs;
138	/* Signing certificate and key */
139	X509 *signer;
140	EVP_PKEY *pkey;
141	};
142
143	struct CMS_SignerIdentifier_st
144	{
145	int type;
146	union {
147	CMS_IssuerAndSerialNumber *issuerAndSerialNumber;
148	ASN1_OCTET_STRING *subjectKeyIdentifier;
149	} d;
150	};
151
152	struct CMS_EnvelopedData_st
153	{
154	long version;
155	CMS_OriginatorInfo *originatorInfo;
156	STACK_OF(CMS_RecipientInfo) *recipientInfos;
157	CMS_EncryptedContentInfo *encryptedContentInfo;
158	STACK_OF(X509_ATTRIBUTE) *unprotectedAttrs;
159	};
160
161	struct CMS_OriginatorInfo_st
162	{
163	STACK_OF(CMS_CertificateChoices) *certificates;
164	STACK_OF(CMS_RevocationInfoChoice) *crls;
165	};
166
167	struct CMS_EncryptedContentInfo_st
168	{
169	ASN1_OBJECT *contentType;
170	X509_ALGOR *contentEncryptionAlgorithm;
171	ASN1_OCTET_STRING *encryptedContent;
320bfc1b DSH	172	/* Content encryption algorithm and key */
	173	const EVP_CIPHER *cipher;
	174	unsigned char *key;
	175	size_t keylen;
8931b30d DSH	176	};
	177
	178	struct CMS_RecipientInfo_st
	179	{
	180	int type;
	181	union {
	182	CMS_KeyTransRecipientInfo *ktri;
	183	CMS_KeyAgreeRecipientInfo *kari;
	184	CMS_KEKRecipientInfo *kekri;
	185	CMS_PasswordRecipientInfo *pwri;
	186	CMS_OtherRecipientInfo *ori;
	187	} d;
	188	};
	189
	190	#define CMS_RECIPINFO_TRANS 0
	191	#define CMS_RECIPINFO_AGREE 1
	192	#define CMS_RECIPINFO_KEK 2
	193	#define CMS_RECIPINFO_PASS 3
	194	#define CMS_RECIPINFO_OTHER 4
	195
	196	typedef CMS_SignerIdentifier CMS_RecipientIdentifier;
	197
	198	struct CMS_KeyTransRecipientInfo_st
	199	{
	200	long version;
	201	CMS_RecipientIdentifier *rid;
	202	X509_ALGOR *keyEncryptionAlgorithm;
	203	ASN1_OCTET_STRING *encryptedKey;
	204	/* Recipient Key and cert */
	205	X509 *recip;
	206	EVP_PKEY *pkey;
	207	};
	208
	209	struct CMS_KeyAgreeRecipientInfo_st
	210	{
	211	long version;
	212	CMS_OriginatorIdentifierOrKey *originator;
	213	ASN1_OCTET_STRING *ukm;
	214	X509_ALGOR *keyEncryptionAlgorithm;
	215	STACK_OF(CMS_RecipientEncryptedKey) *recipientEncryptedKeys;
	216	};
	217
	218	struct CMS_OriginatorIdentifierOrKey_st
	219	{
	220	int type;
	221	union {
	222	CMS_IssuerAndSerialNumber *issuerAndSerialNumber;
	223	ASN1_OCTET_STRING *subjectKeyIdentifier;
	224	CMS_OriginatorPublicKey *originatorKey;
	225	} d;
	226	};
	227
	228	struct CMS_OriginatorPublicKey_st
	229	{
	230	X509_ALGOR *algorithm;
	231	ASN1_BIT_STRING *publicKey;
	232	};
	233
	234	struct CMS_RecipientEncryptedKey_st
	235	{
	236	CMS_KeyAgreeRecipientIdentifier *rid;
	237	ASN1_OCTET_STRING *encryptedKey;
	238	};
	239
240	struct CMS_KeyAgreeRecipientIdentifier_st
241	{
242	int type;
243	union {
244	CMS_IssuerAndSerialNumber *issuerAndSerialNumber;
245	CMS_RecipientKeyIdentifier *rKeyId;
246	} d;
247	};
248
249	struct CMS_RecipientKeyIdentifier_st
250	{
251	ASN1_OCTET_STRING *subjectKeyIdentifier;
252	ASN1_GENERALIZEDTIME *date;
253	CMS_OtherKeyAttribute *other;
254	};
255
256	struct CMS_KEKRecipientInfo_st
257	{
258	long version;
259	CMS_KEKIdentifier *kekid;
260	X509_ALGOR *keyEncryptionAlgorithm;
261	ASN1_OCTET_STRING *encryptedKey;
320bfc1b	262	/* Extra info: symmetric key to use */
afff52a3 DSH	263	unsigned char *key;
afff52a3 DSH	264	size_t keylen;
8931b30d DSH	265	};
	266
	267	struct CMS_KEKIdentifier_st
	268	{
	269	ASN1_OCTET_STRING *keyIdentifier;
	270	ASN1_GENERALIZEDTIME *date;
	271	CMS_OtherKeyAttribute *other;
	272	};
	273
	274	struct CMS_PasswordRecipientInfo_st
	275	{
	276	long version;
	277	X509_ALGOR *keyDerivationAlgorithm;
	278	X509_ALGOR *keyEncryptionAlgorithm;
	279	ASN1_OCTET_STRING *encryptedKey;
	280	};
	281
	282	struct CMS_OtherRecipientInfo_st
	283	{
	284	ASN1_OBJECT *oriType;
	285	ASN1_TYPE *oriValue;
	286	};
	287
	288	struct CMS_DigestedData_st
	289	{
	290	long version;
	291	X509_ALGOR *digestAlgorithm;
	292	CMS_EncapsulatedContentInfo *encapContentInfo;
	293	ASN1_OCTET_STRING *digest;
	294	};
	295
	296	struct CMS_EncryptedData_st
	297	{
	298	long version;
	299	CMS_EncryptedContentInfo *encryptedContentInfo;
	300	STACK_OF(X509_ATTRIBUTE) *unprotectedAttrs;
	301	};
	302
	303	struct CMS_AuthenticatedData_st
	304	{
	305	long version;
	306	CMS_OriginatorInfo *originatorInfo;
	307	STACK_OF(CMS_RecipientInfo) *recipientInfos;
	308	X509_ALGOR *macAlgorithm;
	309	X509_ALGOR *digestAlgorithm;
	310	CMS_EncapsulatedContentInfo *encapContentInfo;
	311	STACK_OF(X509_ATTRIBUTE) *authAttrs;
	312	ASN1_OCTET_STRING *mac;
	313	STACK_OF(X509_ATTRIBUTE) *unauthAttrs;
	314	};
	315
	316	struct CMS_CompressedData_st
	317	{
	318	long version;
	319	X509_ALGOR *compressionAlgorithm;
	320	STACK_OF(CMS_RecipientInfo) *recipientInfos;
	321	CMS_EncapsulatedContentInfo *encapContentInfo;
	322	};
	323
	324	struct CMS_RevocationInfoChoice_st
	325	{
	326	int type;
	327	union {
	328	X509_CRL *crl;
329	CMS_OtherRevocationInfoFormat *other;
330	} d;
331	};
332
333	#define CMS_REVCHOICE_CRL 0
334	#define CMS_REVCHOICE_OTHER 1
335
336	struct CMS_OtherRevocationInfoFormat_st
337	{
338	ASN1_OBJECT *otherRevInfoFormat;
339	ASN1_TYPE *otherRevInfo;
340	};
341
342	struct CMS_CertificateChoices
343	{
344	int type;
345	union {
346	X509 *certificate;
347	ASN1_STRING extendedCertificate; / Obsolete */
348	ASN1_STRING v1AttrCert; / Left encoded for now */
349	ASN1_STRING v2AttrCert; / Left encoded for now */
350	CMS_OtherCertificateFormat *other;
351	} d;
352	};
353
354	#define CMS_CERTCHOICE_CERT 0
355	#define CMS_CERTCHOICE_EXCERT 1
356	#define CMS_CERTCHOICE_V1ACERT 2
357	#define CMS_CERTCHOICE_V2ACERT 3
358	#define CMS_CERTCHOICE_OTHER 4
359
360	struct CMS_OtherCertificateFormat_st
361	{
362	ASN1_OBJECT *otherCertFormat;
363	ASN1_TYPE *otherCert;
364	};
365
366	/* This is also defined in pkcs7.h but we duplicate it
367	* to allow the CMS code to be independent of PKCS#7
368	*/
369
370	struct CMS_IssuerAndSerialNumber_st
371	{
372	X509_NAME *issuer;
373	ASN1_INTEGER *serialNumber;
374	};
375
376	struct CMS_OtherKeyAttribute_st
377	{
378	ASN1_OBJECT *keyAttrId;
379	ASN1_TYPE *keyAttr;
380	};
381
382	DECLARE_ASN1_FUNCTIONS(CMS_ContentInfo)
383	DECLARE_ASN1_ITEM(CMS_SignerInfo)
384	DECLARE_ASN1_ITEM(CMS_IssuerAndSerialNumber)
385	DECLARE_ASN1_ITEM(CMS_Attributes_Sign)
386	DECLARE_ASN1_ITEM(CMS_Attributes_Verify)
387	DECLARE_ASN1_ALLOC_FUNCTIONS(CMS_IssuerAndSerialNumber)
388
389	#define CMS_SIGNERINFO_ISSUER_SERIAL 0
390	#define CMS_SIGNERINFO_KEYIDENTIFIER 1
391
392	#define CMS_RECIPINFO_ISSUER_SERIAL 0
393	#define CMS_RECIPINFO_KEYIDENTIFIER 1
394
395	BIO cms_content_bio(CMS_ContentInfo cms);
396
397	CMS_ContentInfo *cms_Data_create(void);
398
399	CMS_ContentInfo cms_DigestedData_create(const EVP_MD md);
400	BIO cms_DigestedData_init_bio(CMS_ContentInfo cms);
401	int cms_DigestedData_do_final(CMS_ContentInfo cms, BIO chain, int verify);
402
403	BIO cms_SignedData_init_bio(CMS_ContentInfo cms);
404	int cms_SignedData_final(CMS_ContentInfo cms, BIO chain);
405	int cms_set1_SignerIdentifier(CMS_SignerIdentifier sid, X509 cert, int type);
406	int cms_SignerIdentifier_get0_signer_id(CMS_SignerIdentifier *sid,
407	ASN1_OCTET_STRING **keyid,
408	X509_NAME issuer, ASN1_INTEGER sno);
409	int cms_SignerIdentifier_cert_cmp(CMS_SignerIdentifier sid, X509 cert);
410
411	CMS_ContentInfo *cms_CompressedData_create(int comp_nid);
412	BIO cms_CompressedData_init_bio(CMS_ContentInfo cms);
413
414	void cms_DigestAlgorithm_set(X509_ALGOR alg, const EVP_MD md);
415	BIO cms_DigestAlgorithm_init_bio(X509_ALGOR digestAlgorithm);
416	int cms_DigestAlgorithm_find_ctx(EVP_MD_CTX mctx, BIO chain,
417	X509_ALGOR *mdalg);
b820455c	418
320bfc1b DSH	419	BIO cms_EncryptedContent_encrypt_bio(CMS_EncryptedContentInfo ec);
	420	BIO cms_EncryptedContent_decrypt_bio(CMS_EncryptedContentInfo ec);
	421	BIO cms_EncryptedData_init_bio(CMS_ContentInfo cms);
8931b30d DSH	422
	423	#ifdef __cplusplus
	424	}
	425	#endif
	426	#endif