2 * {- join("\n * ", @autowarntext) -}
4 * Copyright 2008-2020 The OpenSSL Project Authors. All Rights Reserved.
6 * Licensed under the Apache License 2.0 (the "License"). You may not use
7 * this file except in compliance with the License. You can obtain a copy
8 * in the file LICENSE in the source distribution or at
9 * https://www.openssl.org/source/license.html
13 use
OpenSSL::stackhash
qw(generate_stack_macros
);
17 # define OPENSSL_CMS_H
20 # include <openssl/macros.h>
21 # ifndef OPENSSL_NO_DEPRECATED_3_0
25 # include <openssl/opensslconf.h>
27 # ifndef OPENSSL_NO_CMS
28 # include <openssl/x509.h>
29 # include <openssl/x509v3.h>
30 # include <openssl/cmserr.h>
35 typedef struct CMS_ContentInfo_st CMS_ContentInfo
;
36 typedef struct CMS_SignerInfo_st CMS_SignerInfo
;
37 typedef struct CMS_CertificateChoices CMS_CertificateChoices
;
38 typedef struct CMS_RevocationInfoChoice_st CMS_RevocationInfoChoice
;
39 typedef struct CMS_RecipientInfo_st CMS_RecipientInfo
;
40 typedef struct CMS_ReceiptRequest_st CMS_ReceiptRequest
;
41 typedef struct CMS_Receipt_st CMS_Receipt
;
42 typedef struct CMS_RecipientEncryptedKey_st CMS_RecipientEncryptedKey
;
43 typedef struct CMS_OtherKeyAttribute_st CMS_OtherKeyAttribute
;
46 generate_stack_macros("CMS_SignerInfo")
47 .generate_stack_macros("CMS_RecipientEncryptedKey")
48 .generate_stack_macros("CMS_RecipientInfo")
49 .generate_stack_macros("CMS_RevocationInfoChoice");
52 DECLARE_ASN1_FUNCTIONS(CMS_ContentInfo
)
53 DECLARE_ASN1_FUNCTIONS(CMS_ReceiptRequest
)
54 DECLARE_ASN1_PRINT_FUNCTION(CMS_ContentInfo
)
56 CMS_ContentInfo
*CMS_ContentInfo_new_ex(OSSL_LIB_CTX
*libctx
, const char *propq
);
58 # define CMS_SIGNERINFO_ISSUER_SERIAL 0
59 # define CMS_SIGNERINFO_KEYIDENTIFIER 1
61 # define CMS_RECIPINFO_NONE -1
62 # define CMS_RECIPINFO_TRANS 0
63 # define CMS_RECIPINFO_AGREE 1
64 # define CMS_RECIPINFO_KEK 2
65 # define CMS_RECIPINFO_PASS 3
66 # define CMS_RECIPINFO_OTHER 4
68 /* S/MIME related flags */
71 # define CMS_NOCERTS 0x2
72 # define CMS_NO_CONTENT_VERIFY 0x4
73 # define CMS_NO_ATTR_VERIFY 0x8
75 (CMS_NO_CONTENT_VERIFY|CMS_NO_ATTR_VERIFY)
76 # define CMS_NOINTERN 0x10
77 # define CMS_NO_SIGNER_CERT_VERIFY 0x20
78 # define CMS_NOVERIFY 0x20
79 # define CMS_DETACHED 0x40
80 # define CMS_BINARY 0x80
81 # define CMS_NOATTR 0x100
82 # define CMS_NOSMIMECAP 0x200
83 # define CMS_NOOLDMIMETYPE 0x400
84 # define CMS_CRLFEOL 0x800
85 # define CMS_STREAM 0x1000
86 # define CMS_NOCRL 0x2000
87 # define CMS_PARTIAL 0x4000
88 # define CMS_REUSE_DIGEST 0x8000
89 # define CMS_USE_KEYID 0x10000
90 # define CMS_DEBUG_DECRYPT 0x20000
91 # define CMS_KEY_PARAM 0x40000
92 # define CMS_ASCIICRLF 0x80000
93 # define CMS_CADES 0x100000
94 # define CMS_USE_ORIGINATOR_KEYID 0x200000
96 const ASN1_OBJECT
*CMS_get0_type(const CMS_ContentInfo
*cms
);
98 BIO
*CMS_dataInit(CMS_ContentInfo
*cms
, BIO
*icont
);
99 int CMS_dataFinal(CMS_ContentInfo
*cms
, BIO
*bio
);
101 ASN1_OCTET_STRING
**CMS_get0_content(CMS_ContentInfo
*cms
);
102 int CMS_is_detached(CMS_ContentInfo
*cms
);
103 int CMS_set_detached(CMS_ContentInfo
*cms
, int detached
);
105 # ifdef OPENSSL_PEM_H
106 DECLARE_PEM_rw(CMS
, CMS_ContentInfo
)
108 int CMS_stream(unsigned char ***boundary
, CMS_ContentInfo
*cms
);
109 CMS_ContentInfo
*d2i_CMS_bio(BIO
*bp
, CMS_ContentInfo
**cms
);
110 int i2d_CMS_bio(BIO
*bp
, CMS_ContentInfo
*cms
);
112 BIO
*BIO_new_CMS(BIO
*out
, CMS_ContentInfo
*cms
);
113 int i2d_CMS_bio_stream(BIO
*out
, CMS_ContentInfo
*cms
, BIO
*in
, int flags
);
114 int PEM_write_bio_CMS_stream(BIO
*out
, CMS_ContentInfo
*cms
, BIO
*in
,
116 CMS_ContentInfo
*SMIME_read_CMS(BIO
*bio
, BIO
**bcont
);
117 CMS_ContentInfo
*SMIME_read_CMS_ex(BIO
*bio
, BIO
**bcont
, CMS_ContentInfo
**ci
);
118 int SMIME_write_CMS(BIO
*bio
, CMS_ContentInfo
*cms
, BIO
*data
, int flags
);
120 int CMS_final(CMS_ContentInfo
*cms
, BIO
*data
, BIO
*dcont
,
123 CMS_ContentInfo
*CMS_sign(X509
*signcert
, EVP_PKEY
*pkey
,
124 STACK_OF(X509
) *certs
, BIO
*data
,
126 CMS_ContentInfo
*CMS_sign_ex(X509
*signcert
, EVP_PKEY
*pkey
,
127 STACK_OF(X509
) *certs
, BIO
*data
,
128 unsigned int flags
, OSSL_LIB_CTX
*ctx
,
131 CMS_ContentInfo
*CMS_sign_receipt(CMS_SignerInfo
*si
,
132 X509
*signcert
, EVP_PKEY
*pkey
,
133 STACK_OF(X509
) *certs
, unsigned int flags
);
135 int CMS_data(CMS_ContentInfo
*cms
, BIO
*out
, unsigned int flags
);
136 CMS_ContentInfo
*CMS_data_create(BIO
*in
, unsigned int flags
);
137 CMS_ContentInfo
*CMS_data_create_ex(BIO
*in
, unsigned int flags
,
138 OSSL_LIB_CTX
*ctx
, const char *propq
);
140 int CMS_digest_verify(CMS_ContentInfo
*cms
, BIO
*dcont
, BIO
*out
,
142 CMS_ContentInfo
*CMS_digest_create(BIO
*in
, const EVP_MD
*md
,
144 CMS_ContentInfo
*CMS_digest_create_ex(BIO
*in
, const EVP_MD
*md
,
145 unsigned int flags
, OSSL_LIB_CTX
*ctx
,
148 int CMS_EncryptedData_decrypt(CMS_ContentInfo
*cms
,
149 const unsigned char *key
, size_t keylen
,
150 BIO
*dcont
, BIO
*out
, unsigned int flags
);
152 CMS_ContentInfo
*CMS_EncryptedData_encrypt(BIO
*in
, const EVP_CIPHER
*cipher
,
153 const unsigned char *key
,
154 size_t keylen
, unsigned int flags
);
155 CMS_ContentInfo
*CMS_EncryptedData_encrypt_ex(BIO
*in
, const EVP_CIPHER
*cipher
,
156 const unsigned char *key
,
157 size_t keylen
, unsigned int flags
,
161 int CMS_EncryptedData_set1_key(CMS_ContentInfo
*cms
, const EVP_CIPHER
*ciph
,
162 const unsigned char *key
, size_t keylen
);
164 int CMS_verify(CMS_ContentInfo
*cms
, STACK_OF(X509
) *certs
,
165 X509_STORE
*store
, BIO
*dcont
, BIO
*out
, unsigned int flags
);
167 int CMS_verify_receipt(CMS_ContentInfo
*rcms
, CMS_ContentInfo
*ocms
,
168 STACK_OF(X509
) *certs
,
169 X509_STORE
*store
, unsigned int flags
);
171 STACK_OF(X509
) *CMS_get0_signers(CMS_ContentInfo
*cms
);
173 CMS_ContentInfo
*CMS_encrypt(STACK_OF(X509
) *certs
, BIO
*in
,
174 const EVP_CIPHER
*cipher
, unsigned int flags
);
175 CMS_ContentInfo
*CMS_encrypt_ex(STACK_OF(X509
) *certs
, BIO
*in
,
176 const EVP_CIPHER
*cipher
, unsigned int flags
,
177 OSSL_LIB_CTX
*ctx
, const char *propq
);
179 int CMS_decrypt(CMS_ContentInfo
*cms
, EVP_PKEY
*pkey
, X509
*cert
,
180 BIO
*dcont
, BIO
*out
, unsigned int flags
);
182 int CMS_decrypt_set1_pkey(CMS_ContentInfo
*cms
, EVP_PKEY
*pk
, X509
*cert
);
183 int CMS_decrypt_set1_pkey_and_peer(CMS_ContentInfo
*cms
, EVP_PKEY
*pk
,
184 X509
*cert
, X509
*peer
);
185 int CMS_decrypt_set1_key(CMS_ContentInfo
*cms
,
186 unsigned char *key
, size_t keylen
,
187 const unsigned char *id
, size_t idlen
);
188 int CMS_decrypt_set1_password(CMS_ContentInfo
*cms
,
189 unsigned char *pass
, ossl_ssize_t passlen
);
191 STACK_OF(CMS_RecipientInfo
) *CMS_get0_RecipientInfos(CMS_ContentInfo
*cms
);
192 int CMS_RecipientInfo_type(CMS_RecipientInfo
*ri
);
193 EVP_PKEY_CTX
*CMS_RecipientInfo_get0_pkey_ctx(CMS_RecipientInfo
*ri
);
194 CMS_ContentInfo
*CMS_AuthEnvelopedData_create(const EVP_CIPHER
*cipher
);
196 CMS_AuthEnvelopedData_create_ex(const EVP_CIPHER
*cipher
, OSSL_LIB_CTX
*ctx
,
198 CMS_ContentInfo
*CMS_EnvelopedData_create(const EVP_CIPHER
*cipher
);
199 CMS_ContentInfo
*CMS_EnvelopedData_create_ex(const EVP_CIPHER
*cipher
,
203 CMS_RecipientInfo
*CMS_add1_recipient_cert(CMS_ContentInfo
*cms
,
204 X509
*recip
, unsigned int flags
);
205 CMS_RecipientInfo
*CMS_add1_recipient(CMS_ContentInfo
*cms
, X509
*recip
,
206 EVP_PKEY
*originatorPrivKey
, X509
* originator
, unsigned int flags
);
207 int CMS_RecipientInfo_set0_pkey(CMS_RecipientInfo
*ri
, EVP_PKEY
*pkey
);
208 int CMS_RecipientInfo_ktri_cert_cmp(CMS_RecipientInfo
*ri
, X509
*cert
);
209 int CMS_RecipientInfo_ktri_get0_algs(CMS_RecipientInfo
*ri
,
210 EVP_PKEY
**pk
, X509
**recip
,
212 int CMS_RecipientInfo_ktri_get0_signer_id(CMS_RecipientInfo
*ri
,
213 ASN1_OCTET_STRING
**keyid
,
217 CMS_RecipientInfo
*CMS_add0_recipient_key(CMS_ContentInfo
*cms
, int nid
,
218 unsigned char *key
, size_t keylen
,
219 unsigned char *id
, size_t idlen
,
220 ASN1_GENERALIZEDTIME
*date
,
221 ASN1_OBJECT
*otherTypeId
,
222 ASN1_TYPE
*otherType
);
224 int CMS_RecipientInfo_kekri_get0_id(CMS_RecipientInfo
*ri
,
226 ASN1_OCTET_STRING
**pid
,
227 ASN1_GENERALIZEDTIME
**pdate
,
228 ASN1_OBJECT
**potherid
,
229 ASN1_TYPE
**pothertype
);
231 int CMS_RecipientInfo_set0_key(CMS_RecipientInfo
*ri
,
232 unsigned char *key
, size_t keylen
);
234 int CMS_RecipientInfo_kekri_id_cmp(CMS_RecipientInfo
*ri
,
235 const unsigned char *id
, size_t idlen
);
237 int CMS_RecipientInfo_set0_password(CMS_RecipientInfo
*ri
,
239 ossl_ssize_t passlen
);
241 CMS_RecipientInfo
*CMS_add0_recipient_password(CMS_ContentInfo
*cms
,
242 int iter
, int wrap_nid
,
245 ossl_ssize_t passlen
,
246 const EVP_CIPHER
*kekciph
);
248 int CMS_RecipientInfo_decrypt(CMS_ContentInfo
*cms
, CMS_RecipientInfo
*ri
);
249 int CMS_RecipientInfo_encrypt(const CMS_ContentInfo
*cms
, CMS_RecipientInfo
*ri
);
251 int CMS_uncompress(CMS_ContentInfo
*cms
, BIO
*dcont
, BIO
*out
,
253 CMS_ContentInfo
*CMS_compress(BIO
*in
, int comp_nid
, unsigned int flags
);
255 int CMS_set1_eContentType(CMS_ContentInfo
*cms
, const ASN1_OBJECT
*oid
);
256 const ASN1_OBJECT
*CMS_get0_eContentType(CMS_ContentInfo
*cms
);
258 CMS_CertificateChoices
*CMS_add0_CertificateChoices(CMS_ContentInfo
*cms
);
259 int CMS_add0_cert(CMS_ContentInfo
*cms
, X509
*cert
);
260 int CMS_add1_cert(CMS_ContentInfo
*cms
, X509
*cert
);
261 STACK_OF(X509
) *CMS_get1_certs(CMS_ContentInfo
*cms
);
263 CMS_RevocationInfoChoice
*CMS_add0_RevocationInfoChoice(CMS_ContentInfo
*cms
);
264 int CMS_add0_crl(CMS_ContentInfo
*cms
, X509_CRL
*crl
);
265 int CMS_add1_crl(CMS_ContentInfo
*cms
, X509_CRL
*crl
);
266 STACK_OF(X509_CRL
) *CMS_get1_crls(CMS_ContentInfo
*cms
);
268 int CMS_SignedData_init(CMS_ContentInfo
*cms
);
269 CMS_SignerInfo
*CMS_add1_signer(CMS_ContentInfo
*cms
,
270 X509
*signer
, EVP_PKEY
*pk
, const EVP_MD
*md
,
272 EVP_PKEY_CTX
*CMS_SignerInfo_get0_pkey_ctx(CMS_SignerInfo
*si
);
273 EVP_MD_CTX
*CMS_SignerInfo_get0_md_ctx(CMS_SignerInfo
*si
);
274 STACK_OF(CMS_SignerInfo
) *CMS_get0_SignerInfos(CMS_ContentInfo
*cms
);
276 void CMS_SignerInfo_set1_signer_cert(CMS_SignerInfo
*si
, X509
*signer
);
277 int CMS_SignerInfo_get0_signer_id(CMS_SignerInfo
*si
,
278 ASN1_OCTET_STRING
**keyid
,
279 X509_NAME
**issuer
, ASN1_INTEGER
**sno
);
280 int CMS_SignerInfo_cert_cmp(CMS_SignerInfo
*si
, X509
*cert
);
281 int CMS_set1_signers_certs(CMS_ContentInfo
*cms
, STACK_OF(X509
) *certs
,
283 void CMS_SignerInfo_get0_algs(CMS_SignerInfo
*si
, EVP_PKEY
**pk
,
284 X509
**signer
, X509_ALGOR
**pdig
,
286 ASN1_OCTET_STRING
*CMS_SignerInfo_get0_signature(CMS_SignerInfo
*si
);
287 int CMS_SignerInfo_sign(CMS_SignerInfo
*si
);
288 int CMS_SignerInfo_verify(CMS_SignerInfo
*si
);
289 int CMS_SignerInfo_verify_content(CMS_SignerInfo
*si
, BIO
*chain
);
291 int CMS_add_smimecap(CMS_SignerInfo
*si
, STACK_OF(X509_ALGOR
) *algs
);
292 int CMS_add_simple_smimecap(STACK_OF(X509_ALGOR
) **algs
,
293 int algnid
, int keysize
);
294 int CMS_add_standard_smimecap(STACK_OF(X509_ALGOR
) **smcap
);
296 int CMS_signed_get_attr_count(const CMS_SignerInfo
*si
);
297 int CMS_signed_get_attr_by_NID(const CMS_SignerInfo
*si
, int nid
,
299 int CMS_signed_get_attr_by_OBJ(const CMS_SignerInfo
*si
, const ASN1_OBJECT
*obj
,
301 X509_ATTRIBUTE
*CMS_signed_get_attr(const CMS_SignerInfo
*si
, int loc
);
302 X509_ATTRIBUTE
*CMS_signed_delete_attr(CMS_SignerInfo
*si
, int loc
);
303 int CMS_signed_add1_attr(CMS_SignerInfo
*si
, X509_ATTRIBUTE
*attr
);
304 int CMS_signed_add1_attr_by_OBJ(CMS_SignerInfo
*si
,
305 const ASN1_OBJECT
*obj
, int type
,
306 const void *bytes
, int len
);
307 int CMS_signed_add1_attr_by_NID(CMS_SignerInfo
*si
,
309 const void *bytes
, int len
);
310 int CMS_signed_add1_attr_by_txt(CMS_SignerInfo
*si
,
311 const char *attrname
, int type
,
312 const void *bytes
, int len
);
313 void *CMS_signed_get0_data_by_OBJ(const CMS_SignerInfo
*si
,
314 const ASN1_OBJECT
*oid
,
315 int lastpos
, int type
);
317 int CMS_unsigned_get_attr_count(const CMS_SignerInfo
*si
);
318 int CMS_unsigned_get_attr_by_NID(const CMS_SignerInfo
*si
, int nid
,
320 int CMS_unsigned_get_attr_by_OBJ(const CMS_SignerInfo
*si
,
321 const ASN1_OBJECT
*obj
, int lastpos
);
322 X509_ATTRIBUTE
*CMS_unsigned_get_attr(const CMS_SignerInfo
*si
, int loc
);
323 X509_ATTRIBUTE
*CMS_unsigned_delete_attr(CMS_SignerInfo
*si
, int loc
);
324 int CMS_unsigned_add1_attr(CMS_SignerInfo
*si
, X509_ATTRIBUTE
*attr
);
325 int CMS_unsigned_add1_attr_by_OBJ(CMS_SignerInfo
*si
,
326 const ASN1_OBJECT
*obj
, int type
,
327 const void *bytes
, int len
);
328 int CMS_unsigned_add1_attr_by_NID(CMS_SignerInfo
*si
,
330 const void *bytes
, int len
);
331 int CMS_unsigned_add1_attr_by_txt(CMS_SignerInfo
*si
,
332 const char *attrname
, int type
,
333 const void *bytes
, int len
);
334 void *CMS_unsigned_get0_data_by_OBJ(CMS_SignerInfo
*si
, ASN1_OBJECT
*oid
,
335 int lastpos
, int type
);
337 int CMS_get1_ReceiptRequest(CMS_SignerInfo
*si
, CMS_ReceiptRequest
**prr
);
338 CMS_ReceiptRequest
*CMS_ReceiptRequest_create0(
339 unsigned char *id
, int idlen
, int allorfirst
,
340 STACK_OF(GENERAL_NAMES
) *receiptList
,
341 STACK_OF(GENERAL_NAMES
) *receiptsTo
);
342 CMS_ReceiptRequest
*CMS_ReceiptRequest_create0_ex(
343 unsigned char *id
, int idlen
, int allorfirst
,
344 STACK_OF(GENERAL_NAMES
) *receiptList
,
345 STACK_OF(GENERAL_NAMES
) *receiptsTo
,
346 OSSL_LIB_CTX
*ctx
, const char *propq
);
348 int CMS_add1_ReceiptRequest(CMS_SignerInfo
*si
, CMS_ReceiptRequest
*rr
);
349 void CMS_ReceiptRequest_get0_values(CMS_ReceiptRequest
*rr
,
352 STACK_OF(GENERAL_NAMES
) **plist
,
353 STACK_OF(GENERAL_NAMES
) **prto
);
354 int CMS_RecipientInfo_kari_get0_alg(CMS_RecipientInfo
*ri
,
356 ASN1_OCTET_STRING
**pukm
);
357 STACK_OF(CMS_RecipientEncryptedKey
)
358 *CMS_RecipientInfo_kari_get0_reks(CMS_RecipientInfo
*ri
);
360 int CMS_RecipientInfo_kari_get0_orig_id(CMS_RecipientInfo
*ri
,
362 ASN1_BIT_STRING
**pubkey
,
363 ASN1_OCTET_STRING
**keyid
,
367 int CMS_RecipientInfo_kari_orig_id_cmp(CMS_RecipientInfo
*ri
, X509
*cert
);
369 int CMS_RecipientEncryptedKey_get0_id(CMS_RecipientEncryptedKey
*rek
,
370 ASN1_OCTET_STRING
**keyid
,
371 ASN1_GENERALIZEDTIME
**tm
,
372 CMS_OtherKeyAttribute
**other
,
373 X509_NAME
**issuer
, ASN1_INTEGER
**sno
);
374 int CMS_RecipientEncryptedKey_cert_cmp(CMS_RecipientEncryptedKey
*rek
,
376 int CMS_RecipientInfo_kari_set0_pkey(CMS_RecipientInfo
*ri
, EVP_PKEY
*pk
);
377 int CMS_RecipientInfo_kari_set0_pkey_and_peer(CMS_RecipientInfo
*ri
, EVP_PKEY
*pk
, X509
*peer
);
378 EVP_CIPHER_CTX
*CMS_RecipientInfo_kari_get0_ctx(CMS_RecipientInfo
*ri
);
379 int CMS_RecipientInfo_kari_decrypt(CMS_ContentInfo
*cms
,
380 CMS_RecipientInfo
*ri
,
381 CMS_RecipientEncryptedKey
*rek
);
383 int CMS_SharedInfo_encode(unsigned char **pder
, X509_ALGOR
*kekalg
,
384 ASN1_OCTET_STRING
*ukm
, int keylen
);
386 /* Backward compatibility for spelling errors. */
387 # define CMS_R_UNKNOWN_DIGEST_ALGORITM CMS_R_UNKNOWN_DIGEST_ALGORITHM
388 # define CMS_R_UNSUPPORTED_RECPIENTINFO_TYPE \
389 CMS_R_UNSUPPORTED_RECIPIENTINFO_TYPE