1 /* 2 * Copyright 2008-2019 The OpenSSL Project Authors. All Rights Reserved. 3 * 4 * Licensed under the OpenSSL license (the "License"). You may not use 5 * this file except in compliance with the License. You can obtain a copy 6 * in the file LICENSE in the source distribution or at 7 * https://www.openssl.org/source/license.html 8 */ 9 10 #ifndef HEADER_CMS_H 11 # define HEADER_CMS_H 12 13 # include <openssl/opensslconf.h> 14 15 # ifndef OPENSSL_NO_CMS 16 # include <openssl/x509.h> 17 # include <openssl/x509v3.h> 18 # include <openssl/cmserr.h> 19 # ifdef __cplusplus 20 extern "C" { 21 # endif 22 23 typedef struct CMS_ContentInfo_st CMS_ContentInfo; 24 typedef struct CMS_SignerInfo_st CMS_SignerInfo; 25 typedef struct CMS_CertificateChoices CMS_CertificateChoices; 26 typedef struct CMS_RevocationInfoChoice_st CMS_RevocationInfoChoice; 27 typedef struct CMS_RecipientInfo_st CMS_RecipientInfo; 28 typedef struct CMS_ReceiptRequest_st CMS_ReceiptRequest; 29 typedef struct CMS_Receipt_st CMS_Receipt; 30 typedef struct CMS_RecipientEncryptedKey_st CMS_RecipientEncryptedKey; 31 typedef struct CMS_OtherKeyAttribute_st CMS_OtherKeyAttribute; 32 33 DEFINE_STACK_OF(CMS_SignerInfo) 34 DEFINE_STACK_OF(CMS_RecipientEncryptedKey) 35 DEFINE_STACK_OF(CMS_RecipientInfo) 36 DEFINE_STACK_OF(CMS_RevocationInfoChoice) 37 DECLARE_ASN1_FUNCTIONS(CMS_ContentInfo) 38 DECLARE_ASN1_FUNCTIONS(CMS_ReceiptRequest) 39 DECLARE_ASN1_PRINT_FUNCTION(CMS_ContentInfo) 40 41 # define CMS_SIGNERINFO_ISSUER_SERIAL 0 42 # define CMS_SIGNERINFO_KEYIDENTIFIER 1 43 44 # define CMS_RECIPINFO_NONE -1 45 # define CMS_RECIPINFO_TRANS 0 46 # define CMS_RECIPINFO_AGREE 1 47 # define CMS_RECIPINFO_KEK 2 48 # define CMS_RECIPINFO_PASS 3 49 # define CMS_RECIPINFO_OTHER 4 50 51 /* S/MIME related flags */ 52 53 # define CMS_TEXT 0x1 54 # define CMS_NOCERTS 0x2 55 # define CMS_NO_CONTENT_VERIFY 0x4 56 # define CMS_NO_ATTR_VERIFY 0x8 57 # define CMS_NOSIGS \ 58 (CMS_NO_CONTENT_VERIFY|CMS_NO_ATTR_VERIFY) 59 # define CMS_NOINTERN 0x10 60 # define CMS_NO_SIGNER_CERT_VERIFY 0x20 61 # define CMS_NOVERIFY 0x20 62 # define CMS_DETACHED 0x40 63 # define CMS_BINARY 0x80 64 # define CMS_NOATTR 0x100 65 # define CMS_NOSMIMECAP 0x200 66 # define CMS_NOOLDMIMETYPE 0x400 67 # define CMS_CRLFEOL 0x800 68 # define CMS_STREAM 0x1000 69 # define CMS_NOCRL 0x2000 70 # define CMS_PARTIAL 0x4000 71 # define CMS_REUSE_DIGEST 0x8000 72 # define CMS_USE_KEYID 0x10000 73 # define CMS_DEBUG_DECRYPT 0x20000 74 # define CMS_KEY_PARAM 0x40000 75 # define CMS_ASCIICRLF 0x80000 76 77 const ASN1_OBJECT *CMS_get0_type(const CMS_ContentInfo *cms); 78 79 BIO *CMS_dataInit(CMS_ContentInfo *cms, BIO *icont); 80 int CMS_dataFinal(CMS_ContentInfo *cms, BIO *bio); 81 82 ASN1_OCTET_STRING **CMS_get0_content(CMS_ContentInfo *cms); 83 int CMS_is_detached(CMS_ContentInfo *cms); 84 int CMS_set_detached(CMS_ContentInfo *cms, int detached); 85 86 # ifdef HEADER_PEM_H 87 DECLARE_PEM_rw_const(CMS, CMS_ContentInfo) 88 # endif 89 int CMS_stream(unsigned char ***boundary, CMS_ContentInfo *cms); 90 CMS_ContentInfo *d2i_CMS_bio(BIO *bp, CMS_ContentInfo **cms); 91 int i2d_CMS_bio(BIO *bp, CMS_ContentInfo *cms); 92 93 BIO *BIO_new_CMS(BIO *out, CMS_ContentInfo *cms); 94 int i2d_CMS_bio_stream(BIO *out, CMS_ContentInfo *cms, BIO *in, int flags); 95 int PEM_write_bio_CMS_stream(BIO *out, CMS_ContentInfo *cms, BIO *in, 96 int flags); 97 CMS_ContentInfo *SMIME_read_CMS(BIO *bio, BIO **bcont); 98 int SMIME_write_CMS(BIO *bio, CMS_ContentInfo *cms, BIO *data, int flags); 99 100 int CMS_final(CMS_ContentInfo *cms, BIO *data, BIO *dcont, 101 unsigned int flags); 102 103 CMS_ContentInfo *CMS_sign(X509 *signcert, EVP_PKEY *pkey, 104 STACK_OF(X509) *certs, BIO *data, 105 unsigned int flags); 106 107 CMS_ContentInfo *CMS_sign_receipt(CMS_SignerInfo *si, 108 X509 *signcert, EVP_PKEY *pkey, 109 STACK_OF(X509) *certs, unsigned int flags); 110 111 int CMS_data(CMS_ContentInfo *cms, BIO *out, unsigned int flags); 112 CMS_ContentInfo *CMS_data_create(BIO *in, unsigned int flags); 113 114 int CMS_digest_verify(CMS_ContentInfo *cms, BIO *dcont, BIO *out, 115 unsigned int flags); 116 CMS_ContentInfo *CMS_digest_create(BIO *in, const EVP_MD *md, 117 unsigned int flags); 118 119 int CMS_EncryptedData_decrypt(CMS_ContentInfo *cms, 120 const unsigned char *key, size_t keylen, 121 BIO *dcont, BIO *out, unsigned int flags); 122 123 CMS_ContentInfo *CMS_EncryptedData_encrypt(BIO *in, const EVP_CIPHER *cipher, 124 const unsigned char *key, 125 size_t keylen, unsigned int flags); 126 127 int CMS_EncryptedData_set1_key(CMS_ContentInfo *cms, const EVP_CIPHER *ciph, 128 const unsigned char *key, size_t keylen); 129 130 int CMS_verify(CMS_ContentInfo *cms, STACK_OF(X509) *certs, 131 X509_STORE *store, BIO *dcont, BIO *out, unsigned int flags); 132 133 int CMS_verify_receipt(CMS_ContentInfo *rcms, CMS_ContentInfo *ocms, 134 STACK_OF(X509) *certs, 135 X509_STORE *store, unsigned int flags); 136 137 STACK_OF(X509) *CMS_get0_signers(CMS_ContentInfo *cms); 138 139 CMS_ContentInfo *CMS_encrypt(STACK_OF(X509) *certs, BIO *in, 140 const EVP_CIPHER *cipher, unsigned int flags); 141 142 int CMS_decrypt(CMS_ContentInfo *cms, EVP_PKEY *pkey, X509 *cert, 143 BIO *dcont, BIO *out, unsigned int flags); 144 145 int CMS_decrypt_set1_pkey(CMS_ContentInfo *cms, EVP_PKEY *pk, X509 *cert); 146 int CMS_decrypt_set1_key(CMS_ContentInfo *cms, 147 unsigned char *key, size_t keylen, 148 const unsigned char *id, size_t idlen); 149 int CMS_decrypt_set1_password(CMS_ContentInfo *cms, 150 unsigned char *pass, ossl_ssize_t passlen); 151 152 STACK_OF(CMS_RecipientInfo) *CMS_get0_RecipientInfos(CMS_ContentInfo *cms); 153 int CMS_RecipientInfo_type(CMS_RecipientInfo *ri); 154 EVP_PKEY_CTX *CMS_RecipientInfo_get0_pkey_ctx(CMS_RecipientInfo *ri); 155 CMS_ContentInfo *CMS_EnvelopedData_create(const EVP_CIPHER *cipher); 156 CMS_RecipientInfo *CMS_add1_recipient_cert(CMS_ContentInfo *cms, 157 X509 *recip, unsigned int flags); 158 int CMS_RecipientInfo_set0_pkey(CMS_RecipientInfo *ri, EVP_PKEY *pkey); 159 int CMS_RecipientInfo_ktri_cert_cmp(CMS_RecipientInfo *ri, X509 *cert); 160 int CMS_RecipientInfo_ktri_get0_algs(CMS_RecipientInfo *ri, 161 EVP_PKEY **pk, X509 **recip, 162 X509_ALGOR **palg); 163 int CMS_RecipientInfo_ktri_get0_signer_id(CMS_RecipientInfo *ri, 164 ASN1_OCTET_STRING **keyid, 165 X509_NAME **issuer, 166 ASN1_INTEGER **sno); 167 168 CMS_RecipientInfo *CMS_add0_recipient_key(CMS_ContentInfo *cms, int nid, 169 unsigned char *key, size_t keylen, 170 unsigned char *id, size_t idlen, 171 ASN1_GENERALIZEDTIME *date, 172 ASN1_OBJECT *otherTypeId, 173 ASN1_TYPE *otherType); 174 175 int CMS_RecipientInfo_kekri_get0_id(CMS_RecipientInfo *ri, 176 X509_ALGOR **palg, 177 ASN1_OCTET_STRING **pid, 178 ASN1_GENERALIZEDTIME **pdate, 179 ASN1_OBJECT **potherid, 180 ASN1_TYPE **pothertype); 181 182 int CMS_RecipientInfo_set0_key(CMS_RecipientInfo *ri, 183 unsigned char *key, size_t keylen); 184 185 int CMS_RecipientInfo_kekri_id_cmp(CMS_RecipientInfo *ri, 186 const unsigned char *id, size_t idlen); 187 188 int CMS_RecipientInfo_set0_password(CMS_RecipientInfo *ri, 189 unsigned char *pass, 190 ossl_ssize_t passlen); 191 192 CMS_RecipientInfo *CMS_add0_recipient_password(CMS_ContentInfo *cms, 193 int iter, int wrap_nid, 194 int pbe_nid, 195 unsigned char *pass, 196 ossl_ssize_t passlen, 197 const EVP_CIPHER *kekciph); 198 199 int CMS_RecipientInfo_decrypt(CMS_ContentInfo *cms, CMS_RecipientInfo *ri); 200 int CMS_RecipientInfo_encrypt(CMS_ContentInfo *cms, CMS_RecipientInfo *ri); 201 202 int CMS_uncompress(CMS_ContentInfo *cms, BIO *dcont, BIO *out, 203 unsigned int flags); 204 CMS_ContentInfo *CMS_compress(BIO *in, int comp_nid, unsigned int flags); 205 206 int CMS_set1_eContentType(CMS_ContentInfo *cms, const ASN1_OBJECT *oid); 207 const ASN1_OBJECT *CMS_get0_eContentType(CMS_ContentInfo *cms); 208 209 CMS_CertificateChoices *CMS_add0_CertificateChoices(CMS_ContentInfo *cms); 210 int CMS_add0_cert(CMS_ContentInfo *cms, X509 *cert); 211 int CMS_add1_cert(CMS_ContentInfo *cms, X509 *cert); 212 STACK_OF(X509) *CMS_get1_certs(CMS_ContentInfo *cms); 213 214 CMS_RevocationInfoChoice *CMS_add0_RevocationInfoChoice(CMS_ContentInfo *cms); 215 int CMS_add0_crl(CMS_ContentInfo *cms, X509_CRL *crl); 216 int CMS_add1_crl(CMS_ContentInfo *cms, X509_CRL *crl); 217 STACK_OF(X509_CRL) *CMS_get1_crls(CMS_ContentInfo *cms); 218 219 int CMS_SignedData_init(CMS_ContentInfo *cms); 220 CMS_SignerInfo *CMS_add1_signer(CMS_ContentInfo *cms, 221 X509 *signer, EVP_PKEY *pk, const EVP_MD *md, 222 unsigned int flags); 223 EVP_PKEY_CTX *CMS_SignerInfo_get0_pkey_ctx(CMS_SignerInfo *si); 224 EVP_MD_CTX *CMS_SignerInfo_get0_md_ctx(CMS_SignerInfo *si); 225 STACK_OF(CMS_SignerInfo) *CMS_get0_SignerInfos(CMS_ContentInfo *cms); 226 227 void CMS_SignerInfo_set1_signer_cert(CMS_SignerInfo *si, X509 *signer); 228 int CMS_SignerInfo_get0_signer_id(CMS_SignerInfo *si, 229 ASN1_OCTET_STRING **keyid, 230 X509_NAME **issuer, ASN1_INTEGER **sno); 231 int CMS_SignerInfo_cert_cmp(CMS_SignerInfo *si, X509 *cert); 232 int CMS_set1_signers_certs(CMS_ContentInfo *cms, STACK_OF(X509) *certs, 233 unsigned int flags); 234 void CMS_SignerInfo_get0_algs(CMS_SignerInfo *si, EVP_PKEY **pk, 235 X509 **signer, X509_ALGOR **pdig, 236 X509_ALGOR **psig); 237 ASN1_OCTET_STRING *CMS_SignerInfo_get0_signature(CMS_SignerInfo *si); 238 int CMS_SignerInfo_sign(CMS_SignerInfo *si); 239 int CMS_SignerInfo_verify(CMS_SignerInfo *si); 240 int CMS_SignerInfo_verify_content(CMS_SignerInfo *si, BIO *chain); 241 242 int CMS_add_smimecap(CMS_SignerInfo *si, STACK_OF(X509_ALGOR) *algs); 243 int CMS_add_simple_smimecap(STACK_OF(X509_ALGOR) **algs, 244 int algnid, int keysize); 245 int CMS_add_standard_smimecap(STACK_OF(X509_ALGOR) **smcap); 246 247 int CMS_signed_get_attr_count(const CMS_SignerInfo *si); 248 int CMS_signed_get_attr_by_NID(const CMS_SignerInfo *si, int nid, 249 int lastpos); 250 int CMS_signed_get_attr_by_OBJ(const CMS_SignerInfo *si, const ASN1_OBJECT *obj, 251 int lastpos); 252 X509_ATTRIBUTE *CMS_signed_get_attr(const CMS_SignerInfo *si, int loc); 253 X509_ATTRIBUTE *CMS_signed_delete_attr(CMS_SignerInfo *si, int loc); 254 int CMS_signed_add1_attr(CMS_SignerInfo *si, X509_ATTRIBUTE *attr); 255 int CMS_signed_add1_attr_by_OBJ(CMS_SignerInfo *si, 256 const ASN1_OBJECT *obj, int type, 257 const void *bytes, int len); 258 int CMS_signed_add1_attr_by_NID(CMS_SignerInfo *si, 259 int nid, int type, 260 const void *bytes, int len); 261 int CMS_signed_add1_attr_by_txt(CMS_SignerInfo *si, 262 const char *attrname, int type, 263 const void *bytes, int len); 264 void *CMS_signed_get0_data_by_OBJ(CMS_SignerInfo *si, const ASN1_OBJECT *oid, 265 int lastpos, int type); 266 267 int CMS_unsigned_get_attr_count(const CMS_SignerInfo *si); 268 int CMS_unsigned_get_attr_by_NID(const CMS_SignerInfo *si, int nid, 269 int lastpos); 270 int CMS_unsigned_get_attr_by_OBJ(const CMS_SignerInfo *si, 271 const ASN1_OBJECT *obj, int lastpos); 272 X509_ATTRIBUTE *CMS_unsigned_get_attr(const CMS_SignerInfo *si, int loc); 273 X509_ATTRIBUTE *CMS_unsigned_delete_attr(CMS_SignerInfo *si, int loc); 274 int CMS_unsigned_add1_attr(CMS_SignerInfo *si, X509_ATTRIBUTE *attr); 275 int CMS_unsigned_add1_attr_by_OBJ(CMS_SignerInfo *si, 276 const ASN1_OBJECT *obj, int type, 277 const void *bytes, int len); 278 int CMS_unsigned_add1_attr_by_NID(CMS_SignerInfo *si, 279 int nid, int type, 280 const void *bytes, int len); 281 int CMS_unsigned_add1_attr_by_txt(CMS_SignerInfo *si, 282 const char *attrname, int type, 283 const void *bytes, int len); 284 void *CMS_unsigned_get0_data_by_OBJ(CMS_SignerInfo *si, ASN1_OBJECT *oid, 285 int lastpos, int type); 286 287 int CMS_get1_ReceiptRequest(CMS_SignerInfo *si, CMS_ReceiptRequest **prr); 288 CMS_ReceiptRequest *CMS_ReceiptRequest_create0(unsigned char *id, int idlen, 289 int allorfirst, 290 STACK_OF(GENERAL_NAMES) 291 *receiptList, STACK_OF(GENERAL_NAMES) 292 *receiptsTo); 293 int CMS_add1_ReceiptRequest(CMS_SignerInfo *si, CMS_ReceiptRequest *rr); 294 void CMS_ReceiptRequest_get0_values(CMS_ReceiptRequest *rr, 295 ASN1_STRING **pcid, 296 int *pallorfirst, 297 STACK_OF(GENERAL_NAMES) **plist, 298 STACK_OF(GENERAL_NAMES) **prto); 299 int CMS_RecipientInfo_kari_get0_alg(CMS_RecipientInfo *ri, 300 X509_ALGOR **palg, 301 ASN1_OCTET_STRING **pukm); 302 STACK_OF(CMS_RecipientEncryptedKey) 303 *CMS_RecipientInfo_kari_get0_reks(CMS_RecipientInfo *ri); 304 305 int CMS_RecipientInfo_kari_get0_orig_id(CMS_RecipientInfo *ri, 306 X509_ALGOR **pubalg, 307 ASN1_BIT_STRING **pubkey, 308 ASN1_OCTET_STRING **keyid, 309 X509_NAME **issuer, 310 ASN1_INTEGER **sno); 311 312 int CMS_RecipientInfo_kari_orig_id_cmp(CMS_RecipientInfo *ri, X509 *cert); 313 314 int CMS_RecipientEncryptedKey_get0_id(CMS_RecipientEncryptedKey *rek, 315 ASN1_OCTET_STRING **keyid, 316 ASN1_GENERALIZEDTIME **tm, 317 CMS_OtherKeyAttribute **other, 318 X509_NAME **issuer, ASN1_INTEGER **sno); 319 int CMS_RecipientEncryptedKey_cert_cmp(CMS_RecipientEncryptedKey *rek, 320 X509 *cert); 321 int CMS_RecipientInfo_kari_set0_pkey(CMS_RecipientInfo *ri, EVP_PKEY *pk); 322 EVP_CIPHER_CTX *CMS_RecipientInfo_kari_get0_ctx(CMS_RecipientInfo *ri); 323 int CMS_RecipientInfo_kari_decrypt(CMS_ContentInfo *cms, 324 CMS_RecipientInfo *ri, 325 CMS_RecipientEncryptedKey *rek); 326 327 int CMS_SharedInfo_encode(unsigned char **pder, X509_ALGOR *kekalg, 328 ASN1_OCTET_STRING *ukm, int keylen); 329 330 /* Backward compatibility for spelling errors. */ 331 # define CMS_R_UNKNOWN_DIGEST_ALGORITM CMS_R_UNKNOWN_DIGEST_ALGORITHM 332 # define CMS_R_UNSUPPORTED_RECPIENTINFO_TYPE \ 333 CMS_R_UNSUPPORTED_RECIPIENTINFO_TYPE 334 335 # ifdef __cplusplus 336 } 337 # endif 338 # endif 339 #endif 340