Mercurial > repos > rliterman > csp2

annotate CSP2/CSP2_env/env-d9b9114564458d9d-741b3de822f2aaca6c6caa4325c4afce/include/openssl/pkcs7.h @ 69:33d812a61356

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
planemo upload commit 2e9511a184a1ca667c7be0c6321a36dc4e3d116d
author jpayne
date Tue, 18 Mar 2025 17:55:14 -0400
parents
children
rev   line source
jpayne@69 1 /*
jpayne@69 2 * Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
jpayne@69 3 *
jpayne@69 4 * Licensed under the OpenSSL license (the "License"). You may not use
jpayne@69 5 * this file except in compliance with the License. You can obtain a copy
jpayne@69 6 * in the file LICENSE in the source distribution or at
jpayne@69 7 * https://www.openssl.org/source/license.html
jpayne@69 8 */
jpayne@69 9
jpayne@69 10 #ifndef HEADER_PKCS7_H
jpayne@69 11 # define HEADER_PKCS7_H
jpayne@69 12
jpayne@69 13 # include <openssl/asn1.h>
jpayne@69 14 # include <openssl/bio.h>
jpayne@69 15 # include <openssl/e_os2.h>
jpayne@69 16
jpayne@69 17 # include <openssl/symhacks.h>
jpayne@69 18 # include <openssl/ossl_typ.h>
jpayne@69 19 # include <openssl/pkcs7err.h>
jpayne@69 20
jpayne@69 21 #ifdef __cplusplus
jpayne@69 22 extern "C" {
jpayne@69 23 #endif
jpayne@69 24
jpayne@69 25 /*-
jpayne@69 26 Encryption_ID DES-CBC
jpayne@69 27 Digest_ID MD5
jpayne@69 28 Digest_Encryption_ID rsaEncryption
jpayne@69 29 Key_Encryption_ID rsaEncryption
jpayne@69 30 */
jpayne@69 31
jpayne@69 32 typedef struct pkcs7_issuer_and_serial_st {
jpayne@69 33 X509_NAME *issuer;
jpayne@69 34 ASN1_INTEGER *serial;
jpayne@69 35 } PKCS7_ISSUER_AND_SERIAL;
jpayne@69 36
jpayne@69 37 typedef struct pkcs7_signer_info_st {
jpayne@69 38 ASN1_INTEGER *version; /* version 1 */
jpayne@69 39 PKCS7_ISSUER_AND_SERIAL *issuer_and_serial;
jpayne@69 40 X509_ALGOR *digest_alg;
jpayne@69 41 STACK_OF(X509_ATTRIBUTE) *auth_attr; /* [ 0 ] */
jpayne@69 42 X509_ALGOR *digest_enc_alg;
jpayne@69 43 ASN1_OCTET_STRING *enc_digest;
jpayne@69 44 STACK_OF(X509_ATTRIBUTE) *unauth_attr; /* [ 1 ] */
jpayne@69 45 /* The private key to sign with */
jpayne@69 46 EVP_PKEY *pkey;
jpayne@69 47 } PKCS7_SIGNER_INFO;
jpayne@69 48
jpayne@69 49 DEFINE_STACK_OF(PKCS7_SIGNER_INFO)
jpayne@69 50
jpayne@69 51 typedef struct pkcs7_recip_info_st {
jpayne@69 52 ASN1_INTEGER *version; /* version 0 */
jpayne@69 53 PKCS7_ISSUER_AND_SERIAL *issuer_and_serial;
jpayne@69 54 X509_ALGOR *key_enc_algor;
jpayne@69 55 ASN1_OCTET_STRING *enc_key;
jpayne@69 56 X509 *cert; /* get the pub-key from this */
jpayne@69 57 } PKCS7_RECIP_INFO;
jpayne@69 58
jpayne@69 59 DEFINE_STACK_OF(PKCS7_RECIP_INFO)
jpayne@69 60
jpayne@69 61 typedef struct pkcs7_signed_st {
jpayne@69 62 ASN1_INTEGER *version; /* version 1 */
jpayne@69 63 STACK_OF(X509_ALGOR) *md_algs; /* md used */
jpayne@69 64 STACK_OF(X509) *cert; /* [ 0 ] */
jpayne@69 65 STACK_OF(X509_CRL) *crl; /* [ 1 ] */
jpayne@69 66 STACK_OF(PKCS7_SIGNER_INFO) *signer_info;
jpayne@69 67 struct pkcs7_st *contents;
jpayne@69 68 } PKCS7_SIGNED;
jpayne@69 69 /*
jpayne@69 70 * The above structure is very very similar to PKCS7_SIGN_ENVELOPE. How about
jpayne@69 71 * merging the two
jpayne@69 72 */
jpayne@69 73
jpayne@69 74 typedef struct pkcs7_enc_content_st {
jpayne@69 75 ASN1_OBJECT *content_type;
jpayne@69 76 X509_ALGOR *algorithm;
jpayne@69 77 ASN1_OCTET_STRING *enc_data; /* [ 0 ] */
jpayne@69 78 const EVP_CIPHER *cipher;
jpayne@69 79 } PKCS7_ENC_CONTENT;
jpayne@69 80
jpayne@69 81 typedef struct pkcs7_enveloped_st {
jpayne@69 82 ASN1_INTEGER *version; /* version 0 */
jpayne@69 83 STACK_OF(PKCS7_RECIP_INFO) *recipientinfo;
jpayne@69 84 PKCS7_ENC_CONTENT *enc_data;
jpayne@69 85 } PKCS7_ENVELOPE;
jpayne@69 86
jpayne@69 87 typedef struct pkcs7_signedandenveloped_st {
jpayne@69 88 ASN1_INTEGER *version; /* version 1 */
jpayne@69 89 STACK_OF(X509_ALGOR) *md_algs; /* md used */
jpayne@69 90 STACK_OF(X509) *cert; /* [ 0 ] */
jpayne@69 91 STACK_OF(X509_CRL) *crl; /* [ 1 ] */
jpayne@69 92 STACK_OF(PKCS7_SIGNER_INFO) *signer_info;
jpayne@69 93 PKCS7_ENC_CONTENT *enc_data;
jpayne@69 94 STACK_OF(PKCS7_RECIP_INFO) *recipientinfo;
jpayne@69 95 } PKCS7_SIGN_ENVELOPE;
jpayne@69 96
jpayne@69 97 typedef struct pkcs7_digest_st {
jpayne@69 98 ASN1_INTEGER *version; /* version 0 */
jpayne@69 99 X509_ALGOR *md; /* md used */
jpayne@69 100 struct pkcs7_st *contents;
jpayne@69 101 ASN1_OCTET_STRING *digest;
jpayne@69 102 } PKCS7_DIGEST;
jpayne@69 103
jpayne@69 104 typedef struct pkcs7_encrypted_st {
jpayne@69 105 ASN1_INTEGER *version; /* version 0 */
jpayne@69 106 PKCS7_ENC_CONTENT *enc_data;
jpayne@69 107 } PKCS7_ENCRYPT;
jpayne@69 108
jpayne@69 109 typedef struct pkcs7_st {
jpayne@69 110 /*
jpayne@69 111 * The following is non NULL if it contains ASN1 encoding of this
jpayne@69 112 * structure
jpayne@69 113 */
jpayne@69 114 unsigned char *asn1;
jpayne@69 115 long length;
jpayne@69 116 # define PKCS7_S_HEADER 0
jpayne@69 117 # define PKCS7_S_BODY 1
jpayne@69 118 # define PKCS7_S_TAIL 2
jpayne@69 119 int state; /* used during processing */
jpayne@69 120 int detached;
jpayne@69 121 ASN1_OBJECT *type;
jpayne@69 122 /* content as defined by the type */
jpayne@69 123 /*
jpayne@69 124 * all encryption/message digests are applied to the 'contents', leaving
jpayne@69 125 * out the 'type' field.
jpayne@69 126 */
jpayne@69 127 union {
jpayne@69 128 char *ptr;
jpayne@69 129 /* NID_pkcs7_data */
jpayne@69 130 ASN1_OCTET_STRING *data;
jpayne@69 131 /* NID_pkcs7_signed */
jpayne@69 132 PKCS7_SIGNED *sign;
jpayne@69 133 /* NID_pkcs7_enveloped */
jpayne@69 134 PKCS7_ENVELOPE *enveloped;
jpayne@69 135 /* NID_pkcs7_signedAndEnveloped */
jpayne@69 136 PKCS7_SIGN_ENVELOPE *signed_and_enveloped;
jpayne@69 137 /* NID_pkcs7_digest */
jpayne@69 138 PKCS7_DIGEST *digest;
jpayne@69 139 /* NID_pkcs7_encrypted */
jpayne@69 140 PKCS7_ENCRYPT *encrypted;
jpayne@69 141 /* Anything else */
jpayne@69 142 ASN1_TYPE *other;
jpayne@69 143 } d;
jpayne@69 144 } PKCS7;
jpayne@69 145
jpayne@69 146 DEFINE_STACK_OF(PKCS7)
jpayne@69 147
jpayne@69 148 # define PKCS7_OP_SET_DETACHED_SIGNATURE 1
jpayne@69 149 # define PKCS7_OP_GET_DETACHED_SIGNATURE 2
jpayne@69 150
jpayne@69 151 # define PKCS7_get_signed_attributes(si) ((si)->auth_attr)
jpayne@69 152 # define PKCS7_get_attributes(si) ((si)->unauth_attr)
jpayne@69 153
jpayne@69 154 # define PKCS7_type_is_signed(a) (OBJ_obj2nid((a)->type) == NID_pkcs7_signed)
jpayne@69 155 # define PKCS7_type_is_encrypted(a) (OBJ_obj2nid((a)->type) == NID_pkcs7_encrypted)
jpayne@69 156 # define PKCS7_type_is_enveloped(a) (OBJ_obj2nid((a)->type) == NID_pkcs7_enveloped)
jpayne@69 157 # define PKCS7_type_is_signedAndEnveloped(a) \
jpayne@69 158 (OBJ_obj2nid((a)->type) == NID_pkcs7_signedAndEnveloped)
jpayne@69 159 # define PKCS7_type_is_data(a) (OBJ_obj2nid((a)->type) == NID_pkcs7_data)
jpayne@69 160 # define PKCS7_type_is_digest(a) (OBJ_obj2nid((a)->type) == NID_pkcs7_digest)
jpayne@69 161
jpayne@69 162 # define PKCS7_set_detached(p,v) \
jpayne@69 163 PKCS7_ctrl(p,PKCS7_OP_SET_DETACHED_SIGNATURE,v,NULL)
jpayne@69 164 # define PKCS7_get_detached(p) \
jpayne@69 165 PKCS7_ctrl(p,PKCS7_OP_GET_DETACHED_SIGNATURE,0,NULL)
jpayne@69 166
jpayne@69 167 # define PKCS7_is_detached(p7) (PKCS7_type_is_signed(p7) && PKCS7_get_detached(p7))
jpayne@69 168
jpayne@69 169 /* S/MIME related flags */
jpayne@69 170
jpayne@69 171 # define PKCS7_TEXT 0x1
jpayne@69 172 # define PKCS7_NOCERTS 0x2
jpayne@69 173 # define PKCS7_NOSIGS 0x4
jpayne@69 174 # define PKCS7_NOCHAIN 0x8
jpayne@69 175 # define PKCS7_NOINTERN 0x10
jpayne@69 176 # define PKCS7_NOVERIFY 0x20
jpayne@69 177 # define PKCS7_DETACHED 0x40
jpayne@69 178 # define PKCS7_BINARY 0x80
jpayne@69 179 # define PKCS7_NOATTR 0x100
jpayne@69 180 # define PKCS7_NOSMIMECAP 0x200
jpayne@69 181 # define PKCS7_NOOLDMIMETYPE 0x400
jpayne@69 182 # define PKCS7_CRLFEOL 0x800
jpayne@69 183 # define PKCS7_STREAM 0x1000
jpayne@69 184 # define PKCS7_NOCRL 0x2000
jpayne@69 185 # define PKCS7_PARTIAL 0x4000
jpayne@69 186 # define PKCS7_REUSE_DIGEST 0x8000
jpayne@69 187 # define PKCS7_NO_DUAL_CONTENT 0x10000
jpayne@69 188
jpayne@69 189 /* Flags: for compatibility with older code */
jpayne@69 190
jpayne@69 191 # define SMIME_TEXT PKCS7_TEXT
jpayne@69 192 # define SMIME_NOCERTS PKCS7_NOCERTS
jpayne@69 193 # define SMIME_NOSIGS PKCS7_NOSIGS
jpayne@69 194 # define SMIME_NOCHAIN PKCS7_NOCHAIN
jpayne@69 195 # define SMIME_NOINTERN PKCS7_NOINTERN
jpayne@69 196 # define SMIME_NOVERIFY PKCS7_NOVERIFY
jpayne@69 197 # define SMIME_DETACHED PKCS7_DETACHED
jpayne@69 198 # define SMIME_BINARY PKCS7_BINARY
jpayne@69 199 # define SMIME_NOATTR PKCS7_NOATTR
jpayne@69 200
jpayne@69 201 /* CRLF ASCII canonicalisation */
jpayne@69 202 # define SMIME_ASCIICRLF 0x80000
jpayne@69 203
jpayne@69 204 DECLARE_ASN1_FUNCTIONS(PKCS7_ISSUER_AND_SERIAL)
jpayne@69 205
jpayne@69 206 int PKCS7_ISSUER_AND_SERIAL_digest(PKCS7_ISSUER_AND_SERIAL *data,
jpayne@69 207 const EVP_MD *type, unsigned char *md,
jpayne@69 208 unsigned int *len);
jpayne@69 209 # ifndef OPENSSL_NO_STDIO
jpayne@69 210 PKCS7 *d2i_PKCS7_fp(FILE *fp, PKCS7 **p7);
jpayne@69 211 int i2d_PKCS7_fp(FILE *fp, PKCS7 *p7);
jpayne@69 212 # endif
jpayne@69 213 PKCS7 *PKCS7_dup(PKCS7 *p7);
jpayne@69 214 PKCS7 *d2i_PKCS7_bio(BIO *bp, PKCS7 **p7);
jpayne@69 215 int i2d_PKCS7_bio(BIO *bp, PKCS7 *p7);
jpayne@69 216 int i2d_PKCS7_bio_stream(BIO *out, PKCS7 *p7, BIO *in, int flags);
jpayne@69 217 int PEM_write_bio_PKCS7_stream(BIO *out, PKCS7 *p7, BIO *in, int flags);
jpayne@69 218
jpayne@69 219 DECLARE_ASN1_FUNCTIONS(PKCS7_SIGNER_INFO)
jpayne@69 220 DECLARE_ASN1_FUNCTIONS(PKCS7_RECIP_INFO)
jpayne@69 221 DECLARE_ASN1_FUNCTIONS(PKCS7_SIGNED)
jpayne@69 222 DECLARE_ASN1_FUNCTIONS(PKCS7_ENC_CONTENT)
jpayne@69 223 DECLARE_ASN1_FUNCTIONS(PKCS7_ENVELOPE)
jpayne@69 224 DECLARE_ASN1_FUNCTIONS(PKCS7_SIGN_ENVELOPE)
jpayne@69 225 DECLARE_ASN1_FUNCTIONS(PKCS7_DIGEST)
jpayne@69 226 DECLARE_ASN1_FUNCTIONS(PKCS7_ENCRYPT)
jpayne@69 227 DECLARE_ASN1_FUNCTIONS(PKCS7)
jpayne@69 228
jpayne@69 229 DECLARE_ASN1_ITEM(PKCS7_ATTR_SIGN)
jpayne@69 230 DECLARE_ASN1_ITEM(PKCS7_ATTR_VERIFY)
jpayne@69 231
jpayne@69 232 DECLARE_ASN1_NDEF_FUNCTION(PKCS7)
jpayne@69 233 DECLARE_ASN1_PRINT_FUNCTION(PKCS7)
jpayne@69 234
jpayne@69 235 long PKCS7_ctrl(PKCS7 *p7, int cmd, long larg, char *parg);
jpayne@69 236
jpayne@69 237 int PKCS7_set_type(PKCS7 *p7, int type);
jpayne@69 238 int PKCS7_set0_type_other(PKCS7 *p7, int type, ASN1_TYPE *other);
jpayne@69 239 int PKCS7_set_content(PKCS7 *p7, PKCS7 *p7_data);
jpayne@69 240 int PKCS7_SIGNER_INFO_set(PKCS7_SIGNER_INFO *p7i, X509 *x509, EVP_PKEY *pkey,
jpayne@69 241 const EVP_MD *dgst);
jpayne@69 242 int PKCS7_SIGNER_INFO_sign(PKCS7_SIGNER_INFO *si);
jpayne@69 243 int PKCS7_add_signer(PKCS7 *p7, PKCS7_SIGNER_INFO *p7i);
jpayne@69 244 int PKCS7_add_certificate(PKCS7 *p7, X509 *x509);
jpayne@69 245 int PKCS7_add_crl(PKCS7 *p7, X509_CRL *x509);
jpayne@69 246 int PKCS7_content_new(PKCS7 *p7, int nid);
jpayne@69 247 int PKCS7_dataVerify(X509_STORE *cert_store, X509_STORE_CTX *ctx,
jpayne@69 248 BIO *bio, PKCS7 *p7, PKCS7_SIGNER_INFO *si);
jpayne@69 249 int PKCS7_signatureVerify(BIO *bio, PKCS7 *p7, PKCS7_SIGNER_INFO *si,
jpayne@69 250 X509 *x509);
jpayne@69 251
jpayne@69 252 BIO *PKCS7_dataInit(PKCS7 *p7, BIO *bio);
jpayne@69 253 int PKCS7_dataFinal(PKCS7 *p7, BIO *bio);
jpayne@69 254 BIO *PKCS7_dataDecode(PKCS7 *p7, EVP_PKEY *pkey, BIO *in_bio, X509 *pcert);
jpayne@69 255
jpayne@69 256 PKCS7_SIGNER_INFO *PKCS7_add_signature(PKCS7 *p7, X509 *x509,
jpayne@69 257 EVP_PKEY *pkey, const EVP_MD *dgst);
jpayne@69 258 X509 *PKCS7_cert_from_signer_info(PKCS7 *p7, PKCS7_SIGNER_INFO *si);
jpayne@69 259 int PKCS7_set_digest(PKCS7 *p7, const EVP_MD *md);
jpayne@69 260 STACK_OF(PKCS7_SIGNER_INFO) *PKCS7_get_signer_info(PKCS7 *p7);
jpayne@69 261
jpayne@69 262 PKCS7_RECIP_INFO *PKCS7_add_recipient(PKCS7 *p7, X509 *x509);
jpayne@69 263 void PKCS7_SIGNER_INFO_get0_algs(PKCS7_SIGNER_INFO *si, EVP_PKEY **pk,
jpayne@69 264 X509_ALGOR **pdig, X509_ALGOR **psig);
jpayne@69 265 void PKCS7_RECIP_INFO_get0_alg(PKCS7_RECIP_INFO *ri, X509_ALGOR **penc);
jpayne@69 266 int PKCS7_add_recipient_info(PKCS7 *p7, PKCS7_RECIP_INFO *ri);
jpayne@69 267 int PKCS7_RECIP_INFO_set(PKCS7_RECIP_INFO *p7i, X509 *x509);
jpayne@69 268 int PKCS7_set_cipher(PKCS7 *p7, const EVP_CIPHER *cipher);
jpayne@69 269 int PKCS7_stream(unsigned char ***boundary, PKCS7 *p7);
jpayne@69 270
jpayne@69 271 PKCS7_ISSUER_AND_SERIAL *PKCS7_get_issuer_and_serial(PKCS7 *p7, int idx);
jpayne@69 272 ASN1_OCTET_STRING *PKCS7_digest_from_attributes(STACK_OF(X509_ATTRIBUTE) *sk);
jpayne@69 273 int PKCS7_add_signed_attribute(PKCS7_SIGNER_INFO *p7si, int nid, int type,
jpayne@69 274 void *data);
jpayne@69 275 int PKCS7_add_attribute(PKCS7_SIGNER_INFO *p7si, int nid, int atrtype,
jpayne@69 276 void *value);
jpayne@69 277 ASN1_TYPE *PKCS7_get_attribute(PKCS7_SIGNER_INFO *si, int nid);
jpayne@69 278 ASN1_TYPE *PKCS7_get_signed_attribute(PKCS7_SIGNER_INFO *si, int nid);
jpayne@69 279 int PKCS7_set_signed_attributes(PKCS7_SIGNER_INFO *p7si,
jpayne@69 280 STACK_OF(X509_ATTRIBUTE) *sk);
jpayne@69 281 int PKCS7_set_attributes(PKCS7_SIGNER_INFO *p7si,
jpayne@69 282 STACK_OF(X509_ATTRIBUTE) *sk);
jpayne@69 283
jpayne@69 284 PKCS7 *PKCS7_sign(X509 *signcert, EVP_PKEY *pkey, STACK_OF(X509) *certs,
jpayne@69 285 BIO *data, int flags);
jpayne@69 286
jpayne@69 287 PKCS7_SIGNER_INFO *PKCS7_sign_add_signer(PKCS7 *p7,
jpayne@69 288 X509 *signcert, EVP_PKEY *pkey,
jpayne@69 289 const EVP_MD *md, int flags);
jpayne@69 290
jpayne@69 291 int PKCS7_final(PKCS7 *p7, BIO *data, int flags);
jpayne@69 292 int PKCS7_verify(PKCS7 *p7, STACK_OF(X509) *certs, X509_STORE *store,
jpayne@69 293 BIO *indata, BIO *out, int flags);
jpayne@69 294 STACK_OF(X509) *PKCS7_get0_signers(PKCS7 *p7, STACK_OF(X509) *certs,
jpayne@69 295 int flags);
jpayne@69 296 PKCS7 *PKCS7_encrypt(STACK_OF(X509) *certs, BIO *in, const EVP_CIPHER *cipher,
jpayne@69 297 int flags);
jpayne@69 298 int PKCS7_decrypt(PKCS7 *p7, EVP_PKEY *pkey, X509 *cert, BIO *data,
jpayne@69 299 int flags);
jpayne@69 300
jpayne@69 301 int PKCS7_add_attrib_smimecap(PKCS7_SIGNER_INFO *si,
jpayne@69 302 STACK_OF(X509_ALGOR) *cap);
jpayne@69 303 STACK_OF(X509_ALGOR) *PKCS7_get_smimecap(PKCS7_SIGNER_INFO *si);
jpayne@69 304 int PKCS7_simple_smimecap(STACK_OF(X509_ALGOR) *sk, int nid, int arg);
jpayne@69 305
jpayne@69 306 int PKCS7_add_attrib_content_type(PKCS7_SIGNER_INFO *si, ASN1_OBJECT *coid);
jpayne@69 307 int PKCS7_add0_attrib_signing_time(PKCS7_SIGNER_INFO *si, ASN1_TIME *t);
jpayne@69 308 int PKCS7_add1_attrib_digest(PKCS7_SIGNER_INFO *si,
jpayne@69 309 const unsigned char *md, int mdlen);
jpayne@69 310
jpayne@69 311 int SMIME_write_PKCS7(BIO *bio, PKCS7 *p7, BIO *data, int flags);
jpayne@69 312 PKCS7 *SMIME_read_PKCS7(BIO *bio, BIO **bcont);
jpayne@69 313
jpayne@69 314 BIO *BIO_new_PKCS7(BIO *out, PKCS7 *p7);
jpayne@69 315
jpayne@69 316 # ifdef __cplusplus
jpayne@69 317 }
jpayne@69 318 # endif
jpayne@69 319 #endif