X-Git-Url: https://git.librecmc.org/?a=blobdiff_plain;f=crypto%2Fcms%2Fcms_lcl.h;h=dea73768f2ffae07b58d2c5568a21795b8f3ee4e;hb=c18440956dd4a756e778b05d6ceadc27bd034edb;hp=06eeea7eeb28196c6a7029043b137d06db718576;hpb=320bfc1be79513f2a782f9ee8894cf7a7b9ffe2d;p=oweals%2Fopenssl.git diff --git a/crypto/cms/cms_lcl.h b/crypto/cms/cms_lcl.h index 06eeea7eeb..dea73768f2 100644 --- a/crypto/cms/cms_lcl.h +++ b/crypto/cms/cms_lcl.h @@ -83,15 +83,13 @@ typedef struct CMS_KeyTransRecipientInfo_st CMS_KeyTransRecipientInfo; typedef struct CMS_OriginatorPublicKey_st CMS_OriginatorPublicKey; typedef struct CMS_OriginatorIdentifierOrKey_st CMS_OriginatorIdentifierOrKey; typedef struct CMS_KeyAgreeRecipientInfo_st CMS_KeyAgreeRecipientInfo; -typedef struct CMS_OtherKeyAttribute_st CMS_OtherKeyAttribute; typedef struct CMS_RecipientKeyIdentifier_st CMS_RecipientKeyIdentifier; typedef struct CMS_KeyAgreeRecipientIdentifier_st CMS_KeyAgreeRecipientIdentifier; -typedef struct CMS_RecipientEncryptedKey_st CMS_RecipientEncryptedKey; typedef struct CMS_KEKIdentifier_st CMS_KEKIdentifier; typedef struct CMS_KEKRecipientInfo_st CMS_KEKRecipientInfo; typedef struct CMS_PasswordRecipientInfo_st CMS_PasswordRecipientInfo; typedef struct CMS_OtherRecipientInfo_st CMS_OtherRecipientInfo; -typedef struct CMS_RecipientInfo_st CMS_RecipientInfo; +typedef struct CMS_ReceiptsFrom_st CMS_ReceiptsFrom; struct CMS_ContentInfo_st { @@ -124,6 +122,8 @@ struct CMS_EncapsulatedContentInfo_st { ASN1_OBJECT *eContentType; ASN1_OCTET_STRING *eContent; + /* Set to 1 if incomplete structure only part set up */ + int partial; }; struct CMS_SignerInfo_st @@ -138,6 +138,9 @@ struct CMS_SignerInfo_st /* Signing certificate and key */ X509 *signer; EVP_PKEY *pkey; + /* Digest and public key context for alternative parameters */ + EVP_MD_CTX mctx; + EVP_PKEY_CTX *pctx; }; struct CMS_SignerIdentifier_st @@ -173,6 +176,8 @@ struct CMS_EncryptedContentInfo_st const EVP_CIPHER *cipher; unsigned char *key; size_t keylen; + /* Set to 1 if we are debugging decrypt and don't fake keys for MMA */ + int debug; }; struct CMS_RecipientInfo_st @@ -187,12 +192,6 @@ struct CMS_RecipientInfo_st } d; }; -#define CMS_RECIPINFO_TRANS 0 -#define CMS_RECIPINFO_AGREE 1 -#define CMS_RECIPINFO_KEK 2 -#define CMS_RECIPINFO_PASS 3 -#define CMS_RECIPINFO_OTHER 4 - typedef CMS_SignerIdentifier CMS_RecipientIdentifier; struct CMS_KeyTransRecipientInfo_st @@ -204,6 +203,8 @@ struct CMS_KeyTransRecipientInfo_st /* Recipient Key and cert */ X509 *recip; EVP_PKEY *pkey; + /* Public key context for this operation */ + EVP_PKEY_CTX *pctx; }; struct CMS_KeyAgreeRecipientInfo_st @@ -213,6 +214,10 @@ struct CMS_KeyAgreeRecipientInfo_st ASN1_OCTET_STRING *ukm; X509_ALGOR *keyEncryptionAlgorithm; STACK_OF(CMS_RecipientEncryptedKey) *recipientEncryptedKeys; + /* Public key context associated with current operation */ + EVP_PKEY_CTX *pctx; + /* Cipher context for CEK wrapping */ + EVP_CIPHER_CTX ctx; }; struct CMS_OriginatorIdentifierOrKey_st @@ -235,6 +240,8 @@ struct CMS_RecipientEncryptedKey_st { CMS_KeyAgreeRecipientIdentifier *rid; ASN1_OCTET_STRING *encryptedKey; + /* Public key associated with this recipient */ + EVP_PKEY *pkey; }; struct CMS_KeyAgreeRecipientIdentifier_st @@ -277,6 +284,9 @@ struct CMS_PasswordRecipientInfo_st X509_ALGOR *keyDerivationAlgorithm; X509_ALGOR *keyEncryptionAlgorithm; ASN1_OCTET_STRING *encryptedKey; + /* Extra info: password to use */ + unsigned char *pass; + size_t passlen; }; struct CMS_OtherRecipientInfo_st @@ -379,11 +389,44 @@ struct CMS_OtherKeyAttribute_st ASN1_TYPE *keyAttr; }; +/* ESS structures */ + +#ifdef HEADER_X509V3_H + +struct CMS_ReceiptRequest_st + { + ASN1_OCTET_STRING *signedContentIdentifier; + CMS_ReceiptsFrom *receiptsFrom; + STACK_OF(GENERAL_NAMES) *receiptsTo; + }; + + +struct CMS_ReceiptsFrom_st + { + int type; + union + { + long allOrFirstTier; + STACK_OF(GENERAL_NAMES) *receiptList; + } d; + }; +#endif + +struct CMS_Receipt_st + { + long version; + ASN1_OBJECT *contentType; + ASN1_OCTET_STRING *signedContentIdentifier; + ASN1_OCTET_STRING *originatorSignatureValue; + }; + DECLARE_ASN1_FUNCTIONS(CMS_ContentInfo) DECLARE_ASN1_ITEM(CMS_SignerInfo) DECLARE_ASN1_ITEM(CMS_IssuerAndSerialNumber) DECLARE_ASN1_ITEM(CMS_Attributes_Sign) DECLARE_ASN1_ITEM(CMS_Attributes_Verify) +DECLARE_ASN1_ITEM(CMS_RecipientInfo) +DECLARE_ASN1_ITEM(CMS_PasswordRecipientInfo) DECLARE_ASN1_ALLOC_FUNCTIONS(CMS_IssuerAndSerialNumber) #define CMS_SIGNERINFO_ISSUER_SERIAL 0 @@ -392,6 +435,13 @@ DECLARE_ASN1_ALLOC_FUNCTIONS(CMS_IssuerAndSerialNumber) #define CMS_RECIPINFO_ISSUER_SERIAL 0 #define CMS_RECIPINFO_KEYIDENTIFIER 1 +#define CMS_REK_ISSUER_SERIAL 0 +#define CMS_REK_KEYIDENTIFIER 1 + +#define CMS_OIK_ISSUER_SERIAL 0 +#define CMS_OIK_KEYIDENTIFIER 1 +#define CMS_OIK_PUBKEY 2 + BIO *cms_content_bio(CMS_ContentInfo *cms); CMS_ContentInfo *cms_Data_create(void); @@ -411,14 +461,37 @@ int cms_SignerIdentifier_cert_cmp(CMS_SignerIdentifier *sid, X509 *cert); CMS_ContentInfo *cms_CompressedData_create(int comp_nid); BIO *cms_CompressedData_init_bio(CMS_ContentInfo *cms); -void cms_DigestAlgorithm_set(X509_ALGOR *alg, const EVP_MD *md); BIO *cms_DigestAlgorithm_init_bio(X509_ALGOR *digestAlgorithm); int cms_DigestAlgorithm_find_ctx(EVP_MD_CTX *mctx, BIO *chain, X509_ALGOR *mdalg); -BIO *cms_EncryptedContent_encrypt_bio(CMS_EncryptedContentInfo *ec); -BIO *cms_EncryptedContent_decrypt_bio(CMS_EncryptedContentInfo *ec); +int cms_ias_cert_cmp(CMS_IssuerAndSerialNumber *ias, X509 *cert); +int cms_keyid_cert_cmp(ASN1_OCTET_STRING *keyid, X509 *cert); +int cms_set1_ias(CMS_IssuerAndSerialNumber **pias, X509 *cert); +int cms_set1_keyid(ASN1_OCTET_STRING **pkeyid, X509 *cert); + +BIO *cms_EncryptedContent_init_bio(CMS_EncryptedContentInfo *ec); BIO *cms_EncryptedData_init_bio(CMS_ContentInfo *cms); +int cms_EncryptedContent_init(CMS_EncryptedContentInfo *ec, + const EVP_CIPHER *cipher, + const unsigned char *key, size_t keylen); + +int cms_Receipt_verify(CMS_ContentInfo *cms, CMS_ContentInfo *req_cms); +int cms_msgSigDigest_add1(CMS_SignerInfo *dest, CMS_SignerInfo *src); +ASN1_OCTET_STRING *cms_encode_Receipt(CMS_SignerInfo *si); + +BIO *cms_EnvelopedData_init_bio(CMS_ContentInfo *cms); +CMS_EnvelopedData *cms_get0_enveloped(CMS_ContentInfo *cms); +int cms_env_asn1_ctrl(CMS_RecipientInfo *ri, int cmd); +int cms_pkey_get_ri_type(EVP_PKEY *pk); +/* KARI routines */ +int cms_RecipientInfo_kari_init(CMS_RecipientInfo *ri, X509 *recip, + EVP_PKEY *pk, unsigned int flags); +int cms_RecipientInfo_kari_encrypt(CMS_ContentInfo *cms, CMS_RecipientInfo *ri); + +/* PWRI routines */ +int cms_RecipientInfo_pwri_crypt(CMS_ContentInfo *cms, CMS_RecipientInfo *ri, + int en_de); #ifdef __cplusplus }