1/* 2 * {- join("\n * ", @autowarntext) -} 3 * 4 * Copyright 2008-2021 The OpenSSL Project Authors. All Rights Reserved. 5 * 6 * Licensed under the Apache License 2.0 (the "License"). You may not use 7 * this file except in compliance with the License. You can obtain a copy 8 * in the file LICENSE in the source distribution or at 9 * https://www.openssl.org/source/license.html 10 */ 11 12{- 13use OpenSSL::stackhash qw(generate_stack_macros); 14-} 15 16#ifndef OPENSSL_CMS_H 17# define OPENSSL_CMS_H 18# pragma once 19 20# include <openssl/macros.h> 21# ifndef OPENSSL_NO_DEPRECATED_3_0 22# define HEADER_CMS_H 23# endif 24 25# include <openssl/opensslconf.h> 26 27# ifndef OPENSSL_NO_CMS 28# include <openssl/x509.h> 29# include <openssl/x509v3.h> 30# include <openssl/cmserr.h> 31# ifdef __cplusplus 32extern "C" { 33# endif 34 35typedef struct CMS_ContentInfo_st CMS_ContentInfo; 36typedef struct CMS_SignerInfo_st CMS_SignerInfo; 37typedef struct CMS_CertificateChoices CMS_CertificateChoices; 38typedef struct CMS_RevocationInfoChoice_st CMS_RevocationInfoChoice; 39typedef struct CMS_RecipientInfo_st CMS_RecipientInfo; 40typedef struct CMS_ReceiptRequest_st CMS_ReceiptRequest; 41typedef struct CMS_Receipt_st CMS_Receipt; 42typedef struct CMS_RecipientEncryptedKey_st CMS_RecipientEncryptedKey; 43typedef struct CMS_OtherKeyAttribute_st CMS_OtherKeyAttribute; 44 45{- 46 generate_stack_macros("CMS_SignerInfo") 47 .generate_stack_macros("CMS_RecipientEncryptedKey") 48 .generate_stack_macros("CMS_RecipientInfo") 49 .generate_stack_macros("CMS_RevocationInfoChoice"); 50-} 51 52DECLARE_ASN1_FUNCTIONS(CMS_ContentInfo) 53DECLARE_ASN1_FUNCTIONS(CMS_ReceiptRequest) 54DECLARE_ASN1_PRINT_FUNCTION(CMS_ContentInfo) 55 56CMS_ContentInfo *CMS_ContentInfo_new_ex(OSSL_LIB_CTX *libctx, const char *propq); 57 58# define CMS_SIGNERINFO_ISSUER_SERIAL 0 59# define CMS_SIGNERINFO_KEYIDENTIFIER 1 60 61# define CMS_RECIPINFO_NONE -1 62# define CMS_RECIPINFO_TRANS 0 63# define CMS_RECIPINFO_AGREE 1 64# define CMS_RECIPINFO_KEK 2 65# define CMS_RECIPINFO_PASS 3 66# define CMS_RECIPINFO_OTHER 4 67 68/* S/MIME related flags */ 69 70# define CMS_TEXT 0x1 71# define CMS_NOCERTS 0x2 72# define CMS_NO_CONTENT_VERIFY 0x4 73# define CMS_NO_ATTR_VERIFY 0x8 74# define CMS_NOSIGS \ 75 (CMS_NO_CONTENT_VERIFY|CMS_NO_ATTR_VERIFY) 76# define CMS_NOINTERN 0x10 77# define CMS_NO_SIGNER_CERT_VERIFY 0x20 78# define CMS_NOVERIFY 0x20 79# define CMS_DETACHED 0x40 80# define CMS_BINARY 0x80 81# define CMS_NOATTR 0x100 82# define CMS_NOSMIMECAP 0x200 83# define CMS_NOOLDMIMETYPE 0x400 84# define CMS_CRLFEOL 0x800 85# define CMS_STREAM 0x1000 86# define CMS_NOCRL 0x2000 87# define CMS_PARTIAL 0x4000 88# define CMS_REUSE_DIGEST 0x8000 89# define CMS_USE_KEYID 0x10000 90# define CMS_DEBUG_DECRYPT 0x20000 91# define CMS_KEY_PARAM 0x40000 92# define CMS_ASCIICRLF 0x80000 93# define CMS_CADES 0x100000 94# define CMS_USE_ORIGINATOR_KEYID 0x200000 95 96const ASN1_OBJECT *CMS_get0_type(const CMS_ContentInfo *cms); 97 98BIO *CMS_dataInit(CMS_ContentInfo *cms, BIO *icont); 99int CMS_dataFinal(CMS_ContentInfo *cms, BIO *bio); 100 101ASN1_OCTET_STRING **CMS_get0_content(CMS_ContentInfo *cms); 102int CMS_is_detached(CMS_ContentInfo *cms); 103int CMS_set_detached(CMS_ContentInfo *cms, int detached); 104 105# ifdef OPENSSL_PEM_H 106DECLARE_PEM_rw(CMS, CMS_ContentInfo) 107# endif 108int CMS_stream(unsigned char ***boundary, CMS_ContentInfo *cms); 109CMS_ContentInfo *d2i_CMS_bio(BIO *bp, CMS_ContentInfo **cms); 110int i2d_CMS_bio(BIO *bp, CMS_ContentInfo *cms); 111 112BIO *BIO_new_CMS(BIO *out, CMS_ContentInfo *cms); 113int i2d_CMS_bio_stream(BIO *out, CMS_ContentInfo *cms, BIO *in, int flags); 114int PEM_write_bio_CMS_stream(BIO *out, CMS_ContentInfo *cms, BIO *in, 115 int flags); 116CMS_ContentInfo *SMIME_read_CMS(BIO *bio, BIO **bcont); 117CMS_ContentInfo *SMIME_read_CMS_ex(BIO *bio, int flags, BIO **bcont, CMS_ContentInfo **ci); 118int SMIME_write_CMS(BIO *bio, CMS_ContentInfo *cms, BIO *data, int flags); 119 120int CMS_final(CMS_ContentInfo *cms, BIO *data, BIO *dcont, 121 unsigned int flags); 122 123CMS_ContentInfo *CMS_sign(X509 *signcert, EVP_PKEY *pkey, 124 STACK_OF(X509) *certs, BIO *data, 125 unsigned int flags); 126CMS_ContentInfo *CMS_sign_ex(X509 *signcert, EVP_PKEY *pkey, 127 STACK_OF(X509) *certs, BIO *data, 128 unsigned int flags, OSSL_LIB_CTX *ctx, 129 const char *propq); 130 131CMS_ContentInfo *CMS_sign_receipt(CMS_SignerInfo *si, 132 X509 *signcert, EVP_PKEY *pkey, 133 STACK_OF(X509) *certs, unsigned int flags); 134 135int CMS_data(CMS_ContentInfo *cms, BIO *out, unsigned int flags); 136CMS_ContentInfo *CMS_data_create(BIO *in, unsigned int flags); 137CMS_ContentInfo *CMS_data_create_ex(BIO *in, unsigned int flags, 138 OSSL_LIB_CTX *ctx, const char *propq); 139 140int CMS_digest_verify(CMS_ContentInfo *cms, BIO *dcont, BIO *out, 141 unsigned int flags); 142CMS_ContentInfo *CMS_digest_create(BIO *in, const EVP_MD *md, 143 unsigned int flags); 144CMS_ContentInfo *CMS_digest_create_ex(BIO *in, const EVP_MD *md, 145 unsigned int flags, OSSL_LIB_CTX *ctx, 146 const char *propq); 147 148int CMS_EncryptedData_decrypt(CMS_ContentInfo *cms, 149 const unsigned char *key, size_t keylen, 150 BIO *dcont, BIO *out, unsigned int flags); 151 152CMS_ContentInfo *CMS_EncryptedData_encrypt(BIO *in, const EVP_CIPHER *cipher, 153 const unsigned char *key, 154 size_t keylen, unsigned int flags); 155CMS_ContentInfo *CMS_EncryptedData_encrypt_ex(BIO *in, const EVP_CIPHER *cipher, 156 const unsigned char *key, 157 size_t keylen, unsigned int flags, 158 OSSL_LIB_CTX *ctx, 159 const char *propq); 160 161int CMS_EncryptedData_set1_key(CMS_ContentInfo *cms, const EVP_CIPHER *ciph, 162 const unsigned char *key, size_t keylen); 163 164int CMS_verify(CMS_ContentInfo *cms, STACK_OF(X509) *certs, 165 X509_STORE *store, BIO *dcont, BIO *out, unsigned int flags); 166 167int CMS_verify_receipt(CMS_ContentInfo *rcms, CMS_ContentInfo *ocms, 168 STACK_OF(X509) *certs, 169 X509_STORE *store, unsigned int flags); 170 171STACK_OF(X509) *CMS_get0_signers(CMS_ContentInfo *cms); 172 173CMS_ContentInfo *CMS_encrypt(STACK_OF(X509) *certs, BIO *in, 174 const EVP_CIPHER *cipher, unsigned int flags); 175CMS_ContentInfo *CMS_encrypt_ex(STACK_OF(X509) *certs, BIO *in, 176 const EVP_CIPHER *cipher, unsigned int flags, 177 OSSL_LIB_CTX *ctx, const char *propq); 178 179int CMS_decrypt(CMS_ContentInfo *cms, EVP_PKEY *pkey, X509 *cert, 180 BIO *dcont, BIO *out, unsigned int flags); 181 182int CMS_decrypt_set1_pkey(CMS_ContentInfo *cms, EVP_PKEY *pk, X509 *cert); 183int CMS_decrypt_set1_pkey_and_peer(CMS_ContentInfo *cms, EVP_PKEY *pk, 184 X509 *cert, X509 *peer); 185int CMS_decrypt_set1_key(CMS_ContentInfo *cms, 186 unsigned char *key, size_t keylen, 187 const unsigned char *id, size_t idlen); 188int CMS_decrypt_set1_password(CMS_ContentInfo *cms, 189 unsigned char *pass, ossl_ssize_t passlen); 190 191STACK_OF(CMS_RecipientInfo) *CMS_get0_RecipientInfos(CMS_ContentInfo *cms); 192int CMS_RecipientInfo_type(CMS_RecipientInfo *ri); 193EVP_PKEY_CTX *CMS_RecipientInfo_get0_pkey_ctx(CMS_RecipientInfo *ri); 194CMS_ContentInfo *CMS_AuthEnvelopedData_create(const EVP_CIPHER *cipher); 195CMS_ContentInfo * 196CMS_AuthEnvelopedData_create_ex(const EVP_CIPHER *cipher, OSSL_LIB_CTX *ctx, 197 const char *propq); 198CMS_ContentInfo *CMS_EnvelopedData_create(const EVP_CIPHER *cipher); 199CMS_ContentInfo *CMS_EnvelopedData_create_ex(const EVP_CIPHER *cipher, 200 OSSL_LIB_CTX *ctx, 201 const char *propq); 202 203CMS_RecipientInfo *CMS_add1_recipient_cert(CMS_ContentInfo *cms, 204 X509 *recip, unsigned int flags); 205CMS_RecipientInfo *CMS_add1_recipient(CMS_ContentInfo *cms, X509 *recip, 206 EVP_PKEY *originatorPrivKey, X509 * originator, unsigned int flags); 207int CMS_RecipientInfo_set0_pkey(CMS_RecipientInfo *ri, EVP_PKEY *pkey); 208int CMS_RecipientInfo_ktri_cert_cmp(CMS_RecipientInfo *ri, X509 *cert); 209int CMS_RecipientInfo_ktri_get0_algs(CMS_RecipientInfo *ri, 210 EVP_PKEY **pk, X509 **recip, 211 X509_ALGOR **palg); 212int CMS_RecipientInfo_ktri_get0_signer_id(CMS_RecipientInfo *ri, 213 ASN1_OCTET_STRING **keyid, 214 X509_NAME **issuer, 215 ASN1_INTEGER **sno); 216 217CMS_RecipientInfo *CMS_add0_recipient_key(CMS_ContentInfo *cms, int nid, 218 unsigned char *key, size_t keylen, 219 unsigned char *id, size_t idlen, 220 ASN1_GENERALIZEDTIME *date, 221 ASN1_OBJECT *otherTypeId, 222 ASN1_TYPE *otherType); 223 224int CMS_RecipientInfo_kekri_get0_id(CMS_RecipientInfo *ri, 225 X509_ALGOR **palg, 226 ASN1_OCTET_STRING **pid, 227 ASN1_GENERALIZEDTIME **pdate, 228 ASN1_OBJECT **potherid, 229 ASN1_TYPE **pothertype); 230 231int CMS_RecipientInfo_set0_key(CMS_RecipientInfo *ri, 232 unsigned char *key, size_t keylen); 233 234int CMS_RecipientInfo_kekri_id_cmp(CMS_RecipientInfo *ri, 235 const unsigned char *id, size_t idlen); 236 237int CMS_RecipientInfo_set0_password(CMS_RecipientInfo *ri, 238 unsigned char *pass, 239 ossl_ssize_t passlen); 240 241CMS_RecipientInfo *CMS_add0_recipient_password(CMS_ContentInfo *cms, 242 int iter, int wrap_nid, 243 int pbe_nid, 244 unsigned char *pass, 245 ossl_ssize_t passlen, 246 const EVP_CIPHER *kekciph); 247 248int CMS_RecipientInfo_decrypt(CMS_ContentInfo *cms, CMS_RecipientInfo *ri); 249int CMS_RecipientInfo_encrypt(const CMS_ContentInfo *cms, CMS_RecipientInfo *ri); 250 251int CMS_uncompress(CMS_ContentInfo *cms, BIO *dcont, BIO *out, 252 unsigned int flags); 253CMS_ContentInfo *CMS_compress(BIO *in, int comp_nid, unsigned int flags); 254 255int CMS_set1_eContentType(CMS_ContentInfo *cms, const ASN1_OBJECT *oid); 256const ASN1_OBJECT *CMS_get0_eContentType(CMS_ContentInfo *cms); 257 258CMS_CertificateChoices *CMS_add0_CertificateChoices(CMS_ContentInfo *cms); 259int CMS_add0_cert(CMS_ContentInfo *cms, X509 *cert); 260int CMS_add1_cert(CMS_ContentInfo *cms, X509 *cert); 261STACK_OF(X509) *CMS_get1_certs(CMS_ContentInfo *cms); 262 263CMS_RevocationInfoChoice *CMS_add0_RevocationInfoChoice(CMS_ContentInfo *cms); 264int CMS_add0_crl(CMS_ContentInfo *cms, X509_CRL *crl); 265int CMS_add1_crl(CMS_ContentInfo *cms, X509_CRL *crl); 266STACK_OF(X509_CRL) *CMS_get1_crls(CMS_ContentInfo *cms); 267 268int CMS_SignedData_init(CMS_ContentInfo *cms); 269CMS_SignerInfo *CMS_add1_signer(CMS_ContentInfo *cms, 270 X509 *signer, EVP_PKEY *pk, const EVP_MD *md, 271 unsigned int flags); 272EVP_PKEY_CTX *CMS_SignerInfo_get0_pkey_ctx(CMS_SignerInfo *si); 273EVP_MD_CTX *CMS_SignerInfo_get0_md_ctx(CMS_SignerInfo *si); 274STACK_OF(CMS_SignerInfo) *CMS_get0_SignerInfos(CMS_ContentInfo *cms); 275 276void CMS_SignerInfo_set1_signer_cert(CMS_SignerInfo *si, X509 *signer); 277int CMS_SignerInfo_get0_signer_id(CMS_SignerInfo *si, 278 ASN1_OCTET_STRING **keyid, 279 X509_NAME **issuer, ASN1_INTEGER **sno); 280int CMS_SignerInfo_cert_cmp(CMS_SignerInfo *si, X509 *cert); 281int CMS_set1_signers_certs(CMS_ContentInfo *cms, STACK_OF(X509) *certs, 282 unsigned int flags); 283void CMS_SignerInfo_get0_algs(CMS_SignerInfo *si, EVP_PKEY **pk, 284 X509 **signer, X509_ALGOR **pdig, 285 X509_ALGOR **psig); 286ASN1_OCTET_STRING *CMS_SignerInfo_get0_signature(CMS_SignerInfo *si); 287int CMS_SignerInfo_sign(CMS_SignerInfo *si); 288int CMS_SignerInfo_verify(CMS_SignerInfo *si); 289int CMS_SignerInfo_verify_content(CMS_SignerInfo *si, BIO *chain); 290 291int CMS_add_smimecap(CMS_SignerInfo *si, STACK_OF(X509_ALGOR) *algs); 292int CMS_add_simple_smimecap(STACK_OF(X509_ALGOR) **algs, 293 int algnid, int keysize); 294int CMS_add_standard_smimecap(STACK_OF(X509_ALGOR) **smcap); 295 296int CMS_signed_get_attr_count(const CMS_SignerInfo *si); 297int CMS_signed_get_attr_by_NID(const CMS_SignerInfo *si, int nid, 298 int lastpos); 299int CMS_signed_get_attr_by_OBJ(const CMS_SignerInfo *si, const ASN1_OBJECT *obj, 300 int lastpos); 301X509_ATTRIBUTE *CMS_signed_get_attr(const CMS_SignerInfo *si, int loc); 302X509_ATTRIBUTE *CMS_signed_delete_attr(CMS_SignerInfo *si, int loc); 303int CMS_signed_add1_attr(CMS_SignerInfo *si, X509_ATTRIBUTE *attr); 304int CMS_signed_add1_attr_by_OBJ(CMS_SignerInfo *si, 305 const ASN1_OBJECT *obj, int type, 306 const void *bytes, int len); 307int CMS_signed_add1_attr_by_NID(CMS_SignerInfo *si, 308 int nid, int type, 309 const void *bytes, int len); 310int CMS_signed_add1_attr_by_txt(CMS_SignerInfo *si, 311 const char *attrname, int type, 312 const void *bytes, int len); 313void *CMS_signed_get0_data_by_OBJ(const CMS_SignerInfo *si, 314 const ASN1_OBJECT *oid, 315 int lastpos, int type); 316 317int CMS_unsigned_get_attr_count(const CMS_SignerInfo *si); 318int CMS_unsigned_get_attr_by_NID(const CMS_SignerInfo *si, int nid, 319 int lastpos); 320int CMS_unsigned_get_attr_by_OBJ(const CMS_SignerInfo *si, 321 const ASN1_OBJECT *obj, int lastpos); 322X509_ATTRIBUTE *CMS_unsigned_get_attr(const CMS_SignerInfo *si, int loc); 323X509_ATTRIBUTE *CMS_unsigned_delete_attr(CMS_SignerInfo *si, int loc); 324int CMS_unsigned_add1_attr(CMS_SignerInfo *si, X509_ATTRIBUTE *attr); 325int CMS_unsigned_add1_attr_by_OBJ(CMS_SignerInfo *si, 326 const ASN1_OBJECT *obj, int type, 327 const void *bytes, int len); 328int CMS_unsigned_add1_attr_by_NID(CMS_SignerInfo *si, 329 int nid, int type, 330 const void *bytes, int len); 331int CMS_unsigned_add1_attr_by_txt(CMS_SignerInfo *si, 332 const char *attrname, int type, 333 const void *bytes, int len); 334void *CMS_unsigned_get0_data_by_OBJ(CMS_SignerInfo *si, ASN1_OBJECT *oid, 335 int lastpos, int type); 336 337int CMS_get1_ReceiptRequest(CMS_SignerInfo *si, CMS_ReceiptRequest **prr); 338CMS_ReceiptRequest *CMS_ReceiptRequest_create0( 339 unsigned char *id, int idlen, int allorfirst, 340 STACK_OF(GENERAL_NAMES) *receiptList, 341 STACK_OF(GENERAL_NAMES) *receiptsTo); 342CMS_ReceiptRequest *CMS_ReceiptRequest_create0_ex( 343 unsigned char *id, int idlen, int allorfirst, 344 STACK_OF(GENERAL_NAMES) *receiptList, 345 STACK_OF(GENERAL_NAMES) *receiptsTo, 346 OSSL_LIB_CTX *ctx); 347 348int CMS_add1_ReceiptRequest(CMS_SignerInfo *si, CMS_ReceiptRequest *rr); 349void CMS_ReceiptRequest_get0_values(CMS_ReceiptRequest *rr, 350 ASN1_STRING **pcid, 351 int *pallorfirst, 352 STACK_OF(GENERAL_NAMES) **plist, 353 STACK_OF(GENERAL_NAMES) **prto); 354int CMS_RecipientInfo_kari_get0_alg(CMS_RecipientInfo *ri, 355 X509_ALGOR **palg, 356 ASN1_OCTET_STRING **pukm); 357STACK_OF(CMS_RecipientEncryptedKey) 358*CMS_RecipientInfo_kari_get0_reks(CMS_RecipientInfo *ri); 359 360int CMS_RecipientInfo_kari_get0_orig_id(CMS_RecipientInfo *ri, 361 X509_ALGOR **pubalg, 362 ASN1_BIT_STRING **pubkey, 363 ASN1_OCTET_STRING **keyid, 364 X509_NAME **issuer, 365 ASN1_INTEGER **sno); 366 367int CMS_RecipientInfo_kari_orig_id_cmp(CMS_RecipientInfo *ri, X509 *cert); 368 369int CMS_RecipientEncryptedKey_get0_id(CMS_RecipientEncryptedKey *rek, 370 ASN1_OCTET_STRING **keyid, 371 ASN1_GENERALIZEDTIME **tm, 372 CMS_OtherKeyAttribute **other, 373 X509_NAME **issuer, ASN1_INTEGER **sno); 374int CMS_RecipientEncryptedKey_cert_cmp(CMS_RecipientEncryptedKey *rek, 375 X509 *cert); 376int CMS_RecipientInfo_kari_set0_pkey(CMS_RecipientInfo *ri, EVP_PKEY *pk); 377int CMS_RecipientInfo_kari_set0_pkey_and_peer(CMS_RecipientInfo *ri, EVP_PKEY *pk, X509 *peer); 378EVP_CIPHER_CTX *CMS_RecipientInfo_kari_get0_ctx(CMS_RecipientInfo *ri); 379int CMS_RecipientInfo_kari_decrypt(CMS_ContentInfo *cms, 380 CMS_RecipientInfo *ri, 381 CMS_RecipientEncryptedKey *rek); 382 383int CMS_SharedInfo_encode(unsigned char **pder, X509_ALGOR *kekalg, 384 ASN1_OCTET_STRING *ukm, int keylen); 385 386/* Backward compatibility for spelling errors. */ 387# define CMS_R_UNKNOWN_DIGEST_ALGORITM CMS_R_UNKNOWN_DIGEST_ALGORITHM 388# define CMS_R_UNSUPPORTED_RECPIENTINFO_TYPE \ 389 CMS_R_UNSUPPORTED_RECIPIENTINFO_TYPE 390 391# ifdef __cplusplus 392} 393# endif 394# endif 395#endif 396