Context Navigation

← Previous Revision
Latest Revision
Next Revision →
Blame
Revision Log

pkcs7.h@ 331

Last change on this file since 331 was 331, checked in by coas-nagasima, 6 years ago
prototoolに関連するプロジェクトをnewlibからmuslを使うよう変更・更新 ntshellをnewlibの下位の実装から、muslのsyscallの実装に変更・更新以下のOSSをアップデート・mruby-1.3.0 ・musl-1.1.18 ・onigmo-6.1.3 ・tcc-0.9.27 以下のOSSを追加・openssl-1.1.0e ・curl-7.57.0 ・zlib-1.2.11 以下のmrbgemsを追加・iij/mruby-digest ・iij/mruby-env ・iij/mruby-errno ・iij/mruby-iijson ・iij/mruby-ipaddr ・iij/mruby-mock ・iij/mruby-require ・iij/mruby-tls-openssl
Property svn:eol-style set to `native` Property svn:mime-type set to `text/x-chdr`
File size: 15.9 KB

Line
1	/*
2	* Copyright 1995-2016 The OpenSSL Project Authors. All Rights Reserved.
3	*
4	* Licensed under the OpenSSL license (the "License"). You may not use
5	* this file except in compliance with the License. You can obtain a copy
6	* in the file LICENSE in the source distribution or at
7	* https://www.openssl.org/source/license.html
8	*/
9
10	#ifndef HEADER_PKCS7_H
11	# define HEADER_PKCS7_H
12
13	# include <openssl/asn1.h>
14	# include <openssl/bio.h>
15	# include <openssl/e_os2.h>
16
17	# include <openssl/symhacks.h>
18	# include <openssl/ossl_typ.h>
19
20	#ifdef __cplusplus
21	extern "C" {
22	#endif
23
24	/*-
25	Encryption_ID DES-CBC
26	Digest_ID MD5
27	Digest_Encryption_ID rsaEncryption
28	Key_Encryption_ID rsaEncryption
29	*/
30
31	typedef struct pkcs7_issuer_and_serial_st {
32	X509_NAME *issuer;
33	ASN1_INTEGER *serial;
34	} PKCS7_ISSUER_AND_SERIAL;
35
36	typedef struct pkcs7_signer_info_st {
37	ASN1_INTEGER version; / version 1 */
38	PKCS7_ISSUER_AND_SERIAL *issuer_and_serial;
39	X509_ALGOR *digest_alg;
40	STACK_OF(X509_ATTRIBUTE) auth_attr; / [ 0 ] */
41	X509_ALGOR *digest_enc_alg;
42	ASN1_OCTET_STRING *enc_digest;
43	STACK_OF(X509_ATTRIBUTE) unauth_attr; / [ 1 ] */
44	/* The private key to sign with */
45	EVP_PKEY *pkey;
46	} PKCS7_SIGNER_INFO;
47
48	DEFINE_STACK_OF(PKCS7_SIGNER_INFO)
49
50	typedef struct pkcs7_recip_info_st {
51	ASN1_INTEGER version; / version 0 */
52	PKCS7_ISSUER_AND_SERIAL *issuer_and_serial;
53	X509_ALGOR *key_enc_algor;
54	ASN1_OCTET_STRING *enc_key;
55	X509 cert; / get the pub-key from this */
56	} PKCS7_RECIP_INFO;
57
58	DEFINE_STACK_OF(PKCS7_RECIP_INFO)
59
60	typedef struct pkcs7_signed_st {
61	ASN1_INTEGER version; / version 1 */
62	STACK_OF(X509_ALGOR) md_algs; / md used */
63	STACK_OF(X509) cert; / [ 0 ] */
64	STACK_OF(X509_CRL) crl; / [ 1 ] */
65	STACK_OF(PKCS7_SIGNER_INFO) *signer_info;
66	struct pkcs7_st *contents;
67	} PKCS7_SIGNED;
68	/*
69	* The above structure is very very similar to PKCS7_SIGN_ENVELOPE. How about
70	* merging the two
71	*/
72
73	typedef struct pkcs7_enc_content_st {
74	ASN1_OBJECT *content_type;
75	X509_ALGOR *algorithm;
76	ASN1_OCTET_STRING enc_data; / [ 0 ] */
77	const EVP_CIPHER *cipher;
78	} PKCS7_ENC_CONTENT;
79
80	typedef struct pkcs7_enveloped_st {
81	ASN1_INTEGER version; / version 0 */
82	STACK_OF(PKCS7_RECIP_INFO) *recipientinfo;
83	PKCS7_ENC_CONTENT *enc_data;
84	} PKCS7_ENVELOPE;
85
86	typedef struct pkcs7_signedandenveloped_st {
87	ASN1_INTEGER version; / version 1 */
88	STACK_OF(X509_ALGOR) md_algs; / md used */
89	STACK_OF(X509) cert; / [ 0 ] */
90	STACK_OF(X509_CRL) crl; / [ 1 ] */
91	STACK_OF(PKCS7_SIGNER_INFO) *signer_info;
92	PKCS7_ENC_CONTENT *enc_data;
93	STACK_OF(PKCS7_RECIP_INFO) *recipientinfo;
94	} PKCS7_SIGN_ENVELOPE;
95
96	typedef struct pkcs7_digest_st {
97	ASN1_INTEGER version; / version 0 */
98	X509_ALGOR md; / md used */
99	struct pkcs7_st *contents;
100	ASN1_OCTET_STRING *digest;
101	} PKCS7_DIGEST;
102
103	typedef struct pkcs7_encrypted_st {
104	ASN1_INTEGER version; / version 0 */
105	PKCS7_ENC_CONTENT *enc_data;
106	} PKCS7_ENCRYPT;
107
108	typedef struct pkcs7_st {
109	/*
110	* The following is non NULL if it contains ASN1 encoding of this
111	* structure
112	*/
113	unsigned char *asn1;
114	long length;
115	# define PKCS7_S_HEADER 0
116	# define PKCS7_S_BODY 1
117	# define PKCS7_S_TAIL 2
118	int state; /* used during processing */
119	int detached;
120	ASN1_OBJECT *type;
121	/* content as defined by the type */
122	/*
123	* all encryption/message digests are applied to the 'contents', leaving
124	* out the 'type' field.
125	*/
126	union {
127	char *ptr;
128	/* NID_pkcs7_data */
129	ASN1_OCTET_STRING *data;
130	/* NID_pkcs7_signed */
131	PKCS7_SIGNED *sign;
132	/* NID_pkcs7_enveloped */
133	PKCS7_ENVELOPE *enveloped;
134	/* NID_pkcs7_signedAndEnveloped */
135	PKCS7_SIGN_ENVELOPE *signed_and_enveloped;
136	/* NID_pkcs7_digest */
137	PKCS7_DIGEST *digest;
138	/* NID_pkcs7_encrypted */
139	PKCS7_ENCRYPT *encrypted;
140	/* Anything else */
141	ASN1_TYPE *other;
142	} d;
143	} PKCS7;
144
145	DEFINE_STACK_OF(PKCS7)
146
147	# define PKCS7_OP_SET_DETACHED_SIGNATURE 1
148	# define PKCS7_OP_GET_DETACHED_SIGNATURE 2
149
150	# define PKCS7_get_signed_attributes(si) ((si)->auth_attr)
151	# define PKCS7_get_attributes(si) ((si)->unauth_attr)
152
153	# define PKCS7_type_is_signed(a) (OBJ_obj2nid((a)->type) == NID_pkcs7_signed)
154	# define PKCS7_type_is_encrypted(a) (OBJ_obj2nid((a)->type) == NID_pkcs7_encrypted)
155	# define PKCS7_type_is_enveloped(a) (OBJ_obj2nid((a)->type) == NID_pkcs7_enveloped)
156	# define PKCS7_type_is_signedAndEnveloped(a) \
157	(OBJ_obj2nid((a)->type) == NID_pkcs7_signedAndEnveloped)
158	# define PKCS7_type_is_data(a) (OBJ_obj2nid((a)->type) == NID_pkcs7_data)
159	# define PKCS7_type_is_digest(a) (OBJ_obj2nid((a)->type) == NID_pkcs7_digest)
160
161	# define PKCS7_set_detached(p,v) \
162	PKCS7_ctrl(p,PKCS7_OP_SET_DETACHED_SIGNATURE,v,NULL)
163	# define PKCS7_get_detached(p) \
164	PKCS7_ctrl(p,PKCS7_OP_GET_DETACHED_SIGNATURE,0,NULL)
165
166	# define PKCS7_is_detached(p7) (PKCS7_type_is_signed(p7) && PKCS7_get_detached(p7))
167
168	/* S/MIME related flags */
169
170	# define PKCS7_TEXT 0x1
171	# define PKCS7_NOCERTS 0x2
172	# define PKCS7_NOSIGS 0x4
173	# define PKCS7_NOCHAIN 0x8
174	# define PKCS7_NOINTERN 0x10
175	# define PKCS7_NOVERIFY 0x20
176	# define PKCS7_DETACHED 0x40
177	# define PKCS7_BINARY 0x80
178	# define PKCS7_NOATTR 0x100
179	# define PKCS7_NOSMIMECAP 0x200
180	# define PKCS7_NOOLDMIMETYPE 0x400
181	# define PKCS7_CRLFEOL 0x800
182	# define PKCS7_STREAM 0x1000
183	# define PKCS7_NOCRL 0x2000
184	# define PKCS7_PARTIAL 0x4000
185	# define PKCS7_REUSE_DIGEST 0x8000
186	# define PKCS7_NO_DUAL_CONTENT 0x10000
187
188	/* Flags: for compatibility with older code */
189
190	# define SMIME_TEXT PKCS7_TEXT
191	# define SMIME_NOCERTS PKCS7_NOCERTS
192	# define SMIME_NOSIGS PKCS7_NOSIGS
193	# define SMIME_NOCHAIN PKCS7_NOCHAIN
194	# define SMIME_NOINTERN PKCS7_NOINTERN
195	# define SMIME_NOVERIFY PKCS7_NOVERIFY
196	# define SMIME_DETACHED PKCS7_DETACHED
197	# define SMIME_BINARY PKCS7_BINARY
198	# define SMIME_NOATTR PKCS7_NOATTR
199
200	/* CRLF ASCII canonicalisation */
201	# define SMIME_ASCIICRLF 0x80000
202
203	DECLARE_ASN1_FUNCTIONS(PKCS7_ISSUER_AND_SERIAL)
204
205	int PKCS7_ISSUER_AND_SERIAL_digest(PKCS7_ISSUER_AND_SERIAL *data,
206	const EVP_MD type, unsigned char md,
207	unsigned int *len);
208	# ifndef OPENSSL_NO_STDIO
209	PKCS7 d2i_PKCS7_fp(FILE fp, PKCS7 **p7);
210	int i2d_PKCS7_fp(FILE fp, PKCS7 p7);
211	# endif
212	PKCS7 PKCS7_dup(PKCS7 p7);
213	PKCS7 d2i_PKCS7_bio(BIO bp, PKCS7 **p7);
214	int i2d_PKCS7_bio(BIO bp, PKCS7 p7);
215	int i2d_PKCS7_bio_stream(BIO out, PKCS7 p7, BIO *in, int flags);
216	int PEM_write_bio_PKCS7_stream(BIO out, PKCS7 p7, BIO *in, int flags);
217
218	DECLARE_ASN1_FUNCTIONS(PKCS7_SIGNER_INFO)
219	DECLARE_ASN1_FUNCTIONS(PKCS7_RECIP_INFO)
220	DECLARE_ASN1_FUNCTIONS(PKCS7_SIGNED)
221	DECLARE_ASN1_FUNCTIONS(PKCS7_ENC_CONTENT)
222	DECLARE_ASN1_FUNCTIONS(PKCS7_ENVELOPE)
223	DECLARE_ASN1_FUNCTIONS(PKCS7_SIGN_ENVELOPE)
224	DECLARE_ASN1_FUNCTIONS(PKCS7_DIGEST)
225	DECLARE_ASN1_FUNCTIONS(PKCS7_ENCRYPT)
226	DECLARE_ASN1_FUNCTIONS(PKCS7)
227
228	DECLARE_ASN1_ITEM(PKCS7_ATTR_SIGN)
229	DECLARE_ASN1_ITEM(PKCS7_ATTR_VERIFY)
230
231	DECLARE_ASN1_NDEF_FUNCTION(PKCS7)
232	DECLARE_ASN1_PRINT_FUNCTION(PKCS7)
233
234	long PKCS7_ctrl(PKCS7 p7, int cmd, long larg, char parg);
235
236	int PKCS7_set_type(PKCS7 *p7, int type);
237	int PKCS7_set0_type_other(PKCS7 p7, int type, ASN1_TYPE other);
238	int PKCS7_set_content(PKCS7 p7, PKCS7 p7_data);
239	int PKCS7_SIGNER_INFO_set(PKCS7_SIGNER_INFO p7i, X509 x509, EVP_PKEY *pkey,
240	const EVP_MD *dgst);
241	int PKCS7_SIGNER_INFO_sign(PKCS7_SIGNER_INFO *si);
242	int PKCS7_add_signer(PKCS7 p7, PKCS7_SIGNER_INFO p7i);
243	int PKCS7_add_certificate(PKCS7 p7, X509 x509);
244	int PKCS7_add_crl(PKCS7 p7, X509_CRL x509);
245	int PKCS7_content_new(PKCS7 *p7, int nid);
246	int PKCS7_dataVerify(X509_STORE cert_store, X509_STORE_CTX ctx,
247	BIO bio, PKCS7 p7, PKCS7_SIGNER_INFO *si);
248	int PKCS7_signatureVerify(BIO bio, PKCS7 p7, PKCS7_SIGNER_INFO *si,
249	X509 *x509);
250
251	BIO PKCS7_dataInit(PKCS7 p7, BIO *bio);
252	int PKCS7_dataFinal(PKCS7 p7, BIO bio);
253	BIO PKCS7_dataDecode(PKCS7 p7, EVP_PKEY pkey, BIO in_bio, X509 *pcert);
254
255	PKCS7_SIGNER_INFO PKCS7_add_signature(PKCS7 p7, X509 *x509,
256	EVP_PKEY pkey, const EVP_MD dgst);
257	X509 PKCS7_cert_from_signer_info(PKCS7 p7, PKCS7_SIGNER_INFO *si);
258	int PKCS7_set_digest(PKCS7 p7, const EVP_MD md);
259	STACK_OF(PKCS7_SIGNER_INFO) PKCS7_get_signer_info(PKCS7 p7);
260
261	PKCS7_RECIP_INFO PKCS7_add_recipient(PKCS7 p7, X509 *x509);
262	void PKCS7_SIGNER_INFO_get0_algs(PKCS7_SIGNER_INFO si, EVP_PKEY *pk,
263	X509_ALGOR pdig, X509_ALGOR psig);
264	void PKCS7_RECIP_INFO_get0_alg(PKCS7_RECIP_INFO ri, X509_ALGOR *penc);
265	int PKCS7_add_recipient_info(PKCS7 p7, PKCS7_RECIP_INFO ri);
266	int PKCS7_RECIP_INFO_set(PKCS7_RECIP_INFO p7i, X509 x509);
267	int PKCS7_set_cipher(PKCS7 p7, const EVP_CIPHER cipher);
268	int PKCS7_stream(unsigned char **boundary, PKCS7 p7);
269
270	PKCS7_ISSUER_AND_SERIAL PKCS7_get_issuer_and_serial(PKCS7 p7, int idx);
271	ASN1_OCTET_STRING PKCS7_digest_from_attributes(STACK_OF(X509_ATTRIBUTE) sk);
272	int PKCS7_add_signed_attribute(PKCS7_SIGNER_INFO *p7si, int nid, int type,
273	void *data);
274	int PKCS7_add_attribute(PKCS7_SIGNER_INFO *p7si, int nid, int atrtype,
275	void *value);
276	ASN1_TYPE PKCS7_get_attribute(PKCS7_SIGNER_INFO si, int nid);
277	ASN1_TYPE PKCS7_get_signed_attribute(PKCS7_SIGNER_INFO si, int nid);
278	int PKCS7_set_signed_attributes(PKCS7_SIGNER_INFO *p7si,
279	STACK_OF(X509_ATTRIBUTE) *sk);
280	int PKCS7_set_attributes(PKCS7_SIGNER_INFO *p7si,
281	STACK_OF(X509_ATTRIBUTE) *sk);
282
283	PKCS7 PKCS7_sign(X509 signcert, EVP_PKEY pkey, STACK_OF(X509) certs,
284	BIO *data, int flags);
285
286	PKCS7_SIGNER_INFO PKCS7_sign_add_signer(PKCS7 p7,
287	X509 signcert, EVP_PKEY pkey,
288	const EVP_MD *md, int flags);
289
290	int PKCS7_final(PKCS7 p7, BIO data, int flags);
291	int PKCS7_verify(PKCS7 p7, STACK_OF(X509) certs, X509_STORE *store,
292	BIO indata, BIO out, int flags);
293	STACK_OF(X509) PKCS7_get0_signers(PKCS7 p7, STACK_OF(X509) *certs,
294	int flags);
295	PKCS7 PKCS7_encrypt(STACK_OF(X509) certs, BIO in, const EVP_CIPHER cipher,
296	int flags);
297	int PKCS7_decrypt(PKCS7 p7, EVP_PKEY pkey, X509 cert, BIO data,
298	int flags);
299
300	int PKCS7_add_attrib_smimecap(PKCS7_SIGNER_INFO *si,
301	STACK_OF(X509_ALGOR) *cap);
302	STACK_OF(X509_ALGOR) PKCS7_get_smimecap(PKCS7_SIGNER_INFO si);
303	int PKCS7_simple_smimecap(STACK_OF(X509_ALGOR) *sk, int nid, int arg);
304
305	int PKCS7_add_attrib_content_type(PKCS7_SIGNER_INFO si, ASN1_OBJECT coid);
306	int PKCS7_add0_attrib_signing_time(PKCS7_SIGNER_INFO si, ASN1_TIME t);
307	int PKCS7_add1_attrib_digest(PKCS7_SIGNER_INFO *si,
308	const unsigned char *md, int mdlen);
309
310	int SMIME_write_PKCS7(BIO bio, PKCS7 p7, BIO *data, int flags);
311	PKCS7 SMIME_read_PKCS7(BIO bio, BIO **bcont);
312
313	BIO BIO_new_PKCS7(BIO out, PKCS7 *p7);
314
315	/* BEGIN ERROR CODES */
316	/*
317	* The following lines are auto generated by the script mkerr.pl. Any changes
318	* made after this point may be overwritten when the script is next run.
319	*/
320
321	int ERR_load_PKCS7_strings(void);
322
323	/* Error codes for the PKCS7 functions. */
324
325	/* Function codes. */
326	# define PKCS7_F_DO_PKCS7_SIGNED_ATTRIB 136
327	# define PKCS7_F_PKCS7_ADD0_ATTRIB_SIGNING_TIME 135
328	# define PKCS7_F_PKCS7_ADD_ATTRIB_SMIMECAP 118
329	# define PKCS7_F_PKCS7_ADD_CERTIFICATE 100
330	# define PKCS7_F_PKCS7_ADD_CRL 101
331	# define PKCS7_F_PKCS7_ADD_RECIPIENT_INFO 102
332	# define PKCS7_F_PKCS7_ADD_SIGNATURE 131
333	# define PKCS7_F_PKCS7_ADD_SIGNER 103
334	# define PKCS7_F_PKCS7_BIO_ADD_DIGEST 125
335	# define PKCS7_F_PKCS7_COPY_EXISTING_DIGEST 138
336	# define PKCS7_F_PKCS7_CTRL 104
337	# define PKCS7_F_PKCS7_DATADECODE 112
338	# define PKCS7_F_PKCS7_DATAFINAL 128
339	# define PKCS7_F_PKCS7_DATAINIT 105
340	# define PKCS7_F_PKCS7_DATAVERIFY 107
341	# define PKCS7_F_PKCS7_DECRYPT 114
342	# define PKCS7_F_PKCS7_DECRYPT_RINFO 133
343	# define PKCS7_F_PKCS7_ENCODE_RINFO 132
344	# define PKCS7_F_PKCS7_ENCRYPT 115
345	# define PKCS7_F_PKCS7_FINAL 134
346	# define PKCS7_F_PKCS7_FIND_DIGEST 127
347	# define PKCS7_F_PKCS7_GET0_SIGNERS 124
348	# define PKCS7_F_PKCS7_RECIP_INFO_SET 130
349	# define PKCS7_F_PKCS7_SET_CIPHER 108
350	# define PKCS7_F_PKCS7_SET_CONTENT 109
351	# define PKCS7_F_PKCS7_SET_DIGEST 126
352	# define PKCS7_F_PKCS7_SET_TYPE 110
353	# define PKCS7_F_PKCS7_SIGN 116
354	# define PKCS7_F_PKCS7_SIGNATUREVERIFY 113
355	# define PKCS7_F_PKCS7_SIGNER_INFO_SET 129
356	# define PKCS7_F_PKCS7_SIGNER_INFO_SIGN 139
357	# define PKCS7_F_PKCS7_SIGN_ADD_SIGNER 137
358	# define PKCS7_F_PKCS7_SIMPLE_SMIMECAP 119
359	# define PKCS7_F_PKCS7_VERIFY 117
360
361	/* Reason codes. */
362	# define PKCS7_R_CERTIFICATE_VERIFY_ERROR 117
363	# define PKCS7_R_CIPHER_HAS_NO_OBJECT_IDENTIFIER 144
364	# define PKCS7_R_CIPHER_NOT_INITIALIZED 116
365	# define PKCS7_R_CONTENT_AND_DATA_PRESENT 118
366	# define PKCS7_R_CTRL_ERROR 152
367	# define PKCS7_R_DECRYPT_ERROR 119
368	# define PKCS7_R_DIGEST_FAILURE 101
369	# define PKCS7_R_ENCRYPTION_CTRL_FAILURE 149
370	# define PKCS7_R_ENCRYPTION_NOT_SUPPORTED_FOR_THIS_KEY_TYPE 150
371	# define PKCS7_R_ERROR_ADDING_RECIPIENT 120
372	# define PKCS7_R_ERROR_SETTING_CIPHER 121
373	# define PKCS7_R_INVALID_NULL_POINTER 143
374	# define PKCS7_R_INVALID_SIGNED_DATA_TYPE 155
375	# define PKCS7_R_NO_CONTENT 122
376	# define PKCS7_R_NO_DEFAULT_DIGEST 151
377	# define PKCS7_R_NO_MATCHING_DIGEST_TYPE_FOUND 154
378	# define PKCS7_R_NO_RECIPIENT_MATCHES_CERTIFICATE 115
379	# define PKCS7_R_NO_SIGNATURES_ON_DATA 123
380	# define PKCS7_R_NO_SIGNERS 142
381	# define PKCS7_R_OPERATION_NOT_SUPPORTED_ON_THIS_TYPE 104
382	# define PKCS7_R_PKCS7_ADD_SIGNATURE_ERROR 124
383	# define PKCS7_R_PKCS7_ADD_SIGNER_ERROR 153
384	# define PKCS7_R_PKCS7_DATASIGN 145
385	# define PKCS7_R_PRIVATE_KEY_DOES_NOT_MATCH_CERTIFICATE 127
386	# define PKCS7_R_SIGNATURE_FAILURE 105
387	# define PKCS7_R_SIGNER_CERTIFICATE_NOT_FOUND 128
388	# define PKCS7_R_SIGNING_CTRL_FAILURE 147
389	# define PKCS7_R_SIGNING_NOT_SUPPORTED_FOR_THIS_KEY_TYPE 148
390	# define PKCS7_R_SMIME_TEXT_ERROR 129
391	# define PKCS7_R_UNABLE_TO_FIND_CERTIFICATE 106
392	# define PKCS7_R_UNABLE_TO_FIND_MEM_BIO 107
393	# define PKCS7_R_UNABLE_TO_FIND_MESSAGE_DIGEST 108
394	# define PKCS7_R_UNKNOWN_DIGEST_TYPE 109
395	# define PKCS7_R_UNKNOWN_OPERATION 110
396	# define PKCS7_R_UNSUPPORTED_CIPHER_TYPE 111
397	# define PKCS7_R_UNSUPPORTED_CONTENT_TYPE 112
398	# define PKCS7_R_WRONG_CONTENT_TYPE 113
399	# define PKCS7_R_WRONG_PKCS7_TYPE 114
400
401	# ifdef __cplusplus
402	}
403	# endif
404	#endif

Note: See TracBrowser for help on using the repository browser.

Context Navigation

source: EcnlProtoTool/trunk/openssl-1.1.0e/include/openssl/pkcs7.h@ 331

Download in other formats: