1183234Ssimon/* crypto/cms/cms_asn1.c */ 2280304Sjkim/* 3280304Sjkim * Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL 4183234Ssimon * project. 5183234Ssimon */ 6183234Ssimon/* ==================================================================== 7183234Ssimon * Copyright (c) 2008 The OpenSSL Project. All rights reserved. 8183234Ssimon * 9183234Ssimon * Redistribution and use in source and binary forms, with or without 10183234Ssimon * modification, are permitted provided that the following conditions 11183234Ssimon * are met: 12183234Ssimon * 13183234Ssimon * 1. Redistributions of source code must retain the above copyright 14280304Sjkim * notice, this list of conditions and the following disclaimer. 15183234Ssimon * 16183234Ssimon * 2. Redistributions in binary form must reproduce the above copyright 17183234Ssimon * notice, this list of conditions and the following disclaimer in 18183234Ssimon * the documentation and/or other materials provided with the 19183234Ssimon * distribution. 20183234Ssimon * 21183234Ssimon * 3. All advertising materials mentioning features or use of this 22183234Ssimon * software must display the following acknowledgment: 23183234Ssimon * "This product includes software developed by the OpenSSL Project 24183234Ssimon * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" 25183234Ssimon * 26183234Ssimon * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to 27183234Ssimon * endorse or promote products derived from this software without 28183234Ssimon * prior written permission. For written permission, please contact 29183234Ssimon * licensing@OpenSSL.org. 30183234Ssimon * 31183234Ssimon * 5. Products derived from this software may not be called "OpenSSL" 32183234Ssimon * nor may "OpenSSL" appear in their names without prior written 33183234Ssimon * permission of the OpenSSL Project. 34183234Ssimon * 35183234Ssimon * 6. Redistributions of any form whatsoever must retain the following 36183234Ssimon * acknowledgment: 37183234Ssimon * "This product includes software developed by the OpenSSL Project 38183234Ssimon * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" 39183234Ssimon * 40183234Ssimon * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY 41183234Ssimon * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 42183234Ssimon * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR 43183234Ssimon * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR 44183234Ssimon * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, 45183234Ssimon * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT 46183234Ssimon * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; 47183234Ssimon * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 48183234Ssimon * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, 49183234Ssimon * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) 50183234Ssimon * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED 51183234Ssimon * OF THE POSSIBILITY OF SUCH DAMAGE. 52183234Ssimon * ==================================================================== 53183234Ssimon */ 54183234Ssimon 55183234Ssimon#include <openssl/asn1t.h> 56183234Ssimon#include <openssl/pem.h> 57183234Ssimon#include <openssl/x509v3.h> 58183234Ssimon#include "cms.h" 59183234Ssimon#include "cms_lcl.h" 60183234Ssimon 61183234Ssimon 62183234SsimonASN1_SEQUENCE(CMS_IssuerAndSerialNumber) = { 63280304Sjkim ASN1_SIMPLE(CMS_IssuerAndSerialNumber, issuer, X509_NAME), 64280304Sjkim ASN1_SIMPLE(CMS_IssuerAndSerialNumber, serialNumber, ASN1_INTEGER) 65183234Ssimon} ASN1_SEQUENCE_END(CMS_IssuerAndSerialNumber) 66183234Ssimon 67183234SsimonASN1_SEQUENCE(CMS_OtherCertificateFormat) = { 68280304Sjkim ASN1_SIMPLE(CMS_OtherCertificateFormat, otherCertFormat, ASN1_OBJECT), 69280304Sjkim ASN1_OPT(CMS_OtherCertificateFormat, otherCert, ASN1_ANY) 70183234Ssimon} ASN1_SEQUENCE_END(CMS_OtherCertificateFormat) 71183234Ssimon 72183234SsimonASN1_CHOICE(CMS_CertificateChoices) = { 73280304Sjkim ASN1_SIMPLE(CMS_CertificateChoices, d.certificate, X509), 74280304Sjkim ASN1_IMP(CMS_CertificateChoices, d.extendedCertificate, ASN1_SEQUENCE, 0), 75280304Sjkim ASN1_IMP(CMS_CertificateChoices, d.v1AttrCert, ASN1_SEQUENCE, 1), 76280304Sjkim ASN1_IMP(CMS_CertificateChoices, d.v2AttrCert, ASN1_SEQUENCE, 2), 77280304Sjkim ASN1_IMP(CMS_CertificateChoices, d.other, CMS_OtherCertificateFormat, 3) 78183234Ssimon} ASN1_CHOICE_END(CMS_CertificateChoices) 79183234Ssimon 80183234SsimonASN1_CHOICE(CMS_SignerIdentifier) = { 81280304Sjkim ASN1_SIMPLE(CMS_SignerIdentifier, d.issuerAndSerialNumber, CMS_IssuerAndSerialNumber), 82280304Sjkim ASN1_IMP(CMS_SignerIdentifier, d.subjectKeyIdentifier, ASN1_OCTET_STRING, 0) 83183234Ssimon} ASN1_CHOICE_END(CMS_SignerIdentifier) 84183234Ssimon 85183234SsimonASN1_NDEF_SEQUENCE(CMS_EncapsulatedContentInfo) = { 86280304Sjkim ASN1_SIMPLE(CMS_EncapsulatedContentInfo, eContentType, ASN1_OBJECT), 87280304Sjkim ASN1_NDEF_EXP_OPT(CMS_EncapsulatedContentInfo, eContent, ASN1_OCTET_STRING_NDEF, 0) 88183234Ssimon} ASN1_NDEF_SEQUENCE_END(CMS_EncapsulatedContentInfo) 89183234Ssimon 90183234Ssimon/* Minor tweak to operation: free up signer key, cert */ 91238405Sjkimstatic int cms_si_cb(int operation, ASN1_VALUE **pval, const ASN1_ITEM *it, 92280304Sjkim void *exarg) 93280304Sjkim{ 94280304Sjkim if (operation == ASN1_OP_FREE_POST) { 95280304Sjkim CMS_SignerInfo *si = (CMS_SignerInfo *)*pval; 96280304Sjkim if (si->pkey) 97280304Sjkim EVP_PKEY_free(si->pkey); 98280304Sjkim if (si->signer) 99280304Sjkim X509_free(si->signer); 100280304Sjkim } 101280304Sjkim return 1; 102280304Sjkim} 103183234Ssimon 104183234SsimonASN1_SEQUENCE_cb(CMS_SignerInfo, cms_si_cb) = { 105280304Sjkim ASN1_SIMPLE(CMS_SignerInfo, version, LONG), 106280304Sjkim ASN1_SIMPLE(CMS_SignerInfo, sid, CMS_SignerIdentifier), 107280304Sjkim ASN1_SIMPLE(CMS_SignerInfo, digestAlgorithm, X509_ALGOR), 108280304Sjkim ASN1_IMP_SET_OF_OPT(CMS_SignerInfo, signedAttrs, X509_ATTRIBUTE, 0), 109280304Sjkim ASN1_SIMPLE(CMS_SignerInfo, signatureAlgorithm, X509_ALGOR), 110280304Sjkim ASN1_SIMPLE(CMS_SignerInfo, signature, ASN1_OCTET_STRING), 111280304Sjkim ASN1_IMP_SET_OF_OPT(CMS_SignerInfo, unsignedAttrs, X509_ATTRIBUTE, 1) 112183234Ssimon} ASN1_SEQUENCE_END_cb(CMS_SignerInfo, CMS_SignerInfo) 113183234Ssimon 114183234SsimonASN1_SEQUENCE(CMS_OtherRevocationInfoFormat) = { 115280304Sjkim ASN1_SIMPLE(CMS_OtherRevocationInfoFormat, otherRevInfoFormat, ASN1_OBJECT), 116280304Sjkim ASN1_OPT(CMS_OtherRevocationInfoFormat, otherRevInfo, ASN1_ANY) 117183234Ssimon} ASN1_SEQUENCE_END(CMS_OtherRevocationInfoFormat) 118183234Ssimon 119183234SsimonASN1_CHOICE(CMS_RevocationInfoChoice) = { 120280304Sjkim ASN1_SIMPLE(CMS_RevocationInfoChoice, d.crl, X509_CRL), 121280304Sjkim ASN1_IMP(CMS_RevocationInfoChoice, d.other, CMS_OtherRevocationInfoFormat, 1) 122183234Ssimon} ASN1_CHOICE_END(CMS_RevocationInfoChoice) 123183234Ssimon 124183234SsimonASN1_NDEF_SEQUENCE(CMS_SignedData) = { 125280304Sjkim ASN1_SIMPLE(CMS_SignedData, version, LONG), 126280304Sjkim ASN1_SET_OF(CMS_SignedData, digestAlgorithms, X509_ALGOR), 127280304Sjkim ASN1_SIMPLE(CMS_SignedData, encapContentInfo, CMS_EncapsulatedContentInfo), 128280304Sjkim ASN1_IMP_SET_OF_OPT(CMS_SignedData, certificates, CMS_CertificateChoices, 0), 129280304Sjkim ASN1_IMP_SET_OF_OPT(CMS_SignedData, crls, CMS_RevocationInfoChoice, 1), 130280304Sjkim ASN1_SET_OF(CMS_SignedData, signerInfos, CMS_SignerInfo) 131183234Ssimon} ASN1_NDEF_SEQUENCE_END(CMS_SignedData) 132183234Ssimon 133183234SsimonASN1_SEQUENCE(CMS_OriginatorInfo) = { 134280304Sjkim ASN1_IMP_SET_OF_OPT(CMS_OriginatorInfo, certificates, CMS_CertificateChoices, 0), 135280304Sjkim ASN1_IMP_SET_OF_OPT(CMS_OriginatorInfo, crls, CMS_RevocationInfoChoice, 1) 136183234Ssimon} ASN1_SEQUENCE_END(CMS_OriginatorInfo) 137183234Ssimon 138183234SsimonASN1_NDEF_SEQUENCE(CMS_EncryptedContentInfo) = { 139280304Sjkim ASN1_SIMPLE(CMS_EncryptedContentInfo, contentType, ASN1_OBJECT), 140280304Sjkim ASN1_SIMPLE(CMS_EncryptedContentInfo, contentEncryptionAlgorithm, X509_ALGOR), 141280304Sjkim ASN1_IMP_OPT(CMS_EncryptedContentInfo, encryptedContent, ASN1_OCTET_STRING_NDEF, 0) 142183234Ssimon} ASN1_NDEF_SEQUENCE_END(CMS_EncryptedContentInfo) 143183234Ssimon 144183234SsimonASN1_SEQUENCE(CMS_KeyTransRecipientInfo) = { 145280304Sjkim ASN1_SIMPLE(CMS_KeyTransRecipientInfo, version, LONG), 146280304Sjkim ASN1_SIMPLE(CMS_KeyTransRecipientInfo, rid, CMS_SignerIdentifier), 147280304Sjkim ASN1_SIMPLE(CMS_KeyTransRecipientInfo, keyEncryptionAlgorithm, X509_ALGOR), 148280304Sjkim ASN1_SIMPLE(CMS_KeyTransRecipientInfo, encryptedKey, ASN1_OCTET_STRING) 149183234Ssimon} ASN1_SEQUENCE_END(CMS_KeyTransRecipientInfo) 150183234Ssimon 151183234SsimonASN1_SEQUENCE(CMS_OtherKeyAttribute) = { 152280304Sjkim ASN1_SIMPLE(CMS_OtherKeyAttribute, keyAttrId, ASN1_OBJECT), 153280304Sjkim ASN1_OPT(CMS_OtherKeyAttribute, keyAttr, ASN1_ANY) 154183234Ssimon} ASN1_SEQUENCE_END(CMS_OtherKeyAttribute) 155183234Ssimon 156183234SsimonASN1_SEQUENCE(CMS_RecipientKeyIdentifier) = { 157280304Sjkim ASN1_SIMPLE(CMS_RecipientKeyIdentifier, subjectKeyIdentifier, ASN1_OCTET_STRING), 158280304Sjkim ASN1_OPT(CMS_RecipientKeyIdentifier, date, ASN1_GENERALIZEDTIME), 159280304Sjkim ASN1_OPT(CMS_RecipientKeyIdentifier, other, CMS_OtherKeyAttribute) 160183234Ssimon} ASN1_SEQUENCE_END(CMS_RecipientKeyIdentifier) 161183234Ssimon 162183234SsimonASN1_CHOICE(CMS_KeyAgreeRecipientIdentifier) = { 163183234Ssimon ASN1_SIMPLE(CMS_KeyAgreeRecipientIdentifier, d.issuerAndSerialNumber, CMS_IssuerAndSerialNumber), 164183234Ssimon ASN1_IMP(CMS_KeyAgreeRecipientIdentifier, d.rKeyId, CMS_RecipientKeyIdentifier, 0) 165183234Ssimon} ASN1_CHOICE_END(CMS_KeyAgreeRecipientIdentifier) 166183234Ssimon 167183234SsimonASN1_SEQUENCE(CMS_RecipientEncryptedKey) = { 168280304Sjkim ASN1_SIMPLE(CMS_RecipientEncryptedKey, rid, CMS_KeyAgreeRecipientIdentifier), 169280304Sjkim ASN1_SIMPLE(CMS_RecipientEncryptedKey, encryptedKey, ASN1_OCTET_STRING) 170183234Ssimon} ASN1_SEQUENCE_END(CMS_RecipientEncryptedKey) 171183234Ssimon 172183234SsimonASN1_SEQUENCE(CMS_OriginatorPublicKey) = { 173183234Ssimon ASN1_SIMPLE(CMS_OriginatorPublicKey, algorithm, X509_ALGOR), 174183234Ssimon ASN1_SIMPLE(CMS_OriginatorPublicKey, publicKey, ASN1_BIT_STRING) 175183234Ssimon} ASN1_SEQUENCE_END(CMS_OriginatorPublicKey) 176183234Ssimon 177183234SsimonASN1_CHOICE(CMS_OriginatorIdentifierOrKey) = { 178183234Ssimon ASN1_SIMPLE(CMS_OriginatorIdentifierOrKey, d.issuerAndSerialNumber, CMS_IssuerAndSerialNumber), 179183234Ssimon ASN1_IMP(CMS_OriginatorIdentifierOrKey, d.subjectKeyIdentifier, ASN1_OCTET_STRING, 0), 180183234Ssimon ASN1_IMP(CMS_OriginatorIdentifierOrKey, d.originatorKey, CMS_OriginatorPublicKey, 1) 181183234Ssimon} ASN1_CHOICE_END(CMS_OriginatorIdentifierOrKey) 182183234Ssimon 183183234SsimonASN1_SEQUENCE(CMS_KeyAgreeRecipientInfo) = { 184280304Sjkim ASN1_SIMPLE(CMS_KeyAgreeRecipientInfo, version, LONG), 185280304Sjkim ASN1_EXP(CMS_KeyAgreeRecipientInfo, originator, CMS_OriginatorIdentifierOrKey, 0), 186280304Sjkim ASN1_EXP_OPT(CMS_KeyAgreeRecipientInfo, ukm, ASN1_OCTET_STRING, 1), 187280304Sjkim ASN1_SIMPLE(CMS_KeyAgreeRecipientInfo, keyEncryptionAlgorithm, X509_ALGOR), 188280304Sjkim ASN1_SEQUENCE_OF(CMS_KeyAgreeRecipientInfo, recipientEncryptedKeys, CMS_RecipientEncryptedKey) 189183234Ssimon} ASN1_SEQUENCE_END(CMS_KeyAgreeRecipientInfo) 190183234Ssimon 191183234SsimonASN1_SEQUENCE(CMS_KEKIdentifier) = { 192280304Sjkim ASN1_SIMPLE(CMS_KEKIdentifier, keyIdentifier, ASN1_OCTET_STRING), 193280304Sjkim ASN1_OPT(CMS_KEKIdentifier, date, ASN1_GENERALIZEDTIME), 194280304Sjkim ASN1_OPT(CMS_KEKIdentifier, other, CMS_OtherKeyAttribute) 195183234Ssimon} ASN1_SEQUENCE_END(CMS_KEKIdentifier) 196183234Ssimon 197183234SsimonASN1_SEQUENCE(CMS_KEKRecipientInfo) = { 198280304Sjkim ASN1_SIMPLE(CMS_KEKRecipientInfo, version, LONG), 199280304Sjkim ASN1_SIMPLE(CMS_KEKRecipientInfo, kekid, CMS_KEKIdentifier), 200280304Sjkim ASN1_SIMPLE(CMS_KEKRecipientInfo, keyEncryptionAlgorithm, X509_ALGOR), 201280304Sjkim ASN1_SIMPLE(CMS_KEKRecipientInfo, encryptedKey, ASN1_OCTET_STRING) 202183234Ssimon} ASN1_SEQUENCE_END(CMS_KEKRecipientInfo) 203183234Ssimon 204183234SsimonASN1_SEQUENCE(CMS_PasswordRecipientInfo) = { 205280304Sjkim ASN1_SIMPLE(CMS_PasswordRecipientInfo, version, LONG), 206280304Sjkim ASN1_IMP_OPT(CMS_PasswordRecipientInfo, keyDerivationAlgorithm, X509_ALGOR, 0), 207280304Sjkim ASN1_SIMPLE(CMS_PasswordRecipientInfo, keyEncryptionAlgorithm, X509_ALGOR), 208280304Sjkim ASN1_SIMPLE(CMS_PasswordRecipientInfo, encryptedKey, ASN1_OCTET_STRING) 209183234Ssimon} ASN1_SEQUENCE_END(CMS_PasswordRecipientInfo) 210183234Ssimon 211183234SsimonASN1_SEQUENCE(CMS_OtherRecipientInfo) = { 212183234Ssimon ASN1_SIMPLE(CMS_OtherRecipientInfo, oriType, ASN1_OBJECT), 213183234Ssimon ASN1_OPT(CMS_OtherRecipientInfo, oriValue, ASN1_ANY) 214183234Ssimon} ASN1_SEQUENCE_END(CMS_OtherRecipientInfo) 215183234Ssimon 216183234Ssimon/* Free up RecipientInfo additional data */ 217238405Sjkimstatic int cms_ri_cb(int operation, ASN1_VALUE **pval, const ASN1_ITEM *it, 218280304Sjkim void *exarg) 219280304Sjkim{ 220280304Sjkim if (operation == ASN1_OP_FREE_PRE) { 221280304Sjkim CMS_RecipientInfo *ri = (CMS_RecipientInfo *)*pval; 222280304Sjkim if (ri->type == CMS_RECIPINFO_TRANS) { 223280304Sjkim CMS_KeyTransRecipientInfo *ktri = ri->d.ktri; 224280304Sjkim if (ktri->pkey) 225280304Sjkim EVP_PKEY_free(ktri->pkey); 226280304Sjkim if (ktri->recip) 227280304Sjkim X509_free(ktri->recip); 228280304Sjkim } else if (ri->type == CMS_RECIPINFO_KEK) { 229280304Sjkim CMS_KEKRecipientInfo *kekri = ri->d.kekri; 230280304Sjkim if (kekri->key) { 231280304Sjkim OPENSSL_cleanse(kekri->key, kekri->keylen); 232280304Sjkim OPENSSL_free(kekri->key); 233280304Sjkim } 234280304Sjkim } else if (ri->type == CMS_RECIPINFO_PASS) { 235280304Sjkim CMS_PasswordRecipientInfo *pwri = ri->d.pwri; 236280304Sjkim if (pwri->pass) { 237280304Sjkim OPENSSL_cleanse(pwri->pass, pwri->passlen); 238280304Sjkim OPENSSL_free(pwri->pass); 239280304Sjkim } 240280304Sjkim } 241280304Sjkim } 242280304Sjkim return 1; 243280304Sjkim} 244183234Ssimon 245183234SsimonASN1_CHOICE_cb(CMS_RecipientInfo, cms_ri_cb) = { 246280304Sjkim ASN1_SIMPLE(CMS_RecipientInfo, d.ktri, CMS_KeyTransRecipientInfo), 247280304Sjkim ASN1_IMP(CMS_RecipientInfo, d.kari, CMS_KeyAgreeRecipientInfo, 1), 248280304Sjkim ASN1_IMP(CMS_RecipientInfo, d.kekri, CMS_KEKRecipientInfo, 2), 249280304Sjkim ASN1_IMP(CMS_RecipientInfo, d.pwri, CMS_PasswordRecipientInfo, 3), 250280304Sjkim ASN1_IMP(CMS_RecipientInfo, d.ori, CMS_OtherRecipientInfo, 4) 251183234Ssimon} ASN1_CHOICE_END_cb(CMS_RecipientInfo, CMS_RecipientInfo, type) 252183234Ssimon 253183234SsimonASN1_NDEF_SEQUENCE(CMS_EnvelopedData) = { 254280304Sjkim ASN1_SIMPLE(CMS_EnvelopedData, version, LONG), 255280304Sjkim ASN1_IMP_OPT(CMS_EnvelopedData, originatorInfo, CMS_OriginatorInfo, 0), 256280304Sjkim ASN1_SET_OF(CMS_EnvelopedData, recipientInfos, CMS_RecipientInfo), 257280304Sjkim ASN1_SIMPLE(CMS_EnvelopedData, encryptedContentInfo, CMS_EncryptedContentInfo), 258280304Sjkim ASN1_IMP_SET_OF_OPT(CMS_EnvelopedData, unprotectedAttrs, X509_ATTRIBUTE, 1) 259183234Ssimon} ASN1_NDEF_SEQUENCE_END(CMS_EnvelopedData) 260183234Ssimon 261183234SsimonASN1_NDEF_SEQUENCE(CMS_DigestedData) = { 262280304Sjkim ASN1_SIMPLE(CMS_DigestedData, version, LONG), 263280304Sjkim ASN1_SIMPLE(CMS_DigestedData, digestAlgorithm, X509_ALGOR), 264280304Sjkim ASN1_SIMPLE(CMS_DigestedData, encapContentInfo, CMS_EncapsulatedContentInfo), 265280304Sjkim ASN1_SIMPLE(CMS_DigestedData, digest, ASN1_OCTET_STRING) 266183234Ssimon} ASN1_NDEF_SEQUENCE_END(CMS_DigestedData) 267183234Ssimon 268183234SsimonASN1_NDEF_SEQUENCE(CMS_EncryptedData) = { 269280304Sjkim ASN1_SIMPLE(CMS_EncryptedData, version, LONG), 270280304Sjkim ASN1_SIMPLE(CMS_EncryptedData, encryptedContentInfo, CMS_EncryptedContentInfo), 271280304Sjkim ASN1_IMP_SET_OF_OPT(CMS_EncryptedData, unprotectedAttrs, X509_ATTRIBUTE, 1) 272183234Ssimon} ASN1_NDEF_SEQUENCE_END(CMS_EncryptedData) 273183234Ssimon 274183234SsimonASN1_NDEF_SEQUENCE(CMS_AuthenticatedData) = { 275280304Sjkim ASN1_SIMPLE(CMS_AuthenticatedData, version, LONG), 276280304Sjkim ASN1_IMP_OPT(CMS_AuthenticatedData, originatorInfo, CMS_OriginatorInfo, 0), 277280304Sjkim ASN1_SET_OF(CMS_AuthenticatedData, recipientInfos, CMS_RecipientInfo), 278280304Sjkim ASN1_SIMPLE(CMS_AuthenticatedData, macAlgorithm, X509_ALGOR), 279280304Sjkim ASN1_IMP(CMS_AuthenticatedData, digestAlgorithm, X509_ALGOR, 1), 280280304Sjkim ASN1_SIMPLE(CMS_AuthenticatedData, encapContentInfo, CMS_EncapsulatedContentInfo), 281280304Sjkim ASN1_IMP_SET_OF_OPT(CMS_AuthenticatedData, authAttrs, X509_ALGOR, 2), 282280304Sjkim ASN1_SIMPLE(CMS_AuthenticatedData, mac, ASN1_OCTET_STRING), 283280304Sjkim ASN1_IMP_SET_OF_OPT(CMS_AuthenticatedData, unauthAttrs, X509_ALGOR, 3) 284183234Ssimon} ASN1_NDEF_SEQUENCE_END(CMS_AuthenticatedData) 285183234Ssimon 286183234SsimonASN1_NDEF_SEQUENCE(CMS_CompressedData) = { 287280304Sjkim ASN1_SIMPLE(CMS_CompressedData, version, LONG), 288280304Sjkim ASN1_SIMPLE(CMS_CompressedData, compressionAlgorithm, X509_ALGOR), 289280304Sjkim ASN1_SIMPLE(CMS_CompressedData, encapContentInfo, CMS_EncapsulatedContentInfo), 290183234Ssimon} ASN1_NDEF_SEQUENCE_END(CMS_CompressedData) 291183234Ssimon 292183234Ssimon/* This is the ANY DEFINED BY table for the top level ContentInfo structure */ 293183234Ssimon 294183234SsimonASN1_ADB_TEMPLATE(cms_default) = ASN1_EXP(CMS_ContentInfo, d.other, ASN1_ANY, 0); 295183234Ssimon 296183234SsimonASN1_ADB(CMS_ContentInfo) = { 297280304Sjkim ADB_ENTRY(NID_pkcs7_data, ASN1_NDEF_EXP(CMS_ContentInfo, d.data, ASN1_OCTET_STRING_NDEF, 0)), 298280304Sjkim ADB_ENTRY(NID_pkcs7_signed, ASN1_NDEF_EXP(CMS_ContentInfo, d.signedData, CMS_SignedData, 0)), 299280304Sjkim ADB_ENTRY(NID_pkcs7_enveloped, ASN1_NDEF_EXP(CMS_ContentInfo, d.envelopedData, CMS_EnvelopedData, 0)), 300280304Sjkim ADB_ENTRY(NID_pkcs7_digest, ASN1_NDEF_EXP(CMS_ContentInfo, d.digestedData, CMS_DigestedData, 0)), 301280304Sjkim ADB_ENTRY(NID_pkcs7_encrypted, ASN1_NDEF_EXP(CMS_ContentInfo, d.encryptedData, CMS_EncryptedData, 0)), 302280304Sjkim ADB_ENTRY(NID_id_smime_ct_authData, ASN1_NDEF_EXP(CMS_ContentInfo, d.authenticatedData, CMS_AuthenticatedData, 0)), 303280304Sjkim ADB_ENTRY(NID_id_smime_ct_compressedData, ASN1_NDEF_EXP(CMS_ContentInfo, d.compressedData, CMS_CompressedData, 0)), 304183234Ssimon} ASN1_ADB_END(CMS_ContentInfo, 0, contentType, 0, &cms_default_tt, NULL); 305183234Ssimon 306238405Sjkim/* CMS streaming support */ 307238405Sjkimstatic int cms_cb(int operation, ASN1_VALUE **pval, const ASN1_ITEM *it, 308280304Sjkim void *exarg) 309280304Sjkim{ 310280304Sjkim ASN1_STREAM_ARG *sarg = exarg; 311280304Sjkim CMS_ContentInfo *cms = NULL; 312280304Sjkim if (pval) 313280304Sjkim cms = (CMS_ContentInfo *)*pval; 314280304Sjkim else 315280304Sjkim return 1; 316280304Sjkim switch (operation) { 317238405Sjkim 318280304Sjkim case ASN1_OP_STREAM_PRE: 319280304Sjkim if (CMS_stream(&sarg->boundary, cms) <= 0) 320280304Sjkim return 0; 321280304Sjkim case ASN1_OP_DETACHED_PRE: 322280304Sjkim sarg->ndef_bio = CMS_dataInit(cms, sarg->out); 323280304Sjkim if (!sarg->ndef_bio) 324280304Sjkim return 0; 325280304Sjkim break; 326238405Sjkim 327280304Sjkim case ASN1_OP_STREAM_POST: 328280304Sjkim case ASN1_OP_DETACHED_POST: 329280304Sjkim if (CMS_dataFinal(cms, sarg->ndef_bio) <= 0) 330280304Sjkim return 0; 331280304Sjkim break; 332238405Sjkim 333280304Sjkim } 334280304Sjkim return 1; 335280304Sjkim} 336238405Sjkim 337238405SjkimASN1_NDEF_SEQUENCE_cb(CMS_ContentInfo, cms_cb) = { 338280304Sjkim ASN1_SIMPLE(CMS_ContentInfo, contentType, ASN1_OBJECT), 339280304Sjkim ASN1_ADB_OBJECT(CMS_ContentInfo) 340238405Sjkim} ASN1_NDEF_SEQUENCE_END_cb(CMS_ContentInfo, CMS_ContentInfo) 341183234Ssimon 342183234Ssimon/* Specials for signed attributes */ 343183234Ssimon 344280304Sjkim/* 345280304Sjkim * When signing attributes we want to reorder them to match the sorted 346183234Ssimon * encoding. 347183234Ssimon */ 348183234Ssimon 349280304SjkimASN1_ITEM_TEMPLATE(CMS_Attributes_Sign) = 350280304Sjkim ASN1_EX_TEMPLATE_TYPE(ASN1_TFLG_SET_ORDER, 0, CMS_ATTRIBUTES, X509_ATTRIBUTE) 351183234SsimonASN1_ITEM_TEMPLATE_END(CMS_Attributes_Sign) 352183234Ssimon 353280304Sjkim/* 354280304Sjkim * When verifying attributes we need to use the received order. So we use 355280304Sjkim * SEQUENCE OF and tag it to SET OF 356183234Ssimon */ 357183234Ssimon 358280304SjkimASN1_ITEM_TEMPLATE(CMS_Attributes_Verify) = 359280304Sjkim ASN1_EX_TEMPLATE_TYPE(ASN1_TFLG_SEQUENCE_OF | ASN1_TFLG_IMPTAG | ASN1_TFLG_UNIVERSAL, 360280304Sjkim V_ASN1_SET, CMS_ATTRIBUTES, X509_ATTRIBUTE) 361183234SsimonASN1_ITEM_TEMPLATE_END(CMS_Attributes_Verify) 362183234Ssimon 363183234Ssimon 364183234Ssimon 365183234SsimonASN1_CHOICE(CMS_ReceiptsFrom) = { 366183234Ssimon ASN1_IMP(CMS_ReceiptsFrom, d.allOrFirstTier, LONG, 0), 367183234Ssimon ASN1_IMP_SEQUENCE_OF(CMS_ReceiptsFrom, d.receiptList, GENERAL_NAMES, 1) 368183234Ssimon} ASN1_CHOICE_END(CMS_ReceiptsFrom) 369183234Ssimon 370183234SsimonASN1_SEQUENCE(CMS_ReceiptRequest) = { 371183234Ssimon ASN1_SIMPLE(CMS_ReceiptRequest, signedContentIdentifier, ASN1_OCTET_STRING), 372183234Ssimon ASN1_SIMPLE(CMS_ReceiptRequest, receiptsFrom, CMS_ReceiptsFrom), 373183234Ssimon ASN1_SEQUENCE_OF(CMS_ReceiptRequest, receiptsTo, GENERAL_NAMES) 374183234Ssimon} ASN1_SEQUENCE_END(CMS_ReceiptRequest) 375183234Ssimon 376183234SsimonASN1_SEQUENCE(CMS_Receipt) = { 377183234Ssimon ASN1_SIMPLE(CMS_Receipt, version, LONG), 378183234Ssimon ASN1_SIMPLE(CMS_Receipt, contentType, ASN1_OBJECT), 379183234Ssimon ASN1_SIMPLE(CMS_Receipt, signedContentIdentifier, ASN1_OCTET_STRING), 380183234Ssimon ASN1_SIMPLE(CMS_Receipt, originatorSignatureValue, ASN1_OCTET_STRING) 381183234Ssimon} ASN1_SEQUENCE_END(CMS_Receipt) 382