1183234Ssimon/* crypto/cms/cms_asn1.c */ 2183234Ssimon/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL 3183234Ssimon * project. 4183234Ssimon */ 5183234Ssimon/* ==================================================================== 6183234Ssimon * Copyright (c) 2008 The OpenSSL Project. All rights reserved. 7183234Ssimon * 8183234Ssimon * Redistribution and use in source and binary forms, with or without 9183234Ssimon * modification, are permitted provided that the following conditions 10183234Ssimon * are met: 11183234Ssimon * 12183234Ssimon * 1. Redistributions of source code must retain the above copyright 13183234Ssimon * notice, this list of conditions and the following disclaimer. 14183234Ssimon * 15183234Ssimon * 2. Redistributions in binary form must reproduce the above copyright 16183234Ssimon * notice, this list of conditions and the following disclaimer in 17183234Ssimon * the documentation and/or other materials provided with the 18183234Ssimon * distribution. 19183234Ssimon * 20183234Ssimon * 3. All advertising materials mentioning features or use of this 21183234Ssimon * software must display the following acknowledgment: 22183234Ssimon * "This product includes software developed by the OpenSSL Project 23183234Ssimon * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" 24183234Ssimon * 25183234Ssimon * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to 26183234Ssimon * endorse or promote products derived from this software without 27183234Ssimon * prior written permission. For written permission, please contact 28183234Ssimon * licensing@OpenSSL.org. 29183234Ssimon * 30183234Ssimon * 5. Products derived from this software may not be called "OpenSSL" 31183234Ssimon * nor may "OpenSSL" appear in their names without prior written 32183234Ssimon * permission of the OpenSSL Project. 33183234Ssimon * 34183234Ssimon * 6. Redistributions of any form whatsoever must retain the following 35183234Ssimon * acknowledgment: 36183234Ssimon * "This product includes software developed by the OpenSSL Project 37183234Ssimon * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" 38183234Ssimon * 39183234Ssimon * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY 40183234Ssimon * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 41183234Ssimon * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR 42183234Ssimon * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR 43183234Ssimon * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, 44183234Ssimon * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT 45183234Ssimon * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; 46183234Ssimon * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 47183234Ssimon * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, 48183234Ssimon * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) 49183234Ssimon * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED 50183234Ssimon * OF THE POSSIBILITY OF SUCH DAMAGE. 51183234Ssimon * ==================================================================== 52183234Ssimon */ 53183234Ssimon 54183234Ssimon#include <openssl/asn1t.h> 55183234Ssimon#include <openssl/pem.h> 56183234Ssimon#include <openssl/x509v3.h> 57183234Ssimon#include "cms.h" 58183234Ssimon#include "cms_lcl.h" 59183234Ssimon 60183234Ssimon 61183234SsimonASN1_SEQUENCE(CMS_IssuerAndSerialNumber) = { 62183234Ssimon ASN1_SIMPLE(CMS_IssuerAndSerialNumber, issuer, X509_NAME), 63183234Ssimon ASN1_SIMPLE(CMS_IssuerAndSerialNumber, serialNumber, ASN1_INTEGER) 64183234Ssimon} ASN1_SEQUENCE_END(CMS_IssuerAndSerialNumber) 65183234Ssimon 66183234SsimonASN1_SEQUENCE(CMS_OtherCertificateFormat) = { 67183234Ssimon ASN1_SIMPLE(CMS_OtherCertificateFormat, otherCertFormat, ASN1_OBJECT), 68183234Ssimon ASN1_OPT(CMS_OtherCertificateFormat, otherCert, ASN1_ANY) 69183234Ssimon} ASN1_SEQUENCE_END(CMS_OtherCertificateFormat) 70183234Ssimon 71183234SsimonASN1_CHOICE(CMS_CertificateChoices) = { 72183234Ssimon ASN1_SIMPLE(CMS_CertificateChoices, d.certificate, X509), 73183234Ssimon ASN1_IMP(CMS_CertificateChoices, d.extendedCertificate, ASN1_SEQUENCE, 0), 74183234Ssimon ASN1_IMP(CMS_CertificateChoices, d.v1AttrCert, ASN1_SEQUENCE, 1), 75183234Ssimon ASN1_IMP(CMS_CertificateChoices, d.v2AttrCert, ASN1_SEQUENCE, 2), 76183234Ssimon ASN1_IMP(CMS_CertificateChoices, d.other, CMS_OtherCertificateFormat, 3) 77183234Ssimon} ASN1_CHOICE_END(CMS_CertificateChoices) 78183234Ssimon 79183234SsimonASN1_CHOICE(CMS_SignerIdentifier) = { 80183234Ssimon ASN1_SIMPLE(CMS_SignerIdentifier, d.issuerAndSerialNumber, CMS_IssuerAndSerialNumber), 81183234Ssimon ASN1_IMP(CMS_SignerIdentifier, d.subjectKeyIdentifier, ASN1_OCTET_STRING, 0) 82183234Ssimon} ASN1_CHOICE_END(CMS_SignerIdentifier) 83183234Ssimon 84183234SsimonASN1_NDEF_SEQUENCE(CMS_EncapsulatedContentInfo) = { 85183234Ssimon ASN1_SIMPLE(CMS_EncapsulatedContentInfo, eContentType, ASN1_OBJECT), 86183234Ssimon ASN1_NDEF_EXP_OPT(CMS_EncapsulatedContentInfo, eContent, ASN1_OCTET_STRING_NDEF, 0) 87183234Ssimon} ASN1_NDEF_SEQUENCE_END(CMS_EncapsulatedContentInfo) 88183234Ssimon 89183234Ssimon/* Minor tweak to operation: free up signer key, cert */ 90238405Sjkimstatic int cms_si_cb(int operation, ASN1_VALUE **pval, const ASN1_ITEM *it, 91238405Sjkim void *exarg) 92183234Ssimon { 93183234Ssimon if(operation == ASN1_OP_FREE_POST) 94183234Ssimon { 95183234Ssimon CMS_SignerInfo *si = (CMS_SignerInfo *)*pval; 96183234Ssimon if (si->pkey) 97183234Ssimon EVP_PKEY_free(si->pkey); 98183234Ssimon if (si->signer) 99183234Ssimon X509_free(si->signer); 100183234Ssimon } 101183234Ssimon return 1; 102183234Ssimon } 103183234Ssimon 104183234SsimonASN1_SEQUENCE_cb(CMS_SignerInfo, cms_si_cb) = { 105183234Ssimon ASN1_SIMPLE(CMS_SignerInfo, version, LONG), 106183234Ssimon ASN1_SIMPLE(CMS_SignerInfo, sid, CMS_SignerIdentifier), 107183234Ssimon ASN1_SIMPLE(CMS_SignerInfo, digestAlgorithm, X509_ALGOR), 108183234Ssimon ASN1_IMP_SET_OF_OPT(CMS_SignerInfo, signedAttrs, X509_ATTRIBUTE, 0), 109183234Ssimon ASN1_SIMPLE(CMS_SignerInfo, signatureAlgorithm, X509_ALGOR), 110183234Ssimon ASN1_SIMPLE(CMS_SignerInfo, signature, ASN1_OCTET_STRING), 111183234Ssimon ASN1_IMP_SET_OF_OPT(CMS_SignerInfo, unsignedAttrs, X509_ATTRIBUTE, 1) 112183234Ssimon} ASN1_SEQUENCE_END_cb(CMS_SignerInfo, CMS_SignerInfo) 113183234Ssimon 114183234SsimonASN1_SEQUENCE(CMS_OtherRevocationInfoFormat) = { 115183234Ssimon ASN1_SIMPLE(CMS_OtherRevocationInfoFormat, otherRevInfoFormat, ASN1_OBJECT), 116183234Ssimon ASN1_OPT(CMS_OtherRevocationInfoFormat, otherRevInfo, ASN1_ANY) 117183234Ssimon} ASN1_SEQUENCE_END(CMS_OtherRevocationInfoFormat) 118183234Ssimon 119183234SsimonASN1_CHOICE(CMS_RevocationInfoChoice) = { 120183234Ssimon ASN1_SIMPLE(CMS_RevocationInfoChoice, d.crl, X509_CRL), 121183234Ssimon ASN1_IMP(CMS_RevocationInfoChoice, d.other, CMS_OtherRevocationInfoFormat, 1) 122183234Ssimon} ASN1_CHOICE_END(CMS_RevocationInfoChoice) 123183234Ssimon 124183234SsimonASN1_NDEF_SEQUENCE(CMS_SignedData) = { 125183234Ssimon ASN1_SIMPLE(CMS_SignedData, version, LONG), 126183234Ssimon ASN1_SET_OF(CMS_SignedData, digestAlgorithms, X509_ALGOR), 127183234Ssimon ASN1_SIMPLE(CMS_SignedData, encapContentInfo, CMS_EncapsulatedContentInfo), 128183234Ssimon ASN1_IMP_SET_OF_OPT(CMS_SignedData, certificates, CMS_CertificateChoices, 0), 129183234Ssimon ASN1_IMP_SET_OF_OPT(CMS_SignedData, crls, CMS_RevocationInfoChoice, 1), 130183234Ssimon ASN1_SET_OF(CMS_SignedData, signerInfos, CMS_SignerInfo) 131183234Ssimon} ASN1_NDEF_SEQUENCE_END(CMS_SignedData) 132183234Ssimon 133183234SsimonASN1_SEQUENCE(CMS_OriginatorInfo) = { 134215697Ssimon ASN1_IMP_SET_OF_OPT(CMS_OriginatorInfo, certificates, CMS_CertificateChoices, 0), 135215697Ssimon ASN1_IMP_SET_OF_OPT(CMS_OriginatorInfo, crls, CMS_RevocationInfoChoice, 1) 136183234Ssimon} ASN1_SEQUENCE_END(CMS_OriginatorInfo) 137183234Ssimon 138183234SsimonASN1_NDEF_SEQUENCE(CMS_EncryptedContentInfo) = { 139183234Ssimon ASN1_SIMPLE(CMS_EncryptedContentInfo, contentType, ASN1_OBJECT), 140183234Ssimon ASN1_SIMPLE(CMS_EncryptedContentInfo, contentEncryptionAlgorithm, X509_ALGOR), 141183234Ssimon ASN1_IMP_OPT(CMS_EncryptedContentInfo, encryptedContent, ASN1_OCTET_STRING_NDEF, 0) 142183234Ssimon} ASN1_NDEF_SEQUENCE_END(CMS_EncryptedContentInfo) 143183234Ssimon 144183234SsimonASN1_SEQUENCE(CMS_KeyTransRecipientInfo) = { 145183234Ssimon ASN1_SIMPLE(CMS_KeyTransRecipientInfo, version, LONG), 146183234Ssimon ASN1_SIMPLE(CMS_KeyTransRecipientInfo, rid, CMS_SignerIdentifier), 147183234Ssimon ASN1_SIMPLE(CMS_KeyTransRecipientInfo, keyEncryptionAlgorithm, X509_ALGOR), 148183234Ssimon ASN1_SIMPLE(CMS_KeyTransRecipientInfo, encryptedKey, ASN1_OCTET_STRING) 149183234Ssimon} ASN1_SEQUENCE_END(CMS_KeyTransRecipientInfo) 150183234Ssimon 151183234SsimonASN1_SEQUENCE(CMS_OtherKeyAttribute) = { 152183234Ssimon ASN1_SIMPLE(CMS_OtherKeyAttribute, keyAttrId, ASN1_OBJECT), 153183234Ssimon ASN1_OPT(CMS_OtherKeyAttribute, keyAttr, ASN1_ANY) 154183234Ssimon} ASN1_SEQUENCE_END(CMS_OtherKeyAttribute) 155183234Ssimon 156183234SsimonASN1_SEQUENCE(CMS_RecipientKeyIdentifier) = { 157183234Ssimon ASN1_SIMPLE(CMS_RecipientKeyIdentifier, subjectKeyIdentifier, ASN1_OCTET_STRING), 158183234Ssimon ASN1_OPT(CMS_RecipientKeyIdentifier, date, ASN1_GENERALIZEDTIME), 159183234Ssimon ASN1_OPT(CMS_RecipientKeyIdentifier, other, CMS_OtherKeyAttribute) 160183234Ssimon} ASN1_SEQUENCE_END(CMS_RecipientKeyIdentifier) 161183234Ssimon 162183234SsimonASN1_CHOICE(CMS_KeyAgreeRecipientIdentifier) = { 163183234Ssimon ASN1_SIMPLE(CMS_KeyAgreeRecipientIdentifier, d.issuerAndSerialNumber, CMS_IssuerAndSerialNumber), 164183234Ssimon ASN1_IMP(CMS_KeyAgreeRecipientIdentifier, d.rKeyId, CMS_RecipientKeyIdentifier, 0) 165183234Ssimon} ASN1_CHOICE_END(CMS_KeyAgreeRecipientIdentifier) 166183234Ssimon 167183234SsimonASN1_SEQUENCE(CMS_RecipientEncryptedKey) = { 168183234Ssimon ASN1_SIMPLE(CMS_RecipientEncryptedKey, rid, CMS_KeyAgreeRecipientIdentifier), 169183234Ssimon ASN1_SIMPLE(CMS_RecipientEncryptedKey, encryptedKey, ASN1_OCTET_STRING) 170183234Ssimon} ASN1_SEQUENCE_END(CMS_RecipientEncryptedKey) 171183234Ssimon 172183234SsimonASN1_SEQUENCE(CMS_OriginatorPublicKey) = { 173183234Ssimon ASN1_SIMPLE(CMS_OriginatorPublicKey, algorithm, X509_ALGOR), 174183234Ssimon ASN1_SIMPLE(CMS_OriginatorPublicKey, publicKey, ASN1_BIT_STRING) 175183234Ssimon} ASN1_SEQUENCE_END(CMS_OriginatorPublicKey) 176183234Ssimon 177183234SsimonASN1_CHOICE(CMS_OriginatorIdentifierOrKey) = { 178183234Ssimon ASN1_SIMPLE(CMS_OriginatorIdentifierOrKey, d.issuerAndSerialNumber, CMS_IssuerAndSerialNumber), 179183234Ssimon ASN1_IMP(CMS_OriginatorIdentifierOrKey, d.subjectKeyIdentifier, ASN1_OCTET_STRING, 0), 180183234Ssimon ASN1_IMP(CMS_OriginatorIdentifierOrKey, d.originatorKey, CMS_OriginatorPublicKey, 1) 181183234Ssimon} ASN1_CHOICE_END(CMS_OriginatorIdentifierOrKey) 182183234Ssimon 183183234SsimonASN1_SEQUENCE(CMS_KeyAgreeRecipientInfo) = { 184183234Ssimon ASN1_SIMPLE(CMS_KeyAgreeRecipientInfo, version, LONG), 185183234Ssimon ASN1_EXP(CMS_KeyAgreeRecipientInfo, originator, CMS_OriginatorIdentifierOrKey, 0), 186183234Ssimon ASN1_EXP_OPT(CMS_KeyAgreeRecipientInfo, ukm, ASN1_OCTET_STRING, 1), 187183234Ssimon ASN1_SIMPLE(CMS_KeyAgreeRecipientInfo, keyEncryptionAlgorithm, X509_ALGOR), 188183234Ssimon ASN1_SEQUENCE_OF(CMS_KeyAgreeRecipientInfo, recipientEncryptedKeys, CMS_RecipientEncryptedKey) 189183234Ssimon} ASN1_SEQUENCE_END(CMS_KeyAgreeRecipientInfo) 190183234Ssimon 191183234SsimonASN1_SEQUENCE(CMS_KEKIdentifier) = { 192183234Ssimon ASN1_SIMPLE(CMS_KEKIdentifier, keyIdentifier, ASN1_OCTET_STRING), 193183234Ssimon ASN1_OPT(CMS_KEKIdentifier, date, ASN1_GENERALIZEDTIME), 194183234Ssimon ASN1_OPT(CMS_KEKIdentifier, other, CMS_OtherKeyAttribute) 195183234Ssimon} ASN1_SEQUENCE_END(CMS_KEKIdentifier) 196183234Ssimon 197183234SsimonASN1_SEQUENCE(CMS_KEKRecipientInfo) = { 198183234Ssimon ASN1_SIMPLE(CMS_KEKRecipientInfo, version, LONG), 199183234Ssimon ASN1_SIMPLE(CMS_KEKRecipientInfo, kekid, CMS_KEKIdentifier), 200183234Ssimon ASN1_SIMPLE(CMS_KEKRecipientInfo, keyEncryptionAlgorithm, X509_ALGOR), 201183234Ssimon ASN1_SIMPLE(CMS_KEKRecipientInfo, encryptedKey, ASN1_OCTET_STRING) 202183234Ssimon} ASN1_SEQUENCE_END(CMS_KEKRecipientInfo) 203183234Ssimon 204183234SsimonASN1_SEQUENCE(CMS_PasswordRecipientInfo) = { 205183234Ssimon ASN1_SIMPLE(CMS_PasswordRecipientInfo, version, LONG), 206183234Ssimon ASN1_IMP_OPT(CMS_PasswordRecipientInfo, keyDerivationAlgorithm, X509_ALGOR, 0), 207183234Ssimon ASN1_SIMPLE(CMS_PasswordRecipientInfo, keyEncryptionAlgorithm, X509_ALGOR), 208183234Ssimon ASN1_SIMPLE(CMS_PasswordRecipientInfo, encryptedKey, ASN1_OCTET_STRING) 209183234Ssimon} ASN1_SEQUENCE_END(CMS_PasswordRecipientInfo) 210183234Ssimon 211183234SsimonASN1_SEQUENCE(CMS_OtherRecipientInfo) = { 212183234Ssimon ASN1_SIMPLE(CMS_OtherRecipientInfo, oriType, ASN1_OBJECT), 213183234Ssimon ASN1_OPT(CMS_OtherRecipientInfo, oriValue, ASN1_ANY) 214183234Ssimon} ASN1_SEQUENCE_END(CMS_OtherRecipientInfo) 215183234Ssimon 216183234Ssimon/* Free up RecipientInfo additional data */ 217238405Sjkimstatic int cms_ri_cb(int operation, ASN1_VALUE **pval, const ASN1_ITEM *it, 218238405Sjkim void *exarg) 219183234Ssimon { 220183234Ssimon if(operation == ASN1_OP_FREE_PRE) 221183234Ssimon { 222183234Ssimon CMS_RecipientInfo *ri = (CMS_RecipientInfo *)*pval; 223183234Ssimon if (ri->type == CMS_RECIPINFO_TRANS) 224183234Ssimon { 225183234Ssimon CMS_KeyTransRecipientInfo *ktri = ri->d.ktri; 226183234Ssimon if (ktri->pkey) 227183234Ssimon EVP_PKEY_free(ktri->pkey); 228183234Ssimon if (ktri->recip) 229183234Ssimon X509_free(ktri->recip); 230183234Ssimon } 231183234Ssimon else if (ri->type == CMS_RECIPINFO_KEK) 232183234Ssimon { 233183234Ssimon CMS_KEKRecipientInfo *kekri = ri->d.kekri; 234183234Ssimon if (kekri->key) 235183234Ssimon { 236183234Ssimon OPENSSL_cleanse(kekri->key, kekri->keylen); 237183234Ssimon OPENSSL_free(kekri->key); 238183234Ssimon } 239183234Ssimon } 240238405Sjkim else if (ri->type == CMS_RECIPINFO_PASS) 241238405Sjkim { 242238405Sjkim CMS_PasswordRecipientInfo *pwri = ri->d.pwri; 243238405Sjkim if (pwri->pass) 244238405Sjkim { 245238405Sjkim OPENSSL_cleanse(pwri->pass, pwri->passlen); 246238405Sjkim OPENSSL_free(pwri->pass); 247238405Sjkim } 248238405Sjkim } 249183234Ssimon } 250183234Ssimon return 1; 251183234Ssimon } 252183234Ssimon 253183234SsimonASN1_CHOICE_cb(CMS_RecipientInfo, cms_ri_cb) = { 254183234Ssimon ASN1_SIMPLE(CMS_RecipientInfo, d.ktri, CMS_KeyTransRecipientInfo), 255183234Ssimon ASN1_IMP(CMS_RecipientInfo, d.kari, CMS_KeyAgreeRecipientInfo, 1), 256183234Ssimon ASN1_IMP(CMS_RecipientInfo, d.kekri, CMS_KEKRecipientInfo, 2), 257183234Ssimon ASN1_IMP(CMS_RecipientInfo, d.pwri, CMS_PasswordRecipientInfo, 3), 258183234Ssimon ASN1_IMP(CMS_RecipientInfo, d.ori, CMS_OtherRecipientInfo, 4) 259183234Ssimon} ASN1_CHOICE_END_cb(CMS_RecipientInfo, CMS_RecipientInfo, type) 260183234Ssimon 261183234SsimonASN1_NDEF_SEQUENCE(CMS_EnvelopedData) = { 262183234Ssimon ASN1_SIMPLE(CMS_EnvelopedData, version, LONG), 263183234Ssimon ASN1_IMP_OPT(CMS_EnvelopedData, originatorInfo, CMS_OriginatorInfo, 0), 264183234Ssimon ASN1_SET_OF(CMS_EnvelopedData, recipientInfos, CMS_RecipientInfo), 265183234Ssimon ASN1_SIMPLE(CMS_EnvelopedData, encryptedContentInfo, CMS_EncryptedContentInfo), 266183234Ssimon ASN1_IMP_SET_OF_OPT(CMS_EnvelopedData, unprotectedAttrs, X509_ATTRIBUTE, 1) 267183234Ssimon} ASN1_NDEF_SEQUENCE_END(CMS_EnvelopedData) 268183234Ssimon 269183234SsimonASN1_NDEF_SEQUENCE(CMS_DigestedData) = { 270183234Ssimon ASN1_SIMPLE(CMS_DigestedData, version, LONG), 271183234Ssimon ASN1_SIMPLE(CMS_DigestedData, digestAlgorithm, X509_ALGOR), 272183234Ssimon ASN1_SIMPLE(CMS_DigestedData, encapContentInfo, CMS_EncapsulatedContentInfo), 273183234Ssimon ASN1_SIMPLE(CMS_DigestedData, digest, ASN1_OCTET_STRING) 274183234Ssimon} ASN1_NDEF_SEQUENCE_END(CMS_DigestedData) 275183234Ssimon 276183234SsimonASN1_NDEF_SEQUENCE(CMS_EncryptedData) = { 277183234Ssimon ASN1_SIMPLE(CMS_EncryptedData, version, LONG), 278183234Ssimon ASN1_SIMPLE(CMS_EncryptedData, encryptedContentInfo, CMS_EncryptedContentInfo), 279183234Ssimon ASN1_IMP_SET_OF_OPT(CMS_EncryptedData, unprotectedAttrs, X509_ATTRIBUTE, 1) 280183234Ssimon} ASN1_NDEF_SEQUENCE_END(CMS_EncryptedData) 281183234Ssimon 282183234SsimonASN1_NDEF_SEQUENCE(CMS_AuthenticatedData) = { 283183234Ssimon ASN1_SIMPLE(CMS_AuthenticatedData, version, LONG), 284183234Ssimon ASN1_IMP_OPT(CMS_AuthenticatedData, originatorInfo, CMS_OriginatorInfo, 0), 285183234Ssimon ASN1_SET_OF(CMS_AuthenticatedData, recipientInfos, CMS_RecipientInfo), 286183234Ssimon ASN1_SIMPLE(CMS_AuthenticatedData, macAlgorithm, X509_ALGOR), 287183234Ssimon ASN1_IMP(CMS_AuthenticatedData, digestAlgorithm, X509_ALGOR, 1), 288183234Ssimon ASN1_SIMPLE(CMS_AuthenticatedData, encapContentInfo, CMS_EncapsulatedContentInfo), 289183234Ssimon ASN1_IMP_SET_OF_OPT(CMS_AuthenticatedData, authAttrs, X509_ALGOR, 2), 290183234Ssimon ASN1_SIMPLE(CMS_AuthenticatedData, mac, ASN1_OCTET_STRING), 291183234Ssimon ASN1_IMP_SET_OF_OPT(CMS_AuthenticatedData, unauthAttrs, X509_ALGOR, 3) 292183234Ssimon} ASN1_NDEF_SEQUENCE_END(CMS_AuthenticatedData) 293183234Ssimon 294183234SsimonASN1_NDEF_SEQUENCE(CMS_CompressedData) = { 295183234Ssimon ASN1_SIMPLE(CMS_CompressedData, version, LONG), 296183234Ssimon ASN1_SIMPLE(CMS_CompressedData, compressionAlgorithm, X509_ALGOR), 297183234Ssimon ASN1_SIMPLE(CMS_CompressedData, encapContentInfo, CMS_EncapsulatedContentInfo), 298183234Ssimon} ASN1_NDEF_SEQUENCE_END(CMS_CompressedData) 299183234Ssimon 300183234Ssimon/* This is the ANY DEFINED BY table for the top level ContentInfo structure */ 301183234Ssimon 302183234SsimonASN1_ADB_TEMPLATE(cms_default) = ASN1_EXP(CMS_ContentInfo, d.other, ASN1_ANY, 0); 303183234Ssimon 304183234SsimonASN1_ADB(CMS_ContentInfo) = { 305183234Ssimon ADB_ENTRY(NID_pkcs7_data, ASN1_NDEF_EXP(CMS_ContentInfo, d.data, ASN1_OCTET_STRING_NDEF, 0)), 306183234Ssimon ADB_ENTRY(NID_pkcs7_signed, ASN1_NDEF_EXP(CMS_ContentInfo, d.signedData, CMS_SignedData, 0)), 307183234Ssimon ADB_ENTRY(NID_pkcs7_enveloped, ASN1_NDEF_EXP(CMS_ContentInfo, d.envelopedData, CMS_EnvelopedData, 0)), 308183234Ssimon ADB_ENTRY(NID_pkcs7_digest, ASN1_NDEF_EXP(CMS_ContentInfo, d.digestedData, CMS_DigestedData, 0)), 309183234Ssimon ADB_ENTRY(NID_pkcs7_encrypted, ASN1_NDEF_EXP(CMS_ContentInfo, d.encryptedData, CMS_EncryptedData, 0)), 310183234Ssimon ADB_ENTRY(NID_id_smime_ct_authData, ASN1_NDEF_EXP(CMS_ContentInfo, d.authenticatedData, CMS_AuthenticatedData, 0)), 311183234Ssimon ADB_ENTRY(NID_id_smime_ct_compressedData, ASN1_NDEF_EXP(CMS_ContentInfo, d.compressedData, CMS_CompressedData, 0)), 312183234Ssimon} ASN1_ADB_END(CMS_ContentInfo, 0, contentType, 0, &cms_default_tt, NULL); 313183234Ssimon 314238405Sjkim/* CMS streaming support */ 315238405Sjkimstatic int cms_cb(int operation, ASN1_VALUE **pval, const ASN1_ITEM *it, 316238405Sjkim void *exarg) 317238405Sjkim { 318238405Sjkim ASN1_STREAM_ARG *sarg = exarg; 319238405Sjkim CMS_ContentInfo *cms = NULL; 320238405Sjkim if (pval) 321238405Sjkim cms = (CMS_ContentInfo *)*pval; 322238405Sjkim else 323238405Sjkim return 1; 324238405Sjkim switch(operation) 325238405Sjkim { 326238405Sjkim 327238405Sjkim case ASN1_OP_STREAM_PRE: 328238405Sjkim if (CMS_stream(&sarg->boundary, cms) <= 0) 329238405Sjkim return 0; 330238405Sjkim case ASN1_OP_DETACHED_PRE: 331238405Sjkim sarg->ndef_bio = CMS_dataInit(cms, sarg->out); 332238405Sjkim if (!sarg->ndef_bio) 333238405Sjkim return 0; 334238405Sjkim break; 335238405Sjkim 336238405Sjkim case ASN1_OP_STREAM_POST: 337238405Sjkim case ASN1_OP_DETACHED_POST: 338238405Sjkim if (CMS_dataFinal(cms, sarg->ndef_bio) <= 0) 339238405Sjkim return 0; 340238405Sjkim break; 341238405Sjkim 342238405Sjkim } 343238405Sjkim return 1; 344238405Sjkim } 345238405Sjkim 346238405SjkimASN1_NDEF_SEQUENCE_cb(CMS_ContentInfo, cms_cb) = { 347183234Ssimon ASN1_SIMPLE(CMS_ContentInfo, contentType, ASN1_OBJECT), 348183234Ssimon ASN1_ADB_OBJECT(CMS_ContentInfo) 349238405Sjkim} ASN1_NDEF_SEQUENCE_END_cb(CMS_ContentInfo, CMS_ContentInfo) 350183234Ssimon 351183234Ssimon/* Specials for signed attributes */ 352183234Ssimon 353183234Ssimon/* When signing attributes we want to reorder them to match the sorted 354183234Ssimon * encoding. 355183234Ssimon */ 356183234Ssimon 357183234SsimonASN1_ITEM_TEMPLATE(CMS_Attributes_Sign) = 358183234Ssimon ASN1_EX_TEMPLATE_TYPE(ASN1_TFLG_SET_ORDER, 0, CMS_ATTRIBUTES, X509_ATTRIBUTE) 359183234SsimonASN1_ITEM_TEMPLATE_END(CMS_Attributes_Sign) 360183234Ssimon 361183234Ssimon/* When verifying attributes we need to use the received order. So 362183234Ssimon * we use SEQUENCE OF and tag it to SET OF 363183234Ssimon */ 364183234Ssimon 365183234SsimonASN1_ITEM_TEMPLATE(CMS_Attributes_Verify) = 366183234Ssimon ASN1_EX_TEMPLATE_TYPE(ASN1_TFLG_SEQUENCE_OF | ASN1_TFLG_IMPTAG | ASN1_TFLG_UNIVERSAL, 367183234Ssimon V_ASN1_SET, CMS_ATTRIBUTES, X509_ATTRIBUTE) 368183234SsimonASN1_ITEM_TEMPLATE_END(CMS_Attributes_Verify) 369183234Ssimon 370183234Ssimon 371183234Ssimon 372183234SsimonASN1_CHOICE(CMS_ReceiptsFrom) = { 373183234Ssimon ASN1_IMP(CMS_ReceiptsFrom, d.allOrFirstTier, LONG, 0), 374183234Ssimon ASN1_IMP_SEQUENCE_OF(CMS_ReceiptsFrom, d.receiptList, GENERAL_NAMES, 1) 375183234Ssimon} ASN1_CHOICE_END(CMS_ReceiptsFrom) 376183234Ssimon 377183234SsimonASN1_SEQUENCE(CMS_ReceiptRequest) = { 378183234Ssimon ASN1_SIMPLE(CMS_ReceiptRequest, signedContentIdentifier, ASN1_OCTET_STRING), 379183234Ssimon ASN1_SIMPLE(CMS_ReceiptRequest, receiptsFrom, CMS_ReceiptsFrom), 380183234Ssimon ASN1_SEQUENCE_OF(CMS_ReceiptRequest, receiptsTo, GENERAL_NAMES) 381183234Ssimon} ASN1_SEQUENCE_END(CMS_ReceiptRequest) 382183234Ssimon 383183234SsimonASN1_SEQUENCE(CMS_Receipt) = { 384183234Ssimon ASN1_SIMPLE(CMS_Receipt, version, LONG), 385183234Ssimon ASN1_SIMPLE(CMS_Receipt, contentType, ASN1_OBJECT), 386183234Ssimon ASN1_SIMPLE(CMS_Receipt, signedContentIdentifier, ASN1_OCTET_STRING), 387183234Ssimon ASN1_SIMPLE(CMS_Receipt, originatorSignatureValue, ASN1_OCTET_STRING) 388183234Ssimon} ASN1_SEQUENCE_END(CMS_Receipt) 389183234Ssimon 390