1/*
2 * Copyright 2008-2023 The OpenSSL Project Authors. All Rights Reserved.
3 *
4 * Licensed under the Apache License 2.0 (the "License").  You may not use
5 * this file except in compliance with the License.  You can obtain a copy
6 * in the file LICENSE in the source distribution or at
7 * https://www.openssl.org/source/license.html
8 */
9
10#ifndef OSSL_CRYPTO_CMS_LOCAL_H
11# define OSSL_CRYPTO_CMS_LOCAL_H
12
13# include <openssl/x509.h>
14
15/*
16 * Cryptographic message syntax (CMS) structures: taken from RFC3852
17 */
18
19/* Forward references */
20
21typedef struct CMS_IssuerAndSerialNumber_st CMS_IssuerAndSerialNumber;
22typedef struct CMS_EncapsulatedContentInfo_st CMS_EncapsulatedContentInfo;
23typedef struct CMS_SignerIdentifier_st CMS_SignerIdentifier;
24typedef struct CMS_SignedData_st CMS_SignedData;
25typedef struct CMS_OtherRevocationInfoFormat_st CMS_OtherRevocationInfoFormat;
26typedef struct CMS_OriginatorInfo_st CMS_OriginatorInfo;
27typedef struct CMS_EncryptedContentInfo_st CMS_EncryptedContentInfo;
28typedef struct CMS_EnvelopedData_st CMS_EnvelopedData;
29typedef struct CMS_DigestedData_st CMS_DigestedData;
30typedef struct CMS_EncryptedData_st CMS_EncryptedData;
31typedef struct CMS_AuthenticatedData_st CMS_AuthenticatedData;
32typedef struct CMS_AuthEnvelopedData_st CMS_AuthEnvelopedData;
33typedef struct CMS_CompressedData_st CMS_CompressedData;
34typedef struct CMS_OtherCertificateFormat_st CMS_OtherCertificateFormat;
35typedef struct CMS_KeyTransRecipientInfo_st CMS_KeyTransRecipientInfo;
36typedef struct CMS_OriginatorPublicKey_st CMS_OriginatorPublicKey;
37typedef struct CMS_OriginatorIdentifierOrKey_st CMS_OriginatorIdentifierOrKey;
38typedef struct CMS_KeyAgreeRecipientInfo_st CMS_KeyAgreeRecipientInfo;
39typedef struct CMS_RecipientKeyIdentifier_st CMS_RecipientKeyIdentifier;
40typedef struct CMS_KeyAgreeRecipientIdentifier_st
41    CMS_KeyAgreeRecipientIdentifier;
42typedef struct CMS_KEKIdentifier_st CMS_KEKIdentifier;
43typedef struct CMS_KEKRecipientInfo_st CMS_KEKRecipientInfo;
44typedef struct CMS_PasswordRecipientInfo_st CMS_PasswordRecipientInfo;
45typedef struct CMS_OtherRecipientInfo_st CMS_OtherRecipientInfo;
46typedef struct CMS_ReceiptsFrom_st CMS_ReceiptsFrom;
47typedef struct CMS_CTX_st CMS_CTX;
48
49struct CMS_CTX_st {
50    OSSL_LIB_CTX *libctx;
51    char *propq;
52};
53
54struct CMS_ContentInfo_st {
55    ASN1_OBJECT *contentType;
56    union {
57        ASN1_OCTET_STRING *data;
58        CMS_SignedData *signedData;
59        CMS_EnvelopedData *envelopedData;
60        CMS_DigestedData *digestedData;
61        CMS_EncryptedData *encryptedData;
62        CMS_AuthEnvelopedData *authEnvelopedData;
63        CMS_AuthenticatedData *authenticatedData;
64        CMS_CompressedData *compressedData;
65        ASN1_TYPE *other;
66        /* Other types ... */
67        void *otherData;
68    } d;
69    CMS_CTX ctx;
70};
71
72DEFINE_STACK_OF(CMS_CertificateChoices)
73
74struct CMS_SignedData_st {
75    int32_t version;
76    STACK_OF(X509_ALGOR) *digestAlgorithms;
77    CMS_EncapsulatedContentInfo *encapContentInfo;
78    STACK_OF(CMS_CertificateChoices) *certificates;
79    STACK_OF(CMS_RevocationInfoChoice) *crls;
80    STACK_OF(CMS_SignerInfo) *signerInfos;
81};
82
83struct CMS_EncapsulatedContentInfo_st {
84    ASN1_OBJECT *eContentType;
85    ASN1_OCTET_STRING *eContent;
86    /* Set to 1 if incomplete structure only part set up */
87    int partial;
88};
89
90struct CMS_SignerInfo_st {
91    int32_t version;
92    CMS_SignerIdentifier *sid;
93    X509_ALGOR *digestAlgorithm;
94    STACK_OF(X509_ATTRIBUTE) *signedAttrs;
95    X509_ALGOR *signatureAlgorithm;
96    ASN1_OCTET_STRING *signature;
97    STACK_OF(X509_ATTRIBUTE) *unsignedAttrs;
98    /* Signing certificate and key */
99    X509 *signer;
100    EVP_PKEY *pkey;
101    /* Digest and public key context for alternative parameters */
102    EVP_MD_CTX *mctx;
103    EVP_PKEY_CTX *pctx;
104    const CMS_CTX *cms_ctx;
105};
106
107struct CMS_SignerIdentifier_st {
108    int type;
109    union {
110        CMS_IssuerAndSerialNumber *issuerAndSerialNumber;
111        ASN1_OCTET_STRING *subjectKeyIdentifier;
112    } d;
113};
114
115struct CMS_EnvelopedData_st {
116    int32_t version;
117    CMS_OriginatorInfo *originatorInfo;
118    STACK_OF(CMS_RecipientInfo) *recipientInfos;
119    CMS_EncryptedContentInfo *encryptedContentInfo;
120    STACK_OF(X509_ATTRIBUTE) *unprotectedAttrs;
121};
122
123struct CMS_OriginatorInfo_st {
124    STACK_OF(CMS_CertificateChoices) *certificates;
125    STACK_OF(CMS_RevocationInfoChoice) *crls;
126};
127
128struct CMS_EncryptedContentInfo_st {
129    ASN1_OBJECT *contentType;
130    X509_ALGOR *contentEncryptionAlgorithm;
131    ASN1_OCTET_STRING *encryptedContent;
132    /* Content encryption algorithm, key and tag */
133    const EVP_CIPHER *cipher;
134    unsigned char *key;
135    size_t keylen;
136    unsigned char *tag;
137    size_t taglen;
138    /* Set to 1 if we are debugging decrypt and don't fake keys for MMA */
139    int debug;
140    /* Set to 1 if we have no cert and need extra safety measures for MMA */
141    int havenocert;
142};
143
144struct CMS_RecipientInfo_st {
145    int type;
146    union {
147        CMS_KeyTransRecipientInfo *ktri;
148        CMS_KeyAgreeRecipientInfo *kari;
149        CMS_KEKRecipientInfo *kekri;
150        CMS_PasswordRecipientInfo *pwri;
151        CMS_OtherRecipientInfo *ori;
152    } d;
153};
154
155typedef CMS_SignerIdentifier CMS_RecipientIdentifier;
156
157struct CMS_KeyTransRecipientInfo_st {
158    int32_t version;
159    CMS_RecipientIdentifier *rid;
160    X509_ALGOR *keyEncryptionAlgorithm;
161    ASN1_OCTET_STRING *encryptedKey;
162    /* Recipient Key and cert */
163    X509 *recip;
164    EVP_PKEY *pkey;
165    /* Public key context for this operation */
166    EVP_PKEY_CTX *pctx;
167    const CMS_CTX *cms_ctx;
168};
169
170struct CMS_KeyAgreeRecipientInfo_st {
171    int32_t version;
172    CMS_OriginatorIdentifierOrKey *originator;
173    ASN1_OCTET_STRING *ukm;
174    X509_ALGOR *keyEncryptionAlgorithm;
175    STACK_OF(CMS_RecipientEncryptedKey) *recipientEncryptedKeys;
176    /* Public key context associated with current operation */
177    EVP_PKEY_CTX *pctx;
178    /* Cipher context for CEK wrapping */
179    EVP_CIPHER_CTX *ctx;
180    const CMS_CTX *cms_ctx;
181};
182
183struct CMS_OriginatorIdentifierOrKey_st {
184    int type;
185    union {
186        CMS_IssuerAndSerialNumber *issuerAndSerialNumber;
187        ASN1_OCTET_STRING *subjectKeyIdentifier;
188        CMS_OriginatorPublicKey *originatorKey;
189    } d;
190};
191
192struct CMS_OriginatorPublicKey_st {
193    X509_ALGOR *algorithm;
194    ASN1_BIT_STRING *publicKey;
195};
196
197struct CMS_RecipientEncryptedKey_st {
198    CMS_KeyAgreeRecipientIdentifier *rid;
199    ASN1_OCTET_STRING *encryptedKey;
200    /* Public key associated with this recipient */
201    EVP_PKEY *pkey;
202};
203
204struct CMS_KeyAgreeRecipientIdentifier_st {
205    int type;
206    union {
207        CMS_IssuerAndSerialNumber *issuerAndSerialNumber;
208        CMS_RecipientKeyIdentifier *rKeyId;
209    } d;
210};
211
212struct CMS_RecipientKeyIdentifier_st {
213    ASN1_OCTET_STRING *subjectKeyIdentifier;
214    ASN1_GENERALIZEDTIME *date;
215    CMS_OtherKeyAttribute *other;
216};
217
218struct CMS_KEKRecipientInfo_st {
219    int32_t version;
220    CMS_KEKIdentifier *kekid;
221    X509_ALGOR *keyEncryptionAlgorithm;
222    ASN1_OCTET_STRING *encryptedKey;
223    /* Extra info: symmetric key to use */
224    unsigned char *key;
225    size_t keylen;
226    const CMS_CTX *cms_ctx;
227};
228
229struct CMS_KEKIdentifier_st {
230    ASN1_OCTET_STRING *keyIdentifier;
231    ASN1_GENERALIZEDTIME *date;
232    CMS_OtherKeyAttribute *other;
233};
234
235struct CMS_PasswordRecipientInfo_st {
236    int32_t version;
237    X509_ALGOR *keyDerivationAlgorithm;
238    X509_ALGOR *keyEncryptionAlgorithm;
239    ASN1_OCTET_STRING *encryptedKey;
240    /* Extra info: password to use */
241    unsigned char *pass;
242    size_t passlen;
243    const CMS_CTX *cms_ctx;
244};
245
246struct CMS_OtherRecipientInfo_st {
247    ASN1_OBJECT *oriType;
248    ASN1_TYPE *oriValue;
249};
250
251struct CMS_DigestedData_st {
252    int32_t version;
253    X509_ALGOR *digestAlgorithm;
254    CMS_EncapsulatedContentInfo *encapContentInfo;
255    ASN1_OCTET_STRING *digest;
256};
257
258struct CMS_EncryptedData_st {
259    int32_t version;
260    CMS_EncryptedContentInfo *encryptedContentInfo;
261    STACK_OF(X509_ATTRIBUTE) *unprotectedAttrs;
262};
263
264struct CMS_AuthenticatedData_st {
265    int32_t version;
266    CMS_OriginatorInfo *originatorInfo;
267    STACK_OF(CMS_RecipientInfo) *recipientInfos;
268    X509_ALGOR *macAlgorithm;
269    X509_ALGOR *digestAlgorithm;
270    CMS_EncapsulatedContentInfo *encapContentInfo;
271    STACK_OF(X509_ATTRIBUTE) *authAttrs;
272    ASN1_OCTET_STRING *mac;
273    STACK_OF(X509_ATTRIBUTE) *unauthAttrs;
274};
275
276struct CMS_AuthEnvelopedData_st {
277    int32_t version;
278    CMS_OriginatorInfo *originatorInfo;
279    STACK_OF(CMS_RecipientInfo) *recipientInfos;
280    CMS_EncryptedContentInfo *authEncryptedContentInfo;
281    STACK_OF(X509_ATTRIBUTE) *authAttrs;
282    ASN1_OCTET_STRING *mac;
283    STACK_OF(X509_ATTRIBUTE) *unauthAttrs;
284};
285
286struct CMS_CompressedData_st {
287    int32_t version;
288    X509_ALGOR *compressionAlgorithm;
289    STACK_OF(CMS_RecipientInfo) *recipientInfos;
290    CMS_EncapsulatedContentInfo *encapContentInfo;
291};
292
293struct CMS_RevocationInfoChoice_st {
294    int type;
295    union {
296        X509_CRL *crl;
297        CMS_OtherRevocationInfoFormat *other;
298    } d;
299};
300
301# define CMS_REVCHOICE_CRL               0
302# define CMS_REVCHOICE_OTHER             1
303
304struct CMS_OtherRevocationInfoFormat_st {
305    ASN1_OBJECT *otherRevInfoFormat;
306    ASN1_TYPE *otherRevInfo;
307};
308
309struct CMS_CertificateChoices {
310    int type;
311    union {
312        X509 *certificate;
313        ASN1_STRING *extendedCertificate; /* Obsolete */
314        ASN1_STRING *v1AttrCert; /* Left encoded for now */
315        ASN1_STRING *v2AttrCert; /* Left encoded for now */
316        CMS_OtherCertificateFormat *other;
317    } d;
318};
319
320# define CMS_CERTCHOICE_CERT             0
321# define CMS_CERTCHOICE_EXCERT           1
322# define CMS_CERTCHOICE_V1ACERT          2
323# define CMS_CERTCHOICE_V2ACERT          3
324# define CMS_CERTCHOICE_OTHER            4
325
326struct CMS_OtherCertificateFormat_st {
327    ASN1_OBJECT *otherCertFormat;
328    ASN1_TYPE *otherCert;
329};
330
331/*
332 * This is also defined in pkcs7.h but we duplicate it to allow the CMS code
333 * to be independent of PKCS#7
334 */
335
336struct CMS_IssuerAndSerialNumber_st {
337    X509_NAME *issuer;
338    ASN1_INTEGER *serialNumber;
339};
340
341struct CMS_OtherKeyAttribute_st {
342    ASN1_OBJECT *keyAttrId;
343    ASN1_TYPE *keyAttr;
344};
345
346/* ESS structures */
347
348struct CMS_ReceiptRequest_st {
349    ASN1_OCTET_STRING *signedContentIdentifier;
350    CMS_ReceiptsFrom *receiptsFrom;
351    STACK_OF(GENERAL_NAMES) *receiptsTo;
352};
353
354struct CMS_ReceiptsFrom_st {
355    int type;
356    union {
357        int32_t allOrFirstTier;
358        STACK_OF(GENERAL_NAMES) *receiptList;
359    } d;
360};
361
362struct CMS_Receipt_st {
363    int32_t version;
364    ASN1_OBJECT *contentType;
365    ASN1_OCTET_STRING *signedContentIdentifier;
366    ASN1_OCTET_STRING *originatorSignatureValue;
367};
368
369DECLARE_ASN1_FUNCTIONS(CMS_ContentInfo)
370DECLARE_ASN1_ITEM(CMS_SignerInfo)
371DECLARE_ASN1_ITEM(CMS_IssuerAndSerialNumber)
372DECLARE_ASN1_ITEM(CMS_Attributes_Sign)
373DECLARE_ASN1_ITEM(CMS_Attributes_Verify)
374DECLARE_ASN1_ITEM(CMS_RecipientInfo)
375DECLARE_ASN1_ITEM(CMS_PasswordRecipientInfo)
376DECLARE_ASN1_ALLOC_FUNCTIONS(CMS_IssuerAndSerialNumber)
377
378# define CMS_SIGNERINFO_ISSUER_SERIAL    0
379# define CMS_SIGNERINFO_KEYIDENTIFIER    1
380
381# define CMS_RECIPINFO_ISSUER_SERIAL     0
382# define CMS_RECIPINFO_KEYIDENTIFIER     1
383
384# define CMS_REK_ISSUER_SERIAL           0
385# define CMS_REK_KEYIDENTIFIER           1
386
387# define CMS_OIK_ISSUER_SERIAL           0
388# define CMS_OIK_KEYIDENTIFIER           1
389# define CMS_OIK_PUBKEY                  2
390
391BIO *ossl_cms_content_bio(CMS_ContentInfo *cms);
392const CMS_CTX *ossl_cms_get0_cmsctx(const CMS_ContentInfo *cms);
393OSSL_LIB_CTX *ossl_cms_ctx_get0_libctx(const CMS_CTX *ctx);
394const char *ossl_cms_ctx_get0_propq(const CMS_CTX *ctx);
395void ossl_cms_resolve_libctx(CMS_ContentInfo *ci);
396
397CMS_ContentInfo *ossl_cms_Data_create(OSSL_LIB_CTX *ctx, const char *propq);
398
399CMS_ContentInfo *ossl_cms_DigestedData_create(const EVP_MD *md,
400                                              OSSL_LIB_CTX *libctx,
401                                              const char *propq);
402BIO *ossl_cms_DigestedData_init_bio(const CMS_ContentInfo *cms);
403int ossl_cms_DigestedData_do_final(const CMS_ContentInfo *cms,
404                                   BIO *chain, int verify);
405
406BIO *ossl_cms_SignedData_init_bio(CMS_ContentInfo *cms);
407int ossl_cms_SignedData_final(CMS_ContentInfo *cms, BIO *chain);
408int ossl_cms_set1_SignerIdentifier(CMS_SignerIdentifier *sid, X509 *cert,
409                                   int type, const CMS_CTX *ctx);
410int ossl_cms_SignerIdentifier_get0_signer_id(CMS_SignerIdentifier *sid,
411                                             ASN1_OCTET_STRING **keyid,
412                                             X509_NAME **issuer,
413                                             ASN1_INTEGER **sno);
414int ossl_cms_SignerIdentifier_cert_cmp(CMS_SignerIdentifier *sid, X509 *cert);
415
416CMS_ContentInfo *ossl_cms_CompressedData_create(int comp_nid,
417                                                OSSL_LIB_CTX *libctx,
418                                                const char *propq);
419BIO *ossl_cms_CompressedData_init_bio(const CMS_ContentInfo *cms);
420
421BIO *ossl_cms_DigestAlgorithm_init_bio(X509_ALGOR *digestAlgorithm,
422                                       const CMS_CTX *ctx);
423int ossl_cms_DigestAlgorithm_find_ctx(EVP_MD_CTX *mctx, BIO *chain,
424                                      X509_ALGOR *mdalg);
425
426int ossl_cms_ias_cert_cmp(CMS_IssuerAndSerialNumber *ias, X509 *cert);
427int ossl_cms_keyid_cert_cmp(ASN1_OCTET_STRING *keyid, X509 *cert);
428int ossl_cms_set1_ias(CMS_IssuerAndSerialNumber **pias, X509 *cert);
429int ossl_cms_set1_keyid(ASN1_OCTET_STRING **pkeyid, X509 *cert);
430
431BIO *ossl_cms_EncryptedContent_init_bio(CMS_EncryptedContentInfo *ec,
432                                        const CMS_CTX *ctx);
433BIO *ossl_cms_EncryptedData_init_bio(const CMS_ContentInfo *cms);
434int ossl_cms_EncryptedContent_init(CMS_EncryptedContentInfo *ec,
435                                   const EVP_CIPHER *cipher,
436                                   const unsigned char *key, size_t keylen,
437                                   const CMS_CTX *ctx);
438
439int ossl_cms_Receipt_verify(CMS_ContentInfo *cms, CMS_ContentInfo *req_cms);
440int ossl_cms_msgSigDigest_add1(CMS_SignerInfo *dest, CMS_SignerInfo *src);
441ASN1_OCTET_STRING *ossl_cms_encode_Receipt(CMS_SignerInfo *si);
442
443BIO *ossl_cms_EnvelopedData_init_bio(CMS_ContentInfo *cms);
444int ossl_cms_EnvelopedData_final(CMS_ContentInfo *cms, BIO *chain);
445BIO *ossl_cms_AuthEnvelopedData_init_bio(CMS_ContentInfo *cms);
446int ossl_cms_AuthEnvelopedData_final(CMS_ContentInfo *cms, BIO *cmsbio);
447void ossl_cms_env_enc_content_free(const CMS_ContentInfo *cinf);
448CMS_EnvelopedData *ossl_cms_get0_enveloped(CMS_ContentInfo *cms);
449CMS_AuthEnvelopedData *ossl_cms_get0_auth_enveloped(CMS_ContentInfo *cms);
450CMS_EncryptedContentInfo *ossl_cms_get0_env_enc_content(const CMS_ContentInfo *cms);
451
452/* RecipientInfo routines */
453int ossl_cms_env_asn1_ctrl(CMS_RecipientInfo *ri, int cmd);
454int ossl_cms_pkey_get_ri_type(EVP_PKEY *pk);
455int ossl_cms_pkey_is_ri_type_supported(EVP_PKEY *pk, int ri_type);
456
457void ossl_cms_RecipientInfos_set_cmsctx(CMS_ContentInfo *cms);
458
459/* KARI routines */
460int ossl_cms_RecipientInfo_kari_init(CMS_RecipientInfo *ri, X509 *recip,
461                                     EVP_PKEY *recipPubKey, X509 *originator,
462                                     EVP_PKEY *originatorPrivKey,
463                                     unsigned int flags,
464                                     const CMS_CTX *ctx);
465int ossl_cms_RecipientInfo_kari_encrypt(const CMS_ContentInfo *cms,
466                                        CMS_RecipientInfo *ri);
467
468/* PWRI routines */
469int ossl_cms_RecipientInfo_pwri_crypt(const CMS_ContentInfo *cms,
470                                      CMS_RecipientInfo *ri, int en_de);
471/* SignerInfo routines */
472int ossl_cms_si_check_attributes(const CMS_SignerInfo *si);
473void ossl_cms_SignerInfos_set_cmsctx(CMS_ContentInfo *cms);
474
475
476/* ESS routines */
477int ossl_cms_check_signing_certs(const CMS_SignerInfo *si,
478                                 const STACK_OF(X509) *chain);
479
480int ossl_cms_dh_envelope(CMS_RecipientInfo *ri, int decrypt);
481int ossl_cms_ecdh_envelope(CMS_RecipientInfo *ri, int decrypt);
482int ossl_cms_rsa_envelope(CMS_RecipientInfo *ri, int decrypt);
483int ossl_cms_ecdsa_dsa_sign(CMS_SignerInfo *si, int verify);
484int ossl_cms_rsa_sign(CMS_SignerInfo *si, int verify);
485
486DECLARE_ASN1_ITEM(CMS_CertificateChoices)
487DECLARE_ASN1_ITEM(CMS_DigestedData)
488DECLARE_ASN1_ITEM(CMS_EncryptedData)
489DECLARE_ASN1_ITEM(CMS_EnvelopedData)
490DECLARE_ASN1_ITEM(CMS_AuthEnvelopedData)
491DECLARE_ASN1_ITEM(CMS_KEKRecipientInfo)
492DECLARE_ASN1_ITEM(CMS_KeyAgreeRecipientInfo)
493DECLARE_ASN1_ITEM(CMS_KeyTransRecipientInfo)
494DECLARE_ASN1_ITEM(CMS_OriginatorPublicKey)
495DECLARE_ASN1_ITEM(CMS_OtherKeyAttribute)
496DECLARE_ASN1_ITEM(CMS_Receipt)
497DECLARE_ASN1_ITEM(CMS_ReceiptRequest)
498DECLARE_ASN1_ITEM(CMS_RecipientEncryptedKey)
499DECLARE_ASN1_ITEM(CMS_RecipientKeyIdentifier)
500DECLARE_ASN1_ITEM(CMS_RevocationInfoChoice)
501DECLARE_ASN1_ITEM(CMS_SignedData)
502DECLARE_ASN1_ITEM(CMS_CompressedData)
503
504#endif
505