summaryrefslogtreecommitdiff
path: root/src/lib/libcrypto/pkcs7
diff options
context:
space:
mode:
authorryker <>1998-10-05 20:13:14 +0000
committerryker <>1998-10-05 20:13:14 +0000
commitaeeae06a79815dc190061534d47236cec09f9e32 (patch)
tree851692b9c2f9c04f077666855641900f19fdb217 /src/lib/libcrypto/pkcs7
parenta4f79641824cbf9f60ca9d1168d1fcc46717a82a (diff)
downloadopenbsd-aeeae06a79815dc190061534d47236cec09f9e32.tar.gz
openbsd-aeeae06a79815dc190061534d47236cec09f9e32.tar.bz2
openbsd-aeeae06a79815dc190061534d47236cec09f9e32.zip
Import of SSLeay-0.9.0b with RSA and IDEA stubbed + OpenBSD build
functionality for shared libs. Note that routines such as sslv2_init and friends that use RSA will not work due to lack of RSA in this library. Needs documentation and help from ports for easy upgrade to full functionality where legally possible.
Diffstat (limited to 'src/lib/libcrypto/pkcs7')
-rw-r--r--src/lib/libcrypto/pkcs7/pk7_doit.c408
-rw-r--r--src/lib/libcrypto/pkcs7/pk7_lib.c449
-rw-r--r--src/lib/libcrypto/pkcs7/pkcs7.h449
-rw-r--r--src/lib/libcrypto/pkcs7/pkcs7err.c110
4 files changed, 1416 insertions, 0 deletions
diff --git a/src/lib/libcrypto/pkcs7/pk7_doit.c b/src/lib/libcrypto/pkcs7/pk7_doit.c
new file mode 100644
index 0000000000..b5689b3fe4
--- /dev/null
+++ b/src/lib/libcrypto/pkcs7/pk7_doit.c
@@ -0,0 +1,408 @@
1/* crypto/pkcs7/pk7_doit.c */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59#include <stdio.h>
60#include "cryptlib.h"
61#include "rand.h"
62#include "objects.h"
63#include "x509.h"
64
65BIO *PKCS7_dataInit(p7,bio)
66PKCS7 *p7;
67BIO *bio;
68 {
69 int i,j;
70 BIO *out=NULL,*btmp;
71 X509_ALGOR *xa;
72 EVP_MD *evp_md;
73 EVP_CIPHER *evp_cipher=NULL;
74 STACK *md_sk=NULL,*rsk=NULL;
75 X509_ALGOR *xalg=NULL;
76 PKCS7_RECIP_INFO *ri=NULL;
77 EVP_PKEY *pkey;
78
79 i=OBJ_obj2nid(p7->type);
80 p7->state=PKCS7_S_HEADER;
81
82 switch (i)
83 {
84 case NID_pkcs7_signed:
85 md_sk=p7->d.sign->md_algs;
86 break;
87 case NID_pkcs7_signedAndEnveloped:
88 rsk=p7->d.signed_and_enveloped->recipientinfo;
89 md_sk=p7->d.signed_and_enveloped->md_algs;
90 evp_cipher=EVP_get_cipherbyname(OBJ_nid2sn(OBJ_obj2nid(p7->d.signed_and_enveloped->enc_data->algorithm->algorithm)));
91 if (evp_cipher == NULL)
92 {
93 PKCS7err(PKCS7_F_PKCS7_DATAINIT,PKCS7_R_UNSUPPORTED_CIPHER_TYPE);
94 goto err;
95 }
96 xalg=p7->d.signed_and_enveloped->enc_data->algorithm;
97 break;
98 default:
99 PKCS7err(PKCS7_F_PKCS7_DATAINIT,PKCS7_R_UNSUPPORTED_CONTENT_TYPE);
100 goto err;
101 }
102
103 if (md_sk != NULL)
104 {
105 for (i=0; i<sk_num(md_sk); i++)
106 {
107 xa=(X509_ALGOR *)sk_value(md_sk,i);
108 if ((btmp=BIO_new(BIO_f_md())) == NULL) goto err;
109
110 j=OBJ_obj2nid(xa->algorithm);
111 evp_md=EVP_get_digestbyname(OBJ_nid2sn(j));
112 if (evp_md == NULL)
113 {
114 PKCS7err(PKCS7_F_PKCS7_DATAINIT,PKCS7_R_UNKNOWN_DIGEST_TYPE);
115 goto err;
116 }
117
118 BIO_set_md(btmp,evp_md);
119 if (out == NULL)
120 out=btmp;
121 else
122 BIO_push(out,btmp);
123 }
124 }
125
126 if (evp_cipher != NULL)
127 {
128 unsigned char key[EVP_MAX_KEY_LENGTH];
129 unsigned char iv[EVP_MAX_IV_LENGTH];
130 int keylen,ivlen;
131 int jj,max;
132 unsigned char *tmp;
133
134 if ((btmp=BIO_new(BIO_f_cipher())) == NULL) goto err;
135 keylen=EVP_CIPHER_key_length(evp_cipher);
136 ivlen=EVP_CIPHER_iv_length(evp_cipher);
137
138 if (ivlen > 0)
139 {
140 ASN1_OCTET_STRING *os;
141
142 RAND_bytes(iv,ivlen);
143 os=ASN1_OCTET_STRING_new();
144 ASN1_OCTET_STRING_set(os,iv,ivlen);
145 /* ASN1_TYPE_set(xalg->parameter,V_ASN1_OCTET_STRING,
146 (char *)os);
147 */ }
148 RAND_bytes(key,keylen);
149
150 /* Lets do the pub key stuff :-) */
151 max=0;
152 for (i=0; i<sk_num(rsk); i++)
153 {
154 ri=(PKCS7_RECIP_INFO *)sk_value(rsk,i);
155 if (ri->cert == NULL) abort();
156 pkey=X509_get_pubkey(ri->cert);
157 jj=EVP_PKEY_size(pkey);
158 if (max < jj) max=jj;
159 }
160 if ((tmp=(unsigned char *)Malloc(max)) == NULL) abort();
161 for (i=0; i<sk_num(rsk); i++)
162 {
163 ri=(PKCS7_RECIP_INFO *)sk_value(rsk,i);
164 pkey=X509_get_pubkey(ri->cert);
165 jj=EVP_PKEY_encrypt(tmp,key,keylen,pkey);
166 if (jj <= 0) abort();
167 ASN1_OCTET_STRING_set(ri->enc_key,tmp,jj);
168 }
169
170 BIO_set_cipher(btmp,evp_cipher,key,iv,1);
171
172 if (out == NULL)
173 out=btmp;
174 else
175 BIO_push(out,btmp);
176 }
177
178 if (bio == NULL) /* ??????????? */
179 {
180 if (p7->detached)
181 bio=BIO_new(BIO_s_null());
182 else
183 {
184 bio=BIO_new(BIO_s_mem());
185 if (PKCS7_type_is_signed(p7) &&
186 PKCS7_type_is_data(p7->d.sign->contents))
187 {
188 ASN1_OCTET_STRING *os;
189
190 os=p7->d.sign->contents->d.data;
191 if (os->length > 0)
192 BIO_write(bio,(char *)os->data,
193 os->length);
194 }
195 }
196 }
197 BIO_push(out,bio);
198 return(out);
199err:
200 return(NULL);
201 }
202
203int PKCS7_dataSign(p7,bio)
204PKCS7 *p7;
205BIO *bio;
206 {
207 int ret=0;
208 int i,j;
209 BIO *btmp;
210 BUF_MEM *buf_mem=NULL;
211 BUF_MEM *buf=NULL;
212 PKCS7_SIGNER_INFO *si;
213 EVP_MD_CTX *mdc,ctx_tmp;
214 STACK *sk,*si_sk=NULL;
215 unsigned char *p,*pp=NULL;
216 int x;
217 ASN1_OCTET_STRING *os=NULL;
218
219 i=OBJ_obj2nid(p7->type);
220 p7->state=PKCS7_S_HEADER;
221
222 switch (i)
223 {
224 case NID_pkcs7_signedAndEnveloped:
225 /* XXXXXXXXXXXXXXXX */
226 si_sk=p7->d.signed_and_enveloped->signer_info;
227 os=ASN1_OCTET_STRING_new();
228 p7->d.signed_and_enveloped->enc_data->enc_data=os;
229 break;
230 case NID_pkcs7_signed:
231 si_sk=p7->d.sign->signer_info;
232 os=p7->d.sign->contents->d.data;
233 break;
234 }
235
236 if (si_sk != NULL)
237 {
238 if ((buf=BUF_MEM_new()) == NULL) goto err;
239 for (i=0; i<sk_num(si_sk); i++)
240 {
241 si=(PKCS7_SIGNER_INFO *)
242 sk_value(si_sk,i);
243 if (si->pkey == NULL)
244 continue;
245 j=OBJ_obj2nid(si->digest_enc_alg->algorithm);
246
247 btmp=bio;
248 for (;;)
249 {
250 if ((btmp=BIO_find_type(btmp,BIO_TYPE_MD))
251 == NULL)
252 {
253 PKCS7err(PKCS7_F_PKCS7_DATASIGN,PKCS7_R_UNABLE_TO_FIND_MESSAGE_DIGEST);
254 goto err;
255 }
256 BIO_get_md_ctx(btmp,&mdc);
257 if (mdc == NULL)
258 {
259 PKCS7err(PKCS7_F_PKCS7_DATASIGN,PKCS7_R_INTERNAL_ERROR);
260 goto err;
261 }
262 if (EVP_MD_pkey_type(EVP_MD_CTX_type(mdc)) == j)
263 break;
264 else
265 btmp=btmp->next_bio;
266 }
267
268 /* We now have the EVP_MD_CTX, lets do the
269 * signing. */
270 memcpy(&ctx_tmp,mdc,sizeof(ctx_tmp));
271 if (!BUF_MEM_grow(buf,EVP_PKEY_size(si->pkey)))
272 goto err;
273
274 sk=si->auth_attr;
275 if ((sk != NULL) && (sk_num(sk) != 0))
276 {
277 x=i2d_ASN1_SET(sk,NULL,i2d_X509_ATTRIBUTE,
278 V_ASN1_SET,V_ASN1_UNIVERSAL);
279 pp=(unsigned char *)Malloc(i);
280 p=pp;
281 i2d_ASN1_SET(sk,&p,i2d_X509_ATTRIBUTE,
282 V_ASN1_SET,V_ASN1_UNIVERSAL);
283 EVP_SignUpdate(&ctx_tmp,pp,x);
284 Free(pp);
285 }
286
287 if (!EVP_SignFinal(&ctx_tmp,(unsigned char *)buf->data,
288 (unsigned int *)&buf->length,si->pkey))
289 goto err;
290 if (!ASN1_STRING_set(si->enc_digest,
291 (unsigned char *)buf->data,buf->length))
292 goto err;
293 }
294 if (p7->detached)
295 ASN1_OCTET_STRING_set(os,(unsigned char *)"",0);
296 else
297 {
298 btmp=BIO_find_type(bio,BIO_TYPE_MEM);
299 if (btmp == NULL)
300 {
301 PKCS7err(PKCS7_F_PKCS7_DATASIGN,PKCS7_R_UNABLE_TO_FIND_MEM_BIO);
302 goto err;
303 }
304 BIO_get_mem_ptr(btmp,&buf_mem);
305 ASN1_OCTET_STRING_set(os,
306 (unsigned char *)buf_mem->data,buf_mem->length);
307 }
308 if (pp != NULL) Free(pp);
309 pp=NULL;
310 }
311
312 ret=1;
313err:
314 if (buf != NULL) BUF_MEM_free(buf);
315 return(ret);
316 }
317
318int PKCS7_dataVerify(cert_store,ctx,bio,p7,si)
319X509_STORE *cert_store;
320X509_STORE_CTX *ctx;
321BIO *bio;
322PKCS7 *p7;
323PKCS7_SIGNER_INFO *si;
324 {
325 PKCS7_SIGNED *s;
326 ASN1_OCTET_STRING *os;
327 EVP_MD_CTX mdc_tmp,*mdc;
328 unsigned char *pp,*p;
329 PKCS7_ISSUER_AND_SERIAL *ias;
330 int ret=0,md_type,i;
331 STACK *sk;
332 BIO *btmp;
333 X509 *x509;
334
335 if (!PKCS7_type_is_signed(p7)) abort();
336 /* XXXXXXXXXXXXXXXXXXXXXXX */
337 ias=si->issuer_and_serial;
338 s=p7->d.sign;
339
340 x509=X509_find_by_issuer_and_serial(s->cert,ias->issuer,ias->serial);
341
342 /* were we able to find the cert in passed to us */
343 if (x509 == NULL)
344 {
345 PKCS7err(PKCS7_F_PKCS7_DATAVERIFY,PKCS7_R_UNABLE_TO_FIND_CERTIFICATE);
346 goto err;
347 }
348
349 /* Lets verify */
350 X509_STORE_CTX_init(ctx,cert_store,x509,s->cert);
351 i=X509_verify_cert(ctx);
352 if (i <= 0) goto err;
353 X509_STORE_CTX_cleanup(ctx);
354
355 /* So we like 'x509', lets check the signature. */
356 md_type=OBJ_obj2nid(si->digest_alg->algorithm);
357
358 btmp=bio;
359 for (;;)
360 {
361 if ((btmp == NULL) ||
362 ((btmp=BIO_find_type(btmp,BIO_TYPE_MD)) == NULL))
363 {
364 PKCS7err(PKCS7_F_PKCS7_DATAVERIFY,PKCS7_R_UNABLE_TO_FIND_MESSAGE_DIGEST);
365 goto err;
366 }
367 BIO_get_md_ctx(btmp,&mdc);
368 if (mdc == NULL)
369 {
370 PKCS7err(PKCS7_F_PKCS7_DATAVERIFY,PKCS7_R_INTERNAL_ERROR);
371 goto err;
372 }
373 if (EVP_MD_type(EVP_MD_CTX_type(mdc)) == md_type)
374 break;
375 btmp=btmp->next_bio;
376 }
377
378 /* mdc is the digest ctx that we want */
379 memcpy(&mdc_tmp,mdc,sizeof(mdc_tmp));
380
381 sk=si->auth_attr;
382 if ((sk != NULL) && (sk_num(sk) != 0))
383 {
384 i=i2d_ASN1_SET(sk,NULL,i2d_X509_ATTRIBUTE,
385 V_ASN1_SET,V_ASN1_UNIVERSAL);
386 pp=(unsigned char *)malloc(i);
387 p=pp;
388 i2d_ASN1_SET(sk,&p,i2d_X509_ATTRIBUTE,
389 V_ASN1_SET,V_ASN1_UNIVERSAL);
390 EVP_VerifyUpdate(&mdc_tmp,pp,i);
391 free(pp);
392 }
393
394 os=si->enc_digest;
395 i=EVP_VerifyFinal(&mdc_tmp,os->data,os->length,
396 X509_get_pubkey(x509));
397 if (i <= 0)
398 {
399 PKCS7err(PKCS7_F_PKCS7_DATAVERIFY,PKCS7_R_SIGNATURE_FAILURE);
400 ret= -1;
401 goto err;
402 }
403 else
404 ret=1;
405err:
406 return(ret);
407 }
408
diff --git a/src/lib/libcrypto/pkcs7/pk7_lib.c b/src/lib/libcrypto/pkcs7/pk7_lib.c
new file mode 100644
index 0000000000..7d14ad1173
--- /dev/null
+++ b/src/lib/libcrypto/pkcs7/pk7_lib.c
@@ -0,0 +1,449 @@
1/* crypto/pkcs7/pk7_lib.c */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59#include <stdio.h>
60#include "cryptlib.h"
61#include "objects.h"
62#include "x509.h"
63
64long PKCS7_ctrl(p7,cmd,larg,parg)
65PKCS7 *p7;
66int cmd;
67long larg;
68char *parg;
69 {
70 int nid;
71 long ret;
72
73 nid=OBJ_obj2nid(p7->type);
74
75 switch (cmd)
76 {
77 case PKCS7_OP_SET_DETACHED_SIGNATURE:
78 if (nid == NID_pkcs7_signed)
79 {
80 ret=p7->detached=(int)larg;
81 }
82 else
83 {
84 PKCS7err(PKCS7_F_PKCS7_CTRL,PKCS7_R_OPERATION_NOT_SUPPORTED_ON_THIS_TYPE);
85 ret=0;
86 }
87 break;
88 case PKCS7_OP_GET_DETACHED_SIGNATURE:
89 if (nid == NID_pkcs7_signed)
90 {
91 ret=p7->detached;
92 }
93 else
94 {
95 PKCS7err(PKCS7_F_PKCS7_CTRL,PKCS7_R_OPERATION_NOT_SUPPORTED_ON_THIS_TYPE);
96 ret=0;
97 }
98
99 break;
100 default:
101 abort();
102 }
103 return(ret);
104 }
105
106int PKCS7_content_new(p7,type)
107PKCS7 *p7;
108int type;
109 {
110 PKCS7 *ret=NULL;
111
112 if ((ret=PKCS7_new()) == NULL) goto err;
113 if (!PKCS7_set_type(ret,type)) goto err;
114 if (!PKCS7_set_content(p7,ret)) goto err;
115
116 return(1);
117err:
118 if (ret != NULL) PKCS7_free(ret);
119 return(0);
120 }
121
122int PKCS7_set_content(p7,p7_data)
123PKCS7 *p7;
124PKCS7 *p7_data;
125 {
126 int i;
127
128 i=OBJ_obj2nid(p7->type);
129 switch (i)
130 {
131 case NID_pkcs7_signed:
132 if (p7->d.sign->contents != NULL)
133 PKCS7_content_free(p7->d.sign->contents);
134 p7->d.sign->contents=p7_data;
135 break;
136 case NID_pkcs7_digest:
137 case NID_pkcs7_data:
138 case NID_pkcs7_enveloped:
139 case NID_pkcs7_signedAndEnveloped:
140 case NID_pkcs7_encrypted:
141 default:
142 PKCS7err(PKCS7_F_PKCS7_SET_CONTENT,PKCS7_R_UNSUPPORTED_CONTENT_TYPE);
143 goto err;
144 }
145 return(1);
146err:
147 return(0);
148 }
149
150int PKCS7_set_type(p7,type)
151PKCS7 *p7;
152int type;
153 {
154 ASN1_OBJECT *obj;
155
156 PKCS7_content_free(p7);
157 obj=OBJ_nid2obj(type); /* will not fail */
158
159 switch (type)
160 {
161 case NID_pkcs7_signed:
162 p7->type=obj;
163 if ((p7->d.sign=PKCS7_SIGNED_new()) == NULL)
164 goto err;
165 ASN1_INTEGER_set(p7->d.sign->version,1);
166 break;
167 case NID_pkcs7_data:
168 p7->type=obj;
169 if ((p7->d.data=ASN1_OCTET_STRING_new()) == NULL)
170 goto err;
171 break;
172 case NID_pkcs7_signedAndEnveloped:
173 p7->type=obj;
174 if ((p7->d.signed_and_enveloped=PKCS7_SIGN_ENVELOPE_new())
175 == NULL)
176 goto err;
177 ASN1_INTEGER_set(p7->d.sign->version,1);
178 break;
179 case NID_pkcs7_digest:
180 case NID_pkcs7_enveloped:
181 case NID_pkcs7_encrypted:
182 default:
183 PKCS7err(PKCS7_F_PKCS7_SET_TYPE,PKCS7_R_UNSUPPORTED_CONTENT_TYPE);
184 goto err;
185 }
186 return(1);
187err:
188 return(0);
189 }
190
191int PKCS7_add_signer(p7,psi)
192PKCS7 *p7;
193PKCS7_SIGNER_INFO *psi;
194 {
195 int i,j,nid;
196 X509_ALGOR *alg;
197 STACK *signer_sk;
198 STACK *md_sk;
199
200 i=OBJ_obj2nid(p7->type);
201 switch (i)
202 {
203 case NID_pkcs7_signed:
204 signer_sk= p7->d.sign->signer_info;
205 md_sk= p7->d.sign->md_algs;
206 break;
207 case NID_pkcs7_signedAndEnveloped:
208 signer_sk= p7->d.signed_and_enveloped->signer_info;
209 md_sk= p7->d.signed_and_enveloped->md_algs;
210 break;
211 default:
212 PKCS7err(PKCS7_F_PKCS7_ADD_SIGNER,PKCS7_R_WRONG_CONTENT_TYPE);
213 return(0);
214 }
215
216 nid=OBJ_obj2nid(psi->digest_alg->algorithm);
217
218 /* If the digest is not currently listed, add it */
219 j=0;
220 for (i=0; i<sk_num(md_sk); i++)
221 {
222 alg=(X509_ALGOR *)sk_value(md_sk,i);
223 if (OBJ_obj2nid(alg->algorithm) == nid)
224 {
225 j=1;
226 break;
227 }
228 }
229 if (!j) /* we need to add another algorithm */
230 {
231 alg=X509_ALGOR_new();
232 alg->algorithm=OBJ_nid2obj(nid);
233 sk_push(md_sk,(char *)alg);
234 }
235
236 sk_push(signer_sk,(char *)psi);
237 return(1);
238 }
239
240int PKCS7_add_certificate(p7,x509)
241PKCS7 *p7;
242X509 *x509;
243 {
244 int i;
245 STACK **sk;
246
247 i=OBJ_obj2nid(p7->type);
248 switch (i)
249 {
250 case NID_pkcs7_signed:
251 sk= &(p7->d.sign->cert);
252 break;
253 case NID_pkcs7_signedAndEnveloped:
254 sk= &(p7->d.signed_and_enveloped->cert);
255 break;
256 default:
257 PKCS7err(PKCS7_F_PKCS7_ADD_CERTIFICATE,PKCS7_R_WRONG_CONTENT_TYPE);
258 return(0);
259 }
260
261 if (*sk == NULL)
262 *sk=sk_new_null();
263 CRYPTO_add(&x509->references,1,CRYPTO_LOCK_X509);
264 sk_push(*sk,(char *)x509);
265 return(1);
266 }
267
268int PKCS7_add_crl(p7,crl)
269PKCS7 *p7;
270X509_CRL *crl;
271 {
272 int i;
273 STACK **sk;
274
275 i=OBJ_obj2nid(p7->type);
276 switch (i)
277 {
278 case NID_pkcs7_signed:
279 sk= &(p7->d.sign->crl);
280 break;
281 case NID_pkcs7_signedAndEnveloped:
282 sk= &(p7->d.signed_and_enveloped->crl);
283 break;
284 default:
285 PKCS7err(PKCS7_F_PKCS7_ADD_CRL,PKCS7_R_WRONG_CONTENT_TYPE);
286 return(0);
287 }
288
289 if (*sk == NULL)
290 *sk=sk_new_null();
291
292 CRYPTO_add(&crl->references,1,CRYPTO_LOCK_X509_CRL);
293 sk_push(*sk,(char *)crl);
294 return(1);
295 }
296
297int PKCS7_SIGNER_INFO_set(p7i,x509,pkey,dgst)
298PKCS7_SIGNER_INFO *p7i;
299X509 *x509;
300EVP_PKEY *pkey;
301EVP_MD *dgst;
302 {
303 /* We now need to add another PKCS7_SIGNER_INFO entry */
304 ASN1_INTEGER_set(p7i->version,1);
305 X509_NAME_set(&p7i->issuer_and_serial->issuer,
306 X509_get_issuer_name(x509));
307
308 /* because ASN1_INTEGER_set is used to set a 'long' we will do
309 * things the ugly way. */
310 ASN1_INTEGER_free(p7i->issuer_and_serial->serial);
311 p7i->issuer_and_serial->serial=
312 ASN1_INTEGER_dup(X509_get_serialNumber(x509));
313
314 /* lets keep the pkey around for a while */
315 CRYPTO_add(&pkey->references,1,CRYPTO_LOCK_EVP_PKEY);
316 p7i->pkey=pkey;
317
318 /* Set the algorithms */
319 p7i->digest_alg->algorithm=OBJ_nid2obj(EVP_MD_type(dgst));
320 p7i->digest_enc_alg->algorithm=OBJ_nid2obj(EVP_MD_pkey_type(dgst));
321
322#if 1
323 if (p7i->digest_enc_alg->parameter != NULL)
324 ASN1_TYPE_free(p7i->digest_enc_alg->parameter);
325 if ((p7i->digest_enc_alg->parameter=ASN1_TYPE_new()) == NULL)
326 goto err;
327 p7i->digest_enc_alg->parameter->type=V_ASN1_NULL;
328#endif
329
330 return(1);
331err:
332 return(0);
333 }
334
335PKCS7_SIGNER_INFO *PKCS7_add_signature(p7,x509,pkey,dgst)
336PKCS7 *p7;
337X509 *x509;
338EVP_PKEY *pkey;
339EVP_MD *dgst;
340 {
341 PKCS7_SIGNER_INFO *si;
342
343 if ((si=PKCS7_SIGNER_INFO_new()) == NULL) goto err;
344 if (!PKCS7_SIGNER_INFO_set(si,x509,pkey,dgst)) goto err;
345 if (!PKCS7_add_signer(p7,si)) goto err;
346 return(si);
347err:
348 return(NULL);
349 }
350
351STACK *PKCS7_get_signer_info(p7)
352PKCS7 *p7;
353 {
354 if (PKCS7_type_is_signed(p7))
355 {
356 return(p7->d.sign->signer_info);
357 }
358 else
359 return(NULL);
360 }
361
362PKCS7_RECIP_INFO *PKCS7_add_recipient(p7,x509)
363PKCS7 *p7;
364X509 *x509;
365 {
366 PKCS7_RECIP_INFO *ri;
367
368 if ((ri=PKCS7_RECIP_INFO_new()) == NULL) goto err;
369 if (!PKCS7_RECIP_INFO_set(ri,x509)) goto err;
370 if (!PKCS7_add_recipient_info(p7,ri)) goto err;
371 return(ri);
372err:
373 return(NULL);
374 }
375
376int PKCS7_add_recipient_info(p7,ri)
377PKCS7 *p7;
378PKCS7_RECIP_INFO *ri;
379 {
380 int i;
381 STACK *sk;
382
383 i=OBJ_obj2nid(p7->type);
384 switch (i)
385 {
386 case NID_pkcs7_signedAndEnveloped:
387 sk= p7->d.signed_and_enveloped->recipientinfo;
388 break;
389 default:
390 PKCS7err(PKCS7_F_PKCS7_ADD_RECIPIENT_INFO,PKCS7_R_WRONG_CONTENT_TYPE);
391 return(0);
392 }
393
394 sk_push(sk,(char *)ri);
395 return(1);
396 }
397
398int PKCS7_RECIP_INFO_set(p7i,x509)
399PKCS7_RECIP_INFO *p7i;
400X509 *x509;
401 {
402 ASN1_INTEGER_set(p7i->version,0);
403 X509_NAME_set(&p7i->issuer_and_serial->issuer,
404 X509_get_issuer_name(x509));
405
406 ASN1_INTEGER_free(p7i->issuer_and_serial->serial);
407 p7i->issuer_and_serial->serial=
408 ASN1_INTEGER_dup(X509_get_serialNumber(x509));
409
410 CRYPTO_add(&x509->references,1,CRYPTO_LOCK_X509);
411 p7i->cert=x509;
412
413 return(1);
414 }
415
416X509 *PKCS7_cert_from_signer_info(p7,si)
417PKCS7 *p7;
418PKCS7_SIGNER_INFO *si;
419 {
420 if (PKCS7_type_is_signed(p7))
421 return(X509_find_by_issuer_and_serial(p7->d.sign->cert,
422 si->issuer_and_serial->issuer,
423 si->issuer_and_serial->serial));
424 else
425 return(NULL);
426 }
427
428int PKCS7_set_cipher(p7,cipher)
429PKCS7 *p7;
430EVP_CIPHER *cipher;
431 {
432 int i;
433 PKCS7_ENC_CONTENT *ec;
434
435 i=OBJ_obj2nid(p7->type);
436 switch (i)
437 {
438 case NID_pkcs7_signedAndEnveloped:
439 ec=p7->d.signed_and_enveloped->enc_data;
440 break;
441 default:
442 PKCS7err(PKCS7_F_PKCS7_SET_CIPHER,PKCS7_R_WRONG_CONTENT_TYPE);
443 return(0);
444 }
445
446 ec->algorithm->algorithm=OBJ_nid2obj(EVP_CIPHER_nid(cipher));
447 return(ec->algorithm->algorithm != NULL);
448 }
449
diff --git a/src/lib/libcrypto/pkcs7/pkcs7.h b/src/lib/libcrypto/pkcs7/pkcs7.h
new file mode 100644
index 0000000000..ee12f670a8
--- /dev/null
+++ b/src/lib/libcrypto/pkcs7/pkcs7.h
@@ -0,0 +1,449 @@
1/* crypto/pkcs7/pkcs7.h */
2/* Copyright (C) 1995-1998 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58
59#ifndef HEADER_PKCS7_H
60#define HEADER_PKCS7_H
61
62#ifdef __cplusplus
63extern "C" {
64#endif
65
66#include "bio.h"
67#include "x509.h"
68
69/*
70Encryption_ID DES-CBC
71Digest_ID MD5
72Digest_Encryption_ID rsaEncryption
73Key_Encryption_ID rsaEncryption
74*/
75
76typedef struct pkcs7_issuer_and_serial_st
77 {
78 X509_NAME *issuer;
79 ASN1_INTEGER *serial;
80 } PKCS7_ISSUER_AND_SERIAL;
81
82typedef struct pkcs7_signer_info_st
83 {
84 ASN1_INTEGER *version; /* version 1 */
85 PKCS7_ISSUER_AND_SERIAL *issuer_and_serial;
86 X509_ALGOR *digest_alg;
87 STACK /* X509_ATTRIBUTE */ *auth_attr; /* [ 0 ] */
88 X509_ALGOR *digest_enc_alg;
89 ASN1_OCTET_STRING *enc_digest;
90 STACK /* X509_ATTRIBUTE */ *unauth_attr; /* [ 1 ] */
91
92 /* The private key to sign with */
93 EVP_PKEY *pkey;
94 } PKCS7_SIGNER_INFO;
95
96typedef struct pkcs7_recip_info_st
97 {
98 ASN1_INTEGER *version; /* version 0 */
99 PKCS7_ISSUER_AND_SERIAL *issuer_and_serial;
100 X509_ALGOR *key_enc_algor;
101 ASN1_OCTET_STRING *enc_key;
102 X509 *cert; /* get the pub-key from this */
103 } PKCS7_RECIP_INFO;
104
105typedef struct pkcs7_signed_st
106 {
107 ASN1_INTEGER *version; /* version 1 */
108 STACK /* X509_ALGOR's */ *md_algs; /* md used */
109 STACK /* X509 */ *cert; /* [ 0 ] */
110 STACK /* X509_CRL */ *crl; /* [ 1 ] */
111 STACK /* PKCS7_SIGNER_INFO */ *signer_info;
112
113 struct pkcs7_st *contents;
114 } PKCS7_SIGNED;
115/* The above structure is very very similar to PKCS7_SIGN_ENVELOPE.
116 * How about merging the two */
117
118typedef struct pkcs7_enc_content_st
119 {
120 ASN1_OBJECT *content_type;
121 X509_ALGOR *algorithm;
122 ASN1_OCTET_STRING *enc_data; /* [ 0 ] */
123 } PKCS7_ENC_CONTENT;
124
125typedef struct pkcs7_enveloped_st
126 {
127 ASN1_INTEGER *version; /* version 0 */
128 STACK /* PKCS7_RECIP_INFO */ *recipientinfo;
129 PKCS7_ENC_CONTENT *enc_data;
130 } PKCS7_ENVELOPE;
131
132typedef struct pkcs7_signedandenveloped_st
133 {
134 ASN1_INTEGER *version; /* version 1 */
135 STACK /* X509_ALGOR's */ *md_algs; /* md used */
136 STACK /* X509 */ *cert; /* [ 0 ] */
137 STACK /* X509_CRL */ *crl; /* [ 1 ] */
138 STACK /* PKCS7_SIGNER_INFO */ *signer_info;
139
140 PKCS7_ENC_CONTENT *enc_data;
141 STACK /* PKCS7_RECIP_INFO */ *recipientinfo;
142 } PKCS7_SIGN_ENVELOPE;
143
144typedef struct pkcs7_digest_st
145 {
146 ASN1_INTEGER *version; /* version 0 */
147 X509_ALGOR *md; /* md used */
148 struct pkcs7_st *contents;
149 ASN1_OCTET_STRING *digest;
150 } PKCS7_DIGEST;
151
152typedef struct pkcs7_encrypted_st
153 {
154 ASN1_INTEGER *version; /* version 0 */
155 PKCS7_ENC_CONTENT *enc_data;
156 } PKCS7_ENCRYPT;
157
158typedef struct pkcs7_st
159 {
160 /* The following is non NULL if it contains ASN1 encoding of
161 * this structure */
162 unsigned char *asn1;
163 long length;
164
165#define PKCS7_S_HEADER 0
166#define PKCS7_S_BODY 1
167#define PKCS7_S_TAIL 2
168 int state; /* used during processing */
169
170 int detached;
171
172 ASN1_OBJECT *type;
173 /* content as defined by the type */
174 /* all encryption/message digests are applied to the 'contents',
175 * leaving out the 'type' field. */
176 union {
177 char *ptr;
178
179 /* NID_pkcs7_data */
180 ASN1_OCTET_STRING *data;
181
182 /* NID_pkcs7_signed */
183 PKCS7_SIGNED *sign;
184
185 /* NID_pkcs7_enveloped */
186 PKCS7_ENVELOPE *enveloped;
187
188 /* NID_pkcs7_signedAndEnveloped */
189 PKCS7_SIGN_ENVELOPE *signed_and_enveloped;
190
191 /* NID_pkcs7_digest */
192 PKCS7_DIGEST *digest;
193
194 /* NID_pkcs7_encrypted */
195 PKCS7_ENCRYPT *encrypted;
196 } d;
197 } PKCS7;
198
199#define PKCS7_OP_SET_DETACHED_SIGNATURE 1
200#define PKCS7_OP_GET_DETACHED_SIGNATURE 2
201
202#define PKCS7_type_is_signed(a) (OBJ_obj2nid((a)->type) == NID_pkcs7_signed)
203#define PKCS7_type_is_data(a) (OBJ_obj2nid((a)->type) == NID_pkcs7_data)
204
205#define PKCS7_set_detached(p,v) \
206 PKCS7_ctrl(p,PKCS7_OP_SET_DETACHED_SIGNATURE,v,NULL)
207#define PKCS7_get_detached(p) \
208 PKCS7_ctrl(p,PKCS7_OP_GET_DETACHED_SIGNATURE,0,NULL)
209
210#ifdef SSLEAY_MACROS
211
212#define PKCS7_ISSUER_AND_SERIAL_digest(data,type,md,len) \
213 ASN1_digest((int (*)())i2d_PKCS7_ISSUER_AND_SERIAL,type,\
214 (char *)data,md,len)
215#endif
216
217
218#ifndef NOPROTO
219PKCS7_ISSUER_AND_SERIAL *PKCS7_ISSUER_AND_SERIAL_new(void );
220void PKCS7_ISSUER_AND_SERIAL_free(
221 PKCS7_ISSUER_AND_SERIAL *a);
222int i2d_PKCS7_ISSUER_AND_SERIAL(
223 PKCS7_ISSUER_AND_SERIAL *a,unsigned char **pp);
224PKCS7_ISSUER_AND_SERIAL *d2i_PKCS7_ISSUER_AND_SERIAL(
225 PKCS7_ISSUER_AND_SERIAL **a,
226 unsigned char **pp, long length);
227
228#ifndef SSLEAY_MACROS
229int PKCS7_ISSUER_AND_SERIAL_digest(PKCS7_ISSUER_AND_SERIAL *data,EVP_MD *type,
230 unsigned char *md,unsigned int *len);
231#ifndef NO_FP_API
232PKCS7 *d2i_PKCS7_fp(FILE *fp,PKCS7 *p7);
233int i2d_PKCS7_fp(FILE *fp,PKCS7 *p7);
234#endif
235PKCS7 *PKCS7_dup(PKCS7 *p7);
236PKCS7 *d2i_PKCS7_bio(BIO *bp,PKCS7 *p7);
237int i2d_PKCS7_bio(BIO *bp,PKCS7 *p7);
238#endif
239
240PKCS7_SIGNER_INFO *PKCS7_SIGNER_INFO_new(void);
241void PKCS7_SIGNER_INFO_free(PKCS7_SIGNER_INFO *a);
242int i2d_PKCS7_SIGNER_INFO(PKCS7_SIGNER_INFO *a,
243 unsigned char **pp);
244PKCS7_SIGNER_INFO *d2i_PKCS7_SIGNER_INFO(PKCS7_SIGNER_INFO **a,
245 unsigned char **pp,long length);
246
247PKCS7_RECIP_INFO *PKCS7_RECIP_INFO_new(void);
248void PKCS7_RECIP_INFO_free(PKCS7_RECIP_INFO *a);
249int i2d_PKCS7_RECIP_INFO(PKCS7_RECIP_INFO *a,
250 unsigned char **pp);
251PKCS7_RECIP_INFO *d2i_PKCS7_RECIP_INFO(PKCS7_RECIP_INFO **a,
252 unsigned char **pp,long length);
253
254PKCS7_SIGNED *PKCS7_SIGNED_new(void);
255void PKCS7_SIGNED_free(PKCS7_SIGNED *a);
256int i2d_PKCS7_SIGNED(PKCS7_SIGNED *a,
257 unsigned char **pp);
258PKCS7_SIGNED *d2i_PKCS7_SIGNED(PKCS7_SIGNED **a,
259 unsigned char **pp,long length);
260
261PKCS7_ENC_CONTENT *PKCS7_ENC_CONTENT_new(void);
262void PKCS7_ENC_CONTENT_free(PKCS7_ENC_CONTENT *a);
263int i2d_PKCS7_ENC_CONTENT(PKCS7_ENC_CONTENT *a,
264 unsigned char **pp);
265PKCS7_ENC_CONTENT *d2i_PKCS7_ENC_CONTENT(PKCS7_ENC_CONTENT **a,
266 unsigned char **pp,long length);
267
268PKCS7_ENVELOPE *PKCS7_ENVELOPE_new(void);
269void PKCS7_ENVELOPE_free(PKCS7_ENVELOPE *a);
270int i2d_PKCS7_ENVELOPE(PKCS7_ENVELOPE *a,
271 unsigned char **pp);
272PKCS7_ENVELOPE *d2i_PKCS7_ENVELOPE(PKCS7_ENVELOPE **a,
273 unsigned char **pp,long length);
274
275PKCS7_SIGN_ENVELOPE *PKCS7_SIGN_ENVELOPE_new(void);
276void PKCS7_SIGN_ENVELOPE_free(PKCS7_SIGN_ENVELOPE *a);
277int i2d_PKCS7_SIGN_ENVELOPE(PKCS7_SIGN_ENVELOPE *a,
278 unsigned char **pp);
279PKCS7_SIGN_ENVELOPE *d2i_PKCS7_SIGN_ENVELOPE(PKCS7_SIGN_ENVELOPE **a,
280 unsigned char **pp,long length);
281
282PKCS7_DIGEST *PKCS7_DIGEST_new(void);
283void PKCS7_DIGEST_free(PKCS7_DIGEST *a);
284int i2d_PKCS7_DIGEST(PKCS7_DIGEST *a,
285 unsigned char **pp);
286PKCS7_DIGEST *d2i_PKCS7_DIGEST(PKCS7_DIGEST **a,
287 unsigned char **pp,long length);
288
289PKCS7_ENCRYPT *PKCS7_ENCRYPT_new(void);
290void PKCS7_ENCRYPT_free(PKCS7_ENCRYPT *a);
291int i2d_PKCS7_ENCRYPT(PKCS7_ENCRYPT *a,
292 unsigned char **pp);
293PKCS7_ENCRYPT *d2i_PKCS7_ENCRYPT(PKCS7_ENCRYPT **a,
294 unsigned char **pp,long length);
295
296PKCS7 *PKCS7_new(void);
297void PKCS7_free(PKCS7 *a);
298void PKCS7_content_free(PKCS7 *a);
299int i2d_PKCS7(PKCS7 *a,
300 unsigned char **pp);
301PKCS7 *d2i_PKCS7(PKCS7 **a,
302 unsigned char **pp,long length);
303
304void ERR_load_PKCS7_strings(void);
305
306
307long PKCS7_ctrl(PKCS7 *p7, int cmd, long larg, char *parg);
308
309int PKCS7_set_type(PKCS7 *p7, int type);
310int PKCS7_set_content(PKCS7 *p7, PKCS7 *p7_data);
311int PKCS7_SIGNER_INFO_set(PKCS7_SIGNER_INFO *p7i, X509 *x509, EVP_PKEY *pkey,
312 EVP_MD *dgst);
313int PKCS7_add_signer(PKCS7 *p7, PKCS7_SIGNER_INFO *p7i);
314int PKCS7_add_certificate(PKCS7 *p7, X509 *x509);
315int PKCS7_add_crl(PKCS7 *p7, X509_CRL *x509);
316int PKCS7_content_new(PKCS7 *p7, int nid);
317int PKCS7_dataSign(PKCS7 *p7, BIO *bio);
318int PKCS7_dataVerify(X509_STORE *cert_store, X509_STORE_CTX *ctx,
319 BIO *bio, PKCS7 *p7, PKCS7_SIGNER_INFO *si);
320
321BIO *PKCS7_dataInit(PKCS7 *p7, BIO *bio);
322/*int PKCS7_DataFinal(PKCS7 *p7, BIO *bio); */
323
324PKCS7_SIGNER_INFO *PKCS7_add_signature(PKCS7 *p7, X509 *x509,
325 EVP_PKEY *pkey, EVP_MD *dgst);
326X509 *PKCS7_cert_from_signer_info(PKCS7 *p7, PKCS7_SIGNER_INFO *si);
327STACK *PKCS7_get_signer_info(PKCS7 *p7);
328
329PKCS7_RECIP_INFO *PKCS7_add_recipient(PKCS7 *p7, X509 *x509);
330int PKCS7_add_recipient_info(PKCS7 *p7, PKCS7_RECIP_INFO *ri);
331int PKCS7_RECIP_INFO_set(PKCS7_RECIP_INFO *p7i, X509 *x509);
332int PKCS7_set_cipher(PKCS7 *p7, EVP_CIPHER *cipher);
333
334
335
336#else
337
338PKCS7_ISSUER_AND_SERIAL *PKCS7_ISSUER_AND_SERIAL_new();
339void PKCS7_ISSUER_AND_SERIAL_free();
340int i2d_PKCS7_ISSUER_AND_SERIAL();
341PKCS7_ISSUER_AND_SERIAL *d2i_PKCS7_ISSUER_AND_SERIAL();
342
343#ifndef SSLEAY_MACROS
344int PKCS7_ISSUER_AND_SERIAL_digest();
345#ifndef NO_FP_API
346PKCS7 *d2i_PKCS7_fp();
347int i2d_PKCS7_fp();
348#endif
349PKCS7 *PKCS7_dup();
350PKCS7 *d2i_PKCS7_bio();
351int i2d_PKCS7_bio();
352
353#endif
354
355PKCS7_SIGNER_INFO *PKCS7_SIGNER_INFO_new();
356void PKCS7_SIGNER_INFO_free();
357int i2d_PKCS7_SIGNER_INFO();
358PKCS7_SIGNER_INFO *d2i_PKCS7_SIGNER_INFO();
359PKCS7_RECIP_INFO *PKCS7_RECIP_INFO_new();
360void PKCS7_RECIP_INFO_free();
361int i2d_PKCS7_RECIP_INFO();
362PKCS7_RECIP_INFO *d2i_PKCS7_RECIP_INFO();
363PKCS7_SIGNED *PKCS7_SIGNED_new();
364void PKCS7_SIGNED_free();
365int i2d_PKCS7_SIGNED();
366PKCS7_SIGNED *d2i_PKCS7_SIGNED();
367PKCS7_ENC_CONTENT *PKCS7_ENC_CONTENT_new();
368void PKCS7_ENC_CONTENT_free();
369int i2d_PKCS7_ENC_CONTENT();
370PKCS7_ENC_CONTENT *d2i_PKCS7_ENC_CONTENT();
371PKCS7_ENVELOPE *PKCS7_ENVELOPE_new();
372void PKCS7_ENVELOPE_free();
373int i2d_PKCS7_ENVELOPE();
374PKCS7_ENVELOPE *d2i_PKCS7_ENVELOPE();
375PKCS7_SIGN_ENVELOPE *PKCS7_SIGN_ENVELOPE_new();
376void PKCS7_SIGN_ENVELOPE_free();
377int i2d_PKCS7_SIGN_ENVELOPE();
378PKCS7_SIGN_ENVELOPE *d2i_PKCS7_SIGN_ENVELOPE();
379PKCS7_DIGEST *PKCS7_DIGEST_new();
380void PKCS7_DIGEST_free();
381int i2d_PKCS7_DIGEST();
382PKCS7_DIGEST *d2i_PKCS7_DIGEST();
383PKCS7_ENCRYPT *PKCS7_ENCRYPT_new();
384void PKCS7_ENCRYPT_free();
385int i2d_PKCS7_ENCRYPT();
386PKCS7_ENCRYPT *d2i_PKCS7_ENCRYPT();
387PKCS7 *PKCS7_new();
388void PKCS7_free();
389void PKCS7_content_free();
390int i2d_PKCS7();
391PKCS7 *d2i_PKCS7();
392
393void ERR_load_PKCS7_strings();
394
395long PKCS7_ctrl();
396int PKCS7_set_type();
397int PKCS7_set_content();
398int PKCS7_SIGNER_INFO_set();
399int PKCS7_add_signer();
400int PKCS7_add_certificate();
401int PKCS7_add_crl();
402int PKCS7_content_new();
403int PKCS7_dataSign();
404int PKCS7_dataVerify();
405BIO *PKCS7_dataInit();
406PKCS7_SIGNER_INFO *PKCS7_add_signature();
407X509 *PKCS7_cert_from_signer_info();
408STACK *PKCS7_get_signer_info();
409
410PKCS7_RECIP_INFO *PKCS7_add_recipient();
411int PKCS7_add_recipient_info();
412int PKCS7_RECIP_INFO_set();
413int PKCS7_set_cipher();
414
415#endif
416
417/* BEGIN ERROR CODES */
418/* Error codes for the PKCS7 functions. */
419
420/* Function codes. */
421#define PKCS7_F_PKCS7_ADD_CERTIFICATE 100
422#define PKCS7_F_PKCS7_ADD_CRL 101
423#define PKCS7_F_PKCS7_ADD_RECIPIENT_INFO 102
424#define PKCS7_F_PKCS7_ADD_SIGNER 103
425#define PKCS7_F_PKCS7_CTRL 104
426#define PKCS7_F_PKCS7_DATAINIT 105
427#define PKCS7_F_PKCS7_DATASIGN 106
428#define PKCS7_F_PKCS7_DATAVERIFY 107
429#define PKCS7_F_PKCS7_SET_CIPHER 108
430#define PKCS7_F_PKCS7_SET_CONTENT 109
431#define PKCS7_F_PKCS7_SET_TYPE 110
432
433/* Reason codes. */
434#define PKCS7_R_INTERNAL_ERROR 100
435#define PKCS7_R_OPERATION_NOT_SUPPORTED_ON_THIS_TYPE 101
436#define PKCS7_R_SIGNATURE_FAILURE 102
437#define PKCS7_R_UNABLE_TO_FIND_CERTIFICATE 103
438#define PKCS7_R_UNABLE_TO_FIND_MEM_BIO 104
439#define PKCS7_R_UNABLE_TO_FIND_MESSAGE_DIGEST 105
440#define PKCS7_R_UNKNOWN_DIGEST_TYPE 106
441#define PKCS7_R_UNSUPPORTED_CIPHER_TYPE 107
442#define PKCS7_R_UNSUPPORTED_CONTENT_TYPE 108
443#define PKCS7_R_WRONG_CONTENT_TYPE 109
444
445#ifdef __cplusplus
446}
447#endif
448#endif
449
diff --git a/src/lib/libcrypto/pkcs7/pkcs7err.c b/src/lib/libcrypto/pkcs7/pkcs7err.c
new file mode 100644
index 0000000000..f851057422
--- /dev/null
+++ b/src/lib/libcrypto/pkcs7/pkcs7err.c
@@ -0,0 +1,110 @@
1/* lib/pkcs7/pkcs7_err.c */
2/* Copyright (C) 1995-1997 Eric Young (eay@cryptsoft.com)
3 * All rights reserved.
4 *
5 * This package is an SSL implementation written
6 * by Eric Young (eay@cryptsoft.com).
7 * The implementation was written so as to conform with Netscapes SSL.
8 *
9 * This library is free for commercial and non-commercial use as long as
10 * the following conditions are aheared to. The following conditions
11 * apply to all code found in this distribution, be it the RC4, RSA,
12 * lhash, DES, etc., code; not just the SSL code. The SSL documentation
13 * included with this distribution is covered by the same copyright terms
14 * except that the holder is Tim Hudson (tjh@cryptsoft.com).
15 *
16 * Copyright remains Eric Young's, and as such any Copyright notices in
17 * the code are not to be removed.
18 * If this package is used in a product, Eric Young should be given attribution
19 * as the author of the parts of the library used.
20 * This can be in the form of a textual message at program startup or
21 * in documentation (online or textual) provided with the package.
22 *
23 * Redistribution and use in source and binary forms, with or without
24 * modification, are permitted provided that the following conditions
25 * are met:
26 * 1. Redistributions of source code must retain the copyright
27 * notice, this list of conditions and the following disclaimer.
28 * 2. Redistributions in binary form must reproduce the above copyright
29 * notice, this list of conditions and the following disclaimer in the
30 * documentation and/or other materials provided with the distribution.
31 * 3. All advertising materials mentioning features or use of this software
32 * must display the following acknowledgement:
33 * "This product includes cryptographic software written by
34 * Eric Young (eay@cryptsoft.com)"
35 * The word 'cryptographic' can be left out if the rouines from the library
36 * being used are not cryptographic related :-).
37 * 4. If you include any Windows specific code (or a derivative thereof) from
38 * the apps directory (application code) you must include an acknowledgement:
39 * "This product includes software written by Tim Hudson (tjh@cryptsoft.com)"
40 *
41 * THIS SOFTWARE IS PROVIDED BY ERIC YOUNG ``AS IS'' AND
42 * ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
43 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE
44 * ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR OR CONTRIBUTORS BE LIABLE
45 * FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL
46 * DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS
47 * OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT
49 * LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
50 * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
51 * SUCH DAMAGE.
52 *
53 * The licence and distribution terms for any publically available version or
54 * derivative of this code cannot be changed. i.e. this code cannot simply be
55 * copied and put under another distribution licence
56 * [including the GNU Public Licence.]
57 */
58#include <stdio.h>
59#include "err.h"
60#include "pkcs7.h"
61
62/* BEGIN ERROR CODES */
63#ifndef NO_ERR
64static ERR_STRING_DATA PKCS7_str_functs[]=
65 {
66{ERR_PACK(0,PKCS7_F_PKCS7_ADD_CERTIFICATE,0), "PKCS7_add_certificate"},
67{ERR_PACK(0,PKCS7_F_PKCS7_ADD_CRL,0), "PKCS7_add_crl"},
68{ERR_PACK(0,PKCS7_F_PKCS7_ADD_RECIPIENT_INFO,0), "PKCS7_add_recipient_info"},
69{ERR_PACK(0,PKCS7_F_PKCS7_ADD_SIGNER,0), "PKCS7_add_signer"},
70{ERR_PACK(0,PKCS7_F_PKCS7_CTRL,0), "PKCS7_ctrl"},
71{ERR_PACK(0,PKCS7_F_PKCS7_DATAINIT,0), "PKCS7_dataInit"},
72{ERR_PACK(0,PKCS7_F_PKCS7_DATASIGN,0), "PKCS7_dataSign"},
73{ERR_PACK(0,PKCS7_F_PKCS7_DATAVERIFY,0), "PKCS7_dataVerify"},
74{ERR_PACK(0,PKCS7_F_PKCS7_SET_CIPHER,0), "PKCS7_set_cipher"},
75{ERR_PACK(0,PKCS7_F_PKCS7_SET_CONTENT,0), "PKCS7_set_content"},
76{ERR_PACK(0,PKCS7_F_PKCS7_SET_TYPE,0), "PKCS7_set_type"},
77{0,NULL},
78 };
79
80static ERR_STRING_DATA PKCS7_str_reasons[]=
81 {
82{PKCS7_R_INTERNAL_ERROR ,"internal error"},
83{PKCS7_R_OPERATION_NOT_SUPPORTED_ON_THIS_TYPE,"operation not supported on this type"},
84{PKCS7_R_SIGNATURE_FAILURE ,"signature failure"},
85{PKCS7_R_UNABLE_TO_FIND_CERTIFICATE ,"unable to find certificate"},
86{PKCS7_R_UNABLE_TO_FIND_MEM_BIO ,"unable to find mem bio"},
87{PKCS7_R_UNABLE_TO_FIND_MESSAGE_DIGEST ,"unable to find message digest"},
88{PKCS7_R_UNKNOWN_DIGEST_TYPE ,"unknown digest type"},
89{PKCS7_R_UNSUPPORTED_CIPHER_TYPE ,"unsupported cipher type"},
90{PKCS7_R_UNSUPPORTED_CONTENT_TYPE ,"unsupported content type"},
91{PKCS7_R_WRONG_CONTENT_TYPE ,"wrong content type"},
92{0,NULL},
93 };
94
95#endif
96
97void ERR_load_PKCS7_strings()
98 {
99 static int init=1;
100
101 if (init);
102 {;
103 init=0;
104#ifndef NO_ERR
105 ERR_load_strings(ERR_LIB_PKCS7,PKCS7_str_functs);
106 ERR_load_strings(ERR_LIB_PKCS7,PKCS7_str_reasons);
107#endif
108
109 }
110 }
generated by cgit v1.2.3-55-g6feb (git 2.39.1) at 2025-08-16 08:35:38 +0000