summaryrefslogtreecommitdiff
path: root/src/lib/libc
diff options
context:
space:
mode:
Diffstat (limited to '')
-rw-r--r--src/lib/libcrypto/pkcs7/pk7_asn1.c634
1 files changed, 545 insertions, 89 deletions
diff --git a/src/lib/libcrypto/pkcs7/pk7_asn1.c b/src/lib/libcrypto/pkcs7/pk7_asn1.c
index 2699ace988..81e4a01f14 100644
--- a/src/lib/libcrypto/pkcs7/pk7_asn1.c
+++ b/src/lib/libcrypto/pkcs7/pk7_asn1.c
@@ -1,4 +1,4 @@
1/* $OpenBSD: pk7_asn1.c,v 1.11 2015/02/10 06:37:38 jsing Exp $ */ 1/* $OpenBSD: pk7_asn1.c,v 1.12 2015/07/25 15:33:06 jsing Exp $ */
2/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL 2/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
3 * project 2000. 3 * project 2000.
4 */ 4 */
@@ -66,23 +66,92 @@
66 66
67/* This is the ANY DEFINED BY table for the top level PKCS#7 structure */ 67/* This is the ANY DEFINED BY table for the top level PKCS#7 structure */
68 68
69ASN1_ADB_TEMPLATE(p7default) = ASN1_EXP_OPT(PKCS7, d.other, ASN1_ANY, 0); 69static const ASN1_TEMPLATE p7default_tt = {
70 70 .flags = ASN1_TFLG_EXPLICIT | ASN1_TFLG_OPTIONAL,
71ASN1_ADB(PKCS7) = { 71 .tag = 0,
72 ADB_ENTRY(NID_pkcs7_data, 72 .offset = offsetof(PKCS7, d.other),
73 ASN1_NDEF_EXP_OPT(PKCS7, d.data, ASN1_OCTET_STRING_NDEF, 0)), 73 .field_name = "d.other",
74 ADB_ENTRY(NID_pkcs7_signed, 74 .item = &ASN1_ANY_it,
75 ASN1_NDEF_EXP_OPT(PKCS7, d.sign, PKCS7_SIGNED, 0)), 75};
76 ADB_ENTRY(NID_pkcs7_enveloped, 76
77 ASN1_NDEF_EXP_OPT(PKCS7, d.enveloped, PKCS7_ENVELOPE, 0)), 77static const ASN1_ADB_TABLE PKCS7_adbtbl[] = {
78 ADB_ENTRY(NID_pkcs7_signedAndEnveloped, 78 {
79 ASN1_NDEF_EXP_OPT(PKCS7, d.signed_and_enveloped, 79 .value = NID_pkcs7_data,
80 PKCS7_SIGN_ENVELOPE, 0)), 80 .tt = {
81 ADB_ENTRY(NID_pkcs7_digest, 81 .flags = ASN1_TFLG_EXPLICIT | ASN1_TFLG_OPTIONAL | ASN1_TFLG_NDEF,
82 ASN1_NDEF_EXP_OPT(PKCS7, d.digest, PKCS7_DIGEST, 0)), 82 .tag = 0,
83 ADB_ENTRY(NID_pkcs7_encrypted, 83 .offset = offsetof(PKCS7, d.data),
84 ASN1_NDEF_EXP_OPT(PKCS7, d.encrypted, PKCS7_ENCRYPT, 0)) 84 .field_name = "d.data",
85} ASN1_ADB_END(PKCS7, 0, type, 0, &p7default_tt, NULL); 85 .item = &ASN1_OCTET_STRING_NDEF_it,
86 },
87
88 },
89 {
90 .value = NID_pkcs7_signed,
91 .tt = {
92 .flags = ASN1_TFLG_EXPLICIT | ASN1_TFLG_OPTIONAL | ASN1_TFLG_NDEF,
93 .tag = 0,
94 .offset = offsetof(PKCS7, d.sign),
95 .field_name = "d.sign",
96 .item = &PKCS7_SIGNED_it,
97 },
98
99 },
100 {
101 .value = NID_pkcs7_enveloped,
102 .tt = {
103 .flags = ASN1_TFLG_EXPLICIT | ASN1_TFLG_OPTIONAL | ASN1_TFLG_NDEF,
104 .tag = 0,
105 .offset = offsetof(PKCS7, d.enveloped),
106 .field_name = "d.enveloped",
107 .item = &PKCS7_ENVELOPE_it,
108 },
109
110 },
111 {
112 .value = NID_pkcs7_signedAndEnveloped,
113 .tt = {
114 .flags = ASN1_TFLG_EXPLICIT | ASN1_TFLG_OPTIONAL | ASN1_TFLG_NDEF,
115 .tag = 0,
116 .offset = offsetof(PKCS7, d.signed_and_enveloped),
117 .field_name = "d.signed_and_enveloped",
118 .item = &PKCS7_SIGN_ENVELOPE_it,
119 },
120
121 },
122 {
123 .value = NID_pkcs7_digest,
124 .tt = {
125 .flags = ASN1_TFLG_EXPLICIT | ASN1_TFLG_OPTIONAL | ASN1_TFLG_NDEF,
126 .tag = 0,
127 .offset = offsetof(PKCS7, d.digest),
128 .field_name = "d.digest",
129 .item = &PKCS7_DIGEST_it,
130 },
131
132 },
133 {
134 .value = NID_pkcs7_encrypted,
135 .tt = {
136 .flags = ASN1_TFLG_EXPLICIT | ASN1_TFLG_OPTIONAL | ASN1_TFLG_NDEF,
137 .tag = 0,
138 .offset = offsetof(PKCS7, d.encrypted),
139 .field_name = "d.encrypted",
140 .item = &PKCS7_ENCRYPT_it,
141 },
142
143 },
144};
145
146static const ASN1_ADB PKCS7_adb = {
147 .flags = 0,
148 .offset = offsetof(PKCS7, type),
149 .app_items = 0,
150 .tbl = PKCS7_adbtbl,
151 .tblcount = sizeof(PKCS7_adbtbl) / sizeof(ASN1_ADB_TABLE),
152 .default_tt = &p7default_tt,
153 .null_tt = NULL,
154};
86 155
87/* PKCS#7 streaming support */ 156/* PKCS#7 streaming support */
88static int 157static int
@@ -111,10 +180,40 @@ pk7_cb(int operation, ASN1_VALUE **pval, const ASN1_ITEM *it, void *exarg)
111 return 1; 180 return 1;
112} 181}
113 182
114ASN1_NDEF_SEQUENCE_cb(PKCS7, pk7_cb) = { 183static const ASN1_AUX PKCS7_aux = {
115 ASN1_SIMPLE(PKCS7, type, ASN1_OBJECT), 184 .app_data = NULL,
116 ASN1_ADB_OBJECT(PKCS7) 185 .flags = 0,
117}ASN1_NDEF_SEQUENCE_END_cb(PKCS7, PKCS7) 186 .ref_offset = 0,
187 .ref_lock = 0,
188 .asn1_cb = pk7_cb,
189 .enc_offset = 0,
190};
191static const ASN1_TEMPLATE PKCS7_seq_tt[] = {
192 {
193 .flags = 0,
194 .tag = 0,
195 .offset = offsetof(PKCS7, type),
196 .field_name = "type",
197 .item = &ASN1_OBJECT_it,
198 },
199 {
200 .flags = ASN1_TFLG_ADB_OID,
201 .tag = -1,
202 .offset = 0,
203 .field_name = "PKCS7",
204 .item = (const ASN1_ITEM *)&PKCS7_adb,
205 },
206};
207
208const ASN1_ITEM PKCS7_it = {
209 .itype = ASN1_ITYPE_NDEF_SEQUENCE,
210 .utype = V_ASN1_SEQUENCE,
211 .templates = PKCS7_seq_tt,
212 .tcount = sizeof(PKCS7_seq_tt) / sizeof(ASN1_TEMPLATE),
213 .funcs = &PKCS7_aux,
214 .size = sizeof(PKCS7),
215 .sname = "PKCS7",
216};
118 217
119 218
120PKCS7 * 219PKCS7 *
@@ -154,14 +253,60 @@ PKCS7_dup(PKCS7 *x)
154 return ASN1_item_dup(&PKCS7_it, x); 253 return ASN1_item_dup(&PKCS7_it, x);
155} 254}
156 255
157ASN1_NDEF_SEQUENCE(PKCS7_SIGNED) = { 256static const ASN1_TEMPLATE PKCS7_SIGNED_seq_tt[] = {
158 ASN1_SIMPLE(PKCS7_SIGNED, version, ASN1_INTEGER), 257 {
159 ASN1_SET_OF(PKCS7_SIGNED, md_algs, X509_ALGOR), 258 .flags = 0,
160 ASN1_SIMPLE(PKCS7_SIGNED, contents, PKCS7), 259 .tag = 0,
161 ASN1_IMP_SEQUENCE_OF_OPT(PKCS7_SIGNED, cert, X509, 0), 260 .offset = offsetof(PKCS7_SIGNED, version),
162 ASN1_IMP_SET_OF_OPT(PKCS7_SIGNED, crl, X509_CRL, 1), 261 .field_name = "version",
163 ASN1_SET_OF(PKCS7_SIGNED, signer_info, PKCS7_SIGNER_INFO) 262 .item = &ASN1_INTEGER_it,
164} ASN1_NDEF_SEQUENCE_END(PKCS7_SIGNED) 263 },
264 {
265 .flags = ASN1_TFLG_SET_OF,
266 .tag = 0,
267 .offset = offsetof(PKCS7_SIGNED, md_algs),
268 .field_name = "md_algs",
269 .item = &X509_ALGOR_it,
270 },
271 {
272 .flags = 0,
273 .tag = 0,
274 .offset = offsetof(PKCS7_SIGNED, contents),
275 .field_name = "contents",
276 .item = &PKCS7_it,
277 },
278 {
279 .flags = ASN1_TFLG_IMPLICIT | ASN1_TFLG_SEQUENCE_OF | ASN1_TFLG_OPTIONAL,
280 .tag = 0,
281 .offset = offsetof(PKCS7_SIGNED, cert),
282 .field_name = "cert",
283 .item = &X509_it,
284 },
285 {
286 .flags = ASN1_TFLG_IMPLICIT | ASN1_TFLG_SET_OF | ASN1_TFLG_OPTIONAL,
287 .tag = 1,
288 .offset = offsetof(PKCS7_SIGNED, crl),
289 .field_name = "crl",
290 .item = &X509_CRL_it,
291 },
292 {
293 .flags = ASN1_TFLG_SET_OF,
294 .tag = 0,
295 .offset = offsetof(PKCS7_SIGNED, signer_info),
296 .field_name = "signer_info",
297 .item = &PKCS7_SIGNER_INFO_it,
298 },
299};
300
301const ASN1_ITEM PKCS7_SIGNED_it = {
302 .itype = ASN1_ITYPE_NDEF_SEQUENCE,
303 .utype = V_ASN1_SEQUENCE,
304 .templates = PKCS7_SIGNED_seq_tt,
305 .tcount = sizeof(PKCS7_SIGNED_seq_tt) / sizeof(ASN1_TEMPLATE),
306 .funcs = NULL,
307 .size = sizeof(PKCS7_SIGNED),
308 .sname = "PKCS7_SIGNED",
309};
165 310
166 311
167PKCS7_SIGNED * 312PKCS7_SIGNED *
@@ -200,22 +345,80 @@ si_cb(int operation, ASN1_VALUE **pval, const ASN1_ITEM *it, void *exarg)
200 return 1; 345 return 1;
201} 346}
202 347
203ASN1_SEQUENCE_cb(PKCS7_SIGNER_INFO, si_cb) = { 348static const ASN1_AUX PKCS7_SIGNER_INFO_aux = {
204 ASN1_SIMPLE(PKCS7_SIGNER_INFO, version, ASN1_INTEGER), 349 .app_data = NULL,
205 ASN1_SIMPLE(PKCS7_SIGNER_INFO, issuer_and_serial, 350 .flags = 0,
206 PKCS7_ISSUER_AND_SERIAL), 351 .ref_offset = 0,
207 ASN1_SIMPLE(PKCS7_SIGNER_INFO, digest_alg, X509_ALGOR), 352 .ref_lock = 0,
353 .asn1_cb = si_cb,
354 .enc_offset = 0,
355};
356static const ASN1_TEMPLATE PKCS7_SIGNER_INFO_seq_tt[] = {
357 {
358 .flags = 0,
359 .tag = 0,
360 .offset = offsetof(PKCS7_SIGNER_INFO, version),
361 .field_name = "version",
362 .item = &ASN1_INTEGER_it,
363 },
364 {
365 .flags = 0,
366 .tag = 0,
367 .offset = offsetof(PKCS7_SIGNER_INFO, issuer_and_serial),
368 .field_name = "issuer_and_serial",
369 .item = &PKCS7_ISSUER_AND_SERIAL_it,
370 },
371 {
372 .flags = 0,
373 .tag = 0,
374 .offset = offsetof(PKCS7_SIGNER_INFO, digest_alg),
375 .field_name = "digest_alg",
376 .item = &X509_ALGOR_it,
377 },
208 /* NB this should be a SET OF but we use a SEQUENCE OF so the 378 /* NB this should be a SET OF but we use a SEQUENCE OF so the
209 * original order * is retained when the structure is reencoded. 379 * original order * is retained when the structure is reencoded.
210 * Since the attributes are implicitly tagged this will not affect 380 * Since the attributes are implicitly tagged this will not affect
211 * the encoding. 381 * the encoding.
212 */ 382 */
213 ASN1_IMP_SEQUENCE_OF_OPT(PKCS7_SIGNER_INFO, auth_attr, 383 {
214 X509_ATTRIBUTE, 0), 384 .flags = ASN1_TFLG_IMPLICIT | ASN1_TFLG_SEQUENCE_OF | ASN1_TFLG_OPTIONAL,
215 ASN1_SIMPLE(PKCS7_SIGNER_INFO, digest_enc_alg, X509_ALGOR), 385 .tag = 0,
216 ASN1_SIMPLE(PKCS7_SIGNER_INFO, enc_digest, ASN1_OCTET_STRING), 386 .offset = offsetof(PKCS7_SIGNER_INFO, auth_attr),
217 ASN1_IMP_SET_OF_OPT(PKCS7_SIGNER_INFO, unauth_attr, X509_ATTRIBUTE, 1) 387 .field_name = "auth_attr",
218} ASN1_SEQUENCE_END_cb(PKCS7_SIGNER_INFO, PKCS7_SIGNER_INFO) 388 .item = &X509_ATTRIBUTE_it,
389 },
390 {
391 .flags = 0,
392 .tag = 0,
393 .offset = offsetof(PKCS7_SIGNER_INFO, digest_enc_alg),
394 .field_name = "digest_enc_alg",
395 .item = &X509_ALGOR_it,
396 },
397 {
398 .flags = 0,
399 .tag = 0,
400 .offset = offsetof(PKCS7_SIGNER_INFO, enc_digest),
401 .field_name = "enc_digest",
402 .item = &ASN1_OCTET_STRING_it,
403 },
404 {
405 .flags = ASN1_TFLG_IMPLICIT | ASN1_TFLG_SET_OF | ASN1_TFLG_OPTIONAL,
406 .tag = 1,
407 .offset = offsetof(PKCS7_SIGNER_INFO, unauth_attr),
408 .field_name = "unauth_attr",
409 .item = &X509_ATTRIBUTE_it,
410 },
411};
412
413const ASN1_ITEM PKCS7_SIGNER_INFO_it = {
414 .itype = ASN1_ITYPE_SEQUENCE,
415 .utype = V_ASN1_SEQUENCE,
416 .templates = PKCS7_SIGNER_INFO_seq_tt,
417 .tcount = sizeof(PKCS7_SIGNER_INFO_seq_tt) / sizeof(ASN1_TEMPLATE),
418 .funcs = &PKCS7_SIGNER_INFO_aux,
419 .size = sizeof(PKCS7_SIGNER_INFO),
420 .sname = "PKCS7_SIGNER_INFO",
421};
219 422
220 423
221PKCS7_SIGNER_INFO * 424PKCS7_SIGNER_INFO *
@@ -243,10 +446,32 @@ PKCS7_SIGNER_INFO_free(PKCS7_SIGNER_INFO *a)
243 ASN1_item_free((ASN1_VALUE *)a, &PKCS7_SIGNER_INFO_it); 446 ASN1_item_free((ASN1_VALUE *)a, &PKCS7_SIGNER_INFO_it);
244} 447}
245 448
246ASN1_SEQUENCE(PKCS7_ISSUER_AND_SERIAL) = { 449static const ASN1_TEMPLATE PKCS7_ISSUER_AND_SERIAL_seq_tt[] = {
247 ASN1_SIMPLE(PKCS7_ISSUER_AND_SERIAL, issuer, X509_NAME), 450 {
248 ASN1_SIMPLE(PKCS7_ISSUER_AND_SERIAL, serial, ASN1_INTEGER) 451 .flags = 0,
249} ASN1_SEQUENCE_END(PKCS7_ISSUER_AND_SERIAL) 452 .tag = 0,
453 .offset = offsetof(PKCS7_ISSUER_AND_SERIAL, issuer),
454 .field_name = "issuer",
455 .item = &X509_NAME_it,
456 },
457 {
458 .flags = 0,
459 .tag = 0,
460 .offset = offsetof(PKCS7_ISSUER_AND_SERIAL, serial),
461 .field_name = "serial",
462 .item = &ASN1_INTEGER_it,
463 },
464};
465
466const ASN1_ITEM PKCS7_ISSUER_AND_SERIAL_it = {
467 .itype = ASN1_ITYPE_SEQUENCE,
468 .utype = V_ASN1_SEQUENCE,
469 .templates = PKCS7_ISSUER_AND_SERIAL_seq_tt,
470 .tcount = sizeof(PKCS7_ISSUER_AND_SERIAL_seq_tt) / sizeof(ASN1_TEMPLATE),
471 .funcs = NULL,
472 .size = sizeof(PKCS7_ISSUER_AND_SERIAL),
473 .sname = "PKCS7_ISSUER_AND_SERIAL",
474};
250 475
251 476
252PKCS7_ISSUER_AND_SERIAL * 477PKCS7_ISSUER_AND_SERIAL *
@@ -274,11 +499,39 @@ PKCS7_ISSUER_AND_SERIAL_free(PKCS7_ISSUER_AND_SERIAL *a)
274 ASN1_item_free((ASN1_VALUE *)a, &PKCS7_ISSUER_AND_SERIAL_it); 499 ASN1_item_free((ASN1_VALUE *)a, &PKCS7_ISSUER_AND_SERIAL_it);
275} 500}
276 501
277ASN1_NDEF_SEQUENCE(PKCS7_ENVELOPE) = { 502static const ASN1_TEMPLATE PKCS7_ENVELOPE_seq_tt[] = {
278 ASN1_SIMPLE(PKCS7_ENVELOPE, version, ASN1_INTEGER), 503 {
279 ASN1_SET_OF(PKCS7_ENVELOPE, recipientinfo, PKCS7_RECIP_INFO), 504 .flags = 0,
280 ASN1_SIMPLE(PKCS7_ENVELOPE, enc_data, PKCS7_ENC_CONTENT) 505 .tag = 0,
281} ASN1_NDEF_SEQUENCE_END(PKCS7_ENVELOPE) 506 .offset = offsetof(PKCS7_ENVELOPE, version),
507 .field_name = "version",
508 .item = &ASN1_INTEGER_it,
509 },
510 {
511 .flags = ASN1_TFLG_SET_OF,
512 .tag = 0,
513 .offset = offsetof(PKCS7_ENVELOPE, recipientinfo),
514 .field_name = "recipientinfo",
515 .item = &PKCS7_RECIP_INFO_it,
516 },
517 {
518 .flags = 0,
519 .tag = 0,
520 .offset = offsetof(PKCS7_ENVELOPE, enc_data),
521 .field_name = "enc_data",
522 .item = &PKCS7_ENC_CONTENT_it,
523 },
524};
525
526const ASN1_ITEM PKCS7_ENVELOPE_it = {
527 .itype = ASN1_ITYPE_NDEF_SEQUENCE,
528 .utype = V_ASN1_SEQUENCE,
529 .templates = PKCS7_ENVELOPE_seq_tt,
530 .tcount = sizeof(PKCS7_ENVELOPE_seq_tt) / sizeof(ASN1_TEMPLATE),
531 .funcs = NULL,
532 .size = sizeof(PKCS7_ENVELOPE),
533 .sname = "PKCS7_ENVELOPE",
534};
282 535
283 536
284PKCS7_ENVELOPE * 537PKCS7_ENVELOPE *
@@ -317,13 +570,54 @@ ri_cb(int operation, ASN1_VALUE **pval, const ASN1_ITEM *it, void *exarg)
317 return 1; 570 return 1;
318} 571}
319 572
320ASN1_SEQUENCE_cb(PKCS7_RECIP_INFO, ri_cb) = { 573static const ASN1_AUX PKCS7_RECIP_INFO_aux = {
321 ASN1_SIMPLE(PKCS7_RECIP_INFO, version, ASN1_INTEGER), 574 .app_data = NULL,
322 ASN1_SIMPLE(PKCS7_RECIP_INFO, issuer_and_serial, 575 .flags = 0,
323 PKCS7_ISSUER_AND_SERIAL), 576 .ref_offset = 0,
324 ASN1_SIMPLE(PKCS7_RECIP_INFO, key_enc_algor, X509_ALGOR), 577 .ref_lock = 0,
325 ASN1_SIMPLE(PKCS7_RECIP_INFO, enc_key, ASN1_OCTET_STRING) 578 .asn1_cb = ri_cb,
326} ASN1_SEQUENCE_END_cb(PKCS7_RECIP_INFO, PKCS7_RECIP_INFO) 579 .enc_offset = 0,
580};
581static const ASN1_TEMPLATE PKCS7_RECIP_INFO_seq_tt[] = {
582 {
583 .flags = 0,
584 .tag = 0,
585 .offset = offsetof(PKCS7_RECIP_INFO, version),
586 .field_name = "version",
587 .item = &ASN1_INTEGER_it,
588 },
589 {
590 .flags = 0,
591 .tag = 0,
592 .offset = offsetof(PKCS7_RECIP_INFO, issuer_and_serial),
593 .field_name = "issuer_and_serial",
594 .item = &PKCS7_ISSUER_AND_SERIAL_it,
595 },
596 {
597 .flags = 0,
598 .tag = 0,
599 .offset = offsetof(PKCS7_RECIP_INFO, key_enc_algor),
600 .field_name = "key_enc_algor",
601 .item = &X509_ALGOR_it,
602 },
603 {
604 .flags = 0,
605 .tag = 0,
606 .offset = offsetof(PKCS7_RECIP_INFO, enc_key),
607 .field_name = "enc_key",
608 .item = &ASN1_OCTET_STRING_it,
609 },
610};
611
612const ASN1_ITEM PKCS7_RECIP_INFO_it = {
613 .itype = ASN1_ITYPE_SEQUENCE,
614 .utype = V_ASN1_SEQUENCE,
615 .templates = PKCS7_RECIP_INFO_seq_tt,
616 .tcount = sizeof(PKCS7_RECIP_INFO_seq_tt) / sizeof(ASN1_TEMPLATE),
617 .funcs = &PKCS7_RECIP_INFO_aux,
618 .size = sizeof(PKCS7_RECIP_INFO),
619 .sname = "PKCS7_RECIP_INFO",
620};
327 621
328 622
329PKCS7_RECIP_INFO * 623PKCS7_RECIP_INFO *
@@ -351,11 +645,39 @@ PKCS7_RECIP_INFO_free(PKCS7_RECIP_INFO *a)
351 ASN1_item_free((ASN1_VALUE *)a, &PKCS7_RECIP_INFO_it); 645 ASN1_item_free((ASN1_VALUE *)a, &PKCS7_RECIP_INFO_it);
352} 646}
353 647
354ASN1_NDEF_SEQUENCE(PKCS7_ENC_CONTENT) = { 648static const ASN1_TEMPLATE PKCS7_ENC_CONTENT_seq_tt[] = {
355 ASN1_SIMPLE(PKCS7_ENC_CONTENT, content_type, ASN1_OBJECT), 649 {
356 ASN1_SIMPLE(PKCS7_ENC_CONTENT, algorithm, X509_ALGOR), 650 .flags = 0,
357 ASN1_IMP_OPT(PKCS7_ENC_CONTENT, enc_data, ASN1_OCTET_STRING_NDEF, 0) 651 .tag = 0,
358} ASN1_NDEF_SEQUENCE_END(PKCS7_ENC_CONTENT) 652 .offset = offsetof(PKCS7_ENC_CONTENT, content_type),
653 .field_name = "content_type",
654 .item = &ASN1_OBJECT_it,
655 },
656 {
657 .flags = 0,
658 .tag = 0,
659 .offset = offsetof(PKCS7_ENC_CONTENT, algorithm),
660 .field_name = "algorithm",
661 .item = &X509_ALGOR_it,
662 },
663 {
664 .flags = ASN1_TFLG_IMPLICIT | ASN1_TFLG_OPTIONAL,
665 .tag = 0,
666 .offset = offsetof(PKCS7_ENC_CONTENT, enc_data),
667 .field_name = "enc_data",
668 .item = &ASN1_OCTET_STRING_NDEF_it,
669 },
670};
671
672const ASN1_ITEM PKCS7_ENC_CONTENT_it = {
673 .itype = ASN1_ITYPE_NDEF_SEQUENCE,
674 .utype = V_ASN1_SEQUENCE,
675 .templates = PKCS7_ENC_CONTENT_seq_tt,
676 .tcount = sizeof(PKCS7_ENC_CONTENT_seq_tt) / sizeof(ASN1_TEMPLATE),
677 .funcs = NULL,
678 .size = sizeof(PKCS7_ENC_CONTENT),
679 .sname = "PKCS7_ENC_CONTENT",
680};
359 681
360 682
361PKCS7_ENC_CONTENT * 683PKCS7_ENC_CONTENT *
@@ -383,15 +705,67 @@ PKCS7_ENC_CONTENT_free(PKCS7_ENC_CONTENT *a)
383 ASN1_item_free((ASN1_VALUE *)a, &PKCS7_ENC_CONTENT_it); 705 ASN1_item_free((ASN1_VALUE *)a, &PKCS7_ENC_CONTENT_it);
384} 706}
385 707
386ASN1_NDEF_SEQUENCE(PKCS7_SIGN_ENVELOPE) = { 708static const ASN1_TEMPLATE PKCS7_SIGN_ENVELOPE_seq_tt[] = {
387 ASN1_SIMPLE(PKCS7_SIGN_ENVELOPE, version, ASN1_INTEGER), 709 {
388 ASN1_SET_OF(PKCS7_SIGN_ENVELOPE, recipientinfo, PKCS7_RECIP_INFO), 710 .flags = 0,
389 ASN1_SET_OF(PKCS7_SIGN_ENVELOPE, md_algs, X509_ALGOR), 711 .tag = 0,
390 ASN1_SIMPLE(PKCS7_SIGN_ENVELOPE, enc_data, PKCS7_ENC_CONTENT), 712 .offset = offsetof(PKCS7_SIGN_ENVELOPE, version),
391 ASN1_IMP_SET_OF_OPT(PKCS7_SIGN_ENVELOPE, cert, X509, 0), 713 .field_name = "version",
392 ASN1_IMP_SET_OF_OPT(PKCS7_SIGN_ENVELOPE, crl, X509_CRL, 1), 714 .item = &ASN1_INTEGER_it,
393 ASN1_SET_OF(PKCS7_SIGN_ENVELOPE, signer_info, PKCS7_SIGNER_INFO) 715 },
394} ASN1_NDEF_SEQUENCE_END(PKCS7_SIGN_ENVELOPE) 716 {
717 .flags = ASN1_TFLG_SET_OF,
718 .tag = 0,
719 .offset = offsetof(PKCS7_SIGN_ENVELOPE, recipientinfo),
720 .field_name = "recipientinfo",
721 .item = &PKCS7_RECIP_INFO_it,
722 },
723 {
724 .flags = ASN1_TFLG_SET_OF,
725 .tag = 0,
726 .offset = offsetof(PKCS7_SIGN_ENVELOPE, md_algs),
727 .field_name = "md_algs",
728 .item = &X509_ALGOR_it,
729 },
730 {
731 .flags = 0,
732 .tag = 0,
733 .offset = offsetof(PKCS7_SIGN_ENVELOPE, enc_data),
734 .field_name = "enc_data",
735 .item = &PKCS7_ENC_CONTENT_it,
736 },
737 {
738 .flags = ASN1_TFLG_IMPLICIT | ASN1_TFLG_SET_OF | ASN1_TFLG_OPTIONAL,
739 .tag = 0,
740 .offset = offsetof(PKCS7_SIGN_ENVELOPE, cert),
741 .field_name = "cert",
742 .item = &X509_it,
743 },
744 {
745 .flags = ASN1_TFLG_IMPLICIT | ASN1_TFLG_SET_OF | ASN1_TFLG_OPTIONAL,
746 .tag = 1,
747 .offset = offsetof(PKCS7_SIGN_ENVELOPE, crl),
748 .field_name = "crl",
749 .item = &X509_CRL_it,
750 },
751 {
752 .flags = ASN1_TFLG_SET_OF,
753 .tag = 0,
754 .offset = offsetof(PKCS7_SIGN_ENVELOPE, signer_info),
755 .field_name = "signer_info",
756 .item = &PKCS7_SIGNER_INFO_it,
757 },
758};
759
760const ASN1_ITEM PKCS7_SIGN_ENVELOPE_it = {
761 .itype = ASN1_ITYPE_NDEF_SEQUENCE,
762 .utype = V_ASN1_SEQUENCE,
763 .templates = PKCS7_SIGN_ENVELOPE_seq_tt,
764 .tcount = sizeof(PKCS7_SIGN_ENVELOPE_seq_tt) / sizeof(ASN1_TEMPLATE),
765 .funcs = NULL,
766 .size = sizeof(PKCS7_SIGN_ENVELOPE),
767 .sname = "PKCS7_SIGN_ENVELOPE",
768};
395 769
396 770
397PKCS7_SIGN_ENVELOPE * 771PKCS7_SIGN_ENVELOPE *
@@ -419,10 +793,32 @@ PKCS7_SIGN_ENVELOPE_free(PKCS7_SIGN_ENVELOPE *a)
419 ASN1_item_free((ASN1_VALUE *)a, &PKCS7_SIGN_ENVELOPE_it); 793 ASN1_item_free((ASN1_VALUE *)a, &PKCS7_SIGN_ENVELOPE_it);
420} 794}
421 795
422ASN1_NDEF_SEQUENCE(PKCS7_ENCRYPT) = { 796static const ASN1_TEMPLATE PKCS7_ENCRYPT_seq_tt[] = {
423 ASN1_SIMPLE(PKCS7_ENCRYPT, version, ASN1_INTEGER), 797 {
424 ASN1_SIMPLE(PKCS7_ENCRYPT, enc_data, PKCS7_ENC_CONTENT) 798 .flags = 0,
425} ASN1_NDEF_SEQUENCE_END(PKCS7_ENCRYPT) 799 .tag = 0,
800 .offset = offsetof(PKCS7_ENCRYPT, version),
801 .field_name = "version",
802 .item = &ASN1_INTEGER_it,
803 },
804 {
805 .flags = 0,
806 .tag = 0,
807 .offset = offsetof(PKCS7_ENCRYPT, enc_data),
808 .field_name = "enc_data",
809 .item = &PKCS7_ENC_CONTENT_it,
810 },
811};
812
813const ASN1_ITEM PKCS7_ENCRYPT_it = {
814 .itype = ASN1_ITYPE_NDEF_SEQUENCE,
815 .utype = V_ASN1_SEQUENCE,
816 .templates = PKCS7_ENCRYPT_seq_tt,
817 .tcount = sizeof(PKCS7_ENCRYPT_seq_tt) / sizeof(ASN1_TEMPLATE),
818 .funcs = NULL,
819 .size = sizeof(PKCS7_ENCRYPT),
820 .sname = "PKCS7_ENCRYPT",
821};
426 822
427 823
428PKCS7_ENCRYPT * 824PKCS7_ENCRYPT *
@@ -450,12 +846,46 @@ PKCS7_ENCRYPT_free(PKCS7_ENCRYPT *a)
450 ASN1_item_free((ASN1_VALUE *)a, &PKCS7_ENCRYPT_it); 846 ASN1_item_free((ASN1_VALUE *)a, &PKCS7_ENCRYPT_it);
451} 847}
452 848
453ASN1_NDEF_SEQUENCE(PKCS7_DIGEST) = { 849static const ASN1_TEMPLATE PKCS7_DIGEST_seq_tt[] = {
454 ASN1_SIMPLE(PKCS7_DIGEST, version, ASN1_INTEGER), 850 {
455 ASN1_SIMPLE(PKCS7_DIGEST, md, X509_ALGOR), 851 .flags = 0,
456 ASN1_SIMPLE(PKCS7_DIGEST, contents, PKCS7), 852 .tag = 0,
457 ASN1_SIMPLE(PKCS7_DIGEST, digest, ASN1_OCTET_STRING) 853 .offset = offsetof(PKCS7_DIGEST, version),
458} ASN1_NDEF_SEQUENCE_END(PKCS7_DIGEST) 854 .field_name = "version",
855 .item = &ASN1_INTEGER_it,
856 },
857 {
858 .flags = 0,
859 .tag = 0,
860 .offset = offsetof(PKCS7_DIGEST, md),
861 .field_name = "md",
862 .item = &X509_ALGOR_it,
863 },
864 {
865 .flags = 0,
866 .tag = 0,
867 .offset = offsetof(PKCS7_DIGEST, contents),
868 .field_name = "contents",
869 .item = &PKCS7_it,
870 },
871 {
872 .flags = 0,
873 .tag = 0,
874 .offset = offsetof(PKCS7_DIGEST, digest),
875 .field_name = "digest",
876 .item = &ASN1_OCTET_STRING_it,
877 },
878};
879
880const ASN1_ITEM PKCS7_DIGEST_it = {
881 .itype = ASN1_ITYPE_NDEF_SEQUENCE,
882 .utype = V_ASN1_SEQUENCE,
883 .templates = PKCS7_DIGEST_seq_tt,
884 .tcount = sizeof(PKCS7_DIGEST_seq_tt) / sizeof(ASN1_TEMPLATE),
885 .funcs = NULL,
886 .size = sizeof(PKCS7_DIGEST),
887 .sname = "PKCS7_DIGEST",
888};
459 889
460 890
461PKCS7_DIGEST * 891PKCS7_DIGEST *
@@ -489,19 +919,45 @@ PKCS7_DIGEST_free(PKCS7_DIGEST *a)
489 * encoding. 919 * encoding.
490 */ 920 */
491 921
492ASN1_ITEM_TEMPLATE(PKCS7_ATTR_SIGN) = 922static const ASN1_TEMPLATE PKCS7_ATTR_SIGN_item_tt = {
493 ASN1_EX_TEMPLATE_TYPE(ASN1_TFLG_SET_ORDER, 0, PKCS7_ATTRIBUTES, 923 .flags = ASN1_TFLG_SET_ORDER,
494 X509_ATTRIBUTE) 924 .tag = 0,
495ASN1_ITEM_TEMPLATE_END(PKCS7_ATTR_SIGN) 925 .offset = 0,
926 .field_name = "PKCS7_ATTRIBUTES",
927 .item = &X509_ATTRIBUTE_it,
928};
929
930const ASN1_ITEM PKCS7_ATTR_SIGN_it = {
931 .itype = ASN1_ITYPE_PRIMITIVE,
932 .utype = -1,
933 .templates = &PKCS7_ATTR_SIGN_item_tt,
934 .tcount = 0,
935 .funcs = NULL,
936 .size = 0,
937 .sname = "PKCS7_ATTR_SIGN",
938};
496 939
497/* When verifying attributes we need to use the received order. So 940/* When verifying attributes we need to use the received order. So
498 * we use SEQUENCE OF and tag it to SET OF 941 * we use SEQUENCE OF and tag it to SET OF
499 */ 942 */
500 943
501ASN1_ITEM_TEMPLATE(PKCS7_ATTR_VERIFY) = 944static const ASN1_TEMPLATE PKCS7_ATTR_VERIFY_item_tt = {
502 ASN1_EX_TEMPLATE_TYPE(ASN1_TFLG_SEQUENCE_OF | ASN1_TFLG_IMPTAG | 945 .flags = ASN1_TFLG_SEQUENCE_OF | ASN1_TFLG_IMPTAG | ASN1_TFLG_UNIVERSAL,
503 ASN1_TFLG_UNIVERSAL, V_ASN1_SET, PKCS7_ATTRIBUTES, X509_ATTRIBUTE) 946 .tag = V_ASN1_SET,
504ASN1_ITEM_TEMPLATE_END(PKCS7_ATTR_VERIFY) 947 .offset = 0,
948 .field_name = "PKCS7_ATTRIBUTES",
949 .item = &X509_ATTRIBUTE_it,
950};
951
952const ASN1_ITEM PKCS7_ATTR_VERIFY_it = {
953 .itype = ASN1_ITYPE_PRIMITIVE,
954 .utype = -1,
955 .templates = &PKCS7_ATTR_VERIFY_item_tt,
956 .tcount = 0,
957 .funcs = NULL,
958 .size = 0,
959 .sname = "PKCS7_ATTR_VERIFY",
960};
505 961
506 962
507int 963int
generated by cgit v1.2.3-55-g6feb (git 2.39.1) at 2025-11-01 08:39:12 +0000