1 /* $OpenBSD: cms_asn1.c,v 1.19 2022/01/14 08:16:13 tb Exp $ */
3 * Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL
6 /* ====================================================================
7 * Copyright (c) 2008 The OpenSSL Project. All rights reserved.
9 * Redistribution and use in source and binary forms, with or without
10 * modification, are permitted provided that the following conditions
13 * 1. Redistributions of source code must retain the above copyright
14 * notice, this list of conditions and the following disclaimer.
16 * 2. Redistributions in binary form must reproduce the above copyright
17 * notice, this list of conditions and the following disclaimer in
18 * the documentation and/or other materials provided with the
21 * 3. All advertising materials mentioning features or use of this
22 * software must display the following acknowledgment:
23 * "This product includes software developed by the OpenSSL Project
24 * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)"
26 * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to
27 * endorse or promote products derived from this software without
28 * prior written permission. For written permission, please contact
29 * licensing@OpenSSL.org.
31 * 5. Products derived from this software may not be called "OpenSSL"
32 * nor may "OpenSSL" appear in their names without prior written
33 * permission of the OpenSSL Project.
35 * 6. Redistributions of any form whatsoever must retain the following
37 * "This product includes software developed by the OpenSSL Project
38 * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)"
40 * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY
41 * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE
42 * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
43 * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR
44 * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL,
45 * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT
46 * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES;
47 * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION)
48 * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT,
49 * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE)
50 * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED
51 * OF THE POSSIBILITY OF SUCH DAMAGE.
52 * ====================================================================
55 #include <openssl/asn1t.h>
56 #include <openssl/pem.h>
57 #include <openssl/x509v3.h>
58 #include <openssl/cms.h>
62 static const ASN1_TEMPLATE CMS_IssuerAndSerialNumber_seq_tt[] = {
66 .offset = offsetof(CMS_IssuerAndSerialNumber, issuer),
67 .field_name = "issuer",
68 .item = &X509_NAME_it,
73 .offset = offsetof(CMS_IssuerAndSerialNumber, serialNumber),
74 .field_name = "serialNumber",
75 .item = &ASN1_INTEGER_it,
79 const ASN1_ITEM CMS_IssuerAndSerialNumber_it = {
80 .itype = ASN1_ITYPE_SEQUENCE,
81 .utype = V_ASN1_SEQUENCE,
82 .templates = CMS_IssuerAndSerialNumber_seq_tt,
83 .tcount = sizeof(CMS_IssuerAndSerialNumber_seq_tt) / sizeof(ASN1_TEMPLATE),
85 .size = sizeof(CMS_IssuerAndSerialNumber),
86 .sname = "CMS_IssuerAndSerialNumber",
89 static const ASN1_TEMPLATE CMS_OtherCertificateFormat_seq_tt[] = {
93 .offset = offsetof(CMS_OtherCertificateFormat, otherCertFormat),
94 .field_name = "otherCertFormat",
95 .item = &ASN1_OBJECT_it,
98 .flags = ASN1_TFLG_OPTIONAL,
100 .offset = offsetof(CMS_OtherCertificateFormat, otherCert),
101 .field_name = "otherCert",
102 .item = &ASN1_ANY_it,
106 static const ASN1_ITEM CMS_OtherCertificateFormat_it = {
107 .itype = ASN1_ITYPE_SEQUENCE,
108 .utype = V_ASN1_SEQUENCE,
109 .templates = CMS_OtherCertificateFormat_seq_tt,
110 .tcount = sizeof(CMS_OtherCertificateFormat_seq_tt) / sizeof(ASN1_TEMPLATE),
112 .size = sizeof(CMS_OtherCertificateFormat),
113 .sname = "CMS_OtherCertificateFormat",
116 static const ASN1_TEMPLATE CMS_CertificateChoices_ch_tt[] = {
120 .offset = offsetof(CMS_CertificateChoices, d.certificate),
121 .field_name = "d.certificate",
125 .flags = ASN1_TFLG_IMPLICIT,
127 .offset = offsetof(CMS_CertificateChoices, d.extendedCertificate),
128 .field_name = "d.extendedCertificate",
129 .item = &ASN1_SEQUENCE_it,
132 .flags = ASN1_TFLG_IMPLICIT,
134 .offset = offsetof(CMS_CertificateChoices, d.v1AttrCert),
135 .field_name = "d.v1AttrCert",
136 .item = &ASN1_SEQUENCE_it,
139 .flags = ASN1_TFLG_IMPLICIT,
141 .offset = offsetof(CMS_CertificateChoices, d.v2AttrCert),
142 .field_name = "d.v2AttrCert",
143 .item = &ASN1_SEQUENCE_it,
146 .flags = ASN1_TFLG_IMPLICIT,
148 .offset = offsetof(CMS_CertificateChoices, d.other),
149 .field_name = "d.other",
150 .item = &CMS_OtherCertificateFormat_it,
154 const ASN1_ITEM CMS_CertificateChoices_it = {
155 .itype = ASN1_ITYPE_CHOICE,
156 .utype = offsetof(CMS_CertificateChoices, type),
157 .templates = CMS_CertificateChoices_ch_tt,
158 .tcount = sizeof(CMS_CertificateChoices_ch_tt) / sizeof(ASN1_TEMPLATE),
160 .size = sizeof(CMS_CertificateChoices),
161 .sname = "CMS_CertificateChoices",
164 static const ASN1_TEMPLATE CMS_SignerIdentifier_ch_tt[] = {
168 .offset = offsetof(CMS_SignerIdentifier, d.issuerAndSerialNumber),
169 .field_name = "d.issuerAndSerialNumber",
170 .item = &CMS_IssuerAndSerialNumber_it,
173 .flags = ASN1_TFLG_IMPLICIT,
175 .offset = offsetof(CMS_SignerIdentifier, d.subjectKeyIdentifier),
176 .field_name = "d.subjectKeyIdentifier",
177 .item = &ASN1_OCTET_STRING_it,
181 static const ASN1_ITEM CMS_SignerIdentifier_it = {
182 .itype = ASN1_ITYPE_CHOICE,
183 .utype = offsetof(CMS_SignerIdentifier, type),
184 .templates = CMS_SignerIdentifier_ch_tt,
185 .tcount = sizeof(CMS_SignerIdentifier_ch_tt) / sizeof(ASN1_TEMPLATE),
187 .size = sizeof(CMS_SignerIdentifier),
188 .sname = "CMS_SignerIdentifier",
191 static const ASN1_TEMPLATE CMS_EncapsulatedContentInfo_seq_tt[] = {
195 .offset = offsetof(CMS_EncapsulatedContentInfo, eContentType),
196 .field_name = "eContentType",
197 .item = &ASN1_OBJECT_it,
200 .flags = ASN1_TFLG_EXPLICIT | ASN1_TFLG_OPTIONAL | ASN1_TFLG_NDEF,
202 .offset = offsetof(CMS_EncapsulatedContentInfo, eContent),
203 .field_name = "eContent",
204 .item = &ASN1_OCTET_STRING_NDEF_it,
208 static const ASN1_ITEM CMS_EncapsulatedContentInfo_it = {
209 .itype = ASN1_ITYPE_NDEF_SEQUENCE,
210 .utype = V_ASN1_SEQUENCE,
211 .templates = CMS_EncapsulatedContentInfo_seq_tt,
212 .tcount = sizeof(CMS_EncapsulatedContentInfo_seq_tt) / sizeof(ASN1_TEMPLATE),
214 .size = sizeof(CMS_EncapsulatedContentInfo),
215 .sname = "CMS_EncapsulatedContentInfo",
218 /* Minor tweak to operation: free up signer key, cert */
220 cms_si_cb(int operation, ASN1_VALUE **pval, const ASN1_ITEM *it, void *exarg)
222 if (operation == ASN1_OP_FREE_POST) {
223 CMS_SignerInfo *si = (CMS_SignerInfo *)*pval;
224 EVP_PKEY_free(si->pkey);
225 X509_free(si->signer);
226 EVP_MD_CTX_free(si->mctx);
231 static const ASN1_AUX CMS_SignerInfo_aux = {
236 .asn1_cb = cms_si_cb,
239 static const ASN1_TEMPLATE CMS_SignerInfo_seq_tt[] = {
243 .offset = offsetof(CMS_SignerInfo, version),
244 .field_name = "version",
250 .offset = offsetof(CMS_SignerInfo, sid),
252 .item = &CMS_SignerIdentifier_it,
257 .offset = offsetof(CMS_SignerInfo, digestAlgorithm),
258 .field_name = "digestAlgorithm",
259 .item = &X509_ALGOR_it,
262 .flags = ASN1_TFLG_IMPLICIT | ASN1_TFLG_SET_OF | ASN1_TFLG_OPTIONAL,
264 .offset = offsetof(CMS_SignerInfo, signedAttrs),
265 .field_name = "signedAttrs",
266 .item = &X509_ATTRIBUTE_it,
271 .offset = offsetof(CMS_SignerInfo, signatureAlgorithm),
272 .field_name = "signatureAlgorithm",
273 .item = &X509_ALGOR_it,
278 .offset = offsetof(CMS_SignerInfo, signature),
279 .field_name = "signature",
280 .item = &ASN1_OCTET_STRING_it,
283 .flags = ASN1_TFLG_IMPLICIT | ASN1_TFLG_SET_OF | ASN1_TFLG_OPTIONAL,
285 .offset = offsetof(CMS_SignerInfo, unsignedAttrs),
286 .field_name = "unsignedAttrs",
287 .item = &X509_ATTRIBUTE_it,
291 const ASN1_ITEM CMS_SignerInfo_it = {
292 .itype = ASN1_ITYPE_SEQUENCE,
293 .utype = V_ASN1_SEQUENCE,
294 .templates = CMS_SignerInfo_seq_tt,
295 .tcount = sizeof(CMS_SignerInfo_seq_tt) / sizeof(ASN1_TEMPLATE),
296 .funcs = &CMS_SignerInfo_aux,
297 .size = sizeof(CMS_SignerInfo),
298 .sname = "CMS_SignerInfo",
301 static const ASN1_TEMPLATE CMS_OtherRevocationInfoFormat_seq_tt[] = {
305 .offset = offsetof(CMS_OtherRevocationInfoFormat, otherRevInfoFormat),
306 .field_name = "otherRevInfoFormat",
307 .item = &ASN1_OBJECT_it,
310 .flags = ASN1_TFLG_OPTIONAL,
312 .offset = offsetof(CMS_OtherRevocationInfoFormat, otherRevInfo),
313 .field_name = "otherRevInfo",
314 .item = &ASN1_ANY_it,
318 static const ASN1_ITEM CMS_OtherRevocationInfoFormat_it = {
319 .itype = ASN1_ITYPE_SEQUENCE,
320 .utype = V_ASN1_SEQUENCE,
321 .templates = CMS_OtherRevocationInfoFormat_seq_tt,
322 .tcount = sizeof(CMS_OtherRevocationInfoFormat_seq_tt) / sizeof(ASN1_TEMPLATE),
324 .size = sizeof(CMS_OtherRevocationInfoFormat),
325 .sname = "CMS_OtherRevocationInfoFormat",
328 static const ASN1_TEMPLATE CMS_RevocationInfoChoice_ch_tt[] = {
332 .offset = offsetof(CMS_RevocationInfoChoice, d.crl),
333 .field_name = "d.crl",
334 .item = &X509_CRL_it,
337 .flags = ASN1_TFLG_IMPLICIT,
339 .offset = offsetof(CMS_RevocationInfoChoice, d.other),
340 .field_name = "d.other",
341 .item = &CMS_OtherRevocationInfoFormat_it,
345 const ASN1_ITEM CMS_RevocationInfoChoice_it = {
346 .itype = ASN1_ITYPE_CHOICE,
347 .utype = offsetof(CMS_RevocationInfoChoice, type),
348 .templates = CMS_RevocationInfoChoice_ch_tt,
349 .tcount = sizeof(CMS_RevocationInfoChoice_ch_tt) / sizeof(ASN1_TEMPLATE),
351 .size = sizeof(CMS_RevocationInfoChoice),
352 .sname = "CMS_RevocationInfoChoice",
355 static const ASN1_TEMPLATE CMS_SignedData_seq_tt[] = {
359 .offset = offsetof(CMS_SignedData, version),
360 .field_name = "version",
364 .flags = ASN1_TFLG_SET_OF,
366 .offset = offsetof(CMS_SignedData, digestAlgorithms),
367 .field_name = "digestAlgorithms",
368 .item = &X509_ALGOR_it,
373 .offset = offsetof(CMS_SignedData, encapContentInfo),
374 .field_name = "encapContentInfo",
375 .item = &CMS_EncapsulatedContentInfo_it,
378 .flags = ASN1_TFLG_IMPLICIT | ASN1_TFLG_SET_OF | ASN1_TFLG_OPTIONAL,
380 .offset = offsetof(CMS_SignedData, certificates),
381 .field_name = "certificates",
382 .item = &CMS_CertificateChoices_it,
385 .flags = ASN1_TFLG_IMPLICIT | ASN1_TFLG_SET_OF | ASN1_TFLG_OPTIONAL,
387 .offset = offsetof(CMS_SignedData, crls),
388 .field_name = "crls",
389 .item = &CMS_RevocationInfoChoice_it,
392 .flags = ASN1_TFLG_SET_OF,
394 .offset = offsetof(CMS_SignedData, signerInfos),
395 .field_name = "signerInfos",
396 .item = &CMS_SignerInfo_it,
400 const ASN1_ITEM CMS_SignedData_it = {
401 .itype = ASN1_ITYPE_NDEF_SEQUENCE,
402 .utype = V_ASN1_SEQUENCE,
403 .templates = CMS_SignedData_seq_tt,
404 .tcount = sizeof(CMS_SignedData_seq_tt) / sizeof(ASN1_TEMPLATE),
406 .size = sizeof(CMS_SignedData),
407 .sname = "CMS_SignedData",
410 static const ASN1_TEMPLATE CMS_OriginatorInfo_seq_tt[] = {
412 .flags = ASN1_TFLG_IMPLICIT | ASN1_TFLG_SET_OF | ASN1_TFLG_OPTIONAL,
414 .offset = offsetof(CMS_OriginatorInfo, certificates),
415 .field_name = "certificates",
416 .item = &CMS_CertificateChoices_it,
419 .flags = ASN1_TFLG_IMPLICIT | ASN1_TFLG_SET_OF | ASN1_TFLG_OPTIONAL,
421 .offset = offsetof(CMS_OriginatorInfo, crls),
422 .field_name = "crls",
423 .item = &CMS_RevocationInfoChoice_it,
427 static const ASN1_ITEM CMS_OriginatorInfo_it = {
428 .itype = ASN1_ITYPE_SEQUENCE,
429 .utype = V_ASN1_SEQUENCE,
430 .templates = CMS_OriginatorInfo_seq_tt,
431 .tcount = sizeof(CMS_OriginatorInfo_seq_tt) / sizeof(ASN1_TEMPLATE),
433 .size = sizeof(CMS_OriginatorInfo),
434 .sname = "CMS_OriginatorInfo",
437 static const ASN1_TEMPLATE CMS_EncryptedContentInfo_seq_tt[] = {
441 .offset = offsetof(CMS_EncryptedContentInfo, contentType),
442 .field_name = "contentType",
443 .item = &ASN1_OBJECT_it,
448 .offset = offsetof(CMS_EncryptedContentInfo, contentEncryptionAlgorithm),
449 .field_name = "contentEncryptionAlgorithm",
450 .item = &X509_ALGOR_it,
453 .flags = ASN1_TFLG_IMPLICIT | ASN1_TFLG_OPTIONAL,
455 .offset = offsetof(CMS_EncryptedContentInfo, encryptedContent),
456 .field_name = "encryptedContent",
457 .item = &ASN1_OCTET_STRING_NDEF_it,
461 static const ASN1_ITEM CMS_EncryptedContentInfo_it = {
462 .itype = ASN1_ITYPE_NDEF_SEQUENCE,
463 .utype = V_ASN1_SEQUENCE,
464 .templates = CMS_EncryptedContentInfo_seq_tt,
465 .tcount = sizeof(CMS_EncryptedContentInfo_seq_tt) / sizeof(ASN1_TEMPLATE),
467 .size = sizeof(CMS_EncryptedContentInfo),
468 .sname = "CMS_EncryptedContentInfo",
471 static const ASN1_TEMPLATE CMS_KeyTransRecipientInfo_seq_tt[] = {
475 .offset = offsetof(CMS_KeyTransRecipientInfo, version),
476 .field_name = "version",
482 .offset = offsetof(CMS_KeyTransRecipientInfo, rid),
484 .item = &CMS_SignerIdentifier_it,
489 .offset = offsetof(CMS_KeyTransRecipientInfo, keyEncryptionAlgorithm),
490 .field_name = "keyEncryptionAlgorithm",
491 .item = &X509_ALGOR_it,
496 .offset = offsetof(CMS_KeyTransRecipientInfo, encryptedKey),
497 .field_name = "encryptedKey",
498 .item = &ASN1_OCTET_STRING_it,
502 const ASN1_ITEM CMS_KeyTransRecipientInfo_it = {
503 .itype = ASN1_ITYPE_SEQUENCE,
504 .utype = V_ASN1_SEQUENCE,
505 .templates = CMS_KeyTransRecipientInfo_seq_tt,
506 .tcount = sizeof(CMS_KeyTransRecipientInfo_seq_tt) / sizeof(ASN1_TEMPLATE),
508 .size = sizeof(CMS_KeyTransRecipientInfo),
509 .sname = "CMS_KeyTransRecipientInfo",
512 static const ASN1_TEMPLATE CMS_OtherKeyAttribute_seq_tt[] = {
516 .offset = offsetof(CMS_OtherKeyAttribute, keyAttrId),
517 .field_name = "keyAttrId",
518 .item = &ASN1_OBJECT_it,
521 .flags = ASN1_TFLG_OPTIONAL,
523 .offset = offsetof(CMS_OtherKeyAttribute, keyAttr),
524 .field_name = "keyAttr",
525 .item = &ASN1_ANY_it,
529 const ASN1_ITEM CMS_OtherKeyAttribute_it = {
530 .itype = ASN1_ITYPE_SEQUENCE,
531 .utype = V_ASN1_SEQUENCE,
532 .templates = CMS_OtherKeyAttribute_seq_tt,
533 .tcount = sizeof(CMS_OtherKeyAttribute_seq_tt) / sizeof(ASN1_TEMPLATE),
535 .size = sizeof(CMS_OtherKeyAttribute),
536 .sname = "CMS_OtherKeyAttribute",
539 static const ASN1_TEMPLATE CMS_RecipientKeyIdentifier_seq_tt[] = {
543 .offset = offsetof(CMS_RecipientKeyIdentifier, subjectKeyIdentifier),
544 .field_name = "subjectKeyIdentifier",
545 .item = &ASN1_OCTET_STRING_it,
548 .flags = ASN1_TFLG_OPTIONAL,
550 .offset = offsetof(CMS_RecipientKeyIdentifier, date),
551 .field_name = "date",
552 .item = &ASN1_GENERALIZEDTIME_it,
555 .flags = ASN1_TFLG_OPTIONAL,
557 .offset = offsetof(CMS_RecipientKeyIdentifier, other),
558 .field_name = "other",
559 .item = &CMS_OtherKeyAttribute_it,
563 const ASN1_ITEM CMS_RecipientKeyIdentifier_it = {
564 .itype = ASN1_ITYPE_SEQUENCE,
565 .utype = V_ASN1_SEQUENCE,
566 .templates = CMS_RecipientKeyIdentifier_seq_tt,
567 .tcount = sizeof(CMS_RecipientKeyIdentifier_seq_tt) / sizeof(ASN1_TEMPLATE),
569 .size = sizeof(CMS_RecipientKeyIdentifier),
570 .sname = "CMS_RecipientKeyIdentifier",
573 static const ASN1_TEMPLATE CMS_KeyAgreeRecipientIdentifier_ch_tt[] = {
577 .offset = offsetof(CMS_KeyAgreeRecipientIdentifier, d.issuerAndSerialNumber),
578 .field_name = "d.issuerAndSerialNumber",
579 .item = &CMS_IssuerAndSerialNumber_it,
582 .flags = ASN1_TFLG_IMPLICIT,
584 .offset = offsetof(CMS_KeyAgreeRecipientIdentifier, d.rKeyId),
585 .field_name = "d.rKeyId",
586 .item = &CMS_RecipientKeyIdentifier_it,
590 static const ASN1_ITEM CMS_KeyAgreeRecipientIdentifier_it = {
591 .itype = ASN1_ITYPE_CHOICE,
592 .utype = offsetof(CMS_KeyAgreeRecipientIdentifier, type),
593 .templates = CMS_KeyAgreeRecipientIdentifier_ch_tt,
594 .tcount = sizeof(CMS_KeyAgreeRecipientIdentifier_ch_tt) / sizeof(ASN1_TEMPLATE),
596 .size = sizeof(CMS_KeyAgreeRecipientIdentifier),
597 .sname = "CMS_KeyAgreeRecipientIdentifier",
601 cms_rek_cb(int operation, ASN1_VALUE **pval, const ASN1_ITEM *it, void *exarg)
603 CMS_RecipientEncryptedKey *rek = (CMS_RecipientEncryptedKey *)*pval;
604 if (operation == ASN1_OP_FREE_POST) {
605 EVP_PKEY_free(rek->pkey);
610 static const ASN1_AUX CMS_RecipientEncryptedKey_aux = {
615 .asn1_cb = cms_rek_cb,
618 static const ASN1_TEMPLATE CMS_RecipientEncryptedKey_seq_tt[] = {
622 .offset = offsetof(CMS_RecipientEncryptedKey, rid),
624 .item = &CMS_KeyAgreeRecipientIdentifier_it,
629 .offset = offsetof(CMS_RecipientEncryptedKey, encryptedKey),
630 .field_name = "encryptedKey",
631 .item = &ASN1_OCTET_STRING_it,
635 const ASN1_ITEM CMS_RecipientEncryptedKey_it = {
636 .itype = ASN1_ITYPE_SEQUENCE,
637 .utype = V_ASN1_SEQUENCE,
638 .templates = CMS_RecipientEncryptedKey_seq_tt,
639 .tcount = sizeof(CMS_RecipientEncryptedKey_seq_tt) / sizeof(ASN1_TEMPLATE),
640 .funcs = &CMS_RecipientEncryptedKey_aux,
641 .size = sizeof(CMS_RecipientEncryptedKey),
642 .sname = "CMS_RecipientEncryptedKey",
645 static const ASN1_TEMPLATE CMS_OriginatorPublicKey_seq_tt[] = {
649 .offset = offsetof(CMS_OriginatorPublicKey, algorithm),
650 .field_name = "algorithm",
651 .item = &X509_ALGOR_it,
656 .offset = offsetof(CMS_OriginatorPublicKey, publicKey),
657 .field_name = "publicKey",
658 .item = &ASN1_BIT_STRING_it,
662 const ASN1_ITEM CMS_OriginatorPublicKey_it = {
663 .itype = ASN1_ITYPE_SEQUENCE,
664 .utype = V_ASN1_SEQUENCE,
665 .templates = CMS_OriginatorPublicKey_seq_tt,
666 .tcount = sizeof(CMS_OriginatorPublicKey_seq_tt) / sizeof(ASN1_TEMPLATE),
668 .size = sizeof(CMS_OriginatorPublicKey),
669 .sname = "CMS_OriginatorPublicKey",
672 static const ASN1_TEMPLATE CMS_OriginatorIdentifierOrKey_ch_tt[] = {
676 .offset = offsetof(CMS_OriginatorIdentifierOrKey, d.issuerAndSerialNumber),
677 .field_name = "d.issuerAndSerialNumber",
678 .item = &CMS_IssuerAndSerialNumber_it,
681 .flags = ASN1_TFLG_IMPLICIT,
683 .offset = offsetof(CMS_OriginatorIdentifierOrKey, d.subjectKeyIdentifier),
684 .field_name = "d.subjectKeyIdentifier",
685 .item = &ASN1_OCTET_STRING_it,
688 .flags = ASN1_TFLG_IMPLICIT,
690 .offset = offsetof(CMS_OriginatorIdentifierOrKey, d.originatorKey),
691 .field_name = "d.originatorKey",
692 .item = &CMS_OriginatorPublicKey_it,
696 static const ASN1_ITEM CMS_OriginatorIdentifierOrKey_it = {
697 .itype = ASN1_ITYPE_CHOICE,
698 .utype = offsetof(CMS_OriginatorIdentifierOrKey, type),
699 .templates = CMS_OriginatorIdentifierOrKey_ch_tt,
700 .tcount = sizeof(CMS_OriginatorIdentifierOrKey_ch_tt) / sizeof(ASN1_TEMPLATE),
702 .size = sizeof(CMS_OriginatorIdentifierOrKey),
703 .sname = "CMS_OriginatorIdentifierOrKey",
707 cms_kari_cb(int operation, ASN1_VALUE **pval, const ASN1_ITEM *it, void *exarg)
709 CMS_KeyAgreeRecipientInfo *kari = (CMS_KeyAgreeRecipientInfo *)*pval;
710 if (operation == ASN1_OP_NEW_POST) {
711 kari->ctx = EVP_CIPHER_CTX_new();
712 if (kari->ctx == NULL)
714 EVP_CIPHER_CTX_set_flags(kari->ctx, EVP_CIPHER_CTX_FLAG_WRAP_ALLOW);
716 } else if (operation == ASN1_OP_FREE_POST) {
717 EVP_PKEY_CTX_free(kari->pctx);
718 EVP_CIPHER_CTX_free(kari->ctx);
723 static const ASN1_AUX CMS_KeyAgreeRecipientInfo_aux = {
728 .asn1_cb = cms_kari_cb,
731 static const ASN1_TEMPLATE CMS_KeyAgreeRecipientInfo_seq_tt[] = {
735 .offset = offsetof(CMS_KeyAgreeRecipientInfo, version),
736 .field_name = "version",
740 .flags = ASN1_TFLG_EXPLICIT,
742 .offset = offsetof(CMS_KeyAgreeRecipientInfo, originator),
743 .field_name = "originator",
744 .item = &CMS_OriginatorIdentifierOrKey_it,
747 .flags = ASN1_TFLG_EXPLICIT | ASN1_TFLG_OPTIONAL,
749 .offset = offsetof(CMS_KeyAgreeRecipientInfo, ukm),
751 .item = &ASN1_OCTET_STRING_it,
756 .offset = offsetof(CMS_KeyAgreeRecipientInfo, keyEncryptionAlgorithm),
757 .field_name = "keyEncryptionAlgorithm",
758 .item = &X509_ALGOR_it,
761 .flags = ASN1_TFLG_SEQUENCE_OF,
763 .offset = offsetof(CMS_KeyAgreeRecipientInfo, recipientEncryptedKeys),
764 .field_name = "recipientEncryptedKeys",
765 .item = &CMS_RecipientEncryptedKey_it,
769 const ASN1_ITEM CMS_KeyAgreeRecipientInfo_it = {
770 .itype = ASN1_ITYPE_SEQUENCE,
771 .utype = V_ASN1_SEQUENCE,
772 .templates = CMS_KeyAgreeRecipientInfo_seq_tt,
773 .tcount = sizeof(CMS_KeyAgreeRecipientInfo_seq_tt) / sizeof(ASN1_TEMPLATE),
774 .funcs = &CMS_KeyAgreeRecipientInfo_aux,
775 .size = sizeof(CMS_KeyAgreeRecipientInfo),
776 .sname = "CMS_KeyAgreeRecipientInfo",
779 static const ASN1_TEMPLATE CMS_KEKIdentifier_seq_tt[] = {
783 .offset = offsetof(CMS_KEKIdentifier, keyIdentifier),
784 .field_name = "keyIdentifier",
785 .item = &ASN1_OCTET_STRING_it,
788 .flags = ASN1_TFLG_OPTIONAL,
790 .offset = offsetof(CMS_KEKIdentifier, date),
791 .field_name = "date",
792 .item = &ASN1_GENERALIZEDTIME_it,
795 .flags = ASN1_TFLG_OPTIONAL,
797 .offset = offsetof(CMS_KEKIdentifier, other),
798 .field_name = "other",
799 .item = &CMS_OtherKeyAttribute_it,
803 static const ASN1_ITEM CMS_KEKIdentifier_it = {
804 .itype = ASN1_ITYPE_SEQUENCE,
805 .utype = V_ASN1_SEQUENCE,
806 .templates = CMS_KEKIdentifier_seq_tt,
807 .tcount = sizeof(CMS_KEKIdentifier_seq_tt) / sizeof(ASN1_TEMPLATE),
809 .size = sizeof(CMS_KEKIdentifier),
810 .sname = "CMS_KEKIdentifier",
813 static const ASN1_TEMPLATE CMS_KEKRecipientInfo_seq_tt[] = {
817 .offset = offsetof(CMS_KEKRecipientInfo, version),
818 .field_name = "version",
824 .offset = offsetof(CMS_KEKRecipientInfo, kekid),
825 .field_name = "kekid",
826 .item = &CMS_KEKIdentifier_it,
831 .offset = offsetof(CMS_KEKRecipientInfo, keyEncryptionAlgorithm),
832 .field_name = "keyEncryptionAlgorithm",
833 .item = &X509_ALGOR_it,
838 .offset = offsetof(CMS_KEKRecipientInfo, encryptedKey),
839 .field_name = "encryptedKey",
840 .item = &ASN1_OCTET_STRING_it,
844 const ASN1_ITEM CMS_KEKRecipientInfo_it = {
845 .itype = ASN1_ITYPE_SEQUENCE,
846 .utype = V_ASN1_SEQUENCE,
847 .templates = CMS_KEKRecipientInfo_seq_tt,
848 .tcount = sizeof(CMS_KEKRecipientInfo_seq_tt) / sizeof(ASN1_TEMPLATE),
850 .size = sizeof(CMS_KEKRecipientInfo),
851 .sname = "CMS_KEKRecipientInfo",
854 static const ASN1_TEMPLATE CMS_PasswordRecipientInfo_seq_tt[] = {
858 .offset = offsetof(CMS_PasswordRecipientInfo, version),
859 .field_name = "version",
863 .flags = ASN1_TFLG_IMPLICIT | ASN1_TFLG_OPTIONAL,
865 .offset = offsetof(CMS_PasswordRecipientInfo, keyDerivationAlgorithm),
866 .field_name = "keyDerivationAlgorithm",
867 .item = &X509_ALGOR_it,
872 .offset = offsetof(CMS_PasswordRecipientInfo, keyEncryptionAlgorithm),
873 .field_name = "keyEncryptionAlgorithm",
874 .item = &X509_ALGOR_it,
879 .offset = offsetof(CMS_PasswordRecipientInfo, encryptedKey),
880 .field_name = "encryptedKey",
881 .item = &ASN1_OCTET_STRING_it,
885 const ASN1_ITEM CMS_PasswordRecipientInfo_it = {
886 .itype = ASN1_ITYPE_SEQUENCE,
887 .utype = V_ASN1_SEQUENCE,
888 .templates = CMS_PasswordRecipientInfo_seq_tt,
889 .tcount = sizeof(CMS_PasswordRecipientInfo_seq_tt) / sizeof(ASN1_TEMPLATE),
891 .size = sizeof(CMS_PasswordRecipientInfo),
892 .sname = "CMS_PasswordRecipientInfo",
895 static const ASN1_TEMPLATE CMS_OtherRecipientInfo_seq_tt[] = {
899 .offset = offsetof(CMS_OtherRecipientInfo, oriType),
900 .field_name = "oriType",
901 .item = &ASN1_OBJECT_it,
904 .flags = ASN1_TFLG_OPTIONAL,
906 .offset = offsetof(CMS_OtherRecipientInfo, oriValue),
907 .field_name = "oriValue",
908 .item = &ASN1_ANY_it,
912 static const ASN1_ITEM CMS_OtherRecipientInfo_it = {
913 .itype = ASN1_ITYPE_SEQUENCE,
914 .utype = V_ASN1_SEQUENCE,
915 .templates = CMS_OtherRecipientInfo_seq_tt,
916 .tcount = sizeof(CMS_OtherRecipientInfo_seq_tt) / sizeof(ASN1_TEMPLATE),
918 .size = sizeof(CMS_OtherRecipientInfo),
919 .sname = "CMS_OtherRecipientInfo",
922 /* Free up RecipientInfo additional data */
924 cms_ri_cb(int operation, ASN1_VALUE **pval, const ASN1_ITEM *it, void *exarg)
926 if (operation == ASN1_OP_FREE_PRE) {
927 CMS_RecipientInfo *ri = (CMS_RecipientInfo *)*pval;
928 if (ri->type == CMS_RECIPINFO_TRANS) {
929 CMS_KeyTransRecipientInfo *ktri = ri->d.ktri;
930 EVP_PKEY_free(ktri->pkey);
931 X509_free(ktri->recip);
932 EVP_PKEY_CTX_free(ktri->pctx);
933 } else if (ri->type == CMS_RECIPINFO_KEK) {
934 CMS_KEKRecipientInfo *kekri = ri->d.kekri;
935 freezero(kekri->key, kekri->keylen);
936 } else if (ri->type == CMS_RECIPINFO_PASS) {
937 CMS_PasswordRecipientInfo *pwri = ri->d.pwri;
938 freezero(pwri->pass, pwri->passlen);
944 static const ASN1_AUX CMS_RecipientInfo_aux = {
949 .asn1_cb = cms_ri_cb,
952 static const ASN1_TEMPLATE CMS_RecipientInfo_ch_tt[] = {
956 .offset = offsetof(CMS_RecipientInfo, d.ktri),
957 .field_name = "d.ktri",
958 .item = &CMS_KeyTransRecipientInfo_it,
961 .flags = ASN1_TFLG_IMPLICIT,
963 .offset = offsetof(CMS_RecipientInfo, d.kari),
964 .field_name = "d.kari",
965 .item = &CMS_KeyAgreeRecipientInfo_it,
968 .flags = ASN1_TFLG_IMPLICIT,
970 .offset = offsetof(CMS_RecipientInfo, d.kekri),
971 .field_name = "d.kekri",
972 .item = &CMS_KEKRecipientInfo_it,
975 .flags = ASN1_TFLG_IMPLICIT,
977 .offset = offsetof(CMS_RecipientInfo, d.pwri),
978 .field_name = "d.pwri",
979 .item = &CMS_PasswordRecipientInfo_it,
982 .flags = ASN1_TFLG_IMPLICIT,
984 .offset = offsetof(CMS_RecipientInfo, d.ori),
985 .field_name = "d.ori",
986 .item = &CMS_OtherRecipientInfo_it,
990 const ASN1_ITEM CMS_RecipientInfo_it = {
991 .itype = ASN1_ITYPE_CHOICE,
992 .utype = offsetof(CMS_RecipientInfo, type),
993 .templates = CMS_RecipientInfo_ch_tt,
994 .tcount = sizeof(CMS_RecipientInfo_ch_tt) / sizeof(ASN1_TEMPLATE),
995 .funcs = &CMS_RecipientInfo_aux,
996 .size = sizeof(CMS_RecipientInfo),
997 .sname = "CMS_RecipientInfo",
1000 static const ASN1_TEMPLATE CMS_EnvelopedData_seq_tt[] = {
1004 .offset = offsetof(CMS_EnvelopedData, version),
1005 .field_name = "version",
1009 .flags = ASN1_TFLG_IMPLICIT | ASN1_TFLG_OPTIONAL,
1011 .offset = offsetof(CMS_EnvelopedData, originatorInfo),
1012 .field_name = "originatorInfo",
1013 .item = &CMS_OriginatorInfo_it,
1016 .flags = ASN1_TFLG_SET_OF,
1018 .offset = offsetof(CMS_EnvelopedData, recipientInfos),
1019 .field_name = "recipientInfos",
1020 .item = &CMS_RecipientInfo_it,
1025 .offset = offsetof(CMS_EnvelopedData, encryptedContentInfo),
1026 .field_name = "encryptedContentInfo",
1027 .item = &CMS_EncryptedContentInfo_it,
1030 .flags = ASN1_TFLG_IMPLICIT | ASN1_TFLG_SET_OF | ASN1_TFLG_OPTIONAL,
1032 .offset = offsetof(CMS_EnvelopedData, unprotectedAttrs),
1033 .field_name = "unprotectedAttrs",
1034 .item = &X509_ATTRIBUTE_it,
1038 const ASN1_ITEM CMS_EnvelopedData_it = {
1039 .itype = ASN1_ITYPE_NDEF_SEQUENCE,
1040 .utype = V_ASN1_SEQUENCE,
1041 .templates = CMS_EnvelopedData_seq_tt,
1042 .tcount = sizeof(CMS_EnvelopedData_seq_tt) / sizeof(ASN1_TEMPLATE),
1044 .size = sizeof(CMS_EnvelopedData),
1045 .sname = "CMS_EnvelopedData",
1048 static const ASN1_TEMPLATE CMS_DigestedData_seq_tt[] = {
1052 .offset = offsetof(CMS_DigestedData, version),
1053 .field_name = "version",
1059 .offset = offsetof(CMS_DigestedData, digestAlgorithm),
1060 .field_name = "digestAlgorithm",
1061 .item = &X509_ALGOR_it,
1066 .offset = offsetof(CMS_DigestedData, encapContentInfo),
1067 .field_name = "encapContentInfo",
1068 .item = &CMS_EncapsulatedContentInfo_it,
1073 .offset = offsetof(CMS_DigestedData, digest),
1074 .field_name = "digest",
1075 .item = &ASN1_OCTET_STRING_it,
1079 const ASN1_ITEM CMS_DigestedData_it = {
1080 .itype = ASN1_ITYPE_NDEF_SEQUENCE,
1081 .utype = V_ASN1_SEQUENCE,
1082 .templates = CMS_DigestedData_seq_tt,
1083 .tcount = sizeof(CMS_DigestedData_seq_tt) / sizeof(ASN1_TEMPLATE),
1085 .size = sizeof(CMS_DigestedData),
1086 .sname = "CMS_DigestedData",
1089 static const ASN1_TEMPLATE CMS_EncryptedData_seq_tt[] = {
1093 .offset = offsetof(CMS_EncryptedData, version),
1094 .field_name = "version",
1100 .offset = offsetof(CMS_EncryptedData, encryptedContentInfo),
1101 .field_name = "encryptedContentInfo",
1102 .item = &CMS_EncryptedContentInfo_it,
1105 .flags = ASN1_TFLG_IMPLICIT | ASN1_TFLG_SET_OF | ASN1_TFLG_OPTIONAL,
1107 .offset = offsetof(CMS_EncryptedData, unprotectedAttrs),
1108 .field_name = "unprotectedAttrs",
1109 .item = &X509_ATTRIBUTE_it,
1113 const ASN1_ITEM CMS_EncryptedData_it = {
1114 .itype = ASN1_ITYPE_NDEF_SEQUENCE,
1115 .utype = V_ASN1_SEQUENCE,
1116 .templates = CMS_EncryptedData_seq_tt,
1117 .tcount = sizeof(CMS_EncryptedData_seq_tt) / sizeof(ASN1_TEMPLATE),
1119 .size = sizeof(CMS_EncryptedData),
1120 .sname = "CMS_EncryptedData",
1123 static const ASN1_TEMPLATE CMS_AuthenticatedData_seq_tt[] = {
1127 .offset = offsetof(CMS_AuthenticatedData, version),
1128 .field_name = "version",
1132 .flags = ASN1_TFLG_IMPLICIT | ASN1_TFLG_OPTIONAL,
1134 .offset = offsetof(CMS_AuthenticatedData, originatorInfo),
1135 .field_name = "originatorInfo",
1136 .item = &CMS_OriginatorInfo_it,
1139 .flags = ASN1_TFLG_SET_OF,
1141 .offset = offsetof(CMS_AuthenticatedData, recipientInfos),
1142 .field_name = "recipientInfos",
1143 .item = &CMS_RecipientInfo_it,
1148 .offset = offsetof(CMS_AuthenticatedData, macAlgorithm),
1149 .field_name = "macAlgorithm",
1150 .item = &X509_ALGOR_it,
1153 .flags = ASN1_TFLG_IMPLICIT,
1155 .offset = offsetof(CMS_AuthenticatedData, digestAlgorithm),
1156 .field_name = "digestAlgorithm",
1157 .item = &X509_ALGOR_it,
1162 .offset = offsetof(CMS_AuthenticatedData, encapContentInfo),
1163 .field_name = "encapContentInfo",
1164 .item = &CMS_EncapsulatedContentInfo_it,
1167 .flags = ASN1_TFLG_IMPLICIT | ASN1_TFLG_SET_OF | ASN1_TFLG_OPTIONAL,
1169 .offset = offsetof(CMS_AuthenticatedData, authAttrs),
1170 .field_name = "authAttrs",
1171 .item = &X509_ALGOR_it,
1176 .offset = offsetof(CMS_AuthenticatedData, mac),
1177 .field_name = "mac",
1178 .item = &ASN1_OCTET_STRING_it,
1181 .flags = ASN1_TFLG_IMPLICIT | ASN1_TFLG_SET_OF | ASN1_TFLG_OPTIONAL,
1183 .offset = offsetof(CMS_AuthenticatedData, unauthAttrs),
1184 .field_name = "unauthAttrs",
1185 .item = &X509_ALGOR_it,
1189 static const ASN1_ITEM CMS_AuthenticatedData_it = {
1190 .itype = ASN1_ITYPE_NDEF_SEQUENCE,
1191 .utype = V_ASN1_SEQUENCE,
1192 .templates = CMS_AuthenticatedData_seq_tt,
1193 .tcount = sizeof(CMS_AuthenticatedData_seq_tt) / sizeof(ASN1_TEMPLATE),
1195 .size = sizeof(CMS_AuthenticatedData),
1196 .sname = "CMS_AuthenticatedData",
1199 static const ASN1_TEMPLATE CMS_CompressedData_seq_tt[] = {
1203 .offset = offsetof(CMS_CompressedData, version),
1204 .field_name = "version",
1210 .offset = offsetof(CMS_CompressedData, compressionAlgorithm),
1211 .field_name = "compressionAlgorithm",
1212 .item = &X509_ALGOR_it,
1217 .offset = offsetof(CMS_CompressedData, encapContentInfo),
1218 .field_name = "encapContentInfo",
1219 .item = &CMS_EncapsulatedContentInfo_it,
1223 const ASN1_ITEM CMS_CompressedData_it = {
1224 .itype = ASN1_ITYPE_NDEF_SEQUENCE,
1225 .utype = V_ASN1_SEQUENCE,
1226 .templates = CMS_CompressedData_seq_tt,
1227 .tcount = sizeof(CMS_CompressedData_seq_tt) / sizeof(ASN1_TEMPLATE),
1229 .size = sizeof(CMS_CompressedData),
1230 .sname = "CMS_CompressedData",
1233 /* This is the ANY DEFINED BY table for the top level ContentInfo structure */
1235 static const ASN1_TEMPLATE cms_default_tt = {
1236 .flags = ASN1_TFLG_EXPLICIT,
1238 .offset = offsetof(CMS_ContentInfo, d.other),
1239 .field_name = "d.other",
1240 .item = &ASN1_ANY_it,
1243 static const ASN1_ADB_TABLE CMS_ContentInfo_adbtbl[] = {
1245 .value = NID_pkcs7_data,
1247 .flags = ASN1_TFLG_EXPLICIT | ASN1_TFLG_NDEF,
1249 .offset = offsetof(CMS_ContentInfo, d.data),
1250 .field_name = "d.data",
1251 .item = &ASN1_OCTET_STRING_NDEF_it,
1256 .value = NID_pkcs7_signed,
1258 .flags = ASN1_TFLG_EXPLICIT | ASN1_TFLG_NDEF,
1260 .offset = offsetof(CMS_ContentInfo, d.signedData),
1261 .field_name = "d.signedData",
1262 .item = &CMS_SignedData_it,
1267 .value = NID_pkcs7_enveloped,
1269 .flags = ASN1_TFLG_EXPLICIT | ASN1_TFLG_NDEF,
1271 .offset = offsetof(CMS_ContentInfo, d.envelopedData),
1272 .field_name = "d.envelopedData",
1273 .item = &CMS_EnvelopedData_it,
1278 .value = NID_pkcs7_digest,
1280 .flags = ASN1_TFLG_EXPLICIT | ASN1_TFLG_NDEF,
1282 .offset = offsetof(CMS_ContentInfo, d.digestedData),
1283 .field_name = "d.digestedData",
1284 .item = &CMS_DigestedData_it,
1289 .value = NID_pkcs7_encrypted,
1291 .flags = ASN1_TFLG_EXPLICIT | ASN1_TFLG_NDEF,
1293 .offset = offsetof(CMS_ContentInfo, d.encryptedData),
1294 .field_name = "d.encryptedData",
1295 .item = &CMS_EncryptedData_it,
1300 .value = NID_id_smime_ct_authData,
1302 .flags = ASN1_TFLG_EXPLICIT | ASN1_TFLG_NDEF,
1304 .offset = offsetof(CMS_ContentInfo, d.authenticatedData),
1305 .field_name = "d.authenticatedData",
1306 .item = &CMS_AuthenticatedData_it,
1311 .value = NID_id_smime_ct_compressedData,
1313 .flags = ASN1_TFLG_EXPLICIT | ASN1_TFLG_NDEF,
1315 .offset = offsetof(CMS_ContentInfo, d.compressedData),
1316 .field_name = "d.compressedData",
1317 .item = &CMS_CompressedData_it,
1323 static const ASN1_ADB CMS_ContentInfo_adb = {
1325 .offset = offsetof(CMS_ContentInfo, contentType),
1326 .tbl = CMS_ContentInfo_adbtbl,
1327 .tblcount = sizeof(CMS_ContentInfo_adbtbl) / sizeof(ASN1_ADB_TABLE),
1328 .default_tt = &cms_default_tt,
1332 /* CMS streaming support */
1334 cms_cb(int operation, ASN1_VALUE **pval, const ASN1_ITEM *it, void *exarg)
1336 ASN1_STREAM_ARG *sarg = exarg;
1337 CMS_ContentInfo *cms = NULL;
1339 cms = (CMS_ContentInfo *)*pval;
1342 switch (operation) {
1344 case ASN1_OP_STREAM_PRE:
1345 if (CMS_stream(&sarg->boundary, cms) <= 0)
1348 case ASN1_OP_DETACHED_PRE:
1349 sarg->ndef_bio = CMS_dataInit(cms, sarg->out);
1350 if (!sarg->ndef_bio)
1354 case ASN1_OP_STREAM_POST:
1355 case ASN1_OP_DETACHED_POST:
1356 if (CMS_dataFinal(cms, sarg->ndef_bio) <= 0)
1364 static const ASN1_AUX CMS_ContentInfo_aux = {
1372 static const ASN1_TEMPLATE CMS_ContentInfo_seq_tt[] = {
1376 .offset = offsetof(CMS_ContentInfo, contentType),
1377 .field_name = "contentType",
1378 .item = &ASN1_OBJECT_it,
1381 .flags = ASN1_TFLG_ADB_OID,
1384 .field_name = "CMS_ContentInfo",
1385 .item = (const ASN1_ITEM *)&CMS_ContentInfo_adb,
1389 const ASN1_ITEM CMS_ContentInfo_it = {
1390 .itype = ASN1_ITYPE_NDEF_SEQUENCE,
1391 .utype = V_ASN1_SEQUENCE,
1392 .templates = CMS_ContentInfo_seq_tt,
1393 .tcount = sizeof(CMS_ContentInfo_seq_tt) / sizeof(ASN1_TEMPLATE),
1394 .funcs = &CMS_ContentInfo_aux,
1395 .size = sizeof(CMS_ContentInfo),
1396 .sname = "CMS_ContentInfo",
1399 /* Specials for signed attributes */
1402 * When signing attributes we want to reorder them to match the sorted
1406 static const ASN1_TEMPLATE CMS_Attributes_Sign_item_tt = {
1407 .flags = ASN1_TFLG_SET_ORDER,
1410 .field_name = "CMS_ATTRIBUTES",
1411 .item = &X509_ATTRIBUTE_it,
1414 const ASN1_ITEM CMS_Attributes_Sign_it = {
1415 .itype = ASN1_ITYPE_PRIMITIVE,
1417 .templates = &CMS_Attributes_Sign_item_tt,
1421 .sname = "CMS_Attributes_Sign",
1425 * When verifying attributes we need to use the received order. So we use
1426 * SEQUENCE OF and tag it to SET OF
1429 static const ASN1_TEMPLATE CMS_Attributes_Verify_item_tt = {
1430 .flags = ASN1_TFLG_SEQUENCE_OF | ASN1_TFLG_IMPTAG | ASN1_TFLG_UNIVERSAL,
1433 .field_name = "CMS_ATTRIBUTES",
1434 .item = &X509_ATTRIBUTE_it,
1437 const ASN1_ITEM CMS_Attributes_Verify_it = {
1438 .itype = ASN1_ITYPE_PRIMITIVE,
1440 .templates = &CMS_Attributes_Verify_item_tt,
1444 .sname = "CMS_Attributes_Verify",
1449 static const ASN1_TEMPLATE CMS_ReceiptsFrom_ch_tt[] = {
1451 .flags = ASN1_TFLG_IMPLICIT,
1453 .offset = offsetof(CMS_ReceiptsFrom, d.allOrFirstTier),
1454 .field_name = "d.allOrFirstTier",
1458 .flags = ASN1_TFLG_IMPLICIT | ASN1_TFLG_SEQUENCE_OF,
1460 .offset = offsetof(CMS_ReceiptsFrom, d.receiptList),
1461 .field_name = "d.receiptList",
1462 .item = &GENERAL_NAMES_it,
1466 static const ASN1_ITEM CMS_ReceiptsFrom_it = {
1467 .itype = ASN1_ITYPE_CHOICE,
1468 .utype = offsetof(CMS_ReceiptsFrom, type),
1469 .templates = CMS_ReceiptsFrom_ch_tt,
1470 .tcount = sizeof(CMS_ReceiptsFrom_ch_tt) / sizeof(ASN1_TEMPLATE),
1472 .size = sizeof(CMS_ReceiptsFrom),
1473 .sname = "CMS_ReceiptsFrom",
1476 static const ASN1_TEMPLATE CMS_ReceiptRequest_seq_tt[] = {
1480 .offset = offsetof(CMS_ReceiptRequest, signedContentIdentifier),
1481 .field_name = "signedContentIdentifier",
1482 .item = &ASN1_OCTET_STRING_it,
1487 .offset = offsetof(CMS_ReceiptRequest, receiptsFrom),
1488 .field_name = "receiptsFrom",
1489 .item = &CMS_ReceiptsFrom_it,
1492 .flags = ASN1_TFLG_SEQUENCE_OF,
1494 .offset = offsetof(CMS_ReceiptRequest, receiptsTo),
1495 .field_name = "receiptsTo",
1496 .item = &GENERAL_NAMES_it,
1500 const ASN1_ITEM CMS_ReceiptRequest_it = {
1501 .itype = ASN1_ITYPE_SEQUENCE,
1502 .utype = V_ASN1_SEQUENCE,
1503 .templates = CMS_ReceiptRequest_seq_tt,
1504 .tcount = sizeof(CMS_ReceiptRequest_seq_tt) / sizeof(ASN1_TEMPLATE),
1506 .size = sizeof(CMS_ReceiptRequest),
1507 .sname = "CMS_ReceiptRequest",
1510 static const ASN1_TEMPLATE CMS_Receipt_seq_tt[] = {
1514 .offset = offsetof(CMS_Receipt, version),
1515 .field_name = "version",
1521 .offset = offsetof(CMS_Receipt, contentType),
1522 .field_name = "contentType",
1523 .item = &ASN1_OBJECT_it,
1528 .offset = offsetof(CMS_Receipt, signedContentIdentifier),
1529 .field_name = "signedContentIdentifier",
1530 .item = &ASN1_OCTET_STRING_it,
1535 .offset = offsetof(CMS_Receipt, originatorSignatureValue),
1536 .field_name = "originatorSignatureValue",
1537 .item = &ASN1_OCTET_STRING_it,
1541 const ASN1_ITEM CMS_Receipt_it = {
1542 .itype = ASN1_ITYPE_SEQUENCE,
1543 .utype = V_ASN1_SEQUENCE,
1544 .templates = CMS_Receipt_seq_tt,
1545 .tcount = sizeof(CMS_Receipt_seq_tt) / sizeof(ASN1_TEMPLATE),
1547 .size = sizeof(CMS_Receipt),
1548 .sname = "CMS_Receipt",
1552 * Utilities to encode the CMS_SharedInfo structure used during key
1557 X509_ALGOR *keyInfo;
1558 ASN1_OCTET_STRING *entityUInfo;
1559 ASN1_OCTET_STRING *suppPubInfo;
1562 static const ASN1_TEMPLATE CMS_SharedInfo_seq_tt[] = {
1566 .offset = offsetof(CMS_SharedInfo, keyInfo),
1567 .field_name = "keyInfo",
1568 .item = &X509_ALGOR_it,
1571 .flags = ASN1_TFLG_EXPLICIT | ASN1_TFLG_OPTIONAL,
1573 .offset = offsetof(CMS_SharedInfo, entityUInfo),
1574 .field_name = "entityUInfo",
1575 .item = &ASN1_OCTET_STRING_it,
1578 .flags = ASN1_TFLG_EXPLICIT | ASN1_TFLG_OPTIONAL,
1580 .offset = offsetof(CMS_SharedInfo, suppPubInfo),
1581 .field_name = "suppPubInfo",
1582 .item = &ASN1_OCTET_STRING_it,
1586 static const ASN1_ITEM CMS_SharedInfo_it = {
1587 .itype = ASN1_ITYPE_SEQUENCE,
1588 .utype = V_ASN1_SEQUENCE,
1589 .templates = CMS_SharedInfo_seq_tt,
1590 .tcount = sizeof(CMS_SharedInfo_seq_tt) / sizeof(ASN1_TEMPLATE),
1592 .size = sizeof(CMS_SharedInfo),
1593 .sname = "CMS_SharedInfo",
1597 CMS_SharedInfo_encode(unsigned char **pder, X509_ALGOR *kekalg,
1598 ASN1_OCTET_STRING *ukm, int keylen)
1601 CMS_SharedInfo *pecsi;
1607 ASN1_OCTET_STRING oklen;
1608 unsigned char kl[4];
1609 CMS_SharedInfo ecsi;
1612 kl[0] = (keylen >> 24) & 0xff;
1613 kl[1] = (keylen >> 16) & 0xff;
1614 kl[2] = (keylen >> 8) & 0xff;
1615 kl[3] = keylen & 0xff;
1618 oklen.type = V_ASN1_OCTET_STRING;
1620 ecsi.keyInfo = kekalg;
1621 ecsi.entityUInfo = ukm;
1622 ecsi.suppPubInfo = &oklen;
1623 intsi.pecsi = &ecsi;
1625 return ASN1_item_i2d(intsi.a, pder, &CMS_SharedInfo_it);