MultiTech / CyaSSL

A library for setting up Secure Socket Layer (SSL) connections and verifying remote hosts using certificates. Contains only the source files for mbed platform implementation of the library.

Dependents:   HTTPClient-SSL HTTPClient-SSL HTTPClient-SSL HTTPClient-SSL

cyassl/ctaocrypt/pkcs7.h@0:b86d15c6ba29, 2015-01-19 (annotated)

Committer:
Vanger
Date:
Mon Jan 19 21:45:42 2015 +0000
Revision:
0:b86d15c6ba29
Updated CyaSSL Library to 3.3.0. Changed Settings and functions to be implemented for mbed platforms

Who changed what in which revision?

UserRevisionLine numberNew contents of line
Vanger 0:b86d15c6ba29 1 /* pkcs7.h
Vanger 0:b86d15c6ba29 2 *
Vanger 0:b86d15c6ba29 3 * Copyright (C) 2006-2014 wolfSSL Inc.
Vanger 0:b86d15c6ba29 4 *
Vanger 0:b86d15c6ba29 5 * This file is part of CyaSSL.
Vanger 0:b86d15c6ba29 6 *
Vanger 0:b86d15c6ba29 7 * CyaSSL is free software; you can redistribute it and/or modify
Vanger 0:b86d15c6ba29 8 * it under the terms of the GNU General Public License as published by
Vanger 0:b86d15c6ba29 9 * the Free Software Foundation; either version 2 of the License, or
Vanger 0:b86d15c6ba29 10 * (at your option) any later version.
Vanger 0:b86d15c6ba29 11 *
Vanger 0:b86d15c6ba29 12 * CyaSSL is distributed in the hope that it will be useful,
Vanger 0:b86d15c6ba29 13 * * but WITHOUT ANY WARRANTY; without even the implied warranty of
Vanger 0:b86d15c6ba29 14 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
Vanger 0:b86d15c6ba29 15 * GNU General Public License for more details.
Vanger 0:b86d15c6ba29 16 *
Vanger 0:b86d15c6ba29 17 * You should have received a copy of the GNU General Public License
Vanger 0:b86d15c6ba29 18 * along with this program; if not, write to the Free Software
Vanger 0:b86d15c6ba29 19 * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA
Vanger 0:b86d15c6ba29 20 */
Vanger 0:b86d15c6ba29 21
Vanger 0:b86d15c6ba29 22
Vanger 0:b86d15c6ba29 23 #ifdef HAVE_PKCS7
Vanger 0:b86d15c6ba29 24
Vanger 0:b86d15c6ba29 25 #ifndef CTAO_CRYPT_PKCS7_H
Vanger 0:b86d15c6ba29 26 #define CTAO_CRYPT_PKCS7_H
Vanger 0:b86d15c6ba29 27
Vanger 0:b86d15c6ba29 28 #include <cyassl/ctaocrypt/types.h>
Vanger 0:b86d15c6ba29 29 #include <cyassl/ctaocrypt/asn.h>
Vanger 0:b86d15c6ba29 30 #include <cyassl/ctaocrypt/asn_public.h>
Vanger 0:b86d15c6ba29 31 #include <cyassl/ctaocrypt/random.h>
Vanger 0:b86d15c6ba29 32 #include <cyassl/ctaocrypt/des3.h>
Vanger 0:b86d15c6ba29 33
Vanger 0:b86d15c6ba29 34 #ifdef __cplusplus
Vanger 0:b86d15c6ba29 35 extern "C" {
Vanger 0:b86d15c6ba29 36 #endif
Vanger 0:b86d15c6ba29 37
Vanger 0:b86d15c6ba29 38 /* PKCS#7 content types, ref RFC 2315 (Section 14) */
Vanger 0:b86d15c6ba29 39 enum PKCS7_TYPES {
Vanger 0:b86d15c6ba29 40 PKCS7_MSG = 650, /* 1.2.840.113549.1.7 */
Vanger 0:b86d15c6ba29 41 DATA = 651, /* 1.2.840.113549.1.7.1 */
Vanger 0:b86d15c6ba29 42 SIGNED_DATA = 652, /* 1.2.840.113549.1.7.2 */
Vanger 0:b86d15c6ba29 43 ENVELOPED_DATA = 653, /* 1.2.840.113549.1.7.3 */
Vanger 0:b86d15c6ba29 44 SIGNED_AND_ENVELOPED_DATA = 654, /* 1.2.840.113549.1.7.4 */
Vanger 0:b86d15c6ba29 45 DIGESTED_DATA = 655, /* 1.2.840.113549.1.7.5 */
Vanger 0:b86d15c6ba29 46 ENCRYPTED_DATA = 656 /* 1.2.840.113549.1.7.6 */
Vanger 0:b86d15c6ba29 47 };
Vanger 0:b86d15c6ba29 48
Vanger 0:b86d15c6ba29 49 enum Pkcs7_Misc {
Vanger 0:b86d15c6ba29 50 PKCS7_NONCE_SZ = 16,
Vanger 0:b86d15c6ba29 51 MAX_ENCRYPTED_KEY_SZ = 512, /* max enc. key size, RSA <= 4096 */
Vanger 0:b86d15c6ba29 52 MAX_CONTENT_KEY_LEN = DES3_KEYLEN, /* highest current cipher is 3DES */
Vanger 0:b86d15c6ba29 53 MAX_RECIP_SZ = MAX_VERSION_SZ +
Vanger 0:b86d15c6ba29 54 MAX_SEQ_SZ + ASN_NAME_MAX + MAX_SN_SZ +
Vanger 0:b86d15c6ba29 55 MAX_SEQ_SZ + MAX_ALGO_SZ + 1 + MAX_ENCRYPTED_KEY_SZ
Vanger 0:b86d15c6ba29 56 };
Vanger 0:b86d15c6ba29 57
Vanger 0:b86d15c6ba29 58
Vanger 0:b86d15c6ba29 59 typedef struct PKCS7Attrib {
Vanger 0:b86d15c6ba29 60 byte* oid;
Vanger 0:b86d15c6ba29 61 word32 oidSz;
Vanger 0:b86d15c6ba29 62 byte* value;
Vanger 0:b86d15c6ba29 63 word32 valueSz;
Vanger 0:b86d15c6ba29 64 } PKCS7Attrib;
Vanger 0:b86d15c6ba29 65
Vanger 0:b86d15c6ba29 66
Vanger 0:b86d15c6ba29 67 typedef struct PKCS7 {
Vanger 0:b86d15c6ba29 68 byte* content; /* inner content, not owner */
Vanger 0:b86d15c6ba29 69 word32 contentSz; /* content size */
Vanger 0:b86d15c6ba29 70 int contentOID; /* PKCS#7 content type OID sum */
Vanger 0:b86d15c6ba29 71
Vanger 0:b86d15c6ba29 72 RNG* rng;
Vanger 0:b86d15c6ba29 73
Vanger 0:b86d15c6ba29 74 int hashOID;
Vanger 0:b86d15c6ba29 75 int encryptOID; /* key encryption algorithm OID */
Vanger 0:b86d15c6ba29 76
Vanger 0:b86d15c6ba29 77 byte* singleCert; /* recipient cert, DER, not owner */
Vanger 0:b86d15c6ba29 78 word32 singleCertSz; /* size of recipient cert buffer, bytes */
Vanger 0:b86d15c6ba29 79 byte issuerHash[SHA_SIZE]; /* hash of all alt Names */
Vanger 0:b86d15c6ba29 80 byte* issuer; /* issuer name of singleCert */
Vanger 0:b86d15c6ba29 81 word32 issuerSz; /* length of issuer name */
Vanger 0:b86d15c6ba29 82 byte issuerSn[MAX_SN_SZ]; /* singleCert's serial number */
Vanger 0:b86d15c6ba29 83 word32 issuerSnSz; /* length of serial number */
Vanger 0:b86d15c6ba29 84 byte publicKey[512];
Vanger 0:b86d15c6ba29 85 word32 publicKeySz;
Vanger 0:b86d15c6ba29 86 byte* privateKey; /* private key, DER, not owner */
Vanger 0:b86d15c6ba29 87 word32 privateKeySz; /* size of private key buffer, bytes */
Vanger 0:b86d15c6ba29 88
Vanger 0:b86d15c6ba29 89 PKCS7Attrib* signedAttribs;
Vanger 0:b86d15c6ba29 90 word32 signedAttribsSz;
Vanger 0:b86d15c6ba29 91 } PKCS7;
Vanger 0:b86d15c6ba29 92
Vanger 0:b86d15c6ba29 93
Vanger 0:b86d15c6ba29 94 CYASSL_LOCAL int SetContentType(int pkcs7TypeOID, byte* output);
Vanger 0:b86d15c6ba29 95 CYASSL_LOCAL int GetContentType(const byte* input, word32* inOutIdx,
Vanger 0:b86d15c6ba29 96 word32* oid, word32 maxIdx);
Vanger 0:b86d15c6ba29 97 CYASSL_LOCAL int CreateRecipientInfo(const byte* cert, word32 certSz,
Vanger 0:b86d15c6ba29 98 int keyEncAlgo, int blockKeySz,
Vanger 0:b86d15c6ba29 99 RNG* rng, byte* contentKeyPlain,
Vanger 0:b86d15c6ba29 100 byte* contentKeyEnc,
Vanger 0:b86d15c6ba29 101 int* keyEncSz, byte* out, word32 outSz);
Vanger 0:b86d15c6ba29 102
Vanger 0:b86d15c6ba29 103 CYASSL_API int PKCS7_InitWithCert(PKCS7* pkcs7, byte* cert, word32 certSz);
Vanger 0:b86d15c6ba29 104 CYASSL_API void PKCS7_Free(PKCS7* pkcs7);
Vanger 0:b86d15c6ba29 105 CYASSL_API int PKCS7_EncodeData(PKCS7* pkcs7, byte* output, word32 outputSz);
Vanger 0:b86d15c6ba29 106 CYASSL_API int PKCS7_EncodeSignedData(PKCS7* pkcs7,
Vanger 0:b86d15c6ba29 107 byte* output, word32 outputSz);
Vanger 0:b86d15c6ba29 108 CYASSL_API int PKCS7_VerifySignedData(PKCS7* pkcs7,
Vanger 0:b86d15c6ba29 109 byte* pkiMsg, word32 pkiMsgSz);
Vanger 0:b86d15c6ba29 110 CYASSL_API int PKCS7_EncodeEnvelopedData(PKCS7* pkcs7,
Vanger 0:b86d15c6ba29 111 byte* output, word32 outputSz);
Vanger 0:b86d15c6ba29 112 CYASSL_API int PKCS7_DecodeEnvelopedData(PKCS7* pkcs7, byte* pkiMsg,
Vanger 0:b86d15c6ba29 113 word32 pkiMsgSz, byte* output,
Vanger 0:b86d15c6ba29 114 word32 outputSz);
Vanger 0:b86d15c6ba29 115
Vanger 0:b86d15c6ba29 116 #ifdef __cplusplus
Vanger 0:b86d15c6ba29 117 } /* extern "C" */
Vanger 0:b86d15c6ba29 118 #endif
Vanger 0:b86d15c6ba29 119
Vanger 0:b86d15c6ba29 120 #endif /* CTAO_CRYPT_PKCS7_H */
Vanger 0:b86d15c6ba29 121
Vanger 0:b86d15c6ba29 122 #endif /* HAVE_PKCS7 */
Vanger 0:b86d15c6ba29 123