pkcs7.h

00001 /* pkcs7.h
00002  *
00003  * Copyright (C) 2006-2016 wolfSSL Inc.
00004  *
00005  * This file is part of wolfSSL.
00006  *
00007  * wolfSSL is free software; you can redistribute it and/or modify
00008  * it under the terms of the GNU General Public License as published by
00009  * the Free Software Foundation; either version 2 of the License, or
00010  * (at your option) any later version.
00011  *
00012  * wolfSSL is distributed in the hope that it will be useful,
00013  * but WITHOUT ANY WARRANTY; without even the implied warranty of
00014  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
00015  * GNU General Public License for more details.
00016  *
00017  * You should have received a copy of the GNU General Public License
00018  * along with this program; if not, write to the Free Software
00019  * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1335, USA
00020  */
00021 
00022 
00023 #ifndef WOLF_CRYPT_PKCS7_H
00024 #define WOLF_CRYPT_PKCS7_H
00025 
00026 #include <wolfssl/wolfcrypt/types.h>
00027 
00028 #ifdef HAVE_PKCS7
00029 
00030 #ifndef NO_ASN
00031     #include <wolfssl/wolfcrypt/asn.h>
00032 #endif
00033 #include <wolfssl/wolfcrypt/asn_public.h>
00034 #include <wolfssl/wolfcrypt/random.h>
00035 #ifndef NO_DES3
00036     #include <wolfssl/wolfcrypt/des3.h>
00037 #endif
00038 
00039 #ifdef __cplusplus
00040     extern "C" {
00041 #endif
00042 
00043 /* PKCS#7 content types, ref RFC 2315 (Section 14) */
00044 enum PKCS7_TYPES {
00045     PKCS7_MSG                 = 650,   /* 1.2.840.113549.1.7   */
00046     DATA                      = 651,   /* 1.2.840.113549.1.7.1 */
00047     SIGNED_DATA               = 652,   /* 1.2.840.113549.1.7.2 */
00048     ENVELOPED_DATA            = 653,   /* 1.2.840.113549.1.7.3 */
00049     SIGNED_AND_ENVELOPED_DATA = 654,   /* 1.2.840.113549.1.7.4 */
00050     DIGESTED_DATA             = 655,   /* 1.2.840.113549.1.7.5 */
00051     ENCRYPTED_DATA            = 656    /* 1.2.840.113549.1.7.6 */
00052 };
00053 
00054 enum Pkcs7_Misc {
00055     PKCS7_NONCE_SZ       = 16,
00056     MAX_ENCRYPTED_KEY_SZ = 512,           /* max enc. key size, RSA <= 4096 */
00057     MAX_CONTENT_KEY_LEN  = DES3_KEYLEN,   /* highest current cipher is 3DES */
00058     MAX_RECIP_SZ         = MAX_VERSION_SZ +
00059                            MAX_SEQ_SZ + ASN_NAME_MAX + MAX_SN_SZ +
00060                            MAX_SEQ_SZ + MAX_ALGO_SZ + 1 + MAX_ENCRYPTED_KEY_SZ
00061 };
00062 
00063 
00064 typedef struct PKCS7Attrib {
00065     byte* oid;
00066     word32 oidSz;
00067     byte* value;
00068     word32 valueSz;
00069 } PKCS7Attrib;
00070 
00071 
00072 typedef struct PKCS7 {
00073     byte* content;                /* inner content, not owner             */
00074     word32 contentSz;             /* content size                         */
00075     int contentOID;               /* PKCS#7 content type OID sum          */
00076 
00077     WC_RNG* rng;
00078 
00079     int hashOID;
00080     int encryptOID;               /* key encryption algorithm OID         */
00081 
00082     byte*  singleCert;            /* recipient cert, DER, not owner       */
00083     word32 singleCertSz;          /* size of recipient cert buffer, bytes */
00084     byte issuerHash[KEYID_SIZE];  /* hash of all alt Names                */
00085     byte*  issuer;                /* issuer name of singleCert            */
00086     word32 issuerSz;              /* length of issuer name                */
00087     byte issuerSn[MAX_SN_SZ];     /* singleCert's serial number           */
00088     word32 issuerSnSz;            /* length of serial number              */
00089     byte publicKey[512];
00090     word32 publicKeySz;
00091     byte*  privateKey;            /* private key, DER, not owner          */
00092     word32 privateKeySz;          /* size of private key buffer, bytes    */
00093 
00094     PKCS7Attrib* signedAttribs;
00095     word32 signedAttribsSz;
00096 } PKCS7;
00097 
00098 
00099 WOLFSSL_LOCAL int wc_SetContentType(int pkcs7TypeOID, byte* output);
00100 WOLFSSL_LOCAL int wc_GetContentType(const byte* input, word32* inOutIdx,
00101                                 word32* oid, word32 maxIdx);
00102 WOLFSSL_LOCAL int wc_CreateRecipientInfo(const byte* cert, word32 certSz,
00103                                      int keyEncAlgo, int blockKeySz,
00104                                      WC_RNG* rng, byte* contentKeyPlain,
00105                                      byte* contentKeyEnc,
00106                                      int* keyEncSz, byte* out, word32 outSz);
00107 
00108 WOLFSSL_API int  wc_PKCS7_InitWithCert(PKCS7* pkcs7, byte* cert, word32 certSz);
00109 WOLFSSL_API void wc_PKCS7_Free(PKCS7* pkcs7);
00110 WOLFSSL_API int  wc_PKCS7_EncodeData(PKCS7* pkcs7, byte* output, word32 outputSz);
00111 WOLFSSL_API int  wc_PKCS7_EncodeSignedData(PKCS7* pkcs7,
00112                                        byte* output, word32 outputSz);
00113 WOLFSSL_API int  wc_PKCS7_VerifySignedData(PKCS7* pkcs7,
00114                                        byte* pkiMsg, word32 pkiMsgSz);
00115 WOLFSSL_API int  wc_PKCS7_EncodeEnvelopedData(PKCS7* pkcs7,
00116                                           byte* output, word32 outputSz);
00117 WOLFSSL_API int  wc_PKCS7_DecodeEnvelopedData(PKCS7* pkcs7, byte* pkiMsg,
00118                                           word32 pkiMsgSz, byte* output,
00119                                           word32 outputSz);
00120 
00121 #ifdef __cplusplus
00122     } /* extern "C" */
00123 #endif
00124 
00125 #endif /* HAVE_PKCS7 */
00126 #endif /* WOLF_CRYPT_PKCS7_H */
00127 
00128