1*4882a593Smuzhiyun /* SPDX-License-Identifier: GPL-2.0-or-later */ 2*4882a593Smuzhiyun /* PKCS#7 crypto data parser internal definitions 3*4882a593Smuzhiyun * 4*4882a593Smuzhiyun * Copyright (C) 2012 Red Hat, Inc. All Rights Reserved. 5*4882a593Smuzhiyun * Written by David Howells (dhowells@redhat.com) 6*4882a593Smuzhiyun */ 7*4882a593Smuzhiyun 8*4882a593Smuzhiyun #include <linux/oid_registry.h> 9*4882a593Smuzhiyun #include <crypto/pkcs7.h> 10*4882a593Smuzhiyun #include "x509_parser.h" 11*4882a593Smuzhiyun 12*4882a593Smuzhiyun #define kenter(FMT, ...) \ 13*4882a593Smuzhiyun pr_devel("==> %s("FMT")\n", __func__, ##__VA_ARGS__) 14*4882a593Smuzhiyun #define kleave(FMT, ...) \ 15*4882a593Smuzhiyun pr_devel("<== %s()"FMT"\n", __func__, ##__VA_ARGS__) 16*4882a593Smuzhiyun 17*4882a593Smuzhiyun struct pkcs7_signed_info { 18*4882a593Smuzhiyun struct pkcs7_signed_info *next; 19*4882a593Smuzhiyun struct x509_certificate *signer; /* Signing certificate (in msg->certs) */ 20*4882a593Smuzhiyun unsigned index; 21*4882a593Smuzhiyun bool unsupported_crypto; /* T if not usable due to missing crypto */ 22*4882a593Smuzhiyun bool blacklisted; 23*4882a593Smuzhiyun 24*4882a593Smuzhiyun /* Message digest - the digest of the Content Data (or NULL) */ 25*4882a593Smuzhiyun const void *msgdigest; 26*4882a593Smuzhiyun unsigned msgdigest_len; 27*4882a593Smuzhiyun 28*4882a593Smuzhiyun /* Authenticated Attribute data (or NULL) */ 29*4882a593Smuzhiyun unsigned authattrs_len; 30*4882a593Smuzhiyun const void *authattrs; 31*4882a593Smuzhiyun unsigned long aa_set; 32*4882a593Smuzhiyun #define sinfo_has_content_type 0 33*4882a593Smuzhiyun #define sinfo_has_signing_time 1 34*4882a593Smuzhiyun #define sinfo_has_message_digest 2 35*4882a593Smuzhiyun #define sinfo_has_smime_caps 3 36*4882a593Smuzhiyun #define sinfo_has_ms_opus_info 4 37*4882a593Smuzhiyun #define sinfo_has_ms_statement_type 5 38*4882a593Smuzhiyun time64_t signing_time; 39*4882a593Smuzhiyun 40*4882a593Smuzhiyun /* Message signature. 41*4882a593Smuzhiyun * 42*4882a593Smuzhiyun * This contains the generated digest of _either_ the Content Data or 43*4882a593Smuzhiyun * the Authenticated Attributes [RFC2315 9.3]. If the latter, one of 44*4882a593Smuzhiyun * the attributes contains the digest of the the Content Data within 45*4882a593Smuzhiyun * it. 46*4882a593Smuzhiyun * 47*4882a593Smuzhiyun * THis also contains the issuing cert serial number and issuer's name 48*4882a593Smuzhiyun * [PKCS#7 or CMS ver 1] or issuing cert's SKID [CMS ver 3]. 49*4882a593Smuzhiyun */ 50*4882a593Smuzhiyun struct public_key_signature *sig; 51*4882a593Smuzhiyun }; 52*4882a593Smuzhiyun 53*4882a593Smuzhiyun struct pkcs7_message { 54*4882a593Smuzhiyun struct x509_certificate *certs; /* Certificate list */ 55*4882a593Smuzhiyun struct x509_certificate *crl; /* Revocation list */ 56*4882a593Smuzhiyun struct pkcs7_signed_info *signed_infos; 57*4882a593Smuzhiyun u8 version; /* Version of cert (1 -> PKCS#7 or CMS; 3 -> CMS) */ 58*4882a593Smuzhiyun bool have_authattrs; /* T if have authattrs */ 59*4882a593Smuzhiyun 60*4882a593Smuzhiyun /* Content Data (or NULL) */ 61*4882a593Smuzhiyun enum OID data_type; /* Type of Data */ 62*4882a593Smuzhiyun size_t data_len; /* Length of Data */ 63*4882a593Smuzhiyun size_t data_hdrlen; /* Length of Data ASN.1 header */ 64*4882a593Smuzhiyun const void *data; /* Content Data (or 0) */ 65*4882a593Smuzhiyun }; 66