1a88cfce91374498578c44013041416c0c5b09b1eKenny Root/* crypto/cms/cms_asn1.c */ 2a88cfce91374498578c44013041416c0c5b09b1eKenny Root/* Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL 3a88cfce91374498578c44013041416c0c5b09b1eKenny Root * project. 4a88cfce91374498578c44013041416c0c5b09b1eKenny Root */ 5a88cfce91374498578c44013041416c0c5b09b1eKenny Root/* ==================================================================== 6a88cfce91374498578c44013041416c0c5b09b1eKenny Root * Copyright (c) 2008 The OpenSSL Project. All rights reserved. 7a88cfce91374498578c44013041416c0c5b09b1eKenny Root * 8a88cfce91374498578c44013041416c0c5b09b1eKenny Root * Redistribution and use in source and binary forms, with or without 9a88cfce91374498578c44013041416c0c5b09b1eKenny Root * modification, are permitted provided that the following conditions 10a88cfce91374498578c44013041416c0c5b09b1eKenny Root * are met: 11a88cfce91374498578c44013041416c0c5b09b1eKenny Root * 12a88cfce91374498578c44013041416c0c5b09b1eKenny Root * 1. Redistributions of source code must retain the above copyright 13a88cfce91374498578c44013041416c0c5b09b1eKenny Root * notice, this list of conditions and the following disclaimer. 14a88cfce91374498578c44013041416c0c5b09b1eKenny Root * 15a88cfce91374498578c44013041416c0c5b09b1eKenny Root * 2. Redistributions in binary form must reproduce the above copyright 16a88cfce91374498578c44013041416c0c5b09b1eKenny Root * notice, this list of conditions and the following disclaimer in 17a88cfce91374498578c44013041416c0c5b09b1eKenny Root * the documentation and/or other materials provided with the 18a88cfce91374498578c44013041416c0c5b09b1eKenny Root * distribution. 19a88cfce91374498578c44013041416c0c5b09b1eKenny Root * 20a88cfce91374498578c44013041416c0c5b09b1eKenny Root * 3. All advertising materials mentioning features or use of this 21a88cfce91374498578c44013041416c0c5b09b1eKenny Root * software must display the following acknowledgment: 22a88cfce91374498578c44013041416c0c5b09b1eKenny Root * "This product includes software developed by the OpenSSL Project 23a88cfce91374498578c44013041416c0c5b09b1eKenny Root * for use in the OpenSSL Toolkit. (http://www.OpenSSL.org/)" 24a88cfce91374498578c44013041416c0c5b09b1eKenny Root * 25a88cfce91374498578c44013041416c0c5b09b1eKenny Root * 4. The names "OpenSSL Toolkit" and "OpenSSL Project" must not be used to 26a88cfce91374498578c44013041416c0c5b09b1eKenny Root * endorse or promote products derived from this software without 27a88cfce91374498578c44013041416c0c5b09b1eKenny Root * prior written permission. For written permission, please contact 28a88cfce91374498578c44013041416c0c5b09b1eKenny Root * licensing@OpenSSL.org. 29a88cfce91374498578c44013041416c0c5b09b1eKenny Root * 30a88cfce91374498578c44013041416c0c5b09b1eKenny Root * 5. Products derived from this software may not be called "OpenSSL" 31a88cfce91374498578c44013041416c0c5b09b1eKenny Root * nor may "OpenSSL" appear in their names without prior written 32a88cfce91374498578c44013041416c0c5b09b1eKenny Root * permission of the OpenSSL Project. 33a88cfce91374498578c44013041416c0c5b09b1eKenny Root * 34a88cfce91374498578c44013041416c0c5b09b1eKenny Root * 6. Redistributions of any form whatsoever must retain the following 35a88cfce91374498578c44013041416c0c5b09b1eKenny Root * acknowledgment: 36a88cfce91374498578c44013041416c0c5b09b1eKenny Root * "This product includes software developed by the OpenSSL Project 37a88cfce91374498578c44013041416c0c5b09b1eKenny Root * for use in the OpenSSL Toolkit (http://www.OpenSSL.org/)" 38a88cfce91374498578c44013041416c0c5b09b1eKenny Root * 39a88cfce91374498578c44013041416c0c5b09b1eKenny Root * THIS SOFTWARE IS PROVIDED BY THE OpenSSL PROJECT ``AS IS'' AND ANY 40a88cfce91374498578c44013041416c0c5b09b1eKenny Root * EXPRESSED OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE 41a88cfce91374498578c44013041416c0c5b09b1eKenny Root * IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR 42a88cfce91374498578c44013041416c0c5b09b1eKenny Root * PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE OpenSSL PROJECT OR 43a88cfce91374498578c44013041416c0c5b09b1eKenny Root * ITS CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, 44a88cfce91374498578c44013041416c0c5b09b1eKenny Root * SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT 45a88cfce91374498578c44013041416c0c5b09b1eKenny Root * NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; 46a88cfce91374498578c44013041416c0c5b09b1eKenny Root * LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) 47a88cfce91374498578c44013041416c0c5b09b1eKenny Root * HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, 48a88cfce91374498578c44013041416c0c5b09b1eKenny Root * STRICT LIABILITY, OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) 49a88cfce91374498578c44013041416c0c5b09b1eKenny Root * ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED 50a88cfce91374498578c44013041416c0c5b09b1eKenny Root * OF THE POSSIBILITY OF SUCH DAMAGE. 51a88cfce91374498578c44013041416c0c5b09b1eKenny Root * ==================================================================== 52a88cfce91374498578c44013041416c0c5b09b1eKenny Root */ 53a88cfce91374498578c44013041416c0c5b09b1eKenny Root 54a88cfce91374498578c44013041416c0c5b09b1eKenny Root#include <openssl/asn1t.h> 55a88cfce91374498578c44013041416c0c5b09b1eKenny Root#include <openssl/pem.h> 56a88cfce91374498578c44013041416c0c5b09b1eKenny Root#include <openssl/x509v3.h> 57a88cfce91374498578c44013041416c0c5b09b1eKenny Root#include "cms.h" 58a88cfce91374498578c44013041416c0c5b09b1eKenny Root#include "cms_lcl.h" 59a88cfce91374498578c44013041416c0c5b09b1eKenny Root 60a88cfce91374498578c44013041416c0c5b09b1eKenny Root 61a88cfce91374498578c44013041416c0c5b09b1eKenny RootASN1_SEQUENCE(CMS_IssuerAndSerialNumber) = { 62a88cfce91374498578c44013041416c0c5b09b1eKenny Root ASN1_SIMPLE(CMS_IssuerAndSerialNumber, issuer, X509_NAME), 63a88cfce91374498578c44013041416c0c5b09b1eKenny Root ASN1_SIMPLE(CMS_IssuerAndSerialNumber, serialNumber, ASN1_INTEGER) 64a88cfce91374498578c44013041416c0c5b09b1eKenny Root} ASN1_SEQUENCE_END(CMS_IssuerAndSerialNumber) 65a88cfce91374498578c44013041416c0c5b09b1eKenny Root 66a88cfce91374498578c44013041416c0c5b09b1eKenny RootASN1_SEQUENCE(CMS_OtherCertificateFormat) = { 67a88cfce91374498578c44013041416c0c5b09b1eKenny Root ASN1_SIMPLE(CMS_OtherCertificateFormat, otherCertFormat, ASN1_OBJECT), 68a88cfce91374498578c44013041416c0c5b09b1eKenny Root ASN1_OPT(CMS_OtherCertificateFormat, otherCert, ASN1_ANY) 69a88cfce91374498578c44013041416c0c5b09b1eKenny Root} ASN1_SEQUENCE_END(CMS_OtherCertificateFormat) 70a88cfce91374498578c44013041416c0c5b09b1eKenny Root 71a88cfce91374498578c44013041416c0c5b09b1eKenny RootASN1_CHOICE(CMS_CertificateChoices) = { 72a88cfce91374498578c44013041416c0c5b09b1eKenny Root ASN1_SIMPLE(CMS_CertificateChoices, d.certificate, X509), 73a88cfce91374498578c44013041416c0c5b09b1eKenny Root ASN1_IMP(CMS_CertificateChoices, d.extendedCertificate, ASN1_SEQUENCE, 0), 74a88cfce91374498578c44013041416c0c5b09b1eKenny Root ASN1_IMP(CMS_CertificateChoices, d.v1AttrCert, ASN1_SEQUENCE, 1), 75a88cfce91374498578c44013041416c0c5b09b1eKenny Root ASN1_IMP(CMS_CertificateChoices, d.v2AttrCert, ASN1_SEQUENCE, 2), 76a88cfce91374498578c44013041416c0c5b09b1eKenny Root ASN1_IMP(CMS_CertificateChoices, d.other, CMS_OtherCertificateFormat, 3) 77a88cfce91374498578c44013041416c0c5b09b1eKenny Root} ASN1_CHOICE_END(CMS_CertificateChoices) 78a88cfce91374498578c44013041416c0c5b09b1eKenny Root 79a88cfce91374498578c44013041416c0c5b09b1eKenny RootASN1_CHOICE(CMS_SignerIdentifier) = { 80a88cfce91374498578c44013041416c0c5b09b1eKenny Root ASN1_SIMPLE(CMS_SignerIdentifier, d.issuerAndSerialNumber, CMS_IssuerAndSerialNumber), 81a88cfce91374498578c44013041416c0c5b09b1eKenny Root ASN1_IMP(CMS_SignerIdentifier, d.subjectKeyIdentifier, ASN1_OCTET_STRING, 0) 82a88cfce91374498578c44013041416c0c5b09b1eKenny Root} ASN1_CHOICE_END(CMS_SignerIdentifier) 83a88cfce91374498578c44013041416c0c5b09b1eKenny Root 84a88cfce91374498578c44013041416c0c5b09b1eKenny RootASN1_NDEF_SEQUENCE(CMS_EncapsulatedContentInfo) = { 85a88cfce91374498578c44013041416c0c5b09b1eKenny Root ASN1_SIMPLE(CMS_EncapsulatedContentInfo, eContentType, ASN1_OBJECT), 86a88cfce91374498578c44013041416c0c5b09b1eKenny Root ASN1_NDEF_EXP_OPT(CMS_EncapsulatedContentInfo, eContent, ASN1_OCTET_STRING_NDEF, 0) 87a88cfce91374498578c44013041416c0c5b09b1eKenny Root} ASN1_NDEF_SEQUENCE_END(CMS_EncapsulatedContentInfo) 88a88cfce91374498578c44013041416c0c5b09b1eKenny Root 89a88cfce91374498578c44013041416c0c5b09b1eKenny Root/* Minor tweak to operation: free up signer key, cert */ 90a88cfce91374498578c44013041416c0c5b09b1eKenny Rootstatic int cms_si_cb(int operation, ASN1_VALUE **pval, const ASN1_ITEM *it, 91a88cfce91374498578c44013041416c0c5b09b1eKenny Root void *exarg) 92a88cfce91374498578c44013041416c0c5b09b1eKenny Root { 93a88cfce91374498578c44013041416c0c5b09b1eKenny Root if(operation == ASN1_OP_FREE_POST) 94a88cfce91374498578c44013041416c0c5b09b1eKenny Root { 95a88cfce91374498578c44013041416c0c5b09b1eKenny Root CMS_SignerInfo *si = (CMS_SignerInfo *)*pval; 96a88cfce91374498578c44013041416c0c5b09b1eKenny Root if (si->pkey) 97a88cfce91374498578c44013041416c0c5b09b1eKenny Root EVP_PKEY_free(si->pkey); 98a88cfce91374498578c44013041416c0c5b09b1eKenny Root if (si->signer) 99a88cfce91374498578c44013041416c0c5b09b1eKenny Root X509_free(si->signer); 100a88cfce91374498578c44013041416c0c5b09b1eKenny Root } 101a88cfce91374498578c44013041416c0c5b09b1eKenny Root return 1; 102a88cfce91374498578c44013041416c0c5b09b1eKenny Root } 103a88cfce91374498578c44013041416c0c5b09b1eKenny Root 104a88cfce91374498578c44013041416c0c5b09b1eKenny RootASN1_SEQUENCE_cb(CMS_SignerInfo, cms_si_cb) = { 105a88cfce91374498578c44013041416c0c5b09b1eKenny Root ASN1_SIMPLE(CMS_SignerInfo, version, LONG), 106a88cfce91374498578c44013041416c0c5b09b1eKenny Root ASN1_SIMPLE(CMS_SignerInfo, sid, CMS_SignerIdentifier), 107a88cfce91374498578c44013041416c0c5b09b1eKenny Root ASN1_SIMPLE(CMS_SignerInfo, digestAlgorithm, X509_ALGOR), 108a88cfce91374498578c44013041416c0c5b09b1eKenny Root ASN1_IMP_SET_OF_OPT(CMS_SignerInfo, signedAttrs, X509_ATTRIBUTE, 0), 109a88cfce91374498578c44013041416c0c5b09b1eKenny Root ASN1_SIMPLE(CMS_SignerInfo, signatureAlgorithm, X509_ALGOR), 110a88cfce91374498578c44013041416c0c5b09b1eKenny Root ASN1_SIMPLE(CMS_SignerInfo, signature, ASN1_OCTET_STRING), 111a88cfce91374498578c44013041416c0c5b09b1eKenny Root ASN1_IMP_SET_OF_OPT(CMS_SignerInfo, unsignedAttrs, X509_ATTRIBUTE, 1) 112a88cfce91374498578c44013041416c0c5b09b1eKenny Root} ASN1_SEQUENCE_END_cb(CMS_SignerInfo, CMS_SignerInfo) 113a88cfce91374498578c44013041416c0c5b09b1eKenny Root 114a88cfce91374498578c44013041416c0c5b09b1eKenny RootASN1_SEQUENCE(CMS_OtherRevocationInfoFormat) = { 115a88cfce91374498578c44013041416c0c5b09b1eKenny Root ASN1_SIMPLE(CMS_OtherRevocationInfoFormat, otherRevInfoFormat, ASN1_OBJECT), 116a88cfce91374498578c44013041416c0c5b09b1eKenny Root ASN1_OPT(CMS_OtherRevocationInfoFormat, otherRevInfo, ASN1_ANY) 117a88cfce91374498578c44013041416c0c5b09b1eKenny Root} ASN1_SEQUENCE_END(CMS_OtherRevocationInfoFormat) 118a88cfce91374498578c44013041416c0c5b09b1eKenny Root 119a88cfce91374498578c44013041416c0c5b09b1eKenny RootASN1_CHOICE(CMS_RevocationInfoChoice) = { 120a88cfce91374498578c44013041416c0c5b09b1eKenny Root ASN1_SIMPLE(CMS_RevocationInfoChoice, d.crl, X509_CRL), 121a88cfce91374498578c44013041416c0c5b09b1eKenny Root ASN1_IMP(CMS_RevocationInfoChoice, d.other, CMS_OtherRevocationInfoFormat, 1) 122a88cfce91374498578c44013041416c0c5b09b1eKenny Root} ASN1_CHOICE_END(CMS_RevocationInfoChoice) 123a88cfce91374498578c44013041416c0c5b09b1eKenny Root 124a88cfce91374498578c44013041416c0c5b09b1eKenny RootASN1_NDEF_SEQUENCE(CMS_SignedData) = { 125a88cfce91374498578c44013041416c0c5b09b1eKenny Root ASN1_SIMPLE(CMS_SignedData, version, LONG), 126a88cfce91374498578c44013041416c0c5b09b1eKenny Root ASN1_SET_OF(CMS_SignedData, digestAlgorithms, X509_ALGOR), 127a88cfce91374498578c44013041416c0c5b09b1eKenny Root ASN1_SIMPLE(CMS_SignedData, encapContentInfo, CMS_EncapsulatedContentInfo), 128a88cfce91374498578c44013041416c0c5b09b1eKenny Root ASN1_IMP_SET_OF_OPT(CMS_SignedData, certificates, CMS_CertificateChoices, 0), 129a88cfce91374498578c44013041416c0c5b09b1eKenny Root ASN1_IMP_SET_OF_OPT(CMS_SignedData, crls, CMS_RevocationInfoChoice, 1), 130a88cfce91374498578c44013041416c0c5b09b1eKenny Root ASN1_SET_OF(CMS_SignedData, signerInfos, CMS_SignerInfo) 131a88cfce91374498578c44013041416c0c5b09b1eKenny Root} ASN1_NDEF_SEQUENCE_END(CMS_SignedData) 132a88cfce91374498578c44013041416c0c5b09b1eKenny Root 133a88cfce91374498578c44013041416c0c5b09b1eKenny RootASN1_SEQUENCE(CMS_OriginatorInfo) = { 134a88cfce91374498578c44013041416c0c5b09b1eKenny Root ASN1_IMP_SET_OF_OPT(CMS_OriginatorInfo, certificates, CMS_CertificateChoices, 0), 135a88cfce91374498578c44013041416c0c5b09b1eKenny Root ASN1_IMP_SET_OF_OPT(CMS_OriginatorInfo, crls, CMS_RevocationInfoChoice, 1) 136a88cfce91374498578c44013041416c0c5b09b1eKenny Root} ASN1_SEQUENCE_END(CMS_OriginatorInfo) 137a88cfce91374498578c44013041416c0c5b09b1eKenny Root 138a88cfce91374498578c44013041416c0c5b09b1eKenny RootASN1_NDEF_SEQUENCE(CMS_EncryptedContentInfo) = { 139a88cfce91374498578c44013041416c0c5b09b1eKenny Root ASN1_SIMPLE(CMS_EncryptedContentInfo, contentType, ASN1_OBJECT), 140a88cfce91374498578c44013041416c0c5b09b1eKenny Root ASN1_SIMPLE(CMS_EncryptedContentInfo, contentEncryptionAlgorithm, X509_ALGOR), 141a88cfce91374498578c44013041416c0c5b09b1eKenny Root ASN1_IMP_OPT(CMS_EncryptedContentInfo, encryptedContent, ASN1_OCTET_STRING_NDEF, 0) 142a88cfce91374498578c44013041416c0c5b09b1eKenny Root} ASN1_NDEF_SEQUENCE_END(CMS_EncryptedContentInfo) 143a88cfce91374498578c44013041416c0c5b09b1eKenny Root 144a88cfce91374498578c44013041416c0c5b09b1eKenny RootASN1_SEQUENCE(CMS_KeyTransRecipientInfo) = { 145a88cfce91374498578c44013041416c0c5b09b1eKenny Root ASN1_SIMPLE(CMS_KeyTransRecipientInfo, version, LONG), 146a88cfce91374498578c44013041416c0c5b09b1eKenny Root ASN1_SIMPLE(CMS_KeyTransRecipientInfo, rid, CMS_SignerIdentifier), 147a88cfce91374498578c44013041416c0c5b09b1eKenny Root ASN1_SIMPLE(CMS_KeyTransRecipientInfo, keyEncryptionAlgorithm, X509_ALGOR), 148a88cfce91374498578c44013041416c0c5b09b1eKenny Root ASN1_SIMPLE(CMS_KeyTransRecipientInfo, encryptedKey, ASN1_OCTET_STRING) 149a88cfce91374498578c44013041416c0c5b09b1eKenny Root} ASN1_SEQUENCE_END(CMS_KeyTransRecipientInfo) 150a88cfce91374498578c44013041416c0c5b09b1eKenny Root 151a88cfce91374498578c44013041416c0c5b09b1eKenny RootASN1_SEQUENCE(CMS_OtherKeyAttribute) = { 152a88cfce91374498578c44013041416c0c5b09b1eKenny Root ASN1_SIMPLE(CMS_OtherKeyAttribute, keyAttrId, ASN1_OBJECT), 153a88cfce91374498578c44013041416c0c5b09b1eKenny Root ASN1_OPT(CMS_OtherKeyAttribute, keyAttr, ASN1_ANY) 154a88cfce91374498578c44013041416c0c5b09b1eKenny Root} ASN1_SEQUENCE_END(CMS_OtherKeyAttribute) 155a88cfce91374498578c44013041416c0c5b09b1eKenny Root 156a88cfce91374498578c44013041416c0c5b09b1eKenny RootASN1_SEQUENCE(CMS_RecipientKeyIdentifier) = { 157a88cfce91374498578c44013041416c0c5b09b1eKenny Root ASN1_SIMPLE(CMS_RecipientKeyIdentifier, subjectKeyIdentifier, ASN1_OCTET_STRING), 158a88cfce91374498578c44013041416c0c5b09b1eKenny Root ASN1_OPT(CMS_RecipientKeyIdentifier, date, ASN1_GENERALIZEDTIME), 159a88cfce91374498578c44013041416c0c5b09b1eKenny Root ASN1_OPT(CMS_RecipientKeyIdentifier, other, CMS_OtherKeyAttribute) 160a88cfce91374498578c44013041416c0c5b09b1eKenny Root} ASN1_SEQUENCE_END(CMS_RecipientKeyIdentifier) 161a88cfce91374498578c44013041416c0c5b09b1eKenny Root 162a88cfce91374498578c44013041416c0c5b09b1eKenny RootASN1_CHOICE(CMS_KeyAgreeRecipientIdentifier) = { 163a88cfce91374498578c44013041416c0c5b09b1eKenny Root ASN1_SIMPLE(CMS_KeyAgreeRecipientIdentifier, d.issuerAndSerialNumber, CMS_IssuerAndSerialNumber), 164a88cfce91374498578c44013041416c0c5b09b1eKenny Root ASN1_IMP(CMS_KeyAgreeRecipientIdentifier, d.rKeyId, CMS_RecipientKeyIdentifier, 0) 165a88cfce91374498578c44013041416c0c5b09b1eKenny Root} ASN1_CHOICE_END(CMS_KeyAgreeRecipientIdentifier) 166a88cfce91374498578c44013041416c0c5b09b1eKenny Root 167a88cfce91374498578c44013041416c0c5b09b1eKenny RootASN1_SEQUENCE(CMS_RecipientEncryptedKey) = { 168a88cfce91374498578c44013041416c0c5b09b1eKenny Root ASN1_SIMPLE(CMS_RecipientEncryptedKey, rid, CMS_KeyAgreeRecipientIdentifier), 169a88cfce91374498578c44013041416c0c5b09b1eKenny Root ASN1_SIMPLE(CMS_RecipientEncryptedKey, encryptedKey, ASN1_OCTET_STRING) 170a88cfce91374498578c44013041416c0c5b09b1eKenny Root} ASN1_SEQUENCE_END(CMS_RecipientEncryptedKey) 171a88cfce91374498578c44013041416c0c5b09b1eKenny Root 172a88cfce91374498578c44013041416c0c5b09b1eKenny RootASN1_SEQUENCE(CMS_OriginatorPublicKey) = { 173a88cfce91374498578c44013041416c0c5b09b1eKenny Root ASN1_SIMPLE(CMS_OriginatorPublicKey, algorithm, X509_ALGOR), 174a88cfce91374498578c44013041416c0c5b09b1eKenny Root ASN1_SIMPLE(CMS_OriginatorPublicKey, publicKey, ASN1_BIT_STRING) 175a88cfce91374498578c44013041416c0c5b09b1eKenny Root} ASN1_SEQUENCE_END(CMS_OriginatorPublicKey) 176a88cfce91374498578c44013041416c0c5b09b1eKenny Root 177a88cfce91374498578c44013041416c0c5b09b1eKenny RootASN1_CHOICE(CMS_OriginatorIdentifierOrKey) = { 178a88cfce91374498578c44013041416c0c5b09b1eKenny Root ASN1_SIMPLE(CMS_OriginatorIdentifierOrKey, d.issuerAndSerialNumber, CMS_IssuerAndSerialNumber), 179a88cfce91374498578c44013041416c0c5b09b1eKenny Root ASN1_IMP(CMS_OriginatorIdentifierOrKey, d.subjectKeyIdentifier, ASN1_OCTET_STRING, 0), 180a88cfce91374498578c44013041416c0c5b09b1eKenny Root ASN1_IMP(CMS_OriginatorIdentifierOrKey, d.originatorKey, CMS_OriginatorPublicKey, 1) 181a88cfce91374498578c44013041416c0c5b09b1eKenny Root} ASN1_CHOICE_END(CMS_OriginatorIdentifierOrKey) 182a88cfce91374498578c44013041416c0c5b09b1eKenny Root 183a88cfce91374498578c44013041416c0c5b09b1eKenny RootASN1_SEQUENCE(CMS_KeyAgreeRecipientInfo) = { 184a88cfce91374498578c44013041416c0c5b09b1eKenny Root ASN1_SIMPLE(CMS_KeyAgreeRecipientInfo, version, LONG), 185a88cfce91374498578c44013041416c0c5b09b1eKenny Root ASN1_EXP(CMS_KeyAgreeRecipientInfo, originator, CMS_OriginatorIdentifierOrKey, 0), 186a88cfce91374498578c44013041416c0c5b09b1eKenny Root ASN1_EXP_OPT(CMS_KeyAgreeRecipientInfo, ukm, ASN1_OCTET_STRING, 1), 187a88cfce91374498578c44013041416c0c5b09b1eKenny Root ASN1_SIMPLE(CMS_KeyAgreeRecipientInfo, keyEncryptionAlgorithm, X509_ALGOR), 188a88cfce91374498578c44013041416c0c5b09b1eKenny Root ASN1_SEQUENCE_OF(CMS_KeyAgreeRecipientInfo, recipientEncryptedKeys, CMS_RecipientEncryptedKey) 189a88cfce91374498578c44013041416c0c5b09b1eKenny Root} ASN1_SEQUENCE_END(CMS_KeyAgreeRecipientInfo) 190a88cfce91374498578c44013041416c0c5b09b1eKenny Root 191a88cfce91374498578c44013041416c0c5b09b1eKenny RootASN1_SEQUENCE(CMS_KEKIdentifier) = { 192a88cfce91374498578c44013041416c0c5b09b1eKenny Root ASN1_SIMPLE(CMS_KEKIdentifier, keyIdentifier, ASN1_OCTET_STRING), 193a88cfce91374498578c44013041416c0c5b09b1eKenny Root ASN1_OPT(CMS_KEKIdentifier, date, ASN1_GENERALIZEDTIME), 194a88cfce91374498578c44013041416c0c5b09b1eKenny Root ASN1_OPT(CMS_KEKIdentifier, other, CMS_OtherKeyAttribute) 195a88cfce91374498578c44013041416c0c5b09b1eKenny Root} ASN1_SEQUENCE_END(CMS_KEKIdentifier) 196a88cfce91374498578c44013041416c0c5b09b1eKenny Root 197a88cfce91374498578c44013041416c0c5b09b1eKenny RootASN1_SEQUENCE(CMS_KEKRecipientInfo) = { 198a88cfce91374498578c44013041416c0c5b09b1eKenny Root ASN1_SIMPLE(CMS_KEKRecipientInfo, version, LONG), 199a88cfce91374498578c44013041416c0c5b09b1eKenny Root ASN1_SIMPLE(CMS_KEKRecipientInfo, kekid, CMS_KEKIdentifier), 200a88cfce91374498578c44013041416c0c5b09b1eKenny Root ASN1_SIMPLE(CMS_KEKRecipientInfo, keyEncryptionAlgorithm, X509_ALGOR), 201a88cfce91374498578c44013041416c0c5b09b1eKenny Root ASN1_SIMPLE(CMS_KEKRecipientInfo, encryptedKey, ASN1_OCTET_STRING) 202a88cfce91374498578c44013041416c0c5b09b1eKenny Root} ASN1_SEQUENCE_END(CMS_KEKRecipientInfo) 203a88cfce91374498578c44013041416c0c5b09b1eKenny Root 204a88cfce91374498578c44013041416c0c5b09b1eKenny RootASN1_SEQUENCE(CMS_PasswordRecipientInfo) = { 205a88cfce91374498578c44013041416c0c5b09b1eKenny Root ASN1_SIMPLE(CMS_PasswordRecipientInfo, version, LONG), 206a88cfce91374498578c44013041416c0c5b09b1eKenny Root ASN1_IMP_OPT(CMS_PasswordRecipientInfo, keyDerivationAlgorithm, X509_ALGOR, 0), 207a88cfce91374498578c44013041416c0c5b09b1eKenny Root ASN1_SIMPLE(CMS_PasswordRecipientInfo, keyEncryptionAlgorithm, X509_ALGOR), 208a88cfce91374498578c44013041416c0c5b09b1eKenny Root ASN1_SIMPLE(CMS_PasswordRecipientInfo, encryptedKey, ASN1_OCTET_STRING) 209a88cfce91374498578c44013041416c0c5b09b1eKenny Root} ASN1_SEQUENCE_END(CMS_PasswordRecipientInfo) 210a88cfce91374498578c44013041416c0c5b09b1eKenny Root 211a88cfce91374498578c44013041416c0c5b09b1eKenny RootASN1_SEQUENCE(CMS_OtherRecipientInfo) = { 212a88cfce91374498578c44013041416c0c5b09b1eKenny Root ASN1_SIMPLE(CMS_OtherRecipientInfo, oriType, ASN1_OBJECT), 213a88cfce91374498578c44013041416c0c5b09b1eKenny Root ASN1_OPT(CMS_OtherRecipientInfo, oriValue, ASN1_ANY) 214a88cfce91374498578c44013041416c0c5b09b1eKenny Root} ASN1_SEQUENCE_END(CMS_OtherRecipientInfo) 215a88cfce91374498578c44013041416c0c5b09b1eKenny Root 216a88cfce91374498578c44013041416c0c5b09b1eKenny Root/* Free up RecipientInfo additional data */ 217a88cfce91374498578c44013041416c0c5b09b1eKenny Rootstatic int cms_ri_cb(int operation, ASN1_VALUE **pval, const ASN1_ITEM *it, 218a88cfce91374498578c44013041416c0c5b09b1eKenny Root void *exarg) 219a88cfce91374498578c44013041416c0c5b09b1eKenny Root { 220a88cfce91374498578c44013041416c0c5b09b1eKenny Root if(operation == ASN1_OP_FREE_PRE) 221a88cfce91374498578c44013041416c0c5b09b1eKenny Root { 222a88cfce91374498578c44013041416c0c5b09b1eKenny Root CMS_RecipientInfo *ri = (CMS_RecipientInfo *)*pval; 223a88cfce91374498578c44013041416c0c5b09b1eKenny Root if (ri->type == CMS_RECIPINFO_TRANS) 224a88cfce91374498578c44013041416c0c5b09b1eKenny Root { 225a88cfce91374498578c44013041416c0c5b09b1eKenny Root CMS_KeyTransRecipientInfo *ktri = ri->d.ktri; 226a88cfce91374498578c44013041416c0c5b09b1eKenny Root if (ktri->pkey) 227a88cfce91374498578c44013041416c0c5b09b1eKenny Root EVP_PKEY_free(ktri->pkey); 228a88cfce91374498578c44013041416c0c5b09b1eKenny Root if (ktri->recip) 229a88cfce91374498578c44013041416c0c5b09b1eKenny Root X509_free(ktri->recip); 230a88cfce91374498578c44013041416c0c5b09b1eKenny Root } 231a88cfce91374498578c44013041416c0c5b09b1eKenny Root else if (ri->type == CMS_RECIPINFO_KEK) 232a88cfce91374498578c44013041416c0c5b09b1eKenny Root { 233a88cfce91374498578c44013041416c0c5b09b1eKenny Root CMS_KEKRecipientInfo *kekri = ri->d.kekri; 234a88cfce91374498578c44013041416c0c5b09b1eKenny Root if (kekri->key) 235a88cfce91374498578c44013041416c0c5b09b1eKenny Root { 236a88cfce91374498578c44013041416c0c5b09b1eKenny Root OPENSSL_cleanse(kekri->key, kekri->keylen); 237a88cfce91374498578c44013041416c0c5b09b1eKenny Root OPENSSL_free(kekri->key); 238a88cfce91374498578c44013041416c0c5b09b1eKenny Root } 239a88cfce91374498578c44013041416c0c5b09b1eKenny Root } 240a88cfce91374498578c44013041416c0c5b09b1eKenny Root else if (ri->type == CMS_RECIPINFO_PASS) 241a88cfce91374498578c44013041416c0c5b09b1eKenny Root { 242a88cfce91374498578c44013041416c0c5b09b1eKenny Root CMS_PasswordRecipientInfo *pwri = ri->d.pwri; 243a88cfce91374498578c44013041416c0c5b09b1eKenny Root if (pwri->pass) 244a88cfce91374498578c44013041416c0c5b09b1eKenny Root { 245a88cfce91374498578c44013041416c0c5b09b1eKenny Root OPENSSL_cleanse(pwri->pass, pwri->passlen); 246a88cfce91374498578c44013041416c0c5b09b1eKenny Root OPENSSL_free(pwri->pass); 247a88cfce91374498578c44013041416c0c5b09b1eKenny Root } 248a88cfce91374498578c44013041416c0c5b09b1eKenny Root } 249a88cfce91374498578c44013041416c0c5b09b1eKenny Root } 250a88cfce91374498578c44013041416c0c5b09b1eKenny Root return 1; 251a88cfce91374498578c44013041416c0c5b09b1eKenny Root } 252a88cfce91374498578c44013041416c0c5b09b1eKenny Root 253a88cfce91374498578c44013041416c0c5b09b1eKenny RootASN1_CHOICE_cb(CMS_RecipientInfo, cms_ri_cb) = { 254a88cfce91374498578c44013041416c0c5b09b1eKenny Root ASN1_SIMPLE(CMS_RecipientInfo, d.ktri, CMS_KeyTransRecipientInfo), 255a88cfce91374498578c44013041416c0c5b09b1eKenny Root ASN1_IMP(CMS_RecipientInfo, d.kari, CMS_KeyAgreeRecipientInfo, 1), 256a88cfce91374498578c44013041416c0c5b09b1eKenny Root ASN1_IMP(CMS_RecipientInfo, d.kekri, CMS_KEKRecipientInfo, 2), 257a88cfce91374498578c44013041416c0c5b09b1eKenny Root ASN1_IMP(CMS_RecipientInfo, d.pwri, CMS_PasswordRecipientInfo, 3), 258a88cfce91374498578c44013041416c0c5b09b1eKenny Root ASN1_IMP(CMS_RecipientInfo, d.ori, CMS_OtherRecipientInfo, 4) 259a88cfce91374498578c44013041416c0c5b09b1eKenny Root} ASN1_CHOICE_END_cb(CMS_RecipientInfo, CMS_RecipientInfo, type) 260a88cfce91374498578c44013041416c0c5b09b1eKenny Root 261a88cfce91374498578c44013041416c0c5b09b1eKenny RootASN1_NDEF_SEQUENCE(CMS_EnvelopedData) = { 262a88cfce91374498578c44013041416c0c5b09b1eKenny Root ASN1_SIMPLE(CMS_EnvelopedData, version, LONG), 263a88cfce91374498578c44013041416c0c5b09b1eKenny Root ASN1_IMP_OPT(CMS_EnvelopedData, originatorInfo, CMS_OriginatorInfo, 0), 264a88cfce91374498578c44013041416c0c5b09b1eKenny Root ASN1_SET_OF(CMS_EnvelopedData, recipientInfos, CMS_RecipientInfo), 265a88cfce91374498578c44013041416c0c5b09b1eKenny Root ASN1_SIMPLE(CMS_EnvelopedData, encryptedContentInfo, CMS_EncryptedContentInfo), 266a88cfce91374498578c44013041416c0c5b09b1eKenny Root ASN1_IMP_SET_OF_OPT(CMS_EnvelopedData, unprotectedAttrs, X509_ATTRIBUTE, 1) 267a88cfce91374498578c44013041416c0c5b09b1eKenny Root} ASN1_NDEF_SEQUENCE_END(CMS_EnvelopedData) 268a88cfce91374498578c44013041416c0c5b09b1eKenny Root 269a88cfce91374498578c44013041416c0c5b09b1eKenny RootASN1_NDEF_SEQUENCE(CMS_DigestedData) = { 270a88cfce91374498578c44013041416c0c5b09b1eKenny Root ASN1_SIMPLE(CMS_DigestedData, version, LONG), 271a88cfce91374498578c44013041416c0c5b09b1eKenny Root ASN1_SIMPLE(CMS_DigestedData, digestAlgorithm, X509_ALGOR), 272a88cfce91374498578c44013041416c0c5b09b1eKenny Root ASN1_SIMPLE(CMS_DigestedData, encapContentInfo, CMS_EncapsulatedContentInfo), 273a88cfce91374498578c44013041416c0c5b09b1eKenny Root ASN1_SIMPLE(CMS_DigestedData, digest, ASN1_OCTET_STRING) 274a88cfce91374498578c44013041416c0c5b09b1eKenny Root} ASN1_NDEF_SEQUENCE_END(CMS_DigestedData) 275a88cfce91374498578c44013041416c0c5b09b1eKenny Root 276a88cfce91374498578c44013041416c0c5b09b1eKenny RootASN1_NDEF_SEQUENCE(CMS_EncryptedData) = { 277a88cfce91374498578c44013041416c0c5b09b1eKenny Root ASN1_SIMPLE(CMS_EncryptedData, version, LONG), 278a88cfce91374498578c44013041416c0c5b09b1eKenny Root ASN1_SIMPLE(CMS_EncryptedData, encryptedContentInfo, CMS_EncryptedContentInfo), 279a88cfce91374498578c44013041416c0c5b09b1eKenny Root ASN1_IMP_SET_OF_OPT(CMS_EncryptedData, unprotectedAttrs, X509_ATTRIBUTE, 1) 280a88cfce91374498578c44013041416c0c5b09b1eKenny Root} ASN1_NDEF_SEQUENCE_END(CMS_EncryptedData) 281a88cfce91374498578c44013041416c0c5b09b1eKenny Root 282a88cfce91374498578c44013041416c0c5b09b1eKenny RootASN1_NDEF_SEQUENCE(CMS_AuthenticatedData) = { 283a88cfce91374498578c44013041416c0c5b09b1eKenny Root ASN1_SIMPLE(CMS_AuthenticatedData, version, LONG), 284a88cfce91374498578c44013041416c0c5b09b1eKenny Root ASN1_IMP_OPT(CMS_AuthenticatedData, originatorInfo, CMS_OriginatorInfo, 0), 285a88cfce91374498578c44013041416c0c5b09b1eKenny Root ASN1_SET_OF(CMS_AuthenticatedData, recipientInfos, CMS_RecipientInfo), 286a88cfce91374498578c44013041416c0c5b09b1eKenny Root ASN1_SIMPLE(CMS_AuthenticatedData, macAlgorithm, X509_ALGOR), 287a88cfce91374498578c44013041416c0c5b09b1eKenny Root ASN1_IMP(CMS_AuthenticatedData, digestAlgorithm, X509_ALGOR, 1), 288a88cfce91374498578c44013041416c0c5b09b1eKenny Root ASN1_SIMPLE(CMS_AuthenticatedData, encapContentInfo, CMS_EncapsulatedContentInfo), 289a88cfce91374498578c44013041416c0c5b09b1eKenny Root ASN1_IMP_SET_OF_OPT(CMS_AuthenticatedData, authAttrs, X509_ALGOR, 2), 290a88cfce91374498578c44013041416c0c5b09b1eKenny Root ASN1_SIMPLE(CMS_AuthenticatedData, mac, ASN1_OCTET_STRING), 291a88cfce91374498578c44013041416c0c5b09b1eKenny Root ASN1_IMP_SET_OF_OPT(CMS_AuthenticatedData, unauthAttrs, X509_ALGOR, 3) 292a88cfce91374498578c44013041416c0c5b09b1eKenny Root} ASN1_NDEF_SEQUENCE_END(CMS_AuthenticatedData) 293a88cfce91374498578c44013041416c0c5b09b1eKenny Root 294a88cfce91374498578c44013041416c0c5b09b1eKenny RootASN1_NDEF_SEQUENCE(CMS_CompressedData) = { 295a88cfce91374498578c44013041416c0c5b09b1eKenny Root ASN1_SIMPLE(CMS_CompressedData, version, LONG), 296a88cfce91374498578c44013041416c0c5b09b1eKenny Root ASN1_SIMPLE(CMS_CompressedData, compressionAlgorithm, X509_ALGOR), 297a88cfce91374498578c44013041416c0c5b09b1eKenny Root ASN1_SIMPLE(CMS_CompressedData, encapContentInfo, CMS_EncapsulatedContentInfo), 298a88cfce91374498578c44013041416c0c5b09b1eKenny Root} ASN1_NDEF_SEQUENCE_END(CMS_CompressedData) 299a88cfce91374498578c44013041416c0c5b09b1eKenny Root 300a88cfce91374498578c44013041416c0c5b09b1eKenny Root/* This is the ANY DEFINED BY table for the top level ContentInfo structure */ 301a88cfce91374498578c44013041416c0c5b09b1eKenny Root 302a88cfce91374498578c44013041416c0c5b09b1eKenny RootASN1_ADB_TEMPLATE(cms_default) = ASN1_EXP(CMS_ContentInfo, d.other, ASN1_ANY, 0); 303a88cfce91374498578c44013041416c0c5b09b1eKenny Root 304a88cfce91374498578c44013041416c0c5b09b1eKenny RootASN1_ADB(CMS_ContentInfo) = { 305a88cfce91374498578c44013041416c0c5b09b1eKenny Root ADB_ENTRY(NID_pkcs7_data, ASN1_NDEF_EXP(CMS_ContentInfo, d.data, ASN1_OCTET_STRING_NDEF, 0)), 306a88cfce91374498578c44013041416c0c5b09b1eKenny Root ADB_ENTRY(NID_pkcs7_signed, ASN1_NDEF_EXP(CMS_ContentInfo, d.signedData, CMS_SignedData, 0)), 307a88cfce91374498578c44013041416c0c5b09b1eKenny Root ADB_ENTRY(NID_pkcs7_enveloped, ASN1_NDEF_EXP(CMS_ContentInfo, d.envelopedData, CMS_EnvelopedData, 0)), 308a88cfce91374498578c44013041416c0c5b09b1eKenny Root ADB_ENTRY(NID_pkcs7_digest, ASN1_NDEF_EXP(CMS_ContentInfo, d.digestedData, CMS_DigestedData, 0)), 309a88cfce91374498578c44013041416c0c5b09b1eKenny Root ADB_ENTRY(NID_pkcs7_encrypted, ASN1_NDEF_EXP(CMS_ContentInfo, d.encryptedData, CMS_EncryptedData, 0)), 310a88cfce91374498578c44013041416c0c5b09b1eKenny Root ADB_ENTRY(NID_id_smime_ct_authData, ASN1_NDEF_EXP(CMS_ContentInfo, d.authenticatedData, CMS_AuthenticatedData, 0)), 311a88cfce91374498578c44013041416c0c5b09b1eKenny Root ADB_ENTRY(NID_id_smime_ct_compressedData, ASN1_NDEF_EXP(CMS_ContentInfo, d.compressedData, CMS_CompressedData, 0)), 312a88cfce91374498578c44013041416c0c5b09b1eKenny Root} ASN1_ADB_END(CMS_ContentInfo, 0, contentType, 0, &cms_default_tt, NULL); 313a88cfce91374498578c44013041416c0c5b09b1eKenny Root 314a88cfce91374498578c44013041416c0c5b09b1eKenny Root/* CMS streaming support */ 315a88cfce91374498578c44013041416c0c5b09b1eKenny Rootstatic int cms_cb(int operation, ASN1_VALUE **pval, const ASN1_ITEM *it, 316a88cfce91374498578c44013041416c0c5b09b1eKenny Root void *exarg) 317a88cfce91374498578c44013041416c0c5b09b1eKenny Root { 318a88cfce91374498578c44013041416c0c5b09b1eKenny Root ASN1_STREAM_ARG *sarg = exarg; 319a88cfce91374498578c44013041416c0c5b09b1eKenny Root CMS_ContentInfo *cms = NULL; 320a88cfce91374498578c44013041416c0c5b09b1eKenny Root if (pval) 321a88cfce91374498578c44013041416c0c5b09b1eKenny Root cms = (CMS_ContentInfo *)*pval; 322a88cfce91374498578c44013041416c0c5b09b1eKenny Root else 323a88cfce91374498578c44013041416c0c5b09b1eKenny Root return 1; 324a88cfce91374498578c44013041416c0c5b09b1eKenny Root switch(operation) 325a88cfce91374498578c44013041416c0c5b09b1eKenny Root { 326a88cfce91374498578c44013041416c0c5b09b1eKenny Root 327a88cfce91374498578c44013041416c0c5b09b1eKenny Root case ASN1_OP_STREAM_PRE: 328a88cfce91374498578c44013041416c0c5b09b1eKenny Root if (CMS_stream(&sarg->boundary, cms) <= 0) 329a88cfce91374498578c44013041416c0c5b09b1eKenny Root return 0; 330a88cfce91374498578c44013041416c0c5b09b1eKenny Root case ASN1_OP_DETACHED_PRE: 331a88cfce91374498578c44013041416c0c5b09b1eKenny Root sarg->ndef_bio = CMS_dataInit(cms, sarg->out); 332a88cfce91374498578c44013041416c0c5b09b1eKenny Root if (!sarg->ndef_bio) 333a88cfce91374498578c44013041416c0c5b09b1eKenny Root return 0; 334a88cfce91374498578c44013041416c0c5b09b1eKenny Root break; 335a88cfce91374498578c44013041416c0c5b09b1eKenny Root 336a88cfce91374498578c44013041416c0c5b09b1eKenny Root case ASN1_OP_STREAM_POST: 337a88cfce91374498578c44013041416c0c5b09b1eKenny Root case ASN1_OP_DETACHED_POST: 338a88cfce91374498578c44013041416c0c5b09b1eKenny Root if (CMS_dataFinal(cms, sarg->ndef_bio) <= 0) 339a88cfce91374498578c44013041416c0c5b09b1eKenny Root return 0; 340a88cfce91374498578c44013041416c0c5b09b1eKenny Root break; 341a88cfce91374498578c44013041416c0c5b09b1eKenny Root 342a88cfce91374498578c44013041416c0c5b09b1eKenny Root } 343a88cfce91374498578c44013041416c0c5b09b1eKenny Root return 1; 344a88cfce91374498578c44013041416c0c5b09b1eKenny Root } 345a88cfce91374498578c44013041416c0c5b09b1eKenny Root 346a88cfce91374498578c44013041416c0c5b09b1eKenny RootASN1_NDEF_SEQUENCE_cb(CMS_ContentInfo, cms_cb) = { 347a88cfce91374498578c44013041416c0c5b09b1eKenny Root ASN1_SIMPLE(CMS_ContentInfo, contentType, ASN1_OBJECT), 348a88cfce91374498578c44013041416c0c5b09b1eKenny Root ASN1_ADB_OBJECT(CMS_ContentInfo) 349a88cfce91374498578c44013041416c0c5b09b1eKenny Root} ASN1_NDEF_SEQUENCE_END_cb(CMS_ContentInfo, CMS_ContentInfo) 350a88cfce91374498578c44013041416c0c5b09b1eKenny Root 351a88cfce91374498578c44013041416c0c5b09b1eKenny Root/* Specials for signed attributes */ 352a88cfce91374498578c44013041416c0c5b09b1eKenny Root 353a88cfce91374498578c44013041416c0c5b09b1eKenny Root/* When signing attributes we want to reorder them to match the sorted 354a88cfce91374498578c44013041416c0c5b09b1eKenny Root * encoding. 355a88cfce91374498578c44013041416c0c5b09b1eKenny Root */ 356a88cfce91374498578c44013041416c0c5b09b1eKenny Root 357a88cfce91374498578c44013041416c0c5b09b1eKenny RootASN1_ITEM_TEMPLATE(CMS_Attributes_Sign) = 358a88cfce91374498578c44013041416c0c5b09b1eKenny Root ASN1_EX_TEMPLATE_TYPE(ASN1_TFLG_SET_ORDER, 0, CMS_ATTRIBUTES, X509_ATTRIBUTE) 359a88cfce91374498578c44013041416c0c5b09b1eKenny RootASN1_ITEM_TEMPLATE_END(CMS_Attributes_Sign) 360a88cfce91374498578c44013041416c0c5b09b1eKenny Root 361a88cfce91374498578c44013041416c0c5b09b1eKenny Root/* When verifying attributes we need to use the received order. So 362a88cfce91374498578c44013041416c0c5b09b1eKenny Root * we use SEQUENCE OF and tag it to SET OF 363a88cfce91374498578c44013041416c0c5b09b1eKenny Root */ 364a88cfce91374498578c44013041416c0c5b09b1eKenny Root 365a88cfce91374498578c44013041416c0c5b09b1eKenny RootASN1_ITEM_TEMPLATE(CMS_Attributes_Verify) = 366a88cfce91374498578c44013041416c0c5b09b1eKenny Root ASN1_EX_TEMPLATE_TYPE(ASN1_TFLG_SEQUENCE_OF | ASN1_TFLG_IMPTAG | ASN1_TFLG_UNIVERSAL, 367a88cfce91374498578c44013041416c0c5b09b1eKenny Root V_ASN1_SET, CMS_ATTRIBUTES, X509_ATTRIBUTE) 368a88cfce91374498578c44013041416c0c5b09b1eKenny RootASN1_ITEM_TEMPLATE_END(CMS_Attributes_Verify) 369a88cfce91374498578c44013041416c0c5b09b1eKenny Root 370a88cfce91374498578c44013041416c0c5b09b1eKenny Root 371a88cfce91374498578c44013041416c0c5b09b1eKenny Root 372a88cfce91374498578c44013041416c0c5b09b1eKenny RootASN1_CHOICE(CMS_ReceiptsFrom) = { 373a88cfce91374498578c44013041416c0c5b09b1eKenny Root ASN1_IMP(CMS_ReceiptsFrom, d.allOrFirstTier, LONG, 0), 374a88cfce91374498578c44013041416c0c5b09b1eKenny Root ASN1_IMP_SEQUENCE_OF(CMS_ReceiptsFrom, d.receiptList, GENERAL_NAMES, 1) 375a88cfce91374498578c44013041416c0c5b09b1eKenny Root} ASN1_CHOICE_END(CMS_ReceiptsFrom) 376a88cfce91374498578c44013041416c0c5b09b1eKenny Root 377a88cfce91374498578c44013041416c0c5b09b1eKenny RootASN1_SEQUENCE(CMS_ReceiptRequest) = { 378a88cfce91374498578c44013041416c0c5b09b1eKenny Root ASN1_SIMPLE(CMS_ReceiptRequest, signedContentIdentifier, ASN1_OCTET_STRING), 379a88cfce91374498578c44013041416c0c5b09b1eKenny Root ASN1_SIMPLE(CMS_ReceiptRequest, receiptsFrom, CMS_ReceiptsFrom), 380a88cfce91374498578c44013041416c0c5b09b1eKenny Root ASN1_SEQUENCE_OF(CMS_ReceiptRequest, receiptsTo, GENERAL_NAMES) 381a88cfce91374498578c44013041416c0c5b09b1eKenny Root} ASN1_SEQUENCE_END(CMS_ReceiptRequest) 382a88cfce91374498578c44013041416c0c5b09b1eKenny Root 383a88cfce91374498578c44013041416c0c5b09b1eKenny RootASN1_SEQUENCE(CMS_Receipt) = { 384a88cfce91374498578c44013041416c0c5b09b1eKenny Root ASN1_SIMPLE(CMS_Receipt, version, LONG), 385a88cfce91374498578c44013041416c0c5b09b1eKenny Root ASN1_SIMPLE(CMS_Receipt, contentType, ASN1_OBJECT), 386a88cfce91374498578c44013041416c0c5b09b1eKenny Root ASN1_SIMPLE(CMS_Receipt, signedContentIdentifier, ASN1_OCTET_STRING), 387a88cfce91374498578c44013041416c0c5b09b1eKenny Root ASN1_SIMPLE(CMS_Receipt, originatorSignatureValue, ASN1_OCTET_STRING) 388a88cfce91374498578c44013041416c0c5b09b1eKenny Root} ASN1_SEQUENCE_END(CMS_Receipt) 389a88cfce91374498578c44013041416c0c5b09b1eKenny Root 390