diff options
| author | Dmitry Belyavskiy <beldmit@gmail.com> | 2020-01-20 16:17:44 +0100 |
|---|---|---|
| committer | Dmitry Belyavskiy <beldmit@gmail.com> | 2020-03-03 14:34:40 +0100 |
| commit | 71434aed0de274abe8f10768c4dd11a5b3b387e4 (patch) | |
| tree | 3603b2e31c1b29a09990d028b0d9390b7a5a9fa5 /include | |
| parent | doc: document that 'openssl rand' is cryptographically secure (diff) | |
| download | openssl-71434aed0de274abe8f10768c4dd11a5b3b387e4.tar.xz openssl-71434aed0de274abe8f10768c4dd11a5b3b387e4.zip | |
Implementation of Russian GOST CMS
Reviewed-by: Shane Lontis <shane.lontis@oracle.com>
Reviewed-by: Paul Dale <paul.dale@oracle.com>
(Merged from https://github.com/openssl/openssl/pull/10904)
Diffstat (limited to 'include')
| -rw-r--r-- | include/openssl/cms.h | 5 | ||||
| -rw-r--r-- | include/openssl/cmserr.h | 6 | ||||
| -rw-r--r-- | include/openssl/evp.h | 9 |
3 files changed, 19 insertions, 1 deletions
diff --git a/include/openssl/cms.h b/include/openssl/cms.h index 1d502fa457..5f66e6df4b 100644 --- a/include/openssl/cms.h +++ b/include/openssl/cms.h @@ -80,6 +80,7 @@ DECLARE_ASN1_PRINT_FUNCTION(CMS_ContentInfo) # define CMS_KEY_PARAM 0x40000 # define CMS_ASCIICRLF 0x80000 # define CMS_CADES 0x100000 +# define CMS_USE_ORIGINATOR_KEYID 0x200000 const ASN1_OBJECT *CMS_get0_type(const CMS_ContentInfo *cms); @@ -150,6 +151,7 @@ int CMS_decrypt(CMS_ContentInfo *cms, EVP_PKEY *pkey, X509 *cert, BIO *dcont, BIO *out, unsigned int flags); int CMS_decrypt_set1_pkey(CMS_ContentInfo *cms, EVP_PKEY *pk, X509 *cert); +int CMS_decrypt_set1_pkey_and_peer(CMS_ContentInfo *cms, EVP_PKEY *pk, X509 *cert, X509 *peer); int CMS_decrypt_set1_key(CMS_ContentInfo *cms, unsigned char *key, size_t keylen, const unsigned char *id, size_t idlen); @@ -162,6 +164,8 @@ EVP_PKEY_CTX *CMS_RecipientInfo_get0_pkey_ctx(CMS_RecipientInfo *ri); CMS_ContentInfo *CMS_EnvelopedData_create(const EVP_CIPHER *cipher); CMS_RecipientInfo *CMS_add1_recipient_cert(CMS_ContentInfo *cms, X509 *recip, unsigned int flags); +CMS_RecipientInfo *CMS_add1_recipient(CMS_ContentInfo *cms, X509 *recip, + EVP_PKEY *originatorPrivKey, X509 * originator, unsigned int flags); int CMS_RecipientInfo_set0_pkey(CMS_RecipientInfo *ri, EVP_PKEY *pkey); int CMS_RecipientInfo_ktri_cert_cmp(CMS_RecipientInfo *ri, X509 *cert); int CMS_RecipientInfo_ktri_get0_algs(CMS_RecipientInfo *ri, @@ -326,6 +330,7 @@ int CMS_RecipientEncryptedKey_get0_id(CMS_RecipientEncryptedKey *rek, int CMS_RecipientEncryptedKey_cert_cmp(CMS_RecipientEncryptedKey *rek, X509 *cert); int CMS_RecipientInfo_kari_set0_pkey(CMS_RecipientInfo *ri, EVP_PKEY *pk); +int CMS_RecipientInfo_kari_set0_pkey_and_peer(CMS_RecipientInfo *ri, EVP_PKEY *pk, X509 *peer); EVP_CIPHER_CTX *CMS_RecipientInfo_kari_get0_ctx(CMS_RecipientInfo *ri); int CMS_RecipientInfo_kari_decrypt(CMS_ContentInfo *cms, CMS_RecipientInfo *ri, diff --git a/include/openssl/cmserr.h b/include/openssl/cmserr.h index 10e0fd6ae8..494ae6191a 100644 --- a/include/openssl/cmserr.h +++ b/include/openssl/cmserr.h @@ -1,6 +1,6 @@ /* * Generated by util/mkerr.pl DO NOT EDIT - * Copyright 1995-2019 The OpenSSL Project Authors. All Rights Reserved. + * Copyright 1995-2020 The OpenSSL Project Authors. All Rights Reserved. * * Licensed under the Apache License 2.0 (the "License"). You may not use * this file except in compliance with the License. You can obtain a copy @@ -39,6 +39,7 @@ int ERR_load_CMS_strings(void); # define CMS_F_CMS_ADD0_RECIPIENT_KEY 0 # define CMS_F_CMS_ADD0_RECIPIENT_PASSWORD 0 # define CMS_F_CMS_ADD1_RECEIPTREQUEST 0 +# define CMS_F_CMS_ADD1_RECIPIENT 0 # define CMS_F_CMS_ADD1_RECIPIENT_CERT 0 # define CMS_F_CMS_ADD1_SIGNER 0 # define CMS_F_CMS_ADD1_SIGNINGTIME 0 @@ -56,6 +57,7 @@ int ERR_load_CMS_strings(void); # define CMS_F_CMS_DECRYPT_SET1_KEY 0 # define CMS_F_CMS_DECRYPT_SET1_PASSWORD 0 # define CMS_F_CMS_DECRYPT_SET1_PKEY 0 +# define CMS_F_CMS_DECRYPT_SET1_PKEY_AND_PEER 0 # define CMS_F_CMS_DIGESTALGORITHM_FIND_CTX 0 # define CMS_F_CMS_DIGESTALGORITHM_INIT_BIO 0 # define CMS_F_CMS_DIGESTEDDATA_DO_FINAL 0 @@ -68,6 +70,8 @@ int ERR_load_CMS_strings(void); # define CMS_F_CMS_ENCRYPTEDDATA_ENCRYPT 0 # define CMS_F_CMS_ENCRYPTEDDATA_SET1_KEY 0 # define CMS_F_CMS_ENVELOPEDDATA_CREATE 0 +# define CMS_F_CMS_ENVELOPEDDATA_ENCRYPTION_INIT_BIO 0 +# define CMS_F_CMS_ENVELOPEDDATA_FINAL 0 # define CMS_F_CMS_ENVELOPEDDATA_INIT_BIO 0 # define CMS_F_CMS_ENVELOPED_DATA_INIT 0 # define CMS_F_CMS_ENV_ASN1_CTRL 0 diff --git a/include/openssl/evp.h b/include/openssl/evp.h index 7aa56b3e93..202675cc70 100644 --- a/include/openssl/evp.h +++ b/include/openssl/evp.h @@ -294,6 +294,10 @@ int (*EVP_CIPHER_meth_get_ctrl(const EVP_CIPHER *cipher))(EVP_CIPHER_CTX *, # define EVP_CIPH_FLAG_PIPELINE 0X800000 /* For provider implementations that handle ASN1 get/set param themselves */ # define EVP_CIPH_FLAG_CUSTOM_ASN1 0x1000000 +/* For ciphers generating unprotected CMS attributes */ +# define EVP_CIPH_FLAG_CIPHER_WITH_MAC 0x2000000 +/* For supplementary wrap cipher support */ +# define EVP_CIPH_FLAG_GET_WRAP_CIPHER 0x4000000 /* * Cipher context flag to indicate we can handle wrap mode: if allowed in @@ -372,6 +376,10 @@ int (*EVP_CIPHER_meth_get_ctrl(const EVP_CIPHER *cipher))(EVP_CIPHER_CTX *, # define EVP_CTRL_GET_IV 0x26 /* Tell the cipher it's doing a speed test (SIV disallows multiple ops) */ # define EVP_CTRL_SET_SPEED 0x27 +/* Get the unprotectedAttrs from cipher ctx */ +# define EVP_CTRL_PROCESS_UNPROTECTED 0x28 +/* Get the supplementary wrap cipher */ +#define EVP_CTRL_GET_WRAP_CIPHER 0x29 /* Padding modes */ #define EVP_PADDING_PKCS7 1 @@ -1259,6 +1267,7 @@ int EVP_PBE_get(int *ptype, int *ppbe_nid, size_t num); # define ASN1_PKEY_CTRL_SET1_TLS_ENCPT 0x9 # define ASN1_PKEY_CTRL_GET1_TLS_ENCPT 0xa # define ASN1_PKEY_CTRL_SUPPORTS_MD_NID 0xb +# define ASN1_PKEY_CTRL_CMS_IS_RI_TYPE_SUPPORTED 0xc int EVP_PKEY_asn1_get_count(void); const EVP_PKEY_ASN1_METHOD *EVP_PKEY_asn1_get0(int idx); |