Source code of Windows XP (NT5)
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
 
 
 
 
 
 

615 lines
16 KiB

//+-------------------------------------------------------------------------
//
// Microsoft Windows
//
// Copyright (C) Microsoft Corporation, 1996 - 1999
//
// File: crmsgp.h
//
// Contents: Private Header for Cryptographic Message APIs
//
// History: 12-Dec-96 kevinr created
//
//--------------------------------------------------------------------------
#ifndef __WINCRMSG_P_INCLUDED__
#define __WINCRMSG_P_INCLUDED__
#if DBG
#define STATIC
#else
#define STATIC static
#endif
#ifndef OSS_CRYPT_ASN1
#define parameters_present AlgorithmIdentifier_parameters_present
#define unauthAttributes_present SignerInfo_unauthAttributes_present
#define certificates_present SignedData_certificates_present
#define crls_present SignedData_crls_present
#define date_present RecipientKeyIdentifier_date_present
#define other_present RecipientKeyIdentifier_other_present
#define content_present ContentInfo_content_present
#define authAttributes_present SignerInfoWithBlobs_authAttributes_present
#define issuerAndSerialNumber_chosen CertIdentifier_issuerAndSerialNumber_chosen
#define subjectKeyIdentifier_chosen CertIdentifier_subjectKeyIdentifier_chosen
#endif // OSS_CRYPT_ASN1
#define INFO_LEN_ALIGN(Len) ((Len + 7) & ~7)
#define STRUCT_CBSIZE(StructName, FieldName) \
(offsetof(StructName, FieldName) + sizeof(((StructName *) 0)->FieldName))
#define ICM_TAG_NULL 0x00
#define ICM_TAG_CONSTRUCTED 0x20
#define ICM_TAG_SEQ 0x30
#define ICM_TAG_SET 0x31
#define ICM_TAG_OCTETSTRING 0x04
#define ICM_TAG_NULL_OCTETS 0x05
#define ICM_TAG_CONTEXT_0 0x80
#define ICM_TAG_CONTEXT_1 0x81
#define ICM_TAG_CONSTRUCTED_CONTEXT_0 (ICM_TAG_CONSTRUCTED | ICM_TAG_CONTEXT_0)
#define ICM_TAG_CONSTRUCTED_CONTEXT_1 (ICM_TAG_CONSTRUCTED | ICM_TAG_CONTEXT_1)
#define ICM_LENGTH_INDEFINITE 0x80
// Streaming flags
#define ICMS_QUEUE_OUTPUT_FLAG 0x80000000
typedef struct _SIMPLEBLOBHEADER {
ALG_ID aiEncAlg;
} SIMPLEBLOBHEADER, *PSIMPLEBLOBHEADER;
#define SIZE_OSS_OID 16
extern ObjectID aoidMessages[];
extern const CRYPT_OBJID_TABLE aotSign[];
extern const DWORD COUNTOF_aotSign;
extern const LPSTR apszObjIdPKCS7[];
extern const DWORD COUNTOF_apszObjIdPKCS7;
extern const CRYPT_OBJID_TABLE aotContentEncryption[];
extern const DWORD COUNTOF_aotContentEncryption;
extern const LPSTR pszObjIdDataType;
extern const LPSTR pszObjIdContentType;
extern const LPSTR pszObjIdMessageDigest;
#define INVALID_ENCODING_SIZE (0xFFFFFFFE)
#define ZEROSTRUCT(arg) (memset( &arg, 0, sizeof(arg)))
typedef struct _ICM_BUFFER {
PBYTE pbData;
DWORD cbSize;
DWORD cbUsed;
DWORD cbDead;
} ICM_BUFFER, *PICM_BUFFER;
#define ICM_BUFFER_SIZE_INCR 1024
void *
WINAPI
ICM_Alloc(
IN size_t cbBytes);
void *
WINAPI
ICM_AllocZero(
IN size_t cb);
void *
WINAPI
ICM_ReAlloc(
IN void *pvOrg,
IN size_t cb);
void
WINAPI
ICM_Free(
IN void *pv);
BOOL
WINAPI
ICM_AppendBlob(
PCRYPT_DATA_BLOB pblob,
const BYTE *pbIn,
DWORD cbIn);
BOOL
WINAPI
ICM_CopyOssObjectIdentifier(
OUT ObjectID *poiDst,
IN ObjectID *poiSrc);
typedef struct _CONTENT_INFO {
LPSTR pszContentType;
CRYPT_DATA_BLOB content;
} CONTENT_INFO, *PCONTENT_INFO;
class CHashList;
class CBlobList;
class CSignerList;
class COssDecodeInfoList;
#ifdef CMS_PKCS7
class CHashNode;
typedef struct _SIGNER_ENCODE_DATA_INFO {
HCRYPTPROV hCryptProv;
DWORD dwKeySpec;
CHashNode *pHashNode;
} SIGNER_ENCODE_DATA_INFO, *PSIGNER_ENCODE_DATA_INFO;
#endif // CMS_PKCS7
typedef struct _SIGNED_DATA_INFO {
int version;
CBlobList *pAlgidList;
PCONTENT_INFO pci;
CBlobList *pCertificateList;
CBlobList *pCrlList;
CSignerList *pSignerList;
} SIGNED_DATA_INFO, *PSIGNED_DATA_INFO;
typedef struct _CRYPT_MSG_INFO {
CRITICAL_SECTION CriticalSection;
LONG lRefCnt;
HCRYPTPROV hCryptProv; // decode
BOOL fDefaultCryptProv; // decode
DWORD dwKeySpec; // key to use in CryptSignHash
DWORD dwEncodingType; // encode
DWORD dwMsgType;
DWORD dwFlags;
VOID *pvMsg;
BOOL fEncoding;
DWORD dwPhase;
LPSTR pszInnerContentObjID;
// signed or signed-and-enveloped
PSIGNED_DATA_INFO psdi;
// signed, digested or signed-and-enveloped
BOOL fDetached;
CHashList *pHashList;
#ifdef CMS_PKCS7
// encode signed
DWORD cSignerEncodeDataInfo;
PSIGNER_ENCODE_DATA_INFO rgSignerEncodeDataInfo;
#endif // CMS_PKCS7
// enveloped or signed-and-enveloped
HCRYPTKEY hkeyContentCrypt;
HCRYPTPROV hCryptProvContentCrypt;
CRYPT_DATA_BLOB Plaintext;
DWORD dwDecryptedRecipientIndex;
#ifdef CMS_PKCS7
DWORD dwDecryptedRecipientEncryptedKeyIndex;
#endif // CMS_PKCS7
#ifndef CMS_PKCS7
PBYTE pbEncryptParameters; // encoded and allocated
#endif // CMS_PKCS7
// streaming
PCMSG_STREAM_INFO pStreamInfo;
DWORD aflStream;
DWORD aflDecode;
BOOL fStreamCallbackOutput;
BOOL fStreamContentExtracted;
ICM_BUFFER bufDecode;
ICM_BUFFER bufEncode;
ICM_BUFFER bufOutput;
ICM_BUFFER bufCrypt;
ICM_BUFFER bufPendingCrypt;
DWORD cbBlockSize;
BOOL fBlockCipher;
DWORD cEndNullPairs; // decode
DWORD cInnerNullPairs; // decode
DWORD cLevelIndefiniteInner; // decode
DWORD cbDefiniteRemain; // decode
DWORD cbContentInfo; // decode
ObjectIdentifierType *pooid; // decode
DWORD aflOuter; // decode
DWORD aflInner; // decode
COssDecodeInfoList *plDecodeInfo; // decode
#ifdef CMS_PKCS7
// Optional OriginatorInfo for decoded CMS EnvelopedData
CBlobList *pCertificateList;
CBlobList *pCrlList;
// Misc allocations, such as, Algorithm parameters
CBlobList *pFreeList;
#endif // CMS_PKCS7
} CRYPT_MSG_INFO, *PCRYPT_MSG_INFO;
//--------------------------------------------------------------------------
// Decoding progress flags
#define ICMS_DECODED_PREFIX 0x00000001
#define ICMS_DECODED_CONTENT_START 0x00000002
#define ICMS_DECODED_CONTENT 0x00000004
#define ICMS_DECODED_SUFFIX 0x00000008
#define ICMS_DECODED_CONTENTINFO_SEQ 0x00000010
#define ICMS_DECODED_CONTENTINFO_CONTENT 0x00000020
//#define ICMS_DECODED_ 0x00000040
//#define ICMS_DECODED_ 0x00000080
// Signed
#define ICMS_DECODED_SIGNED_SEQ 0x00000100
#define ICMS_DECODED_SIGNED_VERSION 0x00000200
#define ICMS_DECODED_SIGNED_DIGESTALGOS 0x00000400
#define ICMS_DECODED_SIGNED_CONTENTINFO 0x00000800
#define ICMS_DECODED_SIGNED_CERTIFICATES 0x00001000
#define ICMS_DECODED_SIGNED_CRLS 0x00002000
#define ICMS_DECODED_SIGNED_SIGNERINFOS 0x00004000
//#define ICMS_DECODED_ 0x00008000
// Enveloped
#define ICMS_DECODED_ENVELOPED_SEQ 0x00000100
#define ICMS_DECODED_ENVELOPED_VERSION 0x00000200
#define ICMS_DECODED_ENVELOPED_RECIPINFOS 0x00000400
#define ICMS_DECODED_ENVELOPED_ECISEQ 0x00000800
#define ICMS_DECODED_ENVELOPED_ECITYPE 0x00001000
#define ICMS_DECODED_ENVELOPED_ECIALGID 0x00002000
#define ICMS_DECODED_ENVELOPED_ECICONTENT 0x00004000
#ifdef CMS_PKCS7
#define ICMS_DECODED_ENVELOPED_ORIGINATOR 0x00008000
#define ICMS_DECODED_ENVELOPED_ATTR 0x00010000
#endif // CMS_PKCS7
//#define ICMS_DECODED_ 0x00020000
// Misc flags
#define ICMS_INNER_OCTETSTRING 0x00100000
#define ICMS_FINAL 0x00200000
#define ICMS_NONBARE 0x00400000
#define ICMS_RAW_DATA 0x00800000
#define ICMS_PROCESS_CONTENT_BEGUN 0x01000000
#define ICMS_PROCESS_CONTENT_DONE 0x02000000
// Used in streaming decode parsing
#define ICMS_TOKEN_INDEFINITE 1
#define ICMS_TOKEN_NULLPAIR 2
#define ICMS_TOKEN_DEFINITE 3
#define ICMS_TOKEN_INCOMPLETE 4
#if DBG
#define CMSGP_STREAM_CRYPT_BLOCK_COUNT 1
#else
#define CMSGP_STREAM_CRYPT_BLOCK_COUNT 128
#endif
#define CMSGP_STREAM_MAX_ENCRYPT_BUFFER 1024
typedef struct _OSS_DECODE_INFO {
int iPDU;
PVOID pvPDU;
} OSS_DECODE_INFO, *POSS_DECODE_INFO;
DEFINE_LIST_AND_NODE_CLASS( COssDecodeInfoList, COssDecodeInfoNode, OSS_DECODE_INFO);
DEFINE_LIST_AND_NODE_CLASS( CBlobList, CBlobNode, CRYPT_DATA_BLOB);
typedef struct _SIGNER_DATA_INFO {
CRYPT_DATA_BLOB blob;
CBlobList *pUnauthAttrList;
} SIGNER_DATA_INFO, *PSIGNER_DATA_INFO;
DEFINE_LIST_AND_NODE_CLASS( CSignerList, CSignerNode, SIGNER_DATA_INFO);
typedef struct _ICM_HASH_INFO {
#ifndef CMS_PKCS7
HCRYPTPROV hCryptProv;
#endif // CMS_PKCS7
DWORD dwAlgoCAPI;
HCRYPTHASH hHash;
CRYPT_HASH_BLOB HashBlob;
} ICM_HASH_INFO, *PICM_HASH_INFO;
DEFINE_LIST_AND_NODE_CLASS( CHashList, CHashNode, ICM_HASH_INFO);
extern HCRYPTASN1MODULE ICM_hAsn1Module;
__inline ASN1encoding_t ICM_GetEncoder(void)
{
return I_CryptGetAsn1Encoder(ICM_hAsn1Module);
}
__inline ASN1decoding_t ICM_GetDecoder(void)
{
return I_CryptGetAsn1Decoder(ICM_hAsn1Module);
}
BOOL
WINAPI
ICM_GetLengthOctets(
IN DWORD cbContent,
OUT OPTIONAL PBYTE pbOut,
IN OUT PDWORD pcbOut);
VOID
WINAPI
ICM_SetLastError(
IN DWORD dwError);
BOOL
WINAPI
ICM_GetCAPI(
IN DWORD dwGroupId,
IN PCRYPT_ALGORITHM_IDENTIFIER pai,
OUT PDWORD pdwAlgId);
LONG
WINAPI
ICM_ObjIdToIndex(
IN ObjectID *poi);
BOOL
WINAPI
ICM_EqualObjectIDs(
IN ObjectID *poid1,
IN ObjectID *poid2);
BOOL
WINAPI
ICM_IsData(
IN LPSTR pszContentType);
BOOL
WINAPI
ICM_InsertTailBlob(
IN OUT CBlobList *pBlobList,
IN Any *pAny);
BOOL
WINAPI
ICM_InsertTailSigner(
IN OUT CSignerList *pSignerList,
IN Any *pAny);
BOOL
WINAPI
ICM_CreateHashList(
IN HCRYPTPROV hCryptProv,
IN OUT CHashList **ppHashList,
IN CBlobList *pAlgidList);
BOOL
WINAPI
ICM_UpdateListDigest(
IN CHashList *pHashList,
IN const BYTE *pbData,
IN DWORD cbData);
#ifdef CMS_PKCS7
BOOL
WINAPI
ICM_IsDuplicateSignerEncodeHashAlgorithm(
IN PCMSG_SIGNER_ENCODE_INFO rgSigners,
IN PCMSG_SIGNER_ENCODE_INFO pNewSigner,
OUT OPTIONAL DWORD *pdwPrevIndex = NULL
);
BOOL
WINAPI
ICM_FillSignerEncodeEncryptedDigests(
IN PCRYPT_MSG_INFO pcmi,
IN BOOL fMaxLength);
#else
BOOL
WINAPI
ICM_FillSignerEncryptedDigest(
IN SignerInfo *psi,
IN LPSTR pszInnerContentObjID,
IN CHashNode *pnHash,
IN DWORD dwKeySpec,
IN BOOL fMaxLength);
#endif // CMS_PKCS7
BOOL
WINAPI
ICM_GetKeyBlockSize(
IN HCRYPTKEY hkey,
OUT PDWORD pcbBlock,
OUT OPTIONAL PBOOL pfBlockCipher);
#ifdef CMS_PKCS7
BOOL
WINAPI
ICM_InitializeContentEncryptInfo(
IN PCMSG_ENVELOPED_ENCODE_INFO pEnvelopedEncodeInfo,
OUT PCMSG_CONTENT_ENCRYPT_INFO pContentEncryptInfo
);
void
WINAPI
ICM_FreeContentEncryptInfo(
IN PCMSG_ENVELOPED_ENCODE_INFO pEnvelopedEncodeInfo,
IN OUT PCMSG_CONTENT_ENCRYPT_INFO pContentEncryptInfo
);
BOOL
WINAPI
ICM_FillOssCmsRecipientInfos(
IN PCMSG_CONTENT_ENCRYPT_INFO pContentEncryptInfo,
IN OUT CmsRecipientInfos *poris,
#ifdef OSS_CRYPT_ASN1
IN OUT int *pEnvelopedDataVersion
#else
IN OUT ASN1int32_t *pEnvelopedDataVersion
#endif // OSS_CRYPT_ASN1
);
void
WINAPI
ICM_FreeOssCmsRecipientInfos(
IN OUT CmsRecipientInfos *poris
);
#else
// rgcbEncryptParameters[1] is the dwEncryptFlags passed to
// ICM_ExportEncryptKey
BOOL
WINAPI
ICM_GenEncryptKey(
IN OUT HCRYPTPROV *phCryptProv,
IN PCRYPT_ALGORITHM_IDENTIFIER paiEncrypt,
IN PVOID pvEncryptAuxInfo,
IN PCERT_PUBLIC_KEY_INFO pPublicKeyInfo,
IN PFN_CMSG_ALLOC pfnAlloc,
OUT HCRYPTKEY *phEncryptKey,
OUT PBYTE *ppbEncryptParameters,
OUT DWORD rgcbEncryptParameters[2]);
// rgcbData[1] is the dwEncryptFlags passed from ICM_GenEncryptKey
BOOL
WINAPI
ICM_ExportEncryptKey(
IN HCRYPTPROV hCryptProv,
IN HCRYPTKEY hEncryptKey,
IN PCERT_PUBLIC_KEY_INFO pPublicKeyInfo,
OUT PBYTE pbData,
IN OUT DWORD rgcbData[2]);
BOOL
WINAPI
ICM_ImportEncryptKey(
IN HCRYPTPROV hCryptProv,
IN DWORD dwKeySpec,
IN PCRYPT_ALGORITHM_IDENTIFIER paiEncrypt,
IN PCRYPT_ALGORITHM_IDENTIFIER paiPubKey,
IN PBYTE pbEncodedKey,
IN DWORD cbEncodedKey,
OUT HCRYPTKEY *phEncryptKey);
#endif // CMS_PKCS7
BOOL
WINAPI
ICM_EncryptBuffer(
IN HCRYPTKEY hkeyEncrypt,
HCRYPTHASH hHash,
IN const BYTE *pbPlain,
IN DWORD cbPlain,
OUT PBYTE *ppbCipher,
OUT PDWORD pcbCipher);
BOOL
WINAPI
ICMS_SetDecryptKey(
IN PCRYPT_MSG_INFO pcmi,
IN HCRYPTKEY hkeyDecrypt);
BOOL
WINAPI
ICMS_ExtractContent(
IN PCRYPT_MSG_INFO pcmi,
IN const BYTE *pbDER,
IN DWORD cbDER,
OUT PDWORD pcbContent,
OUT const BYTE **ppbContent);
BOOL
WINAPI
ICMS_OpenToEncodeData(
IN PCRYPT_MSG_INFO pcmi);
BOOL
WINAPI
ICMS_UpdateEncodingData(
IN PCRYPT_MSG_INFO pcmi,
IN PBYTE pbData,
IN DWORD cbData,
IN BOOL fFinal);
BOOL
WINAPI
ICMS_UpdateDecodingInner(
IN PCRYPT_MSG_INFO pcmi,
IN BOOL fFinal);
BOOL
WINAPI
ICMS_UpdateDecoding(
IN PCRYPT_MSG_INFO pcmi,
IN const BYTE *pbData,
IN DWORD cbData,
IN BOOL fFinal);
BOOL
WINAPI
ICMS_OpenToEncodeSignedData(
IN PCRYPT_MSG_INFO pcmi,
IN PCMSG_SIGNED_ENCODE_INFO psmei);
BOOL
WINAPI
ICMS_UpdateEncodingSignedData(
IN PCRYPT_MSG_INFO pcmi,
IN PBYTE pbData,
IN DWORD cbData,
IN BOOL fFinal);
BOOL
WINAPI
ICMS_OpenToEncodeEnvelopedData(
IN PCRYPT_MSG_INFO pcmi,
IN PCMSG_ENVELOPED_ENCODE_INFO pemei);
BOOL
WINAPI
ICMS_UpdateEncodingEnvelopedData(
IN PCRYPT_MSG_INFO pcmi,
IN const BYTE *pbPlain,
IN DWORD cbPlain,
IN BOOL fFinal);
DWORD
WINAPI
ICM_LengthSigned(
IN PCMSG_SIGNED_ENCODE_INFO psmei,
IN DWORD dwFlags,
IN LPSTR pszInnerContentObjID,
IN DWORD cbData,
OUT OPTIONAL PDWORD pcbContent);
DWORD
WINAPI
ICM_LengthEnveloped(
IN PCMSG_ENVELOPED_ENCODE_INFO pemei,
IN DWORD dwFlags,
IN OPTIONAL LPSTR pszInnerContentObjID,
IN DWORD cbData,
OUT OPTIONAL PDWORD pcbContent);
// OCTET STRING callback, used for streaming
typedef BOOL (WINAPI *POSTRCALLBACK)(
IN const void *pvArg,
IN OUT PICM_BUFFER pbuf,
IN OUT PDWORD pcbPending,
IN BOOL fFinal);
BOOL
WINAPI
ICMS_HashContent(
IN PCRYPT_MSG_INFO pcmi,
IN PBYTE pbData,
IN DWORD cbData);
BOOL
WINAPI
ICM_GetSignerIdFromSignerEncodeInfo(
IN PCMSG_SIGNER_ENCODE_INFO psei,
OUT PCERT_ID pSignerId);
#endif // __WINCRMSG_P_INCLUDED__