Added pkcs7 support (this PR was split, do not merge)

.gitignore

@@ -3,3 +3,4 @@ Cargo.lock
 .idea/
 *.iml
 .vscode/
+*.tmp

openssl-sys/build/cfgs.rs

@@ -31,6 +31,9 @@ pub fn get(openssl_version: Option<u64>, libressl_version: Option<u64>) -> Vec<&
         if libressl_version >= 0x2_09_01_00_0 {
             cfgs.push("libressl291");
         }
+        if libressl_version >= 0x3_01_00_00_0 {
+            cfgs.push("libressl310");
+        }
         if libressl_version >= 0x3_02_01_00_0 {
             cfgs.push("libressl321");
         }

openssl-sys/src/handwritten/asn1.rs

@@ -10,23 +10,60 @@ pub struct ASN1_ENCODING {
 
 extern "C" {
     pub fn ASN1_OBJECT_free(x: *mut ASN1_OBJECT);
+    pub fn OBJ_cmp(a: *const ASN1_OBJECT, b: *const ASN1_OBJECT) -> c_int;
 }
 
+pub enum ASN1_OBJECT {}
+
 stack!(stack_st_ASN1_OBJECT);
 
+#[repr(C)]
+pub struct ASN1_TYPE {
+    pub type_: c_int,
+    pub value: ASN1_TYPE_value,
+}
+#[repr(C)]
+pub union ASN1_TYPE_value {
+    pub ptr: *mut c_char,
+    pub boolean: ASN1_BOOLEAN,
+    pub asn1_string: *mut ASN1_STRING,
+    pub object: *mut ASN1_OBJECT,
+    pub integer: *mut ASN1_INTEGER,
+    pub enumerated: *mut ASN1_ENUMERATED,
+    pub bit_string: *mut ASN1_BIT_STRING,
+    pub octet_string: *mut ASN1_OCTET_STRING,
+    pub printablestring: *mut ASN1_PRINTABLESTRING,
+    pub t61string: *mut ASN1_T61STRING,
+    pub ia5string: *mut ASN1_IA5STRING,
+    pub generalstring: *mut ASN1_GENERALSTRING,
+    pub bmpstring: *mut ASN1_BMPSTRING,
+    pub universalstring: *mut ASN1_UNIVERSALSTRING,
+    pub utctime: *mut ASN1_UTCTIME,
+    pub generalizedtime: *mut ASN1_GENERALIZEDTIME,
+    pub visiblestring: *mut ASN1_VISIBLESTRING,
+    pub utf8string: *mut ASN1_UTF8STRING,
+    /*
+     * set and sequence are left complete and still contain the set or
+     * sequence bytes
+     */
+    pub set: *mut ASN1_STRING,
+    pub sequence: *mut ASN1_STRING,
+    pub asn1_value: *mut ASN1_VALUE,
+}
+
 extern "C" {
     pub fn ASN1_STRING_type_new(ty: c_int) -> *mut ASN1_STRING;
     #[cfg(any(ossl110, libressl273))]
     pub fn ASN1_STRING_get0_data(x: *const ASN1_STRING) -> *const c_uchar;
     #[cfg(any(all(ossl101, not(ossl110)), libressl))]
     pub fn ASN1_STRING_data(x: *mut ASN1_STRING) -> *mut c_uchar;
-
-    pub fn ASN1_BIT_STRING_free(x: *mut ASN1_BIT_STRING);
-
+    pub fn ASN1_STRING_new() -> *mut ASN1_STRING;
     pub fn ASN1_STRING_free(x: *mut ASN1_STRING);
     pub fn ASN1_STRING_length(x: *const ASN1_STRING) -> c_int;
+    pub fn ASN1_STRING_set(x: *mut ASN1_STRING, data: *const c_void, len_in: c_int) -> c_int;
 
-    pub fn ASN1_STRING_set(x: *mut ASN1_STRING, data: *const c_void, len: c_int) -> c_int;
+    pub fn ASN1_BIT_STRING_free(x: *mut ASN1_BIT_STRING);
+    pub fn ASN1_OCTET_STRING_free(x: *mut ASN1_OCTET_STRING);
 
     pub fn ASN1_GENERALIZEDTIME_free(tm: *mut ASN1_GENERALIZEDTIME);
     pub fn ASN1_GENERALIZEDTIME_print(b: *mut BIO, tm: *const ASN1_GENERALIZEDTIME) -> c_int;
@@ -51,10 +88,14 @@ extern "C" {
     pub fn ASN1_TIME_set_string(s: *mut ASN1_TIME, str: *const c_char) -> c_int;
     #[cfg(ossl111)]
     pub fn ASN1_TIME_set_string_X509(s: *mut ASN1_TIME, str: *const c_char) -> c_int;
+
+    pub fn ASN1_TYPE_free(x: *mut ASN1_TYPE);
 }
 
 const_ptr_api! {
     extern "C" {
         pub fn ASN1_STRING_to_UTF8(out: *mut *mut c_uchar, s: #[const_ptr_if(any(ossl110, libressl280))] ASN1_STRING) -> c_int;
+        pub fn ASN1_STRING_type(x: #[const_ptr_if(any(ossl110, libressl280))]  ASN1_STRING) -> c_int;
+        pub fn ASN1_generate_v3(str: #[const_ptr_if(any(ossl110, libressl280))] c_char, cnf: *mut X509V3_CTX) -> *mut ASN1_TYPE;
     }
 }

openssl-sys/src/handwritten/mod.rs

@@ -28,6 +28,7 @@ pub use self::stack::*;
 pub use self::tls1::*;
 pub use self::types::*;
 pub use self::x509::*;
+pub use self::x509_attr::*;
 pub use self::x509_vfy::*;
 pub use self::x509v3::*;
 
@@ -61,5 +62,6 @@ mod stack;
 mod tls1;
 mod types;
 mod x509;
+mod x509_attr;
 mod x509_vfy;
 mod x509v3;

openssl-sys/src/handwritten/pkcs7.rs

@@ -1,12 +1,195 @@
 use libc::*;
 use *;
 
-pub enum PKCS7_SIGNED {}
-pub enum PKCS7_ENVELOPE {}
-pub enum PKCS7_SIGN_ENVELOPE {}
-pub enum PKCS7_DIGEST {}
-pub enum PKCS7_ENCRYPT {}
-pub enum PKCS7 {}
+// use x509::stack_st_X509;
+// use x509_attr::stack_st_X509_ATTRIBUTE;
+
+#[cfg(ossl300)]
+#[repr(C)]
+pub struct PKCS7_CTX {
+    libctx: *mut OSSL_LIB_CTX,
+    propq: *mut c_char,
+}
+
+cfg_if! {
+    if #[cfg(any(ossl101, libressl251))] {
+        #[repr(C)]
+        pub struct PKCS7_SIGNED {
+            pub version: *mut ASN1_INTEGER, /* version 1 */
+            pub md_algs: *mut stack_st_X509_ALGOR, /* md used */
+            pub cert: *mut stack_st_X509, /* [ 0 ] */
+            pub crl: *mut stack_st_X509_CRL, /* [ 1 ] */
+            pub signer_info: *mut stack_st_PKCS7_SIGNER_INFO,
+            pub contents: *mut PKCS7,
+        }
+    } else {
+        pub enum PKCS7_SIGNED {}
+    }
+}
+
+cfg_if! {
+    if #[cfg(any(ossl101, libressl251))] {
+        #[repr(C)]
+        pub struct PKCS7_ENC_CONTENT {
+            pub content_type: *mut ASN1_OBJECT,
+            pub algorithm: *mut X509_ALGOR,
+            pub enc_data: *mut ASN1_OCTET_STRING, /* [ 0 ] */
+            pub cipher: *const EVP_CIPHER,
+            #[cfg(ossl300)]
+            pub ctx: *const PKCS7_CTX,
+       }
+    } else {
+        pub enum PKCS7_ENC_CONTENT {}
+    }
+}
+
+cfg_if! {
+    if #[cfg(any(ossl101, libressl251))] {
+        #[repr(C)]
+        pub struct PKCS7_ENVELOPE {
+            pub version: *mut ASN1_INTEGER, /* version 0 */
+            pub recipientinfo: *mut stack_st_PKCS7_RECIP_INFO,
+            pub enc_data: *mut PKCS7_ENC_CONTENT,
+        }
+    }  else {
+        pub enum PKCS7_ENVELOPE {}
+    }
+}
+
+cfg_if! {
+    if #[cfg(any(ossl101, libressl251))] {
+        #[repr(C)]
+        pub struct PKCS7_SIGN_ENVELOPE {
+            pub version: *mut ASN1_INTEGER, /* version 1 */
+            pub md_algs: *mut stack_st_X509_ALGOR, /* md used */
+            pub cert: *mut stack_st_X509, /* [ 0 ] */
+            pub crl: *mut stack_st_X509_CRL, /* [ 1 ] */
+            pub signer_info: *mut stack_st_PKCS7_SIGNER_INFO,
+            pub enc_data: *mut PKCS7_ENC_CONTENT,
+            pub recipientinfo: *mut stack_st_PKCS7_RECIP_INFO
+        }
+    } else {
+        pub enum PKCS7_SIGN_ENVELOPE {}
+    }
+}
+
+cfg_if! {
+    if #[cfg(any(ossl101, libressl251))] {
+        #[repr(C)]
+        pub struct PKCS7_DIGEST {
+            pub version: *mut ASN1_INTEGER, /* version 0 */
+            pub md: *mut X509_ALGOR, /* md used */
+            pub contents: *mut PKCS7,
+            pub digest: *mut ASN1_OCTET_STRING,
+        }
+    } else {
+        pub enum PKCS7_DIGEST {}
+    }
+}
+
+cfg_if! {
+    if #[cfg(any(ossl101, libressl251))] {
+        #[repr(C)]
+        pub struct PKCS7_ENCRYPT {
+            pub version: *mut ASN1_INTEGER, /* version 0 */
+            pub enc_data: *mut PKCS7_ENC_CONTENT,
+        }
+    } else {
+        pub enum PKCS7_ENCRYPT {}
+    }
+}
+
+extern "C" {
+    pub fn PKCS7_SIGNED_free(info: *mut PKCS7_SIGNED);
+    pub fn PKCS7_ENC_CONTENT_free(info: *mut PKCS7_ENC_CONTENT);
+    pub fn PKCS7_ENVELOPE_free(info: *mut PKCS7_ENVELOPE);
+    pub fn PKCS7_SIGN_ENVELOPE_free(info: *mut PKCS7_SIGN_ENVELOPE);
+    pub fn PKCS7_DIGEST_free(info: *mut PKCS7_DIGEST);
+    pub fn PKCS7_SIGNER_INFO_free(info: *mut PKCS7_SIGNER_INFO);
+}
+
+cfg_if! {
+    if #[cfg(any(ossl101, libressl251))] {
+        #[repr(C)]
+        pub struct PKCS7 {
+            /*
+             * The following is non NULL if it contains ASN1 encoding of this
+             * structure
+             */
+            pub asn1: *mut c_uchar,
+            pub length: c_long,
+            // # define PKCS7_S_HEADER  0
+            // # define PKCS7_S_BODY    1
+            // # define PKCS7_S_TAIL    2
+            pub state: c_int, /* used during processing */
+            pub detached: c_int,
+            pub type_: *mut ASN1_OBJECT,
+            /* content as defined by the type */
+            /*
+             * all encryption/message digests are applied to the 'contents', leaving
+             * out the 'type' field.
+             */
+            pub d: PKCS7_data,
+            #[cfg(ossl300)]
+            pub ctx: PKCS7_CTX,
+        }
+        #[repr(C)]
+        pub union PKCS7_data {
+            pub ptr: *mut c_char,
+            /* NID_pkcs7_data */
+            pub data: *mut ASN1_OCTET_STRING,
+            /* NID_pkcs7_signed */
+            pub sign: *mut PKCS7_SIGNED,
+            /* NID_pkcs7_enveloped */
+            pub enveloped: *mut PKCS7_ENVELOPE,
+            /* NID_pkcs7_signedAndEnveloped */
+            pub signed_and_enveloped: *mut PKCS7_SIGN_ENVELOPE,
+            /* NID_pkcs7_digest */
+            pub digest: *mut PKCS7_DIGEST,
+            /* NID_pkcs7_encrypted */
+            pub encrypted: *mut PKCS7_ENCRYPT,
+            /* Anything else */
+            pub other: *mut ASN1_TYPE,
+        }
+    } else {
+         pub enum PKCS7 {}
+    }
+}
+
+cfg_if! {
+    if #[cfg(any(ossl101, libressl))] {
+        #[repr(C)]
+        pub struct PKCS7_ISSUER_AND_SERIAL {
+            pub issuer: *mut X509_NAME,
+            pub serial: *mut ASN1_INTEGER,
+        }
+    } else {
+        pub enum PKCS7_ISSUER_AND_SERIAL {}
+    }
+}
+
+cfg_if! {
+    if #[cfg(any(ossl101, libressl))] {
+        #[repr(C)]
+        pub struct PKCS7_SIGNER_INFO {
+            pub version: *mut ASN1_INTEGER, /* version 1 */
+            pub issuer_and_serial: *mut PKCS7_ISSUER_AND_SERIAL,
+            pub digest_alg: *mut X509_ALGOR,
+            pub auth_attr: *mut stack_st_X509_ATTRIBUTE, /* [ 0 ] */
+            pub digest_enc_alg: *mut X509_ALGOR,
+            pub enc_digest: *mut ASN1_OCTET_STRING,
+            pub unauth_attr: *mut stack_st_X509_ATTRIBUTE, /* [ 1 ] */
+            pub pkey: *mut EVP_PKEY, /* The private key to sign with */
+            #[cfg(ossl300)]
+            pub ctx: *const PKCS7_CTX,
+        }
+    } else {
+        pub enum PKCS7_SIGNER_INFO {}
+    }
+}
+
+stack!(stack_st_PKCS7_SIGNER_INFO);
+stack!(stack_st_PKCS7_RECIP_INFO);
 
 extern "C" {
     pub fn d2i_PKCS7(a: *mut *mut PKCS7, pp: *mut *const c_uchar, length: c_long) -> *mut PKCS7;
@@ -15,6 +198,7 @@ extern "C" {
 const_ptr_api! {
     extern "C" {
         pub fn i2d_PKCS7(a: #[const_ptr_if(ossl300)] PKCS7, buf: *mut *mut u8) -> c_int;
+        pub fn i2d_PKCS7_bio(bio: *mut BIO, p7: #[const_ptr_if(ossl300)]  PKCS7) -> c_int;
     }
 }
 
@@ -67,4 +251,53 @@ extern "C" {
     ) -> c_int;
 
     pub fn SMIME_read_PKCS7(bio: *mut BIO, bcont: *mut *mut BIO) -> *mut PKCS7;
+
+    pub fn PKCS7_new() -> *mut PKCS7;
+
+    pub fn PKCS7_set_type(p7: *mut PKCS7, nid_pkcs7: c_int) -> c_int;
+
+    pub fn PKCS7_add_certificate(p7: *mut PKCS7, x509: *mut X509) -> c_int;
+
+    pub fn PKCS7_add_signature(
+        p7: *mut PKCS7,
+        x509: *mut X509,
+        pkey: *mut EVP_PKEY,
+        digest: *const EVP_MD,
+    ) -> *mut PKCS7_SIGNER_INFO;
+
+    pub fn PKCS7_set_signed_attributes(
+        p7si: *mut PKCS7_SIGNER_INFO,
+        attributes: *mut stack_st_X509_ATTRIBUTE,
+    ) -> c_int;
+
+    pub fn PKCS7_add_signed_attribute(
+        p7si: *mut PKCS7_SIGNER_INFO,
+        nid: c_int,
+        attrtype: c_int,
+        data: *mut c_void,
+    ) -> c_int;
+
+    pub fn PKCS7_content_new(p7: *mut PKCS7, nid_pkcs7: c_int) -> c_int;
+
+    pub fn PKCS7_dataInit(p7: *mut PKCS7, bio: *mut BIO) -> *mut BIO;
+
+    pub fn PKCS7_dataFinal(p7: *mut PKCS7, bio: *mut BIO) -> c_int;
+
+    pub fn PKCS7_get_signer_info(p7: *mut PKCS7) -> *mut stack_st_PKCS7_SIGNER_INFO;
+
+    pub fn PKCS7_SIGNER_INFO_get0_algs(
+        si: *mut PKCS7_SIGNER_INFO,
+        pk: *mut *mut EVP_PKEY,
+        pdig: *mut *mut X509_ALGOR,
+        psig: *mut *mut X509_ALGOR,
+    );
+}
+
+const_ptr_api! {
+    extern "C" {
+        pub fn PKCS7_get_signed_attribute(
+            si: #[const_ptr_if(ossl300)] PKCS7_SIGNER_INFO,
+            nid: c_int
+        ) -> *mut ASN1_TYPE;
+    }
 }