Files
adler32
lib.rs
backtrace
backtrace
libunwind.rsmod.rs
symbolize
dladdr.rslibbacktrace.rsmod.rs
capture.rslib.rsprint.rstypes.rs
backtrace_sys
lib.rs
base64
write
encoder.rsmod.rs
chunked_encoder.rsdecode.rsdisplay.rsencode.rslib.rstables.rs
bigtable
any.rsbigtable.rsdata.rserror.rslib.rsmethod.rsrequest.rsstatus.rssupport.rsutils.rswrappers.rswraps.rs
bitflags
lib.rs
byteorder
io.rslib.rs
bytes
buf
buf.rsbuf_mut.rschain.rsfrom_buf.rsinto_buf.rsiter.rsmod.rsreader.rstake.rsvec_deque.rswriter.rs
bytes.rsdebug.rseither.rslib.rs
cfg_if
lib.rs
cookie
builder.rsdelta.rsdraft.rsjar.rslib.rsparse.rs
cookie_store
cookie.rscookie_domain.rscookie_expiration.rscookie_path.rscookie_store.rslib.rsutils.rs
crc32fast
specialized
mod.rspclmulqdq.rs
baseline.rscombine.rslib.rstable.rs
crossbeam_deque
lib.rs
crossbeam_epoch
sync
list.rsmod.rsqueue.rs
atomic.rscollector.rsdefault.rsdeferred.rsepoch.rsguard.rsinternal.rslib.rs
crossbeam_queue
array_queue.rserr.rslib.rsseg_queue.rs
crossbeam_utils
atomic
atomic_cell.rsconsume.rsmod.rsseq_lock.rs
sync
mod.rsparker.rssharded_lock.rswait_group.rs
backoff.rscache_padded.rslib.rsthread.rs
curl
easy
form.rshandle.rshandler.rslist.rsmod.rswindows.rs
error.rslib.rsmulti.rspanic.rsversion.rs
curl_sys
lib.rs
dtoa
diyfp.rsdtoa.rslib.rs
either
lib.rs
encoding_rs
ascii.rsbig5.rsdata.rseuc_jp.rseuc_kr.rsgb18030.rshandles.rsiso_2022_jp.rslib.rsmacros.rsmem.rsreplacement.rsshift_jis.rssingle_byte.rsutf_16.rsutf_8.rsvariant.rsx_user_defined.rs
error_chain
backtrace.rserror_chain.rsimpl_error_chain_kind.rslib.rsquick_main.rs
failure
backtrace
internal.rsmod.rs
error
error_impl.rsmod.rs
as_fail.rsbox_std.rscompat.rscontext.rserror_message.rslib.rsmacros.rsresult_ext.rssync_failure.rs
failure_derive
lib.rs
flate2
deflate
bufread.rsmod.rsread.rswrite.rs
ffi
mod.rsrust.rs
gz
bufread.rsmod.rsread.rswrite.rs
zlib
bufread.rsmod.rsread.rswrite.rs
bufreader.rscrc.rslib.rsmem.rszio.rs
fnv
lib.rs
foreign_types
lib.rs
foreign_types_shared
lib.rs
futures
future
and_then.rscatch_unwind.rschain.rseither.rsempty.rsflatten.rsflatten_stream.rsfrom_err.rsfuse.rsinspect.rsinto_stream.rsjoin.rsjoin_all.rslazy.rsloop_fn.rsmap.rsmap_err.rsmod.rsoption.rsor_else.rspoll_fn.rsresult.rsselect.rsselect2.rsselect_all.rsselect_ok.rsshared.rsthen.rs
sink
buffer.rsfanout.rsflush.rsfrom_err.rsmap_err.rsmod.rssend.rssend_all.rswait.rswith.rswith_flat_map.rs
stream
and_then.rsbuffer_unordered.rsbuffered.rscatch_unwind.rschain.rschannel.rschunks.rscollect.rsconcat.rsempty.rsfilter.rsfilter_map.rsflatten.rsfold.rsfor_each.rsforward.rsfrom_err.rsfuse.rsfuture.rsfutures_ordered.rsfutures_unordered.rsinspect.rsinspect_err.rsiter.rsiter_ok.rsiter_result.rsmap.rsmap_err.rsmerge.rsmod.rsonce.rsor_else.rspeek.rspoll_fn.rsrepeat.rsselect.rsskip.rsskip_while.rssplit.rstake.rstake_while.rsthen.rsunfold.rswait.rszip.rs
sync
mpsc
mod.rsqueue.rs
bilock.rsmod.rsoneshot.rs
task_impl
std
data.rsmod.rstask_rc.rsunpark_mutex.rs
atomic_task.rscore.rsmod.rs
unsync
mod.rsmpsc.rsoneshot.rs
executor.rslib.rslock.rspoll.rsresultstream.rstask.rs
futures_cpupool
lib.rs
goauth
auth.rscredentials.rserror.rslib.rsscopes.rs
h2
codec
error.rsframed_read.rsframed_write.rsmod.rs
frame
data.rsgo_away.rshead.rsheaders.rsmod.rsping.rspriority.rsreason.rsreset.rssettings.rsstream_id.rsutil.rswindow_update.rs
hpack
huffman
mod.rstable.rs
decoder.rsencoder.rsheader.rsmod.rstable.rs
proto
streams
buffer.rscounts.rsflow_control.rsmod.rsprioritize.rsrecv.rssend.rsstate.rsstore.rsstream.rsstreams.rs
connection.rserror.rsgo_away.rsmod.rspeer.rsping_pong.rssettings.rs
client.rserror.rslib.rsserver.rsshare.rs
http
header
map.rsmod.rsname.rsvalue.rs
uri
authority.rsbuilder.rsmod.rspath.rsport.rsscheme.rs
byte_str.rsconvert.rserror.rsextensions.rslib.rsmethod.rsrequest.rsresponse.rsstatus.rsversion.rs
http_body
lib.rs
httparse
simd
avx2.rsmod.rssse42.rs
iter.rslib.rsmacros.rs
hyper
body
body.rschunk.rsmod.rspayload.rs
client
connect
dns.rshttp.rsmod.rs
conn.rsdispatch.rsmod.rspool.rs
common
io
mod.rsrewind.rs
buf.rsdrain.rsexec.rslazy.rsmod.rsnever.rstask.rs
proto
h1
conn.rsdate.rsdecode.rsdispatch.rsencode.rsio.rsmod.rsrole.rs
h2
client.rsmod.rsserver.rs
mod.rs
server
conn.rsmod.rsshutdown.rstcp.rs
service
make_service.rsmod.rsnew_service.rsservice.rs
error.rsheaders.rslib.rsrt.rsupgrade.rs
hyper_tls
client.rslib.rsstream.rs
idna
lib.rspunycode.rsuts46.rs
indexmap
equivalent.rslib.rsmacros.rsmap.rsmutable_keys.rsset.rsutil.rs
iovec
sys
mod.rsunix.rs
lib.rsunix.rs
itoa
lib.rs
lazy_static
inline_lazy.rslib.rs
libc
unix
linux_like
linux
gnu
b64
x86_64
align.rsmod.rsnot_x32.rs
mod.rs
align.rsmod.rs
align.rsmod.rs
mod.rs
align.rsmod.rs
fixed_width_ints.rslib.rsmacros.rs
libz_sys
lib.rs
lock_api
lib.rsmutex.rsremutex.rsrwlock.rs
log
lib.rsmacros.rs
matches
lib.rs
maybe_uninit
lib.rs
memoffset
lib.rsoffset_of.rsspan_of.rs
mime
lib.rsparse.rs
mime_guess
impl_bin_search.rslib.rs
miniz_oxide
deflate
buffer.rscore.rsmod.rsstream.rs
inflate
core.rsmod.rsoutput_buffer.rsstream.rs
lib.rsshared.rs
mio
deprecated
event_loop.rshandler.rsio.rsmod.rsnotify.rsunix.rs
net
mod.rstcp.rsudp.rs
sys
unix
awakener.rsdlsym.rsepoll.rseventedfd.rsio.rsmod.rsready.rstcp.rsudp.rsuds.rsuio.rs
mod.rs
channel.rsevent_imp.rsio.rslazycell.rslib.rspoll.rstimer.rstoken.rsudp.rs
native_tls
imp
openssl.rs
lib.rs
net2
sys
unix
impls.rsmod.rs
ext.rslib.rssocket.rstcp.rsudp.rsunix.rsutils.rs
num_cpus
lib.rs
num_traits
lib.rs
openssl
ssl
bio.rscallbacks.rsconnector.rserror.rsmod.rs
x509
extension.rsmod.rsstore.rsverify.rs
aes.rsasn1.rsbase64.rsbio.rsbn.rscms.rsconf.rsderive.rsdh.rsdsa.rsec.rsecdsa.rsenvelope.rserror.rsex_data.rsfips.rshash.rslib.rsmacros.rsmemcmp.rsnid.rsocsp.rspkcs12.rspkcs5.rspkcs7.rspkey.rsrand.rsrsa.rssha.rssign.rssrtp.rsstack.rsstring.rssymm.rsutil.rsversion.rs
openssl_probe
lib.rs
openssl_sys
aes.rsasn1.rsbio.rsbn.rscms.rsconf.rscrypto.rsdh.rsdsa.rsdtls1.rsec.rserr.rsevp.rshmac.rslib.rsmacros.rsobj_mac.rsobject.rsocsp.rsossl_typ.rspem.rspkcs12.rspkcs7.rsrand.rsrsa.rssafestack.rssha.rssrtp.rsssl.rsssl3.rsstack.rstls1.rsx509.rsx509_vfy.rsx509v3.rs
parking_lot
condvar.rsdeadlock.rselision.rslib.rsmutex.rsonce.rsraw_mutex.rsraw_rwlock.rsremutex.rsrwlock.rsutil.rs
parking_lot_core
thread_parker
linux.rsmod.rs
lib.rsparking_lot.rsspinwait.rsutil.rsword_lock.rs
percent_encoding
lib.rs
proc_macro2
fallback.rslib.rsstrnom.rswrapper.rs
protobuf
codegen
enums.rsextensions.rsfield.rsident.rsmessage.rsmod.rsrust_types_values.rswell_known_types.rs
reflect
accessor.rsmap.rsmod.rsoptional.rsrepeated.rsvalue.rs
well_known_types
any.rsapi.rsduration.rsempty.rsfield_mask.rsmod.rssource_context.rsstruct_pb.rstimestamp.rstype_pb.rswrappers.rs
buf_read_iter.rscached_size.rsclear.rscode_writer.rscompiler_plugin.rscore.rsdescriptor.rsdescriptorx.rserror.rsext.rshex.rslazy.rslib.rsmisc.rspaginate.rsplugin.rsrepeated.rsrt.rsrust.rsrustproto.rssingular.rsstream.rsstrx.rstext_format.rstypes.rsunknown.rsvarint.rszigzag.rs
protobuf_json
lib.rs
publicsuffix
errors.rslib.rs
quote
ext.rsformat.rsident_fragment.rslib.rsruntime.rsspanned.rsto_tokens.rs
rand
distributions
bernoulli.rsbinomial.rscauchy.rsdirichlet.rsexponential.rsfloat.rsgamma.rsinteger.rsmod.rsnormal.rsother.rspareto.rspoisson.rstriangular.rsuniform.rsunit_circle.rsunit_sphere.rsutils.rsweibull.rsweighted.rsziggurat_tables.rs
prng
mod.rs
rngs
adapter
mod.rsread.rsreseeding.rs
entropy.rsmock.rsmod.rssmall.rsstd.rsthread.rs
seq
index.rsmod.rs
deprecated.rslib.rsprelude.rs
rand_chacha
chacha.rslib.rs
rand_core
lib.rs
rand_hc
hc128.rslib.rs
rand_isaac
isaac.rsisaac64.rsisaac_array.rslib.rs
rand_jitter
dummy_log.rserror.rslib.rsplatform.rs
rand_os
dummy_log.rslib.rslinux_android.rsrandom_device.rs
rand_pcg
lib.rspcg128.rspcg64.rs
rand_xorshift
lib.rs
regex
literal
mod.rs
backtrack.rscache.rscompile.rserror.rsexec.rsexpand.rsfind_byte.rsinput.rslib.rspikevm.rsprog.rsre_builder.rsre_bytes.rsre_set.rsre_trait.rsre_unicode.rssparse.rsutf8.rs
regex_syntax
ast
mod.rsparse.rsprint.rsvisitor.rs
hir
literal
mod.rs
interval.rsmod.rsprint.rstranslate.rsvisitor.rs
unicode_tables
mod.rs
either.rserror.rslib.rsparser.rsunicode.rsutf8.rs
reqwest
async_impl
body.rsclient.rsdecoder.rsmod.rsmultipart.rsrequest.rsresponse.rs
body.rsclient.rsconnect.rscookie.rserror.rsinto_url.rslib.rsmultipart.rsproxy.rsredirect.rsrequest.rsresponse.rstls.rswait.rs
rustc_demangle
legacy.rslib.rsv0.rs
rustc_serialize
base64.rscollection_impls.rshex.rsjson.rslib.rsserialize.rs
ryu
buffer
mod.rs
pretty
exponent.rsmantissa.rsmod.rs
common.rsd2s.rsd2s_full_table.rsd2s_intrinsics.rsdigit_table.rsf2s.rslib.rs
scopeguard
lib.rs
serde
de
from_primitive.rsignored_any.rsimpls.rsmod.rsutf8.rsvalue.rs
private
de.rsmacros.rsmod.rsser.rs
ser
impls.rsimpossible.rsmod.rs
export.rsinteger128.rslib.rsmacros.rs
serde_codegen_internals
ast.rsattr.rscase.rsctxt.rslib.rs
serde_derive
internals
ast.rsattr.rscase.rscheck.rsctxt.rsmod.rssymbol.rs
bound.rsde.rsdummy.rsfragment.rslib.rspretend.rsser.rstry.rs
serde_json
value
de.rsfrom.rsindex.rsmod.rspartial_eq.rsser.rs
de.rserror.rsiter.rslib.rsmacros.rsmap.rsnumber.rsread.rsser.rs
serde_urlencoded
ser
key.rsmod.rspair.rspart.rsvalue.rs
de.rslib.rs
slab
lib.rs
smallvec
lib.rs
smpl_jwt
error.rslib.rs
socket2
sys
unix.rs
lib.rssockaddr.rssocket.rsutils.rs
string
lib.rs
syn
gen
gen_helper.rsvisit.rs
attr.rsbigint.rsbuffer.rscustom_keyword.rscustom_punctuation.rsdata.rsderive.rsdiscouraged.rserror.rsexport.rsexpr.rsext.rsgenerics.rsgroup.rsident.rslib.rslifetime.rslit.rslookahead.rsmac.rsmacros.rsop.rsparse.rsparse_macro_input.rsparse_quote.rspath.rsprint.rspunctuated.rssealed.rsspan.rsspanned.rsthread.rstoken.rstt.rsty.rs
synom
helper.rslib.rsspace.rs
synstructure
lib.rsmacros.rs
time
display.rsduration.rslib.rsparse.rssys.rs
tokio
executor
current_thread
mod.rs
mod.rs
reactor
mod.rspoll_evented.rs
runtime
current_thread
builder.rsmod.rsruntime.rs
threadpool
builder.rsmod.rsshutdown.rstask_executor.rs
mod.rs
util
enumerate.rsfuture.rsmod.rsstream.rs
clock.rsio.rslib.rsnet.rsprelude.rstimer.rs
tokio_buf
util
chain.rscollect.rsfrom.rsiter.rslimit.rsmod.rsstream.rs
lib.rsnever.rssize_hint.rsstr.rsu8.rs
tokio_current_thread
lib.rsscheduler.rs
tokio_executor
enter.rserror.rsexecutor.rsglobal.rslib.rspark.rstyped.rs
tokio_io
_tokio_codec
decoder.rsencoder.rsframed.rsframed_read.rsframed_write.rsmod.rs
codec
bytes_codec.rsdecoder.rsencoder.rslines_codec.rsmod.rs
io
copy.rsflush.rsmod.rsread.rsread_exact.rsread_to_end.rsread_until.rsshutdown.rswrite_all.rs
allow_std.rsasync_read.rsasync_write.rsframed.rsframed_read.rsframed_write.rslength_delimited.rslib.rslines.rssplit.rswindow.rs
tokio_reactor
background.rslib.rspoll_evented.rsregistration.rssharded_rwlock.rs
tokio_sync
mpsc
block.rsbounded.rschan.rslist.rsmod.rsunbounded.rs
task
atomic_task.rsmod.rs
lib.rslock.rsloom.rsoneshot.rssemaphore.rswatch.rs
tokio_tcp
incoming.rslib.rslistener.rsstream.rs
tokio_threadpool
blocking
global.rsmod.rs
park
boxed.rsdefault_park.rsmod.rs
pool
backup.rsbackup_stack.rsmod.rsstate.rs
task
blocking.rsblocking_state.rsmod.rsstate.rs
worker
entry.rsmod.rsstack.rsstate.rs
builder.rscallback.rsconfig.rslib.rsnotifier.rssender.rsshutdown.rsthread_pool.rs
tokio_timer
clock
clock.rsmod.rsnow.rs
timer
atomic_stack.rsentry.rshandle.rsmod.rsnow.rsregistration.rsstack.rs
wheel
level.rsmod.rsstack.rs
atomic.rsdeadline.rsdelay.rsdelay_queue.rserror.rsinterval.rslib.rsthrottle.rstimeout.rs
try_from
char.rsint.rslib.rs
try_lock
lib.rs
unicase
unicode
map.rsmod.rs
ascii.rslib.rs
unicode_bidi
char_data
mod.rstables.rs
deprecated.rsexplicit.rsformat_chars.rsimplicit.rslevel.rslib.rsprepare.rs
unicode_normalization
__test_api.rsdecompose.rslib.rslookups.rsnormalize.rsperfect_hash.rsquick_check.rsrecompose.rsstream_safe.rstables.rs
unicode_xid
lib.rstables.rs
url
form_urlencoded.rshost.rslib.rsorigin.rsparser.rspath_segments.rsquery_encoding.rsquirks.rsslicing.rs
uuid
adapter
core_support
mod.rs
mod.rs
parser
core_support.rsmod.rsstd_support.rs
builder.rscore_support.rslib.rsprelude.rsstd_support.rsv4.rs
want
lib.rs
  1
  2
  3
  4
  5
  6
  7
  8
  9
 10
 11
 12
 13
 14
 15
 16
 17
 18
 19
 20
 21
 22
 23
 24
 25
 26
 27
 28
 29
 30
 31
 32
 33
 34
 35
 36
 37
 38
 39
 40
 41
 42
 43
 44
 45
 46
 47
 48
 49
 50
 51
 52
 53
 54
 55
 56
 57
 58
 59
 60
 61
 62
 63
 64
 65
 66
 67
 68
 69
 70
 71
 72
 73
 74
 75
 76
 77
 78
 79
 80
 81
 82
 83
 84
 85
 86
 87
 88
 89
 90
 91
 92
 93
 94
 95
 96
 97
 98
 99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286

//! SMIME implementation using CMS
//!
//! CMS (PKCS#7) is an encyption standard.  It allows signing and ecrypting data using
//! X.509 certificates.  The OpenSSL implementation of CMS is used in email encryption
//! generated from a `Vec` of bytes.  This `Vec` follows the smime protocol standards.
//! Data accepted by this module will be smime type `enveloped-data`.

use ffi;
use foreign_types::{ForeignType, ForeignTypeRef};
use std::ptr;

use bio::{MemBio, MemBioSlice};
use error::ErrorStack;
use libc::c_uint;
use pkey::{HasPrivate, PKeyRef};
use stack::StackRef;
use symm::Cipher;
use x509::{X509Ref, X509};
use {cvt, cvt_p};

bitflags! {
    pub struct CMSOptions : c_uint {
        const TEXT = ffi::CMS_TEXT;
        const CMS_NOCERTS = ffi::CMS_NOCERTS;
        const NO_CONTENT_VERIFY = ffi::CMS_NO_CONTENT_VERIFY;
        const NO_ATTR_VERIFY = ffi::CMS_NO_ATTR_VERIFY;
        const NOSIGS = ffi::CMS_NOSIGS;
        const NOINTERN = ffi::CMS_NOINTERN;
        const NO_SIGNER_CERT_VERIFY = ffi::CMS_NO_SIGNER_CERT_VERIFY;
        const NOVERIFY = ffi::CMS_NOVERIFY;
        const DETACHED = ffi::CMS_DETACHED;
        const BINARY = ffi::CMS_BINARY;
        const NOATTR = ffi::CMS_NOATTR;
        const NOSMIMECAP = ffi::CMS_NOSMIMECAP;
        const NOOLDMIMETYPE = ffi::CMS_NOOLDMIMETYPE;
        const CRLFEOL = ffi::CMS_CRLFEOL;
        const STREAM = ffi::CMS_STREAM;
        const NOCRL = ffi::CMS_NOCRL;
        const PARTIAL = ffi::CMS_PARTIAL;
        const REUSE_DIGEST = ffi::CMS_REUSE_DIGEST;
        const USE_KEYID = ffi::CMS_USE_KEYID;
        const DEBUG_DECRYPT = ffi::CMS_DEBUG_DECRYPT;
        #[cfg(all(not(libressl), not(ossl101)))]
        const KEY_PARAM = ffi::CMS_KEY_PARAM;
        #[cfg(all(not(libressl), not(ossl101), not(ossl102)))]
        const ASCIICRLF = ffi::CMS_ASCIICRLF;
    }
}

foreign_type_and_impl_send_sync! {
    type CType = ffi::CMS_ContentInfo;
    fn drop = ffi::CMS_ContentInfo_free;

    /// High level CMS wrapper
    ///
    /// CMS supports nesting various types of data, including signatures, certificates,
    /// encrypted data, smime messages (encrypted email), and data digest.  The ContentInfo
    /// content type is the encapsulation of all those content types.  [`RFC 5652`] describes
    /// CMS and OpenSSL follows this RFC's implmentation.
    ///
    /// [`RFC 5652`]: https://tools.ietf.org/html/rfc5652#page-6
    pub struct CmsContentInfo;
    /// Reference to [`CMSContentInfo`]
    ///
    /// [`CMSContentInfo`]:struct.CmsContentInfo.html
    pub struct CmsContentInfoRef;
}

impl CmsContentInfoRef {
    /// Given the sender's private key, `pkey` and the recipient's certificiate, `cert`,
    /// decrypt the data in `self`.
    ///
    /// OpenSSL documentation at [`CMS_decrypt`]
    ///
    /// [`CMS_decrypt`]: https://www.openssl.org/docs/man1.1.0/crypto/CMS_decrypt.html
    pub fn decrypt<T>(&self, pkey: &PKeyRef<T>, cert: &X509) -> Result<Vec<u8>, ErrorStack>
    where
        T: HasPrivate,
    {
        unsafe {
            let pkey = pkey.as_ptr();
            let cert = cert.as_ptr();
            let out = MemBio::new()?;
            let flags: u32 = 0;

            cvt(ffi::CMS_decrypt(
                self.as_ptr(),
                pkey,
                cert,
                ptr::null_mut(),
                out.as_ptr(),
                flags.into(),
            ))?;

            Ok(out.get_buf().to_owned())
        }
    }

    to_der! {
        /// Serializes this CmsContentInfo using DER.
        ///
        /// OpenSSL documentation at [`i2d_CMS_ContentInfo`]
        ///
        /// [`i2d_CMS_ContentInfo`]: https://www.openssl.org/docs/man1.0.2/crypto/i2d_CMS_ContentInfo.html
        to_der,
        ffi::i2d_CMS_ContentInfo
    }

    to_pem! {
        /// Serializes this CmsContentInfo using DER.
        ///
        /// OpenSSL documentation at [`PEM_write_bio_CMS`]
        ///
        /// [`PEM_write_bio_CMS`]: https://www.openssl.org/docs/man1.1.0/man3/PEM_write_bio_CMS.html
        to_pem,
        ffi::PEM_write_bio_CMS
    }
}

impl CmsContentInfo {
    /// Parses a smime formatted `vec` of bytes into a `CmsContentInfo`.
    ///
    /// OpenSSL documentation at [`SMIME_read_CMS`]
    ///
    /// [`SMIME_read_CMS`]: https://www.openssl.org/docs/man1.0.2/crypto/SMIME_read_CMS.html
    pub fn smime_read_cms(smime: &[u8]) -> Result<CmsContentInfo, ErrorStack> {
        unsafe {
            let bio = MemBioSlice::new(smime)?;

            let cms = cvt_p(ffi::SMIME_read_CMS(bio.as_ptr(), ptr::null_mut()))?;

            Ok(CmsContentInfo::from_ptr(cms))
        }
    }

    from_der! {
        /// Deserializes a DER-encoded ContentInfo structure.
        ///
        /// This corresponds to [`d2i_CMS_ContentInfo`].
        ///
        /// [`d2i_CMS_ContentInfo`]: https://www.openssl.org/docs/manmaster/man3/d2i_X509.html
        from_der,
        CmsContentInfo,
        ffi::d2i_CMS_ContentInfo
    }

    from_pem! {
        /// Deserializes a PEM-encoded ContentInfo structure.
        ///
        /// This corresponds to [`PEM_read_bio_CMS`].
        ///
        /// [`PEM_read_bio_CMS`]: https://www.openssl.org/docs/man1.1.0/man3/PEM_read_bio_CMS.html
        from_pem,
        CmsContentInfo,
        ffi::PEM_read_bio_CMS
    }

    /// Given a signing cert `signcert`, private key `pkey`, a certificate stack `certs`,
    /// data `data` and flags `flags`, create a CmsContentInfo struct.
    ///
    /// All arguments are optional.
    ///
    /// OpenSSL documentation at [`CMS_sign`]
    ///
    /// [`CMS_sign`]: https://www.openssl.org/docs/manmaster/man3/CMS_sign.html
    pub fn sign<T>(
        signcert: Option<&X509Ref>,
        pkey: Option<&PKeyRef<T>>,
        certs: Option<&StackRef<X509>>,
        data: Option<&[u8]>,
        flags: CMSOptions,
    ) -> Result<CmsContentInfo, ErrorStack>
    where
        T: HasPrivate,
    {
        unsafe {
            let signcert = signcert.map_or(ptr::null_mut(), |p| p.as_ptr());
            let pkey = pkey.map_or(ptr::null_mut(), |p| p.as_ptr());
            let data_bio = match data {
                Some(data) => Some(MemBioSlice::new(data)?),
                None => None,
            };
            let data_bio_ptr = data_bio.as_ref().map_or(ptr::null_mut(), |p| p.as_ptr());
            let certs = certs.map_or(ptr::null_mut(), |p| p.as_ptr());

            let cms = cvt_p(ffi::CMS_sign(
                signcert,
                pkey,
                certs,
                data_bio_ptr,
                flags.bits(),
            ))?;

            Ok(CmsContentInfo::from_ptr(cms))
        }
    }

    /// Given a certificate stack `certs`, data `data`, cipher `cipher` and flags `flags`,
    /// create a CmsContentInfo struct.
    ///
    /// OpenSSL documentation at [`CMS_encrypt`]
    ///
    /// [`CMS_encrypt`]: https://www.openssl.org/docs/manmaster/man3/CMS_encrypt.html
    pub fn encrypt(
        certs: &StackRef<X509>,
        data: &[u8],
        cipher: Cipher,
        flags: CMSOptions,
    ) -> Result<CmsContentInfo, ErrorStack> {
        unsafe {
            let data_bio = MemBioSlice::new(data)?;

            let cms = cvt_p(ffi::CMS_encrypt(
                certs.as_ptr(),
                data_bio.as_ptr(),
                cipher.as_ptr(),
                flags.bits(),
            ))?;

            Ok(CmsContentInfo::from_ptr(cms))
        }
    }
}

#[cfg(test)]
mod test {
    use super::*;
    use pkcs12::Pkcs12;
    use stack::Stack;
    use x509::X509;

    #[test]
    fn cms_encrypt_decrypt() {
        // load cert with public key only
        let pub_cert_bytes = include_bytes!("../test/cms_pubkey.der");
        let pub_cert = X509::from_der(pub_cert_bytes).expect("failed to load pub cert");

        // load cert with private key
        let priv_cert_bytes = include_bytes!("../test/cms.p12");
        let priv_cert = Pkcs12::from_der(priv_cert_bytes).expect("failed to load priv cert");
        let priv_cert = priv_cert
            .parse("mypass")
            .expect("failed to parse priv cert");

        // encrypt cms message using public key cert
        let input = String::from("My Message");
        let mut cert_stack = Stack::new().expect("failed to create stack");
        cert_stack
            .push(pub_cert)
            .expect("failed to add pub cert to stack");

        let encrypt = CmsContentInfo::encrypt(
            &cert_stack,
            &input.as_bytes(),
            Cipher::des_ede3_cbc(),
            CMSOptions::empty(),
        )
        .expect("failed create encrypted cms");

        // decrypt cms message using private key cert (DER)
        {
            let encrypted_der = encrypt.to_der().expect("failed to create der from cms");
            let decrypt =
                CmsContentInfo::from_der(&encrypted_der).expect("failed read cms from der");
            let decrypt = decrypt
                .decrypt(&priv_cert.pkey, &priv_cert.cert)
                .expect("failed to decrypt cms");
            let decrypt =
                String::from_utf8(decrypt).expect("failed to create string from cms content");
            assert_eq!(input, decrypt);
        }

        // decrypt cms message using private key cert (PEM)
        {
            let encrypted_pem = encrypt.to_pem().expect("failed to create pem from cms");
            let decrypt =
                CmsContentInfo::from_pem(&encrypted_pem).expect("failed read cms from pem");
            let decrypt = decrypt
                .decrypt(&priv_cert.pkey, &priv_cert.cert)
                .expect("failed to decrypt cms");
            let decrypt =
                String::from_utf8(decrypt).expect("failed to create string from cms content");
            assert_eq!(input, decrypt);
        }
    }
}