#ifndef __DIGI_DOC_LIB_H__
#define __DIGI_DOC_LIB_H__
//==================================================
// FILE: DigiDocLib.h
// PROJECT: Digi Doc
// DESCRIPTION: Digi Doc functions for creating
// and reading signed documents.
// AUTHOR: Veiko Sinivee, S|E|B IT Partner Estonia
//==================================================
// Copyright (C) AS Sertifitseerimiskeskus
// This library is free software; you can redistribute it and/or
// modify it under the terms of the GNU Lesser General Public
// License as published by the Free Software Foundation; either
// version 2.1 of the License, or (at your option) any later version.
// This library is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
// Lesser General Public License for more details.ode
// GNU Lesser General Public Licence is available at
// http://www.gnu.org/copyleft/lesser.html
//==========< HISTORY >=============================
// 10.02.2004 Integrated
// 02.01.2004 Veiko Sinivee
// Added support for format 1.3
// 29.10.2003 Aare Amenberg
// Added some function headers
// (needed for compiling COM)
// 1.0 09.04.2002 Veiko Sinivee
// Supports XML format (Type: SK-XML-1.0)
//==================================================
#ifdef __cplusplus
extern "C" {
#endif
#include <openssl/x509.h>
#include <openssl/ocsp.h>
#include <DigiDocMem.h>
#include <DigiDocDefs.h>
#include <DigiDocError.h>
//==========< data structures >====================
// supported format and version combination
typedef struct FormatAndVer_st {
char* szFormat;
char* szVersion;
} FormatAndVer;
// contains timestamp data
typedef struct Timestamp_st {
int year;
int mon;
int day;
int hour;
int min;
int sec;
int tz;
} Timestamp;
// contains the signed attributes of each document file entry
typedef struct DocInfo_st {
char* szDocId; // document id
char* szDigestType; // digest method used
byte* szDigest; // digest value
int nDigestLen; // digest value length
byte* szMimeDigest; // digest value
int nMimeDigestLen; // digest value length
} DocInfo;
typedef struct SignatureProductionPlace_st {
char* szCity;
char* szStateOrProvince;
char* szPostalCode;
char* szCountryName;
} SignatureProductionPlace;
typedef struct SignerRole_st {
int nClaimedRoles;
char** pClaimedRoles;
int nCertifiedRoles;
char** pCertifiedRoles;
} SignerRole;
// signature info for each user signature
typedef struct SignatureInfo_st {
char* szId; // signature id
int nDocs; // number of separate documents signed
DocInfo** pDocs; // info for each signed document
char* szTimeStamp; // signature timestamp in format "YYYY-MM-DDTHH:MM:SSZ"
byte* szSigPropDigest; // signed properties digest
int nSigPropDigestLen; // length of signed properties digest
byte* szSigPropRealDigest; // signed properties digest as read from file
int nSigPropRealDigestLen; // length of signed properties digest as read from file
byte* szSigInfoRealDigest; // signed properties digest as read from file
int nSigInfoRealDigestLen; // length of signed properties digest as read from file
char* szSigType; // signature type used
byte* szSigValue; // signature value
short nSigLen; // signature value length
X509* pX509Cert; // X509Cert certificate (used internally for data during loading)
char* szIssuerSerial; // certificates serial number (signed value)
byte* szCertDigest; // signed properties digest
int nCertDigestLen; // length of signed properties digest
SignatureProductionPlace sigProdPlace;
SignerRole signerRole;
byte* szOrigContent;
int nOrigContentLen;
} SignatureInfo;
// data file entry for each data file
typedef struct DataFile_st {
char* szId; // data file id
char* szFileName; // signed doc file name
char* szMimeType; // date file mime type
char* szContentType; // DETATCHED, EMBEDDED or EMBEDDED_BASE64
long nSize; // file size (unencoded)
char* szDigestType; // digest type
byte* szDigest; // digest value
int nDigestLen; // digest value length
byte* szWrongDigest; // bad digest calculated in earlier buggy version
int nWrongDigestLen; // digest value length
byte* szDetachedDigest; // detached files digest value
int nDetachedDigestLen; // digest value length
int nAttributes; // number of other attributes
char* szCharset; // datafile initial codepage
char** pAttNames; // other attribute names
char** pAttValues; // other attribute values
byte* szContent;
long nContentLen;
} DataFile;
typedef struct NotaryInfo_sk {
char* szId; // Notary id
char* szSigId; // signature id that is notaried
char* szNotType; // notary info type (OCSP-1.0)
char* timeProduced; // producedAt
char* szRespIdType; // responder id type
char* szRespId; // responder id value
int nRespIdLen; // responder id value length
char* thisUpdate; // thisUpdate (nextUpdate is allways NULL)
char* nextUpdate; // next update time
char* szDigestType; // digest method used
byte* szIssuerNameHash; // issuer hash value
int nIssuerNameHashLen; // issuer hash value length
byte* szIssuerKeyHash;
int nIssuerKeyHashLen;
byte* szUserSign; // verified signature hash value (OCSP Nonce)
int nUserSignLen; // signature hash value length
// notaries personal signature
char* szSigType; // signature type used
byte* szSigValue; // signature value
short nSigLen; // signature value length
X509* pX509Cert; // X509Cert certificate (used internally for data during loading)
char* szIssuerSerial; // certificates serial number (signed value)
byte* szCertDigest; // signed properties digest (used internally for data during loading)
int nCertDigestLen; // length of signed properties digest
byte* szOcspDigest; // OCSP response digest
int nOcspDigestLen; // OCSP response digest length
void* pOcspResponse; // actual OCSP response
} NotaryInfo;
typedef struct SignedDoc_st {
char* szFormat; // data format name
char* szFormatVer; // data format version
int nDataFiles;
DataFile** pDataFiles;
int nSignatures;
SignatureInfo** pSignatures;
int nNotaries;
NotaryInfo** pNotaries;
} SignedDoc;
// structure used to report paths of data files
typedef struct FilePath_st {
char* szFileName;
char* szPath;
} FilePath;
//==========< admin functions >====================
// returns the library name
EXP_OPTION const char* getLibName();
// returns the library version
EXP_OPTION const char* getLibVersion();
// returns an array of supported formats terminated by NULL
EXP_OPTION const char** getSupportedFormats();
// returns an array of supported formats and versions terminated by NULL
EXP_OPTION FormatAndVer* getSupportedFormatsAndVersions();
// returns the GUI version
EXP_OPTION const char* getGUIVersion();
// sets the GUI version
EXP_OPTION void setGUIVersion(const char* szVer);
// initializes error library
EXP_OPTION void initDigiDocLib();
// cleanup of error library
EXP_OPTION void finalizeDigiDocLib();
// trim leading and trailing whitespace
EXP_OPTION char* trim(char* src);
// converts timestamp string to it's components
EXP_OPTION int convertStringToTimestamp(const SignedDoc* pSigDoc, const char* szTimestamp, Timestamp* pTimestamp);
// converts timestamp to string
EXP_OPTION int convertTimestampToString(const SignedDoc* pSigDoc, const Timestamp* pTimestamp, char* szTimestamp);
// creates new timestamp object
EXP_OPTION int Timestamp_new(Timestamp **, int year,int month,int day,int hour,int minute,int second,int timezone);
// frees this timestamp object
EXP_OPTION void Timestamp_free(Timestamp* pTimestamp);
// converts timestamp string to time_t value
EXP_OPTION time_t convertStringToTimeT(const SignedDoc* pSigDoc, const char* szTimestamp);
// Sets a string element of a struct to a new value
int setString(char** dest, const char* value, int valLen);
EXP_OPTION int checkFileExists(const char* szFileName);
int ddocPullUrl(const char* url, DigiDocMemBuf* pSendData, DigiDocMemBuf* pRecvData,
const char* proxyHost, const char* proxyPort);
//--------------------------------------------------
// sends an OCSP_REQUES object to remore server and
// retrieves the OCSP_RESPONSE object
// resp - buffer to store the new responses pointer
// req - request objects pointer
// url - OCSP responder URL
// ip_addr - senders ip address if known or 0
//--------------------------------------------------
int sendOCSPRequest(OCSP_RESPONSE** resp, OCSP_REQUEST *req,
char* url, char* proxyHost, char* proxyPort,
unsigned long ip_addr);
// Cheks a combination of format and version for validity
int ddocCheckFormatAndVer(const char* format, const char* version);
EXP_OPTION int ddocConvertFileName(char* dest, int destlen, const char* src);
//--------------------------------------------------
// Converts timestamp (time_t) value to a struct
// tm value. Caller must provide address of tm struct.
// This function is used because loacltime() is not
// thread-safe and win32 has no equvalent of localtime_r().
// pTime - time_t value address
// pTmStruct - struct tm address
// bLocal - 1=localtime_r, 0=gmtime_r
// returns error code or ERR_OK
//--------------------------------------------------
EXP_OPTION int ddocLocalTime(time_t* pTime, struct tm* pTmStruct, int bLocal);
//==========< general crypto fucntions >============
// calculates input files digest.
// supports only SHA1
EXP_OPTION int calculateFileDigest(const char* szFileName, int nDigestType,
byte* pDigestBuf, int* nDigestLen, long* lFileLen);
// calculate file size
EXP_OPTION int calculateFileSize(const char* szFileName, long* lFileLen);
// calculates files RSA+SHA1 signature
EXP_OPTION int calculateFileSignature(const char* szFileName, int nDigestType,
byte* pSigBuf, int* nSigLen,
const char *keyfile, const char* passwd);
// verifies files signature
EXP_OPTION int verifyFileSignature(const char* szFileName, int nDigestType,
byte* pSigBuf, int nSigLen,
const char *certfile);
// sign some arbitrary daya
EXP_OPTION int signData(const byte* data, int dlen, byte* pSigBuf, int* nSigLen,
int nDigestType, const char *keyfile, const char* passwd);
// calculate digest over some arbitrary data
EXP_OPTION int calculateDigest(const byte* data, int nDataLen, int nDigestType,
byte* pDigestBuf, int* nDigestLen);
// Base64 encode some data
EXP_OPTION void encode(const byte* raw, int rawlen, byte* buf, int* buflen);
// Base64 decode some data
EXP_OPTION void decode(const byte* raw, int rawlen, byte* buf, int* buflen);
// Decodes binary (DER) OCSP_RESPONSE data and returns a OCSP_RESPONSE object
EXP_OPTION int ddocDecodeOCSPResponseData(OCSP_RESPONSE **ppResp, const byte* data, int len);
// Decodes base64 (PEM) OCSP_RESPONSE data and returns a OCSP_RESPONSE object
EXP_OPTION int ddocDecodeOCSPResponsePEMData(OCSP_RESPONSE **ppResp, const byte* data, int len);
//--------------------------------------------------
// Prepares a new signature for signing and calculates
// the final hash value to sign.
// pSigDoc - signed document object
// ppSigInfo - pointer for address of newly allocated signature
// manifest - manifest or role
// city - signers address , city
// state - signers address , state or province
// zip - signers address , postal code
// country - signers address , country name
// id - id for new signature. Optional, use NULL for default
// return returns error code or ERR_OK
//--------------------------------------------------
EXP_OPTION int ddocPrepareSignature(SignedDoc* pSigDoc, SignatureInfo** ppSigInfo,
const char* manifest, const char* city,
const char* state, const char* zip,
const char* country, X509* pCert, const char* id);
//--------------------------------------------------
// Returns the hash to be signed with or without ASN1
// prefix and with or without base64 encoding
// pSigInfo - signature address
// pBuf - buffer for hash value with or without prefix
// pBufLen - pointer to buffer length
// b64 - return base64 encode 1/0
// bWithAsn1Prefix - return with or without ASN1 prefix 1/0
// return returns error code or ERR_OK
//--------------------------------------------------
EXP_OPTION int ddocGetSignedHash(SignatureInfo* pSigInfo, char* pBuf, int* pBufLen, int b64, int bWithAsn1Prefix);
//==========< XML generating functions >=================
// thse functions generate certain XML form info, that
// is used as input data for either signing or digesting
// generates current timestamp in format: DD.MM.YYYY HH:MM:SS
EXP_OPTION int createTimestamp(const SignedDoc* pSigDoc, char* buf);
// creates XML <SignedInfo> block (actually signed info)
EXP_OPTION char* createXMLSignedInfo(const SignedDoc* pSigDoc, const SignatureInfo* pSigInfo);
// creates XML mime type <SinatureProperty> block for signing
EXP_OPTION int createMimeType(char* buf, const char* mime,
const char* sigId, const char* docId);
//==========< memory mgmt functions >=================
// Get the filename part of full file name
EXP_OPTION const char* getSimpleFileName(const char* szFileName);
// Get the absolute filename with path
EXP_OPTION int getFullFileName(const char* szFileName, char* szDest, int len);
// Get the path part of full file name
EXP_OPTION int getFileNamePath(const char* szFileName, char* szPath);
// creates a new <SignedDoc> structure
EXP_OPTION int SignedDoc_new(SignedDoc **newSignedDoc, const char* format, const char* version);
// cleanup signed doc data
EXP_OPTION void SignedDoc_free(SignedDoc* pSigDoc);
// returns the number of data files
EXP_OPTION int getCountOfDataFiles(const SignedDoc* pSigDoc);
// returns the n-th DataFile object
EXP_OPTION DataFile* getDataFile(const SignedDoc* pSigDoc, int nIdx);
// returns the last DataFile object
EXP_OPTION DataFile* ddocGetLastDataFile(const SignedDoc* pSigDoc);
// Retrieve and convert DataFile Filename atribute and convert
int ddocGetDataFileFilename(SignedDoc* pSigDoc, const char* szDocId, void** ppBuf, int* pLen);
// returns the DataFile object with the given id
EXP_OPTION DataFile* getDataFileWithId(const SignedDoc* pSigDoc, const char* id);
// add a <DataFile> block to <SignedDoc>
// use NULL for any parameter you don't have the value
// use NULL for id if you want to auto-calculate it (recommended!!!)
EXP_OPTION int DataFile_new(DataFile **newDataFile, SignedDoc* pSigDoc, const char* id,
const char* filename, const char* contentType,
const char* mime, long size,
const byte* digest, int digLen,
const char* digType, const char* szCharset);
// cleanup DataFile memory
EXP_OPTION void DataFile_free(DataFile* pDataFile);
// Removes this DataFile from signed doc and frees it's memory
EXP_OPTION int DataFile_delete(SignedDoc* pSigDoc, const char* id);
// Returns number of DataFile attributes
EXP_OPTION int getCountOfDataFileAttributes(const DataFile* pDataFile);
// Adds an attribute to data file
EXP_OPTION int addDataFileAttribute(DataFile* pDataFile, const char* name,
const char* value);
// Gets an attribute of a data file
EXP_OPTION int getDataFileAttribute(DataFile* pDataFile, int idx, char** name, char** value);
// get datafile cahed data
int ddocGetDataFileCachedData(SignedDoc* pSigDoc, const char* szDocId, void** ppBuf, long* pLen);
// apppends DataFile content to cache
void ddocAppendDataFileData(DataFile* pDf, int maxLen, void* data, int len);
// calculates file size and digest and store in the
// given DataFile object
EXP_OPTION int calculateDataFileSizeAndDigest(SignedDoc* pSigDoc, const char* id,
const char* filename, int digType);
// returns the number of signatures
EXP_OPTION int getCountOfSignatures(const SignedDoc* pSigDoc);
// Returns the desired SignatureInfo object
EXP_OPTION SignatureInfo* getSignature(const SignedDoc* pSigDoc, int nIdx);
// Returns the last SignatureInfo object
EXP_OPTION SignatureInfo* ddocGetLastSignature(const SignedDoc* pSigDoc);
// Returns the SignatureInfo object with the given id
EXP_OPTION SignatureInfo* getSignatureWithId(const SignedDoc* pSigDoc, const char* id);
// Adds a new SignedInfo element to a SignedDoc element and initializes it
EXP_OPTION int SignatureInfo_new(SignatureInfo **newSignatureInfo, SignedDoc* pSigDoc, const char* id);
// Sets the signature production place info (use NULL for unknown attributes)
EXP_OPTION int setSignatureProductionPlace(SignatureInfo* pSigInfo,
const char* city, const char* state,
const char* zip, const char* country);
// Adds a signer role
EXP_OPTION int addSignerRole(SignatureInfo* pSigInfo, int nCertified,
const char* role, int rLen, int encode);
// Returns the number of signer roles
EXP_OPTION int getCountOfSignerRoles(SignatureInfo* pSigInfo, int nCertified);
// Returns the desired signer role
EXP_OPTION const char* getSignerRole(SignatureInfo* pSigInfo, int nCertified, int nIdx);
// Removes this SignatureInfo from signed doc and frees it's memory
EXP_OPTION int SignatureInfo_delete(SignedDoc* pSigDoc, const char* id);
// cleanup SignatureInfo memory
EXP_OPTION void SignatureInfo_free(SignatureInfo* pSigInfo);
// Adds a new DocInfo element to a SignatureInfo element and initializes it
EXP_OPTION int addDocInfo(DocInfo **newDocInfo, SignatureInfo* pSigInfo, const char* docId,
const char* digType, const byte* digest,
int digLen, const byte* mimeDig, int mimeDigLen);
// cleanup DocInfo memory
EXP_OPTION void DocInfo_free(DocInfo* pDocInfo);
// Returns number of DocInfos
EXP_OPTION int getCountOfDocInfos(const SignatureInfo* pSigInfo);
// Returns the desired DocInfo
EXP_OPTION DocInfo* getDocInfo(const SignatureInfo* pSigInfo, int idx);
// Returns the last DocInfo
EXP_OPTION DocInfo* ddocGetLastDocInfo(const SignatureInfo* pSigInfo);
// Returns the DocInfo object with the given id
EXP_OPTION DocInfo* getDocInfoWithId(const SignatureInfo* pSigInfo, const char* id);
// Sets the DocInfo objects document digest and digest type
EXP_OPTION void setDocInfoDigest(DocInfo* pDocInfo, const byte* digest,
int digLen, const char* digType);
// Sets the DocInfo objects mime digest and mime type
EXP_OPTION void setDocInfoMimeDigest(DocInfo* pDocInfo, const byte* mimeDig, int mimeDigLen);
// Adds all DocInfo elements in this file to a SignatureInfo element
EXP_OPTION int addAllDocInfos(SignedDoc* pSigDoc, SignatureInfo* pSigInfo);
// Calculates and stores a signature for this SignatureInfo object
EXP_OPTION int calculateSigInfoSignature(const SignedDoc* pSigDoc, SignatureInfo* pSigInfo, int nSigType,
const char* keyfile, const char* passwd, const char* certfile);
// returns the number of signatures
EXP_OPTION int getCountOfNotaryInfos(const SignedDoc* pSigDoc);
// Returns the desired NotaryInfo object
EXP_OPTION NotaryInfo* getNotaryInfo(const SignedDoc* pSigDoc, int nIdx);
// Returns the last NotaryInfo object
EXP_OPTION NotaryInfo* ddocGetLastNotaryInfo(const SignedDoc* pSigDoc);
// Returns the NotaryInfo object with the given id
EXP_OPTION NotaryInfo* getNotaryWithId(const SignedDoc* pSigDoc, const char* id);
// Returns the NotaryInfo object that corresponds to the given signature
EXP_OPTION NotaryInfo* getNotaryWithSigId(const SignedDoc* pSigDoc, const char* sigId);
// Returns the NotaryInfo object that corresponds to the given signature
// ore creates a new one
EXP_OPTION NotaryInfo* getOrCreateNotaryWithSigId(SignedDoc* pSigDoc, const char* sigId);
// Adds a new NotaryInfo element to a SignedDoc element and initializes it partly
EXP_OPTION int NotaryInfo_new(NotaryInfo** newNotaryInfo, SignedDoc* pSigDoc, const SignatureInfo* pSigInfo);
// the same as above, but reads response and cert from file
EXP_OPTION int NotaryInfo_new_file(NotaryInfo** newNotaryInfo, SignedDoc* pSigDoc, const SignatureInfo* pSigInfo,
const char* ocspRespFile, const char* notaryCertFile);
// cleanup NotaryInfo memory
EXP_OPTION void NotaryInfo_free(NotaryInfo* pNotary);
// Removes this NotaryInfo from signed doc and frees it's memory
EXP_OPTION int NotaryInfo_delete(SignedDoc* pSigDoc, const char* id);
// creates xml form of <SignedProperties>
EXP_OPTION char* createXMLSignedProperties(const SignedDoc* pSigDoc, const SignatureInfo* pSigInfo, int nWithEscapes);
// Calculates <SignedProperties> digest
EXP_OPTION int calculateSignedPropertiesDigest(SignedDoc* pSigDoc, SignatureInfo* pSigInfo);
// Calculates <SignedInfo> digest
EXP_OPTION int calculateSignedInfoDigest(SignedDoc* pSigDoc, SignatureInfo* pSigInfo, byte* digBuf, int* digLen);
// Sets the signatures certificate and calculates
EXP_OPTION int setSignatureCertFile(SignatureInfo* pSigInfo, const char* certFile);
// Sets the signatures certificate and calculates it's digest
EXP_OPTION int setSignatureCert(SignatureInfo* pSigInfo, X509* cert);
// Sets the signature value
EXP_OPTION int setSignatureValue(SignatureInfo* pSigInfo, byte* szSignature, int sigLen);
// Sets the signature value from a file that contains
// the base64 encoded signature value
EXP_OPTION int setSignatureValueFromFile(SignatureInfo* pSigInfo, char* szSigFile);
//==========< encoding functions >=================
// writes the signed doc to a file
EXP_OPTION int createSignedDoc(SignedDoc* pSigDoc, const char* szOldFile, const char* szSigDocFile);
//================< verification functions> =================================
//--------------------------------------------------
// Frees file paths array
// pPaths - FilePaths array
// nPaths - number of paths
//--------------------------------------------------
EXP_OPTION void FilePaths_free(FilePath* pPaths, int nPaths);
//--------------------------------------------------
// Finds all detatched files and returns their
// names. The user can now set the path portion.
// Allocaes new memory that caller must free
// with FilePaths_free()
// pSigDoc - signed document
// pPaths - pointer to FilePaths array
// nPaths - pointer to number of paths
//--------------------------------------------------
EXP_OPTION int findDetatchedDataFiles(SignedDoc* pSigDoc, FilePath** pPaths, int* nPaths);
// Compares two byte arrays and returns 0 for OK
EXP_OPTION int compareByteArrays(const byte* dig1, int len1, const byte* dig2, int len2);
// verifies one doc's check digests in this signature
EXP_OPTION int verifySigDocDigest(const SignedDoc* pSigDoc, const SignatureInfo* pSigInfo,
const DocInfo* pDocInfo, const char* szFileName,
const char* szDataFile);
// verifies the mime digest of this doc in this signature
EXP_OPTION int verifySigDocMimeDigest(const SignedDoc* pSigDoc, const SignatureInfo* pSigInfo,
const DocInfo* pDocInfo, const char* szFileName);
// Verifies the SignedProperties digest
EXP_OPTION int verifySigDocSigPropDigest(const SignedDoc* pSigDoc,
const SignatureInfo* pSigInfo, const char* szDataFile);
// verifies this one signature
EXP_OPTION int verifySignatureInfo(const SignedDoc* pSigDoc, const SignatureInfo* pSigInfo,
const char* signerCA, const char* szDataFile, int bUseCA,
FilePath* pPaths, int nPaths);
// verifies the whole document (returns on first err)
EXP_OPTION int verifySigDoc(const SignedDoc* pSigDoc, const char* signerCA,
const char** caFiles, const char* caPath, const char* notCert,
const char* szDataFile, int bUseCA,
FilePath* pPaths, int nPaths);
// Verifies the certificates signed attributes
EXP_OPTION int verifySigCert(const SignatureInfo* pSigInfo);
// Verfies NotaryInfo signature
EXP_OPTION int verifyNotaryInfo(const SignedDoc* pSigDoc, const NotaryInfo* pNotInfo,
const char ** caFiles, const char *CApath, const char* notCertFile);
// Verifies the certificates signed attributes
EXP_OPTION int verifyNotCert(const NotaryInfo* pNotInfo);
// Verfies NotaryInfo digest
EXP_OPTION int verifyNotaryDigest(const SignedDoc* pSigDoc, const NotaryInfo* pNotInfo);
EXP_OPTION int writeOCSPRequest(SignedDoc* pSigDoc, const char* signerCertFile, const char* issuertCertFile,
byte* nonce, int nlen, const char* szOutputFile);
// Creates and sends an OCSP_REQUEST object
// to the notary server, receives the response
// and uses it to create a confirmation object.
EXP_OPTION int getConfirmation(SignedDoc* pSigDoc, SignatureInfo* pSigInfo,
const X509** caCerts, const X509* pNotCert,
char* pkcs12FileName, char* pkcs12Password,
char* notaryURL, char* proxyHost, char* proxyPort);
// another way to get OCSP confirmation by sending also callers ip address
EXP_OPTION int getConfirmationWithIp(SignedDoc* pSigDoc, SignatureInfo* pSigInfo,
const X509** caCerts, const X509* pNotCert,
char* pkcs12FileName, char* pkcs12Password,
char* notaryURL, char* proxyHost, char* proxyPort,
unsigned long ip);
// use this if you passed NULL-s to getConfirmation() param notaryCert
EXP_OPTION int finalizeAndVerifyNotary(SignedDoc* pSigDoc, NotaryInfo* pNotInf,
const X509** caCerts, const X509* pNotCert);
int readTagContents(char** data, const char* fileName,
const char* tagName, int nAttrs,
const char** attNames, const char** attValues,
int withTags);
//EXP_OPTION int signOCSPRequest(OCSP_REQUEST *req,const char* key)
//void testXML1(const SignatureInfo* pSigInfo, const char* fileName);
// verifies signed doc
EXP_OPTION int verifySigDocCERT(const SignedDoc* pSigDoc, const void* signerCA,
const X509** caCerts,
const char* caPath, const X509* notCert,
const char* szDataFile, int bUseCA,
FilePath* pPaths, int nPaths);
// Verifies this signature
EXP_OPTION int verifySignatureInfoCERT(const SignedDoc* pSigDoc, const SignatureInfo* pSigInfo,
const void* signerCACert, const char* szDataFile, int bUseCA,
FilePath* pPaths, int nPaths);
// Checks if the cert has been signed by this CA-cert
EXP_OPTION int isCertSignedByCERT(const X509* cert, const X509* caCert);
// Verfies NotaryInfo signature
EXP_OPTION int verifyNotaryInfoCERT(const SignedDoc* pSigDoc,
const NotaryInfo* pNotInfo,
const X509** caCerts,
const char *CApath, const X509* notCert);
// Calculates the digest of NotaryInfo
EXP_OPTION int calculateNotaryInfoDigest(const SignedDoc* pSigDoc,
const NotaryInfo* pNotInfo, byte* digBuf, int* digLen);
//================< certficate info functions> =================================
int ReadOCSPResponse(OCSP_RESPONSE **newOCSP_RESPONSE, const char* szFileName);
int initializeNotaryInfoWithOCSP(SignedDoc *pSigDoc, NotaryInfo *pNotary,
OCSP_RESPONSE *resp, X509 *notCert, int initDigest);
// Decodes a signature value
void decodeSignatureValue(const char* b64val, int b64len, char* value, int* vlen);
// Returns the user signatures certificate data
EXP_OPTION X509* getSignCertData(const SignatureInfo* pSignInfo);
// Returns the notary signatures certificate data
EXP_OPTION X509* getNotCertData(const NotaryInfo* pNotInfo);
// get OCSP in PEM form
EXP_OPTION int getOcspPEM(OCSP_RESPONSE* pResp, int bHeaders, char** buf);
//================< deprecated functions> =================================
// these functions are deprecated. Use the replacements in DigiDocCert.h
// these functions will be removed in future releases!
#ifdef WITH_DEPRECATED_FUNCTIONS
// get signers id-code
// USE: ddocCertGetSubjectPerCode(getSignCertData(pSignInfo), pMemBuf);
EXP_OPTION int getSignerCode(const SignatureInfo* pSigInfo, char* buf);
// get signers first name
// USE: ddocCertGetSubjectFirstName(getSignCertData(pSignInfo), pMemBuf);
EXP_OPTION int getSignerFirstName(const SignatureInfo* pSigInfo, char* buf);
// get signers last name
// USE: ddocCertGetSubjectLastName(getSignCertData(pSignInfo), pMemBuf);
EXP_OPTION int getSignerLastName(const SignatureInfo* pSigInfo, char* buf);
// get the whole signers CN in desired charset
// USE: ddocCertGetSubjectCN(getSignCertData(pSignInfo), pMemBuf);
EXP_OPTION int getSignerCN(const SignatureInfo* pSigInfo, char* buf, int bUTF8);
#endif // WITH_DEPRECATED_FUNCTIONS
//==================================================================================
void CorrectCharacters(char *psText);
#ifdef __cplusplus
}
#endif
#endif // __DIGI_DOC_LIB_H__
distrib
>
Mandriva
>
2010.0
>
i586
>
media
>
contrib-release
>
by-pkgid
>
024f4d3b36b07ff127664e571b9fb7a1
>
files
>
12
