|
Eneboo - Documentación para desarrolladores
|
src/libdigidoc/DigiDocConfig.h
Ir a la documentación de este archivo.
00001 #ifndef __DIGI_DOC_CFG_H__ 00002 #define __DIGI_DOC_CFG_H__ 00003 //================================================== 00004 // FILE: DigiDocCfonfig.h 00005 // PROJECT: Digi Doc 00006 // DESCRIPTION: Digi Doc functions for configuration management 00007 // AUTHOR: Veiko Sinivee, S|E|B IT Partner Estonia 00008 //================================================== 00009 // Copyright (C) AS Sertifitseerimiskeskus 00010 // This library is free software; you can redistribute it and/or 00011 // modify it under the terms of the GNU Lesser General Public 00012 // License as published by the Free Software Foundation; either 00013 // version 2.1 of the License, or (at your option) any later version. 00014 // This library is distributed in the hope that it will be useful, 00015 // but WITHOUT ANY WARRANTY; without even the implied warranty of 00016 // MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU 00017 // Lesser General Public License for more details. 00018 // GNU Lesser General Public Licence is available at 00019 // http://www.gnu.org/copyleft/lesser.html 00020 //==========< HISTORY >============================= 00021 // 08.01.2004 Veiko Sinivee 00022 // Creation 00023 // 20.03.2004 Added functions createOrReplacePrivateConfigItem() 00024 // writeConfigFile() and writePrivateConfigFile() 00025 // 20.03.2004 changed function notarizeSignature to check for PKCS12 arguments 00026 //================================================== 00027 00028 #include <libdigidoc/DigiDocDefs.h> 00029 #include <libdigidoc/DigiDocLib.h> 00030 00031 // not ready yet 00032 #ifdef WITH_MSSP 00033 #include <libdigidoc/mssp/DigiDocMsspGw.h> 00034 #endif 00035 00036 #ifdef __cplusplus 00037 extern "C" { 00038 #endif 00039 00040 00041 #include <openssl/x509.h> 00042 00043 00044 // item type 00045 #define ITEM_TYPE_UNKNOWN 0 00046 #define ITEM_TYPE_GLOBAL 1 00047 #define ITEM_TYPE_PRIVATE 2 00048 00049 // used to mark modified items to then store all together in private config file 00050 #define ITEM_STATUS_UNKNOWN 0 00051 #define ITEM_STATUS_OK 1 00052 #define ITEM_STATUS_MODIFIED 2 00053 00054 // holds one configuration item 00055 typedef struct ConfigItem_st { 00056 char* szKey; // items key 00057 char* szValue; // items value 00058 int nType; // items type (system wide or private) 00059 int nStatus; // item status - clean/modified 00060 } ConfigItem; 00061 00062 // array of configration items 00063 typedef struct ConfigurationStore_st { 00064 int nItems; 00065 ConfigItem** pItems; 00066 } ConfigurationStore; 00067 00068 00069 //-------------------------------------------------- 00070 // Initializes configuration store 00071 // szConfigFile - name of config file. Use NULL for default 00072 //-------------------------------------------------- 00073 EXP_OPTION int initConfigStore(const char* szConfigFile); 00074 00075 //-------------------------------------------------- 00076 // Cleans memory of configuration store 00077 // pConfStore - configuration collection (use NULL for default) 00078 //-------------------------------------------------- 00079 EXP_OPTION void cleanupConfigStore(ConfigurationStore *pConfStore); 00080 00081 //-------------------------------------------------- 00082 // Adds a new configration item 00083 // pConfStore - configuration collection (use NULL for default) 00084 // key - items key 00085 // value - items value 00086 // type - item type 00087 // status - item status 00088 // returns ERR_OK on success 00089 //-------------------------------------------------- 00090 EXP_OPTION int addConfigItem(ConfigurationStore *pConfStore, const char* key, const char* value, int type, int status); 00091 00092 //-------------------------------------------------- 00093 // Deletes configration item 00094 // key - items key 00095 // returns ERR_OK on success 00096 //-------------------------------------------------- 00097 EXP_OPTION int ConfigItem_delete(const char* key); 00098 00099 //-------------------------------------------------- 00100 // Adds a new private configration item or modifies 00101 // pConfStore - configuration collection (use NULL for default) 00102 // an existing one 00103 // key - items key 00104 // value - items value 00105 // returns ERR_OK on success 00106 //-------------------------------------------------- 00107 EXP_OPTION int createOrReplacePrivateConfigItem(ConfigurationStore *pConfStore, const char* key, const char* value); 00108 00109 //-------------------------------------------------- 00110 // Finds a new configration items value by key 00111 // key - items key 00112 // returns value of config item or NULL if not found 00113 //-------------------------------------------------- 00114 EXP_OPTION const char* ConfigItem_lookup(const char* key); 00115 00116 //-------------------------------------------------- 00117 // Finds a new configration items value by key from the store 00118 // key - items key 00119 // pConfStore - store to search in 00120 // returns value of config item or NULL if not found 00121 //-------------------------------------------------- 00122 EXP_OPTION const char* ConfigItem_lookup_fromStore(ConfigurationStore *pConfStore, const char* key); 00123 00124 //-------------------------------------------------- 00125 // Finds a all configration items that start with this prefix 00126 // pConfStore - collection of found items 00127 // prefix - item keys prefix 00128 // returns error code or ERR_OK 00129 //-------------------------------------------------- 00130 int ConfigItem_findByPrefix(ConfigurationStore *pConfStore, const char* prefix); 00131 00132 //-------------------------------------------------- 00133 // Finds a numeric configration items value by key 00134 // key - items key 00135 // defValue - default value to be returned 00136 // returns value of config item or defValue if not found 00137 //-------------------------------------------------- 00138 EXP_OPTION int ConfigItem_lookup_int(const char* key, int defValue); 00139 00140 //-------------------------------------------------- 00141 // Finds a bolean configration items value by key 00142 // key - items key 00143 // defValue - default value to be returned 00144 // returns value of config item or defValue if not found 00145 //-------------------------------------------------- 00146 EXP_OPTION int ConfigItem_lookup_bool(const char* key, int defValue); 00147 00148 //-------------------------------------------------- 00149 // Finds a new configration items value by key 00150 // key - items key 00151 // returns value of config item or NULL if not found 00152 //-------------------------------------------------- 00153 //EXP_OPTION const char* ConfigItem_lookup_str(const char* key, const char* defValue); 00154 00155 //-------------------------------------------------- 00156 // Reads and parses configuration file 00157 // fileName - configuration file name 00158 // type - type of config file global/private 00159 // return error code or 0 for success 00160 //-------------------------------------------------- 00161 EXP_OPTION int readConfigFile(const char* fileName, int type); 00162 00163 //-------------------------------------------------- 00164 // Writes a configuration file 00165 // fileName - configuration file name 00166 // type - type of config file global/private 00167 // return error code or 0 for success 00168 //-------------------------------------------------- 00169 EXP_OPTION int writeConfigFile(const char* fileName, int type); 00170 00171 //-------------------------------------------------- 00172 // Saves all private config items in correct file 00173 // return error code or 0 for success 00174 //-------------------------------------------------- 00175 EXP_OPTION int writePrivateConfigFile(); 00176 00177 //-------------------------------------------------- 00178 // Sets a new name for private config file. Can be 00179 // used to override default of env(HOME)/.digidoc.conf 00180 // Use NULL to restore default value 00181 //-------------------------------------------------- 00182 EXP_OPTION void setPrivateConfigFile(const char* fileName); 00183 00184 //-------------------------------------------------- 00185 // Finds CA certificate of the given certificate 00186 // ppCA - address of found CA 00187 // pCert - certificate whose CA we are looking for 00188 // return error code or 0 for success 00189 //-------------------------------------------------- 00190 EXP_OPTION int findCAForCertificate(X509** ppCA, const X509* pCert); 00191 00192 //-------------------------------------------------- 00193 // Finds CA certificate by CN 00194 // ppCA - address of found CA 00195 // szCN - CA certs common name 00196 // return error code or 0 for success 00197 //-------------------------------------------------- 00198 EXP_OPTION int findCAForCN(X509** ppCA, const char* szCN); 00199 00200 //-------------------------------------------------- 00201 // Finds CA chain 00202 // ppChain - address of cert pointer array 00203 // nMaxChain - cert pointer arrary length 00204 // szCN - CN of the first CA cert (not the child cert!) 00205 // return error code or 0 for success 00206 //-------------------------------------------------- 00207 EXP_OPTION int findCAChainForCN(X509** ppChain, int* nMaxChain, const char* szCN); 00208 00209 //-------------------------------------------------- 00210 // Finds Responders certificate by CN 00211 // ppResp - address of found cert 00212 // szCN - Responder certs common name 00213 // hash - responder certs hash in base64 form 00214 // szCertSerial - specific serial number to search 00215 // return error code or 0 for success 00216 //-------------------------------------------------- 00217 EXP_OPTION int findResponder(X509** ppResp, const char* szCN, 00218 const char* szHash, char* szCertSerial); 00219 00220 //-------------------------------------------------- 00221 // Finds Responders certificate by CN and index 00222 // ppResp - address of found cert 00223 // szCN - Responder certs common name 00224 // hash - responder certs hash in base64 00225 // nIdx - index of the certificate for this respnder. Starts at 0 00226 // return error code or 0 for success 00227 //-------------------------------------------------- 00228 EXP_OPTION int findResponderByCNAndHashAndIndex(X509** ppResp, const char* szCN, 00229 const char* hash, int nIdx); 00230 00231 //-------------------------------------------------- 00232 // Finds Responder certificates CA certs CN 00233 // caCN - buffer for responders CA CN 00234 // len - length of buffer for CA CN 00235 // szCN - responder certs common name 00236 // hash - responder certs hash in base64 form 00237 // return error code or 0 for success 00238 //-------------------------------------------------- 00239 EXP_OPTION int findResponderCA(char* caCN, int len, const char* szCN, const char* hash); 00240 00241 //------------------------------------------ 00242 // Get a notary confirmation for signature 00243 // pSigDoc - signed document pointer 00244 // pSigInfo - signature to notarize 00245 // returns error code 00246 //------------------------------------------ 00247 EXP_OPTION int notarizeSignature(SignedDoc* pSigDoc, SignatureInfo* pSigInfo); 00248 00249 //------------------------------------------ 00250 // Get a notary confirmation for signature 00251 // pSigDoc - signed document pointer 00252 // pSigInfo - signature to notarize 00253 // ip - callers ip address if known 00254 // returns error code 00255 //------------------------------------------ 00256 EXP_OPTION int notarizeSignatureWithIp(SignedDoc* pSigDoc, SignatureInfo* pSigInfo, unsigned long ip); 00257 00258 //-------------------------------------------------- 00259 // Signs the document and gets configrmation 00260 // pSigDoc - signed document pointer 00261 // ppSigInfo - address of new signature pointer 00262 // pin - smart card PIN 00263 // manifest - manifest / resolution (NULL) 00264 // city - signers city (NULL) 00265 // state - signers state (NULL) 00266 // zip - signers postal code (NULL) 00267 // country - signers country (NULL) 00268 //-------------------------------------------------- 00269 EXP_OPTION int signDocument(SignedDoc* pSigDoc, SignatureInfo** ppSigInfo, 00270 const char* pin, const char* manifest, 00271 const char* city, const char* state, 00272 const char* zip, const char* country); 00273 00274 //-------------------------------------------------- 00275 // Verify this notary 00276 // pSigDoc - signed document pointer 00277 // pNotInfo - notary to verify 00278 // returns error code 00279 //-------------------------------------------------- 00280 int verifyNotary(SignedDoc* pSigDoc, SignatureInfo* pSigInfo, NotaryInfo* pNotInfo); 00281 00282 //-------------------------------------------------- 00283 // Verify this signature and it's notary 00284 // pSigDoc - signed document pointer 00285 // pSigInfo - signature to verify 00286 // szFileName - input digidoc filename 00287 // returns error code 00288 //-------------------------------------------------- 00289 EXP_OPTION int verifySignatureAndNotary(SignedDoc* pSigDoc, SignatureInfo* pSigInfo, const char* szFileName); 00290 00291 //-------------------------------------------------- 00292 // Extract common name from cert DN or responder id 00293 // src - DN 00294 // dest - buffer for CN 00295 //-------------------------------------------------- 00296 int findCN(char* src, char* dest); 00297 00298 //------------------------------------------ 00299 // Verify certificate by OCSP 00300 // pCert - certificate to check 00301 // ppResp - address to return OCSP response. Use NULL if 00302 // you don't want OCSP response to be returned 00303 // returns error code 00304 //------------------------------------------ 00305 EXP_OPTION int ddocVerifyCertByOCSP(X509* pCert, OCSP_RESPONSE **ppResp); 00306 00307 //------------------------------------------ 00308 // Verify certificate by OCSP 00309 // pCert - certificate to check 00310 // ppResp - address to return OCSP response. Use NULL if 00311 // you don't want OCSP response to be returned 00312 // returns error code 00313 //------------------------------------------ 00314 EXP_OPTION int ddocVerifyCertByOCSPWithIp(X509* pCert, OCSP_RESPONSE **ppResp, unsigned long ip); 00315 00316 //------------------------------------------ 00317 // Reads an arbitrary file into memory buffer 00318 // szFileName - file name and path 00319 // pData - memory buffer object 00320 // returns error code 00321 //------------------------------------------ 00322 EXP_OPTION int ddocReadFile(const char* szFileName, DigiDocMemBuf* pData); 00323 00324 #ifdef WITH_MSSP 00325 //------------------------------------------ 00326 // Gets MSSP session status and returns status code 00327 // If you pass in a digidoc then the last signature 00328 // will be finalized with signature value if 00329 // available or removed in case of session error, 00330 // timeout or users cancelling signature operation 00331 // pMssp - MSSP context 00332 // pSigDoc - signed document object to be modified 00333 // pMBufSig - buffer for returning signature value [optional] 00334 // returns MSSP session status code 00335 //------------------------------------------ 00336 EXP_OPTION int ddocConfMsspGetStatus(MSSP* pMssp, SignedDoc* pSigDoc, DigiDocMemBuf* pMBufSig); 00337 00338 //-------------------------------------------------- 00339 // Signs the document and gets return status back 00340 // pSigDoc - signed document object 00341 // pMssp - MSSP context 00342 // szPhoneNo - users phone number 00343 // manifest - manifest or role 00344 // city - signers address , city 00345 // state - signers address , state or province 00346 // zip - signers address , postal code 00347 // country - signers address , country name 00348 // szDigiDocFile - name of the file user signs 00349 // szCertUrl - full url where to get cert. Use NULL for default url 00350 // pMBufHash - mem-buf to return <SignedInfo> hash. Optional. 00351 // return error code or ERR_OK 00352 //-------------------------------------------------- 00353 EXP_OPTION int ddocConfMsspSign(SignedDoc* pSigDoc, MSSP* pMssp, const char* szPhoneNo, 00354 const char* manifest, const char* city, 00355 const char* state, const char* zip, 00356 const char* country, const char* szDigiDocFile, 00357 const char* szCertUrl, DigiDocMemBuf* pMBufHash); 00358 00359 //-------------------------------------------------- 00360 // Calculates ChallengeID from 20 byte hash or challenge code 00361 // pChallenge - challenge pointer (binary data) 00362 // nLen - length of challenge data 00363 // return error code or ERR_OK 00364 //-------------------------------------------------- 00365 EXP_OPTION unsigned short ddocConfCalcChallengeID(const char* pChallenge, int nLen); 00366 00367 //-------------------------------------------------- 00368 // Polls MSSP status and finalizes signature 00369 // pSigDoc - signed document object 00370 // pMssp - MSSP context 00371 // return error code or ERR_OK 00372 //-------------------------------------------------- 00373 EXP_OPTION int ddocConfMsspPoll(SignedDoc* pSigDoc, MSSP* pMssp); 00374 #endif 00375 00376 #ifdef __cplusplus 00377 } 00378 #endif 00379 00380 00381 #endif // __DIGI_DOC_CFG_H__
