libdigidoc (3.10.1.1208-1) unstable; urgency=medium

* Initial upload (Closes: #658300). # imported from the archive
author: Andrew Shadura <andrewsh@debian.org> 2015-11-01 19:41:28 +0100
committer: Andrew Shadura <andrewsh@debian.org> 2015-11-01 19:41:28 +0100
commit: 61c1a106bd81794f48e4cd85bae129f9270279e8 (patch)
tree: 29ecf644c4a13c2645bd8067e66ae8944dd2daf9 /libdigidoc/DigiDocConfig.h
1 files changed, 425 insertions, 0 deletions
diff --git a/libdigidoc/DigiDocConfig.h b/libdigidoc/DigiDocConfig.h
new file mode 100644
index 0000000..7e4d3e4
--- /dev/null
+++ b/libdigidoc/DigiDocConfig.h
@@ -0,0 +1,425 @@
+#ifndef __DIGI_DOC_CFG_H__
+#define __DIGI_DOC_CFG_H__
+//==================================================
+// FILE:	DigiDocCfonfig.h
+// PROJECT:     Digi Doc
+// DESCRIPTION: Digi Doc functions for configuration management
+// AUTHOR:  Veiko Sinivee, S|E|B IT Partner Estonia
+//==================================================
+// Copyright (C) AS Sertifitseerimiskeskus
+// This library is free software; you can redistribute it and/or
+// modify it under the terms of the GNU Lesser General Public
+// License as published by the Free Software Foundation; either
+// version 2.1 of the License, or (at your option) any later version.
+// This library is distributed in the hope that it will be useful,
+// but WITHOUT ANY WARRANTY; without even the implied warranty of
+// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
+// Lesser General Public License for more details.
+// GNU Lesser General Public Licence is available at
+// http://www.gnu.org/copyleft/lesser.html
+//==========< HISTORY >=============================
+//      08.01.2004      Veiko Sinivee
+//                      Creation
+//      20.03.2004      Added functions createOrReplacePrivateConfigItem()
+//                      writeConfigFile() and writePrivateConfigFile()
+//      20.03.2004      changed function notarizeSignature to check for PKCS12 arguments
+//==================================================
+
+#include <libdigidoc/DigiDocDefs.h>
+#include <libdigidoc/DigiDocLib.h>
+#include <time.h>
+
+#ifdef  __cplusplus
+extern "C" {
+#endif
+
+
+#include <openssl/x509.h>
+
+
+// item type
+#define ITEM_TYPE_UNKNOWN   0
+#define ITEM_TYPE_GLOBAL    1
+#define ITEM_TYPE_PRIVATE   2
+
+// used to mark modified items to then store all together in private config file
+#define ITEM_STATUS_UNKNOWN 0
+#define ITEM_STATUS_OK      1
+#define ITEM_STATUS_MODIFIED 2
+
+  // holds one configuration item
+  typedef struct ConfigItem_st {
+	char* szKey;		// items key
+	char* szValue;		// items value
+	int nType;                  // items type (system wide or private)
+	int nStatus;                // item status - clean/modified
+  } ConfigItem;
+    
+  // holds one certificate item
+  typedef struct CertificateItem_st {
+    char* szKey;		// items key
+    X509* pCert;		// certificate
+  } CertificateItem;
+
+  // array of configration items
+  typedef struct ConfigurationStore_st {
+	int nItems;
+	ConfigItem** pItems;
+    int nCerts;
+    CertificateItem** pCerts;
+  } ConfigurationStore;
+
+  //--------------------------------------------------
+  // Returns true (not 0) if config store structure has been inited
+  //--------------------------------------------------
+  EXP_OPTION int isConfigInited();
+
+  //--------------------------------------------------
+  // Initializes configuration store
+  // szConfigFile - name of config file. Use NULL for default
+  //--------------------------------------------------
+  EXP_OPTION int initConfigStore(const char* szConfigFile);
+
+  //--------------------------------------------------
+  // Cleans memory of configuration store
+  // pConfStore - configuration collection (use NULL for default)
+  //--------------------------------------------------
+  EXP_OPTION void cleanupConfigStore(ConfigurationStore *pConfStore);
+
+  //--------------------------------------------------
+  // Adds a new configration item
+  // pConfStore - configuration collection (use NULL for default)
+  // key - items key
+  // value - items value
+  // type - item type
+  // status - item status
+  // returns ERR_OK on success
+  //--------------------------------------------------
+  EXP_OPTION int addConfigItem(ConfigurationStore *pConfStore, const char* key, const char* value, int type, int status);
+    
+  //--------------------------------------------------
+  // Read ca and ocsp responder certs from files and cache in memory
+  //--------------------------------------------------
+  int initCertificateItems();
+    
+  //--------------------------------------------------
+  // Deletes configration item
+  // key - items key
+  // returns ERR_OK on success
+  //--------------------------------------------------
+  EXP_OPTION int ConfigItem_delete(const char* key);
+
+  //--------------------------------------------------
+  // Adds a new private configration item or modifies
+  // pConfStore - configuration collection (use NULL for default)
+  // an existing one
+  // key - items key
+  // value - items value
+  // returns ERR_OK on success
+  //--------------------------------------------------
+  EXP_OPTION int createOrReplacePrivateConfigItem(ConfigurationStore *pConfStore, const char* key, const char* value);
+
+  //--------------------------------------------------
+  // Finds a new configration items value by key
+  // key - items key
+  // returns value of config item or NULL if not found
+  //--------------------------------------------------
+  EXP_OPTION const char* ConfigItem_lookup(const char* key);
+
+  //--------------------------------------------------
+  // Finds a new configration items value by key from the store
+  // key - items key
+  // pConfStore - store to search in
+  // returns value of config item or NULL if not found
+  //--------------------------------------------------
+  EXP_OPTION const char* ConfigItem_lookup_fromStore(ConfigurationStore *pConfStore, const char* key);
+
+  //--------------------------------------------------
+  // Finds a all configration items that start with this prefix
+  // pConfStore - collection of found items
+  // prefix - item keys prefix
+  // returns error code or ERR_OK
+  //--------------------------------------------------
+  int ConfigItem_findByPrefix(ConfigurationStore *pConfStore, const char* prefix);
+
+  //--------------------------------------------------
+  // Finds a numeric configration items value by key
+  // key - items key
+  // defValue - default value to be returned
+  // returns value of config item or defValue if not found
+  //--------------------------------------------------
+  EXP_OPTION int ConfigItem_lookup_int(const char* key, int defValue);
+
+  //--------------------------------------------------
+  // Finds a bolean configration items value by key
+  // key - items key
+  // defValue - default value to be returned
+  // returns value of config item or defValue if not found
+  //--------------------------------------------------
+  EXP_OPTION int ConfigItem_lookup_bool(const char* key, int defValue);
+
+  //--------------------------------------------------
+  // Finds a new configration items value by key
+  // key - items key
+  // returns value of config item or NULL if not found
+  //--------------------------------------------------
+  EXP_OPTION const char* ConfigItem_lookup_str(const char* key, const char* defValue);
+
+  //--------------------------------------------------
+  // Reads and parses configuration file
+  // fileName - configuration file name
+  // type - type of config file global/private
+  // return error code or 0 for success
+  //--------------------------------------------------
+  EXP_OPTION int readConfigFile(const char* fileName, int type);
+
+  //--------------------------------------------------
+  // Writes a configuration file
+  // fileName - configuration file name
+  // type - type of config file global/private
+  // return error code or 0 for success
+  //--------------------------------------------------
+  EXP_OPTION int writeConfigFile(const char* fileName, int type);
+
+  //--------------------------------------------------
+  // Saves all private config items in correct file
+  // return error code or 0 for success
+  //--------------------------------------------------
+  EXP_OPTION int writePrivateConfigFile();
+
+  //--------------------------------------------------
+  // Sets a new name for private config file. Can be
+  // used to override default of env(HOME)/.digidoc.conf
+  // Use NULL to restore default value
+  //--------------------------------------------------
+  EXP_OPTION void setPrivateConfigFile(const char* fileName);
+
+  //--------------------------------------------------
+  // Finds CA certificate of the given certificate
+  // ppCA - address of found CA
+  // pCert - certificate whose CA we are looking for
+  // return error code or 0 for success
+  //  deprecated use findCAForCertificateAndSigTime()
+  //--------------------------------------------------
+  DIGIDOC_DEPRECATED EXP_OPTION int findCAForCertificate(X509** ppCA, const X509* pCert);
+
+    //--------------------------------------------------
+    // Finds CA certificate of the given certificate
+    // ppCA - address of found CA
+    // pCert - certificate whose CA we are looking for
+    // tSigTime - signature timestamp
+    // return error code or 0 for success
+    //--------------------------------------------------
+    EXP_OPTION int findCAForCertificateAndSigTime(X509** ppCA, const X509* pCert, time_t tSigTime);
+
+  //--------------------------------------------------
+  // Finds CA certificate by CN
+  // ppCA - address of found CA
+  // szCN - CA certs common name
+  // pHash - authority-key-identifier to search for CA
+  // return error code or 0 for success
+  // deprecated use findCAForCNAndSigTime()
+  //--------------------------------------------------
+  DIGIDOC_DEPRECATED EXP_OPTION int findCAForCN(X509** ppCA, const char* szCN, DigiDocMemBuf *pHash);
+
+    //--------------------------------------------------
+    // Finds CA certificate by CN
+    // ppCA - address of found CA
+    // szCN - CA certs common name
+    // pHash - authority-key-identifier to search for CA
+    // tSigTime - signing time or 0
+    // return error code or 0 for success
+    //--------------------------------------------------
+    EXP_OPTION int findCAForCNAndSigTime(X509** ppCA, const char* szCN, DigiDocMemBuf *pHash, time_t tSigTime);
+
+    //--------------------------------------------------
+    // Finds CA chain 
+    // ppChain - address of cert pointer array
+    // nMaxChain - index of last cert in returned array - 0 based
+    // szCN - CN of the first CA cert (not the child cert!)
+    // pCert - certificate to search ca-s for
+    // return error code or 0 for success
+    // deprecated use findCAChainForCNAndSigTime()
+    //--------------------------------------------------
+    DIGIDOC_DEPRECATED EXP_OPTION int findCAChainForCN(X509** ppChain, int* nMaxChain, const char* szCN, X509* pCert);
+
+    //--------------------------------------------------
+    // Finds CA chain 
+    // ppChain - address of cert pointer array
+    // nMaxChain - index of last cert in returned array - 0 based
+    // szCN - CN of the first CA cert (not the child cert!)
+    // pCert - certificate to search ca-s for
+    // tSigTime - signature timestamp
+    // return error code or 0 for success
+    //--------------------------------------------------
+    EXP_OPTION int findCAChainForCNAndSigTime(X509** ppChain, int* nMaxChain, const char* szCN, X509* pCert, time_t tSigTime);
+
+  //--------------------------------------------------
+  // Finds Responders certificate by CN
+  // ppResp - address of found cert
+  // szCN - Responder certs common name
+  // hash - responder certs hash in base64 form
+  // szCertSerial - specific serial number to search
+  // return error code or 0 for success
+  //--------------------------------------------------
+  EXP_OPTION int findResponder(X509** ppResp, const char* szCN, 
+			       const char* szHash, char* szCertSerial);
+
+  //--------------------------------------------------
+  // Finds Responders certificate by CN and index
+  // ppResp - address of found cert
+  // szCN - Responder certs common name
+  // hash - responder certs hash in base64
+  // nIdx - index of the certificate for this respnder. Starts at 0
+  // return error code or 0 for success
+  //--------------------------------------------------
+  EXP_OPTION int findResponderByCNAndHashAndIndex(X509** ppResp, const char* szCN, 
+						  const char* hash, int nIdx);
+
+  //--------------------------------------------------
+  // Finds Responder certificates CA certs CN
+  // caCN - buffer for responders CA CN
+  // len - length of buffer for CA CN
+  // szCN - responder certs common name
+  // hash - responder certs hash in base64 form
+  // return error code or 0 for success
+  //--------------------------------------------------
+  EXP_OPTION int findResponderCA(char* caCN, int len, const char* szCN, const char* hash);
+
+  //------------------------------------------
+  // Get a notary confirmation for signature
+  // pSigDoc - signed document pointer
+  // pSigInfo - signature to notarize
+  // returns error code
+  //------------------------------------------
+  EXP_OPTION int notarizeSignature(SignedDoc* pSigDoc, SignatureInfo* pSigInfo);
+
+  //------------------------------------------
+  // Get a notary confirmation for signature
+  // pSigDoc - signed document pointer
+  // pSigInfo - signature to notarize
+  // ip - callers ip address if known
+  // returns error code
+  //------------------------------------------
+  EXP_OPTION int notarizeSignatureWithIp(SignedDoc* pSigDoc, SignatureInfo* pSigInfo, unsigned long ip);
+
+  //--------------------------------------------------
+  // Signs the document and gets configrmation
+  // pSigDoc - signed document pointer
+  // ppSigInfo - address of new signature pointer
+  // pin - smart card PIN
+  // manifest - manifest / resolution (NULL)
+  // city - signers city (NULL)
+  // state - signers state (NULL)
+  // zip - signers postal code (NULL)
+  // country - signers country (NULL)
+  //--------------------------------------------------
+  EXP_OPTION int signDocument(SignedDoc* pSigDoc, SignatureInfo** ppSigInfo,
+		   const char* pin, const char* manifest,
+		   const char* city, const char* state,
+		   const char* zip, const char* country);
+
+  //--------------------------------------------------
+  // Signs the document and gets configrmation
+  // pSigDoc - signed document pointer
+  // ppSigInfo - address of new signature pointer
+  // pin - smart card PIN
+  // manifest - manifest / resolution (NULL)
+  // city - signers city (NULL)
+  // state - signers state (NULL)
+  // zip - signers postal code (NULL)
+  // country - signers country (NULL)
+  // signs with PKCS11
+  //--------------------------------------------------
+  EXP_OPTION int signDocumentWithSlot(SignedDoc* pSigDoc, SignatureInfo** ppSigInfo,
+                 const char* pin, const char* manifest,
+                 const char* city, const char* state,
+                 const char* zip, const char* country, 
+				 int nSlot, int nOcsp, int nSigner);
+    
+  //--------------------------------------------------
+  // Signs the document and gets configrmation
+  // pSigDoc - signed document pointer
+  // ppSigInfo - address of new signature pointer
+  // pin - smart card PIN
+  // manifest - manifest / resolution (NULL)
+  // city - signers city (NULL)
+  // state - signers state (NULL)
+  // zip - signers postal code (NULL)
+  // country - signers country (NULL)
+  // nSigner - 1=PKCS11, 2=CNG (Microsoft CAPI), 3=PKCS#12
+  // szPkcs12FileName - PKCS#12 file name to be used for signing (required if nSigner=3)
+  //--------------------------------------------------
+  EXP_OPTION int signDocumentWithSlotAndSigner(SignedDoc* pSigDoc, SignatureInfo** ppSigInfo,
+                                                 const char* pin, const char* manifest,
+                                                 const char* city, const char* state,
+                                                 const char* zip, const char* country, 
+                                                 int nSlot, int nOcsp, int nSigner,
+                                                 const char* szPkcs12FileName);
+
+  //--------------------------------------------------
+  // Verify this notary
+  // pSigDoc - signed document pointer
+  // pNotInfo - notary to verify
+  // returns error code
+  //--------------------------------------------------
+  int verifyNotary(SignedDoc* pSigDoc, SignatureInfo* pSigInfo, NotaryInfo* pNotInfo);
+
+  //--------------------------------------------------
+  // Verify this signature and it's notary
+  // pSigDoc - signed document pointer
+  // pSigInfo - signature to verify
+  // szFileName - input digidoc filename
+  // returns error code
+  //--------------------------------------------------
+  EXP_OPTION int verifySignatureAndNotary(SignedDoc* pSigDoc, SignatureInfo* pSigInfo, const char* szFileName);
+
+  //--------------------------------------------------
+  // Extract common name from cert DN or responder id
+  // src - DN
+  // dest - buffer for CN
+  // destLen - size of output buffer in bytes
+  //--------------------------------------------------
+  int findCN(char* src, char* dest, int destLen);
+
+  //------------------------------------------
+  // Verify certificate by OCSP
+  // pCert - certificate to check
+  // ppResp - address to return OCSP response. Use NULL if
+  // you don't want OCSP response to be returned
+  // returns error code
+  //------------------------------------------
+  EXP_OPTION int ddocVerifyCertByOCSP(X509* pCert, OCSP_RESPONSE **ppResp);
+
+  //------------------------------------------
+  // Verify certificate by OCSP
+  // pCert - certificate to check
+  // ppResp - address to return OCSP response. Use NULL if
+  // you don't want OCSP response to be returned
+  // returns error code
+  //------------------------------------------
+  EXP_OPTION int ddocVerifyCertByOCSPWithIp(X509* pCert, OCSP_RESPONSE **ppResp, unsigned long ip);
+
+  //------------------------------------------
+  // Reads an arbitrary file into memory buffer
+  // szFileName - file name and path
+  // pData - memory buffer object
+  // returns error code
+  //------------------------------------------
+  EXP_OPTION int ddocReadFile(const char* szFileName, DigiDocMemBuf* pData);
+
+  //------------------------------------------
+  // Writes an arbitrary file into memory buffer
+  // szFileName - file name and path
+  // pData - memory buffer object
+  // returns error code
+  //------------------------------------------
+  EXP_OPTION int ddocWriteFile(const char* szFileName, DigiDocMemBuf* pData);
+	
+
+#ifdef  __cplusplus
+}
+#endif
+
+
+#endif // __DIGI_DOC_CFG_H__
author	Andrew Shadura <andrewsh@debian.org>	2015-11-01 19:41:28 +0100
committer	Andrew Shadura <andrewsh@debian.org>	2015-11-01 19:41:28 +0100
commit	61c1a106bd81794f48e4cd85bae129f9270279e8 (patch)
tree	29ecf644c4a13c2645bd8067e66ae8944dd2daf9 /libdigidoc/DigiDocConfig.h