summaryrefslogtreecommitdiff
path: root/libdigidoc/DigiDocEnc.h
diff options
context:
space:
mode:
authorAndrew Shadura <andrewsh@debian.org>2015-11-01 19:41:28 +0100
committerAndrew Shadura <andrewsh@debian.org>2015-11-01 19:41:28 +0100
commit61c1a106bd81794f48e4cd85bae129f9270279e8 (patch)
tree29ecf644c4a13c2645bd8067e66ae8944dd2daf9 /libdigidoc/DigiDocEnc.h
libdigidoc (3.10.1.1208-1) unstable; urgency=medium
* Initial upload (Closes: #658300). # imported from the archive
Diffstat (limited to 'libdigidoc/DigiDocEnc.h')
-rw-r--r--libdigidoc/DigiDocEnc.h917
1 files changed, 917 insertions, 0 deletions
diff --git a/libdigidoc/DigiDocEnc.h b/libdigidoc/DigiDocEnc.h
new file mode 100644
index 0000000..2f7ab9b
--- /dev/null
+++ b/libdigidoc/DigiDocEnc.h
@@ -0,0 +1,917 @@
+#ifndef __DIGIDOC_ENC_H__
+#define __DIGIDOC_ENC_H__
+//==================================================
+// FILE: DigiDocEnc.h
+// PROJECT: Digi Doc Encryption
+// DESCRIPTION: DigiDocEnc structures
+// AUTHOR: Veiko Sinivee, S|E|B IT Partner Estonia
+//==================================================
+// Copyright (C) AS Sertifitseerimiskeskus
+// This library is free software; you can redistribute it and/or
+// modify it under the terms of the GNU Lesser General Public
+// License as published by the Free Software Foundation; either
+// version 2.1 of the License, or (at your option) any later version.
+// This library is distributed in the hope that it will be useful,
+// but WITHOUT ANY WARRANTY; without even the implied warranty of
+// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
+// Lesser General Public License for more details.
+// GNU Lesser General Public Licence is available at
+// http://www.gnu.org/copyleft/lesser.html
+//==========< HISTORY >=============================
+// 15.09.2004 Veiko Sinivee
+// Creation
+//==================================================
+
+#include <openssl/x509.h>
+#include <libdigidoc/DigiDocMem.h>
+#include <libdigidoc/DigiDocConfig.h>
+#include <libdigidoc/DigiDocDefs.h>
+
+#ifdef __cplusplus
+extern "C" {
+#endif
+
+
+typedef struct DEncEncryptionProperty_st {
+ char* szId; // Id atribute value if present
+ char* szTarget; // Target atribute value if present
+ char* szName; // "name" atribute value if present - used in our implementation
+ char* szContent; // element content if used
+ // TODO - other atributes ?
+} DEncEncryptionProperty;
+
+typedef struct DEncEncryptionProperties_st {
+ char* szId; // Id atribute value if present
+ DEncEncryptionProperty** arrEncryptionProperties; // array of EncryptionProperty pointers
+ int nEncryptionProperties; // number of EncryptionProperty objects
+} DEncEncryptionProperties;
+
+
+typedef struct DEncEncrytedKey_st {
+ char* szId; // Id atribute value if present
+ char* szRecipient; // Recipient atribute value if present
+ char* szEncryptionMethod; // EncryptionMethod element value
+ char* szKeyName; // KeyName element value if used
+ char* szCarriedKeyName; // CarriedKeyName element value if used
+ X509* pCert; // receivers certificate - required in our implementation!
+ DigiDocMemBuf mbufTransportKey; // encrypted transport key
+} DEncEncryptedKey;
+
+typedef struct DEncEncrytedData_st {
+ char* szId; // Id atribute value if present
+ char* szType; // Type atribute value if present
+ char* szMimeType; // MimeType atribute value if present
+ char* szEncryptionMethod; // EncryptionMethod element value
+ char* szXmlNs; // XML namespace
+ DEncEncryptedKey ** arrEncryptedKeys;
+ int nEncryptedKeys;
+ DigiDocMemBuf mbufEncryptedData;
+ DEncEncryptionProperties encProperties;
+
+ // private transient fields
+ DigiDocMemBuf mbufTransportKey; // unencrypted transport key
+ char initVector[16];
+ // flags
+ int nDataStatus;
+ int nKeyStatus;
+} DEncEncryptedData;
+
+typedef struct DEncRecvInfo_st {
+ char* szId; // Id of recipient
+ char* szRecipient; // Recipient atribute value if present
+ char* szKeyName; // KeyName element value if used
+ char* szCarriedKeyName; // CarriedKeyName element value if used
+ X509* pCert; // receivers certificate - required in our implementation!
+} DEncRecvInfo;
+
+typedef struct DEncRecvInfoList_st {
+ int nItems;
+ DEncRecvInfo** pItems;
+} DEncRecvInfoList;
+
+
+
+#define DENC_DATA_STATUS_UNINITIALIZED 0
+#define DENC_DATA_STATUS_UNENCRYPTED_AND_NOT_COMPRESSED 1
+#define DENC_DATA_STATUS_UNENCRYPTED_AND_COMPRESSED 2
+#define DENC_DATA_STATUS_ENCRYPTED_AND_NOT_COMPRESSED 3
+#define DENC_DATA_STATUS_ENCRYPTED_AND_COMPRESSED 4
+
+#define DENC_KEY_STATUS_UNINITIALIZED 0
+#define DENC_KEY_STATUS_INITIALIZED 1
+#define DENC_KEY_STATUS_DISCARDED 2
+
+#define ENCPROP_FILENAME "Filename"
+#define ENCPROP_ORIG_SIZE "OriginalSize"
+#define ENCPROP_ORIG_MIME "OriginalMimeType"
+#define ENCPROP_ORIG_CONTENT "orig_file"
+#define ENCPROP_LIB_VERSION "LibraryVersion"
+#define ENCPROP_DOC_FORMAT "DocumentFormat"
+
+#define DENC_FORMAT_ENCDOC_XML "ENCDOC-XML"
+#define DENC_VERSION_1_0 "1.0"
+#define DENC_VERSION_1_1 "1.1"
+
+#define DENC_COMPRESS_ALLWAYS 0
+#define DENC_COMPRESS_NEVER 1
+#define DENC_COMPRESS_BEST_EFFORT 2
+
+#define DENC_ENCRYPTED_KEY_LEN 128
+#define DENC_DECRYPTED_KEY_LEN 16
+
+#define ENCRYPT 1
+#define DECRYPT 0
+
+#define DENC_ENCDATA_TYPE_DDOC "http://www.sk.ee/DigiDoc/v1.3.0/digidoc.xsd"
+
+#define DENC_ENCDATA_MIME_XML "text/xml"
+#define DENC_ENCDATA_MIME_ZLIB "http://www.isi.edu/in-noes/iana/assignments/media-types/application/zip"
+
+#define DENC_ENC_METHOD_AES128 "http://www.w3.org/2001/04/xmlenc#aes128-cbc"
+#define DENC_ENC_METHOD_RSA1_5 "http://www.w3.org/2001/04/xmlenc#rsa-1_5"
+#define DENC_ENC_METHOD_RSA1_5_BUGGY "http://www.w3.org/2001/04/xmlenc#rsa-1-5"
+#define DENC_XMLNS_XMLENC "http://www.w3.org/2001/04/xmlenc#"
+#define DENC_XMLNS_XMLENC_ELEMENT "http://www.w3.org/2001/04/xmlenc#Element"
+#define DENC_XMLNS_XMLENC_CONTENT "http://www.w3.org/2001/04/xmlenc#Content"
+#define DENC_XMLNS_XMLENC_ENCPROP "http://www.w3.org/2001/04/xmlenc#EncryptionProperties"
+#define DENC_XMLNS_XMLDSIG "http://www.w3.org/2000/09/xmldsig#"
+
+
+//======================< DEncEncryptedData >==============================
+
+ //--------------------------------------------------
+ // "Constructor" of DEncEncryptedData object
+ // pEncData - address of buffer for newly allocated object [REQUIRED]
+ // szXmlNs - XML namespace uri [REQUIRED]
+ // szEncMethod - encyrption method algorithm uri [REQUIRED]
+ // szId - elements Id attribute [OPTIONAL]
+ // szType - elements type atribute [OPTIONAL]
+ // szMimeType - elements mime-type attribute [OPTIONAL]
+ // returns error code or ERR_OK
+ //--------------------------------------------------
+ EXP_OPTION int dencEncryptedData_new(DEncEncryptedData** ppEncData,
+ const char* szXmlNs, const char* szEncMethod,
+ const char* szId, const char* szType,
+ const char* szMimeType);
+
+ //--------------------------------------------------
+ // "Destructor" of DEncEncryptedData object
+ // pEncData - address of object to be deleted [REQUIRED]
+ // returns error code or ERR_OK
+ //--------------------------------------------------
+ EXP_OPTION int dencEncryptedData_free(DEncEncryptedData* pEncData);
+
+ //--------------------------------------------------
+ // Checks if this cdoc has embedded ddoc
+ // pEncData - address of object to be deleted [REQUIRED]
+ // returns 1 if true
+ //--------------------------------------------------
+ EXP_OPTION int dencEncryptedData_IsDdoc(DEncEncryptedData* pEncData);
+
+
+//======================< DEncEncryptedData - accessors >===================
+
+ //--------------------------------------------------
+ // Accessor for Id atribute of DEncEncryptedData object.
+ // pEncData - pointer to DEncEncryptedData object [REQUIRED]
+ // returns value of atribute or NULL.
+ //--------------------------------------------------
+ EXP_OPTION const char* dencEncryptedData_GetId(DEncEncryptedData* pEncData);
+
+ //--------------------------------------------------
+ // Accessor for Type atribute of DEncEncryptedData object.
+ // pEncData - pointer to DEncEncryptedData object [REQUIRED]
+ // returns value of atribute or NULL.
+ //--------------------------------------------------
+ EXP_OPTION const char* dencEncryptedData_GetType(DEncEncryptedData* pEncData);
+
+ //--------------------------------------------------
+ // Accessor for MimeType atribute of DEncEncryptedData object.
+ // pEncData - pointer to DEncEncryptedData object [REQUIRED]
+ // returns value of atribute or NULL.
+ //--------------------------------------------------
+ EXP_OPTION const char* dencEncryptedData_GetMimeType(DEncEncryptedData* pEncData);
+
+ //--------------------------------------------------
+ // Accessor for xmlns atribute of DEncEncryptedData object.
+ // pEncData - pointer to DEncEncryptedData object [REQUIRED]
+ // returns value of atribute or NULL.
+ //--------------------------------------------------
+ EXP_OPTION const char* dencEncryptedData_GetXmlNs(DEncEncryptedData* pEncData);
+
+ //--------------------------------------------------
+ // Accessor for EncryptionMethod subelement of DEncEncryptedData object.
+ // pEncData - pointer to DEncEncryptedData object [REQUIRED]
+ // returns value of atribute or NULL.
+ //--------------------------------------------------
+ EXP_OPTION const char* dencEncryptedData_GetEncryptionMethod(DEncEncryptedData* pEncData);
+
+ //--------------------------------------------------
+ // Accessor for Id atribute of EncryptionProperties subelement of DEncEncryptedData object.
+ // pEncData - pointer to DEncEncryptedData object [REQUIRED]
+ // returns value of atribute or NULL.
+ //--------------------------------------------------
+ EXP_OPTION const char* dencEncryptedData_GetEncryptionPropertiesId(DEncEncryptedData* pEncData);
+
+ //--------------------------------------------------
+ // Accessor for count of EncryptionProperties subelement of DEncEncryptedData object.
+ // pEncData - pointer to DEncEncryptedData object [REQUIRED]
+ // returns count or -1 for error. Then use error API to check errors
+ //--------------------------------------------------
+ EXP_OPTION int dencEncryptedData_GetEncryptionPropertiesCount(DEncEncryptedData* pEncData);
+
+ //--------------------------------------------------
+ // Accessor for EncryptionProperties subelement of DEncEncryptedData object.
+ // pEncData - pointer to DEncEncryptedData object [REQUIRED]
+ // nIdx - index of EncryptionProperty object [REQUIRED]
+ // returns EncryptionProperty pointer or NULL for error
+ //--------------------------------------------------
+ EXP_OPTION DEncEncryptionProperty* dencEncryptedData_GetEncryptionProperty(DEncEncryptedData* pEncData, int nIdx);
+
+ //--------------------------------------------------
+ // Retrieves the last EncryptionProperty subelement of DEncEncryptedData object.
+ // pEncData - pointer to DEncEncryptedData object [REQUIRED]
+ // returns EncryptionProperty pointer or NULL for error
+ //--------------------------------------------------
+ EXP_OPTION DEncEncryptionProperty* dencEncryptedData_GetLastEncryptionProperty(DEncEncryptedData* pEncData);
+
+ //--------------------------------------------------
+ // Finds EncryptionProperty by Name atribute
+ // pEncData - pointer to DEncEncryptedData object [REQUIRED]
+ // name - name of searched property
+ // returns EncryptionProperty pointer or NULL for error
+ //--------------------------------------------------
+ EXP_OPTION DEncEncryptionProperty* dencEncryptedData_FindEncryptionPropertyByName(DEncEncryptedData* pEncData, const char* name);
+
+ //--------------------------------------------------
+ // Accessor for count of EncryptedKey subelement of DEncEncryptedData object.
+ // pEncData - pointer to DEncEncryptedData object [REQUIRED]
+ // returns count or -1 for error. Then use error API to check errors
+ //--------------------------------------------------
+ EXP_OPTION int dencEncryptedData_GetEncryptedKeyCount(DEncEncryptedData* pEncData);
+
+ //--------------------------------------------------
+ // Accessor for EncryptedKey subelement of DEncEncryptedData object.
+ // pEncData - pointer to DEncEncryptedData object [REQUIRED]
+ // nIdx - index of EncryptedKey object [REQUIRED]
+ // returns EncryptedKey pointer or NULL for error
+ //--------------------------------------------------
+ EXP_OPTION DEncEncryptedKey* dencEncryptedData_GetEncryptedKey(DEncEncryptedData* pEncData, int nIdx);
+
+ //--------------------------------------------------
+ // Searches an EncryptedKey by recipients name
+ // pEncData - pointer to DEncEncryptedData object [REQUIRED]
+ // recipient - recipient name used to search the key [REQUIRED]
+ // returns EncryptedKey pointer or NULL for error
+ //--------------------------------------------------
+ EXP_OPTION DEncEncryptedKey* dencEncryptedData_FindEncryptedKeyByRecipient(DEncEncryptedData* pEncData, const char* recipient);
+
+ //--------------------------------------------------
+ // Searches an EncryptedKey by certs CN field
+ // pEncData - pointer to DEncEncryptedData object [REQUIRED]
+ // cn - cert CN used to search the key [REQUIRED]
+ // returns EncryptedKey pointer or NULL for error
+ //--------------------------------------------------
+ EXP_OPTION DEncEncryptedKey* dencEncryptedData_FindEncryptedKeyByCN(DEncEncryptedData* pEncData, const char* cn);
+
+ //--------------------------------------------------
+ // Accessor for EncryptedKey subelement of DEncEncryptedData object.
+ // pEncData - pointer to DEncEncryptedData object [REQUIRED]
+ // returns EncryptedKey pointer or NULL for error
+ //--------------------------------------------------
+ EXP_OPTION DEncEncryptedKey* dencEncryptedData_GetLastEncryptedKey(DEncEncryptedData* pEncData);
+
+ //--------------------------------------------------
+ // Accessor for encrypted data.
+ // pEncData - pointer to DEncEncryptedData object [REQUIRED]
+ // ppBuf - address for encrypted data pointer [REQUIRED]
+ // returns error code or ERR_OK
+ //--------------------------------------------------
+ EXP_OPTION int dencEncryptedData_GetEncryptedData(DEncEncryptedData* pEncData, DigiDocMemBuf** ppBuf);
+
+ //--------------------------------------------------
+ // Accessor for encrypted data status flag.
+ // pEncData - pointer to DEncEncryptedData object [REQUIRED]
+ // returns status or -1 for error. Then use error API to check errors
+ //--------------------------------------------------
+ EXP_OPTION int dencEncryptedData_GetEncryptedDataStatus(DEncEncryptedData* pEncData);
+
+
+//======================< DEncEncryptedData - mutators >===================
+
+ //--------------------------------------------------
+ // Mutatoror for Id atribute of DEncEncryptedData object.
+ // pEncData - pointer to DEncEncryptedData object [REQUIRED]
+ // value - new value for atribute [REQUIRED]
+ // returns error code or ERR_OK
+ //--------------------------------------------------
+ EXP_OPTION int dencEncryptedData_SetId(DEncEncryptedData* pEncData, const char* value);
+
+ //--------------------------------------------------
+ // Mutatoror for Type atribute of DEncEncryptedData object.
+ // pEncData - pointer to DEncEncryptedData object [REQUIRED]
+ // value - new value for atribute [REQUIRED]
+ // returns error code or ERR_OK
+ //--------------------------------------------------
+ EXP_OPTION int dencEncryptedData_SetType(DEncEncryptedData* pEncData, const char* value);
+
+ //--------------------------------------------------
+ // Mutatoror for MimeType atribute of DEncEncryptedData object.
+ // pEncData - pointer to DEncEncryptedData object [REQUIRED]
+ // value - new value for atribute [REQUIRED]
+ // returns error code or ERR_OK
+ //--------------------------------------------------
+ EXP_OPTION int dencEncryptedData_SetMimeType(DEncEncryptedData* pEncData, const char* value);
+
+ //--------------------------------------------------
+ // Mutatoror for xmlns atribute of DEncEncryptedData object.
+ // pEncData - pointer to DEncEncryptedData object [REQUIRED]
+ // value - new value for atribute [REQUIRED]
+ // returns error code or ERR_OK
+ //--------------------------------------------------
+ EXP_OPTION int dencEncryptedData_SetXmlNs(DEncEncryptedData* pEncData, const char* value);
+
+ //--------------------------------------------------
+ // Mutatoror for EncryptionMethod subelement of DEncEncryptedData object.
+ // pEncData - pointer to DEncEncryptedData object [REQUIRED]
+ // value - new value for atribute [REQUIRED]
+ // returns error code or ERR_OK
+ //--------------------------------------------------
+ EXP_OPTION int dencEncryptedData_SetEncryptionMethod(DEncEncryptedData* pEncData, const char* value);
+
+ //--------------------------------------------------
+ // Adds unencrypted data to encrypted data element
+ // waiting to be encrypted in next steps
+ // pEncData - pointer to DEncEncryptedData object [REQUIRED]
+ // data - new unencrypted data [REQUIRED]
+ // len - length of data. Use -1 for null terminated strings [REQUIRED]
+ // returns error code or ERR_OK
+ //--------------------------------------------------
+ EXP_OPTION int dencEncryptedData_AppendData(DEncEncryptedData* pEncData, const char* data, int len);
+
+ //--------------------------------------------------
+ // Mutatoror for Id atribute of EncryptionProperties subelement of DEncEncryptedData object.
+ // pEncData - pointer to DEncEncryptedData object [REQUIRED]
+ // value - new value for atribute [REQUIRED]
+ // returns error code or ERR_OK
+ //--------------------------------------------------
+ EXP_OPTION int dencEncryptedData_SetEncryptionPropertiesId(DEncEncryptedData* pEncData, const char* value);
+
+ //--------------------------------------------------
+ // Deletes EncryptionProperties subelement of DEncEncryptedData object.
+ // pEncData - pointer to DEncEncryptedData object [REQUIRED]
+ // nIdx - index of EncryptionProperty object to be removed [REQUIRED]
+ // returns error code or ERR_OK
+ //--------------------------------------------------
+ EXP_OPTION int dencEncryptedData_DeleteEncryptionProperty(DEncEncryptedData* pEncData, int nIdx);
+
+ //--------------------------------------------------
+ // Deletes EncryptedKey subelement of DEncEncryptedData object.
+ // pEncData - pointer to DEncEncryptedData object [REQUIRED]
+ // nIdx - index of EncryptedKey object to be removed [REQUIRED]
+ // returns error code or ERR_OK
+ //--------------------------------------------------
+ EXP_OPTION int dencEncryptedData_DeleteEncryptedKey(DEncEncryptedData* pEncData, int nIdx);
+
+
+//======================< DEncEncryptionProperty >===================
+
+ //--------------------------------------------------
+ // "Constructor" for EncryptionProperty
+ // pEncData - pointer to DEncEncryptedData object [REQUIRED]
+ // pEncProperty - address of buffer for new property object [REQUIRED]
+ // szId - Id atribute of EncryptionProperty [OPTIONAL]
+ // szTarget - Target atribute of EncryptionProperty [OPTIONAL]
+ // szName - name atribute of EncryptionProperty [OPTIONAL]
+ // szContent - content of EncryptionProperty [OPTIONAL]
+ // returns error code or ERR_OK
+ //--------------------------------------------------
+ EXP_OPTION int dencEncryptionProperty_new(DEncEncryptedData* pEncData,
+ DEncEncryptionProperty** pEncProperty,
+ const char* szId, const char* szTarget,
+ const char* szName, const char* szContent);
+
+ //--------------------------------------------------
+ // "Destructor" for EncryptionProperty
+ // pEncProperty - address of buffer for new property object [REQUIRED]
+ // returns error code or ERR_OK
+ //--------------------------------------------------
+ EXP_OPTION int dencEncryptionProperty_free(DEncEncryptionProperty* pEncProperty);
+
+//======================< DEncEncryptionProperty - accessors >===================
+
+ //--------------------------------------------------
+ // Accessor for Id atribute of EncryptionProperty object.
+ // pEncProp - pointer to DEncEncryptionProperty object [REQUIRED]
+ // returns value of atribute or NULL.
+ //--------------------------------------------------
+ EXP_OPTION const char* dencEncryptionProperty_GetId(DEncEncryptionProperty* pEncProp);
+
+ //--------------------------------------------------
+ // Accessor for Target atribute of EncryptionProperty object.
+ // pEncProp - pointer to DEncEncryptionProperty object [REQUIRED]
+ // returns value of atribute or NULL.
+ //--------------------------------------------------
+ EXP_OPTION const char* dencEncryptionProperty_GetTarget(DEncEncryptionProperty* pEncProp);
+
+ //--------------------------------------------------
+ // Accessor for Name atribute of EncryptionProperty object.
+ // pEncProp - pointer to DEncEncryptionProperty object [REQUIRED]
+ // returns value of atribute or NULL.
+ //--------------------------------------------------
+ EXP_OPTION const char* dencEncryptionProperty_GetName(DEncEncryptionProperty* pEncProp);
+
+ //--------------------------------------------------
+ // Accessor for content of EncryptionProperty object.
+ // pEncProp - pointer to DEncEncryptionProperty object [REQUIRED]
+ // returns value of atribute or NULL.
+ //--------------------------------------------------
+ EXP_OPTION const char* dencEncryptionProperty_GetContent(DEncEncryptionProperty* pEncProp);
+
+//======================< DEncEncryptionProperty - mutators >===================
+
+ //--------------------------------------------------
+ // Mutatoror for Id atribute of DEncEncryptionProperty object.
+ // pEncProp - pointer to DEncEncryptionProperty object [REQUIRED]
+ // value - new value for atribute [REQUIRED]
+ // returns error code or ERR_OK
+ //--------------------------------------------------
+ EXP_OPTION int dencEncryptionProperty_SetId(DEncEncryptionProperty* pEncProp, const char* value);
+
+ //--------------------------------------------------
+ // Mutatoror for Target atribute of DEncEncryptionProperty object.
+ // pEncProp - pointer to DEncEncryptionProperty object [REQUIRED]
+ // value - new value for atribute [REQUIRED]
+ // returns error code or ERR_OK
+ //--------------------------------------------------
+ EXP_OPTION int dencEncryptionProperty_SetTarget(DEncEncryptionProperty* pEncProp, const char* value);
+
+ //--------------------------------------------------
+ // Mutatoror for Name atribute of DEncEncryptionProperty object.
+ // pEncProp - pointer to DEncEncryptionProperty object [REQUIRED]
+ // value - new value for atribute [REQUIRED]
+ // returns error code or ERR_OK
+ //--------------------------------------------------
+ EXP_OPTION int dencEncryptionProperty_SetName(DEncEncryptionProperty* pEncProp, const char* value);
+
+ //--------------------------------------------------
+ // Mutatoror for content of DEncEncryptionProperty object.
+ // pEncProp - pointer to DEncEncryptionProperty object [REQUIRED]
+ // value - new value for atribute [REQUIRED]
+ // returns error code or ERR_OK
+ //--------------------------------------------------
+ EXP_OPTION int dencEncryptionProperty_SetContent(DEncEncryptionProperty* pEncProp, const char* value);
+
+
+//======================< DEncEncryptedKey >===================
+
+ //--------------------------------------------------
+ // "Constructor" for EncryptedKey
+ // Encrypts the transport key for a receiver
+ // and stores encrypted key in memory
+ // Call this function repeatedly for all receivers,
+ // pEncData - pointer to DEncEncryptedData object [REQUIRED]
+ // pEncKey - address of buffer for new encrypted key object [REQUIRED]
+ // pCert - recevers certificate [REQUIRED]
+ // szEncMethod - encryption method [REQUIRED]
+ // szId - Id atribute of EncryptedKey [OPTIONAL]
+ // szRecipient - Recipient atribute of EncryptedKey [OPTIONAL]
+ // szKeyName - KeyName subelement of EncryptedKey [OPTIONAL]
+ // szCarriedKeyName - CarriedKeyName subelement of EncryptedKey [OPTIONAL]
+ // returns error code or ERR_OK
+ //--------------------------------------------------
+ EXP_OPTION int dencEncryptedKey_new(DEncEncryptedData* pEncData,
+ DEncEncryptedKey** pEncKey, X509* pCert,
+ const char* szEncMethod, const char* szId,
+ const char* szRecipient, const char* szKeyName,
+ const char* szCarriedKeyName);
+
+ //--------------------------------------------------
+ // "Destructor" for EncryptedKey
+ // pEncKey - address of buffer for new encrypted key object [REQUIRED]
+ // returns error code or ERR_OK
+ //--------------------------------------------------
+ EXP_OPTION int dencEncryptedKey_free(DEncEncryptedKey* pEncKey);
+
+//======================< DEncEncryptedKey - acessors >===================
+
+ //--------------------------------------------------
+ // Accessor for Id atribute of DEncEncryptedKey object.
+ // pEncKey - pointer to DEncEncryptedKey object [REQUIRED]
+ // returns value of atribute or NULL.
+ //--------------------------------------------------
+ EXP_OPTION const char* dencEncryptedKey_GetId(DEncEncryptedKey* pEncKey);
+
+ //--------------------------------------------------
+ // Accessor for Recipient atribute of DEncEncryptedKey object.
+ // pEncKey - pointer to DEncEncryptedKey object [REQUIRED]
+ // returns value of atribute or NULL.
+ //--------------------------------------------------
+ EXP_OPTION const char* dencEncryptedKey_GetRecipient(DEncEncryptedKey* pEncKey);
+
+ //--------------------------------------------------
+ // Accessor for EncryptionMethod subelement of DEncEncryptedKey object.
+ // pEncKey - pointer to DEncEncryptedKey object [REQUIRED]
+ // returns value of atribute or NULL.
+ //--------------------------------------------------
+ EXP_OPTION const char* dencEncryptedKey_GetEncryptionMethod(DEncEncryptedKey* pEncKey);
+
+ //--------------------------------------------------
+ // Accessor for KeyName subelement of DEncEncryptedKey object.
+ // pEncKey - pointer to DEncEncryptedKey object [REQUIRED]
+ // returns value of atribute or NULL.
+ //--------------------------------------------------
+ EXP_OPTION const char* dencEncryptedKey_GetKeyName(DEncEncryptedKey* pEncKey);
+
+ //--------------------------------------------------
+ // Accessor for CarriedKeyName subelement of DEncEncryptedKey object.
+ // pEncKey - pointer to DEncEncryptedKey object [REQUIRED]
+ // returns value of atribute or NULL.
+ //--------------------------------------------------
+ EXP_OPTION const char* dencEncryptedKey_GetCarriedKeyName(DEncEncryptedKey* pEncKey);
+
+ //--------------------------------------------------
+ // Accessor for certificate of DEncEncryptedKey object.
+ // pEncKey - pointer to DEncEncryptedKey object [REQUIRED]
+ // returns value of atribute or NULL.
+ //--------------------------------------------------
+ EXP_OPTION X509* dencEncryptedKey_GetCertificate(DEncEncryptedKey* pEncKey);
+
+//======================< DEncEncryptedKey - mutators >===================
+
+ //--------------------------------------------------
+ // Mutatoror for Id atribute of DEncEncryptedKey object.
+ // pEncKey - pointer to DEncEncryptedKey object [REQUIRED]
+ // value - new value for atribute [REQUIRED]
+ // returns error code or ERR_OK
+ //--------------------------------------------------
+ EXP_OPTION int dencEncryptedKey_SetId(DEncEncryptedKey* pEncKey, const char* value);
+
+ //--------------------------------------------------
+ // Mutatoror for Recipient atribute of DEncEncryptedKey object.
+ // pEncKey - pointer to DEncEncryptedKey object [REQUIRED]
+ // value - new value for atribute [REQUIRED]
+ // returns error code or ERR_OK
+ //--------------------------------------------------
+ EXP_OPTION int dencEncryptedKey_SetRecipient(DEncEncryptedKey* pEncKey, const char* value);
+
+ //--------------------------------------------------
+ // Mutatoror for EncryptionMethod subelement of DEncEncryptedKey object.
+ // pEncKey - pointer to DEncEncryptedKey object [REQUIRED]
+ // value - new value for atribute [REQUIRED]
+ // returns error code or ERR_OK
+ //--------------------------------------------------
+ EXP_OPTION int dencEncryptedKey_SetEncryptionMethod(DEncEncryptedKey* pEncKey, const char* value);
+
+ //--------------------------------------------------
+ // Mutatoror for KeyName subelement of DEncEncryptedKey object.
+ // pEncKey - pointer to DEncEncryptedKey object [REQUIRED]
+ // value - new value for atribute [REQUIRED]
+ // returns error code or ERR_OK
+ //--------------------------------------------------
+ EXP_OPTION int dencEncryptedKey_SetKeyName(DEncEncryptedKey* pEncKey, const char* value);
+
+ //--------------------------------------------------
+ // Mutatoror for CarriedKeyName subelement of DEncEncryptedKey object.
+ // pEncKey - pointer to DEncEncryptedKey object [REQUIRED]
+ // value - new value for atribute [REQUIRED]
+ // returns error code or ERR_OK
+ //--------------------------------------------------
+ EXP_OPTION int dencEncryptedKey_SetCarriedKeyName(DEncEncryptedKey* pEncKey, const char* value);
+
+ //--------------------------------------------------
+ // Mutatoror for certificate of DEncEncryptedKey object.
+ // pEncKey - pointer to DEncEncryptedKey object [REQUIRED]
+ // value - new value for atribute [REQUIRED]
+ // returns error code or ERR_OK
+ //--------------------------------------------------
+ EXP_OPTION int dencEncryptedKey_SetCertificate(DEncEncryptedKey* pEncKey, X509* value);
+
+//==========< general crypto functions >============
+
+ //--------------------------------------------------
+ // Locates the correct EncryptedKey object by reading
+ // users certificate from smartcard and searching the
+ // right EncryptedKey object
+ // pEncData - pointer to DEncEncryptedData object [REQUIRED]
+ // ppEncKey - address of a buffer for EncryptedKey pointer [REQUIRED]
+ // returns error code or ERR_OK
+ //--------------------------------------------------
+ EXP_OPTION int dencEncryptedData_findEncryptedKeyByPKCS11(DEncEncryptedData* pEncData, DEncEncryptedKey** ppEncKey);
+
+ //--------------------------------------------------
+ // Locates the correct EncryptedKey object by reading
+ // users certificate from smartcard and searching the
+ // right EncryptedKey object
+ // pEncData - pointer to DEncEncryptedData object [REQUIRED]
+ // ppEncKey - address of a buffer for EncryptedKey pointer [REQUIRED]
+ // nSlot - slot nr
+ // returns error code or ERR_OK
+ //--------------------------------------------------
+ EXP_OPTION int dencEncryptedData_findEncryptedKeyByPKCS11UsingSlot(DEncEncryptedData* pEncData, DEncEncryptedKey** ppEncKey, int nSlot);
+
+ //--------------------------------------------------
+ // Locates the correct EncryptedKey object by reading
+ // users certificate and private key from pkcs12 file and searching the
+ // right EncryptedKey object
+ // pEncData - pointer to DEncEncryptedData object [REQUIRED]
+ // ppEncKey - address of a buffer for EncryptedKey pointer [REQUIRED]
+ // ppKey - address of private key pointer. Caller must free [REQUIRED]
+ // szPkcs12File - pkcs12 file name [REQUIRED]
+ // szPasswd - pkcs12 file password [REQUIRED]. Might be empty?
+ // returns error code or ERR_OK
+ //--------------------------------------------------
+ EXP_OPTION int dencEncryptedData_findEncryptedKeyByPKCS12(DEncEncryptedData* pEncData, DEncEncryptedKey** ppEncKey,
+ EVP_PKEY** ppKey, const char* szPkcs12File, const char* szPasswd);
+
+ //--------------------------------------------------
+ // Encrypts data with the generated key
+ // pEncData - pointer to DEncEncryptedData object [REQUIRED]
+ // nCompressOption - flag: DENC_COMPRESS_ALLWAYS,
+ // DENC_COMPRESS_NEVER or DENC_COMPRESS_BEST_EFFORT
+ // returns error code or ERR_OK
+ //--------------------------------------------------
+ EXP_OPTION int dencEncryptedData_encryptData(DEncEncryptedData* pEncData, int nCompressOption);
+
+ //--------------------------------------------------
+ // Decrypts data transport key with ID card and
+ // then decrypts the data with the transport key.
+ // pEncData - pointer to DEncEncryptedData object [REQUIRED]
+ // tKey - decrypted transport key [REQUIRED]
+ // keyLen - length of trasnport key [REQUIRED]
+ // returns error code or ERR_OK
+ //--------------------------------------------------
+ EXP_OPTION int dencEncryptedData_decrypt_withKey(DEncEncryptedData* pEncData,
+ const char* tKey, int keyLen);
+
+ //--------------------------------------------------
+ // Decrypts data with the generated key
+ // pEncData - pointer to DEncEncryptedData object [REQUIRED]
+ // returns error code or ERR_OK
+ //--------------------------------------------------
+ EXP_OPTION int dencEncryptedData_decryptData(DEncEncryptedData* pEncData);
+
+ //--------------------------------------------------
+ // Decrypts data transport key with ID card and
+ // then decrypts the data with the transport key.
+ // pEncData - pointer to DEncEncryptedData object [REQUIRED]
+ // pEncKey - transport key to decrypt [REQUIRED]
+ // pin - pin code for smart card [REQUIRED]
+ // returns error code or ERR_OK
+ //--------------------------------------------------
+ EXP_OPTION int dencEncryptedData_decrypt(DEncEncryptedData* pEncData,
+ DEncEncryptedKey* pEncKey,
+ const char* pin);
+ //--------------------------------------------------
+ // Decrypts data transport key with ID card and
+ // then decrypts the data with the transport key.
+ // pEncData - pointer to DEncEncryptedData object [REQUIRED]
+ // pEncKey - transport key to decrypt [REQUIRED]
+ // pin - pin code for smart card [REQUIRED]
+ // nSlot - slot nr
+ // returns error code or ERR_OK
+ //--------------------------------------------------
+ EXP_OPTION int dencEncryptedData_decryptUsingSlot(DEncEncryptedData* pEncData,
+ DEncEncryptedKey* pEncKey,
+ const char* pin, int nSlot);
+
+ //--------------------------------------------------
+ // Decrypts data transport key with ID card and
+ // then decrypts the data with the transport key.
+ // pEncData - pointer to DEncEncryptedData object [REQUIRED]
+ // pEncKey - transport key to decrypt [REQUIRED]
+ // pKey - private key for decrypting [REQUIRED]
+ // returns error code or ERR_OK
+ //--------------------------------------------------
+ EXP_OPTION int dencEncryptedData_decryptWithKey(DEncEncryptedData* pEncData,
+ DEncEncryptedKey* pEncKey,
+ EVP_PKEY* pKey);
+
+ //--------------------------------------------------
+ // Compresses data with ZLIB. Cannot compress encrypted data!!!
+ // pEncData - pointer to DEncEncryptedData object [REQUIRED]
+ // nCompressOption - flag: DENC_COMPRESS_ALLWAYS,
+ // DENC_COMPRESS_NEVER or DENC_COMPRESS_BEST_EFFORT
+ // returns error code or ERR_OK
+ //--------------------------------------------------
+ EXP_OPTION int dencEncryptedData_compressData(DEncEncryptedData* pEncData, int nCompressOption);
+
+ //--------------------------------------------------
+ // Decompresses data with ZLIB.
+ // pEncData - pointer to DEncEncryptedData object [REQUIRED]
+ // nCompressOption - flag: DENC_COMPRESS_ALLWAYS,
+ // DENC_COMPRESS_NEVER or DENC_COMPRESS_BEST_EFFORT
+ // returns error code or ERR_OK
+ //--------------------------------------------------
+ EXP_OPTION int dencEncryptedData_decompressData(DEncEncryptedData* pEncData);
+
+
+//====================< RecipientInfo functions >==========================
+
+ //--------------------------------------------------
+ // "Constructor" of DEncRecvInfo object
+ // ppRecvInfo - address of buffer for newly allocated object [REQUIRED]
+ // szId - recipients id [REQUIRED]
+ // szRecipient - recipient atribute [OPTIONAL]
+ // szKeyName - KeyName element [OPTIONAL]
+ // szCarriedKeyName - CarriedKeyName element [OPTIONAL]
+ // pCert - certificate [REQUIRED]
+ // returns error code or ERR_OK
+ //--------------------------------------------------
+ EXP_OPTION int dencRecvInfo_new(DEncRecvInfo** ppRecvInfo,
+ const char* szId, const char* szRecipient,
+ const char* szKeyName, const char* szCarriedKeyName,
+ const X509* pCert);
+
+ //--------------------------------------------------
+ // "Destructor" of DEncRecvInfo object
+ // pRecvInfo - address of buffer for newly allocated object [REQUIRED]
+ // returns error code or ERR_OK
+ //--------------------------------------------------
+ EXP_OPTION int dencRecvInfo_free(DEncRecvInfo* pRecvInfo);
+
+ //--------------------------------------------------
+ // Stores DEncRecvInfo object to configuration store
+ // pRecvInfo - address of buffer for newly allocated object [REQUIRED]
+ // returns error code or ERR_OK
+ //--------------------------------------------------
+ EXP_OPTION int dencRecvInfo_store(DEncRecvInfo* pRecvInfo);
+
+ //--------------------------------------------------
+ // Stores DEncRecvInfo object to configuration store
+ // pConfStore - store to search in [OPTIONAL]. Use NULL for default
+ // pRecvInfo - address of buffer for newly allocated object [REQUIRED]
+ // szId - id of the object [REQUIRED]
+ // returns error code or ERR_OK
+ //--------------------------------------------------
+ EXP_OPTION int dencRecvInfo_findById(ConfigurationStore *pConfStore,
+ DEncRecvInfo** ppRecvInfo, const char* szId);
+
+ //--------------------------------------------------
+ // Deletes DEncRecvInfo object from configuration store
+ // pRecvInfo - address of RecvInfo [REQUIRED]
+ // returns error code or ERR_OK
+ //--------------------------------------------------
+ EXP_OPTION int dencRecvInfo_delete(DEncRecvInfo* pRecvInfo);
+
+ //--------------------------------------------------
+ // Returns all DEncRecvInfo objects
+ // pRecvInfoList - address of the list receiving the items [REQUIRED]
+ // returns error code or ERR_OK
+ //--------------------------------------------------
+ EXP_OPTION int dencRecvInfo_findAll(DEncRecvInfoList* pRecvInfoList);
+
+
+//====================< RecipientInfoList functions >==========================
+
+ //--------------------------------------------------
+ // Adds a DEncRecvInfo object to the list
+ // pRecvInfoList - address of the list receiving the item [REQUIRED]
+ // pRecvInfo - new object to be added
+ // returns error code or ERR_OK
+ //--------------------------------------------------
+ EXP_OPTION int dencRecvInfoList_add(DEncRecvInfoList* pRecvInfoList, DEncRecvInfo *pRecvInfo);
+
+ //--------------------------------------------------
+ // Frees the contents of a DEncRecvInfoList object
+ // pRecvInfoList - address of the list [REQUIRED]
+ // returns error code or ERR_OK
+ //--------------------------------------------------
+ EXP_OPTION int dencRecvInfoList_free(DEncRecvInfoList* pRecvInfoList);
+
+ //--------------------------------------------------
+ // Removes the given DEncRecvInfo object from the list
+ // pRecvInfoList - address of the list [REQUIRED]
+ // szId - id of the obect to be removed [REQUIRED]
+ // returns error code or ERR_OK
+ //--------------------------------------------------
+ EXP_OPTION int dencRecvInfoList_delete(DEncRecvInfoList* pRecvInfoList, const char* szId);
+
+//====================< big file functions >==========================
+
+ //--------------------------------------------------
+ // Encrypts a file and writes it to output file
+ // The caller must have initialized the transport keys
+ // but not the data.
+ // pEncData - pointer to DEncEncryptedData object [REQUIRED]
+ // szInputFileName - input data name [REQUIRED]
+ // szOutputFileName - output file name [REQUIRED]
+ // szMimeType - input data mime type [OPTIONAL]
+ // returns error code or ERR_OK
+ //--------------------------------------------------
+ EXP_OPTION int dencEncryptFile(DEncEncryptedData* pEncData,
+ const char* szInputFileName, const char* szOutputFileName,
+ const char* szMimeType);
+
+//====================< original content functions >===================
+
+ //--------------------------------------------------
+ // Returns the count of "orig_file" properties
+ // pEncData - EncryptedData object [REQUIRED]
+ // returns count or -1 for error.
+ //--------------------------------------------------
+ EXP_OPTION int dencOrigContent_count(DEncEncryptedData* pEncData);
+
+ //--------------------------------------------------
+ // Creates a new property of type "orig_file"
+ // pEncData - EncryptedData object [REQUIRED]
+ // szOrigContentId - Id atribute for new Property object [OPTIONAL]
+ // szName - original file name [REQUIRED]
+ // szSize - size as string or irginal file [REQUIRED]
+ // szMime - mime type or original file [REQUIRED]
+ // szDfId - Id atribute of original file [REQUIRED]
+ // returns error code or ERR_OK
+ //--------------------------------------------------
+ EXP_OPTION int dencOrigContent_add(DEncEncryptedData* pEncData, const char* szOrigContentId,
+ const char* szName, const char* szSize, const char* szMime, const char* szDfId);
+
+ //--------------------------------------------------
+ // Returns the info from "orig_file" properties
+ // pEncData - EncryptedData object [REQUIRED]
+ // szOrigContentId - Id atribute for new Property object [OPTIONAL]
+ // szName - buffer for original file name [REQUIRED]
+ // nNameLen - buffer length of szName [REQUIRED]
+ // szSize - buffer for size as string or irginal file [REQUIRED]
+ // nSizeLen - buffer length of szSize [REQUIRED]
+ // szMime - buffer for mime type or original file [REQUIRED]
+ // nMimeLen - buffer length of szMime [REQUIRED]
+ // szDfId - buffer for Id atribute of original file [REQUIRED]
+ // nDfIdLen - buffer length of szDfId [REQUIRED]
+ // returns error code or ERR_OK
+ //--------------------------------------------------
+ EXP_OPTION int dencOrigContent_findByIndex(DEncEncryptedData* pEncData, int origContIdx,
+ char* szName, int nNameLen, char* szSize, int nSizeLen,
+ char* szMime, int nMimeLen, char* szDfId, int nDfIdLen);
+
+ //--------------------------------------------------
+ // Checks if there is a digidoc document in this
+ // encrypted document.
+ // pEncData - EncryptedData object [REQUIRED]
+ // returns 1 if digidoc document is inside
+ //--------------------------------------------------
+ EXP_OPTION int dencOrigContent_isDigiDocInside(DEncEncryptedData* pEncData);
+
+ //--------------------------------------------------
+ // Registers digidoc document as encrypted datatype
+ // and stores it's data file info.
+ // pEncData - EncryptedData object [REQUIRED]
+ // pSigDoc - SignedDoc object [REQUIRED]
+ // returns 1 if digidoc document is inside
+ //--------------------------------------------------
+ EXP_OPTION int dencOrigContent_registerDigiDoc(DEncEncryptedData* pEncData, SignedDoc* pSigDoc);
+
+//====================< other meta-info functions >===================
+
+ //--------------------------------------------------
+ // Sets the library name and version property
+ // pEncData - EncryptedData object [REQUIRED]
+ // returns count or -1 for error.
+ //--------------------------------------------------
+ EXP_OPTION int dencMetaInfo_SetLibVersion(DEncEncryptedData* pEncData);
+
+ //--------------------------------------------------
+ // Sets the format name and version property
+ // pEncData - EncryptedData object [REQUIRED]
+ // returns count or -1 for error.
+ //--------------------------------------------------
+ EXP_OPTION int dencMetaInfo_SetFormatVersion(DEncEncryptedData* pEncData);
+
+ //--------------------------------------------------
+ // Returns the library name and version meta-info of this document
+ // pEncData - EncryptedData object [REQUIRED]
+ // szLibrary - buffer for library name
+ // nLibLen - length of library name buffer
+ // szVersion - buffer for version info
+ // nVerLen - length of version info buffer
+ // returns count or -1 for error.
+ //--------------------------------------------------
+ EXP_OPTION int dencMetaInfo_GetLibVersion(DEncEncryptedData* pEncData, char* szLibrary, int nLibLen, char* szVersion, int nVerLen);
+
+ //--------------------------------------------------
+ // Returns the format name and version meta-info of this document
+ // pEncData - EncryptedData object [REQUIRED]
+ // returns count or -1 for error.
+ //--------------------------------------------------
+ EXP_OPTION int dencMetaInfo_GetFormatVersion(DEncEncryptedData* pEncData, char* szFormat, int nFormatLen, char* szVersion, int nVerLen);
+
+ //--------------------------------------------------
+ // Deletes the meta-info properties
+ // pEncData - EncryptedData object [REQUIRED]
+ // returns error code or ERR_OK
+ //--------------------------------------------------
+ EXP_OPTION int dencMetaInfo_deleteVersionInfo(DEncEncryptedData* pEncData);
+
+ //--------------------------------------------------
+ // Validates cdoc structure
+ // pEncData - EncryptedData object [REQUIRED]
+ // returns error code or ERR_OK
+ //--------------------------------------------------
+ EXP_OPTION int dencValidate(DEncEncryptedData* pEncData);
+
+#ifdef __cplusplus
+}
+#endif
+
+#endif // __DIGIDOC_ENC_H__
+
+