1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
|
#ifndef __DIGIDOCCSP_H__
#define __DIGIDOCCSP_H__
//==================================================
// FILE: DigDocCsp.h
// PROJECT: Digi Doc
// DESCRIPTION: CSP Functions
// AUTHOR: Veiko Sinivee, S|E|B IT Partner Estonia
//==================================================
// Copyright (C) AS Sertifitseerimiskeskus
// This library is free software; you can redistribute it and/or
// modify it under the terms of the GNU Lesser General Public
// License as published by the Free Software Foundation; either
// version 2.1 of the License, or (at your option) any later version.
// This library is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
// Lesser General Public License for more details.
// GNU Lesser General Public Licence is available at
// http://www.gnu.org/copyleft/lesser.html
//==========< HISTORY >=============================
// 1.0 09.05.2002 Veiko Sinivee
//==================================================
#ifdef __cplusplus
extern "C" {
#endif
#define EST_EID_CSP "EstEID Card CSP"
typedef struct CSProvider_st {
char* CSPName;
int rsa_full; // if FALSE RSA_SIG will be used
int at_sig; //// if FALSE AT_KEYEXCHANGE will be used
} CSProvider;
// general structure for a list of certificates
typedef struct CertItem_st {
X509* pCert;
struct CertItem_st* nextItem;
} CertItem;
typedef struct CertSearchStore_st {
int searchType;
char* storeName; // default is "My"
long certSerial;
int numberOfSubDNCriterias;
char** subDNCriterias;
int numberOfIssDNCriterias;
char** issDNCriterias;
void* publicKeyInfo;
} CertSearchStore;
typedef struct CertSearch_st {
int searchType;
char* x509FileName;
char* keyFileName;
char* pkcs12FileName;
char * pswd;
CertSearchStore* certSearchStore;
} CertSearch;
//=====================================================================
// Hashes and signes data with EstId card, returns also cert
// which can be used in order to verify signature
// IN dataToBeSigned - source data buffer
// IN dataLen - how many bytes will be read from source buffer
// OUT cert - cert buffer( corresponding private key was used to sign.), migth be NULL if this parameter is not needed.
// OUT certLen - cert length in buffer, migth be NULL if cert parameter is not needed.
// OUT keyBlob - public key's buffer, migth be NULL if this parameter is not needed.
// OUT keyBlobLen - public key's length in buffer, migth be NULL if keyBlob parameter is not needed.
// OUT hash - hash buffer, migth be NULL if this parameter is not needed.
// OUT hashLen - hash length in buffer, migth be NULL if hash parameter is not needed.
// OUT sign - output data buffer for hashed and signed data
// OUT sigLen - data length in output buffer
//=====================================================================
int GetSignParametersWithEstIdCSP(byte * dataToBeSigned,unsigned long dataLen,
X509 **x509, int *needCert,
byte *keyBlob, unsigned long *keyBlobLen,
byte *hash, unsigned long *hashLen,
byte *sign,unsigned long *sigLen);
//EXP_OPTION int calculateSigInfoSignatureWithEstID(SignedDoc* pSigDoc, SignatureInfo* pSigInfo,
// int slot, const char* passwd);
//Added parameter iByKeyContainer by A.Amenberg 06062003
EXP_OPTION int calculateSigInfoSignatureWithCSPEstID(SignedDoc* pSigDoc, SignatureInfo* pSigInfo, int iByKeyContainer, const char* szPin);
EXP_OPTION X509 * findIssuerCertificatefromMsStore(X509 *x509);
EXP_OPTION CertSearchStore* CertSearchStore_new();
EXP_OPTION void CertSearchStore_free(CertSearchStore* certSearchStore);
EXP_OPTION CertSearch* CertSearch_new();
EXP_OPTION void CertSearch_free(CertSearch* certSearch);
EXP_OPTION void CertList_free(CertItem* pListStart);
EXP_OPTION void CertSearch_setX509FileName(CertSearch* certSearch, const char* str);
EXP_OPTION void CertSearch_setKeyFileName(CertSearch* certSearch, const char* str);
EXP_OPTION void CertSearch_setPkcs12FileName(CertSearch* certSearch, const char* str);
EXP_OPTION void CertSearch_setPasswd(CertSearch* certSearch, const char* str);
//
EXP_OPTION CSProvider * getCurrentCSProvider(BOOL tryToFindIfMissing);
EXP_OPTION X509* findCertificate(const CertSearch * cS);
EXP_OPTION int findAllCertificates(const CertSearchStore *sS, X509 ***certsArray, int *numberOfCerts);
EXP_OPTION int Digi_readCertificateByPKCS12OnlyCertHandle(const char *pkcs12file, const char * passwd, X509 **x509);
EXP_OPTION int Digi_getConfirmationWithCertSearch(SignedDoc* pSigDoc, SignatureInfo* pSigInfo, char* pkcs12File, char* password,
char* notaryURL, char* proxyHost, char* proxyPort);
EXP_OPTION int Digi_setNotaryCertificate(NotaryInfo* pNotary, X509* notCert);
EXP_OPTION int Digi_verifyNotaryInfoWithCertSearch(const SignedDoc* pSigDoc, const NotaryInfo* pNotInfo);
// verifies this one signature
EXP_OPTION int Digi_verifySignatureInfo(const SignedDoc* pSigDoc, const SignatureInfo* pSigInfo,
const char* szDataFile);
// verifies the whole document (returns on first err)
EXP_OPTION int Digi_verifySigDoc(const SignedDoc* pSigDoc, const char* szDataFile);
EXP_OPTION int Digi_verifySigDocWithCertSearch(const SignedDoc* pSigDoc, const char* szDataFile);
#ifdef __cplusplus
}
#endif
#endif
|
