1 #ifndef __DIGI_DOC_CERT_H__
2 #define __DIGI_DOC_CERT_H__
28 #include <openssl/evp.h>
29 #include <openssl/objects.h>
30 #include <openssl/x509.h>
31 #include <openssl/x509v3.h>
33 #include <libdigidoc/DigiDocDefs.h>
34 #include <libdigidoc/DigiDocLib.h>
44 EXP_OPTION
int ReadPrivateKey(EVP_PKEY **privKey,
const char *keyfile,
const char* passwd,
int format);
45 EXP_OPTION
int WritePrivateKey(EVP_PKEY *privKey,
const char *keyfile,
const char* passwd,
int format);
46 int ReadPublicKey(EVP_PKEY **pkey,
const char *certfile);
47 int GetPublicKey(EVP_PKEY **pubKey,
const X509* x509);
56 EXP_OPTION
int ddocWriteKeyAndCertPem(EVP_PKEY *privKey, X509* pCert,
57 const char *keyfile,
const char* passwd);
60 EXP_OPTION
int ReadCertificate(X509 **x509,
const char *certfile);
61 EXP_OPTION
int ReadCertificateNoErr(X509 **x509,
const char *szCertfile);
62 EXP_OPTION
int ReadCertSerialNumber(
char* szSerial,
int nMaxLen, X509 *x509);
63 EXP_OPTION
int ReadCertificateByPKCS12(X509 **x509,
const char *pkcs12file,
const char *passwd, EVP_PKEY **pkey);
66 EXP_OPTION
int ddocDecodeX509Data(X509 **ppX509,
const byte* certData,
int certLen);
69 EXP_OPTION
int ddocDecodeX509PEMData(X509 **ppX509,
const char* certData,
int certLen);
72 EXP_OPTION
int getCertPEM(X509* cert,
int bHeaders,
char** buf);
76 EXP_OPTION
int GetCertSerialNumber(
char* szSerial,
int nMaxLen,
const char *szCertfile);
78 EXP_OPTION
int getCertNotBefore(
const SignedDoc* pSigDoc, X509* cert,
char* timestamp,
int len);
81 EXP_OPTION time_t getCertNotBeforeTimeT(X509* pCert);
83 EXP_OPTION time_t getCertNotAfterTimeT(X509* pCert);
86 EXP_OPTION
int getCertNotAfter(
const SignedDoc* pSigDoc, X509* cert,
char* timestamp,
int len);
88 EXP_OPTION
int saveCert(X509* cert,
const char* szFileName,
int nFormat);
90 EXP_OPTION
void* decodeCert(
const char* pemData);
92 EXP_OPTION
void encodeCert(
const X509* x509,
char * encodedCert,
int* encodedCertLen);
96 EXP_OPTION
int readCertPolicies(X509* pX509,
PolicyIdentifier** pPolicies,
int* nPols);
99 EXP_OPTION
void PolicyIdentifiers_free(
PolicyIdentifier* pPolicies,
int nPols);
104 EXP_OPTION
int isCertValid(X509* cert, time_t tDate);
105 EXP_OPTION
int isCertSignedBy(X509* cert,
const char* cafile);
106 int writeCertToXMLFile(BIO* bout, X509* cert);
122 EXP_OPTION
int verifyCertificateByOCSP(X509* pCert,
const X509** caCerts,
123 const X509* notaryCert,
char* notaryURL,
124 char* proxyHost,
char* proxyPort,
125 const char* pkcs12file,
const char* pkcs12paswd,
126 OCSP_RESPONSE **ppResp);
142 EXP_OPTION
int verifyCertificateByOCSPWithIp(X509* pCert,
const X509** caCerts,
143 const X509* notaryCert,
char* notaryURL,
144 char* proxyHost,
char* proxyPort,
145 const char* pkcs12file,
const char* pkcs12paswd,
146 OCSP_RESPONSE **ppResp,
unsigned long ip);
162 int ddocCertGetPubkeyDigest(X509* pCert,
DigiDocMemBuf* pMemBuf);
170 EXP_OPTION
int ddocCertGetIssuerDN(X509* pCert,
DigiDocMemBuf* pMemBuf);
178 EXP_OPTION
int ddocCertGetSubjectDN(X509* pCert,
DigiDocMemBuf* pMemBuf);
186 int ddocCertGetSubjectNameDigest(X509* pCert,
DigiDocMemBuf* pMemBuf);
194 int ddocCertGetIssuerNameDigest(X509* pCert,
DigiDocMemBuf* pMemBuf);
204 EXP_OPTION
int ddocCertGetDNFromName(X509_NAME* pName,
DigiDocMemBuf* pMemBuf);
206 #define KUIDX_DIGITAL_SIGNATURE 0
207 #define KUIDX_NON_REPUDIATION 1
208 #define KUIDX_KEY_ENCIPHERMENT 2
209 #define KUIDX_DATA_ENCIPHERMENT 3
210 #define KUIDX_KEY_AGREEMENT 4
211 #define KUIDX_KEY_CERT_SIGN 5
212 #define KUIDX_CRL_SIGN 6
213 #define KUIDX_ENCIPHERMENT_ONLY 7
214 #define KUIDX_DECIPHERMENT_ONLY 8
216 #define NID_firstName 99
217 #define NID_lastName 100
218 #define NID_perCode 105
219 #define NID_countryName 14
220 #define NID_serialNumber 105
221 #define NID_organization 17
222 #define NID_organizationUnit 18
223 #define NID_commonName 13
224 #define NID_emailAddress 48
233 EXP_OPTION
int ddocCertCheckKeyUsage(X509 *pCert,
int nBit);
241 EXP_OPTION
int ddocCertGetSubjectCN(X509* pCert,
DigiDocMemBuf* pMemBuf);
249 EXP_OPTION
int ddocCertGetIssuerCN(X509* pCert,
DigiDocMemBuf* pMemBuf);
257 EXP_OPTION
int ddocCertGetSubjectFirstName(X509* pCert,
DigiDocMemBuf* pMemBuf);
265 EXP_OPTION
int ddocCertGetSubjectLastName(X509* pCert,
DigiDocMemBuf* pMemBuf);
273 EXP_OPTION
int ddocCertGetSubjectPerCode(X509* pCert,
DigiDocMemBuf* pMemBuf);
281 EXP_OPTION
int ddocCertGetSubjectCountryName(X509* pCert,
DigiDocMemBuf* pMemBuf);
289 EXP_OPTION
int ddocCertGetSubjectOrganization(X509* pCert,
DigiDocMemBuf* pMemBuf);
297 EXP_OPTION
int ddocCertGetSubjectOrganizationUnit(X509* pCert,
DigiDocMemBuf* pMemBuf);
304 EXP_OPTION
int readAuthorityKeyIdentifier(X509* pCert,
DigiDocMemBuf* pMemBuf);
311 EXP_OPTION
int readSubjectKeyIdentifier(X509* pCert,
DigiDocMemBuf* pMemBuf);
313 EXP_OPTION
int ddocCertGetDNPart(X509* pCert,
DigiDocMemBuf* pMemBuf,
int nNid,
int bIssuer);
315 EXP_OPTION
int ddocCertGetDN(X509* pCert,
DigiDocMemBuf* pMemBuf,
int bIssuer);
320 #ifdef WITH_DEPRECATED_FUNCTIONS
324 EXP_OPTION
int decodeCertificateData(X509 **newX509,
const byte* certData,
int certLen);
328 EXP_OPTION
int getCertIssuerName(X509* cert,
char* buf,
int* buflen);
332 EXP_OPTION
int getCertSubjectName(X509* cert,
char* buf,
int* buflen);
337 EXP_OPTION
int getCertIssuerCN(X509* cert,
char* buf,
int* buflen,
int bUTF8);
341 EXP_OPTION
int getCertSubjectDN(X509* cert,
char* buf,
int* buflen,
int bUTF8);
345 EXP_OPTION
int getCertSubjectCN(X509* cert,
char* buf,
int* buflen,
int bUTF8);
349 EXP_OPTION
int getCertOwnerCode(
const X509* pCert,
char* buf,
int len);
358 EXP_OPTION
int ddocGetDNPartFromString(
const char* sDn,
const char* sId,
DigiDocMemBuf* pMBuf);
Definition: DigiDocMem.h:32
Definition: DigiDocCert.h:37
Definition: DigiDocObj.h:177