Estonian ID Card C-library
DigiDocEnc.h
1 #ifndef __DIGIDOC_ENC_H__
2 #define __DIGIDOC_ENC_H__
3 //==================================================
4 // FILE: DigiDocEnc.h
5 // PROJECT: Digi Doc Encryption
6 // DESCRIPTION: DigiDocEnc structures
7 // AUTHOR: Veiko Sinivee, S|E|B IT Partner Estonia
8 //==================================================
9 // Copyright (C) AS Sertifitseerimiskeskus
10 // This library is free software; you can redistribute it and/or
11 // modify it under the terms of the GNU Lesser General Public
12 // License as published by the Free Software Foundation; either
13 // version 2.1 of the License, or (at your option) any later version.
14 // This library is distributed in the hope that it will be useful,
15 // but WITHOUT ANY WARRANTY; without even the implied warranty of
16 // MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
17 // Lesser General Public License for more details.
18 // GNU Lesser General Public Licence is available at
19 // http://www.gnu.org/copyleft/lesser.html
20 //==========< HISTORY >=============================
21 // 15.09.2004 Veiko Sinivee
22 // Creation
23 //==================================================
24 
25 #include <openssl/x509.h>
26 #include <libdigidoc/DigiDocMem.h>
27 #include <libdigidoc/DigiDocConfig.h>
28 #include <libdigidoc/DigiDocDefs.h>
29 
30 #ifdef __cplusplus
31 extern "C" {
32 #endif
33 
34 
35 typedef struct DEncEncryptionProperty_st {
36  char* szId; // Id atribute value if present
37  char* szTarget; // Target atribute value if present
38  char* szName; // "name" atribute value if present - used in our implementation
39  char* szContent; // element content if used
40  // TODO - other atributes ?
42 
44  char* szId; // Id atribute value if present
45  DEncEncryptionProperty** arrEncryptionProperties; // array of EncryptionProperty pointers
46  int nEncryptionProperties; // number of EncryptionProperty objects
48 
49 
50 typedef struct DEncEncrytedKey_st {
51  char* szId; // Id atribute value if present
52  char* szRecipient; // Recipient atribute value if present
53  char* szEncryptionMethod; // EncryptionMethod element value
54  char* szKeyName; // KeyName element value if used
55  char* szCarriedKeyName; // CarriedKeyName element value if used
56  X509* pCert; // receivers certificate - required in our implementation!
57  DigiDocMemBuf mbufTransportKey; // encrypted transport key
59 
60 typedef struct DEncEncrytedData_st {
61  char* szId; // Id atribute value if present
62  char* szType; // Type atribute value if present
63  char* szMimeType; // MimeType atribute value if present
64  char* szEncryptionMethod; // EncryptionMethod element value
65  char* szXmlNs; // XML namespace
66  DEncEncryptedKey ** arrEncryptedKeys;
67  int nEncryptedKeys;
68  DigiDocMemBuf mbufEncryptedData;
69  DEncEncryptionProperties encProperties;
70 
71  // private transient fields
72  DigiDocMemBuf mbufTransportKey; // unencrypted transport key
73  char initVector[16];
74  // flags
75  int nDataStatus;
76  int nKeyStatus;
78 
79 typedef struct DEncRecvInfo_st {
80  char* szId; // Id of recipient
81  char* szRecipient; // Recipient atribute value if present
82  char* szKeyName; // KeyName element value if used
83  char* szCarriedKeyName; // CarriedKeyName element value if used
84  X509* pCert; // receivers certificate - required in our implementation!
85 } DEncRecvInfo;
86 
87 typedef struct DEncRecvInfoList_st {
88  int nItems;
89  DEncRecvInfo** pItems;
91 
92 
93 
94 #define DENC_DATA_STATUS_UNINITIALIZED 0
95 #define DENC_DATA_STATUS_UNENCRYPTED_AND_NOT_COMPRESSED 1
96 #define DENC_DATA_STATUS_UNENCRYPTED_AND_COMPRESSED 2
97 #define DENC_DATA_STATUS_ENCRYPTED_AND_NOT_COMPRESSED 3
98 #define DENC_DATA_STATUS_ENCRYPTED_AND_COMPRESSED 4
99 
100 #define DENC_KEY_STATUS_UNINITIALIZED 0
101 #define DENC_KEY_STATUS_INITIALIZED 1
102 #define DENC_KEY_STATUS_DISCARDED 2
103 
104 #define ENCPROP_FILENAME "Filename"
105 #define ENCPROP_ORIG_SIZE "OriginalSize"
106 #define ENCPROP_ORIG_MIME "OriginalMimeType"
107 #define ENCPROP_ORIG_CONTENT "orig_file"
108 #define ENCPROP_LIB_VERSION "LibraryVersion"
109 #define ENCPROP_DOC_FORMAT "DocumentFormat"
110 
111 #define DENC_FORMAT_ENCDOC_XML "ENCDOC-XML"
112 #define DENC_VERSION_1_0 "1.0"
113 #define DENC_VERSION_1_1 "1.1"
114 
115 #define DENC_COMPRESS_ALLWAYS 0
116 #define DENC_COMPRESS_NEVER 1
117 #define DENC_COMPRESS_BEST_EFFORT 2
118 
119 #define DENC_ENCRYPTED_KEY_LEN 128
120 #define DENC_DECRYPTED_KEY_LEN 16
121 
122 #define ENCRYPT 1
123 #define DECRYPT 0
124 
125 #define DENC_ENCDATA_TYPE_DDOC "http://www.sk.ee/DigiDoc/v1.3.0/digidoc.xsd"
126 
127 #define DENC_ENCDATA_MIME_XML "text/xml"
128 #define DENC_ENCDATA_MIME_ZLIB "http://www.isi.edu/in-noes/iana/assignments/media-types/application/zip"
129 
130 #define DENC_ENC_METHOD_AES128 "http://www.w3.org/2001/04/xmlenc#aes128-cbc"
131 #define DENC_ENC_METHOD_RSA1_5 "http://www.w3.org/2001/04/xmlenc#rsa-1_5"
132 #define DENC_ENC_METHOD_RSA1_5_BUGGY "http://www.w3.org/2001/04/xmlenc#rsa-1-5"
133 #define DENC_XMLNS_XMLENC "http://www.w3.org/2001/04/xmlenc#"
134 #define DENC_XMLNS_XMLENC_ELEMENT "http://www.w3.org/2001/04/xmlenc#Element"
135 #define DENC_XMLNS_XMLENC_CONTENT "http://www.w3.org/2001/04/xmlenc#Content"
136 #define DENC_XMLNS_XMLENC_ENCPROP "http://www.w3.org/2001/04/xmlenc#EncryptionProperties"
137 #define DENC_XMLNS_XMLDSIG "http://www.w3.org/2000/09/xmldsig#"
138 
139 
140 //======================< DEncEncryptedData >==============================
141 
142  //--------------------------------------------------
143  // "Constructor" of DEncEncryptedData object
144  // pEncData - address of buffer for newly allocated object [REQUIRED]
145  // szXmlNs - XML namespace uri [REQUIRED]
146  // szEncMethod - encyrption method algorithm uri [REQUIRED]
147  // szId - elements Id attribute [OPTIONAL]
148  // szType - elements type atribute [OPTIONAL]
149  // szMimeType - elements mime-type attribute [OPTIONAL]
150  // returns error code or ERR_OK
151  //--------------------------------------------------
152  EXP_OPTION int dencEncryptedData_new(DEncEncryptedData** ppEncData,
153  const char* szXmlNs, const char* szEncMethod,
154  const char* szId, const char* szType,
155  const char* szMimeType);
156 
157  //--------------------------------------------------
158  // "Destructor" of DEncEncryptedData object
159  // pEncData - address of object to be deleted [REQUIRED]
160  // returns error code or ERR_OK
161  //--------------------------------------------------
162  EXP_OPTION int dencEncryptedData_free(DEncEncryptedData* pEncData);
163 
164  //--------------------------------------------------
165  // Checks if this cdoc has embedded ddoc
166  // pEncData - address of object to be deleted [REQUIRED]
167  // returns 1 if true
168  //--------------------------------------------------
169  EXP_OPTION int dencEncryptedData_IsDdoc(DEncEncryptedData* pEncData);
170 
171 
172 //======================< DEncEncryptedData - accessors >===================
173 
174  //--------------------------------------------------
175  // Accessor for Id atribute of DEncEncryptedData object.
176  // pEncData - pointer to DEncEncryptedData object [REQUIRED]
177  // returns value of atribute or NULL.
178  //--------------------------------------------------
179  EXP_OPTION const char* dencEncryptedData_GetId(DEncEncryptedData* pEncData);
180 
181  //--------------------------------------------------
182  // Accessor for Type atribute of DEncEncryptedData object.
183  // pEncData - pointer to DEncEncryptedData object [REQUIRED]
184  // returns value of atribute or NULL.
185  //--------------------------------------------------
186  EXP_OPTION const char* dencEncryptedData_GetType(DEncEncryptedData* pEncData);
187 
188  //--------------------------------------------------
189  // Accessor for MimeType atribute of DEncEncryptedData object.
190  // pEncData - pointer to DEncEncryptedData object [REQUIRED]
191  // returns value of atribute or NULL.
192  //--------------------------------------------------
193  EXP_OPTION const char* dencEncryptedData_GetMimeType(DEncEncryptedData* pEncData);
194 
195  //--------------------------------------------------
196  // Accessor for xmlns atribute of DEncEncryptedData object.
197  // pEncData - pointer to DEncEncryptedData object [REQUIRED]
198  // returns value of atribute or NULL.
199  //--------------------------------------------------
200  EXP_OPTION const char* dencEncryptedData_GetXmlNs(DEncEncryptedData* pEncData);
201 
202  //--------------------------------------------------
203  // Accessor for EncryptionMethod subelement of DEncEncryptedData object.
204  // pEncData - pointer to DEncEncryptedData object [REQUIRED]
205  // returns value of atribute or NULL.
206  //--------------------------------------------------
207  EXP_OPTION const char* dencEncryptedData_GetEncryptionMethod(DEncEncryptedData* pEncData);
208 
209  //--------------------------------------------------
210  // Accessor for Id atribute of EncryptionProperties subelement of DEncEncryptedData object.
211  // pEncData - pointer to DEncEncryptedData object [REQUIRED]
212  // returns value of atribute or NULL.
213  //--------------------------------------------------
214  EXP_OPTION const char* dencEncryptedData_GetEncryptionPropertiesId(DEncEncryptedData* pEncData);
215 
216  //--------------------------------------------------
217  // Accessor for count of EncryptionProperties subelement of DEncEncryptedData object.
218  // pEncData - pointer to DEncEncryptedData object [REQUIRED]
219  // returns count or -1 for error. Then use error API to check errors
220  //--------------------------------------------------
221  EXP_OPTION int dencEncryptedData_GetEncryptionPropertiesCount(DEncEncryptedData* pEncData);
222 
223  //--------------------------------------------------
224  // Accessor for EncryptionProperties subelement of DEncEncryptedData object.
225  // pEncData - pointer to DEncEncryptedData object [REQUIRED]
226  // nIdx - index of EncryptionProperty object [REQUIRED]
227  // returns EncryptionProperty pointer or NULL for error
228  //--------------------------------------------------
229  EXP_OPTION DEncEncryptionProperty* dencEncryptedData_GetEncryptionProperty(DEncEncryptedData* pEncData, int nIdx);
230 
231  //--------------------------------------------------
232  // Retrieves the last EncryptionProperty subelement of DEncEncryptedData object.
233  // pEncData - pointer to DEncEncryptedData object [REQUIRED]
234  // returns EncryptionProperty pointer or NULL for error
235  //--------------------------------------------------
236  EXP_OPTION DEncEncryptionProperty* dencEncryptedData_GetLastEncryptionProperty(DEncEncryptedData* pEncData);
237 
238  //--------------------------------------------------
239  // Finds EncryptionProperty by Name atribute
240  // pEncData - pointer to DEncEncryptedData object [REQUIRED]
241  // name - name of searched property
242  // returns EncryptionProperty pointer or NULL for error
243  //--------------------------------------------------
244  EXP_OPTION DEncEncryptionProperty* dencEncryptedData_FindEncryptionPropertyByName(DEncEncryptedData* pEncData, const char* name);
245 
246  //--------------------------------------------------
247  // Accessor for count of EncryptedKey subelement of DEncEncryptedData object.
248  // pEncData - pointer to DEncEncryptedData object [REQUIRED]
249  // returns count or -1 for error. Then use error API to check errors
250  //--------------------------------------------------
251  EXP_OPTION int dencEncryptedData_GetEncryptedKeyCount(DEncEncryptedData* pEncData);
252 
253  //--------------------------------------------------
254  // Accessor for EncryptedKey subelement of DEncEncryptedData object.
255  // pEncData - pointer to DEncEncryptedData object [REQUIRED]
256  // nIdx - index of EncryptedKey object [REQUIRED]
257  // returns EncryptedKey pointer or NULL for error
258  //--------------------------------------------------
259  EXP_OPTION DEncEncryptedKey* dencEncryptedData_GetEncryptedKey(DEncEncryptedData* pEncData, int nIdx);
260 
261  //--------------------------------------------------
262  // Searches an EncryptedKey by recipients name
263  // pEncData - pointer to DEncEncryptedData object [REQUIRED]
264  // recipient - recipient name used to search the key [REQUIRED]
265  // returns EncryptedKey pointer or NULL for error
266  //--------------------------------------------------
267  EXP_OPTION DEncEncryptedKey* dencEncryptedData_FindEncryptedKeyByRecipient(DEncEncryptedData* pEncData, const char* recipient);
268 
269  //--------------------------------------------------
270  // Searches an EncryptedKey by certs CN field
271  // pEncData - pointer to DEncEncryptedData object [REQUIRED]
272  // cn - cert CN used to search the key [REQUIRED]
273  // returns EncryptedKey pointer or NULL for error
274  //--------------------------------------------------
275  EXP_OPTION DEncEncryptedKey* dencEncryptedData_FindEncryptedKeyByCN(DEncEncryptedData* pEncData, const char* cn);
276 
277  //--------------------------------------------------
278  // Accessor for EncryptedKey subelement of DEncEncryptedData object.
279  // pEncData - pointer to DEncEncryptedData object [REQUIRED]
280  // returns EncryptedKey pointer or NULL for error
281  //--------------------------------------------------
282  EXP_OPTION DEncEncryptedKey* dencEncryptedData_GetLastEncryptedKey(DEncEncryptedData* pEncData);
283 
284  //--------------------------------------------------
285  // Accessor for encrypted data.
286  // pEncData - pointer to DEncEncryptedData object [REQUIRED]
287  // ppBuf - address for encrypted data pointer [REQUIRED]
288  // returns error code or ERR_OK
289  //--------------------------------------------------
290  EXP_OPTION int dencEncryptedData_GetEncryptedData(DEncEncryptedData* pEncData, DigiDocMemBuf** ppBuf);
291 
292  //--------------------------------------------------
293  // Accessor for encrypted data status flag.
294  // pEncData - pointer to DEncEncryptedData object [REQUIRED]
295  // returns status or -1 for error. Then use error API to check errors
296  //--------------------------------------------------
297  EXP_OPTION int dencEncryptedData_GetEncryptedDataStatus(DEncEncryptedData* pEncData);
298 
299 
300 //======================< DEncEncryptedData - mutators >===================
301 
302  //--------------------------------------------------
303  // Mutatoror for Id atribute of DEncEncryptedData object.
304  // pEncData - pointer to DEncEncryptedData object [REQUIRED]
305  // value - new value for atribute [REQUIRED]
306  // returns error code or ERR_OK
307  //--------------------------------------------------
308  EXP_OPTION int dencEncryptedData_SetId(DEncEncryptedData* pEncData, const char* value);
309 
310  //--------------------------------------------------
311  // Mutatoror for Type atribute of DEncEncryptedData object.
312  // pEncData - pointer to DEncEncryptedData object [REQUIRED]
313  // value - new value for atribute [REQUIRED]
314  // returns error code or ERR_OK
315  //--------------------------------------------------
316  EXP_OPTION int dencEncryptedData_SetType(DEncEncryptedData* pEncData, const char* value);
317 
318  //--------------------------------------------------
319  // Mutatoror for MimeType atribute of DEncEncryptedData object.
320  // pEncData - pointer to DEncEncryptedData object [REQUIRED]
321  // value - new value for atribute [REQUIRED]
322  // returns error code or ERR_OK
323  //--------------------------------------------------
324  EXP_OPTION int dencEncryptedData_SetMimeType(DEncEncryptedData* pEncData, const char* value);
325 
326  //--------------------------------------------------
327  // Mutatoror for xmlns atribute of DEncEncryptedData object.
328  // pEncData - pointer to DEncEncryptedData object [REQUIRED]
329  // value - new value for atribute [REQUIRED]
330  // returns error code or ERR_OK
331  //--------------------------------------------------
332  EXP_OPTION int dencEncryptedData_SetXmlNs(DEncEncryptedData* pEncData, const char* value);
333 
334  //--------------------------------------------------
335  // Mutatoror for EncryptionMethod subelement of DEncEncryptedData object.
336  // pEncData - pointer to DEncEncryptedData object [REQUIRED]
337  // value - new value for atribute [REQUIRED]
338  // returns error code or ERR_OK
339  //--------------------------------------------------
340  EXP_OPTION int dencEncryptedData_SetEncryptionMethod(DEncEncryptedData* pEncData, const char* value);
341 
342  //--------------------------------------------------
343  // Adds unencrypted data to encrypted data element
344  // waiting to be encrypted in next steps
345  // pEncData - pointer to DEncEncryptedData object [REQUIRED]
346  // data - new unencrypted data [REQUIRED]
347  // len - length of data. Use -1 for null terminated strings [REQUIRED]
348  // returns error code or ERR_OK
349  //--------------------------------------------------
350  EXP_OPTION int dencEncryptedData_AppendData(DEncEncryptedData* pEncData, const char* data, int len);
351 
352  //--------------------------------------------------
353  // Mutatoror for Id atribute of EncryptionProperties subelement of DEncEncryptedData object.
354  // pEncData - pointer to DEncEncryptedData object [REQUIRED]
355  // value - new value for atribute [REQUIRED]
356  // returns error code or ERR_OK
357  //--------------------------------------------------
358  EXP_OPTION int dencEncryptedData_SetEncryptionPropertiesId(DEncEncryptedData* pEncData, const char* value);
359 
360  //--------------------------------------------------
361  // Deletes EncryptionProperties subelement of DEncEncryptedData object.
362  // pEncData - pointer to DEncEncryptedData object [REQUIRED]
363  // nIdx - index of EncryptionProperty object to be removed [REQUIRED]
364  // returns error code or ERR_OK
365  //--------------------------------------------------
366  EXP_OPTION int dencEncryptedData_DeleteEncryptionProperty(DEncEncryptedData* pEncData, int nIdx);
367 
368  //--------------------------------------------------
369  // Deletes EncryptedKey subelement of DEncEncryptedData object.
370  // pEncData - pointer to DEncEncryptedData object [REQUIRED]
371  // nIdx - index of EncryptedKey object to be removed [REQUIRED]
372  // returns error code or ERR_OK
373  //--------------------------------------------------
374  EXP_OPTION int dencEncryptedData_DeleteEncryptedKey(DEncEncryptedData* pEncData, int nIdx);
375 
376 
377 //======================< DEncEncryptionProperty >===================
378 
379  //--------------------------------------------------
380  // "Constructor" for EncryptionProperty
381  // pEncData - pointer to DEncEncryptedData object [REQUIRED]
382  // pEncProperty - address of buffer for new property object [REQUIRED]
383  // szId - Id atribute of EncryptionProperty [OPTIONAL]
384  // szTarget - Target atribute of EncryptionProperty [OPTIONAL]
385  // szName - name atribute of EncryptionProperty [OPTIONAL]
386  // szContent - content of EncryptionProperty [OPTIONAL]
387  // returns error code or ERR_OK
388  //--------------------------------------------------
389  EXP_OPTION int dencEncryptionProperty_new(DEncEncryptedData* pEncData,
390  DEncEncryptionProperty** pEncProperty,
391  const char* szId, const char* szTarget,
392  const char* szName, const char* szContent);
393 
394  //--------------------------------------------------
395  // "Destructor" for EncryptionProperty
396  // pEncProperty - address of buffer for new property object [REQUIRED]
397  // returns error code or ERR_OK
398  //--------------------------------------------------
399  EXP_OPTION int dencEncryptionProperty_free(DEncEncryptionProperty* pEncProperty);
400 
401 //======================< DEncEncryptionProperty - accessors >===================
402 
403  //--------------------------------------------------
404  // Accessor for Id atribute of EncryptionProperty object.
405  // pEncProp - pointer to DEncEncryptionProperty object [REQUIRED]
406  // returns value of atribute or NULL.
407  //--------------------------------------------------
408  EXP_OPTION const char* dencEncryptionProperty_GetId(DEncEncryptionProperty* pEncProp);
409 
410  //--------------------------------------------------
411  // Accessor for Target atribute of EncryptionProperty object.
412  // pEncProp - pointer to DEncEncryptionProperty object [REQUIRED]
413  // returns value of atribute or NULL.
414  //--------------------------------------------------
415  EXP_OPTION const char* dencEncryptionProperty_GetTarget(DEncEncryptionProperty* pEncProp);
416 
417  //--------------------------------------------------
418  // Accessor for Name atribute of EncryptionProperty object.
419  // pEncProp - pointer to DEncEncryptionProperty object [REQUIRED]
420  // returns value of atribute or NULL.
421  //--------------------------------------------------
422  EXP_OPTION const char* dencEncryptionProperty_GetName(DEncEncryptionProperty* pEncProp);
423 
424  //--------------------------------------------------
425  // Accessor for content of EncryptionProperty object.
426  // pEncProp - pointer to DEncEncryptionProperty object [REQUIRED]
427  // returns value of atribute or NULL.
428  //--------------------------------------------------
429  EXP_OPTION const char* dencEncryptionProperty_GetContent(DEncEncryptionProperty* pEncProp);
430 
431 //======================< DEncEncryptionProperty - mutators >===================
432 
433  //--------------------------------------------------
434  // Mutatoror for Id atribute of DEncEncryptionProperty object.
435  // pEncProp - pointer to DEncEncryptionProperty object [REQUIRED]
436  // value - new value for atribute [REQUIRED]
437  // returns error code or ERR_OK
438  //--------------------------------------------------
439  EXP_OPTION int dencEncryptionProperty_SetId(DEncEncryptionProperty* pEncProp, const char* value);
440 
441  //--------------------------------------------------
442  // Mutatoror for Target atribute of DEncEncryptionProperty object.
443  // pEncProp - pointer to DEncEncryptionProperty object [REQUIRED]
444  // value - new value for atribute [REQUIRED]
445  // returns error code or ERR_OK
446  //--------------------------------------------------
447  EXP_OPTION int dencEncryptionProperty_SetTarget(DEncEncryptionProperty* pEncProp, const char* value);
448 
449  //--------------------------------------------------
450  // Mutatoror for Name atribute of DEncEncryptionProperty object.
451  // pEncProp - pointer to DEncEncryptionProperty object [REQUIRED]
452  // value - new value for atribute [REQUIRED]
453  // returns error code or ERR_OK
454  //--------------------------------------------------
455  EXP_OPTION int dencEncryptionProperty_SetName(DEncEncryptionProperty* pEncProp, const char* value);
456 
457  //--------------------------------------------------
458  // Mutatoror for content of DEncEncryptionProperty object.
459  // pEncProp - pointer to DEncEncryptionProperty object [REQUIRED]
460  // value - new value for atribute [REQUIRED]
461  // returns error code or ERR_OK
462  //--------------------------------------------------
463  EXP_OPTION int dencEncryptionProperty_SetContent(DEncEncryptionProperty* pEncProp, const char* value);
464 
465 
466 //======================< DEncEncryptedKey >===================
467 
468  //--------------------------------------------------
469  // "Constructor" for EncryptedKey
470  // Encrypts the transport key for a receiver
471  // and stores encrypted key in memory
472  // Call this function repeatedly for all receivers,
473  // pEncData - pointer to DEncEncryptedData object [REQUIRED]
474  // pEncKey - address of buffer for new encrypted key object [REQUIRED]
475  // pCert - recevers certificate [REQUIRED]
476  // szEncMethod - encryption method [REQUIRED]
477  // szId - Id atribute of EncryptedKey [OPTIONAL]
478  // szRecipient - Recipient atribute of EncryptedKey [OPTIONAL]
479  // szKeyName - KeyName subelement of EncryptedKey [OPTIONAL]
480  // szCarriedKeyName - CarriedKeyName subelement of EncryptedKey [OPTIONAL]
481  // returns error code or ERR_OK
482  //--------------------------------------------------
483  EXP_OPTION int dencEncryptedKey_new(DEncEncryptedData* pEncData,
484  DEncEncryptedKey** pEncKey, X509* pCert,
485  const char* szEncMethod, const char* szId,
486  const char* szRecipient, const char* szKeyName,
487  const char* szCarriedKeyName);
488 
489  //--------------------------------------------------
490  // "Destructor" for EncryptedKey
491  // pEncKey - address of buffer for new encrypted key object [REQUIRED]
492  // returns error code or ERR_OK
493  //--------------------------------------------------
494  EXP_OPTION int dencEncryptedKey_free(DEncEncryptedKey* pEncKey);
495 
496 //======================< DEncEncryptedKey - acessors >===================
497 
498  //--------------------------------------------------
499  // Accessor for Id atribute of DEncEncryptedKey object.
500  // pEncKey - pointer to DEncEncryptedKey object [REQUIRED]
501  // returns value of atribute or NULL.
502  //--------------------------------------------------
503  EXP_OPTION const char* dencEncryptedKey_GetId(DEncEncryptedKey* pEncKey);
504 
505  //--------------------------------------------------
506  // Accessor for Recipient atribute of DEncEncryptedKey object.
507  // pEncKey - pointer to DEncEncryptedKey object [REQUIRED]
508  // returns value of atribute or NULL.
509  //--------------------------------------------------
510  EXP_OPTION const char* dencEncryptedKey_GetRecipient(DEncEncryptedKey* pEncKey);
511 
512  //--------------------------------------------------
513  // Accessor for EncryptionMethod subelement of DEncEncryptedKey object.
514  // pEncKey - pointer to DEncEncryptedKey object [REQUIRED]
515  // returns value of atribute or NULL.
516  //--------------------------------------------------
517  EXP_OPTION const char* dencEncryptedKey_GetEncryptionMethod(DEncEncryptedKey* pEncKey);
518 
519  //--------------------------------------------------
520  // Accessor for KeyName subelement of DEncEncryptedKey object.
521  // pEncKey - pointer to DEncEncryptedKey object [REQUIRED]
522  // returns value of atribute or NULL.
523  //--------------------------------------------------
524  EXP_OPTION const char* dencEncryptedKey_GetKeyName(DEncEncryptedKey* pEncKey);
525 
526  //--------------------------------------------------
527  // Accessor for CarriedKeyName subelement of DEncEncryptedKey object.
528  // pEncKey - pointer to DEncEncryptedKey object [REQUIRED]
529  // returns value of atribute or NULL.
530  //--------------------------------------------------
531  EXP_OPTION const char* dencEncryptedKey_GetCarriedKeyName(DEncEncryptedKey* pEncKey);
532 
533  //--------------------------------------------------
534  // Accessor for certificate of DEncEncryptedKey object.
535  // pEncKey - pointer to DEncEncryptedKey object [REQUIRED]
536  // returns value of atribute or NULL.
537  //--------------------------------------------------
538  EXP_OPTION X509* dencEncryptedKey_GetCertificate(DEncEncryptedKey* pEncKey);
539 
540 //======================< DEncEncryptedKey - mutators >===================
541 
542  //--------------------------------------------------
543  // Mutatoror for Id atribute of DEncEncryptedKey object.
544  // pEncKey - pointer to DEncEncryptedKey object [REQUIRED]
545  // value - new value for atribute [REQUIRED]
546  // returns error code or ERR_OK
547  //--------------------------------------------------
548  EXP_OPTION int dencEncryptedKey_SetId(DEncEncryptedKey* pEncKey, const char* value);
549 
550  //--------------------------------------------------
551  // Mutatoror for Recipient atribute of DEncEncryptedKey object.
552  // pEncKey - pointer to DEncEncryptedKey object [REQUIRED]
553  // value - new value for atribute [REQUIRED]
554  // returns error code or ERR_OK
555  //--------------------------------------------------
556  EXP_OPTION int dencEncryptedKey_SetRecipient(DEncEncryptedKey* pEncKey, const char* value);
557 
558  //--------------------------------------------------
559  // Mutatoror for EncryptionMethod subelement of DEncEncryptedKey object.
560  // pEncKey - pointer to DEncEncryptedKey object [REQUIRED]
561  // value - new value for atribute [REQUIRED]
562  // returns error code or ERR_OK
563  //--------------------------------------------------
564  EXP_OPTION int dencEncryptedKey_SetEncryptionMethod(DEncEncryptedKey* pEncKey, const char* value);
565 
566  //--------------------------------------------------
567  // Mutatoror for KeyName subelement of DEncEncryptedKey object.
568  // pEncKey - pointer to DEncEncryptedKey object [REQUIRED]
569  // value - new value for atribute [REQUIRED]
570  // returns error code or ERR_OK
571  //--------------------------------------------------
572  EXP_OPTION int dencEncryptedKey_SetKeyName(DEncEncryptedKey* pEncKey, const char* value);
573 
574  //--------------------------------------------------
575  // Mutatoror for CarriedKeyName subelement of DEncEncryptedKey object.
576  // pEncKey - pointer to DEncEncryptedKey object [REQUIRED]
577  // value - new value for atribute [REQUIRED]
578  // returns error code or ERR_OK
579  //--------------------------------------------------
580  EXP_OPTION int dencEncryptedKey_SetCarriedKeyName(DEncEncryptedKey* pEncKey, const char* value);
581 
582  //--------------------------------------------------
583  // Mutatoror for certificate of DEncEncryptedKey object.
584  // pEncKey - pointer to DEncEncryptedKey object [REQUIRED]
585  // value - new value for atribute [REQUIRED]
586  // returns error code or ERR_OK
587  //--------------------------------------------------
588  EXP_OPTION int dencEncryptedKey_SetCertificate(DEncEncryptedKey* pEncKey, X509* value);
589 
590 //==========< general crypto functions >============
591 
592  //--------------------------------------------------
593  // Locates the correct EncryptedKey object by reading
594  // users certificate from smartcard and searching the
595  // right EncryptedKey object
596  // pEncData - pointer to DEncEncryptedData object [REQUIRED]
597  // ppEncKey - address of a buffer for EncryptedKey pointer [REQUIRED]
598  // returns error code or ERR_OK
599  //--------------------------------------------------
600  EXP_OPTION int dencEncryptedData_findEncryptedKeyByPKCS11(DEncEncryptedData* pEncData, DEncEncryptedKey** ppEncKey);
601 
602  //--------------------------------------------------
603  // Locates the correct EncryptedKey object by reading
604  // users certificate from smartcard and searching the
605  // right EncryptedKey object
606  // pEncData - pointer to DEncEncryptedData object [REQUIRED]
607  // ppEncKey - address of a buffer for EncryptedKey pointer [REQUIRED]
608  // nSlot - slot nr
609  // returns error code or ERR_OK
610  //--------------------------------------------------
611  EXP_OPTION int dencEncryptedData_findEncryptedKeyByPKCS11UsingSlot(DEncEncryptedData* pEncData, DEncEncryptedKey** ppEncKey, int nSlot);
612 
613  //--------------------------------------------------
614  // Locates the correct EncryptedKey object by reading
615  // users certificate and private key from pkcs12 file and searching the
616  // right EncryptedKey object
617  // pEncData - pointer to DEncEncryptedData object [REQUIRED]
618  // ppEncKey - address of a buffer for EncryptedKey pointer [REQUIRED]
619  // ppKey - address of private key pointer. Caller must free [REQUIRED]
620  // szPkcs12File - pkcs12 file name [REQUIRED]
621  // szPasswd - pkcs12 file password [REQUIRED]. Might be empty?
622  // returns error code or ERR_OK
623  //--------------------------------------------------
624  EXP_OPTION int dencEncryptedData_findEncryptedKeyByPKCS12(DEncEncryptedData* pEncData, DEncEncryptedKey** ppEncKey,
625  EVP_PKEY** ppKey, const char* szPkcs12File, const char* szPasswd);
626 
627  //--------------------------------------------------
628  // Encrypts data with the generated key
629  // pEncData - pointer to DEncEncryptedData object [REQUIRED]
630  // nCompressOption - flag: DENC_COMPRESS_ALLWAYS,
631  // DENC_COMPRESS_NEVER or DENC_COMPRESS_BEST_EFFORT
632  // returns error code or ERR_OK
633  //--------------------------------------------------
634  EXP_OPTION int dencEncryptedData_encryptData(DEncEncryptedData* pEncData, int nCompressOption);
635 
636  //--------------------------------------------------
637  // Decrypts data transport key with ID card and
638  // then decrypts the data with the transport key.
639  // pEncData - pointer to DEncEncryptedData object [REQUIRED]
640  // tKey - decrypted transport key [REQUIRED]
641  // keyLen - length of trasnport key [REQUIRED]
642  // returns error code or ERR_OK
643  //--------------------------------------------------
644  EXP_OPTION int dencEncryptedData_decrypt_withKey(DEncEncryptedData* pEncData,
645  const char* tKey, int keyLen);
646 
647  //--------------------------------------------------
648  // Decrypts data with the generated key
649  // pEncData - pointer to DEncEncryptedData object [REQUIRED]
650  // returns error code or ERR_OK
651  //--------------------------------------------------
652  EXP_OPTION int dencEncryptedData_decryptData(DEncEncryptedData* pEncData);
653 
654  //--------------------------------------------------
655  // Decrypts data transport key with ID card and
656  // then decrypts the data with the transport key.
657  // pEncData - pointer to DEncEncryptedData object [REQUIRED]
658  // pEncKey - transport key to decrypt [REQUIRED]
659  // pin - pin code for smart card [REQUIRED]
660  // returns error code or ERR_OK
661  //--------------------------------------------------
662  EXP_OPTION int dencEncryptedData_decrypt(DEncEncryptedData* pEncData,
663  DEncEncryptedKey* pEncKey,
664  const char* pin);
665  //--------------------------------------------------
666  // Decrypts data transport key with ID card and
667  // then decrypts the data with the transport key.
668  // pEncData - pointer to DEncEncryptedData object [REQUIRED]
669  // pEncKey - transport key to decrypt [REQUIRED]
670  // pin - pin code for smart card [REQUIRED]
671  // nSlot - slot nr
672  // returns error code or ERR_OK
673  //--------------------------------------------------
674  EXP_OPTION int dencEncryptedData_decryptUsingSlot(DEncEncryptedData* pEncData,
675  DEncEncryptedKey* pEncKey,
676  const char* pin, int nSlot);
677 
678  //--------------------------------------------------
679  // Decrypts data transport key with ID card and
680  // then decrypts the data with the transport key.
681  // pEncData - pointer to DEncEncryptedData object [REQUIRED]
682  // pEncKey - transport key to decrypt [REQUIRED]
683  // pKey - private key for decrypting [REQUIRED]
684  // returns error code or ERR_OK
685  //--------------------------------------------------
686  EXP_OPTION int dencEncryptedData_decryptWithKey(DEncEncryptedData* pEncData,
687  DEncEncryptedKey* pEncKey,
688  EVP_PKEY* pKey);
689 
690  //--------------------------------------------------
691  // Compresses data with ZLIB. Cannot compress encrypted data!!!
692  // pEncData - pointer to DEncEncryptedData object [REQUIRED]
693  // nCompressOption - flag: DENC_COMPRESS_ALLWAYS,
694  // DENC_COMPRESS_NEVER or DENC_COMPRESS_BEST_EFFORT
695  // returns error code or ERR_OK
696  //--------------------------------------------------
697  EXP_OPTION int dencEncryptedData_compressData(DEncEncryptedData* pEncData, int nCompressOption);
698 
699  //--------------------------------------------------
700  // Decompresses data with ZLIB.
701  // pEncData - pointer to DEncEncryptedData object [REQUIRED]
702  // nCompressOption - flag: DENC_COMPRESS_ALLWAYS,
703  // DENC_COMPRESS_NEVER or DENC_COMPRESS_BEST_EFFORT
704  // returns error code or ERR_OK
705  //--------------------------------------------------
706  EXP_OPTION int dencEncryptedData_decompressData(DEncEncryptedData* pEncData);
707 
708 
709 //====================< RecipientInfo functions >==========================
710 
711  //--------------------------------------------------
712  // "Constructor" of DEncRecvInfo object
713  // ppRecvInfo - address of buffer for newly allocated object [REQUIRED]
714  // szId - recipients id [REQUIRED]
715  // szRecipient - recipient atribute [OPTIONAL]
716  // szKeyName - KeyName element [OPTIONAL]
717  // szCarriedKeyName - CarriedKeyName element [OPTIONAL]
718  // pCert - certificate [REQUIRED]
719  // returns error code or ERR_OK
720  //--------------------------------------------------
721  EXP_OPTION int dencRecvInfo_new(DEncRecvInfo** ppRecvInfo,
722  const char* szId, const char* szRecipient,
723  const char* szKeyName, const char* szCarriedKeyName,
724  const X509* pCert);
725 
726  //--------------------------------------------------
727  // "Destructor" of DEncRecvInfo object
728  // pRecvInfo - address of buffer for newly allocated object [REQUIRED]
729  // returns error code or ERR_OK
730  //--------------------------------------------------
731  EXP_OPTION int dencRecvInfo_free(DEncRecvInfo* pRecvInfo);
732 
733  //--------------------------------------------------
734  // Stores DEncRecvInfo object to configuration store
735  // pRecvInfo - address of buffer for newly allocated object [REQUIRED]
736  // returns error code or ERR_OK
737  //--------------------------------------------------
738  EXP_OPTION int dencRecvInfo_store(DEncRecvInfo* pRecvInfo);
739 
740  //--------------------------------------------------
741  // Stores DEncRecvInfo object to configuration store
742  // pConfStore - store to search in [OPTIONAL]. Use NULL for default
743  // pRecvInfo - address of buffer for newly allocated object [REQUIRED]
744  // szId - id of the object [REQUIRED]
745  // returns error code or ERR_OK
746  //--------------------------------------------------
747  EXP_OPTION int dencRecvInfo_findById(ConfigurationStore *pConfStore,
748  DEncRecvInfo** ppRecvInfo, const char* szId);
749 
750  //--------------------------------------------------
751  // Deletes DEncRecvInfo object from configuration store
752  // pRecvInfo - address of RecvInfo [REQUIRED]
753  // returns error code or ERR_OK
754  //--------------------------------------------------
755  EXP_OPTION int dencRecvInfo_delete(DEncRecvInfo* pRecvInfo);
756 
757  //--------------------------------------------------
758  // Returns all DEncRecvInfo objects
759  // pRecvInfoList - address of the list receiving the items [REQUIRED]
760  // returns error code or ERR_OK
761  //--------------------------------------------------
762  EXP_OPTION int dencRecvInfo_findAll(DEncRecvInfoList* pRecvInfoList);
763 
764 
765 //====================< RecipientInfoList functions >==========================
766 
767  //--------------------------------------------------
768  // Adds a DEncRecvInfo object to the list
769  // pRecvInfoList - address of the list receiving the item [REQUIRED]
770  // pRecvInfo - new object to be added
771  // returns error code or ERR_OK
772  //--------------------------------------------------
773  EXP_OPTION int dencRecvInfoList_add(DEncRecvInfoList* pRecvInfoList, DEncRecvInfo *pRecvInfo);
774 
775  //--------------------------------------------------
776  // Frees the contents of a DEncRecvInfoList object
777  // pRecvInfoList - address of the list [REQUIRED]
778  // returns error code or ERR_OK
779  //--------------------------------------------------
780  EXP_OPTION int dencRecvInfoList_free(DEncRecvInfoList* pRecvInfoList);
781 
782  //--------------------------------------------------
783  // Removes the given DEncRecvInfo object from the list
784  // pRecvInfoList - address of the list [REQUIRED]
785  // szId - id of the obect to be removed [REQUIRED]
786  // returns error code or ERR_OK
787  //--------------------------------------------------
788  EXP_OPTION int dencRecvInfoList_delete(DEncRecvInfoList* pRecvInfoList, const char* szId);
789 
790 //====================< big file functions >==========================
791 
792  //--------------------------------------------------
793  // Encrypts a file and writes it to output file
794  // The caller must have initialized the transport keys
795  // but not the data.
796  // pEncData - pointer to DEncEncryptedData object [REQUIRED]
797  // szInputFileName - input data name [REQUIRED]
798  // szOutputFileName - output file name [REQUIRED]
799  // szMimeType - input data mime type [OPTIONAL]
800  // returns error code or ERR_OK
801  //--------------------------------------------------
802  EXP_OPTION int dencEncryptFile(DEncEncryptedData* pEncData,
803  const char* szInputFileName, const char* szOutputFileName,
804  const char* szMimeType);
805 
806 //====================< original content functions >===================
807 
808  //--------------------------------------------------
809  // Returns the count of "orig_file" properties
810  // pEncData - EncryptedData object [REQUIRED]
811  // returns count or -1 for error.
812  //--------------------------------------------------
813  EXP_OPTION int dencOrigContent_count(DEncEncryptedData* pEncData);
814 
815  //--------------------------------------------------
816  // Creates a new property of type "orig_file"
817  // pEncData - EncryptedData object [REQUIRED]
818  // szOrigContentId - Id atribute for new Property object [OPTIONAL]
819  // szName - original file name [REQUIRED]
820  // szSize - size as string or irginal file [REQUIRED]
821  // szMime - mime type or original file [REQUIRED]
822  // szDfId - Id atribute of original file [REQUIRED]
823  // returns error code or ERR_OK
824  //--------------------------------------------------
825  EXP_OPTION int dencOrigContent_add(DEncEncryptedData* pEncData, const char* szOrigContentId,
826  const char* szName, const char* szSize, const char* szMime, const char* szDfId);
827 
828  //--------------------------------------------------
829  // Returns the info from "orig_file" properties
830  // pEncData - EncryptedData object [REQUIRED]
831  // szOrigContentId - Id atribute for new Property object [OPTIONAL]
832  // szName - buffer for original file name [REQUIRED]
833  // nNameLen - buffer length of szName [REQUIRED]
834  // szSize - buffer for size as string or irginal file [REQUIRED]
835  // nSizeLen - buffer length of szSize [REQUIRED]
836  // szMime - buffer for mime type or original file [REQUIRED]
837  // nMimeLen - buffer length of szMime [REQUIRED]
838  // szDfId - buffer for Id atribute of original file [REQUIRED]
839  // nDfIdLen - buffer length of szDfId [REQUIRED]
840  // returns error code or ERR_OK
841  //--------------------------------------------------
842  EXP_OPTION int dencOrigContent_findByIndex(DEncEncryptedData* pEncData, int origContIdx,
843  char* szName, int nNameLen, char* szSize, int nSizeLen,
844  char* szMime, int nMimeLen, char* szDfId, int nDfIdLen);
845 
846  //--------------------------------------------------
847  // Checks if there is a digidoc document in this
848  // encrypted document.
849  // pEncData - EncryptedData object [REQUIRED]
850  // returns 1 if digidoc document is inside
851  //--------------------------------------------------
852  EXP_OPTION int dencOrigContent_isDigiDocInside(DEncEncryptedData* pEncData);
853 
854  //--------------------------------------------------
855  // Registers digidoc document as encrypted datatype
856  // and stores it's data file info.
857  // pEncData - EncryptedData object [REQUIRED]
858  // pSigDoc - SignedDoc object [REQUIRED]
859  // returns 1 if digidoc document is inside
860  //--------------------------------------------------
861  EXP_OPTION int dencOrigContent_registerDigiDoc(DEncEncryptedData* pEncData, SignedDoc* pSigDoc);
862 
863 //====================< other meta-info functions >===================
864 
865  //--------------------------------------------------
866  // Sets the library name and version property
867  // pEncData - EncryptedData object [REQUIRED]
868  // returns count or -1 for error.
869  //--------------------------------------------------
870  EXP_OPTION int dencMetaInfo_SetLibVersion(DEncEncryptedData* pEncData);
871 
872  //--------------------------------------------------
873  // Sets the format name and version property
874  // pEncData - EncryptedData object [REQUIRED]
875  // returns count or -1 for error.
876  //--------------------------------------------------
877  EXP_OPTION int dencMetaInfo_SetFormatVersion(DEncEncryptedData* pEncData);
878 
879  //--------------------------------------------------
880  // Returns the library name and version meta-info of this document
881  // pEncData - EncryptedData object [REQUIRED]
882  // szLibrary - buffer for library name
883  // nLibLen - length of library name buffer
884  // szVersion - buffer for version info
885  // nVerLen - length of version info buffer
886  // returns count or -1 for error.
887  //--------------------------------------------------
888  EXP_OPTION int dencMetaInfo_GetLibVersion(DEncEncryptedData* pEncData, char* szLibrary, int nLibLen, char* szVersion, int nVerLen);
889 
890  //--------------------------------------------------
891  // Returns the format name and version meta-info of this document
892  // pEncData - EncryptedData object [REQUIRED]
893  // returns count or -1 for error.
894  //--------------------------------------------------
895  EXP_OPTION int dencMetaInfo_GetFormatVersion(DEncEncryptedData* pEncData, char* szFormat, int nFormatLen, char* szVersion, int nVerLen);
896 
897  //--------------------------------------------------
898  // Deletes the meta-info properties
899  // pEncData - EncryptedData object [REQUIRED]
900  // returns error code or ERR_OK
901  //--------------------------------------------------
902  EXP_OPTION int dencMetaInfo_deleteVersionInfo(DEncEncryptedData* pEncData);
903 
904  //--------------------------------------------------
905  // Validates cdoc structure
906  // pEncData - EncryptedData object [REQUIRED]
907  // returns error code or ERR_OK
908  //--------------------------------------------------
909  EXP_OPTION int dencValidate(DEncEncryptedData* pEncData);
910 
911 #ifdef __cplusplus
912 }
913 #endif
914 
915 #endif // __DIGIDOC_ENC_H__
916 
917 
Definition: DigiDocEnc.h:79
Definition: DigiDocEnc.h:35
Definition: DigiDocEnc.h:50
Definition: DigiDocObj.h:177
Definition: DigiDocEnc.h:43
Definition: DigiDocEnc.h:87
Definition: DigiDocMem.h:32
Definition: DigiDocEnc.h:60
Definition: DigiDocConfig.h:65