PdfSignerCms.h

 
#ifndef PDF_SIGNER_CMS_H
#define PDF_SIGNER_CMS_H
 
#include <chrono>
#include "PdfSigner.h"
 
extern "C"
{
    // OpenSSL forward declaration
    struct evp_pkey_st;
    // libxml2 forward declaration
    typedef struct _xmlNode xmlNode;
    typedef xmlNode* xmlNodePtr;
}
 
namespace PoDoFo
{
    class CmsContext;
 
    using PdfSigningService = std::function<void(bufferview hashToSign, bool dryrun, charbuff& signedHash)>;
    using PdfSignedHashHandler = std::function<void(bufferview signedhHash, bool dryrun)>;
 
    enum class PdfSignerCmsFlags : uint32_t
    {
        None = 0,
        ServiceDoWrapDigest = 1,
        ServiceDoDryRun = 2,
    };
 
    struct PODOFO_API PdfSignerCmsParams final
    {
        PdfSignatureType SignatureType = PdfSignatureType::PAdES_B;
        [[deprecated("Encryption should be automatically detected from the public key in the certificate")]]
        PdfSignatureEncryption Encryption = PdfSignatureEncryption::RSA;
        PdfHashingAlgorithm Hashing = PdfHashingAlgorithm::SHA256;
        PdfSigningService SigningService;
        nullable<std::chrono::seconds> SigningTimeUTC;
        PdfSignedHashHandler SignedHashHandler;
        PdfSignerCmsFlags Flags = PdfSignerCmsFlags::None;
    };
 
    enum class PdfSignatureAttributeFlags : uint32_t
    {
        None = 0,
        SignedAttribute = 1,
        AsOctetString = 2,
    };
 
    class PODOFO_API PdfSignerCms : public PdfSigner
    {
        friend class PdfSigningContext;
    public:
        PdfSignerCms(const bufferview& cert, const bufferview& pkey,
            const PdfSignerCmsParams& parameters = { });
 
        PdfSignerCms(const bufferview& cert, const PdfSignerCmsParams& parameters = { });
 
        ~PdfSignerCms();
 
    private:
        PdfSignerCms();
 
    public:
        void AppendData(const bufferview& data) override;
        void ComputeSignature(charbuff& buffer, bool dryrun) override;
        void FetchIntermediateResult(charbuff& result) override;
        void ComputeSignatureDeferred(const bufferview& processedResult, charbuff& contents, bool dryrun) override;
        void Reset() override;
        std::string GetSignatureFilter() const override;
        std::string GetSignatureSubFilter() const override;
        std::string GetSignatureType() const override;
        bool SkipBufferClear() const override;
 
        void AddAttribute(const std::string_view& nid, const bufferview& attr, PdfSignatureAttributeFlags flags = PdfSignatureAttributeFlags::None);
 
        void ReserveAttributeSize(unsigned attrSize);
 
    public:
        const PdfSignerCmsParams& GetParameters() const { return m_parameters; }
 
    private:
        // Called by PdfSigningContext
        void Dump(xmlNodePtr signerElem, std::string& temp);
        void Restore(xmlNodePtr signerElem, charbuff& temp);
    private:
        void ensureEventBasedSigning();
        void ensureDeferredSigning();
        void checkContextInitialized();
        void ensureContextInitialized();
        void resetContext();
        void doSign(const bufferview& input, charbuff& output);
        void tryEnlargeSignatureContents(charbuff& contents);
    private:
        nullable<bool> m_deferredSigning;
        charbuff m_certificate;
        std::unique_ptr<CmsContext> m_cmsContext;
        struct evp_pkey_st* m_privKey;
        PdfSignerCmsParams m_parameters;
        unsigned m_reservedSize;
 
        // Temporary buffer variables
        // NOTE: Don't clear it in Reset() override
        charbuff m_encryptedHash;
    };
}
 
ENABLE_BITMASK_OPERATORS(PoDoFo::PdfSignerCmsFlags);
ENABLE_BITMASK_OPERATORS(PoDoFo::PdfSignatureAttributeFlags);
 
#endif // PDF_SIGNER_CMS_H