PoDoFo  1.0.0-dev
PdfSignerCms.h
1 
7 #ifndef PDF_SIGNER_CMS_H
8 #define PDF_SIGNER_CMS_H
9 
10 #include <chrono>
11 #include "PdfSigner.h"
12 
13 extern "C"
14 {
15  // OpenSSL forward
16  struct evp_pkey_st;
17 }
18 
19 namespace PoDoFo
20 {
21  class CmsContext;
22 
23  using PdfSigningService = std::function<void(bufferview hashToSign, bool dryrun, charbuff& signedHash)>;
24  using PdfSignedHashHandler = std::function<void(bufferview signedhHash, bool dryrun)>;
25 
26  enum class PdfSignerCmsFlags
27  {
28  None = 0,
37  ServiceDoDryRun = 2,
38  };
39 
40  struct PODOFO_API PdfSignerCmsParams final
41  {
42  PdfSignatureType SignatureType = PdfSignatureType::PAdES_B;
43  PdfSignatureEncryption Encryption = PdfSignatureEncryption::RSA;
44  PdfHashingAlgorithm Hashing = PdfHashingAlgorithm::SHA256;
45  PdfSigningService SigningService;
46  nullable<std::chrono::seconds> SigningTimeUTC;
47  PdfSignedHashHandler SignedHashHandler;
49  };
50 
52  {
53  None = 0,
55  SignedAttribute = 1,
57  AsOctetString = 2,
58  };
59 
62  class PODOFO_API PdfSignerCms : public PdfSigner
63  {
64  public:
71  PdfSignerCms(const bufferview& cert, const bufferview& pkey,
72  const PdfSignerCmsParams& parameters = { });
73 
78  PdfSignerCms(const bufferview& cert, const PdfSignerCmsParams& parameters = { });
79 
80  ~PdfSignerCms();
81 
82  public:
83  void AppendData(const bufferview& data) override;
84  void ComputeSignature(charbuff& buffer, bool dryrun) override;
85  void FetchIntermediateResult(charbuff& result) override;
86  void ComputeSignatureDeferred(const bufferview& processedResult, charbuff& contents, bool dryrun) override;
87  void Reset() override;
88  std::string GetSignatureFilter() const override;
89  std::string GetSignatureSubFilter() const override;
90  std::string GetSignatureType() const override;
91  bool SkipBufferClear() const override;
92 
97  void AddAttribute(const std::string_view& nid, const bufferview& attr, PdfSignatureAttributeFlags flags = PdfSignatureAttributeFlags::None);
98 
103  void ReserveAttributeSize(unsigned attrSize);
104 
105  public:
106  const PdfSignerCmsParams& GetParameters() const { return m_parameters; }
107 
108  private:
109  void ensureEventBasedSigning();
110  void ensureDeferredSigning();
111  void checkContextInitialized();
112  void ensureContextInitialized();
113  void resetContext();
114  void doSign(const bufferview& input, charbuff& output);
115  private:
116  nullable<bool> m_deferredSigning;
117  charbuff m_certificate;
118  std::unique_ptr<CmsContext> m_cmsContext;
119  struct evp_pkey_st* m_privKey;
120  PdfSignerCmsParams m_parameters;
121  unsigned m_reservedSize;
122 
123  // Temporary buffer variables
124  // NOTE: Don't clear it in Reset() override
125  charbuff m_encryptedHash;
126  };
127 }
128 
129 ENABLE_BITMASK_OPERATORS(PoDoFo::PdfSignerCmsFlags);
130 ENABLE_BITMASK_OPERATORS(PoDoFo::PdfSignatureAttributeFlags);
131 
132 #endif // PDF_SIGNER_CMS_H
This class computes a CMS signature according to RFC 5652.
Definition: PdfSignerCms.h:63
Convenient type for char array storage and/or buffer with std::string compatibility.
Definition: basetypes.h:38
SPDX-FileCopyrightText: (C) 2022 Francesco Pretto ceztko@gmail.com SPDX-License-Identifier: LGPL-2....
Definition: basetypes.h:16
PdfSignatureAttributeFlags
Definition: PdfSignerCms.h:52
@ SignedAttribute
The input is interpreted as a raw octet string.
@ None
The attribute is a signed attribute. By default, it is unsigned.
cspan< char > bufferview
Convenient read-only char buffer span.
Definition: basetypes.h:19
PdfSignerCmsFlags
Definition: PdfSignerCms.h:27
@ None
When supplying a PdfSigningService, specify if the service expects a bare digest (the default),...
@ ServiceDoWrapDigest
When supplying an external PdfSigningService, specify if the service should be called for a dry run.