podofo/documentation/PdfSignerCms_8h_source.html

// SPDX-FileCopyrightText: 2023 Francesco Pretto <ceztko@gmail.com>

// SPDX-License-Identifier: LGPL-2.0-or-later OR MPL-2.0


#ifndef PDF_SIGNER_CMS_H

#define PDF_SIGNER_CMS_H


#include <chrono>

#include "PdfSigner.h"


extern "C"

{

    // OpenSSL forward declaration

    struct evp_pkey_st;

    // libxml2 forward declaration

    typedef struct _xmlNode xmlNode;

    typedef xmlNode* xmlNodePtr;

}


namespace PoDoFo

{

    class CmsContext;


    using PdfSigningService = std::function<void(bufferview hashToSign, bool dryrun, charbuff& signedHash)>;

    using PdfSignedHashHandler = std::function<void(bufferview signedhHash, bool dryrun)>;


    enum class PdfSignerCmsFlags : uint32_t

    {

        None = 0,

        ServiceDoWrapDigest = 1,

        ServiceDoDryRun = 2,

    };


    struct PODOFO_API PdfSignerCmsParams final

    {

        PdfSignatureType SignatureType = PdfSignatureType::PAdES_B;

        [[deprecated("Encryption should be automatically detected from the public key in the certificate")]]

        PdfSignatureEncryption Encryption = PdfSignatureEncryption::RSA;

        PdfHashingAlgorithm Hashing = PdfHashingAlgorithm::SHA256;

        PdfSigningService SigningService;

        nullable<std::chrono::seconds> SigningTimeUTC;

        PdfSignedHashHandler SignedHashHandler;

        PdfSignerCmsFlags Flags = PdfSignerCmsFlags::None;

    };


    enum class PdfSignatureAttributeFlags : uint32_t

    {

        None = 0,

        SignedAttribute = 1,

        AsOctetString = 2,

    };


    class PODOFO_API PdfSignerCms : public PdfSigner

    {

        friend class PdfSigningContext;

    public:

        PdfSignerCms(const bufferview& cert, const bufferview& pkey,

            const PdfSignerCmsParams& parameters = { });


        PdfSignerCms(const bufferview& cert, const PdfSignerCmsParams& parameters = { });


        ~PdfSignerCms();


    private:

        PdfSignerCms();


    public:

        void AppendData(const bufferview& data) override;

        void ComputeSignature(charbuff& buffer, bool dryrun) override;

        void FetchIntermediateResult(charbuff& result) override;

        void ComputeSignatureDeferred(const bufferview& processedResult, charbuff& contents, bool dryrun) override;

        void Reset() override;

        std::string GetSignatureFilter() const override;

        std::string GetSignatureSubFilter() const override;

        std::string GetSignatureType() const override;

        bool SkipBufferClear() const override;


        void AddAttribute(const std::string_view& nid, const bufferview& attr, PdfSignatureAttributeFlags flags = PdfSignatureAttributeFlags::None);


        void ReserveAttributeSize(unsigned attrSize);


    public:

        unsigned GetSignedHashSize() const;


        const PdfSignerCmsParams& GetParameters() const { return m_parameters; }


    private:

        // Called by PdfSigningContext

        void Dump(xmlNodePtr signerElem, std::string& temp);

        void Restore(xmlNodePtr signerElem, charbuff& temp);

    private:

        void ensureEventBasedSigning();

        void ensureDeferredSigning();

        void checkContextInitialized();

        void ensureContextInitialized();

        void resetContext();

        void doSign(const bufferview& input, charbuff& output);

        void tryEnlargeSignatureContents(charbuff& contents);

    private:

        nullable<bool> m_deferredSigning;

        charbuff m_certificate;

        std::unique_ptr<CmsContext> m_cmsContext;

        struct evp_pkey_st* m_privKey;

        PdfSignerCmsParams m_parameters;

        unsigned m_reservedSize;


        // Temporary buffer variables

        // NOTE: Don't clear it in Reset() override

        charbuff m_encryptedHash;

    };


}


ENABLE_BITMASK_OPERATORS(PoDoFo::PdfSignerCmsFlags);

ENABLE_BITMASK_OPERATORS(PoDoFo::PdfSignatureAttributeFlags);


#endif // PDF_SIGNER_CMS_H

PoDoFo::PdfSignerCms
This class computes a CMS signature according to RFC 5652.
Definition PdfSignerCms.h:64

PoDoFo::PdfSigningContext
A context that can be used to customize the signing process.
Definition PdfSigningContext.h:69

PoDoFo::charbuff_t
Convenient type for char array storage and/or buffer with std::string compatibility.
Definition basetypes.h:35

PoDoFo
All classes, functions, types and enums of PoDoFo are members of these namespace.
Definition basetypes.h:13

PoDoFo::PdfSignatureAttributeFlags
PdfSignatureAttributeFlags
Definition PdfSignerCms.h:53

PoDoFo::PdfSignatureAttributeFlags::SignedAttribute
@ SignedAttribute
The input is interpreted as a raw octet string.

PoDoFo::PdfAcroFormDefaulAppearance::None
@ None
Do not add a default appearance.

PoDoFo::bufferview
cspan< char > bufferview
Convenient read-only char buffer span.
Definition basetypes.h:16

PoDoFo::PdfSignerCmsFlags
PdfSignerCmsFlags
Definition PdfSignerCms.h:27

PoDoFo::PdfSignerCmsFlags::ServiceDoWrapDigest
@ ServiceDoWrapDigest
When supplying an external PdfSigningService, specify if the service should be called for a dry run.