libdigidocpp
|
#include <SignatureBES.h>
Public Member Functions | |
SignatureBES (unsigned int id, const BDoc &bdoc) | |
SignatureBES (const std::string &path, const BDoc &bdoc) throw (SignatureException) | |
virtual | ~SignatureBES () |
virtual std::string | getMediaType () const |
std::vector< std::string > | referenceDigestMethods () const |
virtual void | validateOffline () const throw (SignatureException) |
virtual CertStatus | validateOnline () const throw (SignatureException) |
![]() | |
virtual | ~Signature () |
std::string | saveToXml () throw (IOException) |
std::string | getId () const |
SignatureProductionPlace | getProductionPlace () const |
SignerRole | getSignerRole () const |
std::string | getSigningTime () const |
X509Cert | getSigningCertificate () const throw (SignatureException) |
std::string | getSignatureMethod () const |
Static Public Attributes | |
static const std::string | MEDIA_TYPE = "signature/bdoc-1.0/BES" |
Protected Member Functions | |
std::vector< unsigned char > | prepareSignedInfo (Signer *singer) throw (SignatureException, SignException) |
virtual void | sign (Signer *signer) throw (SignatureException, SignException) |
![]() | |
Signature (unsigned int id) | |
Signature (const std::string &path) throw (SignatureException) | |
void | addReference (const std::string &uri, const std::string &digestUri, const std::vector< unsigned char > &digestValue, const std::string &type="") throw (SignatureException) |
void | setSigningCertificate (const X509Cert &cert) |
void | setSignatureProductionPlace (const SignatureProductionPlace &signatureProductionPlace) |
void | setSignerRole (const SignerRole &signerRole) |
void | setSigningTime (const xml_schema::DateTime &signingTime) |
std::vector< unsigned char > | getSignatureValue () const |
void | setSignatureValue (Signer::Signature signatureValue) |
xades::SignedSignaturePropertiesType & | getSignedSignatureProperties () const throw (SignatureException) |
dsig::X509DataType::X509CertificateType & | getSigningX509CertificateType () const throw (SignatureException) |
std::vector< unsigned char > | calcDigestOnNode (Digest *calc, const std::string &ns, const std::string &tagName) const throw (SignatureException) |
Protected Attributes | |
const BDoc & | bdoc |
![]() | |
dsig::SignatureType * | signature |
Private Member Functions | |
SignatureBES & | operator= (SignatureBES const &that) |
void | checkSignature () const throw (SignatureException) |
void | checkSignedInfo () const throw (SignatureException) |
void | checkSignatureMethod () const throw (SignatureException) |
void | checkReferences () const throw (SignatureException) |
void | checkSignatureValue () const throw (SignatureException) |
void | checkSigningCertificate () const throw (SignatureException) |
void | checkKeyInfo () const throw (SignatureException) |
void | checkQualifyingProperties () const throw (SignatureException) |
void | checkSignedSignatureProperties () const throw (SignatureException) |
bool | isReferenceToSigProps (const digidoc::dsig::ReferenceType &refType) const throw (SignatureException) |
void | checkReferenceToSigProps (const digidoc::dsig::ReferenceType &refType) const throw (SignatureException) |
void | checkReferencesToDocs (dsig::SignedInfoType::ReferenceSequence &refSeq) const throw (SignatureException) |
void | checkDocumentRefDigest (Document &doc, const std::string &documentFileName, const dsig::ReferenceType &refType) const throw (SignatureException) |
Additional Inherited Members | |
![]() | |
enum | CertStatus { GOOD, REVOKED, UNKNOWN } |
![]() | |
static const std::string | XADES_NAMESPACE = "http://uri.etsi.org/01903/v1.3.2#" |
Definition at line 28 of file SignatureBES.h.
Creates an empty BDOC-BES signature with mandatory XML nodes.
Definition at line 48 of file SignatureBES.cpp.
digidoc::SignatureBES::SignatureBES | ( | const std::string & | path, |
const BDoc & | bdoc | ||
) | throw (SignatureException) |
path |
SignatureException |
Definition at line 59 of file SignatureBES.cpp.
References digidoc::Signature::getSignedSignatureProperties(), digidoc::Signature::getSigningX509CertificateType(), and THROW_SIGNATUREEXCEPTION.
|
virtual |
Definition at line 80 of file SignatureBES.cpp.
|
private |
Check if document digest matches with what reference claims
Definition at line 690 of file SignatureBES.cpp.
References DEBUGMEM, digidoc::Digest::isSupported(), and THROW_SIGNATUREEXCEPTION.
|
private |
TODO: comment
SignatureException | on a problem in signature |
Definition at line 392 of file SignatureBES.cpp.
References certs, digidoc::X509Cert::compareIssuerToString(), DEBUG, DEBUGMEM, e, digidoc::X509Cert::encodeDER(), digidoc::Digest::getDigest(), digidoc::X509Cert::getIssuerName(), digidoc::X509Cert::getSerial(), digidoc::Digest::getSize(), i, digidoc::Digest::isSupported(), THROW_SIGNATUREEXCEPTION, THROW_SIGNATUREEXCEPTION_CAUSE, and digidoc::Digest::update().
|
private |
TODO: comment
SignatureException | on a problem in signature |
Definition at line 465 of file SignatureBES.cpp.
References THROW_SIGNATUREEXCEPTION.
|
private |
Check that SignedInfo contains exactly one Reference to every document, plus one Reference to the SignedProperties
SignatureException | on a problem in signature |
Definition at line 343 of file SignatureBES.cpp.
References THROW_SIGNATUREEXCEPTION.
|
private |
Offline check on every SignedInfo reference to a document.
SignatureException | on error in references |
Definition at line 621 of file SignatureBES.cpp.
References digidoc::util::File::compareUri(), digidoc::Document::getFileName(), i, THROW_SIGNATUREEXCEPTION, and digidoc::util::File::toUri().
|
private |
TODO: comment
SignatureException | on a problem in signature |
Definition at line 547 of file SignatureBES.cpp.
References DEBUGMEM, i, digidoc::Digest::isSupported(), and THROW_SIGNATUREEXCEPTION.
|
private |
validate Signature element offline
SignatureException | on a problem in signature |
Definition at line 308 of file SignatureBES.cpp.
|
private |
validate SignatureMethod offline
SignatureException | on a problem in signature |
Definition at line 327 of file SignatureBES.cpp.
References THROW_SIGNATUREEXCEPTION.
|
private |
Validate signature value.
throws | exception if signature value did not match. |
Definition at line 740 of file SignatureBES.cpp.
References DEBUG, DEBUGMEM, e, digidoc::X509Cert::handle(), THROW_SIGNATUREEXCEPTION, and THROW_SIGNATUREEXCEPTION_CAUSE.
|
private |
validate SignedInfo offline
SignatureException | on a problem in signature |
Definition at line 318 of file SignatureBES.cpp.
|
private |
TODO: comment
SignatureException | on a problem in signature |
Definition at line 488 of file SignatureBES.cpp.
References THROW_SIGNATUREEXCEPTION.
|
private |
Check if signing certificate was issued by trusted party.
SignatureException | on a problem with signing certificate |
Definition at line 501 of file SignatureBES.cpp.
References e, digidoc::X509Cert::getKeyUsage(), digidoc::X509Cert::NonRepudiation, THROW_SIGNATUREEXCEPTION, THROW_SIGNATUREEXCEPTION_CAUSE, and digidoc::X509Cert::verify().
|
virtual |
Implements digidoc::Signature.
Reimplemented in digidoc::SignatureTM.
Definition at line 85 of file SignatureBES.cpp.
|
private |
Check SignedInfo->Reference Type attribute is "http://uri.etsi.org/01903#SignedProperties"
refType | SignedInfo->Reference element to check |
SignatureException | on a problem in signature |
Definition at line 522 of file SignatureBES.cpp.
|
private |
|
protected |
Prepares SignedInfo
signer | signer that signs the signature object. |
SignatureException | exception is throws if signing failed. |
Definition at line 217 of file SignatureBES.cpp.
References digidoc::Document::calcDigest(), digidoc::util::date::currentTime(), DEBUG, DEBUGMEM, e, digidoc::Document::getFileName(), digidoc::Document::getMediaType(), digidoc::Digest::getUri(), i, THROW_SIGNEXCEPTION_CAUSE, and digidoc::util::File::toUri().
std::vector< std::string > digidoc::SignatureBES::referenceDigestMethods | ( | ) | const |
Returns all references digest method uris
Definition at line 201 of file SignatureBES.cpp.
References i.
|
protectedvirtual |
Sign the signature using BDOC-BES profile. Sets required fields, calculates digests and finally signs the signature object using the provided signer
implementation.
signer | signer that signs the signature object. |
SignatureException | exception is throws if signing failed. |
Implements digidoc::Signature.
Reimplemented in digidoc::SignatureTM.
Definition at line 282 of file SignatureBES.cpp.
References e, int(), THROW_SIGNEXCEPTION_CAUSE, digidoc::Signer::Digest::type, and validateOffline().
Referenced by digidoc::SignatureTM::sign().
|
virtual |
Check if signature is valid according to BDoc-BES format. Performs any off-line checks that prove mathematical correctness. However, there is no warranty against if the signature has expired. On-line validation should be performed to check for signature expiration.
SignatureException | containing details on what's wrong in this signature. |
Implements digidoc::Signature.
Reimplemented in digidoc::SignatureTM.
Definition at line 98 of file SignatureBES.cpp.
References digidoc::Exception::addCause(), e, and digidoc::Exception::hasCause().
Referenced by sign(), and digidoc::SignatureTM::validateOffline().
|
virtual |
return
SignatureException |
Implements digidoc::Signature.
Definition at line 145 of file SignatureBES.cpp.
References digidoc::Conf::OCSPConf::cert, digidoc::OCSP::checkCert(), e, digidoc::X509CertStore::getCert(), digidoc::Digest::getDigest(), digidoc::X509CertStore::getInstance(), digidoc::Conf::getInstance(), digidoc::X509Cert::getIssuerName(), digidoc::X509Cert::getIssuerNameAsn1(), digidoc::Conf::getOCSP(), digidoc::X509Cert::getX509(), digidoc::Conf::OCSPConf::issuer, digidoc::Exception::OCSPResponderMissing, digidoc::Exception::setCode(), digidoc::OCSP::setOCSPCerts(), digidoc::OCSP::setSkew(), digidoc::OCSP::setUrl(), STACK_OF(), THROW_SIGNATUREEXCEPTION, digidoc::Digest::update(), and digidoc::Conf::OCSPConf::url.
|
protected |
Definition at line 46 of file SignatureBES.h.
|
static |
BES profile signature media type.
Definition at line 40 of file SignatureBES.h.
Referenced by digidoc::BDoc::parseManifestAndLoadFiles().