//============================================================
// Sets the signatures certificate and calculates
// certificate digest & serial number
// pSigInfo - signature info object
// certFile - certficate file in PEM
//============================================================
EXP_OPTION int setSignatureCertFile(SignatureInfo* pSigInfo, const char* certFile)
{
X509 *cert = NULL;
int err = ERR_OK;
RETURN_IF_NULL_PARAM(pSigInfo);
RETURN_IF_NULL_PARAM(certFile);
err = ReadCertificate(&cert, certFile);
RETURN_IF_NOT(err == ERR_OK, err);
return setSignatureCert(pSigInfo, cert);;
}
int FLDigiDoc::verifyCertByOCSP(const QString &certfile)
{
X509 *pCert = 0;
DigiDocMemBuf mbuf;
mbuf.pMem = 0;
mbuf.nLen = 0;
int err = ReadCertificate(&pCert, certfile.latin1());
if (!err && pCert) {
err = ddocVerifyCertByOCSP(pCert, NULL);
err = ddocCertGetSubjectCN(pCert, &mbuf);
ddocMemBuf_free(&mbuf);
}
if (pCert) {
X509_free(pCert);
pCert = 0;
}
return err;
}
int FLDigiDoc::certIssuerDN(const QString &certfile, QString &issuerResult)
{
int err = ERR_OK;
X509 *pCert = 0;
DigiDocMemBuf mbuf;
mbuf.pMem = 0;
mbuf.nLen = 0;
err = ReadCertificate(&pCert, certfile.latin1());
if (!err && pCert) {
err = ddocCertGetIssuerDN(pCert, &mbuf);
issuerResult = QString((const char *) mbuf.pMem);
ddocMemBuf_free(&mbuf);
}
if (pCert) {
X509_free(pCert);
pCert = 0;
}
return err;
}
int FLDigiDoc::verifySignatureData(const QByteArray &data, QByteArray &signResult,
const QString &certfile)
{
X509 *pCert = 0;
int err = ReadCertificate(&pCert, certfile.latin1());
if (!err && pCert) {
int sigLen = SIGNATURE_LEN;
byte buf[sigLen * sizeof(char)];
byte buf1[sigLen * sizeof(char) * 2];
err = verifySignature((const char *)data, data.size() * sizeof(char),
DIGEST_SHA1, buf, sigLen, pCert);
signResult = encodeBase64(buf, SIGNATURE_LEN);
}
if (pCert) {
X509_free(pCert);
pCert = 0;
}
return err;
}
int FLDigiDoc::certDigest(const QString &certfile, QByteArray &digestResult)
{
int err = ERR_OK, len1;
char buf1[1024 * sizeof(char)];
X509 *pCert = 0;
DigiDocMemBuf mbuf;
mbuf.pMem = 0;
mbuf.nLen = 0;
err = ReadCertificate(&pCert, certfile.latin1());
if (!err && pCert) {
len1 = sizeof(buf1);
buf1[0] = 0;
err = ddocCertGetDigest(pCert, &mbuf);
encode((const byte *) mbuf.pMem, mbuf.nLen, (byte *) buf1, &len1);
digestResult.duplicate((const char *) buf1, len1);
ddocMemBuf_free(&mbuf);
}
if (pCert) {
X509_free(pCert);
pCert = 0;
}
return err;
}
bool
RTCCertificate::ReadStructuredClone(JSStructuredCloneReader* aReader)
{
nsNSSShutDownPreventionLock locker;
if (isAlreadyShutDown()) {
return false;
}
uint32_t version, authType;
if (!JS_ReadUint32Pair(aReader, &version, &authType) ||
version != RTCCERTIFICATE_SC_VERSION) {
return false;
}
mAuthType = static_cast<SSLKEAType>(authType);
uint32_t high, low;
if (!JS_ReadUint32Pair(aReader, &high, &low)) {
return false;
}
mExpires = static_cast<PRTime>(high) << 32 | low;
return ReadPrivateKey(aReader, locker) &&
ReadCertificate(aReader, locker);
}
