search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
Refuse to convert XML documents
[libisds.git] / src / isds.h
blobf3f65364bf8ef46f2ab89381d79cbad5e845ccd5
1 #ifndef __ISDS_ISDS_H__
2 #define __ISDS_ISDS_H__
3
4 /* Public interface for libisds.
5 * Private declarations in isds_priv.h. */
6
7 #include <stdlib.h> /* For size_t */
8 #include <sys/time.h> /* For struct timeval */
9 #include <libxml/tree.h> /* Gor xmlDoc and xmlNodePtr */
10
11 #ifdef __cplusplus /* For C++ linker sake */
12 extern "C" {
13 #endif
14
15 /* _deprecated macro marks library symbols as deprecated. Application should
16 * avoid using such function as soon as possible. */
17 #if defined(__GNUC__)
18 #define _deprecated __attribute__((deprecated))
19 #else
20 #define _deprecated
21 #endif
22
23 /* Service locators */
24 /* Base URL of production ISDS instance */
25 extern const char isds_locator[]; /* Without client certificate auth. */
26 extern const char isds_cert_locator[]; /* With client certificate auth. */
27 /* Base URL of testing ISDS instance */
28 extern const char isds_testing_locator[]; /* Without client certificate auth. */
29 extern const char isds_testing_locator[]; /* With client certificate auth. */
30
31
32 struct isds_ctx; /* Context for specific ISDS box */
33
34 typedef enum {
35 IE_SUCCESS = 0, /* No error, just for C convenience (0 means Ok) */
36 IE_ERROR, /* Unspecified error */
37 IE_NOTSUP,
38 IE_INVAL,
39 IE_INVALID_CONTEXT,
40 IE_NOT_LOGGED_IN,
41 IE_CONNECTION_CLOSED,
42 IE_TIMED_OUT,
43 IE_NOEXIST,
44 IE_NOMEM,
45 IE_NETWORK,
46 IE_HTTP,
47 IE_SOAP,
48 IE_XML,
49 IE_ISDS,
50 IE_ENUM,
51 IE_DATE,
52 IE_2BIG,
53 IE_2SMALL,
54 IE_NOTUNIQ,
55 IE_NOTEQUAL,
56 IE_PARTIAL_SUCCESS,
57 IE_ABORTED
58 } isds_error;
59
60 typedef enum {
61 ILL_NONE = 0,
62 ILL_CRIT = 10,
63 ILL_ERR = 20,
64 ILL_WARNING = 30,
65 ILL_INFO = 40,
66 ILL_DEBUG = 50,
67 ILL_ALL = 100
68 } isds_log_level;
69
70 typedef enum {
71 ILF_NONE = 0x0,
72 ILF_HTTP = 0x1,
73 ILF_SOAP = 0x2,
74 ILF_ISDS = 0x4,
75 ILF_FILE = 0x8,
76 ILF_SEC = 0x10,
77 ILF_XML = 0x20,
78 ILF_ALL = 0xFF
79 } isds_log_facility;
80
81 /* Return text description of ISDS error */
82 const char *isds_strerror(const isds_error error);
83
84 /* libisds options */
85 typedef enum {
86 IOPT_TLS_VERIFY_SERVER, /* _Bool: Verify server identity?
87 Default value is true. */
88 IOPT_TLS_CA_FILE, /* char *: File name with CA certificates.
89 Default value depends on cryptographic
90 library. */
91 IOPT_TLS_CA_DIRECTORY, /* char *: Directory name with CA certificates.
92 Default value depends on cryptographic
93 library. */
94 IOPT_TLS_CRL_FILE, /* char *: File name with CRL in PEM format.
95 Default value depends on cryptographic
96 library. */
97 IOPT_NORMALIZE_MIME_TYPE, /* _Bool: Normalize MIME type values?
98 Default value is false. */
99 } isds_option;
100
101 /* TLS libisds options */
102 typedef enum {
103 ITLS_VERIFY_SERVER, /* _Bool: Verify server identity? */
104 ITLS_CA_FILE, /* char *: File name with CA certificates */
105 ITLS_CA_DIRECTORY, /* char *: Directory name with CA certificates */
106 ITLS_CRL_FILE /* char *: File name with CRL in PEM format */
107 } isds_tls_option;
108
109 /* Cryptographic material encoding */
110 typedef enum {
111 PKI_FORMAT_PEM, /* PEM format */
112 PKI_FORMAT_DER, /* DER format */
113 PKI_FORMAT_ENG /* Stored in crypto engine */
114 } isds_pki_format;
115
116 /* Public key crypto material to authenticate client */
117 struct isds_pki_credentials {
118 char *engine; /* String identifier of crypto engine to use
119 (where key is stored). Use NULL for no engine */
120 isds_pki_format certificate_format; /* Certificate format */
121 char *certificate; /* Path to client certificate, or certificate
122 nickname in case of NSS as curl back-end,
123 or key slot identifier inside crypto engine.
124 Some crypto engines can pair certificate with
125 key automatically (NULL value) */
126 isds_pki_format key_format; /* Private key format */
127 char *key; /* Path to client private key, or key identifier
128 in case of used engine */
129 char *passphrase; /* Zero terminated string with password for
130 decrypting private key, or engine PIN.
131 Use NULL for no pass-phrase or question by
132 engine. */
133 };
134
135 /* Box type */
136 typedef enum {
137 DBTYPE_SYSTEM = 0, /* This is special sender value for messages
138 sent by ISDS. */
139 DBTYPE_OVM = 10,
140 DBTYPE_OVM_NOTAR = 11,
141 DBTYPE_OVM_EXEKUT = 12,
142 DBTYPE_OVM_REQ = 13,
143 DBTYPE_PO = 20,
144 DBTYPE_PO_ZAK = 21,
145 DBTYPE_PO_REQ = 22,
146 DBTYPE_PFO = 30,
147 DBTYPE_PFO_ADVOK = 31,
148 DBTYPE_PFO_DANPOR = 32,
149 DBTYPE_PFO_INSSPR = 33,
150 DBTYPE_FO = 40
151 } isds_DbType;
152
153 /* Box status from point of view of accessibility */
154 typedef enum {
155 DBSTATE_ACCESSIBLE = 1,
156 DBSTATE_TEMP_UNACCESSIBLE = 2,
157 DBSTATE_NOT_YET_ACCESSIBLE = 3,
158 DBSTATE_PERM_UNACCESSIBLE = 4,
159 DBSTATE_REMOVED = 5
160 } isds_DbState;
161
162 /* User permissions from point of view of ISDS.
163 * Instances can be bitmaps of any discrete values. */
164 typedef enum {
165 PRIVIL_READ_NON_PERSONAL = 0x1, /* Can download and read messages with
166 dmPersonalDelivery == false */
167 PRIVIL_READ_ALL = 0x2, /* Can download and read messages with
168 dmPersonalDelivery == true */
169 PRIVIL_CREATE_DM = 0x4, /* Can create and sent messages,
170 can download outgoing (sent) messages */
171 PRIVIL_VIEW_INFO = 0x8, /* Can list messages and data about
172 post and delivery */
173 PRIVIL_SEARCH_DB = 0x10, /* Can search for boxes */
174 PRIVIL_OWNER_ADM = 0x20, /* Can administer his box (add/remove
175 permitted users and theirs
176 permissions) */
177 PRIVIL_READ_VAULT = 0x40, /* Can read message stored in data safe */
178 PRIVIL_ERASE_VAULT = 0x80 /* Can delete messages from data safe */
179 } isds_priviledges;
180
181 /* Message status */
182 typedef enum {
183 MESSAGESTATE_SENT = 0x2, /* Message has been put into ISDS */
184 MESSAGESTATE_STAMPED = 0x4, /* Message stamped by TSA */
185 MESSAGESTATE_INFECTED = 0x8, /* Message included viruses,
186 infected document has been removed */
187 MESSAGESTATE_DELIVERED = 0x10, /* Message delivered
188 (dmDeliveryTime stored) */
189 MESSAGESTATE_SUBSTITUTED = 0x20, /* Message delivered through fiction,
190 dmAcceptanceTime stored */
191 MESSAGESTATE_RECEIVED = 0x40, /* Message accepted (by user log-in or
192 user explicit request),
193 dmAcceptanceTime stored */
194 MESSAGESTATE_READ = 0x80, /* Message has been read by user */
195 MESSAGESTATE_UNDELIVERABLE = 0x100, /* Message could not been delivered
196 (e.g. recipient box has been made
197 inaccessible meantime) */
198 MESSAGESTATE_REMOVED = 0x200, /* Message content deleted */
199 MESSAGESTATE_IN_SAFE = 0x400 /* Message stored in data safe */
200
201 } isds_message_status;
202 #define MESSAGESTATE_ANY 0x7FE /* Union of all isds_message_status
203 values */
204
205 /* Hash algorithm types */
206 typedef enum {
207 HASH_ALGORITHM_MD5,
208 HASH_ALGORITHM_SHA_1,
209 HASH_ALGORITHM_SHA_224,
210 HASH_ALGORITHM_SHA_256,
211 HASH_ALGORITHM_SHA_384,
212 HASH_ALGORITHM_SHA_512,
213 } isds_hash_algorithm;
214
215 /* Buffer storage strategy.
216 * How function should embed application provided buffer into raw element of
217 * output structure. */
218 typedef enum {
219 BUFFER_DONT_STORE, /* Don't fill raw member */
220 BUFFER_COPY, /* Copy buffer content into newly allocated raw */
221 BUFFER_MOVE /* Just copy pointer.
222 But leave deallocation to isds_*_free(). */
223 } isds_buffer_strategy;
224
225 /* Hash value storage */
226 struct isds_hash {
227 isds_hash_algorithm algorithm; /* Hash algorithm */
228 size_t length; /* Hash value length in bytes */
229 void *value; /* Hash value */
230 };
231
232 /* Name of person */
233 struct isds_PersonName {
234 char *pnFirstName;
235 char *pnMiddleName;
236 char *pnLastName;
237 char *pnLastNameAtBirth;
238 };
239
240 /* Date and place of birth */
241 struct isds_BirthInfo {
242 struct tm *biDate; /* Date of Birth in local time at birth place,
243 only tm_year, tm_mon and tm_mday carry sane
244 value */
245 char *biCity;
246 char *biCounty; /* German: Bezirk, Czech: okres */
247 char *biState;
248 };
249
250 /* Post address */
251 struct isds_Address {
252 char *adCity;
253 char *adStreet;
254 char *adNumberInStreet;
255 char *adNumberInMunicipality;
256 char *adZipCode;
257 char *adState;
258 };
259
260 /* Data about box and his owner.
261 * NULL pointer means undefined value */
262 struct isds_DbOwnerInfo {
263 char *dbID; /* Box ID [Max. 7 chars] */
264 isds_DbType *dbType; /* Box Type */
265 char *ic; /* ID */
266 struct isds_PersonName *personName; /* Name of person */
267 char *firmName; /* Name of firm */
268 struct isds_BirthInfo *birthInfo; /* Birth of person */
269 struct isds_Address *address; /* Post address */
270 char *nationality;
271 char *email;
272 char *telNumber;
273 char *identifier; /* External box identifier for data
274 provider (OVM, PO, maybe PFO)
275 [Max. 20 chars] */
276 char *registryCode; /* PFO External registry code
277 [Max. 5 chars] */
278 long int *dbState; /* Box state; 1 <=> active box;
279 long int because xsd:integer
280 TODO: enum? */
281 _Bool *dbEffectiveOVM; /* Box has OVM role (§ 5a) */
282 _Bool *dbOpenAddressing; /* Non-OVM Box is free to receive
283 messages from anybody */
284 };
285
286 /* User type */
287 typedef enum {
288 USERTYPE_PRIMARY, /* Owner of the box */
289 USERTYPE_ENTRUSTED, /* User with limited access to the box */
290 USERTYPE_ADMINISTRATOR, /* User to manage ENTRUSTED_USERs */
291 USERTYPE_OFFICIAL /* ??? */
292 } isds_UserType;
293
294 /* Data about user.
295 * NULL pointer means undefined value */
296 struct isds_DbUserInfo {
297 char *userID; /* User ID [Min. 6, max. 12 characters] */
298 isds_UserType *userType; /* User type */
299 long int *userPrivils; /* Set of user permissions */
300 struct isds_PersonName *personName; /* Name of the person */
301 struct isds_Address *address; /* Post address */
302 struct tm *biDate; /* Date of birth in local time,
303 only tm_year, tm_mon and tm_mday carry sane
304 value */
305 char *ic; /* ID of a supervising firm [Max. 8 chars] */
306 char *firmName; /* Name of a supervising firm
307 [Max. 100 chars] */
308 char *caStreet; /* Street and number of contact address */
309 char *caCity; /* Czech City of contact address */
310 char *caZipCode; /* Post office code of contact address */
311 char *caState; /* Abbreviated country of contact address;
312 Implicit value is "CZ"; Optional. */
313 };
314
315 /* Message event type */
316 typedef enum {
317 EVENT_UKNOWN, /* Event unknown to this library */
318 EVENT_ACCEPTED_BY_RECIPIENT, /* Message has been delivered and accepted
319 by recipient action */
320 EVENT_ACCEPTED_BY_FICTION, /* Message has been delivered, acceptance
321 timed out, considered as accepted */
322 EVENT_UNDELIVERABLE, /* Recipient box made inaccessible,
323 thus message is undeliverable */
324 EVENT_COMMERCIAL_ACCEPTED /* Recipient confirmed acceptance of
325 commercial message */
326 } isds_event_type;
327
328 /* Message event
329 * All members are optional as specification states so. */
330 struct isds_event {
331 struct timeval *time; /* When the event occurred */
332 isds_event_type *type; /* Type of the event */
333 char *description; /* Human readable event description
334 generated by ISDS (Czech) */
335 };
336
337 /* Message envelope
338 * Be ware that the string length constraints are forced only on output
339 * members transmitted to ISDS. The other direction (downloaded from ISDS)
340 * can break these rules. It should not happen, but nobody knows how much
341 * incompatible new version of ISDS protocol will be. This is the gold
342 * Internet rule: be strict on what you put, be tolerant on what you get. */
343 struct isds_envelope {
344 /* Following members apply to incoming messages only: */
345 char *dmID; /* Message ID.
346 Maximal length is 20 characters. */
347 char *dbIDSender; /* Box ID of sender.
348 Special value "aaaaaaa" means sent by
349 ISDS.
350 Maximal length is 7 characters. */
351 char *dmSender; /* Sender name;
352 Maximal length is 100 characters. */
353 char *dmSenderAddress; /* Postal address of sender;
354 Maximal length is 100 characters. */
355 long int *dmSenderType; /* Gross Box type of sender
356 TODO: isds_DbType ? */
357 char *dmRecipient; /* Recipient name;
358 Maximal length is 100 characters. */
359 char *dmRecipientAddress; /* Postal address of recipient;
360 Maximal length is 100 characters. */
361 _Bool *dmAmbiguousRecipient; /* Recipient has OVM role */
362
363 /* Following members are assigned by ISDS in different phases of message
364 * life cycle. */
365 unsigned long int *dmOrdinal; /* Ordinal number in list of
366 incoming/outgoing messages */
367 isds_message_status *dmMessageStatus; /* Message state */
368 long int *dmAttachmentSize; /* Size of message documents in
369 kilobytes (rounded). */
370 struct timeval *dmDeliveryTime; /* Time of delivery into a box
371 NULL, if message has not been
372 delivered yet */
373 struct timeval *dmAcceptanceTime; /* Time of acceptance of the message
374 by an user. NULL if message has not
375 been accepted yet. */
376 struct isds_hash *hash; /* Message hash.
377 This is hash of isds:dmDM subtree. */
378 void *timestamp; /* Qualified time stamp; Optional. */
379 size_t timestamp_length; /* Length of timestamp in bytes */
380 struct isds_list *events; /* Events message passed trough;
381 List of isds_event's. */
382
383
384 /* Following members apply to both outgoing and incoming messages: */
385 char *dmSenderOrgUnit; /* Organisation unit of sender as string;
386 Optional. */
387 long int *dmSenderOrgUnitNum; /* Organisation unit of sender as number;
388 Optional. */
389 char *dbIDRecipient; /* Box ID of recipient; Mandatory.
390 Maximal length is 7 characters. */
391 char *dmRecipientOrgUnit; /* Organisation unit of recipient as
392 string; Optional. */
393 long int *dmRecipientOrgUnitNum; /* Organisation unit of recipient as
394 number; Optional. */
395 char *dmToHands; /* Person in recipient organisation;
396 Optional. */
397 char *dmAnnotation; /* Subject (title) of the message.
398 Maximal length is 255 characters. */
399 char *dmRecipientRefNumber; /* Czech: číslo jednací příjemce; Optional.
400 Maximal length is 50 characters. */
401 char *dmSenderRefNumber; /* Czech: číslo jednací odesílatele;
402 Optional. Maximal length is 50 chars. */
403 char *dmRecipientIdent; /* Czech: spisová značka příjemce; Optional.
404 Maximal length is 50 characters. */
405 char *dmSenderIdent; /* Czech: spisová značka odesílatele;
406 Optional. Maximal length is 50 chars. */
407
408 /* Act addressing in Czech Republic:
409 * Point (Paragraph) § Section Law/Year Coll. */
410 long int *dmLegalTitleLaw; /* Number of act mandating authority */
411 long int *dmLegalTitleYear; /* Year of act issue mandating authority */
412 char *dmLegalTitleSect; /* Section of act mandating authority.
413 Czech: paragraf */
414 char *dmLegalTitlePar; /* Paragraph of act mandating authority.
415 Czech: odstavec */
416 char *dmLegalTitlePoint; /* Point of act mandating authority.
417 Czech: písmeno */
418
419 _Bool *dmPersonalDelivery; /* If true, only person with higher
420 privileges can read this message */
421 _Bool *dmAllowSubstDelivery; /* Allow delivery through fiction.
422 I.e. Even if recipient did not read this
423 message, message is considered as
424 delivered after (currently) 10 days.
425 This is delivery through fiction.
426 Applies only to OVM dbType sender. */
427 _Bool *dmOVM; /* OVM sending mode.
428 Non-OVM dbType boxes that has
429 dbEffectiveOVM == true MUST select
430 between true (OVM mode) and
431 false (non-OVM mode).
432 Optional; Implicit value is true. */
433 char *dmType; /* Message type:
434 "V" is public message
435 "K" is commercial message
436 Default value for outgoing message is "V"
437 Length: Exact 1 UTF-8 character if
438 defined;
439 As 2010-05-20, used as output only. */
440 };
441
442
443 /* Document type from point of hierarchy */
444 typedef enum {
445 FILEMETATYPE_MAIN, /* Main document */
446 FILEMETATYPE_ENCLOSURE, /* Appendix */
447 FILEMETATYPE_SIGNATURE, /* Digital signature of other document */
448 FILEMETATYPE_META /* XML document for ESS (electronic
449 document information system) purposes */
450 } isds_FileMetaType;
451
452 /* Document */
453 struct isds_document {
454 _Bool is_xml; /* True if document is ISDS XML document.
455 False if document is ISDS binary
456 document. */
457 xmlNodePtr xml_node_list; /* XML node-set presenting current XML
458 document content. This is pointer to
459 first node of the document in
460 isds_message.xml tree. Use `children'
461 and `next' members to iterate the
462 document.
463 It will be NULL if document is empty.
464 Valid only if is_xml is true. */
465 void *data; /* Document content.
466 The encoding and interpretation depends
467 on dmMimeType.
468 Valid only if is_xml is false. */
469 size_t data_length; /* Length of the data in bytes.
470 Valid only if is_xml is false. */
471
472 char *dmMimeType; /* MIME type of data; Mandatory. */
473 isds_FileMetaType dmFileMetaType; /* Document type to create hierarchy */
474 char *dmFileGuid; /* Message-local document identifier;
475 Optional. */
476 char *dmUpFileGuid; /* Reference to upper document identifier
477 (dmFileGuid); Optional. */
478 char *dmFileDescr; /* Document name (title). E.g. file name;
479 Mandatory. */
480 char *dmFormat; /* Reference to XML form definition;
481 Defines how to interpret XML document;
482 Optional. */
483 };
484
485 /* Raw message representation content type.
486 * This is necessary to distinguish between different representations without
487 * expensive repeated detection.
488 * Infix explanation:
489 * PLAIN_SIGNED data are XML with namespace mangled to signed alternative
490 * CMS_SIGNED data are XML with signed namespace encapsulated in CMS */
491 typedef enum {
492 RAWTYPE_INCOMING_MESSAGE,
493 RAWTYPE_PLAIN_SIGNED_INCOMING_MESSAGE,
494 RAWTYPE_CMS_SIGNED_INCOMING_MESSAGE,
495 RAWTYPE_PLAIN_SIGNED_OUTGOING_MESSAGE,
496 RAWTYPE_CMS_SIGNED_OUTGOING_MESSAGE,
497 RAWTYPE_DELIVERYINFO,
498 RAWTYPE_PLAIN_SIGNED_DELIVERYINFO,
499 RAWTYPE_CMS_SIGNED_DELIVERYINFO
500 } isds_raw_type;
501
502 /* Message */
503 struct isds_message {
504 void *raw; /* Raw message in XML format as send to or
505 from the ISDS. You can use it to store
506 local copy. This is binary buffer. */
507 size_t raw_length; /* Length of raw message in bytes */
508 isds_raw_type raw_type; /* Content type of raw representation
509 Meaningful only with non-NULL raw
510 member */
511 xmlDocPtr xml; /* Parsed XML document with attached ISDS
512 message XML documents.
513 Can be NULL. May be freed AFTER deallocating
514 documents member structure. */
515 struct isds_envelope *envelope; /* Message envelope */
516 struct isds_list *documents; /* List of isds_document's.
517 Valid message must contain exactly one
518 document of type FILEMETATYPE_MAIN and
519 can contain any number of other type
520 documents. Total size of documents
521 must not exceed 10 MB. */
522 };
523
524 /* Message copy recipient and assigned message ID */
525 struct isds_message_copy {
526 /* Input members defined by application */
527 char *dbIDRecipient; /* Box ID of recipient; Mandatory.
528 Maximal length is 7 characters. */
529 char *dmRecipientOrgUnit; /* Organisation unit of recipient as
530 string; Optional. */
531 long int *dmRecipientOrgUnitNum; /* Organisation unit of recipient as
532 number; Optional. */
533 char *dmToHands; /* Person in recipient organisation;
534 Optional. */
535
536 /* Output members returned from ISDS */
537 isds_error error; /* libisds compatible error of delivery to o ne recipient */
538 char *dmStatus; /* Error description returned by ISDS;
539 Optional. */
540 char *dmID; /* Assigned message ID; Meaningful only
541 for error == IE_SUCCESS */
542 };
543
544 /* General linked list */
545 struct isds_list {
546 struct isds_list *next; /* Next list item,
547 or NULL if current is last */
548 void *data; /* Payload */
549 void (*destructor) (void **); /* Payload deallocator */
550 };
551
552 /* External box approval */
553 struct isds_approval {
554 _Bool approved; /* True if request for box has been
555 approved out of ISDS */
556 char *refference; /* Identifier of the approval */
557 };
558
559
560 /* Initialize ISDS library.
561 * Global function, must be called before other functions.
562 * If it fails you can not use ISDS library and must call isds_cleanup() to
563 * free partially initialized global variables. */
564 isds_error isds_init(void);
565
566 /* Deinitialize ISDS library.
567 * Global function, must be called as last library function. */
568 isds_error isds_cleanup(void);
569
570 /* Return version string of this library. Version of dependencies can be
571 * embedded. Do no try to parse it. You must free it. */
572 char *isds_version(void);
573
574 /* Create ISDS context.
575 * Each context can be used for different sessions to (possibly) different
576 * ISDS server with different credentials.
577 * Returns new context, or NULL */
578 struct isds_ctx *isds_ctx_create(void);
579
580 /* Destroy ISDS context and free memory.
581 * @context will be NULLed on success. */
582 isds_error isds_ctx_free(struct isds_ctx **context);
583
584 /* Return long message text produced by library function, e.g. detailed error
585 * message. Returned pointer is only valid until new library function is
586 * called for the same context. Could be NULL, especially if NULL context is
587 * supplied. Return string is locale encoded. */
588 char *isds_long_message(const struct isds_ctx *context);
589
590 /* Set logging up.
591 * @facilities is bit mask of isds_log_facility values,
592 * @level is verbosity level. */
593 void isds_set_logging(const unsigned int facilities,
594 const isds_log_level level);
595
596 /* Function provided by application libisds will call to pass log message.
597 * The message is usually locale encoded, but raw strings (UTF-8 usually) can
598 * occur when logging raw communication with ISDS servers. Infixed zero byte
599 * is not excluded, but should not present. Use @length argument to get real
600 * length of the message.
601 * TODO: We will try to fix the encoding issue
602 * @facility is log message class
603 * @level is log message severity
604 * @message is string with zero byte terminator. This can be any arbitrary
605 * chunk of a sentence with or without new line, a sentence can be splitted
606 * into more messages. However it should not happen. If you discover message
607 * without new line, report it as a bug.
608 * @length is size of @message string in bytes excluding trailing zero
609 * @data is pointer that will be passed unchanged to this function at run-time
610 * */
611 typedef void (*isds_log_callback)(
612 isds_log_facility facility, isds_log_level level,
613 const char *message, int length, void *data);
614
615 /* Register callback function libisds calls when new global log message is
616 * produced by library. Library logs to stderr by default.
617 * @callback is function provided by application libisds will call. See type
618 * definition for @callback argument explanation. Pass NULL to revert logging to
619 * default behaviour.
620 * @data is application specific data @callback gets as last argument */
621 void isds_set_log_callback(isds_log_callback callback, void *data);
622
623 /* Set timeout in milliseconds for each network job like connecting to server
624 * or sending message. Use 0 to disable timeout limits. */
625 isds_error isds_set_timeout(struct isds_ctx *context,
626 const unsigned int timeout);
627
628 /* Function provided by application libisds will call with
629 * following five arguments. Value zero of any argument means the value is
630 * unknown.
631 * @upload_total is expected total upload,
632 * @upload_current is cumulative current upload progress
633 * @dowload_total is expected total download
634 * @download_current is cumulative current download progress
635 * @data is pointer that will be passed unchanged to this function at run-time
636 * @return 0 to continue HTTP transfer, or non-zero to abort transfer */
637 typedef int (*isds_progress_callback)(
638 double upload_total, double upload_current,
639 double download_total, double download_current,
640 void *data);
641
642 /* Register callback function libisds calls periodically during HTTP data
643 * transfer.
644 * @context is session context
645 * @callback is function provided by application libisds will call. See type
646 * definition for @callback argument explanation.
647 * @data is application specific data @callback gets as last argument */
648 isds_error isds_set_progress_callback(struct isds_ctx *context,
649 isds_progress_callback callback, void *data);
650
651 /* Change context settings.
652 * @context is context which setting will be applied to
653 * @option is name of option. It determines the type of last argument. See
654 * isds_option definition for more info.
655 * @... is value of new setting. Type is determined by @option
656 * */
657 isds_error isds_set_opt(struct isds_ctx *context, const isds_option option,
658 ...);
659
660 /* Deprecated: Use isds_set_opt() instead.
661 * Change SSL/TLS settings.
662 * @context is context which setting will be applied to
663 * @option is name of option. It determines the type of last argument. See
664 * isds_tls_option definition for more info.
665 * @... is value of new setting. Type is determined by @option
666 * */
667 isds_error isds_set_tls(struct isds_ctx *context, const isds_tls_option option,
668 ...) _deprecated;
669
670 /* Connect and log in into ISDS server.
671 * All required arguments will be copied, you do not have to keep them after
672 * that.
673 * ISDS supports four different authentication methods. Exact method is
674 * selected on @username, @passwors and @pki_credentials arguments:
675 * - If @pki_credentials == NULL, @username and @password must be supplied
676 * - If @pki_credentials != NULL, then
677 * - If @username == NULL, only certificate will be used
678 * - If @username != NULL, then
679 * - If @password == NULL, then certificate will be used and
680 * @username shifts meaning to box ID. This is used for hosted
681 * services.
682 * - Otherwise all three arguments will be used.
683 * Please note, that different cases requires different certificate type
684 * (system qualified one or commercial non qualified one). This library does
685 * not check such political issues. Please see ISDS Specification for more
686 * details.
687 * @url is base address of ISDS web service. Pass extern isds_locator
688 * variable to use production ISDS instance without client certificate
689 * authentication (or extern isds_cert_locator with client certificate
690 * authentication). Passing NULL has the same effect, autoselection between
691 * isds_locator and isds_cert_locator is performed in addition. You can pass
692 * extern isds_testing_locator (or isds_cert_testing_locator) variable to
693 * select testing instance.
694 * @username is user name of ISDS user or box ID
695 * @password is user's secret password
696 * @pki_credentials defines public key cryptographic material to use in client
697 * authentication. */
698 isds_error isds_login(struct isds_ctx *context, const char *url,
699 const char *username, const char *password,
700 const struct isds_pki_credentials *pki_credentials);
701
702 /* Log out from ISDS server and close connection. */
703 isds_error isds_logout(struct isds_ctx *context);
704
705 /* Verify connection to ISDS is alive and server is responding.
706 * Sent dummy request to ISDS and expect dummy response. */
707 isds_error isds_ping(struct isds_ctx *context);
708
709 /* Get data about logged in user and his box. */
710 isds_error isds_GetOwnerInfoFromLogin(struct isds_ctx *context,
711 struct isds_DbOwnerInfo **db_owner_info);
712
713 /* Get data about logged in user. */
714 isds_error isds_GetUserInfoFromLogin(struct isds_ctx *context,
715 struct isds_DbUserInfo **db_user_info);
716
717 /* Get expiration time of current password
718 * @context is session context
719 * @expiration is automatically reallocated time when password expires, In
720 * case of error will be nulled. */
721 isds_error isds_get_password_expiration(struct isds_ctx *context,
722 struct timeval **expiration);
723
724 /* Change user password in ISDS.
725 * User must supply old password, new password will takes effect after some
726 * time, current session can continue. Password must fulfill some constraints.
727 * @context is session context
728 * @old_password is current password.
729 * @new_password is requested new password */
730 isds_error isds_change_password(struct isds_ctx *context,
731 const char *old_password, const char *new_password);
732
733 /* Create new box.
734 * @context is session context
735 * @box is box description to create including single primary user (in case of
736 * FO box type). It outputs box ID assigned by ISDS in dbID element.
737 * @users is list of struct isds_DbUserInfo (primary users in case of non-FO
738 * box, or contact address of PFO box owner)
739 * @former_names is optional undocumented string. Pass NULL if you don't care.
740 * @upper_box_id is optional ID of supper box if currently created box is
741 * subordinated.
742 * @ceo_label is optional title of OVM box owner (e.g. mayor)
743 * @token is NULL if new password should be delivered off-line to the user.
744 * It is valid pointer if user should obtain new password on-line on dedicated
745 * web server. Then it outputs automatically reallocated token user needs to
746 * use to authorize on the web server to view his new password.
747 * @approval is optional external approval of box manipulation
748 * @refnumber is reallocated serial number of request assigned by ISDS. Use
749 * NULL, if you don't care.*/
750 isds_error isds_add_box(struct isds_ctx *context,
751 struct isds_DbOwnerInfo *box, const struct isds_list *users,
752 const char *former_names, const char *upper_box_id,
753 const char *ceo_label, char **token,
754 const struct isds_approval *approval, char **refnumber);
755
756 /* Notify ISDS about new PFO entity.
757 * This function has no real effect.
758 * @context is session context
759 * @box is PFO description including single primary user.
760 * @users is list of struct isds_DbUserInfo (contact address of PFO box owner)
761 * @former_names is optional undocumented string. Pass NULL if you don't care.
762 * @upper_box_id is optional ID of supper box if currently created box is
763 * subordinated.
764 * @ceo_label is optional title of OVM box owner (e.g. mayor)
765 * @approval is optional external approval of box manipulation
766 * @refnumber is reallocated serial number of request assigned by ISDS. Use
767 * NULL, if you don't care.*/
768 isds_error isds_add_pfoinfo(struct isds_ctx *context,
769 const struct isds_DbOwnerInfo *box, const struct isds_list *users,
770 const char *former_names, const char *upper_box_id,
771 const char *ceo_label, const struct isds_approval *approval,
772 char **refnumber);
773
774 /* Remove given given box permanently.
775 * @context is session context
776 * @box is box description to delete
777 * @since is date of box owner cancellation. Only tm_year, tm_mon and tm_mday
778 * carry sane value.
779 * @approval is optional external approval of box manipulation
780 * @refnumber is reallocated serial number of request assigned by ISDS. Use
781 * NULL, if you don't care.*/
782 isds_error isds_delete_box(struct isds_ctx *context,
783 const struct isds_DbOwnerInfo *box, const struct tm *since,
784 const struct isds_approval *approval, char **refnumber);
785
786 /* Update data about given box.
787 * @context is session context
788 * @old_box current box description
789 * @new_box are updated data about @old_box
790 * @approval is optional external approval of box manipulation
791 * @refnumber is reallocated serial number of request assigned by ISDS. Use
792 * NULL, if you don't care.*/
793 isds_error isds_UpdateDataBoxDescr(struct isds_ctx *context,
794 const struct isds_DbOwnerInfo *old_box,
795 const struct isds_DbOwnerInfo *new_box,
796 const struct isds_approval *approval, char **refnumber);
797
798 /* Get data about all users assigned to given box.
799 * @context is session context
800 * @box_id is box ID
801 * @users is automatically reallocated list of struct isds_DbUserInfo */
802 isds_error isds_GetDataBoxUsers(struct isds_ctx *context, const char *box_id,
803 struct isds_list **users);
804
805 /* Update data about user assigned to given box.
806 * @context is session context
807 * @box is box identification
808 * @old_user identifies user to update
809 * @new_user are updated data about @old_user
810 * @refnumber is reallocated serial number of request assigned by ISDS. Use
811 * NULL, if you don't care.*/
812 isds_error isds_UpdateDataBoxUser(struct isds_ctx *context,
813 const struct isds_DbOwnerInfo *box,
814 const struct isds_DbUserInfo *old_user,
815 const struct isds_DbUserInfo *new_user,
816 char **refnumber);
817
818 /* Reset credentials of user assigned to given box.
819 * @context is session context
820 * @box is box identification
821 * @user identifies user to reset password
822 * @fee_paid is true if fee has been paid, false otherwise
823 * @approval is optional external approval of box manipulation
824 * @token is NULL if new password should be delivered off-line to the user.
825 * It is valid pointer if user should obtain new password on-line on dedicated
826 * web server. Then it outputs automatically reallocated token user needs to
827 * use to authorize on the web server to view his new password.
828 * @refnumber is reallocated serial number of request assigned by ISDS. Use
829 * NULL, if you don't care.*/
830 isds_error isds_reset_password(struct isds_ctx *context,
831 const struct isds_DbOwnerInfo *box,
832 const struct isds_DbUserInfo *user,
833 const _Bool fee_paid, const struct isds_approval *approval,
834 char **token, char **refnumber);
835
836 /* Assign new user to given box.
837 * @context is session context
838 * @box is box identification
839 * @user defines new user to add
840 * @approval is optional external approval of box manipulation
841 * @refnumber is reallocated serial number of request assigned by ISDS. Use
842 * NULL, if you don't care.*/
843 isds_error isds_add_user(struct isds_ctx *context,
844 const struct isds_DbOwnerInfo *box, const struct isds_DbUserInfo *user,
845 const struct isds_approval *approval, char **refnumber);
846
847 /* Remove user assigned to given box.
848 * @context is session context
849 * @box is box identification
850 * @user identifies user to remove
851 * @approval is optional external approval of box manipulation
852 * @refnumber is reallocated serial number of request assigned by ISDS. Use
853 * NULL, if you don't care.*/
854 isds_error isds_delete_user(struct isds_ctx *context,
855 const struct isds_DbOwnerInfo *box, const struct isds_DbUserInfo *user,
856 const struct isds_approval *approval, char **refnumber);
857
858 /* Find boxes suiting given criteria.
859 * @context is ISDS session context.
860 * @criteria is filter. You should fill in at least some members.
861 * @boxes is automatically reallocated list of isds_DbOwnerInfo structures,
862 * possibly empty. Input NULL or valid old structure.
863 * @return:
864 * IE_SUCCESS if search succeeded, @boxes contains useful data
865 * IE_NOEXIST if no such box exists, @boxes will be NULL
866 * IE_2BIG if too much boxes exist and server truncated the results, @boxes
867 * contains still valid data
868 * other code if something bad happens. @boxes will be NULL. */
869 isds_error isds_FindDataBox(struct isds_ctx *context,
870 const struct isds_DbOwnerInfo *criteria,
871 struct isds_list **boxes);
872
873 /* Get status of a box.
874 * @context is ISDS session context.
875 * @box_id is UTF-8 encoded box identifier as zero terminated string
876 * @box_status is return value of box status.
877 * @return:
878 * IE_SUCCESS if box has been found and its status retrieved
879 * IE_NOEXIST if box is not known to ISDS server
880 * or other appropriate error.
881 * You can use isds_DbState to enumerate box status. However out of enum
882 * range value can be returned too. This is feature because ISDS
883 * specification leaves the set of values open.
884 * Be ware that status DBSTATE_REMOVED is signaled as IE_SUCCESS. That means
885 * the box has been deleted, but ISDS still lists its former existence. */
886 isds_error isds_CheckDataBox(struct isds_ctx *context, const char *box_id,
887 long int *box_status);
888
889 /* Switch box into state where box can receive commercial messages (off by
890 * default)
891 * @context is ISDS session context.
892 * @box_id is UTF-8 encoded box identifier as zero terminated string
893 * @allow is true for enable, false for disable commercial messages income
894 * @approval is optional external approval of box manipulation
895 * @refnumber is reallocated serial number of request assigned by ISDS. Use
896 * NULL, if you don't care. */
897 isds_error isds_switch_commercial_receiving(struct isds_ctx *context,
898 const char *box_id, const _Bool allow,
899 const struct isds_approval *approval, char **refnumber);
900
901 /* Switch box into / out of state where non-OVM box can act as OVM (e.g. force
902 * message acceptance). This is just a box permission. Sender must apply
903 * such role by sending each message.
904 * @context is ISDS session context.
905 * @box_id is UTF-8 encoded box identifier as zero terminated string
906 * @allow is true for enable, false for disable OVM role permission
907 * @approval is optional external approval of box manipulation
908 * @refnumber is reallocated serial number of request assigned by ISDS. Use
909 * NULL, if you don't care. */
910 isds_error isds_switch_effective_ovm(struct isds_ctx *context,
911 const char *box_id, const _Bool allow,
912 const struct isds_approval *approval, char **refnumber);
913
914 /* Switch box accessibility state on request of box owner.
915 * Despite the name, owner must do the request off-line. This function is
916 * designed for such off-line meeting points (e.g. Czech POINT).
917 * @context is ISDS session context.
918 * @box identifies box to switch accessibility state.
919 * @allow is true for making accessible, false to disallow access.
920 * @approval is optional external approval of box manipulation
921 * @refnumber is reallocated serial number of request assigned by ISDS. Use
922 * NULL, if you don't care. */
923 isds_error isds_switch_box_accessibility_on_owner_request(
924 struct isds_ctx *context, const struct isds_DbOwnerInfo *box,
925 const _Bool allow, const struct isds_approval *approval,
926 char **refnumber);
927
928 /* Disable box accessibility on law enforcement (e.g. by prison) since exact
929 * date.
930 * @context is ISDS session context.
931 * @box identifies box to switch accessibility state.
932 * @since is date since accessibility has been denied. This can be past too.
933 * Only tm_year, tm_mon and tm_mday carry sane value.
934 * @approval is optional external approval of box manipulation
935 * @refnumber is reallocated serial number of request assigned by ISDS. Use
936 * NULL, if you don't care. */
937 isds_error isds_disable_box_accessibility_externaly(
938 struct isds_ctx *context, const struct isds_DbOwnerInfo *box,
939 const struct tm *since, const struct isds_approval *approval,
940 char **refnumber);
941
942 /* Send a message via ISDS to a recipient
943 * @context is session context
944 * @outgoing_message is message to send; Some members are mandatory (like
945 * dbIDRecipient), some are optional and some are irrelevant (especially data
946 * about sender). Included pointer to isds_list documents must contain at
947 * least one document of FILEMETATYPE_MAIN. This is read-write structure, some
948 * members will be filled with valid data from ISDS. Exact list of write
949 * members is subject to change. Currently dmId is changed.
950 * @return ISDS_SUCCESS, or other error code if something goes wrong. */
951 isds_error isds_send_message(struct isds_ctx *context,
952 struct isds_message *outgoing_message);
953
954 /* Send a message via ISDS to a multiple recipients
955 * @context is session context
956 * @outgoing_message is message to send; Some members are mandatory,
957 * some are optional and some are irrelevant (especially data
958 * about sender). Data about recipient will be substituted by ISDS from
959 * @copies. Included pointer to isds_list documents must
960 * contain at least one document of FILEMETATYPE_MAIN.
961 * @copies is list of isds_message_copy structures addressing all desired
962 * recipients. This is read-write structure, some members will be filled with
963 * valid data from ISDS (message IDs, error codes, error descriptions).
964 * @return
965 * ISDS_SUCCESS if all messages have been sent
966 * ISDS_PARTIAL_SUCCESS if sending of some messages has failed (failed and
967 * succeeded messages can be identified by copies->data->error),
968 * or other error code if something other goes wrong. */
969 isds_error isds_send_message_to_multiple_recipients(struct isds_ctx *context,
970 const struct isds_message *outgoing_message,
971 struct isds_list *copies);
972
973 /* Get list of outgoing (already sent) messages.
974 * Any criterion argument can be NULL, if you don't care about it.
975 * @context is session context. Must not be NULL.
976 * @from_time is minimal time and date of message sending inclusive.
977 * @to_time is maximal time and date of message sending inclusive
978 * @dmSenderOrgUnitNum is the same as isds_envelope.dmSenderOrgUnitNum
979 * @status_filter is bit field of isds_message_status values. Use special
980 * value MESSAGESTATE_ANY to signal you don't care. (It's defined as union of
981 * all values, you can use bit-wise arithmetic if you want.)
982 * @offset is index of first message we are interested in. First message is 1.
983 * Set to 0 (or 1) if you don't care.
984 * @number is maximal length of list you want to get as input value, outputs
985 * number of messages matching these criteria. Can be NULL if you don't care
986 * (applies to output value either).
987 * @messages is automatically reallocated list of isds_message's. Be ware that
988 * it returns only brief overview (envelope and some other fields) about each
989 * message, not the complete message. FIXME: Specify exact fields.
990 * The list is sorted by delivery time in ascending order.
991 * Use NULL if you don't care about the meta data (useful if you want to know
992 * only the @number). If you provide &NULL, list will be allocated on heap,
993 * if you provide pointer to non-NULL, list will be freed automatically at first.
994 * Also in case of error the list will be NULLed.
995 * @return IE_SUCCESS or appropriate error code. */
996 isds_error isds_get_list_of_sent_messages(struct isds_ctx *context,
997 const struct timeval *from_time, const struct timeval *to_time,
998 const long int *dmSenderOrgUnitNum, const unsigned int status_filter,
999 const unsigned long int offset, unsigned long int *number,
1000 struct isds_list **messages);
1001
1002 /* Get list of incoming (addressed to you) messages.
1003 * Any criterion argument can be NULL, if you don't care about it.
1004 * @context is session context. Must not be NULL.
1005 * @from_time is minimal time and date of message sending inclusive.
1006 * @to_time is maximal time and date of message sending inclusive
1007 * @dmSenderOrgUnitNum is the same as isds_envelope.dmSenderOrgUnitNum
1008 * @status_filter is bit field of isds_message_status values. Use special
1009 * value MESSAGESTATE_ANY to signal you don't care. (It's defined as union of
1010 * all values, you can use bit-wise arithmetic if you want.)
1011 * @offset is index of first message we are interested in. First message is 1.
1012 * Set to 0 (or 1) if you don't care.
1013 * @number is maximal length of list you want to get as input value, outputs
1014 * number of messages matching these criteria. Can be NULL if you don't care
1015 * (applies to output value either).
1016 * @messages is automatically reallocated list of isds_message's. Be ware that
1017 * it returns only brief overview (envelope and some other fields) about each
1018 * message, not the complete message. FIXME: Specify exact fields.
1019 * Use NULL if you don't care about the meta data (useful if you want to know
1020 * only the @number). If you provide &NULL, list will be allocated on heap,
1021 * if you provide pointer to non-NULL, list will be freed automatically at first.
1022 * Also in case of error the list will be NULLed.
1023 * @return IE_SUCCESS or appropriate error code. */
1024 isds_error isds_get_list_of_received_messages(struct isds_ctx *context,
1025 const struct timeval *from_time, const struct timeval *to_time,
1026 const long int *dmSenderOrgUnitNum, const unsigned int status_filter,
1027 const unsigned long int offset, unsigned long int *number,
1028 struct isds_list **messages);
1029
1030 /* Download incoming message envelope identified by ID.
1031 * @context is session context
1032 * @message_id is message identifier (you can get them from
1033 * isds_get_list_of_received_messages())
1034 * @message is automatically reallocated message retrieved from ISDS.
1035 * It will miss documents per se. Use isds_get_received_message(), if you are
1036 * interested in documents (content) too.
1037 * Returned hash and timestamp require documents to be verifiable. */
1038 isds_error isds_get_received_envelope(struct isds_ctx *context,
1039 const char *message_id, struct isds_message **message);
1040
1041 /* Download signed delivery info-sheet of given message identified by ID.
1042 * @context is session context
1043 * @message_id is message identifier (you can get them from
1044 * isds_get_list_of_{sent,received}_messages())
1045 * @message is automatically reallocated message retrieved from ISDS.
1046 * It will miss documents per se. Use isds_get_signed_received_message(),
1047 * if you are interested in documents (content). OTOH, only this function
1048 * can get list events message has gone through. */
1049 isds_error isds_get_signed_delivery_info(struct isds_ctx *context,
1050 const char *message_id, struct isds_message **message);
1051
1052 /* Load delivery info of any format from buffer.
1053 * @context is session context
1054 * @raw_type advertises format of @buffer content. Only delivery info types
1055 * are accepted.
1056 * @buffer is DER encoded PKCS#7 structure with signed delivery info. You can
1057 * retrieve such data from message->raw after calling
1058 * isds_get_signed_delivery_info().
1059 * @length is length of buffer in bytes.
1060 * @message is automatically reallocated message parsed from @buffer.
1061 * @strategy selects how buffer will be attached into raw isds_message member.
1062 * */
1063 isds_error isds_load_delivery_info(struct isds_ctx *context,
1064 const isds_raw_type raw_type,
1065 const void *buffer, const size_t length,
1066 struct isds_message **message, const isds_buffer_strategy strategy);
1067
1068 /* Download delivery info-sheet of given message identified by ID.
1069 * @context is session context
1070 * @message_id is message identifier (you can get them from
1071 * isds_get_list_of_{sent,received}_messages())
1072 * @message is automatically reallocated message retrieved from ISDS.
1073 * It will miss documents per se. Use isds_get_received_message(), if you are
1074 * interested in documents (content). OTOH, only this function can get list
1075 * of events message has gone through. */
1076 isds_error isds_get_delivery_info(struct isds_ctx *context,
1077 const char *message_id, struct isds_message **message);
1078
1079 /* Download incoming message identified by ID.
1080 * @context is session context
1081 * @message_id is message identifier (you can get them from
1082 * isds_get_list_of_received_messages())
1083 * @message is automatically reallocated message retrieved from ISDS */
1084 isds_error isds_get_received_message(struct isds_ctx *context,
1085 const char *message_id, struct isds_message **message);
1086
1087 /* Load message of any type from buffer.
1088 * @context is session context
1089 * @raw_type defines content type of @buffer. Only message types are allowed.
1090 * @buffer is message raw representation. Format (CMS, plain signed,
1091 * message direction) is defined in @raw_type. You can retrieve such data
1092 * from message->raw after calling isds_get_[signed]{received,sent}_message().
1093 * @length is length of buffer in bytes.
1094 * @message is automatically reallocated message parsed from @buffer.
1095 * @strategy selects how buffer will be attached into raw isds_message member.
1096 * */
1097 isds_error isds_load_message(struct isds_ctx *context,
1098 const isds_raw_type raw_type, const void *buffer, const size_t length,
1099 struct isds_message **message, const isds_buffer_strategy strategy);
1100
1101 /* Determine type of raw message or delivery info according some heuristics.
1102 * It does not validate the raw blob.
1103 * @context is session context
1104 * @raw_type returns content type of @buffer. Valid only if exit code of this
1105 * function is IE_SUCCESS. The pointer must be valid. This is no automatically
1106 * reallocated memory.
1107 * @buffer is message raw representation.
1108 * @length is length of buffer in bytes. */
1109 isds_error isds_guess_raw_type(struct isds_ctx *context,
1110 isds_raw_type *raw_type, const void *buffer, const size_t length);
1111
1112 /* Download signed incoming message identified by ID.
1113 * @context is session context
1114 * @message_id is message identifier (you can get them from
1115 * isds_get_list_of_received_messages())
1116 * @message is automatically reallocated message retrieved from ISDS. The raw
1117 * member will be filled with PKCS#7 structure in DER format. */
1118 isds_error isds_get_signed_received_message(struct isds_ctx *context,
1119 const char *message_id, struct isds_message **message);
1120
1121 /* Download signed outgoing message identified by ID.
1122 * @context is session context
1123 * @message_id is message identifier (you can get them from
1124 * isds_get_list_of_sent_messages())
1125 * @message is automatically reallocated message retrieved from ISDS. The raw
1126 * member will be filled with PKCS#7 structure in DER format. */
1127 isds_error isds_get_signed_sent_message(struct isds_ctx *context,
1128 const char *message_id, struct isds_message **message);
1129
1130 /* Retrieve hash of message identified by ID stored in ISDS.
1131 * @context is session context
1132 * @message_id is message identifier
1133 * @hash is automatically reallocated message hash downloaded from ISDS.
1134 * Message must exist in system and must not be deleted. */
1135 isds_error isds_download_message_hash(struct isds_ctx *context,
1136 const char *message_id, struct isds_hash **hash);
1137
1138 /* Compute hash of message from raw representation and store it into envelope.
1139 * Original hash structure will be destroyed in envelope.
1140 * @context is session context
1141 * @message is message carrying raw XML message blob
1142 * @algorithm is desired hash algorithm to use */
1143 isds_error isds_compute_message_hash(struct isds_ctx *context,
1144 struct isds_message *message, const isds_hash_algorithm algorithm);
1145
1146 /* Compare two hashes.
1147 * @h1 is first hash
1148 * @h2 is another hash
1149 * @return
1150 * IE_SUCCESS if hashes equal
1151 * IE_NOTUNIQ if hashes are comparable, but they don't equal
1152 * IE_ENUM if not comparable, but both structures defined
1153 * IE_INVAL if some of the structures are undefined (NULL)
1154 * IE_ERROR if internal error occurs */
1155 isds_error isds_hash_cmp(const struct isds_hash *h1,
1156 const struct isds_hash *h2);
1157
1158 /* Check message has gone through ISDS by comparing message hash stored in
1159 * ISDS and locally computed hash. You must provide message with valid raw
1160 * member (do not use isds_load_message(..., BUFFER_DONT_STORE)).
1161 * This is convenient wrapper for isds_download_message_hash(),
1162 * isds_compute_message_hash(), and isds_hash_cmp() sequence.
1163 * @context is session context
1164 * @message is message with valid raw and envelope member; envelope->hash
1165 * member will be changed during function run. Use envelope on heap only.
1166 * @return
1167 * IE_SUCCESS if message originates in ISDS
1168 * IE_NOTEQUAL if message is unknown to ISDS
1169 * other code for other errors */
1170 isds_error isds_verify_message_hash(struct isds_ctx *context,
1171 struct isds_message *message);
1172
1173 /* Submit CMS signed message to ISDS to verify its originality. This is
1174 * stronger form of isds_verify_message_hash() because ISDS does more checks
1175 * than simple one (potentialy old weak) hash comparison.
1176 * @context is session context
1177 * @message is memory with raw CMS signed message bit stream
1178 * @length is @message size in bytes
1179 * @return
1180 * IE_SUCCESS if message originates in ISDS
1181 * IE_NOTEQUAL if message is unknown to ISDS
1182 * other code for other errors */
1183 isds_error isds_authenticate_message(struct isds_ctx *context,
1184 const void *message, size_t length);
1185
1186 /* Mark message as read. This is a transactional commit function to acknowledge
1187 * to ISDS the message has been downloaded and processed by client properly.
1188 * @context is session context
1189 * @message_id is message identifier. */
1190 isds_error isds_mark_message_read(struct isds_ctx *context,
1191 const char *message_id);
1192
1193 /* Mark message as received by recipient. This is applicable only to
1194 * commercial message. Use envelope->dmType message member to distinguish
1195 * commercial message from government message. Government message is
1196 * received automatically (by law), commercial message on recipient request.
1197 * @context is session context
1198 * @message_id is message identifier. */
1199 isds_error isds_mark_message_received(struct isds_ctx *context,
1200 const char *message_id);
1201
1202 /* Send bogus request to ISDS.
1203 * Just for test purposes */
1204 isds_error isds_bogus_request(struct isds_ctx *context);
1205
1206 /* Send document for authorize conversion into Czech POINT system.
1207 * This is public anonymous service, no log-in necessary. Special context is
1208 * used to reuse keep-a-live HTTPS connection.
1209 * @context is Czech POINT session context. DO NOT use context connected to
1210 * ISDS server. Use new context or context used by this function previously.
1211 * @document is document to convert. Only data, data_length, dmFileDescr and
1212 * is_xml members are significant. Be ware that not all document formats can be
1213 * converted (signed PDF 1.3 and higher only (2010-02 state)).
1214 * @id is reallocated identifier assigned by Czech POINT system to
1215 * your document on submit. Use is to tell it to Czech POINT officer.
1216 * @date is reallocated document submit date (submitted documents
1217 * expires after some period). Only tm_year, tm_mon and tm_mday carry sane
1218 * value. */
1219 isds_error czp_convert_document(struct isds_ctx *context,
1220 const struct isds_document *document,
1221 char **id, struct tm **date);
1222
1223 /* Close possibly opened connection to Czech POINT document deposit.
1224 * @context is Czech POINT session context. */
1225 isds_error czp_close_connection(struct isds_ctx *context);
1226
1227 /* Send request for new box creation in testing ISDS instance.
1228 * It's not possible to request for a production box currently, as it
1229 * communicates via e-mail.
1230 * XXX: This function does not work either. Server complains about invalid
1231 * e-mail address.
1232 * XXX: Remove context->type hacks in isds.c and validator.c when removing
1233 * this function
1234 * @context is special session context for box creation request. DO NOT use
1235 * standard context as it could reveal your password. Use fresh new context or
1236 * context previously used by this function.
1237 * @box is box description to create including single primary user (in case of
1238 * FO box type). It outputs box ID assigned by ISDS in dbID element.
1239 * @users is list of struct isds_DbUserInfo (primary users in case of non-FO
1240 * box, or contact address of PFO box owner). The email member is mandatory as
1241 * it will be used to deliver credentials.
1242 * @former_names is optional undocumented string. Pass NULL if you don't care.
1243 * @approval is optional external approval of box manipulation
1244 * @refnumber is reallocated serial number of request assigned by ISDS. Use
1245 * NULL, if you don't care.*/
1246 isds_error isds_request_new_testing_box(struct isds_ctx *context,
1247 struct isds_DbOwnerInfo *box, const struct isds_list *users,
1248 const char *former_names, const struct isds_approval *approval,
1249 char **refnumber);
1250
1251 /* Search for document by document ID in list of documents. IDs are compared
1252 * as UTF-8 string.
1253 * @documents is list of isds_documents
1254 * @id is document identifier
1255 * @return first matching document or NULL. */
1256 const struct isds_document *isds_find_document_by_id(
1257 const struct isds_list *documents, const char *id);
1258
1259 /* Normalize @mime_type to be proper MIME type.
1260 * ISDS servers passes invalid MIME types (e.g. "pdf"). This function tries to
1261 * guess regular MIME type (e.g. "application/pdf").
1262 * @mime_type is UTF-8 encoded MIME type to fix
1263 * @return original @mime_type if no better interpretation exists, or array to
1264 * constant static UTF-8 encoded string with proper MIME type. */
1265 char *isds_normalize_mime_type(const char* mime_type);
1266
1267 /* XXX: Deprecated: Use isds_set_opt() instead.
1268 * Switch MIME type normalization while message loading. Default state for new
1269 * context is no normalization.
1270 * @normalize use true to switch normalization on, false to switch off */
1271 isds_error isds_set_mime_type_normalization(struct isds_ctx *context,
1272 _Bool normalize) _deprecated;
1273
1274 /* Free isds_list with all member data.
1275 * @list list to free, on return will be NULL */
1276 void isds_list_free(struct isds_list **list);
1277
1278 /* Deallocate structure isds_hash and NULL it.
1279 * @hash hash to to free */
1280 void isds_hash_free(struct isds_hash **hash);
1281
1282 /* Deallocate structure isds_DbOwnerInfo recursively and NULL it */
1283 void isds_DbOwnerInfo_free(struct isds_DbOwnerInfo **db_owner_info);
1284
1285 /* Deallocate structure isds_DbUserInfo recursively and NULL it */
1286 void isds_DbUserInfo_free(struct isds_DbUserInfo **db_user_info);
1287
1288 /* Deallocate struct isds_event recursively and NULL it */
1289 void isds_event_free(struct isds_event **event);
1290
1291 /* Deallocate struct isds_envelope recursively and NULL it */
1292 void isds_envelope_free(struct isds_envelope **envelope);
1293
1294 /* Deallocate struct isds_document recursively and NULL it */
1295 void isds_document_free(struct isds_document **document);
1296
1297 /* Deallocate struct isds_message recursively and NULL it */
1298 void isds_message_free(struct isds_message **message);
1299
1300 /* Deallocate struct isds_message_copy recursively and NULL it */
1301 void isds_message_copy_free(struct isds_message_copy **copy);
1302
1303 /* Deallocate struct isds_approval recursively and NULL it */
1304 void isds_approval_free(struct isds_approval **approval);
1305
1306 /* Copy structure isds_PersonName recursively */
1307 struct isds_PersonName *isds_PersonName_duplicate(
1308 const struct isds_PersonName *template);
1309
1310 /* Copy structure isds_Address recursively */
1311 struct isds_Address *isds_Address_duplicate(
1312 const struct isds_Address *template);
1313
1314 /* Copy structure isds_DbOwnerInfo recursively */
1315 struct isds_DbOwnerInfo *isds_DbOwnerInfo_duplicate(
1316 const struct isds_DbOwnerInfo *template);
1317
1318 /* Copy structure isds_DbUserInfo recursively */
1319 struct isds_DbUserInfo *isds_DbUserInfo_duplicate(
1320 const struct isds_DbUserInfo *template);
1321
1322 #ifdef __cplusplus /* For C++ linker sake */
1323 }
1324 #endif
1325
1326 #endif
Client library for ISDS