PDFTronSDK/cpp/_verification_options_8h_source.html

 //---------------------------------------------------------------------------------------

 // Copyright (c) 2001-2023 by Apryse Software Inc. All Rights Reserved.

 // Consult legal.txt regarding legal and license information.

 //---------------------------------------------------------------------------------------


 #ifndef PDFTRON_H_CPPPDFVerificationOptions

 #define PDFTRON_H_CPPPDFVerificationOptions

 #include <C/PDF/TRN_VerificationOptions.h>


 #include <Common/BasicTypes.h>

 #include <Common/UString.h>

 #include <PDF/PDFDoc.h>

 #include <Crypto/X509Certificate.h>


 namespace pdftron { namespace PDF {


 class VerificationOptions

 {

 public:

     //enums:


     // An enumeration representing the level of security to use when verifying digital signatures.

     enum SecurityLevel {

         // For compatibility with other vendors such as Acrobat, one can use e_compatibility_and_archiving.

         e_compatibility_and_archiving = 0,

         // The e_maximum mode is a highly-restrictive mode which disables many common features of PDF digital signatures.

         e_maximum = 1

     };


     /* An enumeration representing the least-secure type of reference-time to use when verifying digital signatures.

     One can choose the time of signing (not very secure), timestamp time (more secure), current time (most secure, lower verification rate).

     Note: this is orthogonal to the expiry verification mode (shell/chain/hybrid). */

     enum TimeMode {

         /* If secure timestamp available, check signature certificates against the secure timestamp. Otherwise,

         if available, check signature certificates against the signingTime attribute in the PKCS #7/CMS of the signature.

         Otherwise, use the current time. This is the default option. Less secure. Suitable for archiving

         and interoperability with other vendors. */

         e_signing = 0,

         /* If available, check signature certificates against the signingTime attribute in the PKCS #7/CMS data

         of the signature. Otherwise, use the current time. */

         e_timestamp = 1,

         /* Check signature certificates against the current time.

         This is the most secure, and the most restrictive option. */

         e_current = 2

     };


     // An enumeration representing the level of trust associated with a particular certificate. Multiple flag values can be combined using bitwise operators.

     enum CertificateTrustFlag {

         e_signing_trust = 1, // analogous to "kPSSigTrustSigning" in FDF cert exchange specification. Automatically set even when not specified, just like in Acrobat.

         e_certification_trust = 2, // analogous to "kPSSigTrustAuthenticDocuments" in FDF cert exchange specification. Allows certifications using this identity to be verified.

         e_dynamic_content = 4, /* analogous to "kPSSigTrustDynamicContent" in FDF cert exchange specification. Just like in Acrobat, does not invalidate dynamic documents,

             just intended to stop viewers from allowing its use on documents which are not trusted for it. */

         e_javascript = 16, /* analogous to "kPSSigTrustJavaScript" in FDF cert exchange specification. Just like in Acrobat, does not invalidate JavaScript-containing documents,

             just intended to stop viewers from allowing its use on documents which are not trusted for it. */

         e_identity = 32, // analogous to "kPSSigTrustIdentity" in FDF cert exchange specification. If this flag is not set, all other flags are ignored, and certificate is used only for path building.

         e_trust_anchor = 64, // analogous to "kPSSigTrustAnchor" in FDF cert exchange specification. If this flag is set, paths may end with this certificate, and no revocation checks are done for it.

         e_default_trust = 97, // handy shortcut for what Acrobat does by default -- trust for everything except certification, javascript, and dynamic

         e_complete_trust = 119 // another handy shortcut for testing

     };

     VerificationOptions(const VerificationOptions& other);

     VerificationOptions(TRN_VerificationOptions impl);

     VerificationOptions& operator= (const VerificationOptions& other);

     ~VerificationOptions();


     void Destroy();


     //methods:


     VerificationOptions(SecurityLevel level);


     void AddTrustedCertificate(const UChar* in_certificate_buf, size_t in_buf_size, const UInt16 in_trust_flags = e_default_trust);


     void AddTrustedCertificate(const UString& in_filepath, const UInt16 in_trust_flags = e_default_trust);


     void AddTrustedCertificates(const UChar* in_P7C_binary_DER_certificates_file_data, const size_t in_size);


     void LoadTrustList(const FDF::FDFDoc& in_fdf_cert_exchange_data);


     void EnableModificationVerification(bool in_on_or_off);


     void EnableDigestVerification(bool in_on_or_off);


     void EnableTrustVerification(bool in_on_or_off);


     void SetRevocationTimeout(const UInt32 in_revocation_timeout_milliseconds);


     void EnableOnlineCRLRevocationChecking(bool in_on_or_off);


     void EnableOnlineOCSPRevocationChecking(bool in_on_or_off);


     void EnableOnlineRevocationChecking(bool in_on_or_off);


     UInt32 GetTrustedCertificateCount();


     Crypto::X509Certificate GetTrustedCertificate(const UInt32 index);


 #ifndef SWIGHIDDEN

     TRN_VerificationOptions m_impl;

 #endif


 private:


 #ifndef SWIGHIDDEN

     mutable bool m_owner;

 #endif

 };


 #include <Impl/VerificationOptions.inl>

 } //end pdftron

 } //end PDF


 #endif //PDFTRON_H_CPPPDFVerificationOptions

pdftron::PDF::VerificationOptions::e_signing_trust
Definition: VerificationOptions.h:53

pdftron::PDF::VerificationOptions::GetTrustedCertificate
Crypto::X509Certificate GetTrustedCertificate(const UInt32 index)

pdftron::PDF::VerificationOptions::e_timestamp
Definition: VerificationOptions.h:45

pdftron::FDF::FDFDoc
Definition: FDFDoc.h:45

pdftron::PDF::VerificationOptions::e_dynamic_content
Definition: VerificationOptions.h:55

pdftron::UInt16
TRN_UInt16 UInt16
Definition: BasicTypes.h:14

pdftron::PDF::VerificationOptions::e_default_trust
Definition: VerificationOptions.h:61

pdftron::Crypto::X509Certificate
Definition: X509Certificate.h:22

pdftron::PDF::VerificationOptions::EnableOnlineOCSPRevocationChecking
void EnableOnlineOCSPRevocationChecking(bool in_on_or_off)

pdftron::PDF::VerificationOptions::CertificateTrustFlag
CertificateTrustFlag
Definition: VerificationOptions.h:52

pdftron::PDF::VerificationOptions::e_maximum
Definition: VerificationOptions.h:31

UString.h

pdftron::PDF::VerificationOptions::EnableOnlineRevocationChecking
void EnableOnlineRevocationChecking(bool in_on_or_off)

pdftron::PDF::VerificationOptions::e_javascript
Definition: VerificationOptions.h:57

pdftron::PDF::VerificationOptions::SecurityLevel
SecurityLevel
Definition: VerificationOptions.h:27

pdftron::PDF::VerificationOptions::SetRevocationTimeout
void SetRevocationTimeout(const UInt32 in_revocation_timeout_milliseconds)

pdftron::PDF::VerificationOptions::GetTrustedCertificateCount
UInt32 GetTrustedCertificateCount()

pdftron::PDF::VerificationOptions::operator=
VerificationOptions & operator=(const VerificationOptions &other)

pdftron::PDF::VerificationOptions::m_impl
TRN_VerificationOptions m_impl
Definition: VerificationOptions.h:218

pdftron::PDF::VerificationOptions::e_certification_trust
Definition: VerificationOptions.h:54

pdftron::PDF::VerificationOptions
Definition: VerificationOptions.h:21

X509Certificate.h

pdftron::PDF::VerificationOptions::Destroy
void Destroy()

pdftron::PDF::VerificationOptions::e_current
Definition: VerificationOptions.h:48

pdftron::UInt32
TRN_UInt32 UInt32
Definition: BasicTypes.h:13

pdftron::PDF::VerificationOptions::EnableOnlineCRLRevocationChecking
void EnableOnlineCRLRevocationChecking(bool in_on_or_off)

pdftron::PDF::VerificationOptions::~VerificationOptions
~VerificationOptions()

pdftron::PDF::VerificationOptions::e_trust_anchor
Definition: VerificationOptions.h:60

pdftron::PDF::VerificationOptions::AddTrustedCertificates
void AddTrustedCertificates(const UChar *in_P7C_binary_DER_certificates_file_data, const size_t in_size)

pdftron::UChar
TRN_UChar UChar
Definition: BasicTypes.h:12

PDFDoc.h

pdftron::PDF::VerificationOptions::e_compatibility_and_archiving
Definition: VerificationOptions.h:29

pdftron::PDF::VerificationOptions::VerificationOptions
VerificationOptions(const VerificationOptions &other)

pdftron::PDF::VerificationOptions::LoadTrustList
void LoadTrustList(const FDF::FDFDoc &in_fdf_cert_exchange_data)

BasicTypes.h

pdftron::PDF::VerificationOptions::TimeMode
TimeMode
Definition: VerificationOptions.h:37

pdftron::PDF::VerificationOptions::e_complete_trust
Definition: VerificationOptions.h:62

pdftron::PDF::VerificationOptions::AddTrustedCertificate
void AddTrustedCertificate(const UChar *in_certificate_buf, size_t in_buf_size, const UInt16 in_trust_flags=e_default_trust)

pdftron::PDF::VerificationOptions::EnableDigestVerification
void EnableDigestVerification(bool in_on_or_off)

pdftron::PDF::VerificationOptions::e_signing
Definition: VerificationOptions.h:42

pdftron::UString
Definition: UString.h:26

pdftron::PDF::VerificationOptions::EnableTrustVerification
void EnableTrustVerification(bool in_on_or_off)

pdftron::PDF::VerificationOptions::EnableModificationVerification
void EnableModificationVerification(bool in_on_or_off)

pdftron::PDF::VerificationOptions::e_identity
Definition: VerificationOptions.h:59