- Generated on Thu Jun 12 2025 08:02:59 for libcdoc by
1.9.8
|
libcdoc 0.1.8
|
#include <NetworkBackend.h>
Classes | |
| struct | CapsuleInfo |
| Share information returned by server. More... | |
| struct | ProxyCredentials |
| Proxy credentials used for network access. More... | |
| struct | ShareInfo |
| Share information returned by server. More... | |
Public Member Functions | |
| NetworkBackend ()=default | |
| virtual | ~NetworkBackend () noexcept=default |
| NetworkBackend (const NetworkBackend &)=delete | |
| NetworkBackend & | operator= (const NetworkBackend &)=delete |
| CDOC_DISABLE_MOVE (NetworkBackend) | |
| virtual std::string | getLastErrorStr (result_t code) const |
| Get the textual description of the last error. | |
| virtual result_t | sendKey (CapsuleInfo &dst, const std::string &url, const std::vector< uint8_t > &rcpt_key, const std::vector< uint8_t > &key_material, const std::string &type) |
| send key material to keyserver | |
| virtual result_t | sendShare (std::vector< uint8_t > &dst, const std::string &url, const std::string &recipient, const std::vector< uint8_t > &share) |
| send key share to server | |
| virtual result_t | fetchKey (std::vector< uint8_t > &dst, const std::string &url, const std::string &transaction_id) |
| fetch key material from keyserver | |
| virtual result_t | fetchNonce (std::vector< uint8_t > &dst, const std::string &url, const std::string &share_id) |
| fetch authentication nonce from share server | |
| virtual result_t | fetchShare (ShareInfo &share, const std::string &url, const std::string &share_id, const std::string &ticket, const std::vector< uint8_t > &cert) |
| fetch key share from share server | |
| virtual result_t | getClientTLSCertificate (std::vector< uint8_t > &dst) |
| get client TLS certificate in der format | |
| virtual result_t | getPeerTLSCertificates (std::vector< std::vector< uint8_t > > &dst) |
| get a list of peer TLS certificates in der format | |
| virtual result_t | getPeerTLSCertificates (std::vector< std::vector< uint8_t > > &dst, const std::string &url) |
| get a list of peer TLS certificates in der format | |
| virtual result_t | getProxyCredentials (ProxyCredentials &credentials) const |
| Get proxy configuration currently set. | |
| virtual result_t | signTLS (std::vector< uint8_t > &dst, CryptoBackend::HashAlgorithm algorithm, const std::vector< uint8_t > &digest) |
| sign TLS digest with client's private key | |
| virtual result_t | showVerificationCode (unsigned int code) |
| show MID/SID verification code | |
| result_t | signSID (std::vector< uint8_t > &dst, std::vector< uint8_t > &cert, const std::string &url, const std::string &rp_uuid, const std::string &rp_name, const std::string &rcpt_id, const std::vector< uint8_t > &digest, CryptoBackend::HashAlgorithm algo) |
| Sign digest with SmartID authentication key. | |
| result_t | signMID (std::vector< uint8_t > &dst, std::vector< uint8_t > &cert, const std::string &url, const std::string &rp_uuid, const std::string &rp_name, const std::string &phone, const std::string &rcpt_id, const std::vector< uint8_t > &digest, CryptoBackend::HashAlgorithm algo) |
| Sign digest with Mobile ID authentication key. | |
Static Public Attributes | |
| static constexpr int | NETWORK_ERROR = -300 |
| Generic network error. | |
| static constexpr int | MIDSID_USER_REFUSED = -350 |
| static constexpr int | MIDSID_TIMEOUT = -351 |
| static constexpr int | MIDSID_DOCUMENT_UNUSABLE = -352 |
| static constexpr int | MIDSID_WRONG_VC = -353 |
| static constexpr int | MIDSID_REQUIRED_INTERACTION_NOT_SUPPORTED_BY_APP = -354 |
| static constexpr int | MIDSID_USER_REFUSED_CERT_CHOICE = -355 |
| static constexpr int | MIDSID_USER_REFUSED_DISPLAYTEXTANDPIN = -356 |
| static constexpr int | MIDSID_USER_REFUSED_VC_CHOICE = -357 |
| static constexpr int | MIDSID_USER_REFUSED_CONFIRMATIONMESSAGE = -358 |
| static constexpr int | MIDSID_USER_REFUSED_CONFIRMATIONMESSAGE_WITH_VC_CHOICE = -359 |
| static constexpr int | MIDSID_NOT_MID_CLIENT = -360 |
| static constexpr int | MIDSID_USER_CANCELLED = -361 |
| static constexpr int | MIDSID_SIGNATURE_HASH_MISMATCH = -362 |
| static constexpr int | MIDSID_PHONE_ABSENT = -363 |
| static constexpr int | MIDSID_DELIVERY_ERROR = -364 |
| static constexpr int | MIDSID_SIM_ERROR = -365 |
|
default |
|
virtualdefaultnoexcept |
|
delete |
| libcdoc::NetworkBackend::CDOC_DISABLE_MOVE | ( | NetworkBackend | ) |
|
virtual |
fetch key material from keyserver
The default implementation uses internal http client, peer TLS list and client TLS certificate
| dst | a destination container for key material |
| url | server url |
| transaction_id | transaction id of capsule |
|
virtual |
fetch authentication nonce from share server
| dst | a destination container for nonce |
| url | server url |
| share_id | share id (transaction id) |
|
virtual |
fetch key share from share server
| share | a container for result |
| url | server url |
| share_id | share id (transaction id) |
| ticket | signed ticket with disclosed url |
| cert | a certificate of signing key (PEM without newlines) |
|
inlinevirtual |
get client TLS certificate in der format
| dst | a destination container for certificate |
References libcdoc::NOT_IMPLEMENTED.
|
virtual |
Get the textual description of the last error.
The result is undefined if the error code does not match the most recent error
| code | The error code |
|
inlinevirtual |
get a list of peer TLS certificates in der format
| dst | a destination container for certificate |
References libcdoc::NOT_IMPLEMENTED.
|
inlinevirtual |
get a list of peer TLS certificates in der format
| dst | a destination container for certificate |
| url | the base url ("https://servername:port/") |
|
inlinevirtual |
Get proxy configuration currently set.
| credentials | output for proxy credentials |
References libcdoc::NOT_IMPLEMENTED.
|
delete |
|
virtual |
send key material to keyserver
The default implementation uses internal http client and peer TLS certificate list.
| dst | the transaction id and expiry date of the capsule on server |
| url | server url |
| rcpt_key | recipient's public key |
| key_material | encrypted KEK or ECDH public Key used to derive shared secret |
| type | algorithm type, currently either "rsa" or "ecc_secp384r1" |
|
virtual |
send key share to server
The recipient has to be in form "etsi/PNOEE-XXXXXXXXXXXX" and must match certificate subject serial number field (without "etsi/" prefix).
| dst | a container for share id |
| url | server url |
| recipient | the recipient id (ETSI319412-1) |
| share | base64 encoded Key Share |
|
virtual |
show MID/SID verification code
Show SID/MID verification code. The default implementation logs it with level INFO.
| code | verification code |
| result_t libcdoc::NetworkBackend::signMID | ( | std::vector< uint8_t > & | dst, |
| std::vector< uint8_t > & | cert, | ||
| const std::string & | url, | ||
| const std::string & | rp_uuid, | ||
| const std::string & | rp_name, | ||
| const std::string & | phone, | ||
| const std::string & | rcpt_id, | ||
| const std::vector< uint8_t > & | digest, | ||
| CryptoBackend::HashAlgorithm | algo | ||
| ) |
Sign digest with Mobile ID authentication key.
| dst | a container for signature |
| cert | a container for certificate |
| url | Mobile ID gateway base URL |
| rp_uuid | relying party UUID |
| rp_name | relying party name |
| phone | recipient's phone number |
| rcpt_id | recipient id (etsi/PNOEE-XYZXYZXYZXY) |
| digest | digest to sign |
| algo | algorithm type (SHA256, SHA385, SHA512) |
| result_t libcdoc::NetworkBackend::signSID | ( | std::vector< uint8_t > & | dst, |
| std::vector< uint8_t > & | cert, | ||
| const std::string & | url, | ||
| const std::string & | rp_uuid, | ||
| const std::string & | rp_name, | ||
| const std::string & | rcpt_id, | ||
| const std::vector< uint8_t > & | digest, | ||
| CryptoBackend::HashAlgorithm | algo | ||
| ) |
Sign digest with SmartID authentication key.
| dst | a container for signature |
| cert | a container for certificate |
| url | SmartID gateway base URL |
| rp_uuid | relying party UUID |
| rp_name | relying party name |
| rcpt_id | recipient id (etsi/PNOEE-XYZXYZXYZXY) |
| digest | digest to sign |
| algo | algorithm type (SHA256, SHA385, SHA512) |
|
inlinevirtual |
sign TLS digest with client's private key
| dst | a destination container for signature |
| algorithm | signing algorithm |
| digest | data to be signed |
References libcdoc::NOT_IMPLEMENTED.
|
staticconstexpr |
|
staticconstexpr |
|
staticconstexpr |
|
staticconstexpr |
|
staticconstexpr |
|
staticconstexpr |
|
staticconstexpr |
|
staticconstexpr |
|
staticconstexpr |
|
staticconstexpr |
|
staticconstexpr |
|
staticconstexpr |
|
staticconstexpr |
|
staticconstexpr |
|
staticconstexpr |
|
staticconstexpr |
|
staticconstexpr |
Generic network error.
1.9.8