1 /** NSS signature generator 2 * 3 * Mozilla has two APIs for generating signatures (older SEC_PKCS7) 4 * and newer SMIME (CMS). We are using newer API. 5 * 6 * You have to have certificate (CERTCertificate * )which will be 7 * used for signing. 8 */ 9 10 #ifndef _NSS_SIGNATURE_GENERATOR_H_ 11 #define _NSS_SIGNATURE_GENERATOR_H_ 12 13 #include <cms.h> 14 #include <cert.h> 15 #include <secoid.h> 16 #include <string> 17 18 #include "SignatureGenerator.h" 19 20 namespace PoDoFo { 21 class PdfData; 22 }; 23 24 class NSSSignatureGenerator : public SignatureGenerator 25 { 26 private: 27 PoDoFo::PdfData *pSignature; 28 CERTCertificate *pCert; 29 NSSCMSMessage *cmsg; 30 NSSCMSEncoderContext *enc; 31 std::string signature; 32 33 static void sm_write_stream(void *arg, const char *buf, unsigned long len); 34 35 protected: 36 // get digest algoritm for the signing algoritm 37 static SECOidTag getDigestAlgor(CERTCertificate *pCert); 38 39 // create message with signature 40 static NSSCMSMessage *createSign(CERTCertificate *cert); 41 42 public: 43 NSSSignatureGenerator(CERTCertificate *pCert); 44 virtual ~NSSSignatureGenerator(); 45 46 virtual bool init(); 47 48 virtual bool appendData(const char *pData, unsigned int dataSize); 49 virtual bool finishData(); 50 virtual const PoDoFo::PdfData *getSignature(); 51 }; 52 53 #endif // _NSS_SIGNATURE_GENERATOR_H_ 54