aboutsummaryrefslogtreecommitdiff
path: root/unipdf/model/sigutil
diff options
context:
space:
mode:
Diffstat (limited to 'unipdf/model/sigutil')
-rw-r--r--unipdf/model/sigutil/sigutil.go104
1 files changed, 104 insertions, 0 deletions
diff --git a/unipdf/model/sigutil/sigutil.go b/unipdf/model/sigutil/sigutil.go
new file mode 100644
index 0000000..81376e7
--- /dev/null
+++ b/unipdf/model/sigutil/sigutil.go
@@ -0,0 +1,104 @@
+//
+// Copyright 2020 FoxyUtils ehf. All rights reserved.
+//
+// This is a commercial product and requires a license to operate.
+// A trial license can be obtained at https://unidoc.io
+//
+// DO NOT EDIT: generated by unitwist Go source code obfuscator.
+//
+// Use of this source code is governed by the UniDoc End User License Agreement
+// terms that can be accessed at https://unidoc.io/eula/
+
+package sigutil ;import (_eg "bytes";_b "crypto";_gg "crypto/x509";_ge "encoding/asn1";_ef "encoding/pem";_f "errors";_a "fmt";_c "github.com/unidoc/timestamp";_fe "github.com/unidoc/unipdf/v4/common";_ce "golang.org/x/crypto/ocsp";_ga "io";_fa "net/http";
+_g "time";);
+
+// NewTimestampRequest returns a new timestamp request based
+// on the specified options.
+func NewTimestampRequest (body _ga .Reader ,opts *_c .RequestOptions )(*_c .Request ,error ){if opts ==nil {opts =&_c .RequestOptions {};};if opts .Hash ==0{opts .Hash =_b .SHA256 ;};if !opts .Hash .Available (){return nil ,_gg .ErrUnsupportedAlgorithm ;
+};_dd :=opts .Hash .New ();if _ ,_fcc :=_ga .Copy (_dd ,body );_fcc !=nil {return nil ,_fcc ;};return &_c .Request {HashAlgorithm :opts .Hash ,HashedMessage :_dd .Sum (nil ),Certificates :opts .Certificates ,TSAPolicyOID :opts .TSAPolicyOID ,Nonce :opts .Nonce },nil ;
+};
+
+// Get retrieves the certificate at the specified URL.
+func (_d *CertClient )Get (url string )(*_gg .Certificate ,error ){if _d .HTTPClient ==nil {_d .HTTPClient =_gfb ();};_bc ,_be :=_d .HTTPClient .Get (url );if _be !=nil {return nil ,_be ;};defer _bc .Body .Close ();_af ,_be :=_ga .ReadAll (_bc .Body );
+if _be !=nil {return nil ,_be ;};if _dc ,_ :=_ef .Decode (_af );_dc !=nil {_af =_dc .Bytes ;};_feb ,_be :=_gg .ParseCertificate (_af );if _be !=nil {return nil ,_be ;};return _feb ,nil ;};
+
+// NewCRLClient returns a new CRL client.
+func NewCRLClient ()*CRLClient {return &CRLClient {HTTPClient :_gfb ()}};
+
+// GetIssuer retrieves the issuer of the provided certificate.
+func (_ag *CertClient )GetIssuer (cert *_gg .Certificate )(*_gg .Certificate ,error ){for _ ,_bb :=range cert .IssuingCertificateURL {_de ,_ggg :=_ag .Get (_bb );if _ggg !=nil {_fe .Log .Debug ("\u0057\u0041\u0052\u004e\u003a\u0020\u0063\u006f\u0075\u006c\u0064\u0020\u006e\u006f\u0074 \u0064\u006f\u0077\u006e\u006c\u006f\u0061\u0064\u0020\u0069\u0073\u0073\u0075e\u0072\u0020\u0066\u006f\u0072\u0020\u0063\u0065\u0072\u0074\u0069\u0066ic\u0061\u0074\u0065\u0020\u0025\u0076\u003a\u0020\u0025\u0076",cert .Subject .CommonName ,_ggg );
+continue ;};return _de ,nil ;};return nil ,_a .Errorf ("\u0069\u0073\u0073\u0075e\u0072\u0020\u0063\u0065\u0072\u0074\u0069\u0066\u0069\u0063a\u0074e\u0020\u006e\u006f\u0074\u0020\u0066\u006fu\u006e\u0064");};
+
+// MakeRequest makes a CRL request to the specified server and returns the
+// response. If a server URL is not provided, it is extracted from the certificate.
+func (_ege *CRLClient )MakeRequest (serverURL string ,cert *_gg .Certificate )([]byte ,error ){if _ege .HTTPClient ==nil {_ege .HTTPClient =_gfb ();};if serverURL ==""{if len (cert .CRLDistributionPoints )==0{return nil ,_f .New ("\u0063e\u0072\u0074i\u0066\u0069\u0063\u0061t\u0065\u0020\u0064o\u0065\u0073\u0020\u006e\u006f\u0074\u0020\u0073\u0070ec\u0069\u0066\u0079 \u0061\u006ey\u0020\u0043\u0052\u004c\u0020\u0073e\u0072\u0076e\u0072\u0073");
+};serverURL =cert .CRLDistributionPoints [0];};_cd ,_afd :=_ege .HTTPClient .Get (serverURL );if _afd !=nil {return nil ,_afd ;};defer _cd .Body .Close ();_fb ,_afd :=_ga .ReadAll (_cd .Body );if _afd !=nil {return nil ,_afd ;};if _fac ,_ :=_ef .Decode (_fb );
+_fac !=nil {_fb =_fac .Bytes ;};return _fb ,nil ;};
+
+// NewOCSPClient returns a new OCSP client.
+func NewOCSPClient ()*OCSPClient {return &OCSPClient {HTTPClient :_gfb (),Hash :_b .SHA1 }};
+
+// CRLClient represents a CRL (Certificate revocation list) client.
+// It is used to request revocation data from CRL servers.
+type CRLClient struct{
+
+// HTTPClient is the HTTP client used to make CRL requests.
+// By default, an HTTP client with a 5 second timeout per request is used.
+HTTPClient *_fa .Client ;};
+
+// NewTimestampClient returns a new timestamp client.
+func NewTimestampClient ()*TimestampClient {return &TimestampClient {HTTPClient :_gfb ()}};
+
+// MakeRequest makes a OCSP request to the specified server and returns
+// the parsed and raw responses. If a server URL is not provided, it is
+// extracted from the certificate.
+func (_ad *OCSPClient )MakeRequest (serverURL string ,cert ,issuer *_gg .Certificate )(*_ce .Response ,[]byte ,error ){if _ad .HTTPClient ==nil {_ad .HTTPClient =_gfb ();};if serverURL ==""{if len (cert .OCSPServer )==0{return nil ,nil ,_f .New ("\u0063e\u0072\u0074i\u0066\u0069\u0063a\u0074\u0065\u0020\u0064\u006f\u0065\u0073 \u006e\u006f\u0074\u0020\u0073\u0070e\u0063\u0069\u0066\u0079\u0020\u0061\u006e\u0079\u0020\u004f\u0043S\u0050\u0020\u0073\u0065\u0072\u0076\u0065\u0072\u0073");
+};serverURL =cert .OCSPServer [0];};_efc ,_ff :=_ce .CreateRequest (cert ,issuer ,&_ce .RequestOptions {Hash :_ad .Hash });if _ff !=nil {return nil ,nil ,_ff ;};_fc ,_ff :=_ad .HTTPClient .Post (serverURL ,"\u0061p\u0070\u006c\u0069\u0063\u0061\u0074\u0069\u006f\u006e\u002f\u006fc\u0073\u0070\u002d\u0072\u0065\u0071\u0075\u0065\u0073\u0074",_eg .NewReader (_efc ));
+if _ff !=nil {return nil ,nil ,_ff ;};defer _fc .Body .Close ();_abb ,_ff :=_ga .ReadAll (_fc .Body );if _ff !=nil {return nil ,nil ,_ff ;};if _df ,_ :=_ef .Decode (_abb );_df !=nil {_abb =_df .Bytes ;};_gc ,_ff :=_ce .ParseResponseForCert (_abb ,cert ,issuer );
+if _ff !=nil {return nil ,nil ,_ff ;};return _gc ,_abb ,nil ;};
+
+// OCSPClient represents a OCSP (Online Certificate Status Protocol) client.
+// It is used to request revocation data from OCSP servers.
+type OCSPClient struct{
+
+// HTTPClient is the HTTP client used to make OCSP requests.
+// By default, an HTTP client with a 5 second timeout per request is used.
+HTTPClient *_fa .Client ;
+
+// Hash is the hash function used when constructing the OCSP
+// requests. If zero, SHA-1 will be used.
+Hash _b .Hash ;};
+
+// GetEncodedToken executes the timestamp request and returns the DER encoded
+// timestamp token bytes.
+func (_egeb *TimestampClient )GetEncodedToken (serverURL string ,req *_c .Request )([]byte ,error ){if serverURL ==""{return nil ,_a .Errorf ("\u006d\u0075\u0073\u0074\u0020\u0070r\u006f\u0076\u0069\u0064\u0065\u0020\u0074\u0069\u006d\u0065\u0073\u0074\u0061m\u0070\u0020\u0073\u0065\u0072\u0076\u0065r\u0020\u0055\u0052\u004c");
+};if req ==nil {return nil ,_a .Errorf ("\u0074\u0069\u006de\u0073\u0074\u0061\u006dp\u0020\u0072\u0065\u0071\u0075\u0065\u0073t\u0020\u0063\u0061\u006e\u006e\u006f\u0074\u0020\u0062\u0065\u0020\u006e\u0069\u006c");};_db ,_cdc :=req .Marshal ();if _cdc !=nil {return nil ,_cdc ;
+};_cda ,_cdc :=_fa .NewRequest ("\u0050\u004f\u0053\u0054",serverURL ,_eg .NewBuffer (_db ));if _cdc !=nil {return nil ,_cdc ;};_cda .Header .Set ("\u0043\u006f\u006et\u0065\u006e\u0074\u002d\u0054\u0079\u0070\u0065","a\u0070\u0070\u006c\u0069\u0063\u0061t\u0069\u006f\u006e\u002f\u0074\u0069\u006d\u0065\u0073t\u0061\u006d\u0070-\u0071u\u0065\u0072\u0079");
+if _egeb .BeforeHTTPRequest !=nil {if _fce :=_egeb .BeforeHTTPRequest (_cda );_fce !=nil {return nil ,_fce ;};};_eac :=_egeb .HTTPClient ;if _eac ==nil {_eac =_gfb ();};_efb ,_cdc :=_eac .Do (_cda );if _cdc !=nil {return nil ,_cdc ;};defer _efb .Body .Close ();
+_gf ,_cdc :=_ga .ReadAll (_efb .Body );if _cdc !=nil {return nil ,_cdc ;};if _efb .StatusCode !=_fa .StatusOK {return nil ,_a .Errorf ("\u0075\u006e\u0065x\u0070\u0065\u0063\u0074e\u0064\u0020\u0048\u0054\u0054\u0050\u0020s\u0074\u0061\u0074\u0075\u0073\u0020\u0063\u006f\u0064\u0065\u003a\u0020\u0025\u0064",_efb .StatusCode );
+};var _efe struct{Version _ge .RawValue ;Content _ge .RawValue ;};if _ ,_cdc =_ge .Unmarshal (_gf ,&_efe );_cdc !=nil {return nil ,_cdc ;};return _efe .Content .FullBytes ,nil ;};func _gfb ()*_fa .Client {return &_fa .Client {Timeout :5*_g .Second }};
+
+// CertClient represents a X.509 certificate client. Its primary purpose
+// is to download certificates.
+type CertClient struct{
+
+// HTTPClient is the HTTP client used to make certificate requests.
+// By default, an HTTP client with a 5 second timeout per request is used.
+HTTPClient *_fa .Client ;};
+
+// IsCA returns true if the provided certificate appears to be a CA certificate.
+func (_fab *CertClient )IsCA (cert *_gg .Certificate )bool {return cert .IsCA &&_eg .Equal (cert .RawIssuer ,cert .RawSubject );};
+
+// TimestampClient represents a RFC 3161 timestamp client.
+// It is used to obtain signed tokens from timestamp authority servers.
+type TimestampClient struct{
+
+// HTTPClient is the HTTP client used to make timestamp requests.
+// By default, an HTTP client with a 5 second timeout per request is used.
+HTTPClient *_fa .Client ;
+
+// Callbacks.
+BeforeHTTPRequest func (_dg *_fa .Request )error ;};
+
+// NewCertClient returns a new certificate client.
+func NewCertClient ()*CertClient {return &CertClient {HTTPClient :_gfb ()}}; \ No newline at end of file
generated by cgit v1.2.3 (git 2.25.1) at 2025-12-06 07:17:11 +0000