70 #define KSI_VERIFICATION_ERROR_CODE_LIST\
72 _(GEN, 1, 0x100, "GEN-01", "Wrong document")\
73 _(GEN, 2, 0x100, "GEN-02", "Verification inconclusive") \
74 _(GEN, 3, 0x100, "GEN-03", "Input hash level too large") \
75 _(GEN, 4, 0x100, "GEN-04", "Wrong input hash algorithm") \
77 _(INT, 1, 0x200, "INT-01", "Inconsistent aggregation hash chains") \
78 _(INT, 2, 0x200, "INT-02", "Inconsistent aggregation hash chain aggregation times") \
79 _(INT, 3, 0x200, "INT-03", "Calendar hash chain input hash mismatch") \
80 _(INT, 4, 0x200, "INT-04", "Calendar hash chain aggregation time mismatch") \
81 _(INT, 5, 0x200, "INT-05", "Calendar hash chain shape inconsistent with aggregation time") \
82 _(INT, 6, 0x200, "INT-06", "Calendar hash chain time inconsistent with calendar authentication record time") \
83 _(INT, 7, 0x200, "INT-07", "Calendar hash chain time inconsistent with publication time") \
84 _(INT, 8, 0x200, "INT-08", "Calendar hash chain root hash is inconsistent with calendar authentication record input hash") \
85 _(INT, 9, 0x200, "INT-09", "Calendar hash chain root hash is inconsistent with published hash value") \
86 _(INT, 10, 0x200, "INT-10", "Aggregation hash chain chain index mismatch") \
87 _(INT, 11, 0x200, "INT-11", "The metadata record in the aggregation hash chain may not be trusted") \
88 _(INT, 12, 0x200, "INT-12", "Inconsistent chain indexes") \
89 _(INT, 13, 0x200, "INT-13", "Document hash algorithm deprecated at the time of signing") \
90 _(INT, 14, 0x200, "INT-14", "RFC3161 compatibility record composed of hash algorithms that where deprecated at the time of signing") \
91 _(INT, 15, 0x200, "INT-15", "Aggregation hash chain uses hash algorithm that was deprecated at the time of signing") \
92 _(INT, 16, 0x200, "INT-16", "Calendar hash chain hash algorithm was obsolete at publication time") \
93 _(INT, 17, 0x200, "INT-17", "The RFC3161 compatibility record output hash algorithm was deprecated at the time of signing") \
95 _(PUB, 1, 0x300, "PUB-01", "Extender response calendar root hash mismatch") \
96 _(PUB, 2, 0x300, "PUB-02", "Extender response inconsistent") \
97 _(PUB, 3, 0x300, "PUB-03", "Extender response input hash mismatch") \
98 _(PUB, 4, 0x300, "PUB-04", "Publication record hash and user provided publication hash mismatch") \
99 _(PUB, 5, 0x300, "PUB-05", "Publication record hash and publications file publication hash mismatch") \
101 _(KEY, 2, 0x400, "KEY-02", "PKI signature not verified with certificate") \
102 _(KEY, 3, 0x400, "KEY-03", "Signing certificate not valid at aggregation time") \
104 _(CAL, 1, 0x500, "CAL-01", "Calendar root hash mismatch between signature and calendar database chain") \
105 _(CAL, 2, 0x500, "CAL-02", "Aggregation hash chain root hash and calendar database hash chain input hash mismatch") \
106 _(CAL, 3, 0x500, "CAL-03", "Aggregation time mismatch") \
107 _(CAL, 4, 0x500, "CAL-04", "Calendar hash chain right links are inconsistent")
109 #define KSI_VERIFICATION_ERROR_CODE_DEPRECATED_LIST\
111 _(KEY, 1, 0x400, "KEY-01", "Certificate not found") \
119 #define _(type, code, offset, cor, desc) KSI_VER_ERR_##type##_##code = (offset + code),
122 #define _(type, code, offset, cor, desc) KSI_ENUM_DEPRECATED(KSI_VER_ERR_##type##_##code, Removed from verfication process!),
154 #define KSI_RuleVerificationResultList_append(lst, o) KSI_APPLY_TO_NOT_NULL((lst), append, ((lst), (o)))
155 #define KSI_RuleVerificationResultList_remove(lst, pos, o) KSI_APPLY_TO_NOT_NULL((lst), removeElement, ((lst), (pos), (o)))
156 #define KSI_RuleVerificationResultList_indexOf(lst, o, i) KSI_APPLY_TO_NOT_NULL((lst), indexOf, ((lst), (o), (i)))
157 #define KSI_RuleVerificationResultList_insertAt(lst, pos, o) KSI_APPLY_TO_NOT_NULL((lst), insertAt, ((lst), (pos), (o)))
158 #define KSI_RuleVerificationResultList_replaceAt(lst, pos, o) KSI_APPLY_TO_NOT_NULL((lst), replaceAt, ((lst), (pos), (o)))
159 #define KSI_RuleVerificationResultList_elementAt(lst, pos, o) KSI_APPLY_TO_NOT_NULL((lst), elementAt, ((lst), (pos), (o)))
160 #define KSI_RuleVerificationResultList_length(lst) (((lst) != NULL && (lst)->length != NULL) ? (lst)->length((lst)) : 0)
161 #define KSI_RuleVerificationResultList_find(lst, o,f, i) KSI_APPLY_TO_NOT_NULL((lst), find, ((lst), (o), (f), (i)))
163 #define KSI_TlvElementList_sort(lst, cmp) KSI_APPLY_TO_NOT_NULL((lst), sort, ((lst), (cmp)))
164 #define KSI_TlvElementList_foldl(lst, foldCtx, foldFn) (((lst) != NULL) ? (((lst)->foldl != NULL) ? ((lst)->foldl((lst), (foldCtx), (foldFn))) : KSI_INVALID_STATE) : KSI_OK)
165 #define KSI_TlvElementList_find(lst, o,f, i) KSI_APPLY_TO_NOT_NULL((lst), find, ((lst), (o), (f), (i)))
const KSI_DataHash * documentHash
Definition: policy.h:44
#define KSI_uint64_t
Definition: types_base.h:105
KSI_VerificationResultCode resultCode
Definition: policy.h:189
#define KSI_VERIFICATION_ERROR_CODE_DEPRECATED_LIST
Definition: policy.h:109
const KSI_Policy * KSI_VERIFICATION_POLICY_EMPTY
KSI_Signature * signature
Definition: policy.h:35
int KSI_VerificationContext_init(KSI_VerificationContext *context, KSI_CTX *ctx)
struct KSI_PublicationsFile_st KSI_PublicationsFile
Definition: publicationsfile.h:45
const char * ruleName
Definition: policy.h:134
size_t stepsSuccessful
Definition: policy.h:140
struct KSI_PublicationData_st KSI_PublicationData
Definition: types.h:59
KSI_RuleType type
Definition: policy.h:238
int KSI_RuleVerificationResult_init(KSI_RuleVerificationResult *result)
KSI_VerificationErrorCode_en
Definition: policy.h:116
size_t stepsFailed
Definition: policy.h:142
const char * KSI_VerificationErrorCode_toString(int errorCode)
const KSI_Policy * KSI_VERIFICATION_POLICY_GENERAL
int KSI_Policy_setFallback(KSI_CTX *ctx, KSI_Policy *policy, const KSI_Policy *fallback)
const void * rule
Definition: policy.h:239
#define KSI_VERIFICATION_ERROR_CODE_LIST
Definition: policy.h:70
KSI_CTX * ctx
Definition: policy.h:32
int KSI_SignatureVerifier_verify(const KSI_Policy *policy, KSI_VerificationContext *context, KSI_PolicyVerificationResult **result)
struct KSI_DataHash_st KSI_DataHash
Definition: hash.h:52
int KSI_Policy_create(KSI_CTX *ctx, const KSI_Rule *rules, const char *name, KSI_Policy **policy)
size_t ref
Definition: policy.h:187
KSI_VerificationErrorCode errorCode
Definition: policy.h:132
KSI_VerificationResultCode_en
Definition: policy.h:58
void * tempData
Definition: policy.h:52
const KSI_PublicationData * userPublication
Definition: policy.h:47
#define KSI_DEFINE_EXTERN(e)
Definition: common.h:87
const KSI_Policy * KSI_VERIFICATION_POLICY_INTERNAL
void KSI_VerificationContext_clean(KSI_VerificationContext *context)
int KSI_VerificationErrorCode_fromString(const char *errCodeStr)
void KSI_PolicyVerificationResult_free(KSI_PolicyVerificationResult *result)
const KSI_Policy * KSI_VERIFICATION_POLICY_USER_PUBLICATION_BASED
size_t stepsPerformed
Definition: policy.h:138
KSI_uint64_t docAggrLevel
Definition: policy.h:41
int KSI_Policy_clone(KSI_CTX *ctx, const KSI_Policy *policy, KSI_Policy **clone)
struct KSI_Signature_st KSI_Signature
Definition: types.h:67
enum KSI_VerificationErrorCode_en KSI_VerificationErrorCode
KSI_LIST(KSI_RuleVerificationResult)*ruleResults
const char * policyName
Definition: policy.h:136
#define KSI_DEFINE_LIST(type)
Definition: list.h:159
const KSI_Policy * KSI_VERIFICATION_POLICY_PUBLICATIONS_FILE_BASED
struct KSI_Policy_st KSI_Policy
Definition: types.h:70
void KSI_Policy_free(KSI_Policy *policy)
const KSI_Policy * KSI_VERIFICATION_POLICY_CALENDAR_BASED
struct KSI_CTX_st KSI_CTX
Definition: types_base.h:124
const KSI_Policy * KSI_VERIFICATION_POLICY_KEY_BASED
enum KSI_VerificationResultCode_en KSI_VerificationResultCode
char * statusMessage
Definition: policy.h:148
int extendingAllowed
Definition: policy.h:38
void KSI_RuleVerificationResult_clean(KSI_RuleVerificationResult *result)
int status
Definition: policy.h:144
KSI_RuleVerificationResult finalResult
Definition: policy.h:191
const char * KSI_Policy_getErrorString(int errorCode)
KSI_VerificationResultCode resultCode
Definition: policy.h:130
struct KSI_Rule_st KSI_Rule
RuleType_en
Definition: policy.h:206
KSI_PublicationsFile * userPublicationsFile
Definition: policy.h:50
enum RuleType_en KSI_RuleType
int statusExt
Definition: policy.h:146