[Libreoffice-commits] core.git: xmlsecurity/inc xmlsecurity/source xmlsecurity/workben
Miklos Vajna (via logerrit)
logerrit at kemper.freedesktop.org
Wed Sep 23 06:18:14 UTC 2020
xmlsecurity/inc/pdfsignaturehelper.hxx | 2
xmlsecurity/source/helper/pdfsignaturehelper.cxx | 9 ++-
xmlsecurity/workben/pdfverify.cxx | 61 ++++++++++-------------
3 files changed, 37 insertions(+), 35 deletions(-)
New commits:
commit c18356b49ce2f2a4f097b91cb74d578f9976d4d7
Author: Miklos Vajna <vmiklos at collabora.com>
AuthorDate: Tue Sep 22 21:15:19 2020 +0200
Commit: Miklos Vajna <vmiklos at collabora.com>
CommitDate: Wed Sep 23 08:17:39 2020 +0200
Executable_pdfverify: use PDFSignatureHelper for signature verification
Towards making vcl::filter::PDFDocument an implementation detail of
PDFSignatureHelper during signature verification: so pdfverify, cppunit
tests and the UI shares more code.
Change-Id: Ibb68933d754e392bce0ebbf06be8916ab3f7efdc
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/103214
Tested-by: Jenkins
Reviewed-by: Miklos Vajna <vmiklos at collabora.com>
diff --git a/xmlsecurity/inc/pdfsignaturehelper.hxx b/xmlsecurity/inc/pdfsignaturehelper.hxx
index 25b0c42e6478..24b92a7d3140 100644
--- a/xmlsecurity/inc/pdfsignaturehelper.hxx
+++ b/xmlsecurity/inc/pdfsignaturehelper.hxx
@@ -38,6 +38,7 @@ namespace xml::crypto
class XSecurityEnvironment;
}
}
+class SvStream;
/// Handles signatures of a PDF file.
class XMLSECURITY_DLLPUBLIC PDFSignatureHelper
@@ -50,6 +51,7 @@ class XMLSECURITY_DLLPUBLIC PDFSignatureHelper
public:
PDFSignatureHelper();
bool ReadAndVerifySignature(const css::uno::Reference<css::io::XInputStream>& xInputStream);
+ bool ReadAndVerifySignatureSvStream(SvStream& rStream);
css::uno::Sequence<css::security::DocumentSignatureInformation>
GetDocumentSignatureInformations(
const css::uno::Reference<css::xml::crypto::XSecurityEnvironment>& xSecEnv) const;
diff --git a/xmlsecurity/source/helper/pdfsignaturehelper.cxx b/xmlsecurity/source/helper/pdfsignaturehelper.cxx
index 7b570e20ce2e..b49cdd3e449f 100644
--- a/xmlsecurity/source/helper/pdfsignaturehelper.cxx
+++ b/xmlsecurity/source/helper/pdfsignaturehelper.cxx
@@ -126,8 +126,13 @@ bool PDFSignatureHelper::ReadAndVerifySignature(
}
std::unique_ptr<SvStream> pStream(utl::UcbStreamHelper::CreateStream(xInputStream, true));
+ return ReadAndVerifySignatureSvStream(*pStream);
+}
+
+bool PDFSignatureHelper::ReadAndVerifySignatureSvStream(SvStream& rStream)
+{
vcl::filter::PDFDocument aDocument;
- if (!aDocument.Read(*pStream))
+ if (!aDocument.Read(rStream))
{
SAL_WARN("xmlsecurity.helper", "failed to read the document");
return false;
@@ -143,7 +148,7 @@ bool PDFSignatureHelper::ReadAndVerifySignature(
{
SignatureInformation aInfo(i);
- if (!xmlsecurity::pdfio::ValidateSignature(*pStream, aSignatures[i], aInfo, aDocument))
+ if (!xmlsecurity::pdfio::ValidateSignature(rStream, aSignatures[i], aInfo, aDocument))
SAL_WARN("xmlsecurity.helper", "failed to determine digest match");
m_aSignatureInfos.push_back(aInfo);
diff --git a/xmlsecurity/workben/pdfverify.cxx b/xmlsecurity/workben/pdfverify.cxx
index b5052502573f..78595bae0ef9 100644
--- a/xmlsecurity/workben/pdfverify.cxx
+++ b/xmlsecurity/workben/pdfverify.cxx
@@ -24,11 +24,10 @@
#include <vcl/graphicfilter.hxx>
#include <vcl/filter/pdfdocument.hxx>
#include <comphelper/scopeguard.hxx>
-
-#include <pdfio/pdfdocument.hxx>
-
#include <svl/sigstruct.hxx>
+#include <pdfsignaturehelper.hxx>
+
using namespace com::sun::star;
namespace
@@ -114,6 +113,32 @@ int pdfVerify(int nArgc, char** pArgv)
bRemoveSignature = true;
SvFileStream aStream(aInURL, StreamMode::READ);
+ if (aOutURL.isEmpty() && !bRemoveSignature)
+ {
+ std::cerr << "verifying signatures" << std::endl;
+ PDFSignatureHelper aHelper;
+ aStream.Seek(0);
+ aHelper.ReadAndVerifySignatureSvStream(aStream);
+ if (aHelper.GetSignatureInformations().empty())
+ std::cerr << "found no signatures" << std::endl;
+ else
+ {
+ std::cerr << "found " << aHelper.GetSignatureInformations().size() << " signatures"
+ << std::endl;
+ for (size_t i = 0; i < aHelper.GetSignatureInformations().size(); ++i)
+ {
+ const SignatureInformation& rInfo = aHelper.GetSignatureInformations()[i];
+ bool bSuccess
+ = rInfo.nStatus == xml::crypto::SecurityOperationStatus_OPERATION_SUCCEEDED;
+ std::cerr << "signature #" << i << ": digest match? " << bSuccess << std::endl;
+ std::cerr << "signature #" << i << ": partial? " << rInfo.bPartialDocumentSignature
+ << std::endl;
+ }
+ }
+
+ return 0;
+ }
+
vcl::filter::PDFDocument aDocument;
if (!aDocument.Read(aStream))
{
@@ -148,36 +173,6 @@ int pdfVerify(int nArgc, char** pArgv)
return 0;
}
- if (aOutURL.isEmpty())
- {
- std::cerr << "verifying signatures" << std::endl;
- std::vector<vcl::filter::PDFObjectElement*> aSignatures = aDocument.GetSignatureWidgets();
- if (aSignatures.empty())
- std::cerr << "found no signatures" << std::endl;
- else
- {
- std::cerr << "found " << aSignatures.size() << " signatures" << std::endl;
- for (size_t i = 0; i < aSignatures.size(); ++i)
- {
- SignatureInformation aInfo(i);
- if (!xmlsecurity::pdfio::ValidateSignature(aStream, aSignatures[i], aInfo,
- aDocument))
- {
- SAL_WARN("xmlsecurity.pdfio", "failed to determine digest match");
- return 1;
- }
-
- bool bSuccess
- = aInfo.nStatus == xml::crypto::SecurityOperationStatus_OPERATION_SUCCEEDED;
- std::cerr << "signature #" << i << ": digest match? " << bSuccess << std::endl;
- std::cerr << "signature #" << i << ": partial? " << aInfo.bPartialDocumentSignature
- << std::endl;
- }
- }
-
- return 0;
- }
-
std::cerr << "adding a new signature" << std::endl;
uno::Reference<xml::crypto::XSecurityEnvironment> xSecurityEnvironment
= xSecurityContext->getSecurityEnvironment();
More information about the Libreoffice-commits
mailing list