mirror of https://github.com/JakubMelka/PDF4QT.git
Issue #16: Fix compilation error with OpenSSL 3
This commit is contained in:
Jakub Melka
parent
8d925c513e
commit
1c03bd85cd
|
|
@ -43,6 +43,9 @@
|
||||||
namespace pdf
|
namespace pdf
|
||||||
{
|
{
|
||||||
|
|
||||||
|
template<typename T>
|
||||||
|
using openssl_ptr = std::unique_ptr<T, void(*)(T*)>;
|
||||||
|
|
||||||
static QMutex s_globalOpenSSLMutex(QMutex::Recursive);
|
static QMutex s_globalOpenSSLMutex(QMutex::Recursive);
|
||||||
|
|
||||||
/// OpenSSL is not thread safe.
|
/// OpenSSL is not thread safe.
|
||||||
|
|
@ -1444,46 +1447,44 @@ void PDFSignatureHandler_adbe_pkcs7_rsa_sha1::verifyRSACertificate(PDFSignatureV
|
||||||
void PDFSignatureHandler_adbe_pkcs7_rsa_sha1::verifyRSASignature(PDFSignatureVerificationResult& result) const
|
void PDFSignatureHandler_adbe_pkcs7_rsa_sha1::verifyRSASignature(PDFSignatureVerificationResult& result) const
|
||||||
{
|
{
|
||||||
// Jakub Melka: we will use first certificate to validate signature
|
// Jakub Melka: we will use first certificate to validate signature
|
||||||
X509* certificate = createCertificate(0);
|
openssl_ptr<X509> certificate(createCertificate(0), X509_free);
|
||||||
if (!certificate)
|
if (!certificate)
|
||||||
{
|
{
|
||||||
result.addSignatureCertificateMissingError();
|
result.addSignatureCertificateMissingError();
|
||||||
return;
|
return;
|
||||||
}
|
}
|
||||||
|
|
||||||
EVP_PKEY* evpKey = X509_get0_pubkey(certificate);
|
EVP_PKEY* evpKey = X509_get0_pubkey(certificate.get());
|
||||||
if (!evpKey)
|
if (!evpKey)
|
||||||
{
|
{
|
||||||
X509_free(certificate);
|
|
||||||
result.addSignatureCertificateMissingError();
|
result.addSignatureCertificateMissingError();
|
||||||
return;
|
return;
|
||||||
}
|
}
|
||||||
|
|
||||||
RSA* rsa = EVP_PKEY_get0_RSA(evpKey);
|
openssl_ptr<RSA> rsa(EVP_PKEY_get1_RSA(evpKey), RSA_free);
|
||||||
if (!rsa)
|
if (!rsa)
|
||||||
{
|
{
|
||||||
X509_free(certificate);
|
|
||||||
result.addSignatureCertificateMissingError();
|
result.addSignatureCertificateMissingError();
|
||||||
return;
|
return;
|
||||||
}
|
}
|
||||||
|
|
||||||
QByteArray outputBuffer;
|
QByteArray outputBuffer;
|
||||||
if (BIO* bio = this->getSignedDataBuffer(result, outputBuffer))
|
openssl_ptr<BIO> bio(this->getSignedDataBuffer(result, outputBuffer), BIO_free_all);
|
||||||
|
if (bio)
|
||||||
{
|
{
|
||||||
const PDFSignature& signature = m_signatureField->getSignature();
|
const PDFSignature& signature = m_signatureField->getSignature();
|
||||||
const QByteArray& signKey = signature.getContents();
|
const QByteArray& signKey = signature.getContents();
|
||||||
|
|
||||||
const unsigned char* encryptedSign = convertByteArrayToUcharPtr(signKey);
|
const unsigned char* encryptedSign = convertByteArrayToUcharPtr(signKey);
|
||||||
const unsigned int encryptedSignLength = signKey.length();
|
const unsigned int encryptedSignLength = signKey.length();
|
||||||
if (ASN1_OCTET_STRING* encryptedString = d2i_ASN1_OCTET_STRING(nullptr, &encryptedSign, encryptedSignLength))
|
|
||||||
|
openssl_ptr<ASN1_OCTET_STRING> encryptedString(d2i_ASN1_OCTET_STRING(nullptr, &encryptedSign, encryptedSignLength), ASN1_OCTET_STRING_free);
|
||||||
|
if (encryptedString)
|
||||||
{
|
{
|
||||||
int algorithmNID = NID_undef;
|
int algorithmNID = NID_undef;
|
||||||
QByteArray digestBuffer;
|
QByteArray digestBuffer;
|
||||||
if (!getMessageDigest(outputBuffer, encryptedString, rsa, algorithmNID, digestBuffer))
|
if (!getMessageDigest(outputBuffer, encryptedString.get(), rsa.get(), algorithmNID, digestBuffer))
|
||||||
{
|
{
|
||||||
BIO_free(bio);
|
|
||||||
X509_free(certificate);
|
|
||||||
ASN1_OCTET_STRING_free(encryptedString);
|
|
||||||
result.addSignatureDataOtherError();
|
result.addSignatureDataOtherError();
|
||||||
return;
|
return;
|
||||||
}
|
}
|
||||||
|
|
@ -1495,8 +1496,7 @@ void PDFSignatureHandler_adbe_pkcs7_rsa_sha1::verifyRSASignature(PDFSignatureVer
|
||||||
OBJ_obj2txt(buffer.data(), int(buffer.size() - 1), OBJ_nid2obj(algorithmNID), 0);
|
OBJ_obj2txt(buffer.data(), int(buffer.size() - 1), OBJ_nid2obj(algorithmNID), 0);
|
||||||
result.addHashAlgorithm(QString::fromLatin1(buffer.data()));
|
result.addHashAlgorithm(QString::fromLatin1(buffer.data()));
|
||||||
|
|
||||||
const int verifyValue = RSA_verify(algorithmNID, digest, digestLength, encryptedString->data, encryptedString->length, rsa);
|
const int verifyValue = RSA_verify(algorithmNID, digest, digestLength, encryptedString->data, encryptedString->length, rsa.get());
|
||||||
ASN1_OCTET_STRING_free(encryptedString);
|
|
||||||
|
|
||||||
if (verifyValue == 0)
|
if (verifyValue == 0)
|
||||||
{
|
{
|
||||||
|
|
@ -1519,12 +1519,8 @@ void PDFSignatureHandler_adbe_pkcs7_rsa_sha1::verifyRSASignature(PDFSignatureVer
|
||||||
{
|
{
|
||||||
result.addSignatureDataOtherError();
|
result.addSignatureDataOtherError();
|
||||||
}
|
}
|
||||||
|
|
||||||
BIO_free(bio);
|
|
||||||
}
|
}
|
||||||
|
|
||||||
X509_free(certificate);
|
|
||||||
|
|
||||||
if (!result.hasSignatureError())
|
if (!result.hasSignatureError())
|
||||||
{
|
{
|
||||||
result.setFlag(PDFSignatureVerificationResult::Signature_OK, true);
|
result.setFlag(PDFSignatureVerificationResult::Signature_OK, true);
|
||||||
|
|
|
||||||
Loading…
Reference in New Issue