fenix/PDF4QT
1
0
Fork 0
mirror of https://github.com/JakubMelka/PDF4QT.git synced 2025-06-05 21:59:17 +02:00
Code Issues Packages Projects Releases Wiki Activity

Signature validation

Browse Source
This commit is contained in:
Jakub Melka
2020-06-20 14:10:46 +02:00
parent f6c5431770
commit 3e6f4ada3d
5 changed files with 255 additions and 24 deletions
Download Patch File Download Diff File Expand all files Collapse all files

54
PdfForQtLib/sources/pdfsignaturehandler.h
View File

@ -247,36 +247,39 @@ public:
enum VerificationFlag
{
None = 0x00000, ///< Used only for initialization
OK = 0x00001, ///< Both certificate and signature is OK
Certificate_OK = 0x00002, ///< Certificate is OK
Signature_OK = 0x00004, ///< Signature is OK
Error_NoHandler = 0x00008, ///< No signature handler for given signature
Error_Generic = 0x00010, ///< Generic error (uknown general error)
None = 0x00000000, ///< Used only for initialization
OK = 0x00000001, ///< Both certificate and signature is OK
Certificate_OK = 0x00000002, ///< Certificate is OK
Signature_OK = 0x00000004, ///< Signature is OK
Error_NoHandler = 0x00000008, ///< No signature handler for given signature
Error_Generic = 0x00000010, ///< Generic error (uknown general error)
Error_Certificate_Invalid = 0x00020, ///< Certificate is invalid
Error_Certificate_NoSignatures = 0x00040, ///< No signature found in certificate data
Error_Certificate_Missing = 0x00080, ///< Certificate is missing
Error_Certificate_Generic = 0x00100, ///< Generic error during certificate verification
Error_Certificate_Expired = 0x00200, ///< Certificate has expired
Error_Certificate_SelfSigned = 0x00400, ///< Self signed certificate
Error_Certificate_SelfSignedChain = 0x00800, ///< Self signed certificate in chain
Error_Certificate_TrustedNotFound = 0x01000, ///< No trusted certificate was found
Error_Certificate_Revoked = 0x02000, ///< Certificate has been revoked
Error_Certificate_Other = 0x04000, ///< Other certificate error. See OpenSSL code for details.
Error_Certificate_Invalid = 0x00000020, ///< Certificate is invalid
Error_Certificate_NoSignatures = 0x00000040, ///< No signature found in certificate data
Error_Certificate_Missing = 0x00000080, ///< Certificate is missing
Error_Certificate_Generic = 0x00000100, ///< Generic error during certificate verification
Error_Certificate_Expired = 0x00000200, ///< Certificate has expired
Error_Certificate_SelfSigned = 0x00000400, ///< Self signed certificate
Error_Certificate_SelfSignedChain = 0x00000800, ///< Self signed certificate in chain
Error_Certificate_TrustedNotFound = 0x00001000, ///< No trusted certificate was found
Error_Certificate_Revoked = 0x00002000, ///< Certificate has been revoked
Error_Certificate_Other = 0x00004000, ///< Other certificate error. See OpenSSL code for details.
Error_Signature_Invalid = 0x08000, ///< Signature is invalid for some reason
Error_Signature_SourceCertificateMissing = 0x10000, ///< Source certificate of signature is missing
Error_Signature_NoSignaturesFound = 0x20000, ///< No signatures found
Error_Signature_DigestFailure = 0x40000, ///< Digest failure
Error_Signature_DataOther = 0x80000, ///< Signed data were not verified
Error_Signature_Invalid = 0x00008000, ///< Signature is invalid for some reason
Error_Signature_SourceCertificateMissing = 0x00010000, ///< Source certificate of signature is missing
Error_Signature_NoSignaturesFound = 0x00020000, ///< No signatures found
Error_Signature_DigestFailure = 0x00040000, ///< Digest failure
Error_Signature_DataOther = 0x00080000, ///< Signed data were not verified
Error_Signature_DataCoveredBySignatureMissing = 0x00100000, ///< Data covered by signature are not present
Warning_Signature_NotCoveredBytes = 0x00200000, ///< Some bytes in source data are not covered by signature
Error_Certificates_Mask = Error_Certificate_Invalid | Error_Certificate_NoSignatures | Error_Certificate_Missing | Error_Certificate_Generic |
Error_Certificate_Expired | Error_Certificate_SelfSigned | Error_Certificate_SelfSignedChain | Error_Certificate_TrustedNotFound |
Error_Certificate_Revoked | Error_Certificate_Other,
Error_Signatures_Mask = Error_Signature_Invalid | Error_Signature_SourceCertificateMissing | Error_Signature_NoSignaturesFound |
Error_Signature_DigestFailure | Error_Signature_DataOther,
Error_Signature_DigestFailure | Error_Signature_DataOther | Error_Signature_DataCoveredBySignatureMissing,
};
Q_DECLARE_FLAGS(VerificationFlags, VerificationFlag)
@ -299,6 +302,8 @@ public:
void addSignatureCertificateMissingError();
void addSignatureDigestFailureError();
void addSignatureDataOtherError();
void addSignatureDataCoveredBySignatureMissingError();
void addSignatureNotCoveredBytesWarning(PDFInteger count);
bool isValid() const { return hasFlag(OK); }
bool isCertificateValid() const { return hasFlag(Certificate_OK); }
@ -312,17 +317,22 @@ public:
PDFObjectReference getSignatureFieldReference() const { return m_signatureFieldReference; }
const QString& getSignatureFieldQualifiedName() const { return m_signatureFieldQualifiedName; }
const QStringList& getErrors() const { return m_errors; }
const QStringList& getWarnings() const { return m_warnings; }
void setSignatureFieldQualifiedName(const QString& signatureFieldQualifiedName);
void setSignatureFieldReference(PDFObjectReference signatureFieldReference);
void addCertificateInfo(PDFCertificateInfo info) { m_certificateInfos.emplace_back(qMove(info)); }
/// Adds OK flag, if both certificate and signature are valid
void validate();
private:
VerificationFlags m_flags = None;
PDFObjectReference m_signatureFieldReference;
QString m_signatureFieldQualifiedName;
QStringList m_errors;
QStringList m_warnings;
PDFCertificateInfos m_certificateInfos;
};