fenix
/
PDF4QT
mirror of https://github.com/JakubMelka/PDF4QT.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Bugfixing of signature verification tool

This commit is contained in:
Jakub Melka 2020-09-30 13:27:57 +02:00
parent ad413ddb71
commit 6ba8eabc34
5 changed files with 72 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

22
PdfForQtLib/sources/pdfsignaturehandler.cpp
View File

@ -32,6 +32,7 @@
#include <QMutex> #include <QMutex>
#include <QMutexLocker> #include <QMutexLocker>
#include <QDataStream> #include <QDataStream>
#include <QFileInfo>
#include <array> #include <array>
@ -449,6 +450,16 @@ QString PDFSignatureVerificationResult::getStatusText(Status status)
return QString(); return QString();
} }
const PDFClosedIntervalSet& PDFSignatureVerificationResult::getBytesCoveredBySignature() const
{
return m_bytesCoveredBySignature;
}
void PDFSignatureVerificationResult::setBytesCoveredBySignature(const PDFClosedIntervalSet& bytesCoveredBySignature)
{
m_bytesCoveredBySignature = bytesCoveredBySignature;
}
PDFSignature::Type PDFSignatureVerificationResult::getType() const PDFSignature::Type PDFSignatureVerificationResult::getType() const
{ {
return m_type; return m_type;
@ -702,6 +713,8 @@ BIO* PDFPublicKeySignatureHandler::getSignedDataBuffer(pdf::PDFSignatureVerifica
result.addSignatureNotCoveredBytesWarning(notCoveredBytes); result.addSignatureNotCoveredBytesWarning(notCoveredBytes);
} }
result.setBytesCoveredBySignature(qMove(bytesCoveredBySignature));
return BIO_new_mem_buf(outputBuffer.data(), outputBuffer.length()); return BIO_new_mem_buf(outputBuffer.data(), outputBuffer.length());
} }
@ -1933,6 +1946,7 @@ QString PDFCertificateStore::getDefaultCertificateStoreFileName() const
void PDFCertificateStore::loadDefaultUserCertificates() void PDFCertificateStore::loadDefaultUserCertificates()
{ {
createDirectoryForDefaultUserCertificatesStore();
QString trustedCertificateStoreFileName = getDefaultCertificateStoreFileName(); QString trustedCertificateStoreFileName = getDefaultCertificateStoreFileName();
QString trustedCertificateStoreLockFileName = trustedCertificateStoreFileName + ".lock"; QString trustedCertificateStoreLockFileName = trustedCertificateStoreFileName + ".lock";
@ -1952,6 +1966,7 @@ void PDFCertificateStore::loadDefaultUserCertificates()
void PDFCertificateStore::saveDefaultUserCertificates() void PDFCertificateStore::saveDefaultUserCertificates()
{ {
createDirectoryForDefaultUserCertificatesStore();
QString trustedCertificateStoreFileName = getDefaultCertificateStoreFileName(); QString trustedCertificateStoreFileName = getDefaultCertificateStoreFileName();
QString trustedCertificateStoreLockFileName = trustedCertificateStoreFileName + ".lock"; QString trustedCertificateStoreLockFileName = trustedCertificateStoreFileName + ".lock";
@ -1973,6 +1988,13 @@ void PDFCertificateStore::saveDefaultUserCertificates()
} }
} }
void PDFCertificateStore::createDirectoryForDefaultUserCertificatesStore()
{
QFileInfo fileInfo(getDefaultCertificateStoreFileName());
QString path = fileInfo.path();
QDir().mkpath(path);
}
} // namespace pdf } // namespace pdf
#ifdef Q_OS_WIN #ifdef Q_OS_WIN

8
PdfForQtLib/sources/pdfsignaturehandler.h
View File

@ -20,6 +20,7 @@
#include "pdfglobal.h" #include "pdfglobal.h"
#include "pdfobject.h" #include "pdfobject.h"
#include "pdfutils.h"
#include <QString> #include <QString>
#include <QDateTime> #include <QDateTime>
@ -406,6 +407,9 @@ public:
static QString getStatusText(Status status); static QString getStatusText(Status status);
const PDFClosedIntervalSet& getBytesCoveredBySignature() const;
void setBytesCoveredBySignature(const PDFClosedIntervalSet& bytesCoveredBySignature);
private: private:
PDFSignature::Type m_type = PDFSignature::Type::Invalid; PDFSignature::Type m_type = PDFSignature::Type::Invalid;
VerificationFlags m_flags = None; VerificationFlags m_flags = None;
@ -418,6 +422,7 @@ private:
QStringList m_hashAlgorithms; QStringList m_hashAlgorithms;
QByteArray m_signatureHandler; QByteArray m_signatureHandler;
PDFCertificateInfos m_certificateInfos; PDFCertificateInfos m_certificateInfos;
PDFClosedIntervalSet m_bytesCoveredBySignature;
}; };
/// Signature handler. Can verify both certificate and signature validity. /// Signature handler. Can verify both certificate and signature validity.
@ -524,6 +529,9 @@ public:
/// Save to default user certificate storage /// Save to default user certificate storage
void saveDefaultUserCertificates(); void saveDefaultUserCertificates();
/// Creates default directory for certificate store
void createDirectoryForDefaultUserCertificatesStore();
private: private:
static constexpr int persist_version = 1; static constexpr int persist_version = 1;

12
PdfForQtLib/sources/pdfutils.cpp
View File

@ -296,6 +296,18 @@ PDFInteger PDFClosedIntervalSet::getTotalLength() const
return std::accumulate(m_intervals.cbegin(), m_intervals.cend(), 0, [](PDFInteger count, const auto& b) { return count + b.second - b.first + 1; }); return std::accumulate(m_intervals.cbegin(), m_intervals.cend(), 0, [](PDFInteger count, const auto& b) { return count + b.second - b.first + 1; });
} }
QString PDFClosedIntervalSet::toText() const
{
QStringList intervals;
for (const ClosedInterval& interval : m_intervals)
{
intervals << QString("[%1 - %2]").arg(interval.first).arg(interval.second);
}
return intervals.join(", ");
}
void PDFClosedIntervalSet::normalize() void PDFClosedIntervalSet::normalize()
{ {
// Algorithm: // Algorithm:

5
PdfForQtLib/sources/pdfutils.h
View File

@ -583,7 +583,7 @@ private:
}; };
/// Set of closed intervals /// Set of closed intervals
class PDFClosedIntervalSet class PDFFORQTLIBSHARED_EXPORT PDFClosedIntervalSet
{ {
public: public:
explicit inline PDFClosedIntervalSet() = default; explicit inline PDFClosedIntervalSet() = default;
@ -611,6 +611,9 @@ public:
/// Returns sum of interval lengths /// Returns sum of interval lengths
PDFInteger getTotalLength() const; PDFInteger getTotalLength() const;
/// Transforms interval set to readable text
QString toText() const;
private: private:
/// Normalizes interval ranges - merges adjacent intervals /// Normalizes interval ranges - merges adjacent intervals
void normalize(); void normalize();

26
PdfTool/pdftoolverifysignatures.cpp
View File

@ -200,6 +200,32 @@ int PDFToolVerifySignaturesApplication::execute(const PDFToolOptions& options)
formatter.writeText("handler", PDFToolTranslationContext::tr("Handler: %1").arg(QString::fromLatin1(signature.getSignatureHandler()))); formatter.writeText("handler", PDFToolTranslationContext::tr("Handler: %1").arg(QString::fromLatin1(signature.getSignatureHandler())));
formatter.writeText("whole-signed", PDFToolTranslationContext::tr("Is whole document signed: %1").arg(signature.hasFlag(pdf::PDFSignatureVerificationResult::Warning_Signature_NotCoveredBytes) ? PDFToolTranslationContext::tr("No") : PDFToolTranslationContext::tr("Yes"))); formatter.writeText("whole-signed", PDFToolTranslationContext::tr("Is whole document signed: %1").arg(signature.hasFlag(pdf::PDFSignatureVerificationResult::Warning_Signature_NotCoveredBytes) ? PDFToolTranslationContext::tr("No") : PDFToolTranslationContext::tr("Yes")));
// Signature range
const pdf::PDFClosedIntervalSet& bytesCoveredBySignature = signature.getBytesCoveredBySignature();
formatter.writeText("byte-range", PDFToolTranslationContext::tr("Byte range covered by signature: %1").arg(bytesCoveredBySignature.toText()));
if (signature.hasError())
{
formatter.endl();
formatter.beginHeader("errors", PDFToolTranslationContext::tr("Errors:"));
for (const QString& error : signature.getErrors())
{
formatter.writeText("error", error);
}
formatter.endHeader();
}
if (signature.hasWarning())
{
formatter.endl();
formatter.beginHeader("warnings", PDFToolTranslationContext::tr("Warnings:"));
for (const QString& warning : signature.getWarnings())
{
formatter.writeText("warning", warning);
}
formatter.endHeader();
}
formatter.endl(); formatter.endl();
if (!options.verificationOmitCertificateCheck) if (!options.verificationOmitCertificateCheck)