mirror of
https://github.com/JakubMelka/PDF4QT.git
synced 2025-01-04 20:39:52 +01:00
Issue #161: Add AATL certificates
This commit is contained in:
parent
80d6ab2e99
commit
7463e4501a
@ -1,33 +0,0 @@
|
||||
# Copyright (C) 2022-2024 Jakub Melka
|
||||
#
|
||||
# This file is part of PDF4QT.
|
||||
#
|
||||
# PDF4QT is free software: you can redistribute it and/or modify
|
||||
# it under the terms of the GNU Lesser General Public License as published by
|
||||
# the Free Software Foundation, either version 3 of the License, or
|
||||
# with the written consent of the copyright owner, any later version.
|
||||
#
|
||||
# PDF4QT is distributed in the hope that it will be useful,
|
||||
# but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||
# GNU Lesser General Public License for more details.
|
||||
#
|
||||
# You should have received a copy of the GNU Lesser General Public License
|
||||
# along with PDF4QT. If not, see <https://www.gnu.org/licenses/>.
|
||||
|
||||
add_executable(Pdf4QtEditor
|
||||
main.cpp
|
||||
icon.rc
|
||||
app.qrc
|
||||
)
|
||||
|
||||
target_link_libraries(Pdf4QtEditor PRIVATE Pdf4QtLibCore Pdf4QtLibWidgets Pdf4QtViewer Qt6::Core Qt6::Gui Qt6::Widgets)
|
||||
|
||||
set_target_properties(Pdf4QtEditor PROPERTIES
|
||||
WIN32_EXECUTABLE ON
|
||||
MACOSX_BUNDLE ON
|
||||
LIBRARY_OUTPUT_DIRECTORY ${CMAKE_BINARY_DIR}/${PDF4QT_INSTALL_LIB_DIR}
|
||||
RUNTIME_OUTPUT_DIRECTORY ${CMAKE_BINARY_DIR}/${PDF4QT_INSTALL_BIN_DIR}
|
||||
)
|
||||
|
||||
install(TARGETS Pdf4QtEditor RUNTIME DESTINATION ${PDF4QT_INSTALL_BIN_DIR} LIBRARY DESTINATION ${PDF4QT_INSTALL_LIB_DIR})
|
@ -144,6 +144,7 @@ add_library(Pdf4QtLibCore SHARED
|
||||
sources/pdfwidgetsnapshot.cpp
|
||||
sources/pdfwidgetsnapshot.h
|
||||
cmaps.qrc
|
||||
aatl.qrc
|
||||
sources/pdfcertificatestore.h
|
||||
sources/pdfcertificatestore.cpp
|
||||
sources/pdfblpainter.h
|
||||
|
5
Pdf4QtLibCore/aatl.qrc
Normal file
5
Pdf4QtLibCore/aatl.qrc
Normal file
@ -0,0 +1,5 @@
|
||||
<RCC>
|
||||
<qresource prefix="/">
|
||||
<file>aatl/SecuritySettings.xml</file>
|
||||
</qresource>
|
||||
</RCC>
|
7983
Pdf4QtLibCore/aatl/SecuritySettings.xml
Normal file
7983
Pdf4QtLibCore/aatl/SecuritySettings.xml
Normal file
File diff suppressed because it is too large
Load Diff
1
Pdf4QtLibCore/aatl/source.txt
Normal file
1
Pdf4QtLibCore/aatl/source.txt
Normal file
@ -0,0 +1 @@
|
||||
http://trustlist.adobe.com/tl12.acrobatsecuritysettings
|
@ -34,12 +34,14 @@
|
||||
#include <openssl/rsaerr.h>
|
||||
#include <openssl/ts.h>
|
||||
#include <openssl/tserr.h>
|
||||
#include <openssl/pem.h>
|
||||
|
||||
#include <QDir>
|
||||
#include <QFileInfo>
|
||||
#include <QLockFile>
|
||||
#include <QDataStream>
|
||||
#include <QStandardPaths>
|
||||
#include <QDomDocument>
|
||||
|
||||
#include "pdfdbgheap.h"
|
||||
|
||||
@ -468,6 +470,70 @@ void PDFCertificateStore::createDirectoryForDefaultUserCertificatesStore()
|
||||
QDir().mkpath(path);
|
||||
}
|
||||
|
||||
PDFCertificateEntries PDFCertificateStore::getAATLCertificates()
|
||||
{
|
||||
PDFCertificateEntries result;
|
||||
|
||||
QFile aatlFile(":/aatl/SecuritySettings.xml");
|
||||
if (aatlFile.open(QFile::ReadOnly))
|
||||
{
|
||||
QString errorMessage;
|
||||
QDomDocument aatlDocument;
|
||||
if (aatlDocument.setContent(&aatlFile, &errorMessage))
|
||||
{
|
||||
// Najdeme kořenový element
|
||||
QDomElement root = aatlDocument.documentElement();
|
||||
|
||||
// Seek path "SecuritySettings/TrustedIdentities/Identity/Certificate"
|
||||
QDomNodeList identities = root.firstChildElement("TrustedIdentities").elementsByTagName("Identity");
|
||||
|
||||
for (int i = 0; i < identities.count(); ++i)
|
||||
{
|
||||
QDomNode identityNode = identities.at(i);
|
||||
QDomElement certificateElement = identityNode.firstChildElement("Certificate");
|
||||
|
||||
if (!certificateElement.isNull())
|
||||
{
|
||||
QString text = certificateElement.text();
|
||||
QString pemFormattedText = QString("-----BEGIN CERTIFICATE-----\n%1\n-----END CERTIFICATE-----").arg(text);
|
||||
QByteArray certificateData = pemFormattedText.toLatin1();
|
||||
|
||||
// Read PEM certificate to the OpenSSL X509
|
||||
BIO* bio = BIO_new_mem_buf(certificateData.constData(), certificateData.size());
|
||||
X509* cert = PEM_read_bio_X509(bio, nullptr, nullptr, nullptr);
|
||||
BIO_free(bio);
|
||||
|
||||
if (!cert)
|
||||
{
|
||||
continue;
|
||||
}
|
||||
|
||||
// Převést certifikát na DER
|
||||
int len = i2d_X509(cert, nullptr);
|
||||
QByteArray derData(len, 0);
|
||||
unsigned char *derPtr = reinterpret_cast<unsigned char*>(derData.data());
|
||||
i2d_X509(cert, &derPtr);
|
||||
|
||||
X509_free(cert);
|
||||
|
||||
std::optional<PDFCertificateInfo> info = PDFCertificateInfo::getCertificateInfo(derData);
|
||||
if (info)
|
||||
{
|
||||
PDFCertificateEntry entry;
|
||||
entry.type = PDFCertificateEntry::EntryType::AATL;
|
||||
entry.info = qMove(*info);
|
||||
result.emplace_back(qMove(entry));
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
aatlFile.close();
|
||||
}
|
||||
|
||||
return result;
|
||||
}
|
||||
|
||||
} // namespace pdf
|
||||
|
||||
#ifdef Q_OS_WIN
|
||||
|
@ -170,6 +170,7 @@ struct PDFCertificateEntry
|
||||
{
|
||||
User, ///< Certificate has been added manually by the user
|
||||
System, ///< System certificate
|
||||
AATL, ///< Trusted list
|
||||
};
|
||||
|
||||
void serialize(QDataStream& stream) const;
|
||||
@ -238,6 +239,9 @@ public:
|
||||
/// Creates default directory for certificate store
|
||||
void createDirectoryForDefaultUserCertificatesStore();
|
||||
|
||||
/// Returns a list of aatl certificates
|
||||
static PDFCertificateEntries getAATLCertificates();
|
||||
|
||||
/// Returns a list of system certificates
|
||||
static PDFCertificateEntries getSystemCertificates();
|
||||
|
||||
|
@ -1720,6 +1720,22 @@ void pdf::PDFPublicKeySignatureHandler::addTrustedCertificates(X509_STORE* store
|
||||
}
|
||||
}
|
||||
#endif
|
||||
|
||||
if (m_parameters.useSystemCertificateStore)
|
||||
{
|
||||
PDFCertificateEntries aatlCertificates = PDFCertificateStore::getAATLCertificates();
|
||||
for (const PDFCertificateEntry& entry : aatlCertificates)
|
||||
{
|
||||
QByteArray certificateData = entry.info.getCertificateData();
|
||||
const unsigned char* pointer = convertByteArrayToUcharPtr(certificateData);
|
||||
X509* certificate = d2i_X509(nullptr, &pointer, certificateData.size());
|
||||
if (certificate)
|
||||
{
|
||||
X509_STORE_add_cert(store, certificate);
|
||||
X509_free(certificate);
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
#if defined(PDF4QT_COMPILER_MINGW) || defined(PDF4QT_COMPILER_GCC)
|
||||
|
@ -63,10 +63,13 @@ int PDFToolCertStore::execute(const PDFToolOptions& options)
|
||||
{
|
||||
pdf::PDFCertificateEntries systemCertificates = pdf::PDFCertificateStore::getSystemCertificates();
|
||||
certificates.insert(certificates.end(), std::make_move_iterator(systemCertificates.begin()), std::make_move_iterator(systemCertificates.end()));
|
||||
|
||||
pdf::PDFCertificateEntries aatlCertificates = pdf::PDFCertificateStore::getAATLCertificates();
|
||||
certificates.insert(certificates.end(), std::make_move_iterator(aatlCertificates.begin()), std::make_move_iterator(aatlCertificates.end()));
|
||||
}
|
||||
|
||||
PDFOutputFormatter formatter(options.outputStyle);
|
||||
formatter.beginDocument("cert-store", PDFToolTranslationContext::tr("Certificates used in signature verification"));
|
||||
formatter.beginDocument("cert-store", PDFToolTranslationContext::tr("Certificates used in the signature verification"));
|
||||
formatter.endl();
|
||||
|
||||
formatter.beginTable("certificate-list", PDFToolTranslationContext::tr("Certificates"));
|
||||
|
Loading…
Reference in New Issue
Block a user