fenix/PDF4QT
1
0
Fork 0
mirror of https://github.com/JakubMelka/PDF4QT.git synced 2025-06-05 21:59:17 +02:00
Code Issues Packages Projects Releases Wiki Activity

Public key encryption: code refactoring

Browse Source
This commit is contained in:
Jakub Melka
2022-06-12 15:45:32 +02:00
parent 1c03bd85cd
commit c20959c190
16 changed files with 790 additions and 648 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
Pdf4QtLib/Pdf4QtLib.pro
View File

@@ -47,8 +47,11 @@ SOURCES += \
sources/pdfannotation.cpp \
sources/pdfblendfunction.cpp \
sources/pdfccittfaxdecoder.cpp \
sources/pdfcertificatemanager.cpp \
sources/pdfcertificatemanagerdialog.cpp \
sources/pdfcms.cpp \
sources/pdfcompiler.cpp \
sources/pdfcreatecertificatedialog.cpp \
sources/pdfdiff.cpp \
sources/pdfdocumentbuilder.cpp \
sources/pdfdocumentmanipulator.cpp \
@@ -121,8 +124,11 @@ HEADERS += \
sources/pdfannotation.h \
sources/pdfblendfunction.h \
sources/pdfccittfaxdecoder.h \
sources/pdfcertificatemanager.h \
sources/pdfcertificatemanagerdialog.h \
sources/pdfcms.h \
sources/pdfcompiler.h \
sources/pdfcreatecertificatedialog.h \
sources/pdfdbgheap.h \
sources/pdfdiff.h \
sources/pdfdocumentbuilder.h \
@@ -202,6 +208,8 @@ HEADERS += \
sources/pdfimage.h
FORMS += \
sources/pdfcertificatemanagerdialog.ui \
sources/pdfcreatecertificatedialog.ui \
sources/pdfpagecontenteditorstylesettings.ui \
sources/pdfpagecontenteditorwidget.ui \
sources/pdfrenderingerrorswidget.ui \

250
Pdf4QtLib/sources/pdfcertificatemanager.cpp Normal file
View File

@@ -0,0 +1,250 @@
// Copyright (C) 2022 Jakub Melka
//
// This file is part of PDF4QT.
//
// PDF4QT is free software: you can redistribute it and/or modify
// it under the terms of the GNU Lesser General Public License as published by
// the Free Software Foundation, either version 3 of the License, or
// with the written consent of the copyright owner, any later version.
//
// PDF4QT is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU Lesser General Public License for more details.
//
// You should have received a copy of the GNU Lesser General Public License
// along with PDF4QT. If not, see <https://www.gnu.org/licenses/>.
#include "pdfcertificatemanager.h"
#include <QDir>
#include <QFile>
#include <QStandardPaths>
#include <openssl/bio.h>
#include <openssl/rsa.h>
#include <openssl/rsaerr.h>
#include <openssl/x509.h>
#include <openssl/evp.h>
#include <openssl/pem.h>
#include <openssl/x509v3.h>
#include <openssl/pkcs12.h>
#include <memory>
namespace pdf
{
PDFCertificateManager::PDFCertificateManager()
{
}
template<typename T>
using openssl_ptr = std::unique_ptr<T, void(*)(T*)>;
void PDFCertificateManager::createCertificate(const NewCertificateInfo& info)
{
openssl_ptr<BIO> pksBuffer(BIO_new(BIO_s_mem()), &BIO_free_all);
if (pksBuffer)
{
openssl_ptr<BIGNUM> bignumber(BN_new(), &BN_free);
openssl_ptr<RSA> rsaKey(RSA_new(), &RSA_free);
BN_set_word(bignumber.get(), RSA_F4);
const int rsaResult = RSA_generate_key_ex(rsaKey.get(), info.rsaKeyLength, bignumber.get(), nullptr);
if (rsaResult)
{
openssl_ptr<X509> certificate(X509_new(), &X509_free);
openssl_ptr<EVP_PKEY> privateKey(EVP_PKEY_new(), &EVP_PKEY_free);
EVP_PKEY_set1_RSA(privateKey.get(), rsaKey.get());
ASN1_INTEGER* serialNumber = X509_get_serialNumber(certificate.get());
ASN1_INTEGER_set(serialNumber, info.serialNumber);
// Set validity of the certificate
X509_gmtime_adj(X509_getm_notBefore(certificate.get()), 0);
X509_gmtime_adj(X509_getm_notAfter(certificate.get()), info.validityInSeconds);
// Set name
X509_NAME* name = X509_get_subject_name(certificate.get());
auto addString = [name](const char* identifier, QString string)
{
if (string.isEmpty())
{
return;
}
QByteArray stringUtf8 = string.toUtf8();
X509_NAME_add_entry_by_txt(name, identifier, MBSTRING_UTF8, reinterpret_cast<const unsigned char*>(stringUtf8.constData()), stringUtf8.length(), -1, 0);
};
addString("C", info.certCountryCode);
addString("O", info.certOrganization);
addString("OU", info.certOrganizationUnit);
addString("CN", info.certCommonName);
addString("E", info.certEmail);
X509_EXTENSION* extension = nullptr;
X509V3_CTX context = { };
X509V3_set_ctx_nodb(&context);
X509V3_set_ctx(&context, certificate.get(), certificate.get(), nullptr, nullptr, 0);
extension = X509V3_EXT_conf_nid (NULL, &context, NID_key_usage, "digitalSignature, keyAgreement");
X509_add_ext(certificate.get(), extension, -1);
X509_EXTENSION_free(extension);
X509_set_issuer_name(certificate.get(), name);
// Set public key
X509_set_pubkey(certificate.get(), privateKey.get());
X509_sign(certificate.get(), privateKey.get(), EVP_sha512());
// Private key password
QByteArray privateKeyPaswordUtf8 = info.privateKeyPasword.toUtf8();
// Write the data
openssl_ptr<PKCS12> pkcs12(PKCS12_create(privateKeyPaswordUtf8.constData(),
nullptr,
privateKey.get(),
certificate.get(),
nullptr,
0,
0,
PKCS12_DEFAULT_ITER,
PKCS12_DEFAULT_ITER,
0), &PKCS12_free);
i2d_PKCS12_bio(pksBuffer.get(), pkcs12.get());
BUF_MEM* pksMemoryBuffer = nullptr;
BIO_get_mem_ptr(pksBuffer.get(), &pksMemoryBuffer);
if (!info.fileName.isEmpty())
{
QFile file(info.fileName);
if (file.open(QFile::WriteOnly | QFile::Truncate))
{
file.write(pksMemoryBuffer->data, pksMemoryBuffer->length);
file.close();
}
}
}
}
}
QFileInfoList PDFCertificateManager::getCertificates()
{
QDir directory(getCertificateDirectory());
return directory.entryInfoList(QStringList() << "*.pfx", QDir::Files | QDir::NoDotAndDotDot | QDir::Readable, QDir::Name);
}
QString PDFCertificateManager::getCertificateDirectory()
{
QDir directory(QStandardPaths::standardLocations(QStandardPaths::AppDataLocation).front() + "/certificates/");
return directory.absolutePath();
}
QString PDFCertificateManager::generateCertificateFileName()
{
QString directoryString = getCertificateDirectory();
QDir directory(directoryString);
int certificateIndex = 1;
while (true)
{
QString fileName = directory.absoluteFilePath(QString("cert_%1.pfx").arg(certificateIndex++));
if (!QFile::exists(fileName))
{
return fileName;
}
}
return QString();
}
bool PDFCertificateManager::isCertificateValid(QString fileName, QString password)
{
QFile file(fileName);
if (file.open(QFile::ReadOnly))
{
QByteArray data = file.readAll();
file.close();
openssl_ptr<BIO> pksBuffer(BIO_new(BIO_s_mem()), &BIO_free_all);
BIO_write(pksBuffer.get(), data.constData(), data.length());
openssl_ptr<PKCS12> pkcs12(d2i_PKCS12_bio(pksBuffer.get(), nullptr), &PKCS12_free);
if (pkcs12)
{
const char* passwordPointer = nullptr;
QByteArray passwordByteArray = password.isEmpty() ? QByteArray() : password.toUtf8();
if (!passwordByteArray.isEmpty())
{
passwordPointer = passwordByteArray.constData();
}
return PKCS12_parse(pkcs12.get(), passwordPointer, nullptr, nullptr, nullptr) == 1;
}
}
return false;
}
bool PDFSignatureFactory::sign(QString certificateName, QString password, QByteArray data, QByteArray& result)
{
QFile file(certificateName);
if (file.open(QFile::ReadOnly))
{
QByteArray certificateData = file.readAll();
file.close();
openssl_ptr<BIO> certificateBuffer(BIO_new(BIO_s_mem()), &BIO_free_all);
BIO_write(certificateBuffer.get(), certificateData.constData(), certificateData.length());
openssl_ptr<PKCS12> pkcs12(d2i_PKCS12_bio(certificateBuffer.get(), nullptr), &PKCS12_free);
if (pkcs12)
{
const char* passwordPointer = nullptr;
QByteArray passwordByteArray = password.isEmpty() ? QByteArray() : password.toUtf8();
if (!passwordByteArray.isEmpty())
{
passwordPointer = passwordByteArray.constData();
}
EVP_PKEY* key = nullptr;
X509* certificate = nullptr;
STACK_OF(X509)* certificates = nullptr;
if (PKCS12_parse(pkcs12.get(), passwordPointer, &key, &certificate, &certificates) == 1)
{
openssl_ptr<BIO> signedDataBuffer(BIO_new(BIO_s_mem()), &BIO_free_all);
BIO_write(signedDataBuffer.get(), data.constData(), data.length());
PKCS7* signature = PKCS7_sign(certificate, key, certificates, signedDataBuffer.get(), PKCS7_DETACHED | PKCS7_BINARY);
if (signature)
{
openssl_ptr<BIO> outputBuffer(BIO_new(BIO_s_mem()), &BIO_free_all);
i2d_PKCS7_bio(outputBuffer.get(), signature);
BUF_MEM* pksMemoryBuffer = nullptr;
BIO_get_mem_ptr(outputBuffer.get(), &pksMemoryBuffer);
result = QByteArray(pksMemoryBuffer->data, int(pksMemoryBuffer->length));
EVP_PKEY_free(key);
X509_free(certificate);
sk_X509_free(certificates);
return true;
}
EVP_PKEY_free(key);
X509_free(certificate);
sk_X509_free(certificates);
return false;
}
}
}
return false;
}
} // namespace pdf

66
Pdf4QtLib/sources/pdfcertificatemanager.h Normal file
View File

@@ -0,0 +1,66 @@
// Copyright (C) 2022 Jakub Melka
//
// This file is part of PDF4QT.
//
// PDF4QT is free software: you can redistribute it and/or modify
// it under the terms of the GNU Lesser General Public License as published by
// the Free Software Foundation, either version 3 of the License, or
// with the written consent of the copyright owner, any later version.
//
// PDF4QT is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU Lesser General Public License for more details.
//
// You should have received a copy of the GNU Lesser General Public License
// along with PDF4QT. If not, see <https://www.gnu.org/licenses/>.
#ifndef PDFCERTIFICATEMANAGER_H
#define PDFCERTIFICATEMANAGER_H
#include "pdfglobal.h"
#include <QString>
#include <QFileInfoList>
namespace pdf
{
class PDF4QTLIBSHARED_EXPORT PDFCertificateManager
{
public:
PDFCertificateManager();
struct NewCertificateInfo
{
QString fileName;
QString privateKeyPasword;
QString certCountryCode;
QString certOrganization;
QString certOrganizationUnit;
QString certCommonName;
QString certEmail;
int rsaKeyLength = 1024;
int validityInSeconds = 2 * 365 * 24 * 3600;
long serialNumber = 1;
};
void createCertificate(const NewCertificateInfo& info);
static QFileInfoList getCertificates();
static QString getCertificateDirectory();
static QString generateCertificateFileName();
static bool isCertificateValid(QString fileName, QString password);
};
class PDF4QTLIBSHARED_EXPORT PDFSignatureFactory
{
public:
static bool sign(QString certificateName, QString password, QByteArray data, QByteArray& result);
};
} // namespace pdf
#endif // PDFCERTIFICATEMANAGER_H

133
Pdf4QtLib/sources/pdfcertificatemanagerdialog.cpp Normal file
View File

@@ -0,0 +1,133 @@
// Copyright (C) 2022 Jakub Melka
//
// This file is part of PDF4QT.
//
// PDF4QT is free software: you can redistribute it and/or modify
// it under the terms of the GNU Lesser General Public License as published by
// the Free Software Foundation, either version 3 of the License, or
// with the written consent of the copyright owner, any later version.
//
// PDF4QT is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU Lesser General Public License for more details.
//
// You should have received a copy of the GNU Lesser General Public License
// along with PDF4QT. If not, see <https://www.gnu.org/licenses/>.
#include "pdfcertificatemanagerdialog.h"
#include "ui_pdfcertificatemanagerdialog.h"
#include "pdfcreatecertificatedialog.h"
#include "pdfwidgetutils.h"
#include <QAction>
#include <QPushButton>
#include <QFileSystemModel>
#include <QDesktopServices>
#include <QMessageBox>
#include <QFileDialog>
namespace pdf
{
PDFCertificateManagerDialog::PDFCertificateManagerDialog(QWidget *parent) :
QDialog(parent),
ui(new Ui::PDFCertificateManagerDialog),
m_newCertificateButton(nullptr),
m_openCertificateDirectoryButton(nullptr),
m_deleteCertificateButton(nullptr),
m_importCertificateButton(nullptr),
m_certificateFileModel(nullptr)
{
ui->setupUi(this);
QDir::root().mkpath(PDFCertificateManager::getCertificateDirectory());
m_certificateFileModel = new QFileSystemModel(this);
QModelIndex rootIndex = m_certificateFileModel->setRootPath(PDFCertificateManager::getCertificateDirectory());
ui->fileView->setModel(m_certificateFileModel);
ui->fileView->setRootIndex(rootIndex);
m_newCertificateButton = ui->buttonBox->addButton(tr("Create"), QDialogButtonBox::ActionRole);
m_openCertificateDirectoryButton = ui->buttonBox->addButton(tr("Open Directory"), QDialogButtonBox::ActionRole);
m_deleteCertificateButton = ui->buttonBox->addButton(tr("Delete"), QDialogButtonBox::ActionRole);
m_importCertificateButton = ui->buttonBox->addButton(tr("Import"), QDialogButtonBox::ActionRole);
connect(m_newCertificateButton, &QPushButton::clicked, this, &PDFCertificateManagerDialog::onNewCertificateClicked);
connect(m_openCertificateDirectoryButton, &QPushButton::clicked, this, &PDFCertificateManagerDialog::onOpenCertificateDirectoryClicked);
connect(m_deleteCertificateButton, &QPushButton::clicked, this, &PDFCertificateManagerDialog::onDeleteCertificateClicked);
connect(m_importCertificateButton, &QPushButton::clicked, this, &PDFCertificateManagerDialog::onImportCertificateClicked);
setMinimumSize(pdf::PDFWidgetUtils::scaleDPI(this, QSize(640, 480)));
}
PDFCertificateManagerDialog::~PDFCertificateManagerDialog()
{
delete ui;
}
void PDFCertificateManagerDialog::onNewCertificateClicked()
{
PDFCreateCertificateDialog dialog(this);
if (dialog.exec() == PDFCreateCertificateDialog::Accepted)
{
const PDFCertificateManager::NewCertificateInfo info = dialog.getNewCertificateInfo();
m_certificateManager.createCertificate(info);
}
}
void PDFCertificateManagerDialog::onOpenCertificateDirectoryClicked()
{
QDesktopServices::openUrl(QString("file:///%1").arg(PDFCertificateManager::getCertificateDirectory(), QUrl::TolerantMode));
}
void PDFCertificateManagerDialog::onDeleteCertificateClicked()
{
QFileInfo fileInfo = m_certificateFileModel->fileInfo(ui->fileView->currentIndex());
if (fileInfo.exists())
{
if (QMessageBox::question(this, tr("Confirm delete"), tr("Do you want to delete certificate '%1'?").arg(fileInfo.fileName()), QMessageBox::No, QMessageBox::Yes) == QMessageBox::Yes)
{
QFile file(fileInfo.filePath());
if (!file.remove())
{
QMessageBox::critical(this, tr("Error"), tr("Cannot delete certificate '%1'").arg(fileInfo.fileName()));
}
}
}
}
void PDFCertificateManagerDialog::onImportCertificateClicked()
{
QString selectedFile = QFileDialog::getOpenFileName(this, tr("Import Certificate"), QStandardPaths::writableLocation(QStandardPaths::DocumentsLocation), tr("Certificate file (*.pfx);;All files (*.*)"));
if (selectedFile.isEmpty())
{
return;
}
QFile file(selectedFile);
if (file.exists())
{
QString path = PDFCertificateManager::getCertificateDirectory();
QString targetFile = QString("%1/%2").arg(path, QFileInfo(file).fileName());
if (QFile::exists(targetFile))
{
QMessageBox::critical(this, tr("Error"), tr("Target file exists. Please rename the certificate file to import."));
}
else
{
if (file.copy(targetFile))
{
QMessageBox::information(this, tr("Import Certificate"), tr("Certificate '%1' was successfully imported.").arg(file.fileName()));
}
else
{
QMessageBox::critical(this, tr("Import Certificate"), tr("Error occured during certificate '%1' import.").arg(file.fileName()));
}
}
}
}
} // namespace pdf

61
Pdf4QtLib/sources/pdfcertificatemanagerdialog.h Normal file
View File

@@ -0,0 +1,61 @@
// Copyright (C) 2022 Jakub Melka
//
// This file is part of PDF4QT.
//
// PDF4QT is free software: you can redistribute it and/or modify
// it under the terms of the GNU Lesser General Public License as published by
// the Free Software Foundation, either version 3 of the License, or
// with the written consent of the copyright owner, any later version.
//
// PDF4QT is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU Lesser General Public License for more details.
//
// You should have received a copy of the GNU Lesser General Public License
// along with PDF4QT. If not, see <https://www.gnu.org/licenses/>.
#ifndef PDFCERTIFICATEMANAGERDIALOG_H
#define PDFCERTIFICATEMANAGERDIALOG_H
#include "pdfcertificatemanager.h"
#include <QDialog>
class QAction;
class QFileSystemModel;
namespace Ui
{
class PDFCertificateManagerDialog;
}
namespace pdf
{
class PDF4QTLIBSHARED_EXPORT PDFCertificateManagerDialog : public QDialog
{
Q_OBJECT
public:
explicit PDFCertificateManagerDialog(QWidget* parent);
virtual ~PDFCertificateManagerDialog() override;
private:
void onNewCertificateClicked();
void onOpenCertificateDirectoryClicked();
void onDeleteCertificateClicked();
void onImportCertificateClicked();
Ui::PDFCertificateManagerDialog* ui;
PDFCertificateManager m_certificateManager;
QPushButton* m_newCertificateButton;
QPushButton* m_openCertificateDirectoryButton;
QPushButton* m_deleteCertificateButton;
QPushButton* m_importCertificateButton;
QFileSystemModel* m_certificateFileModel;
};
} // namespace pdf
#endif // PDFCERTIFICATEMANAGERDIALOG_H

76
Pdf4QtLib/sources/pdfcertificatemanagerdialog.ui Normal file
View File

@@ -0,0 +1,76 @@
<?xml version="1.0" encoding="UTF-8"?>
<ui version="4.0">
<class>PDFCertificateManagerDialog</class>
<widget class="QDialog" name="PDFCertificateManagerDialog">
<property name="geometry">
<rect>
<x>0</x>
<y>0</y>
<width>789</width>
<height>511</height>
</rect>
</property>
<property name="windowTitle">
<string>Certificate Manager</string>
</property>
<layout class="QVBoxLayout" name="verticalLayout">
<item>
<widget class="QGroupBox" name="certificateGroupBox">
<property name="title">
<string>Certificates</string>
</property>
<layout class="QVBoxLayout" name="verticalLayout_2">
<item>
<widget class="QTreeView" name="fileView"/>
</item>
</layout>
</widget>
</item>
<item>
<widget class="QDialogButtonBox" name="buttonBox">
<property name="orientation">
<enum>Qt::Horizontal</enum>
</property>
<property name="standardButtons">
<set>QDialogButtonBox::Close</set>
</property>
</widget>
</item>
</layout>
</widget>
<resources/>
<connections>
<connection>
<sender>buttonBox</sender>
<signal>accepted()</signal>
<receiver>PDFCertificateManagerDialog</receiver>
<slot>accept()</slot>
<hints>
<hint type="sourcelabel">
<x>248</x>
<y>254</y>
</hint>
<hint type="destinationlabel">
<x>157</x>
<y>274</y>
</hint>
</hints>
</connection>
<connection>
<sender>buttonBox</sender>
<signal>rejected()</signal>
<receiver>PDFCertificateManagerDialog</receiver>
<slot>reject()</slot>
<hints>
<hint type="sourcelabel">
<x>316</x>
<y>260</y>
</hint>
<hint type="destinationlabel">
<x>286</x>
<y>274</y>
</hint>
</hints>
</connection>
</connections>
</ui>

162
Pdf4QtLib/sources/pdfcreatecertificatedialog.cpp Normal file
View File

@@ -0,0 +1,162 @@
// Copyright (C) 2022 Jakub Melka
//
// This file is part of PDF4QT.
//
// PDF4QT is free software: you can redistribute it and/or modify
// it under the terms of the GNU Lesser General Public License as published by
// the Free Software Foundation, either version 3 of the License, or
// with the written consent of the copyright owner, any later version.
//
// PDF4QT is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU Lesser General Public License for more details.
//
// You should have received a copy of the GNU Lesser General Public License
// along with PDF4QT. If not, see <https://www.gnu.org/licenses/>.
#include "pdfcreatecertificatedialog.h"
#include "ui_pdfcreatecertificatedialog.h"
#include "pdfcertificatemanager.h"
#include <QMessageBox>
#include <QInputDialog>
#include <QDate>
#include <QCalendar>
namespace pdf
{
PDFCreateCertificateDialog::PDFCreateCertificateDialog(QWidget *parent) :
QDialog(parent),
ui(new Ui::PDFCreateCertificateDialog)
{
ui->setupUi(this);
ui->fileNameEdit->setReadOnly(true);
ui->fileNameEdit->setText(PDFCertificateManager::generateCertificateFileName());
ui->keyLengthCombo->addItem(tr("1024 bits"), 1024);
ui->keyLengthCombo->addItem(tr("2048 bits"), 2048);
ui->keyLengthCombo->addItem(tr("4096 bits"), 4096);
ui->keyLengthCombo->setCurrentIndex(ui->keyLengthCombo->findData(2048));
QList<QLocale> locales = QLocale::matchingLocales(QLocale::AnyLanguage, QLocale::AnyScript, QLocale::AnyCountry);
std::sort(locales.begin(), locales.end(), [](const QLocale& left, const QLocale& right) { return QString::compare(left.nativeCountryName(), right.nativeCountryName(), Qt::CaseInsensitive) < 0; });
int currentIndex = 0;
QLocale currentLocale = QLocale::system();
for (const QLocale& locale : locales)
{
if (locale.country() == QLocale::AnyCountry)
{
continue;
}
if (locale.nativeCountryName().isEmpty())
{
continue;
}
QString localeName = locale.name();
QString countryCode = localeName.split(QChar('_')).back();
QString text = QString("%1 | %2").arg(countryCode, locale.nativeCountryName());
if (ui->countryCombo->findText(text) >= 0)
{
continue;
}
if (locale.bcp47Name() == currentLocale.bcp47Name())
{
currentIndex = ui->countryCombo->count();
}
ui->countryCombo->addItem(text, countryCode);
}
ui->countryCombo->setCurrentIndex(currentIndex);
ui->countryCombo->setMaxVisibleItems(25);
QDate minDate = QDate::currentDate();
ui->validTillEdit->setMinimumDate(minDate);
QDate selectedDate = minDate;
selectedDate = selectedDate.addYears(5, ui->validTillEdit->calendar());
ui->validTillEdit->setSelectedDate(selectedDate);
}
PDFCreateCertificateDialog::~PDFCreateCertificateDialog()
{
delete ui;
}
void PDFCreateCertificateDialog::accept()
{
if (validate())
{
bool ok = false;
QString password1 = QInputDialog::getText(this, tr("Certificate Protection"), tr("Enter password to protect your certificate."), QLineEdit::Password, QString(), &ok);
if (!ok)
{
return;
}
QString password2 = QInputDialog::getText(this, tr("Certificate Protection"), tr("Enter password again to verify password text."), QLineEdit::Password, QString(), &ok);
if (password1 != password2)
{
QMessageBox::critical(this, tr("Error"), tr("Reentered password is not equal to the first one!"));
return;
}
QDate date = ui->validTillEdit->selectedDate();
QDate currentDate = QDate::currentDate();
int days = currentDate.daysTo(date);
// Fill certificate info
m_newCertificateInfo.fileName = ui->fileNameEdit->text();
m_newCertificateInfo.privateKeyPasword = password1;
m_newCertificateInfo.certCountryCode = ui->countryCombo->currentData().toString();
m_newCertificateInfo.certOrganization = ui->organizationEdit->text();
m_newCertificateInfo.certOrganizationUnit = ui->organizationUnitEdit->text();
m_newCertificateInfo.certCommonName = ui->commonNameEdit->text();
m_newCertificateInfo.certEmail = ui->emailEdit->text();
m_newCertificateInfo.rsaKeyLength = ui->keyLengthCombo->currentData().toInt();
m_newCertificateInfo.validityInSeconds = days * 24 * 3600;
BaseClass::accept();
}
}
bool PDFCreateCertificateDialog::validate()
{
// validate empty text fields
if (ui->commonNameEdit->text().isEmpty())
{
QMessageBox::critical(this, tr("Error"), tr("Please enter a name!"));
ui->commonNameEdit->setFocus();
return false;
}
if (ui->organizationEdit->text().isEmpty())
{
QMessageBox::critical(this, tr("Error"), tr("Please enter an organization name!"));
ui->organizationEdit->setFocus();
return false;
}
if (ui->emailEdit->text().isEmpty())
{
QMessageBox::critical(this, tr("Error"), tr("Please enter an email address!"));
ui->emailEdit->setFocus();
return false;
}
return true;
}
} // namespace pdf

59
Pdf4QtLib/sources/pdfcreatecertificatedialog.h Normal file
View File

@@ -0,0 +1,59 @@
// Copyright (C) 2022 Jakub Melka
//
// This file is part of PDF4QT.
//
// PDF4QT is free software: you can redistribute it and/or modify
// it under the terms of the GNU Lesser General Public License as published by
// the Free Software Foundation, either version 3 of the License, or
// with the written consent of the copyright owner, any later version.
//
// PDF4QT is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU Lesser General Public License for more details.
//
// You should have received a copy of the GNU Lesser General Public License
// along with PDF4QT. If not, see <https://www.gnu.org/licenses/>.
#ifndef PDFCREATECERTIFICATEDIALOG_H
#define PDFCREATECERTIFICATEDIALOG_H
#include "pdfcertificatemanager.h"
#include <QDialog>
namespace Ui
{
class PDFCreateCertificateDialog;
}
namespace pdf
{
class PDF4QTLIBSHARED_EXPORT PDFCreateCertificateDialog : public QDialog
{
Q_OBJECT
private:
using BaseClass = QDialog;
public:
explicit PDFCreateCertificateDialog(QWidget* parent);
virtual ~PDFCreateCertificateDialog() override;
const PDFCertificateManager::NewCertificateInfo& getNewCertificateInfo() const { return m_newCertificateInfo; }
public slots:
virtual void accept() override;
private:
bool validate();
PDFCertificateManager::NewCertificateInfo m_newCertificateInfo;
Ui::PDFCreateCertificateDialog* ui;
};
} // namespace pdf
#endif // PDFCREATECERTIFICATEDIALOG_H

182
Pdf4QtLib/sources/pdfcreatecertificatedialog.ui Normal file
View File

@@ -0,0 +1,182 @@
<?xml version="1.0" encoding="UTF-8"?>
<ui version="4.0">
<class>PDFCreateCertificateDialog</class>
<widget class="QDialog" name="PDFCreateCertificateDialog">
<property name="geometry">
<rect>
<x>0</x>
<y>0</y>
<width>514</width>
<height>488</height>
</rect>
</property>
<property name="windowTitle">
<string>Create Certificate</string>
</property>
<layout class="QVBoxLayout" name="verticalLayout">
<item>
<widget class="QGroupBox" name="certificateGroupBox">
<property name="title">
<string>Create Self Signed Certificate</string>
</property>
<layout class="QFormLayout" name="formLayout">
<item row="1" column="0">
<widget class="QLabel" name="nameLabel">
<property name="text">
<string>Name</string>
</property>
</widget>
</item>
<item row="1" column="1">
<widget class="QLineEdit" name="commonNameEdit">
<property name="clearButtonEnabled">
<bool>true</bool>
</property>
</widget>
</item>
<item row="2" column="0">
<widget class="QLabel" name="organizationLabel">
<property name="text">
<string>Organization</string>
</property>
</widget>
</item>
<item row="3" column="0">
<widget class="QLabel" name="organizationUnitLabel">
<property name="text">
<string>Organization Unit</string>
</property>
</widget>
</item>
<item row="5" column="0">
<widget class="QLabel" name="emailLabel">
<property name="text">
<string>Email</string>
</property>
</widget>
</item>
<item row="8" column="0">
<spacer name="verticalSpacer">
<property name="orientation">
<enum>Qt::Vertical</enum>
</property>
<property name="sizeHint" stdset="0">
<size>
<width>20</width>
<height>40</height>
</size>
</property>
</spacer>
</item>
<item row="2" column="1">
<widget class="QLineEdit" name="organizationEdit">
<property name="clearButtonEnabled">
<bool>true</bool>
</property>
</widget>
</item>
<item row="3" column="1">
<widget class="QLineEdit" name="organizationUnitEdit">
<property name="clearButtonEnabled">
<bool>true</bool>
</property>
</widget>
</item>
<item row="5" column="1">
<widget class="QLineEdit" name="emailEdit">
<property name="clearButtonEnabled">
<bool>true</bool>
</property>
</widget>
</item>
<item row="4" column="0">
<widget class="QLabel" name="countryLabel">
<property name="text">
<string>Country</string>
</property>
</widget>
</item>
<item row="6" column="0">
<widget class="QLabel" name="keyLengthLabel">
<property name="text">
<string>Key length</string>
</property>
</widget>
</item>
<item row="7" column="0">
<widget class="QLabel" name="validityLabel">
<property name="text">
<string>Valid till</string>
</property>
</widget>
</item>
<item row="7" column="1">
<widget class="QCalendarWidget" name="validTillEdit"/>
</item>
<item row="6" column="1">
<widget class="QComboBox" name="keyLengthCombo"/>
</item>
<item row="4" column="1">
<widget class="QComboBox" name="countryCombo"/>
</item>
<item row="0" column="1">
<widget class="QLineEdit" name="fileNameEdit"/>
</item>
<item row="0" column="0">
<widget class="QLabel" name="certificateFileLabel">
<property name="text">
<string>Certificate file</string>
</property>
</widget>
</item>
</layout>
</widget>
</item>
<item>
<widget class="QDialogButtonBox" name="buttonBox">
<property name="orientation">
<enum>Qt::Horizontal</enum>
</property>
<property name="standardButtons">
<set>QDialogButtonBox::Cancel|QDialogButtonBox::Ok</set>
</property>
</widget>
</item>
</layout>
</widget>
<resources/>
<connections>
<connection>
<sender>buttonBox</sender>
<signal>accepted()</signal>
<receiver>PDFCreateCertificateDialog</receiver>
<slot>accept()</slot>
<hints>
<hint type="sourcelabel">
<x>248</x>
<y>254</y>
</hint>
<hint type="destinationlabel">
<x>157</x>
<y>274</y>
</hint>
</hints>
</connection>
<connection>
<sender>buttonBox</sender>
<signal>rejected()</signal>
<receiver>PDFCreateCertificateDialog</receiver>
<slot>reject()</slot>
<hints>
<hint type="sourcelabel">
<x>316</x>
<y>260</y>
</hint>
<hint type="destinationlabel">
<x>286</x>
<y>274</y>
</hint>
</hints>
</connection>
</connections>
</ui>

1131
Pdf4QtLib/sources/pdfsecurityhandler.cpp
View File

File diff suppressed because it is too large Load Diff

93
Pdf4QtLib/sources/pdfsecurityhandler.h
View File

@@ -35,6 +35,7 @@ enum class EncryptionMode
{
None, ///< Document is not encrypted
Standard, ///< Document is encrypted and using standard security handler
PublicKey, ///< Document is encrypted and using public key security handler
Custom ///< Document is encrypted and using custom security handler. Custom handlers must return this value.
};
@@ -68,11 +69,14 @@ struct CryptFilter
CryptFilterType type = CryptFilterType::None;
AuthEvent authEvent = AuthEvent::DocOpen;
int keyLength = 0; ///< Key length in bytes
QByteArrayList recipients; ///< Recipients for public key security handler
};
class PDFSecurityHandler;
using PDFSecurityHandlerPointer = QSharedPointer<PDFSecurityHandler>;
class PDFStandardSecurityHandler;
class PDFSecurityHandler
{
public:
@@ -196,6 +200,14 @@ public:
static PDFSecurityHandlerPointer createSecurityHandler(const PDFObject& encryptionDictionaryObject, const QByteArray& id);
protected:
static QByteArray parseName(const PDFDictionary* dictionary, const char* key, bool required, const char* defaultValue = nullptr);
static PDFInteger parseInt(const PDFDictionary* dictionary, const char* key, bool required, PDFInteger defaultValue = -1);
static CryptFilter parseCryptFilter(PDFInteger length, const PDFObject& object);
static PDFSecurityHandlerPointer createSecurityHandlerInstance(const PDFDictionary* dictionary);
static QByteArrayList parseRecipients(const PDFDictionary* dictionary);
static void parseCryptFilters(const PDFDictionary* dictionary, PDFSecurityHandler& handler, int Length);
static void parseDataStandardSecurityHandler(const PDFDictionary* dictionary, const QByteArray& id, int Length, PDFStandardSecurityHandler& handler);
/// Fills encryption dictionary with basic data
/// \param factory Factory
@@ -242,23 +254,15 @@ public:
virtual PDFObject createEncryptionDictionaryObject() const override { return PDFObject(); }
};
/// Specifies the security using standard security handler (see PDF specification
/// for details).
class PDFStandardSecurityHandler : public PDFSecurityHandler
class PDFStandardOrPublicSecurityHandler : public PDFSecurityHandler
{
public:
virtual EncryptionMode getMode() const override { return EncryptionMode::Standard; }
virtual PDFSecurityHandler* clone() const override;
virtual AuthorizationResult authenticate(const std::function<QString(bool*)>& getPasswordCallback, bool authorizeOwnerOnly) override;
virtual QByteArray decrypt(const QByteArray& data, PDFObjectReference reference, EncryptionScope encryptionScope) const override;
virtual QByteArray decryptByFilter(const QByteArray& data, const QByteArray& filterName, PDFObjectReference reference) const override;
virtual QByteArray encrypt(const QByteArray& data, PDFObjectReference reference, EncryptionScope encryptionScope) const override;
virtual QByteArray encryptByFilter(const QByteArray& data, const QByteArray& filterName, PDFObjectReference reference) const override;
virtual bool isMetadataEncrypted() const override { return m_encryptMetadata; }
virtual bool isAllowed(Permission permission) const override { return m_authorizationData.authorizationResult == AuthorizationResult::OwnerAuthorized || (m_permissions & static_cast<uint32_t>(permission)); }
virtual bool isEncryptionAllowed() const override { return m_authorizationData.isAuthorized(); }
virtual AuthorizationResult getAuthorizationResult() const override { return m_authorizationData.authorizationResult; }
virtual PDFObject createEncryptionDictionaryObject() const override;
virtual bool isEncryptionAllowed() const override { return m_authorizationData.isAuthorized(); }
struct AuthorizationData
{
@@ -268,10 +272,46 @@ public:
QByteArray fileEncryptionKey;
};
protected:
/// Decrypts data using specified filter. This function can be called only, if authorization was successfull.
/// \param data Data to be decrypted
/// \param filter Filter to be used for decryption
/// \param reference Object reference for key generation
/// \returns Decrypted data
QByteArray decryptUsingFilter(const QByteArray& data, CryptFilter filter, PDFObjectReference reference) const;
/// Encrypts data using specified filter. This function can be called only, if authorization was successfull.
/// \param data Data to be encrypted
/// \param filter Filter to be used for encryption
/// \param reference Object reference for key generation
/// \returns Encrypted data
QByteArray encryptUsingFilter(const QByteArray& data, CryptFilter filter, PDFObjectReference reference) const;
std::vector<uint8_t> createV2_ObjectEncryptionKey(PDFObjectReference reference, CryptFilter filter) const;
std::vector<uint8_t> createAESV2_ObjectEncryptionKey(PDFObjectReference reference) const;
CryptFilter getCryptFilter(EncryptionScope encryptionScope) const;
/// Authorization data
AuthorizationData m_authorizationData;
};
/// Specifies the security using standard security handler (see PDF specification
/// for details).
class PDFStandardSecurityHandler : public PDFStandardOrPublicSecurityHandler
{
public:
virtual EncryptionMode getMode() const override { return EncryptionMode::Standard; }
virtual PDFSecurityHandler* clone() const override;
virtual AuthorizationResult authenticate(const std::function<QString(bool*)>& getPasswordCallback, bool authorizeOwnerOnly) override;
virtual bool isMetadataEncrypted() const override { return m_encryptMetadata; }
virtual bool isAllowed(Permission permission) const override { return m_authorizationData.authorizationResult == AuthorizationResult::OwnerAuthorized || (m_permissions & static_cast<uint32_t>(permission)); }
virtual PDFObject createEncryptionDictionaryObject() const override;
/// Adjusts the password according to the PDF specification
static QByteArray adjustPassword(const QString& password, int revision);
private:
friend class PDFSecurityHandler;
friend class PDFSecurityHandlerFactory;
friend PDFSecurityHandlerPointer PDFSecurityHandler::createSecurityHandler(const PDFObject& encryptionDictionaryObject, const QByteArray& id);
@@ -311,25 +351,6 @@ private:
/// Parses parts of the user/owner data (U/O values of the encryption dictionary)
UserOwnerData_r6 parseParts(const QByteArray& data) const;
/// Decrypts data using specified filter. This function can be called only, if authorization was successfull.
/// \param data Data to be decrypted
/// \param filter Filter to be used for decryption
/// \param reference Object reference for key generation
/// \returns Decrypted data
QByteArray decryptUsingFilter(const QByteArray& data, CryptFilter filter, PDFObjectReference reference) const;
/// Encrypts data using specified filter. This function can be called only, if authorization was successfull.
/// \param data Data to be encrypted
/// \param filter Filter to be used for encryption
/// \param reference Object reference for key generation
/// \returns Encrypted data
QByteArray encryptUsingFilter(const QByteArray& data, CryptFilter filter, PDFObjectReference reference) const;
std::vector<uint8_t> createV2_ObjectEncryptionKey(PDFObjectReference reference, CryptFilter filter) const;
std::vector<uint8_t> createAESV2_ObjectEncryptionKey(PDFObjectReference reference) const;
CryptFilter getCryptFilter(EncryptionScope encryptionScope) const;
/// Returns true, if character with unicode code is non-ascii space character
/// according the RFC 3454, section C.1.2
/// \param unicode Unicode code to be tested
@@ -372,9 +393,19 @@ private:
/// First part of the id of the document
QByteArray m_ID;
};
/// Authorization data
AuthorizationData m_authorizationData;
/// Specifies the security using public key security handler (see PDF specification
/// for details).
class PDFPublicKeySecurityHandler : public PDFStandardOrPublicSecurityHandler
{
public:
virtual EncryptionMode getMode() const override { return EncryptionMode::PublicKey; }
virtual PDFSecurityHandler* clone() const override;
virtual AuthorizationResult authenticate(const std::function<QString(bool*)>& getPasswordCallback, bool authorizeOwnerOnly) override;
virtual bool isMetadataEncrypted() const override;
virtual bool isAllowed(Permission permission) const override;
virtual PDFObject createEncryptionDictionaryObject() const override;
};
/// Factory, which creates security handler based on settings.