mir/libreoffice
2
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
a3ed62e2707a27f6f3b51c41771301b5cf9a48f5
libreoffice/xmlsecurity/source/pdfio/pdfdocument.cxx

176 lines
6.2 KiB
C++
Raw Normal View History

xmlsecurity: add initial PDFSignatureHelper This splits most of the PDF signature code out of the pdfverify executable, and puts it into the xmlsecurity library instead. The PDFSignatureHelper now attempts to verify PDF signatures, and code in sdext / sfx2 also calls it (even if PDF is not a ZIP-based format). Change-Id: I7b8b3ac9c976e4ea4f3796b1cda07c8a2c97bd02 Reviewed-on: https://gerrit.libreoffice.org/29751 Reviewed-by: Miklos Vajna <vmiklos@collabora.co.uk> Tested-by: Jenkins <ci@libreoffice.org>
2016-10-13 10:37:02 +02:00
/* -*- Mode: C++; tab-width: 4; indent-tabs-mode: nil; c-basic-offset: 4 -*- */
/*
* This file is part of the LibreOffice project.
*
* This Source Code Form is subject to the terms of the Mozilla Public
* License, v. 2.0. If a copy of the MPL was not distributed with this
* file, You can obtain one at http://mozilla.org/MPL/2.0/.
*/
xmlsecurity: no need to have pdfio/pdfdocument.hxx as a global header Which means xmlsecurity can be again a module that has no public headers. Change-Id: I3d0b03680398f80196fac187263e770fd44ed0ed Reviewed-on: https://gerrit.libreoffice.org/41966 Reviewed-by: Miklos Vajna <vmiklos@collabora.co.uk> Tested-by: Jenkins <ci@libreoffice.org>
2017-09-05 22:57:54 +02:00
#include <pdfio/pdfdocument.hxx>
xmlsecurity: add initial PDFSignatureHelper This splits most of the PDF signature code out of the pdfverify executable, and puts it into the xmlsecurity library instead. The PDFSignatureHelper now attempts to verify PDF signatures, and code in sdext / sfx2 also calls it (even if PDF is not a ZIP-based format). Change-Id: I7b8b3ac9c976e4ea4f3796b1cda07c8a2c97bd02 Reviewed-on: https://gerrit.libreoffice.org/29751 Reviewed-by: Miklos Vajna <vmiklos@collabora.co.uk> Tested-by: Jenkins <ci@libreoffice.org>
2016-10-13 10:37:02 +02:00
#include <memory>
#include <vector>
#include <rtl/string.hxx>
tdf#42949 Fix some more Include What You Use warnings Change-Id: I2040315707674dc99a37aedb96ac61dca274c13a Reviewed-on: https://gerrit.libreoffice.org/47348 Reviewed-by: Miklos Vajna <vmiklos@collabora.co.uk> Tested-by: Jenkins <ci@libreoffice.org>
2018-01-03 21:06:56 +01:00
#include <rtl/ustrbuf.hxx>
xmlsecurity: add initial PDFSignatureHelper This splits most of the PDF signature code out of the pdfverify executable, and puts it into the xmlsecurity library instead. The PDFSignatureHelper now attempts to verify PDF signatures, and code in sdext / sfx2 also calls it (even if PDF is not a ZIP-based format). Change-Id: I7b8b3ac9c976e4ea4f3796b1cda07c8a2c97bd02 Reviewed-on: https://gerrit.libreoffice.org/29751 Reviewed-by: Miklos Vajna <vmiklos@collabora.co.uk> Tested-by: Jenkins <ci@libreoffice.org>
2016-10-13 10:37:02 +02:00
#include <sal/log.hxx>
#include <sal/types.h>
svl: move byte-array verification from vcl Also use comphelper::Base64 and DateTime::CreateFromUnixTime to avoid depending on sax. Change-Id: If1853f8d9481c9caa0625a111707531bbc495f75 Reviewed-on: https://gerrit.libreoffice.org/39993 Tested-by: Jenkins <ci@libreoffice.org> Reviewed-by: Ashod Nakashian <ashnakash@gmail.com>
2017-07-09 09:42:01 -04:00
#include <svl/sigstruct.hxx>
#include <svl/cryptosign.hxx>
tdf#42949 Fix some more Include What You Use warnings Change-Id: I2040315707674dc99a37aedb96ac61dca274c13a Reviewed-on: https://gerrit.libreoffice.org/47348 Reviewed-by: Miklos Vajna <vmiklos@collabora.co.uk> Tested-by: Jenkins <ci@libreoffice.org>
2018-01-03 21:06:56 +01:00
#include <vcl/filter/pdfdocument.hxx>
xmlsecurity PDF verify: initial Windows support The timestamp isn't extracted yet, but the digest match is already checked correctly and the certificate is exposed. Change-Id: Ieca002a5c4ca0b96f4dc397c460adb7f88f5ffc7 Reviewed-on: https://gerrit.libreoffice.org/30499 Tested-by: Jenkins <ci@libreoffice.org> Reviewed-by: Miklos Vajna <vmiklos@collabora.co.uk>
2016-11-02 17:57:25 +01:00
xmlsecurity: add initial PDFSignatureHelper This splits most of the PDF signature code out of the pdfverify executable, and puts it into the xmlsecurity library instead. The PDFSignatureHelper now attempts to verify PDF signatures, and code in sdext / sfx2 also calls it (even if PDF is not a ZIP-based format). Change-Id: I7b8b3ac9c976e4ea4f3796b1cda07c8a2c97bd02 Reviewed-on: https://gerrit.libreoffice.org/29751 Reviewed-by: Miklos Vajna <vmiklos@collabora.co.uk> Tested-by: Jenkins <ci@libreoffice.org>
2016-10-13 10:37:02 +02:00
using namespace com::sun::star;
namespace xmlsecurity
{
namespace pdfio
{
Turn on clang-format for these files I (tried to) keep these files consistent locally with astyle in the past, switching to clang-format makes sure that the recent problem with introducing inconsistencies in these files doesn't happen again. (On the flip side, it's great to see that now others also touch this PDF/pdfium code. :-) ) Change-Id: I6065eab77c584197a82fe48e7d3e81b445106efd Reviewed-on: https://gerrit.libreoffice.org/51701 Reviewed-by: Miklos Vajna <vmiklos@collabora.co.uk> Tested-by: Jenkins <ci@libreoffice.org>
2018-03-21 13:23:58 +01:00
bool ValidateSignature(SvStream& rStream, vcl::filter::PDFObjectElement* pSignature,
SignatureInformation& rInformation, bool bLast)
vcl: move in PDF tokenizer from xmlsecurity The PDF code in xmlsecurity served two purposes: - a generic PDF tokenizer - signature verification The first purpose is useful to have in VCL, so the PDF export code can use it as well when it comes to PDF image handling. This commit just moves most of the PDF code to VCL, it does not touch the PDF export code yet. With this, also the somewhat odd xmlsecurity dependency of CppunitTest_vcl_pdfexport can be removed as well. Change-Id: I6fe8294ed5c4aa4d79f4b2ddef80a4d1c9d566cc Reviewed-on: https://gerrit.libreoffice.org/35513 Reviewed-by: Miklos Vajna <vmiklos@collabora.co.uk> Tested-by: Jenkins <ci@libreoffice.org>
2017-03-21 18:03:21 +01:00
{
vcl::filter::PDFObjectElement* pValue = pSignature->LookupObject("V");
if (!pValue)
{
SAL_WARN("xmlsecurity.pdfio", "ValidateSignature: no value");
return false;
}
xmlsecurity PDF sign: use a predictor when compressing the xref stream With this our xref stream output is close enough to Acrobat so that the existing signature verifier runs without any problems. Change-Id: I6eca7966890365759c269b465e4bf4d86d335219
2016-11-10 08:38:31 +01:00
vcl: move in PDF tokenizer from xmlsecurity The PDF code in xmlsecurity served two purposes: - a generic PDF tokenizer - signature verification The first purpose is useful to have in VCL, so the PDF export code can use it as well when it comes to PDF image handling. This commit just moves most of the PDF code to VCL, it does not touch the PDF export code yet. With this, also the somewhat odd xmlsecurity dependency of CppunitTest_vcl_pdfexport can be removed as well. Change-Id: I6fe8294ed5c4aa4d79f4b2ddef80a4d1c9d566cc Reviewed-on: https://gerrit.libreoffice.org/35513 Reviewed-by: Miklos Vajna <vmiklos@collabora.co.uk> Tested-by: Jenkins <ci@libreoffice.org>
2017-03-21 18:03:21 +01:00
auto pContents = dynamic_cast<vcl::filter::PDFHexStringElement*>(pValue->Lookup("Contents"));
if (!pContents)
{
SAL_WARN("xmlsecurity.pdfio", "ValidateSignature: no contents");
return false;
}
xmlsecurity PDF sign: use a predictor when compressing the xref stream With this our xref stream output is close enough to Acrobat so that the existing signature verifier runs without any problems. Change-Id: I6eca7966890365759c269b465e4bf4d86d335219
2016-11-10 08:38:31 +01:00
vcl: move in PDF tokenizer from xmlsecurity The PDF code in xmlsecurity served two purposes: - a generic PDF tokenizer - signature verification The first purpose is useful to have in VCL, so the PDF export code can use it as well when it comes to PDF image handling. This commit just moves most of the PDF code to VCL, it does not touch the PDF export code yet. With this, also the somewhat odd xmlsecurity dependency of CppunitTest_vcl_pdfexport can be removed as well. Change-Id: I6fe8294ed5c4aa4d79f4b2ddef80a4d1c9d566cc Reviewed-on: https://gerrit.libreoffice.org/35513 Reviewed-by: Miklos Vajna <vmiklos@collabora.co.uk> Tested-by: Jenkins <ci@libreoffice.org>
2017-03-21 18:03:21 +01:00
auto pByteRange = dynamic_cast<vcl::filter::PDFArrayElement*>(pValue->Lookup("ByteRange"));
if (!pByteRange || pByteRange->GetElements().size() < 2)
{
SAL_WARN("xmlsecurity.pdfio", "ValidateSignature: no byte range or too few elements");
return false;
}
xmlsecurity PDF sign: conditionally write xref stream In case the input document used a PDF 1.5 xref stream, not an old xref table, then write that as part of the incremental update. Acrobat seems to require this. Change-Id: I9f1f73140c26308f8720aa1ffe1b905d0e60ede0 Reviewed-on: https://gerrit.libreoffice.org/30724 Tested-by: Jenkins <ci@libreoffice.org> Reviewed-by: Miklos Vajna <vmiklos@collabora.co.uk>
2016-11-09 15:49:35 +01:00
vcl: move in PDF tokenizer from xmlsecurity The PDF code in xmlsecurity served two purposes: - a generic PDF tokenizer - signature verification The first purpose is useful to have in VCL, so the PDF export code can use it as well when it comes to PDF image handling. This commit just moves most of the PDF code to VCL, it does not touch the PDF export code yet. With this, also the somewhat odd xmlsecurity dependency of CppunitTest_vcl_pdfexport can be removed as well. Change-Id: I6fe8294ed5c4aa4d79f4b2ddef80a4d1c9d566cc Reviewed-on: https://gerrit.libreoffice.org/35513 Reviewed-by: Miklos Vajna <vmiklos@collabora.co.uk> Tested-by: Jenkins <ci@libreoffice.org>
2017-03-21 18:03:21 +01:00
auto pSubFilter = dynamic_cast<vcl::filter::PDFNameElement*>(pValue->Lookup("SubFilter"));
svl: move byte-array verification from vcl Also use comphelper::Base64 and DateTime::CreateFromUnixTime to avoid depending on sax. Change-Id: If1853f8d9481c9caa0625a111707531bbc495f75 Reviewed-on: https://gerrit.libreoffice.org/39993 Tested-by: Jenkins <ci@libreoffice.org> Reviewed-by: Ashod Nakashian <ashnakash@gmail.com>
2017-07-09 09:42:01 -04:00
const bool bNonDetached = pSubFilter && pSubFilter->GetValue() == "adbe.pkcs7.sha1";
Turn on clang-format for these files I (tried to) keep these files consistent locally with astyle in the past, switching to clang-format makes sure that the recent problem with introducing inconsistencies in these files doesn't happen again. (On the flip side, it's great to see that now others also touch this PDF/pdfium code. :-) ) Change-Id: I6065eab77c584197a82fe48e7d3e81b445106efd Reviewed-on: https://gerrit.libreoffice.org/51701 Reviewed-by: Miklos Vajna <vmiklos@collabora.co.uk> Tested-by: Jenkins <ci@libreoffice.org>
2018-03-21 13:23:58 +01:00
if (!pSubFilter
|| (pSubFilter->GetValue() != "adbe.pkcs7.detached" && !bNonDetached
&& pSubFilter->GetValue() != "ETSI.CAdES.detached"))
vcl: move in PDF tokenizer from xmlsecurity The PDF code in xmlsecurity served two purposes: - a generic PDF tokenizer - signature verification The first purpose is useful to have in VCL, so the PDF export code can use it as well when it comes to PDF image handling. This commit just moves most of the PDF code to VCL, it does not touch the PDF export code yet. With this, also the somewhat odd xmlsecurity dependency of CppunitTest_vcl_pdfexport can be removed as well. Change-Id: I6fe8294ed5c4aa4d79f4b2ddef80a4d1c9d566cc Reviewed-on: https://gerrit.libreoffice.org/35513 Reviewed-by: Miklos Vajna <vmiklos@collabora.co.uk> Tested-by: Jenkins <ci@libreoffice.org>
2017-03-21 18:03:21 +01:00
{
if (!pSubFilter)
SAL_WARN("xmlsecurity.pdfio", "ValidateSignature: missing sub-filter");
else
Turn on clang-format for these files I (tried to) keep these files consistent locally with astyle in the past, switching to clang-format makes sure that the recent problem with introducing inconsistencies in these files doesn't happen again. (On the flip side, it's great to see that now others also touch this PDF/pdfium code. :-) ) Change-Id: I6065eab77c584197a82fe48e7d3e81b445106efd Reviewed-on: https://gerrit.libreoffice.org/51701 Reviewed-by: Miklos Vajna <vmiklos@collabora.co.uk> Tested-by: Jenkins <ci@libreoffice.org>
2018-03-21 13:23:58 +01:00
SAL_WARN("xmlsecurity.pdfio", "ValidateSignature: unsupported sub-filter: '"
<< pSubFilter->GetValue() << "'");
vcl: move in PDF tokenizer from xmlsecurity The PDF code in xmlsecurity served two purposes: - a generic PDF tokenizer - signature verification The first purpose is useful to have in VCL, so the PDF export code can use it as well when it comes to PDF image handling. This commit just moves most of the PDF code to VCL, it does not touch the PDF export code yet. With this, also the somewhat odd xmlsecurity dependency of CppunitTest_vcl_pdfexport can be removed as well. Change-Id: I6fe8294ed5c4aa4d79f4b2ddef80a4d1c9d566cc Reviewed-on: https://gerrit.libreoffice.org/35513 Reviewed-by: Miklos Vajna <vmiklos@collabora.co.uk> Tested-by: Jenkins <ci@libreoffice.org>
2017-03-21 18:03:21 +01:00
return false;
}
xmlsecurity PDF sign: conditionally write xref stream In case the input document used a PDF 1.5 xref stream, not an old xref table, then write that as part of the incremental update. Acrobat seems to require this. Change-Id: I9f1f73140c26308f8720aa1ffe1b905d0e60ede0 Reviewed-on: https://gerrit.libreoffice.org/30724 Tested-by: Jenkins <ci@libreoffice.org> Reviewed-by: Miklos Vajna <vmiklos@collabora.co.uk>
2016-11-09 15:49:35 +01:00
vcl: move in PDF tokenizer from xmlsecurity The PDF code in xmlsecurity served two purposes: - a generic PDF tokenizer - signature verification The first purpose is useful to have in VCL, so the PDF export code can use it as well when it comes to PDF image handling. This commit just moves most of the PDF code to VCL, it does not touch the PDF export code yet. With this, also the somewhat odd xmlsecurity dependency of CppunitTest_vcl_pdfexport can be removed as well. Change-Id: I6fe8294ed5c4aa4d79f4b2ddef80a4d1c9d566cc Reviewed-on: https://gerrit.libreoffice.org/35513 Reviewed-by: Miklos Vajna <vmiklos@collabora.co.uk> Tested-by: Jenkins <ci@libreoffice.org>
2017-03-21 18:03:21 +01:00
// Reason / comment / description is optional.
auto pReason = dynamic_cast<vcl::filter::PDFHexStringElement*>(pValue->Lookup("Reason"));
if (pReason)
{
// See appendUnicodeTextString() for the export equivalent of this.
std::vector<unsigned char> aReason = vcl::filter::PDFDocument::DecodeHexString(pReason);
OUStringBuffer aBuffer;
sal_uInt16 nByte = 0;
for (size_t i = 0; i < aReason.size(); ++i)
xmlsecurity PDF sign: conditionally write xref stream In case the input document used a PDF 1.5 xref stream, not an old xref table, then write that as part of the incremental update. Acrobat seems to require this. Change-Id: I9f1f73140c26308f8720aa1ffe1b905d0e60ede0 Reviewed-on: https://gerrit.libreoffice.org/30724 Tested-by: Jenkins <ci@libreoffice.org> Reviewed-by: Miklos Vajna <vmiklos@collabora.co.uk>
2016-11-09 15:49:35 +01:00
{
vcl: move in PDF tokenizer from xmlsecurity The PDF code in xmlsecurity served two purposes: - a generic PDF tokenizer - signature verification The first purpose is useful to have in VCL, so the PDF export code can use it as well when it comes to PDF image handling. This commit just moves most of the PDF code to VCL, it does not touch the PDF export code yet. With this, also the somewhat odd xmlsecurity dependency of CppunitTest_vcl_pdfexport can be removed as well. Change-Id: I6fe8294ed5c4aa4d79f4b2ddef80a4d1c9d566cc Reviewed-on: https://gerrit.libreoffice.org/35513 Reviewed-by: Miklos Vajna <vmiklos@collabora.co.uk> Tested-by: Jenkins <ci@libreoffice.org>
2017-03-21 18:03:21 +01:00
if (i % 2 == 0)
nByte = aReason[i];
else
xmlsecurity PDF sign: conditionally write xref stream In case the input document used a PDF 1.5 xref stream, not an old xref table, then write that as part of the incremental update. Acrobat seems to require this. Change-Id: I9f1f73140c26308f8720aa1ffe1b905d0e60ede0 Reviewed-on: https://gerrit.libreoffice.org/30724 Tested-by: Jenkins <ci@libreoffice.org> Reviewed-by: Miklos Vajna <vmiklos@collabora.co.uk>
2016-11-09 15:49:35 +01:00
{
vcl: move in PDF tokenizer from xmlsecurity The PDF code in xmlsecurity served two purposes: - a generic PDF tokenizer - signature verification The first purpose is useful to have in VCL, so the PDF export code can use it as well when it comes to PDF image handling. This commit just moves most of the PDF code to VCL, it does not touch the PDF export code yet. With this, also the somewhat odd xmlsecurity dependency of CppunitTest_vcl_pdfexport can be removed as well. Change-Id: I6fe8294ed5c4aa4d79f4b2ddef80a4d1c9d566cc Reviewed-on: https://gerrit.libreoffice.org/35513 Reviewed-by: Miklos Vajna <vmiklos@collabora.co.uk> Tested-by: Jenkins <ci@libreoffice.org>
2017-03-21 18:03:21 +01:00
sal_Unicode nUnicode;
nUnicode = (nByte << 8);
nUnicode |= aReason[i];
aBuffer.append(nUnicode);
xmlsecurity PDF sign: conditionally write xref stream In case the input document used a PDF 1.5 xref stream, not an old xref table, then write that as part of the incremental update. Acrobat seems to require this. Change-Id: I9f1f73140c26308f8720aa1ffe1b905d0e60ede0 Reviewed-on: https://gerrit.libreoffice.org/30724 Tested-by: Jenkins <ci@libreoffice.org> Reviewed-by: Miklos Vajna <vmiklos@collabora.co.uk>
2016-11-09 15:49:35 +01:00
}
}
vcl: move in PDF tokenizer from xmlsecurity The PDF code in xmlsecurity served two purposes: - a generic PDF tokenizer - signature verification The first purpose is useful to have in VCL, so the PDF export code can use it as well when it comes to PDF image handling. This commit just moves most of the PDF code to VCL, it does not touch the PDF export code yet. With this, also the somewhat odd xmlsecurity dependency of CppunitTest_vcl_pdfexport can be removed as well. Change-Id: I6fe8294ed5c4aa4d79f4b2ddef80a4d1c9d566cc Reviewed-on: https://gerrit.libreoffice.org/35513 Reviewed-by: Miklos Vajna <vmiklos@collabora.co.uk> Tested-by: Jenkins <ci@libreoffice.org>
2017-03-21 18:03:21 +01:00
if (!aBuffer.isEmpty())
rInformation.ouDescription = aBuffer.makeStringAndClear();
}
xmlsecurity PDF sign: conditionally write xref stream In case the input document used a PDF 1.5 xref stream, not an old xref table, then write that as part of the incremental update. Acrobat seems to require this. Change-Id: I9f1f73140c26308f8720aa1ffe1b905d0e60ede0 Reviewed-on: https://gerrit.libreoffice.org/30724 Tested-by: Jenkins <ci@libreoffice.org> Reviewed-by: Miklos Vajna <vmiklos@collabora.co.uk>
2016-11-09 15:49:35 +01:00
vcl: move in PDF tokenizer from xmlsecurity The PDF code in xmlsecurity served two purposes: - a generic PDF tokenizer - signature verification The first purpose is useful to have in VCL, so the PDF export code can use it as well when it comes to PDF image handling. This commit just moves most of the PDF code to VCL, it does not touch the PDF export code yet. With this, also the somewhat odd xmlsecurity dependency of CppunitTest_vcl_pdfexport can be removed as well. Change-Id: I6fe8294ed5c4aa4d79f4b2ddef80a4d1c9d566cc Reviewed-on: https://gerrit.libreoffice.org/35513 Reviewed-by: Miklos Vajna <vmiklos@collabora.co.uk> Tested-by: Jenkins <ci@libreoffice.org>
2017-03-21 18:03:21 +01:00
// Date: used only when the time of signing is not available in the
// signature.
auto pM = dynamic_cast<vcl::filter::PDFLiteralStringElement*>(pValue->Lookup("M"));
if (pM)
{
// Example: "D:20161027100104".
const OString& rM = pM->GetValue();
if (rM.startsWith("D:") && rM.getLength() >= 16)
xmlsecurity PDF sign: conditionally write xref stream In case the input document used a PDF 1.5 xref stream, not an old xref table, then write that as part of the incremental update. Acrobat seems to require this. Change-Id: I9f1f73140c26308f8720aa1ffe1b905d0e60ede0 Reviewed-on: https://gerrit.libreoffice.org/30724 Tested-by: Jenkins <ci@libreoffice.org> Reviewed-by: Miklos Vajna <vmiklos@collabora.co.uk>
2016-11-09 15:49:35 +01:00
{
vcl: move in PDF tokenizer from xmlsecurity The PDF code in xmlsecurity served two purposes: - a generic PDF tokenizer - signature verification The first purpose is useful to have in VCL, so the PDF export code can use it as well when it comes to PDF image handling. This commit just moves most of the PDF code to VCL, it does not touch the PDF export code yet. With this, also the somewhat odd xmlsecurity dependency of CppunitTest_vcl_pdfexport can be removed as well. Change-Id: I6fe8294ed5c4aa4d79f4b2ddef80a4d1c9d566cc Reviewed-on: https://gerrit.libreoffice.org/35513 Reviewed-by: Miklos Vajna <vmiklos@collabora.co.uk> Tested-by: Jenkins <ci@libreoffice.org>
2017-03-21 18:03:21 +01:00
rInformation.stDateTime.Year = rM.copy(2, 4).toInt32();
rInformation.stDateTime.Month = rM.copy(6, 2).toInt32();
rInformation.stDateTime.Day = rM.copy(8, 2).toInt32();
rInformation.stDateTime.Hours = rM.copy(10, 2).toInt32();
rInformation.stDateTime.Minutes = rM.copy(12, 2).toInt32();
rInformation.stDateTime.Seconds = rM.copy(14, 2).toInt32();
xmlsecurity PDF sign: conditionally write xref stream In case the input document used a PDF 1.5 xref stream, not an old xref table, then write that as part of the incremental update. Acrobat seems to require this. Change-Id: I9f1f73140c26308f8720aa1ffe1b905d0e60ede0 Reviewed-on: https://gerrit.libreoffice.org/30724 Tested-by: Jenkins <ci@libreoffice.org> Reviewed-by: Miklos Vajna <vmiklos@collabora.co.uk>
2016-11-09 15:49:35 +01:00
}
vcl: move in PDF tokenizer from xmlsecurity The PDF code in xmlsecurity served two purposes: - a generic PDF tokenizer - signature verification The first purpose is useful to have in VCL, so the PDF export code can use it as well when it comes to PDF image handling. This commit just moves most of the PDF code to VCL, it does not touch the PDF export code yet. With this, also the somewhat odd xmlsecurity dependency of CppunitTest_vcl_pdfexport can be removed as well. Change-Id: I6fe8294ed5c4aa4d79f4b2ddef80a4d1c9d566cc Reviewed-on: https://gerrit.libreoffice.org/35513 Reviewed-by: Miklos Vajna <vmiklos@collabora.co.uk> Tested-by: Jenkins <ci@libreoffice.org>
2017-03-21 18:03:21 +01:00
}
xmlsecurity PDF sign: conditionally write xref stream In case the input document used a PDF 1.5 xref stream, not an old xref table, then write that as part of the incremental update. Acrobat seems to require this. Change-Id: I9f1f73140c26308f8720aa1ffe1b905d0e60ede0 Reviewed-on: https://gerrit.libreoffice.org/30724 Tested-by: Jenkins <ci@libreoffice.org> Reviewed-by: Miklos Vajna <vmiklos@collabora.co.uk>
2016-11-09 15:49:35 +01:00
vcl: move in PDF tokenizer from xmlsecurity The PDF code in xmlsecurity served two purposes: - a generic PDF tokenizer - signature verification The first purpose is useful to have in VCL, so the PDF export code can use it as well when it comes to PDF image handling. This commit just moves most of the PDF code to VCL, it does not touch the PDF export code yet. With this, also the somewhat odd xmlsecurity dependency of CppunitTest_vcl_pdfexport can be removed as well. Change-Id: I6fe8294ed5c4aa4d79f4b2ddef80a4d1c9d566cc Reviewed-on: https://gerrit.libreoffice.org/35513 Reviewed-by: Miklos Vajna <vmiklos@collabora.co.uk> Tested-by: Jenkins <ci@libreoffice.org>
2017-03-21 18:03:21 +01:00
// Build a list of offset-length pairs, representing the signed bytes.
std::vector<std::pair<size_t, size_t>> aByteRanges;
size_t nByteRangeOffset = 0;
const std::vector<vcl::filter::PDFElement*>& rByteRangeElements = pByteRange->GetElements();
for (size_t i = 0; i < rByteRangeElements.size(); ++i)
{
auto pNumber = dynamic_cast<vcl::filter::PDFNumberElement*>(rByteRangeElements[i]);
if (!pNumber)
xmlsecurity PDF sign: compress the xref stream This way it's a bit smaller for large files and our output is closer to what Acrobat produces. Change-Id: Ide5f7b58a74a9d6ad7d806814eb57cb6931023cc Reviewed-on: https://gerrit.libreoffice.org/30726 Tested-by: Jenkins <ci@libreoffice.org> Reviewed-by: Miklos Vajna <vmiklos@collabora.co.uk>
2016-11-09 16:53:51 +01:00
{
Turn on clang-format for these files I (tried to) keep these files consistent locally with astyle in the past, switching to clang-format makes sure that the recent problem with introducing inconsistencies in these files doesn't happen again. (On the flip side, it's great to see that now others also touch this PDF/pdfium code. :-) ) Change-Id: I6065eab77c584197a82fe48e7d3e81b445106efd Reviewed-on: https://gerrit.libreoffice.org/51701 Reviewed-by: Miklos Vajna <vmiklos@collabora.co.uk> Tested-by: Jenkins <ci@libreoffice.org>
2018-03-21 13:23:58 +01:00
SAL_WARN("xmlsecurity.pdfio",
"ValidateSignature: signature offset and length has to be a number");
vcl: move in PDF tokenizer from xmlsecurity The PDF code in xmlsecurity served two purposes: - a generic PDF tokenizer - signature verification The first purpose is useful to have in VCL, so the PDF export code can use it as well when it comes to PDF image handling. This commit just moves most of the PDF code to VCL, it does not touch the PDF export code yet. With this, also the somewhat odd xmlsecurity dependency of CppunitTest_vcl_pdfexport can be removed as well. Change-Id: I6fe8294ed5c4aa4d79f4b2ddef80a4d1c9d566cc Reviewed-on: https://gerrit.libreoffice.org/35513 Reviewed-by: Miklos Vajna <vmiklos@collabora.co.uk> Tested-by: Jenkins <ci@libreoffice.org>
2017-03-21 18:03:21 +01:00
return false;
xmlsecurity PDF sign: compress the xref stream This way it's a bit smaller for large files and our output is closer to what Acrobat produces. Change-Id: Ide5f7b58a74a9d6ad7d806814eb57cb6931023cc Reviewed-on: https://gerrit.libreoffice.org/30726 Tested-by: Jenkins <ci@libreoffice.org> Reviewed-by: Miklos Vajna <vmiklos@collabora.co.uk>
2016-11-09 16:53:51 +01:00
}
xmlsecurity PDF sign: conditionally write xref stream In case the input document used a PDF 1.5 xref stream, not an old xref table, then write that as part of the incremental update. Acrobat seems to require this. Change-Id: I9f1f73140c26308f8720aa1ffe1b905d0e60ede0 Reviewed-on: https://gerrit.libreoffice.org/30724 Tested-by: Jenkins <ci@libreoffice.org> Reviewed-by: Miklos Vajna <vmiklos@collabora.co.uk>
2016-11-09 15:49:35 +01:00
vcl: move in PDF tokenizer from xmlsecurity The PDF code in xmlsecurity served two purposes: - a generic PDF tokenizer - signature verification The first purpose is useful to have in VCL, so the PDF export code can use it as well when it comes to PDF image handling. This commit just moves most of the PDF code to VCL, it does not touch the PDF export code yet. With this, also the somewhat odd xmlsecurity dependency of CppunitTest_vcl_pdfexport can be removed as well. Change-Id: I6fe8294ed5c4aa4d79f4b2ddef80a4d1c9d566cc Reviewed-on: https://gerrit.libreoffice.org/35513 Reviewed-by: Miklos Vajna <vmiklos@collabora.co.uk> Tested-by: Jenkins <ci@libreoffice.org>
2017-03-21 18:03:21 +01:00
if (i % 2 == 0)
xmlsecurity PDF sign: conditionally write xref stream In case the input document used a PDF 1.5 xref stream, not an old xref table, then write that as part of the incremental update. Acrobat seems to require this. Change-Id: I9f1f73140c26308f8720aa1ffe1b905d0e60ede0 Reviewed-on: https://gerrit.libreoffice.org/30724 Tested-by: Jenkins <ci@libreoffice.org> Reviewed-by: Miklos Vajna <vmiklos@collabora.co.uk>
2016-11-09 15:49:35 +01:00
{
vcl: move in PDF tokenizer from xmlsecurity The PDF code in xmlsecurity served two purposes: - a generic PDF tokenizer - signature verification The first purpose is useful to have in VCL, so the PDF export code can use it as well when it comes to PDF image handling. This commit just moves most of the PDF code to VCL, it does not touch the PDF export code yet. With this, also the somewhat odd xmlsecurity dependency of CppunitTest_vcl_pdfexport can be removed as well. Change-Id: I6fe8294ed5c4aa4d79f4b2ddef80a4d1c9d566cc Reviewed-on: https://gerrit.libreoffice.org/35513 Reviewed-by: Miklos Vajna <vmiklos@collabora.co.uk> Tested-by: Jenkins <ci@libreoffice.org>
2017-03-21 18:03:21 +01:00
nByteRangeOffset = pNumber->GetValue();
continue;
xmlsecurity PDF sign: conditionally write xref stream In case the input document used a PDF 1.5 xref stream, not an old xref table, then write that as part of the incremental update. Acrobat seems to require this. Change-Id: I9f1f73140c26308f8720aa1ffe1b905d0e60ede0 Reviewed-on: https://gerrit.libreoffice.org/30724 Tested-by: Jenkins <ci@libreoffice.org> Reviewed-by: Miklos Vajna <vmiklos@collabora.co.uk>
2016-11-09 15:49:35 +01:00
}
vcl: move in PDF tokenizer from xmlsecurity The PDF code in xmlsecurity served two purposes: - a generic PDF tokenizer - signature verification The first purpose is useful to have in VCL, so the PDF export code can use it as well when it comes to PDF image handling. This commit just moves most of the PDF code to VCL, it does not touch the PDF export code yet. With this, also the somewhat odd xmlsecurity dependency of CppunitTest_vcl_pdfexport can be removed as well. Change-Id: I6fe8294ed5c4aa4d79f4b2ddef80a4d1c9d566cc Reviewed-on: https://gerrit.libreoffice.org/35513 Reviewed-by: Miklos Vajna <vmiklos@collabora.co.uk> Tested-by: Jenkins <ci@libreoffice.org>
2017-03-21 18:03:21 +01:00
size_t nByteRangeLength = pNumber->GetValue();
xmlsecurity pdf verify: push_back -> emplace_back And a few other similar small cleanups. Change-Id: I91c992f33f2166d1cf27cbc9def1b69965040658 Reviewed-on: https://gerrit.libreoffice.org/39928 Tested-by: Jenkins <ci@libreoffice.org> Reviewed-by: Miklos Vajna <vmiklos@collabora.co.uk>
2017-07-13 21:10:52 +02:00
aByteRanges.emplace_back(nByteRangeOffset, nByteRangeLength);
vcl: move in PDF tokenizer from xmlsecurity The PDF code in xmlsecurity served two purposes: - a generic PDF tokenizer - signature verification The first purpose is useful to have in VCL, so the PDF export code can use it as well when it comes to PDF image handling. This commit just moves most of the PDF code to VCL, it does not touch the PDF export code yet. With this, also the somewhat odd xmlsecurity dependency of CppunitTest_vcl_pdfexport can be removed as well. Change-Id: I6fe8294ed5c4aa4d79f4b2ddef80a4d1c9d566cc Reviewed-on: https://gerrit.libreoffice.org/35513 Reviewed-by: Miklos Vajna <vmiklos@collabora.co.uk> Tested-by: Jenkins <ci@libreoffice.org>
2017-03-21 18:03:21 +01:00
}
xmlsecurity PDF sign: conditionally write xref stream In case the input document used a PDF 1.5 xref stream, not an old xref table, then write that as part of the incremental update. Acrobat seems to require this. Change-Id: I9f1f73140c26308f8720aa1ffe1b905d0e60ede0 Reviewed-on: https://gerrit.libreoffice.org/30724 Tested-by: Jenkins <ci@libreoffice.org> Reviewed-by: Miklos Vajna <vmiklos@collabora.co.uk>
2016-11-09 15:49:35 +01:00
vcl: move in PDF tokenizer from xmlsecurity The PDF code in xmlsecurity served two purposes: - a generic PDF tokenizer - signature verification The first purpose is useful to have in VCL, so the PDF export code can use it as well when it comes to PDF image handling. This commit just moves most of the PDF code to VCL, it does not touch the PDF export code yet. With this, also the somewhat odd xmlsecurity dependency of CppunitTest_vcl_pdfexport can be removed as well. Change-Id: I6fe8294ed5c4aa4d79f4b2ddef80a4d1c9d566cc Reviewed-on: https://gerrit.libreoffice.org/35513 Reviewed-by: Miklos Vajna <vmiklos@collabora.co.uk> Tested-by: Jenkins <ci@libreoffice.org>
2017-03-21 18:03:21 +01:00
// Detect if the byte ranges don't cover everything, but the signature itself.
if (aByteRanges.size() < 2)
{
SAL_WARN("xmlsecurity.pdfio", "ValidateSignature: expected 2 byte ranges");
return false;
xmlsecurity: initial incremental update support in pdfverify I plan to use this for signing purposes, but so far what's implemented just writes out an incremental update at the end of the file, without actually updating much (just an unreferenced appearance object). Change-Id: I1cb40430ade6af0a25ff914ba4df670a77fcf457
2016-10-18 09:21:05 +02:00
}
vcl: move in PDF tokenizer from xmlsecurity The PDF code in xmlsecurity served two purposes: - a generic PDF tokenizer - signature verification The first purpose is useful to have in VCL, so the PDF export code can use it as well when it comes to PDF image handling. This commit just moves most of the PDF code to VCL, it does not touch the PDF export code yet. With this, also the somewhat odd xmlsecurity dependency of CppunitTest_vcl_pdfexport can be removed as well. Change-Id: I6fe8294ed5c4aa4d79f4b2ddef80a4d1c9d566cc Reviewed-on: https://gerrit.libreoffice.org/35513 Reviewed-by: Miklos Vajna <vmiklos@collabora.co.uk> Tested-by: Jenkins <ci@libreoffice.org>
2017-03-21 18:03:21 +01:00
if (aByteRanges[0].first != 0)
xmlsecurity: initial incremental update support in pdfverify I plan to use this for signing purposes, but so far what's implemented just writes out an incremental update at the end of the file, without actually updating much (just an unreferenced appearance object). Change-Id: I1cb40430ade6af0a25ff914ba4df670a77fcf457
2016-10-18 09:21:05 +02:00
{
vcl: move in PDF tokenizer from xmlsecurity The PDF code in xmlsecurity served two purposes: - a generic PDF tokenizer - signature verification The first purpose is useful to have in VCL, so the PDF export code can use it as well when it comes to PDF image handling. This commit just moves most of the PDF code to VCL, it does not touch the PDF export code yet. With this, also the somewhat odd xmlsecurity dependency of CppunitTest_vcl_pdfexport can be removed as well. Change-Id: I6fe8294ed5c4aa4d79f4b2ddef80a4d1c9d566cc Reviewed-on: https://gerrit.libreoffice.org/35513 Reviewed-by: Miklos Vajna <vmiklos@collabora.co.uk> Tested-by: Jenkins <ci@libreoffice.org>
2017-03-21 18:03:21 +01:00
SAL_WARN("xmlsecurity.pdfio", "ValidateSignature: first range start is not 0");
return false;
xmlsecurity PDF sign: conditionally write xref stream In case the input document used a PDF 1.5 xref stream, not an old xref table, then write that as part of the incremental update. Acrobat seems to require this. Change-Id: I9f1f73140c26308f8720aa1ffe1b905d0e60ede0 Reviewed-on: https://gerrit.libreoffice.org/30724 Tested-by: Jenkins <ci@libreoffice.org> Reviewed-by: Miklos Vajna <vmiklos@collabora.co.uk>
2016-11-09 15:49:35 +01:00
}
vcl: move in PDF tokenizer from xmlsecurity The PDF code in xmlsecurity served two purposes: - a generic PDF tokenizer - signature verification The first purpose is useful to have in VCL, so the PDF export code can use it as well when it comes to PDF image handling. This commit just moves most of the PDF code to VCL, it does not touch the PDF export code yet. With this, also the somewhat odd xmlsecurity dependency of CppunitTest_vcl_pdfexport can be removed as well. Change-Id: I6fe8294ed5c4aa4d79f4b2ddef80a4d1c9d566cc Reviewed-on: https://gerrit.libreoffice.org/35513 Reviewed-by: Miklos Vajna <vmiklos@collabora.co.uk> Tested-by: Jenkins <ci@libreoffice.org>
2017-03-21 18:03:21 +01:00
// 2 is the leading "<" and the trailing ">" around the hex string.
size_t nSignatureLength = static_cast<size_t>(pContents->GetValue().getLength()) + 2;
if (aByteRanges[1].first != (aByteRanges[0].second + nSignatureLength))
{
Turn on clang-format for these files I (tried to) keep these files consistent locally with astyle in the past, switching to clang-format makes sure that the recent problem with introducing inconsistencies in these files doesn't happen again. (On the flip side, it's great to see that now others also touch this PDF/pdfium code. :-) ) Change-Id: I6065eab77c584197a82fe48e7d3e81b445106efd Reviewed-on: https://gerrit.libreoffice.org/51701 Reviewed-by: Miklos Vajna <vmiklos@collabora.co.uk> Tested-by: Jenkins <ci@libreoffice.org>
2018-03-21 13:23:58 +01:00
SAL_WARN("xmlsecurity.pdfio",
"ValidateSignature: second range start is not the end of the signature");
vcl: move in PDF tokenizer from xmlsecurity The PDF code in xmlsecurity served two purposes: - a generic PDF tokenizer - signature verification The first purpose is useful to have in VCL, so the PDF export code can use it as well when it comes to PDF image handling. This commit just moves most of the PDF code to VCL, it does not touch the PDF export code yet. With this, also the somewhat odd xmlsecurity dependency of CppunitTest_vcl_pdfexport can be removed as well. Change-Id: I6fe8294ed5c4aa4d79f4b2ddef80a4d1c9d566cc Reviewed-on: https://gerrit.libreoffice.org/35513 Reviewed-by: Miklos Vajna <vmiklos@collabora.co.uk> Tested-by: Jenkins <ci@libreoffice.org>
2017-03-21 18:03:21 +01:00
return false;
}
rStream.Seek(STREAM_SEEK_TO_END);
size_t nFileEnd = rStream.Tell();
if (bLast && (aByteRanges[1].first + aByteRanges[1].second) != nFileEnd)
// Second range end is not the end of the file.
rInformation.bPartialDocumentSignature = true;
xmlsecurity: extract parts of PDFDocument::Sign() into separate functions Hopefully it's easier to read this way. Change-Id: I145e00f8e57e20f2663d1c9ee494af5d93c014c7
2016-11-11 09:01:03 +01:00
vcl: move in PDF tokenizer from xmlsecurity The PDF code in xmlsecurity served two purposes: - a generic PDF tokenizer - signature verification The first purpose is useful to have in VCL, so the PDF export code can use it as well when it comes to PDF image handling. This commit just moves most of the PDF code to VCL, it does not touch the PDF export code yet. With this, also the somewhat odd xmlsecurity dependency of CppunitTest_vcl_pdfexport can be removed as well. Change-Id: I6fe8294ed5c4aa4d79f4b2ddef80a4d1c9d566cc Reviewed-on: https://gerrit.libreoffice.org/35513 Reviewed-by: Miklos Vajna <vmiklos@collabora.co.uk> Tested-by: Jenkins <ci@libreoffice.org>
2017-03-21 18:03:21 +01:00
// At this point there is no obviously missing info to validate the
// signature.
std::vector<unsigned char> aSignature = vcl::filter::PDFDocument::DecodeHexString(pContents);
if (aSignature.empty())
xmlsecurity: extract parts of PDFDocument::Sign() into separate functions Hopefully it's easier to read this way. Change-Id: I145e00f8e57e20f2663d1c9ee494af5d93c014c7
2016-11-11 09:01:03 +01:00
{
vcl: move in PDF tokenizer from xmlsecurity The PDF code in xmlsecurity served two purposes: - a generic PDF tokenizer - signature verification The first purpose is useful to have in VCL, so the PDF export code can use it as well when it comes to PDF image handling. This commit just moves most of the PDF code to VCL, it does not touch the PDF export code yet. With this, also the somewhat odd xmlsecurity dependency of CppunitTest_vcl_pdfexport can be removed as well. Change-Id: I6fe8294ed5c4aa4d79f4b2ddef80a4d1c9d566cc Reviewed-on: https://gerrit.libreoffice.org/35513 Reviewed-by: Miklos Vajna <vmiklos@collabora.co.uk> Tested-by: Jenkins <ci@libreoffice.org>
2017-03-21 18:03:21 +01:00
SAL_WARN("xmlsecurity.pdfio", "ValidateSignature: empty contents");
xmlsecurity: extract parts of PDFDocument::Sign() into separate functions Hopefully it's easier to read this way. Change-Id: I145e00f8e57e20f2663d1c9ee494af5d93c014c7
2016-11-11 09:01:03 +01:00
return false;
}
Turn on clang-format for these files I (tried to) keep these files consistent locally with astyle in the past, switching to clang-format makes sure that the recent problem with introducing inconsistencies in these files doesn't happen again. (On the flip side, it's great to see that now others also touch this PDF/pdfium code. :-) ) Change-Id: I6065eab77c584197a82fe48e7d3e81b445106efd Reviewed-on: https://gerrit.libreoffice.org/51701 Reviewed-by: Miklos Vajna <vmiklos@collabora.co.uk> Tested-by: Jenkins <ci@libreoffice.org>
2018-03-21 13:23:58 +01:00
return svl::crypto::Signing::Verify(rStream, aByteRanges, bNonDetached, aSignature,
rInformation);
xmlsecurity PDF sign: append reference to the Page's Annots key Previously we assumed that the Page object's dictionary has no Annots key. Now detect if that's not true, and in that case don't just copy of the whole dictionary (as part of the incremental update), instead copy it in two steps, so we can insert our reference in the middle. This is needed (but not enough alone) to be able to sign a PDF document multiple times. Change-Id: Ia5bf993320428eef80551e7e9cc7bfb2b858db7f Reviewed-on: https://gerrit.libreoffice.org/30257 Reviewed-by: Miklos Vajna <vmiklos@collabora.co.uk> Tested-by: Jenkins <ci@libreoffice.org>
2016-10-25 11:33:21 +02:00
}
xmlsecurity: add initial PDFSignatureHelper This splits most of the PDF signature code out of the pdfverify executable, and puts it into the xmlsecurity library instead. The PDFSignatureHelper now attempts to verify PDF signatures, and code in sdext / sfx2 also calls it (even if PDF is not a ZIP-based format). Change-Id: I7b8b3ac9c976e4ea4f3796b1cda07c8a2c97bd02 Reviewed-on: https://gerrit.libreoffice.org/29751 Reviewed-by: Miklos Vajna <vmiklos@collabora.co.uk> Tested-by: Jenkins <ci@libreoffice.org>
2016-10-13 10:37:02 +02:00
} // namespace pdfio
} // namespace xmlsecurity
/* vim:set shiftwidth=4 softtabstop=4 expandtab: */
Reference in New Issue Copy Permalink