Executable_pdfverify: use PDFSignatureHelper for signature verification

Towards making vcl::filter::PDFDocument an implementation detail of PDFSignatureHelper during signature verification: so pdfverify, cppunit tests and the UI shares more code. Change-Id: Ibb68933d754e392bce0ebbf06be8916ab3f7efdc Reviewed-on: https://gerrit.libreoffice.org/c/core/+/103214 Tested-by: Jenkins Reviewed-by: Miklos Vajna <vmiklos@collabora.com>
2020-09-22 21:15:19 +02:00
parent 808e8a8e9e
commit c18356b49c
3 changed files with 37 additions and 35 deletions
--- a/xmlsecurity/inc/pdfsignaturehelper.hxx
+++ b/xmlsecurity/inc/pdfsignaturehelper.hxx
@@ -38,6 +38,7 @@ namespace xml::crypto
 class XSecurityEnvironment;
 }
 }
+class SvStream;

 /// Handles signatures of a PDF file.
 class XMLSECURITY_DLLPUBLIC PDFSignatureHelper
@@ -50,6 +51,7 @@ class XMLSECURITY_DLLPUBLIC PDFSignatureHelper
 public:
    PDFSignatureHelper();
    bool ReadAndVerifySignature(const css::uno::Reference<css::io::XInputStream>& xInputStream);
+    bool ReadAndVerifySignatureSvStream(SvStream& rStream);
    css::uno::Sequence<css::security::DocumentSignatureInformation>
    GetDocumentSignatureInformations(
        const css::uno::Reference<css::xml::crypto::XSecurityEnvironment>& xSecEnv) const;
--- a/xmlsecurity/source/helper/pdfsignaturehelper.cxx
+++ b/xmlsecurity/source/helper/pdfsignaturehelper.cxx
@@ -126,8 +126,13 @@ bool PDFSignatureHelper::ReadAndVerifySignature(
    }

    std::unique_ptr<SvStream> pStream(utl::UcbStreamHelper::CreateStream(xInputStream, true));
+    return ReadAndVerifySignatureSvStream(*pStream);
+}
+
+bool PDFSignatureHelper::ReadAndVerifySignatureSvStream(SvStream& rStream)
+{
    vcl::filter::PDFDocument aDocument;
-    if (!aDocument.Read(*pStream))
+    if (!aDocument.Read(rStream))
    {
        SAL_WARN("xmlsecurity.helper", "failed to read the document");
        return false;
@@ -143,7 +148,7 @@ bool PDFSignatureHelper::ReadAndVerifySignature(
    {
        SignatureInformation aInfo(i);

-        if (!xmlsecurity::pdfio::ValidateSignature(*pStream, aSignatures[i], aInfo, aDocument))
+        if (!xmlsecurity::pdfio::ValidateSignature(rStream, aSignatures[i], aInfo, aDocument))
            SAL_WARN("xmlsecurity.helper", "failed to determine digest match");

        m_aSignatureInfos.push_back(aInfo);
--- a/xmlsecurity/workben/pdfverify.cxx
+++ b/xmlsecurity/workben/pdfverify.cxx
@@ -24,11 +24,10 @@
 #include <vcl/graphicfilter.hxx>
 #include <vcl/filter/pdfdocument.hxx>
 #include <comphelper/scopeguard.hxx>
-
-#include <pdfio/pdfdocument.hxx>
-
 #include <svl/sigstruct.hxx>

+#include <pdfsignaturehelper.hxx>
+
 using namespace com::sun::star;

 namespace
@@ -114,6 +113,32 @@ int pdfVerify(int nArgc, char** pArgv)
        bRemoveSignature = true;

    SvFileStream aStream(aInURL, StreamMode::READ);
+    if (aOutURL.isEmpty() && !bRemoveSignature)
+    {
+        std::cerr << "verifying signatures" << std::endl;
+        PDFSignatureHelper aHelper;
+        aStream.Seek(0);
+        aHelper.ReadAndVerifySignatureSvStream(aStream);
+        if (aHelper.GetSignatureInformations().empty())
+            std::cerr << "found no signatures" << std::endl;
+        else
+        {
+            std::cerr << "found " << aHelper.GetSignatureInformations().size() << " signatures"
+                      << std::endl;
+            for (size_t i = 0; i < aHelper.GetSignatureInformations().size(); ++i)
+            {
+                const SignatureInformation& rInfo = aHelper.GetSignatureInformations()[i];
+                bool bSuccess
+                    = rInfo.nStatus == xml::crypto::SecurityOperationStatus_OPERATION_SUCCEEDED;
+                std::cerr << "signature #" << i << ": digest match? " << bSuccess << std::endl;
+                std::cerr << "signature #" << i << ": partial? " << rInfo.bPartialDocumentSignature
+                          << std::endl;
+            }
+        }
+
+        return 0;
+    }
+
    vcl::filter::PDFDocument aDocument;
    if (!aDocument.Read(aStream))
    {
@@ -148,36 +173,6 @@ int pdfVerify(int nArgc, char** pArgv)
        return 0;
    }

-    if (aOutURL.isEmpty())
-    {
-        std::cerr << "verifying signatures" << std::endl;
-        std::vector<vcl::filter::PDFObjectElement*> aSignatures = aDocument.GetSignatureWidgets();
-        if (aSignatures.empty())
-            std::cerr << "found no signatures" << std::endl;
-        else
-        {
-            std::cerr << "found " << aSignatures.size() << " signatures" << std::endl;
-            for (size_t i = 0; i < aSignatures.size(); ++i)
-            {
-                SignatureInformation aInfo(i);
-                if (!xmlsecurity::pdfio::ValidateSignature(aStream, aSignatures[i], aInfo,
-                                                           aDocument))
-                {
-                    SAL_WARN("xmlsecurity.pdfio", "failed to determine digest match");
-                    return 1;
-                }
-
-                bool bSuccess
-                    = aInfo.nStatus == xml::crypto::SecurityOperationStatus_OPERATION_SUCCEEDED;
-                std::cerr << "signature #" << i << ": digest match? " << bSuccess << std::endl;
-                std::cerr << "signature #" << i << ": partial? " << aInfo.bPartialDocumentSignature
-                          << std::endl;
-            }
-        }
-
-        return 0;
-    }
-
    std::cerr << "adding a new signature" << std::endl;
    uno::Reference<xml::crypto::XSecurityEnvironment> xSecurityEnvironment
        = xSecurityContext->getSecurityEnvironment();