diff options
author | Miklos Vajna <vmiklos@collabora.co.uk> | 2016-12-01 14:26:55 +0100 |
---|---|---|
committer | Miklos Vajna <vmiklos@collabora.co.uk> | 2016-12-01 19:34:14 +0000 |
commit | e84993486b46ed86a8540b985355e82db5559720 (patch) | |
tree | 9228b7c0e64fa21f5de8383b73d0ae23e3e92e37 /xmlsecurity | |
parent | dacd0e94199f154cac5875ec06430df6947e251b (diff) |
xmlsecurity PDF verify: don't abort read on partial sign
Map it to the partially signed (not all streams) ODF concept instead.
Change-Id: I7fc931e622b9f10a1261cd475b01a2f038e37ece
Reviewed-on: https://gerrit.libreoffice.org/31497
Tested-by: Jenkins <ci@libreoffice.org>
Reviewed-by: Miklos Vajna <vmiklos@collabora.co.uk>
Diffstat (limited to 'xmlsecurity')
-rw-r--r-- | xmlsecurity/inc/sigstruct.hxx | 3 | ||||
-rw-r--r-- | xmlsecurity/qa/unit/pdfsigning/data/partial.pdf | bin | 0 -> 52004 bytes | |||
-rw-r--r-- | xmlsecurity/qa/unit/pdfsigning/pdfsigning.cxx | 11 | ||||
-rw-r--r-- | xmlsecurity/source/helper/pdfsignaturehelper.cxx | 1 | ||||
-rw-r--r-- | xmlsecurity/source/pdfio/pdfdocument.cxx | 6 |
5 files changed, 17 insertions, 4 deletions
diff --git a/xmlsecurity/inc/sigstruct.hxx b/xmlsecurity/inc/sigstruct.hxx index c217352e5c7f..29eeb728c3b2 100644 --- a/xmlsecurity/inc/sigstruct.hxx +++ b/xmlsecurity/inc/sigstruct.hxx @@ -106,6 +106,8 @@ struct SignatureInformation sal_Int32 nDigestID; /// For PDF: has id-aa-signingCertificateV2 as a signed attribute. bool bHasSigningCertificate; + /// For PDF: the byte range doesn't cover the whole document. + bool bPartialDocumentSignature; SignatureInformation( sal_Int32 nId ) { @@ -113,6 +115,7 @@ struct SignatureInformation nStatus = css::xml::crypto::SecurityOperationStatus_UNKNOWN; nDigestID = 0; bHasSigningCertificate = false; + bPartialDocumentSignature = false; } }; diff --git a/xmlsecurity/qa/unit/pdfsigning/data/partial.pdf b/xmlsecurity/qa/unit/pdfsigning/data/partial.pdf Binary files differnew file mode 100644 index 000000000000..890f56217d3c --- /dev/null +++ b/xmlsecurity/qa/unit/pdfsigning/data/partial.pdf diff --git a/xmlsecurity/qa/unit/pdfsigning/pdfsigning.cxx b/xmlsecurity/qa/unit/pdfsigning/pdfsigning.cxx index 1ecbb22ed3dc..b7c05552edc8 100644 --- a/xmlsecurity/qa/unit/pdfsigning/pdfsigning.cxx +++ b/xmlsecurity/qa/unit/pdfsigning/pdfsigning.cxx @@ -64,6 +64,8 @@ public: void testPDF14LOWin(); /// Test a PAdES document, signed by LO on Linux. void testPDFPAdESGood(); + /// Test a valid signature that does not cover the whole file. + void testPartial(); /// Test writing a PAdES signature. void testSigningCertificateAttribute(); /// Test that we accept files which are supposed to be good. @@ -81,6 +83,7 @@ public: CPPUNIT_TEST(testPDF16Add); CPPUNIT_TEST(testPDF14LOWin); CPPUNIT_TEST(testPDFPAdESGood); + CPPUNIT_TEST(testPartial); CPPUNIT_TEST(testSigningCertificateAttribute); CPPUNIT_TEST(testGood); CPPUNIT_TEST(testTokenize); @@ -331,6 +334,14 @@ void PDFSigningTest::testPDFPAdESGood() verify(m_directories.getURLFromSrc(DATA_DIRECTORY) + "good-pades.pdf", 1, "ETSI.CAdES.detached"); } +void PDFSigningTest::testPartial() +{ + std::vector<SignatureInformation> aInfos = verify(m_directories.getURLFromSrc(DATA_DIRECTORY) + "partial.pdf", 1, /*rExpectedSubFilter=*/OString()); + CPPUNIT_ASSERT(!aInfos.empty()); + SignatureInformation& rInformation = aInfos[0]; + CPPUNIT_ASSERT(rInformation.bPartialDocumentSignature); +} + void PDFSigningTest::testSigningCertificateAttribute() { // Create a new signature. diff --git a/xmlsecurity/source/helper/pdfsignaturehelper.cxx b/xmlsecurity/source/helper/pdfsignaturehelper.cxx index a7cfbed66e72..2218129a9485 100644 --- a/xmlsecurity/source/helper/pdfsignaturehelper.cxx +++ b/xmlsecurity/source/helper/pdfsignaturehelper.cxx @@ -82,6 +82,7 @@ uno::Sequence<security::DocumentSignatureInformation> PDFSignatureHelper::GetDoc security::DocumentSignatureInformation& rExternal = aRet[i]; rExternal.SignatureIsValid = rInternal.nStatus == xml::crypto::SecurityOperationStatus_OPERATION_SUCCEEDED; rExternal.Signer = xSecEnv->createCertificateFromAscii(rInternal.ouX509Certificate); + rExternal.PartialDocumentSignature = rInternal.bPartialDocumentSignature; // Verify certificate. if (rExternal.Signer.is()) diff --git a/xmlsecurity/source/pdfio/pdfdocument.cxx b/xmlsecurity/source/pdfio/pdfdocument.cxx index b19a043e9d05..81f8caae8655 100644 --- a/xmlsecurity/source/pdfio/pdfdocument.cxx +++ b/xmlsecurity/source/pdfio/pdfdocument.cxx @@ -2212,10 +2212,8 @@ bool PDFDocument::ValidateSignature(SvStream& rStream, PDFObjectElement* pSignat rStream.Seek(STREAM_SEEK_TO_END); size_t nFileEnd = rStream.Tell(); if (bLast && (aByteRanges[1].first + aByteRanges[1].second) != nFileEnd) - { - SAL_WARN("xmlsecurity.pdfio", "PDFDocument::ValidateSignature: second range end is not the end of the file"); - return false; - } + // Second range end is not the end of the file. + rInformation.bPartialDocumentSignature = true; // At this point there is no obviously missing info to validate the // signature. |