Loading include/sigil.h +19 −0 Original line number Diff line number Diff line Loading @@ -129,6 +129,25 @@ sigil_err_t sigil_get_computed_digest(sigil_t *sgl, ASN1_OCTET_STRING **digest); */ void sigil_print_digest(const ASN1_OCTET_STRING *digest); /** @brief Print original message digest from the signature to the standard * output * * @param sgl context */ void sigil_print_original_digest(sigil_t *sgl); /** @brief Print computed message digest to the standard output * * @param sgl context */ void sigil_print_computed_digest(sigil_t *sgl); /** @brief Print information about the signing certificate to the standard output * * @param sgl context */ void sigil_print_cert_info(sigil_t *sgl); /** @brief Get the subfilter value from the provided context * * @param sgl context Loading lib/sigil.c +36 −23 Original line number Diff line number Diff line Loading @@ -438,6 +438,38 @@ void sigil_print_digest(const ASN1_OCTET_STRING *digest) } } void sigil_print_original_digest(sigil_t *sgl) { ASN1_OCTET_STRING *digest; if (sigil_get_original_digest(sgl, &digest) != ERR_NONE) return; sigil_print_digest(digest); } void sigil_print_computed_digest(sigil_t *sgl) { ASN1_OCTET_STRING *digest; if (sigil_get_computed_digest(sgl, &digest) != ERR_NONE) return; sigil_print_digest(digest); } void sigil_print_cert_info(sigil_t *sgl) { BIO *out = BIO_new_fp(stdout,BIO_NOCLOSE); if (sgl == NULL || sgl->certificates == NULL || sgl->certificates->x509 == NULL) return; X509_print_ex(out, sgl->certificates->x509, XN_FLAG_COMPAT, X509_FLAG_COMPAT); BIO_free_all(out); } sigil_err_t sigil_get_subfilter(sigil_t *sgl, int *subfilter) { if (sgl == NULL || subfilter == NULL) Loading Loading @@ -580,19 +612,17 @@ int sigil_sigil_self_test(int verbosity) if (sgl->pdf_data.size != 60457) goto failed; // TODO test verification result sigil_free(&sgl); } print_test_result(1, verbosity); // TEST: fn sigil_verify with subfilter x509.rsa_sha1 print_test_item("VERIFY x509.rsa_sha1", verbosity); { int result; sgl = test_prepare_sgl_path("test/subtype_adbe.x509.rsa_sha1.pdf"); if (sgl == NULL) goto failed; Loading @@ -603,27 +633,10 @@ int sigil_sigil_self_test(int verbosity) if (sigil_verify(sgl) != ERR_NONE) goto failed; // TODO test verification result sigil_free(&sgl); } print_test_result(1, verbosity); // TEST: fn sigil_verify print_test_item("fn sigil_verify", verbosity); { sgl = test_prepare_sgl_path( "test/uznavany_bez_razitka_bez_revinfo_27_2_2012_CMS.pdf"); if (sgl == NULL) goto failed; if (sigil_verify(sgl) != ERR_NONE || 1) err = sigil_get_result(sgl, &result); if (err != ERR_NONE || result != VERIFY_SUCCESS) goto failed; // TODO test verification result sigil_free(&sgl); } Loading lib/xref.c +1 −1 Original line number Diff line number Diff line Loading @@ -233,7 +233,7 @@ sigil_err_t process_xref(sigil_t *sgl) read_xref_table(sgl); break; case XREF_TYPE_STREAM: return ERR_NOT_IMPLEMENTED; // TODO return ERR_NOT_IMPLEMENTED; default: return ERR_PDF_CONTENT; } Loading src/pdf-sigil.c +94 −21 Original line number Diff line number Diff line Loading @@ -3,9 +3,11 @@ #include <sigil.h> #include <constants.h> #define COLOR_CYAN "\x1b[36m" void print_banner(void) { fprintf(stderr, fprintf(stderr, COLOR_CYAN " \n" " ____ ____ _____ ____ _ _ _ \n" " | _ \\| _ \\| ___| / ___|(_) __ _(_) | \n" Loading @@ -13,8 +15,8 @@ void print_banner(void) " | __/| |_| | _|_____|__) | | (_| | | | \n" " |_| |____/|_| |____/|_|\\__, |_|_| \n" " |___/ \n" " \n" " ========================================== \n" " \n"COLOR_RESET " ======================================== \n" " \n"); } Loading @@ -22,6 +24,8 @@ void print_help(void) { fprintf(stderr, " OPTIONS \n" " -ci, --cert-info \n" " Output detail information about signing certificate \n" " -f, --file \n" " PDF file with a digital signature for the verification. \n" " -h, --help \n" Loading Loading @@ -52,10 +56,13 @@ int main(int argc, char *argv[]) sigil_t *sgl = NULL; sigil_err_t err; int result = VERIFY_FAILED; int result_integrity = HASH_CMP_RESULT_UNKNOWN; int result_certificate = CERT_STATUS_UNKNOWN; int ret_code = 1; int help = 0; int quiet = 0; int trusted_system = 0; int cert_info = 0; const char *trusted_file = NULL; const char *trusted_dir = NULL; const char *file = NULL; Loading Loading @@ -84,6 +91,14 @@ int main(int argc, char *argv[]) break; } file = argv[pos]; } else if (strcmp(argv[pos], "-ci") == 0 || strcmp(argv[pos], "--cert-info") == 0) { cert_info = 1; } else { if (!quiet) { fprintf(stderr, COLOR_RED"ERROR unknown parameter: "COLOR_RESET"%s\n", argv[pos]); print_banner(); } goto end; } } Loading @@ -104,12 +119,14 @@ int main(int argc, char *argv[]) // initialize sigil context if (sigil_init(&sgl) != ERR_NONE) { if (!quiet) fprintf(stderr, " ERROR initialize sigil context\n"); goto end; } // set PDF file for the verification if (sigil_set_pdf_path(sgl, file) != ERR_NONE) { if (!quiet) fprintf(stderr, " ERROR with provided file\n"); goto end; } Loading @@ -117,16 +134,19 @@ int main(int argc, char *argv[]) // set trusted CA certificates if (trusted_system) { if (sigil_set_trusted_system(sgl) != ERR_NONE) { if (!quiet) fprintf(stderr, " ERROR setting trusted certificates\n"); goto end; } } else if (trusted_file != NULL) { if (sigil_set_trusted_file(sgl, trusted_file) != ERR_NONE) { if (!quiet) fprintf(stderr, " ERROR setting trusted certificates\n"); goto end; } } else if (trusted_dir != NULL) { if (sigil_set_trusted_dir(sgl, trusted_dir) != ERR_NONE) { if (!quiet) fprintf(stderr, " ERROR setting trusted certificates\n"); goto end; } Loading @@ -135,32 +155,85 @@ int main(int argc, char *argv[]) // verify and save the result to the context err = sigil_verify(sgl); if (err != ERR_NONE) { if (!quiet) { if (err == ERR_NOT_IMPLEMENTED) { fprintf(stderr, " ERROR file uses feature that is not implemented\n"); } else { fprintf(stderr, " ERROR obtaining verification result from the context\n"); } } goto end; } err = sigil_get_result(sgl, &result); if (err != ERR_NONE) { if (!quiet) { if (err == ERR_NOT_IMPLEMENTED) { fprintf(stderr, " ERROR file uses feature that is not implemented\n"); } else { fprintf(stderr, " ERROR obtaining verification result from the context\n"); } } goto end; } // print results printf(" VERIFICATION RESULTS\n"); if (sigil_get_data_integrity_result(sgl, &result_integrity) != ERR_NONE && !quiet) fprintf(stderr, " ERROR failed to obtain data integrity result\n"); if (sigil_get_cert_validation_result(sgl, &result_certificate) != ERR_NONE && !quiet) fprintf(stderr, " ERROR failed to obtain certificate validation result\n"); // print verification result if (result == VERIFY_SUCCESS) { printf(" status: verification successful\n"); if (!quiet) printf(COLOR_GREEN" VERIFICATION SUCCESSFUL\n\n"COLOR_RESET); ret_code = 0; } else { printf(" status: verification failed\n"); if (!quiet) printf(COLOR_RED" VERIFICATION FAILED\n\n"COLOR_RESET); } // print verification details if (!quiet) { printf(" DATA INTEGRITY\n"); printf(" --------------\n"); printf(" %-20s", "original digest:"); sigil_print_original_digest(sgl); printf("\n"); printf(" %-20s", "computed digest:"); sigil_print_computed_digest(sgl); printf("\n"); printf(" %-20s", "digest match:"); switch (result_integrity) { case HASH_CMP_RESULT_MATCH: printf(COLOR_GREEN"YES\n"COLOR_RESET); break; case HASH_CMP_RESULT_DIFFER: printf(COLOR_RED"NO\n"COLOR_RESET); break; default: printf(COLOR_RED"UNKNOWN\n"COLOR_RESET); break; } printf("\n"); printf(" CERTIFICATE\n"); printf(" -----------\n"); printf(" %-20s", "verified:"); switch (result_certificate) { case CERT_STATUS_VERIFIED: printf(COLOR_GREEN"YES\n"COLOR_RESET); break; case CERT_STATUS_FAILED: printf(COLOR_RED"NO\n"COLOR_RESET); break; default: printf(COLOR_RED"UNKNOWN\n"COLOR_RESET); break; } printf("\n"); if (cert_info) sigil_print_cert_info(sgl); } end: Loading Loading
include/sigil.h +19 −0 Original line number Diff line number Diff line Loading @@ -129,6 +129,25 @@ sigil_err_t sigil_get_computed_digest(sigil_t *sgl, ASN1_OCTET_STRING **digest); */ void sigil_print_digest(const ASN1_OCTET_STRING *digest); /** @brief Print original message digest from the signature to the standard * output * * @param sgl context */ void sigil_print_original_digest(sigil_t *sgl); /** @brief Print computed message digest to the standard output * * @param sgl context */ void sigil_print_computed_digest(sigil_t *sgl); /** @brief Print information about the signing certificate to the standard output * * @param sgl context */ void sigil_print_cert_info(sigil_t *sgl); /** @brief Get the subfilter value from the provided context * * @param sgl context Loading
lib/sigil.c +36 −23 Original line number Diff line number Diff line Loading @@ -438,6 +438,38 @@ void sigil_print_digest(const ASN1_OCTET_STRING *digest) } } void sigil_print_original_digest(sigil_t *sgl) { ASN1_OCTET_STRING *digest; if (sigil_get_original_digest(sgl, &digest) != ERR_NONE) return; sigil_print_digest(digest); } void sigil_print_computed_digest(sigil_t *sgl) { ASN1_OCTET_STRING *digest; if (sigil_get_computed_digest(sgl, &digest) != ERR_NONE) return; sigil_print_digest(digest); } void sigil_print_cert_info(sigil_t *sgl) { BIO *out = BIO_new_fp(stdout,BIO_NOCLOSE); if (sgl == NULL || sgl->certificates == NULL || sgl->certificates->x509 == NULL) return; X509_print_ex(out, sgl->certificates->x509, XN_FLAG_COMPAT, X509_FLAG_COMPAT); BIO_free_all(out); } sigil_err_t sigil_get_subfilter(sigil_t *sgl, int *subfilter) { if (sgl == NULL || subfilter == NULL) Loading Loading @@ -580,19 +612,17 @@ int sigil_sigil_self_test(int verbosity) if (sgl->pdf_data.size != 60457) goto failed; // TODO test verification result sigil_free(&sgl); } print_test_result(1, verbosity); // TEST: fn sigil_verify with subfilter x509.rsa_sha1 print_test_item("VERIFY x509.rsa_sha1", verbosity); { int result; sgl = test_prepare_sgl_path("test/subtype_adbe.x509.rsa_sha1.pdf"); if (sgl == NULL) goto failed; Loading @@ -603,27 +633,10 @@ int sigil_sigil_self_test(int verbosity) if (sigil_verify(sgl) != ERR_NONE) goto failed; // TODO test verification result sigil_free(&sgl); } print_test_result(1, verbosity); // TEST: fn sigil_verify print_test_item("fn sigil_verify", verbosity); { sgl = test_prepare_sgl_path( "test/uznavany_bez_razitka_bez_revinfo_27_2_2012_CMS.pdf"); if (sgl == NULL) goto failed; if (sigil_verify(sgl) != ERR_NONE || 1) err = sigil_get_result(sgl, &result); if (err != ERR_NONE || result != VERIFY_SUCCESS) goto failed; // TODO test verification result sigil_free(&sgl); } Loading
lib/xref.c +1 −1 Original line number Diff line number Diff line Loading @@ -233,7 +233,7 @@ sigil_err_t process_xref(sigil_t *sgl) read_xref_table(sgl); break; case XREF_TYPE_STREAM: return ERR_NOT_IMPLEMENTED; // TODO return ERR_NOT_IMPLEMENTED; default: return ERR_PDF_CONTENT; } Loading
src/pdf-sigil.c +94 −21 Original line number Diff line number Diff line Loading @@ -3,9 +3,11 @@ #include <sigil.h> #include <constants.h> #define COLOR_CYAN "\x1b[36m" void print_banner(void) { fprintf(stderr, fprintf(stderr, COLOR_CYAN " \n" " ____ ____ _____ ____ _ _ _ \n" " | _ \\| _ \\| ___| / ___|(_) __ _(_) | \n" Loading @@ -13,8 +15,8 @@ void print_banner(void) " | __/| |_| | _|_____|__) | | (_| | | | \n" " |_| |____/|_| |____/|_|\\__, |_|_| \n" " |___/ \n" " \n" " ========================================== \n" " \n"COLOR_RESET " ======================================== \n" " \n"); } Loading @@ -22,6 +24,8 @@ void print_help(void) { fprintf(stderr, " OPTIONS \n" " -ci, --cert-info \n" " Output detail information about signing certificate \n" " -f, --file \n" " PDF file with a digital signature for the verification. \n" " -h, --help \n" Loading Loading @@ -52,10 +56,13 @@ int main(int argc, char *argv[]) sigil_t *sgl = NULL; sigil_err_t err; int result = VERIFY_FAILED; int result_integrity = HASH_CMP_RESULT_UNKNOWN; int result_certificate = CERT_STATUS_UNKNOWN; int ret_code = 1; int help = 0; int quiet = 0; int trusted_system = 0; int cert_info = 0; const char *trusted_file = NULL; const char *trusted_dir = NULL; const char *file = NULL; Loading Loading @@ -84,6 +91,14 @@ int main(int argc, char *argv[]) break; } file = argv[pos]; } else if (strcmp(argv[pos], "-ci") == 0 || strcmp(argv[pos], "--cert-info") == 0) { cert_info = 1; } else { if (!quiet) { fprintf(stderr, COLOR_RED"ERROR unknown parameter: "COLOR_RESET"%s\n", argv[pos]); print_banner(); } goto end; } } Loading @@ -104,12 +119,14 @@ int main(int argc, char *argv[]) // initialize sigil context if (sigil_init(&sgl) != ERR_NONE) { if (!quiet) fprintf(stderr, " ERROR initialize sigil context\n"); goto end; } // set PDF file for the verification if (sigil_set_pdf_path(sgl, file) != ERR_NONE) { if (!quiet) fprintf(stderr, " ERROR with provided file\n"); goto end; } Loading @@ -117,16 +134,19 @@ int main(int argc, char *argv[]) // set trusted CA certificates if (trusted_system) { if (sigil_set_trusted_system(sgl) != ERR_NONE) { if (!quiet) fprintf(stderr, " ERROR setting trusted certificates\n"); goto end; } } else if (trusted_file != NULL) { if (sigil_set_trusted_file(sgl, trusted_file) != ERR_NONE) { if (!quiet) fprintf(stderr, " ERROR setting trusted certificates\n"); goto end; } } else if (trusted_dir != NULL) { if (sigil_set_trusted_dir(sgl, trusted_dir) != ERR_NONE) { if (!quiet) fprintf(stderr, " ERROR setting trusted certificates\n"); goto end; } Loading @@ -135,32 +155,85 @@ int main(int argc, char *argv[]) // verify and save the result to the context err = sigil_verify(sgl); if (err != ERR_NONE) { if (!quiet) { if (err == ERR_NOT_IMPLEMENTED) { fprintf(stderr, " ERROR file uses feature that is not implemented\n"); } else { fprintf(stderr, " ERROR obtaining verification result from the context\n"); } } goto end; } err = sigil_get_result(sgl, &result); if (err != ERR_NONE) { if (!quiet) { if (err == ERR_NOT_IMPLEMENTED) { fprintf(stderr, " ERROR file uses feature that is not implemented\n"); } else { fprintf(stderr, " ERROR obtaining verification result from the context\n"); } } goto end; } // print results printf(" VERIFICATION RESULTS\n"); if (sigil_get_data_integrity_result(sgl, &result_integrity) != ERR_NONE && !quiet) fprintf(stderr, " ERROR failed to obtain data integrity result\n"); if (sigil_get_cert_validation_result(sgl, &result_certificate) != ERR_NONE && !quiet) fprintf(stderr, " ERROR failed to obtain certificate validation result\n"); // print verification result if (result == VERIFY_SUCCESS) { printf(" status: verification successful\n"); if (!quiet) printf(COLOR_GREEN" VERIFICATION SUCCESSFUL\n\n"COLOR_RESET); ret_code = 0; } else { printf(" status: verification failed\n"); if (!quiet) printf(COLOR_RED" VERIFICATION FAILED\n\n"COLOR_RESET); } // print verification details if (!quiet) { printf(" DATA INTEGRITY\n"); printf(" --------------\n"); printf(" %-20s", "original digest:"); sigil_print_original_digest(sgl); printf("\n"); printf(" %-20s", "computed digest:"); sigil_print_computed_digest(sgl); printf("\n"); printf(" %-20s", "digest match:"); switch (result_integrity) { case HASH_CMP_RESULT_MATCH: printf(COLOR_GREEN"YES\n"COLOR_RESET); break; case HASH_CMP_RESULT_DIFFER: printf(COLOR_RED"NO\n"COLOR_RESET); break; default: printf(COLOR_RED"UNKNOWN\n"COLOR_RESET); break; } printf("\n"); printf(" CERTIFICATE\n"); printf(" -----------\n"); printf(" %-20s", "verified:"); switch (result_certificate) { case CERT_STATUS_VERIFIED: printf(COLOR_GREEN"YES\n"COLOR_RESET); break; case CERT_STATUS_FAILED: printf(COLOR_RED"NO\n"COLOR_RESET); break; default: printf(COLOR_RED"UNKNOWN\n"COLOR_RESET); break; } printf("\n"); if (cert_info) sigil_print_cert_info(sgl); } end: Loading
