Commit 6b8c06a3 authored by Tomáš Stefan's avatar Tomáš Stefan

refactoring

parent deb45f0f
......@@ -21,7 +21,7 @@ sigil_err_t sigil_get_cert_validation_result(sigil_t *sgl, int *result);
sigil_err_t sigil_get_data_integrity_result(sigil_t *sgl, int *result);
sigil_err_t sigil_get_original_digest(sigil_t *sgl, ASN1_OCTET_STRING **digest);
sigil_err_t sigil_get_computed_digest(sigil_t *sgl, ASN1_OCTET_STRING **digest);
sigil_err_t sigil_get_subfilter(sigil_t *sgl, subfilter_t *subfilter);
sigil_err_t sigil_get_subfilter(sigil_t *sgl, int *subfilter);
void cert_free(cert_t *cert);
......
......@@ -14,8 +14,6 @@
typedef uint32_t sigil_err_t;
typedef uint32_t subfilter_t;
typedef uint32_t dict_key_t;
typedef struct {
......@@ -68,31 +66,38 @@ typedef struct {
} pdf_data_t;
typedef struct {
// file data
pdf_data_t pdf_data;
short pdf_x, /* numbers from PDF header */
pdf_y; /* %PDF-<pdf_x>.<pdf_y> */
short xref_type;
xref_t *xref;
reference_t ref_catalog_dict;
// pdf information
int pdf_x; // version from PDF header - <x>.<y>
int pdf_y;
size_t sig_flags;
int subfilter_type;
int xref_type;
// indirect reference to pdf parts
reference_t ref_acroform;
size_t offset_acroform;
reference_t ref_sig_field;
reference_t ref_catalog_dict;
reference_t ref_sig_dict;
reference_t ref_sig_field;
// offset to pdf parts
size_t offset_acroform;
size_t offset_pdf_start;
size_t offset_sig_dict;
size_t offset_startxref;
// message digest
X509_ALGOR *digest_algorithm;
ASN1_OCTET_STRING *digest_computed;
ASN1_OCTET_STRING *digest_original;
// extracted parts
ref_array_t fields;
size_t pdf_start_offset; /* offset of %PDF-x.y */
size_t startxref;
size_t sig_flags;
subfilter_t subfilter;
range_t *byte_range;
cert_t *certificates;
contents_t *contents;
ASN1_OCTET_STRING *computed_digest;
X509_ALGOR *md_algorithm;
ASN1_OCTET_STRING *md_hash;
xref_t *xref;
X509_STORE *trusted_store;
int signing_cert_status;
int hash_cmp_result;
// results of verification process
int result_cert_verification;
int result_digest_comparison;
} sigil_t;
#endif /* PDF_SIGIL_TYPES_H */
......@@ -94,7 +94,7 @@ sigil_err_t compute_digest_pkcs1(sigil_t *sgl)
if ((ctx = EVP_MD_CTX_create()) == NULL)
return ERR_ALLOCATION;
X509_ALGOR_get0(&md_obj, NULL, NULL, sgl->md_algorithm);
X509_ALGOR_get0(&md_obj, NULL, NULL, sgl->digest_algorithm);
evp_md = EVP_get_digestbyobj(md_obj);
if (evp_md == NULL) {
err = ERR_OPENSSL;
......@@ -152,8 +152,8 @@ sigil_err_t compute_digest_pkcs1(sigil_t *sgl)
goto end;
}
sgl->computed_digest = ASN1_OCTET_STRING_new();
if (ASN1_OCTET_STRING_set(sgl->computed_digest, tmp_hash, tmp_hash_len) == 0) {
sgl->digest_computed = ASN1_OCTET_STRING_new();
if (ASN1_OCTET_STRING_set(sgl->digest_computed, tmp_hash, tmp_hash_len) == 0) {
err = ERR_OPENSSL;
goto end;
}
......@@ -307,8 +307,8 @@ sigil_err_t load_digest(sigil_t *sgl)
X509_SIG_get0(const_sig, &tmp_alg, &tmp_hash);
sgl->md_algorithm = X509_ALGOR_dup((X509_ALGOR *)tmp_alg);
sgl->md_hash = ASN1_OCTET_STRING_dup(tmp_hash);
sgl->digest_algorithm = X509_ALGOR_dup((X509_ALGOR *)tmp_alg);
sgl->digest_original = ASN1_OCTET_STRING_dup(tmp_hash);
err = ERR_NO;
......@@ -370,10 +370,10 @@ sigil_err_t verify_signing_certificate(sigil_t *sgl)
// verify
if (X509_verify_cert(ctx) == 1) {
// verification successful
sgl->signing_cert_status = CERT_STATUS_VERIFIED;
sgl->result_cert_verification = CERT_STATUS_VERIFIED;
} else {
// verification not successful
sgl->signing_cert_status = CERT_STATUS_FAILED;
sgl->result_cert_verification = CERT_STATUS_FAILED;
}
sk_X509_free(trusted_chain);
......@@ -388,13 +388,13 @@ sigil_err_t compare_digest(sigil_t *sgl)
if (sgl == NULL)
return ERR_PARAMETER;
sgl->hash_cmp_result = HASH_CMP_RESULT_DIFFER;
sgl->result_digest_comparison = HASH_CMP_RESULT_DIFFER;
if (sgl->md_hash == NULL || sgl->computed_digest == NULL)
if (sgl->digest_original == NULL || sgl->digest_computed == NULL)
return ERR_PARAMETER;
if (ASN1_STRING_cmp(sgl->md_hash, sgl->computed_digest) == 0)
sgl->hash_cmp_result = HASH_CMP_RESULT_MATCH;
if (ASN1_STRING_cmp(sgl->digest_original, sgl->digest_computed) == 0)
sgl->result_digest_comparison = HASH_CMP_RESULT_MATCH;
return ERR_NO;
}
......
......@@ -52,7 +52,7 @@ sigil_err_t process_header(sigil_t *sgl)
return ERR_PDF_CONTENT;
}
sgl->pdf_start_offset = offset;
sgl->offset_pdf_start = offset;
return ERR_NO;
}
......@@ -78,7 +78,7 @@ int sigil_header_self_test(int verbosity)
if (process_header(sgl) != ERR_NO ||
sgl->pdf_x != 1 ||
sgl->pdf_y != 1 ||
sgl->pdf_start_offset != 0)
sgl->offset_pdf_start != 0)
{
goto failed;
}
......@@ -101,7 +101,7 @@ int sigil_header_self_test(int verbosity)
if (process_header(sgl) != ERR_NO ||
sgl->pdf_x != 1 ||
sgl->pdf_y != 2 ||
sgl->pdf_start_offset != 50)
sgl->offset_pdf_start != 50)
{
goto failed;
}
......
......@@ -46,9 +46,9 @@ static sigil_err_t parse_subfilter(sigil_t *sgl)
return err;
if (strncmp(tmp, "adbe.x509.rsa_sha1", 18) == 0) {
sgl->subfilter = SUBFILTER_adbe_x509_rsa_sha1;
sgl->subfilter_type = SUBFILTER_adbe_x509_rsa_sha1;
} else {
sgl->subfilter = SUBFILTER_UNKNOWN;
sgl->subfilter_type = SUBFILTER_UNKNOWN;
}
return ERR_NO;
......
......@@ -36,34 +36,33 @@ sigil_err_t sigil_init(sigil_t **sgl)
(*sgl)->pdf_data.deallocation_info = 0;
(*sgl)->pdf_x = 0;
(*sgl)->pdf_y = 0;
(*sgl)->sig_flags = 0;
(*sgl)->subfilter_type = SUBFILTER_UNKNOWN;
(*sgl)->xref_type = XREF_TYPE_UNSET;
(*sgl)->xref = NULL;
(*sgl)->ref_catalog_dict.object_num = 0;
(*sgl)->ref_catalog_dict.generation_num = 0;
(*sgl)->ref_acroform.object_num = 0;
(*sgl)->ref_acroform.generation_num = 0;
(*sgl)->offset_acroform = 0;
(*sgl)->ref_sig_field.object_num = 0;
(*sgl)->ref_sig_field.generation_num = 0;
(*sgl)->ref_catalog_dict.object_num = 0;
(*sgl)->ref_catalog_dict.generation_num = 0;
(*sgl)->ref_sig_dict.object_num = 0;
(*sgl)->ref_sig_dict.generation_num = 0;
(*sgl)->ref_sig_field.object_num = 0;
(*sgl)->ref_sig_field.generation_num = 0;
(*sgl)->offset_acroform = 0;
(*sgl)->offset_pdf_start = 0;
(*sgl)->offset_sig_dict = 0;
(*sgl)->fields.entry = NULL;
(*sgl)->offset_startxref = 0;
(*sgl)->digest_algorithm = NULL;
(*sgl)->digest_computed = NULL;
(*sgl)->digest_original = NULL;
(*sgl)->fields.capacity = 0;
(*sgl)->pdf_start_offset = 0;
(*sgl)->startxref = 0;
(*sgl)->sig_flags = 0;
(*sgl)->subfilter = SUBFILTER_UNKNOWN;
(*sgl)->fields.entry = NULL;
(*sgl)->byte_range = NULL;
(*sgl)->certificates = NULL;
(*sgl)->contents = NULL;
(*sgl)->computed_digest = NULL;
(*sgl)->signing_cert_status = CERT_STATUS_UNKNOWN;
(*sgl)->hash_cmp_result = HASH_CMP_RESULT_UNKNOWN;
(*sgl)->md_algorithm = NULL;
(*sgl)->md_hash = NULL;
(*sgl)->trusted_store = X509_STORE_new();
(*sgl)->xref = NULL;
(*sgl)->trusted_store = X509_STORE_new();
(*sgl)->result_cert_verification = CERT_STATUS_UNKNOWN;
(*sgl)->result_digest_comparison = HASH_CMP_RESULT_UNKNOWN;
return ERR_NO;
}
......@@ -248,7 +247,7 @@ static sigil_err_t sigil_verify_adbe_x509_rsa_sha1(sigil_t *sgl)
if (err != ERR_NO)
return err;
return verify_digest(sgl, &(sgl->hash_cmp_result));
return verify_digest(sgl, &(sgl->result_digest_comparison));
}
sigil_err_t sigil_verify(sigil_t *sgl)
......@@ -275,7 +274,7 @@ sigil_err_t sigil_verify(sigil_t *sgl)
if (sgl->xref == NULL)
return ERR_ALLOCATION;
sgl->xref->prev_section = sgl->startxref;
sgl->xref->prev_section = sgl->offset_startxref;
size_t max_file_updates = MAX_FILE_UPDATES;
......@@ -319,7 +318,7 @@ sigil_err_t sigil_verify(sigil_t *sgl)
if (err != ERR_NO)
return err;
switch (sgl->subfilter) {
switch (sgl->subfilter_type) {
case SUBFILTER_adbe_x509_rsa_sha1:
err = sigil_verify_adbe_x509_rsa_sha1(sgl);
if (err != ERR_NO)
......@@ -344,7 +343,7 @@ sigil_err_t sigil_get_result(sigil_t *sgl, int *result)
*result = 0;
switch (sgl->subfilter) {
switch (sgl->subfilter_type) {
case SUBFILTER_adbe_x509_rsa_sha1:
err = sigil_get_cert_validation_result(sgl, &cert_res);
if (err != ERR_NO)
......@@ -368,7 +367,7 @@ sigil_err_t sigil_get_cert_validation_result(sigil_t *sgl, int *result)
if (sgl == NULL || result == NULL)
return ERR_PARAMETER;
*result = sgl->signing_cert_status;
*result = sgl->result_cert_verification;
return ERR_NO;
}
......@@ -378,7 +377,7 @@ sigil_err_t sigil_get_data_integrity_result(sigil_t *sgl, int *result)
if (sgl == NULL || result == NULL)
return ERR_PARAMETER;
*result = sgl->hash_cmp_result;
*result = sgl->result_digest_comparison;
return ERR_NO;
}
......@@ -388,10 +387,10 @@ sigil_err_t sigil_get_original_digest(sigil_t *sgl, ASN1_OCTET_STRING **digest)
if (sgl == NULL || digest == NULL)
return ERR_PARAMETER;
if (sgl->md_hash == NULL)
if (sgl->digest_original == NULL)
return ERR_NO_DATA;
*digest = ASN1_OCTET_STRING_dup(sgl->md_hash);
*digest = ASN1_OCTET_STRING_dup(sgl->digest_original);
return ERR_NO;
}
......@@ -401,20 +400,20 @@ sigil_err_t sigil_get_computed_digest(sigil_t *sgl, ASN1_OCTET_STRING **digest)
if (sgl == NULL || digest == NULL)
return ERR_PARAMETER;
if (sgl->computed_digest == NULL)
if (sgl->digest_computed == NULL)
return ERR_NO_DATA;
*digest = ASN1_OCTET_STRING_dup(sgl->computed_digest);
*digest = ASN1_OCTET_STRING_dup(sgl->digest_computed);
return ERR_NO;
}
sigil_err_t sigil_get_subfilter(sigil_t *sgl, subfilter_t *subfilter)
sigil_err_t sigil_get_subfilter(sigil_t *sgl, int *subfilter)
{
if (sgl == NULL || subfilter == NULL)
return ERR_PARAMETER;
*subfilter = sgl->subfilter;
*subfilter = sgl->subfilter_type;
return ERR_NO;
}
......@@ -495,14 +494,14 @@ void sigil_free(sigil_t **sgl)
if ((*sgl)->contents != NULL)
contents_free(*sgl);
if ((*sgl)->computed_digest != NULL)
ASN1_OCTET_STRING_free((*sgl)->computed_digest);
if ((*sgl)->digest_computed != NULL)
ASN1_OCTET_STRING_free((*sgl)->digest_computed);
if ((*sgl)->md_algorithm != NULL)
X509_ALGOR_free((*sgl)->md_algorithm);
if ((*sgl)->digest_algorithm != NULL)
X509_ALGOR_free((*sgl)->digest_algorithm);
if ((*sgl)->md_hash != NULL)
ASN1_OCTET_STRING_free((*sgl)->md_hash);
if ((*sgl)->digest_original != NULL)
ASN1_OCTET_STRING_free((*sgl)->digest_original);
if ((*sgl)->trusted_store != NULL)
X509_STORE_free((*sgl)->trusted_store);
......
......@@ -135,9 +135,9 @@ sigil_err_t read_startxref(sigil_t *sgl)
return ERR_PDF_CONTENT;
if (strncmp(tmp, "startxref", 9) == 0) {
if ((err = parse_number(sgl, &(sgl->startxref))) != ERR_NO)
if ((err = parse_number(sgl, &(sgl->offset_startxref))) != ERR_NO)
return err;
if (sgl->startxref == 0)
if (sgl->offset_startxref == 0)
return ERR_PDF_CONTENT;
return ERR_NO;
......@@ -320,7 +320,7 @@ int sigil_xref_self_test(int verbosity)
goto failed;
if (read_startxref(sgl) != ERR_NO ||
sgl->startxref != 1234567890)
sgl->offset_startxref != 1234567890)
{
goto failed;
}
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment