Loading include/sigil.h +1 −1 Original line number Diff line number Diff line Loading @@ -21,7 +21,7 @@ sigil_err_t sigil_get_cert_validation_result(sigil_t *sgl, int *result); sigil_err_t sigil_get_data_integrity_result(sigil_t *sgl, int *result); sigil_err_t sigil_get_original_digest(sigil_t *sgl, ASN1_OCTET_STRING **digest); sigil_err_t sigil_get_computed_digest(sigil_t *sgl, ASN1_OCTET_STRING **digest); sigil_err_t sigil_get_subfilter(sigil_t *sgl, subfilter_t *subfilter); sigil_err_t sigil_get_subfilter(sigil_t *sgl, int *subfilter); void cert_free(cert_t *cert); Loading include/types.h +23 −18 Original line number Diff line number Diff line Loading @@ -14,8 +14,6 @@ typedef uint32_t sigil_err_t; typedef uint32_t subfilter_t; typedef uint32_t dict_key_t; typedef struct { Loading Loading @@ -68,31 +66,38 @@ typedef struct { } pdf_data_t; typedef struct { // file data pdf_data_t pdf_data; short pdf_x, /* numbers from PDF header */ pdf_y; /* %PDF-<pdf_x>.<pdf_y> */ short xref_type; xref_t *xref; reference_t ref_catalog_dict; // pdf information int pdf_x; // version from PDF header - <x>.<y> int pdf_y; size_t sig_flags; int subfilter_type; int xref_type; // indirect reference to pdf parts reference_t ref_acroform; size_t offset_acroform; reference_t ref_sig_field; reference_t ref_catalog_dict; reference_t ref_sig_dict; reference_t ref_sig_field; // offset to pdf parts size_t offset_acroform; size_t offset_pdf_start; size_t offset_sig_dict; size_t offset_startxref; // message digest X509_ALGOR *digest_algorithm; ASN1_OCTET_STRING *digest_computed; ASN1_OCTET_STRING *digest_original; // extracted parts ref_array_t fields; size_t pdf_start_offset; /* offset of %PDF-x.y */ size_t startxref; size_t sig_flags; subfilter_t subfilter; range_t *byte_range; cert_t *certificates; contents_t *contents; ASN1_OCTET_STRING *computed_digest; X509_ALGOR *md_algorithm; ASN1_OCTET_STRING *md_hash; xref_t *xref; X509_STORE *trusted_store; int signing_cert_status; int hash_cmp_result; // results of verification process int result_cert_verification; int result_digest_comparison; } sigil_t; #endif /* PDF_SIGIL_TYPES_H */ lib/cryptography.c +11 −11 Original line number Diff line number Diff line Loading @@ -94,7 +94,7 @@ sigil_err_t compute_digest_pkcs1(sigil_t *sgl) if ((ctx = EVP_MD_CTX_create()) == NULL) return ERR_ALLOCATION; X509_ALGOR_get0(&md_obj, NULL, NULL, sgl->md_algorithm); X509_ALGOR_get0(&md_obj, NULL, NULL, sgl->digest_algorithm); evp_md = EVP_get_digestbyobj(md_obj); if (evp_md == NULL) { err = ERR_OPENSSL; Loading Loading @@ -152,8 +152,8 @@ sigil_err_t compute_digest_pkcs1(sigil_t *sgl) goto end; } sgl->computed_digest = ASN1_OCTET_STRING_new(); if (ASN1_OCTET_STRING_set(sgl->computed_digest, tmp_hash, tmp_hash_len) == 0) { sgl->digest_computed = ASN1_OCTET_STRING_new(); if (ASN1_OCTET_STRING_set(sgl->digest_computed, tmp_hash, tmp_hash_len) == 0) { err = ERR_OPENSSL; goto end; } Loading Loading @@ -307,8 +307,8 @@ sigil_err_t load_digest(sigil_t *sgl) X509_SIG_get0(const_sig, &tmp_alg, &tmp_hash); sgl->md_algorithm = X509_ALGOR_dup((X509_ALGOR *)tmp_alg); sgl->md_hash = ASN1_OCTET_STRING_dup(tmp_hash); sgl->digest_algorithm = X509_ALGOR_dup((X509_ALGOR *)tmp_alg); sgl->digest_original = ASN1_OCTET_STRING_dup(tmp_hash); err = ERR_NO; Loading Loading @@ -370,10 +370,10 @@ sigil_err_t verify_signing_certificate(sigil_t *sgl) // verify if (X509_verify_cert(ctx) == 1) { // verification successful sgl->signing_cert_status = CERT_STATUS_VERIFIED; sgl->result_cert_verification = CERT_STATUS_VERIFIED; } else { // verification not successful sgl->signing_cert_status = CERT_STATUS_FAILED; sgl->result_cert_verification = CERT_STATUS_FAILED; } sk_X509_free(trusted_chain); Loading @@ -388,13 +388,13 @@ sigil_err_t compare_digest(sigil_t *sgl) if (sgl == NULL) return ERR_PARAMETER; sgl->hash_cmp_result = HASH_CMP_RESULT_DIFFER; sgl->result_digest_comparison = HASH_CMP_RESULT_DIFFER; if (sgl->md_hash == NULL || sgl->computed_digest == NULL) if (sgl->digest_original == NULL || sgl->digest_computed == NULL) return ERR_PARAMETER; if (ASN1_STRING_cmp(sgl->md_hash, sgl->computed_digest) == 0) sgl->hash_cmp_result = HASH_CMP_RESULT_MATCH; if (ASN1_STRING_cmp(sgl->digest_original, sgl->digest_computed) == 0) sgl->result_digest_comparison = HASH_CMP_RESULT_MATCH; return ERR_NO; } Loading lib/header.c +3 −3 Original line number Diff line number Diff line Loading @@ -52,7 +52,7 @@ sigil_err_t process_header(sigil_t *sgl) return ERR_PDF_CONTENT; } sgl->pdf_start_offset = offset; sgl->offset_pdf_start = offset; return ERR_NO; } Loading @@ -78,7 +78,7 @@ int sigil_header_self_test(int verbosity) if (process_header(sgl) != ERR_NO || sgl->pdf_x != 1 || sgl->pdf_y != 1 || sgl->pdf_start_offset != 0) sgl->offset_pdf_start != 0) { goto failed; } Loading @@ -101,7 +101,7 @@ int sigil_header_self_test(int verbosity) if (process_header(sgl) != ERR_NO || sgl->pdf_x != 1 || sgl->pdf_y != 2 || sgl->pdf_start_offset != 50) sgl->offset_pdf_start != 50) { goto failed; } Loading lib/sig_dict.c +2 −2 Original line number Diff line number Diff line Loading @@ -46,9 +46,9 @@ static sigil_err_t parse_subfilter(sigil_t *sgl) return err; if (strncmp(tmp, "adbe.x509.rsa_sha1", 18) == 0) { sgl->subfilter = SUBFILTER_adbe_x509_rsa_sha1; sgl->subfilter_type = SUBFILTER_adbe_x509_rsa_sha1; } else { sgl->subfilter = SUBFILTER_UNKNOWN; sgl->subfilter_type = SUBFILTER_UNKNOWN; } return ERR_NO; Loading Loading
include/sigil.h +1 −1 Original line number Diff line number Diff line Loading @@ -21,7 +21,7 @@ sigil_err_t sigil_get_cert_validation_result(sigil_t *sgl, int *result); sigil_err_t sigil_get_data_integrity_result(sigil_t *sgl, int *result); sigil_err_t sigil_get_original_digest(sigil_t *sgl, ASN1_OCTET_STRING **digest); sigil_err_t sigil_get_computed_digest(sigil_t *sgl, ASN1_OCTET_STRING **digest); sigil_err_t sigil_get_subfilter(sigil_t *sgl, subfilter_t *subfilter); sigil_err_t sigil_get_subfilter(sigil_t *sgl, int *subfilter); void cert_free(cert_t *cert); Loading
include/types.h +23 −18 Original line number Diff line number Diff line Loading @@ -14,8 +14,6 @@ typedef uint32_t sigil_err_t; typedef uint32_t subfilter_t; typedef uint32_t dict_key_t; typedef struct { Loading Loading @@ -68,31 +66,38 @@ typedef struct { } pdf_data_t; typedef struct { // file data pdf_data_t pdf_data; short pdf_x, /* numbers from PDF header */ pdf_y; /* %PDF-<pdf_x>.<pdf_y> */ short xref_type; xref_t *xref; reference_t ref_catalog_dict; // pdf information int pdf_x; // version from PDF header - <x>.<y> int pdf_y; size_t sig_flags; int subfilter_type; int xref_type; // indirect reference to pdf parts reference_t ref_acroform; size_t offset_acroform; reference_t ref_sig_field; reference_t ref_catalog_dict; reference_t ref_sig_dict; reference_t ref_sig_field; // offset to pdf parts size_t offset_acroform; size_t offset_pdf_start; size_t offset_sig_dict; size_t offset_startxref; // message digest X509_ALGOR *digest_algorithm; ASN1_OCTET_STRING *digest_computed; ASN1_OCTET_STRING *digest_original; // extracted parts ref_array_t fields; size_t pdf_start_offset; /* offset of %PDF-x.y */ size_t startxref; size_t sig_flags; subfilter_t subfilter; range_t *byte_range; cert_t *certificates; contents_t *contents; ASN1_OCTET_STRING *computed_digest; X509_ALGOR *md_algorithm; ASN1_OCTET_STRING *md_hash; xref_t *xref; X509_STORE *trusted_store; int signing_cert_status; int hash_cmp_result; // results of verification process int result_cert_verification; int result_digest_comparison; } sigil_t; #endif /* PDF_SIGIL_TYPES_H */
lib/cryptography.c +11 −11 Original line number Diff line number Diff line Loading @@ -94,7 +94,7 @@ sigil_err_t compute_digest_pkcs1(sigil_t *sgl) if ((ctx = EVP_MD_CTX_create()) == NULL) return ERR_ALLOCATION; X509_ALGOR_get0(&md_obj, NULL, NULL, sgl->md_algorithm); X509_ALGOR_get0(&md_obj, NULL, NULL, sgl->digest_algorithm); evp_md = EVP_get_digestbyobj(md_obj); if (evp_md == NULL) { err = ERR_OPENSSL; Loading Loading @@ -152,8 +152,8 @@ sigil_err_t compute_digest_pkcs1(sigil_t *sgl) goto end; } sgl->computed_digest = ASN1_OCTET_STRING_new(); if (ASN1_OCTET_STRING_set(sgl->computed_digest, tmp_hash, tmp_hash_len) == 0) { sgl->digest_computed = ASN1_OCTET_STRING_new(); if (ASN1_OCTET_STRING_set(sgl->digest_computed, tmp_hash, tmp_hash_len) == 0) { err = ERR_OPENSSL; goto end; } Loading Loading @@ -307,8 +307,8 @@ sigil_err_t load_digest(sigil_t *sgl) X509_SIG_get0(const_sig, &tmp_alg, &tmp_hash); sgl->md_algorithm = X509_ALGOR_dup((X509_ALGOR *)tmp_alg); sgl->md_hash = ASN1_OCTET_STRING_dup(tmp_hash); sgl->digest_algorithm = X509_ALGOR_dup((X509_ALGOR *)tmp_alg); sgl->digest_original = ASN1_OCTET_STRING_dup(tmp_hash); err = ERR_NO; Loading Loading @@ -370,10 +370,10 @@ sigil_err_t verify_signing_certificate(sigil_t *sgl) // verify if (X509_verify_cert(ctx) == 1) { // verification successful sgl->signing_cert_status = CERT_STATUS_VERIFIED; sgl->result_cert_verification = CERT_STATUS_VERIFIED; } else { // verification not successful sgl->signing_cert_status = CERT_STATUS_FAILED; sgl->result_cert_verification = CERT_STATUS_FAILED; } sk_X509_free(trusted_chain); Loading @@ -388,13 +388,13 @@ sigil_err_t compare_digest(sigil_t *sgl) if (sgl == NULL) return ERR_PARAMETER; sgl->hash_cmp_result = HASH_CMP_RESULT_DIFFER; sgl->result_digest_comparison = HASH_CMP_RESULT_DIFFER; if (sgl->md_hash == NULL || sgl->computed_digest == NULL) if (sgl->digest_original == NULL || sgl->digest_computed == NULL) return ERR_PARAMETER; if (ASN1_STRING_cmp(sgl->md_hash, sgl->computed_digest) == 0) sgl->hash_cmp_result = HASH_CMP_RESULT_MATCH; if (ASN1_STRING_cmp(sgl->digest_original, sgl->digest_computed) == 0) sgl->result_digest_comparison = HASH_CMP_RESULT_MATCH; return ERR_NO; } Loading
lib/header.c +3 −3 Original line number Diff line number Diff line Loading @@ -52,7 +52,7 @@ sigil_err_t process_header(sigil_t *sgl) return ERR_PDF_CONTENT; } sgl->pdf_start_offset = offset; sgl->offset_pdf_start = offset; return ERR_NO; } Loading @@ -78,7 +78,7 @@ int sigil_header_self_test(int verbosity) if (process_header(sgl) != ERR_NO || sgl->pdf_x != 1 || sgl->pdf_y != 1 || sgl->pdf_start_offset != 0) sgl->offset_pdf_start != 0) { goto failed; } Loading @@ -101,7 +101,7 @@ int sigil_header_self_test(int verbosity) if (process_header(sgl) != ERR_NO || sgl->pdf_x != 1 || sgl->pdf_y != 2 || sgl->pdf_start_offset != 50) sgl->offset_pdf_start != 50) { goto failed; } Loading
lib/sig_dict.c +2 −2 Original line number Diff line number Diff line Loading @@ -46,9 +46,9 @@ static sigil_err_t parse_subfilter(sigil_t *sgl) return err; if (strncmp(tmp, "adbe.x509.rsa_sha1", 18) == 0) { sgl->subfilter = SUBFILTER_adbe_x509_rsa_sha1; sgl->subfilter_type = SUBFILTER_adbe_x509_rsa_sha1; } else { sgl->subfilter = SUBFILTER_UNKNOWN; sgl->subfilter_type = SUBFILTER_UNKNOWN; } return ERR_NO; Loading
