refactoring

6b8c06a3 · Tomáš Stefan · deb45f0f · 6b8c06a3 · 6b8c06a3 · 6b8c06a3
Commit 6b8c06a3 authored Mar 29, 2018 by Tomáš Stefan
7 changed files
--- a/include/sigil.h
+++ b/include/sigil.h
@@ -21,7 +21,7 @@ sigil_err_t sigil_get_cert_validation_result(sigil_t *sgl, int *result);
 sigil_err_t sigil_get_data_integrity_result(sigil_t *sgl, int *result);
 sigil_err_t sigil_get_original_digest(sigil_t *sgl, ASN1_OCTET_STRING **digest);
 sigil_err_t sigil_get_computed_digest(sigil_t *sgl, ASN1_OCTET_STRING **digest);
-sigil_err_t sigil_get_subfilter(sigil_t *sgl, subfilter_t *subfilter);
+sigil_err_t sigil_get_subfilter(sigil_t *sgl, int *subfilter);

 void cert_free(cert_t *cert);


--- a/include/types.h
+++ b/include/types.h
@@ -14,8 +14,6 @@

 typedef uint32_t sigil_err_t;

-typedef uint32_t subfilter_t;
-
 typedef uint32_t dict_key_t;

 typedef struct {
@@ -68,31 +66,38 @@ typedef struct {
 } pdf_data_t;

 typedef struct {
+    // file data
    pdf_data_t         pdf_data;
-    short              pdf_x,             /* numbers from PDF header */
-                       pdf_y;             /*   %PDF-<pdf_x>.<pdf_y>  */
-    short              xref_type;
-    xref_t            *xref;
-    reference_t        ref_catalog_dict;
+    // pdf information
+    int                pdf_x; // version from PDF header - <x>.<y>
+    int                pdf_y;
+    size_t             sig_flags;
+    int                subfilter_type;
+    int                xref_type;
+    // indirect reference to pdf parts
    reference_t        ref_acroform;
-    size_t             offset_acroform;
-    reference_t        ref_sig_field;
+    reference_t        ref_catalog_dict;
    reference_t        ref_sig_dict;
+    reference_t        ref_sig_field;
+    // offset to pdf parts
+    size_t             offset_acroform;
+    size_t             offset_pdf_start;
    size_t             offset_sig_dict;
+    size_t             offset_startxref;
+    // message digest
+    X509_ALGOR        *digest_algorithm;
+    ASN1_OCTET_STRING *digest_computed;
+    ASN1_OCTET_STRING *digest_original;
+    // extracted parts
    ref_array_t        fields;
-    size_t             pdf_start_offset;  /* offset of %PDF-x.y      */
-    size_t             startxref;
-    size_t             sig_flags;
-    subfilter_t        subfilter;
    range_t           *byte_range;
    cert_t            *certificates;
    contents_t        *contents;
-    ASN1_OCTET_STRING *computed_digest;
-    X509_ALGOR        *md_algorithm;
-    ASN1_OCTET_STRING *md_hash;
+    xref_t            *xref;
    X509_STORE        *trusted_store;
-    int                signing_cert_status;
-    int                hash_cmp_result;
+    // results of verification process
+    int                result_cert_verification;
+    int                result_digest_comparison;
 } sigil_t;

 #endif /* PDF_SIGIL_TYPES_H */
--- a/lib/cryptography.c
+++ b/lib/cryptography.c
@@ -94,7 +94,7 @@ sigil_err_t compute_digest_pkcs1(sigil_t *sgl)
    if ((ctx = EVP_MD_CTX_create()) == NULL)
        return ERR_ALLOCATION;

-    X509_ALGOR_get0(&md_obj, NULL, NULL, sgl->md_algorithm);
+    X509_ALGOR_get0(&md_obj, NULL, NULL, sgl->digest_algorithm);
    evp_md = EVP_get_digestbyobj(md_obj);
    if (evp_md == NULL) {
        err = ERR_OPENSSL;
@@ -152,8 +152,8 @@ sigil_err_t compute_digest_pkcs1(sigil_t *sgl)
        goto end;
    }

-    sgl->computed_digest = ASN1_OCTET_STRING_new();
-    if (ASN1_OCTET_STRING_set(sgl->computed_digest, tmp_hash, tmp_hash_len) == 0) {
+    sgl->digest_computed = ASN1_OCTET_STRING_new();
+    if (ASN1_OCTET_STRING_set(sgl->digest_computed, tmp_hash, tmp_hash_len) == 0) {
        err = ERR_OPENSSL;
        goto end;
    }
@@ -307,8 +307,8 @@ sigil_err_t load_digest(sigil_t *sgl)

    X509_SIG_get0(const_sig, &tmp_alg, &tmp_hash);

-    sgl->md_algorithm = X509_ALGOR_dup((X509_ALGOR *)tmp_alg);
-    sgl->md_hash = ASN1_OCTET_STRING_dup(tmp_hash);
+    sgl->digest_algorithm = X509_ALGOR_dup((X509_ALGOR *)tmp_alg);
+    sgl->digest_original = ASN1_OCTET_STRING_dup(tmp_hash);

    err = ERR_NO;

@@ -370,10 +370,10 @@ sigil_err_t verify_signing_certificate(sigil_t *sgl)
    // verify
    if (X509_verify_cert(ctx) == 1) {
        // verification successful
-        sgl->signing_cert_status = CERT_STATUS_VERIFIED;
+        sgl->result_cert_verification = CERT_STATUS_VERIFIED;
    } else {
        // verification not successful
-        sgl->signing_cert_status = CERT_STATUS_FAILED;
+        sgl->result_cert_verification = CERT_STATUS_FAILED;
    }

    sk_X509_free(trusted_chain);
@@ -388,13 +388,13 @@ sigil_err_t compare_digest(sigil_t *sgl)
    if (sgl == NULL)
        return ERR_PARAMETER;

-    sgl->hash_cmp_result = HASH_CMP_RESULT_DIFFER;
+    sgl->result_digest_comparison = HASH_CMP_RESULT_DIFFER;

-    if (sgl->md_hash == NULL || sgl->computed_digest == NULL)
+    if (sgl->digest_original == NULL || sgl->digest_computed == NULL)
        return ERR_PARAMETER;

-    if (ASN1_STRING_cmp(sgl->md_hash, sgl->computed_digest) == 0)
-        sgl->hash_cmp_result = HASH_CMP_RESULT_MATCH;
+    if (ASN1_STRING_cmp(sgl->digest_original, sgl->digest_computed) == 0)
+        sgl->result_digest_comparison = HASH_CMP_RESULT_MATCH;

    return ERR_NO;
 }

--- a/lib/header.c
+++ b/lib/header.c
@@ -52,7 +52,7 @@ sigil_err_t process_header(sigil_t *sgl)
            return ERR_PDF_CONTENT;
        }

-        sgl->pdf_start_offset = offset;
+        sgl->offset_pdf_start = offset;

        return ERR_NO;
    }
@@ -78,7 +78,7 @@ int sigil_header_self_test(int verbosity)
        if (process_header(sgl) != ERR_NO ||
            sgl->pdf_x != 1               ||
            sgl->pdf_y != 1               ||
-            sgl->pdf_start_offset != 0)
+            sgl->offset_pdf_start != 0)
        {
            goto failed;
        }
@@ -101,7 +101,7 @@ int sigil_header_self_test(int verbosity)
        if (process_header(sgl) != ERR_NO ||
            sgl->pdf_x != 1               ||
            sgl->pdf_y != 2               ||
-            sgl->pdf_start_offset != 50)
+            sgl->offset_pdf_start != 50)
        {
            goto failed;
        }

--- a/lib/sig_dict.c
+++ b/lib/sig_dict.c
@@ -46,9 +46,9 @@ static sigil_err_t parse_subfilter(sigil_t *sgl)
        return err;

    if (strncmp(tmp, "adbe.x509.rsa_sha1", 18) == 0) {
-        sgl->subfilter = SUBFILTER_adbe_x509_rsa_sha1;
+        sgl->subfilter_type = SUBFILTER_adbe_x509_rsa_sha1;
    } else {
-        sgl->subfilter = SUBFILTER_UNKNOWN;
+        sgl->subfilter_type = SUBFILTER_UNKNOWN;
    }

    return ERR_NO;

--- a/lib/sigil.c
+++ b/lib/sigil.c
@@ -36,34 +36,33 @@ sigil_err_t sigil_init(sigil_t **sgl)
    (*sgl)->pdf_data.deallocation_info      = 0;
    (*sgl)->pdf_x                           = 0;
    (*sgl)->pdf_y                           = 0;
+    (*sgl)->sig_flags                       = 0;
+    (*sgl)->subfilter_type                  = SUBFILTER_UNKNOWN;
    (*sgl)->xref_type                       = XREF_TYPE_UNSET;
-    (*sgl)->xref                            = NULL;
-    (*sgl)->ref_catalog_dict.object_num     = 0;
-    (*sgl)->ref_catalog_dict.generation_num = 0;
    (*sgl)->ref_acroform.object_num         = 0;
    (*sgl)->ref_acroform.generation_num     = 0;
-    (*sgl)->offset_acroform                 = 0;
-    (*sgl)->ref_sig_field.object_num        = 0;
-    (*sgl)->ref_sig_field.generation_num    = 0;
+    (*sgl)->ref_catalog_dict.object_num     = 0;
+    (*sgl)->ref_catalog_dict.generation_num = 0;
    (*sgl)->ref_sig_dict.object_num         = 0;
    (*sgl)->ref_sig_dict.generation_num     = 0;
+    (*sgl)->ref_sig_field.object_num        = 0;
+    (*sgl)->ref_sig_field.generation_num    = 0;
+    (*sgl)->offset_acroform                 = 0;
+    (*sgl)->offset_pdf_start                = 0;
    (*sgl)->offset_sig_dict                 = 0;
-    (*sgl)->fields.entry                    = NULL;
+    (*sgl)->offset_startxref                = 0;
+    (*sgl)->digest_algorithm                = NULL;
+    (*sgl)->digest_computed                 = NULL;
+    (*sgl)->digest_original                 = NULL;
    (*sgl)->fields.capacity                 = 0;
-    (*sgl)->pdf_start_offset                = 0;
-    (*sgl)->startxref                       = 0;
-    (*sgl)->sig_flags                       = 0;
-    (*sgl)->subfilter                       = SUBFILTER_UNKNOWN;
+    (*sgl)->fields.entry                    = NULL;
    (*sgl)->byte_range                      = NULL;
    (*sgl)->certificates                    = NULL;
    (*sgl)->contents                        = NULL;
-    (*sgl)->computed_digest                 = NULL;
-    (*sgl)->signing_cert_status             = CERT_STATUS_UNKNOWN;
-    (*sgl)->hash_cmp_result                 = HASH_CMP_RESULT_UNKNOWN;
-    (*sgl)->md_algorithm                    = NULL;
-    (*sgl)->md_hash                         = NULL;
-
-    (*sgl)->trusted_store = X509_STORE_new();
+    (*sgl)->xref                            = NULL;
+    (*sgl)->trusted_store                   = X509_STORE_new();
+    (*sgl)->result_cert_verification        = CERT_STATUS_UNKNOWN;
+    (*sgl)->result_digest_comparison        = HASH_CMP_RESULT_UNKNOWN;

    return ERR_NO;
 }
@@ -248,7 +247,7 @@ static sigil_err_t sigil_verify_adbe_x509_rsa_sha1(sigil_t *sgl)
    if (err != ERR_NO)
        return err;

-    return verify_digest(sgl, &(sgl->hash_cmp_result));
+    return verify_digest(sgl, &(sgl->result_digest_comparison));
 }

 sigil_err_t sigil_verify(sigil_t *sgl)
@@ -275,7 +274,7 @@ sigil_err_t sigil_verify(sigil_t *sgl)
    if (sgl->xref == NULL)
        return ERR_ALLOCATION;

-    sgl->xref->prev_section = sgl->startxref;
+    sgl->xref->prev_section = sgl->offset_startxref;

    size_t max_file_updates = MAX_FILE_UPDATES;

@@ -319,7 +318,7 @@ sigil_err_t sigil_verify(sigil_t *sgl)
    if (err != ERR_NO)
        return err;

-    switch (sgl->subfilter) {
+    switch (sgl->subfilter_type) {
        case SUBFILTER_adbe_x509_rsa_sha1:
            err = sigil_verify_adbe_x509_rsa_sha1(sgl);
            if (err != ERR_NO)
@@ -344,7 +343,7 @@ sigil_err_t sigil_get_result(sigil_t *sgl, int *result)

    *result = 0;

-    switch (sgl->subfilter) {
+    switch (sgl->subfilter_type) {
        case SUBFILTER_adbe_x509_rsa_sha1:
            err = sigil_get_cert_validation_result(sgl, &cert_res);
            if (err != ERR_NO)
@@ -368,7 +367,7 @@ sigil_err_t sigil_get_cert_validation_result(sigil_t *sgl, int *result)
    if (sgl == NULL || result == NULL)
        return ERR_PARAMETER;

-    *result = sgl->signing_cert_status;
+    *result = sgl->result_cert_verification;

    return ERR_NO;
 }
@@ -378,7 +377,7 @@ sigil_err_t sigil_get_data_integrity_result(sigil_t *sgl, int *result)
    if (sgl == NULL || result == NULL)
        return ERR_PARAMETER;

-    *result = sgl->hash_cmp_result;
+    *result = sgl->result_digest_comparison;

    return ERR_NO;
 }
@@ -388,10 +387,10 @@ sigil_err_t sigil_get_original_digest(sigil_t *sgl, ASN1_OCTET_STRING **digest)
    if (sgl == NULL || digest == NULL)
        return ERR_PARAMETER;

-    if (sgl->md_hash == NULL)
+    if (sgl->digest_original == NULL)
        return ERR_NO_DATA;

-    *digest = ASN1_OCTET_STRING_dup(sgl->md_hash);
+    *digest = ASN1_OCTET_STRING_dup(sgl->digest_original);

    return ERR_NO;
 }
@@ -401,20 +400,20 @@ sigil_err_t sigil_get_computed_digest(sigil_t *sgl, ASN1_OCTET_STRING **digest)
    if (sgl == NULL || digest == NULL)
        return ERR_PARAMETER;

-    if (sgl->computed_digest == NULL)
+    if (sgl->digest_computed == NULL)
        return ERR_NO_DATA;

-    *digest = ASN1_OCTET_STRING_dup(sgl->computed_digest);
+    *digest = ASN1_OCTET_STRING_dup(sgl->digest_computed);

    return ERR_NO;
 }

-sigil_err_t sigil_get_subfilter(sigil_t *sgl, subfilter_t *subfilter)
+sigil_err_t sigil_get_subfilter(sigil_t *sgl, int *subfilter)
 {
    if (sgl == NULL || subfilter == NULL)
        return ERR_PARAMETER;

-    *subfilter = sgl->subfilter;
+    *subfilter = sgl->subfilter_type;

    return ERR_NO;
 }
@@ -495,14 +494,14 @@ void sigil_free(sigil_t **sgl)
    if ((*sgl)->contents != NULL)
        contents_free(*sgl);

-    if ((*sgl)->computed_digest != NULL)
-        ASN1_OCTET_STRING_free((*sgl)->computed_digest);
+    if ((*sgl)->digest_computed != NULL)
+        ASN1_OCTET_STRING_free((*sgl)->digest_computed);

-    if ((*sgl)->md_algorithm != NULL)
-        X509_ALGOR_free((*sgl)->md_algorithm);
+    if ((*sgl)->digest_algorithm != NULL)
+        X509_ALGOR_free((*sgl)->digest_algorithm);

-    if ((*sgl)->md_hash != NULL)
-        ASN1_OCTET_STRING_free((*sgl)->md_hash);
+    if ((*sgl)->digest_original != NULL)
+        ASN1_OCTET_STRING_free((*sgl)->digest_original);

    if ((*sgl)->trusted_store != NULL)
        X509_STORE_free((*sgl)->trusted_store);

--- a/lib/xref.c
+++ b/lib/xref.c
@@ -135,9 +135,9 @@ sigil_err_t read_startxref(sigil_t *sgl)
            return ERR_PDF_CONTENT;

        if (strncmp(tmp, "startxref", 9) == 0) {
-            if ((err = parse_number(sgl, &(sgl->startxref))) != ERR_NO)
+            if ((err = parse_number(sgl, &(sgl->offset_startxref))) != ERR_NO)
                return err;
-            if (sgl->startxref == 0)
+            if (sgl->offset_startxref == 0)
                return ERR_PDF_CONTENT;

            return ERR_NO;
@@ -320,7 +320,7 @@ int sigil_xref_self_test(int verbosity)
            goto failed;

        if (read_startxref(sgl) != ERR_NO ||
-            sgl->startxref != 1234567890)
+            sgl->offset_startxref != 1234567890)
        {
            goto failed;
        }