Commit deb45f0f authored by Tomáš Stefan's avatar Tomáš Stefan

get functions for verification result

parent 0f7d1503
......@@ -16,7 +16,12 @@ sigil_err_t sigil_set_trusted_dir(sigil_t *sgl, const char *path_to_dir);
sigil_err_t sigil_verify(sigil_t *sgl);
// ... get functions TODO
sigil_err_t sigil_get_result(sigil_t *sgl, int *result);
sigil_err_t sigil_get_cert_validation_result(sigil_t *sgl, int *result);
sigil_err_t sigil_get_data_integrity_result(sigil_t *sgl, int *result);
sigil_err_t sigil_get_original_digest(sigil_t *sgl, ASN1_OCTET_STRING **digest);
sigil_err_t sigil_get_computed_digest(sigil_t *sgl, ASN1_OCTET_STRING **digest);
sigil_err_t sigil_get_subfilter(sigil_t *sgl, subfilter_t *subfilter);
void cert_free(cert_t *cert);
......
......@@ -88,11 +88,11 @@ typedef struct {
cert_t *certificates;
contents_t *contents;
ASN1_OCTET_STRING *computed_digest;
int signing_cert_status;
int hash_cmp_result;
X509_ALGOR *md_algorithm;
ASN1_OCTET_STRING *md_hash;
X509_STORE *trusted_store;
int signing_cert_status;
int hash_cmp_result;
} sigil_t;
#endif /* PDF_SIGIL_TYPES_H */
......@@ -403,7 +403,7 @@ sigil_err_t verify_digest(sigil_t *sgl, int *result)
{
sigil_err_t err;
if (sgl == NULL || *result == NULL)
if (sgl == NULL || result == NULL)
return ERR_PARAMETER;
*result = 1;
......
......@@ -333,6 +333,92 @@ sigil_err_t sigil_verify(sigil_t *sgl)
return ERR_NO;
}
sigil_err_t sigil_get_result(sigil_t *sgl, int *result)
{
sigil_err_t err;
int cert_res;
int digest_res;
if (sgl == NULL || result == NULL)
return ERR_PARAMETER;
*result = 0;
switch (sgl->subfilter) {
case SUBFILTER_adbe_x509_rsa_sha1:
err = sigil_get_cert_validation_result(sgl, &cert_res);
if (err != ERR_NO)
return err;
err = sigil_get_data_integrity_result(sgl, &digest_res);
if (err != ERR_NO)
return err;
*result = (cert_res == CERT_STATUS_VERIFIED) &&
(digest_res == HASH_CMP_RESULT_MATCH);
return ERR_NO;
default:
return ERR_NOT_IMPLEMENTED;
}
}
sigil_err_t sigil_get_cert_validation_result(sigil_t *sgl, int *result)
{
if (sgl == NULL || result == NULL)
return ERR_PARAMETER;
*result = sgl->signing_cert_status;
return ERR_NO;
}
sigil_err_t sigil_get_data_integrity_result(sigil_t *sgl, int *result)
{
if (sgl == NULL || result == NULL)
return ERR_PARAMETER;
*result = sgl->hash_cmp_result;
return ERR_NO;
}
sigil_err_t sigil_get_original_digest(sigil_t *sgl, ASN1_OCTET_STRING **digest)
{
if (sgl == NULL || digest == NULL)
return ERR_PARAMETER;
if (sgl->md_hash == NULL)
return ERR_NO_DATA;
*digest = ASN1_OCTET_STRING_dup(sgl->md_hash);
return ERR_NO;
}
sigil_err_t sigil_get_computed_digest(sigil_t *sgl, ASN1_OCTET_STRING **digest)
{
if (sgl == NULL || digest == NULL)
return ERR_PARAMETER;
if (sgl->computed_digest == NULL)
return ERR_NO_DATA;
*digest = ASN1_OCTET_STRING_dup(sgl->computed_digest);
return ERR_NO;
}
sigil_err_t sigil_get_subfilter(sigil_t *sgl, subfilter_t *subfilter)
{
if (sgl == NULL || subfilter == NULL)
return ERR_PARAMETER;
*subfilter = sgl->subfilter;
return ERR_NO;
}
static void range_free(range_t *range)
{
if (range == NULL)
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment