office/okular
office/okular
1
0
Fork 0
mirror of https://invent.kde.org/graphics/okular synced 2024-10-02 14:14:10 +00:00
Code Issues Packages Projects Releases Wiki Activity

Remove virtual methods from signature and certificate info

Browse source 
This is an abi break, but it menas we can extend signature and
certificate info in the future without breaking the abi again.

While we are at it, there is no need to hand around pointers to
certificate/signature info any longer, so clean up that. Fix memleaks as
side effect.
This commit is contained in:
Sune Vuorela 2023-04-21 12:50:46 +02:00 committed by Albert Astals Cid
parent 7235cd2b9d
commit b32ae775b4
11 changed files with 641 additions and 346 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
autotests/signunsignedfieldtest.cpp
View file

@ -94,7 +94,7 @@ void SignUnsignedFieldTest::testSignUnsignedField()
bool userCancelled, nonDateValidCerts;
{
EnterPasswordDialogHelper helper;
const QList<Okular::CertificateInfo *> &certs = certStore->signingCertificatesForNow(&userCancelled, &nonDateValidCerts);
const QList<Okular::CertificateInfo> &certs = certStore->signingCertificatesForNow(&userCancelled, &nonDateValidCerts);
QCOMPARE(certs.count(), 1);
}

3
core/form.h
View file

@ -474,8 +474,9 @@ public:
/**
* The signature info
* @since 23.08
*/
virtual const SignatureInfo &signatureInfo() const = 0;
virtual SignatureInfo signatureInfo() const = 0;
/**
Signs a field of UnsignedSignature type.

312
core/signatureutils.cpp
View file

@ -7,159 +7,391 @@
#include "signatureutils.h"
using namespace Okular;
class EntityInfo
{
public:
QString commonName;
QString distinguishedName;
QString emailAddress;
QString organization;
};
class Okular::CertificateInfoPrivate : public QSharedData
{
public:
bool isNull = true;
int version = -1;
QByteArray serialNumber;
EntityInfo issuerInfo;
EntityInfo subjectInfo;
QString nickName;
QDateTime validityStart;
QDateTime validityEnd;
CertificateInfo::KeyUsageExtensions keyUsageExtensions = CertificateInfo::KuNone;
QByteArray publicKey;
CertificateInfo::PublicKeyType publicKeyType = CertificateInfo::OtherKey;
int publicKeyStrength = -1;
bool isSelfSigned = false;
QByteArray certificateData;
std::function<bool(QString)> checkPasswordFunction;
};
CertificateInfo::CertificateInfo()
: d {new CertificateInfoPrivate()}
{
}
CertificateInfo::~CertificateInfo()
{
}
Okular::CertificateInfo::CertificateInfo(const Okular::CertificateInfo &other) = default;
Okular::CertificateInfo::CertificateInfo(Okular::CertificateInfo &&other) noexcept = default;
Okular::CertificateInfo &Okular::CertificateInfo::operator=(const Okular::CertificateInfo &other) = default;
CertificateInfo &Okular::CertificateInfo::operator=(Okular::CertificateInfo &&other) noexcept = default;
CertificateInfo::~CertificateInfo() = default;
Q_DECLARE_OPERATORS_FOR_FLAGS(CertificateInfo::KeyUsageExtensions)
bool CertificateInfo::isNull() const
{
return true;
return d->isNull;
}
void CertificateInfo::setNull(bool isNull)
{
d->isNull = isNull;
}
int CertificateInfo::version() const
{
return -1;
return d->version;
}
void CertificateInfo::setVersion(int version)
{
d->version = version;
}
QByteArray CertificateInfo::serialNumber() const
{
return QByteArray();
return d->serialNumber;
}
void CertificateInfo::setSerialNumber(const QByteArray &serialNumber)
{
d->serialNumber = serialNumber;
}
QString CertificateInfo::issuerInfo(EntityInfoKey) const
QString CertificateInfo::issuerInfo(EntityInfoKey key) const
{
switch (key) {
case EntityInfoKey::CommonName:
return d->issuerInfo.commonName;
case EntityInfoKey::DistinguishedName:
return d->issuerInfo.distinguishedName;
case EntityInfoKey::EmailAddress:
return d->issuerInfo.emailAddress;
case EntityInfoKey::Organization:
return d->issuerInfo.organization;
}
return QString();
}
QString CertificateInfo::subjectInfo(EntityInfoKey) const
void CertificateInfo::setIssuerInfo(EntityInfoKey key, const QString &value)
{
switch (key) {
case EntityInfoKey::CommonName:
d->issuerInfo.commonName = value;
return;
case EntityInfoKey::DistinguishedName:
d->issuerInfo.distinguishedName = value;
return;
case EntityInfoKey::EmailAddress:
d->issuerInfo.emailAddress = value;
return;
case EntityInfoKey::Organization:
d->issuerInfo.organization = value;
return;
}
}
QString CertificateInfo::subjectInfo(EntityInfoKey key) const
{
switch (key) {
case EntityInfoKey::CommonName:
return d->subjectInfo.commonName;
case EntityInfoKey::DistinguishedName:
return d->subjectInfo.distinguishedName;
case EntityInfoKey::EmailAddress:
return d->subjectInfo.emailAddress;
case EntityInfoKey::Organization:
return d->subjectInfo.organization;
}
return QString();
}
void CertificateInfo::setSubjectInfo(EntityInfoKey key, const QString &value)
{
switch (key) {
case EntityInfoKey::CommonName:
d->subjectInfo.commonName = value;
return;
case EntityInfoKey::DistinguishedName:
d->subjectInfo.distinguishedName = value;
return;
case EntityInfoKey::EmailAddress:
d->subjectInfo.emailAddress = value;
return;
case EntityInfoKey::Organization:
d->subjectInfo.organization = value;
return;
}
}
QString CertificateInfo::nickName() const
{
return QString();
return d->nickName;
}
void CertificateInfo::setNickName(const QString &nickName)
{
d->nickName = nickName;
}
QDateTime CertificateInfo::validityStart() const
{
return QDateTime();
return d->validityStart;
}
void CertificateInfo::setValidityStart(const QDateTime &start)
{
d->validityStart = start;
}
QDateTime CertificateInfo::validityEnd() const
{
return QDateTime();
return d->validityEnd;
}
void Okular::CertificateInfo::setValidityEnd(const QDateTime &validityEnd)
{
d->validityEnd = validityEnd;
}
CertificateInfo::KeyUsageExtensions CertificateInfo::keyUsageExtensions() const
{
return KuNone;
return d->keyUsageExtensions;
}
void Okular::CertificateInfo::setKeyUsageExtensions(Okular::CertificateInfo::KeyUsageExtensions ext)
{
d->keyUsageExtensions = ext;
}
QByteArray CertificateInfo::publicKey() const
{
return QByteArray();
return d->publicKey;
}
void Okular::CertificateInfo::setPublicKey(const QByteArray &publicKey)
{
d->publicKey = publicKey;
}
CertificateInfo::PublicKeyType CertificateInfo::publicKeyType() const
{
return OtherKey;
return d->publicKeyType;
}
void CertificateInfo::setPublicKeyType(PublicKeyType type)
{
d->publicKeyType = type;
}
int CertificateInfo::publicKeyStrength() const
{
return -1;
return d->publicKeyStrength;
}
void CertificateInfo::setPublicKeyStrength(int strength)
{
d->publicKeyStrength = strength;
}
bool CertificateInfo::isSelfSigned() const
{
return false;
return d->isSelfSigned;
}
void CertificateInfo::setSelfSigned(bool selfSigned)
{
d->isSelfSigned = selfSigned;
}
QByteArray CertificateInfo::certificateData() const
{
return QByteArray();
return d->certificateData;
}
bool CertificateInfo::checkPassword(const QString & /*password*/) const
void CertificateInfo::setCertificateData(const QByteArray &certificateData)
{
d->certificateData = certificateData;
}
bool CertificateInfo::checkPassword(const QString &password) const
{
if (d->checkPasswordFunction) {
return d->checkPasswordFunction(password);
}
return false;
}
void CertificateInfo::setCheckPasswordFunction(const std::function<bool(const QString &)> &passwordFunction)
{
d->checkPasswordFunction = passwordFunction;
}
class Okular::SignatureInfoPrivate : public QSharedData
{
public:
SignatureInfo::SignatureStatus signatureStatus = SignatureInfo::SignatureStatusUnknown;
SignatureInfo::CertificateStatus certificateStatus = SignatureInfo::CertificateStatusUnknown;
SignatureInfo::HashAlgorithm hashAlgorithm = SignatureInfo::HashAlgorithmUnknown;
QString signerName;
QString signerSubjectDN;
QString location;
QString reason;
QDateTime signingTime;
QByteArray signature;
QList<qint64> signedRangeBounds;
bool signsTotalDocument = false;
CertificateInfo certificateInfo;
};
SignatureInfo::SignatureInfo()
: d {new SignatureInfoPrivate()}
{
}
SignatureInfo::~SignatureInfo()
{
}
SignatureInfo::SignatureInfo(SignatureInfo &&other) noexcept = default;
SignatureInfo::SignatureInfo(const SignatureInfo &other) = default;
SignatureInfo &SignatureInfo::operator=(SignatureInfo &&other) noexcept = default;
Okular::SignatureInfo &Okular::SignatureInfo::operator=(const Okular::SignatureInfo &other) = default;
SignatureInfo::~SignatureInfo() = default;
SignatureInfo::SignatureStatus SignatureInfo::signatureStatus() const
{
return SignatureStatusUnknown;
return d->signatureStatus;
}
void SignatureInfo::setSignatureStatus(SignatureInfo::SignatureStatus status)
{
d->signatureStatus = status;
}
SignatureInfo::CertificateStatus SignatureInfo::certificateStatus() const
{
return CertificateStatusUnknown;
return d->certificateStatus;
}
void SignatureInfo::setCertificateStatus(SignatureInfo::CertificateStatus status)
{
d->certificateStatus = status;
}
SignatureInfo::HashAlgorithm SignatureInfo::hashAlgorithm() const
{
return HashAlgorithmUnknown;
return d->hashAlgorithm;
}
void Okular::SignatureInfo::setHashAlgorithm(Okular::SignatureInfo::HashAlgorithm algorithm)
{
d->hashAlgorithm = algorithm;
}
QString SignatureInfo::signerName() const
{
return QString();
return d->signerName;
}
void SignatureInfo::setSignerName(const QString &signerName)
{
d->signerName = signerName;
}
QString SignatureInfo::signerSubjectDN() const
{
return QString();
return d->signerSubjectDN;
}
void Okular::SignatureInfo::setSignerSubjectDN(const QString &signerSubjectDN)
{
d->signerSubjectDN = signerSubjectDN;
}
QString SignatureInfo::location() const
{
return QString();
return d->location;
}
void SignatureInfo::setLocation(const QString &location)
{
d->location = location;
}
QString SignatureInfo::reason() const
{
return QString();
return d->reason;
}
void Okular::SignatureInfo::setReason(const QString &reason)
{
d->reason = reason;
}
QDateTime SignatureInfo::signingTime() const
{
return QDateTime();
return d->signingTime;
}
void Okular::SignatureInfo::setSigningTime(const QDateTime &time)
{
d->signingTime = time;
}
QByteArray SignatureInfo::signature() const
{
return QByteArray();
return d->signature;
}
void SignatureInfo::setSignature(const QByteArray &signature)
{
d->signature = signature;
}
QList<qint64> SignatureInfo::signedRangeBounds() const
{
return QList<qint64>();
return d->signedRangeBounds;
}
void SignatureInfo::setSignedRangeBounds(const QList<qint64> &range)
{
d->signedRangeBounds = range;
}
bool SignatureInfo::signsTotalDocument() const
{
return false;
return d->signsTotalDocument;
}
const CertificateInfo &SignatureInfo::certificateInfo() const
void SignatureInfo::setSignsTotalDocument(bool total)
{
static CertificateInfo dummy;
return dummy;
d->signsTotalDocument = total;
}
CertificateInfo SignatureInfo::certificateInfo() const
{
return d->certificateInfo;
}
void SignatureInfo::setCertificateInfo(const Okular::CertificateInfo &info)
{
d->certificateInfo = info;
}
CertificateStore::CertificateStore()
@ -170,20 +402,20 @@ CertificateStore::~CertificateStore()
{
}
QList<CertificateInfo *> CertificateStore::signingCertificates(bool *userCancelled) const
QList<CertificateInfo> CertificateStore::signingCertificates(bool *userCancelled) const
{
*userCancelled = false;
return QList<CertificateInfo *>();
return QList<CertificateInfo>();
}
QList<CertificateInfo *> CertificateStore::signingCertificatesForNow(bool *userCancelled, bool *nonDateValidCerts) const
QList<CertificateInfo> CertificateStore::signingCertificatesForNow(bool *userCancelled, bool *nonDateValidCerts) const
{
const QDateTime now = QDateTime::currentDateTime();
QList<Okular::CertificateInfo *> certs = signingCertificates(userCancelled);
QList<Okular::CertificateInfo> certs = signingCertificates(userCancelled);
auto it = certs.begin();
*nonDateValidCerts = false;
while (it != certs.end()) {
if ((*it)->validityStart() > now || now > (*it)->validityEnd()) {
if (it->validityStart() > now || now > it->validityEnd()) {
it = certs.erase(it);
*nonDateValidCerts = true;
} else {

277
core/signatureutils.h
View file

@ -17,11 +17,11 @@
namespace Okular
{
class SignatureInfoPrivate;
/**
* @short A helper class to store information about x509 certificate
*/
class CertificateInfoPrivate;
class OKULARCORE_EXPORT CertificateInfo
{
public:
@ -49,96 +49,205 @@ public:
/**
* Destructor
*/
virtual ~CertificateInfo();
~CertificateInfo();
/**
* Returns true if certificate has no contents; otherwise returns false.
* Returns true if the certificate has no contents; otherwise returns false
* @since 23.08
*/
virtual bool isNull() const;
bool isNull() const;
/**
* Sets the null value of the certificate.
* @since 23.08
*/
void setNull(bool null);
/**
* The certificate version string.
* @since 23.08
*/
virtual int version() const;
int version() const;
/**
* Sets the certificate version string.
* @since 23.08
*/
void setVersion(int version);
/**
* The certificate serial number.
* @since 23.08
*/
virtual QByteArray serialNumber() const;
QByteArray serialNumber() const;
/**
* Sets the certificate serial number.
* @since 23.08
*/
void setSerialNumber(const QByteArray &serial);
/**
* Information about the issuer.
* @since 23.08
*/
virtual QString issuerInfo(EntityInfoKey key) const;
QString issuerInfo(EntityInfoKey key) const;
/**
* Sets information about the issuer.
* @since 23.08
*/
void setIssuerInfo(EntityInfoKey key, const QString &value);
/**
* Information about the subject
* @since 23.08
*/
virtual QString subjectInfo(EntityInfoKey key) const;
QString subjectInfo(EntityInfoKey key) const;
/**
* Sets information about the subject
* @since 23.08
*/
void setSubjectInfo(EntityInfoKey key, const QString &value);
/**
* The certificate internal database nickname
* @since 23.08
*/
virtual QString nickName() const;
QString nickName() const;
/**
* Sets the certificate internal database nickname
* @since 23.08
*/
void setNickName(const QString &nickName);
/**
* The date-time when certificate becomes valid.
* @since 23.08
*/
virtual QDateTime validityStart() const;
QDateTime validityStart() const;
/**
* Sets the date-time when certificate becomes valid.
* @since 23.08
*/
void setValidityStart(const QDateTime &start);
/**
* The date-time when certificate expires.
* @since 23.08
*/
virtual QDateTime validityEnd() const;
QDateTime validityEnd() const;
/**
* Sets the date-time when certificate expires.
* @since 23.08
*/
void setValidityEnd(const QDateTime &validityEnd);
/**
* The uses allowed for the certificate.
* @since 23.08
*/
virtual KeyUsageExtensions keyUsageExtensions() const;
KeyUsageExtensions keyUsageExtensions() const;
/**
* Sets the uses allowed for the certificate.
* @since 23.08
*/
void setKeyUsageExtensions(KeyUsageExtensions ext);
/**
* The public key value.
* @since 23.08
*/
virtual QByteArray publicKey() const;
QByteArray publicKey() const;
/**
* Sets the public key value.
* @since 23.08
*/
void setPublicKey(const QByteArray &publicKey);
/**
* The public key type.
* @since 23.08
*/
virtual PublicKeyType publicKeyType() const;
PublicKeyType publicKeyType() const;
/**
* Sets the public key type.
* @since 23.08
*/
void setPublicKeyType(PublicKeyType type);
/**
* The strength of public key in bits.
* @since 23.08
*/
virtual int publicKeyStrength() const;
int publicKeyStrength() const;
/**
* Sets the strength of strength key in bits.
* @since 23.08
*/
void setPublicKeyStrength(int strength);
/**
* Returns true if certificate is self-signed otherwise returns false.
* @since 23.08
*/
virtual bool isSelfSigned() const;
bool isSelfSigned() const;
/**
* Sets if certificate is self-signed
* @since 23.08
*/
void setSelfSigned(bool selfSigned);
/**
* The DER encoded certificate.
* @since 23.08
*/
virtual QByteArray certificateData() const;
QByteArray certificateData() const;
/**
* Sets the DER encoded certificate.
* @since 23.08
*/
void setCertificateData(const QByteArray &certificateData);
/**
* Checks if the given password is the correct one for this certificate
*
* @since 21.04
* @since 23.08
*/
virtual bool checkPassword(const QString &password) const;
bool checkPassword(const QString &password) const;
/**
* Sets a function to check if the current password is correct.
*
* The default reject all passwords
*
* @since 23.08
*/
void setCheckPasswordFunction(const std::function<bool(const QString &)> &passwordFunction);
protected:
friend class SignatureInfo;
CertificateInfo();
CertificateInfo(const CertificateInfo &other);
CertificateInfo(CertificateInfo &&other) noexcept;
CertificateInfo &operator=(const CertificateInfo &other);
CertificateInfo &operator=(CertificateInfo &&other) noexcept;
private:
Q_DISABLE_COPY(CertificateInfo)
QSharedDataPointer<CertificateInfoPrivate> d;
};
/**
* @short A helper class to store information about digital signature
*/
class SignatureInfoPrivate;
class OKULARCORE_EXPORT SignatureInfo
{
public:
@ -178,74 +287,162 @@ public:
/**
* Destructor.
*/
virtual ~SignatureInfo();
~SignatureInfo();
/**
* The signature status of the signature.
* @since 23.08
*/
virtual SignatureStatus signatureStatus() const;
SignatureStatus signatureStatus() const;
/**
* Sets the signature status of the signature.
* @since 23.08
*/
void setSignatureStatus(SignatureStatus status);
/**
* The certificate status of the signature.
* @since 23.08
*/
virtual CertificateStatus certificateStatus() const;
CertificateStatus certificateStatus() const;
/**
* Sets the certificate status of the signature.
* @since 23.08
*/
void setCertificateStatus(CertificateStatus status);
/**
* The signer subject common name associated with the signature.
* @since 23.08
*/
virtual QString signerName() const;
QString signerName() const;
/**
* Sets the signer subject common name associated with the signature.
* @since 23.08
*/
void setSignerName(const QString &signerName);
/**
* The signer subject distinguished name associated with the signature.
* @since 23.08
*/
virtual QString signerSubjectDN() const;
QString signerSubjectDN() const;
/**
* Sets the signer subject distinguished name associated with the signature.
* @since 23.08
*/
void setSignerSubjectDN(const QString &signerSubjectDN);
/**
* Get signing location.
* @since 23.08
*/
virtual QString location() const;
QString location() const;
/**
* Sets the signing location.
* @since 23.08
*/
void setLocation(const QString &location);
/**
* Get signing reason.
* @since 23.08
*/
virtual QString reason() const;
QString reason() const;
/**
* Sets the signing reason.
* @since 23.08
*/
void setReason(const QString &reason);
/**
* The hash algorithm used for the signature.
* @since 23.08
*/
virtual HashAlgorithm hashAlgorithm() const;
HashAlgorithm hashAlgorithm() const;
/**
* Sets the hash algorithm used for the signature.
* @since 23.08
*/
void setHashAlgorithm(HashAlgorithm algorithm);
/**
* The signing time associated with the signature.
* @since 23.08
*/
virtual QDateTime signingTime() const;
QDateTime signingTime() const;
/**
* Sets the signing time associated with the signature.
* @since 23.08
*/
void setSigningTime(const QDateTime &time);
/**
* Get the signature binary data.
* @since 23.08
*/
virtual QByteArray signature() const;
QByteArray signature() const;
/**
* Sets the signature binary data.
* @since 23.08
*/
void setSignature(const QByteArray &signature);
/**
* Get the bounds of the ranges of the document which are signed.
* @since 23.08
*/
virtual QList<qint64> signedRangeBounds() const;
QList<qint64> signedRangeBounds() const;
/**
* Sets the bounds of the ranges of the document which are signed.
* @since 23.08
*/
void setSignedRangeBounds(const QList<qint64> &range);
/**
* Checks whether the signature authenticates the total document
* except for the signature itself.
* @since 23.08
*/
virtual bool signsTotalDocument() const;
bool signsTotalDocument() const;
/**
* Checks whether the signature authenticates the total document
* except for the signature itself.
* @since 23.08
*/
void setSignsTotalDocument(bool total);
/**
* Get certificate details.
* @since 23.08
*/
virtual const CertificateInfo &certificateInfo() const;
CertificateInfo certificateInfo() const;
/**
* Sets certificate details.
* @since 23.08
*/
void setCertificateInfo(const CertificateInfo &info);
protected:
SignatureInfo();
SignatureInfo(const SignatureInfo &other);
SignatureInfo(SignatureInfo &&other) noexcept;
SignatureInfo &operator=(const SignatureInfo &other);
SignatureInfo &operator=(SignatureInfo &&other) noexcept;
private:
Q_DISABLE_COPY(SignatureInfo)
QSharedDataPointer<SignatureInfoPrivate> d;
};
/**
@ -263,8 +460,9 @@ public:
* Returns list of valid, usable signing certificates.
*
* This can ask the user for a password, userCancelled will be true if the user decided not to enter it.
* @since 23.08
*/
virtual QList<CertificateInfo *> signingCertificates(bool *userCancelled) const;
virtual QList<CertificateInfo> signingCertificates(bool *userCancelled) const;
/**
* Returns list of valid, usable signing certificates for current date and time.
@ -272,8 +470,9 @@ public:
* This can ask the user for a password, userCancelled will be true if the user decided not to enter it.
*
* nonDateValidCerts is true if the user has signing certificates but their validity start date is in the future or past their validity end date.
* @since 23.08
*/
QList<CertificateInfo *> signingCertificatesForNow(bool *userCancelled, bool *nonDateValidCerts) const;
QList<CertificateInfo> signingCertificatesForNow(bool *userCancelled, bool *nonDateValidCerts) const;
protected:
CertificateStore();

11
generators/poppler/formfields.cpp
View file

@ -397,14 +397,11 @@ PopplerFormFieldSignature::PopplerFormFieldSignature(std::unique_ptr<Poppler::Fo
if (!PDFSettings::checkOCSPServers()) {
validateOptions = validateOptions | Poppler::FormFieldSignature::ValidateWithoutOCSPRevocationCheck;
}
m_info = new PopplerSignatureInfo(m_field->validate(static_cast<Poppler::FormFieldSignature::ValidateOptions>(validateOptions)));
m_info = fromPoppler(m_field->validate(static_cast<Poppler::FormFieldSignature::ValidateOptions>(validateOptions)));
SET_ACTIONS
}
PopplerFormFieldSignature::~PopplerFormFieldSignature()
{
delete m_info;
}
PopplerFormFieldSignature::~PopplerFormFieldSignature() = default;
Okular::NormalizedRect PopplerFormFieldSignature::rect() const
{
@ -457,9 +454,9 @@ PopplerFormFieldSignature::SignatureType PopplerFormFieldSignature::signatureTyp
}
}
const Okular::SignatureInfo &PopplerFormFieldSignature::signatureInfo() const
Okular::SignatureInfo PopplerFormFieldSignature::signatureInfo() const
{
return *m_info;
return m_info;
}
bool PopplerFormFieldSignature::sign(const Okular::NewSignatureData &oData, const QString &newPath) const

4
generators/poppler/formfields.h
View file

@ -137,12 +137,12 @@ public:
// inherited from Okular::FormFieldSignature
SignatureType signatureType() const override;
const Okular::SignatureInfo &signatureInfo() const override;
Okular::SignatureInfo signatureInfo() const override;
bool sign(const Okular::NewSignatureData &oData, const QString &newPath) const override;
private:
std::unique_ptr<Poppler::FormFieldSignature> m_field;
Okular::SignatureInfo *m_info;
Okular::SignatureInfo m_info;
Okular::NormalizedRect m_rect;
int m_id;
};

7
generators/poppler/pdfsettingswidget.cpp
View file

@ -70,15 +70,14 @@ bool PDFSettingsWidget::event(QEvent *e)
PopplerCertificateStore st;
bool userCancelled;
const QList<Okular::CertificateInfo *> certs = st.signingCertificates(&userCancelled);
const QList<Okular::CertificateInfo> certs = st.signingCertificates(&userCancelled);
m_pdfsw.loadSignaturesButton->setVisible(userCancelled);
for (auto cert : certs) {
for (const auto &cert : certs) {
new QTreeWidgetItem(m_tree,
{cert->subjectInfo(Okular::CertificateInfo::EntityInfoKey::CommonName), cert->subjectInfo(Okular::CertificateInfo::EntityInfoKey::EmailAddress), cert->validityEnd().toString(QStringLiteral("yyyy-MM-dd"))});
{cert.subjectInfo(Okular::CertificateInfo::EntityInfoKey::CommonName), cert.subjectInfo(Okular::CertificateInfo::EntityInfoKey::EmailAddress), cert.validityEnd().toString(QStringLiteral("yyyy-MM-dd"))});
}
qDeleteAll(certs);
m_pdfsw.defaultLabel->setText(Poppler::getNSSDir());

292
generators/poppler/pdfsignatureutils.cpp
View file

@ -10,254 +10,174 @@
#include <QDebug>
#include <QInputDialog>
PopplerCertificateInfo::PopplerCertificateInfo(const Poppler::CertificateInfo &info)
: m_info(info)
static QString notAvailableIfEmpty(const QString &string)
{
if (string.isEmpty()) {
return i18n("Not Available");
}
return string;
}
PopplerCertificateInfo::~PopplerCertificateInfo()
static Okular::CertificateInfo::KeyUsageExtensions fromPoppler(Poppler::CertificateInfo::KeyUsageExtensions popplerKu)
{
}
bool PopplerCertificateInfo::isNull() const
{
return m_info.isNull();
}
int PopplerCertificateInfo::version() const
{
return m_info.version();
}
QByteArray PopplerCertificateInfo::serialNumber() const
{
return m_info.serialNumber();
}
QString PopplerCertificateInfo::issuerInfo(PopplerCertificateInfo::EntityInfoKey key) const
{
QString str = m_info.issuerInfo(static_cast<Poppler::CertificateInfo::EntityInfoKey>(key));
return !str.isEmpty() ? str : i18n("Not Available");
}
QString PopplerCertificateInfo::subjectInfo(PopplerCertificateInfo::EntityInfoKey key) const
{
QString str = m_info.subjectInfo(static_cast<Poppler::CertificateInfo::EntityInfoKey>(key));
return !str.isEmpty() ? str : i18n("Not Available");
}
QString PopplerCertificateInfo::nickName() const
{
return m_info.nickName();
}
QDateTime PopplerCertificateInfo::validityStart() const
{
return m_info.validityStart();
}
QDateTime PopplerCertificateInfo::validityEnd() const
{
return m_info.validityEnd();
}
PopplerCertificateInfo::KeyUsageExtensions PopplerCertificateInfo::keyUsageExtensions() const
{
Poppler::CertificateInfo::KeyUsageExtensions popplerKu = m_info.keyUsageExtensions();
KeyUsageExtensions ku = KuNone;
using namespace Okular;
CertificateInfo::KeyUsageExtensions ku = CertificateInfo::KuNone;
if (popplerKu.testFlag(Poppler::CertificateInfo::KuDigitalSignature)) {
ku |= KuDigitalSignature;
ku |= CertificateInfo::KuDigitalSignature;
}
if (popplerKu.testFlag(Poppler::CertificateInfo::KuNonRepudiation)) {
ku |= KuNonRepudiation;
ku |= CertificateInfo::KuNonRepudiation;
}
if (popplerKu.testFlag(Poppler::CertificateInfo::KuKeyEncipherment)) {
ku |= KuKeyEncipherment;
ku |= CertificateInfo::KuKeyEncipherment;
}
if (popplerKu.testFlag(Poppler::CertificateInfo::KuDataEncipherment)) {
ku |= KuDataEncipherment;
ku |= CertificateInfo::KuDataEncipherment;
}
if (popplerKu.testFlag(Poppler::CertificateInfo::KuKeyAgreement)) {
ku |= KuKeyAgreement;
ku |= CertificateInfo::KuKeyAgreement;
}
if (popplerKu.testFlag(Poppler::CertificateInfo::KuKeyCertSign)) {
ku |= KuKeyCertSign;
ku |= CertificateInfo::KuKeyCertSign;
}
if (popplerKu.testFlag(Poppler::CertificateInfo::KuClrSign)) {
ku |= KuClrSign;
ku |= CertificateInfo::KuClrSign;
}
if (popplerKu.testFlag(Poppler::CertificateInfo::KuEncipherOnly)) {
ku |= KuEncipherOnly;
ku |= CertificateInfo::KuEncipherOnly;
}
return ku;
}
QByteArray PopplerCertificateInfo::publicKey() const
static Okular::CertificateInfo::PublicKeyType fromPoppler(Poppler::CertificateInfo::PublicKeyType type)
{
return m_info.publicKey();
}
PopplerCertificateInfo::PublicKeyType PopplerCertificateInfo::publicKeyType() const
{
switch (m_info.publicKeyType()) {
switch (type) {
case Poppler::CertificateInfo::RsaKey:
return RsaKey;
return Okular::CertificateInfo::RsaKey;
case Poppler::CertificateInfo::DsaKey:
return DsaKey;
return Okular::CertificateInfo::DsaKey;
case Poppler::CertificateInfo::EcKey:
return EcKey;
return Okular::CertificateInfo::EcKey;
case Poppler::CertificateInfo::OtherKey:
return OtherKey;
return Okular::CertificateInfo::OtherKey;
}
return OtherKey;
return Okular::CertificateInfo::OtherKey;
}
int PopplerCertificateInfo::publicKeyStrength() const
Okular::CertificateInfo fromPoppler(const Poppler::CertificateInfo &pInfo)
{
return m_info.publicKeyStrength();
}
bool PopplerCertificateInfo::isSelfSigned() const
{
return m_info.isSelfSigned();
}
QByteArray PopplerCertificateInfo::certificateData() const
{
return m_info.certificateData();
}
bool PopplerCertificateInfo::checkPassword(const QString &password) const
{
return m_info.checkPassword(password);
}
PopplerSignatureInfo::PopplerSignatureInfo(const Poppler::SignatureValidationInfo &info)
: m_info(info)
{
m_certfiticateInfo = new PopplerCertificateInfo(m_info.certificateInfo());
}
PopplerSignatureInfo::~PopplerSignatureInfo()
{
delete m_certfiticateInfo;
}
PopplerSignatureInfo::SignatureStatus PopplerSignatureInfo::signatureStatus() const
{
switch (m_info.signatureStatus()) {
case Poppler::SignatureValidationInfo::SignatureValid:
return SignatureValid;
case Poppler::SignatureValidationInfo::SignatureInvalid:
return SignatureInvalid;
case Poppler::SignatureValidationInfo::SignatureDigestMismatch:
return SignatureDigestMismatch;
case Poppler::SignatureValidationInfo::SignatureDecodingError:
return SignatureDecodingError;
case Poppler::SignatureValidationInfo::SignatureGenericError:
return SignatureGenericError;
case Poppler::SignatureValidationInfo::SignatureNotFound:
return SignatureNotFound;
case Poppler::SignatureValidationInfo::SignatureNotVerified:
return SignatureNotVerified;
default:
return SignatureStatusUnknown;
Okular::CertificateInfo oInfo;
if (pInfo.isNull()) {
return oInfo;
}
oInfo.setNull(false);
oInfo.setVersion(pInfo.version());
oInfo.setSerialNumber(pInfo.serialNumber());
for (auto key :
{Poppler::CertificateInfo::EntityInfoKey::CommonName, Poppler::CertificateInfo::EntityInfoKey::DistinguishedName, Poppler::CertificateInfo::EntityInfoKey::EmailAddress, Poppler::CertificateInfo::EntityInfoKey::Organization}) {
oInfo.setIssuerInfo(static_cast<Okular::CertificateInfo::EntityInfoKey>(key), notAvailableIfEmpty(pInfo.issuerInfo(key)));
oInfo.setSubjectInfo(static_cast<Okular::CertificateInfo::EntityInfoKey>(key), notAvailableIfEmpty(pInfo.subjectInfo(key)));
}
oInfo.setNickName(pInfo.nickName());
oInfo.setValidityStart(pInfo.validityStart());
oInfo.setValidityEnd(pInfo.validityEnd());
oInfo.setKeyUsageExtensions(fromPoppler(pInfo.keyUsageExtensions()));
oInfo.setPublicKey(pInfo.publicKey());
oInfo.setPublicKeyType(fromPoppler(pInfo.publicKeyType()));
oInfo.setPublicKeyStrength(pInfo.publicKeyStrength());
oInfo.setSelfSigned(pInfo.isSelfSigned());
oInfo.setCertificateData(pInfo.certificateData());
oInfo.setCheckPasswordFunction([pInfo](const QString &password) { return pInfo.checkPassword(password); });
return oInfo;
}
PopplerSignatureInfo::CertificateStatus PopplerSignatureInfo::certificateStatus() const
Okular::SignatureInfo::CertificateStatus fromPoppler(Poppler::SignatureValidationInfo::CertificateStatus status)
{
switch (m_info.certificateStatus()) {
switch (status) {
case Poppler::SignatureValidationInfo::CertificateTrusted:
return CertificateTrusted;
return Okular::SignatureInfo::CertificateTrusted;
case Poppler::SignatureValidationInfo::CertificateUntrustedIssuer:
return CertificateUntrustedIssuer;
return Okular::SignatureInfo::CertificateUntrustedIssuer;
case Poppler::SignatureValidationInfo::CertificateUnknownIssuer:
return CertificateUnknownIssuer;
return Okular::SignatureInfo::CertificateUnknownIssuer;
case Poppler::SignatureValidationInfo::CertificateRevoked:
return CertificateRevoked;
return Okular::SignatureInfo::CertificateRevoked;
case Poppler::SignatureValidationInfo::CertificateExpired:
return CertificateExpired;
return Okular::SignatureInfo::CertificateExpired;
case Poppler::SignatureValidationInfo::CertificateGenericError:
return CertificateGenericError;
return Okular::SignatureInfo::CertificateGenericError;
case Poppler::SignatureValidationInfo::CertificateNotVerified:
return CertificateNotVerified;
return Okular::SignatureInfo::CertificateNotVerified;
default:
return CertificateStatusUnknown;
return Okular::SignatureInfo::CertificateStatusUnknown;
}
}
PopplerSignatureInfo::HashAlgorithm PopplerSignatureInfo::hashAlgorithm() const
Okular::SignatureInfo::SignatureStatus fromPoppler(Poppler::SignatureValidationInfo::SignatureStatus status)
{
switch (m_info.hashAlgorithm()) {
switch (status) {
case Poppler::SignatureValidationInfo::SignatureValid:
return Okular::SignatureInfo::SignatureValid;
case Poppler::SignatureValidationInfo::SignatureInvalid:
return Okular::SignatureInfo::SignatureInvalid;
case Poppler::SignatureValidationInfo::SignatureDigestMismatch:
return Okular::SignatureInfo::SignatureDigestMismatch;
case Poppler::SignatureValidationInfo::SignatureDecodingError:
return Okular::SignatureInfo::SignatureDecodingError;
case Poppler::SignatureValidationInfo::SignatureGenericError:
return Okular::SignatureInfo::SignatureGenericError;
case Poppler::SignatureValidationInfo::SignatureNotFound:
return Okular::SignatureInfo::SignatureNotFound;
case Poppler::SignatureValidationInfo::SignatureNotVerified:
return Okular::SignatureInfo::SignatureNotVerified;
default:
return Okular::SignatureInfo::SignatureStatusUnknown;
}
}
Okular::SignatureInfo::HashAlgorithm fromPoppler(Poppler::SignatureValidationInfo::HashAlgorithm hash)
{
switch (hash) {
case Poppler::SignatureValidationInfo::HashAlgorithmMd2:
return HashAlgorithmMd2;
return Okular::SignatureInfo::HashAlgorithmMd2;
case Poppler::SignatureValidationInfo::HashAlgorithmMd5:
return HashAlgorithmMd5;
return Okular::SignatureInfo::HashAlgorithmMd5;
case Poppler::SignatureValidationInfo::HashAlgorithmSha1:
return HashAlgorithmSha1;
return Okular::SignatureInfo::HashAlgorithmSha1;
case Poppler::SignatureValidationInfo::HashAlgorithmSha256:
return HashAlgorithmSha256;
return Okular::SignatureInfo::HashAlgorithmSha256;
case Poppler::SignatureValidationInfo::HashAlgorithmSha384:
return HashAlgorithmSha384;
return Okular::SignatureInfo::HashAlgorithmSha384;
case Poppler::SignatureValidationInfo::HashAlgorithmSha512:
return HashAlgorithmSha512;
return Okular::SignatureInfo::HashAlgorithmSha512;
case Poppler::SignatureValidationInfo::HashAlgorithmSha224:
return HashAlgorithmSha224;
return Okular::SignatureInfo::HashAlgorithmSha224;
default:
return HashAlgorithmUnknown;
return Okular::SignatureInfo::HashAlgorithmUnknown;
}
}
QString PopplerSignatureInfo::signerName() const
Okular::SignatureInfo fromPoppler(const Poppler::SignatureValidationInfo &pInfo)
{
return m_info.signerName();
}
QString PopplerSignatureInfo::signerSubjectDN() const
{
return m_info.signerSubjectDN();
}
QString PopplerSignatureInfo::location() const
{
return m_info.location();
}
QString PopplerSignatureInfo::reason() const
{
return m_info.reason();
}
QDateTime PopplerSignatureInfo::signingTime() const
{
return QDateTime::fromSecsSinceEpoch(m_info.signingTime());
}
QByteArray PopplerSignatureInfo::signature() const
{
return m_info.signature();
}
QList<qint64> PopplerSignatureInfo::signedRangeBounds() const
{
return m_info.signedRangeBounds();
}
bool PopplerSignatureInfo::signsTotalDocument() const
{
return m_info.signsTotalDocument();
}
const Okular::CertificateInfo &PopplerSignatureInfo::certificateInfo() const
{
return *m_certfiticateInfo;
Okular::SignatureInfo oInfo;
oInfo.setCertificateInfo(fromPoppler(pInfo.certificateInfo()));
oInfo.setSignatureStatus(fromPoppler(pInfo.signatureStatus()));
oInfo.setCertificateStatus(fromPoppler(pInfo.certificateStatus()));
oInfo.setHashAlgorithm(fromPoppler(pInfo.hashAlgorithm()));
oInfo.setSignerName(pInfo.signerName());
oInfo.setSignerSubjectDN(pInfo.signerSubjectDN());
oInfo.setLocation(pInfo.location());
oInfo.setReason(pInfo.reason());
oInfo.setSigningTime(QDateTime::fromSecsSinceEpoch(pInfo.signingTime()));
oInfo.setSignature(pInfo.signature());
oInfo.setSignedRangeBounds(pInfo.signedRangeBounds());
oInfo.setSignsTotalDocument(pInfo.signsTotalDocument());
return oInfo;
}
PopplerCertificateStore::~PopplerCertificateStore() = default;
QList<Okular::CertificateInfo *> PopplerCertificateStore::signingCertificates(bool *userCancelled) const
QList<Okular::CertificateInfo> PopplerCertificateStore::signingCertificates(bool *userCancelled) const
{
*userCancelled = false;
auto PDFGeneratorNSSPasswordCallback = [&userCancelled](const char *element) -> char * {
@ -269,9 +189,9 @@ QList<Okular::CertificateInfo *> PopplerCertificateStore::signingCertificates(bo
Poppler::setNSSPasswordCallback(PDFGeneratorNSSPasswordCallback);
const QVector<Poppler::CertificateInfo> certs = Poppler::getAvailableSigningCertificates();
QList<Okular::CertificateInfo *> vReturnCerts;
QList<Okular::CertificateInfo> vReturnCerts;
for (const auto &cert : certs) {
vReturnCerts.append(new PopplerCertificateInfo(cert));
vReturnCerts.append(fromPoppler(cert));
}
Poppler::setNSSPasswordCallback(nullptr);

53
generators/poppler/pdfsignatureutils.h
View file

@ -13,62 +13,15 @@
#include "core/signatureutils.h"
class PopplerCertificateInfo : public Okular::CertificateInfo
{
public:
explicit PopplerCertificateInfo(const Poppler::CertificateInfo &info);
~PopplerCertificateInfo() override;
bool isNull() const override;
int version() const override;
QByteArray serialNumber() const override;
QString issuerInfo(EntityInfoKey) const override;
QString subjectInfo(EntityInfoKey) const override;
QString nickName() const override;
QDateTime validityStart() const override;
QDateTime validityEnd() const override;
KeyUsageExtensions keyUsageExtensions() const override;
QByteArray publicKey() const override;
PublicKeyType publicKeyType() const override;
int publicKeyStrength() const override;
bool isSelfSigned() const override;
QByteArray certificateData() const override;
bool checkPassword(const QString &password) const override;
private:
Poppler::CertificateInfo m_info;
};
class PopplerSignatureInfo : public Okular::SignatureInfo
{
public:
explicit PopplerSignatureInfo(const Poppler::SignatureValidationInfo &info);
~PopplerSignatureInfo() override;
SignatureStatus signatureStatus() const override;
CertificateStatus certificateStatus() const override;
QString signerName() const override;
QString signerSubjectDN() const override;
QString location() const override;
QString reason() const override;
HashAlgorithm hashAlgorithm() const override;
QDateTime signingTime() const override;
QByteArray signature() const override;
QList<qint64> signedRangeBounds() const override;
bool signsTotalDocument() const override;
const Okular::CertificateInfo &certificateInfo() const override;
private:
Poppler::SignatureValidationInfo m_info;
Okular::CertificateInfo *m_certfiticateInfo;
};
Okular::SignatureInfo fromPoppler(const Poppler::SignatureValidationInfo &info);
Okular::CertificateInfo fromPoppler(const Poppler::CertificateInfo &info);
class PopplerCertificateStore : public Okular::CertificateStore
{
public:
~PopplerCertificateStore() override;
QList<Okular::CertificateInfo *> signingCertificates(bool *userCancelled) const override;
QList<Okular::CertificateInfo> signingCertificates(bool *userCancelled) const override;
};
#endif

2
part/pageview.cpp
View file

@ -5051,7 +5051,7 @@ void PageView::slotSignature()
const Okular::CertificateStore *certStore = d->document->certificateStore();
bool userCancelled, nonDateValidCerts;
const QList<Okular::CertificateInfo *> &certs = certStore->signingCertificatesForNow(&userCancelled, &nonDateValidCerts);
const QList<Okular::CertificateInfo> &certs = certStore->signingCertificatesForNow(&userCancelled, &nonDateValidCerts);
if (userCancelled) {
return;
}

24
part/signaturepartutils.cpp
View file

@ -25,7 +25,7 @@ std::optional<SigningInformation> getCertificateAndPasswordForSigning(PageView *
{
const Okular::CertificateStore *certStore = doc->certificateStore();
bool userCancelled, nonDateValidCerts;
QList<Okular::CertificateInfo *> certs = certStore->signingCertificatesForNow(&userCancelled, &nonDateValidCerts);
QList<Okular::CertificateInfo> certs = certStore->signingCertificatesForNow(&userCancelled, &nonDateValidCerts);
if (userCancelled) {
return std::nullopt;
}
@ -38,31 +38,30 @@ std::optional<SigningInformation> getCertificateAndPasswordForSigning(PageView *
QString documentPassword;
QStringList items;
QHash<QString, Okular::CertificateInfo *> nickToCert;
for (auto cert : qAsConst(certs)) {
items.append(cert->nickName());
nickToCert[cert->nickName()] = cert;
QHash<QString, Okular::CertificateInfo> nickToCert;
for (const auto &cert : qAsConst(certs)) {
items.append(cert.nickName());
nickToCert[cert.nickName()] = cert;
}
bool resok = false;
const QString certNicknameToUse = QInputDialog::getItem(pageView, i18n("Select certificate to sign with"), i18n("Certificates:"), items, 0, false, &resok);
if (!resok) {
qDeleteAll(certs);
return std::nullopt;
}
// I could not find any case in which i need to enter a password to use the certificate, seems that once you unlcok the firefox/NSS database
// you don't need a password anymore, but still there's code to do that in NSS so we have code to ask for it if needed. What we do is
// ask if the empty password is fine, if it is we don't ask the user anything, if it's not, we ask for a password
Okular::CertificateInfo *cert = nickToCert.value(certNicknameToUse);
bool passok = cert->checkPassword(password);
Okular::CertificateInfo cert = nickToCert.value(certNicknameToUse);
bool passok = cert.checkPassword(password);
while (!passok) {
const QString title = i18n("Enter password (if any) to unlock certificate: %1", certNicknameToUse);
bool ok;
password = QInputDialog::getText(pageView, i18n("Enter certificate password"), title, QLineEdit::Password, QString(), &ok);
if (ok) {
passok = cert->checkPassword(password);
passok = cert.checkPassword(password);
} else {
passok = false;
break;
@ -77,12 +76,7 @@ std::optional<SigningInformation> getCertificateAndPasswordForSigning(PageView *
}
if (passok) {
certs.removeOne(cert);
}
qDeleteAll(certs);
if (passok) {
return SigningInformation {std::unique_ptr<Okular::CertificateInfo>(cert), password, documentPassword};
return SigningInformation {std::make_unique<Okular::CertificateInfo>(std::move(cert)), password, documentPassword};
}
return std::nullopt;
}