xmlsecurity: add initial PDFSignatureHelper

This splits most of the PDF signature code out of the pdfverify
executable, and puts it into the xmlsecurity library instead.

The PDFSignatureHelper now attempts to verify PDF signatures, and code
in sdext / sfx2 also calls it (even if PDF is not a ZIP-based format).

Change-Id: I7b8b3ac9c976e4ea4f3796b1cda07c8a2c97bd02
Reviewed-on: https://gerrit.libreoffice.org/29751
Reviewed-by: Miklos Vajna <vmiklos@collabora.co.uk>
Tested-by: Jenkins <ci@libreoffice.org>

2 files changed, 103 insertions, 0 deletions

diff --git a/xmlsecurity/inc/pdfio/pdfdocument.hxx b/xmlsecurity/inc/pdfio/pdfdocument.hxx
new file mode 100644
index 000000000000..9d072615b599
--- /dev/null
+++ b/xmlsecurity/inc/pdfio/pdfdocument.hxx
@@ -0,0 +1,70 @@
+/* -*- Mode: C++; tab-width: 4; indent-tabs-mode: nil; c-basic-offset: 4 -*- */
+/*
+ * This file is part of the LibreOffice project.
+ *
+ * This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/.
+ *
+ */
+
+#ifndef INCLUDED_XMLSECURITY_INC_PDFIO_PDFDOCUMENT_HXX
+#define INCLUDED_XMLSECURITY_INC_PDFIO_PDFDOCUMENT_HXX
+
+#include <vector>
+
+#include <tools/stream.hxx>
+
+#include <xmlsecuritydllapi.h>
+
+namespace xmlsecurity
+{
+namespace pdfio
+{
+
+class PDFTrailerElement;
+class PDFObjectElement;
+
+/// A byte range in a PDF file.
+class PDFElement
+{
+public:
+    virtual bool Read(SvStream& rStream) = 0;
+    virtual ~PDFElement() { }
+};
+
+/// In-memory representation of an on-disk PDF document.
+class XMLSECURITY_DLLPUBLIC PDFDocument
+{
+    /// This vector owns all elements.
+    std::vector< std::unique_ptr<PDFElement> > m_aElements;
+    // List of object offsets we know.
+    std::vector<size_t> m_aXRef;
+    PDFTrailerElement* m_pTrailer;
+
+    static int AsHex(char ch);
+
+public:
+    PDFDocument();
+    PDFDocument& operator=(const PDFDocument&) = delete;
+    PDFDocument(const PDFDocument&) = delete;
+    static OString ReadKeyword(SvStream& rStream);
+    static size_t FindStartXRef(SvStream& rStream);
+    void ReadXRef(SvStream& rStream);
+    static void SkipWhitespace(SvStream& rStream);
+    size_t GetObjectOffset(size_t nIndex) const;
+    const std::vector< std::unique_ptr<PDFElement> >& GetElements();
+    std::vector<PDFObjectElement*> GetPages();
+
+    bool Read(SvStream& rStream);
+    std::vector<PDFObjectElement*> GetSignatureWidgets();
+    /// Return value is about if we can determine a result, bDigestMatch is about the actual result.
+    static bool ValidateSignature(SvStream& rStream, PDFObjectElement* pSignature, bool& bDigestMatch);
+};
+
+} // namespace pdfio
+} // namespace xmlsecurity
+
+#endif // INCLUDED_XMLSECURITY_INC_PDFIO_PDFDOCUMENT_HXX
+
+/* vim:set shiftwidth=4 softtabstop=4 expandtab: */
diff --git a/xmlsecurity/inc/pdfsignaturehelper.hxx b/xmlsecurity/inc/pdfsignaturehelper.hxx
new file mode 100644
index 000000000000..fb928340817d
--- /dev/null
+++ b/xmlsecurity/inc/pdfsignaturehelper.hxx
@@ -0,0 +1,33 @@
+/* -*- Mode: C++; tab-width: 4; indent-tabs-mode: nil; c-basic-offset: 4 -*- */
+/*
+ * This file is part of the LibreOffice project.
+ *
+ * This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/.
+ *
+ */
+
+#ifndef INCLUDED_XMLSECURITY_INC_PDFSIGNATUREHELPER_HXX
+#define INCLUDED_XMLSECURITY_INC_PDFSIGNATUREHELPER_HXX
+
+#include <xmlsecuritydllapi.h>
+
+#include <vector>
+
+#include <com/sun/star/io/XInputStream.hpp>
+#include <com/sun/star/security/DocumentSignatureInformation.hpp>
+
+/// Handles signatures of a PDF file.
+class XMLSECURITY_DLLPUBLIC PDFSignatureHelper
+{
+    std::vector<css::security::DocumentSignatureInformation> m_aSignatureInfos;
+
+public:
+    bool ReadAndVerifySignature(const css::uno::Reference<css::io::XInputStream>& xInputStream);
+    css::uno::Sequence<css::security::DocumentSignatureInformation> GetDocumentSignatureInformations();
+};
+
+#endif // INCLUDED_XMLSECURITY_INC_PDFSIGNATUREHELPER_HXX
+
+/* vim:set shiftwidth=4 softtabstop=4 expandtab: */