diff options
author | Miklos Vajna <vmiklos@collabora.com> | 2020-07-24 11:29:27 +0200 |
---|---|---|
committer | Thorsten Behrens <Thorsten.Behrens@CIB.de> | 2020-07-28 00:18:49 +0200 |
commit | 7b6dcebb436a9db99007ceed32ff4d6c63128ab6 (patch) | |
tree | 84eea48902bd6c61a48489e8ed56ad4ea11bf549 /xmlsecurity/qa | |
parent | 9fc50174545bbb9968b47ca200da2816f45e72a1 (diff) |
xmlsecurity: detect unsigned incremental update between signatures
(cherry picked from commit 7468d5df5ec79783eae84b62bdc5ecf12f0ca255)
Conflicts:
vcl/source/filter/ipdf/pdfdocument.cxx
xmlsecurity/source/pdfio/pdfdocument.cxx
Change-Id: I269ed858852ee7d1275adf340c8cc1565fc30693
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/99480
Tested-by: Jenkins CollaboraOffice <jenkinscollaboraoffice@gmail.com>
Reviewed-by: Miklos Vajna <vmiklos@collabora.com>
Diffstat (limited to 'xmlsecurity/qa')
-rw-r--r-- | xmlsecurity/qa/unit/pdfsigning/data/partial-in-between.pdf | bin | 0 -> 104501 bytes | |||
-rw-r--r-- | xmlsecurity/qa/unit/pdfsigning/pdfsigning.cxx | 19 |
2 files changed, 16 insertions, 3 deletions
diff --git a/xmlsecurity/qa/unit/pdfsigning/data/partial-in-between.pdf b/xmlsecurity/qa/unit/pdfsigning/data/partial-in-between.pdf Binary files differnew file mode 100644 index 000000000000..211a111cb394 --- /dev/null +++ b/xmlsecurity/qa/unit/pdfsigning/data/partial-in-between.pdf diff --git a/xmlsecurity/qa/unit/pdfsigning/pdfsigning.cxx b/xmlsecurity/qa/unit/pdfsigning/pdfsigning.cxx index 442323deb6ad..ea6a67f4e64f 100644 --- a/xmlsecurity/qa/unit/pdfsigning/pdfsigning.cxx +++ b/xmlsecurity/qa/unit/pdfsigning/pdfsigning.cxx @@ -75,6 +75,7 @@ public: void testPDFPAdESGood(); /// Test a valid signature that does not cover the whole file. void testPartial(); + void testPartialInBetween(); /// Test writing a PAdES signature. void testSigningCertificateAttribute(); /// Test that we accept files which are supposed to be good. @@ -96,6 +97,7 @@ public: CPPUNIT_TEST(testPDF14LOWin); CPPUNIT_TEST(testPDFPAdESGood); CPPUNIT_TEST(testPartial); + CPPUNIT_TEST(testPartialInBetween); CPPUNIT_TEST(testSigningCertificateAttribute); CPPUNIT_TEST(testGood); CPPUNIT_TEST(testTokenize); @@ -142,9 +144,8 @@ std::vector<SignatureInformation> PDFSigningTest::verify(const OUString& rURL, s for (size_t i = 0; i < aSignatures.size(); ++i) { SignatureInformation aInfo(i); - bool bLast = i == aSignatures.size() - 1; CPPUNIT_ASSERT( - xmlsecurity::pdfio::ValidateSignature(aStream, aSignatures[i], aInfo, bLast)); + xmlsecurity::pdfio::ValidateSignature(aStream, aSignatures[i], aInfo, aVerifyDocument)); aRet.push_back(aInfo); if (!rExpectedSubFilter.isEmpty()) @@ -286,7 +287,7 @@ void PDFSigningTest::testPDFRemove() CPPUNIT_ASSERT_EQUAL(static_cast<size_t>(1), aSignatures.size()); SignatureInformation aInfo(0); CPPUNIT_ASSERT( - xmlsecurity::pdfio::ValidateSignature(aStream, aSignatures[0], aInfo, /*bLast=*/true)); + xmlsecurity::pdfio::ValidateSignature(aStream, aSignatures[0], aInfo, aDocument)); } // Remove the signature and write out the result as remove.pdf. @@ -526,6 +527,18 @@ void PDFSigningTest::testUnknownSubFilter() CPPUNIT_ASSERT_EQUAL(static_cast<std::size_t>(2), rInformations.size()); } +void PDFSigningTest::testPartialInBetween() +{ + std::vector<SignatureInformation> aInfos + = verify(m_directories.getURLFromSrc(DATA_DIRECTORY) + "partial-in-between.pdf", 2, + /*rExpectedSubFilter=*/OString()); + CPPUNIT_ASSERT(!aInfos.empty()); + SignatureInformation& rInformation = aInfos[0]; + // Without the accompanying fix in place, this test would have failed, as unsigned incremental + // update between two signatures were not detected. + CPPUNIT_ASSERT(rInformation.bPartialDocumentSignature); +} + CPPUNIT_TEST_SUITE_REGISTRATION(PDFSigningTest); CPPUNIT_PLUGIN_IMPLEMENT(); |