diff options
author | Sune Vuorela <sune@vuorela.dk> | 2023-05-22 19:53:08 +0000 |
---|---|---|
committer | Albert Astals Cid <tsdgeos@yahoo.es> | 2023-05-22 19:53:08 +0000 |
commit | 33672ca1b6670f7378e24f6d475438f7f5d86b05 (patch) | |
tree | bfa9e7942c440c1ed78b720258e4d6d0f94df467 | |
parent | 4efd2f9f8175cb5d448809b56f67524df6e220aa (diff) |
Fix crash with weird hashing used for signatures
-rw-r--r-- | poppler/SignatureHandler.cc | 15 | ||||
-rw-r--r-- | poppler/SignatureHandler.h | 7 |
2 files changed, 18 insertions, 4 deletions
diff --git a/poppler/SignatureHandler.cc b/poppler/SignatureHandler.cc index a306c358..b8f08acd 100644 --- a/poppler/SignatureHandler.cc +++ b/poppler/SignatureHandler.cc @@ -768,11 +768,11 @@ SignatureVerificationHandler::SignatureVerificationHandler(std::vector<unsigned SECItem usedAlgorithm = NSS_CMSSignedData_GetDigestAlgs(CMSSignedData)[0]->algorithm; auto hashAlgorithm = SECOID_FindOIDTag(&usedAlgorithm); HASH_HashType hashType = HASH_GetHashTypeByOidTag(hashAlgorithm); - hashContext = std::make_unique<HashContext>(ConvertHashTypeFromNss(hashType)); + hashContext = HashContext::create(ConvertHashTypeFromNss(hashType)); } } -SignatureSignHandler::SignatureSignHandler(const std::string &certNickname, HashAlgorithm digestAlgTag) : hashContext(std::make_unique<HashContext>(digestAlgTag)), signing_cert(nullptr) +SignatureSignHandler::SignatureSignHandler(const std::string &certNickname, HashAlgorithm digestAlgTag) : hashContext(HashContext::create(digestAlgTag)), signing_cert(nullptr) { SignatureHandler::setNSSDir({}); signing_cert = CERT_FindCertByNickname(CERT_GetDefaultCertDB(), certNickname.c_str()); @@ -1232,7 +1232,16 @@ std::vector<unsigned char> HashContext::endHash() return digestBuffer; } -HashContext::HashContext(HashAlgorithm algorithm) : hash_context { HASH_Create(HASH_GetHashTypeByOidTag(ConvertHashAlgorithmToNss(algorithm))) }, digest_alg_tag(algorithm) { } +HashContext::HashContext(HashAlgorithm algorithm, private_tag) : hash_context { HASH_Create(HASH_GetHashTypeByOidTag(ConvertHashAlgorithmToNss(algorithm))) }, digest_alg_tag(algorithm) { } + +std::unique_ptr<HashContext> HashContext::create(HashAlgorithm algorithm) +{ + auto ctx = std::make_unique<HashContext>(algorithm, private_tag {}); + if (ctx->hash_context) { + return ctx; + } + return {}; +} HashAlgorithm HashContext::getHashAlgorithm() const { diff --git a/poppler/SignatureHandler.h b/poppler/SignatureHandler.h index 8a978f09..d166305b 100644 --- a/poppler/SignatureHandler.h +++ b/poppler/SignatureHandler.h @@ -47,12 +47,17 @@ class HashContext { + class private_tag + { + }; + public: - explicit HashContext(HashAlgorithm algorithm); + HashContext(HashAlgorithm algorithm, private_tag); void updateHash(unsigned char *data_block, int data_len); std::vector<unsigned char> endHash(); HashAlgorithm getHashAlgorithm() const; ~HashContext() = default; + static std::unique_ptr<HashContext> create(HashAlgorithm algorithm); private: struct HashDestroyer |