[poppler] poppler/SignatureHandler.cc poppler/SignatureHandler.h
poppler/SignatureHandler.cc | 15 --- poppler/SignatureHandler.h |7 ++- 2 files changed, 18 insertions(+), 4 deletions(-) New commits: commit 33672ca1b6670f7378e24f6d475438f7f5d86b05 Author: Sune Vuorela Date: Mon May 22 19:53:08 2023 + Fix crash with weird hashing used for signatures diff --git a/poppler/SignatureHandler.cc b/poppler/SignatureHandler.cc index a306c358..b8f08acd 100644 --- a/poppler/SignatureHandler.cc +++ b/poppler/SignatureHandler.cc @@ -768,11 +768,11 @@ SignatureVerificationHandler::SignatureVerificationHandler(std::vectoralgorithm; auto hashAlgorithm = SECOID_FindOIDTag(); HASH_HashType hashType = HASH_GetHashTypeByOidTag(hashAlgorithm); -hashContext = std::make_unique(ConvertHashTypeFromNss(hashType)); +hashContext = HashContext::create(ConvertHashTypeFromNss(hashType)); } } -SignatureSignHandler::SignatureSignHandler(const std::string , HashAlgorithm digestAlgTag) : hashContext(std::make_unique(digestAlgTag)), signing_cert(nullptr) +SignatureSignHandler::SignatureSignHandler(const std::string , HashAlgorithm digestAlgTag) : hashContext(HashContext::create(digestAlgTag)), signing_cert(nullptr) { SignatureHandler::setNSSDir({}); signing_cert = CERT_FindCertByNickname(CERT_GetDefaultCertDB(), certNickname.c_str()); @@ -1232,7 +1232,16 @@ std::vector HashContext::endHash() return digestBuffer; } -HashContext::HashContext(HashAlgorithm algorithm) : hash_context { HASH_Create(HASH_GetHashTypeByOidTag(ConvertHashAlgorithmToNss(algorithm))) }, digest_alg_tag(algorithm) { } +HashContext::HashContext(HashAlgorithm algorithm, private_tag) : hash_context { HASH_Create(HASH_GetHashTypeByOidTag(ConvertHashAlgorithmToNss(algorithm))) }, digest_alg_tag(algorithm) { } + +std::unique_ptr HashContext::create(HashAlgorithm algorithm) +{ +auto ctx = std::make_unique(algorithm, private_tag {}); +if (ctx->hash_context) { +return ctx; +} +return {}; +} HashAlgorithm HashContext::getHashAlgorithm() const { diff --git a/poppler/SignatureHandler.h b/poppler/SignatureHandler.h index 8a978f09..d166305b 100644 --- a/poppler/SignatureHandler.h +++ b/poppler/SignatureHandler.h @@ -47,12 +47,17 @@ class HashContext { +class private_tag +{ +}; + public: -explicit HashContext(HashAlgorithm algorithm); +HashContext(HashAlgorithm algorithm, private_tag); void updateHash(unsigned char *data_block, int data_len); std::vector endHash(); HashAlgorithm getHashAlgorithm() const; ~HashContext() = default; +static std::unique_ptr create(HashAlgorithm algorithm); private: struct HashDestroyer
[poppler] poppler/SignatureHandler.cc
poppler/SignatureHandler.cc | 10 -- 1 file changed, 8 insertions(+), 2 deletions(-) New commits: commit 098d2d497b3d8cbc4fdf9eb68385bfbe2ee3e711 Author: Sune Vuorela Date: Mon Mar 27 17:52:28 2023 +0200 Fix crash in bad signature verification If the signature existing but too wrong for us to understand, we might not get the hashContext object created, so guard against that. This is fallout from 08c0766e9d. Note the SignHandler does not need the same guards; the hashContext is always present. diff --git a/poppler/SignatureHandler.cc b/poppler/SignatureHandler.cc index 64ac6594..99163000 100644 --- a/poppler/SignatureHandler.cc +++ b/poppler/SignatureHandler.cc @@ -780,12 +780,18 @@ SignatureSignHandler::SignatureSignHandler(const std::string , Hash HashAlgorithm SignatureVerificationHandler::getHashAlgorithm() const { -return hashContext->getHashAlgorithm(); +if (hashContext) { +return hashContext->getHashAlgorithm(); +} else { +return HashAlgorithm::Unknown; +} } void SignatureVerificationHandler::updateHash(unsigned char *data_block, int data_len) { -hashContext->updateHash(data_block, data_len); +if (hashContext) { +hashContext->updateHash(data_block, data_len); +} } void SignatureSignHandler::updateHash(unsigned char *data_block, int data_len)
[poppler] poppler/SignatureHandler.cc poppler/SignatureHandler.h
poppler/SignatureHandler.cc | 94 +++- poppler/SignatureHandler.h | 27 2 files changed, 60 insertions(+), 61 deletions(-) New commits: commit f8d8753fecdb8b4e572d3aec6c654c5efb498b44 Author: Sune Vuorela Date: Thu Mar 16 09:45:02 2023 +0100 Split HashContext to separate class Then we only need one place to do the endHash and memory handling. diff --git a/poppler/SignatureHandler.cc b/poppler/SignatureHandler.cc index 7ba09136..17d7cb17 100644 --- a/poppler/SignatureHandler.cc +++ b/poppler/SignatureHandler.cc @@ -457,28 +457,6 @@ static SECOidTag ConvertHashAlgorithmToNss(HashAlgorithm digestAlgId) return SEC_OID_UNKNOWN; } -static HashAlgorithm ConvertHashAlgorithmFromNss(SECOidTag digestAlgId) -{ -switch (digestAlgId) { -case SEC_OID_MD2: -return HashAlgorithm::Md2; -case SEC_OID_MD5: -return HashAlgorithm::Md5; -case SEC_OID_SHA1: -return HashAlgorithm::Sha1; -case SEC_OID_SHA256: -return HashAlgorithm::Sha256; -case SEC_OID_SHA384: -return HashAlgorithm::Sha384; -case SEC_OID_SHA512: -return HashAlgorithm::Sha512; -case SEC_OID_SHA224: -return HashAlgorithm::Sha224; -default: -return HashAlgorithm::Unknown; -} -} - static HashAlgorithm ConvertHashTypeFromNss(HASH_HashType type) { switch (type) { @@ -503,7 +481,7 @@ static HashAlgorithm ConvertHashTypeFromNss(HASH_HashType type) return HashAlgorithm::Unknown; } -unsigned int SignatureHandler::digestLength(HashAlgorithm digestAlgId) +static unsigned int digestLength(HashAlgorithm digestAlgId) { switch (digestAlgId) { case HashAlgorithm::Sha1: @@ -577,8 +555,8 @@ std::string SignatureHandler::getSignerSubjectDN() const HashAlgorithm SignatureHandler::getHashAlgorithm() const { -if (hash_context && hash_context->hashobj) { -return ConvertHashTypeFromNss(hash_context->hashobj->type); +if (hashContext) { +return hashContext->getHashAlgorithm(); } return HashAlgorithm::Unknown; } @@ -799,7 +777,7 @@ void SignatureHandler::setNSSPasswordCallback(const std::function &) : p7(std::move(p7data)), hash_context(nullptr), CMSMessage(nullptr), CMSSignedData(nullptr), CMSSignerInfo(nullptr), signing_cert(nullptr) +SignatureHandler::SignatureHandler(std::vector &) : p7(std::move(p7data)), hashContext(nullptr), CMSMessage(nullptr), CMSSignedData(nullptr), CMSSignerInfo(nullptr), signing_cert(nullptr) { setNSSDir({}); CMSitem.data = p7.data(); @@ -808,34 +786,26 @@ SignatureHandler::SignatureHandler(std::vector &) : p7(std CMSSignedData = CMS_SignedDataCreate(CMSMessage); if (CMSSignedData) { CMSSignerInfo = CMS_SignerInfoCreate(CMSSignedData); -hash_context.reset(initHashContext()); + +SECItem usedAlgorithm = NSS_CMSSignedData_GetDigestAlgs(CMSSignedData)[0]->algorithm; +auto hashAlgorithm = SECOID_FindOIDTag(); +HASH_HashType hashType = HASH_GetHashTypeByOidTag(hashAlgorithm); +hashContext = std::make_unique(ConvertHashTypeFromNss(hashType)); } } SignatureHandler::SignatureHandler(const std::string , HashAlgorithm digestAlgTag) -: hash_length(digestLength(digestAlgTag)), digest_alg_tag(digestAlgTag), CMSitem(), hash_context(nullptr), CMSMessage(nullptr), CMSSignedData(nullptr), CMSSignerInfo(nullptr), signing_cert(nullptr) +: CMSitem(), hashContext(std::make_unique(digestAlgTag)), CMSMessage(nullptr), CMSSignedData(nullptr), CMSSignerInfo(nullptr), signing_cert(nullptr) { setNSSDir({}); CMSMessage = NSS_CMSMessage_Create(nullptr); signing_cert = CERT_FindCertByNickname(CERT_GetDefaultCertDB(), certNickname.c_str()); - hash_context.reset(HASH_Create(HASH_GetHashTypeByOidTag(ConvertHashAlgorithmToNss(digestAlgTag; -} - -HASHContext *SignatureHandler::initHashContext() -{ - -SECItem usedAlgorithm = NSS_CMSSignedData_GetDigestAlgs(CMSSignedData)[0]->algorithm; -const auto hashAlgorithm = SECOID_FindOIDTag(); -hash_length = digestLength(ConvertHashAlgorithmFromNss(hashAlgorithm)); -HASH_HashType hashType; -hashType = HASH_GetHashTypeByOidTag(hashAlgorithm); -return HASH_Create(hashType); } void SignatureHandler::updateHash(unsigned char *data_block, int data_len) { -if (hash_context) { -HASH_Update(hash_context.get(), data_block, data_len); +if (hashContext) { +hashContext->updateHash(data_block, data_len); } } @@ -952,18 +922,15 @@ SignatureValidationStatus SignatureHandler::validateSignature() return SIGNATURE_GENERIC_ERROR; } -if (!hash_context) { +if (!hashContext) { return SIGNATURE_GENERIC_ERROR; } -auto digest_buffer = std::vector(hash_length); -unsigned int result_len = 0; - -HASH_End(hash_context.get(), digest_buffer.data(), _len, digest_buffer.size()); +std::vector
[poppler] poppler/SignatureHandler.cc poppler/SignatureHandler.h
poppler/SignatureHandler.cc |8 poppler/SignatureHandler.h |8 2 files changed, 8 insertions(+), 8 deletions(-) New commits: commit b39c8cd2bc7757b3c1c4756de345702f852a4706 Author: Sune Vuorela Date: Fri Mar 17 14:24:51 2023 +0100 Add const to a few signature methods diff --git a/poppler/SignatureHandler.cc b/poppler/SignatureHandler.cc index 94240ef3..e28853e5 100644 --- a/poppler/SignatureHandler.cc +++ b/poppler/SignatureHandler.cc @@ -520,7 +520,7 @@ unsigned int SignatureHandler::digestLength(HashAlgorithm digestAlgId) } } -std::string SignatureHandler::getSignerName() +std::string SignatureHandler::getSignerName() const { if (!NSS_IsInitialized()) { return {}; @@ -553,7 +553,7 @@ std::string SignatureHandler::getSignerName() return name; } -std::string SignatureHandler::getSignerSubjectDN() +std::string SignatureHandler::getSignerSubjectDN() const { if (!signing_cert && !CMSSignerInfo) { return {}; @@ -575,7 +575,7 @@ std::string SignatureHandler::getSignerSubjectDN() return activeCert->subjectName; } -HashAlgorithm SignatureHandler::getHashAlgorithm() +HashAlgorithm SignatureHandler::getHashAlgorithm() const { if (hash_context && hash_context->hashobj) { return ConvertHashTypeFromNss(hash_context->hashobj->type); @@ -583,7 +583,7 @@ HashAlgorithm SignatureHandler::getHashAlgorithm() return HashAlgorithm::Unknown; } -time_t SignatureHandler::getSigningTime() +time_t SignatureHandler::getSigningTime() const { PRTime sTime; // time in microseconds since the epoch diff --git a/poppler/SignatureHandler.h b/poppler/SignatureHandler.h index 218000c4..9cf701f2 100644 --- a/poppler/SignatureHandler.h +++ b/poppler/SignatureHandler.h @@ -49,10 +49,10 @@ public: SignatureHandler(unsigned char *p7, int p7_length); SignatureHandler(const char *certNickname, HashAlgorithm digestAlgTag); ~SignatureHandler(); -time_t getSigningTime(); -std::string getSignerName(); -std::string getSignerSubjectDN(); -HashAlgorithm getHashAlgorithm(); +time_t getSigningTime() const; +std::string getSignerName() const; +std::string getSignerSubjectDN() const; +HashAlgorithm getHashAlgorithm() const; void updateHash(unsigned char *data_block, int data_len); void restartHash(); SignatureValidationStatus validateSignature();
[poppler] poppler/SignatureHandler.cc poppler/SignatureHandler.h
poppler/SignatureHandler.cc | 30 +++--- poppler/SignatureHandler.h |2 +- 2 files changed, 20 insertions(+), 12 deletions(-) New commits: commit ede53de1654afe86e25fa22c7e9d50003a217d5a Author: Sune Vuorela Date: Mon Mar 13 14:48:21 2023 +0100 Valgrind cleanup of signing signing_cert is owned by us while verifying, but the data we were writing to it while signing was not (directly) owned by us, so don't free it. Or well. Don't write it to a class member. diff --git a/poppler/SignatureHandler.cc b/poppler/SignatureHandler.cc index 51c532c6..94240ef3 100644 --- a/poppler/SignatureHandler.cc +++ b/poppler/SignatureHandler.cc @@ -522,8 +522,6 @@ unsigned int SignatureHandler::digestLength(HashAlgorithm digestAlgId) std::string SignatureHandler::getSignerName() { -char *commonName; - if (!NSS_IsInitialized()) { return {}; } @@ -531,16 +529,21 @@ std::string SignatureHandler::getSignerName() if (!signing_cert && !CMSSignerInfo) { return {}; } +CERTCertificate *activeCert = nullptr; if (!signing_cert) { -signing_cert = NSS_CMSSignerInfo_GetSigningCertificate(CMSSignerInfo, CERT_GetDefaultCertDB()); +// we are signing, and thus getting the name of the SignerInfo, not of the signing cert. Data owned by CMSSignerInfo +activeCert = NSS_CMSSignerInfo_GetSigningCertificate(CMSSignerInfo, CERT_GetDefaultCertDB()); +} else { +// We are verifying. data owned by us. +activeCert = signing_cert; } -if (!signing_cert) { +if (!activeCert) { return {}; } -commonName = CERT_GetCommonName(_cert->subject); +char *commonName = CERT_GetCommonName(>subject); if (!commonName) { return {}; } @@ -550,21 +553,26 @@ std::string SignatureHandler::getSignerName() return name; } -const char *SignatureHandler::getSignerSubjectDN() +std::string SignatureHandler::getSignerSubjectDN() { if (!signing_cert && !CMSSignerInfo) { -return nullptr; +return {}; } +CERTCertificate *activeCert = nullptr; if (!signing_cert) { -signing_cert = NSS_CMSSignerInfo_GetSigningCertificate(CMSSignerInfo, CERT_GetDefaultCertDB()); +// we are signing, and thus getting the name of the SignerInfo, not of the signing cert. Data owned by CMSSignerInfo +activeCert = NSS_CMSSignerInfo_GetSigningCertificate(CMSSignerInfo, CERT_GetDefaultCertDB()); +} else { +// We are verifying. data owned by us. +activeCert = signing_cert; } -if (!signing_cert) { -return nullptr; +if (!activeCert) { +return {}; } -return signing_cert->subjectName; +return activeCert->subjectName; } HashAlgorithm SignatureHandler::getHashAlgorithm() diff --git a/poppler/SignatureHandler.h b/poppler/SignatureHandler.h index fdc0ebd4..218000c4 100644 --- a/poppler/SignatureHandler.h +++ b/poppler/SignatureHandler.h @@ -51,7 +51,7 @@ public: ~SignatureHandler(); time_t getSigningTime(); std::string getSignerName(); -const char *getSignerSubjectDN(); +std::string getSignerSubjectDN(); HashAlgorithm getHashAlgorithm(); void updateHash(unsigned char *data_block, int data_len); void restartHash();
[poppler] poppler/SignatureHandler.cc poppler/SignatureHandler.h
poppler/SignatureHandler.cc | 10 +++--- poppler/SignatureHandler.h |3 --- 2 files changed, 7 insertions(+), 6 deletions(-) New commits: commit fc802d21df3c70f721c0353ab8862a4632c8018e Author: Sune Vuorela Date: Thu Mar 16 09:54:54 2023 +0100 Make standalone methods standalone In previous commits, these functions has been made fully standalone, so now make it obvious. diff --git a/poppler/SignatureHandler.cc b/poppler/SignatureHandler.cc index 231a8c01..51c532c6 100644 --- a/poppler/SignatureHandler.cc +++ b/poppler/SignatureHandler.cc @@ -197,6 +197,10 @@ const SEC_ASN1Template TimeStampReq_Template[] = { { SEC_ASN1_SEQUENCE, 0, nullp { 0, 0, nullptr, 0 } }; */ +static NSSCMSMessage *CMS_MessageCreate(SECItem *cms_item); +static NSSCMSSignedData *CMS_SignedDataCreate(NSSCMSMessage *cms_msg); +static NSSCMSSignerInfo *CMS_SignerInfoCreate(NSSCMSSignedData *cms_sig_data); + // a dummy, actually static char *passwordCallback(PK11SlotInfo * /*slot*/, PRBool /*retry*/, void *arg) { @@ -856,7 +860,7 @@ SignatureHandler::~SignatureHandler() } } -NSSCMSMessage *SignatureHandler::CMS_MessageCreate(SECItem *cms_item) +static NSSCMSMessage *CMS_MessageCreate(SECItem *cms_item) { if (cms_item->data) { return NSS_CMSMessage_CreateFromDER(cms_item, nullptr, nullptr /* Content callback */ @@ -869,7 +873,7 @@ NSSCMSMessage *SignatureHandler::CMS_MessageCreate(SECItem *cms_item) } } -NSSCMSSignedData *SignatureHandler::CMS_SignedDataCreate(NSSCMSMessage *cms_msg) +static NSSCMSSignedData *CMS_SignedDataCreate(NSSCMSMessage *cms_msg) { if (!NSS_CMSMessage_IsSigned(cms_msg)) { error(errInternal, 0, "Input couldn't be parsed as a CMS signature"); @@ -905,7 +909,7 @@ NSSCMSSignedData *SignatureHandler::CMS_SignedDataCreate(NSSCMSMessage *cms_msg) } } -NSSCMSSignerInfo *SignatureHandler::CMS_SignerInfoCreate(NSSCMSSignedData *cms_sig_data) +NSSCMSSignerInfo *CMS_SignerInfoCreate(NSSCMSSignedData *cms_sig_data) { NSSCMSSignerInfo *signerInfo = NSS_CMSSignedData_GetSignerInfo(cms_sig_data, 0); if (!signerInfo) { diff --git a/poppler/SignatureHandler.h b/poppler/SignatureHandler.h index b45a27e7..fdc0ebd4 100644 --- a/poppler/SignatureHandler.h +++ b/poppler/SignatureHandler.h @@ -78,9 +78,6 @@ private: SignatureHandler =(const SignatureHandler &); unsigned int digestLength(HashAlgorithm digestAlgId); -NSSCMSMessage *CMS_MessageCreate(SECItem *cms_item); -NSSCMSSignedData *CMS_SignedDataCreate(NSSCMSMessage *cms_msg); -NSSCMSSignerInfo *CMS_SignerInfoCreate(NSSCMSSignedData *cms_sig_data); HASHContext *initHashContext(); static void outputCallback(void *arg, const char *buf, unsigned long len);
[poppler] poppler/SignatureHandler.cc
poppler/SignatureHandler.cc |4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) New commits: commit e18bdd936d9da551506715f8f7e36c13599c9728 Author: Albert Astals Cid Date: Thu Mar 16 00:53:10 2023 +0100 SignatureHandler::validateSignature: Use the actual hash length It's going to be the same size, but this is more proper diff --git a/poppler/SignatureHandler.cc b/poppler/SignatureHandler.cc index 059d8efb..231a8c01 100644 --- a/poppler/SignatureHandler.cc +++ b/poppler/SignatureHandler.cc @@ -6,7 +6,7 @@ // // Copyright 2015, 2016 André Guerreiro // Copyright 2015 André Esser -// Copyright 2015, 2016, 2018, 2019, 2021, 2022 Albert Astals Cid +// Copyright 2015, 2016, 2018, 2019, 2021-2023 Albert Astals Cid // Copyright 2015 Markus Kilås // Copyright 2017 Sebastian Rasmussen // Copyright 2017 Hans-Ulrich Jüttner @@ -957,7 +957,7 @@ SignatureValidationStatus SignatureHandler::validateSignature() SECItem digest; digest.data = digest_buffer.data(); -digest.len = digest_buffer.size(); +digest.len = result_len; if ((NSS_CMSSignerInfo_GetSigningCertificate(CMSSignerInfo, CERT_GetDefaultCertDB())) == nullptr) { CMSSignerInfo->verificationStatus = NSSCMSVS_SigningCertNotFound;
[poppler] poppler/SignatureHandler.cc poppler/SignatureHandler.h
poppler/SignatureHandler.cc | 20 ++-- poppler/SignatureHandler.h |1 - 2 files changed, 14 insertions(+), 7 deletions(-) New commits: commit fb49889fea6e6003d8b8e2d65de0ce58d6229d54 Author: Sune Vuorela Date: Mon Mar 13 13:56:59 2023 +0100 Simplify temp_certs memory handling diff --git a/poppler/SignatureHandler.cc b/poppler/SignatureHandler.cc index 138f394a..d0f6e0fd 100644 --- a/poppler/SignatureHandler.cc +++ b/poppler/SignatureHandler.cc @@ -786,7 +786,7 @@ void SignatureHandler::setNSSPasswordCallback(const std::functiontempCerts; +} NSS_CMSMessage_Destroy(CMSMessage); +free(toFree); } if (signing_cert) { CERT_DestroyCertificate(signing_cert); } - -free(temp_certs); } NSSCMSMessage *SignatureHandler::CMS_MessageCreate(SECItem *cms_item) @@ -888,8 +898,6 @@ NSSCMSSignedData *SignatureHandler::CMS_SignedDataCreate(NSSCMSMessage *cms_msg) for (i = 0; signedData->rawCerts[i]; ++i) { signedData->tempCerts[i] = CERT_NewTempCertificate(CERT_GetDefaultCertDB(), signedData->rawCerts[i], nullptr, 0, 0); } - -temp_certs = signedData->tempCerts; return signedData; } else { return nullptr; diff --git a/poppler/SignatureHandler.h b/poppler/SignatureHandler.h index 5f7a6b20..b45a27e7 100644 --- a/poppler/SignatureHandler.h +++ b/poppler/SignatureHandler.h @@ -96,7 +96,6 @@ private: NSSCMSSignedData *CMSSignedData; NSSCMSSignerInfo *CMSSignerInfo; CERTCertificate *signing_cert; -CERTCertificate **temp_certs; static std::string sNssDir; };
[poppler] poppler/SignatureHandler.cc
poppler/SignatureHandler.cc | 19 +++ 1 file changed, 11 insertions(+), 8 deletions(-) New commits: commit fcb7b90ddbd6135e3fbf1032de07bc5b0e351df2 Author: Sune Vuorela Date: Mon Mar 13 14:28:08 2023 +0100 nss created message was leaked on most errors Use a unique_ptr to ensure it is being destructed properly diff --git a/poppler/SignatureHandler.cc b/poppler/SignatureHandler.cc index 9979119a..138f394a 100644 --- a/poppler/SignatureHandler.cc +++ b/poppler/SignatureHandler.cc @@ -1052,31 +1052,35 @@ std::unique_ptr SignatureHandler::signDetached(const char *password) /// Code from LibreOffice under MPLv2 / -NSSCMSMessage *cms_msg = NSS_CMSMessage_Create(nullptr); +struct NSSCMSMessageDestroyer +{ +void operator()(NSSCMSMessage *message) { NSS_CMSMessage_Destroy(message); } +}; +std::unique_ptr cms_msg { NSS_CMSMessage_Create(nullptr) }; if (!cms_msg) { return nullptr; } -NSSCMSSignedData *cms_sd = NSS_CMSSignedData_Create(cms_msg); +NSSCMSSignedData *cms_sd = NSS_CMSSignedData_Create(cms_msg.get()); if (!cms_sd) { return nullptr; } -NSSCMSContentInfo *cms_cinfo = NSS_CMSMessage_GetContentInfo(cms_msg); +NSSCMSContentInfo *cms_cinfo = NSS_CMSMessage_GetContentInfo(cms_msg.get()); -if (NSS_CMSContentInfo_SetContent_SignedData(cms_msg, cms_cinfo, cms_sd) != SECSuccess) { +if (NSS_CMSContentInfo_SetContent_SignedData(cms_msg.get(), cms_cinfo, cms_sd) != SECSuccess) { return nullptr; } cms_cinfo = NSS_CMSSignedData_GetContentInfo(cms_sd); // Attach NULL data as detached data -if (NSS_CMSContentInfo_SetContent_Data(cms_msg, cms_cinfo, nullptr, PR_TRUE) != SECSuccess) { +if (NSS_CMSContentInfo_SetContent_Data(cms_msg.get(), cms_cinfo, nullptr, PR_TRUE) != SECSuccess) { return nullptr; } // hardcode SHA256 these days... -NSSCMSSignerInfo *cms_signer = NSS_CMSSignerInfo_Create(cms_msg, signing_cert, SEC_OID_SHA256); +NSSCMSSignerInfo *cms_signer = NSS_CMSSignerInfo_Create(cms_msg.get(), signing_cert, SEC_OID_SHA256); if (!cms_signer) { return nullptr; } @@ -1180,7 +1184,7 @@ std::unique_ptr SignatureHandler::signDetached(const char *password) cms_output.data = nullptr; cms_output.len = 0; -NSSCMSEncoderContext *cms_ecx = NSS_CMSEncoder_Start(cms_msg, nullptr, nullptr, _output, arena.get(), passwordCallback, const_cast(password), nullptr, nullptr, nullptr, nullptr); +NSSCMSEncoderContext *cms_ecx = NSS_CMSEncoder_Start(cms_msg.get(), nullptr, nullptr, _output, arena.get(), passwordCallback, const_cast(password), nullptr, nullptr, nullptr, nullptr); if (!cms_ecx) { return nullptr; } @@ -1192,7 +1196,6 @@ std::unique_ptr SignatureHandler::signDetached(const char *password) GooString *signature = new GooString(reinterpret_cast(cms_output.data), cms_output.len); SECITEM_FreeItem(pEncodedCertificate, PR_TRUE); -NSS_CMSMessage_Destroy(cms_msg); return std::unique_ptr(signature); }
[poppler] poppler/SignatureHandler.cc
poppler/SignatureHandler.cc | 20 +++- 1 file changed, 11 insertions(+), 9 deletions(-) New commits: commit bd533d75bb171dada6fa9e9fdc5bdc3e42824b97 Author: Sune Vuorela Date: Mon Mar 13 14:21:23 2023 +0100 Put the arenapool in a unique_ptr Also allocate it a bit earlier to use it for a few other entries that might otherwise else be leaked in certain error conditions diff --git a/poppler/SignatureHandler.cc b/poppler/SignatureHandler.cc index b56b23b5..9979119a 100644 --- a/poppler/SignatureHandler.cc +++ b/poppler/SignatureHandler.cc @@ -212,7 +212,7 @@ static void shutdownNss() // SEC_StringToOID() and NSS_CMSSignerInfo_AddUnauthAttr() are // not exported from libsmime, so copy them here. Sigh. -static SECStatus my_SEC_StringToOID(SECItem *to, const char *from, PRUint32 len) +static SECStatus my_SEC_StringToOID(PLArenaPool *arena, SECItem *to, const char *from, PRUint32 len) { PRUint32 decimal_numbers = 0; PRUint32 result_bytes = 0; @@ -305,7 +305,7 @@ static SECStatus my_SEC_StringToOID(SECItem *to, const char *from, PRUint32 len) SECItem result_item = { siBuffer, nullptr, 0 }; result_item.data = result; result_item.len = result_bytes; -rv = SECITEM_CopyItem(nullptr, to, _item); +rv = SECITEM_CopyItem(arena, to, _item); } return rv; } @@ -1097,13 +1097,19 @@ std::unique_ptr SignatureHandler::signDetached(const char *password) return nullptr; } +struct PLArenaFreeFalse +{ +void operator()(PLArenaPool *arena) { PORT_FreeArena(arena, PR_FALSE); } +}; +std::unique_ptr arena { PORT_NewArena(1) }; + // Add the signing certificate as a signed attribute. ESSCertIDv2 *aCertIDs[2]; ESSCertIDv2 aCertID; // Write ESSCertIDv2.hashAlgorithm. aCertID.hashAlgorithm.algorithm.data = nullptr; aCertID.hashAlgorithm.parameters.data = nullptr; -SECOID_SetAlgorithmID(nullptr, , SEC_OID_SHA256, nullptr); +SECOID_SetAlgorithmID(arena.get(), , SEC_OID_SHA256, nullptr); // Write ESSCertIDv2.certHash. SECItem aCertHashItem; @@ -1154,7 +1160,7 @@ std::unique_ptr SignatureHandler::signDetached(const char *password) * { iso(1) member-body(2) us(840) rsadsi(113549) pkcs(1) pkcs9(9) * smime(16) id-aa(2) 47 } */ -if (my_SEC_StringToOID(, "1.2.840.113549.1.9.16.2.47", 0) != SECSuccess) { +if (my_SEC_StringToOID(arena.get(), , "1.2.840.113549.1.9.16.2.47", 0) != SECSuccess) { return nullptr; } @@ -1173,16 +1179,13 @@ std::unique_ptr SignatureHandler::signDetached(const char *password) SECItem cms_output; cms_output.data = nullptr; cms_output.len = 0; -PLArenaPool *arena = PORT_NewArena(1); -NSSCMSEncoderContext *cms_ecx = NSS_CMSEncoder_Start(cms_msg, nullptr, nullptr, _output, arena, passwordCallback, const_cast(password), nullptr, nullptr, nullptr, nullptr); +NSSCMSEncoderContext *cms_ecx = NSS_CMSEncoder_Start(cms_msg, nullptr, nullptr, _output, arena.get(), passwordCallback, const_cast(password), nullptr, nullptr, nullptr, nullptr); if (!cms_ecx) { -PORT_FreeArena(arena, PR_FALSE); return nullptr; } if (NSS_CMSEncoder_Finish(cms_ecx) != SECSuccess) { -PORT_FreeArena(arena, PR_FALSE); return nullptr; } @@ -1190,7 +1193,6 @@ std::unique_ptr SignatureHandler::signDetached(const char *password) SECITEM_FreeItem(pEncodedCertificate, PR_TRUE); NSS_CMSMessage_Destroy(cms_msg); -PORT_FreeArena(arena, PR_FALSE); return std::unique_ptr(signature); }
[poppler] poppler/SignatureHandler.cc poppler/SignatureHandler.h
poppler/SignatureHandler.cc | 19 ++- poppler/SignatureHandler.h |6 +- 2 files changed, 11 insertions(+), 14 deletions(-) New commits: commit 7b50d9f0374aa5d0ea653a0d024b315e16625839 Author: Sune Vuorela Date: Mon Mar 13 14:02:27 2023 +0100 Put HASHContext in a unique_ptr rather than manually manage it with freeing diff --git a/poppler/SignatureHandler.cc b/poppler/SignatureHandler.cc index b6587c27..b56b23b5 100644 --- a/poppler/SignatureHandler.cc +++ b/poppler/SignatureHandler.cc @@ -795,7 +795,7 @@ SignatureHandler::SignatureHandler(unsigned char *p7, int p7_length) : hash_cont CMSSignedData = CMS_SignedDataCreate(CMSMessage); if (CMSSignedData) { CMSSignerInfo = CMS_SignerInfoCreate(CMSSignedData); -hash_context = initHashContext(); +hash_context.reset(initHashContext()); } } @@ -805,7 +805,7 @@ SignatureHandler::SignatureHandler(const char *certNickname, HashAlgorithm diges setNSSDir({}); CMSMessage = NSS_CMSMessage_Create(nullptr); signing_cert = CERT_FindCertByNickname(CERT_GetDefaultCertDB(), certNickname); -hash_context = HASH_Create(HASH_GetHashTypeByOidTag(ConvertHashAlgorithmToNss(digestAlgTag))); + hash_context.reset(HASH_Create(HASH_GetHashTypeByOidTag(ConvertHashAlgorithmToNss(digestAlgTag; } HASHContext *SignatureHandler::initHashContext() @@ -822,16 +822,13 @@ HASHContext *SignatureHandler::initHashContext() void SignatureHandler::updateHash(unsigned char *data_block, int data_len) { if (hash_context) { -HASH_Update(hash_context, data_block, data_len); +HASH_Update(hash_context.get(), data_block, data_len); } } void SignatureHandler::restartHash() { -if (hash_context) { -HASH_Destroy(hash_context); -} -hash_context = HASH_Create(HASH_GetHashTypeByOidTag(ConvertHashAlgorithmToNss(digest_alg_tag))); + hash_context.reset(HASH_Create(HASH_GetHashTypeByOidTag(ConvertHashAlgorithmToNss(digest_alg_tag; } SignatureHandler::~SignatureHandler() @@ -841,10 +838,6 @@ SignatureHandler::~SignatureHandler() NSS_CMSMessage_Destroy(CMSMessage); } -if (hash_context) { -HASH_Destroy(hash_context); -} - if (signing_cert) { CERT_DestroyCertificate(signing_cert); } @@ -953,7 +946,7 @@ SignatureValidationStatus SignatureHandler::validateSignature() digest_buffer = (unsigned char *)PORT_Alloc(hash_length); unsigned int result_len = 0; -HASH_End(hash_context, digest_buffer, _len, hash_length); +HASH_End(hash_context.get(), digest_buffer, _len, hash_length); SECItem digest; digest.data = digest_buffer; @@ -1050,7 +1043,7 @@ std::unique_ptr SignatureHandler::signDetached(const char *password) } unsigned char *digest_buffer = reinterpret_cast(PORT_Alloc(hash_length)); unsigned int result_len = 0; -HASH_End(hash_context, digest_buffer, _len, hash_length); +HASH_End(hash_context.get(), digest_buffer, _len, hash_length); SECItem digest; digest.data = digest_buffer; digest.len = result_len; diff --git a/poppler/SignatureHandler.h b/poppler/SignatureHandler.h index 43b591dd..5f7a6b20 100644 --- a/poppler/SignatureHandler.h +++ b/poppler/SignatureHandler.h @@ -87,7 +87,11 @@ private: unsigned int hash_length; HashAlgorithm digest_alg_tag; SECItem CMSitem; -HASHContext *hash_context; +struct HashDestroyer +{ +void operator()(HASHContext *hash) { HASH_Destroy(hash); } +}; +std::unique_ptr hash_context; NSSCMSMessage *CMSMessage; NSSCMSSignedData *CMSSignedData; NSSCMSSignerInfo *CMSSignerInfo;
[poppler] poppler/SignatureHandler.cc
poppler/SignatureHandler.cc |4 1 file changed, 4 insertions(+) New commits: commit 63bfacc89576345722cf3cefb962861aa7d159b8 Author: Tobias Deiminger Date: Wed Jan 4 21:26:12 2023 +0100 Fix "NSS could not shutdown" SignatureHandler never freed it's signing certificate. This left an internal NSS reference that prevented cleanup of the NSS cache, causing "NSS could not shutdown". NSS maintains an internal in-memory cache, where content is reference counted. PK11_MakeCertFromHandle increases the issuerAndSn count. CERT_DestroyCertificate decreases it. NSS tries to destruct the cache in NSS_Shutdown, which we've scheduled with atexit. There it detects a remaining reference. Fixes #1326. diff --git a/poppler/SignatureHandler.cc b/poppler/SignatureHandler.cc index 3cf40973..89bcc5dd 100644 --- a/poppler/SignatureHandler.cc +++ b/poppler/SignatureHandler.cc @@ -858,6 +858,10 @@ SignatureHandler::~SignatureHandler() HASH_Destroy(hash_context); } +if (signing_cert) { +CERT_DestroyCertificate(signing_cert); +} + free(temp_certs); }
[poppler] poppler/SignatureHandler.cc
poppler/SignatureHandler.cc |1 + 1 file changed, 1 insertion(+) New commits: commit 924ef4264cdb0eca97185d7fc1791bcf32279933 Author: Albert Astals Cid Date: Mon Jan 9 22:52:01 2023 +0100 Update (C) diff --git a/poppler/SignatureHandler.cc b/poppler/SignatureHandler.cc index f9dd6c2f..3cf40973 100644 --- a/poppler/SignatureHandler.cc +++ b/poppler/SignatureHandler.cc @@ -17,6 +17,7 @@ // Copyright 2021 Theofilos Intzoglou // Copyright 2021 Marek Kasik // Copyright 2022 Erich E. Hoover +// Copyright 2023 Tobias Deiminger // //
[poppler] poppler/SignatureHandler.cc
poppler/SignatureHandler.cc |6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) New commits: commit 4f8c8297d7190480500cdafe52c8777202229b30 Author: Tobias Deiminger Date: Mon Jan 9 21:00:06 2023 +0100 Fix segfault on wrong nssdir If SignatureHandler was used with a custom DB directory, but that directory didn't exist or contained no valid DB, NSS crashed on subsequent calls. We can prevent crashes by calling NSS_NoDB_Init (as it's already done in the default-DB case). Fixes #1331. diff --git a/poppler/SignatureHandler.cc b/poppler/SignatureHandler.cc index e0579cae..f9dd6c2f 100644 --- a/poppler/SignatureHandler.cc +++ b/poppler/SignatureHandler.cc @@ -769,15 +769,15 @@ void SignatureHandler::setNSSDir(const GooString ) homeNssDb.append("/.pki/nssdb"); initSuccess = (NSS_Init(homeNssDb.c_str()) == SECSuccess); sNssDir = homeNssDb.toStr(); -if (!initSuccess) { -NSS_NoDB_Init(nullptr); -} } } if (initSuccess) { // Make sure NSS root certificates module is loaded SECMOD_AddNewModule("Root Certs", "libnssckbi.so", 0, 0); +} else { +fprintf(stderr, "NSS_Init failed: %s\n", PR_ErrorToString(PORT_GetError(), PR_LANGUAGE_I_DEFAULT)); +NSS_NoDB_Init(nullptr); } }
[poppler] poppler/SignatureHandler.cc
poppler/SignatureHandler.cc |3 +++ 1 file changed, 3 insertions(+) New commits: commit 184efabbaed7250903169627fbbaeb505ee2f51a Author: Albert Astals Cid Date: Mon Jun 6 11:23:51 2022 +0200 Signatures: Don't crash if the signature doesn't have a common name Fixes KDE bug #454782 diff --git a/poppler/SignatureHandler.cc b/poppler/SignatureHandler.cc index 6538239a..3d5494c2 100644 --- a/poppler/SignatureHandler.cc +++ b/poppler/SignatureHandler.cc @@ -538,6 +538,9 @@ std::string SignatureHandler::getSignerName() } commonName = CERT_GetCommonName(_cert->subject); +if (!commonName) { +return {}; +} std::string name(commonName); PORT_Free(commonName);
[poppler] poppler/SignatureHandler.cc
poppler/SignatureHandler.cc |4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) New commits: commit b02ecd63f279691913aa58ecf3524db95dc565aa Author: Albert Astals Cid Date: Fri Feb 4 00:24:47 2022 +0100 Windows: Better way to access Mozilla appdata diff --git a/poppler/SignatureHandler.cc b/poppler/SignatureHandler.cc index 3032623a..9ad264a8 100644 --- a/poppler/SignatureHandler.cc +++ b/poppler/SignatureHandler.cc @@ -669,11 +669,11 @@ std::unique_ptr SignatureHandler::getCertificateInfo() cons static std::optional getDefaultFirefoxCertDB() { #ifdef _WIN32 -const char *env = getenv("USERPROFILE"); +const char *env = getenv("APPDATA"); if (!env) { return {}; } -const std::string firefoxPath = std::string(env) + "/AppData/Roaming/Mozilla/Firefox/Profiles/"; +const std::string firefoxPath = std::string(env) + "/Mozilla/Firefox/Profiles/"; #else const char *env = getenv("HOME"); if (!env) {
[poppler] poppler/SignatureHandler.cc
poppler/SignatureHandler.cc | 12 ++-- 1 file changed, 10 insertions(+), 2 deletions(-) New commits: commit 373bad5cd0a8996beed271228e9131833a7ba8ce Author: Albert Astals Cid Date: Wed Feb 2 20:22:21 2022 +0100 Be more resiliant against env variables not being set getenv can return null so don't crash (constructing a std::string from null is not good) if that happens diff --git a/poppler/SignatureHandler.cc b/poppler/SignatureHandler.cc index 22a620c6..3032623a 100644 --- a/poppler/SignatureHandler.cc +++ b/poppler/SignatureHandler.cc @@ -669,9 +669,17 @@ std::unique_ptr SignatureHandler::getCertificateInfo() cons static std::optional getDefaultFirefoxCertDB() { #ifdef _WIN32 -const std::string firefoxPath = std::string(getenv("USERPROFILE")) + "/AppData/Roaming/Mozilla/Firefox/Profiles/"; +const char *env = getenv("USERPROFILE"); +if (!env) { +return {}; +} +const std::string firefoxPath = std::string(env) + "/AppData/Roaming/Mozilla/Firefox/Profiles/"; #else -const std::string firefoxPath = std::string(getenv("HOME")) + "/.mozilla/firefox/"; +const char *env = getenv("HOME"); +if (!env) { +return {}; +} +const std::string firefoxPath = std::string(env) + "/.mozilla/firefox/"; #endif GDir firefoxDir(firefoxPath.c_str());
[poppler] poppler/SignatureHandler.cc
poppler/SignatureHandler.cc |2 +- 1 file changed, 1 insertion(+), 1 deletion(-) New commits: commit 652ff5ea5ec6df2c4343ff730dee5e7893138104 Author: Albert Astals Cid Date: Wed Feb 2 20:20:22 2022 +0100 Fix getting the home dir in Windows diff --git a/poppler/SignatureHandler.cc b/poppler/SignatureHandler.cc index 43fc974e..22a620c6 100644 --- a/poppler/SignatureHandler.cc +++ b/poppler/SignatureHandler.cc @@ -669,7 +669,7 @@ std::unique_ptr SignatureHandler::getCertificateInfo() cons static std::optional getDefaultFirefoxCertDB() { #ifdef _WIN32 -const std::string firefoxPath = std::string(getenv("HOME")) + "/AppData/Roaming/Mozilla/Firefox/Profiles/"; +const std::string firefoxPath = std::string(getenv("USERPROFILE")) + "/AppData/Roaming/Mozilla/Firefox/Profiles/"; #else const std::string firefoxPath = std::string(getenv("HOME")) + "/.mozilla/firefox/"; #endif
[poppler] poppler/SignatureHandler.cc
poppler/SignatureHandler.cc |8 ++-- 1 file changed, 6 insertions(+), 2 deletions(-) New commits: commit 602f39aa5c00f2dd2a61f1b4a781720ae3bc6070 Author: Albert Astals Cid Date: Tue Feb 1 23:19:00 2022 +0100 Windows: Fix path where to look for firefox NSS DB diff --git a/poppler/SignatureHandler.cc b/poppler/SignatureHandler.cc index 23c057f9..43fc974e 100644 --- a/poppler/SignatureHandler.cc +++ b/poppler/SignatureHandler.cc @@ -666,9 +666,13 @@ std::unique_ptr SignatureHandler::getCertificateInfo() cons } } -static std::optional getDefaultFirefoxCertDB_Linux() +static std::optional getDefaultFirefoxCertDB() { +#ifdef _WIN32 +const std::string firefoxPath = std::string(getenv("HOME")) + "/AppData/Roaming/Mozilla/Firefox/Profiles/"; +#else const std::string firefoxPath = std::string(getenv("HOME")) + "/.mozilla/firefox/"; +#endif GDir firefoxDir(firefoxPath.c_str()); std::unique_ptr entry; @@ -706,7 +710,7 @@ void SignatureHandler::setNSSDir(const GooString ) initSuccess = (NSS_Init(nssDir.c_str()) == SECSuccess); sNssDir = nssDir.toStr(); } else { -const std::optional certDBPath = getDefaultFirefoxCertDB_Linux(); +const std::optional certDBPath = getDefaultFirefoxCertDB(); if (!certDBPath) { initSuccess = (NSS_Init("sql:/etc/pki/nssdb") == SECSuccess); sNssDir = "sql:/etc/pki/nssdb";
[poppler] poppler/SignatureHandler.cc
poppler/SignatureHandler.cc |7 +++ 1 file changed, 3 insertions(+), 4 deletions(-) New commits: commit 799848525e9f07b8ff7de1fb6d41cb082de364e6 Author: Albert Astals Cid Date: Tue Jan 18 15:41:56 2022 +0100 SignatureHandler: Fix crashes on Windows We should not use SEC_ASN1_XTRN since on Windows that means SEC_ASN1_DYNAMIC which means the third parameter is a function. IssuerSerialTemplate is not a function SECOID_AlgorithmIDTemplate was a function, but that was also a mistake since it's defined as a template in secoid.h diff --git a/poppler/SignatureHandler.cc b/poppler/SignatureHandler.cc index 36b970a1..23c057f9 100644 --- a/poppler/SignatureHandler.cc +++ b/poppler/SignatureHandler.cc @@ -31,6 +31,7 @@ /* NSS headers */ #include +#include #include #include #include @@ -193,12 +194,10 @@ const SEC_ASN1Template IssuerSerialTemplate[] = { * } */ -SEC_ASN1_MKSUB(SECOID_AlgorithmIDTemplate) - const SEC_ASN1Template ESSCertIDv2Template[] = { { SEC_ASN1_SEQUENCE, 0, nullptr, sizeof(ESSCertIDv2) }, - { SEC_ASN1_INLINE | SEC_ASN1_XTRN, offsetof(ESSCertIDv2, hashAlgorithm), SEC_ASN1_SUB(SECOID_AlgorithmIDTemplate), 0 }, + { SEC_ASN1_INLINE, offsetof(ESSCertIDv2, hashAlgorithm), SEC_ASN1_GET(SECOID_AlgorithmIDTemplate), 0 }, { SEC_ASN1_OCTET_STRING, offsetof(ESSCertIDv2, certHash), nullptr, 0 }, - { SEC_ASN1_INLINE | SEC_ASN1_XTRN, offsetof(ESSCertIDv2, issuerSerial), IssuerSerialTemplate, 0 }, + { SEC_ASN1_INLINE, offsetof(ESSCertIDv2, issuerSerial), IssuerSerialTemplate, 0 }, { 0, 0, nullptr, 0 } }; /**
[poppler] poppler/SignatureHandler.cc
poppler/SignatureHandler.cc |4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) New commits: commit 4d921bd83945b803f1ea3724d1d841e2138e2a05 Author: Albert Astals Cid Date: Thu Jan 13 17:34:05 2022 +0100 SignatureHandler: Access CERT_NameTemplate in a Windows/Android compatible way diff --git a/poppler/SignatureHandler.cc b/poppler/SignatureHandler.cc index 41e89970..7cbbeb48 100644 --- a/poppler/SignatureHandler.cc +++ b/poppler/SignatureHandler.cc @@ -6,7 +6,7 @@ // // Copyright 2015, 2016 André Guerreiro // Copyright 2015 André Esser -// Copyright 2015, 2016, 2018, 2019, 2021 Albert Astals Cid +// Copyright 2015, 2016, 2018, 2019, 2021, 2022 Albert Astals Cid // Copyright 2015 Markus Kilås // Copyright 2017 Sebastian Rasmussen // Copyright 2017 Hans-Ulrich Jüttner @@ -164,7 +164,7 @@ struct SigningCertificateV2 * registeredID[8] OBJECT IDENTIFIER * } */ -const SEC_ASN1Template GeneralNameTemplate[] = { { SEC_ASN1_SEQUENCE, 0, nullptr, sizeof(GeneralName) }, { SEC_ASN1_INLINE, offsetof(GeneralName, name), CERT_NameTemplate, 0 }, { 0, 0, nullptr, 0 } }; +const SEC_ASN1Template GeneralNameTemplate[] = { { SEC_ASN1_SEQUENCE, 0, nullptr, sizeof(GeneralName) }, { SEC_ASN1_INLINE, offsetof(GeneralName, name), SEC_ASN1_GET(CERT_NameTemplate), 0 }, { 0, 0, nullptr, 0 } }; /** * GeneralNames ::= SEQUENCE SIZE (1..MAX) OF GeneralName
[poppler] poppler/SignatureHandler.cc
poppler/SignatureHandler.cc |2 ++ 1 file changed, 2 insertions(+) New commits: commit 03c0bb79945822cbe1e342a28aec8949eed843dd Author: Albert Astals Cid Date: Fri May 10 23:45:12 2019 +0200 Fix small memory leak in SignatureHandler::getCertificateInfo diff --git a/poppler/SignatureHandler.cc b/poppler/SignatureHandler.cc index 0afc1593..123dee7d 100644 --- a/poppler/SignatureHandler.cc +++ b/poppler/SignatureHandler.cc @@ -190,6 +190,8 @@ std::unique_ptr SignatureHandler::getCertificateInfo() cons certInfo->setCertificateDER(SECItemToGooString(cert->derCert)); certInfo->setIsSelfSigned(CERT_CompareName(>subject, >issuer) == SECEqual); + SECKEY_DestroyPublicKey(pk); + return certInfo; } ___ poppler mailing list poppler@lists.freedesktop.org https://lists.freedesktop.org/mailman/listinfo/poppler
[poppler] poppler/SignatureHandler.cc
poppler/SignatureHandler.cc | 12 +--- 1 file changed, 9 insertions(+), 3 deletions(-) New commits: commit eaeac5c7dba6f53acef3f0be6b226facecfc5f28 Author: Albert Astals Cid Date: Fri May 10 23:28:02 2019 +0200 Fix crash on signature handling Since we only call NSS_Init once, we should only call NSS_Shutdown once. Do it via atexit Fixes issue #766 diff --git a/poppler/SignatureHandler.cc b/poppler/SignatureHandler.cc index c8258403..0afc1593 100644 --- a/poppler/SignatureHandler.cc +++ b/poppler/SignatureHandler.cc @@ -26,6 +26,13 @@ #include #include +static void shutdownNss() +{ + if (NSS_Shutdown() != SECSuccess) { +fprintf(stderr, "NSS_Shutdown failed: %s\n", PR_ErrorToString(PORT_GetError(), PR_LANGUAGE_I_DEFAULT)); + } +} + unsigned int SignatureHandler::digestLength(SECOidTag digestAlgId) { switch(digestAlgId){ @@ -232,6 +239,8 @@ void SignatureHandler::setNSSDir(const GooString ) setNssDirCalled = true; + atexit(shutdownNss); + bool initSuccess = false; if (nssDir.getLength() > 0) { initSuccess = (NSS_Init(nssDir.c_str()) == SECSuccess); @@ -305,9 +314,6 @@ SignatureHandler::~SignatureHandler() HASH_Destroy(hash_context); free(temp_certs); - - if (NSS_Shutdown()!=SECSuccess) -fprintf(stderr, "Detail: %s\n", PR_ErrorToString(PORT_GetError(), PR_LANGUAGE_I_DEFAULT)); } NSSCMSMessage *SignatureHandler::CMS_MessageCreate(SECItem * cms_item) ___ poppler mailing list poppler@lists.freedesktop.org https://lists.freedesktop.org/mailman/listinfo/poppler
[poppler] poppler/SignatureHandler.cc
poppler/SignatureHandler.cc |7 +++ 1 file changed, 7 insertions(+) New commits: commit 33befc25c42ff52e44ffd857a4a114b180a952e4 Author: Albert Astals Cid Date: Fri Mar 1 17:46:55 2019 +0100 SignatureHandler: Fix crash on broken files Issue #732 diff --git a/poppler/SignatureHandler.cc b/poppler/SignatureHandler.cc index 18033b48..c8258403 100644 --- a/poppler/SignatureHandler.cc +++ b/poppler/SignatureHandler.cc @@ -49,6 +49,10 @@ char *SignatureHandler::getSignerName() return nullptr; CERTCertificate *cert = NSS_CMSSignerInfo_GetSigningCertificate(CMSSignerInfo, CERT_GetDefaultCertDB()); + + if (!cert) + return nullptr; + return CERT_GetCommonName(>subject); } @@ -397,6 +401,9 @@ SignatureValidationStatus SignatureHandler::validateSignature() if (!NSS_IsInitialized()) return SIGNATURE_GENERIC_ERROR; + if (!hash_context) +return SIGNATURE_GENERIC_ERROR; + digest_buffer = (unsigned char *)PORT_Alloc(hash_length); unsigned int result_len = 0; ___ poppler mailing list poppler@lists.freedesktop.org https://lists.freedesktop.org/mailman/listinfo/poppler
[poppler] poppler/SignatureHandler.cc poppler/SignatureHandler.h poppler/SignatureInfo.cc utils/pdfsig.1 utils/pdfsig.cc
poppler/SignatureHandler.cc | 56 +--- poppler/SignatureHandler.h |9 --- poppler/SignatureInfo.cc|4 +-- utils/pdfsig.1 | 15 ++- utils/pdfsig.cc | 12 +++-- 5 files changed, 68 insertions(+), 28 deletions(-) New commits: commit 7486e4995d66f1a8676f3e65e408e8cdab049f6b Author: Albert Astals Cid Date: Wed Jan 16 22:56:42 2019 +0100 pdfsig: add -nssdir option Contains code inspired in code by Hans-Ulrich Jüttner and Adrian Johnson diff --git a/poppler/SignatureHandler.cc b/poppler/SignatureHandler.cc index f616afbb..18033b48 100644 --- a/poppler/SignatureHandler.cc +++ b/poppler/SignatureHandler.cc @@ -45,7 +45,7 @@ unsigned int SignatureHandler::digestLength(SECOidTag digestAlgId) char *SignatureHandler::getSignerName() { - if (!CMSSignerInfo) + if (!CMSSignerInfo || !NSS_IsInitialized()) return nullptr; CERTCertificate *cert = NSS_CMSSignerInfo_GetSigningCertificate(CMSSignerInfo, CERT_GetDefaultCertDB()); @@ -182,8 +182,7 @@ std::unique_ptr SignatureHandler::getCertificateInfo() cons return certInfo; } - -GooString *SignatureHandler::getDefaultFirefoxCertDB_Linux() +static GooString *getDefaultFirefoxCertDB_Linux() { GooString * finalPath = nullptr; DIR *toSearchIn; @@ -215,27 +214,45 @@ GooString *SignatureHandler::getDefaultFirefoxCertDB_Linux() /** * Initialise NSS */ -void SignatureHandler::init_nss() +void SignatureHandler::setNSSDir(const GooString ) { - GooString *certDBPath = getDefaultFirefoxCertDB_Linux(); + static bool setNssDirCalled = false; + + if (NSS_IsInitialized() && nssDir.getLength() > 0) { +error(errInternal, 0, "You need to call setNSSDir before signature validation related operations happen"); +return; + } + + if (setNssDirCalled) +return; + + setNssDirCalled = true; + bool initSuccess = false; - if (certDBPath == nullptr) { -initSuccess = (NSS_Init("sql:/etc/pki/nssdb") == SECSuccess); + if (nssDir.getLength() > 0) { +initSuccess = (NSS_Init(nssDir.c_str()) == SECSuccess); } else { -initSuccess = (NSS_Init(certDBPath->c_str()) == SECSuccess); - } - if (!initSuccess) { -GooString homeNssDb(getenv("HOME")); -homeNssDb.append("/.pki/nssdb"); -initSuccess = (NSS_Init(homeNssDb.c_str()) == SECSuccess); +GooString *certDBPath = getDefaultFirefoxCertDB_Linux(); +if (certDBPath == nullptr) { + initSuccess = (NSS_Init("sql:/etc/pki/nssdb") == SECSuccess); +} else { + initSuccess = (NSS_Init(certDBPath->c_str()) == SECSuccess); +} if (!initSuccess) { - NSS_NoDB_Init(nullptr); + GooString homeNssDb(getenv("HOME")); + homeNssDb.append("/.pki/nssdb"); + initSuccess = (NSS_Init(homeNssDb.c_str()) == SECSuccess); + if (!initSuccess) { + NSS_NoDB_Init(nullptr); + } } +delete certDBPath; } - //Make sure NSS root certificates module is loaded - SECMOD_AddNewModule("Root Certs", "libnssckbi.so", 0, 0); - delete certDBPath; + if (initSuccess) { +//Make sure NSS root certificates module is loaded +SECMOD_AddNewModule("Root Certs", "libnssckbi.so", 0, 0); + } } @@ -246,7 +263,7 @@ SignatureHandler::SignatureHandler(unsigned char *p7, int p7_length) CMSSignerInfo(nullptr), temp_certs(nullptr) { - init_nss(); + setNSSDir({}); CMSitem.data = p7; CMSitem.len = p7_length; CMSMessage = CMS_MessageCreate(); @@ -377,6 +394,9 @@ SignatureValidationStatus SignatureHandler::validateSignature() if (!CMSSignedData) return SIGNATURE_GENERIC_ERROR; + if (!NSS_IsInitialized()) +return SIGNATURE_GENERIC_ERROR; + digest_buffer = (unsigned char *)PORT_Alloc(hash_length); unsigned int result_len = 0; diff --git a/poppler/SignatureHandler.h b/poppler/SignatureHandler.h index f49d4286..40ca990c 100644 --- a/poppler/SignatureHandler.h +++ b/poppler/SignatureHandler.h @@ -49,13 +49,16 @@ public: CertificateValidationStatus validateCertificate(time_t validation_time); std::unique_ptr getCertificateInfo() const; + // Initializes the NSS dir with the custom given directory + // calling it with an empty string means use the default firefox db, /etc/pki/nssdb, ~/.pki/nssdb + // If you don't want a custom NSS dir and the default entries are fine for you, not calling this function is fine + // If wanted, this has to be called before doing signature validation calls + static void setNSSDir(const GooString ); + private: SignatureHandler(const SignatureHandler &); SignatureHandler& operator=(const SignatureHandler &); - void init_nss(); - - GooString * getDefaultFirefoxCertDB_Linux(); unsigned int digestLength(SECOidTag digestAlgId); NSSCMSMessage *CMS_MessageCreate(SECItem * cms_item); NSSCMSSignedData *CMS_SignedDataCreate(NSSCMSMessage * cms_msg); diff --git a/poppler/SignatureInfo.cc b/poppler/SignatureInfo.cc index b48ce146..3ab6f91f 100644 ---
[poppler] poppler/SignatureHandler.cc
poppler/SignatureHandler.cc | 13 +++-- 1 file changed, 11 insertions(+), 2 deletions(-) New commits: commit a85c2ed8f4359341adb94887c4b551a761244fdb Author: Albert Astals Cid Date: Sat Nov 17 19:29:16 2018 +0100 Be more stubborn looking for a nssdb Fixes issue #669 diff --git a/poppler/SignatureHandler.cc b/poppler/SignatureHandler.cc index aedccf7a..6c510229 100644 --- a/poppler/SignatureHandler.cc +++ b/poppler/SignatureHandler.cc @@ -114,10 +114,19 @@ GooString *SignatureHandler::getDefaultFirefoxCertDB_Linux() void SignatureHandler::init_nss() { GooString *certDBPath = getDefaultFirefoxCertDB_Linux(); + bool initSuccess = false; if (certDBPath == nullptr) { -NSS_Init("sql:/etc/pki/nssdb"); +initSuccess = (NSS_Init("sql:/etc/pki/nssdb") == SECSuccess); } else { -NSS_Init(certDBPath->c_str()); +initSuccess = (NSS_Init(certDBPath->c_str()) == SECSuccess); + } + if (!initSuccess) { +GooString homeNssDb(getenv("HOME")); +homeNssDb.append("/.pki/nssdb"); +initSuccess = (NSS_Init(homeNssDb.c_str()) == SECSuccess); +if (!initSuccess) { + NSS_NoDB_Init(nullptr); +} } //Make sure NSS root certificates module is loaded SECMOD_AddNewModule("Root Certs", "libnssckbi.so", 0, 0); ___ poppler mailing list poppler@lists.freedesktop.org https://lists.freedesktop.org/mailman/listinfo/poppler
[poppler] poppler/SignatureHandler.cc
poppler/SignatureHandler.cc |2 +- 1 file changed, 1 insertion(+), 1 deletion(-) New commits: commit 71645d9e76f9bb075ae9b6599d281b8382e86e67 Author: Albert Astals Cid Date: Mon Jul 23 00:21:40 2018 +0200 Add (C) for the last commits diff --git a/poppler/SignatureHandler.cc b/poppler/SignatureHandler.cc index f748d153..a98e3f79 100644 --- a/poppler/SignatureHandler.cc +++ b/poppler/SignatureHandler.cc @@ -6,7 +6,7 @@ // // Copyright 2015, 2016 André Guerreiro // Copyright 2015 André Esser -// Copyright 2015, 2016 Albert Astals Cid +// Copyright 2015, 2016, 2018 Albert Astals Cid // Copyright 2015 Markus Kilås // Copyright 2017 Sebastian Rasmussen // Copyright 2017 Hans-Ulrich Jüttner ___ poppler mailing list poppler@lists.freedesktop.org https://lists.freedesktop.org/mailman/listinfo/poppler
[poppler] poppler/SignatureHandler.cc
poppler/SignatureHandler.cc | 14 ++ 1 file changed, 10 insertions(+), 4 deletions(-) New commits: commit 4db6507320b51e060f73f7fb0eab364e8a1fee77 Author: Sebastian RasmussenDate: Wed Jan 11 23:37:54 2017 +0100 Check for error from NSS in SignatureHandler construct. And cascading effects in other SignalHandler members. Bug #99363 diff --git a/poppler/SignatureHandler.cc b/poppler/SignatureHandler.cc index a5132a4..71644e5 100644 --- a/poppler/SignatureHandler.cc +++ b/poppler/SignatureHandler.cc @@ -8,6 +8,7 @@ // Copyright 2015 André Esser // Copyright 2015, 2016 Albert Astals Cid // Copyright 2015 Markus Kilås +// Copyright 2017 Sebastian Rasmussen // // @@ -105,7 +106,8 @@ void SignatureHandler::init_nss() SignatureHandler::SignatureHandler(unsigned char *p7, int p7_length) - : CMSMessage(NULL), + : hash_context(NULL), + CMSMessage(NULL), CMSSignedData(NULL), CMSSignerInfo(NULL), temp_certs(NULL) @@ -115,8 +117,10 @@ SignatureHandler::SignatureHandler(unsigned char *p7, int p7_length) CMSitem.len = p7_length; CMSMessage = CMS_MessageCreate(); CMSSignedData = CMS_SignedDataCreate(CMSMessage); - CMSSignerInfo = CMS_SignerInfoCreate(CMSSignedData); - hash_context = initHashContext(); + if (CMSSignedData) { +CMSSignerInfo = CMS_SignerInfoCreate(CMSSignedData); +hash_context = initHashContext(); + } } HASHContext * SignatureHandler::initHashContext() @@ -131,7 +135,9 @@ HASHContext * SignatureHandler::initHashContext() void SignatureHandler::updateHash(unsigned char * data_block, int data_len) { - HASH_Update(hash_context, data_block, data_len); + if (hash_context) { +HASH_Update(hash_context, data_block, data_len); + } } SignatureHandler::~SignatureHandler() ___ poppler mailing list poppler@lists.freedesktop.org https://lists.freedesktop.org/mailman/listinfo/poppler
[poppler] poppler/SignatureHandler.cc poppler/SignatureHandler.h
poppler/SignatureHandler.cc |2 +- poppler/SignatureHandler.h | 22 +- 2 files changed, 10 insertions(+), 14 deletions(-) New commits: commit 7cf52e56677e11b15d610017bccd0cc3f74badaf Author: Emmanuele BassiDate: Wed Mar 2 04:38:52 2016 + Use correct includes for NSPR/NSS headers The header files provided by NSS3 are inside versioned directories, `$includedir/nss3` and `$includedir/nspr4`, which are provided by the nss3 pkg-config file as include directives for the compiler. We can also use nspr.h as a single entry point, to avoid cherry picking specific headers. https://bugzilla.freedesktop.org/show_bug.cgi?id=94360 diff --git a/poppler/SignatureHandler.cc b/poppler/SignatureHandler.cc index 01496e3..21d9c4d 100644 --- a/poppler/SignatureHandler.cc +++ b/poppler/SignatureHandler.cc @@ -15,7 +15,7 @@ #include "SignatureHandler.h" #include "goo/gmem.h" -#include +#include #include #include diff --git a/poppler/SignatureHandler.h b/poppler/SignatureHandler.h index e6ace24..8e2a4da 100644 --- a/poppler/SignatureHandler.h +++ b/poppler/SignatureHandler.h @@ -17,21 +17,17 @@ #include "SignatureInfo.h" /* NSPR Headers */ -#include -#include -#include -#include -#include +#include /* NSS headers */ -#include -#include -#include -#include -#include -#include -#include -#include +#include +#include +#include +#include +#include +#include +#include +#include class SignatureHandler { ___ poppler mailing list poppler@lists.freedesktop.org https://lists.freedesktop.org/mailman/listinfo/poppler