Commit b82b77b0 authored by Albert Astals Cid's avatar Albert Astals Cid

Make validateSignature return a SignatureValidationStatus

parent 01ccc50e
Pipeline #14645 passed with stage
in 26 minutes and 37 seconds
......@@ -1715,7 +1715,6 @@ SignatureInfo *FormFieldSignature::validateSignature(bool doVerifyCert, bool for
return signature_info;
}
NSSCMSVerificationStatus sig_val_state;
const int signature_len = signature->getLength();
unsigned char *signatureuchar = (unsigned char *)gmalloc(signature_len);
memcpy(signatureuchar, signature->c_str(), signature_len);
......@@ -1743,8 +1742,8 @@ SignatureInfo *FormFieldSignature::validateSignature(bool doVerifyCert, bool for
hashSignedDataBlock(&signature_handler, len);
}
sig_val_state = signature_handler.validateSignature();
signature_info->setSignatureValStatus(SignatureHandler::NSS_SigTranslate(sig_val_state));
const SignatureValidationStatus sig_val_state = signature_handler.validateSignature();
signature_info->setSignatureValStatus(sig_val_state);
signature_info->setSignerName(signature_handler.getSignerName());
signature_info->setSubjectDN(signature_handler.getSignerSubjectDN());
signature_info->setHashAlgorithm(signature_handler.getHashAlgorithm());
......@@ -1754,7 +1753,7 @@ SignatureInfo *FormFieldSignature::validateSignature(bool doVerifyCert, bool for
signature_info->setSigningTime(signature_handler.getSigningTime());
}
if (sig_val_state != NSSCMSVS_GoodSignature || !doVerifyCert) {
if (sig_val_state != SIGNATURE_VALID || !doVerifyCert) {
return signature_info;
}
......
......@@ -349,12 +349,33 @@ NSSCMSSignerInfo *SignatureHandler::CMS_SignerInfoCreate(NSSCMSSignedData * cms_
}
}
NSSCMSVerificationStatus SignatureHandler::validateSignature()
static SignatureValidationStatus NSS_SigTranslate(NSSCMSVerificationStatus nss_code)
{
switch(nss_code)
{
case NSSCMSVS_GoodSignature:
return SIGNATURE_VALID;
case NSSCMSVS_BadSignature:
return SIGNATURE_INVALID;
case NSSCMSVS_DigestMismatch:
return SIGNATURE_DIGEST_MISMATCH;
case NSSCMSVS_ProcessingError:
return SIGNATURE_DECODING_ERROR;
default:
return SIGNATURE_GENERIC_ERROR;
}
}
SignatureValidationStatus SignatureHandler::validateSignature()
{
unsigned char *digest_buffer = nullptr;
if (!CMSSignedData)
return NSSCMSVS_MalformedSignature;
return SIGNATURE_GENERIC_ERROR;
digest_buffer = (unsigned char *)PORT_Alloc(hash_length);
unsigned int result_len = 0;
......@@ -379,12 +400,12 @@ NSSCMSVerificationStatus SignatureHandler::validateSignature()
&& digest.len == content_info_data->len)
{
PORT_Free(digest_buffer);
return NSSCMSVS_GoodSignature;
return SIGNATURE_VALID;
}
else
{
PORT_Free(digest_buffer);
return NSSCMSVS_DigestMismatch;
return SIGNATURE_DIGEST_MISMATCH;
}
}
......@@ -392,12 +413,12 @@ NSSCMSVerificationStatus SignatureHandler::validateSignature()
{
PORT_Free(digest_buffer);
return CMSSignerInfo->verificationStatus;
return NSS_SigTranslate(CMSSignerInfo->verificationStatus);
}
else
{
PORT_Free(digest_buffer);
return NSSCMSVS_GoodSignature;
return SIGNATURE_VALID;
}
}
......@@ -445,25 +466,3 @@ CertificateValidationStatus SignatureHandler::validateCertificate(time_t validat
return CERTIFICATE_GENERIC_ERROR;
}
SignatureValidationStatus SignatureHandler::NSS_SigTranslate(NSSCMSVerificationStatus nss_code)
{
switch(nss_code)
{
case NSSCMSVS_GoodSignature:
return SIGNATURE_VALID;
case NSSCMSVS_BadSignature:
return SIGNATURE_INVALID;
case NSSCMSVS_DigestMismatch:
return SIGNATURE_DIGEST_MISMATCH;
case NSSCMSVS_ProcessingError:
return SIGNATURE_DECODING_ERROR;
default:
return SIGNATURE_GENERIC_ERROR;
}
}
......@@ -44,14 +44,11 @@ public:
HASH_HashType getHashAlgorithm();
void setSignature(unsigned char *, int);
void updateHash(unsigned char * data_block, int data_len);
NSSCMSVerificationStatus validateSignature();
SignatureValidationStatus validateSignature();
// Use -1 as validation_time for now
CertificateValidationStatus validateCertificate(time_t validation_time);
std::unique_ptr<X509CertificateInfo> getCertificateInfo() const;
//Translate NSS error codes
static SignatureValidationStatus NSS_SigTranslate(NSSCMSVerificationStatus nss_code);
private:
SignatureHandler(const SignatureHandler &);
SignatureHandler& operator=(const SignatureHandler &);
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment