Executable_pdfverify: use PDFSignatureHelper for signature verification

Towards making vcl::filter::PDFDocument an implementation detail of
PDFSignatureHelper during signature verification: so pdfverify, cppunit
tests and the UI shares more code.

Change-Id: Ibb68933d754e392bce0ebbf06be8916ab3f7efdc
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/103214
Tested-by: Jenkins
Reviewed-by: Miklos Vajna <vmiklos@collabora.com>

3 files changed, 37 insertions, 35 deletions

diff --git a/xmlsecurity/inc/pdfsignaturehelper.hxx b/xmlsecurity/inc/pdfsignaturehelper.hxx
index 25b0c42e6478..24b92a7d3140 100644
--- a/xmlsecurity/inc/pdfsignaturehelper.hxx
+++ b/xmlsecurity/inc/pdfsignaturehelper.hxx
@@ -38,6 +38,7 @@ namespace xml::crypto
 class XSecurityEnvironment;
 }
 }
+class SvStream;
 
 /// Handles signatures of a PDF file.
 class XMLSECURITY_DLLPUBLIC PDFSignatureHelper
@@ -50,6 +51,7 @@ class XMLSECURITY_DLLPUBLIC PDFSignatureHelper
 public:
     PDFSignatureHelper();
     bool ReadAndVerifySignature(const css::uno::Reference<css::io::XInputStream>& xInputStream);
+    bool ReadAndVerifySignatureSvStream(SvStream& rStream);
     css::uno::Sequence<css::security::DocumentSignatureInformation>
     GetDocumentSignatureInformations(
         const css::uno::Reference<css::xml::crypto::XSecurityEnvironment>& xSecEnv) const;
diff --git a/xmlsecurity/source/helper/pdfsignaturehelper.cxx b/xmlsecurity/source/helper/pdfsignaturehelper.cxx
index 7b570e20ce2e..b49cdd3e449f 100644
--- a/xmlsecurity/source/helper/pdfsignaturehelper.cxx
+++ b/xmlsecurity/source/helper/pdfsignaturehelper.cxx
@@ -126,8 +126,13 @@ bool PDFSignatureHelper::ReadAndVerifySignature(
     }
 
     std::unique_ptr<SvStream> pStream(utl::UcbStreamHelper::CreateStream(xInputStream, true));
+    return ReadAndVerifySignatureSvStream(*pStream);
+}
+
+bool PDFSignatureHelper::ReadAndVerifySignatureSvStream(SvStream& rStream)
+{
     vcl::filter::PDFDocument aDocument;
-    if (!aDocument.Read(*pStream))
+    if (!aDocument.Read(rStream))
     {
         SAL_WARN("xmlsecurity.helper", "failed to read the document");
         return false;
@@ -143,7 +148,7 @@ bool PDFSignatureHelper::ReadAndVerifySignature(
     {
         SignatureInformation aInfo(i);
 
-        if (!xmlsecurity::pdfio::ValidateSignature(*pStream, aSignatures[i], aInfo, aDocument))
+        if (!xmlsecurity::pdfio::ValidateSignature(rStream, aSignatures[i], aInfo, aDocument))
             SAL_WARN("xmlsecurity.helper", "failed to determine digest match");
 
         m_aSignatureInfos.push_back(aInfo);
diff --git a/xmlsecurity/workben/pdfverify.cxx b/xmlsecurity/workben/pdfverify.cxx
index b5052502573f..78595bae0ef9 100644
--- a/xmlsecurity/workben/pdfverify.cxx
+++ b/xmlsecurity/workben/pdfverify.cxx
@@ -24,11 +24,10 @@
 #include <vcl/graphicfilter.hxx>
 #include <vcl/filter/pdfdocument.hxx>
 #include <comphelper/scopeguard.hxx>
-
-#include <pdfio/pdfdocument.hxx>
-
 #include <svl/sigstruct.hxx>
 
+#include <pdfsignaturehelper.hxx>
+
 using namespace com::sun::star;
 
 namespace
@@ -114,6 +113,32 @@ int pdfVerify(int nArgc, char** pArgv)
         bRemoveSignature = true;
 
     SvFileStream aStream(aInURL, StreamMode::READ);
+    if (aOutURL.isEmpty() && !bRemoveSignature)
+    {
+        std::cerr << "verifying signatures" << std::endl;
+        PDFSignatureHelper aHelper;
+        aStream.Seek(0);
+        aHelper.ReadAndVerifySignatureSvStream(aStream);
+        if (aHelper.GetSignatureInformations().empty())
+            std::cerr << "found no signatures" << std::endl;
+        else
+        {
+            std::cerr << "found " << aHelper.GetSignatureInformations().size() << " signatures"
+                      << std::endl;
+            for (size_t i = 0; i < aHelper.GetSignatureInformations().size(); ++i)
+            {
+                const SignatureInformation& rInfo = aHelper.GetSignatureInformations()[i];
+                bool bSuccess
+                    = rInfo.nStatus == xml::crypto::SecurityOperationStatus_OPERATION_SUCCEEDED;
+                std::cerr << "signature #" << i << ": digest match? " << bSuccess << std::endl;
+                std::cerr << "signature #" << i << ": partial? " << rInfo.bPartialDocumentSignature
+                          << std::endl;
+            }
+        }
+
+        return 0;
+    }
+
     vcl::filter::PDFDocument aDocument;
     if (!aDocument.Read(aStream))
     {
@@ -148,36 +173,6 @@ int pdfVerify(int nArgc, char** pArgv)
         return 0;
     }
 
-    if (aOutURL.isEmpty())
-    {
-        std::cerr << "verifying signatures" << std::endl;
-        std::vector<vcl::filter::PDFObjectElement*> aSignatures = aDocument.GetSignatureWidgets();
-        if (aSignatures.empty())
-            std::cerr << "found no signatures" << std::endl;
-        else
-        {
-            std::cerr << "found " << aSignatures.size() << " signatures" << std::endl;
-            for (size_t i = 0; i < aSignatures.size(); ++i)
-            {
-                SignatureInformation aInfo(i);
-                if (!xmlsecurity::pdfio::ValidateSignature(aStream, aSignatures[i], aInfo,
-                                                           aDocument))
-                {
-                    SAL_WARN("xmlsecurity.pdfio", "failed to determine digest match");
-                    return 1;
-                }
-
-                bool bSuccess
-                    = aInfo.nStatus == xml::crypto::SecurityOperationStatus_OPERATION_SUCCEEDED;
-                std::cerr << "signature #" << i << ": digest match? " << bSuccess << std::endl;
-                std::cerr << "signature #" << i << ": partial? " << aInfo.bPartialDocumentSignature
-                          << std::endl;
-            }
-        }
-
-        return 0;
-    }
-
     std::cerr << "adding a new signature" << std::endl;
     uno::Reference<xml::crypto::XSecurityEnvironment> xSecurityEnvironment
         = xSecurityContext->getSecurityEnvironment();