From e2f757a5c78fce69faeeacb0850b886374c63b5f Mon Sep 17 00:00:00 2001 From: Paul Gardiner Date: Tue, 28 Aug 2018 14:11:49 +0100 Subject: Avoid use of fixed size buffers for the digest when document signing The signer object now has an extra method that informs the caller of the maximum size the digest might be. This is used to allocate space for the digest within the file and to size some of the buffers used in the code. The openssl-based inplementation of the signer object has been updated to perform a test digest generation so as to find the size needed. We believe that the digest size is indendent of the hashed data. --- include/mupdf/pdf/document.h | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) (limited to 'include') diff --git a/include/mupdf/pdf/document.h b/include/mupdf/pdf/document.h index 9e9121df..7d2110b7 100644 --- a/include/mupdf/pdf/document.h +++ b/include/mupdf/pdf/document.h @@ -556,7 +556,10 @@ typedef pdf_pkcs7_designated_name *(pdf_pkcs7_designated_name_fn)(pdf_pkcs7_sign /* Free the resources associated with previously obtained designated name information */ typedef void (pdf_pkcs7_drop_designated_name_fn)(pdf_pkcs7_signer *signer, pdf_pkcs7_designated_name *name); -/* Create a signature based on ranges of bytes drawn from a steam */ +/* Predict the size of the digest. The actual digest returned by create_digest will be no greater in size */ +typedef int (pdf_pkcs7_max_digest_size_fn)(pdf_pkcs7_signer *signer); + +/* Create a signature based on ranges of bytes drawn from a stream */ typedef int (pdf_pkcs7_create_digest_fn)(pdf_pkcs7_signer *signer, fz_stream *in, unsigned char *digest, int *digest_len); struct pdf_pkcs7_signer_s @@ -565,6 +568,7 @@ struct pdf_pkcs7_signer_s pdf_pkcs7_drop_fn *drop; pdf_pkcs7_designated_name_fn *designated_name; pdf_pkcs7_drop_designated_name_fn *drop_designated_name; + pdf_pkcs7_max_digest_size_fn *max_digest_size; pdf_pkcs7_create_digest_fn *create_digest; }; -- cgit v1.2.3