Skip to content

Commit

Permalink
#124 - verification of signatures of a multiple-signed file
Browse files Browse the repository at this point in the history
  • Loading branch information
m32 committed Aug 29, 2022
1 parent 482b00a commit b26145d
Show file tree
Hide file tree
Showing 2 changed files with 23 additions and 14 deletions.
25 changes: 15 additions & 10 deletions endesive/pdf/verify.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -3,15 +3,20 @@


def verify(pdfdata, certs=None):
results = []
n = pdfdata.find(b"/ByteRange")
start = pdfdata.find(b"[", n)
stop = pdfdata.find(b"]", start)
assert n != -1 and start != -1 and stop != -1
br = [int(i, 10) for i in pdfdata[start + 1 : stop].split()]
contents = pdfdata[br[0] + br[1] + 1 : br[2] - 1]
bcontents = bytes.fromhex(contents.decode("utf8"))
data1 = pdfdata[br[0] : br[0] + br[1]]
data2 = pdfdata[br[2] : br[2] + br[3]]
signedData = data1 + data2
while n != -1:
start = pdfdata.find(b"[", n)
stop = pdfdata.find(b"]", start)
assert n != -1 and start != -1 and stop != -1
br = [int(i, 10) for i in pdfdata[start + 1 : stop].split()]
contents = pdfdata[br[0] + br[1] + 1 : br[2] - 1]
bcontents = bytes.fromhex(contents.decode("utf8"))
data1 = pdfdata[br[0] : br[0] + br[1]]
data2 = pdfdata[br[2] : br[2] + br[3]]
signedData = data1 + data2

return verifier.verify(bcontents, signedData, certs)
result = verifier.verify(bcontents, signedData, certs)
results.append(result)
n = pdfdata.find(b"/ByteRange", br[2] + br[3])
return results
12 changes: 8 additions & 4 deletions examples/pdf-verify-hsm.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -43,16 +43,20 @@ def main(self):
trusted_cert_pems = (ca_cert_pem,)
for fname in (
'pdf-signed-cms-hsm.pdf',
'pdf-signed-cms-hsm-signed-cms-hsm.pdf',
):
print('*' * 20, fname)
try:
data = open(fname, 'rb').read()
except:
continue
(hashok, signatureok, certok) = pdf.verify(data, trusted_cert_pems)
print('signature ok?', signatureok)
print('hash ok?', hashok)
print('cert ok?', certok)
results = pdf.verify(data, trusted_cert_pems)
for i in range(len(results)):
print('*'*10, 'signature #{}'.format(i+1))
(hashok, signatureok, certok) = results[i]
print('signature ok?', signatureok)
print('hash ok?', hashok)
print('cert ok?', certok)

def main():
cls = HSM(dllpath)
Expand Down

0 comments on commit b26145d

Please sign in to comment.