Hold container ref in memory & don't save container while the signatu…

…re is in pending state, only save after its finalization

MOPPIOS-813\n\nSigned-off-by: Andres Voll <[email protected]>\n

MoppApp/MoppApp/MobileIDSignature.swift

@@ -213,7 +213,6 @@ class MobileIDSignature {
 
     // MARK: Error generating
     private func generateError(mobileIDError: MobileIDError) -> Void {
-        MoppLibManager.cancelSigning()
         let error = NSError(domain: "SkSigningLib", code: 10, userInfo: [NSLocalizedDescriptionKey: mobileIDError])
         return self.errorResult(error: error)
     }

MoppApp/MoppApp/MoppApp.swift

@@ -307,7 +307,6 @@ class MoppApp: UIApplication, URLSessionDelegate, URLSessionDownloadDelegate {
 
     func willTerminate() {
         // Called when the application is about to terminate. Save data if appropriate. See also applicationDidEnterBackground:.
-        removeSignatureOnAppClose()
     }
 
     func handleEventsForBackgroundURLSession(identifier: String, completionHandler: @escaping () -> Void) {
@@ -438,14 +437,6 @@ class MoppApp: UIApplication, URLSessionDelegate, URLSessionDownloadDelegate {
         defaults.synchronize()
     }
 
-    private func removeSignatureOnAppClose() {
-        let topViewController = UIViewController().getTopViewController()
-
-        if topViewController is MobileIDChallengeViewController || topViewController is SmartIDChallengeViewController {
-            MoppLibManager.cancelSigning()
-        }
-    }
-
 }
 
 extension MoppApp {

MoppApp/MoppApp/SmartIDSignature.swift

@@ -173,7 +173,6 @@ class SmartIDSignature {
     }
 
     private func generateError(error: MobileIDError) -> Void {
-        MoppLibManager.cancelSigning()
         let error = NSError(domain: "SkSigningLib", code: 10, userInfo: [NSLocalizedDescriptionKey: error])
         DispatchQueue.main.async {
             NotificationCenter.default.post(name: .errorNotificationName, object: nil, userInfo: [kErrorKey: error])

MoppLib/MoppLib/MoppLibDigidocManager.h

@@ -47,7 +47,6 @@ typedef enum {
 + (NSString *)prepareSignature:(NSString *)cert containerPath:(NSString *)containerPath;
 + (BOOL)isSignatureValid:(NSString *)cert signatureValue:(NSString *)signatureValue;
 + (NSArray *)getDataToSign;
-+ (void)cancelSigning;
 - (NSString *)dataFileCalculateHashWithDigestMethod:(NSString *)method container:(MoppLibContainer *)moppContainer dataFileId:(NSString *)dataFileId;
 - (BOOL)container:(MoppLibContainer *)moppContainer containsSignatureWithCert:(NSData *)cert;
 - (void)addSignature:(NSString *)containerPath pin2:(NSString *)pin2 cert:(NSData *)cert success:(ContainerBlock)success andFailure:(FailureBlock)failure;

MoppLib/MoppLib/MoppLibDigidocManager.mm

@@ -205,8 +205,8 @@ - (MoppLibSignatureStatus)determineSignatureStatus:(int) status;
 
 @implementation MoppLibDigidocManager
 
-static NSString *docContainerPath = nil;
-static NSString *signatureId = nil;
+static digidoc::Container *docContainer = nil;
+static digidoc::Signature *signature = nil;
 
 static std::string profile = "time-stamp";
 
@@ -316,11 +316,7 @@ + (NSArray *)certificatePolicyIdentifiers:(NSData *)certData {
 }
 
 + (NSArray *)getDataToSign {
-
-    digidoc::Container *currentContainer = digidoc::Container::open(docContainerPath.UTF8String);
-    digidoc::Signature *currentSignature = [self getSignatureFromContainer:currentContainer signatureId:signatureId];
-
-    std::vector<unsigned char> dataTosign = currentSignature->dataToSign();
+    std::vector<unsigned char> dataTosign = signature->dataToSign();
 
     NSMutableArray *dataToSignArray = [NSMutableArray arrayWithCapacity: dataTosign.size()];
 
@@ -331,35 +327,6 @@ + (NSArray *)getDataToSign {
     return dataToSignArray;
 }
 
-+ (void)cancelSigning {
-    if (docContainerPath == nil) {
-        return;
-    }
-    digidoc::Container *currentContainer = digidoc::Container::open(docContainerPath.UTF8String);
-    for (unsigned int i = 0; i < currentContainer->signatures().size(); ++i) {
-        digidoc::Signature *signature = currentContainer->signatures().at(i);
-        if (signature->id() == signatureId.UTF8String) {
-            NSLog(@"Remove signature with an ID of %s", signatureId.UTF8String);
-            currentContainer->removeSignature(i);
-        }
-    }
-    currentContainer->save();
-}
-
-+ (digidoc::Signature *)getSignatureFromContainer:(digidoc::Container *)container signatureId:(NSString *)signatureId {
-    digidoc::Signature *currentSignature = NULL;
-
-    NSLog(@"Getting signature with an ID of %s", signatureId.UTF8String);
-    for (auto signature : container->signatures()) {
-        if (signature->id() == signatureId.UTF8String) {
-            NSLog(@"Found signature with an ID of %s", signatureId.UTF8String);
-            currentSignature = signature;
-        }
-    }
-
-    return currentSignature;
-}
-
 + (BOOL)isSignatureValid:(NSString *)cert signatureValue:(NSString *)signatureValue {
     std::string calculatedSignatureBase64 = std::string(base64_decode(signatureValue.UTF8String));
 
@@ -370,15 +337,12 @@ + (BOOL)isSignatureValid:(NSString *)cert signatureValue:(NSString *)signatureVa
 
     OCSPUrl = [NSString stringWithCString:getOCSPUrl(x509Cert.handle()).c_str() encoding:[NSString defaultCStringEncoding]];
 
-    digidoc::Container *currentContainer = digidoc::Container::open(docContainerPath.UTF8String);
-    digidoc::Signature *currentSignature = [self getSignatureFromContainer:currentContainer signatureId:signatureId];
-
-    if (!currentSignature) {
-        NSLog(@"\nError: Did not find signature with an ID of %s\n", signatureId.UTF8String);
+    if (!signature) {
+        NSLog(@"\nError: Did not find signature with an ID of %s\n", signature->id().c_str());
         return false;
     }
 
-    NSString *timeStampTime = [NSString stringWithUTF8String:currentSignature->TimeStampTime().c_str()];
+    NSString *timeStampTime = [NSString stringWithUTF8String:signature->TimeStampTime().c_str()];
     if ([timeStampTime length] != 0) {
         NSLog(@"\nSignature already validated at %@\n", timeStampTime);
         return true;
@@ -387,34 +351,34 @@ + (BOOL)isSignatureValid:(NSString *)cert signatureValue:(NSString *)signatureVa
     try {
         NSLog(@"\nStarting signature validation...\n");
         NSLog(@"\nSetting signature value...\n");
-        currentSignature->setSignatureValue(vec);
+        signature->setSignatureValue(vec);
         NSLog(@"\nExtending signature profile...\n");
-        currentSignature->extendSignatureProfile(profile);
+        signature->extendSignatureProfile(profile);
         NSLog(@"\nValidating signature...\n");
-        digidoc::Signature::Validator *validator = new digidoc::Signature::Validator(currentSignature);
+        digidoc::Signature::Validator *validator = new digidoc::Signature::Validator(signature);
         NSLog(@"\nValidator status: %u\n", validator->status());
         NSLog(@"\nSaving container...\n");
-        currentContainer->save();
-        NSLog(@"\nSignature validated at %s!\n", currentSignature->TimeStampTime().c_str());
+        docContainer->save();
+        NSLog(@"\nSignature validated at %s!\n", signature->TimeStampTime().c_str());
         return true;
     } catch(const digidoc::Exception &e) {
         parseException(e);
         NSError *error;
-        [self removeSignature:docContainerPath signatureId:signatureId error:&error];
+        NSString *signatureId = [NSString stringWithCString:signature->id().c_str() encoding:[NSString defaultCStringEncoding]];
+        [self removeSignature:docContainer signatureId:signatureId error:&error];
         NSLog(@"\nError validating signature: %s\n", e.msg().c_str());
         return false;
     }
 }
 
-+ (void)removeSignature:(NSString *)containerPath signatureId:(NSString *)signatureId error:(NSError **)error {
-    digidoc::Container *doc = digidoc::Container::open(containerPath.UTF8String);
++ (void)removeSignature:(digidoc::Container *)container signatureId:(NSString *)signatureId error:(NSError **)error {
 
-    for (int i = 0; i < doc->signatures().size(); i++) {
-        digidoc::Signature *signature = doc->signatures().at(i);
+    for (int i = 0; i < container->signatures().size(); i++) {
+        digidoc::Signature *signature = container->signatures().at(i);
         try {
             if (signature->id() == signatureId.UTF8String) {
-                doc->removeSignature(i);
-                doc->save(containerPath.UTF8String);
+                container->removeSignature(i);
+                container->save();
                 break;
             }
         } catch(const digidoc::Exception &e) {
@@ -429,15 +393,13 @@ + (NSString *)prepareSignature:(NSString *)cert containerPath:(NSString *)contai
     digidoc::X509Cert x509Cert = [MoppLibDigidocManager getDerCert:cert];
     WebSigner *signer = new WebSigner(x509Cert);
 
-    docContainerPath = NULL;
-    signatureId = NULL;
-
-    digidoc::Container *doc = digidoc::Container::open(containerPath.UTF8String);
+    docContainer = NULL;
+    signature = NULL;
 
-    docContainerPath = containerPath;
+    docContainer = digidoc::Container::open(containerPath.UTF8String);
 
     NSMutableArray *profiles = [NSMutableArray new];
-    for (auto signature : doc->signatures()) {
+    for (auto signature : docContainer->signatures()) {
         NSLog(@"Signature ID: %s", signature->id().c_str());
         [profiles addObject:[[NSString alloc] initWithBytes:signature->profile().c_str() length:signature->profile().size() encoding:NSUTF8StringEncoding]];
     }
@@ -448,12 +410,9 @@ + (NSString *)prepareSignature:(NSString *)cert containerPath:(NSString *)contai
     signer->setSignerRoles(std::vector<std::string>());
     NSLog(@"\nProfile info set successfully\n");
 
-    digidoc::Signature *signature = doc->prepareSignature(signer);
-
-    doc->save();
-
-    NSLog(@"\nSetting signature id...\n");
-    signatureId = [NSString stringWithCString:signature->id().c_str() encoding:[NSString defaultCStringEncoding]];
+    NSLog(@"\nSetting signature...\n");
+    signature = docContainer->prepareSignature(signer);
+    NSString *signatureId = [NSString stringWithCString:signature->id().c_str() encoding:[NSString defaultCStringEncoding]];
     NSLog(@"\nSignature ID set to %@...\n", signatureId);
 
     std::vector<unsigned char> dataToSign = signature->dataToSign();

MoppLib/MoppLib/PublicInterface/MoppLibManager.h

@@ -51,7 +51,6 @@ typedef NS_ENUM(NSUInteger, EIDType) {
 + (NSString *)prepareSignature:(NSString *)cert containerPath:(NSString *)containerPath;
 + (NSArray *)getDataToSign;
 + (BOOL)isSignatureValid:(NSString *)cert signatureValue:(NSString *)signatureValue;
-+ (void)cancelSigning;
 
 - (NSString *)moppLibVersion;
 - (NSString *)libdigidocppVersion;

MoppLib/MoppLib/PublicInterface/MoppLibManager.m

@@ -55,10 +55,6 @@ + (BOOL)isSignatureValid:(NSString *)cert signatureValue:(NSString *)signatureVa
     return [MoppLibDigidocManager isSignatureValid:cert signatureValue:signatureValue];
 }
 
-+ (void)cancelSigning {
-    [MoppLibDigidocManager cancelSigning];
-}
-
 - (NSString *)moppLibVersion {
   return [[MoppLibDigidocManager sharedInstance] getMoppLibVersion];
 }