MOPP

open-eid · Jan 31, 2025 · 958c411 · 958c411
1 parent 0674575
commit 958c411
Show file tree

Hide file tree

Showing 11 changed files with 63 additions and 7 deletions.
diff --git a/cdoc/CDoc1Reader.cpp b/cdoc/CDoc1Reader.cpp
@@ -192,11 +192,24 @@ CDoc1Reader::decrypt(const std::vector<uint8_t>& fmk, libcdoc::MultiDataConsumer
 int
 CDoc1Reader::beginDecryption(const std::vector<uint8_t>& fmk)
 {
+    if (fmk.empty()) {
+        setLastError("FMK is missing");
+        return libcdoc::WORKFLOW_ERROR;
+    }
+    if (fmk.size() != 16 && fmk.size() != 24 && fmk.size() != 32) {
+        setLastError("FMK must be AES key with size 128, 192,2 56 bits");
+        return libcdoc::WORKFLOW_ERROR;
+    }
     if (!d->files.empty() || (d->f_pos != -1)) {
         setLastError("Container is already parsed");
         return libcdoc::WORKFLOW_ERROR;
     }
     std::vector<uint8_t> data = this->decryptData(fmk);
+    if(data.empty()) {
+        setLastError("Failed to decrypt data, verify if FMK is correct");
+        return libcdoc::WORKFLOW_ERROR;
+    }
+
     std::string mime = d->mime;
     if (d->mime == MIME_ZLIB) {
         libcdoc::VectorSource vsrc(data);

diff --git a/cdoc/CDoc1Writer.cpp b/cdoc/CDoc1Writer.cpp
@@ -269,7 +269,7 @@ int
 CDoc1Writer::addFile(const std::string& name, size_t size)
 {
 	d->files.push_back({name, size, {}});
-	return libcdoc::NOT_IMPLEMENTED;
+	return libcdoc::OK;
 }
 
 int64_t

diff --git a/cdoc/CDocChipher.cpp b/cdoc/CDocChipher.cpp
@@ -448,7 +448,7 @@ void CDocChipher::Locks(const char* file) const
     }
 }
 
-#if defined(_WIN32) || defined(_WIN64) || defined(__GNUC__)
+#if defined(_WIN32) || defined(_WIN64) || !defined(__APPLE__)
 uint32_t
 arc4random_uniform(uint32_t upperbound)
 {

diff --git a/cdoc/CDocReader.h b/cdoc/CDocReader.h
@@ -96,6 +96,9 @@ class CDOC_EXPORT CDocReader {
     static int getCDocFileVersion(DataSource *src);
 
     static CDocReader *createReader(DataSource *src, bool take_ownership, Configuration *conf, CryptoBackend *crypto, NetworkBackend *network);
+    static CDocReader *createReader(const std::string& path, CryptoBackend *crypto) {
+		return createReader(path, nullptr, crypto, nullptr);
+	}
     static CDocReader *createReader(const std::string& path, Configuration *conf, CryptoBackend *crypto, NetworkBackend *network);
 
 #if LIBCDOC_TESTING
@@ -104,6 +107,10 @@ class CDOC_EXPORT CDocReader {
 #endif
 protected:
 	explicit CDocReader(int _version) : version(_version) {};
+	CDocReader (const CDocReader&) = delete;
+	CDocReader (CDocReader&&) noexcept;
+	CDocReader& operator= (const CDocReader&) = delete;
+	CDocReader& operator= (CDocReader&&) noexcept;
 
 	void setLastError(const std::string& message) { last_error = message; }
 

diff --git a/cdoc/CDocWriter.h b/cdoc/CDocWriter.h
@@ -28,9 +28,16 @@
 #include <cdoc/Exports.h>
 #include <cdoc/NetworkBackend.h>
 
+#if __has_include(<swift/bridging>)
+#include <swift/bridging>
+#endif
+#ifndef SWIFT_NONCOPYABLE
+#define SWIFT_NONCOPYABLE
+#endif
+
 namespace libcdoc {
 
-class CDOC_EXPORT CDocWriter {
+class CDOC_EXPORT SWIFT_NONCOPYABLE CDocWriter {
 public:
 	virtual ~CDocWriter();
 
@@ -106,6 +113,10 @@ class CDOC_EXPORT CDocWriter {
 	static CDocWriter *createWriter(int version, const std::string& path, Configuration *conf, CryptoBackend *crypto, NetworkBackend *network);
 protected:
 	explicit CDocWriter(int _version, DataConsumer *dst, bool take_ownership);
+	CDocWriter (const CDocWriter&) = delete;
+	CDocWriter (CDocWriter&&) noexcept;
+	CDocWriter& operator= (const CDocWriter&) = delete;
+	CDocWriter& operator= (CDocWriter&&) noexcept;
 
 	void setLastError(const std::string& message) { last_error = message; }
 

diff --git a/cdoc/CMakeLists.txt b/cdoc/CMakeLists.txt
@@ -70,7 +70,6 @@ target_include_directories(cdoc_priv
 )
 target_link_libraries(cdoc_priv
     $<TARGET_NAME_IF_EXISTS:flatbuffers::flatbuffers>
-    $<TARGET_NAME_IF_EXISTS:flatbuffers::flatbuffers_shared>
     OpenSSL::SSL
     ZLIB::ZLIB
     LibXml2::LibXml2

diff --git a/cdoc/Crypto.cpp b/cdoc/Crypto.cpp
@@ -97,8 +97,8 @@ Crypto::Cipher::blockSize() const
 std::vector<uint8_t> Crypto::AESWrap(const std::vector<uint8_t> &key, const std::vector<uint8_t> &data, bool encrypt)
 {
 	AES_KEY aes;
-    if (encrypt && SSL_FAILED(AES_set_encrypt_key(key.data(), int(key.size()) * 8, &aes), "AES_set_encrypt_key") ||
-        !encrypt && SSL_FAILED(AES_set_decrypt_key(key.data(), int(key.size()) * 8, &aes), "AES_set_decrypt_key"))
+    if (encrypt && AES_set_encrypt_key(key.data(), int(key.size()) * 8, &aes) != 0 ||
+        !encrypt && AES_set_decrypt_key(key.data(), int(key.size()) * 8, &aes) != 0)
         return {};
 
 	std::vector<uint8_t> result(data.size() + 8);

diff --git a/cdoc/CryptoBackend.h b/cdoc/CryptoBackend.h
@@ -151,7 +151,9 @@ struct CDOC_EXPORT CryptoBackend {
     virtual int test(libcdoc::Lock& lock) { return NOT_IMPLEMENTED; }
 
 	CryptoBackend (const CryptoBackend&) = delete;
+	CryptoBackend (CryptoBackend&&) noexcept = default;
 	CryptoBackend& operator= (const CryptoBackend&) = delete;
+	CryptoBackend& operator= (CryptoBackend&&) noexcept = default;
 };
 
 } // namespace libcdoc

diff --git a/cdoc/Io.h b/cdoc/Io.h
@@ -6,11 +6,30 @@
 #include <cdoc/CDoc.h>
 
 #include <cstdint>
-#include <filesystem>
 #include <fstream>
 #include <iostream>
 #include <vector>
 
+#ifdef __swift__
+// Swift compiler can't handle std::filesystem; provide a stub
+namespace std {
+namespace filesystem {
+	class path {
+		std::string p;
+	public:
+		path(std::string str = {}) : p(std::move(str)) {}
+		std::string string() const { return p; }
+		inline path& operator/=(const path &other) {
+			p += "/" + other.p;
+			return *this;
+		}
+	};
+}
+}
+#else
+	#include <filesystem>
+#endif
+
 namespace libcdoc {
 
 class DataSource;
@@ -203,6 +222,7 @@ struct CDOC_EXPORT IStreamSource : public DataSource {
 	}
 
 	int seek(size_t pos) {
+		_ifs->clear();
 		_ifs->seekg(pos);
         return bool(_ifs->bad()) ? INPUT_STREAM_ERROR : OK;
 	}

diff --git a/cdoc/Lock.h b/cdoc/Lock.h
@@ -104,7 +104,9 @@ struct CDOC_EXPORT Lock
 	void setString(Params key, const std::string& val) { params[key] = std::vector<uint8_t>(val.cbegin(), val.cend()); }
 	void setInt(Params key, int32_t val);
 
+#ifndef __swift__
 	bool operator== (const Lock& other) const = default;
+#endif
 
 	// Set certificate, rcpt_key and pk_type values
 	void setCertificate(const std::vector<uint8_t>& cert);

diff --git a/cdoc/Recipient.h b/cdoc/Recipient.h
@@ -94,7 +94,9 @@ struct CDOC_EXPORT Recipient {
 
     static std::map<std::string, std::string> parseLabel(const std::string& label);
 
+#ifndef __swift__
     bool operator== (const Recipient& other) const = default;
+#endif
 protected:
 	Recipient(Type _type) : type(_type) {};
 private: