the new functionality is not yet exposed in the qt4 wrapper as I prioritized the glib wrapper to support I can see the problem for poppler in terms of licensing. I've coordinated with Vasco Dias to expose this feature in Evince and his work is in the latest patches attached to this bug: Poppler_document_signature_get_signername the new functionality is not yet exposed in the qt4 wrapper as I prioritized the glib wrapper to support Evince. Timestamps contained in the PKCS7 signature are not verified cgi?id= 614929Īs the additional dependency on OpenSSL couldn't possibly satisfy everyone I made it optional at build-time with -enable-openssl for Autotools and -DENABLE_OPENSSL=ON for cmake I've coordinated with Vasco Dias to expose this feature in Evince and his work is in the latest patches attached to this bug: https:/ /bugzilla. Poppler_ document_ signature_ get_signername It uses OpenSSL PKCS7 API for the crypto operations (signature and certificate Validations).Ĥ new functions were added at the glib wrapper level: This patch adds signature verification support to poppler core. Here's an initial attempt at solving this issue. What is recommended - storing the Object in the class or copy the string? I wasn't also sure I was freeing the memory correctly. I did not really understand the implications of choosing one over the other. Regarding the code related question: I have not been using poppler before and I noticed while looking at this that there was at least two ways of doing it. I think my initial idea was to have support in poppler to get only that is needed and then an application could implement the rest and later some of that could be refactored and moved back into poppler, but that's just and idea you know better how poppler works. And as Brad mentions the trusted root certificates might be fetched from some keystore integrated with the desktop. There are Gnutls, openssl and NSS and possibly other? I have not used any of them for this purpose (I am mainly a Java developer now days and normally use the Bouncy Castle API). However, I was not just sure if it is good to add a dependency to a particular crypto library. I can see you point that the verification should be included if all applications were to use it.
0 Comments
Leave a Reply. |