Fix for consiquent signatures verification by preventing copying of existing RandomAccessSource

DEVSIX-6181

Author: Alexander Kozlov

itext.tests/itext.io.tests/itext/io/source/RandomAccessSourceFactoryTest.cs

@@ -0,0 +1,88 @@
+/*
+This file is part of the iText (R) project.
+Copyright (c) 1998-2022 iText Group NV
+Authors: iText Software.
+
+This program is free software; you can redistribute it and/or modify
+it under the terms of the GNU Affero General Public License version 3
+as published by the Free Software Foundation with the addition of the
+following permission added to Section 15 as permitted in Section 7(a):
+FOR ANY PART OF THE COVERED WORK IN WHICH THE COPYRIGHT IS OWNED BY
+ITEXT GROUP. ITEXT GROUP DISCLAIMS THE WARRANTY OF NON INFRINGEMENT
+OF THIRD PARTY RIGHTS
+
+This program is distributed in the hope that it will be useful, but
+WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
+or FITNESS FOR A PARTICULAR PURPOSE.
+See the GNU Affero General Public License for more details.
+You should have received a copy of the GNU Affero General Public License
+along with this program; if not, see http://www.gnu.org/licenses or write to
+the Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor,
+Boston, MA, 02110-1301 USA, or download the license from the following URL:
+http://itextpdf.com/terms-of-use/
+
+The interactive user interfaces in modified source and object code versions
+of this program must display Appropriate Legal Notices, as required under
+Section 5 of the GNU Affero General Public License.
+
+In accordance with Section 7(b) of the GNU Affero General Public License,
+a covered work must retain the producer line in every PDF that is created
+or manipulated using iText.
+
+You can be released from the requirements of the license by purchasing
+a commercial license. Buying such a license is mandatory as soon as you
+develop commercial activities involving the iText software without
+disclosing the source code of your own applications.
+These activities include: offering paid services to customers as an ASP,
+serving PDFs on the fly in a web application, shipping iText with a closed
+source product.
+
+For more information, please contact iText Software Corp. at this
+address: [email protected]
+*/
+using System;
+using System.IO;
+using iText.IO.Exceptions;
+using iText.Test;
+
+namespace iText.IO.Source {
+    public class RandomAccessSourceFactoryTest : ExtendedITextTest {
+        private static readonly String SOURCE_FILE = iText.Test.TestUtil.GetParentProjectDirectory(NUnit.Framework.TestContext
+            .CurrentContext.TestDirectory) + "/resources/itext/io/source/RAF.txt";
+
+        [NUnit.Framework.Test]
+        public virtual void ReadRASInputStreamClosedTest() {
+            String fileName = SOURCE_FILE;
+            using (Stream pdfStream = new FileStream(fileName, FileMode.Open, FileAccess.Read)) {
+                IRandomAccessSource randomAccessSource = new RandomAccessSourceFactory().ExtractOrCreateSource(pdfStream);
+                RASInputStream rasInputStream = new RASInputStream(randomAccessSource);
+                IRandomAccessSource extractedRandomAccessSource = new RandomAccessSourceFactory().ExtractOrCreateSource(rasInputStream
+                    );
+                extractedRandomAccessSource.Close();
+                Exception e = NUnit.Framework.Assert.Catch(typeof(InvalidOperationException), () => rasInputStream.Read());
+                NUnit.Framework.Assert.AreEqual(IoExceptionMessage.ALREADY_CLOSED, e.Message);
+                e = NUnit.Framework.Assert.Catch(typeof(InvalidOperationException), () => randomAccessSource.Get(0));
+                NUnit.Framework.Assert.AreEqual(IoExceptionMessage.ALREADY_CLOSED, e.Message);
+                e = NUnit.Framework.Assert.Catch(typeof(InvalidOperationException), () => randomAccessSource.Get(0, new byte
+                    [10], 0, 10));
+                NUnit.Framework.Assert.AreEqual(IoExceptionMessage.ALREADY_CLOSED, e.Message);
+                e = NUnit.Framework.Assert.Catch(typeof(InvalidOperationException), () => randomAccessSource.Length());
+                NUnit.Framework.Assert.AreEqual(IoExceptionMessage.ALREADY_CLOSED, e.Message);
+            }
+        }
+
+        [NUnit.Framework.Test]
+        public virtual void ReadRASInputStreamTest() {
+            String fileName = SOURCE_FILE;
+            using (Stream pdfStream = new FileStream(fileName, FileMode.Open, FileAccess.Read)) {
+                IRandomAccessSource randomAccessSource = new RandomAccessSourceFactory().ExtractOrCreateSource(pdfStream);
+                RASInputStream rasInputStream = new RASInputStream(randomAccessSource);
+                IRandomAccessSource extractedRandomAccessSource = new RandomAccessSourceFactory().ExtractOrCreateSource(rasInputStream
+                    );
+                NUnit.Framework.Assert.AreEqual(72, rasInputStream.Read());
+                NUnit.Framework.Assert.AreEqual(72, extractedRandomAccessSource.Get(0));
+                NUnit.Framework.Assert.AreEqual(extractedRandomAccessSource, rasInputStream.GetSource());
+            }
+        }
+    }
+}

itext.tests/itext.kernel.tests/itext/kernel/pdf/PdfReaderTest.cs

@@ -44,6 +44,7 @@ source product.
 using System.Collections.Generic;
 using System.IO;
 using iText.Commons.Utils;
+using iText.IO.Exceptions;
 using iText.IO.Font;
 using iText.IO.Source;
 using iText.Kernel.Exceptions;
@@ -1512,12 +1513,12 @@ public virtual void HasRebuiltXrefPdfDocumentNotReadTest() {
         [NUnit.Framework.Test]
         public virtual void HasRebuiltXrefReadingNotCompletedTest() {
             String filename = SOURCE_FOLDER + "XrefWithNullOffsets.pdf";
-            PdfReader hasRebuiltXrefReader = new _PdfReader_1756(filename);
+            PdfReader hasRebuiltXrefReader = new _PdfReader_1758(filename);
             ReadingNotCompletedTest(hasRebuiltXrefReader);
         }
 
-        private sealed class _PdfReader_1756 : PdfReader {
-            public _PdfReader_1756(String baseArg1)
+        private sealed class _PdfReader_1758 : PdfReader {
+            public _PdfReader_1758(String baseArg1)
                 : base(baseArg1) {
             }
 
@@ -1538,12 +1539,12 @@ public virtual void HasHybridXrefPdfDocumentNotReadTest() {
         [NUnit.Framework.Test]
         public virtual void HasHybridXrefReadingNotCompletedTest() {
             String filename = SOURCE_FOLDER + "XrefWithNullOffsets.pdf";
-            PdfReader hasHybridXrefPdfReader = new _PdfReader_1779(filename);
+            PdfReader hasHybridXrefPdfReader = new _PdfReader_1781(filename);
             ReadingNotCompletedTest(hasHybridXrefPdfReader);
         }
 
-        private sealed class _PdfReader_1779 : PdfReader {
-            public _PdfReader_1779(String baseArg1)
+        private sealed class _PdfReader_1781 : PdfReader {
+            public _PdfReader_1781(String baseArg1)
                 : base(baseArg1) {
             }
 
@@ -1563,12 +1564,12 @@ public virtual void HasXrefStmPdfDocumentNotReadTest() {
         [NUnit.Framework.Test]
         public virtual void HasXrefStmReadingNotCompletedTest() {
             String filename = SOURCE_FOLDER + "XrefWithNullOffsets.pdf";
-            PdfReader hasXrefStmReader = new _PdfReader_1802(filename);
+            PdfReader hasXrefStmReader = new _PdfReader_1804(filename);
             ReadingNotCompletedTest(hasXrefStmReader);
         }
 
-        private sealed class _PdfReader_1802 : PdfReader {
-            public _PdfReader_1802(String baseArg1)
+        private sealed class _PdfReader_1804 : PdfReader {
+            public _PdfReader_1804(String baseArg1)
                 : base(baseArg1) {
             }
 
@@ -1588,12 +1589,12 @@ public virtual void HasFixedXrefPdfDocumentNotReadTest() {
         [NUnit.Framework.Test]
         public virtual void HasFixedXrefReadingNotCompletedTest() {
             String filename = SOURCE_FOLDER + "XrefWithNullOffsets.pdf";
-            PdfReader hasFixedXrefReader = new _PdfReader_1825(filename);
+            PdfReader hasFixedXrefReader = new _PdfReader_1827(filename);
             ReadingNotCompletedTest(hasFixedXrefReader);
         }
 
-        private sealed class _PdfReader_1825 : PdfReader {
-            public _PdfReader_1825(String baseArg1)
+        private sealed class _PdfReader_1827 : PdfReader {
+            public _PdfReader_1827(String baseArg1)
                 : base(baseArg1) {
             }
 
@@ -1613,12 +1614,12 @@ public virtual void GetLastXrefPdfDocumentNotReadTest() {
         [NUnit.Framework.Test]
         public virtual void GetLastXrefReadingNotCompletedTest() {
             String filename = SOURCE_FOLDER + "XrefWithNullOffsets.pdf";
-            PdfReader getLastXrefReader = new _PdfReader_1848(filename);
+            PdfReader getLastXrefReader = new _PdfReader_1850(filename);
             ReadingNotCompletedTest(getLastXrefReader);
         }
 
-        private sealed class _PdfReader_1848 : PdfReader {
-            public _PdfReader_1848(String baseArg1)
+        private sealed class _PdfReader_1850 : PdfReader {
+            public _PdfReader_1850(String baseArg1)
                 : base(baseArg1) {
             }
 
@@ -1639,12 +1640,12 @@ public virtual void GetPermissionsPdfDocumentNotReadTest() {
         [NUnit.Framework.Test]
         public virtual void GetPermissionsReadingNotCompletedTest() {
             String filename = SOURCE_FOLDER + "XrefWithNullOffsets.pdf";
-            PdfReader getPermissionsReader = new _PdfReader_1871(filename);
+            PdfReader getPermissionsReader = new _PdfReader_1873(filename);
             ReadingNotCompletedTest(getPermissionsReader);
         }
 
-        private sealed class _PdfReader_1871 : PdfReader {
-            public _PdfReader_1871(String baseArg1)
+        private sealed class _PdfReader_1873 : PdfReader {
+            public _PdfReader_1873(String baseArg1)
                 : base(baseArg1) {
             }
 
@@ -1665,12 +1666,12 @@ public virtual void IsOpenedWithFullPPdfDocumentNotReadTest() {
         [NUnit.Framework.Test]
         public virtual void IsOpenedWithFullPReadingNotCompletedTest() {
             String filename = SOURCE_FOLDER + "XrefWithNullOffsets.pdf";
-            PdfReader isOpenedWithFullPReader = new _PdfReader_1896(filename);
+            PdfReader isOpenedWithFullPReader = new _PdfReader_1898(filename);
             ReadingNotCompletedTest(isOpenedWithFullPReader);
         }
 
-        private sealed class _PdfReader_1896 : PdfReader {
-            public _PdfReader_1896(String baseArg1)
+        private sealed class _PdfReader_1898 : PdfReader {
+            public _PdfReader_1898(String baseArg1)
                 : base(baseArg1) {
             }
 
@@ -1691,12 +1692,12 @@ public virtual void GetCryptoModePdfDocumentNotReadTest() {
         [NUnit.Framework.Test]
         public virtual void GetCryptoModeReadingNotCompletedTest() {
             String filename = SOURCE_FOLDER + "XrefWithNullOffsets.pdf";
-            PdfReader getCryptoModeReader = new _PdfReader_1919(filename);
+            PdfReader getCryptoModeReader = new _PdfReader_1921(filename);
             ReadingNotCompletedTest(getCryptoModeReader);
         }
 
-        private sealed class _PdfReader_1919 : PdfReader {
-            public _PdfReader_1919(String baseArg1)
+        private sealed class _PdfReader_1921 : PdfReader {
+            public _PdfReader_1921(String baseArg1)
                 : base(baseArg1) {
             }
 
@@ -1717,12 +1718,12 @@ public virtual void ComputeUserPasswordPdfDocumentNotReadTest() {
         [NUnit.Framework.Test]
         public virtual void ComputeUserPasswordReadingNotCompletedTest() {
             String filename = SOURCE_FOLDER + "XrefWithNullOffsets.pdf";
-            PdfReader computeUserPasswordReader = new _PdfReader_1944(filename);
+            PdfReader computeUserPasswordReader = new _PdfReader_1946(filename);
             ReadingNotCompletedTest(computeUserPasswordReader);
         }
 
-        private sealed class _PdfReader_1944 : PdfReader {
-            public _PdfReader_1944(String baseArg1)
+        private sealed class _PdfReader_1946 : PdfReader {
+            public _PdfReader_1946(String baseArg1)
                 : base(baseArg1) {
             }
 
@@ -1743,12 +1744,12 @@ public virtual void GetOriginalFileIdPdfDocumentNotReadTest() {
         [NUnit.Framework.Test]
         public virtual void GetOriginalFileIdReadingNotCompletedTest() {
             String filename = SOURCE_FOLDER + "XrefWithNullOffsets.pdf";
-            PdfReader getOriginalFileIdReader = new _PdfReader_1967(filename);
+            PdfReader getOriginalFileIdReader = new _PdfReader_1969(filename);
             ReadingNotCompletedTest(getOriginalFileIdReader);
         }
 
-        private sealed class _PdfReader_1967 : PdfReader {
-            public _PdfReader_1967(String baseArg1)
+        private sealed class _PdfReader_1969 : PdfReader {
+            public _PdfReader_1969(String baseArg1)
                 : base(baseArg1) {
             }
 
@@ -1769,12 +1770,12 @@ public virtual void GetModifiedFileIdPdfDocumentNotReadTest() {
         [NUnit.Framework.Test]
         public virtual void GetModifiedFileIdReadingNotCompletedTest() {
             String filename = SOURCE_FOLDER + "XrefWithNullOffsets.pdf";
-            PdfReader getModifiedFileIdReader = new _PdfReader_1990(filename);
+            PdfReader getModifiedFileIdReader = new _PdfReader_1992(filename);
             ReadingNotCompletedTest(getModifiedFileIdReader);
         }
 
-        private sealed class _PdfReader_1990 : PdfReader {
-            public _PdfReader_1990(String baseArg1)
+        private sealed class _PdfReader_1992 : PdfReader {
+            public _PdfReader_1992(String baseArg1)
                 : base(baseArg1) {
             }
 
@@ -1794,12 +1795,12 @@ public virtual void IsEncryptedPdfDocumentNotReadTest() {
         [NUnit.Framework.Test]
         public virtual void IsEncryptedReadingNotCompletedTest() {
             String filename = SOURCE_FOLDER + "XrefWithNullOffsets.pdf";
-            PdfReader isEncryptedReader = new _PdfReader_2013(filename);
+            PdfReader isEncryptedReader = new _PdfReader_2015(filename);
             ReadingNotCompletedTest(isEncryptedReader);
         }
 
-        private sealed class _PdfReader_2013 : PdfReader {
-            public _PdfReader_2013(String baseArg1)
+        private sealed class _PdfReader_2015 : PdfReader {
+            public _PdfReader_2015(String baseArg1)
                 : base(baseArg1) {
             }
 
@@ -1994,6 +1995,46 @@ public virtual void ClosingArrayBracketMissingConservativeTest() {
                 "obj"), exception.InnerException.Message);
         }
 
+        [NUnit.Framework.Test]
+        public virtual void ReadRASInputStreamClosedTest() {
+            String fileName = SOURCE_FOLDER + "hello.pdf";
+            using (Stream pdfStream = new FileStream(fileName, FileMode.Open, FileAccess.Read)) {
+                IRandomAccessSource randomAccessSource = new RandomAccessSourceFactory().ExtractOrCreateSource(pdfStream);
+                RASInputStream rasInputStream = new RASInputStream(randomAccessSource);
+                randomAccessSource.Close();
+                Exception e = NUnit.Framework.Assert.Catch(typeof(InvalidOperationException), () => new PdfReader(rasInputStream
+                    ));
+                NUnit.Framework.Assert.AreEqual(IoExceptionMessage.ALREADY_CLOSED, e.Message);
+            }
+        }
+
+        [NUnit.Framework.Test]
+        public virtual void ReadRASInputStreamTest() {
+            String fileName = SOURCE_FOLDER + "hello.pdf";
+            using (Stream pdfStream = new FileStream(fileName, FileMode.Open, FileAccess.Read)) {
+                IRandomAccessSource randomAccessSource = new RandomAccessSourceFactory().ExtractOrCreateSource(pdfStream);
+                RASInputStream rasInputStream = new RASInputStream(randomAccessSource);
+                using (PdfReader reader = new PdfReader(rasInputStream)) {
+                    randomAccessSource.Close();
+                    Exception e = NUnit.Framework.Assert.Catch(typeof(InvalidOperationException), () => new PdfDocument(reader
+                        ));
+                    NUnit.Framework.Assert.AreEqual(IoExceptionMessage.ALREADY_CLOSED, e.Message);
+                }
+            }
+        }
+
+        [NUnit.Framework.Test]
+        public virtual void ReadRASInputStreamValidTest() {
+            String fileName = SOURCE_FOLDER + "hello.pdf";
+            using (Stream pdfStream = new FileStream(fileName, FileMode.Open, FileAccess.Read)) {
+                IRandomAccessSource randomAccessSource = new RandomAccessSourceFactory().ExtractOrCreateSource(pdfStream);
+                RASInputStream rasInputStream = new RASInputStream(randomAccessSource);
+                using (PdfReader reader = new PdfReader(rasInputStream)) {
+                    NUnit.Framework.Assert.DoesNotThrow(() => new PdfDocument(reader));
+                }
+            }
+        }
+
         private static FileInfo CopyFileForTest(String fileName, String copiedFileName) {
             FileInfo copiedFile = new FileInfo(copiedFileName);
             File.Copy(System.IO.Path.Combine(fileName), System.IO.Path.Combine(copiedFileName));

itext.tests/itext.sign.tests/itext/signatures/LtvVerifierIntegrationTest.cs

@@ -227,5 +227,23 @@ public virtual void NotTrustedRootCertificateInLatestRevisionTest() {
                 NUnit.Framework.Assert.AreEqual("Root certificate passed without checking", verificationOK.message);
             }
         }
+
+        [NUnit.Framework.Test]
+        public virtual void SwitchBetweenSeveralRevisionsTest() {
+            String testInput = SOURCE_FOLDER + "severalConsequentSignatures.pdf";
+            using (PdfReader pdfReader = new PdfReader(testInput)) {
+                using (PdfDocument pdfDoc = new PdfDocument(pdfReader)) {
+                    LtvVerifier ltvVerifier = new LtvVerifier(pdfDoc);
+                    NUnit.Framework.Assert.AreEqual("timestampSig2", ltvVerifier.signatureName);
+                    ltvVerifier.SwitchToPreviousRevision();
+                    NUnit.Framework.Assert.AreEqual("Signature2", ltvVerifier.signatureName);
+                    ltvVerifier.SwitchToPreviousRevision();
+                    NUnit.Framework.Assert.AreEqual("timestampSig1", ltvVerifier.signatureName);
+                    ltvVerifier.SwitchToPreviousRevision();
+                    NUnit.Framework.Assert.AreEqual("Signature1", ltvVerifier.signatureName);
+                    ltvVerifier.SwitchToPreviousRevision();
+                }
+            }
+        }
     }
 }

itext.tests/itext.sign.tests/resources/itext/signatures/LtvVerifierIntegrationTest/severalConsequentSignatures.pdf

@@ -63,5 +63,7 @@ public sealed class IoExceptionMessage {
         public const String IMAGE_MAGICK_OUTPUT_IS_NULL = "ImageMagick process output is null.";
 
         public const String IMAGE_MAGICK_PROCESS_EXECUTION_FAILED = "ImageMagick process execution finished with errors: ";
+
+        public const String ALREADY_CLOSED = "Already closed";
     }
 }