metsma
diff --git a/‎.github/workflows/build.yml‎
Lines changed: 3 additions & 3 deletions b/‎.github/workflows/build.yml‎
Lines changed: 3 additions & 3 deletions
diff --git a/‎client/CDocSupport.cpp‎
Lines changed: 1 addition & 3 deletions b/‎client/CDocSupport.cpp‎
Lines changed: 1 addition & 3 deletions
diff --git a/‎client/CDocSupport.h‎
Lines changed: 20 additions & 23 deletions b/‎client/CDocSupport.h‎
Lines changed: 20 additions & 23 deletions
diff --git a/‎client/CryptoDoc.cpp‎
Lines changed: 23 additions & 31 deletions b/‎client/CryptoDoc.cpp‎
Lines changed: 23 additions & 31 deletions
diff --git a/‎client/CryptoDoc.h‎
Lines changed: 1 addition & 1 deletion b/‎client/CryptoDoc.h‎
Lines changed: 1 addition & 1 deletion
@@ -187,10 +187,10 @@ jobs:
         dotnet tool install -g wix --version 6.0.2
         wix extension -g add WixToolset.UI.wixext/6.0.2
     - name: Build
-      env:
-        VCPKG_MANIFEST_DIR: ${{ github.workspace }}/client/libcdoc
       run: |
-        cmake "-GNinja" -B build -S . -DCMAKE_BUILD_TYPE=RelWithDebInfo "-DCMAKE_TOOLCHAIN_FILE=${{ env.VCPKG_ROOT }}/scripts/buildsystems/vcpkg.cmake" -DVCPKG_MANIFEST_DIR=${{ github.workspace }}/client/libcdoc
+        cmake "-GNinja" -B build -S . -DCMAKE_BUILD_TYPE=RelWithDebInfo `
+          -DCMAKE_TOOLCHAIN_FILE=${{ env.VCPKG_ROOT }}/scripts/buildsystems/vcpkg.cmake `
+          -DVCPKG_MANIFEST_DIR=${{ github.workspace }}/client/libcdoc
         cmake --build build --target msi
         cmake --build build --target msishellext
         cmake --build build --target appx
 
@@ -1,7 +1,5 @@
-#define __CDOCSUPPORT_CPP__
-
 /*
- * QDigiDocCrypto
+ * QDigiDoc4
  *
  * This library is free software; you can redistribute it and/or
  * modify it under the terms of the GNU Lesser General Public
 
@@ -1,8 +1,5 @@
-#ifndef __CDOCSUPPORT_H__
-#define __CDOCSUPPORT_H__
-
 /*
- * QDigiDocCrypto
+ * QDigiDoc4
  *
  * This library is free software; you can redistribute it and/or
  * modify it under the terms of the GNU Lesser General Public
@@ -20,6 +17,8 @@
  *
  */
 
+#pragma once
+
 #include <QtCore/QObject>
 #include <QtCore/QIODevice>
 
@@ -52,27 +51,27 @@ struct DDConfiguration : public libcdoc::Configuration {
 // Bridges to qApp->signer()
 //
 
-struct DDCryptoBackend : public libcdoc::CryptoBackend {
+struct DDCryptoBackend final : public libcdoc::CryptoBackend {
 	static constexpr int BACKEND_ERROR = -303;
 	static constexpr int PIN_CANCELED = -304;
 	static constexpr int PIN_INCORRECT = -305;
 	static constexpr int PIN_LOCKED = -306;
 	libcdoc::result_t decryptRSA(std::vector<uint8_t> &result,
 								 const std::vector<uint8_t> &data, bool oaep,
-								 unsigned int idx) override final;
+								 unsigned int idx) final;
 	libcdoc::result_t deriveConcatKDF(std::vector<uint8_t> &dst,
 									  const std::vector<uint8_t> &publicKey,
 									  const std::string &digest,
 									  const std::vector<uint8_t> &algorithmID,
 									  const std::vector<uint8_t> &partyUInfo,
 									  const std::vector<uint8_t> &partyVInfo,
-									  unsigned int idx) override final;
+									  unsigned int idx) final;
 	libcdoc::result_t deriveHMACExtract(std::vector<uint8_t> &dst,
 										const std::vector<uint8_t> &publicKey,
 										const std::vector<uint8_t> &salt,
-										unsigned int idx) override final;
+										unsigned int idx) final;
 	libcdoc::result_t getSecret(std::vector<uint8_t> &secret,
-								unsigned int idx) override final;
+								unsigned int idx) final;
 	std::string getLastErrorStr(libcdoc::result_t code) const final;
 
 	std::vector<uint8_t> secret;
@@ -86,7 +85,7 @@ struct DDCryptoBackend : public libcdoc::CryptoBackend {
 // Bridges to QNetworkAccessManager
 //
 
-struct DDNetworkBackend : public libcdoc::NetworkBackend, private QObject {
+struct DDNetworkBackend final : public libcdoc::NetworkBackend, private QObject {
 	static constexpr int BACKEND_ERROR = -303;
 
 	std::string getLastErrorStr(libcdoc::result_t code) const final;
@@ -95,17 +94,17 @@ struct DDNetworkBackend : public libcdoc::NetworkBackend, private QObject {
 							  const std::vector<uint8_t> &rcpt_key,
 							  const std::vector<uint8_t> &key_material,
 							  const std::string &type,
-							  uint64_t expiry_ts) override final;
+							  uint64_t expiry_ts) final;
 	libcdoc::result_t
 	fetchKey(std::vector<uint8_t> &result, const std::string &keyserver_id,
-			 const std::string &transaction_id) override final;
+			 const std::string &transaction_id) final;
 
 	libcdoc::result_t
-	getClientTLSCertificate(std::vector<uint8_t> &dst) override final {
+	getClientTLSCertificate(std::vector<uint8_t> &dst) final {
 		return libcdoc::NOT_IMPLEMENTED;
 	}
 	libcdoc::result_t getPeerTLSCertificates(
-		std::vector<std::vector<uint8_t>> &dst) override final {
+		std::vector<std::vector<uint8_t>> &dst) final {
 		return libcdoc::NOT_IMPLEMENTED;
 	}
 
@@ -120,15 +119,15 @@ struct DDNetworkBackend : public libcdoc::NetworkBackend, private QObject {
 // Bridges to Qt logging system
 //
 
-class DDCDocLogger : private libcdoc::ILogger {
+class DDCDocLogger final : private libcdoc::ILogger {
   public:
 	static void setUpLogger();
 
   private:
 	DDCDocLogger() = default;
 	~DDCDocLogger() = default;
 	void LogMessage(libcdoc::ILogger::LogLevel level, std::string_view file, int line,
-					std::string_view message) override final;
+					std::string_view message) final;
 };
 
 class CDocSupport {
@@ -147,7 +146,7 @@ struct IOEntry
 	std::unique_ptr<QIODevice> data;
 };
 
-struct TempListConsumer : public libcdoc::MultiDataConsumer {
+struct TempListConsumer final : public libcdoc::MultiDataConsumer {
 	static constexpr int64_t MAX_VEC_SIZE = 500L * 1024L * 1024L;
 
 	explicit TempListConsumer(size_t max_memory_size = 500L * 1024L * 1024L)
@@ -158,23 +157,21 @@ struct TempListConsumer : public libcdoc::MultiDataConsumer {
 	libcdoc::result_t close() noexcept final;
 	bool isError() noexcept final;
 	libcdoc::result_t open(const std::string &name,
-						   int64_t size) override final;
+						   int64_t size) final;
 
 	size_t _max_memory_size;
 	std::vector<IOEntry> files;
 };
 
-struct StreamListSource : public libcdoc::MultiDataSource {
+struct StreamListSource final : public libcdoc::MultiDataSource {
 	StreamListSource(const std::vector<IOEntry> &files);
 
 	libcdoc::result_t read(uint8_t *dst, size_t size) noexcept final;
 	bool isError() noexcept final;
 	bool isEof() noexcept final;
-	libcdoc::result_t getNumComponents() override final;
-	libcdoc::result_t next(std::string &name, int64_t &size) override final;
+	libcdoc::result_t getNumComponents() final;
+	libcdoc::result_t next(std::string &name, int64_t &size) final;
 
 	const std::vector<IOEntry> &_files;
 	int64_t _current = -1;
 };
-
-#endif // __CDOCSUPPORT_H__
@@ -55,27 +55,6 @@ auto toHex = [](const std::vector<uint8_t>& data) -> QString {
 struct CryptoDoc::Private
 {
 	bool isEncryptedWarning(const QString &title) const;
-	inline libcdoc::result_t decrypt(unsigned int lock_idx) {
-		TempListConsumer cons;
-		libcdoc::result_t result = waitFor([&]{
-			std::vector<uint8_t> fmk;
-			libcdoc::result_t result = reader->getFMK(fmk, lock_idx);
-			qCDebug(CRYPTO) << "getFMK result: " << result << " " << QString::fromStdString(reader->getLastErrorStr());
-			if (result != libcdoc::OK) return result;
-			result = reader->decrypt(fmk, &cons);
-			std::fill(fmk.begin(), fmk.end(), 0);
-			qCDebug(CRYPTO) << "Decryption result: " << result << " " << QString::fromStdString(reader->getLastErrorStr());
-			return result;
-		});
-		if (result == libcdoc::OK) {
-			files = std::move(cons.files);
-			// Success, immediately create writer from reader
-			keys.clear();
-			writer_last_error.clear();
-			reader.reset();
-		}
-		return result;
-	}
 
 	inline libcdoc::result_t encrypt() {
 		libcdoc::result_t res = waitFor([&]{
@@ -101,8 +80,7 @@ struct CryptoDoc::Private
 				}
 			}
 			if (!crypto.secret.empty()) {
-				auto key =
-					libcdoc::Recipient::makeSymmetric(label.toStdString(), kdf_iter);
+				auto key = libcdoc::Recipient::makeSymmetric(label.toStdString(), 65536);
 				enc_keys.push_back(key);
 			}
 			libcdoc::CDocWriter *writer = libcdoc::CDocWriter::createWriter(
@@ -133,7 +111,6 @@ struct CryptoDoc::Private
 	QStringList		tempFiles;
 	// Encryption data
 	QString label;
-	uint32_t kdf_iter;
 
 	// libcdoc handlers
 	DDConfiguration conf;
@@ -356,19 +333,17 @@ ContainerState CryptoDoc::state() const
 
 bool CryptoDoc::decrypt(const libcdoc::Lock *lock, const QByteArray& secret)
 {
-	if( d->fileName.isEmpty() )
+	if(!d->reader)
 	{
 		WarningDialog::create()
 			->withTitle(QSigner::tr("Failed to decrypt document"))
 			->withText(tr("Container is not open"))
 			->open();
 		return false;
 	}
-	if (!d->reader)
-		return true;
 
 	int lock_idx = -1;
-	const std::vector<libcdoc::Lock> locks = d->reader->getLocks();
+	const std::vector<libcdoc::Lock> &locks = d->reader->getLocks();
 	if (lock == nullptr) {
 		QByteArray der = qApp->signer()->tokenauth().cert().toDer();
 		lock_idx = d->reader->getLockForCert(
@@ -423,7 +398,20 @@ bool CryptoDoc::decrypt(const libcdoc::Lock *lock, const QByteArray& secret)
 
 	d->crypto.secret.assign(secret.cbegin(), secret.cend());
 
-	libcdoc::result_t result = d->decrypt(lock_idx);
+	TempListConsumer cons;
+	libcdoc::result_t result = waitFor([&]{
+		std::vector<uint8_t> fmk;
+		auto scope = qScopeGuard([&] {
+			std::fill(fmk.begin(), fmk.end(), 0);
+		});
+		libcdoc::result_t result = d->reader->getFMK(fmk, lock_idx);
+		qCDebug(CRYPTO) << "getFMK result: " << result << " " << QString::fromStdString(d->reader->getLastErrorStr());
+		if (result != libcdoc::OK)
+			return result;
+		result = d->reader->decrypt(fmk, &cons);
+		qCDebug(CRYPTO) << "Decryption result: " << result << " " << QString::fromStdString(d->reader->getLastErrorStr());
+		return result;
+	});
 	if (result != libcdoc::OK) {
 		const std::string &msg = d->reader->getLastErrorStr();
 		WarningDialog::create()
@@ -434,12 +422,17 @@ bool CryptoDoc::decrypt(const libcdoc::Lock *lock, const QByteArray& secret)
 		return false;
 	}
 
+	d->files = std::move(cons.files);
+	// Success, immediately create writer from reader
+	d->keys.clear();
+	d->writer_last_error.clear();
+	d->reader.reset();
 	return !d->isEncrypted();
 }
 
 DocumentModel *CryptoDoc::documentModel() const { return d->documents; }
 
-bool CryptoDoc::encrypt( const QString &filename, const QString& label, const QByteArray& secret, uint32_t kdf_iter)
+bool CryptoDoc::encrypt( const QString &filename, const QString& label, const QByteArray& secret)
 {
 	if( !filename.isEmpty() )
 		d->fileName = filename;
@@ -457,7 +450,6 @@ bool CryptoDoc::encrypt( const QString &filename, const QString& label, const QB
 		// Encrypt with symmetric key
 		d->label = label;
 		d->crypto.secret.assign(secret.cbegin(), secret.cend());
-		d->kdf_iter = kdf_iter;
 	}
 	// Encrypt for address list
 	else if(d->keys.empty())
 
@@ -59,7 +59,7 @@ class CryptoDoc final: public QObject
 	bool canDecrypt(const QSslCertificate &cert);
 	void clear(const QString &file = {});
 	bool decrypt(const libcdoc::Lock *lock, const QByteArray& secret);
-	bool encrypt(const QString &filename = {}, const QString& label = {}, const QByteArray& secret = {}, uint32_t kdf_iter = 0);
+	bool encrypt(const QString &filename = {}, const QString& label = {}, const QByteArray& secret = {});
 	DocumentModel* documentModel() const;
 	QString fileName() const;
 	const std::vector<CDKey>& keys() const;
Original file line number	Diff line number	Diff line change
`@@ -1,7 +1,5 @@`
`1`		`-#define __CDOCSUPPORT_CPP__`
`2`		`-`
`3`	`1`	`/*`
`4`		`- * QDigiDocCrypto`
	`2`	`+ * QDigiDoc4`
`5`	`3`	`*`
`6`	`4`	`* This library is free software; you can redistribute it and/or`
`7`	`5`	`* modify it under the terms of the GNU Lesser General Public`