Add a Go port

It should be roughly at feature parity.

README.adoc

@@ -2,8 +2,8 @@ pdf-simple-sign
 ===============
 :compact-option:
 
-'pdf-simple-sign' is a simple open source PDF signer intended for documents
+'pdf-simple-sign' is a simple PDF signer intended for documents produced by
-generated by Cairo.  As such, it currently comes with some restrictions:
+the Cairo library.  As such, it currently comes with some restrictions:
 
  * the document may not have any forms or signatures already, as they will be
    overwitten
@@ -30,6 +30,10 @@ Runtime dependencies: libcrypto (OpenSSL 1.1 API)
  $ cd builddir
  $ ninja
 
+In addition to the C++ version, also included is a native Go port:
+
+ $ go get janouch.name/pdf-simple-sign/cmd/pdf-simple-sign
+
 Usage
 -----
 

cmd/pdf-simple-sign/main.go

@@ -0,0 +1,72 @@
+//
+// Copyright (c) 2018, Přemysl Janouch <p@janouch.name>
+//
+// Permission to use, copy, modify, and/or distribute this software for any
+// purpose with or without fee is hereby granted.
+//
+// THE SOFTWARE IS PROVIDED "AS IS" AND THE AUTHOR DISCLAIMS ALL WARRANTIES
+// WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
+// MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY
+// SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
+// WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION
+// OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN
+// CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
+//
+
+// pdf-simple-sign is a simple PDF signer.
+package main
+
+import (
+	"flag"
+	"fmt"
+	"io/ioutil"
+	"janouch.name/pdf-simple-sign/pdf"
+	"os"
+)
+
+// #include <unistd.h>
+import "C"
+
+func isatty(fd uintptr) bool { return C.isatty(C.int(fd)) != 0 }
+
+func die(status int, format string, args ...interface{}) {
+	msg := fmt.Sprintf(format+"\n", args...)
+	if isatty(os.Stderr.Fd()) {
+		msg = "\x1b[0;31m" + msg + "\x1b[m"
+	}
+	os.Stderr.WriteString(msg)
+	os.Exit(status)
+}
+
+func usage() {
+	die(1, "Usage: %s [-h] INPUT-FILENAME OUTPUT-FILENAME "+
+		"PKCS12-PATH PKCS12-PASS", os.Args[0])
+}
+
+func main() {
+	flag.Usage = usage
+	flag.Parse()
+	if flag.NArg() != 4 {
+		usage()
+	}
+
+	inputPath, outputPath := flag.Arg(0), flag.Arg(1)
+	pdfDocument, err := ioutil.ReadFile(inputPath)
+	if err != nil {
+		die(1, "%s", err)
+	}
+	p12, err := ioutil.ReadFile(flag.Arg(2))
+	if err != nil {
+		die(2, "%s", err)
+	}
+	key, certs, err := pdf.PKCS12Parse(p12, flag.Arg(3))
+	if err != nil {
+		die(3, "%s", err)
+	}
+	if pdfDocument, err = pdf.Sign(pdfDocument, key, certs); err != nil {
+		die(2, "error: %s", err)
+	}
+	if err = ioutil.WriteFile(outputPath, pdfDocument, 0666); err != nil {
+		die(3, "%s", err)
+	}
+}

pdf-simple-sign.cpp

@@ -136,12 +136,11 @@ struct pdf_lexer {
           if (eat_newline(ch))
             continue;
           std::string octal;
+          if (ch && strchr(oct_alphabet, ch)) {
+            octal += ch;
             if (*p && strchr(oct_alphabet, *p)) octal += *p++;
             if (*p && strchr(oct_alphabet, *p)) octal += *p++;
-          if (*p && strchr(oct_alphabet, *p)) octal += *p++;
+            ch = std::stoi(octal, nullptr, 8);
-          if (!octal.empty()) {
-            value += char(std::stoi(octal, nullptr, 8));
-            continue;
           }
         }
       }
@@ -162,6 +161,7 @@ struct pdf_lexer {
         buf.clear();
       }
     }
+    p++;
     if (!buf.empty()) value += char(std::stoi(buf + '0', nullptr, 16));
     return {pdf_object::STRING, value};
   }
@@ -257,7 +257,7 @@ struct pdf_lexer {
 static std::string pdf_serialize(const pdf_object& o) {
   switch (o.type) {
   case pdf_object::NL:      return "\n";
-  case pdf_object::NIL:     return "nil";
+  case pdf_object::NIL:     return "null";
   case pdf_object::BOOL:    return o.number ? "true" : "false";
   case pdf_object::NUMERIC:
   {
@@ -301,6 +301,7 @@ static std::string pdf_serialize(const pdf_object& o) {
   {
     std::string s;
     for (const auto i : o.dict)
+      // FIXME the key is also supposed to be escaped by pdf_serialize()
       s += " /" + i.first + " " + pdf_serialize(i.second);
     return "<<" + s + " >>";
   }
@@ -353,6 +354,12 @@ public:
 
 // -------------------------------------------------------------------------------------------------
 
+/// If the object is an error, forward its message, otherwise return err.
+static std::string pdf_error(const pdf_object& o, const char* err) {
+  if (o.type != pdf_object::END || o.string.empty()) return err;
+  return o.string;
+}
+
 pdf_object pdf_updater::parse_obj(pdf_lexer& lex, std::vector<pdf_object>& stack) const {
   if (stack.size() < 2)
     return {pdf_object::END, "missing object ID pair"};
@@ -370,7 +377,7 @@ pdf_object pdf_updater::parse_obj(pdf_lexer& lex, std::vector<pdf_object>& stack
   while (1) {
     auto object = parse(lex, obj.array);
     if (object.type == pdf_object::END)
-      return {pdf_object::END, "object doesn't end"};
+      return {pdf_object::END, pdf_error(object, "object doesn't end")};
     if (object.type == pdf_object::KEYWORD && object.string == "endobj")
       break;
     obj.array.push_back(std::move(object));
@@ -408,7 +415,7 @@ pdf_object pdf_updater::parse(pdf_lexer& lex, std::vector<pdf_object>& stack) co
     while (1) {
       auto object = parse(lex, array);
       if (object.type == pdf_object::END)
-        return {pdf_object::END, "array doesn't end"};
+        return {pdf_object::END, pdf_error(object, "array doesn't end")};
       if (object.type == pdf_object::E_ARRAY)
         break;
       array.push_back(std::move(object));
@@ -421,7 +428,7 @@ pdf_object pdf_updater::parse(pdf_lexer& lex, std::vector<pdf_object>& stack) co
     while (1) {
       auto object = parse(lex, array);
       if (object.type == pdf_object::END)
-        return {pdf_object::END, "dictionary doesn't end"};
+        return {pdf_object::END, pdf_error(object, "dictionary doesn't end")};
       if (object.type == pdf_object::E_DICT)
         break;
       array.push_back(std::move(object));
@@ -459,7 +466,7 @@ std::string pdf_updater::load_xref(pdf_lexer& lex, std::set<uint>& loaded_entrie
   while (1) {
     auto object = parse(lex, throwaway_stack);
     if (object.type == pdf_object::END)
-      return "unexpected EOF while looking for the trailer";
+      return pdf_error(object, "unexpected EOF while looking for the trailer");
     if (object.type == pdf_object::KEYWORD && object.string == "trailer")
       break;
 
@@ -529,7 +536,7 @@ std::string pdf_updater::initialize() {
 
     auto trailer = parse(lex, throwaway_stack);
     if (trailer.type != pdf_object::DICT)
-      return "invalid trailer dictionary";
+      return pdf_error(trailer, "invalid trailer dictionary");
     if (loaded_xrefs.empty())
       this->trailer = trailer.dict;
     loaded_xrefs.insert(xref_offset);
@@ -537,6 +544,7 @@ std::string pdf_updater::initialize() {
     const auto prev_offset = trailer.dict.find("Prev");
     if (prev_offset == trailer.dict.end())
       break;
+    // FIXME we don't check for size_t over or underflow
     if (!prev_offset->second.is_integer())
       return "invalid Prev offset";
     xref_offset = prev_offset->second.number;
@@ -556,7 +564,7 @@ pdf_object pdf_updater::get(uint n, uint generation) const {
   if (n >= xref_size)
     return {pdf_object::NIL};
 
-  auto& ref = xref[n];
+  const auto& ref = xref[n];
   if (ref.free || ref.generation != generation || ref.offset >= document.length())
     return {pdf_object::NIL};