From 1dfb1b84ca17eb2f30113fcf90b3937b6d1c5c7d Mon Sep 17 00:00:00 2001 From: Raul Metsma Date: Fri, 2 Jan 2026 14:40:20 +0200 Subject: [PATCH] Update libraries and use custom libxml2 with iOS IB-8687 Signed-off-by: Raul Metsma --- .github/workflows/build.yml | 49 +++++++---------------- CMakeLists.txt | 2 +- cdoc/CDoc1Reader.cpp | 16 ++++---- cdoc/XmlReader.cpp | 77 +++++++++++++++---------------------- cdoc/XmlReader.h | 8 ++-- vcpkg.json | 4 +- 6 files changed, 60 insertions(+), 96 deletions(-) diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index 789bf3ba..a24f583b 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -22,7 +22,11 @@ jobs: DEBEMAIL: github-actions@github.com steps: - name: Install dependencies - run: apt update -qq && apt install --no-install-recommends -y lsb-release build-essential devscripts debhelper lintian pkg-config ${UBUNTU_DEPS} doxygen swig openjdk-17-jdk-headless libpython3-dev python3-setuptools libboost-test-dev + run: | + echo 'path-exclude=/usr/share/man/*' > /etc/dpkg/dpkg.cfg.d/99-nodocs + echo 'path-exclude=/usr/share/doc/*' >> /etc/dpkg/dpkg.cfg.d/99-nodocs + echo 'path-exclude=/usr/share/doc-base/*' >> /etc/dpkg/dpkg.cfg.d/99-nodocs + apt update -qq && apt install --no-install-recommends -y lsb-release build-essential devscripts debhelper lintian pkg-config ${UBUNTU_DEPS} doxygen swig openjdk-17-jdk-headless libpython3-dev python3-setuptools libboost-test-dev - name: Checkout uses: actions/checkout@v5 - name: Setup changelog @@ -46,13 +50,7 @@ jobs: runs-on: ubuntu-24.04 strategy: matrix: - include: - - target: androidarm - triplet: arm-neon-android - - target: androidarm64 - triplet: arm64-android - - target: androidx86_64 - triplet: x64-android + target: [androidarm, androidarm64, androidx86_64] steps: - name: Checkout uses: actions/checkout@v5 @@ -61,21 +59,15 @@ jobs: run: | echo "ANDROID_NDK_HOME=$ANDROID_NDK_LATEST_HOME" >> "$GITHUB_ENV" echo "ANDROID_NDK_ROOT=$ANDROID_NDK_LATEST_HOME" >> "$GITHUB_ENV" + echo "VCPKG_ROOT=$VCPKG_INSTALLATION_ROOT" >> "$GITHUB_ENV" - name: Cache vcpkg uses: actions/cache@v4 with: path: ${{ github.workspace }}/vcpkg_cache key: vcpkg-${{ matrix.target }}-${{ hashFiles('vcpkg.json') }} - - name: Prepare vcpkg - uses: lukka/run-vcpkg@v11 - with: - vcpkgJsonGlob: ./vcpkg.json - runVcpkgInstall: true + - name: Build env: VCPKG_BINARY_SOURCES: clear;files,${{ github.workspace }}/vcpkg_cache,readwrite - VCPKG_DEFAULT_TRIPLET: ${{ matrix.triplet }} - VCPKG_INSTALLED_DIR: ${{ github.workspace }}/build/${{ matrix.target }}/vcpkg_installed - - name: Build run: | cmake --preset ${{ matrix.target }} "-GUnix Makefiles" -DCMAKE_BUILD_TYPE=RelWithDebInfo -DCMAKE_INSTALL_PREFIX=libcdoc.${{ matrix.target }} cmake --build --preset ${{ matrix.target }} @@ -92,11 +84,6 @@ jobs: strategy: matrix: target: [macos, iphoneos, iphonesimulator] - include: - - target: iphoneos - triplet: arm64-ios - - target: iphonesimulator - triplet: arm64-ios-simulator env: DEST: ${{ github.workspace }}/${{ matrix.target }} steps: @@ -112,18 +99,11 @@ jobs: with: path: ${{ github.workspace }}/vcpkg_cache key: vcpkg-${{ matrix.target }}-${{ hashFiles('vcpkg.json') }} - - name: Prepare vcpkg - if: matrix.target != 'macos' - uses: lukka/run-vcpkg@v11 - with: - vcpkgJsonGlob: ./vcpkg.json - runVcpkgInstall: true + - name: Build env: VCPKG_BINARY_SOURCES: clear;files,${{ github.workspace }}/vcpkg_cache,readwrite - VCPKG_DEFAULT_TRIPLET: ${{ matrix.triplet }} - VCPKG_INSTALLED_DIR: ${{ github.workspace }}/build/${{ matrix.target }}/vcpkg_installed - - name: Build run: | + export VCPKG_ROOT=${VCPKG_INSTALLATION_ROOT} cmake --preset ${{ matrix.target }} -DCMAKE_BUILD_TYPE=RelWithDebInfo -DCMAKE_INSTALL_PREFIX=${{ env.DEST }} cmake --build --preset ${{ matrix.target }} - name: Test @@ -146,7 +126,6 @@ jobs: env: CXXFLAGS: '/D_DISABLE_CONSTEXPR_MUTEX_CONSTRUCTOR' # https://github.com/actions/runner-images/issues/10004 DEST: ${{ github.workspace }}/${{ matrix.image }}_${{ matrix.platform }} - VCPKG_DEFAULT_TRIPLET: ${{ matrix.platform }}-windows-static-md steps: - name: Checkout uses: actions/checkout@v5 @@ -169,7 +148,7 @@ jobs: cmake -A ${{ matrix.platform }} -S . -B build -DCMAKE_BUILD_TYPE=RelWithDebInfo ` "-DCMAKE_TOOLCHAIN_FILE=C:/vcpkg/scripts/buildsystems/vcpkg.cmake" ` "-DSWIG_EXECUTABLE=$swig" ` - -DVCPKG_TARGET_TRIPLET=${{ env.VCPKG_DEFAULT_TRIPLET }} ` + -DVCPKG_TARGET_TRIPLET=${{ matrix.platform }}-windows-static-md ` ${{ matrix.platform == 'x64' && '-DVCPKG_MANIFEST_FEATURES=tests' || '' }} ` -DCMAKE_INSTALL_LIBDIR=bin cmake --build build --config RelWithDebInfo @@ -249,7 +228,7 @@ jobs: - name: Install dependencies run: sudo apt update -qq && sudo apt install --no-install-recommends -y ${UBUNTU_DEPS} - name: Initialize CodeQL - uses: github/codeql-action/init@v3 + uses: github/codeql-action/init@v4 with: languages: cpp queries: +security-and-quality @@ -262,7 +241,7 @@ jobs: -DBUILD_TOOLS=NO cmake --build build - name: Perform CodeQL Analysis - uses: github/codeql-action/analyze@v3 + uses: github/codeql-action/analyze@v4 with: upload: False output: sarif-results @@ -277,6 +256,6 @@ jobs: input: sarif-results/cpp.sarif output: sarif-results/cpp.sarif - name: Upload results - uses: github/codeql-action/upload-sarif@v3 + uses: github/codeql-action/upload-sarif@v4 with: sarif_file: sarif-results/cpp.sarif diff --git a/CMakeLists.txt b/CMakeLists.txt index aa54e624..07c9e40e 100644 --- a/CMakeLists.txt +++ b/CMakeLists.txt @@ -16,7 +16,7 @@ endmacro() SET_ENV(BUILD_NUMBER 0) set(VERSION ${PROJECT_VERSION}.${BUILD_NUMBER}) -set(CMAKE_CXX_STANDARD 20) +set(CMAKE_CXX_STANDARD 23) set(CMAKE_CXX_STANDARD_REQUIRED YES) set(CMAKE_C_VISIBILITY_PRESET hidden) set(CMAKE_CXX_VISIBILITY_PRESET hidden) diff --git a/cdoc/CDoc1Reader.cpp b/cdoc/CDoc1Reader.cpp index 3d9be2c0..237f5eb4 100644 --- a/cdoc/CDoc1Reader.cpp +++ b/cdoc/CDoc1Reader.cpp @@ -40,14 +40,14 @@ static const std::string MIME_ZLIB = "http://www.isi.edu/in-noes/iana/assignment static const std::string MIME_DDOC = "http://www.sk.ee/DigiDoc/v1.3.0/digidoc.xsd"; static const std::string MIME_DDOC_OLD = "http://www.sk.ee/DigiDoc/1.3.0/digidoc.xsd"; -constexpr auto SUPPORTED_METHODS = std::to_array({ +constexpr std::array SUPPORTED_METHODS { libcdoc::Crypto::AES128CBC_MTH, libcdoc::Crypto::AES192CBC_MTH, libcdoc::Crypto::AES256CBC_MTH, libcdoc::Crypto::AES128GCM_MTH, libcdoc::Crypto::AES192GCM_MTH, libcdoc::Crypto::AES256GCM_MTH -}); +}; -constexpr auto SUPPORTED_KWAES = std::to_array({ +constexpr std::array SUPPORTED_KWAES { libcdoc::Crypto::KWAES128_MTH, libcdoc::Crypto::KWAES192_MTH, libcdoc::Crypto::KWAES256_MTH -}); +}; /* * @class CDoc1Reader @@ -174,7 +174,7 @@ CDoc1Reader::decrypt(const std::vector& fmk, libcdoc::MultiDataConsumer return CDoc1Reader::decryptData(fmk, [&](DataSource &src, const std::string &mime) -> result_t { if(mime == MIME_DDOC || mime == MIME_DDOC_OLD) { LOG_DBG("Contains DDoc content {}", mime); - auto rv = DDOCReader(&src).parse(dst); + auto rv = DDOCReader(src).parse(dst); if (rv != libcdoc::OK) { setLastError("Failed to parse DDOC file"); LOG_ERROR("{}", last_error); @@ -197,7 +197,7 @@ CDoc1Reader::beginDecryption(const std::vector& fmk) return CDoc1Reader::decryptData(fmk, [&](DataSource &src, const std::string &mime) -> result_t { if(mime == MIME_DDOC || mime == MIME_DDOC_OLD) { LOG_DBG("Contains DDoc content {}", mime); - auto rv = DDOCReader(&src).files(d->files); + auto rv = DDOCReader(src).files(d->files); if (rv != libcdoc::OK) { setLastError("Failed to parse DDOC file"); LOG_ERROR("{}", last_error); @@ -282,7 +282,7 @@ CDoc1Reader::CDoc1Reader(libcdoc::DataSource *src, bool delete_on_close) return out; }; - XMLReader reader(d->dsrc, false); + XMLReader reader(*d->dsrc); while (reader.read()) { if(reader.isEndElement()) continue; @@ -386,7 +386,7 @@ result_t CDoc1Reader::decryptData(const std::vector& fmk, } std::vector b64; - XMLReader reader(d->dsrc, false); + XMLReader reader(*d->dsrc); int skipKeyInfo = 0; while (reader.read()) { // EncryptedData/KeyInfo diff --git a/cdoc/XmlReader.cpp b/cdoc/XmlReader.cpp index 089b1564..d9428bcc 100644 --- a/cdoc/XmlReader.cpp +++ b/cdoc/XmlReader.cpp @@ -19,87 +19,72 @@ #include "XmlReader.h" #include "Crypto.h" -#include "Io.h" #include using namespace libcdoc; -typedef const xmlChar *pcxmlChar; +using pcxmlChar = const xmlChar *; -struct XMLReader::Private -{ - xmlTextReaderPtr reader = nullptr; - - libcdoc::DataSource *_src = nullptr; - bool _delete_src = false; - - std::string tostring(const xmlChar *tmp) - { - std::string result; - if(!tmp) - return result; - result = (const char*)tmp; - return result; - } +#if LIBXML_VERSION >= 21300 +constexpr int XML_READ_FLAGS = XML_PARSE_NONET|XML_PARSE_HUGE|XML_PARSE_NODICT|XML_PARSE_NO_XXE; +#else +constexpr int XML_READ_FLAGS = XML_PARSE_NONET|XML_PARSE_HUGE|XML_PARSE_NODICT; +#endif - static int xmlInputReadCallback (void *context, char *buffer, int len); -}; - -int -XMLReader::Private::xmlInputReadCallback (void *context, char *buffer, int len) +static std::string tostring(pcxmlChar tmp) { - auto *d = reinterpret_cast(context); - auto result = d->_src->read((uint8_t *) buffer, len); - return result >= 0 ? result : -1; + std::string result; + if(!tmp) + return result; + result = (const char*)tmp; + return result; } -XMLReader::XMLReader(libcdoc::DataSource *src, bool delete_on_close) - : d(new Private) -{ - d->_src = src; - d->_delete_src = delete_on_close; - d->reader = xmlReaderForIO(Private::xmlInputReadCallback, nullptr, d, nullptr, nullptr, XML_PARSE_HUGE); -} +XMLReader::XMLReader(libcdoc::DataSource &src) + : d(xmlReaderForIO([](void *context, char *buffer, int len) -> int { + auto *src = reinterpret_cast(context); + auto result = src->read((uint8_t *) buffer, len); + return result >= OK ? result : -1; + }, nullptr, &src, nullptr, nullptr, XML_READ_FLAGS)) +{} XMLReader::~XMLReader() noexcept { - xmlFreeTextReader(d->reader); - if(d->_src && d->_delete_src) delete d->_src; - delete d; + xmlFreeTextReader(d); } std::string XMLReader::attribute(const char *attr) const { - xmlChar *tmp = xmlTextReaderGetAttribute(d->reader, pcxmlChar(attr)); - std::string result = d->tostring(tmp); - xmlFree(tmp); - return result; + xmlChar *tmp = xmlTextReaderGetAttribute(d, pcxmlChar(attr)); + std::string result = tostring(tmp); + xmlFree(tmp); + return result; } bool XMLReader::isEndElement() const { - return xmlTextReaderNodeType(d->reader) == XML_READER_TYPE_END_ELEMENT; + return xmlTextReaderNodeType(d) == XML_READER_TYPE_END_ELEMENT; } bool XMLReader::isElement(const char *elem) const { - return xmlStrEqual(xmlTextReaderConstLocalName(d->reader), pcxmlChar(elem)) == 1; + return xmlStrEqual(xmlTextReaderConstLocalName(d), pcxmlChar(elem)) == 1; } bool XMLReader::read() { - return xmlTextReaderRead(d->reader) == 1; + return xmlTextReaderRead(d) == 1; } std::vector XMLReader::readBase64() { - xmlTextReaderRead(d->reader); - return libcdoc::Crypto::decodeBase64(xmlTextReaderConstValue(d->reader)); + xmlTextReaderRead(d); + return libcdoc::Crypto::decodeBase64(xmlTextReaderConstValue(d)); } std::string XMLReader::readText() { - xmlTextReaderRead(d->reader); - return d->tostring(xmlTextReaderConstValue(d->reader)); + xmlTextReaderRead(d); + return tostring(xmlTextReaderConstValue(d)); } diff --git a/cdoc/XmlReader.h b/cdoc/XmlReader.h index e2bb5c38..cccbe488 100644 --- a/cdoc/XmlReader.h +++ b/cdoc/XmlReader.h @@ -19,10 +19,11 @@ #pragma once #include -#include #include #include +struct _xmlTextReader; + namespace libcdoc { struct DataSource; @@ -30,7 +31,7 @@ struct DataSource; class XMLReader { public: - XMLReader(libcdoc::DataSource *src, bool delete_on_close = false); + XMLReader(libcdoc::DataSource &src); virtual ~XMLReader() noexcept; std::string attribute(const char *attr) const; @@ -41,8 +42,7 @@ class XMLReader std::string readText(); private: - struct Private; - Private *d; + _xmlTextReader *d; }; } // namespace libcdoc diff --git a/vcpkg.json b/vcpkg.json index 09ae3a76..624a4109 100644 --- a/vcpkg.json +++ b/vcpkg.json @@ -7,7 +7,7 @@ { "name": "libxml2", "default-features": false, - "platform": "!osx & !ios" + "platform": "!osx" }, { "name": "flatbuffers", @@ -21,7 +21,7 @@ "features": { "tests": { "description": "Build tests", "dependencies": ["boost-test"] } }, - "builtin-baseline": "bc38a15b0bee8bc48a49ea267cc32fbb49aedfc4", + "builtin-baseline": "34a03aca6ccf1e42ac0c7b35803b2566c2f15b2b", "vcpkg-configuration": { "overlay-triplets": ["./vcpkg-triplets"] }