pdf.js.mirror/web/external_services.js
Jonas Jenwald c188012280 Add a FakeSignatureVerifier for development mode and TESTING builds (PR 21247 follow-up)
Despite the `enableSignatureVerification` option/preference being enabled in development mode and TESTING builds, the lack of any `SignatureVerifier` implementation still renders the UI disabled.
This seems unfortunate, since it makes it more difficult to check that the digital signature UI works correctly:
 - That the button is visible when it's supposed to be, and that the panel can be opened/closed.
 - That the UI looks correct, w.r.t. the HTML elements and their CSS rules.
 - Currently the viewer JS code is effectively uncovered, with overall test-coverage dropping from `90` to `89` percent when PR 21247 landed.

To improve the current situation this patch adds a `FakeSignatureVerifier` class, limited to only development mode and TESTING builds, that treats every digital signature as invalid.
This allows easier manual testing, and also the addition of a few *very rudimentary* integration-tests.

*Note:* It probably wouldn't be all that difficult to add additional integration-tests for *valid* certificates, by having the test-cases instruct (during setup) the `FakeSignatureVerifier` how to respond to simulate verified certificates.
2026-07-05 13:43:25 +02:00

80 lines
2.3 KiB
JavaScript

/* Copyright 2024 Mozilla Foundation
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
class BaseExternalServices {
constructor() {
if (
(typeof PDFJSDev === "undefined" || PDFJSDev.test("TESTING")) &&
this.constructor === BaseExternalServices
) {
throw new Error("Cannot initialize BaseExternalServices.");
}
}
updateFindControlState(data) {}
updateFindMatchesCount(data) {}
initPassiveLoading() {}
reportTelemetry(data) {}
reportText(data) {}
/**
* @returns {Promise<L10n>}
*/
async createL10n() {
throw new Error("Not implemented: createL10n");
}
createScripting() {
throw new Error("Not implemented: createScripting");
}
createSignatureStorage() {
throw new Error("Not implemented: createSignatureStorage");
}
/**
* Build a signature verifier for the Digital signature properties panel.
*
* The MOZCENTRAL build returns a verifier that calls into NSS via
* the chrome bridge. The default GENERIC implementation returns
* `null` — there is no portable cryptographic verification path
* outside Firefox, so the toolbar button stays hidden and the
* worker is never asked for `getSignatures()`.
*
* Downstream consumers of `pdfjs-dist` that want the Signature
* Properties UI should subclass `BaseExternalServices` and return
* an object exposing `verify(signature)` (and optionally
* `viewCertificate(certificate)`) that resolves to a
* `VerificationResult` — see `web/firefoxcom.js` for the exact shape.
*
* @returns {Object|null}
*/
createSignatureVerifier() {
return null;
}
updateEditorStates(data) {
throw new Error("Not implemented: updateEditorStates");
}
dispatchGlobalEvent(_event) {}
}
export { BaseExternalServices };