4 files changed, 49 insertions, 4 deletions

diff --git a/xmlsecurity/inc/xsecctl.hxx b/xmlsecurity/inc/xsecctl.hxx
index ec2762665eda..5e8cdb6ccfe7 100644
--- a/xmlsecurity/inc/xsecctl.hxx
+++ b/xmlsecurity/inc/xsecctl.hxx
@@ -56,8 +56,10 @@
 #define ALGO_C14N          "http://www.w3.org/TR/2001/REC-xml-c14n-20010315"
 #define ALGO_RSASHA1       "http://www.w3.org/2000/09/xmldsig#rsa-sha1"
 #define ALGO_RSASHA256     "http://www.w3.org/2001/04/xmldsig-more#rsa-sha256"
+#define ALGO_RSASHA512     "http://www.w3.org/2001/04/xmldsig-more#rsa-sha512"
 #define ALGO_XMLDSIGSHA1   "http://www.w3.org/2000/09/xmldsig#sha1"
 #define ALGO_XMLDSIGSHA256 "http://www.w3.org/2001/04/xmlenc#sha256"
+#define ALGO_XMLDSIGSHA512 "http://www.w3.org/2001/04/xmlenc#sha512"
 #define ALGO_RELATIONSHIP  "http://schemas.openxmlformats.org/package/2006/RelationshipTransform"
 
 class XSecParser;
diff --git a/xmlsecurity/source/helper/xsecctl.cxx b/xmlsecurity/source/helper/xsecctl.cxx
index 37fbb225c1f9..ad0744f54d27 100644
--- a/xmlsecurity/source/helper/xsecctl.cxx
+++ b/xmlsecurity/source/helper/xsecctl.cxx
@@ -50,6 +50,38 @@ namespace cssxc = com::sun::star::xml::crypto;
 namespace cssxs = com::sun::star::xml::sax;
 using namespace com::sun::star;
 
+namespace
+{
+OUString getDigestURI(sal_Int32 nID)
+{
+    switch( nID )
+    {
+        case cssxc::DigestID::SHA1:
+            return OUString(ALGO_XMLDSIGSHA1);
+        case cssxc::DigestID::SHA256:
+            return OUString(ALGO_XMLDSIGSHA256);
+        case cssxc::DigestID::SHA512:
+            return OUString(ALGO_XMLDSIGSHA512);
+        default:
+            return OUString(ALGO_XMLDSIGSHA1);
+    }
+}
+OUString getSignatureURI(sal_Int32 nID)
+{
+    switch( nID )
+    {
+        case cssxc::DigestID::SHA1:
+            return OUString(ALGO_RSASHA1);
+        case cssxc::DigestID::SHA256:
+            return OUString(ALGO_RSASHA256);
+        case cssxc::DigestID::SHA512:
+            return OUString(ALGO_RSASHA512);
+        default:
+            return OUString(ALGO_RSASHA1);
+    }
+}
+}
+
 XSecController::XSecController( const cssu::Reference<cssu::XComponentContext>& rxCtx )
     : mxCtx(rxCtx)
     , m_nNextSecurityId(1)
@@ -633,7 +665,7 @@ void XSecController::exportSignature(
             // SignatureMethod:Algorithm should be the corresponding one.
             pAttributeList->AddAttribute(
                 "Algorithm",
-                (vReferenceInfors[0].nDigestID == cssxc::DigestID::SHA1 ? OUString(ALGO_RSASHA1) : OUString(ALGO_RSASHA256)));
+                getSignatureURI(vReferenceInfors[0].nDigestID));
             xDocumentHandler->startElement( "SignatureMethod", cssu::Reference< cssxs::XAttributeList > (pAttributeList) );
             xDocumentHandler->endElement( "SignatureMethod" );
 
@@ -693,7 +725,7 @@ void XSecController::exportSignature(
                     pAttributeList = new SvXMLAttributeList();
                     pAttributeList->AddAttribute(
                         "Algorithm",
-                        (refInfor.nDigestID == cssxc::DigestID::SHA1 ? OUString(ALGO_XMLDSIGSHA1) : OUString(ALGO_XMLDSIGSHA256)));
+                        getDigestURI(refInfor.nDigestID));
                     xDocumentHandler->startElement(
                         "DigestMethod",
                         cssu::Reference< cssxs::XAttributeList > (pAttributeList) );
diff --git a/xmlsecurity/source/helper/xsecparser.cxx b/xmlsecurity/source/helper/xsecparser.cxx
index bcab9811faf7..be6f0b7c3dd2 100644
--- a/xmlsecurity/source/helper/xsecparser.cxx
+++ b/xmlsecurity/source/helper/xsecparser.cxx
@@ -141,12 +141,16 @@ void SAL_CALL XSecParser::startElement(
             SAL_WARN_IF( ouAlgorithm.isEmpty(), "xmlsecurity.helper", "no Algorithm in Reference" );
             if (!ouAlgorithm.isEmpty())
             {
-                SAL_WARN_IF( ouAlgorithm != ALGO_XMLDSIGSHA1 && ouAlgorithm != ALGO_XMLDSIGSHA256,
-                             "xmlsecurity.helper", "Algorithm neither SHA1 or SHA256");
+                SAL_WARN_IF( ouAlgorithm != ALGO_XMLDSIGSHA1
+                             && ouAlgorithm != ALGO_XMLDSIGSHA256
+                             && ouAlgorithm != ALGO_XMLDSIGSHA512,
+                             "xmlsecurity.helper", "Algorithm neither SHA1, SHA256 nor SHA512");
                 if (ouAlgorithm == ALGO_XMLDSIGSHA1)
                     m_nReferenceDigestID = cssxc::DigestID::SHA1;
                 else if (ouAlgorithm == ALGO_XMLDSIGSHA256)
                     m_nReferenceDigestID = cssxc::DigestID::SHA256;
+                else if (ouAlgorithm == ALGO_XMLDSIGSHA512)
+                    m_nReferenceDigestID = cssxc::DigestID::SHA512;
             }
         }
         else if (aName == "Transform")
diff --git a/xmlsecurity/source/xmlsec/nss/nssinitializer.cxx b/xmlsecurity/source/xmlsec/nss/nssinitializer.cxx
index e9ba525ff2f5..a996ce5d43f4 100644
--- a/xmlsecurity/source/xmlsec/nss/nssinitializer.cxx
+++ b/xmlsecurity/source/xmlsec/nss/nssinitializer.cxx
@@ -413,6 +413,13 @@ css::uno::Reference< css::xml::crypto::XDigestContext > SAL_CALL ONSSInitializer
         nDigestLength = 20;
         b1KData = ( nDigestID == css::xml::crypto::DigestID::SHA1_1K );
     }
+    else if ( nDigestID == css::xml::crypto::DigestID::SHA512
+           || nDigestID == css::xml::crypto::DigestID::SHA512_1K )
+    {
+        nNSSDigestID = SEC_OID_SHA512;
+        nDigestLength = 64;
+        b1KData = ( nDigestID == css::xml::crypto::DigestID::SHA512_1K );
+    }
     else
         throw css::lang::IllegalArgumentException("Unexpected digest requested.", css::uno::Reference< css::uno::XInterface >(), 1 );