From 8f208bfc1069b1c2f4a3df17252c7da2b005b5d8 Mon Sep 17 00:00:00 2001 From: Miklos Vajna Date: Thu, 18 May 2017 15:27:05 +0200 Subject: tdf#107782 xmlsecurity PDF verify: handle empty X509 certificate Leaving Signer as an empty reference will do exactly what we want: the signature will be considered invalid. (cherry picked from commit 18aa83acfa243741eb4c79a2e11aec6eaf1a9f02) Change-Id: I25d7cbd260384110173fe953fc24f3dcf6b9acd5 Reviewed-on: https://gerrit.libreoffice.org/37803 Tested-by: Jenkins Reviewed-by: Miklos Vajna --- xmlsecurity/qa/unit/pdfsigning/data/tdf107782.pdf | Bin 0 -> 157668 bytes xmlsecurity/qa/unit/pdfsigning/pdfsigning.cxx | 20 ++++++++++++++++++++ xmlsecurity/source/helper/pdfsignaturehelper.cxx | 3 ++- 3 files changed, 22 insertions(+), 1 deletion(-) create mode 100644 xmlsecurity/qa/unit/pdfsigning/data/tdf107782.pdf diff --git a/xmlsecurity/qa/unit/pdfsigning/data/tdf107782.pdf b/xmlsecurity/qa/unit/pdfsigning/data/tdf107782.pdf new file mode 100644 index 000000000000..086e18eedc03 Binary files /dev/null and b/xmlsecurity/qa/unit/pdfsigning/data/tdf107782.pdf differ diff --git a/xmlsecurity/qa/unit/pdfsigning/pdfsigning.cxx b/xmlsecurity/qa/unit/pdfsigning/pdfsigning.cxx index 7462be32882a..59ff206e2c28 100644 --- a/xmlsecurity/qa/unit/pdfsigning/pdfsigning.cxx +++ b/xmlsecurity/qa/unit/pdfsigning/pdfsigning.cxx @@ -74,6 +74,7 @@ public: void testTokenize(); /// Test handling of unknown SubFilter values. void testUnknownSubFilter(); + void testTdf107782(); CPPUNIT_TEST_SUITE(PDFSigningTest); CPPUNIT_TEST(testPDFAdd); @@ -90,6 +91,7 @@ public: CPPUNIT_TEST(testGood); CPPUNIT_TEST(testTokenize); CPPUNIT_TEST(testUnknownSubFilter); + CPPUNIT_TEST(testTdf107782); CPPUNIT_TEST_SUITE_END(); }; @@ -284,6 +286,24 @@ void PDFSigningTest::testPDFRemoveAll() CPPUNIT_ASSERT_EQUAL(static_cast(0), rInformations.size()); } +void PDFSigningTest::testTdf107782() +{ + uno::Reference xSEInitializer = xml::crypto::SEInitializer::create(mxComponentContext); + uno::Reference xSecurityContext = xSEInitializer->createSecurityContext(OUString()); + + // Load the test document as a storage and read its signatures. + DocumentSignatureManager aManager(mxComponentContext, DocumentSignatureMode::Content); + OUString aURL = m_directories.getURLFromSrc(DATA_DIRECTORY) + "tdf107782.pdf"; + SvStream* pStream = utl::UcbStreamHelper::CreateStream(aURL, StreamMode::READ | StreamMode::WRITE); + uno::Reference xStream(new utl::OStreamWrapper(*pStream)); + aManager.mxSignatureStream = xStream; + aManager.read(/*bUseTempStream=*/false); + CPPUNIT_ASSERT(aManager.mpPDFSignatureHelper); + + // This failed with an std::bad_alloc exception on Windows. + aManager.mpPDFSignatureHelper->GetDocumentSignatureInformations(aManager.getSecurityEnvironment()); +} + void PDFSigningTest::testPDF14Adobe() { // Two signatures, first is SHA1, the second is SHA256. diff --git a/xmlsecurity/source/helper/pdfsignaturehelper.cxx b/xmlsecurity/source/helper/pdfsignaturehelper.cxx index 702697a89dd1..9bb6e59d0380 100644 --- a/xmlsecurity/source/helper/pdfsignaturehelper.cxx +++ b/xmlsecurity/source/helper/pdfsignaturehelper.cxx @@ -76,7 +76,8 @@ uno::Sequence PDFSignatureHelper::GetDoc const SignatureInformation& rInternal = m_aSignatureInfos[i]; security::DocumentSignatureInformation& rExternal = aRet[i]; rExternal.SignatureIsValid = rInternal.nStatus == xml::crypto::SecurityOperationStatus_OPERATION_SUCCEEDED; - rExternal.Signer = xSecEnv->createCertificateFromAscii(rInternal.ouX509Certificate); + if (!rInternal.ouX509Certificate.isEmpty()) + rExternal.Signer = xSecEnv->createCertificateFromAscii(rInternal.ouX509Certificate); rExternal.PartialDocumentSignature = rInternal.bPartialDocumentSignature; // Verify certificate. -- cgit v1.2.3