summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorTor Lillqvist <tml@collabora.com>2015-02-24 15:29:05 +0200
committerAndras Timar <andras.timar@collabora.com>2015-03-05 16:44:07 +0100
commit8aa7a9643ca73d00f932a2c59d9468ef8d006d42 (patch)
tree6f15f11855294e37e1c8cb432ff30d74de4621e3
parent9f67d5c06c5da84976a70dddc6d5857526abc41e (diff)
tdf#84881: NSSCMSAttribute::type can't be null. Must be same as typeTag.oid?
Why is a separate field then needed? Dunno, but probably because the type and values fields make up an encoded NSSCMSAttribute. (The comment in <nss/cmst.h> says so, but it took a while before I realized what it meant.) The typeTag and encoded fields are for NSS internal use or something. Now Adobe Reader says "The signature includes an embedded timestamp but it is invalid". Progress... Change-Id: I390947db8d414a7ceecc1f67aaeed5fa0f66fe6f (cherry picked from commit 167569bfea0bfa5f697ed7a25a354537bc97fa53)
-rw-r--r--vcl/source/gdi/pdfwriter_impl.cxx10
1 files changed, 5 insertions, 5 deletions
diff --git a/vcl/source/gdi/pdfwriter_impl.cxx b/vcl/source/gdi/pdfwriter_impl.cxx
index 06a56044a3e8..174db9ec50c7 100644
--- a/vcl/source/gdi/pdfwriter_impl.cxx
+++ b/vcl/source/gdi/pdfwriter_impl.cxx
@@ -6915,9 +6915,7 @@ bool PDFWriterImpl::finalizeSignature()
NSSCMSAttribute timestamp;
- timestamp.type.type = siBuffer;
- timestamp.type.data = NULL;
- timestamp.type.len = 0;
+ // timestamp.type filled in below
SECItem values[2];
values[0] = response.timeStampToken;
@@ -6940,11 +6938,13 @@ bool PDFWriterImpl::finalizeSignature()
}
typetag.offset = SEC_OID_UNKNOWN; // ???
typetag.desc = "id-aa-timeStampToken";
- typetag.mechanism = CKM_INVALID_MECHANISM; // ???
+ typetag.mechanism = CKM_SHA256; // ???
typetag.supportedExtension = UNSUPPORTED_CERT_EXTENSION; // ???
timestamp.typeTag = &typetag;
- timestamp.encoded = PR_TRUE;
+ timestamp.type = typetag.oid; // ???
+
+ timestamp.encoded = PR_TRUE; // ???
if (my_NSS_CMSSignerInfo_AddUnauthAttr(cms_signer, &timestamp) != SECSuccess)
{