summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorTor Lillqvist <tml@collabora.com>2015-02-24 15:29:05 +0200
committerTor Lillqvist <tml@collabora.com>2015-02-24 15:38:51 +0200
commit167569bfea0bfa5f697ed7a25a354537bc97fa53 (patch)
treee50e2d15c20e9ad86776b3b332c4f947787ff419
parent6a23af75c01afabadd82dded59602d52f5a0ef21 (diff)
tdf#84881: NSSCMSAttribute::type can't be null. Must be same as typeTag.oid?
Why is a separate field then needed? Dunno, but probably because the type and values fields make up an encoded NSSCMSAttribute. (The comment in <nss/cmst.h> says so, but it took a while before I realized what it meant.) The typeTag and encoded fields are for NSS internal use or something. Now Adobe Reader says "The signature includes an embedded timestamp but it is invalid". Progress... Change-Id: I390947db8d414a7ceecc1f67aaeed5fa0f66fe6f
-rw-r--r--vcl/source/gdi/pdfwriter_impl.cxx10
1 files changed, 5 insertions, 5 deletions
diff --git a/vcl/source/gdi/pdfwriter_impl.cxx b/vcl/source/gdi/pdfwriter_impl.cxx
index 222722b1291c..d782bc1a4d5a 100644
--- a/vcl/source/gdi/pdfwriter_impl.cxx
+++ b/vcl/source/gdi/pdfwriter_impl.cxx
@@ -6950,9 +6950,7 @@ bool PDFWriterImpl::finalizeSignature()
NSSCMSAttribute timestamp;
- timestamp.type.type = siBuffer;
- timestamp.type.data = NULL;
- timestamp.type.len = 0;
+ // timestamp.type filled in below
SECItem values[2];
values[0] = response.timeStampToken;
@@ -6975,11 +6973,13 @@ bool PDFWriterImpl::finalizeSignature()
}
typetag.offset = SEC_OID_UNKNOWN; // ???
typetag.desc = "id-aa-timeStampToken";
- typetag.mechanism = CKM_INVALID_MECHANISM; // ???
+ typetag.mechanism = CKM_SHA256; // ???
typetag.supportedExtension = UNSUPPORTED_CERT_EXTENSION; // ???
timestamp.typeTag = &typetag;
- timestamp.encoded = PR_TRUE;
+ timestamp.type = typetag.oid; // ???
+
+ timestamp.encoded = PR_TRUE; // ???
if (my_NSS_CMSSignerInfo_AddUnauthAttr(cms_signer, &timestamp) != SECSuccess)
{