diff options
| author | Miklos Vajna <vmiklos@collabora.co.uk> | 2016-02-12 09:49:37 +0100 |
|---|---|---|
| committer | Miklos Vajna <vmiklos@collabora.co.uk> | 2016-02-12 10:11:05 +0100 |
| commit | 89af47f2b3fba6692a1cea850159b2163a64db8b (patch) | |
| tree | 9f4aad6c06a55f1c2db545ba06f2188a7081bd31 | |
| parent | 0acbf9404a40e5ca87642af299218846d51cf009 (diff) | |
xmlsecurity: import OOXML <xd:CertDigest>
Another redundant field: it's the SHA-256 digest of the certificate data
for OOXML, not used for ODF. We need to store it after import, as we no
longer have the security environment at hand when we store the signature
to the persistent storage.
Change-Id: I3bcccb3c7c4f4178c0b267ce87777fba543f8716
| -rw-r--r-- | xmlsecurity/inc/xmlsecurity/sigstruct.hxx | 2 | ||||
| -rw-r--r-- | xmlsecurity/source/helper/ooxmlsecparser.cxx | 19 | ||||
| -rw-r--r-- | xmlsecurity/source/helper/ooxmlsecparser.hxx | 2 | ||||
| -rw-r--r-- | xmlsecurity/source/helper/xsecctl.hxx | 1 | ||||
| -rw-r--r-- | xmlsecurity/source/helper/xsecverify.cxx | 9 |
5 files changed, 30 insertions, 3 deletions
diff --git a/xmlsecurity/inc/xmlsecurity/sigstruct.hxx b/xmlsecurity/inc/xmlsecurity/sigstruct.hxx index f798b3b2db7f..e501239b8765 100644 --- a/xmlsecurity/inc/xmlsecurity/sigstruct.hxx +++ b/xmlsecurity/inc/xmlsecurity/sigstruct.hxx @@ -81,6 +81,8 @@ struct SignatureInformation OUString ouDescription; /// The Id attribute of the <SignatureProperty> element that contains the <dc:description>. OUString ouDescriptionPropertyId; + /// OOXML certificate SHA-256 digest, empty for ODF. + OUString ouCertDigest; SignatureInformation( sal_Int32 nId ) { diff --git a/xmlsecurity/source/helper/ooxmlsecparser.cxx b/xmlsecurity/source/helper/ooxmlsecparser.cxx index 2086d3876283..cc764b69b0be 100644 --- a/xmlsecurity/source/helper/ooxmlsecparser.cxx +++ b/xmlsecurity/source/helper/ooxmlsecparser.cxx @@ -21,6 +21,7 @@ OOXMLSecParser::OOXMLSecParser(XSecController* pXSecController) ,m_bInSignatureComments(false) ,m_bInX509IssuerName(false) ,m_bInX509SerialNumber(false) + ,m_bInCertDigest(false) ,m_bReferenceUnresolved(false) { } @@ -77,7 +78,7 @@ throw (xml::sax::SAXException, uno::RuntimeException, std::exception) } } } - else if (rName == "DigestValue") + else if (rName == "DigestValue" && !m_bInCertDigest) { m_aDigestValue.clear(); m_bInDigestValue = true; @@ -112,6 +113,11 @@ throw (xml::sax::SAXException, uno::RuntimeException, std::exception) m_aX509SerialNumber.clear(); m_bInX509SerialNumber = true; } + else if (rName == "xd:CertDigest") + { + m_aCertDigest.clear(); + m_bInCertDigest = true; + } if (m_xNextHandler.is()) m_xNextHandler->startElement(rName, xAttribs); @@ -131,7 +137,7 @@ void SAL_CALL OOXMLSecParser::endElement(const OUString& rName) throw (xml::sax: } m_pXSecController->setDigestValue(m_aDigestValue); } - else if (rName == "DigestValue") + else if (rName == "DigestValue" && !m_bInCertDigest) m_bInDigestValue = false; else if (rName == "SignatureValue") { @@ -163,6 +169,11 @@ void SAL_CALL OOXMLSecParser::endElement(const OUString& rName) throw (xml::sax: m_pXSecController->setX509SerialNumber(m_aX509SerialNumber); m_bInX509SerialNumber = false; } + else if (rName == "xd:CertDigest") + { + m_pXSecController->setCertDigest(m_aCertDigest); + m_bInCertDigest = false; + } if (m_xNextHandler.is()) m_xNextHandler->endElement(rName); @@ -170,7 +181,7 @@ void SAL_CALL OOXMLSecParser::endElement(const OUString& rName) throw (xml::sax: void SAL_CALL OOXMLSecParser::characters(const OUString& rChars) throw (xml::sax::SAXException, uno::RuntimeException, std::exception) { - if (m_bInDigestValue) + if (m_bInDigestValue && !m_bInCertDigest) m_aDigestValue += rChars; else if (m_bInSignatureValue) m_aSignatureValue += rChars; @@ -184,6 +195,8 @@ void SAL_CALL OOXMLSecParser::characters(const OUString& rChars) throw (xml::sax m_aX509IssuerName += rChars; else if (m_bInX509SerialNumber) m_aX509SerialNumber += rChars; + else if (m_bInCertDigest) + m_aCertDigest += rChars; if (m_xNextHandler.is()) m_xNextHandler->characters(rChars); diff --git a/xmlsecurity/source/helper/ooxmlsecparser.hxx b/xmlsecurity/source/helper/ooxmlsecparser.hxx index 819947baff8a..cd3eed01c2a6 100644 --- a/xmlsecurity/source/helper/ooxmlsecparser.hxx +++ b/xmlsecurity/source/helper/ooxmlsecparser.hxx @@ -43,6 +43,8 @@ class OOXMLSecParser: public cppu::WeakImplHelper OUString m_aX509IssuerName; bool m_bInX509SerialNumber; OUString m_aX509SerialNumber; + bool m_bInCertDigest; + OUString m_aCertDigest; /// Last seen <Reference URI="...">. OUString m_aReferenceURI; diff --git a/xmlsecurity/source/helper/xsecctl.hxx b/xmlsecurity/source/helper/xsecctl.hxx index 38b70dcd9ccc..9081b337ed37 100644 --- a/xmlsecurity/source/helper/xsecctl.hxx +++ b/xmlsecurity/source/helper/xsecctl.hxx @@ -389,6 +389,7 @@ private: void setDate( OUString& ouDate ); void setDescription(const OUString& rDescription); + void setCertDigest(const OUString& rCertDigest); void setId( OUString& ouId ); void setPropertyId( OUString& ouPropertyId ); diff --git a/xmlsecurity/source/helper/xsecverify.cxx b/xmlsecurity/source/helper/xsecverify.cxx index 856fdf7636da..a7e218398924 100644 --- a/xmlsecurity/source/helper/xsecverify.cxx +++ b/xmlsecurity/source/helper/xsecverify.cxx @@ -274,6 +274,15 @@ void XSecController::setDescription(const OUString& rDescription) rInformation.signatureInfor.ouDescription = rDescription; } +void XSecController::setCertDigest(const OUString& rCertDigest) +{ + if (m_vInternalSignatureInformations.empty()) + return; + + InternalSignatureInformation& rInformation = m_vInternalSignatureInformations.back(); + rInformation.signatureInfor.ouCertDigest = rCertDigest; +} + void XSecController::setId( OUString& ouId ) { if (m_vInternalSignatureInformations.empty()) |