diff options
author | Tor Lillqvist <tml@collabora.com> | 2015-02-20 17:31:02 +0200 |
---|---|---|
committer | Tor Lillqvist <tml@collabora.com> | 2015-02-20 17:32:57 +0200 |
commit | d1293c666f08963cebb5f1439034dd11634392df (patch) | |
tree | 00b899050745533aff19c7196992436d8b3ee434 | |
parent | 5d572e673dec3396487b14bb1f9e86aa8ab86786 (diff) |
tdf#84881: Work in progress: Code to add the timestamp to the signature
Inside #if 0, as the two NSS functions I would want to use aren't exported
from libsmime, despite being declared in public headers. Back to the old
drawing board.
Change-Id: I8b868b4d645a7bbab670e237568c8ff7d97c98cc
-rw-r--r-- | vcl/source/gdi/pdfwriter_impl.cxx | 44 |
1 files changed, 40 insertions, 4 deletions
diff --git a/vcl/source/gdi/pdfwriter_impl.cxx b/vcl/source/gdi/pdfwriter_impl.cxx index f95bf02d1a1c..f917fa476059 100644 --- a/vcl/source/gdi/pdfwriter_impl.cxx +++ b/vcl/source/gdi/pdfwriter_impl.cxx @@ -6722,12 +6722,48 @@ bool PDFWriterImpl::finalizeSignature() } SAL_INFO("vcl.pdfwriter", "TimeStampResp received and decoded, status=" << PKIStatusInfoToString(response.status)); -#if 0 + +#if 0 // SEC_StringToOID() and NSS_CMSSignerInfo_AddUnauthAttr() are + // not exported from libsmime, need to think of some other + // approach. (As such I don't know if the code below would do + // the right thing even if they were.) + NSSCMSAttribute timestamp; - timestamp.type = ? - if (NSS_CMSSignerInfo_AddUnauthAttr(cms_signer, ) != SECSuccess) + + timestamp.type.type = siBuffer; + timestamp.type.data = NULL; + timestamp.type.len = 0; + + SECItem values[2]; + values[0] = response.timeStampToken; + values[1].type = siBuffer; + values[1].data = NULL; + values[1].len = 0; + + SECItem *valuesp = values; + timestamp.values = &valuesp; + + SECOidData typetag; + typetag.oid.data = NULL; + // id-aa-timeStampToken OBJECT IDENTIFIER ::= { iso(1) + // member-body(2) us(840) rsadsi(113549) pkcs(1) pkcs-9(9) + // smime(16) aa(2) 14 } + if (SEC_StringToOID(NULL, &typetag.oid, "1.2.840.113549.1.9.16.14", 0) != SECSuccess) + { + SAL_WARN("vcl.pdfwriter", "PDF signing: SEC_StringToOID failed"); + return false; + } + typetag.offset = SEC_OID_UNKNOWN; // ??? + typetag.desc = "id-aa-timeStampToken"; + typetag.mechanism = CKM_INVALID_MECHANISM; // ??? + typetag.supportedExtension = UNSUPPORTED_CERT_EXTENSION; // ??? + timestamp.typeTag = &typetag; + + timestamp.encoded = PR_FALSE; + + if (NSS_CMSSignerInfo_AddUnauthAttr(cms_signer, ×tamp) != SECSuccess) { - SAL_WARN("vcl.pdfwriter", "PDF signing: can't include cert chain."); + SAL_WARN("vcl.pdfwriter", "PDF signing: can't add timestamp attribute"); return false; } #endif |