diff options
| author | Miklos Vajna <vmiklos@collabora.co.uk> | 2017-05-18 15:27:05 +0200 |
|---|---|---|
| committer | Miklos Vajna <vmiklos@collabora.co.uk> | 2017-05-18 20:31:09 +0200 |
| commit | 18aa83acfa243741eb4c79a2e11aec6eaf1a9f02 (patch) | |
| tree | 7be9c71558f8c9b210c50f9a94fa82703cc8fe4c /xmlsecurity/qa | |
| parent | 419a90a0d3f25087624ef741fb8ebac92caa1a2f (diff) | |
tdf#107782 xmlsecurity PDF verify: handle empty X509 certificate
Leaving Signer as an empty reference will do exactly what we want: the
signature will be considered invalid.
Change-Id: I25d7cbd260384110173fe953fc24f3dcf6b9acd5
Reviewed-on: https://gerrit.libreoffice.org/37770
Reviewed-by: Miklos Vajna <vmiklos@collabora.co.uk>
Tested-by: Jenkins <ci@libreoffice.org>
Diffstat (limited to 'xmlsecurity/qa')
| -rw-r--r-- | xmlsecurity/qa/unit/pdfsigning/data/tdf107782.pdf | bin | 0 -> 157668 bytes | |||
| -rw-r--r-- | xmlsecurity/qa/unit/pdfsigning/pdfsigning.cxx | 20 |
2 files changed, 20 insertions, 0 deletions
diff --git a/xmlsecurity/qa/unit/pdfsigning/data/tdf107782.pdf b/xmlsecurity/qa/unit/pdfsigning/data/tdf107782.pdf Binary files differnew file mode 100644 index 000000000000..086e18eedc03 --- /dev/null +++ b/xmlsecurity/qa/unit/pdfsigning/data/tdf107782.pdf diff --git a/xmlsecurity/qa/unit/pdfsigning/pdfsigning.cxx b/xmlsecurity/qa/unit/pdfsigning/pdfsigning.cxx index 7462be32882a..59ff206e2c28 100644 --- a/xmlsecurity/qa/unit/pdfsigning/pdfsigning.cxx +++ b/xmlsecurity/qa/unit/pdfsigning/pdfsigning.cxx @@ -74,6 +74,7 @@ public: void testTokenize(); /// Test handling of unknown SubFilter values. void testUnknownSubFilter(); + void testTdf107782(); CPPUNIT_TEST_SUITE(PDFSigningTest); CPPUNIT_TEST(testPDFAdd); @@ -90,6 +91,7 @@ public: CPPUNIT_TEST(testGood); CPPUNIT_TEST(testTokenize); CPPUNIT_TEST(testUnknownSubFilter); + CPPUNIT_TEST(testTdf107782); CPPUNIT_TEST_SUITE_END(); }; @@ -284,6 +286,24 @@ void PDFSigningTest::testPDFRemoveAll() CPPUNIT_ASSERT_EQUAL(static_cast<std::size_t>(0), rInformations.size()); } +void PDFSigningTest::testTdf107782() +{ + uno::Reference<xml::crypto::XSEInitializer> xSEInitializer = xml::crypto::SEInitializer::create(mxComponentContext); + uno::Reference<xml::crypto::XXMLSecurityContext> xSecurityContext = xSEInitializer->createSecurityContext(OUString()); + + // Load the test document as a storage and read its signatures. + DocumentSignatureManager aManager(mxComponentContext, DocumentSignatureMode::Content); + OUString aURL = m_directories.getURLFromSrc(DATA_DIRECTORY) + "tdf107782.pdf"; + SvStream* pStream = utl::UcbStreamHelper::CreateStream(aURL, StreamMode::READ | StreamMode::WRITE); + uno::Reference<io::XStream> xStream(new utl::OStreamWrapper(*pStream)); + aManager.mxSignatureStream = xStream; + aManager.read(/*bUseTempStream=*/false); + CPPUNIT_ASSERT(aManager.mpPDFSignatureHelper); + + // This failed with an std::bad_alloc exception on Windows. + aManager.mpPDFSignatureHelper->GetDocumentSignatureInformations(aManager.getSecurityEnvironment()); +} + void PDFSigningTest::testPDF14Adobe() { // Two signatures, first is SHA1, the second is SHA256. |