From ea3a5036d23081b6e8eb38a399ff8ef5acd8adc7 Mon Sep 17 00:00:00 2001
From: Miklos Vajna <vmiklos@collabora.co.uk>
Date: Mon, 27 Aug 2018 09:15:16 +0200
Subject: tdf#119309 xmlsecurity xades: missing XML attribute on
 idSignedProperties ref

The AdES validator at
<https://ec.europa.eu/cefdigital/DSS/webapp-demo/validation> recently
learned to deal with ODF files, this improves its output, so that
"Qualification Signature" section is no longer just a red "N/A" but an
orange "Indeterminate QESig".

Change-Id: I5f47b935f1dbfa4e2eee4654db31403479cb571d
Reviewed-on: https://gerrit.libreoffice.org/59633
Tested-by: Jenkins
Reviewed-by: Miklos Vajna <vmiklos@collabora.co.uk>
---
 xmlsecurity/qa/unit/signing/signing.cxx | 4 ++++
 xmlsecurity/source/helper/xsecctl.cxx   | 8 ++++++++
 2 files changed, 12 insertions(+)

diff --git a/xmlsecurity/qa/unit/signing/signing.cxx b/xmlsecurity/qa/unit/signing/signing.cxx
index 54920f5958b1..1e68d08b2d15 100644
--- a/xmlsecurity/qa/unit/signing/signing.cxx
+++ b/xmlsecurity/qa/unit/signing/signing.cxx
@@ -775,6 +775,10 @@ void SigningTest::testXAdES()
 
     // Assert that the digest of the signing certificate is included.
     assertXPath(pXmlDoc, "//xd:CertDigest", 1);
+
+    // Assert that the Type attribute on the idSignedProperties reference is
+    // not missing.
+    assertXPath(pXmlDoc, "/odfds:document-signatures/dsig:Signature/dsig:SignedInfo/dsig:Reference[@URI='#idSignedProperties']", "Type", "http://uri.etsi.org/01903#SignedProperties");
 }
 
 void SigningTest::testXAdESGood()
diff --git a/xmlsecurity/source/helper/xsecctl.cxx b/xmlsecurity/source/helper/xsecctl.cxx
index 7a8422bc39e2..0ab4c39528fb 100644
--- a/xmlsecurity/source/helper/xsecctl.cxx
+++ b/xmlsecurity/source/helper/xsecctl.cxx
@@ -661,6 +661,14 @@ void XSecController::exportSignature(
                     pAttributeList->AddAttribute(
                         "URI",
                         "#" + refInfor.ouURI);
+
+                    if (bXAdESCompliantIfODF && refInfor.ouURI == "idSignedProperties")
+                    {
+                        // The reference which points to the SignedProperties
+                        // shall have this specific type.
+                        pAttributeList->AddAttribute("Type",
+                                                     "http://uri.etsi.org/01903#SignedProperties");
+                    }
                 }
 
                 xDocumentHandler->startElement( "Reference", cssu::Reference< cssxs::XAttributeList > (pAttributeList) );
-- 
cgit v1.2.3