xmlsecurity/inc/sigstruct.hxx | 4 ++++ xmlsecurity/source/helper/xsecctl.hxx | 2 ++ xmlsecurity/source/helper/xsecparser.cxx | 22 +++++++++++++++++++++- xmlsecurity/source/helper/xsecparser.hxx | 2 ++ xmlsecurity/source/helper/xsecverify.cxx | 9 +++++++++ 5 files changed, 38 insertions(+), 1 deletion(-)
New commits: commit 93187848937377993bdc093ddc05fdae63286040 Author: Tor Lillqvist <t...@collabora.com> Date: Fri Nov 11 00:21:50 2016 +0200 More XAdES work Accept and store a set of EncapsulatedX509Certificate data for a signature. Change-Id: Iae69502bc8caa0287c8f6d6c352256bdda22406b diff --git a/xmlsecurity/inc/sigstruct.hxx b/xmlsecurity/inc/sigstruct.hxx index 85cf085..eb6180a 100644 --- a/xmlsecurity/inc/sigstruct.hxx +++ b/xmlsecurity/inc/sigstruct.hxx @@ -26,6 +26,7 @@ #include <com/sun/star/xml/crypto/DigestID.hpp> #include <com/sun/star/uno/Sequence.hxx> +#include <set> #include <vector> /* @@ -78,6 +79,9 @@ struct SignatureInformation OUString ouSignatureValue; css::util::DateTime stDateTime; + // XAdES EncapsulatedX509Certificate values + std::set<OUString> maEncapsulatedX509Certificates; + //We also keep the date and time as string. This is done when this //structure is created as a result of a XML signature being read. //When then a signature is added or another removed, then the original diff --git a/xmlsecurity/source/helper/xsecctl.hxx b/xmlsecurity/source/helper/xsecctl.hxx index 3271f45..18f335d 100644 --- a/xmlsecurity/source/helper/xsecctl.hxx +++ b/xmlsecurity/source/helper/xsecctl.hxx @@ -314,6 +314,8 @@ private: void setDate( OUString& ouDate ); void setDescription(const OUString& rDescription); void setCertDigest(const OUString& rCertDigest); + void addEncapsulatedX509Certificate(const OUString& rEncapsulatedX509Certificate); + public: void setSignatureBytes(const css::uno::Sequence<sal_Int8>& rBytes); diff --git a/xmlsecurity/source/helper/xsecparser.cxx b/xmlsecurity/source/helper/xsecparser.cxx index bb2c097..5e8210c 100644 --- a/xmlsecurity/source/helper/xsecparser.cxx +++ b/xmlsecurity/source/helper/xsecparser.cxx @@ -1,4 +1,4 @@ -/* -*- Mode: C++; tab-width: 4; indent-tabs-mode: nil; c-basic-offset: 4 -*- */ +/* -*- Mode: C++; tab-width: 4; indent-tabs-mode: nil; c-basic-offset: 4; fill-column: 100 -*- */ /* * This file is part of the LibreOffice project. * @@ -34,6 +34,7 @@ XSecParser::XSecParser(XSecController* pXSecController, , m_bInX509SerialNumber(false) , m_bInX509Certificate(false) , m_bInCertDigest(false) + , m_bInEncapsulatedX509Certificate(false) , m_bInDigestValue(false) , m_bInSignatureValue(false) , m_bInDate(false) @@ -188,6 +189,16 @@ void SAL_CALL XSecParser::startElement( m_ouCertDigest.clear(); m_bInCertDigest = true; } + // FIXME: Existing code here in xmlsecurity uses "xd" as the namespace prefix for XAdES, + // while the sample document attached to tdf#76142 uses "xades". So accept either here. Of + // course this is idiotic and wrong, the right thing would be to use a proper way to parse + // XML that would handle namespaces correctly. I have no idea how substantial re-plumbing of + // this code that would require. + else if (aName == "xd:EncapsulatedX509Certificate" || aName == "xades:EncapsulatedX509Certificate") + { + m_ouEncapsulatedX509Certificate.clear(); + m_bInEncapsulatedX509Certificate = true; + } else if ( aName == "SignatureProperty" ) { if (!ouIdAttr.isEmpty()) @@ -277,6 +288,11 @@ void SAL_CALL XSecParser::endElement( const OUString& aName ) m_pXSecController->setCertDigest( m_ouCertDigest ); m_bInX509Certificate = false; } + else if (aName == "xd:EncapsulatedX509Certificate" || aName == "xades:EncapsulatedX509Certificate") + { + m_pXSecController->addEncapsulatedX509Certificate( m_ouEncapsulatedX509Certificate ); + m_bInEncapsulatedX509Certificate = false; + } else if (aName == "dc:date") { m_pXSecController->setDate( m_ouDate ); @@ -343,6 +359,10 @@ void SAL_CALL XSecParser::characters( const OUString& aChars ) { m_ouCertDigest += aChars; } + else if (m_bInEncapsulatedX509Certificate) + { + m_ouEncapsulatedX509Certificate += aChars; + } if (m_xNextHandler.is()) { diff --git a/xmlsecurity/source/helper/xsecparser.hxx b/xmlsecurity/source/helper/xsecparser.hxx index 37d8789..c7a326b 100644 --- a/xmlsecurity/source/helper/xsecparser.hxx +++ b/xmlsecurity/source/helper/xsecparser.hxx @@ -58,6 +58,7 @@ private: OUString m_ouX509SerialNumber; OUString m_ouX509Certificate; OUString m_ouCertDigest; + OUString m_ouEncapsulatedX509Certificate; OUString m_ouDigestValue; OUString m_ouSignatureValue; OUString m_ouDate; @@ -71,6 +72,7 @@ private: bool m_bInX509SerialNumber; bool m_bInX509Certificate; bool m_bInCertDigest; + bool m_bInEncapsulatedX509Certificate; bool m_bInDigestValue; bool m_bInSignatureValue; bool m_bInDate; diff --git a/xmlsecurity/source/helper/xsecverify.cxx b/xmlsecurity/source/helper/xsecverify.cxx index 2fcead5..7d5a2d8 100644 --- a/xmlsecurity/source/helper/xsecverify.cxx +++ b/xmlsecurity/source/helper/xsecverify.cxx @@ -294,6 +294,15 @@ void XSecController::setCertDigest(const OUString& rCertDigest) rInformation.signatureInfor.ouCertDigest = rCertDigest; } +void XSecController::addEncapsulatedX509Certificate(const OUString& rEncapsulatedX509Certificate) +{ + if (m_vInternalSignatureInformations.empty()) + return; + + InternalSignatureInformation& rInformation = m_vInternalSignatureInformations.back(); + rInformation.signatureInfor.maEncapsulatedX509Certificates.insert(rEncapsulatedX509Certificate); +} + void XSecController::setId( OUString& ouId ) { if (m_vInternalSignatureInformations.empty()) _______________________________________________ Libreoffice-commits mailing list libreoffice-comm...@lists.freedesktop.org https://lists.freedesktop.org/mailman/listinfo/libreoffice-commits