[Libreoffice-commits] core.git: 3 commits - vcl/source

Tor Lillqvist tml at collabora.com
Tue Feb 24 08:03:13 PST 2015 

 vcl/source/gdi/pdfwriter_impl.cxx |   28 +++++++++++++++++++---------
 1 file changed, 19 insertions(+), 9 deletions(-)

New commits:
commit ca2d878659400b783ae72267f47d0c719b50a1ad
Author: Tor Lillqvist <tml at collabora.com>
Date:   Tue Feb 24 17:39:29 2015 +0200

    tdf#84881: Bump MAX_SIGNATURE_CONTENT_LENGTH to 50000 for now
    
    Note that checks in the code against exceeding that limit apparently are
    broken, though. After the previous change I ended up with an invalid PDF where
    the signature hex string in the output PDF had brutally overrun its
    allocation.
    
    Now Adobe Reader says "The signature includes an embedded timestamp but it
    could not be verified". This is progress. Perhaps I just need to tell Adobe
    Reader to trust the certificate from the TSA I used.
    
    Change-Id: I1e8644ee641592a985e0190b52bf76839f99b3e7

diff --git a/vcl/source/gdi/pdfwriter_impl.cxx b/vcl/source/gdi/pdfwriter_impl.cxx
index 94183bd..e1b6e7a 100644
--- a/vcl/source/gdi/pdfwriter_impl.cxx
+++ b/vcl/source/gdi/pdfwriter_impl.cxx
@@ -108,7 +108,17 @@ using namespace vcl;
 // Is this length truly the maximum possible, or just a number that
 // seemed large enough when the author tested this (with some type of
 // certificates)? I suspect the latter.
-#define MAX_SIGNATURE_CONTENT_LENGTH 0x4000
+
+// Used to be 0x4000 = 16384, but a sample signed PDF (produced by
+// some other software) provided by the customer has a signature
+// content that is 30000 bytes. The SampleSignedPDFDocument.pdf from
+// Adobe has one that is 21942 bytes. So let's be careful. Pity this
+// can't be dynamic, at least not without restructuring the code. Also
+// note that the checks in the code for this being too small
+// apparently are broken, if this overflows you end up with an invalid
+// PDF. Need to fix that.
+
+#define MAX_SIGNATURE_CONTENT_LENGTH 50000
 #endif
 
 #ifdef DO_TEST_PDF
commit 4702f6ae2f671ac48e4cae3cd46d5941d021e533
Author: Tor Lillqvist <tml at collabora.com>
Date:   Tue Feb 24 17:45:51 2015 +0200

    tdf#84881: Set TimeStampReq::certReq to true
    
    I think Adobe Reader expects the timestamp info to include the TSA's
    certificate.
    
    Change-Id: Iedf1c4a9952b12ac61b4ba7f73bee339480e821d

diff --git a/vcl/source/gdi/pdfwriter_impl.cxx b/vcl/source/gdi/pdfwriter_impl.cxx
index bb67eb7..94183bd 100644
--- a/vcl/source/gdi/pdfwriter_impl.cxx
+++ b/vcl/source/gdi/pdfwriter_impl.cxx
@@ -6796,9 +6796,9 @@ bool PDFWriterImpl::finalizeSignature()
         src.nonce.data = reinterpret_cast<unsigned char*>(&nNonce);
         src.nonce.len = sizeof(nNonce);
 
-        src.certReq.type = siBuffer;
-        src.certReq.data = NULL;
-        src.certReq.len = 0;
+        src.certReq.type = siUnsignedInteger;
+        src.certReq.data = &cOne;
+        src.certReq.len = sizeof(cOne);
 
         src.extensions = NULL;
 
commit 5ffeec96228e0adb829612ecb855cd28e2063f1d
Author: Tor Lillqvist <tml at collabora.com>
Date:   Tue Feb 24 17:34:58 2015 +0200

    tdf#84881: Move some variables one block level out
    
    It it scary to keep pointers to stack variables that have gone out of scope in
    a data structure that is in an outer block and used there later.
    
    Change-Id: Iced8b809d50089a4e6f9867be9b8501cce59d16f

diff --git a/vcl/source/gdi/pdfwriter_impl.cxx b/vcl/source/gdi/pdfwriter_impl.cxx
index d782bc1..bb67eb7 100644
--- a/vcl/source/gdi/pdfwriter_impl.cxx
+++ b/vcl/source/gdi/pdfwriter_impl.cxx
@@ -6769,6 +6769,11 @@ bool PDFWriterImpl::finalizeSignature()
         return false;
     }
 
+    NSSCMSAttribute timestamp;
+    SECItem values[2];
+    SECItem *valuesp = values;
+    SECOidData typetag;
+
     // Now we have the hash algorithm as a SECItem available in cms_siger->digestAlg
     if( !m_aContext.SignTSA.isEmpty() )
     {
@@ -6948,20 +6953,15 @@ bool PDFWriterImpl::finalizeSignature()
             return false;
         }
 
-        NSSCMSAttribute timestamp;
-
         // timestamp.type filled in below
 
-        SECItem values[2];
         values[0] = response.timeStampToken;
         values[1].type = siBuffer;
         values[1].data = NULL;
         values[1].len = 0;
 
-        SECItem *valuesp = values;
         timestamp.values = &valuesp;
 
-        SECOidData typetag;
         typetag.oid.data = NULL;
         // id-aa-timeStampToken OBJECT IDENTIFIER ::= { iso(1)
         // member-body(2) us(840) rsadsi(113549) pkcs(1) pkcs-9(9)

More information about the Libreoffice-commits mailing list