[Libreoffice-commits] core.git: external/libxmlsec
Miklos Vajna
vmiklos at collabora.co.uk
Tue Jan 26 04:39:45 PST 2016
external/libxmlsec/xmlsec1-nss-sha256.patch.1 | 96 +++++++++++++++++++++++---
1 file changed, 88 insertions(+), 8 deletions(-)
New commits:
commit 93fdb8dc67bf04c7a1e22c8dd15152212799c4f2
Author: Miklos Vajna <vmiklos at collabora.co.uk>
Date: Tue Jan 26 13:22:28 2016 +0100
tdf#76142 libxmlsec: extend SHA-256 support in the NSS backend
With this, the xmlSecTransformIdListFindByHref() call in
xmlSecTransformNodeRead() recognizes the
http://www.w3.org/2001/04/xmldsig-more#rsa-sha256 string as a valid
signature method as well. Previously SHA-256 was recognized as a digest
method only.
Change-Id: Ib20ab97dd5bc86dff761f0c58a87afdde112e1e8
diff --git a/external/libxmlsec/xmlsec1-nss-sha256.patch.1 b/external/libxmlsec/xmlsec1-nss-sha256.patch.1
index 4a4fcc0..af5b956 100644
--- a/external/libxmlsec/xmlsec1-nss-sha256.patch.1
+++ b/external/libxmlsec/xmlsec1-nss-sha256.patch.1
@@ -1,19 +1,36 @@
-From 8008aca4daa92316dcd44f2bb8d21b5439d8baf1 Mon Sep 17 00:00:00 2001
+From 0e343965d4c84480207a90d5a83dacfb826be386 Mon Sep 17 00:00:00 2001
From: Miklos Vajna <vmiklos at collabora.co.uk>
Date: Mon, 25 Jan 2016 11:24:01 +0100
Subject: [PATCH] NSS glue layer: add SHA-256 support
---
- include/xmlsec/nss/crypto.h | 16 +++++++++++++
- src/nss/crypto.c | 3 +++
+ include/xmlsec/nss/crypto.h | 25 ++++++++++++++++++++
+ src/nss/crypto.c | 4 ++++
src/nss/digests.c | 57 +++++++++++++++++++++++++++++++++++++++++++++
- 3 files changed, 76 insertions(+)
+ src/nss/signatures.c | 44 ++++++++++++++++++++++++++++++++++
+ 4 files changed, 130 insertions(+)
diff --git a/include/xmlsec/nss/crypto.h b/include/xmlsec/nss/crypto.h
-index 42ba6ca..8164f45 100644
+index 42ba6ca..707f8d9 100644
--- a/include/xmlsec/nss/crypto.h
+++ b/include/xmlsec/nss/crypto.h
-@@ -304,6 +304,22 @@ XMLSEC_CRYPTO_EXPORT xmlSecTransformId xmlSecNssTransformRsaOaepGetKlass(void);
+@@ -263,6 +263,15 @@ XMLSEC_CRYPTO_EXPORT xmlSecKeyDataId xmlSecNssKeyDataRsaGetKlass (void);
+ XMLSEC_CRYPTO_EXPORT xmlSecTransformId xmlSecNssTransformRsaSha1GetKlass(void);
+
+ /**
++ * xmlSecNssTransformRsaSha256Id:
++ *
++ * The RSA-SHA256 signature transform klass.
++ */
++#define xmlSecNssTransformRsaSha256Id \
++ xmlSecNssTransformRsaSha256GetKlass()
++XMLSEC_CRYPTO_EXPORT xmlSecTransformId xmlSecNssTransformRsaSha256GetKlass(void);
++
++/**
+ * xmlSecNssTransformRsaPkcs1Id:
+ *
+ * The RSA PKCS1 key transport transform klass.
+@@ -304,6 +313,22 @@ XMLSEC_CRYPTO_EXPORT xmlSecTransformId xmlSecNssTransformRsaOaepGetKlass(void);
XMLSEC_CRYPTO_EXPORT xmlSecTransformId xmlSecNssTransformSha1GetKlass (void);
#endif /* XMLSEC_NO_SHA1 */
@@ -37,10 +54,18 @@ index 42ba6ca..8164f45 100644
}
#endif /* __cplusplus */
diff --git a/src/nss/crypto.c b/src/nss/crypto.c
-index 0495165..80adc50 100644
+index 0495165..33f17cc 100644
--- a/src/nss/crypto.c
+++ b/src/nss/crypto.c
-@@ -132,6 +132,9 @@ xmlSecCryptoGetFunctions_nss(void) {
+@@ -120,6 +120,7 @@ xmlSecCryptoGetFunctions_nss(void) {
+
+ #ifndef XMLSEC_NO_RSA
+ gXmlSecNssFunctions->transformRsaSha1GetKlass = xmlSecNssTransformRsaSha1GetKlass;
++ gXmlSecNssFunctions->transformRsaSha256GetKlass = xmlSecNssTransformRsaSha256GetKlass;
+ gXmlSecNssFunctions->transformRsaPkcs1GetKlass = xmlSecNssTransformRsaPkcs1GetKlass;
+
+ /* RSA OAEP is not supported by NSS yet */
+@@ -132,6 +133,9 @@ xmlSecCryptoGetFunctions_nss(void) {
#ifndef XMLSEC_NO_SHA1
gXmlSecNssFunctions->transformSha1GetKlass = xmlSecNssTransformSha1GetKlass;
#endif /* XMLSEC_NO_SHA1 */
@@ -131,6 +156,61 @@ index 5a1db91..0c4657c 100644
+#endif /* XMLSEC_NO_SHA256 */
+diff --git a/src/nss/signatures.c b/src/nss/signatures.c
+index 3c9639c..c9afa4e 100644
+--- a/src/nss/signatures.c
++++ b/src/nss/signatures.c
+@@ -545,6 +545,50 @@ xmlSecNssTransformRsaSha1GetKlass(void) {
+ return(&xmlSecNssRsaSha1Klass);
+ }
+
++/****************************************************************************
++ *
++ * RSA-SHA256 signature transform
++ *
++ ***************************************************************************/
++static xmlSecTransformKlass xmlSecNssRsaSha256Klass = {
++ /* klass/object sizes */
++ sizeof(xmlSecTransformKlass), /* xmlSecSize klassSize */
++ xmlSecNssSignatureSize, /* xmlSecSize objSize */
++
++ xmlSecNameRsaSha256, /* const xmlChar* name; */
++ xmlSecHrefRsaSha256, /* const xmlChar* href; */
++ xmlSecTransformUsageSignatureMethod, /* xmlSecTransformUsage usage; */
++
++ xmlSecNssSignatureInitialize, /* xmlSecTransformInitializeMethod initialize; */
++ xmlSecNssSignatureFinalize, /* xmlSecTransformFinalizeMethod finalize; */
++ NULL, /* xmlSecTransformNodeReadMethod readNode; */
++ NULL, /* xmlSecTransformNodeWriteMethod writeNode; */
++ xmlSecNssSignatureSetKeyReq, /* xmlSecTransformSetKeyReqMethod setKeyReq; */
++ xmlSecNssSignatureSetKey, /* xmlSecTransformSetKeyMethod setKey; */
++ xmlSecNssSignatureVerify, /* xmlSecTransformVerifyMethod verify; */
++ xmlSecTransformDefaultGetDataType, /* xmlSecTransformGetDataTypeMethod getDataType; */
++ xmlSecTransformDefaultPushBin, /* xmlSecTransformPushBinMethod pushBin; */
++ xmlSecTransformDefaultPopBin, /* xmlSecTransformPopBinMethod popBin; */
++ NULL, /* xmlSecTransformPushXmlMethod pushXml; */
++ NULL, /* xmlSecTransformPopXmlMethod popXml; */
++ xmlSecNssSignatureExecute, /* xmlSecTransformExecuteMethod execute; */
++
++ NULL, /* void* reserved0; */
++ NULL, /* void* reserved1; */
++};
++
++/**
++ * xmlSecNssTransformRsaSha256GetKlass:
++ *
++ * The RSA-SHA256 signature transform klass.
++ *
++ * Returns: RSA-SHA256 signature transform klass.
++ */
++xmlSecTransformId
++xmlSecNssTransformRsaSha256GetKlass(void) {
++ return(&xmlSecNssRsaSha256Klass);
++}
++
+ #endif /* XMLSEC_NO_DSA */
+
+
--
2.6.2
More information about the Libreoffice-commits
mailing list