[Libreoffice-commits] core.git: xmlsecurity/inc xmlsecurity/source

Tor Lillqvist tml at collabora.com
Sat Nov 12 09:35:23 UTC 2016 

 xmlsecurity/inc/xmlsignaturehelper.hxx                 |    2 ++
 xmlsecurity/source/helper/documentsignaturemanager.cxx |   10 ++++++++++
 xmlsecurity/source/helper/xmlsignaturehelper.cxx       |    5 +++++
 xmlsecurity/source/helper/xsecctl.cxx                  |    9 ++++++---
 xmlsecurity/source/helper/xsecctl.hxx                  |    3 ++-
 xmlsecurity/source/helper/xsecparser.cxx               |    2 +-
 xmlsecurity/source/helper/xsecverify.cxx               |    3 +++
 7 files changed, 29 insertions(+), 5 deletions(-)

New commits:
commit abe9f41277febb1cc9c75d2ccce6e7bf75846924
Author: Tor Lillqvist <tml at collabora.com>
Date:   Fri Nov 11 17:07:31 2016 +0200

    More EncapsulatedX509Certificate work
    
    Change-Id: I64239dfcfbc2383c2bf53c0cb86196d3f2c79330

diff --git a/xmlsecurity/inc/xmlsignaturehelper.hxx b/xmlsecurity/inc/xmlsignaturehelper.hxx
index 89eeb55..d8f97e5 100644
--- a/xmlsecurity/inc/xmlsignaturehelper.hxx
+++ b/xmlsecurity/inc/xmlsignaturehelper.hxx
@@ -159,6 +159,8 @@ public:
     void SetX509Certificate(sal_Int32 nSecurityId, const OUString& ouX509IssuerName,
         const OUString& ouX509SerialNumber, const OUString& ouX509Cert, const OUString& ouX509CertDigest);
 
+    void AddEncapsulatedX509Certificate(const OUString& ouEncapsulatedX509Certificate);
+
     void        SetDateTime( sal_Int32 nSecurityId, const Date& rDate, const tools::Time& rTime );
     void SetDescription(sal_Int32 nSecurityId, const OUString& rDescription);
 
diff --git a/xmlsecurity/source/helper/documentsignaturemanager.cxx b/xmlsecurity/source/helper/documentsignaturemanager.cxx
index 2e055dd..8d6bb46 100644
--- a/xmlsecurity/source/helper/documentsignaturemanager.cxx
+++ b/xmlsecurity/source/helper/documentsignaturemanager.cxx
@@ -279,6 +279,16 @@ bool DocumentSignatureManager::add(const uno::Reference<security::XCertificate>&
 
     maSignatureHelper.SetX509Certificate(nSecurityId, xCert->getIssuerName(), aCertSerial, aStrBuffer.makeStringAndClear(), aCertDigest);
 
+    uno::Sequence< uno::Reference< security::XCertificate > > aCertPath = getSecurityEnvironment()->buildCertificatePath( xCert );
+    const uno::Reference< security::XCertificate >* pCertPath = aCertPath.getConstArray();
+    sal_Int32 nCnt = aCertPath.getLength();
+
+    for (int i = 0; i < nCnt; i++)
+    {
+        sax::Converter::encodeBase64(aStrBuffer, pCertPath[i]->getEncoded());
+        maSignatureHelper.AddEncapsulatedX509Certificate(aStrBuffer.makeStringAndClear());
+    }
+
     std::vector< OUString > aElements = DocumentSignatureHelper::CreateElementList(mxStore, meSignatureMode, DocumentSignatureAlgorithm::OOo3_2);
     DocumentSignatureHelper::AppendContentTypes(mxStore, aElements);
 
diff --git a/xmlsecurity/source/helper/xmlsignaturehelper.cxx b/xmlsecurity/source/helper/xmlsignaturehelper.cxx
index 82101fa..2159019 100644
--- a/xmlsecurity/source/helper/xmlsignaturehelper.cxx
+++ b/xmlsecurity/source/helper/xmlsignaturehelper.cxx
@@ -120,6 +120,11 @@ void XMLSignatureHelper::SetX509Certificate(
         ouX509CertDigest);
 }
 
+void XMLSignatureHelper::AddEncapsulatedX509Certificate(const OUString& ouEncapsulatedX509Certificate)
+{
+    mpXSecController->addEncapsulatedX509Certificate(ouEncapsulatedX509Certificate);
+}
+
 void XMLSignatureHelper::SetDateTime( sal_Int32 nSecurityId, const ::Date& rDate, const tools::Time& rTime )
 {
     css::util::DateTime stDateTime = ::DateTime(rDate, rTime).GetUNODateTime();
diff --git a/xmlsecurity/source/helper/xsecctl.cxx b/xmlsecurity/source/helper/xsecctl.cxx
index 81ea2ec..b4241e4 100644
--- a/xmlsecurity/source/helper/xsecctl.cxx
+++ b/xmlsecurity/source/helper/xsecctl.cxx
@@ -584,9 +584,12 @@ void writeUnsignedProperties(
             xDocumentHandler->startElement("xd:CertificateValues", uno::Reference<xml::sax::XAttributeList>(new SvXMLAttributeList()));
 
             {
-                xDocumentHandler->startElement("xd:EncapsulatedX509Certificate", uno::Reference<xml::sax::XAttributeList>(new SvXMLAttributeList()));
-                xDocumentHandler->characters(signatureInfo.ouX509Certificate);
-                xDocumentHandler->endElement("xd:EncapsulatedX509Certificate");
+                for (const auto& i: signatureInfo.maEncapsulatedX509Certificates)
+                {
+                    xDocumentHandler->startElement("xd:EncapsulatedX509Certificate", uno::Reference<xml::sax::XAttributeList>(new SvXMLAttributeList()));
+                    xDocumentHandler->characters(i);
+                    xDocumentHandler->endElement("xd:EncapsulatedX509Certificate");
+                }
             }
 
             xDocumentHandler->endElement("xd:CertificateValues");
diff --git a/xmlsecurity/source/helper/xsecctl.hxx b/xmlsecurity/source/helper/xsecctl.hxx
index 18f335d..9cbb9e0 100644
--- a/xmlsecurity/source/helper/xsecctl.hxx
+++ b/xmlsecurity/source/helper/xsecctl.hxx
@@ -314,7 +314,6 @@ private:
     void setDate( OUString& ouDate );
     void setDescription(const OUString& rDescription);
     void setCertDigest(const OUString& rCertDigest);
-    void addEncapsulatedX509Certificate(const OUString& rEncapsulatedX509Certificate);
 
 public:
     void setSignatureBytes(const css::uno::Sequence<sal_Int8>& rBytes);
@@ -385,6 +384,8 @@ public:
         const OUString& ouX509Cert,
         const OUString& ouX509CertDigest);
 
+    void addEncapsulatedX509Certificate(const OUString& rEncapsulatedX509Certificate);
+
     void setDate(
         sal_Int32 nSecurityId,
         const css::util::DateTime& rDateTime );
diff --git a/xmlsecurity/source/helper/xsecparser.cxx b/xmlsecurity/source/helper/xsecparser.cxx
index 5e8210c..cd4fe82 100644
--- a/xmlsecurity/source/helper/xsecparser.cxx
+++ b/xmlsecurity/source/helper/xsecparser.cxx
@@ -286,7 +286,7 @@ void SAL_CALL XSecParser::endElement( const OUString& aName )
         else if (aName == "xd:CertDigest")
         {
             m_pXSecController->setCertDigest( m_ouCertDigest );
-            m_bInX509Certificate = false;
+            m_bInCertDigest = false;
         }
         else if (aName == "xd:EncapsulatedX509Certificate" || aName == "xades:EncapsulatedX509Certificate")
         {
diff --git a/xmlsecurity/source/helper/xsecverify.cxx b/xmlsecurity/source/helper/xsecverify.cxx
index 7d5a2d8..05cdeaf 100644
--- a/xmlsecurity/source/helper/xsecverify.cxx
+++ b/xmlsecurity/source/helper/xsecverify.cxx
@@ -299,6 +299,9 @@ void XSecController::addEncapsulatedX509Certificate(const OUString& rEncapsulate
     if (m_vInternalSignatureInformations.empty())
         return;
 
+    if (rEncapsulatedX509Certificate.isEmpty())
+        return;
+
     InternalSignatureInformation& rInformation = m_vInternalSignatureInformations.back();
     rInformation.signatureInfor.maEncapsulatedX509Certificates.insert(rEncapsulatedX509Certificate);
 }

More information about the Libreoffice-commits mailing list