[Libreoffice-commits] core.git: vcl/source xmlsecurity/source
Miklos Vajna
vmiklos at collabora.co.uk
Wed Nov 23 13:19:24 UTC 2016
vcl/source/gdi/pdfwriter_impl.cxx | 22 ++++++++++++++++++++++
xmlsecurity/source/pdfio/pdfdocument.cxx | 2 +-
2 files changed, 23 insertions(+), 1 deletion(-)
New commits:
commit cb851cbb09adc637bb6e8095050292f7a8c6a7b1
Author: Miklos Vajna <vmiklos at collabora.co.uk>
Date: Wed Nov 23 11:27:32 2016 +0100
vcl mscrypto PDF sign: add initial 'signing-certificate' signed attribute
Equivalent of the earlier NSS commit, payload is just an empty sequence
at the moment.
Change-Id: I4639e2514ef01d23da04aedc30f63f9e8878223b
Reviewed-on: https://gerrit.libreoffice.org/31108
Reviewed-by: Miklos Vajna <vmiklos at collabora.co.uk>
Tested-by: Jenkins <ci at libreoffice.org>
diff --git a/vcl/source/gdi/pdfwriter_impl.cxx b/vcl/source/gdi/pdfwriter_impl.cxx
index e5af4d4..d1df5d5 100644
--- a/vcl/source/gdi/pdfwriter_impl.cxx
+++ b/vcl/source/gdi/pdfwriter_impl.cxx
@@ -7338,6 +7338,28 @@ bool PDFWriter::Sign(PDFSignContext& rContext)
aSignerInfo.HashAlgorithm.pszObjId = const_cast<LPSTR>(szOID_NIST_sha256);
aSignerInfo.HashAlgorithm.Parameters.cbData = 0;
+ // Add the signing certificate as a signed attribute.
+ CRYPT_INTEGER_BLOB aCertificateBlob;
+ // Just en empty SEQUENCE stub for now.
+ std::vector<unsigned char> aEncodedCertificate{0x30, 0x00};
+ aCertificateBlob.pbData = aEncodedCertificate.data();
+ aCertificateBlob.cbData = aEncodedCertificate.size();
+ CRYPT_ATTRIBUTE aCertificateAttribute;
+ /*
+ * id-aa-signingCertificateV2 OBJECT IDENTIFIER ::=
+ * { iso(1) member-body(2) us(840) rsadsi(113549) pkcs(1) pkcs9(9)
+ * smime(16) id-aa(2) 47 }
+ */
+ aCertificateAttribute.pszObjId = const_cast<LPSTR>("1.2.840.113549.1.9.16.2.47");
+ aCertificateAttribute.cValue = 1;
+ aCertificateAttribute.rgValue = &aCertificateBlob;
+ // Don't write the signed attribute by default till the value is ready.
+ if (g_bDebugDisableCompression)
+ {
+ aSignerInfo.cAuthAttr = 1;
+ aSignerInfo.rgAuthAttr = &aCertificateAttribute;
+ }
+
CMSG_SIGNED_ENCODE_INFO aSignedInfo;
memset(&aSignedInfo, 0, sizeof(aSignedInfo));
aSignedInfo.cbSize = sizeof(aSignedInfo);
diff --git a/xmlsecurity/source/pdfio/pdfdocument.cxx b/xmlsecurity/source/pdfio/pdfdocument.cxx
index ef9900c..648cc4b 100644
--- a/xmlsecurity/source/pdfio/pdfdocument.cxx
+++ b/xmlsecurity/source/pdfio/pdfdocument.cxx
@@ -380,7 +380,7 @@ sal_Int32 PDFDocument::WriteSignatureObject(const OUString& rDescription, bool b
aSigBuffer.append("/ETSI.CAdES.detached");
else
#else
- (void)bAdES;
+ (void)bAdES;
#endif
aSigBuffer.append("/adbe.pkcs7.detached");
More information about the Libreoffice-commits
mailing list