[Libreoffice-commits] core.git: xmlsecurity/source

Thorsten Behrens Thorsten.Behrens at CIB.de
Sat Jun 24 23:31:15 UTC 2017 

 xmlsecurity/source/gpg/xmlsignature_gpgimpl.cxx |   21 +++++++++++++++++----
 1 file changed, 17 insertions(+), 4 deletions(-)

New commits:
commit 52b3ae1c08803fe370960f80668e3fb715617358
Author: Thorsten Behrens <Thorsten.Behrens at CIB.de>
Date:   Sat Jun 24 00:40:05 2017 +0200

    gpg4libre: base64-encode and decode SignatureValue
    
    which xmldsig-core actually requires
    
    Change-Id: I92a6e192865919d844009be042dad36106a19fc8
    Reviewed-on: https://gerrit.libreoffice.org/39192
    Tested-by: Jenkins <ci at libreoffice.org>
    Reviewed-by: Thorsten Behrens <Thorsten.Behrens at CIB.de>

diff --git a/xmlsecurity/source/gpg/xmlsignature_gpgimpl.cxx b/xmlsecurity/source/gpg/xmlsignature_gpgimpl.cxx
index 63e26a76f8ea..6d3aece7dc32 100644
--- a/xmlsecurity/source/gpg/xmlsignature_gpgimpl.cxx
+++ b/xmlsecurity/source/gpg/xmlsignature_gpgimpl.cxx
@@ -211,10 +211,18 @@ SAL_CALL XMLSignature_GpgImpl::generate(
         throw RuntimeException("The GpgME library failed to initialize for the OpenPGP protocol.");
 
     // write signed data to xml
-    std::vector<unsigned char> buf2(len);
+    xmlChar* signature = static_cast<xmlChar*>(xmlMalloc(len + 1));
+    if(signature == nullptr)
+        throw RuntimeException("The GpgME library failed to initialize for the OpenPGP protocol.");
     assert(data_out.seek(0,SEEK_SET) == 0);
-    if( data_out.read(&buf2[0], len) != len )
+    if( data_out.read(signature, len) != len )
+        throw RuntimeException("The GpgME library failed to initialize for the OpenPGP protocol.");
+
+    // conversion to base64
+    xmlChar* signatureEncoded=nullptr;
+    if( !(signatureEncoded=xmlSecBase64Encode(reinterpret_cast<xmlSecByte*>(signature), len, 79)) )
         throw RuntimeException("The GpgME library failed to initialize for the OpenPGP protocol.");
+    xmlFree(signature);
 
     // walk xml tree to sign value node - go to children, first is
     // SignedInfo, 2nd is signaturevalue
@@ -222,7 +230,8 @@ SAL_CALL XMLSignature_GpgImpl::generate(
     cur = xmlSecGetNextElementNode(cur->next);
 
     // TODO some assert would be good...
-    xmlNodeSetContentLen(cur, &buf2[0], len);
+    xmlNodeSetContentLen(cur, signatureEncoded, xmlStrlen(signatureEncoded));
+    xmlFree(signatureEncoded);
 
     aTemplate->setStatus(SecurityOperationStatus_OPERATION_SUCCEEDED);
 
@@ -334,8 +343,12 @@ SAL_CALL XMLSignature_GpgImpl::validate(
         cur = xmlSecGetNextElementNode(pNode->children);
         cur = xmlSecGetNextElementNode(cur->next);
 
-        // TODO some assert would be good that cur is actually SignatureValue
+        if(!xmlSecCheckNodeName(cur, xmlSecNodeSignatureValue, xmlSecDSigNs))
+            throw RuntimeException("The GpgME library failed to initialize for the OpenPGP protocol.");
         xmlChar* pSignatureValue=xmlNodeGetContent(cur);
+        if(xmlSecBase64Decode(pSignatureValue, reinterpret_cast<xmlSecByte*>(pSignatureValue), xmlStrlen(pSignatureValue)) < 0)
+            throw RuntimeException("The GpgME library failed to initialize for the OpenPGP protocol.");
+
         GpgME::Data data_signature(
             reinterpret_cast<char*>(pSignatureValue),
             xmlStrlen(pSignatureValue), false);

More information about the Libreoffice-commits mailing list