[Libreoffice-commits] core.git: svl/source
Ashod Nakashian
ashodnakashian at yahoo.com
Sat Oct 28 13:53:43 UTC 2017
svl/source/crypto/cryptosign.cxx | 50 ++++++++++++++++++++++++++++++++++++++-
1 file changed, 49 insertions(+), 1 deletion(-)
New commits:
commit 0be2da09147e64eea26c06fa90d53e8d324ee429
Author: Ashod Nakashian <ashodnakashian at yahoo.com>
Date: Sat Oct 28 08:03:34 2017 -0400
TSCP: store and retrieve signature timestamp
When TSA is provided, we can now store and retrieve
the signing timestamp. Currently this is only implemented
on Windows, thought.
Change-Id: I657fa7a88623713483d0d6d88e4bc201142f47c4
Reviewed-on: https://gerrit.libreoffice.org/43988
Tested-by: Jenkins <ci at libreoffice.org>
Reviewed-by: Ashod Nakashian <ashnakash at gmail.com>
diff --git a/svl/source/crypto/cryptosign.cxx b/svl/source/crypto/cryptosign.cxx
index f52e2731e078..acb85ae7fe6b 100644
--- a/svl/source/crypto/cryptosign.cxx
+++ b/svl/source/crypto/cryptosign.cxx
@@ -2297,7 +2297,7 @@ bool Signing::Verify(const std::vector<unsigned char>& aData,
std::unique_ptr<BYTE[]> pSignedAttributesBuf(new BYTE[nSignedAttributes]);
if (!CryptMsgGetParam(hMsg, CMSG_SIGNER_AUTH_ATTR_PARAM, 0, pSignedAttributesBuf.get(), &nSignedAttributes))
{
- SAL_WARN("svl.crypto", "ValidateSignature: CryptMsgGetParam() failed");
+ SAL_WARN("svl.crypto", "ValidateSignature: CryptMsgGetParam() authenticated failed");
return false;
}
auto pSignedAttributes = reinterpret_cast<PCRYPT_ATTRIBUTES>(pSignedAttributesBuf.get());
@@ -2317,6 +2317,54 @@ bool Signing::Verify(const std::vector<unsigned char>& aData,
}
}
+ // Get the unauthorized attributes.
+ nSignedAttributes = 0;
+ if (CryptMsgGetParam(hMsg, CMSG_SIGNER_UNAUTH_ATTR_PARAM, 0, nullptr, &nSignedAttributes))
+ {
+ std::unique_ptr<BYTE[]> pSignedAttributesBuf(new BYTE[nSignedAttributes]);
+ if (!CryptMsgGetParam(hMsg, CMSG_SIGNER_UNAUTH_ATTR_PARAM, 0, pSignedAttributesBuf.get(), &nSignedAttributes))
+ {
+ SAL_WARN("svl.crypto", "ValidateSignature: CryptMsgGetParam() unauthenticated failed");
+ return false;
+ }
+ auto pSignedAttributes = reinterpret_cast<PCRYPT_ATTRIBUTES>(pSignedAttributesBuf.get());
+ for (size_t nAttr = 0; nAttr < pSignedAttributes->cAttr; ++nAttr)
+ {
+ CRYPT_ATTRIBUTE& rAttr = pSignedAttributes->rgAttr[nAttr];
+ // Timestamp blob
+ if (OString("1.2.840.113549.1.9.16.2.14") == rAttr.pszObjId)
+ {
+ PCRYPT_TIMESTAMP_CONTEXT pTsContext;
+ if (!CryptVerifyTimeStampSignature(rAttr.rgValue->pbData, rAttr.rgValue->cbData, nullptr, 0, nullptr, &pTsContext, nullptr, nullptr))
+ {
+ SAL_WARN("svl.crypto", "CryptMsgUpdate failed: " << WindowsErrorString(GetLastError()));
+ break;
+ }
+
+ DateTime aDateTime = DateTime::CreateFromWin32FileDateTime(pTsContext->pTimeStamp->ftTime.dwLowDateTime, pTsContext->pTimeStamp->ftTime.dwHighDateTime);
+
+ // Then convert to a local UNO DateTime.
+ aDateTime.ConvertToLocalTime();
+ rInformation.stDateTime = aDateTime.GetUNODateTime();
+ if (rInformation.ouDateTime.isEmpty())
+ {
+ OUStringBuffer rBuffer;
+ rBuffer.append((sal_Int32)aDateTime.GetYear());
+ rBuffer.append('-');
+ if (aDateTime.GetMonth() < 10)
+ rBuffer.append('0');
+ rBuffer.append((sal_Int32)aDateTime.GetMonth());
+ rBuffer.append('-');
+ if (aDateTime.GetDay() < 10)
+ rBuffer.append('0');
+ rBuffer.append((sal_Int32)aDateTime.GetDay());
+ rInformation.ouDateTime = rBuffer.makeStringAndClear();
+ }
+ break;
+ }
+ }
+ }
+
CertCloseStore(hStoreHandle, CERT_CLOSE_STORE_FORCE_FLAG);
CryptMsgClose(hMsg);
return true;
More information about the Libreoffice-commits
mailing list