[Libreoffice-commits] core.git: xmlsecurity/source
Michael Stahl (via logerrit)
logerrit at kemper.freedesktop.org
Wed Mar 3 11:45:33 UTC 2021
xmlsecurity/source/helper/xsecparser.cxx | 109 +++++++++++++++++--------------
xmlsecurity/source/helper/xsecparser.hxx | 14 ---
2 files changed, 63 insertions(+), 60 deletions(-)
New commits:
commit cfeb89a758b5f0ec406f0d72444e52ed2f47b85e
Author: Michael Stahl <michael.stahl at allotropia.de>
AuthorDate: Thu Feb 18 19:03:56 2021 +0100
Commit: Michael Stahl <michael.stahl at allotropia.de>
CommitDate: Wed Mar 3 12:44:42 2021 +0100
xmlsecurity: move XSecParser Reference state into contexts
Change-Id: Ia2da9bf1329a856629f60ab64b74d5ee79077076
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/111159
Tested-by: Jenkins
Reviewed-by: Michael Stahl <michael.stahl at allotropia.de>
diff --git a/xmlsecurity/source/helper/xsecparser.cxx b/xmlsecurity/source/helper/xsecparser.cxx
index b8c5581bad5c..5166464f6f1d 100644
--- a/xmlsecurity/source/helper/xsecparser.cxx
+++ b/xmlsecurity/source/helper/xsecparser.cxx
@@ -425,10 +425,15 @@ class XSecParser::DsDigestValueContext
class XSecParser::DsDigestMethodContext
: public XSecParser::Context
{
+ private:
+ sal_Int32 & m_rReferenceDigestID;
+
public:
DsDigestMethodContext(XSecParser & rParser,
- std::unique_ptr<SvXMLNamespaceMap> pOldNamespaceMap)
+ std::unique_ptr<SvXMLNamespaceMap> pOldNamespaceMap,
+ sal_Int32 & rReferenceDigestID)
: XSecParser::Context(rParser, std::move(pOldNamespaceMap))
+ , m_rReferenceDigestID(rReferenceDigestID)
{
}
@@ -445,13 +450,13 @@ class XSecParser::DsDigestMethodContext
&& ouAlgorithm != ALGO_XMLDSIGSHA512,
"xmlsecurity.helper", "Algorithm neither SHA1, SHA256 nor SHA512");
if (ouAlgorithm == ALGO_XMLDSIGSHA1)
- m_rParser.m_nReferenceDigestID = css::xml::crypto::DigestID::SHA1;
+ m_rReferenceDigestID = css::xml::crypto::DigestID::SHA1;
else if (ouAlgorithm == ALGO_XMLDSIGSHA256)
- m_rParser.m_nReferenceDigestID = css::xml::crypto::DigestID::SHA256;
+ m_rReferenceDigestID = css::xml::crypto::DigestID::SHA256;
else if (ouAlgorithm == ALGO_XMLDSIGSHA512)
- m_rParser.m_nReferenceDigestID = css::xml::crypto::DigestID::SHA512;
+ m_rReferenceDigestID = css::xml::crypto::DigestID::SHA512;
else
- m_rParser.m_nReferenceDigestID = 0;
+ m_rReferenceDigestID = 0;
}
}
};
@@ -459,28 +464,29 @@ class XSecParser::DsDigestMethodContext
class XSecParser::DsTransformContext
: public XSecParser::Context
{
+ private:
+ bool & m_rIsC14N;
+
public:
DsTransformContext(XSecParser & rParser,
- std::unique_ptr<SvXMLNamespaceMap> pOldNamespaceMap)
+ std::unique_ptr<SvXMLNamespaceMap> pOldNamespaceMap,
+ bool & rIsC14N)
: XSecParser::Context(rParser, std::move(pOldNamespaceMap))
+ , m_rIsC14N(rIsC14N)
{
}
virtual void StartElement(
css::uno::Reference<css::xml::sax::XAttributeList> const& xAttrs) override
{
- if (m_rParser.m_bReferenceUnresolved)
- {
- OUString ouAlgorithm = xAttrs->getValueByName("Algorithm");
+ OUString ouAlgorithm = xAttrs->getValueByName("Algorithm");
- if (ouAlgorithm == ALGO_C14N)
- /*
- * a xml stream
- */
- {
- m_rParser.m_pXSecController->addStreamReference( m_rParser.m_currentReferenceURI, false, m_rParser.m_nReferenceDigestID );
- m_rParser.m_bReferenceUnresolved = false;
- }
+ if (ouAlgorithm == ALGO_C14N)
+ /*
+ * a xml stream
+ */
+ {
+ m_rIsC14N = true;
}
}
};
@@ -488,10 +494,15 @@ class XSecParser::DsTransformContext
class XSecParser::DsTransformsContext
: public XSecParser::Context
{
+ private:
+ bool & m_rIsC14N;
+
public:
DsTransformsContext(XSecParser & rParser,
- std::unique_ptr<SvXMLNamespaceMap> pOldNamespaceMap)
+ std::unique_ptr<SvXMLNamespaceMap> pOldNamespaceMap,
+ bool & rIsC14N)
: XSecParser::Context(rParser, std::move(pOldNamespaceMap))
+ , m_rIsC14N(rIsC14N)
{
}
@@ -501,7 +512,7 @@ class XSecParser::DsTransformsContext
{
if (nNamespace == XML_NAMESPACE_DS && rName == "Transform")
{
- return std::make_unique<DsTransformContext>(m_rParser, std::move(pOldNamespaceMap));
+ return std::make_unique<DsTransformContext>(m_rParser, std::move(pOldNamespaceMap), m_rIsC14N);
}
return XSecParser::Context::CreateChildContext(std::move(pOldNamespaceMap), nNamespace, rName);
}
@@ -510,6 +521,15 @@ class XSecParser::DsTransformsContext
class XSecParser::DsReferenceContext
: public XSecParser::Context
{
+ private:
+ OUString m_URI;
+ OUString m_Type;
+ OUString m_DigestValue;
+ bool m_IsC14N = false;
+ // Relevant for ODF. The digest algorithm selected by the DigestMethod
+ // element's Algorithm attribute. @see css::xml::crypto::DigestID.
+ sal_Int32 m_nReferenceDigestID = css::xml::crypto::DigestID::SHA1;
+
public:
DsReferenceContext(XSecParser & rParser,
std::unique_ptr<SvXMLNamespaceMap> pOldNamespaceMap)
@@ -522,39 +542,37 @@ class XSecParser::DsReferenceContext
{
m_rParser.HandleIdAttr(xAttrs);
- OUString ouUri = xAttrs->getValueByName("URI");
- SAL_WARN_IF( ouUri.isEmpty(), "xmlsecurity.helper", "URI is empty" );
+ m_URI = xAttrs->getValueByName("URI");
+ SAL_WARN_IF(m_URI.isEmpty(), "xmlsecurity.helper", "URI is empty");
// Remember the type of this reference.
- OUString ouType = xAttrs->getValueByName("Type");
- if (ouUri.startsWith("#"))
+ m_Type = xAttrs->getValueByName("Type");
+ }
+
+ virtual void EndElement() override
+ {
+ if (m_URI.startsWith("#"))
{
/*
* remove the first character '#' from the attribute value
*/
- m_rParser.m_pXSecController->addReference( ouUri.copy(1), m_rParser.m_nReferenceDigestID, ouType );
+ m_rParser.m_pXSecController->addReference(m_URI.copy(1), m_nReferenceDigestID, m_Type);
}
else
{
- /*
- * remember the uri
- */
- m_rParser.m_currentReferenceURI = ouUri;
- m_rParser.m_bReferenceUnresolved = true;
- }
- }
-
- virtual void EndElement() override
- {
- if (m_rParser.m_bReferenceUnresolved)
+ if (m_IsC14N) // this is determined by nested ds:Transform
+ {
+ m_rParser.m_pXSecController->addStreamReference(m_URI, false, m_nReferenceDigestID);
+ }
+ else
/*
* it must be an octet stream
*/
- {
- m_rParser.m_pXSecController->addStreamReference( m_rParser.m_currentReferenceURI, true, m_rParser.m_nReferenceDigestID );
- m_rParser.m_bReferenceUnresolved = false;
+ {
+ m_rParser.m_pXSecController->addStreamReference(m_URI, true, m_nReferenceDigestID);
+ }
}
- m_rParser.m_pXSecController->setDigestValue( m_rParser.m_nReferenceDigestID, m_rParser.m_ouDigestValue );
+ m_rParser.m_pXSecController->setDigestValue(m_nReferenceDigestID, m_DigestValue);
}
virtual std::unique_ptr<Context> CreateChildContext(
@@ -563,15 +581,15 @@ class XSecParser::DsReferenceContext
{
if (nNamespace == XML_NAMESPACE_DS && rName == "Transforms")
{
- return std::make_unique<DsTransformsContext>(m_rParser, std::move(pOldNamespaceMap));
+ return std::make_unique<DsTransformsContext>(m_rParser, std::move(pOldNamespaceMap), m_IsC14N);
}
if (nNamespace == XML_NAMESPACE_DS && rName == "DigestMethod")
{
- return std::make_unique<DsDigestMethodContext>(m_rParser, std::move(pOldNamespaceMap));
+ return std::make_unique<DsDigestMethodContext>(m_rParser, std::move(pOldNamespaceMap), m_nReferenceDigestID);
}
if (nNamespace == XML_NAMESPACE_DS && rName == "DigestValue")
{
- return std::make_unique<DsDigestValueContext>(m_rParser, std::move(pOldNamespaceMap), m_rParser.m_ouDigestValue);
+ return std::make_unique<DsDigestValueContext>(m_rParser, std::move(pOldNamespaceMap), m_DigestValue);
}
return XSecParser::Context::CreateChildContext(std::move(pOldNamespaceMap), nNamespace, rName);
}
@@ -875,6 +893,7 @@ class XSecParser::XadesCertDigestContext
{
private:
OUString m_Value;
+ sal_Int32 m_nReferenceDigestID = css::xml::crypto::DigestID::SHA1;
public:
XadesCertDigestContext(XSecParser & rParser,
@@ -885,7 +904,7 @@ class XSecParser::XadesCertDigestContext
virtual void EndElement() override
{
- m_rParser.m_pXSecController->setCertDigest(m_Value);
+ m_rParser.m_pXSecController->setCertDigest(m_Value/* FIXME , m_nReferenceDigestID*/);
}
virtual std::unique_ptr<Context> CreateChildContext(
@@ -894,7 +913,7 @@ class XSecParser::XadesCertDigestContext
{
if (nNamespace == XML_NAMESPACE_DS && rName == "DigestMethod")
{
- return std::make_unique<DsDigestMethodContext>(m_rParser, std::move(pOldNamespaceMap));
+ return std::make_unique<DsDigestMethodContext>(m_rParser, std::move(pOldNamespaceMap), m_nReferenceDigestID);
}
if (nNamespace == XML_NAMESPACE_DS && rName == "DigestValue")
{
@@ -1307,8 +1326,6 @@ XSecParser::XSecParser(XMLSignatureHelper& rXMLSignatureHelper,
XSecController* pXSecController)
: m_pNamespaceMap(new SvXMLNamespaceMap)
, m_pXSecController(pXSecController)
- , m_bReferenceUnresolved(false)
- , m_nReferenceDigestID(css::xml::crypto::DigestID::SHA1)
, m_rXMLSignatureHelper(rXMLSignatureHelper)
{
using namespace xmloff::token;
diff --git a/xmlsecurity/source/helper/xsecparser.hxx b/xmlsecurity/source/helper/xsecparser.hxx
index f9efee46dead..b99a170b87c3 100644
--- a/xmlsecurity/source/helper/xsecparser.hxx
+++ b/xmlsecurity/source/helper/xsecparser.hxx
@@ -101,7 +101,6 @@ private:
* the following members are used to reserve the signature information,
* including X509IssuerName, X509SerialNumber, and X509Certificate,etc.
*/
- OUString m_ouDigestValue;
OUString m_ouDate;
std::stack<std::unique_ptr<Context>> m_ContextStack;
@@ -118,19 +117,6 @@ private:
css::uno::Reference<
css::xml::sax::XDocumentHandler > m_xNextHandler;
- /*
- * this string is used to remember the current handled reference's URI,
- *
- * because it can be decided whether a stream reference is xml based or binary based
- * only after the Transforms element is read in, so we have to reserve the reference's
- * URI when the startElement event is met.
- */
- OUString m_currentReferenceURI;
- bool m_bReferenceUnresolved;
-
- // Relevant for ODF. The digest algorithm selected by the current DigestMethod element's
- // Algorithm attribute in the current Reference element. From css::xml::crypto::DigestID.
- sal_Int32 m_nReferenceDigestID;
XMLSignatureHelper& m_rXMLSignatureHelper;
OUString HandleIdAttr(css::uno::Reference<css::xml::sax::XAttributeList> const& xAttrs);
More information about the Libreoffice-commits
mailing list