[Libreoffice-commits] core.git: Branch 'libreoffice-7-0' - xmlsecurity/inc xmlsecurity/source

Michael Stahl (via logerrit) logerrit at kemper.freedesktop.org
Thu Mar 18 08:51:36 UTC 2021


 xmlsecurity/inc/xsecctl.hxx              |    1 
 xmlsecurity/source/helper/xsecparser.cxx |  290 +++++++++++++++++++++----------
 xmlsecurity/source/helper/xsecparser.hxx |    1 
 xmlsecurity/source/helper/xsecverify.cxx |   19 ++
 4 files changed, 221 insertions(+), 90 deletions(-)

New commits:
commit 94ce59dd02fcfcaa1eb4f195b45a9a2edbd58242
Author:     Michael Stahl <michael.stahl at allotropia.de>
AuthorDate: Fri Feb 19 17:56:21 2021 +0100
Commit:     Caolán McNamara <caolanm at redhat.com>
CommitDate: Thu Mar 18 09:50:59 2021 +0100

    xmlsecurity: ignore elements in ds:Object that aren't signed
    
    Change-Id: I2e4411f0907b89e7ad6e0185cee8f12b600515e8
    Reviewed-on: https://gerrit.libreoffice.org/c/core/+/111253
    Tested-by: Jenkins
    Reviewed-by: Michael Stahl <michael.stahl at allotropia.de>
    (cherry picked from commit 2bfa00e6bf4b2a310a8b8f5060acec85b5f7a3ce)
    Reviewed-on: https://gerrit.libreoffice.org/c/core/+/111909
    Reviewed-by: Caolán McNamara <caolanm at redhat.com>

diff --git a/xmlsecurity/inc/xsecctl.hxx b/xmlsecurity/inc/xsecctl.hxx
index 759a660d90ad..ec3669128d24 100644
--- a/xmlsecurity/inc/xsecctl.hxx
+++ b/xmlsecurity/inc/xsecctl.hxx
@@ -252,6 +252,7 @@ private:
     /// Sets algorithm from <SignatureMethod Algorithm="...">.
     void setSignatureMethod(svl::crypto::SignatureMethodAlgorithm eAlgorithmID);
     void switchGpgSignature();
+    bool haveReferenceForId(OUString const& rId) const;
     void addReference(
         const OUString& ouUri,
         sal_Int32 nDigestID,
diff --git a/xmlsecurity/source/helper/xsecparser.cxx b/xmlsecurity/source/helper/xsecparser.cxx
index 1418b7b43b46..f46277f96ea1 100644
--- a/xmlsecurity/source/helper/xsecparser.cxx
+++ b/xmlsecurity/source/helper/xsecparser.cxx
@@ -95,6 +95,42 @@ auto XSecParser::Context::CreateChildContext(
     return std::make_unique<UnknownContext>(m_rParser, std::move(pOldNamespaceMap));
 }
 
+/**
+note: anything in ds:Object should be trusted *only* if there is a ds:Reference
+      to it so it is signed (exception: the xades:EncapsulatedX509Certificate).
+      ds:SignedInfo precedes all ds:Object.
+
+      There may be multiple ds:Signature for purpose of counter-signatures
+      but the way XAdES describes these, only the ds:SignatureValue element
+      would be referenced, so requiring a ds:Reference for anything in
+      ds:Object shouldn't cause issues.
+ */
+class XSecParser::ReferencedContextImpl
+    : public XSecParser::Context
+{
+    protected:
+        bool m_isReferenced;
+
+    public:
+        ReferencedContextImpl(XSecParser & rParser,
+                std::unique_ptr<SvXMLNamespaceMap> pOldNamespaceMap,
+                bool const isReferenced)
+            : XSecParser::Context(rParser, std::move(pOldNamespaceMap))
+            , m_isReferenced(isReferenced)
+        {
+        }
+
+        OUString CheckIdAttrReferenced(css::uno::Reference<css::xml::sax::XAttributeList> const& xAttrs)
+        {
+            OUString const id(m_rParser.HandleIdAttr(xAttrs));
+            if (!id.isEmpty() && m_rParser.m_pXSecController->haveReferenceForId(id))
+            {
+                m_isReferenced = true;
+            }
+            return id;
+        }
+};
+
 class XSecParser::LoPGPOwnerContext
     : public XSecParser::Context
 {
@@ -228,21 +264,29 @@ class XSecParser::DsX509CertificateContext
 };
 
 class XSecParser::DsX509SerialNumberContext
-    : public XSecParser::Context
+    : public XSecParser::ReferencedContextImpl
 {
     private:
         OUString m_Value;
 
     public:
         DsX509SerialNumberContext(XSecParser & rParser,
-                std::unique_ptr<SvXMLNamespaceMap> pOldNamespaceMap)
-            : XSecParser::Context(rParser, std::move(pOldNamespaceMap))
+                std::unique_ptr<SvXMLNamespaceMap> pOldNamespaceMap,
+                bool const isReferenced)
+            : ReferencedContextImpl(rParser, std::move(pOldNamespaceMap), isReferenced)
         {
         }
 
         virtual void EndElement() override
         {
-            m_rParser.m_pXSecController->setX509SerialNumber(m_Value);
+            if (m_isReferenced)
+            {
+                m_rParser.m_pXSecController->setX509SerialNumber(m_Value);
+            }
+            else
+            {
+                SAL_INFO("xmlsecurity.helper", "ignoring unsigned X509SerialNumber");
+            }
         }
 
         virtual void Characters(OUString const& rChars) override
@@ -252,21 +296,29 @@ class XSecParser::DsX509SerialNumberContext
 };
 
 class XSecParser::DsX509IssuerNameContext
-    : public XSecParser::Context
+    : public XSecParser::ReferencedContextImpl
 {
     private:
         OUString m_Value;
 
     public:
         DsX509IssuerNameContext(XSecParser & rParser,
-                std::unique_ptr<SvXMLNamespaceMap> pOldNamespaceMap)
-            : XSecParser::Context(rParser, std::move(pOldNamespaceMap))
+                std::unique_ptr<SvXMLNamespaceMap> pOldNamespaceMap,
+                bool const isReferenced)
+            : ReferencedContextImpl(rParser, std::move(pOldNamespaceMap), isReferenced)
         {
         }
 
         virtual void EndElement() override
         {
-            m_rParser.m_pXSecController->setX509IssuerName(m_Value);
+            if (m_isReferenced)
+            {
+                m_rParser.m_pXSecController->setX509IssuerName(m_Value);
+            }
+            else
+            {
+                SAL_INFO("xmlsecurity.helper", "ignoring unsigned X509IssuerName");
+            }
         }
 
         virtual void Characters(OUString const& rChars) override
@@ -276,12 +328,13 @@ class XSecParser::DsX509IssuerNameContext
 };
 
 class XSecParser::DsX509IssuerSerialContext
-    : public XSecParser::Context
+    : public XSecParser::ReferencedContextImpl
 {
     public:
         DsX509IssuerSerialContext(XSecParser & rParser,
-                std::unique_ptr<SvXMLNamespaceMap> pOldNamespaceMap)
-            : XSecParser::Context(rParser, std::move(pOldNamespaceMap))
+                std::unique_ptr<SvXMLNamespaceMap> pOldNamespaceMap,
+                bool const isReferenced)
+            : ReferencedContextImpl(rParser, std::move(pOldNamespaceMap), isReferenced)
         {
         }
 
@@ -291,11 +344,11 @@ class XSecParser::DsX509IssuerSerialContext
         {
             if (nNamespace == XML_NAMESPACE_DS && rName == "X509IssuerName")
             {
-                return std::make_unique<DsX509IssuerNameContext>(m_rParser, std::move(pOldNamespaceMap));
+                return std::make_unique<DsX509IssuerNameContext>(m_rParser, std::move(pOldNamespaceMap), m_isReferenced);
             }
             if (nNamespace == XML_NAMESPACE_DS && rName == "X509SerialNumber")
             {
-                return std::make_unique<DsX509SerialNumberContext>(m_rParser, std::move(pOldNamespaceMap));
+                return std::make_unique<DsX509SerialNumberContext>(m_rParser, std::move(pOldNamespaceMap), m_isReferenced);
             }
             // missing: ds:X509SKI, ds:X509SubjectName, ds:X509CRL
             return XSecParser::Context::CreateChildContext(std::move(pOldNamespaceMap), nNamespace, rName);
@@ -318,7 +371,8 @@ class XSecParser::DsX509DataContext
         {
             if (nNamespace == XML_NAMESPACE_DS && rName == "X509IssuerSerial")
             {
-                return std::make_unique<DsX509IssuerSerialContext>(m_rParser, std::move(pOldNamespaceMap));
+                // can't require KeyInfo to be signed so pass in *true*
+                return std::make_unique<DsX509IssuerSerialContext>(m_rParser, std::move(pOldNamespaceMap), true);
             }
             if (nNamespace == XML_NAMESPACE_DS && rName == "X509Certificate")
             {
@@ -787,21 +841,29 @@ class XSecParser::XadesUnsignedPropertiesContext
 };
 
 class XSecParser::LoSignatureLineIdContext
-    : public XSecParser::Context
+    : public XSecParser::ReferencedContextImpl
 {
     private:
         OUString m_Value;
 
     public:
         LoSignatureLineIdContext(XSecParser & rParser,
-                std::unique_ptr<SvXMLNamespaceMap> pOldNamespaceMap)
-            : XSecParser::Context(rParser, std::move(pOldNamespaceMap))
+                std::unique_ptr<SvXMLNamespaceMap> pOldNamespaceMap,
+                bool const isReferenced)
+            : ReferencedContextImpl(rParser, std::move(pOldNamespaceMap), isReferenced)
         {
         }
 
         virtual void EndElement() override
         {
-            m_rParser.m_pXSecController->setSignatureLineId(m_Value);
+            if (m_isReferenced)
+            {
+                m_rParser.m_pXSecController->setSignatureLineId(m_Value);
+            }
+            else
+            {
+                SAL_INFO("xmlsecurity.helper", "ignoring unsigned SignatureLineId");
+            }
         }
 
         virtual void Characters(OUString const& rChars) override
@@ -811,21 +873,29 @@ class XSecParser::LoSignatureLineIdContext
 };
 
 class XSecParser::LoSignatureLineValidImageContext
-    : public XSecParser::Context
+    : public XSecParser::ReferencedContextImpl
 {
     private:
         OUString m_Value;
 
     public:
         LoSignatureLineValidImageContext(XSecParser & rParser,
-                std::unique_ptr<SvXMLNamespaceMap> pOldNamespaceMap)
-            : XSecParser::Context(rParser, std::move(pOldNamespaceMap))
+                std::unique_ptr<SvXMLNamespaceMap> pOldNamespaceMap,
+                bool const isReferenced)
+            : ReferencedContextImpl(rParser, std::move(pOldNamespaceMap), isReferenced)
         {
         }
 
         virtual void EndElement() override
         {
-            m_rParser.m_pXSecController->setValidSignatureImage(m_Value);
+            if (m_isReferenced)
+            {
+                m_rParser.m_pXSecController->setValidSignatureImage(m_Value);
+            }
+            else
+            {
+                SAL_INFO("xmlsecurity.helper", "ignoring unsigned SignatureLineValidImage");
+            }
         }
 
         virtual void Characters(OUString const& rChars) override
@@ -835,21 +905,29 @@ class XSecParser::LoSignatureLineValidImageContext
 };
 
 class XSecParser::LoSignatureLineInvalidImageContext
-    : public XSecParser::Context
+    : public XSecParser::ReferencedContextImpl
 {
     private:
         OUString m_Value;
 
     public:
         LoSignatureLineInvalidImageContext(XSecParser & rParser,
-                std::unique_ptr<SvXMLNamespaceMap> pOldNamespaceMap)
-            : XSecParser::Context(rParser, std::move(pOldNamespaceMap))
+                std::unique_ptr<SvXMLNamespaceMap> pOldNamespaceMap,
+                bool const isReferenced)
+            : ReferencedContextImpl(rParser, std::move(pOldNamespaceMap), isReferenced)
         {
         }
 
         virtual void EndElement() override
         {
-            m_rParser.m_pXSecController->setInvalidSignatureImage(m_Value);
+            if (m_isReferenced)
+            {
+                m_rParser.m_pXSecController->setInvalidSignatureImage(m_Value);
+            }
+            else
+            {
+                SAL_INFO("xmlsecurity.helper", "ignoring unsigned SignatureLineInvalidImage");
+            }
         }
 
         virtual void Characters(OUString const& rChars) override
@@ -859,12 +937,13 @@ class XSecParser::LoSignatureLineInvalidImageContext
 };
 
 class XSecParser::LoSignatureLineContext
-    : public XSecParser::Context
+    : public XSecParser::ReferencedContextImpl
 {
     public:
         LoSignatureLineContext(XSecParser & rParser,
-                std::unique_ptr<SvXMLNamespaceMap> pOldNamespaceMap)
-            : XSecParser::Context(rParser, std::move(pOldNamespaceMap))
+                std::unique_ptr<SvXMLNamespaceMap> pOldNamespaceMap,
+                bool const isReferenced)
+            : ReferencedContextImpl(rParser, std::move(pOldNamespaceMap), isReferenced)
         {
         }
 
@@ -874,22 +953,22 @@ class XSecParser::LoSignatureLineContext
         {
             if (nNamespace == XML_NAMESPACE_LO_EXT && rName == "SignatureLineId")
             {
-                return std::make_unique<LoSignatureLineIdContext>(m_rParser, std::move(pOldNamespaceMap));
+                return std::make_unique<LoSignatureLineIdContext>(m_rParser, std::move(pOldNamespaceMap), m_isReferenced);
             }
             if (nNamespace == XML_NAMESPACE_LO_EXT && rName == "SignatureLineValidImage")
             {
-                return std::make_unique<LoSignatureLineValidImageContext>(m_rParser, std::move(pOldNamespaceMap));
+                return std::make_unique<LoSignatureLineValidImageContext>(m_rParser, std::move(pOldNamespaceMap), m_isReferenced);
             }
             if (nNamespace == XML_NAMESPACE_LO_EXT && rName == "SignatureLineInvalidImage")
             {
-                return std::make_unique<LoSignatureLineInvalidImageContext>(m_rParser, std::move(pOldNamespaceMap));
+                return std::make_unique<LoSignatureLineInvalidImageContext>(m_rParser, std::move(pOldNamespaceMap), m_isReferenced);
             }
             return XSecParser::Context::CreateChildContext(std::move(pOldNamespaceMap), nNamespace, rName);
         }
 };
 
 class XSecParser::XadesCertDigestContext
-    : public XSecParser::Context
+    : public XSecParser::ReferencedContextImpl
 {
     private:
         OUString m_Value;
@@ -897,14 +976,22 @@ class XSecParser::XadesCertDigestContext
 
     public:
         XadesCertDigestContext(XSecParser & rParser,
-                std::unique_ptr<SvXMLNamespaceMap> pOldNamespaceMap)
-            : XSecParser::Context(rParser, std::move(pOldNamespaceMap))
+                std::unique_ptr<SvXMLNamespaceMap> pOldNamespaceMap,
+                bool const isReferenced)
+            : ReferencedContextImpl(rParser, std::move(pOldNamespaceMap), isReferenced)
         {
         }
 
         virtual void EndElement() override
         {
-            m_rParser.m_pXSecController->setCertDigest(m_Value/* FIXME , m_nReferenceDigestID*/);
+            if (m_isReferenced)
+            {
+                m_rParser.m_pXSecController->setCertDigest(m_Value/* FIXME , m_nReferenceDigestID*/);
+            }
+            else
+            {
+                SAL_INFO("xmlsecurity.helper", "ignoring unsigned CertDigest");
+            }
         }
 
         virtual std::unique_ptr<Context> CreateChildContext(
@@ -924,12 +1011,13 @@ class XSecParser::XadesCertDigestContext
 };
 
 class XSecParser::XadesCertContext
-    : public XSecParser::Context
+    : public XSecParser::ReferencedContextImpl
 {
     public:
         XadesCertContext(XSecParser & rParser,
-                std::unique_ptr<SvXMLNamespaceMap> pOldNamespaceMap)
-            : XSecParser::Context(rParser, std::move(pOldNamespaceMap))
+                std::unique_ptr<SvXMLNamespaceMap> pOldNamespaceMap,
+                bool const isReferenced)
+            : ReferencedContextImpl(rParser, std::move(pOldNamespaceMap), isReferenced)
         {
         }
 
@@ -939,23 +1027,24 @@ class XSecParser::XadesCertContext
         {
             if (nNamespace == XML_NAMESPACE_XADES132 && rName == "CertDigest")
             {
-                return std::make_unique<XadesCertDigestContext>(m_rParser, std::move(pOldNamespaceMap));
+                return std::make_unique<XadesCertDigestContext>(m_rParser, std::move(pOldNamespaceMap), m_isReferenced);
             }
             if (nNamespace == XML_NAMESPACE_XADES132 && rName == "IssuerSerial")
             {
-                return std::make_unique<DsX509IssuerSerialContext>(m_rParser, std::move(pOldNamespaceMap));
+                return std::make_unique<DsX509IssuerSerialContext>(m_rParser, std::move(pOldNamespaceMap), m_isReferenced);
             }
             return XSecParser::Context::CreateChildContext(std::move(pOldNamespaceMap), nNamespace, rName);
         }
 };
 
 class XSecParser::XadesSigningCertificateContext
-    : public XSecParser::Context
+    : public XSecParser::ReferencedContextImpl
 {
     public:
         XadesSigningCertificateContext(XSecParser & rParser,
-                std::unique_ptr<SvXMLNamespaceMap> pOldNamespaceMap)
-            : XSecParser::Context(rParser, std::move(pOldNamespaceMap))
+                std::unique_ptr<SvXMLNamespaceMap> pOldNamespaceMap,
+                bool const isReferenced)
+            : ReferencedContextImpl(rParser, std::move(pOldNamespaceMap), isReferenced)
         {
         }
 
@@ -965,28 +1054,36 @@ class XSecParser::XadesSigningCertificateContext
         {
             if (nNamespace == XML_NAMESPACE_XADES132 && rName == "Cert")
             {
-                return std::make_unique<XadesCertContext>(m_rParser, std::move(pOldNamespaceMap));
+                return std::make_unique<XadesCertContext>(m_rParser, std::move(pOldNamespaceMap), m_isReferenced);
             }
             return XSecParser::Context::CreateChildContext(std::move(pOldNamespaceMap), nNamespace, rName);
         }
 };
 
 class XSecParser::XadesSigningTimeContext
-    : public XSecParser::Context
+    : public XSecParser::ReferencedContextImpl
 {
     private:
         OUString m_Value;
 
     public:
         XadesSigningTimeContext(XSecParser & rParser,
-                std::unique_ptr<SvXMLNamespaceMap> pOldNamespaceMap)
-            : XSecParser::Context(rParser, std::move(pOldNamespaceMap))
+                std::unique_ptr<SvXMLNamespaceMap> pOldNamespaceMap,
+                bool const isReferenced)
+            : ReferencedContextImpl(rParser, std::move(pOldNamespaceMap), isReferenced)
         {
         }
 
         virtual void EndElement() override
         {
-            m_rParser.m_pXSecController->setDate("", m_Value);
+            if (m_isReferenced)
+            {
+                m_rParser.m_pXSecController->setDate("", m_Value);
+            }
+            else
+            {
+                SAL_INFO("xmlsecurity.helper", "ignoring unsigned SigningTime");
+            }
         }
 
         virtual void Characters(OUString const& rChars) override
@@ -996,19 +1093,20 @@ class XSecParser::XadesSigningTimeContext
 };
 
 class XSecParser::XadesSignedSignaturePropertiesContext
-    : public XSecParser::Context
+    : public XSecParser::ReferencedContextImpl
 {
     public:
         XadesSignedSignaturePropertiesContext(XSecParser & rParser,
-                std::unique_ptr<SvXMLNamespaceMap> pOldNamespaceMap)
-            : XSecParser::Context(rParser, std::move(pOldNamespaceMap))
+                std::unique_ptr<SvXMLNamespaceMap> pOldNamespaceMap,
+                bool const isReferenced)
+            : ReferencedContextImpl(rParser, std::move(pOldNamespaceMap), isReferenced)
         {
         }
 
         virtual void StartElement(
             css::uno::Reference<css::xml::sax::XAttributeList> const& xAttrs) override
         {
-            m_rParser.HandleIdAttr(xAttrs);
+            CheckIdAttrReferenced(xAttrs);
         }
 
         virtual std::unique_ptr<Context> CreateChildContext(
@@ -1017,15 +1115,15 @@ class XSecParser::XadesSignedSignaturePropertiesContext
         {
             if (nNamespace == XML_NAMESPACE_XADES132 && rName == "SigningTime")
             {
-                return std::make_unique<XadesSigningTimeContext>(m_rParser, std::move(pOldNamespaceMap));
+                return std::make_unique<XadesSigningTimeContext>(m_rParser, std::move(pOldNamespaceMap), m_isReferenced);
             }
             if (nNamespace == XML_NAMESPACE_XADES132 && rName == "SigningCertificate")
             {
-                return std::make_unique<XadesSigningCertificateContext>(m_rParser, std::move(pOldNamespaceMap));
+                return std::make_unique<XadesSigningCertificateContext>(m_rParser, std::move(pOldNamespaceMap), m_isReferenced);
             }
             if (nNamespace == XML_NAMESPACE_LO_EXT && rName == "SignatureLine")
             {
-                return std::make_unique<LoSignatureLineContext>(m_rParser, std::move(pOldNamespaceMap));
+                return std::make_unique<LoSignatureLineContext>(m_rParser, std::move(pOldNamespaceMap), m_isReferenced);
             }
             // missing: xades:SignaturePolicyIdentifier, xades:SignatureProductionPlace, xades:SignerRole
             return XSecParser::Context::CreateChildContext(std::move(pOldNamespaceMap), nNamespace, rName);
@@ -1033,19 +1131,20 @@ class XSecParser::XadesSignedSignaturePropertiesContext
 };
 
 class XSecParser::XadesSignedPropertiesContext
-    : public XSecParser::Context
+    : public XSecParser::ReferencedContextImpl
 {
     public:
         XadesSignedPropertiesContext(XSecParser & rParser,
-                std::unique_ptr<SvXMLNamespaceMap> pOldNamespaceMap)
-            : XSecParser::Context(rParser, std::move(pOldNamespaceMap))
+                std::unique_ptr<SvXMLNamespaceMap> pOldNamespaceMap,
+                bool const isReferenced)
+            : ReferencedContextImpl(rParser, std::move(pOldNamespaceMap), isReferenced)
         {
         }
 
         virtual void StartElement(
             css::uno::Reference<css::xml::sax::XAttributeList> const& xAttrs) override
         {
-            m_rParser.HandleIdAttr(xAttrs);
+            CheckIdAttrReferenced(xAttrs);
         }
 
         virtual std::unique_ptr<Context> CreateChildContext(
@@ -1054,7 +1153,7 @@ class XSecParser::XadesSignedPropertiesContext
         {
             if (nNamespace == XML_NAMESPACE_XADES132 && rName == "SignedSignatureProperties")
             {
-                return std::make_unique<XadesSignedSignaturePropertiesContext>(m_rParser, std::move(pOldNamespaceMap));
+                return std::make_unique<XadesSignedSignaturePropertiesContext>(m_rParser, std::move(pOldNamespaceMap), m_isReferenced);
             }
             // missing: xades:SignedDataObjectProperties
             return XSecParser::Context::CreateChildContext(std::move(pOldNamespaceMap), nNamespace, rName);
@@ -1062,19 +1161,20 @@ class XSecParser::XadesSignedPropertiesContext
 };
 
 class XSecParser::XadesQualifyingPropertiesContext
-    : public XSecParser::Context
+    : public XSecParser::ReferencedContextImpl
 {
     public:
         XadesQualifyingPropertiesContext(XSecParser & rParser,
-                std::unique_ptr<SvXMLNamespaceMap> pOldNamespaceMap)
-            : XSecParser::Context(rParser, std::move(pOldNamespaceMap))
+                std::unique_ptr<SvXMLNamespaceMap> pOldNamespaceMap,
+                bool const isReferenced)
+            : ReferencedContextImpl(rParser, std::move(pOldNamespaceMap), isReferenced)
         {
         }
 
         virtual void StartElement(
             css::uno::Reference<css::xml::sax::XAttributeList> const& xAttrs) override
         {
-            m_rParser.HandleIdAttr(xAttrs);
+            CheckIdAttrReferenced(xAttrs);
         }
 
         virtual std::unique_ptr<Context> CreateChildContext(
@@ -1083,7 +1183,7 @@ class XSecParser::XadesQualifyingPropertiesContext
         {
             if (nNamespace == XML_NAMESPACE_XADES132 && rName == "SignedProperties")
             {
-                return std::make_unique<XadesSignedPropertiesContext>(m_rParser, std::move(pOldNamespaceMap));
+                return std::make_unique<XadesSignedPropertiesContext>(m_rParser, std::move(pOldNamespaceMap), m_isReferenced);
             }
             if (nNamespace == XML_NAMESPACE_XADES132 && rName == "UnsignedProperties")
             {
@@ -1136,7 +1236,7 @@ class XSecParser::DcDescriptionContext
 };
 
 class XSecParser::DsSignaturePropertyContext
-    : public XSecParser::Context
+    : public XSecParser::ReferencedContextImpl
 {
     private:
         enum class SignatureProperty { Unknown, Date, Description };
@@ -1146,30 +1246,38 @@ class XSecParser::DsSignaturePropertyContext
 
     public:
         DsSignaturePropertyContext(XSecParser & rParser,
-                std::unique_ptr<SvXMLNamespaceMap> pOldNamespaceMap)
-            : XSecParser::Context(rParser, std::move(pOldNamespaceMap))
+                std::unique_ptr<SvXMLNamespaceMap> pOldNamespaceMap,
+                bool const isReferenced)
+            : ReferencedContextImpl(rParser, std::move(pOldNamespaceMap), isReferenced)
         {
         }
 
         virtual void StartElement(
             css::uno::Reference<css::xml::sax::XAttributeList> const& xAttrs) override
         {
-            m_Id = m_rParser.HandleIdAttr(xAttrs);
+            m_Id = CheckIdAttrReferenced(xAttrs);
         }
 
         virtual void EndElement() override
         {
-            switch (m_Property)
+            if (m_isReferenced)
+            {
+                switch (m_Property)
+                {
+                    case SignatureProperty::Unknown:
+                        SAL_INFO("xmlsecurity.helper", "Unknown property in ds:Object ignored");
+                        break;
+                    case SignatureProperty::Date:
+                        m_rParser.m_pXSecController->setDate(m_Id, m_Value);
+                        break;
+                    case SignatureProperty::Description:
+                        m_rParser.m_pXSecController->setDescription(m_Id, m_Value);
+                        break;
+                }
+            }
+            else
             {
-                case SignatureProperty::Unknown:
-                    SAL_INFO("xmlsecurity.helper", "Unknown property in ds:Object ignored");
-                    break;
-                case SignatureProperty::Date:
-                    m_rParser.m_pXSecController->setDate(m_Id, m_Value);
-                    break;
-                case SignatureProperty::Description:
-                    m_rParser.m_pXSecController->setDescription(m_Id, m_Value);
-                    break;
+                SAL_INFO("xmlsecurity.helper", "ignoring unsigned SignatureProperty");
             }
         }
 
@@ -1192,19 +1300,20 @@ class XSecParser::DsSignaturePropertyContext
 };
 
 class XSecParser::DsSignaturePropertiesContext
-    : public XSecParser::Context
+    : public XSecParser::ReferencedContextImpl
 {
     public:
         DsSignaturePropertiesContext(XSecParser & rParser,
-                std::unique_ptr<SvXMLNamespaceMap> pOldNamespaceMap)
-            : XSecParser::Context(rParser, std::move(pOldNamespaceMap))
+                std::unique_ptr<SvXMLNamespaceMap> pOldNamespaceMap,
+                bool const isReferenced)
+            : ReferencedContextImpl(rParser, std::move(pOldNamespaceMap), isReferenced)
         {
         }
 
         virtual void StartElement(
             css::uno::Reference<css::xml::sax::XAttributeList> const& xAttrs) override
         {
-            m_rParser.HandleIdAttr(xAttrs);
+            CheckIdAttrReferenced(xAttrs);
         }
 
         virtual std::unique_ptr<Context> CreateChildContext(
@@ -1213,26 +1322,27 @@ class XSecParser::DsSignaturePropertiesContext
         {
             if (nNamespace == XML_NAMESPACE_DS && rName == "SignatureProperty")
             {
-                return std::make_unique<DsSignaturePropertyContext>(m_rParser, std::move(pOldNamespaceMap));
+                return std::make_unique<DsSignaturePropertyContext>(m_rParser, std::move(pOldNamespaceMap), m_isReferenced);
             }
             return XSecParser::Context::CreateChildContext(std::move(pOldNamespaceMap), nNamespace, rName);
         }
 };
 
 class XSecParser::DsObjectContext
-    : public XSecParser::Context
+    : public XSecParser::ReferencedContextImpl
 {
     public:
         DsObjectContext(XSecParser & rParser,
                 std::unique_ptr<SvXMLNamespaceMap> pOldNamespaceMap)
-            : XSecParser::Context(rParser, std::move(pOldNamespaceMap))
+            // init with "false" here - the Signature element can't be referenced by its child
+            : XSecParser::ReferencedContextImpl(rParser, std::move(pOldNamespaceMap), false)
         {
         }
 
         virtual void StartElement(
             css::uno::Reference<css::xml::sax::XAttributeList> const& xAttrs) override
         {
-            m_rParser.HandleIdAttr(xAttrs);
+            CheckIdAttrReferenced(xAttrs);
         }
 
         virtual std::unique_ptr<Context> CreateChildContext(
@@ -1241,11 +1351,11 @@ class XSecParser::DsObjectContext
         {
             if (nNamespace == XML_NAMESPACE_DS && rName == "SignatureProperties")
             {
-                return std::make_unique<DsSignaturePropertiesContext>(m_rParser, std::move(pOldNamespaceMap));
+                return std::make_unique<DsSignaturePropertiesContext>(m_rParser, std::move(pOldNamespaceMap), m_isReferenced);
             }
             if (nNamespace == XML_NAMESPACE_XADES132 && rName == "QualifyingProperties")
             {
-                return std::make_unique<XadesQualifyingPropertiesContext>(m_rParser, std::move(pOldNamespaceMap));
+                return std::make_unique<XadesQualifyingPropertiesContext>(m_rParser, std::move(pOldNamespaceMap), m_isReferenced);
             }
             // missing: ds:Manifest
             return XSecParser::Context::CreateChildContext(std::move(pOldNamespaceMap), nNamespace, rName);
diff --git a/xmlsecurity/source/helper/xsecparser.hxx b/xmlsecurity/source/helper/xsecparser.hxx
index 7a0eb08bca28..7674bf28b84d 100644
--- a/xmlsecurity/source/helper/xsecparser.hxx
+++ b/xmlsecurity/source/helper/xsecparser.hxx
@@ -56,6 +56,7 @@ public:
     class Context;
 private:
     class UnknownContext;
+    class ReferencedContextImpl;
     class LoPGPOwnerContext;
     class DsPGPKeyPacketContext;
     class DsPGPKeyIDContext;
diff --git a/xmlsecurity/source/helper/xsecverify.cxx b/xmlsecurity/source/helper/xsecverify.cxx
index cdca811cc2cb..92ebfb6c72e8 100644
--- a/xmlsecurity/source/helper/xsecverify.cxx
+++ b/xmlsecurity/source/helper/xsecverify.cxx
@@ -143,6 +143,25 @@ void XSecController::switchGpgSignature()
 #endif
 }
 
+bool XSecController::haveReferenceForId(OUString const& rId) const
+{
+    if (m_vInternalSignatureInformations.empty())
+    {
+        SAL_INFO("xmlsecurity.helper","XSecController::haveReferenceForId: no signature");
+        return false;
+    }
+    InternalSignatureInformation const& rIsi(m_vInternalSignatureInformations.back());
+    for (SignatureReferenceInformation const& rSri : rIsi.signatureInfor.vSignatureReferenceInfors)
+    {
+        if (rSri.nType == SignatureReferenceType::SAMEDOCUMENT
+            && rSri.ouURI == rId) // ouUri has # stripped
+        {
+            return true;
+        }
+    }
+    return false;
+}
+
 void XSecController::addReference( const OUString& ouUri, sal_Int32 nDigestID, const OUString& ouType )
 {
     if (m_vInternalSignatureInformations.empty())


More information about the Libreoffice-commits mailing list