xmlsecurity/source/helper/xmlsignaturehelper.cxx | 6 ------ xmlsecurity/source/helper/xsecctl.cxx | 21 +++++++++++++++++++++ xmlsecurity/source/helper/xsecctl.hxx | 4 ++++ 3 files changed, 25 insertions(+), 6 deletions(-)
New commits: commit 52c60fac3672476a0260248d3eb6f9ac7b96667f Author: Miklos Vajna <[email protected]> Date: Tue Feb 9 12:28:56 2016 +0100 xmlsecurity: OOXML export of idSignedProperties stub If the signature refers to an XML element with that id, we must export at least a stub, otherwise xmlSecDSigCtxSign() will refuse to do anything with the signature template. With this, at least some calculated hashes and signature values appear in the OOXML output. Change-Id: Iff26c6ae0b97bf3509144a66a2c23070100a5974 diff --git a/xmlsecurity/source/helper/xsecctl.cxx b/xmlsecurity/source/helper/xsecctl.cxx index 13c09af..b4c3031 100644 --- a/xmlsecurity/source/helper/xsecctl.cxx +++ b/xmlsecurity/source/helper/xsecctl.cxx @@ -1109,7 +1109,21 @@ void XSecController::exportOOXMLSignature(const uno::Reference<xml::sax::XDocume xDocumentHandler->endElement(TAG_OBJECT); xDocumentHandler->startElement(TAG_OBJECT, uno::Reference<xml::sax::XAttributeList>(new SvXMLAttributeList())); + { + rtl::Reference<SvXMLAttributeList> pAttributeList(new SvXMLAttributeList()); + pAttributeList->AddAttribute(ATTR_XMLNS ":" NSTAG_XD, NS_XD); + pAttributeList->AddAttribute(ATTR_TARGET, "#idPackageSignature"); + xDocumentHandler->startElement(NSTAG_XD ":" TAG_QUALIFYINGPROPERTIES, uno::Reference<xml::sax::XAttributeList>(pAttributeList.get())); + } + { + rtl::Reference<SvXMLAttributeList> pAttributeList(new SvXMLAttributeList()); + pAttributeList->AddAttribute(ATTR_ID, "idSignedProperties"); + xDocumentHandler->startElement(NSTAG_XD ":" TAG_SIGNEDPROPERTIES, uno::Reference<xml::sax::XAttributeList>(pAttributeList.get())); + } + xDocumentHandler->endElement(NSTAG_XD ":" TAG_SIGNEDPROPERTIES); + xDocumentHandler->endElement(NSTAG_XD ":" TAG_QUALIFYINGPROPERTIES); xDocumentHandler->endElement(TAG_OBJECT); + xDocumentHandler->endElement(TAG_SIGNATURE); } diff --git a/xmlsecurity/source/helper/xsecctl.hxx b/xmlsecurity/source/helper/xsecctl.hxx index c7f5647..ea436e3 100644 --- a/xmlsecurity/source/helper/xsecctl.hxx +++ b/xmlsecurity/source/helper/xsecctl.hxx @@ -81,6 +81,8 @@ #define TAG_TIMESTAMP "timestamp" #define TAG_DATE "date" #define TAG_DESCRIPTION "description" +#define TAG_QUALIFYINGPROPERTIES "QualifyingProperties" +#define TAG_SIGNEDPROPERTIES "SignedProperties" #define ATTR_XMLNS "xmlns" #define ATTR_ALGORITHM "Algorithm" @@ -89,10 +91,12 @@ #define ATTR_TARGET "Target" #define NSTAG_DC "dc" +#define NSTAG_XD "xd" #define NS_XMLDSIG "http://www.w3.org/2000/09/xmldsig#"; //#define NS_DATETIME "http://www.ietf.org/rfcXXXX.txt"; #define NS_DC "http://purl.org/dc/elements/1.1/"; +#define NS_XD "http://uri.etsi.org/01903/v1.3.2#"; #define ALGO_C14N "http://www.w3.org/TR/2001/REC-xml-c14n-20010315"; #define ALGO_RSASHA1 "http://www.w3.org/2000/09/xmldsig#rsa-sha1"; commit 4dcee42b44f56fec0b90ee6f7edcaaaa87adecdc Author: Miklos Vajna <[email protected]> Date: Tue Feb 9 12:10:46 2016 +0100 xmlsecurity: mark the Signature, not the SignedInfo during OOXML export So that we pass the correct node to xmlSecDSigCtxSign(). SAXEventKeeperImpl::startElement() always marks the first node written by XSecController, which is the Signature node for ODF, but for OOXML, the Signature node is the root element. Fix the problem by writing the root element in XSecController::exportOOXMLSignature() instead of doing it earlier, similar how it's done for ODF (where we intentionally want to not mark the root node). Change-Id: Id0a76f155726ad53a996e9327454b8795497ac7b diff --git a/xmlsecurity/source/helper/xmlsignaturehelper.cxx b/xmlsecurity/source/helper/xmlsignaturehelper.cxx index f653248..bf80548 100644 --- a/xmlsecurity/source/helper/xmlsignaturehelper.cxx +++ b/xmlsecurity/source/helper/xmlsignaturehelper.cxx @@ -500,17 +500,11 @@ bool XMLSignatureHelper::CreateAndWriteOOXMLSignature(css::uno::Reference<css::e xSaxWriter->setOutputStream(xOutputStream); xSaxWriter->startDocument(); - SvXMLAttributeList* pAttributeList = new SvXMLAttributeList(); - pAttributeList->AddAttribute(ATTR_XMLNS, NS_XMLDSIG); - pAttributeList->AddAttribute(ATTR_ID, "idPackageSignature"); - xSaxWriter->startElement(TAG_SIGNATURE, uno::Reference<xml::sax::XAttributeList>(pAttributeList)); - mbError = false; uno::Reference<xml::sax::XDocumentHandler> xDocumentHandler(xSaxWriter, uno::UNO_QUERY); if (!mpXSecController->WriteOOXMLSignature(xDocumentHandler)) mbError = true; - xSaxWriter->endElement(TAG_SIGNATURE); xSaxWriter->endDocument(); return !mbError; diff --git a/xmlsecurity/source/helper/xsecctl.cxx b/xmlsecurity/source/helper/xsecctl.cxx index 0cd17a9..13c09af 100644 --- a/xmlsecurity/source/helper/xsecctl.cxx +++ b/xmlsecurity/source/helper/xsecctl.cxx @@ -995,6 +995,12 @@ static bool lcl_isOOXMLBlacklist(const OUString& rStreamName) void XSecController::exportOOXMLSignature(const uno::Reference<xml::sax::XDocumentHandler>& xDocumentHandler, const SignatureInformation& rInformation) { + { + rtl::Reference<SvXMLAttributeList> pAttributeList(new SvXMLAttributeList()); + pAttributeList->AddAttribute(ATTR_XMLNS, NS_XMLDSIG); + pAttributeList->AddAttribute(ATTR_ID, "idPackageSignature"); + xDocumentHandler->startElement(TAG_SIGNATURE, uno::Reference<xml::sax::XAttributeList>(pAttributeList.get())); + } xDocumentHandler->startElement(TAG_SIGNEDINFO, uno::Reference<xml::sax::XAttributeList>(new SvXMLAttributeList())); { @@ -1104,6 +1110,7 @@ void XSecController::exportOOXMLSignature(const uno::Reference<xml::sax::XDocume xDocumentHandler->startElement(TAG_OBJECT, uno::Reference<xml::sax::XAttributeList>(new SvXMLAttributeList())); xDocumentHandler->endElement(TAG_OBJECT); + xDocumentHandler->endElement(TAG_SIGNATURE); } SignatureInformation XSecController::getSignatureInformation( sal_Int32 nSecurityId ) const _______________________________________________ Libreoffice-commits mailing list [email protected] https://lists.freedesktop.org/mailman/listinfo/libreoffice-commits
