More XAdES work
Accept and store a set of EncapsulatedX509Certificate data for a
signature.
Change-Id: Iae69502bc8caa0287c8f6d6c352256bdda22406b
diff --git a/xmlsecurity/inc/sigstruct.hxx b/xmlsecurity/inc/sigstruct.hxx
index 85cf085..eb6180a 100644
--- a/xmlsecurity/inc/sigstruct.hxx
+++ b/xmlsecurity/inc/sigstruct.hxx
@@ -26,6 +26,7 @@
#include <com/sun/star/xml/crypto/DigestID.hpp>
#include <com/sun/star/uno/Sequence.hxx>
#include <set>
#include <vector>
/*
@@ -78,6 +79,9 @@ struct SignatureInformation
OUString ouSignatureValue;
css::util::DateTime stDateTime;
// XAdES EncapsulatedX509Certificate values
std::set<OUString> maEncapsulatedX509Certificates;
//We also keep the date and time as string. This is done when this
//structure is created as a result of a XML signature being read.
//When then a signature is added or another removed, then the original
diff --git a/xmlsecurity/source/helper/xsecctl.hxx b/xmlsecurity/source/helper/xsecctl.hxx
index 3271f45..18f335d 100644
--- a/xmlsecurity/source/helper/xsecctl.hxx
+++ b/xmlsecurity/source/helper/xsecctl.hxx
@@ -314,6 +314,8 @@ private:
void setDate( OUString& ouDate );
void setDescription(const OUString& rDescription);
void setCertDigest(const OUString& rCertDigest);
void addEncapsulatedX509Certificate(const OUString& rEncapsulatedX509Certificate);
public:
void setSignatureBytes(const css::uno::Sequence<sal_Int8>& rBytes);
diff --git a/xmlsecurity/source/helper/xsecparser.cxx b/xmlsecurity/source/helper/xsecparser.cxx
index bb2c097..5e8210c 100644
--- a/xmlsecurity/source/helper/xsecparser.cxx
+++ b/xmlsecurity/source/helper/xsecparser.cxx
@@ -1,4 +1,4 @@
/* -*- Mode: C++; tab-width: 4; indent-tabs-mode: nil; c-basic-offset: 4 -*- */
/* -*- Mode: C++; tab-width: 4; indent-tabs-mode: nil; c-basic-offset: 4; fill-column: 100 -*- */
/*
* This file is part of the LibreOffice project.
*
@@ -34,6 +34,7 @@ XSecParser::XSecParser(XSecController* pXSecController,
, m_bInX509SerialNumber(false)
, m_bInX509Certificate(false)
, m_bInCertDigest(false)
, m_bInEncapsulatedX509Certificate(false)
, m_bInDigestValue(false)
, m_bInSignatureValue(false)
, m_bInDate(false)
@@ -188,6 +189,16 @@ void SAL_CALL XSecParser::startElement(
m_ouCertDigest.clear();
m_bInCertDigest = true;
}
// FIXME: Existing code here in xmlsecurity uses "xd" as the namespace prefix for XAdES,
// while the sample document attached to tdf#76142 uses "xades". So accept either here. Of
// course this is idiotic and wrong, the right thing would be to use a proper way to parse
// XML that would handle namespaces correctly. I have no idea how substantial re-plumbing of
// this code that would require.
else if (aName == "xd:EncapsulatedX509Certificate" || aName == "xades:EncapsulatedX509Certificate")
{
m_ouEncapsulatedX509Certificate.clear();
m_bInEncapsulatedX509Certificate = true;
}
else if ( aName == "SignatureProperty" )
{
if (!ouIdAttr.isEmpty())
@@ -277,6 +288,11 @@ void SAL_CALL XSecParser::endElement( const OUString& aName )
m_pXSecController->setCertDigest( m_ouCertDigest );
m_bInX509Certificate = false;
}
else if (aName == "xd:EncapsulatedX509Certificate" || aName == "xades:EncapsulatedX509Certificate")
{
m_pXSecController->addEncapsulatedX509Certificate( m_ouEncapsulatedX509Certificate );
m_bInEncapsulatedX509Certificate = false;
}
else if (aName == "dc:date")
{
m_pXSecController->setDate( m_ouDate );
@@ -343,6 +359,10 @@ void SAL_CALL XSecParser::characters( const OUString& aChars )
{
m_ouCertDigest += aChars;
}
else if (m_bInEncapsulatedX509Certificate)
{
m_ouEncapsulatedX509Certificate += aChars;
}
if (m_xNextHandler.is())
{
diff --git a/xmlsecurity/source/helper/xsecparser.hxx b/xmlsecurity/source/helper/xsecparser.hxx
index 37d8789..c7a326b 100644
--- a/xmlsecurity/source/helper/xsecparser.hxx
+++ b/xmlsecurity/source/helper/xsecparser.hxx
@@ -58,6 +58,7 @@ private:
OUString m_ouX509SerialNumber;
OUString m_ouX509Certificate;
OUString m_ouCertDigest;
OUString m_ouEncapsulatedX509Certificate;
OUString m_ouDigestValue;
OUString m_ouSignatureValue;
OUString m_ouDate;
@@ -71,6 +72,7 @@ private:
bool m_bInX509SerialNumber;
bool m_bInX509Certificate;
bool m_bInCertDigest;
bool m_bInEncapsulatedX509Certificate;
bool m_bInDigestValue;
bool m_bInSignatureValue;
bool m_bInDate;
diff --git a/xmlsecurity/source/helper/xsecverify.cxx b/xmlsecurity/source/helper/xsecverify.cxx
index 2fcead5..7d5a2d8 100644
--- a/xmlsecurity/source/helper/xsecverify.cxx
+++ b/xmlsecurity/source/helper/xsecverify.cxx
@@ -294,6 +294,15 @@ void XSecController::setCertDigest(const OUString& rCertDigest)
rInformation.signatureInfor.ouCertDigest = rCertDigest;
}
void XSecController::addEncapsulatedX509Certificate(const OUString& rEncapsulatedX509Certificate)
{
if (m_vInternalSignatureInformations.empty())
return;
InternalSignatureInformation& rInformation = m_vInternalSignatureInformations.back();
rInformation.signatureInfor.maEncapsulatedX509Certificates.insert(rEncapsulatedX509Certificate);
}
void XSecController::setId( OUString& ouId )
{
if (m_vInternalSignatureInformations.empty())
