diff options
| author | Miklos Vajna <vmiklos@collabora.co.uk> | 2016-01-27 17:08:01 +0100 |
|---|---|---|
| committer | Miklos Vajna <vmiklos@collabora.co.uk> | 2016-01-27 17:26:07 +0100 |
| commit | c6967f6d1889e08bcd1d206d2b28a598f812641d (patch) | |
| tree | 9a36098d1d611db405672315b8a232ce7c0fb40a /external | |
| parent | e734c7f53cfffa6141e6b46c06825ee273e2136b (diff) | |
tdf#76142 libxmlsec: fix xmlSecNssDigestVerify() for SHA-256
With this, SfxObjectShell_Impl::showBrokenSignatureWarning() is no
longer triggered for the SHA-256 bugdoc.
Change-Id: I7a2c5c8517c757e2983f57a3a5908abb941e7a04
Diffstat (limited to 'external')
| -rw-r--r-- | external/libxmlsec/xmlsec1-nss-sha256.patch.1 | 31 |
1 files changed, 26 insertions, 5 deletions
diff --git a/external/libxmlsec/xmlsec1-nss-sha256.patch.1 b/external/libxmlsec/xmlsec1-nss-sha256.patch.1 index af5b95698f85..051f0d55a2a0 100644 --- a/external/libxmlsec/xmlsec1-nss-sha256.patch.1 +++ b/external/libxmlsec/xmlsec1-nss-sha256.patch.1 @@ -1,4 +1,4 @@ -From 0e343965d4c84480207a90d5a83dacfb826be386 Mon Sep 17 00:00:00 2001 +From 04101dc871b13cba28d520fd00caf2d96b2e4c72 Mon Sep 17 00:00:00 2001 From: Miklos Vajna <vmiklos@collabora.co.uk> Date: Mon, 25 Jan 2016 11:24:01 +0100 Subject: [PATCH] NSS glue layer: add SHA-256 support @@ -7,8 +7,8 @@ Subject: [PATCH] NSS glue layer: add SHA-256 support include/xmlsec/nss/crypto.h | 25 ++++++++++++++++++++ src/nss/crypto.c | 4 ++++ src/nss/digests.c | 57 +++++++++++++++++++++++++++++++++++++++++++++ - src/nss/signatures.c | 44 ++++++++++++++++++++++++++++++++++ - 4 files changed, 130 insertions(+) + src/nss/signatures.c | 51 ++++++++++++++++++++++++++++++++++++++++ + 4 files changed, 137 insertions(+) diff --git a/include/xmlsec/nss/crypto.h b/include/xmlsec/nss/crypto.h index 42ba6ca..707f8d9 100644 @@ -157,10 +157,31 @@ index 5a1db91..0c4657c 100644 diff --git a/src/nss/signatures.c b/src/nss/signatures.c -index 3c9639c..c9afa4e 100644 +index 3c9639c..fb58403 100644 --- a/src/nss/signatures.c +++ b/src/nss/signatures.c -@@ -545,6 +545,50 @@ xmlSecNssTransformRsaSha1GetKlass(void) { +@@ -87,6 +87,9 @@ xmlSecNssSignatureCheckId(xmlSecTransformPtr transform) { + if(xmlSecTransformCheckId(transform, xmlSecNssTransformRsaSha1Id)) { + return(1); + } ++ if(xmlSecTransformCheckId(transform, xmlSecNssTransformRsaSha256Id)) { ++ return(1); ++ } + #endif /* XMLSEC_NO_RSA */ + + return(0); +@@ -123,6 +126,10 @@ xmlSecNssSignatureInitialize(xmlSecTransformPtr transform) { + ctx->keyId = xmlSecNssKeyDataRsaId; + ctx->alg = SEC_OID_PKCS1_SHA1_WITH_RSA_ENCRYPTION; + } else ++ if(xmlSecTransformCheckId(transform, xmlSecNssTransformRsaSha256Id)) { ++ ctx->keyId = xmlSecNssKeyDataRsaId; ++ ctx->alg = SEC_OID_PKCS1_SHA256_WITH_RSA_ENCRYPTION; ++ } else + #endif /* XMLSEC_NO_RSA */ + if(1) { + xmlSecError(XMLSEC_ERRORS_HERE, +@@ -545,6 +552,50 @@ xmlSecNssTransformRsaSha1GetKlass(void) { return(&xmlSecNssRsaSha1Klass); } |