xmlsecurity PDF signing: fix byte range check for multiple signatures

We can mandate that the byte range end is the end of the file for the
last signature only.

With this, signing a previously unsigned file multiple times works, so
add a matching testcase for that as well.

Change-Id: I8fe5482890fca4dab8da6305aa7fc7f60df612d8

1 files changed, 6 insertions, 2 deletions

diff --git a/xmlsecurity/inc/pdfio/pdfdocument.hxx b/xmlsecurity/inc/pdfio/pdfdocument.hxx
index 59c7f5dd6079..f42350ac5a20 100644
--- a/xmlsecurity/inc/pdfio/pdfdocument.hxx
+++ b/xmlsecurity/inc/pdfio/pdfdocument.hxx
@@ -88,8 +88,12 @@ public:
     /// Serializes the contents of the edit buffer.
     bool Write(SvStream& rStream);
     std::vector<PDFObjectElement*> GetSignatureWidgets();
-    /// Return value is about if we can determine a result, rInformation is about the actual result.
-    static bool ValidateSignature(SvStream& rStream, PDFObjectElement* pSignature, SignatureInformation& rInformation);
+    /**
+     * @param rInformation The actual result.
+     * @param bLast If this is the last signature in the file, so it covers the whole file physically.
+     * @return If we can determinate a result.
+     */
+    static bool ValidateSignature(SvStream& rStream, PDFObjectElement* pSignature, SignatureInformation& rInformation, bool bLast);
     /// Remove the nth signature from read document in the edit buffer.
     bool RemoveSignature(size_t nPosition);
 };