diff options
author | Miklos Vajna <vmiklos@collabora.co.uk> | 2017-06-20 21:47:38 +0200 |
---|---|---|
committer | Miklos Vajna <vmiklos@collabora.co.uk> | 2017-06-21 09:05:14 +0200 |
commit | 9752eccdd06f6695ec4f173ea93cada65063d1f0 (patch) | |
tree | b190136a65303ad5ace6400e49ecda7042391e70 /xmlsecurity/source/xmlsec/nss/securityenvironment_nssimpl.hxx | |
parent | 18f513145477d4621290253d936dad7a40ee4c05 (diff) |
xmlsecurity nss: adopt the private key of the signing certificate explicitly
xmlsec1-customkeymanage.patch.1 of our bundled xmlsec extends
xmlSecNssKeyDataX509VerifyAndExtractKey(), so that it calls
xmlSecNssPKIAdoptKey() for the private key of the signing certificate.
Make this explicit in xmlsecurity/ code, so we don't depend on the
patched xmlSecNssKeyDataX509VerifyAndExtractKey().
This is harmless for the patched xmlsec, but it prevents this error:
warn:xmlsecurity.xmlsec:26221:1:xmlsecurity/source/xmlsec/errorcallback.cxx:48: keys.c:1246: xmlSecKeysMngrGetKey() '' 'xmlSecKeysMngrFindKey' 1 ' '
warn:xmlsecurity.xmlsec:26221:1:xmlsecurity/source/xmlsec/errorcallback.cxx:48: xmldsig.c:790: xmlSecDSigCtxProcessKeyInfoNode() '' '' 45 'details=NULL'
warn:xmlsecurity.xmlsec:26221:1:xmlsecurity/source/xmlsec/errorcallback.cxx:48: xmldsig.c:503: xmlSecDSigCtxProcessSignatureNode() '' 'xmlSecDSigCtxProcessKeyInfoNode' 1 ' '
warn:xmlsecurity.xmlsec:26221:1:xmlsecurity/source/xmlsec/errorcallback.cxx:48: xmldsig.c:286: xmlSecDSigCtxSign() '' 'xmlSecDSigCtxSignatureProcessNode' 1 ' '
when xmlsec is not patched.
(This is needed, but not enough to build against system xmlsec.)
Change-Id: I5d68a8be7aefcb529566213f9b9c2985eab6a80a
Reviewed-on: https://gerrit.libreoffice.org/39023
Reviewed-by: Miklos Vajna <vmiklos@collabora.co.uk>
Tested-by: Jenkins <ci@libreoffice.org>
Diffstat (limited to 'xmlsecurity/source/xmlsec/nss/securityenvironment_nssimpl.hxx')
-rw-r--r-- | xmlsecurity/source/xmlsec/nss/securityenvironment_nssimpl.hxx | 2 |
1 files changed, 2 insertions, 0 deletions
diff --git a/xmlsecurity/source/xmlsec/nss/securityenvironment_nssimpl.hxx b/xmlsecurity/source/xmlsec/nss/securityenvironment_nssimpl.hxx index 5b0e8920abd2..46aba7bc0990 100644 --- a/xmlsecurity/source/xmlsec/nss/securityenvironment_nssimpl.hxx +++ b/xmlsecurity/source/xmlsec/nss/securityenvironment_nssimpl.hxx @@ -54,6 +54,8 @@ private: std::list< PK11SlotInfo* > m_Slots; typedef std::list< PK11SlotInfo* >::const_iterator CIT_SLOTS; + /// The last used certificate which has the private key for signing. + css::uno::Reference<css::security::XCertificate> m_xSigningCertificate; osl::Mutex m_mutex; |