diff options
| author | Caolán McNamara <caolanm@redhat.com> | 2022-03-03 14:22:37 +0000 |
|---|---|---|
| committer | Michael Stahl <michael.stahl@allotropia.de> | 2022-03-11 15:48:16 +0100 |
| commit | 0ce93b38af84453aba8002c098ac168b0fadfc97 (patch) | |
| tree | 20ff71fdb1f85e58ba0f174accd9805f43701ca8 /xmlsecurity | |
| parent | 66a15ffedf2e41b25d06a61542434da2948dd4d8 (diff) | |
compare authors using Thumbprint
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/130929
Tested-by: Jenkins
Reviewed-by: Miklos Vajna <vmiklos@collabora.com>
(cherry picked from commit 65442205b5b274ad309308162f150f8d41648f72)
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/130866
Reviewed-by: Michael Stahl <michael.stahl@allotropia.de>
(cherry picked from commit a7aaa78acea4c1d51283c2fce54ff9f5339026f8)
Change-Id: I338f58eb07cbf0a3d13a7dafdaddac09252a8546
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/131368
Tested-by: Michael Stahl <michael.stahl@allotropia.de>
Reviewed-by: Michael Stahl <michael.stahl@allotropia.de>
Diffstat (limited to 'xmlsecurity')
| -rw-r--r-- | xmlsecurity/source/component/documentdigitalsignatures.cxx | 15 |
1 files changed, 12 insertions, 3 deletions
diff --git a/xmlsecurity/source/component/documentdigitalsignatures.cxx b/xmlsecurity/source/component/documentdigitalsignatures.cxx index 52705860e053..19ceffcd84cf 100644 --- a/xmlsecurity/source/component/documentdigitalsignatures.cxx +++ b/xmlsecurity/source/component/documentdigitalsignatures.cxx @@ -636,9 +636,18 @@ sal_Bool DocumentDigitalSignatures::isAuthorTrusted( Sequence< SvtSecurityOptions::Certificate > aTrustedAuthors = SvtSecurityOptions().GetTrustedAuthors(); return std::any_of(aTrustedAuthors.begin(), aTrustedAuthors.end(), - [&xAuthor, &sSerialNum](const SvtSecurityOptions::Certificate& rAuthor) { - return xmlsecurity::EqualDistinguishedNames(rAuthor[0], xAuthor->getIssuerName(), xmlsecurity::NOCOMPAT) - && ( rAuthor[1] == sSerialNum ); + [this, &xAuthor, &sSerialNum](const SvtSecurityOptions::Certificate& rAuthor) { + if (!xmlsecurity::EqualDistinguishedNames(rAuthor[0], xAuthor->getIssuerName(), xmlsecurity::NOCOMPAT)) + return false; + if (rAuthor[1] != sSerialNum) + return false; + + DocumentSignatureManager aSignatureManager(mxCtx, {}); + if (!aSignatureManager.init()) + return false; + uno::Reference<css::security::XCertificate> xCert = + aSignatureManager.getSecurityEnvironment()->createCertificateFromAscii(rAuthor[2]); + return xCert->getSHA1Thumbprint() == xAuthor->getSHA1Thumbprint(); }); } |