diff options
| author | Miklos Vajna <vmiklos@collabora.co.uk> | 2016-01-05 10:12:36 +0100 |
|---|---|---|
| committer | Miklos Vajna <vmiklos@collabora.co.uk> | 2016-01-05 10:27:45 +0100 |
| commit | 075c7eceb0769b61d11a3857e33af1b2c6341bc5 (patch) | |
| tree | 09e625735e2881f5649749268c182d690b4ac0b6 /xmlsecurity | |
| parent | a968893e6afd3b79c6c048962373859cea75a77b (diff) | |
xmlsecurity: handle description in XSecController::prepareSignatureToWrite()
With this, if DigitalSignaturesDialog sets a signature description, then
that becomes part of the signed content. This is backwards-compatible in
two ways:
1) When the description is empty, the output is not changed.
2) When parsing, the description is optional: we only require that if
its hash is mentioned in the signed content, then the string matches its
hash; but omitting both the string and its hash is OK.
Change-Id: I82db5beea16bd325558a86201dc902d35543ed0a
Diffstat (limited to 'xmlsecurity')
| -rw-r--r-- | xmlsecurity/source/helper/xsecsign.cxx | 8 | ||||
| -rw-r--r-- | xmlsecurity/source/helper/xsecverify.cxx | 12 |
2 files changed, 19 insertions, 1 deletions
diff --git a/xmlsecurity/source/helper/xsecsign.cxx b/xmlsecurity/source/helper/xsecsign.cxx index 1106e1187a7c..25ba21eac237 100644 --- a/xmlsecurity/source/helper/xsecsign.cxx +++ b/xmlsecurity/source/helper/xsecsign.cxx @@ -168,6 +168,14 @@ cssu::Reference< cssxc::sax::XReferenceResolvedListener > XSecController::prepar internalSignatureInfor.addReference(TYPE_SAMEDOCUMENT_REFERENCE, internalSignatureInfor.signatureInfor.ouPropertyId, -1 ); size++; + if (!internalSignatureInfor.signatureInfor.ouDescription.isEmpty()) + { + // Only mention the hash of the description in the signature if it's non-empty. + internalSignatureInfor.signatureInfor.ouDescriptionPropertyId = createId(); + internalSignatureInfor.addReference(TYPE_SAMEDOCUMENT_REFERENCE, internalSignatureInfor.signatureInfor.ouDescriptionPropertyId, -1); + size++; + } + /* * replace both digestValues and signatueValue to " " */ diff --git a/xmlsecurity/source/helper/xsecverify.cxx b/xmlsecurity/source/helper/xsecverify.cxx index d41214e4be93..a3fa87ae4e41 100644 --- a/xmlsecurity/source/helper/xsecverify.cxx +++ b/xmlsecurity/source/helper/xsecverify.cxx @@ -290,7 +290,17 @@ void XSecController::setPropertyId( OUString& ouPropertyId ) return; } InternalSignatureInformation &isi = m_vInternalSignatureInformations.back(); - isi.signatureInfor.ouPropertyId = ouPropertyId; + + if (isi.signatureInfor.ouPropertyId.isEmpty()) + { + // <SignatureProperty> ID attribute is for the date. + isi.signatureInfor.ouPropertyId = ouPropertyId; + } + else + { + // <SignatureProperty> ID attribute is for the description. + isi.signatureInfor.ouDescriptionPropertyId = ouPropertyId; + } } /* public: for signature verify */ |