diff options
Diffstat (limited to 'xmlsecurity/source')
5 files changed, 17 insertions, 0 deletions
diff --git a/xmlsecurity/source/gpg/SecurityEnvironment.hxx b/xmlsecurity/source/gpg/SecurityEnvironment.hxx index 83b4f38b41c8..262578682274 100644 --- a/xmlsecurity/source/gpg/SecurityEnvironment.hxx +++ b/xmlsecurity/source/gpg/SecurityEnvironment.hxx @@ -10,6 +10,9 @@ #pragma once #include <sal/config.h> + +#include <memory> + #include <rtl/ustring.hxx> #include <cppuhelper/implbase.hxx> diff --git a/xmlsecurity/source/helper/ooxmlsecparser.hxx b/xmlsecurity/source/helper/ooxmlsecparser.hxx index 4f11302ff765..9193d7b7e180 100644 --- a/xmlsecurity/source/helper/ooxmlsecparser.hxx +++ b/xmlsecurity/source/helper/ooxmlsecparser.hxx @@ -16,6 +16,7 @@ #include <xmloff/namespacemap.hxx> +#include <memory> #include <stack> class XSecController; diff --git a/xmlsecurity/source/helper/xsecparser.hxx b/xmlsecurity/source/helper/xsecparser.hxx index 86f6154ddc93..0e0ee8291f65 100644 --- a/xmlsecurity/source/helper/xsecparser.hxx +++ b/xmlsecurity/source/helper/xsecparser.hxx @@ -26,6 +26,7 @@ #include <xmloff/namespacemap.hxx> +#include <memory> #include <stack> class XMLSignatureHelper; diff --git a/xmlsecurity/source/xmlsec/mscrypt/xmlsignature_mscryptimpl.cxx b/xmlsecurity/source/xmlsec/mscrypt/xmlsignature_mscryptimpl.cxx index d9b8b1eace68..3abca3ae1659 100644 --- a/xmlsecurity/source/xmlsec/mscrypt/xmlsignature_mscryptimpl.cxx +++ b/xmlsecurity/source/xmlsec/mscrypt/xmlsignature_mscryptimpl.cxx @@ -22,6 +22,8 @@ #include <rtl/uuid.h> #include <xmlsec-wrapper.h> +#include <xmlsec/mscng/x509.h> + #include <com/sun/star/xml/crypto/SecurityOperationStatus.hpp> #include <com/sun/star/xml/crypto/XXMLSignature.hpp> @@ -233,6 +235,10 @@ SAL_CALL XMLSignature_MSCryptImpl::validate( // We do certificate verification ourselves. pDsigCtx->keyInfoReadCtx.flags |= XMLSEC_KEYINFO_FLAGS_X509DATA_DONT_VERIFY_CERTS; + // limit possible key data to valid X509 certificates only, no KeyValues + if (xmlSecPtrListAdd(&(pDsigCtx->keyInfoReadCtx.enabledKeyData), BAD_CAST xmlSecMSCngKeyDataX509GetKlass()) < 0) + throw RuntimeException("failed to limit allowed key data"); + //Verify signature //The documentation says that the signature is only valid if the return value is 0 (that is, not < 0) //AND pDsigCtx->status == xmlSecDSigStatusSucceeded. That is, we must not make any assumptions, if diff --git a/xmlsecurity/source/xmlsec/nss/xmlsignature_nssimpl.cxx b/xmlsecurity/source/xmlsec/nss/xmlsignature_nssimpl.cxx index b41d754f7407..975c17272dc7 100644 --- a/xmlsecurity/source/xmlsec/nss/xmlsignature_nssimpl.cxx +++ b/xmlsecurity/source/xmlsec/nss/xmlsignature_nssimpl.cxx @@ -20,6 +20,8 @@ #include <sal/config.h> #include <xmlsec-wrapper.h> +#include <xmlsec/nss/x509.h> + #include <xmlelementwrapper_xmlsecimpl.hxx> #include <xmlsec/xmlstreamio.hxx> #include <xmlsec/errorcallback.hxx> @@ -247,6 +249,10 @@ SAL_CALL XMLSignature_NssImpl::validate( // We do certificate verification ourselves. pDsigCtx->keyInfoReadCtx.flags |= XMLSEC_KEYINFO_FLAGS_X509DATA_DONT_VERIFY_CERTS; + // limit possible key data to valid X509 certificates only, no KeyValues + if (xmlSecPtrListAdd(&(pDsigCtx->keyInfoReadCtx.enabledKeyData), BAD_CAST xmlSecNssKeyDataX509GetKlass()) < 0) + throw RuntimeException("failed to limit allowed key data"); + //Verify signature int rs = xmlSecDSigCtxVerify( pDsigCtx.get() , pNode ); |