From ca6ab632a8f2dd5b45234f7af9b9f2b40690db89 Mon Sep 17 00:00:00 2001 From: Thorsten Behrens Date: Fri, 8 Sep 2017 02:45:30 +0200 Subject: gpg4libre: add sha512 support Change-Id: Ia5ef54e47e8528a33aba83ae2e317fac5cffb428 Reviewed-on: https://gerrit.libreoffice.org/42086 Tested-by: Jenkins Reviewed-by: Thorsten Behrens --- xmlsecurity/inc/xsecctl.hxx | 2 ++ xmlsecurity/source/helper/xsecctl.cxx | 36 ++++++++++++++++++++++-- xmlsecurity/source/helper/xsecparser.cxx | 8 ++++-- xmlsecurity/source/xmlsec/nss/nssinitializer.cxx | 7 +++++ 4 files changed, 49 insertions(+), 4 deletions(-) (limited to 'xmlsecurity') diff --git a/xmlsecurity/inc/xsecctl.hxx b/xmlsecurity/inc/xsecctl.hxx index ec2762665eda..5e8cdb6ccfe7 100644 --- a/xmlsecurity/inc/xsecctl.hxx +++ b/xmlsecurity/inc/xsecctl.hxx @@ -56,8 +56,10 @@ #define ALGO_C14N "http://www.w3.org/TR/2001/REC-xml-c14n-20010315" #define ALGO_RSASHA1 "http://www.w3.org/2000/09/xmldsig#rsa-sha1" #define ALGO_RSASHA256 "http://www.w3.org/2001/04/xmldsig-more#rsa-sha256" +#define ALGO_RSASHA512 "http://www.w3.org/2001/04/xmldsig-more#rsa-sha512" #define ALGO_XMLDSIGSHA1 "http://www.w3.org/2000/09/xmldsig#sha1" #define ALGO_XMLDSIGSHA256 "http://www.w3.org/2001/04/xmlenc#sha256" +#define ALGO_XMLDSIGSHA512 "http://www.w3.org/2001/04/xmlenc#sha512" #define ALGO_RELATIONSHIP "http://schemas.openxmlformats.org/package/2006/RelationshipTransform" class XSecParser; diff --git a/xmlsecurity/source/helper/xsecctl.cxx b/xmlsecurity/source/helper/xsecctl.cxx index 37fbb225c1f9..ad0744f54d27 100644 --- a/xmlsecurity/source/helper/xsecctl.cxx +++ b/xmlsecurity/source/helper/xsecctl.cxx @@ -50,6 +50,38 @@ namespace cssxc = com::sun::star::xml::crypto; namespace cssxs = com::sun::star::xml::sax; using namespace com::sun::star; +namespace +{ +OUString getDigestURI(sal_Int32 nID) +{ + switch( nID ) + { + case cssxc::DigestID::SHA1: + return OUString(ALGO_XMLDSIGSHA1); + case cssxc::DigestID::SHA256: + return OUString(ALGO_XMLDSIGSHA256); + case cssxc::DigestID::SHA512: + return OUString(ALGO_XMLDSIGSHA512); + default: + return OUString(ALGO_XMLDSIGSHA1); + } +} +OUString getSignatureURI(sal_Int32 nID) +{ + switch( nID ) + { + case cssxc::DigestID::SHA1: + return OUString(ALGO_RSASHA1); + case cssxc::DigestID::SHA256: + return OUString(ALGO_RSASHA256); + case cssxc::DigestID::SHA512: + return OUString(ALGO_RSASHA512); + default: + return OUString(ALGO_RSASHA1); + } +} +} + XSecController::XSecController( const cssu::Reference& rxCtx ) : mxCtx(rxCtx) , m_nNextSecurityId(1) @@ -633,7 +665,7 @@ void XSecController::exportSignature( // SignatureMethod:Algorithm should be the corresponding one. pAttributeList->AddAttribute( "Algorithm", - (vReferenceInfors[0].nDigestID == cssxc::DigestID::SHA1 ? OUString(ALGO_RSASHA1) : OUString(ALGO_RSASHA256))); + getSignatureURI(vReferenceInfors[0].nDigestID)); xDocumentHandler->startElement( "SignatureMethod", cssu::Reference< cssxs::XAttributeList > (pAttributeList) ); xDocumentHandler->endElement( "SignatureMethod" ); @@ -693,7 +725,7 @@ void XSecController::exportSignature( pAttributeList = new SvXMLAttributeList(); pAttributeList->AddAttribute( "Algorithm", - (refInfor.nDigestID == cssxc::DigestID::SHA1 ? OUString(ALGO_XMLDSIGSHA1) : OUString(ALGO_XMLDSIGSHA256))); + getDigestURI(refInfor.nDigestID)); xDocumentHandler->startElement( "DigestMethod", cssu::Reference< cssxs::XAttributeList > (pAttributeList) ); diff --git a/xmlsecurity/source/helper/xsecparser.cxx b/xmlsecurity/source/helper/xsecparser.cxx index bcab9811faf7..be6f0b7c3dd2 100644 --- a/xmlsecurity/source/helper/xsecparser.cxx +++ b/xmlsecurity/source/helper/xsecparser.cxx @@ -141,12 +141,16 @@ void SAL_CALL XSecParser::startElement( SAL_WARN_IF( ouAlgorithm.isEmpty(), "xmlsecurity.helper", "no Algorithm in Reference" ); if (!ouAlgorithm.isEmpty()) { - SAL_WARN_IF( ouAlgorithm != ALGO_XMLDSIGSHA1 && ouAlgorithm != ALGO_XMLDSIGSHA256, - "xmlsecurity.helper", "Algorithm neither SHA1 or SHA256"); + SAL_WARN_IF( ouAlgorithm != ALGO_XMLDSIGSHA1 + && ouAlgorithm != ALGO_XMLDSIGSHA256 + && ouAlgorithm != ALGO_XMLDSIGSHA512, + "xmlsecurity.helper", "Algorithm neither SHA1, SHA256 nor SHA512"); if (ouAlgorithm == ALGO_XMLDSIGSHA1) m_nReferenceDigestID = cssxc::DigestID::SHA1; else if (ouAlgorithm == ALGO_XMLDSIGSHA256) m_nReferenceDigestID = cssxc::DigestID::SHA256; + else if (ouAlgorithm == ALGO_XMLDSIGSHA512) + m_nReferenceDigestID = cssxc::DigestID::SHA512; } } else if (aName == "Transform") diff --git a/xmlsecurity/source/xmlsec/nss/nssinitializer.cxx b/xmlsecurity/source/xmlsec/nss/nssinitializer.cxx index e9ba525ff2f5..a996ce5d43f4 100644 --- a/xmlsecurity/source/xmlsec/nss/nssinitializer.cxx +++ b/xmlsecurity/source/xmlsec/nss/nssinitializer.cxx @@ -413,6 +413,13 @@ css::uno::Reference< css::xml::crypto::XDigestContext > SAL_CALL ONSSInitializer nDigestLength = 20; b1KData = ( nDigestID == css::xml::crypto::DigestID::SHA1_1K ); } + else if ( nDigestID == css::xml::crypto::DigestID::SHA512 + || nDigestID == css::xml::crypto::DigestID::SHA512_1K ) + { + nNSSDigestID = SEC_OID_SHA512; + nDigestLength = 64; + b1KData = ( nDigestID == css::xml::crypto::DigestID::SHA512_1K ); + } else throw css::lang::IllegalArgumentException("Unexpected digest requested.", css::uno::Reference< css::uno::XInterface >(), 1 ); -- cgit