From 06564ccc3e2484553a23a2595d48b0ef3445497b Mon Sep 17 00:00:00 2001 From: Miklos Vajna Date: Fri, 4 Mar 2016 16:10:16 +0100 Subject: [PATCH] xmlsec1-noverify.patch Conflicts: src/nss/x509vfy.c --- src/mscrypto/x509vfy.c | 13 ++++++++++--- src/nss/x509vfy.c | 28 +++++++++++++++++++++------- 2 files changed, 31 insertions(+), 10 deletions(-) diff --git a/src/mscrypto/x509vfy.c b/src/mscrypto/x509vfy.c index 899cb6e..cf4cbb7 100644 --- a/src/mscrypto/x509vfy.c +++ b/src/mscrypto/x509vfy.c @@ -560,9 +560,16 @@ xmlSecMSCryptoX509StoreVerify(xmlSecKeyDataStorePtr store, HCERTSTORE certs, CertFreeCertificateContext(nextCert); } - if((selected == 1) && xmlSecMSCryptoX509StoreConstructCertsChain(store, cert, certs, keyInfoCtx)) { - return(cert); - } + /* JL: OpenOffice.org implements its own certificate verification routine. + The goal is to separate validation of the signature + and the certificate. For example, OOo could show that the document signature is valid, + but the certificate could not be verified. If we do not prevent the verification of + the certificate by libxmlsec and the verification fails, then the XML signature will not be + verified. This would happen, for example, if the root certificate is not installed. + */ +/* if((selected == 1) && xmlSecMSCryptoX509StoreConstructCertsChain(store, cert, certs, keyInfoCtx)) { */ + if (selected == 1) + return cert; } return (NULL); diff --git a/src/nss/x509vfy.c b/src/nss/x509vfy.c index 9e957fe..0edaa2d 100644 --- a/src/nss/x509vfy.c +++ b/src/nss/x509vfy.c @@ -211,13 +211,27 @@ xmlSecNssX509StoreVerify(xmlSecKeyDataStorePtr store, CERTCertList* certs, continue; } - status = CERT_VerifyCertificate(CERT_GetDefaultCertDB(), - cert, PR_FALSE, - (SECCertificateUsage)0, - timeboundary , NULL, NULL, NULL); - if (status == SECSuccess) { - break; - } + + /* + JL: OpenOffice.org implements its own certificate verification routine. + The goal is to separate validation of the signature + and the certificate. For example, OOo could show that the document signature is valid, + but the certificate could not be verified. If we do not prevent the verification of + the certificate by libxmlsec and the verification fails, then the XML signature may not be + verified. This would happen, for example, if the root certificate is not installed. + + status = CERT_VerifyCertificate(CERT_GetDefaultCertDB(), + cert, PR_FALSE, + (SECCertificateUsage)0, + timeboundary , NULL, NULL, NULL); + if (status == SECSuccess) { + break; + } + + */ + status = SECSuccess; + break; + } if (status == SECSuccess) { -- 2.6.6