xmlsecurity/source/component/documentdigitalsignatures.cxx | 11 ++++++++---
1 file changed, 8 insertions(+), 3 deletions(-)
New commits:
commit 3962a56378f4c82ad788c45c34ce82114efb10d2
Author: Miklos Vajna <vmik...@collabora.co.uk>
Date: Wed Jan 27 18:42:59 2016 +0100
xmlsecurity: OOXML never signs metadata, so that's not completely invalid
With this, we correctly show if an OOXML signature's metadata (e.g.
comment) is valid or not. The <Manifest> element is still not checked
yet, though -- and that contains the hashes of most interesting streams.
Change-Id: Idd9e5a9072820c517974e26536aaf8eb9f34948a
diff --git a/xmlsecurity/source/component/documentdigitalsignatures.cxx
b/xmlsecurity/source/component/documentdigitalsignatures.cxx
index 754f343..11eb85f 100644
--- a/xmlsecurity/source/component/documentdigitalsignatures.cxx
+++ b/xmlsecurity/source/component/documentdigitalsignatures.cxx
@@ -359,15 +359,20 @@ DocumentDigitalSignatures::ImplVerifySignatures(
rSigInfo.SignatureIsValid = ( rInfo.nStatus ==
::com::sun::star::xml::crypto::SecurityOperationStatus_OPERATION_SUCCEEDED );
- if ( rSigInfo.SignatureIsValid )
+ // OOXML intentionally doesn't sign metadata.
+ if ( rSigInfo.SignatureIsValid && aStreamHelper.nStorageFormat !=
embed::StorageFormats::OFOPXML)
{
rSigInfo.SignatureIsValid =
DocumentSignatureHelper::checkIfAllFilesAreSigned(
aElementsToBeVerified, rInfo, mode);
}
if (eMode == SignatureModeDocumentContent)
- rSigInfo.PartialDocumentSignature =
- !
DocumentSignatureHelper::isOOo3_2_Signature(aSignInfos[n]);
+ {
+ if (aStreamHelper.nStorageFormat ==
embed::StorageFormats::OFOPXML)
+ rSigInfo.PartialDocumentSignature = true;
+ else
+ rSigInfo.PartialDocumentSignature =
!DocumentSignatureHelper::isOOo3_2_Signature(aSignInfos[n]);
+ }
}
}
_______________________________________________
Libreoffice-commits mailing list
libreoffice-comm...@lists.freedesktop.org
http://lists.freedesktop.org/mailman/listinfo/libreoffice-commits
