diff options
author | Caolán McNamara <caolanm@redhat.com> | 2022-03-03 14:22:37 +0000 |
---|---|---|
committer | Michael Stahl <michael.stahl@allotropia.de> | 2022-03-11 15:50:21 +0100 |
commit | 2c8c221b88f2e2bb5b29a6c1bcce1ea75e98136a (patch) | |
tree | 0fc8d00704a173c7d36e2bf048a9dc2e52cf6b5c | |
parent | Fix Python deprecation warnings (diff) | |
download | core-2c8c221b88f2e2bb5b29a6c1bcce1ea75e98136a.tar.gz core-2c8c221b88f2e2bb5b29a6c1bcce1ea75e98136a.zip |
compare authors using Thumbprint
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/130929
Tested-by: Jenkins
Reviewed-by: Miklos Vajna <vmiklos@collabora.com>
(cherry picked from commit 65442205b5b274ad309308162f150f8d41648f72)
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/130866
Reviewed-by: Michael Stahl <michael.stahl@allotropia.de>
(cherry picked from commit a7aaa78acea4c1d51283c2fce54ff9f5339026f8)
Change-Id: I338f58eb07cbf0a3d13a7dafdaddac09252a8546
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/131368
Tested-by: Michael Stahl <michael.stahl@allotropia.de>
Reviewed-by: Michael Stahl <michael.stahl@allotropia.de>
-rw-r--r-- | xmlsecurity/source/component/documentdigitalsignatures.cxx | 13 |
1 files changed, 11 insertions, 2 deletions
diff --git a/xmlsecurity/source/component/documentdigitalsignatures.cxx b/xmlsecurity/source/component/documentdigitalsignatures.cxx index dc8d93ec8ec7..91103165ff83 100644 --- a/xmlsecurity/source/component/documentdigitalsignatures.cxx +++ b/xmlsecurity/source/component/documentdigitalsignatures.cxx @@ -616,8 +616,17 @@ sal_Bool DocumentDigitalSignatures::isAuthorTrusted( for ( ; pAuthors != pAuthorsEnd; ++pAuthors ) { SvtSecurityOptions::Certificate aAuthor = *pAuthors; - if (xmlsecurity::EqualDistinguishedNames(aAuthor[0], xAuthor->getIssuerName(), xmlsecurity::NOCOMPAT) - && (aAuthor[1] == sSerialNum)) + if (!xmlsecurity::EqualDistinguishedNames(aAuthor[0], xAuthor->getIssuerName(), xmlsecurity::NOCOMPAT)) + continue; + if (aAuthor[1] != sSerialNum) + continue; + + DocumentSignatureManager aSignatureManager(mxCtx, {}); + if (!aSignatureManager.init()) + return false; + uno::Reference<css::security::XCertificate> xCert = + aSignatureManager.getSecurityEnvironment()->createCertificateFromAscii(aAuthor[2]); + if (xCert->getSHA1Thumbprint() == xAuthor->getSHA1Thumbprint()) { bFound = true; break; |