diff options
author | Miklos Vajna <vmiklos@collabora.co.uk> | 2016-12-02 11:51:09 +0100 |
---|---|---|
committer | Miklos Vajna <vmiklos@collabora.co.uk> | 2016-12-02 13:16:54 +0000 |
commit | 61c81c4500e5d5849b43d3a9d3efdabba94d513b (patch) | |
tree | 94bff4a93b461875773983ce6d45f4203fd3d73f /xmlsecurity/source/helper/pdfsignaturehelper.cxx | |
parent | coverity#1394668 Inferred misuse of enum (diff) | |
download | core-61c81c4500e5d5849b43d3a9d3efdabba94d513b.tar.gz core-61c81c4500e5d5849b43d3a9d3efdabba94d513b.zip |
xmlsecurity PDF verify: don't hide signatures where digest match is uncertain
Use case: the bugdoc has 2 signatures, one normal one and one with
SubFilter=ETSI.RFC3161. By not hiding the second signature it's possible
to counter-sign the document, even if we don't handle the contents of
the second one.
Change-Id: I580e1211072ec9839f01b529b569c98b702b6534
Reviewed-on: https://gerrit.libreoffice.org/31539
Reviewed-by: Miklos Vajna <vmiklos@collabora.co.uk>
Tested-by: Jenkins <ci@libreoffice.org>
Diffstat (limited to 'xmlsecurity/source/helper/pdfsignaturehelper.cxx')
-rw-r--r-- | xmlsecurity/source/helper/pdfsignaturehelper.cxx | 3 |
1 files changed, 0 insertions, 3 deletions
diff --git a/xmlsecurity/source/helper/pdfsignaturehelper.cxx b/xmlsecurity/source/helper/pdfsignaturehelper.cxx index 2218129a9485..4218a8305ee4 100644 --- a/xmlsecurity/source/helper/pdfsignaturehelper.cxx +++ b/xmlsecurity/source/helper/pdfsignaturehelper.cxx @@ -56,10 +56,7 @@ bool PDFSignatureHelper::ReadAndVerifySignature(const uno::Reference<io::XInputS bool bLast = i == aSignatures.size() - 1; if (!xmlsecurity::pdfio::PDFDocument::ValidateSignature(*pStream, aSignatures[i], aInfo, bLast)) - { SAL_WARN("xmlsecurity.helper", "failed to determine digest match"); - continue; - } m_aSignatureInfos.push_back(aInfo); } |