diff options
| -rw-r--r-- | package/source/zipapi/ZipFile.cxx | 16 | ||||
| -rw-r--r-- | xmlsecurity/source/xmlsec/nss/digestcontext.cxx | 19 | ||||
| -rw-r--r-- | xmlsecurity/source/xmlsec/nss/digestcontext.hxx | 7 | ||||
| -rw-r--r-- | xmlsecurity/source/xmlsec/nss/seinitializer_nssimpl.cxx | 13 |
4 files changed, 44 insertions, 11 deletions
diff --git a/package/source/zipapi/ZipFile.cxx b/package/source/zipapi/ZipFile.cxx index 03ecc90c17c3..b359f5a4f99d 100644 --- a/package/source/zipapi/ZipFile.cxx +++ b/package/source/zipapi/ZipFile.cxx @@ -415,6 +415,21 @@ uno::Reference< XInputStream > ZipFile::StaticGetDataFromRawStream( const uno::R return new XUnbufferedStream( xFactory, xStream, rData ); } +#if 0 +// for debugging purposes +void CheckSequence( const uno::Sequence< sal_Int8 >& aSequence ) +{ + if ( aSequence.getLength() ) + { + sal_Int32* pPointer = *( (sal_Int32**)&aSequence ); + sal_Int32 nSize = *( pPointer + 1 ); + sal_Int32 nMemSize = *( pPointer - 2 ); + sal_Int32 nUsedMemSize = ( nSize + 4 * sizeof( sal_Int32 ) ); + OSL_ENSURE( nSize == aSequence.getLength() && nUsedMemSize + 7 - ( nUsedMemSize - 1 ) % 8 == nMemSize, "Broken Sequence!" ); + } +} +#endif + sal_Bool ZipFile::StaticHasValidPassword( const uno::Reference< lang::XMultiServiceFactory >& xFactory, const Sequence< sal_Int8 > &aReadBuffer, const ::rtl::Reference< EncryptionData > &rData ) { if ( !rData.is() || !rData->m_aKey.getLength() ) @@ -435,7 +450,6 @@ sal_Bool ZipFile::StaticHasValidPassword( const uno::Reference< lang::XMultiServ { // decryption with padding will throw the exception in finalizing if the buffer represent only part of the stream // it is no problem, actually this is why we read 32 additional bytes ( two of maximal possible encryption blocks ) - OSL_ENSURE( aReadBuffer.getLength() == n_ConstDigestDecrypt, "Unexpected exception by decryption!" ); } if ( aDecryptBuffer2.getLength() ) diff --git a/xmlsecurity/source/xmlsec/nss/digestcontext.cxx b/xmlsecurity/source/xmlsec/nss/digestcontext.cxx index 17b700f1fd63..4b3a0d094bd9 100644 --- a/xmlsecurity/source/xmlsec/nss/digestcontext.cxx +++ b/xmlsecurity/source/xmlsec/nss/digestcontext.cxx @@ -52,12 +52,21 @@ void SAL_CALL ODigestContext::updateDigest( const uno::Sequence< ::sal_Int8 >& a if ( m_bDisposed ) throw lang::DisposedException(); - if ( PK11_DigestOp( m_pContext, reinterpret_cast< const unsigned char* >( aData.getConstArray() ), aData.getLength() ) != SECSuccess ) + if ( !m_b1KData || m_nDigested < 1024 ) { - PK11_DestroyContext( m_pContext, PR_TRUE ); - m_pContext = NULL; - m_bBroken = true; - throw uno::RuntimeException(); + uno::Sequence< sal_Int8 > aToDigest = aData; + if ( m_b1KData && m_nDigested + aData.getLength() > 1024 ) + aToDigest.realloc( 1024 - m_nDigested ); + + if ( PK11_DigestOp( m_pContext, reinterpret_cast< const unsigned char* >( aToDigest.getConstArray() ), aToDigest.getLength() ) != SECSuccess ) + { + PK11_DestroyContext( m_pContext, PR_TRUE ); + m_pContext = NULL; + m_bBroken = true; + throw uno::RuntimeException(); + } + + m_nDigested += aToDigest.getLength(); } } diff --git a/xmlsecurity/source/xmlsec/nss/digestcontext.hxx b/xmlsecurity/source/xmlsec/nss/digestcontext.hxx index 88b2063a84dc..8f9ef475a485 100644 --- a/xmlsecurity/source/xmlsec/nss/digestcontext.hxx +++ b/xmlsecurity/source/xmlsec/nss/digestcontext.hxx @@ -40,13 +40,18 @@ private: PK11Context* m_pContext; sal_Int32 m_nDigestLength; + bool m_b1KData; + sal_Int32 m_nDigested; + bool m_bDisposed; bool m_bBroken; public: - ODigestContext( PK11Context* pContext, sal_Int32 nDigestLength ) + ODigestContext( PK11Context* pContext, sal_Int32 nDigestLength, bool b1KData ) : m_pContext( pContext ) , m_nDigestLength( nDigestLength ) + , m_b1KData( b1KData ) + , m_nDigested( 0 ) , m_bDisposed( false ) , m_bBroken( false ) {} diff --git a/xmlsecurity/source/xmlsec/nss/seinitializer_nssimpl.cxx b/xmlsecurity/source/xmlsec/nss/seinitializer_nssimpl.cxx index 81fe6857bf75..2cccd079f8e5 100644 --- a/xmlsecurity/source/xmlsec/nss/seinitializer_nssimpl.cxx +++ b/xmlsecurity/source/xmlsec/nss/seinitializer_nssimpl.cxx @@ -455,15 +455,20 @@ css::uno::Reference< css::xml::crypto::XDigestContext > SAL_CALL SEInitializer_N { SECOidTag nNSSDigestID = SEC_OID_UNKNOWN; sal_Int32 nDigestLength = 0; - if ( nDigestID == css::xml::crypto::DigestID::SHA256 ) + bool b1KData = false; + if ( nDigestID == css::xml::crypto::DigestID::SHA256 + || nDigestID == css::xml::crypto::DigestID::SHA256_1K ) { nNSSDigestID = SEC_OID_SHA256; nDigestLength = 32; + b1KData = ( nDigestID == css::xml::crypto::DigestID::SHA256_1K ); } - else if ( nDigestID != css::xml::crypto::DigestID::SHA1 ) + else if ( nDigestID == css::xml::crypto::DigestID::SHA1 + || nDigestID == css::xml::crypto::DigestID::SHA1_1K ) { nNSSDigestID = SEC_OID_SHA1; - nDigestLength = 16; + nDigestLength = 20; + b1KData = ( nDigestID == css::xml::crypto::DigestID::SHA1_1K ); } else throw css::lang::IllegalArgumentException( ::rtl::OUString( RTL_CONSTASCII_USTRINGPARAM( "Unexpected digest requested." ) ), css::uno::Reference< css::uno::XInterface >(), 1 ); @@ -476,7 +481,7 @@ css::uno::Reference< css::xml::crypto::XDigestContext > SAL_CALL SEInitializer_N { PK11Context* pContext = PK11_CreateDigestContext( nNSSDigestID ); if ( pContext && PK11_DigestBegin( pContext ) == SECSuccess ) - xResult = new ODigestContext( pContext, nDigestLength ); + xResult = new ODigestContext( pContext, nDigestLength, b1KData ); } return xResult; |