diff options
-rw-r--r-- | xmlsecurity/source/component/documentdigitalsignatures.cxx | 15 |
1 files changed, 12 insertions, 3 deletions
diff --git a/xmlsecurity/source/component/documentdigitalsignatures.cxx b/xmlsecurity/source/component/documentdigitalsignatures.cxx index 4852af7c1ad6..7143a1d82c0c 100644 --- a/xmlsecurity/source/component/documentdigitalsignatures.cxx +++ b/xmlsecurity/source/component/documentdigitalsignatures.cxx @@ -637,9 +637,18 @@ sal_Bool DocumentDigitalSignatures::isAuthorTrusted( Sequence< SvtSecurityOptions::Certificate > aTrustedAuthors = SvtSecurityOptions().GetTrustedAuthors(); return std::any_of(aTrustedAuthors.begin(), aTrustedAuthors.end(), - [&xAuthor, &sSerialNum](const SvtSecurityOptions::Certificate& rAuthor) { - return xmlsecurity::EqualDistinguishedNames(rAuthor[0], xAuthor->getIssuerName(), xmlsecurity::NOCOMPAT) - && ( rAuthor[1] == sSerialNum ); + [this, &xAuthor, &sSerialNum](const SvtSecurityOptions::Certificate& rAuthor) { + if (!xmlsecurity::EqualDistinguishedNames(rAuthor[0], xAuthor->getIssuerName(), xmlsecurity::NOCOMPAT)) + return false; + if (rAuthor[1] != sSerialNum) + return false; + + DocumentSignatureManager aSignatureManager(mxCtx, {}); + if (!aSignatureManager.init()) + return false; + uno::Reference<css::security::XCertificate> xCert = + aSignatureManager.getSecurityEnvironment()->createCertificateFromAscii(rAuthor[2]); + return xCert->getSHA1Thumbprint() == xAuthor->getSHA1Thumbprint(); }); } |