diff options
author | sangwan.kwon <sangwan.kwon@samsung.com> | 2016-11-17 13:34:07 +0900 |
---|---|---|
committer | sangwan.kwon <sangwan.kwon@samsung.com> | 2016-11-21 13:42:50 +0900 |
commit | 76dec694c3e3d0d5f2376949b559a89040c5f60c (patch) | |
tree | df62dd93238b8a1a4273beca10fe5ac7763cbc31 | |
parent | efe10f531b0fb3d8a9959ba1027e5b51951aaef2 (diff) | |
download | cert-svc-76dec694c3e3d0d5f2376949b559a89040c5f60c.tar.gz cert-svc-76dec694c3e3d0d5f2376949b559a89040c5f60c.tar.bz2 cert-svc-76dec694c3e3d0d5f2376949b559a89040c5f60c.zip |
Fix checkListAll bug and seperate proxyCtxPtr
* Seperate proxyCtxPtr according to xmlsec1 changes.
* Related commit - xmlsec1
* [37ef959] Seperate proxyCtxPtr according to purpose
Change-Id: I7cf803653fb38e9a8c2c4f47e11987d2e91a5576
Signed-off-by: sangwan.kwon <sangwan.kwon@samsung.com>
-rw-r--r-- | src/vcore/XmlsecAdapter.cpp | 18 |
1 files changed, 13 insertions, 5 deletions
diff --git a/src/vcore/XmlsecAdapter.cpp b/src/vcore/XmlsecAdapter.cpp index 2eb1574..15d57c9 100644 --- a/src/vcore/XmlsecAdapter.cpp +++ b/src/vcore/XmlsecAdapter.cpp @@ -273,7 +273,8 @@ void XmlSec::validateFile(XmlSecContext &context, xmlSecKeysMngrPtr mngrPtr) fileOpenCallback, fileReadCallback, fileCloseCallback); - CustomPtr<xmlDocPtr> docPtr(xmlParseFile(context.signatureFile.c_str()), xmlFreeDoc); + CustomPtr<xmlDocPtr> docPtr(xmlParseFile(context.signatureFile.c_str()), + xmlFreeDoc); if (!docPtr || xmlDocGetRootElement(docPtr.get()) == nullptr) ThrowMsg(Exception::InvalidFormat, @@ -288,7 +289,12 @@ void XmlSec::validateFile(XmlSecContext &context, xmlSecKeysMngrPtr mngrPtr) ThrowMsg(Exception::InvalidFormat, "Start node not found in " << context.signatureFile); - CustomPtr<xmlSecDSigCtxPtr> dsigCtx(xmlSecDSigCtxCreate(mngrPtr), xmlSecDSigCtxDestroy); + CustomPtr<xmlSecDSigCtxPtr> dsigCtx(xmlSecDSigCtxCreate(mngrPtr), + [](xmlSecDSigCtxPtr dsigCtx) { + xmlSecProxyCtxDestroy(dsigCtx->skipReferences); + xmlSecProxyCtxDestroy(dsigCtx->checkReferences); + xmlSecDSigCtxDestroy(dsigCtx); + }); if (!dsigCtx) ThrowMsg(Exception::OutOfMemory, "Failed to create signature context."); @@ -308,7 +314,7 @@ void XmlSec::validateFile(XmlSecContext &context, xmlSecKeysMngrPtr mngrPtr) if (!strcmp(data.c_str(), "#prop")) continue; - if(xmlSecProxyCtxAdd(&(dsigCtx.get()->proxyCtxPtr), + if(xmlSecProxyCtxAdd(&(dsigCtx.get()->skipReferences), reinterpret_cast<const xmlChar *>(data.c_str()))) ThrowMsg(Exception::InternalError, "Failed to add proxy data."); @@ -332,14 +338,16 @@ void XmlSec::validateFile(XmlSecContext &context, xmlSecKeysMngrPtr mngrPtr) break; case ValidateMode::PARTIAL_HASH: { + if (context.isProxyMode) + dsigCtx.get()->flags |= XMLSEC_DSIG_FLAGS_SKIP_PROXY; + dsigCtx.get()->flags |= XMLSEC_DSIG_FLAGS_CHECK_PROXY; for (auto uri : *m_pList) { - if(xmlSecProxyCtxAdd(&(dsigCtx.get()->proxyCtxPtr), + if(xmlSecProxyCtxAdd(&(dsigCtx.get()->checkReferences), reinterpret_cast<const xmlChar *>(uri.c_str()))) ThrowMsg(Exception::InternalError, "PARTIAL_HASH mode failed."); } res = xmlSecDSigCtxVerify(dsigCtx.get(), node); - xmlSecProxyCtxDestroy(dsigCtx.get()->proxyCtxPtr); break; } |