summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorsangwan.kwon <sangwan.kwon@samsung.com>2016-09-27 21:02:42 +0900
committersangwan.kwon <sangwan.kwon@samsung.com>2016-11-09 13:26:47 +0900
commitd58685dc63da77fbe88da9df7f7ec13575640263 (patch)
tree3b0d23a1196b0b4560f7efdf3f0b8984c12d7d43
parentdaf2259d9baccb7027b2037175f6e85badc1e426 (diff)
downloadxmlsec1-d58685dc63da77fbe88da9df7f7ec13575640263.tar.gz
xmlsec1-d58685dc63da77fbe88da9df7f7ec13575640263.tar.bz2
xmlsec1-d58685dc63da77fbe88da9df7f7ec13575640263.zip
Add flag and logic on xmldsig for proxy-validator
* Added flag : XMLSEC_DSIG_FLAGS_SKIP_PROXY Change-Id: I868067b163c83acfa52e5ad9486f73dd781f0cbc Signed-off-by: sangwan.kwon <sangwan.kwon@samsung.com>
-rw-r--r--include/xmlsec/xmldsig.h7
-rw-r--r--src/xmldsig.c73
2 files changed, 46 insertions, 34 deletions
diff --git a/include/xmlsec/xmldsig.h b/include/xmlsec/xmldsig.h
index 886bba98..21f629a4 100644
--- a/include/xmlsec/xmldsig.h
+++ b/include/xmlsec/xmldsig.h
@@ -109,6 +109,13 @@ typedef enum {
#define XMLSEC_DSIG_FLAGS_CHECK_PROXY 0x00000040
/** TIZEN CUSTUMIZED
+ * XMLSEC_DSIG_FLAGS_SKIP_PROXY:
+ *
+ * If this flag is set then xmlSecProxyCtx will not be processed.
+ */
+#define XMLSEC_DSIG_FLAGS_SKIP_PROXY 0x00000080
+
+/** TIZEN CUSTUMIZED
* @cache: the cache include reference uri for supporting partial mode.
* cache represented uri will be check on processing references.
* @next: the pointer to indicate linked node (xmlSecProxyCtx).
diff --git a/src/xmldsig.c b/src/xmldsig.c
index db33058e..61b3024a 100644
--- a/src/xmldsig.c
+++ b/src/xmldsig.c
@@ -965,53 +965,59 @@ xmlSecDSigCtxProcessReferences(xmlSecDSigCtxPtr dsigCtx, xmlNodePtr firstReferen
return(-1);
}
- /* TIZEN CUTUMIZED : check proxy caches for partial mode */
- if((dsigCtx->flags & XMLSEC_DSIG_FLAGS_CHECK_PROXY) != 0) {
- int isInProxy = 0;
- if(dsigCtx->proxyCtxPtr != NULL) {
- xmlChar* refUri = xmlGetProp(cur, xmlSecAttrURI);
- if(refUri == NULL) {
- xmlSecError(XMLSEC_ERRORS_HERE,
- NULL,
- NULL,
- XMLSEC_ERRORS_R_INVALID_NODE_ATTRIBUTE,
- "node=%s",
- xmlSecErrorsSafeString(xmlSecNodeGetName(cur)));
- return(-1);
- }
-
+ /* TIZEN CUTUMIZED : check proxy context */
+ int isInProxy = 0;
+ if(dsigCtx->proxyCtxPtr != NULL) {
+ xmlChar* refUri = xmlGetProp(cur, xmlSecAttrURI);
+ if(refUri == NULL) {
xmlSecError(XMLSEC_ERRORS_HERE,
NULL,
NULL,
- XMLSEC_ERRORS_MAX_NUMBER,
- "Start to search reference on proxy : %s.",
- refUri);
-
- xmlSecProxyCtxPtr pc = dsigCtx->proxyCtxPtr;
- while(pc != NULL) {
- if(xmlSecDecodeCmp(refUri, pc->cache) == 0) {
- isInProxy = 1;
- break;
- }
- pc = pc->next;
+ XMLSEC_ERRORS_R_INVALID_NODE_ATTRIBUTE,
+ "node=%s",
+ xmlSecErrorsSafeString(xmlSecNodeGetName(cur)));
+ return(-1);
+ }
+
+ xmlSecProxyCtxPtr pc = dsigCtx->proxyCtxPtr;
+ while(pc != NULL) {
+ if(xmlSecDecodeCmp(refUri, pc->cache) == 0) {
+ isInProxy = 1;
+ break;
}
- } else {
- /* if proxy is not exist, process references */
+ pc = pc->next;
+ }
+ } else {
+ /* if proxy is not exist, process references */
+ xmlSecError(XMLSEC_ERRORS_HERE,
+ NULL,
+ NULL,
+ XMLSEC_ERRORS_MAX_NUMBER,
+ "Proxy doesn't exist.");
+ }
+
+ /* TIZEN CUTUMIZED : check uri only in proxy caches for partial mode */
+ if((dsigCtx->flags & XMLSEC_DSIG_FLAGS_CHECK_PROXY) != 0) {
+ /* if not exist on proxy, skip on processing references */
+ if(isInProxy == 0) {
xmlSecError(XMLSEC_ERRORS_HERE,
NULL,
NULL,
XMLSEC_ERRORS_MAX_NUMBER,
- "Proxy doesn't exist.");
- isInProxy = 1;
+ "Skip %s on processing references.",
+ xmlGetProp(cur, xmlSecAttrURI));
+ continue;
}
+ }
- /* if not exist on proxy, skip on processing references */
- if(isInProxy == 0) {
+ /* TIZEN CUTUMIZED : skip uri proxy caches for proxy-validator */
+ if((dsigCtx->flags & XMLSEC_DSIG_FLAGS_SKIP_PROXY) != 0) {
+ if(isInProxy) {
xmlSecError(XMLSEC_ERRORS_HERE,
NULL,
NULL,
XMLSEC_ERRORS_MAX_NUMBER,
- "Skip %s on processing references.",
+ "Already checked refs by proxy-validator : %s",
xmlGetProp(cur, xmlSecAttrURI));
continue;
}
@@ -1063,7 +1069,6 @@ xmlSecDSigCtxProcessReferences(xmlSecDSigCtxPtr dsigCtx, xmlNodePtr firstReferen
return(0);
}
-
static int
xmlSecDSigCtxProcessKeyInfoNode(xmlSecDSigCtxPtr dsigCtx, xmlNodePtr node) {
int ret;