diff options
author | sangwan.kwon <sangwan.kwon@samsung.com> | 2016-11-14 13:19:06 +0900 |
---|---|---|
committer | sangwan.kwon <sangwan.kwon@samsung.com> | 2016-11-17 16:26:40 +0900 |
commit | 37ef959520d171075d546e500dcd75a09f0ee507 (patch) | |
tree | 551cc91e4ff62bb0478e05f8b8f4b8945f6fc360 | |
parent | d58685dc63da77fbe88da9df7f7ec13575640263 (diff) | |
download | xmlsec1-37ef959520d171075d546e500dcd75a09f0ee507.tar.gz xmlsec1-37ef959520d171075d546e500dcd75a09f0ee507.tar.bz2 xmlsec1-37ef959520d171075d546e500dcd75a09f0ee507.zip |
Seperate proxyCtxPtr according to purpose
[ AS-IS ]
* proxyCtxPtr was used on both SKIP and CHECK references.
* It has problem when checkListAll() was called.
[ TO-BE ]
* Seperate proxyCtxPtr to skipReferences and checkReferences.
Change-Id: Ic5f0d1bd027ac0d017fe1828e4b5d22ba0861ecc
Signed-off-by: sangwan.kwon <sangwan.kwon@samsung.com>
-rw-r--r-- | include/xmlsec/xmldsig.h | 3 | ||||
-rw-r--r-- | src/xmldsig.c | 98 |
2 files changed, 67 insertions, 34 deletions
diff --git a/include/xmlsec/xmldsig.h b/include/xmlsec/xmldsig.h index 21f629a4..f00780a1 100644 --- a/include/xmlsec/xmldsig.h +++ b/include/xmlsec/xmldsig.h @@ -178,7 +178,8 @@ struct _xmlSecDSigCtx { xmlSecTransformId defDigestMethodId; /* TIZEN CUTUMIZED: these data user can set before performing the operation */ - xmlSecProxyCtxPtr proxyCtxPtr; + xmlSecProxyCtxPtr skipReferences; + xmlSecProxyCtxPtr checkReferences; /* these data are returned */ xmlSecKeyPtr signKey; diff --git a/src/xmldsig.c b/src/xmldsig.c index 61b3024a..658ff655 100644 --- a/src/xmldsig.c +++ b/src/xmldsig.c @@ -965,59 +965,91 @@ xmlSecDSigCtxProcessReferences(xmlSecDSigCtxPtr dsigCtx, xmlNodePtr firstReferen return(-1); } - /* TIZEN CUTUMIZED : check proxy context */ - int isInProxy = 0; - if(dsigCtx->proxyCtxPtr != NULL) { - xmlChar* refUri = xmlGetProp(cur, xmlSecAttrURI); - if(refUri == NULL) { + /* TIZEN CUTUMIZED : skip uri in proxy caches for proxy mode */ + if((dsigCtx->flags & XMLSEC_DSIG_FLAGS_SKIP_PROXY) != 0) { + + int isInProxy = 0; + if(dsigCtx->skipReferences != NULL) { + xmlChar* refUri = xmlGetProp(cur, xmlSecAttrURI); + if(refUri == NULL) { + xmlSecError(XMLSEC_ERRORS_HERE, + NULL, + NULL, + XMLSEC_ERRORS_R_INVALID_NODE_ATTRIBUTE, + "node=%s", + xmlSecErrorsSafeString(xmlSecNodeGetName(cur))); + return(-1); + } + + xmlSecProxyCtxPtr pc = dsigCtx->skipReferences; + while(pc != NULL) { + if(strncmp(refUri, pc->cache, xmlStrlen(refUri)) == 0) { + isInProxy = 1; + break; + } + pc = pc->next; + } + } else { + /* if proxy is not exist, process references */ xmlSecError(XMLSEC_ERRORS_HERE, NULL, NULL, - XMLSEC_ERRORS_R_INVALID_NODE_ATTRIBUTE, - "node=%s", - xmlSecErrorsSafeString(xmlSecNodeGetName(cur))); - return(-1); + XMLSEC_ERRORS_MAX_NUMBER, + "Proxy doesn't exist."); } - xmlSecProxyCtxPtr pc = dsigCtx->proxyCtxPtr; - while(pc != NULL) { - if(xmlSecDecodeCmp(refUri, pc->cache) == 0) { - isInProxy = 1; - break; - } - pc = pc->next; + if(isInProxy) { + xmlSecError(XMLSEC_ERRORS_HERE, + NULL, + NULL, + XMLSEC_ERRORS_MAX_NUMBER, + "[%s] is already checked by singature-validator.", + xmlGetProp(cur, xmlSecAttrURI)); + continue; } - } else { - /* if proxy is not exist, process references */ - xmlSecError(XMLSEC_ERRORS_HERE, - NULL, - NULL, - XMLSEC_ERRORS_MAX_NUMBER, - "Proxy doesn't exist."); } /* TIZEN CUTUMIZED : check uri only in proxy caches for partial mode */ if((dsigCtx->flags & XMLSEC_DSIG_FLAGS_CHECK_PROXY) != 0) { - /* if not exist on proxy, skip on processing references */ - if(isInProxy == 0) { + + int isInProxy = 0; + if(dsigCtx->checkReferences != NULL) { + + xmlChar* refUri = xmlGetProp(cur, xmlSecAttrURI); + if(refUri == NULL) { + xmlSecError(XMLSEC_ERRORS_HERE, + NULL, + NULL, + XMLSEC_ERRORS_R_INVALID_NODE_ATTRIBUTE, + "node=%s", + xmlSecErrorsSafeString(xmlSecNodeGetName(cur))); + return(-1); + } + + xmlSecProxyCtxPtr pc = dsigCtx->checkReferences; + while(pc != NULL) { + if(xmlSecDecodeCmp(refUri, pc->cache) == 0) { + isInProxy = 1; + break; + } + pc = pc->next; + } + } else { + /* if proxy is not exist, process references */ xmlSecError(XMLSEC_ERRORS_HERE, NULL, NULL, XMLSEC_ERRORS_MAX_NUMBER, - "Skip %s on processing references.", - xmlGetProp(cur, xmlSecAttrURI)); - continue; + "Proxy doesn't exist."); } - } - /* TIZEN CUTUMIZED : skip uri proxy caches for proxy-validator */ - if((dsigCtx->flags & XMLSEC_DSIG_FLAGS_SKIP_PROXY) != 0) { - if(isInProxy) { + /* if not exist on proxy, skip on processing references */ + if(isInProxy == 0) { xmlSecError(XMLSEC_ERRORS_HERE, NULL, NULL, XMLSEC_ERRORS_MAX_NUMBER, - "Already checked refs by proxy-validator : %s", + "Skip [%s] on processing references.", xmlGetProp(cur, xmlSecAttrURI)); continue; } |