summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--include/xmlsec/xmldsig.h3
-rw-r--r--src/xmldsig.c98
2 files changed, 67 insertions, 34 deletions
diff --git a/include/xmlsec/xmldsig.h b/include/xmlsec/xmldsig.h
index 21f629a4..f00780a1 100644
--- a/include/xmlsec/xmldsig.h
+++ b/include/xmlsec/xmldsig.h
@@ -178,7 +178,8 @@ struct _xmlSecDSigCtx {
xmlSecTransformId defDigestMethodId;
/* TIZEN CUTUMIZED: these data user can set before performing the operation */
- xmlSecProxyCtxPtr proxyCtxPtr;
+ xmlSecProxyCtxPtr skipReferences;
+ xmlSecProxyCtxPtr checkReferences;
/* these data are returned */
xmlSecKeyPtr signKey;
diff --git a/src/xmldsig.c b/src/xmldsig.c
index 61b3024a..658ff655 100644
--- a/src/xmldsig.c
+++ b/src/xmldsig.c
@@ -965,59 +965,91 @@ xmlSecDSigCtxProcessReferences(xmlSecDSigCtxPtr dsigCtx, xmlNodePtr firstReferen
return(-1);
}
- /* TIZEN CUTUMIZED : check proxy context */
- int isInProxy = 0;
- if(dsigCtx->proxyCtxPtr != NULL) {
- xmlChar* refUri = xmlGetProp(cur, xmlSecAttrURI);
- if(refUri == NULL) {
+ /* TIZEN CUTUMIZED : skip uri in proxy caches for proxy mode */
+ if((dsigCtx->flags & XMLSEC_DSIG_FLAGS_SKIP_PROXY) != 0) {
+
+ int isInProxy = 0;
+ if(dsigCtx->skipReferences != NULL) {
+ xmlChar* refUri = xmlGetProp(cur, xmlSecAttrURI);
+ if(refUri == NULL) {
+ xmlSecError(XMLSEC_ERRORS_HERE,
+ NULL,
+ NULL,
+ XMLSEC_ERRORS_R_INVALID_NODE_ATTRIBUTE,
+ "node=%s",
+ xmlSecErrorsSafeString(xmlSecNodeGetName(cur)));
+ return(-1);
+ }
+
+ xmlSecProxyCtxPtr pc = dsigCtx->skipReferences;
+ while(pc != NULL) {
+ if(strncmp(refUri, pc->cache, xmlStrlen(refUri)) == 0) {
+ isInProxy = 1;
+ break;
+ }
+ pc = pc->next;
+ }
+ } else {
+ /* if proxy is not exist, process references */
xmlSecError(XMLSEC_ERRORS_HERE,
NULL,
NULL,
- XMLSEC_ERRORS_R_INVALID_NODE_ATTRIBUTE,
- "node=%s",
- xmlSecErrorsSafeString(xmlSecNodeGetName(cur)));
- return(-1);
+ XMLSEC_ERRORS_MAX_NUMBER,
+ "Proxy doesn't exist.");
}
- xmlSecProxyCtxPtr pc = dsigCtx->proxyCtxPtr;
- while(pc != NULL) {
- if(xmlSecDecodeCmp(refUri, pc->cache) == 0) {
- isInProxy = 1;
- break;
- }
- pc = pc->next;
+ if(isInProxy) {
+ xmlSecError(XMLSEC_ERRORS_HERE,
+ NULL,
+ NULL,
+ XMLSEC_ERRORS_MAX_NUMBER,
+ "[%s] is already checked by singature-validator.",
+ xmlGetProp(cur, xmlSecAttrURI));
+ continue;
}
- } else {
- /* if proxy is not exist, process references */
- xmlSecError(XMLSEC_ERRORS_HERE,
- NULL,
- NULL,
- XMLSEC_ERRORS_MAX_NUMBER,
- "Proxy doesn't exist.");
}
/* TIZEN CUTUMIZED : check uri only in proxy caches for partial mode */
if((dsigCtx->flags & XMLSEC_DSIG_FLAGS_CHECK_PROXY) != 0) {
- /* if not exist on proxy, skip on processing references */
- if(isInProxy == 0) {
+
+ int isInProxy = 0;
+ if(dsigCtx->checkReferences != NULL) {
+
+ xmlChar* refUri = xmlGetProp(cur, xmlSecAttrURI);
+ if(refUri == NULL) {
+ xmlSecError(XMLSEC_ERRORS_HERE,
+ NULL,
+ NULL,
+ XMLSEC_ERRORS_R_INVALID_NODE_ATTRIBUTE,
+ "node=%s",
+ xmlSecErrorsSafeString(xmlSecNodeGetName(cur)));
+ return(-1);
+ }
+
+ xmlSecProxyCtxPtr pc = dsigCtx->checkReferences;
+ while(pc != NULL) {
+ if(xmlSecDecodeCmp(refUri, pc->cache) == 0) {
+ isInProxy = 1;
+ break;
+ }
+ pc = pc->next;
+ }
+ } else {
+ /* if proxy is not exist, process references */
xmlSecError(XMLSEC_ERRORS_HERE,
NULL,
NULL,
XMLSEC_ERRORS_MAX_NUMBER,
- "Skip %s on processing references.",
- xmlGetProp(cur, xmlSecAttrURI));
- continue;
+ "Proxy doesn't exist.");
}
- }
- /* TIZEN CUTUMIZED : skip uri proxy caches for proxy-validator */
- if((dsigCtx->flags & XMLSEC_DSIG_FLAGS_SKIP_PROXY) != 0) {
- if(isInProxy) {
+ /* if not exist on proxy, skip on processing references */
+ if(isInProxy == 0) {
xmlSecError(XMLSEC_ERRORS_HERE,
NULL,
NULL,
XMLSEC_ERRORS_MAX_NUMBER,
- "Already checked refs by proxy-validator : %s",
+ "Skip [%s] on processing references.",
xmlGetProp(cur, xmlSecAttrURI));
continue;
}