diff options
-rw-r--r-- | include/xmlsec/xmldsig.h | 3 | ||||
-rw-r--r-- | src/xmldsig.c | 98 |
2 files changed, 67 insertions, 34 deletions
diff --git a/include/xmlsec/xmldsig.h b/include/xmlsec/xmldsig.h index 21f629a4..f00780a1 100644 --- a/include/xmlsec/xmldsig.h +++ b/include/xmlsec/xmldsig.h @@ -178,7 +178,8 @@ struct _xmlSecDSigCtx { xmlSecTransformId defDigestMethodId; /* TIZEN CUTUMIZED: these data user can set before performing the operation */ - xmlSecProxyCtxPtr proxyCtxPtr; + xmlSecProxyCtxPtr skipReferences; + xmlSecProxyCtxPtr checkReferences; /* these data are returned */ xmlSecKeyPtr signKey; diff --git a/src/xmldsig.c b/src/xmldsig.c index 61b3024a..658ff655 100644 --- a/src/xmldsig.c +++ b/src/xmldsig.c @@ -965,59 +965,91 @@ xmlSecDSigCtxProcessReferences(xmlSecDSigCtxPtr dsigCtx, xmlNodePtr firstReferen return(-1); } - /* TIZEN CUTUMIZED : check proxy context */ - int isInProxy = 0; - if(dsigCtx->proxyCtxPtr != NULL) { - xmlChar* refUri = xmlGetProp(cur, xmlSecAttrURI); - if(refUri == NULL) { + /* TIZEN CUTUMIZED : skip uri in proxy caches for proxy mode */ + if((dsigCtx->flags & XMLSEC_DSIG_FLAGS_SKIP_PROXY) != 0) { + + int isInProxy = 0; + if(dsigCtx->skipReferences != NULL) { + xmlChar* refUri = xmlGetProp(cur, xmlSecAttrURI); + if(refUri == NULL) { + xmlSecError(XMLSEC_ERRORS_HERE, + NULL, + NULL, + XMLSEC_ERRORS_R_INVALID_NODE_ATTRIBUTE, + "node=%s", + xmlSecErrorsSafeString(xmlSecNodeGetName(cur))); + return(-1); + } + + xmlSecProxyCtxPtr pc = dsigCtx->skipReferences; + while(pc != NULL) { + if(strncmp(refUri, pc->cache, xmlStrlen(refUri)) == 0) { + isInProxy = 1; + break; + } + pc = pc->next; + } + } else { + /* if proxy is not exist, process references */ xmlSecError(XMLSEC_ERRORS_HERE, NULL, NULL, - XMLSEC_ERRORS_R_INVALID_NODE_ATTRIBUTE, - "node=%s", - xmlSecErrorsSafeString(xmlSecNodeGetName(cur))); - return(-1); + XMLSEC_ERRORS_MAX_NUMBER, + "Proxy doesn't exist."); } - xmlSecProxyCtxPtr pc = dsigCtx->proxyCtxPtr; - while(pc != NULL) { - if(xmlSecDecodeCmp(refUri, pc->cache) == 0) { - isInProxy = 1; - break; - } - pc = pc->next; + if(isInProxy) { + xmlSecError(XMLSEC_ERRORS_HERE, + NULL, + NULL, + XMLSEC_ERRORS_MAX_NUMBER, + "[%s] is already checked by singature-validator.", + xmlGetProp(cur, xmlSecAttrURI)); + continue; } - } else { - /* if proxy is not exist, process references */ - xmlSecError(XMLSEC_ERRORS_HERE, - NULL, - NULL, - XMLSEC_ERRORS_MAX_NUMBER, - "Proxy doesn't exist."); } /* TIZEN CUTUMIZED : check uri only in proxy caches for partial mode */ if((dsigCtx->flags & XMLSEC_DSIG_FLAGS_CHECK_PROXY) != 0) { - /* if not exist on proxy, skip on processing references */ - if(isInProxy == 0) { + + int isInProxy = 0; + if(dsigCtx->checkReferences != NULL) { + + xmlChar* refUri = xmlGetProp(cur, xmlSecAttrURI); + if(refUri == NULL) { + xmlSecError(XMLSEC_ERRORS_HERE, + NULL, + NULL, + XMLSEC_ERRORS_R_INVALID_NODE_ATTRIBUTE, + "node=%s", + xmlSecErrorsSafeString(xmlSecNodeGetName(cur))); + return(-1); + } + + xmlSecProxyCtxPtr pc = dsigCtx->checkReferences; + while(pc != NULL) { + if(xmlSecDecodeCmp(refUri, pc->cache) == 0) { + isInProxy = 1; + break; + } + pc = pc->next; + } + } else { + /* if proxy is not exist, process references */ xmlSecError(XMLSEC_ERRORS_HERE, NULL, NULL, XMLSEC_ERRORS_MAX_NUMBER, - "Skip %s on processing references.", - xmlGetProp(cur, xmlSecAttrURI)); - continue; + "Proxy doesn't exist."); } - } - /* TIZEN CUTUMIZED : skip uri proxy caches for proxy-validator */ - if((dsigCtx->flags & XMLSEC_DSIG_FLAGS_SKIP_PROXY) != 0) { - if(isInProxy) { + /* if not exist on proxy, skip on processing references */ + if(isInProxy == 0) { xmlSecError(XMLSEC_ERRORS_HERE, NULL, NULL, XMLSEC_ERRORS_MAX_NUMBER, - "Already checked refs by proxy-validator : %s", + "Skip [%s] on processing references.", xmlGetProp(cur, xmlSecAttrURI)); continue; } |