From cde8ff37deb66bb879b1a8b761c7b9d28a715116 Mon Sep 17 00:00:00 2001 From: "sangwan.kwon" Date: Fri, 30 Sep 2016 17:59:03 +0900 Subject: [PATCH] Fix checkList bug on partial validate * This commit is related with xmlsec1 changes [xmlsec1 commit] * msg: Add xmlSecProxyCtx and refactor custumized code Change-Id: I59141b41e324c3d37318e8ba88e4374d6aa7e780 Signed-off-by: sangwan.kwon --- src/vcore/XmlsecAdapter.cpp | 25 ++++++++++++++----------- src/vcore/XmlsecAdapter.h | 3 ++- 2 files changed, 16 insertions(+), 12 deletions(-) diff --git a/src/vcore/XmlsecAdapter.cpp b/src/vcore/XmlsecAdapter.cpp index 1694f2e..7725e69 100644 --- a/src/vcore/XmlsecAdapter.cpp +++ b/src/vcore/XmlsecAdapter.cpp @@ -16,7 +16,8 @@ /* * @file XmlsecAdapter.cpp * @author Bartlomiej Grzelewski (b.grzelewski@samsung.com) - * @version 2.0 + * @author Sangwan Kwon (sangwan.kwon@samsung.com) + * @version 2.1 * @brief */ #include @@ -303,23 +304,25 @@ void XmlSec::validateFile(XmlSecContext &context, xmlSecKeysMngrPtr mngrPtr) int res; switch (m_mode) { - case ValidateMode::NORMAL: + case ValidateMode::NORMAL: { res = xmlSecDSigCtxVerify(dsigCtx.get(), node); break; + } case ValidateMode::NO_HASH: - res = xmlSecDSigCtxVerifyEx(dsigCtx.get(), node, 1, nullptr); + dsigCtx.get()->flags |= XMLSEC_DSIG_FLAGS_IGNORE_REFERENCES; + res = xmlSecDSigCtxVerify(dsigCtx.get(), node); break; case ValidateMode::PARTIAL_HASH: { - size_t n = m_pList->size(); - const char *pList[n + 1] = {0}; - size_t i = 0; - - for (auto uri : *m_pList) - pList[i++] = uri.c_str(); - - res = xmlSecDSigCtxVerifyEx(dsigCtx.get(), node, 0, pList); + dsigCtx.get()->flags |= XMLSEC_DSIG_FLAGS_CHECK_PROXY; + for (auto uri : *m_pList) { + if(xmlSecProxyCtxAdd(&(dsigCtx.get()->proxyCtxPtr), + reinterpret_cast(uri.c_str()))) + ThrowMsg(Exception::InternalError, "PARTIAL_HASH mode failed."); + } + res = xmlSecDSigCtxVerify(dsigCtx.get(), node); + xmlSecProxyCtxDestroy(dsigCtx.get()->proxyCtxPtr); break; } diff --git a/src/vcore/XmlsecAdapter.h b/src/vcore/XmlsecAdapter.h index 0a0a522..a2170f0 100644 --- a/src/vcore/XmlsecAdapter.h +++ b/src/vcore/XmlsecAdapter.h @@ -16,7 +16,8 @@ /* * @file XmlSecAdapter.h * @author Bartlomiej Grzelewski (b.grzelewski@samsung.com) - * @version 2.0 + * @author Sangwan Kwon (sangwan.kwon@samsung.com) + * @version 2.1 * @brief */ #pragma once -- 2.7.4