projects / libreoffice.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 1c791cd) | patch
[PATCH] Improve adbe.pkcs7.sha1 signature verification
authorJuraj Šarinay <juraj@sarinay.com>
Thu, 6 Mar 2025 15:44:01 +0000 (16:44 +0100)
committerRene Engelhard <rene@debian.org>
Thu, 7 May 2026 19:49:15 +0000 (21:49 +0200)
commit4b084c8cb6a3aaeec3c23b5743dc2083573a1490
tree7f2899f0e5f13d26082c8accc59b95289fbb9e23tree | snapshot
parent1c791cd79dab803d0eb040731d46fe0ff1c324dbcommit | diff
[PATCH] Improve adbe.pkcs7.sha1 signature verification

For PDF signatures with SubFilter == adbe.pkcs7.sha1, we only
compared hash values and never actually checked SignatureValue
within SignerInfo.

Fix bugs introduced by 055fd58711d57af4d96214aebd71b713303d5527 and
e58ed17e35989350afe3e9fd77b24515df782eac by verifying the actual
(public-key) signature after the hash values compare equal.

Change-Id: I5fa3d60df214cc5efedd1c0eba6cf1b9faf05360
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/183059
Reviewed-by: Miklos Vajna <vmiklos@collabora.com>
Tested-by: Jenkins
(cherry picked from commit 9f687b06fc25156a2a3f4d688b56542612995aa9)

Gbp-Pq: Name Improve-adbe.pkcs7.sha1-signature-verification.diff
svl/source/crypto/cryptosign.cxx diff | blob | history
Unnamed repository; edit this file 'description' to name the repository.