libreoffice/SOURCES/0001-CVE-2022-26305-compare...

From 77f30ada1156ca1e1357776fea8e9dc113f6898d Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Caol=C3=A1n=20McNamara?= <caolanm@redhat.com>
Date: Thu, 3 Mar 2022 14:22:37 +0000
Subject: [PATCH 1/5] CVE-2022-26305 compare authors using Thumbprint

Change-Id: I338f58eb07cbf0a3d13a7dafdaddac09252a8546
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/130929
Tested-by: Jenkins
Reviewed-by: Miklos Vajna <vmiklos@collabora.com>
(cherry picked from commit 65442205b5b274ad309308162f150f8d41648f72)
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/130866
Reviewed-by: Michael Stahl <michael.stahl@allotropia.de>
(cherry picked from commit a7aaa78acea4c1d51283c2fce54ff9f5339026f8)
---
 .../component/documentdigitalsignatures.cxx   | 23 +++++++++++++++----
 1 file changed, 19 insertions(+), 4 deletions(-)

diff --git a/xmlsecurity/source/component/documentdigitalsignatures.cxx b/xmlsecurity/source/component/documentdigitalsignatures.cxx
index b9066ea92cac..5a21c8421bec 100644
--- a/xmlsecurity/source/component/documentdigitalsignatures.cxx
+++ b/xmlsecurity/source/component/documentdigitalsignatures.cxx
@@ -19,9 +19,10 @@
 
 #include <resourcemanager.hxx>
 
-#include <digitalsignaturesdialog.hxx>
+#include <certificate.hxx>
 #include <certificatechooser.hxx>
 #include <certificateviewer.hxx>
+#include <digitalsignaturesdialog.hxx>
 #include <macrosecurity.hxx>
 #include <biginteger.hxx>
 #include <strings.hrc>
@@ -666,9 +667,23 @@ sal_Bool DocumentDigitalSignatures::isAuthorTrusted(
     Sequence< SvtSecurityOptions::Certificate > aTrustedAuthors = SvtSecurityOptions().GetTrustedAuthors();
 
     return std::any_of(aTrustedAuthors.begin(), aTrustedAuthors.end(),
-        [&xAuthor, &sSerialNum](const SvtSecurityOptions::Certificate& rAuthor) {
-            return xmlsecurity::EqualDistinguishedNames(rAuthor[0], xAuthor->getIssuerName())
-                && ( rAuthor[1] == sSerialNum );
+        [this, &xAuthor, &sSerialNum](const SvtSecurityOptions::Certificate& rAuthor) {
+            if (!xmlsecurity::EqualDistinguishedNames(rAuthor[0], xAuthor->getIssuerName()))
+                return false;
+            if (rAuthor[1] != sSerialNum)
+                return false;
+
+            DocumentSignatureManager aSignatureManager(mxCtx, {});
+            if (!aSignatureManager.init())
+                return false;
+            uno::Reference<css::security::XCertificate> xCert = aSignatureManager.getSecurityEnvironment()->createCertificateFromAscii(rAuthor[2]);
+
+            auto pAuthor = dynamic_cast<xmlsecurity::Certificate*>(xAuthor.get());
+            auto pCert = dynamic_cast<xmlsecurity::Certificate*>(xCert.get());
+            if (pAuthor && pCert)
+                return pCert->getSHA256Thumbprint() == pAuthor->getSHA256Thumbprint();
+
+            return xCert->getSHA1Thumbprint() == xAuthor->getSHA1Thumbprint();
         });
 }
 
-- 
2.37.3
import libreoffice-7.1.8.1-8.el9_1 2 years ago			`From 77f30ada1156ca1e1357776fea8e9dc113f6898d Mon Sep 17 00:00:00 2001`
			`From: =?UTF-8?q?Caol=C3=A1n=20McNamara?= <caolanm@redhat.com>`
			`Date: Thu, 3 Mar 2022 14:22:37 +0000`
			`Subject: [PATCH 1/5] CVE-2022-26305 compare authors using Thumbprint`

			`Change-Id: I338f58eb07cbf0a3d13a7dafdaddac09252a8546`
			`Reviewed-on: https://gerrit.libreoffice.org/c/core/+/130929`
			`Tested-by: Jenkins`
			`Reviewed-by: Miklos Vajna <vmiklos@collabora.com>`
			`(cherry picked from commit 65442205b5b274ad309308162f150f8d41648f72)`
			`Reviewed-on: https://gerrit.libreoffice.org/c/core/+/130866`
			`Reviewed-by: Michael Stahl <michael.stahl@allotropia.de>`
			`(cherry picked from commit a7aaa78acea4c1d51283c2fce54ff9f5339026f8)`
			`---`
			`.../component/documentdigitalsignatures.cxx \| 23 +++++++++++++++----`
			`1 file changed, 19 insertions(+), 4 deletions(-)`

			`diff --git a/xmlsecurity/source/component/documentdigitalsignatures.cxx b/xmlsecurity/source/component/documentdigitalsignatures.cxx`
			`index b9066ea92cac..5a21c8421bec 100644`
			`--- a/xmlsecurity/source/component/documentdigitalsignatures.cxx`
			`+++ b/xmlsecurity/source/component/documentdigitalsignatures.cxx`
			`@@ -19,9 +19,10 @@`

			`#include <resourcemanager.hxx>`

			`-#include <digitalsignaturesdialog.hxx>`
			`+#include <certificate.hxx>`
			`#include <certificatechooser.hxx>`
			`#include <certificateviewer.hxx>`
			`+#include <digitalsignaturesdialog.hxx>`
			`#include <macrosecurity.hxx>`
			`#include <biginteger.hxx>`
			`#include <strings.hrc>`
			`@@ -666,9 +667,23 @@ sal_Bool DocumentDigitalSignatures::isAuthorTrusted(`
			`Sequence< SvtSecurityOptions::Certificate > aTrustedAuthors = SvtSecurityOptions().GetTrustedAuthors();`

			`return std::any_of(aTrustedAuthors.begin(), aTrustedAuthors.end(),`
			`- [&xAuthor, &sSerialNum](const SvtSecurityOptions::Certificate& rAuthor) {`
			`- return xmlsecurity::EqualDistinguishedNames(rAuthor[0], xAuthor->getIssuerName())`
			`- && ( rAuthor[1] == sSerialNum );`
			`+ [this, &xAuthor, &sSerialNum](const SvtSecurityOptions::Certificate& rAuthor) {`
			`+ if (!xmlsecurity::EqualDistinguishedNames(rAuthor[0], xAuthor->getIssuerName()))`
			`+ return false;`
			`+ if (rAuthor[1] != sSerialNum)`
			`+ return false;`
			`+`
			`+ DocumentSignatureManager aSignatureManager(mxCtx, {});`
			`+ if (!aSignatureManager.init())`
			`+ return false;`
			`+ uno::Reference<css::security::XCertificate> xCert = aSignatureManager.getSecurityEnvironment()->createCertificateFromAscii(rAuthor[2]);`
			`+`
			`+ auto pAuthor = dynamic_cast<xmlsecurity::Certificate*>(xAuthor.get());`
			`+ auto pCert = dynamic_cast<xmlsecurity::Certificate*>(xCert.get());`
			`+ if (pAuthor && pCert)`
			`+ return pCert->getSHA256Thumbprint() == pAuthor->getSHA256Thumbprint();`
			`+`
			`+ return xCert->getSHA1Thumbprint() == xAuthor->getSHA1Thumbprint();`
			`});`
			`}`

			`--`
			`2.37.3`