xmlsecurity nss: log what XML DOM node is given to libxmlsec
We have two environments where the signature and the stream bytes are the same, still in one case the signature verification succeeds and in the other case the hash doesn't match. Log the signature as parsed into a DOM node (recursively), just case something goes wrong during extracting a single signature from the signatures list XML. Change-Id: I54af71fdeb63d8ef44342f106746f938fa51f29a Reviewed-on: https://gerrit.libreoffice.org/c/core/+/127991 Reviewed-by: Miklos Vajna <vmiklos@collabora.com> Tested-by: Jenkins
This commit is contained in:
parent
1cb5b519a0
commit
9fb45044d9
1 changed files with 7 additions and 0 deletions
|
@ -243,6 +243,13 @@ SAL_CALL XMLSignature_NssImpl::validate(
|
|||
if (xmlSecPtrListAdd(&(pDsigCtx->keyInfoReadCtx.enabledKeyData), BAD_CAST xmlSecNssKeyDataX509GetKlass()) < 0)
|
||||
throw RuntimeException("failed to limit allowed key data");
|
||||
|
||||
xmlBufferPtr pBuf = xmlBufferCreate();
|
||||
xmlNodeDump(pBuf, nullptr, pNode, 0, 0);
|
||||
SAL_INFO("xmlsecurity.xmlsec", "xmlSecDSigCtxVerify input XML node is '"
|
||||
<< reinterpret_cast<const char*>(xmlBufferContent(pBuf))
|
||||
<< "'");
|
||||
xmlBufferFree(pBuf);
|
||||
|
||||
//Verify signature
|
||||
int rs = xmlSecDSigCtxVerify( pDsigCtx.get() , pNode );
|
||||
|
||||
|
|
Loading…
Reference in a new issue