office-gobmx/libxmlsec
2010-10-05 20:30:56 +01:00
..
prj #i103496#: remove superfluous dependencies in external libraries 2009-07-28 16:29:26 +02:00
makefile.mk fix up conflict, merge into configure patch 2010-10-05 20:30:56 +01:00
readme.txt libxmlsec: #i107747# Document what I think xmlsec1-nssdisablecallbacks.patch does 2010-03-05 19:10:01 +00:00
xmlsec1-configure-libxml-libxslt.patch solaris10u8: #i112480#: fix libxmlsec configure: 2010-07-12 15:57:50 +02:00
xmlsec1-configure.patch #i113076# missing includes in configure test 2010-10-05 15:21:54 +01:00
xmlsec1-customkeymanage.patch i#112159: MinGW port: libxmlsec 1.2.14, libxml2 2.7.6, libxslt 1.1.26 2010-06-06 20:54:55 +09:00
xmlsec1-mingw-keymgr-mscrypto.patch xmlsec1_2_14: #i107747#: upgrade to latest xmlsec1, libxml2 and libxslt 2009-12-17 13:32:53 +00:00
xmlsec1-mingw32.patch mingwport30: merge with DEV300 m80 2010-06-05 22:39:55 +09:00
xmlsec1-noverify.patch xmlsec1_2_14: #i107747#: upgrade to latest xmlsec1, libxml2 and libxslt 2009-12-17 13:32:53 +00:00
xmlsec1-nssdisablecallbacks.patch xmlsec1_2_14: #i107747#: upgrade to latest xmlsec1, libxml2 and libxslt 2009-12-17 13:32:53 +00:00
xmlsec1-nssmangleciphers.patch xmlsec1_2_14: #i107747#: upgrade to latest xmlsec1, libxml2 and libxslt 2009-12-17 13:32:53 +00:00
xmlsec1-olderlibxml2.patch #i107747# allow building against older libxml2 2010-03-02 15:54:30 +00:00
xmlsec1-update-config-sub-and-guess.patch kfreebsdport01: update config.{guess,sub} of libtextcat/libxmlsec 2010-04-16 14:34:40 +02:00

The XML Security library has been modified, so that there is NO verification of
the certificate during sign or verification operation. On Windows this was done
in the function xmlSecMSCryptoX509StoreVerify (file src/mscrypto/x509vfy.c) and
on UNIX in xmlSecNssX509StoreVerify (file src/nss/x509vfy.c).

The implementation creates certificates from all of the X509Data children, such
as X509IssuerSerial and X509Certificate and stores them in a certificate store
(see xmlsec/src/mscrypto/x509.c:xmlSecMSCryptoX509DataNodeRead). It must then
find the certificate containing the public key which is used for validation
within that store. This is done in xmlSecMSCryptoX509StoreVerify. This function
however only takes those certificates into account which can be validated. This
was changed by the patch xmlsec1-noverify.patch, which prevents this certificate
validation.

xmlSecMSCryptoX509StoreVerify iterates over all certificates contained or
referenced in the X509Data elements and selects one which is no issuer of any of
the other certificates. This certificate is not necessarily the one which was
used for signing but it must contain the proper validation key, which is
sufficient to validate the signature. See 
http://www.w3.org/TR/xmldsig-core/#sec-X509Data 
for details.

There is a flag XMLSEC_KEYINFO_FLAGS_X509DATA_DONT_VERIFY_CERTS that can be set
in a xmlSecKeyInfoCtx (see function xmlSecNssKeyDataX509XmlRead, in file
src/nss/x509.c), which indicates that one can turn off the validation. However,
setting it will cause that the validation key is not found. If the flag is set,
then the key is not extracted from the certificate store which contains all the
certificates of the X509Data elements. In other words, the certificates which
are delivered within the XML signature are not used when looking for suitable
validation key.