From 4234b099f1ced2c1929a98ef6133b5280697f00a Mon Sep 17 00:00:00 2001 From: Miklos Vajna Date: Tue, 22 Nov 2016 15:07:54 +0100 Subject: [PATCH] tdf#99327 vcl PDF mscrypto sign: fix SHA-256 OID The previous OID only worked with NSS as NSS_CMSUtil_MapSignAlgs() has a hack to accept it, saying Windows 2003 generates such OIDs. Don't depend on readers of the signature accepting that incorrect OID. Change-Id: I63e9a363e9e2ad233eeeacea1a354e3190da1ac1 --- vcl/source/gdi/pdfwriter_impl.cxx | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/vcl/source/gdi/pdfwriter_impl.cxx b/vcl/source/gdi/pdfwriter_impl.cxx index 496dd505160b..e5af4d4d0ff9 100644 --- a/vcl/source/gdi/pdfwriter_impl.cxx +++ b/vcl/source/gdi/pdfwriter_impl.cxx @@ -7306,7 +7306,7 @@ bool PDFWriter::Sign(PDFSignContext& rContext) aPara.cbSize = sizeof(aPara); aPara.dwMsgEncodingType = PKCS_7_ASN_ENCODING | X509_ASN_ENCODING; aPara.pSigningCert = pCertContext; - aPara.HashAlgorithm.pszObjId = const_cast(szOID_RSA_SHA256RSA); + aPara.HashAlgorithm.pszObjId = const_cast(szOID_NIST_sha256); aPara.HashAlgorithm.Parameters.cbData = 0; aPara.cMsgCert = 1; aPara.rgpMsgCert = &pCertContext; @@ -7335,7 +7335,7 @@ bool PDFWriter::Sign(PDFSignContext& rContext) aSignerInfo.pCertInfo = pCertContext->pCertInfo; aSignerInfo.hCryptProv = hCryptProv; aSignerInfo.dwKeySpec = nKeySpec; - aSignerInfo.HashAlgorithm.pszObjId = const_cast(szOID_RSA_SHA256RSA); + aSignerInfo.HashAlgorithm.pszObjId = const_cast(szOID_NIST_sha256); aSignerInfo.HashAlgorithm.Parameters.cbData = 0; CMSG_SIGNED_ENCODE_INFO aSignedInfo;