xmlsecurity/source/gpg/xmlsignature_gpgimpl.cxx | 2 ++
1 file changed, 2 insertions(+)
New commits:
commit e9ebcb15f0cb458da0a0c7583fa740c063a5e107
Author: Samuel Mehrbrodt <samuel.mehrbr...@allotropia.de>
AuthorDate: Thu Jul 11 23:15:26 2024 +0200
Commit: Adolfo Jayme Barrientos <fit...@ubuntu.com>
CommitDate: Mon Jul 15 10:37:34 2024 +0200
tdf#108828 Prevent leaking keys from previous signing sessions
Usuccessful signing sessions (e.g. abort when password is requested)
left their key in the context.
On the next try, the former key would also be used to sign.
Change-Id: I55b9201df229cae40863a0a19b238029607d1848
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/170388
Reviewed-by: Samuel Mehrbrodt <samuel.mehrbr...@allotropia.de>
Tested-by: Jenkins
(cherry picked from commit 0e1592094e7463b07e9bc9725b4c85d5244bf997)
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/170477
Reviewed-by: Adolfo Jayme Barrientos <fit...@ubuntu.com>
diff --git a/xmlsecurity/source/gpg/xmlsignature_gpgimpl.cxx
b/xmlsecurity/source/gpg/xmlsignature_gpgimpl.cxx
index 2eff021eb38f..fd2c5d1ebfbd 100644
--- a/xmlsecurity/source/gpg/xmlsignature_gpgimpl.cxx
+++ b/xmlsecurity/source/gpg/xmlsignature_gpgimpl.cxx
@@ -197,6 +197,8 @@ SAL_CALL XMLSignature_GpgImpl::generate(
int nRet = xmlSecBase64Decode_ex(pKey,
reinterpret_cast<xmlSecByte*>(pKey), xmlStrlen(pKey), &nWritten);
if(nRet < 0)
throw RuntimeException(u"The GpgME library failed to initialize for
the OpenPGP protocol."_ustr);
+
+ rCtx.clearSigningKeys(); // tdf#108828 Clear keys from previous
unsuccessful sessions
if( rCtx.addSigningKey(
rCtx.key(
reinterpret_cast<char*>(pKey), err, true)) )
