[Libreoffice-commits] core.git: 4 commits - xmlsecurity/inc xmlsecurity/source
Miklos Vajna
vmiklos at collabora.co.uk
Wed Jan 13 00:55:19 PST 2016
xmlsecurity/inc/xmlsecurity/documentsignaturehelper.hxx | 7 +
xmlsecurity/inc/xmlsecurity/xmlsignaturehelper.hxx | 5
xmlsecurity/source/component/documentdigitalsignatures.cxx | 8 -
xmlsecurity/source/helper/documentsignaturehelper.cxx | 13 ++
xmlsecurity/source/helper/xmlsignaturehelper.cxx | 80 +++++++++++++
xmlsecurity/source/helper/xsecctl.cxx | 1
xmlsecurity/source/helper/xsecctl.hxx | 2
xmlsecurity/source/helper/xsecverify.cxx | 11 -
8 files changed, 118 insertions(+), 9 deletions(-)
New commits:
commit dbfb82b6da0f4e6d7be9a0010eb4db8e1bf92ee0
Author: Miklos Vajna <vmiklos at collabora.co.uk>
Date: Wed Jan 13 09:37:10 2016 +0100
xmlsecurity: refactor to allow multiple signature parser implementations
Change-Id: I1d1ae4a0bf41b89fe2f8db9b44d3b0b7a0dfd1cd
diff --git a/xmlsecurity/source/helper/xsecctl.cxx b/xmlsecurity/source/helper/xsecctl.cxx
index 2cdfbb1..cc6a2e1 100644
--- a/xmlsecurity/source/helper/xsecctl.cxx
+++ b/xmlsecurity/source/helper/xsecctl.cxx
@@ -56,7 +56,6 @@ XSecController::XSecController( const cssu::Reference<cssu::XComponentContext>&
, m_nStatusOfSecurityComponents(UNINITIALIZED)
, m_bIsSAXEventKeeperSticky(false)
, m_pErrorMessage(nullptr)
- , m_pXSecParser(nullptr)
, m_nReservedSignatureId(0)
, m_bVerifyCurrentSignature(false)
{
diff --git a/xmlsecurity/source/helper/xsecctl.hxx b/xmlsecurity/source/helper/xsecctl.hxx
index 916fb3c..734ecdb 100644
--- a/xmlsecurity/source/helper/xsecctl.hxx
+++ b/xmlsecurity/source/helper/xsecctl.hxx
@@ -310,7 +310,7 @@ private:
/*
* the XSecParser which is used to parse the signature stream
*/
- XSecParser *m_pXSecParser;
+ css::uno::Reference<css::xml::sax::XDocumentHandler> m_xSecParser;
/*
* the caller assigned signature id for the next signature in the
diff --git a/xmlsecurity/source/helper/xsecverify.cxx b/xmlsecurity/source/helper/xsecverify.cxx
index 6f09354..ba89bad 100644
--- a/xmlsecurity/source/helper/xsecverify.cxx
+++ b/xmlsecurity/source/helper/xsecverify.cxx
@@ -31,6 +31,7 @@
#include <sal/log.hxx>
#include <unotools/datetime.hxx>
+using namespace com::sun::star;
namespace cssu = com::sun::star::uno;
namespace cssl = com::sun::star::lang;
namespace cssxc = com::sun::star::xml::crypto;
@@ -371,7 +372,7 @@ void XSecController::collectToVerify( const OUString& referenceId )
void XSecController::addSignature( sal_Int32 nSignatureId )
{
- DBG_ASSERT( m_pXSecParser != nullptr, "No XSecParser initialized" );
+ DBG_ASSERT( m_xSecParser.is(), "No XSecParser initialized" );
m_nReservedSignatureId = nSignatureId;
m_bVerifyCurrentSignature = true;
@@ -379,18 +380,18 @@ void XSecController::addSignature( sal_Int32 nSignatureId )
cssu::Reference< cssxs::XDocumentHandler > XSecController::createSignatureReader()
{
- m_pXSecParser = new XSecParser( this, nullptr );
- cssu::Reference< cssl::XInitialization > xInitialization = m_pXSecParser;
+ m_xSecParser = new XSecParser( this, nullptr );
+ cssu::Reference< cssl::XInitialization > xInitialization(m_xSecParser, uno::UNO_QUERY);
setSAXChainConnector(xInitialization, nullptr, nullptr);
- return m_pXSecParser;
+ return m_xSecParser;
}
void XSecController::releaseSignatureReader()
{
clearSAXChainConnector( );
- m_pXSecParser = nullptr;
+ m_xSecParser.clear();
}
/* vim:set shiftwidth=4 softtabstop=4 expandtab: */
commit 5524754e9f7c936f7152f49815af0e11d9c92613
Author: Miklos Vajna <vmiklos at collabora.co.uk>
Date: Wed Jan 13 09:36:06 2016 +0100
xmlsecurity: initial XMLSignatureHelper::ReadAndVerifySignatureStorageStream()
Change-Id: Ida3f77a763c55a7ec8a52a3de4521d18a952e752
diff --git a/xmlsecurity/inc/xmlsecurity/xmlsignaturehelper.hxx b/xmlsecurity/inc/xmlsecurity/xmlsignaturehelper.hxx
index bf5cfea..ea954d1 100644
--- a/xmlsecurity/inc/xmlsecurity/xmlsignaturehelper.hxx
+++ b/xmlsecurity/inc/xmlsecurity/xmlsignaturehelper.hxx
@@ -178,8 +178,10 @@ public:
static void CloseDocumentHandler( const ::com::sun::star::uno::Reference< com::sun::star::xml::sax::XDocumentHandler>& xDocumentHandler );
static void ExportSignature( const com::sun::star::uno::Reference< com::sun::star::xml::sax::XDocumentHandler >& xDocumentHandler, const SignatureInformation& signatureInfo );
- /// Read and verify an OOXML signature.
+ /// Read and verify OOXML signatures.
bool ReadAndVerifySignatureStorage(const css::uno::Reference<css::embed::XStorage>& xStorage);
+ /// Read and verify a single OOXML signature.
+ bool ReadAndVerifySignatureStorageStream(const css::uno::Reference<css::io::XInputStream>& xInputStream);
};
#endif // INCLUDED_XMLSECURITY_INC_XMLSECURITY_XMLSIGNATUREHELPER_HXX
diff --git a/xmlsecurity/source/helper/xmlsignaturehelper.cxx b/xmlsecurity/source/helper/xmlsignaturehelper.cxx
index 89d5d95..95f26e3 100644
--- a/xmlsecurity/source/helper/xmlsignaturehelper.cxx
+++ b/xmlsecurity/source/helper/xmlsignaturehelper.cxx
@@ -368,7 +368,9 @@ bool XMLSignatureHelper::ReadAndVerifySignatureStorage(const uno::Reference<embe
std::vector<beans::StringPair>::iterator it = std::find_if(aRelation.begin(), aRelation.end(), [](const beans::StringPair& rPair) { return rPair.First == "Target"; });
if (it != aRelation.end())
{
- // TODO now handle it->Second
+ uno::Reference<io::XInputStream> xInputStream(xStorage->openStreamElement(it->Second, nOpenMode), uno::UNO_QUERY);
+ if (!ReadAndVerifySignatureStorageStream(xInputStream))
+ return false;
}
}
}
@@ -376,4 +378,45 @@ bool XMLSignatureHelper::ReadAndVerifySignatureStorage(const uno::Reference<embe
return true;
}
+bool XMLSignatureHelper::ReadAndVerifySignatureStorageStream(const css::uno::Reference<css::io::XInputStream>& xInputStream)
+{
+ mbError = false;
+
+ // Create the input source.
+ xml::sax::InputSource aParserInput;
+ aParserInput.aInputStream = xInputStream;
+
+ // Create the sax parser.
+ uno::Reference<xml::sax::XParser> xParser = xml::sax::Parser::create(mxCtx);
+
+ // Create the signature reader.
+ uno::Reference<xml::sax::XDocumentHandler> xHandler = mpXSecController->createSignatureReader();
+
+ // Create the signature listener.
+ ImplXMLSignatureListener* pSignatureListener = new ImplXMLSignatureListener(
+ LINK(this, XMLSignatureHelper, SignatureCreationResultListener),
+ LINK(this, XMLSignatureHelper, SignatureVerifyResultListener),
+ LINK(this, XMLSignatureHelper, StartVerifySignatureElement));
+ uno::Reference<xml::sax::XDocumentHandler> xSignatureListener(pSignatureListener);
+
+ // Parser -> signature listener -> signature reader.
+ pSignatureListener->setNextHandler(xHandler);
+ xParser->setDocumentHandler(xSignatureListener);
+
+ // Parse the stream.
+ try
+ {
+ xParser->parseStream(aParserInput);
+ }
+ catch(const uno::Exception& rException)
+ {
+ SAL_WARN("xmlsecurity.helper", "XMLSignatureHelper::ReadAndVerifySignatureStorageStream: " << rException.Message);
+ }
+
+ pSignatureListener->setNextHandler(nullptr);
+ mpXSecController->releaseSignatureReader();
+
+ return !mbError;
+}
+
/* vim:set shiftwidth=4 softtabstop=4 expandtab: */
commit 64b49f20af80150ec551d0c4d9638731e023217f
Author: Miklos Vajna <vmiklos at collabora.co.uk>
Date: Wed Jan 13 09:35:35 2016 +0100
xmlsecurity: read OOXML signature relations
Change-Id: I9d2f6e6285e3db6c72d298a7d0b4ebb321936506
diff --git a/xmlsecurity/source/helper/xmlsignaturehelper.cxx b/xmlsecurity/source/helper/xmlsignaturehelper.cxx
index e2d808c..89d5d95 100644
--- a/xmlsecurity/source/helper/xmlsignaturehelper.cxx
+++ b/xmlsecurity/source/helper/xmlsignaturehelper.cxx
@@ -35,12 +35,17 @@
#include <com/sun/star/io/XActiveDataSource.hpp>
#include <com/sun/star/lang/XComponent.hpp>
#include <com/sun/star/beans/XPropertySet.hpp>
+#include <com/sun/star/beans/StringPair.hpp>
#include <com/sun/star/xml/sax/Parser.hpp>
#include <com/sun/star/xml/sax/Writer.hpp>
#include <com/sun/star/xml/crypto/SEInitializer.hpp>
+#include <com/sun/star/embed/ElementModes.hpp>
+#include <com/sun/star/embed/XStorage.hpp>
#include <tools/date.hxx>
#include <tools/time.hxx>
+#include <comphelper/ofopxmlhelper.hxx>
+#include <comphelper/sequence.hxx>
#define TAG_DOCUMENTSIGNATURES "document-signatures"
#define NS_DOCUMENTSIGNATURES "http://openoffice.org/2004/documentsignatures"
@@ -301,11 +306,6 @@ bool XMLSignatureHelper::ReadAndVerifySignature( const com::sun::star::uno::Refe
return !mbError;
}
-bool XMLSignatureHelper::ReadAndVerifySignatureStorage(const css::uno::Reference<css::embed::XStorage>& /*xStorage*/)
-{
- return true;
-}
-
SignatureInformation XMLSignatureHelper::GetSignatureInformation( sal_Int32 nSecurityId ) const
{
return mpXSecController->getSignatureInformation( nSecurityId );
@@ -344,4 +344,36 @@ IMPL_LINK_NOARG_TYPED( XMLSignatureHelper, StartVerifySignatureElement, LinkPara
}
}
+namespace
+{
+bool lcl_isSignatureType(const beans::StringPair& rPair)
+{
+ return rPair.First == "Type" && rPair.Second == "http://schemas.openxmlformats.org/package/2006/relationships/digital-signature/signature";
+}
+}
+
+bool XMLSignatureHelper::ReadAndVerifySignatureStorage(const uno::Reference<embed::XStorage>& xStorage)
+{
+ sal_Int32 nOpenMode = embed::ElementModes::READ;
+ uno::Reference<embed::XStorage> xSubStorage = xStorage->openStorageElement("_rels", nOpenMode);
+ uno::Reference<io::XInputStream> xRelStream(xSubStorage->openStreamElement("origin.sigs.rels", nOpenMode), uno::UNO_QUERY);
+ uno::Sequence< uno::Sequence<beans::StringPair> > aRelationsInfo;
+ aRelationsInfo = comphelper::OFOPXMLHelper::ReadRelationsInfoSequence(xRelStream, "origin.sigs.rels", mxCtx);
+
+ for (const uno::Sequence<beans::StringPair>& rRelation : aRelationsInfo)
+ {
+ auto aRelation = comphelper::sequenceToContainer< std::vector<beans::StringPair> >(rRelation);
+ if (std::find_if(aRelation.begin(), aRelation.end(), lcl_isSignatureType) != aRelation.end())
+ {
+ std::vector<beans::StringPair>::iterator it = std::find_if(aRelation.begin(), aRelation.end(), [](const beans::StringPair& rPair) { return rPair.First == "Target"; });
+ if (it != aRelation.end())
+ {
+ // TODO now handle it->Second
+ }
+ }
+ }
+
+ return true;
+}
+
/* vim:set shiftwidth=4 softtabstop=4 expandtab: */
commit e62ba5bb3f032e7064bf1f643bae449b0e612787
Author: Miklos Vajna <vmiklos at collabora.co.uk>
Date: Wed Jan 13 09:34:01 2016 +0100
xmlsecurity: don't assume the signature is always a single stream
Change-Id: I07ce23d698fea9338a85b086a5a3c3418e8c8290
diff --git a/xmlsecurity/inc/xmlsecurity/documentsignaturehelper.hxx b/xmlsecurity/inc/xmlsecurity/documentsignaturehelper.hxx
index 06a666e..9b423a1 100644
--- a/xmlsecurity/inc/xmlsecurity/documentsignaturehelper.hxx
+++ b/xmlsecurity/inc/xmlsecurity/documentsignaturehelper.hxx
@@ -60,6 +60,13 @@ struct SignatureStreamHelper
{
css::uno::Reference < css::embed::XStorage > xSignatureStorage;
css::uno::Reference < css::io::XStream > xSignatureStream;
+ /// If this is embed::StorageFormats::OFOPXML, then it's expected that xSignatureStream is an empty reference.
+ sal_Int32 nStorageFormat;
+
+ SignatureStreamHelper()
+ : nStorageFormat(0)
+ {
+ }
};
diff --git a/xmlsecurity/inc/xmlsecurity/xmlsignaturehelper.hxx b/xmlsecurity/inc/xmlsecurity/xmlsignaturehelper.hxx
index 8babab5..bf5cfea 100644
--- a/xmlsecurity/inc/xmlsecurity/xmlsignaturehelper.hxx
+++ b/xmlsecurity/inc/xmlsecurity/xmlsignaturehelper.hxx
@@ -177,6 +177,9 @@ public:
::com::sun::star::uno::Reference< ::com::sun::star::xml::sax::XWriter> CreateDocumentHandlerWithHeader( const com::sun::star::uno::Reference< com::sun::star::io::XOutputStream >& xOutputStream );
static void CloseDocumentHandler( const ::com::sun::star::uno::Reference< com::sun::star::xml::sax::XDocumentHandler>& xDocumentHandler );
static void ExportSignature( const com::sun::star::uno::Reference< com::sun::star::xml::sax::XDocumentHandler >& xDocumentHandler, const SignatureInformation& signatureInfo );
+
+ /// Read and verify an OOXML signature.
+ bool ReadAndVerifySignatureStorage(const css::uno::Reference<css::embed::XStorage>& xStorage);
};
#endif // INCLUDED_XMLSECURITY_INC_XMLSECURITY_XMLSIGNATUREHELPER_HXX
diff --git a/xmlsecurity/source/component/documentdigitalsignatures.cxx b/xmlsecurity/source/component/documentdigitalsignatures.cxx
index 8406fc5..728c345 100644
--- a/xmlsecurity/source/component/documentdigitalsignatures.cxx
+++ b/xmlsecurity/source/component/documentdigitalsignatures.cxx
@@ -29,6 +29,7 @@
#include <../dialogs/resourcemanager.hxx>
#include <com/sun/star/embed/XStorage.hpp>
+#include <com/sun/star/embed/StorageFormats.hpp>
#include <com/sun/star/embed/XTransactedObject.hpp>
#include <com/sun/star/embed/ElementModes.hpp>
#include <com/sun/star/ucb/XContent.hpp>
@@ -272,7 +273,7 @@ DocumentDigitalSignatures::ImplVerifySignatures(
xInputStream.set( aStreamHelper.xSignatureStream, UNO_QUERY );
}
- if ( !xInputStream.is() )
+ if (!xInputStream.is() && aStreamHelper.nStorageFormat != embed::StorageFormats::OFOPXML)
return Sequence< ::com::sun::star::security::DocumentSignatureInformation >(0);
@@ -289,7 +290,10 @@ DocumentDigitalSignatures::ImplVerifySignatures(
aSignatureHelper.StartMission();
- aSignatureHelper.ReadAndVerifySignature( xInputStream );
+ if (xInputStream.is())
+ aSignatureHelper.ReadAndVerifySignature(xInputStream);
+ else if (aStreamHelper.nStorageFormat == embed::StorageFormats::OFOPXML)
+ aSignatureHelper.ReadAndVerifySignatureStorage(aStreamHelper.xSignatureStorage);
aSignatureHelper.EndMission();
diff --git a/xmlsecurity/source/helper/documentsignaturehelper.cxx b/xmlsecurity/source/helper/documentsignaturehelper.cxx
index fd916c6..6150492 100644
--- a/xmlsecurity/source/helper/documentsignaturehelper.cxx
+++ b/xmlsecurity/source/helper/documentsignaturehelper.cxx
@@ -24,6 +24,7 @@
#include <com/sun/star/lang/XComponent.hpp>
#include <com/sun/star/lang/DisposedException.hpp>
#include <com/sun/star/embed/XStorage.hpp>
+#include <com/sun/star/embed/StorageFormats.hpp>
#include <com/sun/star/embed/ElementModes.hpp>
#include <com/sun/star/beans/XPropertySet.hpp>
@@ -330,6 +331,18 @@ SignatureStreamHelper DocumentSignatureHelper::OpenSignatureStream(
DBG_ASSERT( nOpenMode == css::embed::ElementModes::READ, "Error creating signature stream..." );
}
}
+ else if(xNameAccess->hasByName("_xmlsignatures"))
+ {
+ try
+ {
+ aHelper.xSignatureStorage = rxStore->openStorageElement("_xmlsignatures", nSubStorageOpenMode);
+ aHelper.nStorageFormat = embed::StorageFormats::OFOPXML;
+ }
+ catch (const io::IOException& rException)
+ {
+ SAL_WARN("xmlsecurity.helper", "DocumentSignatureHelper::OpenSignatureStream: " << rException.Message);
+ }
+ }
return aHelper;
}
diff --git a/xmlsecurity/source/helper/xmlsignaturehelper.cxx b/xmlsecurity/source/helper/xmlsignaturehelper.cxx
index 2498aff..e2d808c 100644
--- a/xmlsecurity/source/helper/xmlsignaturehelper.cxx
+++ b/xmlsecurity/source/helper/xmlsignaturehelper.cxx
@@ -301,6 +301,11 @@ bool XMLSignatureHelper::ReadAndVerifySignature( const com::sun::star::uno::Refe
return !mbError;
}
+bool XMLSignatureHelper::ReadAndVerifySignatureStorage(const css::uno::Reference<css::embed::XStorage>& /*xStorage*/)
+{
+ return true;
+}
+
SignatureInformation XMLSignatureHelper::GetSignatureInformation( sal_Int32 nSecurityId ) const
{
return mpXSecController->getSignatureInformation( nSecurityId );
More information about the Libreoffice-commits
mailing list