[Libreoffice-commits] core.git: xmlsecurity/inc xmlsecurity/qa xmlsecurity/source
Miklos Vajna
vmiklos at collabora.co.uk
Tue Nov 8 14:51:20 UTC 2016
xmlsecurity/inc/documentsignaturemanager.hxx | 6 +
xmlsecurity/inc/pdfsignaturehelper.hxx | 4
xmlsecurity/inc/xmlsignaturehelper.hxx | 12 --
xmlsecurity/qa/unit/signing/signing.cxx | 26 ++---
xmlsecurity/source/component/documentdigitalsignatures.cxx | 60 ++++++-------
xmlsecurity/source/dialogs/digitalsignaturesdialog.cxx | 11 +-
xmlsecurity/source/helper/documentsignaturemanager.cxx | 29 +++++-
xmlsecurity/source/helper/pdfsignaturehelper.cxx | 11 --
xmlsecurity/source/helper/xmlsignaturehelper.cxx | 23 ----
9 files changed, 87 insertions(+), 95 deletions(-)
New commits:
commit a69873d212c903ea8a1f0d5ca40ae3f08b83a871
Author: Miklos Vajna <vmiklos at collabora.co.uk>
Date: Tue Nov 8 14:10:05 2016 +0100
xmlsecurity: move the sec context from the format helpers to the sign manager
The signature manager always creates an XML helper, and optionally creates a
PDF helper as well. Both of them initialize xmlsec, and when the signature
manager is deleted, there are two de-inits, leading to an assertion failure in
xmlsec.
Fix the problem by moving the duplicated xmlsec init to the signature manager.
This has the additional benefit that general security-related code no longer
has to talk to the XML helper, it can use the signature manager, which feels
more natural. (What viewing a certificate had to do with XML?)
Change-Id: If6a6bc433636445f3782849a367d4a7ac0be7688
Reviewed-on: https://gerrit.libreoffice.org/30695
Reviewed-by: Miklos Vajna <vmiklos at collabora.co.uk>
Tested-by: Jenkins <ci at libreoffice.org>
diff --git a/xmlsecurity/inc/documentsignaturemanager.hxx b/xmlsecurity/inc/documentsignaturemanager.hxx
index fd981d7..7062303 100644
--- a/xmlsecurity/inc/documentsignaturemanager.hxx
+++ b/xmlsecurity/inc/documentsignaturemanager.hxx
@@ -47,6 +47,8 @@ public:
css::uno::Reference<css::io::XStream> mxTempSignatureStream;
/// Storage containing all OOXML signatures, unused for ODF.
css::uno::Reference<css::embed::XStorage> mxTempSignatureStorage;
+ css::uno::Reference<css::xml::crypto::XSEInitializer> mxSEInitializer;
+ css::uno::Reference<css::xml::crypto::XXMLSecurityContext> mxSecurityContext;
DocumentSignatureManager(const css::uno::Reference<css::uno::XComponentContext>& xContext, DocumentSignatureMode eMode);
~DocumentSignatureManager();
@@ -70,6 +72,10 @@ public:
// Checks if the document is a kind where it is relevant to distinguish between using XAdES or not
bool IsXAdESRelevant();
#endif
+ /// Attempts to initialize the platform-specific crypto.
+ bool init();
+ /// Get the security environment.
+ css::uno::Reference<css::xml::crypto::XSecurityEnvironment> getSecurityEnvironment();
};
#endif // INCLUDED_XMLSECURITY_INC_DOCUMENTSIGNATUREMANAGER_HXX
diff --git a/xmlsecurity/inc/pdfsignaturehelper.hxx b/xmlsecurity/inc/pdfsignaturehelper.hxx
index cd9a3e2..55d8567 100644
--- a/xmlsecurity/inc/pdfsignaturehelper.hxx
+++ b/xmlsecurity/inc/pdfsignaturehelper.hxx
@@ -25,8 +25,6 @@
class XMLSECURITY_DLLPUBLIC PDFSignatureHelper
{
css::uno::Reference<css::uno::XComponentContext> m_xComponentContext;
- css::uno::Reference<css::xml::crypto::XSEInitializer> m_xSEInitializer;
- css::uno::Reference<css::xml::crypto::XXMLSecurityContext> m_xSecurityContext;
SignatureInformations m_aSignatureInfos;
css::uno::Reference<css::security::XCertificate> m_xCertificate;
@@ -35,7 +33,7 @@ class XMLSECURITY_DLLPUBLIC PDFSignatureHelper
public:
PDFSignatureHelper(const css::uno::Reference<css::uno::XComponentContext>& xComponentContext);
bool ReadAndVerifySignature(const css::uno::Reference<css::io::XInputStream>& xInputStream);
- css::uno::Sequence<css::security::DocumentSignatureInformation> GetDocumentSignatureInformations() const;
+ css::uno::Sequence<css::security::DocumentSignatureInformation> GetDocumentSignatureInformations(const css::uno::Reference<css::xml::crypto::XSecurityEnvironment>& xSecEnv) const;
SignatureInformations GetSignatureInformations() const;
/// Return the ID of the next created signature.
diff --git a/xmlsecurity/inc/xmlsignaturehelper.hxx b/xmlsecurity/inc/xmlsignaturehelper.hxx
index 8e0c658..c2a163b 100644
--- a/xmlsecurity/inc/xmlsignaturehelper.hxx
+++ b/xmlsecurity/inc/xmlsignaturehelper.hxx
@@ -100,9 +100,6 @@ private:
css::uno::Reference< css::xml::crypto::sax::XSecurityController > mxSecurityController;
css::uno::Reference< css::xml::crypto::XUriBinding > mxUriBinding;
- css::uno::Reference< css::xml::crypto::XSEInitializer > mxSEInitializer;
- css::uno::Reference< css::xml::crypto::XXMLSecurityContext > mxSecurityContext;
-
std::vector<XMLSignatureCreationResult>
maCreationResults;
std::vector<XMLSignatureVerifyResult>
@@ -123,10 +120,6 @@ public:
XMLSignatureHelper(const css::uno::Reference< css::uno::XComponentContext >& mrCtx );
~XMLSignatureHelper();
- // Initialize the security context with default crypto token.
- // Returns true for success.
- bool Init();
-
// Set the storage which should be used by the default UriBinding
// Must be set before StatrtMission().
//sODFVersion indicates the ODF version
@@ -137,15 +130,12 @@ public:
// Default handler will verify all.
void SetStartVerifySignatureHdl( const Link<LinkParamNone*,bool>& rLink );
- // Get the security environment
- css::uno::Reference< css::xml::crypto::XSecurityEnvironment > GetSecurityEnvironment();
-
// After signing/verifying, get information about signatures
SignatureInformation GetSignatureInformation( sal_Int32 nSecurityId ) const;
SignatureInformations GetSignatureInformations() const;
// See XSecController for documentation
- void StartMission();
+ void StartMission(const css::uno::Reference<css::xml::crypto::XXMLSecurityContext>& xSecurityContext);
void EndMission();
sal_Int32 GetNewSecurityId();
/** sets data that describes the certificate.
diff --git a/xmlsecurity/qa/unit/signing/signing.cxx b/xmlsecurity/qa/unit/signing/signing.cxx
index 847ef9a..bad29211 100644
--- a/xmlsecurity/qa/unit/signing/signing.cxx
+++ b/xmlsecurity/qa/unit/signing/signing.cxx
@@ -106,7 +106,7 @@ public:
private:
void createDoc(const OUString& rURL);
void createCalc(const OUString& rURL);
- uno::Reference<security::XCertificate> getCertificate(XMLSignatureHelper& rSignatureHelper);
+ uno::Reference<security::XCertificate> getCertificate(DocumentSignatureManager& rSignatureManager);
};
SigningTest::SigningTest()
@@ -160,9 +160,9 @@ void SigningTest::createCalc(const OUString& rURL)
mxComponent = loadFromDesktop(rURL, "com.sun.star.sheet.SpreadsheetDocument");
}
-uno::Reference<security::XCertificate> SigningTest::getCertificate(XMLSignatureHelper& rSignatureHelper)
+uno::Reference<security::XCertificate> SigningTest::getCertificate(DocumentSignatureManager& rSignatureManager)
{
- uno::Reference<xml::crypto::XSecurityEnvironment> xSecurityEnvironment = rSignatureHelper.GetSecurityEnvironment();
+ uno::Reference<xml::crypto::XSecurityEnvironment> xSecurityEnvironment = rSignatureManager.getSecurityEnvironment();
OUString aCertificate;
{
SvFileStream aStream(m_directories.getURLFromSrc(DATA_DIRECTORY) + "certificate.crt", StreamMode::READ);
@@ -191,14 +191,14 @@ void SigningTest::testDescription()
xStorable->storeAsURL(aTempFile.GetURL(), aMediaDescriptor.getAsConstPropertyValueList());
DocumentSignatureManager aManager(mxComponentContext, DocumentSignatureMode::Content);
- CPPUNIT_ASSERT(aManager.maSignatureHelper.Init());
+ CPPUNIT_ASSERT(aManager.init());
uno::Reference <embed::XStorage> xStorage = comphelper::OStorageHelper::GetStorageOfFormatFromURL(ZIP_STORAGE_FORMAT_STRING, aTempFile.GetURL(), embed::ElementModes::READWRITE);
CPPUNIT_ASSERT(xStorage.is());
aManager.mxStore = xStorage;
aManager.maSignatureHelper.SetStorage(xStorage, "1.2");
// Then add a signature document.
- uno::Reference<security::XCertificate> xCertificate = getCertificate(aManager.maSignatureHelper);
+ uno::Reference<security::XCertificate> xCertificate = getCertificate(aManager);
CPPUNIT_ASSERT(xCertificate.is());
OUString aDescription("SigningTest::testDescription");
sal_Int32 nSecurityId;
@@ -224,14 +224,14 @@ void SigningTest::testOOXMLDescription()
xStorable->storeAsURL(aTempFile.GetURL(), aMediaDescriptor.getAsConstPropertyValueList());
DocumentSignatureManager aManager(mxComponentContext, DocumentSignatureMode::Content);
- CPPUNIT_ASSERT(aManager.maSignatureHelper.Init());
+ CPPUNIT_ASSERT(aManager.init());
uno::Reference <embed::XStorage> xStorage = comphelper::OStorageHelper::GetStorageOfFormatFromURL(ZIP_STORAGE_FORMAT_STRING, aTempFile.GetURL(), embed::ElementModes::READWRITE);
CPPUNIT_ASSERT(xStorage.is());
aManager.mxStore = xStorage;
aManager.maSignatureHelper.SetStorage(xStorage, "1.2");
// Then add a document signature.
- uno::Reference<security::XCertificate> xCertificate = getCertificate(aManager.maSignatureHelper);
+ uno::Reference<security::XCertificate> xCertificate = getCertificate(aManager);
CPPUNIT_ASSERT(xCertificate.is());
OUString aDescription("SigningTest::testDescription");
sal_Int32 nSecurityId;
@@ -254,7 +254,7 @@ void SigningTest::testOOXMLAppend()
osl::File::copy(m_directories.getURLFromSrc(DATA_DIRECTORY) + "partial.docx", aURL));
// Load the test document as a storage and read its single signature.
DocumentSignatureManager aManager(mxComponentContext, DocumentSignatureMode::Content);
- CPPUNIT_ASSERT(aManager.maSignatureHelper.Init());
+ CPPUNIT_ASSERT(aManager.init());
uno::Reference <embed::XStorage> xStorage = comphelper::OStorageHelper::GetStorageOfFormatFromURL(ZIP_STORAGE_FORMAT_STRING, aURL, embed::ElementModes::READWRITE);
CPPUNIT_ASSERT(xStorage.is());
aManager.mxStore = xStorage;
@@ -264,7 +264,7 @@ void SigningTest::testOOXMLAppend()
CPPUNIT_ASSERT_EQUAL(static_cast<std::size_t>(1), rInformations.size());
// Then add a second document signature.
- uno::Reference<security::XCertificate> xCertificate = getCertificate(aManager.maSignatureHelper);
+ uno::Reference<security::XCertificate> xCertificate = getCertificate(aManager);
CPPUNIT_ASSERT(xCertificate.is());
sal_Int32 nSecurityId;
aManager.add(xCertificate, OUString(), nSecurityId, false);
@@ -279,7 +279,7 @@ void SigningTest::testOOXMLRemove()
{
// Load the test document as a storage and read its signatures: purpose1 and purpose2.
DocumentSignatureManager aManager(mxComponentContext, DocumentSignatureMode::Content);
- CPPUNIT_ASSERT(aManager.maSignatureHelper.Init());
+ CPPUNIT_ASSERT(aManager.init());
OUString aURL = m_directories.getURLFromSrc(DATA_DIRECTORY) + "multi.docx";
uno::Reference <embed::XStorage> xStorage = comphelper::OStorageHelper::GetStorageOfFormatFromURL(ZIP_STORAGE_FORMAT_STRING, aURL, embed::ElementModes::READWRITE);
CPPUNIT_ASSERT(xStorage.is());
@@ -290,7 +290,7 @@ void SigningTest::testOOXMLRemove()
CPPUNIT_ASSERT_EQUAL(static_cast<std::size_t>(2), rInformations.size());
// Then remove the last added signature.
- uno::Reference<security::XCertificate> xCertificate = getCertificate(aManager.maSignatureHelper);
+ uno::Reference<security::XCertificate> xCertificate = getCertificate(aManager);
CPPUNIT_ASSERT(xCertificate.is());
aManager.remove(0);
@@ -310,7 +310,7 @@ void SigningTest::testOOXMLRemoveAll()
osl::File::copy(m_directories.getURLFromSrc(DATA_DIRECTORY) + "partial.docx", aURL));
// Load the test document as a storage and read its single signature.
DocumentSignatureManager aManager(mxComponentContext, DocumentSignatureMode::Content);
- CPPUNIT_ASSERT(aManager.maSignatureHelper.Init());
+ CPPUNIT_ASSERT(aManager.init());
uno::Reference <embed::XStorage> xStorage = comphelper::OStorageHelper::GetStorageOfFormatFromURL(ZIP_STORAGE_FORMAT_STRING, aURL, embed::ElementModes::READWRITE);
CPPUNIT_ASSERT(xStorage.is());
aManager.mxStore = xStorage;
@@ -320,7 +320,7 @@ void SigningTest::testOOXMLRemoveAll()
CPPUNIT_ASSERT_EQUAL(static_cast<std::size_t>(1), rInformations.size());
// Then remove the only signature in the document.
- uno::Reference<security::XCertificate> xCertificate = getCertificate(aManager.maSignatureHelper);
+ uno::Reference<security::XCertificate> xCertificate = getCertificate(aManager);
CPPUNIT_ASSERT(xCertificate.is());
aManager.remove(0);
aManager.read(/*bUseTempStream=*/true);
diff --git a/xmlsecurity/source/component/documentdigitalsignatures.cxx b/xmlsecurity/source/component/documentdigitalsignatures.cxx
index 4320a88..92eca28 100644
--- a/xmlsecurity/source/component/documentdigitalsignatures.cxx
+++ b/xmlsecurity/source/component/documentdigitalsignatures.cxx
@@ -265,14 +265,23 @@ DocumentDigitalSignatures::ImplVerifySignatures(
const Reference< css::embed::XStorage >& rxStorage,
const Reference< css::io::XInputStream >& xSignStream, DocumentSignatureMode eMode ) throw (RuntimeException)
{
+ DocumentSignatureManager aSignatureManager(mxCtx, eMode);
+
+ bool bInit = aSignatureManager.init();
+
+ SAL_WARN_IF(!bInit, "xmlsecurity.comp", "Error initializing security context!");
+
+ if (!bInit)
+ return uno::Sequence<security::DocumentSignatureInformation>(0);
+
if (!rxStorage.is())
{
if (xSignStream.is())
{
// Something not ZIP-based, try PDF.
- PDFSignatureHelper aSignatureHelper(mxCtx);
- if (aSignatureHelper.ReadAndVerifySignature(xSignStream))
- return aSignatureHelper.GetDocumentSignatureInformations();
+ PDFSignatureHelper& rSignatureHelper = aSignatureManager.getPDFSignatureHelper();
+ if (rSignatureHelper.ReadAndVerifySignature(xSignStream))
+ return rSignatureHelper.GetDocumentSignatureInformations(aSignatureManager.getSecurityEnvironment());
}
SAL_WARN( "xmlsecurity.comp", "Error, no XStorage provided");
@@ -293,29 +302,21 @@ DocumentDigitalSignatures::ImplVerifySignatures(
return Sequence< css::security::DocumentSignatureInformation >(0);
- XMLSignatureHelper aSignatureHelper( mxCtx );
-
- bool bInit = aSignatureHelper.Init();
-
- SAL_WARN_IF( !bInit, "xmlsecurity.comp", "Error initializing security context!" );
-
- if ( !bInit )
- return Sequence< css::security::DocumentSignatureInformation >(0);
-
- aSignatureHelper.SetStorage(rxStorage, m_sODFVersion);
+ XMLSignatureHelper& rSignatureHelper = aSignatureManager.maSignatureHelper;
+ rSignatureHelper.SetStorage(rxStorage, m_sODFVersion);
- aSignatureHelper.StartMission();
+ rSignatureHelper.StartMission(aSignatureManager.mxSecurityContext);
if (xInputStream.is())
- aSignatureHelper.ReadAndVerifySignature(xInputStream);
+ rSignatureHelper.ReadAndVerifySignature(xInputStream);
else if (aStreamHelper.nStorageFormat == embed::StorageFormats::OFOPXML)
- aSignatureHelper.ReadAndVerifySignatureStorage(aStreamHelper.xSignatureStorage);
+ rSignatureHelper.ReadAndVerifySignatureStorage(aStreamHelper.xSignatureStorage);
- aSignatureHelper.EndMission();
+ rSignatureHelper.EndMission();
- Reference< css::xml::crypto::XSecurityEnvironment > xSecEnv = aSignatureHelper.GetSecurityEnvironment();
+ uno::Reference<xml::crypto::XSecurityEnvironment> xSecEnv = aSignatureManager.getSecurityEnvironment();
- SignatureInformations aSignInfos = aSignatureHelper.GetSignatureInformations();
+ SignatureInformations aSignInfos = rSignatureHelper.GetSignatureInformations();
int nInfos = aSignInfos.size();
Sequence< css::security::DocumentSignatureInformation > aInfos(nInfos);
css::security::DocumentSignatureInformation* arInfos = aInfos.getArray();
@@ -405,9 +406,10 @@ void DocumentDigitalSignatures::manageTrustedSources( ) throw (RuntimeException
Reference< css::xml::crypto::XSecurityEnvironment > xSecEnv;
- XMLSignatureHelper aSignatureHelper( mxCtx );
- if ( aSignatureHelper.Init() )
- xSecEnv = aSignatureHelper.GetSecurityEnvironment();
+ DocumentSignatureMode eMode{};
+ DocumentSignatureManager aSignatureManager(mxCtx, eMode);
+ if (aSignatureManager.init())
+ xSecEnv = aSignatureManager.getSecurityEnvironment();
ScopedVclPtrInstance< MacroSecurity > aDlg( nullptr, mxCtx, xSecEnv );
aDlg->Execute();
@@ -416,15 +418,16 @@ void DocumentDigitalSignatures::manageTrustedSources( ) throw (RuntimeException
void DocumentDigitalSignatures::showCertificate(
const Reference< css::security::XCertificate >& Certificate ) throw (RuntimeException, std::exception)
{
- XMLSignatureHelper aSignatureHelper( mxCtx );
+ DocumentSignatureMode eMode{};
+ DocumentSignatureManager aSignatureManager(mxCtx, eMode);
- bool bInit = aSignatureHelper.Init();
+ bool bInit = aSignatureManager.init();
SAL_WARN_IF( !bInit, "xmlsecurity.comp", "Error initializing security context!" );
if ( bInit )
{
- ScopedVclPtrInstance< CertificateViewer > aViewer( nullptr, aSignatureHelper.GetSecurityEnvironment(), Certificate, false );
+ ScopedVclPtrInstance<CertificateViewer> aViewer(nullptr, aSignatureManager.getSecurityEnvironment(), Certificate, false);
aViewer->Execute();
}
@@ -460,9 +463,10 @@ Reference< css::security::XCertificate > DocumentDigitalSignatures::chooseCertif
{
Reference< css::xml::crypto::XSecurityEnvironment > xSecEnv;
- XMLSignatureHelper aSignatureHelper( mxCtx );
- if ( aSignatureHelper.Init() )
- xSecEnv = aSignatureHelper.GetSecurityEnvironment();
+ DocumentSignatureMode eMode{};
+ DocumentSignatureManager aSignatureManager(mxCtx, eMode);
+ if (aSignatureManager.init())
+ xSecEnv = aSignatureManager.getSecurityEnvironment();
ScopedVclPtrInstance< CertificateChooser > aChooser(nullptr, mxCtx, xSecEnv);
diff --git a/xmlsecurity/source/dialogs/digitalsignaturesdialog.cxx b/xmlsecurity/source/dialogs/digitalsignaturesdialog.cxx
index 5d8ab1d..19ea5d0 100644
--- a/xmlsecurity/source/dialogs/digitalsignaturesdialog.cxx
+++ b/xmlsecurity/source/dialogs/digitalsignaturesdialog.cxx
@@ -212,7 +212,7 @@ void DigitalSignaturesDialog::dispose()
bool DigitalSignaturesDialog::Init()
{
- bool bInit = maSignatureManager.maSignatureHelper.Init();
+ bool bInit = maSignatureManager.init();
SAL_WARN_IF( !bInit, "xmlsecurity.dialogs", "Error initializing security context!" );
@@ -384,7 +384,7 @@ IMPL_LINK_NOARG(DigitalSignaturesDialog, AddButtonHdl, Button*, void)
return;
try
{
- uno::Reference<css::xml::crypto::XSecurityEnvironment> xSecEnv = maSignatureManager.maSignatureHelper.GetSecurityEnvironment();
+ uno::Reference<xml::crypto::XSecurityEnvironment> xSecEnv = maSignatureManager.getSecurityEnvironment();
ScopedVclPtrInstance< CertificateChooser > aChooser( this, mxCtx, xSecEnv );
if ( aChooser->Execute() == RET_OK )
@@ -457,7 +457,7 @@ void DigitalSignaturesDialog::ImplFillSignaturesBox()
{
m_pSignaturesLB->Clear();
- uno::Reference< css::xml::crypto::XSecurityEnvironment > xSecEnv = maSignatureManager.maSignatureHelper.GetSecurityEnvironment();
+ uno::Reference<xml::crypto::XSecurityEnvironment> xSecEnv = maSignatureManager.getSecurityEnvironment();
uno::Reference<css::security::XSerialNumberAdapter> xSerialNumberAdapter =
css::security::SerialNumberAdapter::create(mxCtx);
@@ -618,8 +618,7 @@ void DigitalSignaturesDialog::ImplShowSignaturesDetails()
{
sal_uInt16 nSelected = (sal_uInt16) reinterpret_cast<sal_uIntPtr>( m_pSignaturesLB->FirstSelected()->GetUserData() );
const SignatureInformation& rInfo = maSignatureManager.maCurrentSignatureInformations[ nSelected ];
- css::uno::Reference<css::xml::crypto::XSecurityEnvironment > xSecEnv =
- maSignatureManager.maSignatureHelper.GetSecurityEnvironment();
+ uno::Reference<xml::crypto::XSecurityEnvironment> xSecEnv = maSignatureManager.getSecurityEnvironment();
css::uno::Reference<com::sun::star::security::XSerialNumberAdapter> xSerialNumberAdapter =
css::security::SerialNumberAdapter::create(mxCtx);
// Use Certificate from doc, not from key store
@@ -633,7 +632,7 @@ void DigitalSignaturesDialog::ImplShowSignaturesDetails()
SAL_WARN_IF( !xCert.is(), "xmlsecurity.dialogs", "Error getting Certificate!" );
if ( xCert.is() )
{
- ScopedVclPtrInstance< CertificateViewer > aViewer( this, maSignatureManager.maSignatureHelper.GetSecurityEnvironment(), xCert, false );
+ ScopedVclPtrInstance<CertificateViewer> aViewer(this, maSignatureManager.getSecurityEnvironment(), xCert, false);
aViewer->Execute();
}
}
diff --git a/xmlsecurity/source/helper/documentsignaturemanager.cxx b/xmlsecurity/source/helper/documentsignaturemanager.cxx
index b88714f..2afdcc9 100644
--- a/xmlsecurity/source/helper/documentsignaturemanager.cxx
+++ b/xmlsecurity/source/helper/documentsignaturemanager.cxx
@@ -25,6 +25,7 @@
#include <com/sun/star/io/XTruncate.hpp>
#include <com/sun/star/security/SerialNumberAdapter.hpp>
#include <com/sun/star/embed/XTransactedObject.hpp>
+#include <com/sun/star/xml/crypto/SEInitializer.hpp>
#include <comphelper/storagehelper.hxx>
#include <rtl/ustrbuf.hxx>
@@ -47,11 +48,24 @@ DocumentSignatureManager::~DocumentSignatureManager()
{
}
+bool DocumentSignatureManager::init()
+{
+ SAL_WARN_IF(mxSEInitializer.is(), "xmlsecurity.helper", "DocumentSignatureManager::Init - mxSEInitializer already set!");
+ SAL_WARN_IF(mxSecurityContext.is(), "xmlsecurity.helper", "DocumentSignatureManager::Init - mxSecurityContext already set!");
+
+ mxSEInitializer = css::xml::crypto::SEInitializer::create(mxContext);
+
+ if (mxSEInitializer.is())
+ mxSecurityContext = mxSEInitializer->createSecurityContext(OUString());
+
+ return mxSecurityContext.is();
+}
+
PDFSignatureHelper& DocumentSignatureManager::getPDFSignatureHelper()
{
- // It is important to create this only when dealing with PDF, in case both
- // this and XMLSignatureHelper is created, xmlsec gets confused, and
- // doesn't get correct result.
+ if (!mxSecurityContext.is())
+ init();
+
if (!mpPDFSignatureHelper)
mpPDFSignatureHelper.reset(new PDFSignatureHelper(mxContext));
@@ -246,7 +260,7 @@ bool DocumentSignatureManager::add(const uno::Reference<security::XCertificate>&
return true;
}
- maSignatureHelper.StartMission();
+ maSignatureHelper.StartMission(mxSecurityContext);
nSecurityId = maSignatureHelper.GetNewSecurityId();
@@ -398,7 +412,7 @@ void DocumentSignatureManager::read(bool bUseTempStream, bool bCacheLastSignatur
if (mxStore.is())
{
// ZIP-based: ODF or OOXML.
- maSignatureHelper.StartMission();
+ maSignatureHelper.StartMission(mxSecurityContext);
SignatureStreamHelper aStreamHelper = ImplOpenSignatureStream(embed::ElementModes::READ, bUseTempStream);
if (aStreamHelper.nStorageFormat != embed::StorageFormats::OFOPXML && aStreamHelper.xSignatureStream.is())
@@ -474,4 +488,9 @@ void DocumentSignatureManager::write()
}
}
+uno::Reference<xml::crypto::XSecurityEnvironment> DocumentSignatureManager::getSecurityEnvironment()
+{
+ return mxSecurityContext.is() ? mxSecurityContext->getSecurityEnvironment() : uno::Reference<xml::crypto::XSecurityEnvironment>();
+}
+
/* vim:set shiftwidth=4 softtabstop=4 expandtab: */
diff --git a/xmlsecurity/source/helper/pdfsignaturehelper.cxx b/xmlsecurity/source/helper/pdfsignaturehelper.cxx
index 859a479..ff79af8 100644
--- a/xmlsecurity/source/helper/pdfsignaturehelper.cxx
+++ b/xmlsecurity/source/helper/pdfsignaturehelper.cxx
@@ -26,10 +26,6 @@ using namespace ::com::sun::star;
PDFSignatureHelper::PDFSignatureHelper(const uno::Reference<uno::XComponentContext>& xComponentContext)
: m_xComponentContext(xComponentContext)
{
- m_xSEInitializer = xml::crypto::SEInitializer::create(m_xComponentContext);
- if (m_xSEInitializer.is())
- // This initializes nss / mscrypto.
- m_xSecurityContext = m_xSEInitializer->createSecurityContext(OUString());
}
bool PDFSignatureHelper::ReadAndVerifySignature(const uno::Reference<io::XInputStream>& xInputStream)
@@ -76,24 +72,23 @@ SignatureInformations PDFSignatureHelper::GetSignatureInformations() const
return m_aSignatureInfos;
}
-uno::Sequence<security::DocumentSignatureInformation> PDFSignatureHelper::GetDocumentSignatureInformations() const
+uno::Sequence<security::DocumentSignatureInformation> PDFSignatureHelper::GetDocumentSignatureInformations(const uno::Reference<xml::crypto::XSecurityEnvironment>& xSecEnv) const
{
uno::Sequence<security::DocumentSignatureInformation> aRet(m_aSignatureInfos.size());
- uno::Reference<xml::crypto::XSecurityEnvironment> xSecurityEnvironment = m_xSecurityContext->getSecurityEnvironment();
for (size_t i = 0; i < m_aSignatureInfos.size(); ++i)
{
const SignatureInformation& rInternal = m_aSignatureInfos[i];
security::DocumentSignatureInformation& rExternal = aRet[i];
rExternal.SignatureIsValid = rInternal.nStatus == xml::crypto::SecurityOperationStatus_OPERATION_SUCCEEDED;
- rExternal.Signer = xSecurityEnvironment->createCertificateFromAscii(rInternal.ouX509Certificate);
+ rExternal.Signer = xSecEnv->createCertificateFromAscii(rInternal.ouX509Certificate);
// Verify certificate.
if (rExternal.Signer.is())
{
try
{
- rExternal.CertificateStatus = xSecurityEnvironment->verifyCertificate(rExternal.Signer, {});
+ rExternal.CertificateStatus = xSecEnv->verifyCertificate(rExternal.Signer, {});
}
catch (const uno::SecurityException& rException)
{
diff --git a/xmlsecurity/source/helper/xmlsignaturehelper.cxx b/xmlsecurity/source/helper/xmlsignaturehelper.cxx
index c310633..d41d0fb 100644
--- a/xmlsecurity/source/helper/xmlsignaturehelper.cxx
+++ b/xmlsecurity/source/helper/xmlsignaturehelper.cxx
@@ -39,7 +39,6 @@
#include <com/sun/star/beans/StringPair.hpp>
#include <com/sun/star/xml/sax/Parser.hpp>
#include <com/sun/star/xml/sax/Writer.hpp>
-#include <com/sun/star/xml/crypto/SEInitializer.hpp>
#include <com/sun/star/embed/ElementModes.hpp>
#include <com/sun/star/embed/XStorage.hpp>
#include <com/sun/star/embed/StorageFormats.hpp>
@@ -71,19 +70,6 @@ XMLSignatureHelper::~XMLSignatureHelper()
{
}
-bool XMLSignatureHelper::Init()
-{
- SAL_WARN_IF( mxSEInitializer.is(), "xmlsecurity.helper", "XMLSignatureHelper::Init - mxSEInitializer already set!" );
- SAL_WARN_IF( mxSecurityContext.is(), "xmlsecurity.helper", "XMLSignatureHelper::Init - mxSecurityContext already set!" );
-
- mxSEInitializer = css::xml::crypto::SEInitializer::create( mxCtx );
-
- if ( mxSEInitializer.is() )
- mxSecurityContext = mxSEInitializer->createSecurityContext( OUString() );
-
- return mxSecurityContext.is();
-}
-
void XMLSignatureHelper::SetStorage(
const Reference < css::embed::XStorage >& rxStorage,
const OUString& sODFVersion)
@@ -101,12 +87,12 @@ void XMLSignatureHelper::SetStartVerifySignatureHdl( const Link<LinkParamNone*,b
}
-void XMLSignatureHelper::StartMission()
+void XMLSignatureHelper::StartMission(const uno::Reference<xml::crypto::XXMLSecurityContext>& xSecurityContext)
{
if ( !mxUriBinding.is() )
mxUriBinding = new UriBindingHelper();
- mpXSecController->startMission( mxUriBinding, mxSecurityContext );
+ mpXSecController->startMission(mxUriBinding, xSecurityContext);
}
void XMLSignatureHelper::EndMission()
@@ -314,11 +300,6 @@ SignatureInformations XMLSignatureHelper::GetSignatureInformations() const
return mpXSecController->getSignatureInformations();
}
-uno::Reference< css::xml::crypto::XSecurityEnvironment > XMLSignatureHelper::GetSecurityEnvironment()
-{
- return (mxSecurityContext.is()?(mxSecurityContext->getSecurityEnvironment()): uno::Reference< css::xml::crypto::XSecurityEnvironment >());
-}
-
IMPL_LINK( XMLSignatureHelper, SignatureCreationResultListener, XMLSignatureCreationResult&, rResult, void )
{
maCreationResults.insert( maCreationResults.begin() + maCreationResults.size(), rResult );
More information about the Libreoffice-commits
mailing list