[Libreoffice-commits] core.git: xmlsecurity/qa

Miklos Vajna vmiklos at collabora.co.uk
Wed Nov 30 14:13:43 UTC 2016 

 xmlsecurity/qa/unit/signing/data/good-xades.odt |binary
 xmlsecurity/qa/unit/signing/data/no.odt         |binary
 xmlsecurity/qa/unit/signing/signing.cxx         |   33 ++++++++++++++++++++++++
 3 files changed, 33 insertions(+)

New commits:
commit deaa4701e609f698999c3e05ce79b15f4cb94670
Author: Miklos Vajna <vmiklos at collabora.co.uk>
Date:   Wed Nov 30 11:01:29 2016 +0100

    CppunitTest_xmlsecurity_signing: add 2 more ODF / XAdES tests
    
    1) Make sure we handle the case when the document has a signature
    stream, but it's empty.
    
    2) Make sure we find a given XAdES-enabled ODF document valid.
    Previously this was tested only dynamically, i.e. breaking both the
    import and the export at the same time went unnoticed.
    
    Change-Id: Icaa29cfa1f5b817459239ee8dbdc3bf023a2a1a7
    Reviewed-on: https://gerrit.libreoffice.org/31413
    Tested-by: Jenkins <ci at libreoffice.org>
    Reviewed-by: Miklos Vajna <vmiklos at collabora.co.uk>

diff --git a/xmlsecurity/qa/unit/signing/data/good-xades.odt b/xmlsecurity/qa/unit/signing/data/good-xades.odt
new file mode 100644
index 0000000..4f96d4b
Binary files /dev/null and b/xmlsecurity/qa/unit/signing/data/good-xades.odt differ
diff --git a/xmlsecurity/qa/unit/signing/data/no.odt b/xmlsecurity/qa/unit/signing/data/no.odt
new file mode 100644
index 0000000..22cf768
Binary files /dev/null and b/xmlsecurity/qa/unit/signing/data/no.odt differ
diff --git a/xmlsecurity/qa/unit/signing/signing.cxx b/xmlsecurity/qa/unit/signing/signing.cxx
index 5bcf0c2..8ddc39b 100644
--- a/xmlsecurity/qa/unit/signing/signing.cxx
+++ b/xmlsecurity/qa/unit/signing/signing.cxx
@@ -69,6 +69,8 @@ public:
     void testODFGood();
     /// Test a typical broken ODF signature where one stream is corrupted.
     void testODFBroken();
+    /// Document has a signature stream, but no actual signatures.
+    void testODFNo();
     /// Test a typical OOXML where a number of (but not all) streams are signed.
     void testOOXMLPartial();
     /// Test a typical broken OOXML signature where one stream is corrupted.
@@ -90,12 +92,16 @@ public:
 #endif
     void test96097Calc();
     void test96097Doc();
+    /// Creates a XAdES signature from scratch.
     void testXAdES();
+    /// Works with an existing good XAdES signature.
+    void testXAdESGood();
 
     CPPUNIT_TEST_SUITE(SigningTest);
     CPPUNIT_TEST(testDescription);
     CPPUNIT_TEST(testODFGood);
     CPPUNIT_TEST(testODFBroken);
+    CPPUNIT_TEST(testODFNo);
     CPPUNIT_TEST(testODFBroken);
     CPPUNIT_TEST(testOOXMLPartial);
     CPPUNIT_TEST(testOOXMLBroken);
@@ -111,6 +117,7 @@ public:
     CPPUNIT_TEST(test96097Calc);
     CPPUNIT_TEST(test96097Doc);
     CPPUNIT_TEST(testXAdES);
+    CPPUNIT_TEST(testXAdESGood);
     CPPUNIT_TEST_SUITE_END();
 
 private:
@@ -380,6 +387,16 @@ void SigningTest::testODFBroken()
     CPPUNIT_ASSERT_EQUAL(static_cast<int>(SignatureState::BROKEN), static_cast<int>(pObjectShell->GetDocumentSignatureState()));
 }
 
+void SigningTest::testODFNo()
+{
+    createDoc(m_directories.getURLFromSrc(DATA_DIRECTORY) + "no.odt");
+    SfxBaseModel* pBaseModel = dynamic_cast<SfxBaseModel*>(mxComponent.get());
+    CPPUNIT_ASSERT(pBaseModel);
+    SfxObjectShell* pObjectShell = pBaseModel->GetObjectShell();
+    CPPUNIT_ASSERT(pObjectShell);
+    CPPUNIT_ASSERT_EQUAL(static_cast<int>(SignatureState::NOSIGNATURES), static_cast<int>(pObjectShell->GetDocumentSignatureState()));
+}
+
 void SigningTest::testOOXMLPartial()
 {
     createDoc(m_directories.getURLFromSrc(DATA_DIRECTORY) + "partial.docx");
@@ -591,6 +608,22 @@ void SigningTest::testXAdES()
     assertXPath(pXmlDoc, "//xd:CertDigest", 1);
 }
 
+void SigningTest::testXAdESGood()
+{
+    createDoc(m_directories.getURLFromSrc(DATA_DIRECTORY) + "good-xades.odt");
+    SfxBaseModel* pBaseModel = dynamic_cast<SfxBaseModel*>(mxComponent.get());
+    CPPUNIT_ASSERT(pBaseModel);
+    SfxObjectShell* pObjectShell = pBaseModel->GetObjectShell();
+    CPPUNIT_ASSERT(pObjectShell);
+    // We expect NOTVALIDATED in case the root CA is not imported on the system, and OK otherwise, so accept both.
+    SignatureState nActual = pObjectShell->GetDocumentSignatureState();
+    CPPUNIT_ASSERT_MESSAGE(
+        (OString::number(
+             static_cast<std::underlying_type<SignatureState>::type>(nActual))
+         .getStr()),
+        (nActual == SignatureState::NOTVALIDATED
+         || nActual == SignatureState::OK));
+}
 void SigningTest::registerNamespaces(xmlXPathContextPtr& pXmlXpathCtx)
 {
     xmlXPathRegisterNs(pXmlXpathCtx, BAD_CAST("odfds"), BAD_CAST("urn:oasis:names:tc:opendocument:xmlns:digitalsignature:1.0"));

More information about the Libreoffice-commits mailing list