[Libreoffice-commits] core.git: sfx2/source xmlsecurity/inc xmlsecurity/source
Miklos Vajna
vmiklos at collabora.co.uk
Thu Oct 20 11:45:09 UTC 2016
sfx2/source/doc/docfile.cxx | 2
xmlsecurity/inc/pdfsignaturehelper.hxx | 12 ++++
xmlsecurity/source/helper/documentsignaturemanager.cxx | 15 +++++
xmlsecurity/source/helper/pdfsignaturehelper.cxx | 44 +++++++++++++++++
4 files changed, 72 insertions(+), 1 deletion(-)
New commits:
commit e2b6ab0bb25deb9feb4f01c26bacf1c482329c62
Author: Miklos Vajna <vmiklos at collabora.co.uk>
Date: Thu Oct 20 13:44:03 2016 +0200
xmlsecurity: add initial PDF sign UI
An unsigned PDF can be signed now, but the stream still gets truncated
on closing the dialog.
Change-Id: I12dd50bf577cd23b3355f6c6d03e71a9c0dbcfab
diff --git a/sfx2/source/doc/docfile.cxx b/sfx2/source/doc/docfile.cxx
index e41f716..2f0455c 100644
--- a/sfx2/source/doc/docfile.cxx
+++ b/sfx2/source/doc/docfile.cxx
@@ -3606,7 +3606,7 @@ bool SfxMedium::SignContents_Impl( bool bScriptingContent, const OUString& aODFV
else
{
// Something not based: e.g. PDF.
- SvStream* pStream = utl::UcbStreamHelper::CreateStream(GetName(), StreamMode::READ);
+ SvStream* pStream = utl::UcbStreamHelper::CreateStream(GetName(), StreamMode::READ | StreamMode::WRITE);
uno::Reference<io::XStream> xStream(new utl::OStreamWrapper(*pStream));
if (xSigner->signDocumentContent(uno::Reference<embed::XStorage>(), xStream))
bChanges = true;
diff --git a/xmlsecurity/inc/pdfsignaturehelper.hxx b/xmlsecurity/inc/pdfsignaturehelper.hxx
index 1e86f39..bae8d3c 100644
--- a/xmlsecurity/inc/pdfsignaturehelper.hxx
+++ b/xmlsecurity/inc/pdfsignaturehelper.hxx
@@ -29,11 +29,23 @@ class XMLSECURITY_DLLPUBLIC PDFSignatureHelper
css::uno::Reference<css::xml::crypto::XXMLSecurityContext> m_xSecurityContext;
SignatureInformations m_aSignatureInfos;
+ css::uno::Reference<css::security::XCertificate> m_xCertificate;
+ OUString m_aDescription;
+
public:
PDFSignatureHelper(const css::uno::Reference<css::uno::XComponentContext>& xComponentContext);
bool ReadAndVerifySignature(const css::uno::Reference<css::io::XInputStream>& xInputStream);
css::uno::Sequence<css::security::DocumentSignatureInformation> GetDocumentSignatureInformations() const;
SignatureInformations GetSignatureInformations() const;
+
+ /// Return the ID of the next created signature.
+ sal_Int32 GetNewSecurityId() const;
+ /// Certificate to be used next time signing is performed.
+ void SetX509Certificate(const css::uno::Reference<css::security::XCertificate>& xCertificate);
+ /// Comment / reason to be used next time signing is performed.
+ void SetDescription(const OUString& rDescription);
+ /// Append a new signature at the end of xInputStream.
+ bool Sign(const css::uno::Reference<css::io::XInputStream>& xInputStream);
};
#endif // INCLUDED_XMLSECURITY_INC_PDFSIGNATUREHELPER_HXX
diff --git a/xmlsecurity/source/helper/documentsignaturemanager.cxx b/xmlsecurity/source/helper/documentsignaturemanager.cxx
index 5fa5f17..05fbf3d 100644
--- a/xmlsecurity/source/helper/documentsignaturemanager.cxx
+++ b/xmlsecurity/source/helper/documentsignaturemanager.cxx
@@ -209,6 +209,21 @@ bool DocumentSignatureManager::add(const uno::Reference<security::XCertificate>&
return false;
}
+ if (!mxStore.is())
+ {
+ // Something not ZIP based, try PDF.
+ nSecurityId = getPDFSignatureHelper().GetNewSecurityId();
+ getPDFSignatureHelper().SetX509Certificate(xCert);
+ getPDFSignatureHelper().SetDescription(rDescription);
+ uno::Reference<io::XInputStream> xInputStream(mxSignatureStream, uno::UNO_QUERY);
+ if (!getPDFSignatureHelper().Sign(xInputStream))
+ {
+ SAL_WARN("xmlsecurity.helper", "PDFSignatureHelper::Sign() failed");
+ return false;
+ }
+ return true;
+ }
+
maSignatureHelper.StartMission();
nSecurityId = maSignatureHelper.GetNewSecurityId();
diff --git a/xmlsecurity/source/helper/pdfsignaturehelper.cxx b/xmlsecurity/source/helper/pdfsignaturehelper.cxx
index 2e6fa89..9529eef 100644
--- a/xmlsecurity/source/helper/pdfsignaturehelper.cxx
+++ b/xmlsecurity/source/helper/pdfsignaturehelper.cxx
@@ -51,6 +51,8 @@ bool PDFSignatureHelper::ReadAndVerifySignature(const uno::Reference<io::XInputS
if (aSignatures.empty())
return true;
+ m_aSignatureInfos.clear();
+
for (size_t i = 0; i < aSignatures.size(); ++i)
{
SignatureInformation aInfo(i);
@@ -104,4 +106,46 @@ uno::Sequence<security::DocumentSignatureInformation> PDFSignatureHelper::GetDoc
return aRet;
}
+sal_Int32 PDFSignatureHelper::GetNewSecurityId() const
+{
+ return m_aSignatureInfos.size();
+}
+
+void PDFSignatureHelper::SetX509Certificate(const uno::Reference<security::XCertificate>& xCertificate)
+{
+ m_xCertificate = xCertificate;
+}
+
+void PDFSignatureHelper::SetDescription(const OUString& rDescription)
+{
+ m_aDescription = rDescription;
+}
+
+bool PDFSignatureHelper::Sign(const uno::Reference<io::XInputStream>& xInputStream)
+{
+ std::unique_ptr<SvStream> pStream(utl::UcbStreamHelper::CreateStream(xInputStream, true));
+ xmlsecurity::pdfio::PDFDocument aDocument;
+ if (!aDocument.Read(*pStream))
+ {
+ SAL_WARN("xmlsecurity.helper", "failed to read the document");
+ return false;
+ }
+
+ if (!aDocument.Sign(m_xCertificate))
+ {
+ SAL_WARN("xmlsecurity.helper", "failed to sign");
+ return false;
+ }
+
+ uno::Reference<io::XStream> xStream(xInputStream, uno::UNO_QUERY);
+ std::unique_ptr<SvStream> pOutStream(utl::UcbStreamHelper::CreateStream(xStream, true));
+ if (!aDocument.Write(*pOutStream))
+ {
+ SAL_WARN("xmlsecurity.helper", "failed to write signed data");
+ return false;
+ }
+
+ return true;
+}
+
/* vim:set shiftwidth=4 softtabstop=4 expandtab: */
More information about the Libreoffice-commits
mailing list