[Libreoffice-commits] core.git: xmlsecurity/qa

Thorsten Behrens Thorsten.Behrens at CIB.de
Thu Dec 7 07:41:05 UTC 2017 

 xmlsecurity/qa/unit/signing/data/badDsigGPG.odt       |binary
 xmlsecurity/qa/unit/signing/data/badStreamGPG.odt     |binary
 xmlsecurity/qa/unit/signing/data/goodGPG.odt          |binary
 xmlsecurity/qa/unit/signing/data/pubring.gpg          |binary
 xmlsecurity/qa/unit/signing/data/random_seed          |    2 
 xmlsecurity/qa/unit/signing/data/secring.gpg          |binary
 xmlsecurity/qa/unit/signing/data/trustdb.gpg          |binary
 xmlsecurity/qa/unit/signing/data/untrustedGoodGPG.odt |binary
 xmlsecurity/qa/unit/signing/signing.cxx               |   91 +++++++++++++++++-
 9 files changed, 92 insertions(+), 1 deletion(-)

New commits:
commit 6da58b0e842b81669e5076c2c00dddf67a5616e1
Author: Thorsten Behrens <Thorsten.Behrens at CIB.de>
Date:   Wed Dec 6 14:02:25 2017 +0100

    gpg4libre: add unit tests for ODF signing feature
    
    Since this requires a working gpg setup, limit to linux for the
    moment. If you need to add signatures or redo them, run LibreOffice
    from a shell with env var
    GNUPGHOME=<core>/xmlsecurity/qa/unit/signing/data/ set.
    
    For editing keys, gpg2 also accepts a
    --homedir=<core>/xmlsecurity/qa/unit/signing/data/ option
    
    Change-Id: I59e5b563098b19d05c8c2db32537241bc835fc80
    Reviewed-on: https://gerrit.libreoffice.org/45950
    Tested-by: Jenkins <ci at libreoffice.org>
    Reviewed-by: Thorsten Behrens <Thorsten.Behrens at CIB.de>

diff --git a/xmlsecurity/qa/unit/signing/data/badDsigGPG.odt b/xmlsecurity/qa/unit/signing/data/badDsigGPG.odt
new file mode 100644
index 000000000000..032ddbf7a276
Binary files /dev/null and b/xmlsecurity/qa/unit/signing/data/badDsigGPG.odt differ
diff --git a/xmlsecurity/qa/unit/signing/data/badStreamGPG.odt b/xmlsecurity/qa/unit/signing/data/badStreamGPG.odt
new file mode 100644
index 000000000000..252ea26b00b1
Binary files /dev/null and b/xmlsecurity/qa/unit/signing/data/badStreamGPG.odt differ
diff --git a/xmlsecurity/qa/unit/signing/data/goodGPG.odt b/xmlsecurity/qa/unit/signing/data/goodGPG.odt
new file mode 100644
index 000000000000..a02af30169fe
Binary files /dev/null and b/xmlsecurity/qa/unit/signing/data/goodGPG.odt differ
diff --git a/xmlsecurity/qa/unit/signing/data/pubring.gpg b/xmlsecurity/qa/unit/signing/data/pubring.gpg
new file mode 100644
index 000000000000..40a8d53fb401
Binary files /dev/null and b/xmlsecurity/qa/unit/signing/data/pubring.gpg differ
diff --git a/xmlsecurity/qa/unit/signing/data/random_seed b/xmlsecurity/qa/unit/signing/data/random_seed
new file mode 100644
index 000000000000..8e68109a880e
--- /dev/null
+++ b/xmlsecurity/qa/unit/signing/data/random_seed
@@ -0,0 +1,2 @@
+°Á,A?	´	p£Ôj`\ÚGkV¿feTâ*ì;¼^hÌFÖ™¾3µ}‡²´iõÅsAØr¾‘9©B´h¡oWF€æÀ! !‹7(â;9µ±xÚ*L¯zY„¡8=ë#ç6æñÇï3ˆY&](^“浊4änZ?ålÿ.÷®ÔÓïØ‹}Öµ]¡5w6!Ç?ç¼l†ãÁ'%k©.^,IfÏVîVÏÓ¥'_R!QºéUÝªiDöUZ" ¦ö°­Z°$R^Mf“Øç—àï )_~»‰ñûw‡oʇÃ6–c©3ž/ CÌñ÷Åù*‰EÅ;BzQ"MÛúÖ¶QCú-é×Òí¾¼'…Ý•y³$…ë_
ӛϟ!^s2zht¯LÇNÖ;¼©Íè¶\ûÁÅ«çÌ0m冑øöG¼÷9õ‘M_­®“'ÕÆm‡(K·HÏ|‚ñôôŠ®ÌézšŸU;0žAz|ñ½°§8‘òX‡=aÙHºX>cÂ4&›Å6¢ãÜkñÓ/TìCä–Æýš¿sÈÀÊ_‘O`ä %M–{UDš çù¸–“{Ô;[cV9Ä]!ýf@—û(p˜^ÝÐ[ÿî‡híÌáyòöséTäëotf(«Ž"™Î(×qN²©—c¤r ÚÓ½aµÔÐÜŸµ
‡Û›§õ·³*³?Œ>õYC6Å“øaŽ%'Ë]Ìi=g¯lR
+/R°?uÿâñâê7[ÄF(È
\ No newline at end of file
diff --git a/xmlsecurity/qa/unit/signing/data/secring.gpg b/xmlsecurity/qa/unit/signing/data/secring.gpg
new file mode 100644
index 000000000000..d98950c22ecd
Binary files /dev/null and b/xmlsecurity/qa/unit/signing/data/secring.gpg differ
diff --git a/xmlsecurity/qa/unit/signing/data/trustdb.gpg b/xmlsecurity/qa/unit/signing/data/trustdb.gpg
new file mode 100644
index 000000000000..c86bb02f3d79
Binary files /dev/null and b/xmlsecurity/qa/unit/signing/data/trustdb.gpg differ
diff --git a/xmlsecurity/qa/unit/signing/data/untrustedGoodGPG.odt b/xmlsecurity/qa/unit/signing/data/untrustedGoodGPG.odt
new file mode 100644
index 000000000000..e1b36d54417e
Binary files /dev/null and b/xmlsecurity/qa/unit/signing/data/untrustedGoodGPG.odt differ
diff --git a/xmlsecurity/qa/unit/signing/signing.cxx b/xmlsecurity/qa/unit/signing/signing.cxx
index 4d2419cf6e41..635993eb38b6 100644
--- a/xmlsecurity/qa/unit/signing/signing.cxx
+++ b/xmlsecurity/qa/unit/signing/signing.cxx
@@ -8,6 +8,7 @@
  */
 
 #include <config_features.h>
+#include <config_gpgme.h>
 
 #include <sal/config.h>
 
@@ -102,7 +103,18 @@ public:
     void testXAdESGood();
     /// Test importing of signature line images
     void testSignatureLineImages();
-
+#ifdef LINUX
+# if GPGME_HAVE_GPGME
+    /// Test a typical ODF where all streams are GPG-signed.
+    void testODFGoodGPG();
+    /// Test a typical ODF where all streams are GPG-signed, but we don't trust the signature.
+    void testODFUntrustedGoodGPG();
+    /// Test a typical broken ODF signature where one stream is corrupted.
+    void testODFBrokenStreamGPG();
+    /// Test a typical broken ODF signature where the XML dsig hash is corrupted.
+    void testODFBrokenDsigGPG();
+# endif
+#endif
     CPPUNIT_TEST_SUITE(SigningTest);
     CPPUNIT_TEST(testDescription);
     CPPUNIT_TEST(testODFGood);
@@ -125,6 +137,14 @@ public:
     CPPUNIT_TEST(testXAdES);
     CPPUNIT_TEST(testXAdESGood);
     CPPUNIT_TEST(testSignatureLineImages);
+#ifdef LINUX
+# if GPGME_HAVE_GPGME
+    CPPUNIT_TEST(testODFGoodGPG);
+    CPPUNIT_TEST(testODFUntrustedGoodGPG);
+    CPPUNIT_TEST(testODFBrokenStreamGPG);
+    CPPUNIT_TEST(testODFBrokenDsigGPG);
+# endif
+#endif
     CPPUNIT_TEST_SUITE_END();
 
 private:
@@ -157,6 +177,16 @@ void SigningTest::setUp()
     osl::FileBase::getSystemPathFromFileURL(aTargetDir, aTargetPath);
     setenv("MOZILLA_CERTIFICATE_FOLDER", aTargetPath.toUtf8().getStr(), 1);
 #endif
+#ifdef LINUX
+# if GPGME_HAVE_GPGME
+    // Make gpg use our own defined setup below data dir
+    OUString aHomePath;
+    osl::FileBase::getSystemPathFromFileURL(
+        m_directories.getURLFromSrc(DATA_DIRECTORY),
+        aHomePath);
+    setenv("GNUPGHOME", aHomePath.toUtf8().getStr(), 1);
+# endif
+#endif
 }
 
 void SigningTest::tearDown()
@@ -657,6 +687,65 @@ void SigningTest::testSignatureLineImages()
     CPPUNIT_ASSERT(xSignatureInfo[0].InvalidSignatureLineImage.is());
 }
 
+#ifdef LINUX
+# if GPGME_HAVE_GPGME
+void SigningTest::testODFGoodGPG()
+{
+    createDoc(m_directories.getURLFromSrc(DATA_DIRECTORY) + "goodGPG.odt");
+    SfxBaseModel* pBaseModel = dynamic_cast<SfxBaseModel*>(mxComponent.get());
+    CPPUNIT_ASSERT(pBaseModel);
+    SfxObjectShell* pObjectShell = pBaseModel->GetObjectShell();
+    CPPUNIT_ASSERT(pObjectShell);
+    // Our local gpg config fully trusts the signing cert, so in
+    // contrast to the X509 test we can fail on NOTVALIDATED here
+    SignatureState nActual = pObjectShell->GetDocumentSignatureState();
+    CPPUNIT_ASSERT_EQUAL_MESSAGE(
+        (OString::number(
+             static_cast<std::underlying_type<SignatureState>::type>(nActual))
+         .getStr()),
+        nActual, SignatureState::OK);
+}
+
+void SigningTest::testODFUntrustedGoodGPG()
+{
+    createDoc(m_directories.getURLFromSrc(DATA_DIRECTORY) + "untrustedGoodGPG.odt");
+    SfxBaseModel* pBaseModel = dynamic_cast<SfxBaseModel*>(mxComponent.get());
+    CPPUNIT_ASSERT(pBaseModel);
+    SfxObjectShell* pObjectShell = pBaseModel->GetObjectShell();
+    CPPUNIT_ASSERT(pObjectShell);
+    // Our local gpg config does _not_ trust the signing cert, so in
+    // contrast to the X509 test we can fail everything but
+    // NOTVALIDATED here
+    SignatureState nActual = pObjectShell->GetDocumentSignatureState();
+    CPPUNIT_ASSERT_EQUAL_MESSAGE(
+        (OString::number(
+             static_cast<std::underlying_type<SignatureState>::type>(nActual))
+         .getStr()),
+        nActual, SignatureState::NOTVALIDATED);
+}
+
+void SigningTest::testODFBrokenStreamGPG()
+{
+    createDoc(m_directories.getURLFromSrc(DATA_DIRECTORY) + "badStreamGPG.odt");
+    SfxBaseModel* pBaseModel = dynamic_cast<SfxBaseModel*>(mxComponent.get());
+    CPPUNIT_ASSERT(pBaseModel);
+    SfxObjectShell* pObjectShell = pBaseModel->GetObjectShell();
+    CPPUNIT_ASSERT(pObjectShell);
+    CPPUNIT_ASSERT_EQUAL(static_cast<int>(SignatureState::BROKEN), static_cast<int>(pObjectShell->GetDocumentSignatureState()));
+}
+
+void SigningTest::testODFBrokenDsigGPG()
+{
+    createDoc(m_directories.getURLFromSrc(DATA_DIRECTORY) + "badDsigGPG.odt");
+    SfxBaseModel* pBaseModel = dynamic_cast<SfxBaseModel*>(mxComponent.get());
+    CPPUNIT_ASSERT(pBaseModel);
+    SfxObjectShell* pObjectShell = pBaseModel->GetObjectShell();
+    CPPUNIT_ASSERT(pObjectShell);
+    CPPUNIT_ASSERT_EQUAL(static_cast<int>(SignatureState::BROKEN), static_cast<int>(pObjectShell->GetDocumentSignatureState()));
+}
+# endif
+#endif
+
 void SigningTest::registerNamespaces(xmlXPathContextPtr& pXmlXpathCtx)
 {
     xmlXPathRegisterNs(pXmlXpathCtx, BAD_CAST("odfds"), BAD_CAST("urn:oasis:names:tc:opendocument:xmlns:digitalsignature:1.0"));

More information about the Libreoffice-commits mailing list