[Libreoffice-commits] core.git: Branch 'feature/gpg4libre2' - 3 commits - comphelper/source package/source sfx2/source xmlsecurity/source
Thorsten Behrens
Thorsten.Behrens at CIB.de
Thu Dec 7 14:02:14 UTC 2017
comphelper/source/misc/storagehelper.cxx | 13 +++++--
package/source/manifest/ManifestExport.cxx | 21 ++++++++----
sfx2/source/dialog/filedlghelper.cxx | 22 +++++++++++--
xmlsecurity/source/component/documentdigitalsignatures.cxx | 8 ++++
xmlsecurity/source/gpg/CertificateImpl.cxx | 6 +--
5 files changed, 54 insertions(+), 16 deletions(-)
New commits:
commit 0ee502ecf168132330619d7a409aa209423e983b
Author: Thorsten Behrens <Thorsten.Behrens at CIB.de>
Date: Thu Dec 7 14:40:34 2017 +0100
fixup manifest writing
Change-Id: I0c62e00cfe281efaaf863585944b9d2f561a4405
diff --git a/package/source/manifest/ManifestExport.cxx b/package/source/manifest/ManifestExport.cxx
index 02ea5a016270..5cf87334ca62 100644
--- a/package/source/manifest/ManifestExport.cxx
+++ b/package/source/manifest/ManifestExport.cxx
@@ -261,13 +261,13 @@ ManifestExport::ManifestExport( uno::Reference< xml::sax::XDocumentHandler > con
pNValue->Value >>= aCipherValue;
}
- if (!aPgpKeyID.hasElements() && !aPgpKeyPacket.hasElements() && !aCipherValue.hasElements() )
+ if (aPgpKeyID.hasElements() && aCipherValue.hasElements() )
{
// ==== manifest:encrypted-key & children - one for each recipient
xHandler->startElement( sEncryptedKeyElement, nullptr );
xHandler->ignorableWhitespace ( sWhiteSpace );
- // TODO: this should rather be configurable
+ // TODO: the algorithm should rather be configurable
pNewAttrList->AddAttribute ( sAlgorithmAttribute, sCdataAttribute,
"http://www.w3.org/2001/04/xmlenc#rsa-oaep-mgf1p" );
xHandler->startElement( sEncryptionMethodElement, xNewAttrList );
@@ -286,11 +286,15 @@ ManifestExport::ManifestExport( uno::Reference< xml::sax::XDocumentHandler > con
xHandler->endElement( sPgpKeyIDElement );
xHandler->ignorableWhitespace ( sWhiteSpace );
- xHandler->startElement( sPGPKeyPacketElement, nullptr );
- ::sax::Converter::encodeBase64(aBuffer, aPgpKeyPacket);
- xHandler->characters( aBuffer.makeStringAndClear() );
- xHandler->endElement( sPGPKeyPacketElement );
- xHandler->ignorableWhitespace ( sWhiteSpace );
+ // key packet is optional
+ if (aPgpKeyPacket.hasElements())
+ {
+ xHandler->startElement( sPGPKeyPacketElement, nullptr );
+ ::sax::Converter::encodeBase64(aBuffer, aPgpKeyPacket);
+ xHandler->characters( aBuffer.makeStringAndClear() );
+ xHandler->endElement( sPGPKeyPacketElement );
+ xHandler->ignorableWhitespace ( sWhiteSpace );
+ }
xHandler->endElement( sPgpDataElement );
xHandler->ignorableWhitespace ( sWhiteSpace );
@@ -448,6 +452,9 @@ ManifestExport::ManifestExport( uno::Reference< xml::sax::XDocumentHandler > con
pNewAttrList->AddAttribute ( sKeyDerivationNameAttribute,
sCdataAttribute,
sPGP_Name );
+ // no start-key-generation needed, our session key has
+ // max size already
+ bStoreStartKeyGeneration = false;
}
else
{
commit d664cecb69a6f28cf06d2dcfb1ecd3801b1f5769
Author: Thorsten Behrens <Thorsten.Behrens at CIB.de>
Date: Thu Dec 7 14:31:36 2017 +0100
return key fingerprint / hashes including null character
Change-Id: I6b32444bab6848e2b5ddec02fd949c71114a66b2
diff --git a/xmlsecurity/source/gpg/CertificateImpl.cxx b/xmlsecurity/source/gpg/CertificateImpl.cxx
index 16eeda80441f..c831011ca50e 100644
--- a/xmlsecurity/source/gpg/CertificateImpl.cxx
+++ b/xmlsecurity/source/gpg/CertificateImpl.cxx
@@ -158,7 +158,7 @@ Sequence< sal_Int8 > SAL_CALL CertificateImpl::getSHA1Thumbprint()
// This is mapped to the fingerprint for gpg
const char* keyId = m_pKey.primaryFingerprint();
return comphelper::arrayToSequence<sal_Int8>(
- keyId, strlen(keyId));
+ keyId, strlen(keyId)+1);
}
Sequence<sal_Int8> CertificateImpl::getSHA256Thumbprint()
@@ -167,7 +167,7 @@ Sequence<sal_Int8> CertificateImpl::getSHA256Thumbprint()
// SHA1 actually)
const char* keyId = m_pKey.primaryFingerprint();
return comphelper::arrayToSequence<sal_Int8>(
- keyId, strlen(keyId));
+ keyId, strlen(keyId)+1);
}
Sequence< sal_Int8 > SAL_CALL CertificateImpl::getMD5Thumbprint()
@@ -175,7 +175,7 @@ Sequence< sal_Int8 > SAL_CALL CertificateImpl::getMD5Thumbprint()
// This is mapped to the shorter keyID for gpg
const char* keyId = m_pKey.keyID();
return comphelper::arrayToSequence<sal_Int8>(
- keyId, strlen(keyId));
+ keyId, strlen(keyId)+1);
}
CertificateKind SAL_CALL CertificateImpl::getCertificateKind()
commit 0e68f42446277a34747c5ecfb8f838f35d74f88d
Author: Thorsten Behrens <Thorsten.Behrens at CIB.de>
Date: Thu Dec 7 14:31:18 2017 +0100
fixup cert selection
Change-Id: I957427f2fa3a02f40cd823663144e08d1e624cbd
diff --git a/comphelper/source/misc/storagehelper.cxx b/comphelper/source/misc/storagehelper.cxx
index a05fb1358f3f..7fa46554b595 100644
--- a/comphelper/source/misc/storagehelper.cxx
+++ b/comphelper/source/misc/storagehelper.cxx
@@ -17,6 +17,8 @@
* the License at http://www.apache.org/licenses/LICENSE-2.0 .
*/
+#include <config_gpgme.h>
+
#include <com/sun/star/embed/ElementModes.hpp>
#include <com/sun/star/embed/XEncryptionProtectedSource2.hpp>
#include <com/sun/star/embed/XEncryptionProtectedStorage.hpp>
@@ -459,6 +461,9 @@ uno::Sequence< beans::NamedValue > OStorageHelper::CreateGpgPackageEncryptionDat
uno::Sequence< uno::Reference< security::XCertificate > > xSignCertificates=
xSigner->chooseEncryptionCertificate();
+ if (!xSignCertificates.hasElements())
+ return uno::Sequence< beans::NamedValue >(); // user cancelled
+
// generate one encrypted key entry for each recipient
// ---------------------------------------------------
@@ -478,13 +483,13 @@ uno::Sequence< beans::NamedValue > OStorageHelper::CreateGpgPackageEncryptionDat
{
uno::Sequence < sal_Int8 > aKeyID;
if (pCerts->is())
- aKeyID = (*pCerts)->getSHA256Thumbprint();
+ aKeyID = (*pCerts)->getSHA1Thumbprint();
std::vector<GpgME::Key> keys;
keys.push_back(
ctx->key(
reinterpret_cast<const char*>(aKeyID.getConstArray()),
- err, true));
+ err, false));
// ctx is setup now, let's encrypt the lot!
GpgME::Data plain(
@@ -504,7 +509,9 @@ uno::Sequence< beans::NamedValue > OStorageHelper::CreateGpgPackageEncryptionDat
len += curr;
if(crypt_res.error() || !len)
- throw uno::RuntimeException("The GpgME library failed to encrypt.");
+ throw lang::IllegalArgumentException(
+ "Not a suitable key, or failed to encrypt.",
+ css::uno::Reference<css::uno::XInterface>(), i);
uno::Sequence < sal_Int8 > aCipherValue(len);
result = cipher.seek(0,SEEK_SET);
diff --git a/sfx2/source/dialog/filedlghelper.cxx b/sfx2/source/dialog/filedlghelper.cxx
index 3393046a66bd..6e997d92ebc5 100644
--- a/sfx2/source/dialog/filedlghelper.cxx
+++ b/sfx2/source/dialog/filedlghelper.cxx
@@ -1521,8 +1521,26 @@ ErrCode FileDialogHelper_Impl::execute( std::vector<OUString>& rpURLList,
bool bGpg = false;
if ( ( aValue >>= bGpg ) && bGpg )
{
- // ask for a key
- rpSet->Put( SfxUnoAnyItem( SID_ENCRYPTIONDATA, uno::makeAny( ::comphelper::OStorageHelper::CreateGpgPackageEncryptionData() ) ) );
+ uno::Sequence< beans::NamedValue > aEncryptionData;
+ while(true)
+ {
+ try
+ {
+ // ask for keys
+ aEncryptionData = ::comphelper::OStorageHelper::CreateGpgPackageEncryptionData();
+ break; // user cancelled or we've some keys now
+ }
+ catch( const IllegalArgumentException& )
+ {
+ ScopedVclPtrInstance< MessageDialog > aBox(
+ mpPreferredParentWindow,
+ SfxResId(RID_SVXSTR_INCORRECT_PASSWORD));
+ aBox->Execute();
+ }
+ }
+
+ if ( aEncryptionData.hasElements() )
+ rpSet->Put( SfxUnoAnyItem( SID_ENCRYPTIONDATA, uno::makeAny( aEncryptionData) ) );
}
}
catch( const IllegalArgumentException& ){}
diff --git a/xmlsecurity/source/component/documentdigitalsignatures.cxx b/xmlsecurity/source/component/documentdigitalsignatures.cxx
index 2ae69ee3ddd2..9d1244973de7 100644
--- a/xmlsecurity/source/component/documentdigitalsignatures.cxx
+++ b/xmlsecurity/source/component/documentdigitalsignatures.cxx
@@ -497,7 +497,13 @@ Reference< css::security::XCertificate > DocumentDigitalSignatures::chooseSignin
css::uno::Sequence< Reference< css::security::XCertificate > > DocumentDigitalSignatures::chooseEncryptionCertificate()
{
std::map<OUString, OUString> aProperties;
- return chooseCertificatesImpl( aProperties, UserAction::Encrypt );
+ uno::Sequence< Reference< css::security::XCertificate > > aCerts=
+ chooseCertificatesImpl( aProperties, UserAction::Encrypt );
+ if (aCerts.getLength() == 1 && !aCerts[0].is())
+ // our error case contract is: empty sequence, so map that!
+ return uno::Sequence< Reference< css::security::XCertificate > >();
+ else
+ return aCerts;
}
css::uno::Reference< css::security::XCertificate > DocumentDigitalSignatures::chooseCertificateWithProps(Sequence<::com::sun::star::beans::PropertyValue>& rProperties)
More information about the Libreoffice-commits
mailing list