[Libreoffice-commits] core.git: Branch 'libreoffice-5-4-0' - xmlsecurity/inc xmlsecurity/source

Samuel Mehrbrodt Samuel.Mehrbrodt at cib.de
Thu Jul 13 13:51:52 UTC 2017


 xmlsecurity/inc/sigstruct.hxx                          |    1 
 xmlsecurity/inc/xmlsignaturehelper.hxx                 |    2 
 xmlsecurity/inc/xsecctl.hxx                            |    4 +
 xmlsecurity/source/dialogs/digitalsignaturesdialog.cxx |   47 +++++++++--------
 xmlsecurity/source/helper/documentsignaturemanager.cxx |    2 
 xmlsecurity/source/helper/xmlsignaturehelper.cxx       |    6 +-
 xmlsecurity/source/helper/xsecctl.cxx                  |    7 ++
 xmlsecurity/source/helper/xsecparser.cxx               |   16 +++++
 xmlsecurity/source/helper/xsecparser.hxx               |    2 
 xmlsecurity/source/helper/xsecsign.cxx                 |    5 +
 xmlsecurity/source/helper/xsecverify.cxx               |   11 +++
 11 files changed, 76 insertions(+), 27 deletions(-)

New commits:
commit 25e0fef51557d2c93cf287dfb4721bb4c0086107
Author: Samuel Mehrbrodt <Samuel.Mehrbrodt at cib.de>
Date:   Mon Jul 10 10:02:10 2017 +0200

    tdf#108977 Show signature info for keys we don't have locally
    
    gpg4libre
    
    Reviewed-on: https://gerrit.libreoffice.org/39742
    Reviewed-by: Thorsten Behrens <Thorsten.Behrens at CIB.de>
    Tested-by: Thorsten Behrens <Thorsten.Behrens at CIB.de>
    (cherry picked from commit 820bd4b3b64a5746599c48c729037a959ff61c84)
    
    Change-Id: I89593224590007e61bce95c14922c08551282067
    Reviewed-on: https://gerrit.libreoffice.org/39793
    Reviewed-by: Katarina Behrens <Katarina.Behrens at cib.de>
    Reviewed-by: Miklos Vajna <vmiklos at collabora.co.uk>
    Tested-by: Miklos Vajna <vmiklos at collabora.co.uk>

diff --git a/xmlsecurity/inc/sigstruct.hxx b/xmlsecurity/inc/sigstruct.hxx
index 68e64176206b..ff6ee5e5d3a5 100644
--- a/xmlsecurity/inc/sigstruct.hxx
+++ b/xmlsecurity/inc/sigstruct.hxx
@@ -77,6 +77,7 @@ struct SignatureInformation
 
     OUString ouGpgKeyID;
     OUString ouGpgCertificate;
+    OUString ouGpgOwner;
 
     OUString ouSignatureValue;
     css::util::DateTime stDateTime;
diff --git a/xmlsecurity/inc/xmlsignaturehelper.hxx b/xmlsecurity/inc/xmlsignaturehelper.hxx
index 261a4792cd61..a473b1efd840 100644
--- a/xmlsecurity/inc/xmlsignaturehelper.hxx
+++ b/xmlsecurity/inc/xmlsignaturehelper.hxx
@@ -155,7 +155,7 @@ public:
     void AddEncapsulatedX509Certificate(const OUString& ouEncapsulatedX509Certificate);
 
     void SetGpgCertificate(sal_Int32 nSecurityId, const OUString& ouGpgCertDigest,
-        const OUString& ouGpgCert);
+        const OUString& ouGpgCert, const OUString& ouGpgOwner);
 
     void        SetDateTime( sal_Int32 nSecurityId, const Date& rDate, const tools::Time& rTime );
     void SetDescription(sal_Int32 nSecurityId, const OUString& rDescription);
diff --git a/xmlsecurity/inc/xsecctl.hxx b/xmlsecurity/inc/xsecctl.hxx
index a38c1cbf8e3d..9ddc22affbae 100644
--- a/xmlsecurity/inc/xsecctl.hxx
+++ b/xmlsecurity/inc/xsecctl.hxx
@@ -309,6 +309,7 @@ private:
     void setDigestValue( sal_Int32 nDigestID, OUString& ouDigestValue );
     void setGpgKeyID( OUString& ouKeyID );
     void setGpgCertificate( OUString& ouGpgCert );
+    void setGpgOwner( OUString& ouGpgOwner );
 
     void setDate( OUString& ouDate );
     void setDescription(const OUString& rDescription);
@@ -388,7 +389,8 @@ public:
     void setGpgCertificate(
         sal_Int32 nSecurityId,
         const OUString& ouCertDigest,
-        const OUString& ouCert);
+        const OUString& ouCert,
+        const OUString& ouOwner);
 
     void setDate(
         sal_Int32 nSecurityId,
diff --git a/xmlsecurity/source/dialogs/digitalsignaturesdialog.cxx b/xmlsecurity/source/dialogs/digitalsignaturesdialog.cxx
index 6df31eec715f..22154dc4b2a3 100644
--- a/xmlsecurity/source/dialogs/digitalsignaturesdialog.cxx
+++ b/xmlsecurity/source/dialogs/digitalsignaturesdialog.cxx
@@ -532,7 +532,6 @@ void DigitalSignaturesDialog::ImplFillSignaturesBox()
             const SignatureInformation& rInfo = maSignatureManager.maCurrentSignatureInformations[n];
             uno::Reference< css::security::XCertificate > xCert = getCertificate(rInfo);
 
-            // TODO - should use pgpdata from info provider?
             OUString aSubject;
             OUString aIssuer;
             OUString aDateTimeStr;
@@ -559,28 +558,34 @@ void DigitalSignaturesDialog::ImplFillSignaturesBox()
 
                 aSubject = XmlSec::GetContentPart( xCert->getSubjectName() );
                 aIssuer = XmlSec::GetContentPart( xCert->getIssuerName() );
-                // String with date and time information (#i20172#)
-                aDateTimeStr = XmlSec::GetDateTimeString( rInfo.stDateTime );
-                aDescription = rInfo.ouDescription;
-
-                // Decide type string.
-                if (maSignatureManager.mxStore.is())
-                {
-                    // XML based: XAdES or not.
-                    if (!rInfo.ouCertDigest.isEmpty())
-                        aType = "XAdES";
-                    else
-                        aType = "XML-DSig";
-                }
+            }
+            else if (!rInfo.ouGpgCertificate.isEmpty())
+            {
+                // In case we don't have the gpg key locally, get some data from the document
+                aIssuer = rInfo.ouGpgOwner;
+            }
+
+            aDateTimeStr = XmlSec::GetDateTimeString( rInfo.stDateTime );
+            aDescription = rInfo.ouDescription;
+
+            // Decide type string.
+            if (maSignatureManager.mxStore.is())
+            {
+                // XML based: XAdES or not.
+                if (!rInfo.ouCertDigest.isEmpty())
+                    aType = "XAdES";
                 else
-                {
-                    // Assume PDF: PAdES or not.
-                    if (rInfo.bHasSigningCertificate)
-                        aType = "PAdES";
-                    else
-                        aType = "PDF";
-                }
+                    aType = "XML-DSig";
             }
+            else
+            {
+                // Assume PDF: PAdES or not.
+                if (rInfo.bHasSigningCertificate)
+                    aType = "PAdES";
+                else
+                    aType = "PDF";
+            }
+
             bSigValid = ( rInfo.nStatus == css::xml::crypto::SecurityOperationStatus_OPERATION_SUCCEEDED );
 
             if ( bSigValid )
diff --git a/xmlsecurity/source/helper/documentsignaturemanager.cxx b/xmlsecurity/source/helper/documentsignaturemanager.cxx
index 41f7e5594cf2..4718555d54c2 100644
--- a/xmlsecurity/source/helper/documentsignaturemanager.cxx
+++ b/xmlsecurity/source/helper/documentsignaturemanager.cxx
@@ -292,7 +292,7 @@ bool DocumentSignatureManager::add(const uno::Reference<security::XCertificate>&
         else
             SAL_WARN("xmlsecurity.helper", "XCertificate implementation without an xmlsecurity::Certificate one");
 
-        maSignatureHelper.SetGpgCertificate(nSecurityId, aKeyId, aStrBuffer.makeStringAndClear());
+        maSignatureHelper.SetGpgCertificate(nSecurityId, aKeyId, aStrBuffer.makeStringAndClear(), xCert->getIssuerName());
     }
     else
     {
diff --git a/xmlsecurity/source/helper/xmlsignaturehelper.cxx b/xmlsecurity/source/helper/xmlsignaturehelper.cxx
index 6242518ce4e1..0c18624aec5c 100644
--- a/xmlsecurity/source/helper/xmlsignaturehelper.cxx
+++ b/xmlsecurity/source/helper/xmlsignaturehelper.cxx
@@ -125,12 +125,14 @@ void XMLSignatureHelper::AddEncapsulatedX509Certificate(const OUString& ouEncaps
 
 void XMLSignatureHelper::SetGpgCertificate(sal_Int32 nSecurityId,
                                            const OUString& ouGpgCertDigest,
-                                           const OUString& ouGpgCert)
+                                           const OUString& ouGpgCert,
+                                           const OUString& ouGpgOwner)
 {
     mpXSecController->setGpgCertificate(
         nSecurityId,
         ouGpgCertDigest,
-        ouGpgCert);
+        ouGpgCert,
+        ouGpgOwner);
 }
 
 void XMLSignatureHelper::SetDateTime( sal_Int32 nSecurityId, const ::Date& rDate, const tools::Time& rTime )
diff --git a/xmlsecurity/source/helper/xsecctl.cxx b/xmlsecurity/source/helper/xsecctl.cxx
index ffadd0584692..d85c39dbf974 100644
--- a/xmlsecurity/source/helper/xsecctl.cxx
+++ b/xmlsecurity/source/helper/xsecctl.cxx
@@ -747,6 +747,13 @@ void XSecController::exportSignature(
                         xDocumentHandler->characters( signatureInfo.ouGpgCertificate );
                         xDocumentHandler->endElement( "PGPKeyPacket" );
                     }
+
+                    /* Write PGPOwner element */
+                    xDocumentHandler->startElement(
+                        "PGPOwner",
+                        cssu::Reference< cssxs::XAttributeList > (new SvXMLAttributeList()));
+                    xDocumentHandler->characters( signatureInfo.ouGpgOwner );
+                    xDocumentHandler->endElement( "PGPOwner" );
                 }
                 xDocumentHandler->endElement( "PGPData" );
             }
diff --git a/xmlsecurity/source/helper/xsecparser.cxx b/xmlsecurity/source/helper/xsecparser.cxx
index 6c402e73e0cb..1c1098c37261 100644
--- a/xmlsecurity/source/helper/xsecparser.cxx
+++ b/xmlsecurity/source/helper/xsecparser.cxx
@@ -37,6 +37,7 @@ XSecParser::XSecParser(XMLSignatureHelper& rXMLSignatureHelper,
     , m_bInX509Certificate(false)
     , m_bInGpgCertificate(false)
     , m_bInGpgKeyID(false)
+    , m_bInGpgOwner(false)
     , m_bInCertDigest(false)
     , m_bInEncapsulatedX509Certificate(false)
     , m_bInSigningTime(false)
@@ -74,6 +75,7 @@ void SAL_CALL XSecParser::startDocument(  )
     m_bInX509Certificate = false;
     m_bInGpgCertificate = false;
     m_bInGpgKeyID = false;
+    m_bInGpgOwner = false;
     m_bInSignatureValue = false;
     m_bInDigestValue = false;
     m_bInDate = false;
@@ -194,6 +196,11 @@ void SAL_CALL XSecParser::startElement(
             m_ouGpgCertificate.clear();
             m_bInGpgCertificate = true;
         }
+        else if (aName == "PGPOwner")
+        {
+            m_ouGpgOwner.clear();
+            m_bInGpgOwner = true;
+        }
         else if (aName == "SignatureValue")
         {
             m_ouSignatureValue.clear();
@@ -317,6 +324,11 @@ void SAL_CALL XSecParser::endElement( const OUString& aName )
             m_pXSecController->setGpgCertificate( m_ouGpgCertificate );
             m_bInGpgCertificate = false;
         }
+        else if (aName == "PGPOwner")
+        {
+            m_pXSecController->setGpgOwner( m_ouGpgOwner );
+            m_bInGpgOwner = false;
+        }
         else if (aName == "xd:CertDigest")
         {
             m_pXSecController->setCertDigest( m_ouCertDigest );
@@ -388,6 +400,10 @@ void SAL_CALL XSecParser::characters( const OUString& aChars )
     {
         m_ouGpgKeyID += aChars;
     }
+    else if (m_bInGpgOwner)
+    {
+        m_ouGpgOwner += aChars;
+    }
     else if (m_bInSignatureValue)
     {
         m_ouSignatureValue += aChars;
diff --git a/xmlsecurity/source/helper/xsecparser.hxx b/xmlsecurity/source/helper/xsecparser.hxx
index dd4d0c83c1e6..6056de4491f3 100644
--- a/xmlsecurity/source/helper/xsecparser.hxx
+++ b/xmlsecurity/source/helper/xsecparser.hxx
@@ -59,6 +59,7 @@ private:
     OUString m_ouX509Certificate;
     OUString m_ouGpgCertificate;
     OUString m_ouGpgKeyID;
+    OUString m_ouGpgOwner;
     OUString m_ouCertDigest;
     OUString m_ouEncapsulatedX509Certificate;
     OUString m_ouDigestValue;
@@ -75,6 +76,7 @@ private:
     bool m_bInX509Certificate;
     bool m_bInGpgCertificate;
     bool m_bInGpgKeyID;
+    bool m_bInGpgOwner;
     bool m_bInCertDigest;
     bool m_bInEncapsulatedX509Certificate;
     bool m_bInSigningTime;
diff --git a/xmlsecurity/source/helper/xsecsign.cxx b/xmlsecurity/source/helper/xsecsign.cxx
index 452613b4d10b..278eba79f8af 100644
--- a/xmlsecurity/source/helper/xsecsign.cxx
+++ b/xmlsecurity/source/helper/xsecsign.cxx
@@ -242,7 +242,8 @@ void XSecController::setX509Certificate(
 void XSecController::setGpgCertificate(
         sal_Int32 nSecurityId,
         const OUString& ouCertDigest,
-        const OUString& ouCert)
+        const OUString& ouCert,
+        const OUString& ouOwner)
 {
     int index = findSignatureInfor( nSecurityId );
 
@@ -250,6 +251,7 @@ void XSecController::setGpgCertificate(
     {
         InternalSignatureInformation isi(nSecurityId, nullptr);
         isi.signatureInfor.ouGpgCertificate = ouCert;
+        isi.signatureInfor.ouGpgOwner = ouOwner;
         isi.signatureInfor.ouCertDigest = ouCertDigest;
         m_vInternalSignatureInformations.push_back( isi );
     }
@@ -258,6 +260,7 @@ void XSecController::setGpgCertificate(
         SignatureInformation &si
             = m_vInternalSignatureInformations[index].signatureInfor;
         si.ouGpgCertificate = ouCert;
+        si.ouGpgOwner = ouOwner;
         si.ouCertDigest = ouCertDigest;
     }
 }
diff --git a/xmlsecurity/source/helper/xsecverify.cxx b/xmlsecurity/source/helper/xsecverify.cxx
index ab2a8dec6100..ff0416ddd28c 100644
--- a/xmlsecurity/source/helper/xsecverify.cxx
+++ b/xmlsecurity/source/helper/xsecverify.cxx
@@ -292,6 +292,17 @@ void XSecController::setGpgCertificate( OUString& ouGpgCert )
     isi.signatureInfor.ouGpgCertificate = ouGpgCert;
 }
 
+void XSecController::setGpgOwner( OUString& ouGpgOwner )
+{
+    if (m_vInternalSignatureInformations.empty())
+    {
+        SAL_INFO("xmlsecurity.helper","XSecController::setGpgOwner: no signature");
+        return;
+    }
+    InternalSignatureInformation &isi = m_vInternalSignatureInformations.back();
+    isi.signatureInfor.ouGpgOwner = ouGpgOwner;
+}
+
 void XSecController::setDate( OUString& ouDate )
 {
     if (m_vInternalSignatureInformations.empty())


More information about the Libreoffice-commits mailing list