[Libreoffice-commits] core.git: Branch 'libreoffice-5-4-0' - xmlsecurity/source

Samuel Mehrbrodt Samuel.Mehrbrodt at cib.de
Mon Jul 17 20:42:57 UTC 2017 

 xmlsecurity/source/component/documentdigitalsignatures.cxx |   56 ++++++-------
 xmlsecurity/source/gpg/SecurityEnvironment.cxx             |   18 +++-
 2 files changed, 43 insertions(+), 31 deletions(-)

New commits:
commit dfcb7895f61243f1e0f21c25bbdf815d8a9976a0
Author: Samuel Mehrbrodt <Samuel.Mehrbrodt at cib.de>
Date:   Fri Jul 14 15:48:57 2017 +0200

    gpg4libre: Show whether pgp keys are trusted or not
    
    Owner trust levels considered valid keys:
      Marginal
      Full
      Ultimate
    
    Owner trust levels considered invalid keys:
      Unkown
      Undefined
      Never
    
    Change-Id: I7338b587acfd105ca24e40b45960cea8d2c04ded
    Reviewed-on: https://gerrit.libreoffice.org/39958
    Reviewed-by: Vasily Melenchuk <vasily.melenchuk at cib.de>
    Reviewed-by: Thorsten Behrens <Thorsten.Behrens at CIB.de>
    Tested-by: Thorsten Behrens <Thorsten.Behrens at CIB.de>

diff --git a/xmlsecurity/source/component/documentdigitalsignatures.cxx b/xmlsecurity/source/component/documentdigitalsignatures.cxx
index 518b4acb1c93..b4445f3c6968 100644
--- a/xmlsecurity/source/component/documentdigitalsignatures.cxx
+++ b/xmlsecurity/source/component/documentdigitalsignatures.cxx
@@ -327,46 +327,44 @@ DocumentDigitalSignatures::ImplVerifySignatures(
             const SignatureInformation& rInfo = aSignInfos[n];
             css::security::DocumentSignatureInformation& rSigInfo = arInfos[n];
 
-            if (!rInfo.ouX509Certificate.isEmpty())
-               rSigInfo.Signer = xSecEnv->createCertificateFromAscii( rInfo.ouX509Certificate ) ;
-            if (!rSigInfo.Signer.is())
-                rSigInfo.Signer = xSecEnv->getCertificate( rInfo.ouX509IssuerName, xmlsecurity::numericStringToBigInteger( rInfo.ouX509SerialNumber ) );
-
-            // Time support again (#i38744#)
-            Date aDate( rInfo.stDateTime.Day, rInfo.stDateTime.Month, rInfo.stDateTime.Year );
-            tools::Time aTime( rInfo.stDateTime.Hours, rInfo.stDateTime.Minutes,
-                        rInfo.stDateTime.Seconds, rInfo.stDateTime.NanoSeconds );
-            rSigInfo.SignatureDate = aDate.GetDate();
-            rSigInfo.SignatureTime = aTime.GetTime();
-
-            // Verify certificate
-            //We have patched our version of libxmlsec, so that it does not verify the certificates. This has two
-            //reasons. First we want two separate status for signature and certificate. Second libxmlsec calls
-            //CERT_VerifyCertificate (Solaris, Linux) falsely, so that it always regards the certificate as valid.
-            //On Windows the checking of the certificate path is buggy. It does name matching (issuer, subject name)
-            //to find the parent certificate. It does not take into account that there can be several certificates
-            //with the same subject name.
-            if (rSigInfo.Signer.is())
+            if (rInfo.ouGpgCertificate.isEmpty()) // X.509
             {
+                if (!rInfo.ouX509Certificate.isEmpty())
+                    rSigInfo.Signer = xSecEnv->createCertificateFromAscii( rInfo.ouX509Certificate ) ;
+                if (!rSigInfo.Signer.is())
+                    rSigInfo.Signer = xSecEnv->getCertificate( rInfo.ouX509IssuerName,
+                                                               xmlsecurity::numericStringToBigInteger( rInfo.ouX509SerialNumber ) );
+
+                // Verify certificate
+                //We have patched our version of libxmlsec, so that it does not verify the certificates. This has two
+                //reasons. First we want two separate status for signature and certificate. Second libxmlsec calls
+                //CERT_VerifyCertificate (Solaris, Linux) falsely, so that it always regards the certificate as valid.
+                //On Windows the checking of the certificate path is buggy. It does name matching (issuer, subject name)
+                //to find the parent certificate. It does not take into account that there can be several certificates
+                //with the same subject name.
+
                 try {
                     rSigInfo.CertificateStatus = xSecEnv->verifyCertificate(rSigInfo.Signer,
-                        Sequence<Reference<css::security::XCertificate> >());
+                                                                            Sequence<Reference<css::security::XCertificate> >());
                 } catch (SecurityException& ) {
                     OSL_FAIL("Verification of certificate failed");
                     rSigInfo.CertificateStatus = css::security::CertificateValidity::INVALID;
                 }
             }
-            else
+            else // GPG
             {
-                //We should always be able to get the certificates because it is contained in the document,
-                //unless the document is damaged so that signature xml file could not be parsed.
-                rSigInfo.CertificateStatus =
-                    xGpgSecEnv->verifyCertificate(rSigInfo.Signer,
-                                                  Sequence<Reference<css::security::XCertificate> >());
-                // well - except for gpg signatures ...
-                //rSigInfo.CertificateStatus = css::security::CertificateValidity::INVALID;
+                rSigInfo.Signer = xGpgSecEnv->getCertificate( rInfo.ouGpgKeyID, xmlsecurity::numericStringToBigInteger("") );
+                rSigInfo.CertificateStatus = xGpgSecEnv->verifyCertificate(rSigInfo.Signer,
+                                                                           Sequence<Reference<css::security::XCertificate> >());
             }
 
+            // Time support again (#i38744#)
+            Date aDate( rInfo.stDateTime.Day, rInfo.stDateTime.Month, rInfo.stDateTime.Year );
+            tools::Time aTime( rInfo.stDateTime.Hours, rInfo.stDateTime.Minutes,
+                        rInfo.stDateTime.Seconds, rInfo.stDateTime.NanoSeconds );
+            rSigInfo.SignatureDate = aDate.GetDate();
+            rSigInfo.SignatureTime = aTime.GetTime();
+
             rSigInfo.SignatureIsValid = ( rInfo.nStatus == css::xml::crypto::SecurityOperationStatus_OPERATION_SUCCEEDED );
 
 
diff --git a/xmlsecurity/source/gpg/SecurityEnvironment.cxx b/xmlsecurity/source/gpg/SecurityEnvironment.cxx
index e910ee50b2ad..6cf0c10de932 100644
--- a/xmlsecurity/source/gpg/SecurityEnvironment.cxx
+++ b/xmlsecurity/source/gpg/SecurityEnvironment.cxx
@@ -142,10 +142,24 @@ Reference< XCertificate > SecurityEnvironmentGpg::createCertificateFromAscii( co
     return nullptr;
 }
 
-sal_Int32 SecurityEnvironmentGpg::verifyCertificate( const Reference< XCertificate >& /*aCert*/,
+sal_Int32 SecurityEnvironmentGpg::verifyCertificate( const Reference< XCertificate >& aCert,
                                                   const Sequence< Reference< XCertificate > >&  /*intermediateCerts*/ )
 {
-    return 0;
+    const CertificateImpl* xCert = dynamic_cast<CertificateImpl*>(aCert.get());
+    if (xCert == nullptr) {
+         // Can't find the key locally -> unknown owner
+        return security::CertificateValidity::ISSUER_UNKNOWN;
+    }
+
+    const GpgME::Key* key = xCert->getCertificate();
+    if (key->ownerTrust() == GpgME::Key::OwnerTrust::Marginal ||
+        key->ownerTrust() == GpgME::Key::OwnerTrust::Full ||
+        key->ownerTrust() == GpgME::Key::OwnerTrust::Ultimate)
+    {
+        return security::CertificateValidity::VALID;
+    }
+
+    return security::CertificateValidity::ISSUER_UNTRUSTED;
 }
 
 sal_Int32 SecurityEnvironmentGpg::getCertificateCharacters(

More information about the Libreoffice-commits mailing list