[Libreoffice-commits] core.git: xmlsecurity/source
Samuel Mehrbrodt
Samuel.Mehrbrodt at cib.de
Wed Jun 28 07:39:52 UTC 2017
xmlsecurity/source/dialogs/digitalsignaturesdialog.cxx | 2 +-
xmlsecurity/source/gpg/SecurityEnvironment.cxx | 14 ++++++++++----
xmlsecurity/source/gpg/SecurityEnvironment.hxx | 3 ++-
3 files changed, 13 insertions(+), 6 deletions(-)
New commits:
commit 0d7b437260ec991ee70769e7fb1002973e431f12
Author: Samuel Mehrbrodt <Samuel.Mehrbrodt at cib.de>
Date: Tue Jun 27 16:33:59 2017 +0200
tdf#108794 gpg4libre: Use key id to get the right key
Change-Id: I5950d192e19e652cbb7680db426bfbd28907a1cb
Reviewed-on: https://gerrit.libreoffice.org/39308
Tested-by: Jenkins <ci at libreoffice.org>
Reviewed-by: Samuel Mehrbrodt <Samuel.Mehrbrodt at cib.de>
diff --git a/xmlsecurity/source/dialogs/digitalsignaturesdialog.cxx b/xmlsecurity/source/dialogs/digitalsignaturesdialog.cxx
index 6f6ea28a40d1..5cb148db7aa1 100644
--- a/xmlsecurity/source/dialogs/digitalsignaturesdialog.cxx
+++ b/xmlsecurity/source/dialogs/digitalsignaturesdialog.cxx
@@ -687,7 +687,7 @@ uno::Reference<security::XCertificate> DigitalSignaturesDialog::getCertificate(c
if (!xCert.is())
xCert = xSecEnv->getCertificate( rInfo.ouX509IssuerName, xmlsecurity::numericStringToBigInteger( rInfo.ouX509SerialNumber ) );
if (!xCert.is())
- xCert = xGpgSecEnv->getCertificate( rInfo.ouX509IssuerName, xmlsecurity::numericStringToBigInteger( rInfo.ouX509SerialNumber ) );
+ xCert = xGpgSecEnv->getCertificate( rInfo.ouGpgKeyID, xmlsecurity::numericStringToBigInteger("") );
SAL_WARN_IF( !xCert.is(), "xmlsecurity.dialogs", "Certificate not found and can't be created!" );
diff --git a/xmlsecurity/source/gpg/SecurityEnvironment.cxx b/xmlsecurity/source/gpg/SecurityEnvironment.cxx
index 37abf31111a1..45c89f1545d0 100644
--- a/xmlsecurity/source/gpg/SecurityEnvironment.cxx
+++ b/xmlsecurity/source/gpg/SecurityEnvironment.cxx
@@ -16,6 +16,7 @@
#include <key.h>
#include <keylistresult.h>
+#include "xmlsec-wrapper.h"
using namespace css;
using namespace css::security;
@@ -97,18 +98,23 @@ Sequence< Reference < XCertificate > > SecurityEnvironmentGpg::getPersonalCertif
return xCertificateSequence;
}
-Reference< XCertificate > SecurityEnvironmentGpg::getCertificate( const OUString& issuerName, const Sequence< sal_Int8 >& /*serialNumber*/ )
+Reference< XCertificate > SecurityEnvironmentGpg::getCertificate( const OUString& keyId, const Sequence< sal_Int8 >& /*serialNumber*/ )
{
CertificateImpl* xCert=nullptr;
+ //xmlChar* pSignatureValue=xmlNodeGetContent(cur);
+ OString ostr = OUStringToOString( keyId , RTL_TEXTENCODING_UTF8 );
+ const xmlChar* strKeyId = reinterpret_cast<const xmlChar*>(ostr.getStr());
+ if(xmlSecBase64Decode(strKeyId, const_cast<xmlSecByte*>(strKeyId), xmlStrlen(strKeyId)) < 0)
+ throw RuntimeException("Base64 decode failed");
+
m_ctx->setKeyListMode(GPGME_KEYLIST_MODE_LOCAL);
- OString ostr = OUStringToOString( issuerName , RTL_TEXTENCODING_UTF8 );
- GpgME::Error err = m_ctx->startKeyListing(ostr.getStr(), true);
+ GpgME::Error err = m_ctx->startKeyListing("", true);
while (!err) {
GpgME::Key k = m_ctx->nextKey(err);
if (err)
break;
- if (!k.isInvalid()) {
+ if (!k.isInvalid() && strcmp(k.keyID(), reinterpret_cast<const char*>(strKeyId)) == 0) {
xCert = new CertificateImpl();
xCert->setCertificate(m_ctx.get(), k);
m_ctx->endKeyListing();
diff --git a/xmlsecurity/source/gpg/SecurityEnvironment.hxx b/xmlsecurity/source/gpg/SecurityEnvironment.hxx
index 66d79bb8643e..2af512bc746b 100644
--- a/xmlsecurity/source/gpg/SecurityEnvironment.hxx
+++ b/xmlsecurity/source/gpg/SecurityEnvironment.hxx
@@ -55,7 +55,8 @@ public:
virtual css::uno::Sequence< css::uno::Reference< css::security::XCertificate > > SAL_CALL getPersonalCertificates() override;
- virtual css::uno::Reference< css::security::XCertificate > SAL_CALL getCertificate( const OUString& issuerName, const css::uno::Sequence< sal_Int8 >& serialNumber ) override;
+ /** We reinterpret the first parameter (originally issuerName) as keyId. We have no other way to identify a gpg key. */
+ virtual css::uno::Reference< css::security::XCertificate > SAL_CALL getCertificate( const OUString& keyId, const css::uno::Sequence< sal_Int8 >& serialNumber ) override;
virtual css::uno::Sequence< css::uno::Reference< css::security::XCertificate > > SAL_CALL buildCertificatePath(
const css::uno::Reference< css::security::XCertificate >& beginCert ) override;
More information about the Libreoffice-commits
mailing list