[Libreoffice-commits] core.git: Branch 'libreoffice-5-4' - xmlsecurity/inc xmlsecurity/source
Samuel Mehrbrodt
Samuel.Mehrbrodt at cib.de
Wed Jun 28 08:09:59 UTC 2017
xmlsecurity/inc/documentsignaturehelper.hxx | 3 ++
xmlsecurity/source/dialogs/digitalsignaturesdialog.cxx | 5 +++-
xmlsecurity/source/helper/documentsignaturehelper.cxx | 19 +++++++++++++++++
xmlsecurity/source/helper/documentsignaturemanager.cxx | 1
4 files changed, 26 insertions(+), 2 deletions(-)
New commits:
commit 8b9f00fced21014bed6695b962084c8af0249dbc
Author: Samuel Mehrbrodt <Samuel.Mehrbrodt at cib.de>
Date: Mon Jun 26 12:32:48 2017 +0200
tdf#108711 GPG key selection should only be possible for ODF >= 1.2 documents
gpg4libre
Change-Id: I6dbdaefddacf55c9381d156ada20cb3f25d4b3cb
Reviewed-on: https://gerrit.libreoffice.org/39263
Tested-by: Jenkins <ci at libreoffice.org>
Reviewed-by: Samuel Mehrbrodt <Samuel.Mehrbrodt at cib.de>
(cherry picked from commit e2378bbf4539455e445205ad868c43246ec423ed)
Reviewed-on: https://gerrit.libreoffice.org/39287
Reviewed-by: Thorsten Behrens <Thorsten.Behrens at CIB.de>
diff --git a/xmlsecurity/inc/documentsignaturehelper.hxx b/xmlsecurity/inc/documentsignaturehelper.hxx
index c2b5b85e34a2..a8f3cb1f5d40 100644
--- a/xmlsecurity/inc/documentsignaturehelper.hxx
+++ b/xmlsecurity/inc/documentsignaturehelper.hxx
@@ -81,6 +81,9 @@ namespace DocumentSignatureHelper
DocumentSignatureAlgorithm getDocumentAlgorithm(
const OUString & sODFVersion, const SignatureInformation & sigInfo);
+ bool CanSignWithGPG(const css::uno::Reference < css::embed::XStorage >& rxStore,
+ const OUString& sOdfVersion);
+
bool checkIfAllFilesAreSigned( const ::std::vector< OUString > & sElementList,
const SignatureInformation & sigInfo, const DocumentSignatureAlgorithm alg);
diff --git a/xmlsecurity/source/dialogs/digitalsignaturesdialog.cxx b/xmlsecurity/source/dialogs/digitalsignaturesdialog.cxx
index 5f4464b8b957..2b950e62777e 100644
--- a/xmlsecurity/source/dialogs/digitalsignaturesdialog.cxx
+++ b/xmlsecurity/source/dialogs/digitalsignaturesdialog.cxx
@@ -25,6 +25,7 @@
#include <com/sun/star/embed/XStorage.hpp>
#include <com/sun/star/embed/ElementModes.hpp>
+#include <com/sun/star/embed/StorageFormats.hpp>
#include <com/sun/star/container/XNameAccess.hpp>
#include <com/sun/star/lang/XComponent.hpp>
#include <com/sun/star/security/NoPasswordException.hpp>
@@ -400,7 +401,9 @@ IMPL_LINK_NOARG(DigitalSignaturesDialog, AddButtonHdl, Button*, void)
{
std::vector<uno::Reference<xml::crypto::XXMLSecurityContext>> xSecContexts;
xSecContexts.push_back(maSignatureManager.getSecurityContext());
- xSecContexts.push_back(maSignatureManager.getGpgSecurityContext());
+ // Gpg signing is only possible with ODF >= 1.2 documents
+ if (DocumentSignatureHelper::CanSignWithGPG(maSignatureManager.mxStore, m_sODFVersion))
+ xSecContexts.push_back(maSignatureManager.getGpgSecurityContext());
ScopedVclPtrInstance< CertificateChooser > aChooser( this, mxCtx, xSecContexts );
if ( aChooser->Execute() == RET_OK )
diff --git a/xmlsecurity/source/helper/documentsignaturehelper.cxx b/xmlsecurity/source/helper/documentsignaturehelper.cxx
index 1d8d1c0d72cb..a8b355116ff3 100644
--- a/xmlsecurity/source/helper/documentsignaturehelper.cxx
+++ b/xmlsecurity/source/helper/documentsignaturehelper.cxx
@@ -408,6 +408,25 @@ SignatureStreamHelper DocumentSignatureHelper::OpenSignatureStream(
return aHelper;
}
+/** Check whether the current file can be signed with GPG (only ODF >= 1.2 can currently) */
+bool DocumentSignatureHelper::CanSignWithGPG(
+ const Reference < css::embed::XStorage >& rxStore,
+ const OUString& sOdfVersion)
+{
+ uno::Reference<container::XNameAccess> xNameAccess(rxStore, uno::UNO_QUERY);
+ if (!xNameAccess.is())
+ throw RuntimeException();
+
+ if (xNameAccess->hasByName("META-INF")) // ODF
+ {
+ return !isODFPre_1_2(sOdfVersion);
+ }
+
+ return false;
+}
+
+
+
//sElementList contains all files which are expected to be signed. Only those files must me signed,
//no more, no less.
//The DocumentSignatureAlgorithm indicates if the document was created with OOo 2.x. Then
diff --git a/xmlsecurity/source/helper/documentsignaturemanager.cxx b/xmlsecurity/source/helper/documentsignaturemanager.cxx
index ee863e4c2530..41f7e5594cf2 100644
--- a/xmlsecurity/source/helper/documentsignaturemanager.cxx
+++ b/xmlsecurity/source/helper/documentsignaturemanager.cxx
@@ -269,7 +269,6 @@ bool DocumentSignatureManager::add(const uno::Reference<security::XCertificate>&
if (xServiceInfo->getImplementationName() == "com.sun.star.xml.security.gpg.XMLSecurityContext_GpgImpl")
{
// GPG keys only really have PGPKeyId and PGPKeyPacket
- // TODO: prevent selection of gpg keys for pdfs and ooxml early on!
if (!mxStore.is())
{
SAL_WARN("xmlsecurity.helper", "cannot sign pdfs with GPG keys");
More information about the Libreoffice-commits
mailing list