[Libreoffice-commits] core.git: Branch 'distro/collabora/cp-6.0' - 6 commits - desktop/qa desktop/source sfx2/source xmlsecurity/source
Libreoffice Gerrit user
logerrit at kemper.freedesktop.org
Sat Dec 1 17:37:09 UTC 2018
desktop/qa/data/test-PK-signing.pem | 28 +++++
desktop/qa/data/test-cert-chain-1.pem | 24 ++++
desktop/qa/data/test-cert-chain-2.pem | 26 ++++
desktop/qa/data/test-cert-chain-3.pem | 23 ++++
desktop/qa/data/test-cert-signing.pem | 23 ++++
desktop/qa/desktop_lib/test_desktop_lib.cxx | 87 +++++++++++++++
desktop/source/lib/init.cxx | 94 +++++++++++++++--
sfx2/source/doc/guisaveas.cxx | 5
xmlsecurity/source/helper/documentsignaturemanager.cxx | 7 -
xmlsecurity/source/xmlsec/nss/xmlsignature_nssimpl.cxx | 16 +-
10 files changed, 313 insertions(+), 20 deletions(-)
New commits:
commit c0b2e7697d9647199d489a838d4fabc543264094
Author: Tomaž Vajngerl <tomaz.vajngerl at collabora.co.uk>
AuthorDate: Fri Nov 30 11:48:50 2018 +0100
Commit: Tomaž Vajngerl <tomaz.vajngerl at collabora.co.uk>
CommitDate: Sat Dec 1 18:32:30 2018 +0100
convert to range for
Change-Id: I3558010129eaafdab94ca3f8a63abeda32318fbb
Reviewed-on: https://gerrit.libreoffice.org/64336
Tested-by: Jenkins
Reviewed-by: Tomaž Vajngerl <quikee at gmail.com>
(cherry picked from commit bb8c2b1cbf7a9eb56b1515f60a2aadbef24199a2)
diff --git a/xmlsecurity/source/helper/documentsignaturemanager.cxx b/xmlsecurity/source/helper/documentsignaturemanager.cxx
index 218360d2f60c..c65b73c3b85d 100644
--- a/xmlsecurity/source/helper/documentsignaturemanager.cxx
+++ b/xmlsecurity/source/helper/documentsignaturemanager.cxx
@@ -355,11 +355,10 @@ bool DocumentSignatureManager::add(const uno::Reference<security::XCertificate>&
std::vector< OUString > aElements = DocumentSignatureHelper::CreateElementList(mxStore, meSignatureMode, DocumentSignatureAlgorithm::OOo3_2);
DocumentSignatureHelper::AppendContentTypes(mxStore, aElements);
- sal_Int32 nElements = aElements.size();
- for (sal_Int32 n = 0; n < nElements; n++)
+ for (OUString const& rUri : aElements)
{
- bool bBinaryMode = !isXML(aElements[n]);
- maSignatureHelper.AddForSigning(nSecurityId, aElements[n], bBinaryMode, bAdESCompliant);
+ bool bBinaryMode = !isXML(rUri);
+ maSignatureHelper.AddForSigning(nSecurityId, rUri, bBinaryMode, bAdESCompliant);
}
maSignatureHelper.SetDateTime(nSecurityId, Date(Date::SYSTEM), tools::Time(tools::Time::SYSTEM));
commit 33c795b3d42e0c6e8ff2214838c8da35bfceddfb
Author: Tomaž Vajngerl <tomaz.vajngerl at collabora.co.uk>
AuthorDate: Thu Nov 29 22:09:07 2018 +0100
Commit: Tomaž Vajngerl <tomaz.vajngerl at collabora.co.uk>
CommitDate: Sat Dec 1 18:32:14 2018 +0100
test signing with certificate chain and private key in PEM format
Change-Id: If3b121e44ceec8be668820a7e8a9e35c15d547ff
Reviewed-on: https://gerrit.libreoffice.org/64295
Tested-by: Jenkins
Reviewed-by: Tomaž Vajngerl <quikee at gmail.com>
(cherry picked from commit 07e586574d5f0255ade1fe4305d56730dd7ae4c7)
diff --git a/desktop/qa/data/test-PK-signing.pem b/desktop/qa/data/test-PK-signing.pem
new file mode 100644
index 000000000000..eabbaae18c10
--- /dev/null
+++ b/desktop/qa/data/test-PK-signing.pem
@@ -0,0 +1,28 @@
+-----BEGIN PRIVATE KEY-----
+MIIEvAIBADANBgkqhkiG9w0BAQEFAASCBKYwggSiAgEAAoIBAQC/x1dyX2PgJs6o
+e/BcBT5XTJXtipme29mtI/FmTq5vuAFopqvAEg084hNM7Q++wKyKG8F0ABF2pUOY
+vo6Pq6rXQqMbxUaO47NNefh4v/f6hBoMfSYmXtEPji8NjIcIrQ3U8yTWquaHi13h
+coG/cVf16Doem5AxUdQ6a9e/jA1VU2MmSZxthkABKPWdw1pfFJDLWhFrCjhePKrB
+xw2ArmNx66fdzpi5XK0fC2TbHD2NVc8cbYOzF4h3knGZo2sq4/MBevyVhzXZNn2P
+jf3PbOxp1O8CLx86MuDTLDkSVjmP0yXBf6rLFMWtEfv1Jmf3I61meIuOcw6wvXRK
+zPnAKpLRAgMBAAECggEAFQU1JooiGQg9OpEV0ArwbFfZTxy+qH+Rz70oJn3qohWE
+bK4SwTi5TrpmQdZHatxqN7EXIS8out0ebaLlXrCtnG6SEOcsoVjVPGFpb1ggnCAt
+TWp3lgO/3SPz2wOo1rXxKtguaivNR39qc4g+LyJYm9GFHU8RHPbKe6TPvw+2HmtB
+Qr2dfwgN+JJ/lBTIE0lUVuGcBcCRxbM6aG3WVpVrWcsGwRekcuuy9xrv+6fd1p2E
+7zdM0/18+tnCWF9kCO6ot+spKJGTKqiuaKrSB54gFnDEgjQKIW7lUuOcXKI8vOZb
+yO3owLE4mlNbE9sv8gPKoMXf2d6wzMRA6wBdaqOlKQKBgQD1XhyNDTpCoqcO82KY
+YCJOZ6d1jH27XhHplfmrYDlQuWiuJ/b3ckq5Pqw5J5pRO19tvb4RSonYtmOcLajR
+CkQtHapeH8mUzGsE/tgauB4KoZ1sVhzsag0Ill44P5/5oBlzhRrvJ7L80qlHn8xC
+a4Tzk5t0tWbCS6K3/rqvil0hXwKBgQDIFsMoujc8hW5jyC6rO41elWEDVmPs5P+5
+RYxH5+uVeByyz2R86CAFmHUn/1nD47KKouNhwU4Anf5lA8JHh9rNVF07a2dAfH1o
+yfkBGz8d3xb5hq3ahVGg9WyMRyfczGGA19uJrQ19dY4G4B4FPPz0J6oOnNkTFaQ9
+Bks/k/fJzwKBgGSBqVZJzcyPzbh9D6z06/iL0vd+ld4TGWlCKqP9ZVzgpbV431va
+sCsTNf6vbzHJDTzplRqGGtLvWvwVY+pEt0p3tVqa0LqnxUqljSXct0mJi+9dkrlw
+c2hKF8wYm9Hnt6UvJ6pA67tOG1MgbM3kNvCDTRFQYQhDbSLLL/NJzP4nAoGAJqhv
+MFE6FtFY0KJ+kcrBt4J46eIpED32Ql9ziPkABTLdqJZ1PcTDWxFnoUCuoTA+8JYk
+BGEKpwfffLjLMnLHDWC9WpuXqVfkCvjqyRHwkd7mW3Nv54ZWjRidzkR5KSm7tN7/
+pYvvzUuHE0D9y9lKrglzy7r2Hb/SqY+rvi7icvUCgYADV2kkky++OmCVLkEg3WUf
+SJkF6jUAVMqlMdjTbySEfCJbxpVwRAiUWWlDD07c5HCBEASi6/NSn06MDb9Fvxo0
+a3m24Aa2c+K4ENj+bj453gdxhtvpeyfSRK+gBEP64iBG92UFJjcwHz5kFCzppPuP
+p+ZtA6JAnV6QPT1EixAOCA==
+-----END PRIVATE KEY-----
diff --git a/desktop/qa/data/test-cert-chain-1.pem b/desktop/qa/data/test-cert-chain-1.pem
new file mode 100644
index 000000000000..3a3407caf613
--- /dev/null
+++ b/desktop/qa/data/test-cert-chain-1.pem
@@ -0,0 +1,24 @@
+-----BEGIN CERTIFICATE-----
+MIID+zCCAuOgAwIBAgIUaS0j9S5ZbREDcPMsLlfFE0+oUE0wDQYJKoZIhvcNAQEL
+BQAwajELMAkGA1UEBhMCQ0gxDDAKBgNVBAgMA1p1ZzEMMAoGA1UEBwwDWnVnMRMw
+EQYDVQQKDApWZXJlaWduIEFHMRUwEwYDVQQLDAxCdXNzaW5lcyBEZXAxEzARBgNV
+BAMMCnZlcmVpZ24tY2EwHhcNMTgxMTI0MDAwMDAwWhcNMjMxMjE4MjM1OTU5WjCB
+jzELMAkGA1UEBhMCQ0gxDDAKBgNVBAgTA1p1ZzEMMAoGA1UEBxMDWnVnMRMwEQYD
+VQQKEwpWZXJlaWduIEFHMRUwEwYDVQQLEwxCdXNpbmVzcyBEZXAxODA2BgNVBAMT
+L2YxZmUxZGJhLWZiMDUtNDk5Ni04Zjk1LWE4MTQyMjE5OGRiOS1zZXJ2ZXJzaWRl
+MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzE7WuIkjvhWceJGwLoYN
+2+huR47jlqqb0ez5VMGuZqK8qn1uf0PB6j/OW9B0cdBs65nBTL2CrkZncKov5g/i
+yZADuiezqBtEUr6J74oRBVPWV+e9iNr3M2FMtG/lkpYDpkvNziibMLE4kyhgbbRd
+Q0OHz55mk4Wn3CYAA/a7zhMgCjvT+wPuLXJjLje+2bB4rMv/USlnTN3DINx4i/Vt
+klNNtK5NSaxlkYf1QuyxXeHEJUufVuFY7sG4xZBhh75yUF7Z7836Oi1++DNeuWc/
+YOmsrfu1lqDfYNjb5IpOMz9x2HtmG6V3ETeKQX8GIs34qhG6zA9Up3JkSQsd9qTP
+1QIDAQABo3MwcTAOBgNVHQ8BAf8EBAMCAbYwDwYDVR0TAQH/BAUwAwEB/zAfBgNV
+HSMEGDAWgBQlN+K7lesKXsDZYQUu4zkqtNBwrjAaBgNVHREEEzARgg93d3cudmVy
+ZWlnbi5jb20wEQYDVR0gBAowCDAGBgRVHSAAMA0GCSqGSIb3DQEBCwUAA4IBAQAx
+86wXlw779hT3Jad4EfuozQycLw4lXLMiGdHuLdRGNdg6faK2p5qaJXFEd13pE/Qn
+AI2z5SpuYr2G3NYJsT3deXi8Yh58AsBSF5UY61xCgITXOW2NaB2gb6L7sL8Uau8i
+BE5yn0r0V6wD3gxG7yJRNPgH7ksELfN1b++BHdvkcodC1H4vHzl0mAJvYaNlPBhd
+LDnGU3GKhZ1r2pF+eXIW7n3BbAi/a7226Or4eTWEjc0footKJeJLfsG4HOcSj+Bi
+LKAeftebGRRsZzuL6tLTzoSiRsEn6Y6GOdxRM21Uu1rvtWmfDyNRuCcKZU8Secqy
+0s1uSGkNr+6wgcWqA+VQ
+-----END CERTIFICATE-----
diff --git a/desktop/qa/data/test-cert-chain-2.pem b/desktop/qa/data/test-cert-chain-2.pem
new file mode 100644
index 000000000000..a31db3f657ab
--- /dev/null
+++ b/desktop/qa/data/test-cert-chain-2.pem
@@ -0,0 +1,26 @@
+-----BEGIN CERTIFICATE-----
+MIIEdjCCA16gAwIBAgIEW7HqGDANBgkqhkiG9w0BAQsFADBqMQswCQYDVQQGEwJD
+SDEMMAoGA1UECAwDWnVnMQwwCgYDVQQHDANadWcxEzARBgNVBAoMClZlcmVpZ24g
+QUcxFTATBgNVBAsMDEJ1c3NpbmVzIERlcDETMBEGA1UEAwwKdmVyZWlnbi1jYTAe
+Fw0xODEwMDEwOTM0MTZaFw0xOTEwMDEwOTM0MTZaMGoxCzAJBgNVBAYTAkNIMQww
+CgYDVQQIDANadWcxDDAKBgNVBAcMA1p1ZzETMBEGA1UECgwKVmVyZWlnbiBBRzEV
+MBMGA1UECwwMQnVzc2luZXMgRGVwMRMwEQYDVQQDDAp2ZXJlaWduLWNhMIIBIjAN
+BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsfpPjrblQuxrHiSLAAyyDgRd66gY
+PRo7lgKZH5NYcBO9VhJNwnvV+fBIVeJI49b+a12TPHjRzJYrkaBAcUxMM8FkZ01A
+mv6JSG4o2ZXV+GWpnWzEJzt9ZXmNZ1MSUlqIGzVZ/eUlXIj4gy57+SZoJURcQGhs
+jpoRgUpYnFsDJk2x77jiOa5ym/N+8HKsOabASMU6VkbIFvUqf62RXWpnQlOhFjGo
+0jvheRGBWbaYKHM3/d+u78w4tmvHqGVDDbsuOluZ39p2jCic9S7CnDkauZB0Afd/
+xgQ0CglpAgY8g4cfMl2zwRmm616PtutqjcE/NoA2JEVN5vP9QZsuXeRpJwIDAQAB
+o4IBIjCCAR4wDwYDVR0TAQH/BAUwAwEB/zAOBgNVHQ8BAf8EBAMCAQYwLwYDVR0R
+BCgwJoIPd3d3LnZlcmVpZ24uY29tgRNjb250YWN0QHZlcmVpZ24uY29tMBEGA1Ud
+IAQKMAgwBgYEVR0gADCBlwYDVR0jBIGPMIGMgBQlN+K7lesKXsDZYQUu4zkqtNBw
+rqFupGwwajELMAkGA1UEBhMCQ0gxDDAKBgNVBAgMA1p1ZzEMMAoGA1UEBwwDWnVn
+MRMwEQYDVQQKDApWZXJlaWduIEFHMRUwEwYDVQQLDAxCdXNzaW5lcyBEZXAxEzAR
+BgNVBAMMCnZlcmVpZ24tY2GCBFux6hgwHQYDVR0OBBYEFCU34ruV6wpewNlhBS7j
+OSq00HCuMA0GCSqGSIb3DQEBCwUAA4IBAQCG3tf8/tuCNJXby4B7decDNE6bff40
+1ybO17kzekrKj0IO2TatFIG+UDlxDfm2iydEQVoPuRTAgmJD1aq5g4C0ZLyUqmOg
+75Dve6W9+zzxbdI711WKxH+uSj4mTRkFD4Tb7r3VZ1ZyZYnCOMIGB4/lqUK6Ok3a
+2v8XaFcxHt5XhrQtgqd5bBGokQfwYPNVZW9FwXf/8cd59prEOnqlMbZJ7copgwYO
+97abhpy2FUoRWtvDjDLLfdiFQhVY8meDcS/h5mw2aEugew8hnfSEaD5ZcbOf0ZQe
+MOVxKbIzSeUDAFyRY6BPpGVPuJD6QAXRMW6KIWiGoF1taKp5G/nzbzJC
+-----END CERTIFICATE-----
diff --git a/desktop/qa/data/test-cert-chain-3.pem b/desktop/qa/data/test-cert-chain-3.pem
new file mode 100644
index 000000000000..d02dbe0f6aa1
--- /dev/null
+++ b/desktop/qa/data/test-cert-chain-3.pem
@@ -0,0 +1,23 @@
+-----BEGIN CERTIFICATE-----
+MIID5zCCAs+gAwIBAgIU0Ar2t+Zp1ZC0Jx1An2HK+e+ghR0wDQYJKoZIhvcNAQEL
+BQAwgY8xCzAJBgNVBAYTAkNIMQwwCgYDVQQIEwNadWcxDDAKBgNVBAcTA1p1ZzET
+MBEGA1UEChMKVmVyZWlnbiBBRzEVMBMGA1UECxMMQnVzaW5lc3MgRGVwMTgwNgYD
+VQQDEy9mMWZlMWRiYS1mYjA1LTQ5OTYtOGY5NS1hODE0MjIxOThkYjktc2VydmVy
+c2lkZTAeFw0xODExMjMyMzAwMDBaFw0yMzExMjQyMjU5NTlaMIGGMYGDMDYGA1UE
+AxMvZjFmZTFkYmEtZmIwNS00OTk2LThmOTUtYTgxNDIyMTk4ZGI5LXVzZXJkZXZp
+Y2UwCQYDVQQGEwJDSDAKBgNVBAcTA1p1ZzAKBgNVBAgTA1p1ZzARBgNVBAoTClZl
+cmVpZ24gQUcwEwYDVQQLEwxCdXNpbmVzcyBEZXAwggEiMA0GCSqGSIb3DQEBAQUA
+A4IBDwAwggEKAoIBAQDFQ+2fHCdE9ksa/h0aMK/DHPdq3iGWHx6eFsG3yI7RSU/7
+IA/DPht7A4U/a4qw/8PqT9Df9CvNeURXDmIG1S4ZVn7oTlEua9Da5A+HByA6M4Vk
+4meDo/tY6hE8NZy25Q3l0dZvH34eocRe0xhjGajoUo6vGfzzQ+pQPerM1VivraVf
+EZva4b3rCN7XrZkzkBPjEZijLvlk1wKcG5R1teXlEMHiHKiIeECDXmBD406ngWlt
+KzlH2bXZYkfdBSoYXW2eyM/z0kJcY4M/75re0YGMRUPK6Cp1C4F+jIIv8np09bKS
+6lvr/niemJz0BPXapsLOWXsc0Gg9sPiMpwdNbjflAgMBAAGjQjBAMA4GA1UdDwEB
+/wQEAwIBhjAPBgNVHRMBAf8EBTADAQH/MB0GA1UdDgQWBBSdM4fK3wQY6/nXpgZL
+5Nl5udSGGjANBgkqhkiG9w0BAQsFAAOCAQEAe/6URI5GLBee3OJo00iHXCYMxOoX
+Bi2V6IC1zS6mQlRYDtzbUQAKJrxRVns2+wjeCqKetqSuZ00hM/ipCrnxwb/X0CKY
+4az9Mf9BycYnkmGNKzzskefIlUciaThdc0Ju6RVlCgFXX8vP9iMO3iQ9ET7JS4jB
+oRNFnMeyy4+HG1RwYivi1YjaPNkp7xd8Lqq56VULGY4dKZUieJceFXtYQZHuVgWo
+woAulOZH0IYqTv16tHxLovWGJaWpoMwgWo/c8sk8CfYF5vv9SMxcFnWwNooCRtWI
+HJzs/1zxXIFy9D49PcH0gwkPM66F8bPS8TMpHcyjRDF/TQFzu1JwVyFY0g==
+-----END CERTIFICATE-----
diff --git a/desktop/qa/data/test-cert-signing.pem b/desktop/qa/data/test-cert-signing.pem
new file mode 100644
index 000000000000..8f5c788b53a5
--- /dev/null
+++ b/desktop/qa/data/test-cert-signing.pem
@@ -0,0 +1,23 @@
+-----BEGIN CERTIFICATE-----
+MIID3zCCAsmgAwIBAgIUV/4FfTrYMHCb7AxAeI/zAHowUjQwCwYJKoZIhvcNAQEL
+MIGGMYGDMDYGA1UEAxMvZjFmZTFkYmEtZmIwNS00OTk2LThmOTUtYTgxNDIyMTk4
+ZGI5LXVzZXJkZXZpY2UwCQYDVQQGEwJDSDAKBgNVBAcTA1p1ZzAKBgNVBAgTA1p1
+ZzARBgNVBAoTClZlcmVpZ24gQUcwEwYDVQQLEwxCdXNpbmVzcyBEZXAwHhcNMTgx
+MTIzMjMwMDAwWhcNMjMxMTI0MjI1OTU5WjCBjjGBizA+BgNVBAMTNzNub2JKdk9n
+ZkstZjFmZTFkYmEtZmIwNS00OTk2LThmOTUtYTgxNDIyMTk4ZGI5LW9uZXRpbWUw
+CQYDVQQGEwJDSDAKBgNVBAcTA1p1ZzAKBgNVBAgTA1p1ZzARBgNVBAoTClZlcmVp
+Z24gQUcwEwYDVQQLEwxCdXNpbmVzcyBEZXAwggEiMA0GCSqGSIb3DQEBAQUAA4IB
+DwAwggEKAoIBAQC/x1dyX2PgJs6oe/BcBT5XTJXtipme29mtI/FmTq5vuAFopqvA
+Eg084hNM7Q++wKyKG8F0ABF2pUOYvo6Pq6rXQqMbxUaO47NNefh4v/f6hBoMfSYm
+XtEPji8NjIcIrQ3U8yTWquaHi13hcoG/cVf16Doem5AxUdQ6a9e/jA1VU2MmSZxt
+hkABKPWdw1pfFJDLWhFrCjhePKrBxw2ArmNx66fdzpi5XK0fC2TbHD2NVc8cbYOz
+F4h3knGZo2sq4/MBevyVhzXZNn2Pjf3PbOxp1O8CLx86MuDTLDkSVjmP0yXBf6rL
+FMWtEfv1Jmf3I61meIuOcw6wvXRKzPnAKpLRAgMBAAGjPzA9MAwGA1UdEwEB/wQC
+MAAwDgYDVR0PAQH/BAQDAgDwMB0GA1UdDgQWBBSjYCO+w2VQgpdkCvoHgdgZzOPz
+BTALBgkqhkiG9w0BAQsDggEBAD6MAP/l4jkJjIJinJ1uPuA6wOVBff1Beb6JV2jo
+ay1099VkFVHe/tEeyDcx2j+a2CSKsLdOoG/RjcBup3XsumxlqQS6r9GjZLwtNkxI
+nFNLqwv2PbXesSLTR1mjm/6BdcjGEgcxllkST2uYb8DMwbASNQT+rvmGy85b3D4m
+tk3scetFWozkfs+lRUql1dWf2aZTcN+IIZlSpxEZu+w1w8yMoDvVV0pCz49d7WIA
+RIXDE8QJpiAqszuCbqsNdAbr/pAyYzIAIfKKuteWaViesdY26pZfCe2JsfUTDWSi
+PDrFAlkbtB5LGYd4Tfliuvud6I/87GZsuWcCYoS4wXDkRS4=
+-----END CERTIFICATE-----
diff --git a/desktop/qa/desktop_lib/test_desktop_lib.cxx b/desktop/qa/desktop_lib/test_desktop_lib.cxx
index 57c89e134a97..057a228d2e6b 100644
--- a/desktop/qa/desktop_lib/test_desktop_lib.cxx
+++ b/desktop/qa/desktop_lib/test_desktop_lib.cxx
@@ -121,6 +121,7 @@ public:
void testGetSignatureState_NonSigned();
void testGetSignatureState_Signed();
void testInsertCertificate();
+ void testInsertCertificatePEM();
void testABI();
CPPUNIT_TEST_SUITE(DesktopLOKTest);
@@ -167,6 +168,7 @@ public:
CPPUNIT_TEST(testGetSignatureState_Signed);
CPPUNIT_TEST(testGetSignatureState_NonSigned);
CPPUNIT_TEST(testInsertCertificate);
+ CPPUNIT_TEST(testInsertCertificatePEM);
CPPUNIT_TEST(testABI);
CPPUNIT_TEST_SUITE_END();
@@ -2372,6 +2374,91 @@ void DesktopLOKTest::testInsertCertificate()
comphelper::LibreOfficeKit::setActive(false);
}
+
+void DesktopLOKTest::testInsertCertificatePEM()
+{
+ comphelper::LibreOfficeKit::setActive();
+
+ // Load the document, save it into a temp file and load that file again
+ LibLODocument_Impl* pDocument = loadDoc("blank_text.odt");
+ utl::TempFile aTempFile;
+ aTempFile.EnableKillingFile();
+ CPPUNIT_ASSERT(pDocument->pClass->saveAs(pDocument, aTempFile.GetURL().toUtf8().getStr(), "odt", nullptr));
+ closeDoc();
+
+ mxComponent = loadFromDesktop(aTempFile.GetURL(), "com.sun.star.text.TextDocument");
+ pDocument = new LibLODocument_Impl(mxComponent);
+
+ Scheduler::ProcessEventsToIdle();
+ CPPUNIT_ASSERT(mxComponent.is());
+ pDocument->m_pDocumentClass->initializeForRendering(pDocument, "{}");
+ Scheduler::ProcessEventsToIdle();
+
+ {
+ OUString aCertificateURL;
+ createFileURL("test-cert-chain-1.pem", aCertificateURL);
+ SvFileStream aCertificateStream(aCertificateURL, StreamMode::READ);
+ std::vector<unsigned char> aCertificate;
+ aCertificate.resize(aCertificateStream.remainingSize());
+ aCertificateStream.ReadBytes(aCertificate.data(), aCertificateStream.remainingSize());
+
+ bool bResult = pDocument->m_pDocumentClass->addCertificate(
+ pDocument, aCertificate.data(), int(aCertificate.size()));
+ CPPUNIT_ASSERT(bResult);
+ }
+
+ {
+ OUString aCertificateURL;
+ createFileURL("test-cert-chain-2.pem", aCertificateURL);
+ SvFileStream aCertificateStream(aCertificateURL, StreamMode::READ);
+ std::vector<unsigned char> aCertificate;
+ aCertificate.resize(aCertificateStream.remainingSize());
+ aCertificateStream.ReadBytes(aCertificate.data(), aCertificateStream.remainingSize());
+
+
+ bool bResult = pDocument->m_pDocumentClass->addCertificate(
+ pDocument, aCertificate.data(), int(aCertificate.size()));
+ CPPUNIT_ASSERT(bResult);
+ }
+
+ {
+ OUString aCertificateURL;
+ createFileURL("test-cert-chain-3.pem", aCertificateURL);
+ SvFileStream aCertificateStream(aCertificateURL, StreamMode::READ);
+ std::vector<unsigned char> aCertificate;
+ aCertificate.resize(aCertificateStream.remainingSize());
+ aCertificateStream.ReadBytes(aCertificate.data(), aCertificateStream.remainingSize());
+
+
+ bool bResult = pDocument->m_pDocumentClass->addCertificate(
+ pDocument, aCertificate.data(), int(aCertificate.size()));
+ CPPUNIT_ASSERT(bResult);
+ }
+
+ {
+ OUString aCertificateURL;
+ createFileURL("test-cert-signing.pem", aCertificateURL);
+ SvFileStream aCertificateStream(aCertificateURL, StreamMode::READ);
+ std::vector<unsigned char> aCertificate;
+ aCertificate.resize(aCertificateStream.remainingSize());
+ aCertificateStream.ReadBytes(aCertificate.data(), aCertificateStream.remainingSize());
+
+
+ OUString aPrivateKeyURL;
+ createFileURL("test-PK-signing.pem", aPrivateKeyURL);
+ SvFileStream aPrivateKeyStream(aPrivateKeyURL, StreamMode::READ);
+ std::vector<unsigned char> aPrivateKey;
+ aPrivateKey.resize(aPrivateKeyStream.remainingSize());
+ aPrivateKeyStream.ReadBytes(aPrivateKey.data(), aPrivateKeyStream.remainingSize());
+
+ bool bResult = pDocument->m_pDocumentClass->insertCertificate(pDocument,
+ aCertificate.data(), int(aCertificate.size()),
+ aPrivateKey.data(), int(aPrivateKey.size()));
+ CPPUNIT_ASSERT(bResult);
+ }
+
+ comphelper::LibreOfficeKit::setActive(false);
+}
namespace {
size_t documentClassOffset(int i)
commit a672bebd8d2b1355fa83d28a8a01eaa7c37c56a7
Author: Tomaž Vajngerl <tomaz.vajngerl at collabora.co.uk>
AuthorDate: Thu Nov 29 22:06:02 2018 +0100
Commit: Tomaž Vajngerl <tomaz.vajngerl at collabora.co.uk>
CommitDate: Sat Dec 1 18:31:47 2018 +0100
xmlsecurity: clean-up code a bit
Reviewed-on: https://gerrit.libreoffice.org/64294
Tested-by: Jenkins
Reviewed-by: Tomaž Vajngerl <quikee at gmail.com>
(cherry picked from commit 40d52cfe3b64e6bac035caed825486546bba5280)
Change-Id: I4a43f1f33f73919f56150310e7d05244d81b7510
diff --git a/xmlsecurity/source/xmlsec/nss/xmlsignature_nssimpl.cxx b/xmlsecurity/source/xmlsec/nss/xmlsignature_nssimpl.cxx
index 3389fd149086..6a44d20f7038 100644
--- a/xmlsecurity/source/xmlsec/nss/xmlsignature_nssimpl.cxx
+++ b/xmlsecurity/source/xmlsec/nss/xmlsignature_nssimpl.cxx
@@ -105,7 +105,7 @@ SAL_CALL XMLSignature_NssImpl::generate(
if( pSecEnv == nullptr )
throw RuntimeException() ;
- setErrorRecorder();
+ setErrorRecorder();
pMngr = pSecEnv->createKeysManager();
if( !pMngr ) {
@@ -271,14 +271,14 @@ OUString SAL_CALL XMLSignature_NssImpl::getImplementationName() {
}
/* XServiceInfo */
-sal_Bool SAL_CALL XMLSignature_NssImpl::supportsService( const OUString& serviceName) {
- Sequence< OUString > seqServiceNames = getSupportedServiceNames() ;
- const OUString* pArray = seqServiceNames.getConstArray() ;
- for( sal_Int32 i = 0 ; i < seqServiceNames.getLength() ; i ++ ) {
- if( *( pArray + i ) == serviceName )
- return true ;
+sal_Bool SAL_CALL XMLSignature_NssImpl::supportsService(const OUString& rServiceName)
+{
+ for (OUString const & rCurrentServiceName : getSupportedServiceNames())
+ {
+ if (rCurrentServiceName == rServiceName)
+ return true;
}
- return false ;
+ return false;
}
/* XServiceInfo */
commit 416ce6cca8cf1178239cfd603c4248e8ba044861
Author: Tomaž Vajngerl <tomaz.vajngerl at collabora.co.uk>
AuthorDate: Thu Nov 29 21:58:57 2018 +0100
Commit: Tomaž Vajngerl <tomaz.vajngerl at collabora.co.uk>
CommitDate: Sat Dec 1 18:30:35 2018 +0100
lokit: disable triggering of GUI when changing a signed doc
When a signed document is changed and saved, the dialog pops up
on the GUI to warn that the signature will be removed. When saving
over the lokit this dialog isn't shown and assumes that we don't
want to save (throws an exception) which means we can't save the
document ever. This changes the behavior so that we allow removal
of the signature and saving can proceed.
Reviewed-on: https://gerrit.libreoffice.org/64293
Tested-by: Jenkins
Reviewed-by: Tomaž Vajngerl <quikee at gmail.com>
(cherry picked from commit c2ee336288dcee103f297a55287fbca596a6c7a1)
Change-Id: I52e4a53f0cd3a326c767daee6301a78122af09d4
diff --git a/sfx2/source/doc/guisaveas.cxx b/sfx2/source/doc/guisaveas.cxx
index 522fea6935a7..956a03f30002 100644
--- a/sfx2/source/doc/guisaveas.cxx
+++ b/sfx2/source/doc/guisaveas.cxx
@@ -65,6 +65,7 @@
#include <comphelper/processfactory.hxx>
#include <comphelper/mimeconfighelper.hxx>
#include <vcl/layout.hxx>
+#include <comphelper/lok.hxx>
#include <vcl/window.hxx>
#include <toolkit/awt/vclxwindow.hxx>
#include <o3tl/char16_t2wchar_t.hxx>
@@ -1389,7 +1390,7 @@ bool SfxStoringHelper::GUIStoreModel( const uno::Reference< frame::XModel >& xMo
}
}
- if ( !( nStoreMode & EXPORT_REQUESTED ) )
+ if (!comphelper::LibreOfficeKit::isActive() && !( nStoreMode & EXPORT_REQUESTED ) )
{
// if it is no export, warn user that the signature will be removed
if ( SignatureState::OK == nDocumentSignatureState
@@ -1402,7 +1403,7 @@ bool SfxStoringHelper::GUIStoreModel( const uno::Reference< frame::XModel >& xMo
{
// the user has decided not to store the document
throw task::ErrorCodeIOException(
- "SfxStoringHelper::GUIStoreModel: ERRCODE_IO_ABORT",
+ "SfxStoringHelper::GUIStoreModel: ERRCODE_IO_ABORT (Preserve Signature)",
uno::Reference< uno::XInterface >(), sal_uInt32(ERRCODE_IO_ABORT));
}
}
commit ac8dd8cfc41b5a3feac5ad7e7ed303ab66a13833
Author: Tomaž Vajngerl <tomaz.vajngerl at collabora.co.uk>
AuthorDate: Thu Nov 29 21:53:48 2018 +0100
Commit: Tomaž Vajngerl <tomaz.vajngerl at collabora.co.uk>
CommitDate: Sat Dec 1 18:29:43 2018 +0100
Add SolarMutexGuard where needed
When triggering rechecking of signature status, an assert fails and
brings down the program because we don't hold a SolarMutex. The
rechecking of signature status needs to broadcasts.
Change-Id: Ib500b06d2e191465df1e0da2097ddb1b6b06725a
Reviewed-on: https://gerrit.libreoffice.org/64292
Tested-by: Jenkins
Reviewed-by: Tomaž Vajngerl <quikee at gmail.com>
(cherry picked from commit d7a88b902af983145b196990949e89420e5bc4cf)
diff --git a/desktop/source/lib/init.cxx b/desktop/source/lib/init.cxx
index b8698d7b4396..178562574a30 100644
--- a/desktop/source/lib/init.cxx
+++ b/desktop/source/lib/init.cxx
@@ -3807,6 +3807,8 @@ static bool doc_insertCertificate(LibreOfficeKitDocument* pThis,
if (!xCertificate.is())
return false;
+ SolarMutexGuard aGuard;
+
return pObjectShell->SignDocumentContentUsingCertificate(xCertificate);
}
@@ -3884,6 +3886,8 @@ static int doc_getSignatureState(LibreOfficeKitDocument* pThis)
if (!pObjectShell)
return int(SignatureState::UNKNOWN);
+ SolarMutexGuard aGuard;
+
pObjectShell->RecheckSignature(false);
return int(pObjectShell->GetDocumentSignatureState());
commit 2d2969bbed3a766ad7e435af3365ff7c09dadc4b
Author: Tomaž Vajngerl <tomaz.vajngerl at collabora.co.uk>
AuthorDate: Thu Nov 29 21:52:26 2018 +0100
Commit: Tomaž Vajngerl <tomaz.vajngerl at collabora.co.uk>
CommitDate: Sat Dec 1 18:29:28 2018 +0100
lokit: convert PEM certificate to DER if it is detected as such
Change-Id: I1ae105067c109a32f4acc34749b425d9e4e26514
Reviewed-on: https://gerrit.libreoffice.org/64291
Tested-by: Jenkins
Reviewed-by: Tomaž Vajngerl <quikee at gmail.com>
(cherry picked from commit d69edca3e004ab8669b3363b4755da8bb42f62fc)
diff --git a/desktop/source/lib/init.cxx b/desktop/source/lib/init.cxx
index 13c9e4a0d591..b8698d7b4396 100644
--- a/desktop/source/lib/init.cxx
+++ b/desktop/source/lib/init.cxx
@@ -48,6 +48,7 @@
#include <comphelper/propertysequence.hxx>
#include <comphelper/scopeguard.hxx>
#include <comphelper/threadpool.hxx>
+#include <comphelper/base64.hxx>
#include <com/sun/star/beans/XPropertySet.hpp>
#include <com/sun/star/container/XNameAccess.hpp>
@@ -526,6 +527,48 @@ int lcl_getViewId(const std::string& payload)
return 0;
}
+std::string extractCertificate(const std::string & certificate)
+{
+ const std::string header("-----BEGIN CERTIFICATE-----");
+ const std::string footer("-----END CERTIFICATE-----");
+
+ std::string result;
+
+ size_t pos1 = certificate.find(header);
+ if (pos1 == std::string::npos)
+ return result;
+
+ size_t pos2 = certificate.find(footer, pos1 + 1);
+ if (pos2 == std::string::npos)
+ return result;
+
+ pos1 = pos1 + header.length();
+ pos2 = pos2 - pos1;
+
+ return certificate.substr(pos1, pos2);
+}
+
+std::string extractPrivateKey(const std::string & privateKey)
+{
+ const std::string header("-----BEGIN PRIVATE KEY-----");
+ const std::string footer("-----END PRIVATE KEY-----");
+
+ std::string result;
+
+ size_t pos1 = privateKey.find(header);
+ if (pos1 == std::string::npos)
+ return result;
+
+ size_t pos2 = privateKey.find(footer, pos1 + 1);
+ if (pos2 == std::string::npos)
+ return result;
+
+ pos1 = pos1 + header.length();
+ pos2 = pos2 - pos1;
+
+ return privateKey.substr(pos1, pos2);
+}
+
} // end anonymous namespace
// Could be anonymous in principle, but for the unit testing purposes, we
@@ -3729,11 +3772,34 @@ static bool doc_insertCertificate(LibreOfficeKitDocument* pThis,
if (!xCertificateCreator.is())
return false;
- uno::Sequence<sal_Int8> aCertificateSequence(nCertificateBinarySize);
- std::copy(pCertificateBinary, pCertificateBinary + nCertificateBinarySize, aCertificateSequence.begin());
+ uno::Sequence<sal_Int8> aCertificateSequence;
- uno::Sequence<sal_Int8> aPrivateKeySequence(nPrivateKeySize);
- std::copy(pPrivateKeyBinary, pPrivateKeyBinary + nPrivateKeySize, aPrivateKeySequence.begin());
+ std::string aCertificateString(reinterpret_cast<const char*>(pCertificateBinary), nCertificateBinarySize);
+ std::string aCertificateBase64String = extractCertificate(aCertificateString);
+ if (!aCertificateBase64String.empty())
+ {
+ OUString aBase64OUString = OUString::createFromAscii(aCertificateBase64String.c_str());
+ comphelper::Base64::decode(aCertificateSequence, aBase64OUString);
+ }
+ else
+ {
+ aCertificateSequence.realloc(nCertificateBinarySize);
+ std::copy(pCertificateBinary, pCertificateBinary + nCertificateBinarySize, aCertificateSequence.begin());
+ }
+
+ uno::Sequence<sal_Int8> aPrivateKeySequence;
+ std::string aPrivateKeyString(reinterpret_cast<const char*>(pPrivateKeyBinary), nPrivateKeySize);
+ std::string aPrivateKeyBase64String = extractPrivateKey(aPrivateKeyString);
+ if (!aPrivateKeyBase64String.empty())
+ {
+ OUString aBase64OUString = OUString::createFromAscii(aPrivateKeyBase64String.c_str());
+ comphelper::Base64::decode(aPrivateKeySequence, aBase64OUString);
+ }
+ else
+ {
+ aPrivateKeySequence.realloc(nPrivateKeySize);
+ std::copy(pPrivateKeyBinary, pPrivateKeyBinary + nPrivateKeySize, aPrivateKeySequence.begin());
+ }
uno::Reference<security::XCertificate> xCertificate;
xCertificate = xCertificateCreator->createDERCertificateWithPrivateKey(aCertificateSequence, aPrivateKeySequence);
@@ -3777,8 +3843,20 @@ static bool doc_addCertificate(LibreOfficeKitDocument* pThis,
if (!xCertificateCreator.is())
return false;
- uno::Sequence<sal_Int8> aCertificateSequence(nCertificateBinarySize);
- std::copy(pCertificateBinary, pCertificateBinary + nCertificateBinarySize, aCertificateSequence.begin());
+ uno::Sequence<sal_Int8> aCertificateSequence;
+
+ std::string aCertificateString(reinterpret_cast<const char*>(pCertificateBinary), nCertificateBinarySize);
+ std::string aCertificateBase64String = extractCertificate(aCertificateString);
+ if (!aCertificateBase64String.empty())
+ {
+ OUString aBase64OUString = OUString::createFromAscii(aCertificateBase64String.c_str());
+ comphelper::Base64::decode(aCertificateSequence, aBase64OUString);
+ }
+ else
+ {
+ aCertificateSequence.realloc(nCertificateBinarySize);
+ std::copy(pCertificateBinary, pCertificateBinary + nCertificateBinarySize, aCertificateSequence.begin());
+ }
uno::Reference<security::XCertificate> xCertificate;
xCertificate = xCertificateCreator->addDERCertificateToTheDatabase(aCertificateSequence, "TCu,Cu,Tu");
More information about the Libreoffice-commits
mailing list