[Libreoffice-commits] core.git: desktop/qa desktop/source include/LibreOfficeKit offapi/com xmlsecurity/source
Libreoffice Gerrit user
logerrit at kemper.freedesktop.org
Wed Oct 31 08:08:47 UTC 2018
desktop/qa/desktop_lib/test_desktop_lib.cxx | 6 -
desktop/source/lib/init.cxx | 52 ++++++++++
include/LibreOfficeKit/LibreOfficeKit.h | 5
include/LibreOfficeKit/LibreOfficeKit.hxx | 15 ++
offapi/com/sun/star/xml/crypto/XCertificateCreator.idl | 9 +
xmlsecurity/source/xmlsec/nss/securityenvironment_nssimpl.cxx | 7 +
xmlsecurity/source/xmlsec/nss/securityenvironment_nssimpl.hxx | 4
7 files changed, 92 insertions(+), 6 deletions(-)
New commits:
commit 08c3c504644ee978c2ec75ba083765b6ffddf08c
Author: Tomaž Vajngerl <tomaz.vajngerl at collabora.co.uk>
AuthorDate: Wed Oct 24 10:56:15 2018 +0200
Commit: Tomaž Vajngerl <quikee at gmail.com>
CommitDate: Wed Oct 31 09:08:20 2018 +0100
lok: new function to add certificate to certificate DB
Also needed to extend XCertificateCreator with a new method
"addDERCertificateToTheDatabase".
Change-Id: I7b4df65365893bd5a0628aeec30b3156584849fe
Reviewed-on: https://gerrit.libreoffice.org/62273
Tested-by: Jenkins
Reviewed-by: Tomaž Vajngerl <quikee at gmail.com>
diff --git a/desktop/qa/desktop_lib/test_desktop_lib.cxx b/desktop/qa/desktop_lib/test_desktop_lib.cxx
index aeb4f0692c42..a225fb6ad85d 100644
--- a/desktop/qa/desktop_lib/test_desktop_lib.cxx
+++ b/desktop/qa/desktop_lib/test_desktop_lib.cxx
@@ -2356,11 +2356,11 @@ void DesktopLOKTest::testABI()
CPPUNIT_ASSERT_EQUAL(documentClassOffset(40), offsetof(struct _LibreOfficeKitDocumentClass, postWindowExtTextInputEvent));
CPPUNIT_ASSERT_EQUAL(documentClassOffset(41), offsetof(struct _LibreOfficeKitDocumentClass, getPartInfo));
CPPUNIT_ASSERT_EQUAL(documentClassOffset(42), offsetof(struct _LibreOfficeKitDocumentClass, insertCertificate));
- CPPUNIT_ASSERT_EQUAL(documentClassOffset(43), offsetof(struct _LibreOfficeKitDocumentClass, getSignatureState));
-
+ CPPUNIT_ASSERT_EQUAL(documentClassOffset(43), offsetof(struct _LibreOfficeKitDocumentClass, addCertificate));
+ CPPUNIT_ASSERT_EQUAL(documentClassOffset(44), offsetof(struct _LibreOfficeKitDocumentClass, getSignatureState));
// Extending is fine, update this, and add new assert for the offsetof the
// new method
- CPPUNIT_ASSERT_EQUAL(documentClassOffset(44), sizeof(struct _LibreOfficeKitDocumentClass));
+ CPPUNIT_ASSERT_EQUAL(documentClassOffset(45), sizeof(struct _LibreOfficeKitDocumentClass));
}
CPPUNIT_TEST_SUITE_REGISTRATION(DesktopLOKTest);
diff --git a/desktop/source/lib/init.cxx b/desktop/source/lib/init.cxx
index 1119886763ce..040218c1e314 100644
--- a/desktop/source/lib/init.cxx
+++ b/desktop/source/lib/init.cxx
@@ -696,6 +696,10 @@ static bool doc_insertCertificate(LibreOfficeKitDocument* pThis,
const unsigned char* pPrivateKeyBinary,
const int nPrivateKeyBinarySize);
+static bool doc_addCertificate(LibreOfficeKitDocument* pThis,
+ const unsigned char* pCertificateBinary,
+ const int nCertificateBinarySize);
+
static int doc_getSignatureState(LibreOfficeKitDocument* pThis);
LibLODocument_Impl::LibLODocument_Impl(const uno::Reference <css::lang::XComponent> &xComponent)
@@ -759,6 +763,7 @@ LibLODocument_Impl::LibLODocument_Impl(const uno::Reference <css::lang::XCompone
m_pDocumentClass->getPartInfo = doc_getPartInfo;
m_pDocumentClass->insertCertificate = doc_insertCertificate;
+ m_pDocumentClass->addCertificate = doc_addCertificate;
m_pDocumentClass->getSignatureState = doc_getSignatureState;
gDocumentClass = m_pDocumentClass;
@@ -3653,6 +3658,53 @@ static bool doc_insertCertificate(LibreOfficeKitDocument* pThis,
return pObjectShell->SignDocumentContentUsingCertificate(xCertificate);
}
+static bool doc_addCertificate(LibreOfficeKitDocument* pThis,
+ const unsigned char* pCertificateBinary, const int nCertificateBinarySize)
+{
+ if (!xContext.is())
+ return false;
+
+ LibLODocument_Impl* pDocument = static_cast<LibLODocument_Impl*>(pThis);
+
+ if (!pDocument->mxComponent.is())
+ return false;
+
+ SfxBaseModel* pBaseModel = dynamic_cast<SfxBaseModel*>(pDocument->mxComponent.get());
+ if (!pBaseModel)
+ return false;
+
+ SfxObjectShell* pObjectShell = pBaseModel->GetObjectShell();
+
+ if (!pObjectShell)
+ return false;
+
+ uno::Reference<xml::crypto::XSEInitializer> xSEInitializer = xml::crypto::SEInitializer::create(xContext);
+ uno::Reference<xml::crypto::XXMLSecurityContext> xSecurityContext;
+ xSecurityContext = xSEInitializer->createSecurityContext(OUString());
+ if (!xSecurityContext.is())
+ return false;
+
+ uno::Reference<xml::crypto::XSecurityEnvironment> xSecurityEnvironment;
+ xSecurityEnvironment = xSecurityContext->getSecurityEnvironment();
+ uno::Reference<xml::crypto::XCertificateCreator> xCertificateCreator(xSecurityEnvironment, uno::UNO_QUERY);
+
+ if (!xCertificateCreator.is())
+ return false;
+
+ uno::Sequence<sal_Int8> aCertificateSequence(nCertificateBinarySize);
+ std::copy(pCertificateBinary, pCertificateBinary + nCertificateBinarySize, aCertificateSequence.begin());
+
+ uno::Reference<security::XCertificate> xCertificate;
+ xCertificate = xCertificateCreator->addDERCertificateToTheDatabase(aCertificateSequence, "TCu,Cu,Tu");
+
+ if (!xCertificate.is())
+ return false;
+
+ SAL_INFO("lok", "Certificate Added = IssuerName: " << xCertificate->getIssuerName() << " SubjectName: " << xCertificate->getSubjectName());
+
+ return true;
+}
+
static int doc_getSignatureState(LibreOfficeKitDocument* pThis)
{
LibLODocument_Impl* pDocument = static_cast<LibLODocument_Impl*>(pThis);
diff --git a/include/LibreOfficeKit/LibreOfficeKit.h b/include/LibreOfficeKit/LibreOfficeKit.h
index 238d93f162db..e052765ac794 100644
--- a/include/LibreOfficeKit/LibreOfficeKit.h
+++ b/include/LibreOfficeKit/LibreOfficeKit.h
@@ -330,6 +330,11 @@ struct _LibreOfficeKitDocumentClass
const unsigned char* pPrivateKeyBinary,
const int nPrivateKeyBinarySize);
+ /// @see lok::Document::addCertificate().
+ bool (*addCertificate) (LibreOfficeKitDocument* pThis,
+ const unsigned char* pCertificateBinary,
+ const int nCertificateBinarySize);
+
/// @see lok::Document::getSignatureState().
int (*getSignatureState) (LibreOfficeKitDocument* pThis);
diff --git a/include/LibreOfficeKit/LibreOfficeKit.hxx b/include/LibreOfficeKit/LibreOfficeKit.hxx
index 829751f2efa9..c238d507c183 100644
--- a/include/LibreOfficeKit/LibreOfficeKit.hxx
+++ b/include/LibreOfficeKit/LibreOfficeKit.hxx
@@ -586,12 +586,23 @@ public:
const unsigned char* pPrivateKeyBinary,
const int nPrivateKeyBinarySize)
{
- return mpDoc->pClass->insertCertificate(mpDoc,
- pCertificateBinary, pCertificateBinarySize,
+ return mpDoc->pClass->insertCertificate(mpDoc,
+ pCertificateBinary, pCertificateBinarySize,
pPrivateKeyBinary, nPrivateKeyBinarySize);
}
/**
+ * Add the certificate (in binary form) to the certificate store.
+ *
+ */
+ bool addCertificate(const unsigned char* pCertificateBinary,
+ const int pCertificateBinarySize)
+ {
+ return mpDoc->pClass->addCertificate(mpDoc,
+ pCertificateBinary, pCertificateBinarySize);
+ }
+
+ /**
* Verify signature of the document.
*
* Check possible values in include/sfx2/signaturestate.hxx
diff --git a/offapi/com/sun/star/xml/crypto/XCertificateCreator.idl b/offapi/com/sun/star/xml/crypto/XCertificateCreator.idl
index 6d920b37715c..3137aa00474b 100644
--- a/offapi/com/sun/star/xml/crypto/XCertificateCreator.idl
+++ b/offapi/com/sun/star/xml/crypto/XCertificateCreator.idl
@@ -27,13 +27,20 @@
module com { module sun { module star { module xml { module crypto {
/**
- * Interface for creating certificates
+ * Interface for creating and adding certificates
*
* @since LibreOffice 6.2
*/
interface XCertificateCreator : com::sun::star::uno::XInterface
{
/**
+ * Adds a certificate to the certificate database with the trust provided by the trust string.
+ */
+ com::sun::star::security::XCertificate addDERCertificateToTheDatabase(
+ [in] sequence<byte> aDerCertificate,
+ [in] string aTrustString);
+
+ /**
* Create certificate from raw DER encoded certificate and associate the private key with the certificate
*/
com::sun::star::security::XCertificate createDERCertificateWithPrivateKey(
diff --git a/xmlsecurity/source/xmlsec/nss/securityenvironment_nssimpl.cxx b/xmlsecurity/source/xmlsec/nss/securityenvironment_nssimpl.cxx
index bdf8000d886b..0abcc363dd18 100644
--- a/xmlsecurity/source/xmlsec/nss/securityenvironment_nssimpl.cxx
+++ b/xmlsecurity/source/xmlsec/nss/securityenvironment_nssimpl.cxx
@@ -909,6 +909,13 @@ uno::Reference<security::XCertificate> SecurityEnvironment_NssImpl::createDERCer
return pX509Certificate;
}
+uno::Reference<security::XCertificate> SecurityEnvironment_NssImpl::addDERCertificateToTheDatabase(
+ uno::Sequence<sal_Int8> const & raDERCertificate, OUString const & raTrustString)
+{
+ X509Certificate_NssImpl* pX509Certificate = createAndAddCertificateFromPackage(raDERCertificate, raTrustString);
+ return pX509Certificate;
+}
+
extern "C" SAL_DLLPUBLIC_EXPORT uno::XInterface*
com_sun_star_xml_crypto_SecurityEnvironment_get_implementation(
uno::XComponentContext* /*pCtx*/, uno::Sequence<uno::Any> const& /*rSeq*/)
diff --git a/xmlsecurity/source/xmlsec/nss/securityenvironment_nssimpl.hxx b/xmlsecurity/source/xmlsec/nss/securityenvironment_nssimpl.hxx
index 9829c9129771..2bb563c72627 100644
--- a/xmlsecurity/source/xmlsec/nss/securityenvironment_nssimpl.hxx
+++ b/xmlsecurity/source/xmlsec/nss/securityenvironment_nssimpl.hxx
@@ -116,6 +116,10 @@ private:
virtual css::uno::Reference< css::security::XCertificate > SAL_CALL createCertificateFromAscii( const OUString& asciiCertificate ) override ;
// Methods of XCertificateCreator
+ css::uno::Reference<css::security::XCertificate> SAL_CALL addDERCertificateToTheDatabase(
+ css::uno::Sequence<sal_Int8> const & raDERCertificate,
+ OUString const & raTrustString) override;
+
css::uno::Reference<css::security::XCertificate> SAL_CALL createDERCertificateWithPrivateKey(
css::uno::Sequence<sal_Int8> const & raDERCertificate,
css::uno::Sequence<sal_Int8> const & raPrivateKey) override;
More information about the Libreoffice-commits
mailing list