[Libreoffice-commits] core.git: cui/source offapi/com sfx2/source xmlsecurity/source
Libreoffice Gerrit user
logerrit at kemper.freedesktop.org
Mon Sep 17 08:05:58 UTC 2018
cui/source/dialogs/SignSignatureLineDialog.cxx | 15 ++++-
offapi/com/sun/star/security/CertificateKind.idl | 8 ++
offapi/com/sun/star/security/XDocumentDigitalSignatures.idl | 9 +++
sfx2/source/doc/objserv.cxx | 34 +++---------
xmlsecurity/source/component/documentdigitalsignatures.cxx | 28 ++++++++-
5 files changed, 65 insertions(+), 29 deletions(-)
New commits:
commit 9b4c6892630a98c1218aca72827f718184a4b5f0
Author: Samuel Mehrbrodt <Samuel.Mehrbrodt at cib.de>
AuthorDate: Fri Sep 14 10:30:36 2018 +0200
Commit: Samuel Mehrbrodt <Samuel.Mehrbrodt at cib.de>
CommitDate: Mon Sep 17 10:05:37 2018 +0200
tdf#118569 Signature Line: When signing ooxml, only show X.509 certificates
Also fixes a bug where signing was aborted after saving as docx.
Change-Id: Ic42b7de2400be0bc55da03b017a545ceaedef9f9
Reviewed-on: https://gerrit.libreoffice.org/60480
Tested-by: Jenkins
Reviewed-by: Samuel Mehrbrodt <Samuel.Mehrbrodt at cib.de>
diff --git a/cui/source/dialogs/SignSignatureLineDialog.cxx b/cui/source/dialogs/SignSignatureLineDialog.cxx
index 9b3be762b2d9..72c4e5f2e6a3 100644
--- a/cui/source/dialogs/SignSignatureLineDialog.cxx
+++ b/cui/source/dialogs/SignSignatureLineDialog.cxx
@@ -20,6 +20,8 @@
#include <unotools/streamwrap.hxx>
#include <utility>
#include <vcl/weld.hxx>
+#include <sfx2/docfile.hxx>
+#include <sfx2/docfilt.hxx>
#include <sfx2/objsh.hxx>
#include <com/sun/star/beans/XPropertySet.hpp>
@@ -29,6 +31,7 @@
#include <com/sun/star/graphic/XGraphicProvider.hpp>
#include <com/sun/star/io/XInputStream.hpp>
#include <com/sun/star/lang/XMultiServiceFactory.hpp>
+#include <com/sun/star/security/CertificateKind.hpp>
#include <com/sun/star/security/DocumentDigitalSignatures.hpp>
#include <com/sun/star/security/XCertificate.hpp>
#include <com/sun/star/security/XDocumentDigitalSignatures.hpp>
@@ -116,10 +119,20 @@ SignSignatureLineDialog::SignSignatureLineDialog(weld::Widget* pParent, Referenc
IMPL_LINK_NOARG(SignSignatureLineDialog, chooseCertificate, weld::Button&, void)
{
+ // Document needs to be saved before selecting a certificate
+ SfxObjectShell* pShell = SfxObjectShell::Current();
+ if (!pShell->PrepareForSigning(m_xDialog.get()))
+ return;
+
Reference<XDocumentDigitalSignatures> xSigner(DocumentDigitalSignatures::createWithVersion(
comphelper::getProcessComponentContext(), "1.2"));
OUString aDescription;
- Reference<XCertificate> xSignCertificate = xSigner->selectSigningCertificate(aDescription);
+ CertificateKind certificateKind = CertificateKind_NONE;
+ // When signing ooxml, we only want X.509 certificates
+ if (pShell->GetMedium()->GetFilter()->IsAlienFormat())
+ certificateKind = CertificateKind_X509;
+ Reference<XCertificate> xSignCertificate
+ = xSigner->selectSigningCertificateWithType(certificateKind, aDescription);
if (xSignCertificate.is())
{
diff --git a/offapi/com/sun/star/security/CertificateKind.idl b/offapi/com/sun/star/security/CertificateKind.idl
index 9f6230452c4b..111591866875 100644
--- a/offapi/com/sun/star/security/CertificateKind.idl
+++ b/offapi/com/sun/star/security/CertificateKind.idl
@@ -25,7 +25,13 @@ enum CertificateKind
/** OpenPGP format of a certificate
*/
- OPENPGP
+ OPENPGP,
+
+ /** No format specified
+ *
+ * @since LibreOffice 6.2
+ */
+ NONE
};
} ; } ; } ; } ;
diff --git a/offapi/com/sun/star/security/XDocumentDigitalSignatures.idl b/offapi/com/sun/star/security/XDocumentDigitalSignatures.idl
index 0e4d6c82d553..ebd42c6ecef6 100644
--- a/offapi/com/sun/star/security/XDocumentDigitalSignatures.idl
+++ b/offapi/com/sun/star/security/XDocumentDigitalSignatures.idl
@@ -168,6 +168,15 @@ interface XDocumentDigitalSignatures : com::sun::star::uno::XInterface
*/
com::sun::star::security::XCertificate selectSigningCertificate( [out] string Description );
+ /** This shows the certificate selection dialog and allows to only select the certificate
+ without actually signing the document. Only certificates of the given type will be shown.
+
+ @since LibreOffice 6.2
+ */
+ com::sun::star::security::XCertificate selectSigningCertificateWithType(
+ [in] CertificateKind certificateKind,
+ [out] string Description);
+
/** This method shows the CertificateChooser dialog with all certificates, private and
other people's. Useful when choosing certificate/key for encryption
diff --git a/sfx2/source/doc/objserv.cxx b/sfx2/source/doc/objserv.cxx
index b3db07931fbc..6cfed0679a4a 100644
--- a/sfx2/source/doc/objserv.cxx
+++ b/sfx2/source/doc/objserv.cxx
@@ -1410,23 +1410,6 @@ SignatureState SfxObjectShell::ImplGetSignatureState( bool bScriptingContent )
bool SfxObjectShell::PrepareForSigning(weld::Window* pDialogParent)
{
- // Check if it is stored in OASIS format...
- if ( GetMedium()
- && GetMedium()->GetFilter()
- && !GetMedium()->GetName().isEmpty()
- && ( (!GetMedium()->GetFilter()->IsOwnFormat() && !GetMedium()->GetFilter()->GetSupportsSigning())
- || (GetMedium()->GetFilter()->IsOwnFormat() && !GetMedium()->HasStorage_Impl())
- )
- )
- {
- // Only OASIS and OOo6.x formats will be handled further
- std::unique_ptr<weld::MessageDialog> xBox(Application::CreateMessageDialog(pDialogParent,
- VclMessageType::Info, VclButtonsType::Ok, SfxResId(STR_INFO_WRONGDOCFORMAT)));
-
- xBox->run();
- return false;
- }
-
// check whether the document is signed
ImplGetSignatureState(); // document signature
if (GetMedium() && GetMedium()->GetFilter() && GetMedium()->GetFilter()->IsOwnFormat())
@@ -1470,14 +1453,17 @@ bool SfxObjectShell::PrepareForSigning(weld::Window* pDialogParent)
SetModified();
ExecFile_Impl( aSaveRequest );
- // Check if it is stored in OASIS format...
- if ( GetMedium() && GetMedium()->GetFilter()
- && ( !GetMedium()->GetFilter()->IsOwnFormat() || !GetMedium()->HasStorage_Impl()
- || SotStorage::GetVersion( GetMedium()->GetStorage() ) <= SOFFICE_FILEFORMAT_60 ) )
+ // Check if it is stored a format which supports signing
+ if (GetMedium() && GetMedium()->GetFilter() && !GetMedium()->GetName().isEmpty()
+ && ((!GetMedium()->GetFilter()->IsOwnFormat()
+ && !GetMedium()->GetFilter()->GetSupportsSigning())
+ || (GetMedium()->GetFilter()->IsOwnFormat()
+ && !GetMedium()->HasStorage_Impl())))
{
- // Only OASIS format will be handled further
- std::unique_ptr<weld::MessageDialog> xBox(Application::CreateMessageDialog(pDialogParent,
- VclMessageType::Info, VclButtonsType::Ok, SfxResId(STR_INFO_WRONGDOCFORMAT)));
+ std::unique_ptr<weld::MessageDialog> xBox(Application::CreateMessageDialog(
+ pDialogParent, VclMessageType::Info, VclButtonsType::Ok,
+ SfxResId(STR_INFO_WRONGDOCFORMAT)));
+
xBox->run();
return false;
}
diff --git a/xmlsecurity/source/component/documentdigitalsignatures.cxx b/xmlsecurity/source/component/documentdigitalsignatures.cxx
index e97733fe2208..23689c1e4fa3 100644
--- a/xmlsecurity/source/component/documentdigitalsignatures.cxx
+++ b/xmlsecurity/source/component/documentdigitalsignatures.cxx
@@ -41,6 +41,7 @@
#include <vcl/weld.hxx>
#include <unotools/securityoptions.hxx>
#include <com/sun/star/security/CertificateValidity.hpp>
+#include <com/sun/star/security/CertificateKind.hpp>
#include <comphelper/base64.hxx>
#include <comphelper/documentconstants.hxx>
#include <comphelper/propertyvalue.hxx>
@@ -54,6 +55,7 @@
using namespace css;
using namespace css::uno;
using namespace css::lang;
+using namespace css::security;
using namespace css::xml::crypto;
class DocumentDigitalSignatures
@@ -86,7 +88,8 @@ private:
DocumentSignatureMode eMode);
css::uno::Sequence<css::uno::Reference<css::security::XCertificate>>
- chooseCertificatesImpl(std::map<OUString, OUString>& rProperties, const UserAction eAction);
+ chooseCertificatesImpl(std::map<OUString, OUString>& rProperties, const UserAction eAction,
+ const CertificateKind certificateKind=CertificateKind_NONE);
public:
explicit DocumentDigitalSignatures(
@@ -158,6 +161,9 @@ public:
SAL_CALL chooseSigningCertificate(OUString& rDescription) override;
css::uno::Reference<css::security::XCertificate>
SAL_CALL selectSigningCertificate(OUString& rDescription) override;
+ css::uno::Reference<css::security::XCertificate>
+ SAL_CALL selectSigningCertificateWithType(const CertificateKind certificateKind,
+ OUString& rDescription) override;
css::uno::Sequence<css::uno::Reference<css::security::XCertificate>>
SAL_CALL chooseEncryptionCertificate() override;
css::uno::Reference<css::security::XCertificate> SAL_CALL chooseCertificateWithProps(
@@ -614,14 +620,19 @@ sal_Bool DocumentDigitalSignatures::isAuthorTrusted(
return bFound;
}
-uno::Sequence< Reference< css::security::XCertificate > > DocumentDigitalSignatures::chooseCertificatesImpl(std::map<OUString, OUString>& rProperties, const UserAction eAction)
+uno::Sequence<Reference<css::security::XCertificate>>
+DocumentDigitalSignatures::chooseCertificatesImpl(std::map<OUString, OUString>& rProperties,
+ const UserAction eAction,
+ const CertificateKind certificateKind)
{
std::vector< Reference< css::xml::crypto::XXMLSecurityContext > > xSecContexts;
DocumentSignatureManager aSignatureManager(mxCtx, {});
if (aSignatureManager.init()) {
xSecContexts.push_back(aSignatureManager.getSecurityContext());
- xSecContexts.push_back(aSignatureManager.getGpgSecurityContext());
+ // Don't include OpenPGP if only X.509 certs are requested
+ if (certificateKind == CertificateKind_NONE || certificateKind == CertificateKind_OPENPGP)
+ xSecContexts.push_back(aSignatureManager.getGpgSecurityContext());
}
ScopedVclPtrInstance< CertificateChooser > aChooser(nullptr, mxCtx, xSecContexts, eAction);
@@ -660,6 +671,17 @@ Reference< css::security::XCertificate > DocumentDigitalSignatures::selectSignin
return xCert;
}
+Reference<css::security::XCertificate>
+DocumentDigitalSignatures::selectSigningCertificateWithType(const CertificateKind certificateKind,
+ OUString& rDescription)
+{
+ std::map<OUString, OUString> aProperties;
+ Reference<css::security::XCertificate> xCert
+ = chooseCertificatesImpl(aProperties, UserAction::SelectSign, certificateKind)[0];
+ rDescription = aProperties["Description"];
+ return xCert;
+}
+
css::uno::Sequence< Reference< css::security::XCertificate > > DocumentDigitalSignatures::chooseEncryptionCertificate()
{
std::map<OUString, OUString> aProperties;
More information about the Libreoffice-commits
mailing list