[Libreoffice-commits] core.git: Branch 'distro/collabora/cp-6.4' - include/sfx2 sfx2/source xmlsecurity/inc xmlsecurity/source
Miklos Vajna (via logerrit)
logerrit at kemper.freedesktop.org
Mon Jun 29 07:12:46 UTC 2020
include/sfx2/digitalsignatures.hxx | 38 +++++++++
include/sfx2/docfile.hxx | 10 +-
sfx2/source/doc/docfile.cxx | 22 ++++-
sfx2/source/doc/objserv.cxx | 3
xmlsecurity/inc/documentsignaturemanager.hxx | 6 +
xmlsecurity/inc/pdfsignaturehelper.hxx | 7 +
xmlsecurity/source/component/documentdigitalsignatures.cxx | 50 ++++++++++---
xmlsecurity/source/helper/documentsignaturemanager.cxx | 8 +-
xmlsecurity/source/helper/pdfsignaturehelper.cxx | 15 +--
9 files changed, 126 insertions(+), 33 deletions(-)
New commits:
commit adb55d56a99107e6c6205e193c3efc9844fb1553
Author: Miklos Vajna <vmiklos at collabora.com>
AuthorDate: Thu Jun 25 14:32:11 2020 +0200
Commit: Miklos Vajna <vmiklos at collabora.com>
CommitDate: Mon Jun 29 09:12:12 2020 +0200
sd signature line: pass the model down to xmlsecurity
So it can avoid SfxObjectShell::Current(), which is only correct when a
single document is open.
Also add an sfx2::DigitalSignatures interface so this can be done
without UNO API changes.
(cherry picked from commit c3f8702241b625db994bcb059d8c91c25fd43e53)
Conflicts:
xmlsecurity/source/component/documentdigitalsignatures.cxx
xmlsecurity/source/helper/documentsignaturemanager.cxx
Change-Id: Ie81996b8f1e8851975b27c43a53f9d23e316004e
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/97258
Tested-by: Jenkins CollaboraOffice <jenkinscollaboraoffice at gmail.com>
Reviewed-by: Miklos Vajna <vmiklos at collabora.com>
diff --git a/include/sfx2/digitalsignatures.hxx b/include/sfx2/digitalsignatures.hxx
new file mode 100644
index 000000000000..8f0e161b42a6
--- /dev/null
+++ b/include/sfx2/digitalsignatures.hxx
@@ -0,0 +1,38 @@
+/* -*- Mode: C++; tab-width: 4; indent-tabs-mode: nil; c-basic-offset: 4 -*- */
+/*
+ * This file is part of the LibreOffice project.
+ *
+ * This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/.
+ */
+
+#pragma once
+
+#include <com/sun/star/embed/XStorage.hpp>
+#include <com/sun/star/frame/XModel.hpp>
+#include <com/sun/star/io/XStream.hpp>
+#include <com/sun/star/security/XCertificate.hpp>
+
+#include <sal/types.h>
+
+namespace sfx2
+{
+/// Extension of css::security::XDocumentDigitalSignatures for internal purposes.
+class SAL_NO_VTABLE SAL_DLLPUBLIC_RTTI DigitalSignatures
+{
+public:
+ /// Same as signDocumentWithCertificate(), but passes the xModel as well.
+ virtual bool
+ SignModelWithCertificate(const css::uno::Reference<css::frame::XModel>& xModel,
+ const css::uno::Reference<css::security::XCertificate>& xCertificate,
+ const css::uno::Reference<css::embed::XStorage>& xStorage,
+ const css::uno::Reference<css::io::XStream>& xStream)
+ = 0;
+
+protected:
+ ~DigitalSignatures() noexcept = default;
+};
+}
+
+/* vim:set shiftwidth=4 softtabstop=4 expandtab: */
diff --git a/include/sfx2/docfile.hxx b/include/sfx2/docfile.hxx
index ce5a71271046..c08e9a631f66 100644
--- a/include/sfx2/docfile.hxx
+++ b/include/sfx2/docfile.hxx
@@ -41,6 +41,10 @@ namespace com::sun::star::ucb { class XCommandEnvironment; }
namespace com::sun::star::ucb { class XContent; }
namespace com::sun::star::util { struct DateTime; }
namespace com::sun::star::util { struct RevisionTag; }
+namespace com::sun::star::frame
+{
+class XModel;
+}
namespace ucbhelper { class Content; }
class SvKeyValueIterator;
@@ -262,9 +266,9 @@ public:
= css::uno::Reference<css::graphic::XGraphic>(),
const OUString& aComment = OUString());
- SAL_DLLPRIVATE bool
- SignDocumentContentUsingCertificate(bool bHasValidDocumentSignature,
- const css::uno::Reference<css::security::XCertificate>& xCertificate);
+ SAL_DLLPRIVATE bool SignDocumentContentUsingCertificate(
+ const css::uno::Reference<css::frame::XModel>& xModel, bool bHasValidDocumentSignature,
+ const css::uno::Reference<css::security::XCertificate>& xCertificate);
// the following two methods must be used and make sense only during saving currently
// TODO/LATER: in future the signature state should be controlled by the medium not by the document
diff --git a/sfx2/source/doc/docfile.cxx b/sfx2/source/doc/docfile.cxx
index b1ef5fa0e5f2..81005e08790f 100644
--- a/sfx2/source/doc/docfile.cxx
+++ b/sfx2/source/doc/docfile.cxx
@@ -44,6 +44,7 @@
#include <com/sun/star/embed/ElementModes.hpp>
#include <com/sun/star/embed/UseBackupException.hpp>
#include <com/sun/star/embed/XOptimizedStorage.hpp>
+#include <com/sun/star/frame/XModel.hpp>
#include <com/sun/star/graphic/XGraphic.hpp>
#include <com/sun/star/ucb/ContentCreationException.hpp>
#include <com/sun/star/ucb/InteractiveIOException.hpp>
@@ -139,6 +140,7 @@
#include <vcl/svapp.hxx>
#include <tools/diagnose_ex.h>
#include <unotools/fltrcfg.hxx>
+#include <sfx2/digitalsignatures.hxx>
#include <com/sun/star/io/WrongFormatException.hpp>
@@ -3784,8 +3786,9 @@ void SfxMedium::CreateTempFileNoCopy()
CloseStorage();
}
-bool SfxMedium::SignDocumentContentUsingCertificate(bool bHasValidDocumentSignature,
- const Reference<XCertificate>& xCertificate)
+bool SfxMedium::SignDocumentContentUsingCertificate(
+ const css::uno::Reference<css::frame::XModel>& xModel, bool bHasValidDocumentSignature,
+ const Reference<XCertificate>& xCertificate)
{
bool bChanges = false;
@@ -3801,6 +3804,11 @@ bool SfxMedium::SignDocumentContentUsingCertificate(bool bHasValidDocumentSignat
uno::Reference< security::XDocumentDigitalSignatures > xSigner(
security::DocumentDigitalSignatures::createWithVersionAndValidSignature(
comphelper::getProcessComponentContext(), aODFVersion, bHasValidDocumentSignature ) );
+ auto xModelSigner = dynamic_cast<sfx2::DigitalSignatures*>(xSigner.get());
+ if (!xModelSigner)
+ {
+ return bChanges;
+ }
uno::Reference< embed::XStorage > xWriteableZipStor;
@@ -3847,7 +3855,8 @@ bool SfxMedium::SignDocumentContentUsingCertificate(bool bHasValidDocumentSignat
if (GetFilter() && GetFilter()->IsOwnFormat())
xStream.set(xMetaInf->openStreamElement(xSigner->getDocumentContentSignatureDefaultStreamName(), embed::ElementModes::READWRITE), uno::UNO_SET_THROW);
- bool bSuccess = xSigner->signDocumentWithCertificate(xCertificate, GetZipStorageToSign_Impl(), xStream);
+ bool bSuccess = xModelSigner->SignModelWithCertificate(
+ xModel, xCertificate, GetZipStorageToSign_Impl(), xStream);
if (bSuccess)
{
@@ -3867,8 +3876,8 @@ bool SfxMedium::SignDocumentContentUsingCertificate(bool bHasValidDocumentSignat
uno::Reference<io::XStream> xStream;
// We need read-write to be able to add the signature relation.
- bool bSuccess =xSigner->signDocumentWithCertificate(
- xCertificate, GetZipStorageToSign_Impl(/*bReadOnly=*/false), xStream);
+ bool bSuccess = xModelSigner->SignModelWithCertificate(
+ xModel, xCertificate, GetZipStorageToSign_Impl(/*bReadOnly=*/false), xStream);
if (bSuccess)
{
@@ -3885,7 +3894,8 @@ bool SfxMedium::SignDocumentContentUsingCertificate(bool bHasValidDocumentSignat
// Something not ZIP based: e.g. PDF.
std::unique_ptr<SvStream> pStream(utl::UcbStreamHelper::CreateStream(GetName(), StreamMode::READ | StreamMode::WRITE));
uno::Reference<io::XStream> xStream(new utl::OStreamWrapper(*pStream));
- if (xSigner->signDocumentWithCertificate(xCertificate, uno::Reference<embed::XStorage>(), xStream))
+ if (xModelSigner->SignModelWithCertificate(
+ xModel, xCertificate, uno::Reference<embed::XStorage>(), xStream))
bChanges = true;
}
}
diff --git a/sfx2/source/doc/objserv.cxx b/sfx2/source/doc/objserv.cxx
index b931ed90c3e7..55e36ff69cbb 100644
--- a/sfx2/source/doc/objserv.cxx
+++ b/sfx2/source/doc/objserv.cxx
@@ -1954,7 +1954,8 @@ bool SfxObjectShell::SignDocumentContentUsingCertificate(const Reference<XCertif
return false;
// 3. Sign
- bool bSignSuccess = GetMedium()->SignDocumentContentUsingCertificate(HasValidSignatures(), xCertificate);
+ bool bSignSuccess = GetMedium()->SignDocumentContentUsingCertificate(
+ GetBaseModel(), HasValidSignatures(), xCertificate);
// 4. AfterSigning
AfterSigning(bSignSuccess, false);
diff --git a/xmlsecurity/inc/documentsignaturemanager.hxx b/xmlsecurity/inc/documentsignaturemanager.hxx
index 5bdc679c4726..cdb5f4877ae6 100644
--- a/xmlsecurity/inc/documentsignaturemanager.hxx
+++ b/xmlsecurity/inc/documentsignaturemanager.hxx
@@ -44,6 +44,10 @@ namespace embed
{
class XStorage;
}
+namespace frame
+{
+class XModel;
+}
namespace graphic
{
class XGraphic;
@@ -69,6 +73,7 @@ private:
DocumentSignatureMode const meSignatureMode;
css::uno::Sequence<css::uno::Sequence<css::beans::PropertyValue>> m_manifest;
css::uno::Reference<css::io::XStream> mxSignatureStream;
+ css::uno::Reference<css::frame::XModel> mxModel;
css::uno::Reference<css::io::XStream> mxTempSignatureStream;
/// Storage containing all OOXML signatures, unused for ODF.
css::uno::Reference<css::embed::XStorage> mxTempSignatureStorage;
@@ -125,6 +130,7 @@ public:
{
mxSignatureStream = xSignatureStream;
}
+ void setModel(const css::uno::Reference<css::frame::XModel>& xModel);
const css::uno::Reference<css::embed::XStorage>& getStore() const { return mxStore; }
DocumentSignatureMode getSignatureMode() const { return meSignatureMode; }
SignatureInformations& getCurrentSignatureInformations()
diff --git a/xmlsecurity/inc/pdfsignaturehelper.hxx b/xmlsecurity/inc/pdfsignaturehelper.hxx
index f23a371d2820..f8f1e893beb2 100644
--- a/xmlsecurity/inc/pdfsignaturehelper.hxx
+++ b/xmlsecurity/inc/pdfsignaturehelper.hxx
@@ -21,6 +21,10 @@ namespace sun
{
namespace star
{
+namespace frame
+{
+class XModel;
+}
namespace io
{
class XInputStream;
@@ -67,7 +71,8 @@ public:
/// Comment / reason to be used next time signing is performed.
void SetDescription(const OUString& rDescription);
/// Append a new signature at the end of xInputStream.
- bool Sign(const css::uno::Reference<css::io::XInputStream>& xInputStream, bool bAdES);
+ bool Sign(const css::uno::Reference<css::frame::XModel>& xModel,
+ const css::uno::Reference<css::io::XInputStream>& xInputStream, bool bAdES);
/// Remove the signature at nPosition (and all dependent signatures) from xInputStream.
static bool RemoveSignature(const css::uno::Reference<css::io::XInputStream>& xInputStream,
sal_uInt16 nPosition);
diff --git a/xmlsecurity/source/component/documentdigitalsignatures.cxx b/xmlsecurity/source/component/documentdigitalsignatures.cxx
index 37ea37bf8992..801b44c1bade 100644
--- a/xmlsecurity/source/component/documentdigitalsignatures.cxx
+++ b/xmlsecurity/source/component/documentdigitalsignatures.cxx
@@ -57,6 +57,7 @@
#include <com/sun/star/lang/IllegalArgumentException.hpp>
#include <com/sun/star/security/XDocumentDigitalSignatures.hpp>
#include <com/sun/star/xml/crypto/XXMLSecurityContext.hpp>
+#include <sfx2/digitalsignatures.hxx>
#include <map>
@@ -68,7 +69,8 @@ using namespace css::xml::crypto;
class DocumentDigitalSignatures
: public cppu::WeakImplHelper<css::security::XDocumentDigitalSignatures,
- css::lang::XInitialization, css::lang::XServiceInfo>
+ css::lang::XInitialization, css::lang::XServiceInfo>,
+ public sfx2::DigitalSignatures
{
private:
css::uno::Reference<css::uno::XComponentContext> mxCtx;
@@ -101,12 +103,14 @@ private:
chooseCertificatesImpl(std::map<OUString, OUString>& rProperties, const UserAction eAction,
const CertificateKind certificateKind=CertificateKind_NONE);
- bool signWithCertificateImpl(
- css::uno::Reference<css::security::XCertificate> const& xCertificate,
- css::uno::Reference<css::embed::XStorage> const& xStorage,
- css::uno::Reference<css::io::XStream> const& xStream, DocumentSignatureMode eMode);
+ bool
+ signWithCertificateImpl(const uno::Reference<frame::XModel>& /*xModel*/,
+ css::uno::Reference<css::security::XCertificate> const& xCertificate,
+ css::uno::Reference<css::embed::XStorage> const& xStorage,
+ css::uno::Reference<css::io::XStream> const& xStream,
+ DocumentSignatureMode eMode);
- public:
+public:
explicit DocumentDigitalSignatures(
const css::uno::Reference<css::uno::XComponentContext>& rxCtx);
@@ -203,6 +207,13 @@ private:
{
mxParentWindow = rParentwindow;
}
+
+ /// See sfx2::DigitalSignatures::SignModelWithCertificate().
+ bool
+ SignModelWithCertificate(const css::uno::Reference<css::frame::XModel>& xModel,
+ const css::uno::Reference<css::security::XCertificate>& xCertificate,
+ const css::uno::Reference<css::embed::XStorage>& xStorage,
+ const css::uno::Reference<css::io::XStream>& xStream) override;
};
DocumentDigitalSignatures::DocumentDigitalSignatures( const Reference< XComponentContext >& rxCtx ):
@@ -779,7 +790,19 @@ sal_Bool DocumentDigitalSignatures::signDocumentWithCertificate(
css::uno::Reference<css::embed::XStorage> const & xStorage,
css::uno::Reference<css::io::XStream> const & xStream)
{
- return signWithCertificateImpl(xCertificate, xStorage, xStream, DocumentSignatureMode::Content);
+ uno::Reference<frame::XModel> xModel;
+ return signWithCertificateImpl(xModel, xCertificate, xStorage, xStream,
+ DocumentSignatureMode::Content);
+}
+
+bool DocumentDigitalSignatures::SignModelWithCertificate(
+ const uno::Reference<frame::XModel>& xModel,
+ const css::uno::Reference<css::security::XCertificate>& xCertificate,
+ const css::uno::Reference<css::embed::XStorage>& xStorage,
+ const css::uno::Reference<css::io::XStream>& xStream)
+{
+ return signWithCertificateImpl(xModel, xCertificate, xStorage, xStream,
+ DocumentSignatureMode::Content);
}
sal_Bool DocumentDigitalSignatures::signPackageWithCertificate(
@@ -787,7 +810,9 @@ sal_Bool DocumentDigitalSignatures::signPackageWithCertificate(
css::uno::Reference<css::embed::XStorage> const& xStorage,
css::uno::Reference<css::io::XStream> const& xStream)
{
- return signWithCertificateImpl(xCertificate, xStorage, xStream, DocumentSignatureMode::Package);
+ uno::Reference<frame::XModel> xModel;
+ return signWithCertificateImpl(xModel, xCertificate, xStorage, xStream,
+ DocumentSignatureMode::Package);
}
sal_Bool DocumentDigitalSignatures::signScriptingContentWithCertificate(
@@ -795,14 +820,16 @@ sal_Bool DocumentDigitalSignatures::signScriptingContentWithCertificate(
css::uno::Reference<css::embed::XStorage> const& xStorage,
css::uno::Reference<css::io::XStream> const& xStream)
{
- return signWithCertificateImpl(xCertificate, xStorage, xStream, DocumentSignatureMode::Macros);
+ uno::Reference<frame::XModel> xModel;
+ return signWithCertificateImpl(xModel, xCertificate, xStorage, xStream,
+ DocumentSignatureMode::Macros);
}
bool DocumentDigitalSignatures::signWithCertificateImpl(
+ const uno::Reference<frame::XModel>& xModel,
css::uno::Reference<css::security::XCertificate> const& xCertificate,
css::uno::Reference<css::embed::XStorage> const& xStorage,
- css::uno::Reference<css::io::XStream> const& xStream,
- DocumentSignatureMode eMode)
+ css::uno::Reference<css::io::XStream> const& xStream, DocumentSignatureMode eMode)
{
OSL_ENSURE(!m_sODFVersion.isEmpty(),
"DocumentDigitalSignatures: ODF Version not set, assuming minimum 1.2");
@@ -815,6 +842,7 @@ bool DocumentDigitalSignatures::signWithCertificateImpl(
aSignatureManager.setStore(xStorage);
aSignatureManager.getSignatureHelper().SetStorage(xStorage, m_sODFVersion);
aSignatureManager.setSignatureStream(xStream);
+ aSignatureManager.setModel(xModel);
Reference<XXMLSecurityContext> xSecurityContext;
Reference<XServiceInfo> xServiceInfo(xCertificate, UNO_QUERY);
diff --git a/xmlsecurity/source/helper/documentsignaturemanager.cxx b/xmlsecurity/source/helper/documentsignaturemanager.cxx
index a0e674c3bd1b..9ff3faddd761 100644
--- a/xmlsecurity/source/helper/documentsignaturemanager.cxx
+++ b/xmlsecurity/source/helper/documentsignaturemanager.cxx
@@ -34,6 +34,7 @@
#include <com/sun/star/packages/manifest/ManifestReader.hpp>
#include <com/sun/star/container/XNameAccess.hpp>
#include <com/sun/star/xml/sax/XDocumentHandler.hpp>
+#include <com/sun/star/frame/XModel.hpp>
#include <comphelper/base64.hxx>
#include <comphelper/storagehelper.hxx>
@@ -358,7 +359,7 @@ bool DocumentSignatureManager::add(
getPDFSignatureHelper().SetX509Certificate(xCert);
getPDFSignatureHelper().SetDescription(rDescription);
uno::Reference<io::XInputStream> xInputStream(mxSignatureStream, uno::UNO_QUERY);
- if (!getPDFSignatureHelper().Sign(xInputStream, bAdESCompliant))
+ if (!getPDFSignatureHelper().Sign(mxModel, xInputStream, bAdESCompliant))
{
SAL_WARN("xmlsecurity.helper", "PDFSignatureHelper::Sign() failed");
return false;
@@ -683,4 +684,9 @@ DocumentSignatureManager::getGpgSecurityContext() const
return mxGpgSecurityContext;
}
+void DocumentSignatureManager::setModel(const uno::Reference<frame::XModel>& xModel)
+{
+ mxModel = xModel;
+}
+
/* vim:set shiftwidth=4 softtabstop=4 expandtab: */
diff --git a/xmlsecurity/source/helper/pdfsignaturehelper.cxx b/xmlsecurity/source/helper/pdfsignaturehelper.cxx
index 79979c715bff..fe65745b3e90 100644
--- a/xmlsecurity/source/helper/pdfsignaturehelper.cxx
+++ b/xmlsecurity/source/helper/pdfsignaturehelper.cxx
@@ -57,15 +57,9 @@ bool GetSignatureLinePage(const uno::Reference<frame::XModel>& xModel, sal_Int32
}
/// If the currently selected shape is a Draw signature line, export that to PDF.
-void GetSignatureLineShape(sal_Int32& rPage, std::vector<sal_Int8>& rSignatureLineShape)
+void GetSignatureLineShape(const uno::Reference<frame::XModel>& xModel, sal_Int32& rPage,
+ std::vector<sal_Int8>& rSignatureLineShape)
{
- SfxObjectShell* pObjectShell = SfxObjectShell::Current();
- if (!pObjectShell)
- {
- return;
- }
-
- uno::Reference<frame::XModel> xModel = pObjectShell->GetBaseModel();
if (!xModel.is())
{
return;
@@ -214,7 +208,8 @@ void PDFSignatureHelper::SetDescription(const OUString& rDescription)
m_aDescription = rDescription;
}
-bool PDFSignatureHelper::Sign(const uno::Reference<io::XInputStream>& xInputStream, bool bAdES)
+bool PDFSignatureHelper::Sign(const uno::Reference<frame::XModel>& xModel,
+ const uno::Reference<io::XInputStream>& xInputStream, bool bAdES)
{
std::unique_ptr<SvStream> pStream(utl::UcbStreamHelper::CreateStream(xInputStream, true));
vcl::filter::PDFDocument aDocument;
@@ -226,7 +221,7 @@ bool PDFSignatureHelper::Sign(const uno::Reference<io::XInputStream>& xInputStre
sal_Int32 nPage = 0;
std::vector<sal_Int8> aSignatureLineShape;
- GetSignatureLineShape(nPage, aSignatureLineShape);
+ GetSignatureLineShape(xModel, nPage, aSignatureLineShape);
if (nPage > 0)
{
// UNO page number is 1-based.
More information about the Libreoffice-commits
mailing list