diff options
author | Samuel Mehrbrodt <Samuel.Mehrbrodt@cib.de> | 2017-06-26 12:32:48 +0200 |
---|---|---|
committer | Thorsten Behrens <Thorsten.Behrens@CIB.de> | 2017-06-28 10:09:36 +0200 |
commit | 8b9f00fced21014bed6695b962084c8af0249dbc (patch) | |
tree | f3085ed2c68a7ee68ca1fbdce221a80338d388fe | |
parent | 92921cfec5a41bffe16426cbf0511accddda6f2c (diff) |
tdf#108711 GPG key selection should only be possible for ODF >= 1.2 documents
gpg4libre
Change-Id: I6dbdaefddacf55c9381d156ada20cb3f25d4b3cb
Reviewed-on: https://gerrit.libreoffice.org/39263
Tested-by: Jenkins <ci@libreoffice.org>
Reviewed-by: Samuel Mehrbrodt <Samuel.Mehrbrodt@cib.de>
(cherry picked from commit e2378bbf4539455e445205ad868c43246ec423ed)
Reviewed-on: https://gerrit.libreoffice.org/39287
Reviewed-by: Thorsten Behrens <Thorsten.Behrens@CIB.de>
4 files changed, 26 insertions, 2 deletions
diff --git a/xmlsecurity/inc/documentsignaturehelper.hxx b/xmlsecurity/inc/documentsignaturehelper.hxx index c2b5b85e34a2..a8f3cb1f5d40 100644 --- a/xmlsecurity/inc/documentsignaturehelper.hxx +++ b/xmlsecurity/inc/documentsignaturehelper.hxx @@ -81,6 +81,9 @@ namespace DocumentSignatureHelper DocumentSignatureAlgorithm getDocumentAlgorithm( const OUString & sODFVersion, const SignatureInformation & sigInfo); + bool CanSignWithGPG(const css::uno::Reference < css::embed::XStorage >& rxStore, + const OUString& sOdfVersion); + bool checkIfAllFilesAreSigned( const ::std::vector< OUString > & sElementList, const SignatureInformation & sigInfo, const DocumentSignatureAlgorithm alg); diff --git a/xmlsecurity/source/dialogs/digitalsignaturesdialog.cxx b/xmlsecurity/source/dialogs/digitalsignaturesdialog.cxx index 5f4464b8b957..2b950e62777e 100644 --- a/xmlsecurity/source/dialogs/digitalsignaturesdialog.cxx +++ b/xmlsecurity/source/dialogs/digitalsignaturesdialog.cxx @@ -25,6 +25,7 @@ #include <com/sun/star/embed/XStorage.hpp> #include <com/sun/star/embed/ElementModes.hpp> +#include <com/sun/star/embed/StorageFormats.hpp> #include <com/sun/star/container/XNameAccess.hpp> #include <com/sun/star/lang/XComponent.hpp> #include <com/sun/star/security/NoPasswordException.hpp> @@ -400,7 +401,9 @@ IMPL_LINK_NOARG(DigitalSignaturesDialog, AddButtonHdl, Button*, void) { std::vector<uno::Reference<xml::crypto::XXMLSecurityContext>> xSecContexts; xSecContexts.push_back(maSignatureManager.getSecurityContext()); - xSecContexts.push_back(maSignatureManager.getGpgSecurityContext()); + // Gpg signing is only possible with ODF >= 1.2 documents + if (DocumentSignatureHelper::CanSignWithGPG(maSignatureManager.mxStore, m_sODFVersion)) + xSecContexts.push_back(maSignatureManager.getGpgSecurityContext()); ScopedVclPtrInstance< CertificateChooser > aChooser( this, mxCtx, xSecContexts ); if ( aChooser->Execute() == RET_OK ) diff --git a/xmlsecurity/source/helper/documentsignaturehelper.cxx b/xmlsecurity/source/helper/documentsignaturehelper.cxx index 1d8d1c0d72cb..a8b355116ff3 100644 --- a/xmlsecurity/source/helper/documentsignaturehelper.cxx +++ b/xmlsecurity/source/helper/documentsignaturehelper.cxx @@ -408,6 +408,25 @@ SignatureStreamHelper DocumentSignatureHelper::OpenSignatureStream( return aHelper; } +/** Check whether the current file can be signed with GPG (only ODF >= 1.2 can currently) */ +bool DocumentSignatureHelper::CanSignWithGPG( + const Reference < css::embed::XStorage >& rxStore, + const OUString& sOdfVersion) +{ + uno::Reference<container::XNameAccess> xNameAccess(rxStore, uno::UNO_QUERY); + if (!xNameAccess.is()) + throw RuntimeException(); + + if (xNameAccess->hasByName("META-INF")) // ODF + { + return !isODFPre_1_2(sOdfVersion); + } + + return false; +} + + + //sElementList contains all files which are expected to be signed. Only those files must me signed, //no more, no less. //The DocumentSignatureAlgorithm indicates if the document was created with OOo 2.x. Then diff --git a/xmlsecurity/source/helper/documentsignaturemanager.cxx b/xmlsecurity/source/helper/documentsignaturemanager.cxx index ee863e4c2530..41f7e5594cf2 100644 --- a/xmlsecurity/source/helper/documentsignaturemanager.cxx +++ b/xmlsecurity/source/helper/documentsignaturemanager.cxx @@ -269,7 +269,6 @@ bool DocumentSignatureManager::add(const uno::Reference<security::XCertificate>& if (xServiceInfo->getImplementationName() == "com.sun.star.xml.security.gpg.XMLSecurityContext_GpgImpl") { // GPG keys only really have PGPKeyId and PGPKeyPacket - // TODO: prevent selection of gpg keys for pdfs and ooxml early on! if (!mxStore.is()) { SAL_WARN("xmlsecurity.helper", "cannot sign pdfs with GPG keys"); |