xmlsecurity: initial CppunitTest_xmlsecurity_signing

Fails with either commit 88cbfe58c4a36c20bdb2445f43043f0a5a006ee3's last
hunk to xsecctl.cxx (export) or commit
a968893e6afd3b79c6c048962373859cea75a77b's last hunk to xsecparser.cxx
(import) reverted.

Change-Id: I0f303c8489f451ebf175ed836d3679b6a13aca42

4 files changed, 272 insertions, 0 deletions

diff --git a/xmlsecurity/CppunitTest_xmlsecurity_signing.mk b/xmlsecurity/CppunitTest_xmlsecurity_signing.mk
new file mode 100644
index 000000000000..f0cec56f864c
--- /dev/null
+++ b/xmlsecurity/CppunitTest_xmlsecurity_signing.mk
@@ -0,0 +1,45 @@
+# -*- Mode: makefile-gmake; tab-width: 4; indent-tabs-mode: t -*-
+#*************************************************************************
+#
+# This file is part of the LibreOffice project.
+#
+# This Source Code Form is subject to the terms of the Mozilla Public
+# License, v. 2.0. If a copy of the MPL was not distributed with this
+# file, You can obtain one at http://mozilla.org/MPL/2.0/.
+#
+#*************************************************************************
+
+$(eval $(call gb_CppunitTest_CppunitTest,xmlsecurity_signing))
+
+$(eval $(call gb_CppunitTest_add_exception_objects,xmlsecurity_signing, \
+	xmlsecurity/qa/unit/signing/signing \
+))
+
+$(eval $(call gb_CppunitTest_use_libraries,xmlsecurity_signing, \
+	comphelper \
+	cppu \
+	sal \
+	sax \
+	test \
+	tl \
+	unotest \
+	utl \
+	xmlsecurity \
+	$(gb_UWINAPI) \
+))
+
+$(eval $(call gb_CppunitTest_set_include,xmlsecurity_signing,\
+	-I$(SRCDIR)/xmlsecurity/inc \
+	$$(INCLUDE) \
+))
+
+$(eval $(call gb_CppunitTest_use_sdk_api,xmlsecurity_signing))
+
+$(eval $(call gb_CppunitTest_use_ure,xmlsecurity_signing))
+$(eval $(call gb_CppunitTest_use_vcl,xmlsecurity_signing))
+
+$(eval $(call gb_CppunitTest_use_rdb,xmlsecurity_signing,services))
+
+$(eval $(call gb_CppunitTest_use_configuration,xmlsecurity_signing))
+
+# vim: set noet sw=4 ts=4:
diff --git a/xmlsecurity/Module_xmlsecurity.mk b/xmlsecurity/Module_xmlsecurity.mk
index b4f264610f58..f5fb0caf62d9 100644
--- a/xmlsecurity/Module_xmlsecurity.mk
+++ b/xmlsecurity/Module_xmlsecurity.mk
@@ -15,6 +15,10 @@ $(eval $(call gb_Module_add_targets,xmlsecurity,\
 	$(if $(filter-out ANDROID IOS,$(OS)),Library_xsec_xmlsec) \
 ))
 
+$(eval $(call gb_Module_add_slowcheck_targets,xmlsecurity,\
+    CppunitTest_xmlsecurity_signing \
+))
+
 $(eval $(call gb_Module_add_l10n_targets,xmlsecurity,\
 	AllLangResTarget_xsec \
 	UIConfig_xmlsec \
diff --git a/xmlsecurity/qa/unit/signing/data/certificate.crt b/xmlsecurity/qa/unit/signing/data/certificate.crt
new file mode 100644
index 000000000000..f3f34b7c65ab
--- /dev/null
+++ b/xmlsecurity/qa/unit/signing/data/certificate.crt
@@ -0,0 +1,27 @@
+MIIE7jCCAtagAwIBAgICEAAwDQYJKoZIhvcNAQELBQAwVzELMAkGA1UEBhMCVUsx
+EDAOBgNVBAgMB0VuZ2xhbmQxEjAQBgNVBAoMCVRTQ1AgVGVzdDEiMCAGA1UEAwwZ
+VFNDUCBJbnRlcm1lZGlhdGUgUm9vdCBDQTAeFw0xNTEyMTgwNzU4MTlaFw0xNjEy
+MjcwNzU4MTlaMFUxCzAJBgNVBAYTAlVLMRAwDgYDVQQIDAdFbmdsYW5kMRIwEAYD
+VQQKDAlUU0NQIFRlc3QxIDAeBgNVBAMMF1RTQ1AgVGVzdCBleGFtcGxlIEFsaWNl
+MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3m2YNdX+nc1LkhlrNrcI
+PI3yCWnv0/0k9zDKpKiwjMH4vjWM46M6ptAiupxVpAMW5ojnhEyxaNHvZNsCwddY
+E6778hut2SJvz0szSBuHUuedcALI2EhVwdM0yLqfGo6WGeOIBDId49TemdNCMhk2
+zOpb1BqYhKls0LfdbxT/an3JaDmmLhPjvgYMJNYVX86L199OQFLJ1zLqQ0YirkKq
+XL9cSPmyYBKjgnqQ4Z5YfPL63EP0TsEfa5oQmy/0gS5FB2Wz9CqIptB130v0GR4X
+ObTpOkhPFfC5RDBFTMZoi4NCK10wn2NCbr7qZ3aMrOlfeKbsNIifwu0KYFHXyxL5
+AwIDAQABo4HFMIHCMAkGA1UdEwQCMAAwEQYJYIZIAYb4QgEBBAQDAgWgMDMGCWCG
+SAGG+EIBDQQmFiRPcGVuU1NMIEdlbmVyYXRlZCBDbGllbnQgQ2VydGlmaWNhdGUw
+HQYDVR0OBBYEFCL6DzsuAbni8475Z+HkX5tv8iiWMB8GA1UdIwQYMBaAFMuejS1r
+WjUf3x1+2QbPSVpuXFl+MA4GA1UdDwEB/wQEAwIF4DAdBgNVHSUEFjAUBggrBgEF
+BQcDAgYIKwYBBQUHAwQwDQYJKoZIhvcNAQELBQADggIBAFs0DeCDjttHQ0UHsYcn
+hfBCWRdOFdIr3F/IEbN2BL/grScGXoXRaYMIQJv/s5dKgZIuH7xMCVKazoftPVqU
+4bOEduAv0IJ6hQF/wEMBueA0UjvQQVYZgsOALi7TD3gYpFqYcH2Wfx5/5Ln6dllL
+8UsHoP+6gSLaYwjJd7FQ+IlNTzR65dRMLoJhoKqqyuM6cf/PM8sbK2NH2r8toypj
+fPixvD/w3wP7xn4oo/IGXcRK4DTHBF/rSMqeR6ePwXm5tVHrQBfnxN3dsGsXkQgq
+zBvvbPY0raraO4CPR7mZp4GVFHOsUNh5TI1SlfxWZ49HU3F5jWeiI9jPuw1RmuAy
+ZdFEt403Wi67v6revXe1By6UqIZjq3b2pJGBKZH+60P1cJScawzrN8pi1qQFV8Ji
+iJM6/MSciqplTT5F7SG0XZx1CjnBz5rMdYNhI9NNtF3oy9Xy9RvgYehFaC43ZlBB
+UMDmZFj5a78hOOkkq1UnrHUdeXyWhiEFzv5d8My2i0kWGq8r0HuC25BmOa17lHVx
+Q2o7Rdu9jDFP9oNizC7kQfA5QVRTfBFcWH7jml69RmVgfM+X+wdQgen9hJAILhBz
+mDfeteJ5ZEaoEYtw3isOGkpSyg7odjgYq7I+bOiN1toDg07vzfIkvF9KxlkDeRLX
+bmcFIvQsqFeF6cUwlZQYLOHA
diff --git a/xmlsecurity/qa/unit/signing/signing.cxx b/xmlsecurity/qa/unit/signing/signing.cxx
new file mode 100644
index 000000000000..3c85fd49caa2
--- /dev/null
+++ b/xmlsecurity/qa/unit/signing/signing.cxx
@@ -0,0 +1,196 @@
+/* -*- Mode: C++; tab-width: 4; indent-tabs-mode: nil; c-basic-offset: 4 -*- */
+/*
+ * This file is part of the LibreOffice project.
+ *
+ * This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/.
+ */
+
+#include <test/bootstrapfixture.hxx>
+#include <unotest/macros_test.hxx>
+
+#include <com/sun/star/document/XStorageBasedDocument.hpp>
+#include <com/sun/star/embed/XStorage.hpp>
+#include <com/sun/star/embed/XTransactedObject.hpp>
+#include <com/sun/star/frame/Desktop.hpp>
+#include <com/sun/star/frame/XStorable.hpp>
+#include <com/sun/star/security/SerialNumberAdapter.hpp>
+#include <com/sun/star/xml/crypto/SEInitializer.hpp>
+#include <com/sun/star/io/TempFile.hpp>
+
+#include <comphelper/processfactory.hxx>
+#include <sax/tools/converter.hxx>
+#include <unotools/mediadescriptor.hxx>
+#include <unotools/tempfile.hxx>
+#include <unotools/ucbstreamhelper.hxx>
+#include <unotools/streamwrap.hxx>
+#include <comphelper/storagehelper.hxx>
+#include <tools/date.hxx>
+#include <tools/time.hxx>
+
+#include <xmlsecurity/documentsignaturehelper.hxx>
+#include <xmlsecurity/xmlsignaturehelper.hxx>
+
+#if !defined(MACOSX) && !defined(WNT)
+
+using namespace com::sun::star;
+
+namespace
+{
+const char* DATA_DIRECTORY = "/xmlsecurity/qa/unit/signing/data/";
+}
+
+/// Testsuite for the document signing feature.
+class SigningTest : public test::BootstrapFixture, public unotest::MacrosTest
+{
+    uno::Reference<uno::XComponentContext> mxComponentContext;
+    uno::Reference<lang::XComponent> mxComponent;
+
+public:
+    SigningTest();
+    virtual void setUp() override;
+    virtual void tearDown() override;
+
+    void testDescription();
+
+    CPPUNIT_TEST_SUITE(SigningTest);
+    CPPUNIT_TEST(testDescription);
+    CPPUNIT_TEST_SUITE_END();
+
+private:
+    void createDoc();
+    uno::Reference<security::XCertificate> getCertificate(XMLSignatureHelper& rSignatureHelper);
+    void sign(utl::TempFile& rTempFile, XMLSignatureHelper& rSignatureHelper, const uno::Reference<io::XOutputStream>& xOutputStream);
+    std::vector<SignatureInformation> verify(XMLSignatureHelper& rSignatureHelper, const uno::Reference<io::XInputStream>& xInputStream);
+};
+
+SigningTest::SigningTest()
+{
+}
+
+void SigningTest::setUp()
+{
+    test::BootstrapFixture::setUp();
+
+    mxComponentContext.set(comphelper::getComponentContext(getMultiServiceFactory()));
+    mxDesktop.set(frame::Desktop::create(mxComponentContext));
+}
+
+void SigningTest::tearDown()
+{
+    if (mxComponent.is())
+        mxComponent->dispose();
+
+    test::BootstrapFixture::tearDown();
+}
+
+void SigningTest::createDoc()
+{
+    if (mxComponent.is())
+        mxComponent->dispose();
+    mxComponent = loadFromDesktop("private:factory/swriter", "com.sun.star.text.TextDocument");
+}
+
+uno::Reference<security::XCertificate> SigningTest::getCertificate(XMLSignatureHelper& rSignatureHelper)
+{
+    uno::Reference<xml::crypto::XSecurityEnvironment> xSecurityEnvironment = rSignatureHelper.GetSecurityEnvironment();
+    OUString aCertificate;
+    {
+        SvFileStream aStream(getURLFromSrc(DATA_DIRECTORY) + "certificate.crt", StreamMode::READ);
+        OString aLine;
+        bool bMore = aStream.ReadLine(aLine);
+        while (bMore)
+        {
+            aCertificate += OUString::fromUtf8(aLine);
+            aCertificate += "\n";
+            bMore = aStream.ReadLine(aLine);
+        }
+    }
+    return xSecurityEnvironment->createCertificateFromAscii(aCertificate);
+}
+
+void SigningTest::sign(utl::TempFile& rTempFile, XMLSignatureHelper& rSignatureHelper, const uno::Reference<io::XOutputStream>& xOutputStream)
+{
+    CPPUNIT_ASSERT(rSignatureHelper.Init());
+
+    SvStream* pStream = utl::UcbStreamHelper::CreateStream(rTempFile.GetURL(), StreamMode::READ);
+    uno::Reference<io::XStream> xStream(new utl::OStreamWrapper(*pStream));
+    uno::Reference<embed::XStorage> xStorage = comphelper::OStorageHelper::GetStorageOfFormatFromStream(ZIP_STORAGE_FORMAT_STRING, xStream);
+    CPPUNIT_ASSERT(xStorage.is());
+
+    rSignatureHelper.SetStorage(xStorage, "1.2");
+    uno::Reference<security::XCertificate> xCertificate = getCertificate(rSignatureHelper);
+    CPPUNIT_ASSERT(xCertificate.is());
+
+    uno::Reference<security::XSerialNumberAdapter> xSerialNumberAdapter = security::SerialNumberAdapter::create(mxComponentContext);
+    OUString aCertSerial = xSerialNumberAdapter->toString(xCertificate->getSerialNumber());
+    CPPUNIT_ASSERT(!aCertSerial.isEmpty());
+
+    rSignatureHelper.StartMission();
+    sal_Int32 nSecurityId = rSignatureHelper.GetNewSecurityId();
+    OUStringBuffer aStrBuffer;
+    sax::Converter::encodeBase64(aStrBuffer, xCertificate->getEncoded());
+    rSignatureHelper.SetX509Certificate(nSecurityId, xCertificate->getIssuerName(), aCertSerial, aStrBuffer.makeStringAndClear());
+    DocumentSignatureMode eSignatureMode = SignatureModeDocumentContent;
+    std::vector<OUString> aElements = DocumentSignatureHelper::CreateElementList(xStorage, eSignatureMode, OOo3_2Document);
+    for (size_t i = 0; i < aElements.size(); ++i)
+    {
+        bool bBinaryMode = aElements[i].startsWith("Thumbnails/");
+        rSignatureHelper.AddForSigning(nSecurityId, aElements[i], aElements[i], bBinaryMode);
+    }
+    rSignatureHelper.SetDateTime(nSecurityId, Date(Date::SYSTEM), tools::Time(tools::Time::SYSTEM));
+    rSignatureHelper.SetDescription(nSecurityId, "SigningTest::sign");
+
+    uno::Reference<xml::sax::XWriter> xWriter = rSignatureHelper.CreateDocumentHandlerWithHeader(xOutputStream);
+    uno::Reference<xml::sax::XDocumentHandler> xDocumentHandler(xWriter, uno::UNO_QUERY);
+    CPPUNIT_ASSERT(rSignatureHelper.CreateAndWriteSignature(xDocumentHandler));
+    XMLSignatureHelper::CloseDocumentHandler(xDocumentHandler);
+
+    rSignatureHelper.EndMission();
+}
+
+std::vector<SignatureInformation> SigningTest::verify(XMLSignatureHelper& rSignatureHelper, const uno::Reference<io::XInputStream>& xInputStream)
+{
+    rSignatureHelper.StartMission();
+    rSignatureHelper.ReadAndVerifySignature(xInputStream);
+    rSignatureHelper.EndMission();
+    return rSignatureHelper.GetSignatureInformations();
+}
+
+void SigningTest::testDescription()
+{
+    // Create an empty document and store it to a tempfile.
+    createDoc();
+    utl::TempFile aTempFile;
+    aTempFile.EnableKillingFile();
+    uno::Reference<frame::XStorable> xStorable(mxComponent, uno::UNO_QUERY);
+    utl::MediaDescriptor aMediaDescriptor;
+    aMediaDescriptor["FilterName"] <<= OUString("writer8");
+    xStorable->storeAsURL(aTempFile.GetURL(), aMediaDescriptor.getAsConstPropertyValueList());
+
+    // Then sign the document, and store the signature it a second tempfile, so we don't write to the original storage when we read it as well.
+    XMLSignatureHelper aSignatureHelper(mxComponentContext);
+    uno::Reference<io::XStream> xSignatureStream(io::TempFile::create(mxComponentContext), uno::UNO_QUERY);
+    uno::Reference<io::XOutputStream> xOutputStream(xSignatureStream, uno::UNO_QUERY);
+    sign(aTempFile, aSignatureHelper, xOutputStream);
+
+    // Go back to the start of the signature.
+    uno::Reference<io::XSeekable> xSeekable(xSignatureStream, uno::UNO_QUERY);
+    CPPUNIT_ASSERT(xSeekable->getPosition() != 0);
+    xSeekable->seek(0);
+
+    // Read back the signature and make sure that the description survives the roundtrip.
+    uno::Reference<io::XInputStream> xInputStream(xSignatureStream, uno::UNO_QUERY);
+    std::vector<SignatureInformation> aSignatureInformations = verify(aSignatureHelper, xInputStream);
+    CPPUNIT_ASSERT_EQUAL(static_cast<size_t>(1), aSignatureInformations.size());
+    CPPUNIT_ASSERT_EQUAL(OUString("SigningTest::sign"), aSignatureInformations[0].ouDescription);
+}
+
+CPPUNIT_TEST_SUITE_REGISTRATION(SigningTest);
+
+#endif
+
+CPPUNIT_PLUGIN_IMPLEMENT();
+
+/* vim:set shiftwidth=4 softtabstop=4 expandtab: */