sfx2: show partial signatures even if cert validation fails

(cherry picked from commit 4a59a8aba8c9d451edff790d9281d0095c1bd78e) Change-Id: I6060b7130827346ac5d6955bf38ebe3b476819fd Reviewed-on: https://gerrit.libreoffice.org/64151 Tested-by: Jenkins Reviewed-by: Miklos Vajna <vmiklos@collabora.com>
author: Miklos Vajna <vmiklos@collabora.com> 2018-11-26 09:21:18 +0100
committer: Miklos Vajna <vmiklos@collabora.com> 2018-11-28 13:42:20 +0100
commit: 4e9258e033d17b9f05df36026ca573aa6b229823 (patch)
tree: 365801c61f0767e8baa80134355dfbdc75c7e30a
parent: ce7bb69f8205bcbe36cba4c53bd110e07ef3e05d (diff)
4 files changed, 15 insertions, 4 deletions
diff --git a/include/sfx2/signaturestate.hxx b/include/sfx2/signaturestate.hxx
index a1fd09360906..8bdfdfac75d9 100644
--- a/include/sfx2/signaturestate.hxx
+++ b/include/sfx2/signaturestate.hxx
@@ -33,7 +33,9 @@ enum class SignatureState
     NOTVALIDATED  = 4,
     // signature and certificate are ok, but not all files are signed, as it was the case in
     // OOo 2.x - OOo 3.1.1. This state is only used together with document signatures.
-    PARTIAL_OK    = 5
+    PARTIAL_OK    = 5,
+    /// Certificate could not be validated and the document is only partially signed.
+    NOTVALIDATED_PARTIAL_OK = 6
 };
 
 #endif // INCLUDED_SFX2_SIGNATURESTATE_HXX
diff --git a/include/sfx2/strings.hrc b/include/sfx2/strings.hrc
index f02efc506078..ec2867206e54 100644
--- a/include/sfx2/strings.hrc
+++ b/include/sfx2/strings.hrc
@@ -261,6 +261,7 @@
 #define STR_SIGNATURE_INVALID                   NC_("STR_SIGNATURE_INVALID", "The signature was valid, but the document has been modified")
 #define STR_SIGNATURE_NOTVALIDATED              NC_("STR_SIGNATURE_NOTVALIDATED", "The signature is OK, but the certificate could not be validated.")
 #define STR_SIGNATURE_PARTIAL_OK                NC_("STR_SIGNATURE_PARTIAL_OK", "The signature is OK, but the document is only partially signed.")
+#define STR_SIGNATURE_NOTVALIDATED_PARTIAL_OK   NC_("STR_SIGNATURE_NOTVALIDATED_PARTIAL_OK", "The certificate could not be validated and the document is only partially signed.")
 #define STR_SIGNATURE_OK                        NC_("STR_SIGNATURE_OK", "This document is digitally signed and the signature is valid.")
 #define STR_SIGNATURE_SHOW                      NC_("STR_SIGNATURE_SHOW", "Show Signatures")
 
diff --git a/sfx2/source/doc/objserv.cxx b/sfx2/source/doc/objserv.cxx
index e7941cc01238..3b9737c5ae5e 100644
--- a/sfx2/source/doc/objserv.cxx
+++ b/sfx2/source/doc/objserv.cxx
@@ -1068,6 +1068,10 @@ void SfxObjectShell::GetState_Impl(SfxItemSet &rSet)
                         sMessage = SfxResId(STR_SIGNATURE_OK);
                         aInfoBarType = InfoBarType::Info;
                         break;
+                    case SignatureState::NOTVALIDATED_PARTIAL_OK:
+                        sMessage = SfxResId(STR_SIGNATURE_NOTVALIDATED_PARTIAL_OK);
+                        aInfoBarType = InfoBarType::Warning;
+                        break;
                     //FIXME SignatureState::Unknown, own message?
                     default:
                         break;
@@ -1285,7 +1289,9 @@ SignatureState SfxObjectShell::ImplCheckSignaturesInformation( const uno::Sequen
         }
     }
 
-    if ( nResult == SignatureState::OK && !bCertValid )
+    if (nResult == SignatureState::OK && !bCertValid && !bCompleteSignature)
+        nResult = SignatureState::NOTVALIDATED_PARTIAL_OK;
+    else if (nResult == SignatureState::OK && !bCertValid)
         nResult = SignatureState::NOTVALIDATED;
     else if ( nResult == SignatureState::OK && bCertValid && !bCompleteSignature)
         nResult = SignatureState::PARTIAL_OK;
diff --git a/xmlsecurity/qa/unit/signing/signing.cxx b/xmlsecurity/qa/unit/signing/signing.cxx
index 411cfceecf82..d9507982486b 100644
--- a/xmlsecurity/qa/unit/signing/signing.cxx
+++ b/xmlsecurity/qa/unit/signing/signing.cxx
@@ -639,12 +639,14 @@ void SigningTest::testOOXMLPartial()
     SfxObjectShell* pObjectShell = pBaseModel->GetObjectShell();
     CPPUNIT_ASSERT(pObjectShell);
     // This was SignatureState::BROKEN due to missing RelationshipTransform and SHA-256 support.
-    // We expect NOTVALIDATED in case the root CA is not imported on the system, and PARTIAL_OK otherwise, so accept both.
+    // We expect NOTVALIDATED_PARTIAL_OK in case the root CA is not imported on the system, and PARTIAL_OK otherwise, so accept both.
+    // But reject NOTVALIDATED, hiding incompleteness is not OK.
     SignatureState nActual = pObjectShell->GetDocumentSignatureState();
     CPPUNIT_ASSERT_MESSAGE(
         (OString::number(static_cast<std::underlying_type<SignatureState>::type>(nActual))
              .getStr()),
-        (nActual == SignatureState::NOTVALIDATED || nActual == SignatureState::PARTIAL_OK));
+        (nActual == SignatureState::NOTVALIDATED_PARTIAL_OK
+         || nActual == SignatureState::PARTIAL_OK));
 }
 
 void SigningTest::testOOXMLBroken()
author	Miklos Vajna <vmiklos@collabora.com>	2018-11-26 09:21:18 +0100
committer	Miklos Vajna <vmiklos@collabora.com>	2018-11-28 13:42:20 +0100
commit	4e9258e033d17b9f05df36026ca573aa6b229823 (patch)
tree	365801c61f0767e8baa80134355dfbdc75c7e30a
parent	ce7bb69f8205bcbe36cba4c53bd110e07ef3e05d (diff)