Work in progress on supporting XAdES-compliant signatures for ODF

xmlsecurity is such a mess. Too many different classes that actually
have more or less identical life-time, with names that smell of
delusions of grandeur. "Manager", "security framework controller" etc
for stuff that actually exist only during the execution of a simple
dialog. And then a "helper" class that actually in on a higher level
than a "framework controller". But oh well.

Change-Id: I86e461b1bc91a0d8f5b7fb9f13a5be201729df1e

4 files changed, 29 insertions, 5 deletions

diff --git a/xmlsecurity/inc/digitalsignaturesdialog.hxx b/xmlsecurity/inc/digitalsignaturesdialog.hxx
index f58dccf995be..c9226e676989 100644
--- a/xmlsecurity/inc/digitalsignaturesdialog.hxx
+++ b/xmlsecurity/inc/digitalsignaturesdialog.hxx
@@ -70,6 +70,8 @@ private:
     VclPtr<FixedImage>         m_pSigsOldSignatureImg;
     VclPtr<FixedText>          m_pSigsOldSignatureFI;
 
+    VclPtr<CheckBox>           m_pXAdESCompliantCB;
+
     VclPtr<PushButton>         m_pViewBtn;
     VclPtr<PushButton>         m_pAddBtn;
     VclPtr<PushButton>         m_pRemoveBtn;
@@ -82,6 +84,9 @@ private:
     bool m_bHasDocumentSignature;
     bool m_bWarningShowSignMacro;
 
+    bool m_bXAdESCompliant;
+
+    DECL_LINK(XAdESCompliantCheckBoxHdl, CheckBox&, void);
     DECL_LINK(ViewButtonHdl, Button*, void);
     DECL_LINK(AddButtonHdl, Button*, void);
     DECL_LINK(RemoveButtonHdl, Button*, void);
@@ -90,7 +95,7 @@ private:
     DECL_LINK(StartVerifySignatureHdl, LinkParamNone*, bool );
     DECL_LINK(OKButtonHdl, Button*, void );
 
-    void                ImplGetSignatureInformations(bool bUseTempStream, bool bCacheLastSignature = true);
+    void                ImplGetSignatureInformations(bool bUseTempStream, bool bCacheLastSignature);
     void                ImplFillSignaturesBox();
     void                ImplShowSignaturesDetails();
 
diff --git a/xmlsecurity/inc/documentsignaturemanager.hxx b/xmlsecurity/inc/documentsignaturemanager.hxx
index 097c0e144803..fd981d7d98b5 100644
--- a/xmlsecurity/inc/documentsignaturemanager.hxx
+++ b/xmlsecurity/inc/documentsignaturemanager.hxx
@@ -57,7 +57,7 @@ public:
     bool isXML(const OUString& rURI);
     SignatureStreamHelper ImplOpenSignatureStream(sal_Int32 eStreamMode, bool bTempStream);
     /// Add a new signature, using xCert as a signing certificate, and rDescription as description.
-    bool add(const css::uno::Reference<css::security::XCertificate>& xCert, const OUString& rDescription, sal_Int32& nSecurityId);
+    bool add(const css::uno::Reference<css::security::XCertificate>& xCert, const OUString& rDescription, sal_Int32& nSecurityId, bool bXAdESCompliantIfODF);
     /// Remove signature at nPosition.
     void remove(sal_uInt16 nPosition);
     /// Read signatures from either a temp stream or the real storage.
@@ -66,6 +66,10 @@ public:
     void write();
     /// Lazy creation of PDF helper.
     PDFSignatureHelper& getPDFSignatureHelper();
+#if 0
+    // Checks if the document is a kind where it is relevant to distinguish between using XAdES or not
+    bool IsXAdESRelevant();
+#endif
 };
 
 #endif // INCLUDED_XMLSECURITY_INC_DOCUMENTSIGNATUREMANAGER_HXX
diff --git a/xmlsecurity/inc/sigstruct.hxx b/xmlsecurity/inc/sigstruct.hxx
index 610845cb0ae2..e662d36cb4a8 100644
--- a/xmlsecurity/inc/sigstruct.hxx
+++ b/xmlsecurity/inc/sigstruct.hxx
@@ -23,6 +23,7 @@
 #include <rtl/ustring.hxx>
 #include <com/sun/star/util/DateTime.hpp>
 #include <com/sun/star/xml/crypto/SecurityOperationStatus.hpp>
+#include <com/sun/star/xml/crypto/DigestID.hpp>
 #include <com/sun/star/uno/Sequence.hxx>
 
 #include <vector>
@@ -41,11 +42,23 @@ struct SignatureReferenceInformation
 {
     SignatureReferenceType  nType;
     OUString   ouURI;
+    // For ODF: XAdES digests (SHA256) or the old SHA1, from css::xml::crypto::DigestID
+    sal_Int32  nDigestID;
     OUString   ouDigestValue;
 
-    SignatureReferenceInformation( SignatureReferenceType type, const OUString& uri )
+    SignatureReferenceInformation() :
+        nType(SignatureReferenceType::SAMEDOCUMENT),
+        ouURI(""),
+        nDigestID(css::xml::crypto::DigestID::SHA1),
+        ouDigestValue("")
+    {
+    }
+
+    SignatureReferenceInformation( SignatureReferenceType type, sal_Int32 digestID, const OUString& uri ) :
+        SignatureReferenceInformation()
     {
         nType = type;
+        nDigestID = digestID;
         ouURI = uri;
     }
 };
@@ -57,6 +70,8 @@ struct SignatureInformation
     sal_Int32 nSecurityId;
     sal_Int32 nSecurityEnvironmentIndex;
     css::xml::crypto::SecurityOperationStatus nStatus;
+    // For ODF: XAdES digests (SHA256) or the old SHA1, from css::xml::crypto::DigestID
+    sal_Int32 nDigestID;
     SignatureReferenceInformations  vSignatureReferenceInfors;
     OUString ouX509IssuerName;
     OUString ouX509SerialNumber;
diff --git a/xmlsecurity/inc/xmlsignaturehelper.hxx b/xmlsecurity/inc/xmlsignaturehelper.hxx
index 3ff3a9cfc385..8e0c65809e7b 100644
--- a/xmlsecurity/inc/xmlsignaturehelper.hxx
+++ b/xmlsecurity/inc/xmlsignaturehelper.hxx
@@ -172,8 +172,8 @@ public:
     void        SetDateTime( sal_Int32 nSecurityId, const Date& rDate, const tools::Time& rTime );
     void SetDescription(sal_Int32 nSecurityId, const OUString& rDescription);
 
-    void        AddForSigning( sal_Int32 securityId, const OUString& uri, const OUString& objectURL, bool bBinary );
-    bool        CreateAndWriteSignature( const css::uno::Reference< css::xml::sax::XDocumentHandler >& xDocumentHandler );
+    void        AddForSigning( sal_Int32 securityId, const OUString& uri, const OUString& objectURL, bool bBinary, bool bXAdESCompliantIfODF );
+    bool        CreateAndWriteSignature( const css::uno::Reference< css::xml::sax::XDocumentHandler >& xDocumentHandler, bool bXAdESCompliantIfODF );
     bool        ReadAndVerifySignature( const css::uno::Reference< css::io::XInputStream >& xInputStream );
 
     // MT: ??? I think only for adding/removing, not for new signatures...