diff options
author | Thorsten Behrens <Thorsten.Behrens@CIB.de> | 2017-06-20 23:52:18 +0200 |
---|---|---|
committer | Thorsten Behrens <Thorsten.Behrens@CIB.de> | 2017-06-21 22:16:55 +0200 |
commit | 891d4b5d91c86951bb06d413808f75a3f4e6cb28 (patch) | |
tree | 675fa84bc74ae6f2dccf67e591e17e1d6b2facb4 /xmlsecurity/source/helper/documentsignaturemanager.cxx | |
parent | ed92db7a50be36fcfe6e9b316f4b7f7570060c0d (diff) |
gpg4libre: write PGPData info, get more metadata out for gpg key
Change-Id: Ia560869ec02fca7fe4219136e1fe939e13f1e4c2
Diffstat (limited to 'xmlsecurity/source/helper/documentsignaturemanager.cxx')
-rw-r--r-- | xmlsecurity/source/helper/documentsignaturemanager.cxx | 97 |
1 files changed, 67 insertions, 30 deletions
diff --git a/xmlsecurity/source/helper/documentsignaturemanager.cxx b/xmlsecurity/source/helper/documentsignaturemanager.cxx index 041c3f2a0113..b2e42076be5e 100644 --- a/xmlsecurity/source/helper/documentsignaturemanager.cxx +++ b/xmlsecurity/source/helper/documentsignaturemanager.cxx @@ -26,6 +26,7 @@ #include <com/sun/star/io/XTruncate.hpp> #include <com/sun/star/embed/XTransactedObject.hpp> #include <com/sun/star/xml/crypto/SEInitializer.hpp> +#include <com/sun/star/lang/XServiceInfo.hpp> #include <comphelper/storagehelper.hxx> #include <rtl/ustrbuf.hxx> @@ -40,6 +41,7 @@ #include <xmlsec/xmlsec_init.hxx> using namespace css; +namespace cssu = com::sun::star::uno; DocumentSignatureManager::DocumentSignatureManager(const uno::Reference<uno::XComponentContext>& xContext, DocumentSignatureMode eMode) : mxContext(xContext), @@ -263,52 +265,87 @@ bool DocumentSignatureManager::add(const uno::Reference<security::XCertificate>& return false; } - // TODO: no serial number currently on gpg keys - better/more - // discriminative error handling? - OUString aCertSerial = xmlsecurity::bigIntegerToNumericString(xCert->getSerialNumber()); - if (aCertSerial.isEmpty()) + // GPG or X509 key? + uno::Reference< lang::XServiceInfo > xServiceInfo( xSecurityContext, cssu::UNO_QUERY ); + if (xServiceInfo->getImplementationName() == "com.sun.star.xml.security.gpg.XMLSecurityContext_GpgImpl") { - SAL_WARN("xmlsecurity.helper", "Error in Certificate, problem with serial number!"); - } - - if (!mxStore.is()) - { - // Something not ZIP based, try PDF. - nSecurityId = getPDFSignatureHelper().GetNewSecurityId(); - getPDFSignatureHelper().SetX509Certificate(xCert); - getPDFSignatureHelper().SetDescription(rDescription); - uno::Reference<io::XInputStream> xInputStream(mxSignatureStream, uno::UNO_QUERY); - if (!getPDFSignatureHelper().Sign(xInputStream, bAdESCompliant)) + // GPG keys only really have PGPKeyId and PGPKeyPacket + // TODO: prevent selection of gpg keys for pdfs and ooxml early on! + if (!mxStore.is()) { - SAL_WARN("xmlsecurity.helper", "PDFSignatureHelper::Sign() failed"); + SAL_WARN("xmlsecurity.helper", "cannot sign pdfs with GPG keys"); return false; } - return true; - } - maSignatureHelper.StartMission(xSecurityContext); + maSignatureHelper.StartMission(xSecurityContext); - nSecurityId = maSignatureHelper.GetNewSecurityId(); + nSecurityId = maSignatureHelper.GetNewSecurityId(); - OUStringBuffer aStrBuffer; - sax::Converter::encodeBase64(aStrBuffer, xCert->getEncoded()); + OUStringBuffer aStrBuffer; + sax::Converter::encodeBase64(aStrBuffer, xCert->getEncoded()); - OUString aCertDigest; - if (auto pCertificate = dynamic_cast<xmlsecurity::Certificate*>(xCert.get())) - { - OUStringBuffer aBuffer; - sax::Converter::encodeBase64(aBuffer, pCertificate->getSHA256Thumbprint()); - aCertDigest = aBuffer.makeStringAndClear(); + OUString aKeyId; + if (auto pCertificate = dynamic_cast<xmlsecurity::Certificate*>(xCert.get())) + { + OUStringBuffer aBuffer; + sax::Converter::encodeBase64(aBuffer, pCertificate->getSHA256Thumbprint()); + aKeyId = aBuffer.makeStringAndClear(); + } + else + SAL_WARN("xmlsecurity.helper", "XCertificate implementation without an xmlsecurity::Certificate one"); + + maSignatureHelper.SetGpgCertificate(nSecurityId, aKeyId, aStrBuffer.makeStringAndClear()); } else - SAL_WARN("xmlsecurity.helper", "XCertificate implementation without an xmlsecurity::Certificate one"); + { + OUString aCertSerial = xmlsecurity::bigIntegerToNumericString(xCert->getSerialNumber()); + if (aCertSerial.isEmpty()) + { + SAL_WARN("xmlsecurity.helper", "Error in Certificate, problem with serial number!"); + return false; + } + + if (!mxStore.is()) + { + // Something not ZIP based, try PDF. + nSecurityId = getPDFSignatureHelper().GetNewSecurityId(); + getPDFSignatureHelper().SetX509Certificate(xCert); + getPDFSignatureHelper().SetDescription(rDescription); + uno::Reference<io::XInputStream> xInputStream(mxSignatureStream, uno::UNO_QUERY); + if (!getPDFSignatureHelper().Sign(xInputStream, bAdESCompliant)) + { + SAL_WARN("xmlsecurity.helper", "PDFSignatureHelper::Sign() failed"); + return false; + } + return true; + } + + maSignatureHelper.StartMission(xSecurityContext); + + nSecurityId = maSignatureHelper.GetNewSecurityId(); - maSignatureHelper.SetX509Certificate(nSecurityId, xCert->getIssuerName(), aCertSerial, aStrBuffer.makeStringAndClear(), aCertDigest); + OUStringBuffer aStrBuffer; + sax::Converter::encodeBase64(aStrBuffer, xCert->getEncoded()); + + OUString aCertDigest; + if (auto pCertificate = dynamic_cast<xmlsecurity::Certificate*>(xCert.get())) + { + OUStringBuffer aBuffer; + sax::Converter::encodeBase64(aBuffer, pCertificate->getSHA256Thumbprint()); + aCertDigest = aBuffer.makeStringAndClear(); + } + else + SAL_WARN("xmlsecurity.helper", "XCertificate implementation without an xmlsecurity::Certificate one"); + + maSignatureHelper.SetX509Certificate(nSecurityId, xCert->getIssuerName(), aCertSerial, aStrBuffer.makeStringAndClear(), aCertDigest); + + } uno::Sequence< uno::Reference< security::XCertificate > > aCertPath = xSecurityContext->getSecurityEnvironment()->buildCertificatePath(xCert); const uno::Reference< security::XCertificate >* pCertPath = aCertPath.getConstArray(); sal_Int32 nCnt = aCertPath.getLength(); + OUStringBuffer aStrBuffer; for (int i = 0; i < nCnt; i++) { sax::Converter::encodeBase64(aStrBuffer, pCertPath[i]->getEncoded()); |