diff options
author | Miklos Vajna <vmiklos@collabora.co.uk> | 2016-03-04 10:49:12 +0100 |
---|---|---|
committer | Miklos Vajna <vmiklos@collabora.co.uk> | 2016-03-04 11:48:48 +0100 |
commit | e89610dad647ea5c77805ff06af1ea9870ae9f15 (patch) | |
tree | 12964e3657c079792fe218c3750e339b1c775262 /xmlsecurity/source | |
parent | 38c39dc49c502683a3ccbcbfaa7e7ecee413c30f (diff) |
xmlsecurity OOXML export: only cache existing signatures, not our temp. one
When adding a signature, first we export it to a temp. storage, then
read it back, show the verification to the user, and then later we do or
do not write the temp. storage back to the original one.
This means the signature gets exported two times, and MSO only considers
the final result valid. So when caching signatures (to avoid a real
export based on our data model), don't cache the one we just added to
the temp. storage, but do a real export second time as well.
With this, MSO considers our appended signature (next to an existing
one) valid, too.
Change-Id: I4d615298463e037ea4e654ff5c3addcef8b0a094
Diffstat (limited to 'xmlsecurity/source')
-rw-r--r-- | xmlsecurity/source/dialogs/digitalsignaturesdialog.cxx | 8 | ||||
-rw-r--r-- | xmlsecurity/source/helper/documentsignaturemanager.cxx | 4 | ||||
-rw-r--r-- | xmlsecurity/source/helper/xmlsignaturehelper.cxx | 33 |
3 files changed, 27 insertions, 18 deletions
diff --git a/xmlsecurity/source/dialogs/digitalsignaturesdialog.cxx b/xmlsecurity/source/dialogs/digitalsignaturesdialog.cxx index 77d058d0a7e2..8e7806e12453 100644 --- a/xmlsecurity/source/dialogs/digitalsignaturesdialog.cxx +++ b/xmlsecurity/source/dialogs/digitalsignaturesdialog.cxx @@ -413,7 +413,7 @@ IMPL_LINK_NOARG_TYPED(DigitalSignaturesDialog, AddButtonHdl, Button*, void) // will not contain // SecurityOperationStatus_OPERATION_SUCCEEDED mbVerifySignatures = true; - ImplGetSignatureInformations(true); + ImplGetSignatureInformations(true, /*bCacheLastSignature=*/false); ImplFillSignaturesBox(); } } @@ -422,7 +422,7 @@ IMPL_LINK_NOARG_TYPED(DigitalSignaturesDialog, AddButtonHdl, Button*, void) { OSL_FAIL( "Exception while adding a signature!" ); // Don't keep invalid entries... - ImplGetSignatureInformations(true); + ImplGetSignatureInformations(true, /*bCacheLastSignature=*/false); ImplFillSignaturesBox(); } } @@ -624,9 +624,9 @@ void DigitalSignaturesDialog::ImplFillSignaturesBox() //If bUseTempStream is true then the temporary signature stream is used. //Otherwise the real signature stream is used. -void DigitalSignaturesDialog::ImplGetSignatureInformations(bool bUseTempStream) +void DigitalSignaturesDialog::ImplGetSignatureInformations(bool bUseTempStream, bool bCacheLastSignature) { - maSignatureManager.read(bUseTempStream); + maSignatureManager.read(bUseTempStream, bCacheLastSignature); mbVerifySignatures = false; } diff --git a/xmlsecurity/source/helper/documentsignaturemanager.cxx b/xmlsecurity/source/helper/documentsignaturemanager.cxx index b5bc008b1ddf..5127e3cb87b1 100644 --- a/xmlsecurity/source/helper/documentsignaturemanager.cxx +++ b/xmlsecurity/source/helper/documentsignaturemanager.cxx @@ -290,7 +290,7 @@ bool DocumentSignatureManager::add(const uno::Reference<security::XCertificate>& return true; } -void DocumentSignatureManager::read(bool bUseTempStream) +void DocumentSignatureManager::read(bool bUseTempStream, bool bCacheLastSignature) { maCurrentSignatureInformations.clear(); @@ -303,7 +303,7 @@ void DocumentSignatureManager::read(bool bUseTempStream) maSignatureHelper.ReadAndVerifySignature(xInputStream); } else if (aStreamHelper.nStorageFormat == embed::StorageFormats::OFOPXML && aStreamHelper.xSignatureStorage.is()) - maSignatureHelper.ReadAndVerifySignatureStorage(aStreamHelper.xSignatureStorage); + maSignatureHelper.ReadAndVerifySignatureStorage(aStreamHelper.xSignatureStorage, bCacheLastSignature); maSignatureHelper.EndMission(); maCurrentSignatureInformations = maSignatureHelper.GetSignatureInformations(); diff --git a/xmlsecurity/source/helper/xmlsignaturehelper.cxx b/xmlsecurity/source/helper/xmlsignaturehelper.cxx index 2b05621a8c8c..57474f2cc97d 100644 --- a/xmlsecurity/source/helper/xmlsignaturehelper.cxx +++ b/xmlsecurity/source/helper/xmlsignaturehelper.cxx @@ -385,7 +385,7 @@ bool lcl_isSignatureOriginType(const beans::StringPair& rPair) } } -bool XMLSignatureHelper::ReadAndVerifySignatureStorage(const uno::Reference<embed::XStorage>& xStorage) +bool XMLSignatureHelper::ReadAndVerifySignatureStorage(const uno::Reference<embed::XStorage>& xStorage, bool bCacheLastSignature) { sal_Int32 nOpenMode = embed::ElementModes::READ; uno::Reference<embed::XStorage> xSubStorage = xStorage->openStorageElement("_rels", nOpenMode); @@ -393,8 +393,9 @@ bool XMLSignatureHelper::ReadAndVerifySignatureStorage(const uno::Reference<embe uno::Sequence< uno::Sequence<beans::StringPair> > aRelationsInfo; aRelationsInfo = comphelper::OFOPXMLHelper::ReadRelationsInfoSequence(xRelStream, "origin.sigs.rels", mxCtx); - for (const uno::Sequence<beans::StringPair>& rRelation : aRelationsInfo) + for (sal_Int32 i = 0; i < aRelationsInfo.getLength(); ++i) { + const uno::Sequence<beans::StringPair>& rRelation = aRelationsInfo[i]; auto aRelation = comphelper::sequenceToContainer< std::vector<beans::StringPair> >(rRelation); if (std::find_if(aRelation.begin(), aRelation.end(), lcl_isSignatureType) != aRelation.end()) { @@ -412,17 +413,25 @@ bool XMLSignatureHelper::ReadAndVerifySignatureStorage(const uno::Reference<embe if (!ReadAndVerifySignatureStorageStream(xInputStream)) return false; - // Store the contents of the stream as is, in case we need to write it back later. - xInputStream.clear(); - xInputStream.set(xStorage->openStreamElement(it->Second, nOpenMode), uno::UNO_QUERY); - uno::Reference<beans::XPropertySet> xPropertySet(xInputStream, uno::UNO_QUERY); - if (xPropertySet.is()) + // By default, we cache. If it's requested, then we don't cache the last signature. + bool bCache = true; + if (!bCacheLastSignature && i == aRelationsInfo.getLength() - 1) + bCache = false; + + if (bCache) { - sal_Int64 nSize = 0; - xPropertySet->getPropertyValue("Size") >>= nSize; - uno::Sequence<sal_Int8> aData; - xInputStream->readBytes(aData, nSize); - mpXSecController->setSignatureBytes(aData); + // Store the contents of the stream as is, in case we need to write it back later. + xInputStream.clear(); + xInputStream.set(xStorage->openStreamElement(it->Second, nOpenMode), uno::UNO_QUERY); + uno::Reference<beans::XPropertySet> xPropertySet(xInputStream, uno::UNO_QUERY); + if (xPropertySet.is()) + { + sal_Int64 nSize = 0; + xPropertySet->getPropertyValue("Size") >>= nSize; + uno::Sequence<sal_Int8> aData; + xInputStream->readBytes(aData, nSize); + mpXSecController->setSignatureBytes(aData); + } } } } |