tdf#83877 Add valid/invalid images to signatures

Change-Id: I958c1bad2f32383ebaaeb7d42c761f0d1dfefc35
Reviewed-on: https://gerrit.libreoffice.org/54513
Tested-by: Jenkins <ci@libreoffice.org>
Reviewed-by: Samuel Mehrbrodt <Samuel.Mehrbrodt@cib.de>

10 files changed, 173 insertions, 15 deletions

diff --git a/xmlsecurity/inc/documentsignaturemanager.hxx b/xmlsecurity/inc/documentsignaturemanager.hxx
index 542a9af6a8a9..f88820f03803 100644
--- a/xmlsecurity/inc/documentsignaturemanager.hxx
+++ b/xmlsecurity/inc/documentsignaturemanager.hxx
@@ -28,6 +28,7 @@
 #include "xmlsignaturehelper.hxx"
 #include <com/sun/star/uno/XComponentContext.hpp>
 #include <com/sun/star/embed/XStorage.hpp>
+#include <com/sun/star/graphic/XGraphic.hpp>
 #include "documentsignaturehelper.hxx"
 #include <com/sun/star/beans/PropertyValue.hpp>
 
@@ -66,7 +67,11 @@ public:
     bool add(const css::uno::Reference<css::security::XCertificate>& xCert,
              const css::uno::Reference<css::xml::crypto::XXMLSecurityContext>& xSecurityContext,
              const OUString& rDescription, sal_Int32& nSecurityId, bool bAdESCompliant,
-             const OUString& rSignatureLineId = OUString());
+             const OUString& rSignatureLineId = OUString(),
+             const css::uno::Reference<css::graphic::XGraphic> xValidGraphic
+             = css::uno::Reference<css::graphic::XGraphic>(),
+             const css::uno::Reference<css::graphic::XGraphic> xInvalidGraphic
+             = css::uno::Reference<css::graphic::XGraphic>());
     /// Remove signature at nPosition.
     void remove(sal_uInt16 nPosition);
     /// Read signatures from either a temp stream or the real storage.
diff --git a/xmlsecurity/inc/xmlsignaturehelper.hxx b/xmlsecurity/inc/xmlsignaturehelper.hxx
index f4de3b01b56e..c41179d4805c 100644
--- a/xmlsecurity/inc/xmlsignaturehelper.hxx
+++ b/xmlsecurity/inc/xmlsignaturehelper.hxx
@@ -30,6 +30,7 @@
 #include "xmlsecuritydllapi.h"
 #include "xmlsignaturehelper.hxx"
 
+#include <com/sun/star/graphic/XGraphic.hpp>
 #include <com/sun/star/uno/XComponentContext.hpp>
 #include <com/sun/star/xml/sax/XWriter.hpp>
 #include <com/sun/star/xml/crypto/XSEInitializer.hpp>
@@ -130,6 +131,11 @@ public:
     void        SetDateTime( sal_Int32 nSecurityId, const Date& rDate, const tools::Time& rTime );
     void SetDescription(sal_Int32 nSecurityId, const OUString& rDescription);
     void SetSignatureLineId(sal_Int32 nSecurityId, const OUString& rSignatureLineId);
+    void
+    SetSignatureLineValidGraphic(sal_Int32 nSecurityId,
+                                 const css::uno::Reference<css::graphic::XGraphic>& xValidGraphic);
+    void SetSignatureLineInvalidGraphic(
+        sal_Int32 nSecurityId, const css::uno::Reference<css::graphic::XGraphic>& xInvalidGraphic);
 
     void        AddForSigning( sal_Int32 securityId, const OUString& uri, bool bBinary, bool bXAdESCompliantIfODF );
     void        CreateAndWriteSignature( const css::uno::Reference< css::xml::sax::XDocumentHandler >& xDocumentHandler, bool bXAdESCompliantIfODF );
diff --git a/xmlsecurity/inc/xsecctl.hxx b/xmlsecurity/inc/xsecctl.hxx
index 750bb5b63348..2620bc6cbea9 100644
--- a/xmlsecurity/inc/xsecctl.hxx
+++ b/xmlsecurity/inc/xsecctl.hxx
@@ -27,6 +27,7 @@
 #include <com/sun/star/lang/XInitialization.hpp>
 #include <com/sun/star/xml/sax/XDocumentHandler.hpp>
 #include <com/sun/star/xml/sax/XAttributeList.hpp>
+#include <com/sun/star/graphic/XGraphic.hpp>
 #include <com/sun/star/xml/crypto/XXMLSignature.hpp>
 #include <com/sun/star/xml/crypto/XSEInitializer.hpp>
 #include <com/sun/star/xml/crypto/sax/XSecuritySAXEventKeeper.hpp>
@@ -360,6 +361,11 @@ public:
         const css::util::DateTime& rDateTime );
     void setDescription(sal_Int32 nSecurityId, const OUString& rDescription);
     void setSignatureLineId(sal_Int32 nSecurityId, const OUString& rSignatureLineId);
+    void
+    setSignatureLineValidGraphic(sal_Int32 nSecurityId,
+                                 const css::uno::Reference<css::graphic::XGraphic>& xValidGraphic);
+    void setSignatureLineInvalidGraphic(
+        sal_Int32 nSecurityId, const css::uno::Reference<css::graphic::XGraphic>& xInvalidGraphic);
 
     bool WriteSignature(
         const css::uno::Reference< css::xml::sax::XDocumentHandler >& xDocumentHandler,
diff --git a/xmlsecurity/source/component/documentdigitalsignatures.cxx b/xmlsecurity/source/component/documentdigitalsignatures.cxx
index 87e9b8bb3759..2c40f69b53f6 100644
--- a/xmlsecurity/source/component/documentdigitalsignatures.cxx
+++ b/xmlsecurity/source/component/documentdigitalsignatures.cxx
@@ -104,11 +104,12 @@ public:
     sal_Bool SAL_CALL
     signDocumentContent(const css::uno::Reference<css::embed::XStorage>& xStorage,
                         const css::uno::Reference<css::io::XStream>& xSignStream) override;
-    sal_Bool SAL_CALL signDocumentContentWithCertificate(
+    sal_Bool SAL_CALL signSignatureLine(
         const css::uno::Reference<css::embed::XStorage>& Storage,
-        const css::uno::Reference<css::io::XStream>& xSignStream,
-        const css::uno::Reference<css::security::XCertificate>& xCertificate,
-        const OUString& rSignatureLineId) override;
+        const css::uno::Reference<css::io::XStream>& xSignStream, const OUString& aSignatureLineId,
+        const Reference<css::security::XCertificate>& xCertificate,
+        const Reference<css::graphic::XGraphic>& xValidGraphic,
+        const Reference<css::graphic::XGraphic>& xInvalidGraphic) override;
     css::uno::Sequence<css::security::DocumentSignatureInformation>
         SAL_CALL verifyDocumentContentSignatures(
             const css::uno::Reference<css::embed::XStorage>& xStorage,
@@ -223,10 +224,13 @@ sal_Bool DocumentDigitalSignatures::signDocumentContent(
     return ImplViewSignatures( rxStorage, xSignStream, DocumentSignatureMode::Content, false );
 }
 
-sal_Bool DocumentDigitalSignatures::signDocumentContentWithCertificate(
+sal_Bool DocumentDigitalSignatures::signSignatureLine(
     const Reference<css::embed::XStorage>& rxStorage,
     const Reference<css::io::XStream>& xSignStream,
-    const Reference<css::security::XCertificate>& xCertificate, const OUString& aSignatureLineId)
+    const OUString& aSignatureLineId,
+    const Reference<css::security::XCertificate>& xCertificate,
+    const Reference<css::graphic::XGraphic>& xValidGraphic,
+    const Reference<css::graphic::XGraphic>& xInvalidGraphic)
 {
     OSL_ENSURE(!m_sODFVersion.isEmpty(),
                "DocumentDigitalSignatures: ODF Version not set, assuming minimum 1.2");
@@ -251,7 +255,7 @@ sal_Bool DocumentDigitalSignatures::signDocumentContentWithCertificate(
     sal_Int32 nSecurityId;
     OUString aDescription("");
     bool bSuccess = aSignatureManager.add(xCertificate, xSecurityContext, aDescription, nSecurityId,
-                                          true, aSignatureLineId);
+                                          true, aSignatureLineId, xValidGraphic, xInvalidGraphic);
     if (!bSuccess)
         return false;
 
diff --git a/xmlsecurity/source/helper/documentsignaturemanager.cxx b/xmlsecurity/source/helper/documentsignaturemanager.cxx
index bb78c62272e4..f302f1a64955 100644
--- a/xmlsecurity/source/helper/documentsignaturemanager.cxx
+++ b/xmlsecurity/source/helper/documentsignaturemanager.cxx
@@ -29,6 +29,7 @@
 #include <com/sun/star/embed/XTransactedObject.hpp>
 #include <com/sun/star/xml/crypto/SEInitializer.hpp>
 #include <com/sun/star/lang/XServiceInfo.hpp>
+#include <com/sun/star/graphic/XGraphic.hpp>
 
 #include <comphelper/base64.hxx>
 #include <comphelper/storagehelper.hxx>
@@ -46,6 +47,8 @@
 #include <pdfsignaturehelper.hxx>
 
 using namespace css;
+using namespace css::graphic;
+using namespace css::uno;
 
 DocumentSignatureManager::DocumentSignatureManager(
     const uno::Reference<uno::XComponentContext>& xContext, DocumentSignatureMode eMode)
@@ -266,7 +269,8 @@ bool DocumentSignatureManager::add(
     const uno::Reference<security::XCertificate>& xCert,
     const uno::Reference<xml::crypto::XXMLSecurityContext>& xSecurityContext,
     const OUString& rDescription, sal_Int32& nSecurityId, bool bAdESCompliant,
-    const OUString& rSignatureLineId)
+    const OUString& rSignatureLineId, const Reference<XGraphic> xValidGraphic,
+    const Reference<XGraphic> xInvalidGraphic)
 {
     if (!xCert.is())
     {
@@ -388,6 +392,12 @@ bool DocumentSignatureManager::add(
     if (!rSignatureLineId.isEmpty())
         maSignatureHelper.SetSignatureLineId(nSecurityId, rSignatureLineId);
 
+    if (xValidGraphic.is())
+        maSignatureHelper.SetSignatureLineValidGraphic(nSecurityId, xValidGraphic);
+
+    if (xInvalidGraphic.is())
+        maSignatureHelper.SetSignatureLineInvalidGraphic(nSecurityId, xInvalidGraphic);
+
     // We open a signature stream in which the existing and the new
     //signature is written. ImplGetSignatureInformation (later in this function) will
     //then read the stream and fill maCurrentSignatureInformations. The final signature
diff --git a/xmlsecurity/source/helper/xmlsignaturehelper.cxx b/xmlsecurity/source/helper/xmlsignaturehelper.cxx
index 0ae2c9524f28..e754bb3368f6 100644
--- a/xmlsecurity/source/helper/xmlsignaturehelper.cxx
+++ b/xmlsecurity/source/helper/xmlsignaturehelper.cxx
@@ -56,6 +56,7 @@
 #define OOXML_SIGNATURE_SIGNATURE "http://schemas.openxmlformats.org/package/2006/relationships/digital-signature/signature"
 
 using namespace ::com::sun::star;
+using namespace ::com::sun::star::graphic;
 using namespace ::com::sun::star::uno;
 
 XMLSignatureHelper::XMLSignatureHelper( const uno::Reference< uno::XComponentContext >& rxCtx)
@@ -154,6 +155,18 @@ void XMLSignatureHelper::SetSignatureLineId(sal_Int32 nSecurityId, const OUStrin
     mpXSecController->setSignatureLineId(nSecurityId, rSignatureLineId);
 }
 
+void XMLSignatureHelper::SetSignatureLineValidGraphic(
+    sal_Int32 nSecurityId, const css::uno::Reference<XGraphic>& xValidGraphic)
+{
+    mpXSecController->setSignatureLineValidGraphic(nSecurityId, xValidGraphic);
+}
+
+void XMLSignatureHelper::SetSignatureLineInvalidGraphic(
+    sal_Int32 nSecurityId, const css::uno::Reference<XGraphic>& xInvalidGraphic)
+{
+    mpXSecController->setSignatureLineInvalidGraphic(nSecurityId, xInvalidGraphic);
+}
+
 void XMLSignatureHelper::AddForSigning( sal_Int32 nSecurityId, const OUString& uri, bool bBinary, bool bXAdESCompliantIfODF )
 {
     mpXSecController->signAStream( nSecurityId, uri, bBinary, bXAdESCompliantIfODF );
diff --git a/xmlsecurity/source/helper/xsecctl.cxx b/xmlsecurity/source/helper/xsecctl.cxx
index 0d97dd3456fb..e5bae1f199af 100644
--- a/xmlsecurity/source/helper/xsecctl.cxx
+++ b/xmlsecurity/source/helper/xsecctl.cxx
@@ -40,6 +40,7 @@
 #include <xmloff/attrlist.hxx>
 #include <rtl/math.hxx>
 #include <rtl/ref.hxx>
+#include <svx/xoutbmp.hxx>
 #include <unotools/datetime.hxx>
 #include <comphelper/ofopxmlhelper.hxx>
 #include <sax/tools/converter.hxx>
@@ -857,7 +858,9 @@ void XSecController::exportSignature(
                 }
                 xDocumentHandler->endElement( "SignatureProperty" );
 
-                if (!signatureInfo.ouSignatureLineId.isEmpty())
+                if (!signatureInfo.ouSignatureLineId.isEmpty()
+                    && signatureInfo.aValidSignatureImage.is()
+                    && signatureInfo.aInvalidSignatureImage.is())
                 {
                     pAttributeList = new SvXMLAttributeList();
                     pAttributeList->AddAttribute(
@@ -869,12 +872,48 @@ void XSecController::exportSignature(
                         "SignatureProperty",
                         cssu::Reference<cssxs::XAttributeList>(pAttributeList));
                     {
-                        // Write SignatureLineId element
                         xDocumentHandler->startElement(
-                            "loext:SignatureLineId",
+                            "loext:SignatureLine",
                             cssu::Reference<cssxs::XAttributeList>(new SvXMLAttributeList()));
-                        xDocumentHandler->characters(signatureInfo.ouSignatureLineId);
-                        xDocumentHandler->endElement("loext:SignatureLineId");
+
+                        {
+                            // Write SignatureLineId element
+                            xDocumentHandler->startElement(
+                                "loext:SignatureLineId",
+                                cssu::Reference<cssxs::XAttributeList>(new SvXMLAttributeList()));
+                            xDocumentHandler->characters(signatureInfo.ouSignatureLineId);
+                            xDocumentHandler->endElement("loext:SignatureLineId");
+                        }
+
+                        {
+                            // Write SignatureLineId element
+                            xDocumentHandler->startElement(
+                                "loext:SignatureLineValidImage",
+                                cssu::Reference<cssxs::XAttributeList>(new SvXMLAttributeList()));
+
+                            OUString aGraphicInBase64;
+                            Graphic aGraphic(signatureInfo.aValidSignatureImage);
+                            if (!XOutBitmap::GraphicToBase64(aGraphic, aGraphicInBase64, false))
+                                SAL_WARN("xmlsecurity.helper", "could not convert graphic to base64");
+
+                            xDocumentHandler->characters(aGraphicInBase64);
+                            xDocumentHandler->endElement("loext:SignatureLineValidImage");
+                        }
+
+                        {
+                            // Write SignatureLineId element
+                            xDocumentHandler->startElement(
+                                "loext:SignatureLineInvalidImage",
+                                cssu::Reference<cssxs::XAttributeList>(new SvXMLAttributeList()));
+                            OUString aGraphicInBase64;
+                            Graphic aGraphic(signatureInfo.aInvalidSignatureImage);
+                            if (!XOutBitmap::GraphicToBase64(aGraphic, aGraphicInBase64, false))
+                                SAL_WARN("xmlsecurity.helper", "could not convert graphic to base64");
+                            xDocumentHandler->characters(aGraphicInBase64);
+                            xDocumentHandler->endElement("loext:SignatureLineInvalidImage");
+                        }
+
+                        xDocumentHandler->endElement("loext:SignatureLine");
                     }
                     xDocumentHandler->endElement("SignatureProperty");
                 }
diff --git a/xmlsecurity/source/helper/xsecparser.cxx b/xmlsecurity/source/helper/xsecparser.cxx
index 4218ab571f53..e20716f0a487 100644
--- a/xmlsecurity/source/helper/xsecparser.cxx
+++ b/xmlsecurity/source/helper/xsecparser.cxx
@@ -45,6 +45,8 @@ XSecParser::XSecParser(XMLSignatureHelper& rXMLSignatureHelper,
     , m_bInDate(false)
     , m_bInDescription(false)
     , m_bInSignatureLineId(false)
+    , m_bInSignatureLineValidImage(false)
+    , m_bInSignatureLineInvalidImage(false)
     , m_pXSecController(pXSecController)
     , m_bReferenceUnresolved(false)
     , m_nReferenceDigestID(cssxc::DigestID::SHA1)
@@ -265,6 +267,16 @@ void SAL_CALL XSecParser::startElement(
             m_ouSignatureLineId.clear();
             m_bInSignatureLineId = true;
         }
+        else if (aName == "loext:SignatureLineValidImage")
+        {
+            m_ouSignatureLineValidImage.clear();
+            m_bInSignatureLineValidImage = true;
+        }
+        else if (aName == "loext:SignatureLineInvalidImage")
+        {
+            m_ouSignatureLineInvalidImage.clear();
+            m_bInSignatureLineInvalidImage = true;
+        }
 
         if (m_xNextHandler.is())
         {
@@ -379,6 +391,16 @@ void SAL_CALL XSecParser::endElement( const OUString& aName )
             m_pXSecController->setSignatureLineId( m_ouSignatureLineId );
             m_bInSignatureLineId = false;
         }
+        else if (aName == "loext:SignatureLineValidImage")
+        {
+            m_pXSecController->setValidSignatureImage( m_ouSignatureLineValidImage );
+            m_bInSignatureLineValidImage = false;
+        }
+        else if (aName == "loext:SignatureLineInvalidImage")
+        {
+            m_pXSecController->setInvalidSignatureImage( m_ouSignatureLineInvalidImage );
+            m_bInSignatureLineInvalidImage = false;
+        }
 
         if (m_xNextHandler.is())
         {
@@ -458,6 +480,14 @@ void SAL_CALL XSecParser::characters( const OUString& aChars )
     {
         m_ouSignatureLineId += aChars;
     }
+    else if (m_bInSignatureLineValidImage)
+    {
+        m_ouSignatureLineValidImage += aChars;
+    }
+    else if (m_bInSignatureLineInvalidImage)
+    {
+        m_ouSignatureLineInvalidImage += aChars;
+    }
 
     if (m_xNextHandler.is())
     {
diff --git a/xmlsecurity/source/helper/xsecparser.hxx b/xmlsecurity/source/helper/xsecparser.hxx
index e1c4515ce941..42b63975ecb9 100644
--- a/xmlsecurity/source/helper/xsecparser.hxx
+++ b/xmlsecurity/source/helper/xsecparser.hxx
@@ -68,6 +68,8 @@ private:
     /// Characters of a <dc:description> element, as just read from XML.
     OUString m_ouDescription;
     OUString m_ouSignatureLineId;
+    OUString m_ouSignatureLineValidImage;
+    OUString m_ouSignatureLineInvalidImage;
 
     /*
      * whether inside a particular element
@@ -86,6 +88,8 @@ private:
     bool m_bInDate;
     bool m_bInDescription;
     bool m_bInSignatureLineId;
+    bool m_bInSignatureLineValidImage;
+    bool m_bInSignatureLineInvalidImage;
 
     /*
      * the XSecController collaborating with XSecParser
diff --git a/xmlsecurity/source/helper/xsecsign.cxx b/xmlsecurity/source/helper/xsecsign.cxx
index 3202c4c4a1c1..b4c050e3b7a2 100644
--- a/xmlsecurity/source/helper/xsecsign.cxx
+++ b/xmlsecurity/source/helper/xsecsign.cxx
@@ -21,6 +21,7 @@
 #include <xsecctl.hxx>
 #include <certificate.hxx>
 
+#include <com/sun/star/graphic/XGraphic.hpp>
 #include <com/sun/star/xml/crypto/sax/ElementMarkPriority.hpp>
 #include <com/sun/star/xml/crypto/sax/XReferenceResolvedBroadcaster.hpp>
 #include <com/sun/star/xml/crypto/sax/XBlockerMonitor.hpp>
@@ -33,7 +34,9 @@
 #include <framework/signaturecreatorimpl.hxx>
 #include <framework/saxeventkeeperimpl.hxx>
 
-using namespace com::sun::star;
+using namespace css;
+using namespace css::uno;
+using namespace css::graphic;
 namespace cssu = com::sun::star::uno;
 namespace cssl = com::sun::star::lang;
 namespace cssxc = com::sun::star::xml::crypto;
@@ -308,6 +311,44 @@ void XSecController::setSignatureLineId(sal_Int32 nSecurityId, const OUString& r
     }
 }
 
+void XSecController::setSignatureLineValidGraphic(sal_Int32 nSecurityId,
+                                                  const Reference<XGraphic>& xValidGraphic)
+{
+    int nIndex = findSignatureInfor(nSecurityId);
+
+    if (nIndex == -1)
+    {
+        InternalSignatureInformation aInformation(nSecurityId, nullptr);
+        aInformation.signatureInfor.aValidSignatureImage = xValidGraphic;
+        m_vInternalSignatureInformations.push_back(aInformation);
+    }
+    else
+    {
+        SignatureInformation& rInformation
+            = m_vInternalSignatureInformations[nIndex].signatureInfor;
+        rInformation.aValidSignatureImage = xValidGraphic;
+    }
+}
+
+void XSecController::setSignatureLineInvalidGraphic(
+    sal_Int32 nSecurityId, const Reference<XGraphic>& xInvalidGraphic)
+{
+    int nIndex = findSignatureInfor(nSecurityId);
+
+    if (nIndex == -1)
+    {
+        InternalSignatureInformation aInformation(nSecurityId, nullptr);
+        aInformation.signatureInfor.aInvalidSignatureImage = xInvalidGraphic;
+        m_vInternalSignatureInformations.push_back(aInformation);
+    }
+    else
+    {
+        SignatureInformation& rInformation
+            = m_vInternalSignatureInformations[nIndex].signatureInfor;
+        rInformation.aInvalidSignatureImage = xInvalidGraphic;
+    }
+}
+
 bool XSecController::WriteSignature(
     const cssu::Reference<cssxs::XDocumentHandler>& xDocumentHandler,
     bool bXAdESCompliantIfODF )