Move signature line to signed properties

So that a modification will result in an invalid signature.

Change-Id: Ib40e0b941d56e29c134993e1d41f496aa183bd7f
Reviewed-on: https://gerrit.libreoffice.org/55086
Tested-by: Jenkins
Reviewed-by: Christian Lohmaier <lohmaier+LibreOffice@googlemail.com>

2 files changed, 53 insertions, 61 deletions

diff --git a/xmlsecurity/source/helper/documentsignaturehelper.cxx b/xmlsecurity/source/helper/documentsignaturehelper.cxx
index 509d3699a294..8bb06b84e92a 100644
--- a/xmlsecurity/source/helper/documentsignaturehelper.cxx
+++ b/xmlsecurity/source/helper/documentsignaturehelper.cxx
@@ -38,12 +38,14 @@
 #include <osl/diagnose.h>
 #include <rtl/ref.hxx>
 #include <rtl/uri.hxx>
+#include <svx/xoutbmp.hxx>
 #include <xmloff/attrlist.hxx>
 
 #include <xsecctl.hxx>
 
 using namespace ::com::sun::star;
 using namespace ::com::sun::star::uno;
+using namespace css::xml::sax;
 
 namespace
 {
@@ -584,6 +586,57 @@ void DocumentSignatureHelper::writeSignedProperties(
     xDocumentHandler->startElement("xd:SignaturePolicyImplied", uno::Reference<xml::sax::XAttributeList>(new SvXMLAttributeList()));
     xDocumentHandler->endElement("xd:SignaturePolicyImplied");
     xDocumentHandler->endElement("xd:SignaturePolicyIdentifier");
+
+    if (!signatureInfo.ouSignatureLineId.isEmpty() && signatureInfo.aValidSignatureImage.is()
+        && signatureInfo.aInvalidSignatureImage.is())
+    {
+        rtl::Reference<SvXMLAttributeList> pAttributeList(new SvXMLAttributeList());
+        pAttributeList->AddAttribute(
+            "xmlns:loext", "urn:org:documentfoundation:names:experimental:office:xmlns:loext:1.0");
+        xDocumentHandler->startElement(
+            "loext:SignatureLine",
+            Reference<XAttributeList>(pAttributeList.get()));
+
+        {
+            // Write SignatureLineId element
+            xDocumentHandler->startElement(
+                "loext:SignatureLineId",
+                Reference<XAttributeList>(new SvXMLAttributeList()));
+            xDocumentHandler->characters(signatureInfo.ouSignatureLineId);
+            xDocumentHandler->endElement("loext:SignatureLineId");
+        }
+
+        {
+            // Write SignatureLineId element
+            xDocumentHandler->startElement(
+                "loext:SignatureLineValidImage",
+                Reference<XAttributeList>(new SvXMLAttributeList()));
+
+            OUString aGraphicInBase64;
+            Graphic aGraphic(signatureInfo.aValidSignatureImage);
+            if (!XOutBitmap::GraphicToBase64(aGraphic, aGraphicInBase64, false))
+                SAL_WARN("xmlsecurity.helper", "could not convert graphic to base64");
+
+            xDocumentHandler->characters(aGraphicInBase64);
+            xDocumentHandler->endElement("loext:SignatureLineValidImage");
+        }
+
+        {
+            // Write SignatureLineId element
+            xDocumentHandler->startElement(
+                "loext:SignatureLineInvalidImage",
+                Reference<XAttributeList>(new SvXMLAttributeList()));
+            OUString aGraphicInBase64;
+            Graphic aGraphic(signatureInfo.aInvalidSignatureImage);
+            if (!XOutBitmap::GraphicToBase64(aGraphic, aGraphicInBase64, false))
+                SAL_WARN("xmlsecurity.helper", "could not convert graphic to base64");
+            xDocumentHandler->characters(aGraphicInBase64);
+            xDocumentHandler->endElement("loext:SignatureLineInvalidImage");
+        }
+
+        xDocumentHandler->endElement("loext:SignatureLine");
+    }
+
     xDocumentHandler->endElement("xd:SignedSignatureProperties");
 
     xDocumentHandler->endElement("xd:SignedProperties");
diff --git a/xmlsecurity/source/helper/xsecctl.cxx b/xmlsecurity/source/helper/xsecctl.cxx
index e5bae1f199af..c10e9f0d3c50 100644
--- a/xmlsecurity/source/helper/xsecctl.cxx
+++ b/xmlsecurity/source/helper/xsecctl.cxx
@@ -40,7 +40,6 @@
 #include <xmloff/attrlist.hxx>
 #include <rtl/math.hxx>
 #include <rtl/ref.hxx>
-#include <svx/xoutbmp.hxx>
 #include <unotools/datetime.hxx>
 #include <comphelper/ofopxmlhelper.hxx>
 #include <sax/tools/converter.hxx>
@@ -857,66 +856,6 @@ void XSecController::exportSignature(
                         "dc:date");
                 }
                 xDocumentHandler->endElement( "SignatureProperty" );
-
-                if (!signatureInfo.ouSignatureLineId.isEmpty()
-                    && signatureInfo.aValidSignatureImage.is()
-                    && signatureInfo.aInvalidSignatureImage.is())
-                {
-                    pAttributeList = new SvXMLAttributeList();
-                    pAttributeList->AddAttribute(
-                        "xmlns:loext",
-                        "urn:org:documentfoundation:names:experimental:office:xmlns:loext:1.0");
-                    pAttributeList->AddAttribute("Target", "#" + signatureInfo.ouSignatureId);
-
-                    xDocumentHandler->startElement(
-                        "SignatureProperty",
-                        cssu::Reference<cssxs::XAttributeList>(pAttributeList));
-                    {
-                        xDocumentHandler->startElement(
-                            "loext:SignatureLine",
-                            cssu::Reference<cssxs::XAttributeList>(new SvXMLAttributeList()));
-
-                        {
-                            // Write SignatureLineId element
-                            xDocumentHandler->startElement(
-                                "loext:SignatureLineId",
-                                cssu::Reference<cssxs::XAttributeList>(new SvXMLAttributeList()));
-                            xDocumentHandler->characters(signatureInfo.ouSignatureLineId);
-                            xDocumentHandler->endElement("loext:SignatureLineId");
-                        }
-
-                        {
-                            // Write SignatureLineId element
-                            xDocumentHandler->startElement(
-                                "loext:SignatureLineValidImage",
-                                cssu::Reference<cssxs::XAttributeList>(new SvXMLAttributeList()));
-
-                            OUString aGraphicInBase64;
-                            Graphic aGraphic(signatureInfo.aValidSignatureImage);
-                            if (!XOutBitmap::GraphicToBase64(aGraphic, aGraphicInBase64, false))
-                                SAL_WARN("xmlsecurity.helper", "could not convert graphic to base64");
-
-                            xDocumentHandler->characters(aGraphicInBase64);
-                            xDocumentHandler->endElement("loext:SignatureLineValidImage");
-                        }
-
-                        {
-                            // Write SignatureLineId element
-                            xDocumentHandler->startElement(
-                                "loext:SignatureLineInvalidImage",
-                                cssu::Reference<cssxs::XAttributeList>(new SvXMLAttributeList()));
-                            OUString aGraphicInBase64;
-                            Graphic aGraphic(signatureInfo.aInvalidSignatureImage);
-                            if (!XOutBitmap::GraphicToBase64(aGraphic, aGraphicInBase64, false))
-                                SAL_WARN("xmlsecurity.helper", "could not convert graphic to base64");
-                            xDocumentHandler->characters(aGraphicInBase64);
-                            xDocumentHandler->endElement("loext:SignatureLineInvalidImage");
-                        }
-
-                        xDocumentHandler->endElement("loext:SignatureLine");
-                    }
-                    xDocumentHandler->endElement("SignatureProperty");
-                }
             }
 
             // Write signature description.