#i21596# Digital Signatures...

5 files changed, 84 insertions, 88 deletions

diff --git a/xmlsecurity/inc/xmlsecurity/digitalsignaturesdialog.hxx b/xmlsecurity/inc/xmlsecurity/digitalsignaturesdialog.hxx
index 3396413c768a..19b11abd7e21 100644
--- a/xmlsecurity/inc/xmlsecurity/digitalsignaturesdialog.hxx
+++ b/xmlsecurity/inc/xmlsecurity/digitalsignaturesdialog.hxx
@@ -2,9 +2,9 @@
  *
  *  $RCSfile: digitalsignaturesdialog.hxx,v $
  *
- *  $Revision: 1.4 $
+ *  $Revision: 1.5 $
  *
- *  last change: $Author: gt $ $Date: 2004-07-27 07:56:35 $
+ *  last change: $Author: mt $ $Date: 2004-07-27 11:55:25 $
  *
  *  The Contents of this file are made available subject to the terms of
  *  either of the following licenses
@@ -94,19 +94,14 @@ class HeaderBar;
 class DigitalSignaturesDialog : public ModalDialog
 {
 private:
-    enum SigState   { S_NONE, S_VALID, S_BROKEN };
-
     XMLSignatureHelper      maSignatureHelper;
 
     css::uno::Reference < css::embed::XStorage > mxStore;
-    SignatureInformations   aCurrentSignatureInformations;
+    SignatureInformations   maCurrentSignatureInformations;
     bool                    mbVerifySignatures;
     bool                    mbSignaturesChanged;
     DocumentSignatureMode   meSignatureMode;
 
-    // HACK, until sig in storage works
-    rtl::OUString       maSigFileName;
-
     FixedText           maHintDocFT;
     FixedText           maHintBasicFT;
     FixedText           maHintPackageFT;
@@ -136,7 +131,6 @@ private:
     void                ImplFillSignaturesBox();
     void                ImplShowSignaturesDetails();
 
-    void                SetState( SigState _eState );
 public:
     DigitalSignaturesDialog( Window* pParent, cssu::Reference< css::lang::XMultiServiceFactory >& rxMSF, DocumentSignatureMode eMode, sal_Bool bReadOnly );
     ~DigitalSignaturesDialog();
@@ -147,9 +141,6 @@ public:
             // Set the storage which should be signed or verified
     void    SetStorage( const cssu::Reference < css::embed::XStorage >& rxStore );
 
-            // HACK: Set a signature file name, use this until sig in storage works!
-    void    SetSignatureFileName( const rtl::OUString& rName ) { maSigFileName = rName; }
-
                 // Execute the dialog...
     short       Execute();
 
diff --git a/xmlsecurity/prj/d.lst b/xmlsecurity/prj/d.lst
index 891a5d4b27c6..5d2d8bd971f0 100644
--- a/xmlsecurity/prj/d.lst
+++ b/xmlsecurity/prj/d.lst
@@ -1,4 +1,5 @@
 ..\%__SRC%\bin\xsec_fw.dll %_DEST%\bin%_EXT%\xsec_fw.dll
 ..\%__SRC%\bin\xsec_xmlsec.dll %_DEST%\bin%_EXT%\xsec_xmlsec.dll
 ..\%__SRC%\bin\xmlsecurity.dll %_DEST%\bin%_EXT%\xmlsecurity.dll
+..\%__SRC%\lib\*.so %_DEST%\bin%_EXT%\*
 ..\%__SRC%\bin\xmlsec*.res %_DEST%\bin%_EXT%\xmlsec*.res
diff --git a/xmlsecurity/source/component/documentdigitalsignatures.cxx b/xmlsecurity/source/component/documentdigitalsignatures.cxx
index d0d6cb643ac9..eadaf3c4b2e8 100644
--- a/xmlsecurity/source/component/documentdigitalsignatures.cxx
+++ b/xmlsecurity/source/component/documentdigitalsignatures.cxx
@@ -2,9 +2,9 @@
  *
  *  $RCSfile: documentdigitalsignatures.cxx,v $
  *
- *  $Revision: 1.11 $
+ *  $Revision: 1.12 $
  *
- *  last change: $Author: mt $ $Date: 2004-07-26 12:13:28 $
+ *  last change: $Author: mt $ $Date: 2004-07-27 11:55:25 $
  *
  *  The Contents of this file are made available subject to the terms of
  *  either of the following licenses
@@ -165,10 +165,10 @@ com::sun::star::uno::Sequence< ::com::sun::star::security::DocumentSignaturesInf
         aSignatureHelper.ReadAndVerifySignature( xInputStream );
     }
 
-    aStreamHelper.Clear();
-
     aSignatureHelper.EndMission();
 
+    aStreamHelper.Clear();
+
     uno::Reference< ::com::sun::star::xml::crypto::XSecurityEnvironment > xSecEnv = aSignatureHelper.GetSecurityEnvironment();
 
     SignatureInformations aSignInfos = aSignatureHelper.GetSignatureInformations();
@@ -188,6 +188,8 @@ com::sun::star::uno::Sequence< ::com::sun::star::security::DocumentSignaturesInf
             aInfos[n].SignatureDate = String( rInfo.ouDate ).ToInt32();
             aInfos[n].SignatureTime = String( rInfo.ouTime ).ToInt32();
 
+            DBG_ASSERT( rInfo.nStatus != STATUS_INIT, "Signature not processed!" );
+
             aInfos[n].SignatureIsValid = ( rInfo.nStatus == STATUS_VERIFY_SUCCEED );
 
             if ( aInfos[n].SignatureIsValid )
diff --git a/xmlsecurity/source/dialogs/certificateviewer.cxx b/xmlsecurity/source/dialogs/certificateviewer.cxx
index 799e2f96b8ec..7e7b51827f64 100644
--- a/xmlsecurity/source/dialogs/certificateviewer.cxx
+++ b/xmlsecurity/source/dialogs/certificateviewer.cxx
@@ -2,9 +2,9 @@
  *
  *  $RCSfile: certificateviewer.cxx,v $
  *
- *  $Revision: 1.13 $
+ *  $Revision: 1.14 $
  *
- *  last change: $Author: gt $ $Date: 2004-07-27 09:00:35 $
+ *  last change: $Author: mt $ $Date: 2004-07-27 11:55:25 $
  *
  *  The Contents of this file are made available subject to the terms of
  *  either of the following licenses
@@ -412,7 +412,8 @@ CertificateViewerCertPathTP::CertificateViewerCertPathTP( Window* _pParent, Cert
     SvLBoxEntry*    pParent = NULL;
     for( int i = nCnt; i; )
     {
-           pParent = InsertCert( pParent, XmlSec::GetContentPart( pCertPath[ --i ]->getSubjectName(), aCN_Id ), pCertPath[ i ] );
+        const Reference< security::XCertificate > rCert = pCertPath[ --i ];
+           pParent = InsertCert( pParent, XmlSec::GetContentPart( rCert->getSubjectName(), aCN_Id ), rCert );
     }
 
     maCertPathLB.Select( pParent );
diff --git a/xmlsecurity/source/dialogs/digitalsignaturesdialog.cxx b/xmlsecurity/source/dialogs/digitalsignaturesdialog.cxx
index 62f8e7fc6f0b..615c304d8c37 100644
--- a/xmlsecurity/source/dialogs/digitalsignaturesdialog.cxx
+++ b/xmlsecurity/source/dialogs/digitalsignaturesdialog.cxx
@@ -2,9 +2,9 @@
  *
  *  $RCSfile: digitalsignaturesdialog.cxx,v $
  *
- *  $Revision: 1.11 $
+ *  $Revision: 1.12 $
  *
- *  last change: $Author: gt $ $Date: 2004-07-27 07:57:11 $
+ *  last change: $Author: mt $ $Date: 2004-07-27 11:55:25 $
  *
  *  The Contents of this file are made available subject to the terms of
  *  either of the following licenses
@@ -97,18 +97,6 @@ using namespace ::com::sun::star::security;
 #endif
 
 using namespace ::com::sun::star;
-using namespace ::com::sun::star;
-
-void DigitalSignaturesDialog::SetState( SigState _eState )
-{
-    bool    bShowValid = _eState == S_VALID;
-    bool    bShowInvalid = _eState == S_BROKEN;
-
-    maSigsValidImg.Show( bShowValid );
-    maSigsValidFI.Show( bShowValid );
-    maSigsInvalidImg.Show( bShowInvalid );
-    maSigsInvalidFI.Show( bShowInvalid );
-}
 
 DigitalSignaturesDialog::DigitalSignaturesDialog( Window* pParent, uno::Reference< lang::XMultiServiceFactory >& rxMSF, DocumentSignatureMode eMode, sal_Bool bReadOnly )
     :ModalDialog        ( pParent, XMLSEC_RES( RID_XMLSECDLG_DIGSIG ) )
@@ -136,8 +124,6 @@ DigitalSignaturesDialog::DigitalSignaturesDialog( Window* pParent, uno::Referenc
 
     FreeResource();
 
-    SetState( S_NONE );     // first hide state image & info
-
     mbVerifySignatures = true;
     mbSignaturesChanged = false;
 
@@ -239,7 +225,7 @@ IMPL_LINK( DigitalSignaturesDialog, AddButtonHdl, Button*, EMPTYARG )
         maSignatureHelper.GetSecurityEnvironment()->getPersonalCertificates();
 
         uno::Reference<com::sun::star::xml::crypto::XSecurityEnvironment> xSecEnv = maSignatureHelper.GetSecurityEnvironment();
-        CertificateChooser aChooser( this, xSecEnv, aCurrentSignatureInformations );
+        CertificateChooser aChooser( this, xSecEnv, maCurrentSignatureInformations );
         if( aChooser.Execute() )
         {
             uno::Reference< ::com::sun::star::security::XCertificate > xCert = aChooser.GetSelectedCertificate();
@@ -294,9 +280,9 @@ IMPL_LINK( DigitalSignaturesDialog, AddButtonHdl, Button*, EMPTYARG )
             uno::Reference< com::sun::star::xml::sax::XDocumentHandler> xDocumentHandler = maSignatureHelper.CreateDocumentHandlerWithHeader( xOutputStream );
 
             // Export old signatures...
-            int nInfos = aCurrentSignatureInformations.size();
+            int nInfos = maCurrentSignatureInformations.size();
             for ( int n = 0; n < nInfos; n++ )
-                maSignatureHelper.ExportSignature( xDocumentHandler, aCurrentSignatureInformations[n]);
+                maSignatureHelper.ExportSignature( xDocumentHandler, maCurrentSignatureInformations[n]);
 
             // Create a new one...
             bool bDone = maSignatureHelper.CreateAndWriteSignature( xDocumentHandler );
@@ -338,16 +324,16 @@ IMPL_LINK( DigitalSignaturesDialog, RemoveButtonHdl, Button*, EMPTYARG )
     if( maSignaturesLB.FirstSelected() )
     {
         USHORT nSelected = (USHORT) (sal_Int32) maSignaturesLB.FirstSelected()->GetUserData();
-        aCurrentSignatureInformations.erase( aCurrentSignatureInformations.begin()+nSelected );
+        maCurrentSignatureInformations.erase( maCurrentSignatureInformations.begin()+nSelected );
 
         // Export all other signatures...
         SignatureStreamHelper aStreamHelper = DocumentSignatureHelper::OpenSignatureStream( mxStore, embed::ElementModes::WRITE|embed::ElementModes::TRUNCATE, meSignatureMode );
         uno::Reference< io::XOutputStream > xOutputStream( aStreamHelper.xSignatureStream, uno::UNO_QUERY );
         uno::Reference< com::sun::star::xml::sax::XDocumentHandler> xDocumentHandler = maSignatureHelper.CreateDocumentHandlerWithHeader( xOutputStream );
 
-        int nInfos = aCurrentSignatureInformations.size();
+        int nInfos = maCurrentSignatureInformations.size();
         for( int n = 0 ; n < nInfos ; ++n )
-            maSignatureHelper.ExportSignature( xDocumentHandler, aCurrentSignatureInformations[ n ] );
+            maSignatureHelper.ExportSignature( xDocumentHandler, maCurrentSignatureInformations[ n ] );
 
         maSignatureHelper.CloseDocumentHandler( xDocumentHandler);
 
@@ -379,61 +365,78 @@ void DigitalSignaturesDialog::ImplFillSignaturesBox()
     uno::Reference< ::com::sun::star::xml::crypto::XSecurityEnvironment > xSecEnv = maSignatureHelper.GetSecurityEnvironment();
     uno::Reference< ::com::sun::star::security::XCertificate > xCert;
 
-    String  aCN_Id( String::CreateFromAscii( "CN" ) );
-    String  aNullStr;
-    int     nInfos = aCurrentSignatureInformations.size();
-    int     nValidCnt = 0;
-    bool    bValid;
-    for( int n = 0; n < nInfos; ++n )
+    String aCN_Id( String::CreateFromAscii( "CN" ) );
+    String aNullStr;
+    int nInfos = maCurrentSignatureInformations.size();
+    int nValidSigs = 0;
+
+    if( nInfos )
     {
-        const SignatureInformation& rInfo = aCurrentSignatureInformations[n];
-        xCert = xSecEnv->getCertificate( rInfo.ouX509IssuerName, numericStringToBigInteger( rInfo.ouX509SerialNumber ) );
+        std::vector< rtl::OUString > aElementsToBeVerified = DocumentSignatureHelper::CreateElementList( mxStore, ::rtl::OUString(), meSignatureMode );
+        for( int n = 0; n < nInfos; ++n )
+        {
+            const SignatureInformation& rInfo = maCurrentSignatureInformations[n];
+            xCert = xSecEnv->getCertificate( rInfo.ouX509IssuerName, numericStringToBigInteger( rInfo.ouX509SerialNumber ) );
 
-        // If we don't get it, create it from signature data:
-        if ( !xCert.is() )
-            xCert = xSecEnv->createCertificateFromAscii( rInfo.ouX509Certificate ) ;
+            // If we don't get it, create it from signature data:
+            if ( !xCert.is() )
+                xCert = xSecEnv->createCertificateFromAscii( rInfo.ouX509Certificate ) ;
 
-        DBG_ASSERT( xCert.is(), "Certificate not found and can't be created!" );
+            DBG_ASSERT( xCert.is(), "Certificate not found and can't be created!" );
 
-        String  aSubject;
-        String  aIssuer;
-        String  aDateTimeStr;
-        if( xCert.is() )
-        {
-            aSubject = XmlSec::GetContentPart( xCert->getSubjectName(), aCN_Id );
-            aIssuer = XmlSec::GetContentPart( rInfo.ouX509IssuerName, aCN_Id );
-            aDateTimeStr = XmlSec::GetDateTimeString( rInfo.ouDate, rInfo.ouTime );
-        }
-        else
-        {
-#if OSL_DEBUG_LEVEL > 1
-            aSubject = String::CreateFromAscii( "ERROR getting certificate!" );
-#endif
-        }
+            String  aSubject;
+            String  aIssuer;
+            String  aDateTimeStr;
+            if( xCert.is() )
+            {
+                aSubject = XmlSec::GetContentPart( xCert->getSubjectName(), aCN_Id );
+                aIssuer = XmlSec::GetContentPart( rInfo.ouX509IssuerName, aCN_Id );
+                aDateTimeStr = XmlSec::GetDateTimeString( rInfo.ouDate, rInfo.ouTime );
+            }
+
+            // New signatures are not verified, must be valid. Status is INIT.
+            bool bValid = ( rInfo.nStatus == STATUS_VERIFY_SUCCEED ) || ( rInfo.nStatus == STATUS_INIT );
+            if ( bValid )
+            {
+                // Can only be valid if ALL streams are signed, which means real stream count == signed stream count
+                int nRealCount = 0;
+                for ( int i = rInfo.vSignatureReferenceInfors.size(); i; )
+                {
+                    const SignatureReferenceInformation& rInf = rInfo.vSignatureReferenceInfors[--i];
+                    // There is also an extra entry of type TYPE_SAMEDOCUMENT_REFERENCE because of signature date.
+                    if ( ( rInf.nType == TYPE_BINARYSTREAM_REFERENCE ) || ( rInf.nType == TYPE_XMLSTREAM_REFERENCE ) )
+                        nRealCount++;
+                }
+                bValid = ( aElementsToBeVerified.size() == nRealCount );
 
-        bValid = true;
-        if( bValid )
-            ++nValidCnt;
+                if( bValid )
+                    nValidSigs++;
+            }
 
-        Image           aImg( bValid? maSigsValidImg.GetImage() : maSigsInvalidImg.GetImage() );
-        SvLBoxEntry*    pEntry = maSignaturesLB.InsertEntry( aNullStr, aImg, aImg );
-        maSignaturesLB.SetEntryText( aSubject, pEntry, 1 );
-        maSignaturesLB.SetEntryText( aIssuer, pEntry, 2 );
-        maSignaturesLB.SetEntryText( aDateTimeStr, pEntry, 3 );
-        pEntry->SetUserData( ( void* ) n );     // missuse user data as index
+            Image aImg( bValid? maSigsValidImg.GetImage() : maSigsInvalidImg.GetImage() );
+            SvLBoxEntry* pEntry = maSignaturesLB.InsertEntry( aNullStr, aImg, aImg );
+            maSignaturesLB.SetEntryText( aSubject, pEntry, 1 );
+            maSignaturesLB.SetEntryText( aIssuer, pEntry, 2 );
+            maSignaturesLB.SetEntryText( aDateTimeStr, pEntry, 3 );
+            pEntry->SetUserData( ( void* ) n );     // missuse user data as index
+        }
     }
 
-    bValid = ( nValidCnt == nInfos );
-    maSigsInvalidImg.SetImage( bValid? maSigsValidImg.GetImage() : maSigsInvalidImg.GetImage() );
+    bool bAllSigsValid = ( nValidSigs == nInfos );
+    bool bShowValidState = nInfos && bAllSigsValid;
+    bool bShowInvalidState = nInfos && !bAllSigsValid;
+    maSigsValidImg.Show( bShowValidState );
+    maSigsValidFI.Show( bShowValidState );
+    maSigsInvalidImg.Show( bShowInvalidState );
+    maSigsInvalidFI.Show( bShowInvalidState );
 
-    SetState( bValid? S_VALID : S_BROKEN );
 
     SignatureHighlightHdl( NULL );
 }
 
 void DigitalSignaturesDialog::ImplGetSignatureInformations()
 {
-    aCurrentSignatureInformations.clear();
+    maCurrentSignatureInformations.clear();
 
     maSignatureHelper.StartMission();
 
@@ -441,15 +444,13 @@ void DigitalSignaturesDialog::ImplGetSignatureInformations()
     if ( aStreamHelper.xSignatureStream.is() )
     {
         uno::Reference< io::XInputStream > xInputStream( aStreamHelper.xSignatureStream, uno::UNO_QUERY );
-        bool bVerifyOK = maSignatureHelper.ReadAndVerifySignature( xInputStream );
-
-        if ( bVerifyOK )
-            aCurrentSignatureInformations = maSignatureHelper.GetSignatureInformations();
+        maSignatureHelper.ReadAndVerifySignature( xInputStream );
     }
+    maSignatureHelper.EndMission();
 
-    aStreamHelper.Clear();
+    maCurrentSignatureInformations = maSignatureHelper.GetSignatureInformations();
 
-    maSignatureHelper.EndMission();
+    aStreamHelper.Clear();
 
     mbVerifySignatures = false;
 }
@@ -459,7 +460,7 @@ void DigitalSignaturesDialog::ImplShowSignaturesDetails()
     if( maSignaturesLB.FirstSelected() )
     {
         USHORT nSelected = (USHORT) (sal_Int32) maSignaturesLB.FirstSelected()->GetUserData();
-        const SignatureInformation& rInfo = aCurrentSignatureInformations[ nSelected ];
+        const SignatureInformation& rInfo = maCurrentSignatureInformations[ nSelected ];
         uno::Reference< dcss::security::XCertificate > xCert = maSignatureHelper.GetSecurityEnvironment()->getCertificate( rInfo.ouX509IssuerName, numericStringToBigInteger( rInfo.ouX509SerialNumber ) );
 
         // If we don't get it, create it from signature data: