summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
Diffstat
-rw-r--r--xmlsecurity/source/component/documentdigitalsignatures.cxx7
-rw-r--r--xmlsecurity/source/dialogs/digitalsignaturesdialog.cxx6
-rw-r--r--xmlsecurity/source/gpg/SecurityEnvironment.cxx30
3 files changed, 40 insertions, 3 deletions
diff --git a/xmlsecurity/source/component/documentdigitalsignatures.cxx b/xmlsecurity/source/component/documentdigitalsignatures.cxx
index 4dfa87edeeda..7d2068d8133b 100644
--- a/xmlsecurity/source/component/documentdigitalsignatures.cxx
+++ b/xmlsecurity/source/component/documentdigitalsignatures.cxx
@@ -307,6 +307,7 @@ DocumentDigitalSignatures::ImplVerifySignatures(
rSignatureHelper.EndMission();
uno::Reference<xml::crypto::XSecurityEnvironment> xSecEnv = aSignatureManager.getSecurityEnvironment();
+ uno::Reference<xml::crypto::XSecurityEnvironment> xGpgSecEnv = aSignatureManager.getGpgSecurityEnvironment();
SignatureInformations aSignInfos = rSignatureHelper.GetSignatureInformations();
int nInfos = aSignInfos.size();
@@ -359,7 +360,11 @@ DocumentDigitalSignatures::ImplVerifySignatures(
{
//We should always be able to get the certificates because it is contained in the document,
//unless the document is damaged so that signature xml file could not be parsed.
- rSigInfo.CertificateStatus = css::security::CertificateValidity::INVALID;
+ rSigInfo.CertificateStatus =
+ xGpgSecEnv->verifyCertificate(rSigInfo.Signer,
+ Sequence<Reference<css::security::XCertificate> >());
+ // well - except for gpg signatures ...
+ //rSigInfo.CertificateStatus = css::security::CertificateValidity::INVALID;
}
rSigInfo.SignatureIsValid = ( rInfo.nStatus == css::xml::crypto::SecurityOperationStatus_OPERATION_SUCCEEDED );
diff --git a/xmlsecurity/source/dialogs/digitalsignaturesdialog.cxx b/xmlsecurity/source/dialogs/digitalsignaturesdialog.cxx
index f691ab063157..9c7ff5f6163d 100644
--- a/xmlsecurity/source/dialogs/digitalsignaturesdialog.cxx
+++ b/xmlsecurity/source/dialogs/digitalsignaturesdialog.cxx
@@ -500,6 +500,7 @@ void DigitalSignaturesDialog::ImplFillSignaturesBox()
m_pSignaturesLB->Clear();
uno::Reference<xml::crypto::XSecurityEnvironment> xSecEnv = maSignatureManager.getSecurityEnvironment();
+ uno::Reference<xml::crypto::XSecurityEnvironment> xGpgSecEnv = maSignatureManager.getGpgSecurityEnvironment();
uno::Reference< css::security::XCertificate > xCert;
@@ -535,6 +536,8 @@ void DigitalSignaturesDialog::ImplFillSignaturesBox()
//Todo: This probably could be removed, see above.
if (!xCert.is())
xCert = xSecEnv->getCertificate( rInfo.ouX509IssuerName, xmlsecurity::numericStringToBigInteger( rInfo.ouX509SerialNumber ) );
+ if (!xCert.is())
+ xCert = xGpgSecEnv->getCertificate( rInfo.ouX509IssuerName, xmlsecurity::numericStringToBigInteger( rInfo.ouX509SerialNumber ) );
SAL_WARN_IF( !xCert.is(), "xmlsecurity.dialogs", "Certificate not found and can't be created!" );
@@ -550,7 +553,8 @@ void DigitalSignaturesDialog::ImplFillSignaturesBox()
{
//check the validity of the cert
try {
- sal_Int32 certResult = xSecEnv->verifyCertificate(xCert,
+ // TODO: check for both sec envs ...
+ sal_Int32 certResult = xGpgSecEnv->verifyCertificate(xCert,
Sequence<css::uno::Reference<css::security::XCertificate> >());
bCertValid = certResult == css::security::CertificateValidity::VALID;
diff --git a/xmlsecurity/source/gpg/SecurityEnvironment.cxx b/xmlsecurity/source/gpg/SecurityEnvironment.cxx
index 323e267af6b0..83e6170a98c1 100644
--- a/xmlsecurity/source/gpg/SecurityEnvironment.cxx
+++ b/xmlsecurity/source/gpg/SecurityEnvironment.cxx
@@ -94,8 +94,36 @@ Sequence< Reference < XCertificate > > SecurityEnvironmentGpg::getPersonalCertif
return xCertificateSequence;
}
-Reference< XCertificate > SecurityEnvironmentGpg::getCertificate( const OUString& /*issuerName*/, const Sequence< sal_Int8 >& /*serialNumber*/ )
+Reference< XCertificate > SecurityEnvironmentGpg::getCertificate( const OUString& issuerName, const Sequence< sal_Int8 >& /*serialNumber*/ )
{
+ GpgME::initializeLibrary();
+ GpgME::Error err = GpgME::checkEngine(GpgME::OpenPGP);
+ if (err)
+ throw RuntimeException("The GpgME library failed to initialize for the OpenPGP protocol.");
+
+ GpgME::Context* ctx = GpgME::Context::createForProtocol(GpgME::OpenPGP);
+ if (ctx == nullptr)
+ throw RuntimeException("The GpgME library failed to initialize for the OpenPGP protocol.");
+
+ CertificateImpl* xCert=nullptr;
+ std::list< CertificateImpl* > certsList;
+
+ ctx->setKeyListMode(GPGME_KEYLIST_MODE_LOCAL);
+ OString ostr = OUStringToOString( issuerName , RTL_TEXTENCODING_UTF8 );
+ err = ctx->startKeyListing(ostr.getStr(), true);
+ while (!err) {
+ GpgME::Key k = ctx->nextKey(err);
+ if (err)
+ break;
+ if (!k.isInvalid()) {
+ xCert = new CertificateImpl();
+ xCert->setCertificate(k);
+ ctx->endKeyListing();
+ return xCert;
+ }
+ }
+ ctx->endKeyListing();
+
return nullptr;
}
generated by cgit v1.2.3 (git 2.39.1) at 2024-04-25 06:26:41 +0000