diff options
Diffstat (limited to 'include')
-rw-r--r-- | include/comphelper/documentinfo.hxx | 5 | ||||
-rw-r--r-- | include/oox/ole/axcontrol.hxx | 2 | ||||
-rw-r--r-- | include/sfx2/DocumentMetadataAccess.hxx | 9 | ||||
-rw-r--r-- | include/sfx2/docmacromode.hxx | 14 | ||||
-rw-r--r-- | include/sfx2/objsh.hxx | 7 | ||||
-rw-r--r-- | include/sfx2/strings.hrc | 4 | ||||
-rw-r--r-- | include/svl/sigstruct.hxx | 48 | ||||
-rw-r--r-- | include/vcl/BitmapTools.hxx | 3 | ||||
-rw-r--r-- | include/vcl/filter/PDFiumLibrary.hxx | 95 | ||||
-rw-r--r-- | include/vcl/filter/pdfdocument.hxx | 8 | ||||
-rw-r--r-- | include/xmloff/xmlimp.hxx | 9 | ||||
-rw-r--r-- | include/xmloff/xmlnmspe.hxx | 10 | ||||
-rw-r--r-- | include/xmloff/xmltoken.hxx | 13 |
13 files changed, 203 insertions, 24 deletions
diff --git a/include/comphelper/documentinfo.hxx b/include/comphelper/documentinfo.hxx index c30d79b40c95..e9c2b153885a 100644 --- a/include/comphelper/documentinfo.hxx +++ b/include/comphelper/documentinfo.hxx @@ -35,8 +35,11 @@ namespace comphelper { /** retrieves the UI title of the given document */ COMPHELPER_DLLPUBLIC OUString getDocumentTitle( const css::uno::Reference< css::frame::XModel >& _rxDocument ); - } + /** notify that this document contains a macro event handler + */ + COMPHELPER_DLLPUBLIC void notifyMacroEventRead( const css::uno::Reference< css::frame::XModel >& _rxDocument ); + } } // namespace comphelper diff --git a/include/oox/ole/axcontrol.hxx b/include/oox/ole/axcontrol.hxx index a932a7bcfcd2..434c0c43c49b 100644 --- a/include/oox/ole/axcontrol.hxx +++ b/include/oox/ole/axcontrol.hxx @@ -334,6 +334,8 @@ public: PropertySet const & rPropSet, sal_Int32& nOrientation ); + const css::uno::Reference<css::frame::XModel> GetDocModel() const { return mxDocModel; } + private: css::uno::Reference< css::frame::XModel > mxDocModel; const GraphicHelper& mrGraphicHelper; diff --git a/include/sfx2/DocumentMetadataAccess.hxx b/include/sfx2/DocumentMetadataAccess.hxx index 31a61adebb01..cf5a2ddbcbac 100644 --- a/include/sfx2/DocumentMetadataAccess.hxx +++ b/include/sfx2/DocumentMetadataAccess.hxx @@ -44,6 +44,9 @@ namespace com { namespace sun { namespace star { namespace embed { class XStorage; } } } } +namespace com { namespace sun { namespace star { namespace frame { + class XModel; +} } } } class SfxObjectShell; namespace sfx2 { @@ -52,7 +55,7 @@ namespace sfx2 { /** create a base URI for loading metadata from an ODF (sub)document. @param i_xContext component context - @param i_xStorage storage for the document; FileSystemStorage is allowed + @param i_xModel model of the document (required if no URI is provided) @param i_rPkgURI the URI for the package @param i_rSubDocument (optional) path of the subdocument in package @@ -60,8 +63,8 @@ namespace sfx2 { */ css::uno::Reference< css::rdf::XURI> SFX2_DLLPUBLIC createBaseURI( - css::uno::Reference< css::uno::XComponentContext> const & i_xContext, - css::uno::Reference< css::embed::XStorage> const & i_xStorage, + css::uno::Reference<css::uno::XComponentContext> const & i_xContext, + css::uno::Reference<css::frame::XModel> const & i_xModel, OUString const & i_rPkgURI, OUString const & i_rSubDocument = OUString()); diff --git a/include/sfx2/docmacromode.hxx b/include/sfx2/docmacromode.hxx index f043e36a26d3..19199f7a410e 100644 --- a/include/sfx2/docmacromode.hxx +++ b/include/sfx2/docmacromode.hxx @@ -111,6 +111,12 @@ namespace sfx2 virtual bool documentStorageHasMacros() const = 0; + /** checks whether the document's contained calls to macros or scripts after loading + + */ + virtual bool + macroCallsSeenWhileLoading() const = 0; + /** provides access to the XEmbeddedScripts interface of the document Implementations are allowed to return <NULL/> here if and only if they @@ -212,7 +218,8 @@ namespace sfx2 <TRUE/> if and only if macro execution in this document is allowed. */ bool adjustMacroMode( - const css::uno::Reference< css::task::XInteractionHandler >& _rxInteraction + const css::uno::Reference< css::task::XInteractionHandler >& _rxInteraction, + bool bHasValidContentSignature = false ); /** determines whether macro execution is disallowed @@ -272,16 +279,19 @@ namespace sfx2 @see isMacroExecutionDisallowed @see IMacroDocumentAccess::documentStorageHasMacros + @see IMacroDocumentAccess::macroCallsSeenWhileLoading @see hasMacroLibrary @see IMacroDocumentAccess::checkForBrokenScriptingSignatures */ bool checkMacrosOnLoading( - const css::uno::Reference< css::task::XInteractionHandler >& _rxInteraction + const css::uno::Reference< css::task::XInteractionHandler >& _rxInteraction, + bool bHasValidContentSignature = false ); private: std::shared_ptr< DocumentMacroMode_Data > m_xData; + bool m_bNeedsContentSigned; }; diff --git a/include/sfx2/objsh.hxx b/include/sfx2/objsh.hxx index d04758567c80..8e5a207a578a 100644 --- a/include/sfx2/objsh.hxx +++ b/include/sfx2/objsh.hxx @@ -404,6 +404,8 @@ public: */ bool AdjustMacroMode(); + static bool UnTrustedScript(const OUString& rScriptURL); + SvKeyValueIterator* GetHeaderAttributes(); void ClearHeaderAttributesForSourceViewHack(); void SetHeaderAttributesForSourceViewHack(); @@ -424,6 +426,9 @@ public: sal_uInt32 GetModifyPasswordHash() const; bool SetModifyPasswordHash( sal_uInt32 nHash ); + void SetMacroCallsSeenWhileLoading(); + bool GetMacroCallsSeenWhileLoading() const; + const css::uno::Sequence< css::beans::PropertyValue >& GetModifyPasswordInfo() const; bool SetModifyPasswordInfo( const css::uno::Sequence< css::beans::PropertyValue >& aInfo ); @@ -742,7 +747,7 @@ public: // configuration items SAL_DLLPRIVATE SignatureState ImplGetSignatureState( bool bScriptingContent = false ); - SAL_DLLPRIVATE css::uno::Sequence< css::security::DocumentSignatureInformation > + /*SAL_DLLPRIVATE*/ css::uno::Sequence< css::security::DocumentSignatureInformation > ImplAnalyzeSignature( bool bScriptingContent, const css::uno::Reference< css::security::XDocumentDigitalSignatures >& xSigner diff --git a/include/sfx2/strings.hrc b/include/sfx2/strings.hrc index 82b71b7294e8..2e9726d0565a 100644 --- a/include/sfx2/strings.hrc +++ b/include/sfx2/strings.hrc @@ -258,8 +258,8 @@ #define STR_READONLY_SIGN NC_("STR_READONLY_SIGN", "Sign Document") #define STR_SIGNATURE_BROKEN NC_("STR_SIGNATURE_BROKEN", "This document has an invalid signature.") #define STR_SIGNATURE_INVALID NC_("STR_SIGNATURE_INVALID", "The signature was valid, but the document has been modified") -#define STR_SIGNATURE_NOTVALIDATED NC_("STR_SIGNATURE_NOTVALIDATED", "The signature is OK, but the certificate could not be validated.") -#define STR_SIGNATURE_PARTIAL_OK NC_("STR_SIGNATURE_PARTIAL_OK", "The signature is OK, but the document is only partially signed.") +#define STR_SIGNATURE_NOTVALIDATED NC_("STR_SIGNATURE_NOTVALIDATED", "At least one signature has problems: the certificate could not be validated.") +#define STR_SIGNATURE_PARTIAL_OK NC_("STR_SIGNATURE_PARTIAL_OK", "At least one signature has problems: the document is only partially signed.") #define STR_SIGNATURE_NOTVALIDATED_PARTIAL_OK NC_("STR_SIGNATURE_NOTVALIDATED_PARTIAL_OK", "The certificate could not be validated and the document is only partially signed.") #define STR_SIGNATURE_OK NC_("STR_SIGNATURE_OK", "This document is digitally signed and the signature is valid.") #define STR_SIGNATURE_SHOW NC_("STR_SIGNATURE_SHOW", "Show Signatures") diff --git a/include/svl/sigstruct.hxx b/include/svl/sigstruct.hxx index 414e0cd88a41..02b5c11e73a3 100644 --- a/include/svl/sigstruct.hxx +++ b/include/svl/sigstruct.hxx @@ -47,6 +47,8 @@ struct SignatureReferenceInformation // For ODF: XAdES digests (SHA256) or the old SHA1, from css::xml::crypto::DigestID sal_Int32 nDigestID; OUString ouDigestValue; + /// Type of the reference: an URI (newer idSignedProperties references) or empty. + OUString ouType; SignatureReferenceInformation() : nType(SignatureReferenceType::SAMEDOCUMENT), @@ -56,12 +58,13 @@ struct SignatureReferenceInformation { } - SignatureReferenceInformation( SignatureReferenceType type, sal_Int32 digestID, const OUString& uri ) : + SignatureReferenceInformation( SignatureReferenceType type, sal_Int32 digestID, const OUString& uri, const OUString& rType ) : SignatureReferenceInformation() { nType = type; nDigestID = digestID; ouURI = uri; + ouType = rType; } }; @@ -85,9 +88,30 @@ struct SignatureInformation sal_Int32 nSecurityId; css::xml::crypto::SecurityOperationStatus nStatus; SignatureReferenceInformations vSignatureReferenceInfors; - OUString ouX509IssuerName; - OUString ouX509SerialNumber; - OUString ouX509Certificate; + struct X509CertInfo + { + OUString X509IssuerName; + OUString X509SerialNumber; + OUString X509Certificate; + /// OOXML certificate SHA-256 digest, empty for ODF except when doing XAdES signature. + OUString CertDigest; + /// The certificate owner (aka subject). + OUString X509Subject; + }; + typedef std::vector<X509CertInfo> X509Data; + // note: at parse time, it's unkown which one is the signing certificate; + // ImplVerifySignatures() figures it out and puts it at the back + std::vector<X509Data> X509Datas; + + X509CertInfo const* GetSigningCertificate() const + { + if (X509Datas.empty()) + { + return nullptr; + } + assert(!X509Datas.back().empty()); + return & X509Datas.back().back(); + } OUString ouGpgKeyID; OUString ouGpgCertificate; @@ -99,6 +123,9 @@ struct SignatureInformation // XAdES EncapsulatedX509Certificate values std::set<OUString> maEncapsulatedX509Certificates; + OUString ouSignatureId; + // signature may contain multiple time stamps - check they're consistent + bool hasInconsistentSigningTime = false; //We also keep the date and time as string. This is done when this //structure is created as a result of a XML signature being read. //When then a signature is added or another removed, then the original @@ -111,18 +138,16 @@ struct SignatureInformation //and the converted time is written back, then the string looks different //and the signature is broken. OUString ouDateTime; - OUString ouSignatureId; - OUString ouPropertyId; + /// The Id attribute of the <SignatureProperty> element that contains the <dc:date>. + OUString ouDateTimePropertyId; /// Characters of the <dc:description> element inside the signature. OUString ouDescription; /// The Id attribute of the <SignatureProperty> element that contains the <dc:description>. OUString ouDescriptionPropertyId; - /// OOXML certificate SHA-256 digest, empty for ODF except when doing XAdES signature. - OUString ouCertDigest; - /// OOXML Valid and invalid signature images + /// Valid and invalid signature line images css::uno::Reference<css::graphic::XGraphic> aValidSignatureImage; css::uno::Reference<css::graphic::XGraphic> aInvalidSignatureImage; - /// OOXML Signature Line Id, used to map signatures to their respective signature line images. + /// Signature Line Id, used to map signatures to their respective signature line images. OUString ouSignatureLineId; /// A full OOXML signature for unchanged roundtrip, empty for ODF. css::uno::Sequence<sal_Int8> aSignatureBytes; @@ -133,9 +158,6 @@ struct SignatureInformation /// For PDF: the byte range doesn't cover the whole document. bool bPartialDocumentSignature; - /// The certificate owner (aka subject). - OUString ouSubject; - svl::crypto::SignatureMethodAlgorithm eAlgorithmID; SignatureInformation( sal_Int32 nId ) diff --git a/include/vcl/BitmapTools.hxx b/include/vcl/BitmapTools.hxx index 75eb6ed53077..2ff0f69eea79 100644 --- a/include/vcl/BitmapTools.hxx +++ b/include/vcl/BitmapTools.hxx @@ -45,7 +45,8 @@ public: assert(nBitCount == 24 || nBitCount == 32); sal_Int32 nRowSize, nDataSize; if (o3tl::checked_multiply<sal_Int32>(rSize.getWidth(), nBitCount/8, nRowSize) || - o3tl::checked_multiply<sal_Int32>(nRowSize, rSize.getHeight(), nDataSize)) + o3tl::checked_multiply<sal_Int32>(nRowSize, rSize.getHeight(), nDataSize) || + nDataSize < 0) { throw std::bad_alloc(); } diff --git a/include/vcl/filter/PDFiumLibrary.hxx b/include/vcl/filter/PDFiumLibrary.hxx new file mode 100644 index 000000000000..027e4939fab1 --- /dev/null +++ b/include/vcl/filter/PDFiumLibrary.hxx @@ -0,0 +1,95 @@ +/* -*- Mode: C++; tab-width: 4; indent-tabs-mode: nil; c-basic-offset: 4 -*- */ +/* + * This file is part of the LibreOffice project. + * + * This Source Code Form is subject to the terms of the Mozilla Public + * License, v. 2.0. If a copy of the MPL was not distributed with this + * file, You can obtain one at http://mozilla.org/MPL/2.0/. + * + */ + +#pragma once + +#include <config_features.h> + +#if HAVE_FEATURE_PDFIUM + +#include <memory> +#include <rtl/instance.hxx> +#include <vcl/dllapi.h> +#include <vcl/checksum.hxx> + +#include <fpdf_doc.h> + +namespace vcl +{ +namespace pdf +{ +class PDFiumDocument; + +class VCL_DLLPUBLIC PDFium final +{ +private: + PDFium(const PDFium&) = delete; + PDFium& operator=(const PDFium&) = delete; + +public: + PDFium(); + ~PDFium(); +}; + +class VCL_DLLPUBLIC PDFiumPage final +{ +private: + FPDF_PAGE mpPage; + +private: + PDFiumPage(const PDFiumPage&) = delete; + PDFiumPage& operator=(const PDFiumPage&) = delete; + +public: + PDFiumPage(FPDF_PAGE pPage) + : mpPage(pPage) + { + } + + ~PDFiumPage() + { + if (mpPage) + FPDF_ClosePage(mpPage); + } + + FPDF_PAGE getPointer() { return mpPage; } + + /// Get bitmap checksum of the page, without annotations/commenting. + BitmapChecksum getChecksum(int nMDPPerm); +}; + +class VCL_DLLPUBLIC PDFiumDocument final +{ +private: + FPDF_DOCUMENT mpPdfDocument; + +private: + PDFiumDocument(const PDFiumDocument&) = delete; + PDFiumDocument& operator=(const PDFiumDocument&) = delete; + +public: + PDFiumDocument(FPDF_DOCUMENT pPdfDocument); + ~PDFiumDocument(); + + int getPageCount(); + + std::unique_ptr<PDFiumPage> openPage(int nIndex); +}; + +struct PDFiumLibrary : public rtl::StaticWithInit<std::shared_ptr<PDFium>, PDFiumLibrary> +{ + std::shared_ptr<PDFium> operator()() { return std::make_shared<PDFium>(); } +}; +} +} // namespace vcl::pdf + +#endif // HAVE_FEATURE_PDFIUM + +/* vim:set shiftwidth=4 softtabstop=4 expandtab: */ diff --git a/include/vcl/filter/pdfdocument.hxx b/include/vcl/filter/pdfdocument.hxx index 03180fd0597f..c5297c553736 100644 --- a/include/vcl/filter/pdfdocument.hxx +++ b/include/vcl/filter/pdfdocument.hxx @@ -381,6 +381,7 @@ public: size_t GetObjectOffset(size_t nIndex) const; const std::vector<std::unique_ptr<PDFElement>>& GetElements(); std::vector<PDFObjectElement*> GetPages(); + PDFObjectElement* GetCatalog(); /// Remember the end location of an EOF token. void PushBackEOF(size_t nOffset); /// Look up object based on object number, possibly by parsing object streams. @@ -406,8 +407,15 @@ public: bool Write(SvStream& rStream); /// Get a list of signatures embedded into this document. std::vector<PDFObjectElement*> GetSignatureWidgets(); + /** + * Get the value of the "modification detection and prevention" permission: + * Valid values are 1, 2 and 3: only 3 allows annotations after signing. + */ + int GetMDPPerm(); /// Remove the nth signature from read document in the edit buffer. bool RemoveSignature(size_t nPosition); + /// Get byte offsets of the end of incremental updates. + const std::vector<size_t>& GetEOFs() const; //@} }; diff --git a/include/xmloff/xmlimp.hxx b/include/xmloff/xmlimp.hxx index f213f21cd2fa..1d1f1f457368 100644 --- a/include/xmloff/xmlimp.hxx +++ b/include/xmloff/xmlimp.hxx @@ -232,8 +232,12 @@ class XMLOFF_DLLPUBLIC SvXMLImport : public cppu::WeakImplHelper< static void initializeNamespaceMaps(); void registerNamespaces(); - std::unique_ptr<SvXMLNamespaceMap> processNSAttributes( +public: + static std::unique_ptr<SvXMLNamespaceMap> processNSAttributes( + std::unique_ptr<SvXMLNamespaceMap> & rpNamespaceMap, + SvXMLImport *const pImport, const css::uno::Reference< css::xml::sax::XAttributeList >& xAttrList); +private: void Characters(const OUString& aChars); css::uno::Reference< css::task::XStatusIndicator > mxStatusIndicator; @@ -241,6 +245,7 @@ class XMLOFF_DLLPUBLIC SvXMLImport : public cppu::WeakImplHelper< protected: bool mbIsFormsSupported; bool mbIsTableShapeSupported; + bool mbNotifyMacroEventRead; // Create top-level element context. // This method is called after the namespace map has been updated, but @@ -577,6 +582,8 @@ public: bool embeddedFontAlreadyProcessed( const OUString& url ); virtual void NotifyEmbeddedFontRead() {}; + // something referencing a macro/script was imported + void NotifyMacroEventRead(); bool needFixPositionAfterZ() const; }; diff --git a/include/xmloff/xmlnmspe.hxx b/include/xmloff/xmlnmspe.hxx index a00628b6b999..a7505a64190d 100644 --- a/include/xmloff/xmlnmspe.hxx +++ b/include/xmloff/xmlnmspe.hxx @@ -138,6 +138,16 @@ XML_NAMESPACE( XML_NAMESPACE_FIELD, 100U ) XML_NAMESPACE( XML_NAMESPACE_CSS3TEXT, 103U ) // CSS Text Level 3 XML_NAMESPACE( XML_NAMESPACE_FORMX, 101U ) // form interop extensions +// OOo extension digital signatures, used in ODF 1.1 +const sal_uInt16 XML_NAMESPACE_DSIG_OOO = 200; +// ODF 1.2 digital signature namespaces +const sal_uInt16 XML_NAMESPACE_DSIG = 201; +const sal_uInt16 XML_NAMESPACE_DS = 202; +const sal_uInt16 XML_NAMESPACE_XADES132 = 203; +const sal_uInt16 XML_NAMESPACE_XADES141 = 204; +// OOXML digital signature extension namespaces, also based on xmldsig-core +const sal_uInt16 XML_NAMESPACE_MDSSI = 205; +const sal_uInt16 XML_NAMESPACE_MSODIGSIG = 206; #endif // INCLUDED_XMLOFF_XMLNMSPE_HXX diff --git a/include/xmloff/xmltoken.hxx b/include/xmloff/xmltoken.hxx index 5a1cd6157887..2709aa9161a6 100644 --- a/include/xmloff/xmltoken.hxx +++ b/include/xmloff/xmltoken.hxx @@ -132,6 +132,19 @@ namespace xmloff { namespace token { XML_NP_GRDDL, XML_N_GRDDL, + // OOo extension digital signatures, used in ODF 1.1 + XML_NP_DSIG_OOO, + XML_N_DSIG_OOO, + // ODF 1.2 digital signatures + XML_NP_DSIG, + XML_N_DSIG, + XML_NP_DS, + XML_N_DS, + XML_NP_XADES132, + XML_N_XADES132, + XML_NP_XADES141, + XML_N_XADES141, + // ODF Enhanced namespaces XML_NP_OFFICE_EXT, XML_N_OFFICE_EXT, |