8 files changed, 50 insertions, 6 deletions
diff --git a/xmlsecurity/source/gpg/XMLSecurityContext.cxx b/xmlsecurity/source/gpg/XMLSecurityContext.cxx
index a05ea7e40c55..25621653e721 100644
--- a/xmlsecurity/source/gpg/XMLSecurityContext.cxx
+++ b/xmlsecurity/source/gpg/XMLSecurityContext.cxx
@@ -10,6 +10,9 @@
 #include "XMLSecurityContext.hxx"
 #include "SecurityEnvironment.hxx"
 
+#include "xmlsec/xmlstreamio.hxx"
+#include "xmlsec-wrapper.h"
+
 using namespace css::uno;
 using namespace css::lang;
 using namespace css::xml::crypto;
@@ -17,10 +20,32 @@ using namespace css::xml::crypto;
 XMLSecurityContextGpg::XMLSecurityContextGpg()
     : m_nDefaultEnvIndex(-1)
 {
+    // TODO: same code in XMLSecurityContext_NssImpl, not a good idea
+    // prolly to initialize twice ...
+    //Init xmlsec library
+    if( xmlSecInit() < 0 ) {
+        throw RuntimeException() ;
+    }
+
+    //Init xmlsec crypto engine library
+    if( xmlSecCryptoInit() < 0 ) {
+        xmlSecShutdown() ;
+        throw RuntimeException() ;
+    }
+
+    //Enable external stream handlers
+    if( xmlEnableStreamInputCallbacks() < 0 ) {
+        xmlSecCryptoShutdown() ;
+        xmlSecShutdown() ;
+        throw RuntimeException() ;
+    }
 }
 
 XMLSecurityContextGpg::~XMLSecurityContextGpg()
 {
+    xmlDisableStreamInputCallbacks() ;
+    xmlSecCryptoShutdown() ;
+    xmlSecShutdown() ;
 }
 
 sal_Int32 SAL_CALL XMLSecurityContextGpg::addSecurityEnvironment(
diff --git a/xmlsecurity/source/gpg/xmlsignature_gpgimpl.cxx b/xmlsecurity/source/gpg/xmlsignature_gpgimpl.cxx
index 4f4ff7956750..6c91d81f9ec4 100644
--- a/xmlsecurity/source/gpg/xmlsignature_gpgimpl.cxx
+++ b/xmlsecurity/source/gpg/xmlsignature_gpgimpl.cxx
@@ -92,12 +92,15 @@ SAL_CALL XMLSignature_GpgImpl::generate(
             throw RuntimeException() ;
     }
 
+#if 0
     //Get Keys Manager
     SecurityEnvironmentGpg* pSecEnv =
         dynamic_cast<SecurityEnvironmentGpg*>(aEnvironment.get());
     if( pSecEnv == nullptr )
         throw RuntimeException() ;
+#endif
 
+    // TODO pSecEnv is still from nss, roll our own impl there
     // TODO figure out key from pSecEnv!
     // unclear how/where that is transported in nss impl...
     setErrorRecorder();
diff --git a/xmlsecurity/source/helper/documentsignaturehelper.cxx b/xmlsecurity/source/helper/documentsignaturehelper.cxx
index 96f78aaa6c80..1d8d1c0d72cb 100644
--- a/xmlsecurity/source/helper/documentsignaturehelper.cxx
+++ b/xmlsecurity/source/helper/documentsignaturehelper.cxx
@@ -554,7 +554,8 @@ void DocumentSignatureHelper::writeSignedProperties(
     writeDigestMethod(xDocumentHandler);
 
     xDocumentHandler->startElement("DigestValue", uno::Reference<xml::sax::XAttributeList>(new SvXMLAttributeList()));
-    assert(!signatureInfo.ouCertDigest.isEmpty());
+    // TODO: this is empty for gpg signatures currently
+    //assert(!signatureInfo.ouCertDigest.isEmpty());
     xDocumentHandler->characters(signatureInfo.ouCertDigest);
     xDocumentHandler->endElement("DigestValue");
 
diff --git a/xmlsecurity/source/helper/documentsignaturemanager.cxx b/xmlsecurity/source/helper/documentsignaturemanager.cxx
index f2a155b4db8d..cc4ad6dbf9c8 100644
--- a/xmlsecurity/source/helper/documentsignaturemanager.cxx
+++ b/xmlsecurity/source/helper/documentsignaturemanager.cxx
@@ -251,11 +251,12 @@ bool DocumentSignatureManager::add(const uno::Reference<security::XCertificate>&
         return false;
     }
 
+    // TODO: no serial number currently on gpg keys - better/more
+    // discriminative error handling?
     OUString aCertSerial = xmlsecurity::bigIntegerToNumericString(xCert->getSerialNumber());
     if (aCertSerial.isEmpty())
     {
         SAL_WARN("xmlsecurity.helper", "Error in Certificate, problem with serial number!");
-        return false;
     }
 
     if (!mxStore.is())
@@ -292,6 +293,9 @@ bool DocumentSignatureManager::add(const uno::Reference<security::XCertificate>&
 
     maSignatureHelper.SetX509Certificate(nSecurityId, xCert->getIssuerName(), aCertSerial, aStrBuffer.makeStringAndClear(), aCertDigest);
 
+#if 0
+    // TODO: so this currently uses an NSS security environment,
+    // think how to do that more generically
     uno::Sequence< uno::Reference< security::XCertificate > > aCertPath = getSecurityEnvironment()->buildCertificatePath(xCert);
     const uno::Reference< security::XCertificate >* pCertPath = aCertPath.getConstArray();
     sal_Int32 nCnt = aCertPath.getLength();
@@ -301,6 +305,7 @@ bool DocumentSignatureManager::add(const uno::Reference<security::XCertificate>&
         sax::Converter::encodeBase64(aStrBuffer, pCertPath[i]->getEncoded());
         maSignatureHelper.AddEncapsulatedX509Certificate(aStrBuffer.makeStringAndClear());
     }
+#endif
 
     std::vector< OUString > aElements = DocumentSignatureHelper::CreateElementList(mxStore, meSignatureMode, DocumentSignatureAlgorithm::OOo3_2);
     DocumentSignatureHelper::AppendContentTypes(mxStore, aElements);
diff --git a/xmlsecurity/source/helper/xsecctl.cxx b/xmlsecurity/source/helper/xsecctl.cxx
index 9a5eb2f7b8e5..0498505ca887 100644
--- a/xmlsecurity/source/helper/xsecctl.cxx
+++ b/xmlsecurity/source/helper/xsecctl.cxx
@@ -124,8 +124,9 @@ void XSecController::createXSecComponent( )
 
     cssu::Reference< cssl::XMultiComponentFactory > xMCF( mxCtx->getServiceManager() );
 
+    // TODO: have two services here, one for x509, one for gpg?
     m_xXMLSignature.set(
-        xMCF->createInstanceWithContext("com.sun.star.xml.crypto.XMLSignature", mxCtx ),
+        xMCF->createInstanceWithContext("com.sun.star.xml.crypto.XMLSignature2", mxCtx ),
         cssu::UNO_QUERY );
 
     bool bSuccess = m_xXMLSignature.is();
diff --git a/xmlsecurity/source/xmlsec/nss/xmlsecuritycontext_nssimpl.cxx b/xmlsecurity/source/xmlsec/nss/xmlsecuritycontext_nssimpl.cxx
index 6b7a78b1e6a1..d5ba8a38f949 100644
--- a/xmlsecurity/source/xmlsec/nss/xmlsecuritycontext_nssimpl.cxx
+++ b/xmlsecurity/source/xmlsec/nss/xmlsecuritycontext_nssimpl.cxx
@@ -37,6 +37,7 @@ using ::com::sun::star::xml::crypto::XXMLSecurityContext ;
 XMLSecurityContext_NssImpl::XMLSecurityContext_NssImpl()
     : m_nDefaultEnvIndex(-1)
 {
+#if 0
     //Init xmlsec library
     if( xmlSecInit() < 0 ) {
         throw RuntimeException() ;
@@ -54,13 +55,16 @@ XMLSecurityContext_NssImpl::XMLSecurityContext_NssImpl()
         xmlSecShutdown() ;
         throw RuntimeException() ;
     }
+#endif
 }
 
 XMLSecurityContext_NssImpl::~XMLSecurityContext_NssImpl()
 {
+#if 0
     xmlDisableStreamInputCallbacks() ;
     xmlSecCryptoShutdown() ;
     xmlSecShutdown() ;
+#endif
 }
 
 sal_Int32 SAL_CALL XMLSecurityContext_NssImpl::addSecurityEnvironment(
diff --git a/xmlsecurity/source/xmlsec/xmlstreamio.cxx b/xmlsecurity/source/xmlsec/xmlstreamio.cxx
index 6faf711c181b..32d86269cd7e 100644
--- a/xmlsecurity/source/xmlsec/xmlstreamio.cxx
+++ b/xmlsecurity/source/xmlsec/xmlstreamio.cxx
@@ -145,7 +145,7 @@ int xmlStreamClose( void * context )
     return 0 ;
 }
 
-int xmlEnableStreamInputCallbacks()
+XSECXMLSEC_DLLPUBLIC int xmlEnableStreamInputCallbacks()
 {
 
     if( !( enableXmlStreamIO & XMLSTREAMIO_INITIALIZED ) ) {
@@ -210,7 +210,7 @@ XSECXMLSEC_DLLPUBLIC int xmlUnregisterStreamInputCallbacks()
     return 0 ;
 }
 
-void xmlDisableStreamInputCallbacks() {
+XSECXMLSEC_DLLPUBLIC void xmlDisableStreamInputCallbacks() {
     xmlUnregisterStreamInputCallbacks() ;
     enableXmlStreamIO &= ~XMLSTREAMIO_INITIALIZED ;
 }
diff --git a/xmlsecurity/source/xmlsec/xsec_xmlsec.cxx b/xmlsecurity/source/xmlsec/xsec_xmlsec.cxx
index 99738064c09f..dd793295baa1 100644
--- a/xmlsecurity/source/xmlsec/xsec_xmlsec.cxx
+++ b/xmlsecurity/source/xmlsec/xsec_xmlsec.cxx
@@ -26,6 +26,7 @@
 #include "xmlsec/xmlelementwrapper_xmlsecimpl.hxx"
 #include "xmlsec/xmldocumentwrapper_xmlsecimpl.hxx"
 #include "xsec_xmlsec.hxx"
+#include "xmlsignature_gpgimpl.hxx"
 
 using namespace ::cppu;
 using namespace ::com::sun::star::uno;
@@ -40,7 +41,11 @@ SAL_DLLPUBLIC_EXPORT void* SAL_CALL xsec_xmlsec_component_getFactory( const sal_
     Reference< XInterface > xFactory ;
 
     if( pImplName != nullptr ) {
-        if( XMLElementWrapper_XmlSecImpl_getImplementationName().equalsAscii( pImplName ) )
+        if( XMLSignature_GpgImpl::impl_getImplementationName().equalsAscii( pImplName ) )
+        {
+            xFactory = XMLSignature_GpgImpl::impl_createFactory( static_cast< XMultiServiceFactory* >( pServiceManager ) ) ;
+        }
+        else if( XMLElementWrapper_XmlSecImpl_getImplementationName().equalsAscii( pImplName ) )
         {
             xFactory = cppu::createSingleComponentFactory(
                 XMLElementWrapper_XmlSecImpl_createInstance,