Age | Commit message (Collapse) | Author | Files | Lines |
|
(cherry picked from commit f231dacde9df1c4aa5f4e0970535c4f4093364a7)
Conflicts:
xmlsecurity/source/helper/pdfsignaturehelper.cxx
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/105926
Tested-by: Jenkins
Reviewed-by: Caolán McNamara <caolanm@redhat.com>
(cherry picked from commit fcab45e0e22f4cf46e71856dba7ae5abd6f99bc5)
Change-Id: I950b49a6e7181639daf27348ddfa0f36586baa65
|
|
(cherry picked from commit 586f6abee92af3cdabdce034b607b9a046ed3946)
Conflicts:
include/vcl/filter/PDFiumLibrary.hxx
vcl/source/pdf/PDFiumLibrary.cxx
xmlsecurity/source/helper/pdfsignaturehelper.cxx
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/105785
Tested-by: Jenkins
Reviewed-by: Caolán McNamara <caolanm@redhat.com>
(cherry picked from commit 00479937dc071246cc27f33fd6397668448a7ed9)
Change-Id: I626fca7c03079fb0374c577dcfe024e7db6ed5b3
|
|
I.e. it's OK to add incremental updates for annotation/commenting
purposes and that doesn't invalite existing signatures. Everything else
does.
(cherry picked from commit 61834cd574568613f0b0a2ee099a60fa5a8d9804)
Conflicts:
include/vcl/filter/PDFiumLibrary.hxx
vcl/source/pdf/PDFiumLibrary.cxx
Change-Id: I4607c242b3c6f6b01517b02407e9e7a095e2e069
Conflicts:
xmlsecurity/qa/unit/signing/signing.cxx
|
|
(cherry picked from commit 7468d5df5ec79783eae84b62bdc5ecf12f0ca255)
Conflicts:
vcl/source/filter/ipdf/pdfdocument.cxx
xmlsecurity/source/pdfio/pdfdocument.cxx
Change-Id: I269ed858852ee7d1275adf340c8cc1565fc30693
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/99480
Tested-by: Jenkins CollaboraOffice <jenkinscollaboraoffice@gmail.com>
Reviewed-by: Miklos Vajna <vmiklos@collabora.com>
|
|
This was supposed to be implemented by commit
a7bf6488ebb544e1efaed0a1e53073df9cc2064d
"ODF1.3: import new OpenPGP encryption markup"
but it turns out that the ODF 1.3 cs01 schema differs from the
implementation:
in ODF 1.3 cs01 we have
<manifest:encrypted-key>
<manifest:encryption-method .../>
<manifest:keyinfo>
<manifest:PGPData>
</manifest:PGPData>
</manifest:keyinfo>
<manifest:CipherData>
</manifest:CipherData>
</manifest:encrypted-key>
whereas the implementation expects
<manifest:keyinfo>
<manifest:encrypted-key>
<manifest:encryption-method .../>
<manifest:PGPData>
</manifest:PGPData>
<manifest:CipherData>
</manifest:CipherData>
</manifest:encrypted-key>
</manifest:keyinfo>
Ideally the inner manifest:keyinfo should be manifest:KeyInfo but
not sure if that really matters.
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/94309
Tested-by: Jenkins
Reviewed-by: Michael Stahl <michael.stahl@cib.de>
(cherry picked from commit 4f1b0f7d5235140611305b784b58f95fc5b8bd81)
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/94586
Reviewed-by: Thorsten Behrens <Thorsten.Behrens@CIB.de>
(cherry picked from commit a3ef13b495d5898488ae52981bdaf8cf34db791c)
Change-Id: I407321c857e7b3ed9f4d04568ca2ea116764b3da
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/99155
Tested-by: Michael Stahl <michael.stahl@cib.de>
Reviewed-by: Michael Stahl <michael.stahl@cib.de>
|
|
Change-Id: I35fb8d499eed66f9a5e208a4778a1f0f12637079
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/93630
Tested-by: Jenkins
Reviewed-by: Samuel Mehrbrodt <Samuel.Mehrbrodt@cib.de>
(cherry picked from commit 29cb36cbee9c3ff5e73bc7a6d6a2f365c5c62da7)
|
|
As already stated in the comments of the signing unit tests,
disabling macro security will not only ignore the signatures, but
actually drop the macro signature, as these are never evaluated
and as a result can't be restored for the new document.
Change-Id: Ie41a9e72d3367c2eed58a52387bb67d8c41abff3
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/90435
Tested-by: Jenkins
Reviewed-by: Thorsten Behrens <Thorsten.Behrens@CIB.de>
(cherry picked from commit 929d46bbf42aefc1f6cf046c2b9cf3d7c4e1efc5)
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/90393
Tested-by: Thorsten Behrens <Thorsten.Behrens@CIB.de>
|
|
This extends the filter comparison from commit c3a1c83ff5af
("tdf#42316 preserve macro signature of templates").
The original patch just stripped "_template" from the source
filter to find equal document types, which just enables the
"template => document" case. This patch also strips the
"_template" from the target filter, which fixes the "document
or template => template" cases.
This also extends the signing save tests:
* OTT 1.2 => OTT 1.2 - preserve
* ODT 1.2 => OTT 1.2 - preserve
* OTT 1.0 => OTT 1.0 - preserve
* ODT 1.0 => OTT 1.0 - preserve
* OTT 1.0 => OTT 1.2 - drop
Reviewed-on: https://gerrit.libreoffice.org/80654
Tested-by: Jenkins
Reviewed-by: Samuel Mehrbrodt <Samuel.Mehrbrodt@cib.de>
(cherry picked from commit 4aa6e2cb2245eddab87fb451add94159a7604246)
Reviewed-on: https://gerrit.libreoffice.org/80910
Reviewed-by: Michael Stahl <michael.stahl@cib.de>
(cherry picked from commit 7b405877b0fa0145513ac0294ab51cf57e6108c6)
Change-Id: Ie297258a4d9f9aa4beb25786c6ba240b6f16f49b
Reviewed-on: https://gerrit.libreoffice.org/81885
Reviewed-by: Thorsten Behrens <Thorsten.Behrens@CIB.de>
Tested-by: Thorsten Behrens <Thorsten.Behrens@CIB.de>
|
|
When comparing the filter of the current and the target document
we have to strip the '_template' from the filter name.
Still this won't preserve the signature of the document attached
to tdf#42316, as this is a ODF 1.0 OTT, which doesn't have a
valid signature in ODF 1.2, as the signature doesn't match the ODF
1.2 namespace for signatures and the default LO ODF version is ODF
1.2 extended.
In theory the signature itself could even be converted most times,
but that can be done in an additional patch, if needed.
Since the code literally saves a template to an internal document,
SfxObjectShell::DoSaveCompleted must keep the signature of the
template. Eventually it'll be dropped on save of the template as
a document later.
The signing tests check "OTT 1.0 => ODT 1.0: preserve", "OTT 1.2
=> ODT 1.2: preserve" and "OTT 1.0 => ODT 1.2: drop".
Reviewed-on: https://gerrit.libreoffice.org/75958
Tested-by: Jenkins
Reviewed-by: Michael Stahl <Michael.Stahl@cib.de>
Reviewed-by: Thorsten Behrens <Thorsten.Behrens@CIB.de>
(cherry picked from commit c3a1c83ff5af05d34f433ac808adbe85f47e8c18)
Reviewed-on: https://gerrit.libreoffice.org/77112
Conflicts:
xmlsecurity/qa/unit/signing/signing.cxx
Change-Id: I2263093687f5a0568ea781ce3ac9b114c9599add
Reviewed-on: https://gerrit.libreoffice.org/79371
Reviewed-by: Thorsten Behrens <Thorsten.Behrens@CIB.de>
Tested-by: Thorsten Behrens <Thorsten.Behrens@CIB.de>
|
|
(cherry picked from commit 4a59a8aba8c9d451edff790d9281d0095c1bd78e)
Conflicts:
xmlsecurity/qa/unit/signing/signing.cxx
Change-Id: I6060b7130827346ac5d6955bf38ebe3b476819fd
Reviewed-on: https://gerrit.libreoffice.org/64174
Tested-by: Jenkins
Reviewed-by: Sophie Gautier <gautier.sophie@gmail.com>
Reviewed-by: Caolán McNamara <caolanm@redhat.com>
Tested-by: Caolán McNamara <caolanm@redhat.com>
|
|
With OFFICE-3940 the loext markup got accepted for ODF1.3 (and
the redundant KeyInfo element removed). Make sure manifest parser
can import new markup.
Change-Id: Id3c88654e8e6e0e256cd68fbb43f1ef670849cf7
Reviewed-on: https://gerrit.libreoffice.org/56597
Tested-by: Jenkins
Reviewed-by: Thorsten Behrens <Thorsten.Behrens@CIB.de>
(cherry picked from commit a7bf6488ebb544e1efaed0a1e53073df9cc2064d)
Reviewed-on: https://gerrit.libreoffice.org/56677
|
|
Using an ECDSA key but writing RSA URIs would fail later in libxmlsec.
Also fix up CppunitTest_xmlsecurity_signing (env vars were set too
late), so that the new testcase actually fails without the fix.
Change-Id: I9e584844d5cd046952b2f19130aeaa5a765bfc0a
Reviewed-on: https://gerrit.libreoffice.org/54400
Tested-by: Jenkins <ci@libreoffice.org>
Reviewed-by: Miklos Vajna <vmiklos@collabora.co.uk>
|
|
Change-Id: I11d874caad9174fb1a70121f1772e117753ee519
Reviewed-on: https://gerrit.libreoffice.org/54503
Tested-by: Jenkins <ci@libreoffice.org>
Reviewed-by: Miklos Vajna <vmiklos@collabora.co.uk>
|
|
Change-Id: I92078fdece135754744d85424956dbb071f3899e
Reviewed-on: https://gerrit.libreoffice.org/53638
Tested-by: Jenkins <ci@libreoffice.org>
Reviewed-by: Julien Nabet <serval2412@yahoo.fr>
|
|
...fail when SRCDIR is a read-only tree
Change-Id: I80a372b3eb71faed1215305a55df93390c846eed
Reviewed-on: https://gerrit.libreoffice.org/52020
Tested-by: Jenkins <ci@libreoffice.org>
Reviewed-by: Stephan Bergmann <sbergman@redhat.com>
|
|
...otherwise fails if SRCDIR is a read-only tree
Change-Id: I0b81be5ba055dac133e5ee638f21c3c5f4d5736b
Reviewed-on: https://gerrit.libreoffice.org/52015
Tested-by: Jenkins <ci@libreoffice.org>
Reviewed-by: Stephan Bergmann <sbergman@redhat.com>
|
|
I (tried to) keep these files consistent locally with astyle in the past,
switching to clang-format makes sure that the recent problem with introducing
inconsistencies in these files doesn't happen again.
(On the flip side, it's great to see that now others also touch this
PDF/pdfium code. :-) )
Change-Id: I6065eab77c584197a82fe48e7d3e81b445106efd
Reviewed-on: https://gerrit.libreoffice.org/51701
Reviewed-by: Miklos Vajna <vmiklos@collabora.co.uk>
Tested-by: Jenkins <ci@libreoffice.org>
|
|
Change-Id: I21268e5950381845eb90bf66a42a99adc3821eaa
Reviewed-on: https://gerrit.libreoffice.org/51493
Tested-by: Jenkins <ci@libreoffice.org>
Reviewed-by: Thorsten Behrens <Thorsten.Behrens@CIB.de>
|
|
PDFDocument::Tokenize() in the aKeyword == "obj" case allocates a
PDFObjectElement, stores it as an owning pointer inside rElements, and
also stores two non-owning references to it in m_aOffsetObjects and
m_aIDObjects. So make sure those 2 other containers are also cleared
then elements go away.
LO_TRACE="valgrind" bin/run pdfverify <sample>
doesn't report errors anymore after the fix.
Change-Id: Ie103de3e24a1080257a79e53b994e8536a9597bc
Reviewed-on: https://gerrit.libreoffice.org/50627
Reviewed-by: Miklos Vajna <vmiklos@collabora.co.uk>
Tested-by: Jenkins <ci@libreoffice.org>
|
|
The roundtrip of the pdf image failed due to this.
Change-Id: I88a9657e242dd2659f9bf06233e5fcbfeb43ceb5
Reviewed-on: https://gerrit.libreoffice.org/48362
Reviewed-by: Miklos Vajna <vmiklos@collabora.co.uk>
Tested-by: Jenkins <ci@libreoffice.org>
|
|
Change-Id: I078626eaa3155cc429320cc8c1532003b382b22a
Reviewed-on: https://gerrit.libreoffice.org/47855
Tested-by: Jenkins <ci@libreoffice.org>
Reviewed-by: Julien Nabet <serval2412@yahoo.fr>
|
|
Change-Id: I3ff3df41b004a0c2cfe01da19c1a0aa6488aaead
|
|
Load encrypted document w/ password-less key,
don't fail.
Change-Id: Id782dd865878ae7b8a60c7c80821b1370f6ac7e7
Reviewed-on: https://gerrit.libreoffice.org/47831
Reviewed-by: Thorsten Behrens <Thorsten.Behrens@CIB.de>
Tested-by: Thorsten Behrens <Thorsten.Behrens@CIB.de>
|
|
Change-Id: I2040315707674dc99a37aedb96ac61dca274c13a
Reviewed-on: https://gerrit.libreoffice.org/47348
Reviewed-by: Miklos Vajna <vmiklos@collabora.co.uk>
Tested-by: Jenkins <ci@libreoffice.org>
|
|
Since some GnuPG versions tend to litter the source tree with random
files otherwise.
Change-Id: I0302f73b216f2de4dafcb6adca81097ec9d87e8c
Reviewed-on: https://gerrit.libreoffice.org/46447
Reviewed-by: Stephan Bergmann <sbergman@redhat.com>
Tested-by: Jenkins <ci@libreoffice.org>
Reviewed-by: Thorsten Behrens <Thorsten.Behrens@CIB.de>
|
|
Change-Id: I029d5c949b4a1e6bd6b0ce4edb39411b9dce88c2
|
|
The only effect SAL_CALL effectively has on LO-internal code is to change non-
static member functions from __thiscall to __cdecl in MSVC (where all other
functions are __cdecl by default, anyway). (For 3rd-party code, it could be
argued that SAL_CALL is useful on function declarations in the URE stable
interface other than non-static member functions, too, in case 3rd-party code
uses a compiler switch to change the default calling convention to something
other than __cdecl. But loplugin:salcall exempts the URE stable interface,
anyway.)
One could argue that SAL_CALL, even if today it effectively only affects non-
static member functions in MSVC, could be extended in the future to affect more
functions on more platforms. However, the current code would already not
support that. For example, 3af500580b1c82eabd60335c9ebc458a3f68850c
"loplugin:salcall fix functions" changed FrameControl_createInstance in
UnoControls/source/base/registercontrols.cxx to no longer be SAL_CALL, even
though its address (in ctl_component_getFacrory, in the same file) is passed to
cppuhelper::createSingleFactory as an argument of type
cppu::ComponentInstantiation, which is a pointer to SAL_CALL function.
Change-Id: I3acbf7314a3d7868ed70e35bb5c47bc11a0b7ff6
Reviewed-on: https://gerrit.libreoffice.org/46436
Tested-by: Jenkins <ci@libreoffice.org>
Reviewed-by: Stephan Bergmann <sbergman@redhat.com>
|
|
And disable unit tests otherwise
Change-Id: I32e1d8d2f8b0013d9cb43b78a55d23a1a29a8e8d
Reviewed-on: https://gerrit.libreoffice.org/46057
Tested-by: Jenkins <ci@libreoffice.org>
Reviewed-by: Thorsten Behrens <Thorsten.Behrens@CIB.de>
|
|
Change-Id: I6f085b67c3477f427bd1efd96db93cbb89e20647
Reviewed-on: https://gerrit.libreoffice.org/46050
Reviewed-by: Thorsten Behrens <Thorsten.Behrens@CIB.de>
Tested-by: Thorsten Behrens <Thorsten.Behrens@CIB.de>
|
|
Since this requires a working gpg setup, limit to linux for the
moment. If you need to add signatures or redo them, run LibreOffice
from a shell with env var
GNUPGHOME=<core>/xmlsecurity/qa/unit/signing/data/ set.
For editing keys, gpg2 also accepts a
--homedir=<core>/xmlsecurity/qa/unit/signing/data/ option
Change-Id: I59e5b563098b19d05c8c2db32537241bc835fc80
Reviewed-on: https://gerrit.libreoffice.org/45950
Tested-by: Jenkins <ci@libreoffice.org>
Reviewed-by: Thorsten Behrens <Thorsten.Behrens@CIB.de>
|
|
Left indent was set to non-zero in the style, but direct formatting set
it back to zero. Teach deduplication to remove the
NS_ooxml::LN_CT_PPrBase_ind SPRM itself in case the last attribute was
removed.
Change-Id: I01b202f0241b02816b2b392326737b1150caffc2
Reviewed-on: https://gerrit.libreoffice.org/44385
Reviewed-by: Miklos Vajna <vmiklos@collabora.co.uk>
Tested-by: Jenkins <ci@libreoffice.org>
|
|
Change-Id: I6f37919da5fef0a90fad314019db19e4a5604169
Reviewed-on: https://gerrit.libreoffice.org/44220
Tested-by: Jenkins <ci@libreoffice.org>
Reviewed-by: Samuel Mehrbrodt <Samuel.Mehrbrodt@cib.de>
|
|
clang-cl reported "error: comparison of integers of different signs: 'DWORD'
(aka 'unsigned long') and 'HRESULT' (aka 'long') [-Werror,-Wsign-compare]"
Change-Id: I568f03bd863ba63e30143483d9573042f3506de7
Reviewed-on: https://gerrit.libreoffice.org/42597
Reviewed-by: Mike Kaganski <mike.kaganski@collabora.com>
Tested-by: Jenkins <ci@libreoffice.org>
|
|
The other ifdef doesn't influence indentation, so don't do it here,
either.
Change-Id: I84259a46d1f66180e4fea295930f40b2b83e58fc
|
|
Without this, expired/not yet valid certificates, as well as
certificates without private key, make test needlessly fail.
Change-Id: Ic8ff85db54f1f1b1fb49fde82424f597f1555c96
Reviewed-on: https://gerrit.libreoffice.org/42434
Tested-by: Jenkins <ci@libreoffice.org>
Reviewed-by: Miklos Vajna <vmiklos@collabora.co.uk>
|
|
Which means xmlsecurity can be again a module that has no public
headers.
Change-Id: I3d0b03680398f80196fac187263e770fd44ed0ed
Reviewed-on: https://gerrit.libreoffice.org/41966
Reviewed-by: Miklos Vajna <vmiklos@collabora.co.uk>
Tested-by: Jenkins <ci@libreoffice.org>
|
|
Change-Id: Ia5fd8af34ee9d2f37e4450ab241f6bb9a06445b2
Reviewed-on: https://gerrit.libreoffice.org/41466
Tested-by: Jenkins <ci@libreoffice.org>
Reviewed-by: Stephan Bergmann <sbergman@redhat.com>
|
|
Change-Id: I8b82d46d4688b1a59d6fe1b05da7d5c8dfc13ca6
Reviewed-on: https://gerrit.libreoffice.org/38766
Tested-by: Jenkins <ci@libreoffice.org>
Reviewed-by: Noel Grandin <noel.grandin@collabora.co.uk>
|
|
Change-Id: Ifa43fa735c8b0d58ff3d3deca2ad4eca6560494a
|
|
Change-Id: I3bc916c8318b63a829ec391a72976829815fa987
|
|
Change-Id: I72d7b13a23ce306b752b39187a0e9fbb7028643a
Reviewed-on: https://gerrit.libreoffice.org/38606
Reviewed-by: Noel Grandin <noel.grandin@collabora.co.uk>
Tested-by: Noel Grandin <noel.grandin@collabora.co.uk>
|
|
Leaving Signer as an empty reference will do exactly what we want: the
signature will be considered invalid.
Change-Id: I25d7cbd260384110173fe953fc24f3dcf6b9acd5
Reviewed-on: https://gerrit.libreoffice.org/37770
Reviewed-by: Miklos Vajna <vmiklos@collabora.co.uk>
Tested-by: Jenkins <ci@libreoffice.org>
|
|
Usually when the PDF file contains incremental updates the updates are
appended at the end of the document. But this is not required, the
various trailers can be in any order. Make sure that we look at the last
trailer (logically last, not the one with the largest file offset) when
looking for pages.
Change-Id: Idcd85a7c6bbf08c9436dd73933d79cdb683f482c
Reviewed-on: https://gerrit.libreoffice.org/36527
Reviewed-by: Miklos Vajna <vmiklos@collabora.co.uk>
Tested-by: Jenkins <ci@libreoffice.org>
|
|
Change-Id: I51692b887585d6a64019550aff5f6ea2910ad2fd
|
|
Change-Id: Id862544f27ebcbe8363f93dc83192d0f0cddb5cc
Reviewed-on: https://gerrit.libreoffice.org/36041
Tested-by: Jenkins <ci@libreoffice.org>
Reviewed-by: Noel Grandin <noel.grandin@collabora.co.uk>
|
|
The PDF code in xmlsecurity served two purposes:
- a generic PDF tokenizer
- signature verification
The first purpose is useful to have in VCL, so the PDF export code can
use it as well when it comes to PDF image handling.
This commit just moves most of the PDF code to VCL, it does not touch
the PDF export code yet. With this, also the somewhat odd xmlsecurity
dependency of CppunitTest_vcl_pdfexport can be removed as well.
Change-Id: I6fe8294ed5c4aa4d79f4b2ddef80a4d1c9d566cc
Reviewed-on: https://gerrit.libreoffice.org/35513
Reviewed-by: Miklos Vajna <vmiklos@collabora.co.uk>
Tested-by: Jenkins <ci@libreoffice.org>
|
|
Signature verification code depends on sax and xmloff, but the rest of
the PDF tokenizer could be otherwise moved down to lower layers without
problems.
Change-Id: Ieca57279e9517935821c1d34f217fd10548035ef
Reviewed-on: https://gerrit.libreoffice.org/35512
Reviewed-by: Miklos Vajna <vmiklos@collabora.co.uk>
Tested-by: Jenkins <ci@libreoffice.org>
|
|
This service is only used in xmlsecurity and it's a wrapper around two
free functions in the same module.
Change-Id: Ibc5a026b51eda6c2b4b27b7254dedc220dbf909a
Reviewed-on: https://gerrit.libreoffice.org/34772
Reviewed-by: Miklos Vajna <vmiklos@collabora.co.uk>
Tested-by: Jenkins <ci@libreoffice.org>
|
|
Change-Id: I5d6c4a67cb2a09e7cd5bd620c6b262d188701b89
Reviewed-on: https://gerrit.libreoffice.org/34714
Tested-by: Jenkins <ci@libreoffice.org>
Reviewed-by: Noel Grandin <noel.grandin@collabora.co.uk>
|
|
Invoke the PDF export filter and then use the PDF tokenizer from
xmlsecurity to assert the contents of created PDF file. The testcase
fails with commit 6db0f1feb1d9931d2726dd11a889c58815710ce0 (tdf#106059
PDF export: create a reference XObject for PDF images, 2017-02-22)
reverted.
Change-Id: I90526fef41d9560ae447f586df766bc50a491c43
Reviewed-on: https://gerrit.libreoffice.org/34609
Reviewed-by: Miklos Vajna <vmiklos@collabora.co.uk>
Tested-by: Jenkins <ci@libreoffice.org>
|