Age | Commit message (Collapse) | Author | Files | Lines |
|
On a system where the certificate can be validated, the expected result
is OK, not PARTIAL_OK (copy&paste problem from OOXML).
Change-Id: I1b52921498de24c9a14a780bf48b791ec1e0c706
(cherry picked from commit 08dadbd90ec29011dc2367493f49c57d75f1e51b)
|
|
Change-Id: I400d728c5d99228c5ca52e369037395b4da2af5c
Reviewed-on: https://gerrit.libreoffice.org/26187
Tested-by: Jenkins <ci@libreoffice.org>
Reviewed-by: Noel Grandin <noelgrandin@gmail.com>
(cherry picked from commit ab10f9fc11948ca0f463aa8c0c784a574c89f8f7)
|
|
Reviewed-on: https://gerrit.libreoffice.org/21209
Tested-by: Jenkins <ci@libreoffice.org>
Reviewed-by: Ashod Nakashian <ashnakash@gmail.com>
(cherry picked from commit 64d624b65124ac02d8ee59b135593fd9d8eb9067)
Change-Id: I9a5940027423ff0791fa7da0b79b617412ce6b86
|
|
A ridiculously fast way of doing this is:
for i in $(pcregrep -l -M -r --include='.*[hc]xx$' \
--exclude-dir=workdir --exclude-dir=instdir '^
{3,}' .)
do
perl -0777 -i -pe 's/^
{3,}/
/gm' $i
done
Reviewed-on: https://gerrit.libreoffice.org/22224
Tested-by: Jenkins <ci@libreoffice.org>
Reviewed-by: Chris Sherlock <chris.sherlock79@gmail.com>
(cherry picked from commit a238b1f8d304bf1e2ffb357937f3ec888ee8ac89)
Change-Id: Iebb93eccbee9e4fc5c4380474ba595858a27ac2c
|
|
xmlsecurity/source/xmlsec/mscrypt/x509certificate_mscryptimpl.cxx(511) :
error C2065: ´CERT_SHA256_HASH_PROP_ID´ : undeclared identifier
Change-Id: I644d6797d81a506ca9b91d83eead16503af93905
Reviewed-on: https://gerrit.libreoffice.org/23494
Tested-by: Jenkins <ci@libreoffice.org>
Reviewed-by: Christian Lohmaier <lohmaier+LibreOffice@googlemail.com>
(cherry picked from commit d78e644679be47d96bbb2e9d5909f2b559fa29c4)
|
|
It was odd that import code had its own OOXMLSecParser, but export code
was buried in the controller.
Change-Id: Ie1964bf9c54a8b779981e8d72bf4810090cf960c
(cherry picked from commit 27fc89cce931039f8f585c10b8ee41023c777b5e)
|
|
(cherry picked from commit 6c11778ee6919b0f16acb17a896f65d4021f3089)
Change-Id: I08734b7841fc83b327ebbf5c8ae43f7969e94e12
|
|
Without this the generated .p12 test file can't be used for SHA2 signing
on Windows, as xmlsec.git's README points out.
Change-Id: Ib97a337eca3b92dde5e0ccadee7420c492a8971c
(cherry picked from commit 0fea7b00e26d9e5ee9ae995d484540adadf85fda)
|
|
(cherry picked from commit eb63915f0ab18cd7225a573bcb9a5121c7d6b0f1)
Conflicts:
xmlsecurity/source/framework/saxeventkeeperimpl.cxx
Change-Id: I224a0914bd3506b4e2ce057c53838ec78187b060
|
|
Change-Id: I2dd2d2caf772cf5a0e564367acff0c5522b2c286
(cherry picked from commit 3dda6452f190f9196eee845bbe0d5d28346a1e52)
|
|
Fails without the previous commit.
Change-Id: I7606b9a5ef3509077b1a3a6e884f0e2bb4c79614
(cherry picked from commit 88b1a724311a2f9b2c75e8ea9c1494be61433371)
|
|
... signatures.
ExportSignatureContentTypes() was already a "remove all, and then re-add
necessary entries" operation, so just make sure we still call it for
zero signatures and it'll do the right thing.
Change-Id: If9182b39ac6d8f2cf66f33a02d9ddcab170ba5ea
(cherry picked from commit 1a04b1e4f2086bfdeaba04d7b67e8b8e21e5037f)
|
|
Without this, running the test modified
xmlsecurity/qa/unit/signing/data/partial.docx.
Change-Id: I3dd5cb6c90037fce0c550be9b1c189959b848ebe
(cherry picked from commit 7d7cd95840bd3dec2e1e7e8e5f99c69673767215)
|
|
So that no empty _xmlsignatures directory is left around after removing
signatures.
Change-Id: I3af77ba943a483a009a4eebaf40a58404f479e5a
(cherry picked from commit e60abe659d7448ae6f839740dcfe87fd8b1520d7)
|
|
The signature relation refers to _xmlsignatures/origin.sigs, but
that's not written when all signatures are removed.
Change-Id: I5ee1c8849962cba4b338e6f43243bcf89aedad36
(cherry picked from commit 57e6b9f3f4861f6283841e24a189eae3c02db9e8)
|
|
... signatures are removed.
With this, the _xmlsignatures/ sub-storage inside the document is empty
when all signatures are removed.
Change-Id: I391bd1d3b6fdb724952a7158a043b1e602d532a9
(cherry picked from commit 64f86c7fec0a0e88d7d91703ea1aab68714608d1)
|
|
To be able to unit-test this later without creating a vcl dialog.
Change-Id: I4794e212ffefc2efa3bddaf58e6c6bf2a4ea8d9a
(cherry picked from commit 170e0e028085745564c2755ba7e02b0a327b9e7d)
|
|
Fails with the previous commit reverted.
Change-Id: I050a03fa923980e46b31eff457d0b83f6c38ceaf
(cherry picked from commit 3cefd33eb54d355d21f3541963ad1e89793c95f1)
|
|
The removal of the _xmlsignatures sub-storage in
DocumentSignatureHelper::OpenSignatureStream() serves 3 purposes:
1) Remove no longer needed signature streams
2) Truncate signatures relation stream
3) Truncate still needed signature streams
2) and 3) could be done using io::XTruncate as well, but if the whole
storage is removed to handle 1), then individual truncate() calls are
not necessary.
Change-Id: Id9ed9c87c94f340dc947124b28f085561798d361
(cherry picked from commit c30bf0284c643b6c574fcc5dabb840bb51174b30)
|
|
So that it'll be possible to call that code without an active dialog,
from a headless unit test.
Change-Id: I1728a666ff5d84b337efd7e2b7eb68469896257a
(cherry picked from commit 4351ff1f12268a0b97413e811503ac65a51665eb)
|
|
Fails with e.g. commit 963264a417ce807201f0021fc6000ce7d6cf0245
(xmlsecurity OOXML export: don't loose old signatures when adding a new
one, 2016-03-03) reverted.
Change-Id: Ia2b0f3d8914bca14075481f5ac8cd4c0033d26c1
(cherry picked from commit 78a209b951d2f6e6bb3001b45c242a85fcf9ebb0)
|
|
When adding a signature, first we export it to a temp. storage, then
read it back, show the verification to the user, and then later we do or
do not write the temp. storage back to the original one.
This means the signature gets exported two times, and MSO only considers
the final result valid. So when caching signatures (to avoid a real
export based on our data model), don't cache the one we just added to
the temp. storage, but do a real export second time as well.
With this, MSO considers our appended signature (next to an existing
one) valid, too.
Change-Id: I4d615298463e037ea4e654ff5c3addcef8b0a094
(cherry picked from commit e89610dad647ea5c77805ff06af1ea9870ae9f15)
|
|
We append a new signature to a document by re-exporting the existing
ones, then writing the new signature. Given that existing signatures
aren't canonicalized before hashing, write them back as-is.
With this, our own signature verification is happy about the export
result, containing an existing and a newly created signature.
Change-Id: I0ff57a2266c6070a945f0c45ca5793406678be60
(cherry picked from commit 38c39dc49c502683a3ccbcbfaa7e7ecee413c30f)
|
|
For one, MSO doesn't do that either by default.
For another, this would currently result in a io::IOException, because:
- the root storage is opened read-write, to be able to add the signature
- then _xmlsignatures/newsig is opened read-write to be able to write
the signature
- opening _xmlsignatures/something as read-only still opens the
_xmlsignatures storage as read-write -> boom, we tried to open the
same sub-storage read-write two times, OStorage::openStorageElement()
detects that
Change-Id: I2b90dc044bcfb835df4f19a339a0447e69f42975
(cherry picked from commit cc75888c9e4cd09476287a8489c99fbf073feddb)
|
|
With this, at least we don't completely throw away existing signatures.
The roundtrip of them isn't perfect yet, though.
Change-Id: Ibc3408364403a057169e384902afe13b1e397480
(cherry picked from commit 963264a417ce807201f0021fc6000ce7d6cf0245)
|
|
Every other aspect of the certificate is calculated earlier in
DocumentSignatureManager, so calculate the digest there as well.
Change-Id: Icd97f3ecb084bbce60fcdfa496b6aaf0ac75026d
(cherry picked from commit 122c01989d4843db52725d375af22f866345d80a)
|
|
Change-Id: I97acb4a2e9aedb15671d65f6995faeab4ff5716f
(cherry picked from commit 0d6328164e32dc8b5cd47e27bfcc2e2f6f906799)
|
|
Fails when the relevant part of XSecController::exportOOXMLSignature()
is commented out, i.e. the member function just writes a <Signature> XML
element, no child elements.
Reviewed-on: https://gerrit.libreoffice.org/22375
Reviewed-by: Miklos Vajna <vmiklos@collabora.co.uk>
Tested-by: Jenkins <ci@libreoffice.org>
(cherry picked from commit d3f83ffa0e85a697af2cbf50a55dd7308609cf56)
Change-Id: I526c1170c8ada71f111a1ad56d74af1a4102dbce
|
|
It's hard to unit test signing when the logic is implemented in the Add
and OK button handlers.
Change-Id: I5e07df69cd808cf170e21dfd55f2f44bc79c58a8
(cherry picked from commit 565346a4fe0a074807381c2d8ea48242e9e69f4f)
|
|
Assuming the policy follows a least-confidential -> most-confidential
order, doing a lexicographical sort on the category names does more harm
than good. So use a vector instead of a name-indexed map for categories.
Also, don't duplicate the label map for the current state, but just
store the state in the same category structure that is used for other
(currently not used) categories as well.
Change-Id: I1672192e572abfc22b6aeeb152ee7484086cea91
(cherry picked from commit 900fccc29257d2e226dfcd0fc9ef54f1f5b52ec8)
|
|
Change-Id: Ic6e31ba0c542f0347b95f3930a13670acbc4f61f
(cherry picked from commit a1345cdbe587d6ae9bed43d4f7902133be78d4bc)
|
|
Change-Id: Ia542ab0644611ff8e36c8b52138e1ef064972606
(cherry picked from commit b5c1485ac9a1c8bd65c12ee579f05cd140dc1219)
|
|
Change-Id: Idf60c9adcbc6d7467df92b48995bcb5c0bc3465b
Reviewed-on: https://gerrit.libreoffice.org/22308
Reviewed-by: Miklos Vajna <vmiklos@collabora.co.uk>
Tested-by: Jenkins <ci@libreoffice.org>
(cherry picked from commit 718dd3742be309a77c5e22af799abc964cf1a3e0)
|
|
With this, our own import is happy when we sign LO-generated OOXML
files.
Change-Id: I977d7db5cf18fec1f33c480ab6e58852f2433923
(cherry picked from commit 1e52ec3951f3e9d687bdff20a6378cb2f4819a90)
|
|
Change-Id: I5c67db0369d5eb24178e7173ac716dd8e96dfd47
(cherry picked from commit 35ed9089373b4b63ecc656bd4dd57fc6f128c622)
|
|
With this, our signature on a DOCX file is accepted by Word as well.
Change-Id: Ibd6bc77aa3f86a9b7f55f165383d1322ecb24f47
(cherry picked from commit 3d004858944b1ec69446941e65f317ee78da172e)
|
|
Another redundant field: it's the SHA-256 digest of the certificate data
for OOXML, not used for ODF. We need to store it after import, as we no
longer have the security environment at hand when we store the signature
to the persistent storage.
Change-Id: I3bcccb3c7c4f4178c0b267ce87777fba543f8716
(cherry picked from commit 89af47f2b3fba6692a1cea850159b2163a64db8b)
|
|
OOXML export will need an SHA-256 hash of the certificate, introducing
a css::security::XCertificate2 just for this would be probably an
overkill. The same will have to be done in the mscrypto backend in the
near future.
Change-Id: Id2df06416a713927edd60e1253ff8e1c09dd706a
(cherry picked from commit f09f61c9b4f474a95fafa144b4eb18dbdf2a166c)
|
|
Again, just to help the exporter not loose information.
Change-Id: Icc729d6a58321695fa59e009a328fca56d5ef514
(cherry picked from commit df4ebee2eff7f3766b604f4928ddf0f0f6e810bd)
|
|
This is redundant, but it's needed to survive an export -> import ->
export flow, and at the end required in the OOXML result.
Change-Id: I0779950b6464b4e15f4da452c163cddbc3d03a3d
(cherry picked from commit d7d86dfe4a83dd49192efe167e50c19e75109cde)
|
|
Our own importer is happy about the export result already, but MSO is
more picky, and mandates the correct content types for both
_xmlsignatures/origin.sigs and the individual signature streams.
With this, MSO can open the signed file again (while previously it just
declared the file corrupted), though it still declares the signature
invalid.
Change-Id: I199ad96bb91e7ce03fdf1f10f9500db4e05bb5c1
(cherry picked from commit 6e8be4c99e00d75bfb0d358f64071495ec6b21e3)
|
|
The problem was that the final export lacked the "#" prefix in the
same-document reference names. Fix this by doing what the ODF export
does: don't let the signature informations (data model) contain the "#",
just prepend it right before writing the name out.
This way it won't matter if the source of the name is an import (which
doesn't keep the "#") or a new signature (which did, previously), we'll
always write exactly one "#".
Change-Id: I18b6a5ba55b7e79ace537b7ecf575a7abc71e281
(cherry picked from commit 5c5ad2e2decb9af6005419a34db2bd0f4e9bcfd3)
|
|
Change-Id: Ib522a6ce9663b5f56888debb911296360da484d6
(cherry picked from commit 3d0a2c8c43179ae0e19be154f44def8bb6cf8de6)
|
|
Change-Id: Ia24a1b64d4adfc0db537704779ca25cfd86cac8f
(cherry picked from commit 5cd3c87d5dfed9707f00dcebdd4c15642febbe12)
|
|
The root cause (and that still needs fixing) is that the OOXML signature
export fails to start same-document references with a "#" character.
OTOH, even if that happens, it's better to throw uno::RuntimeException
in UriBindingHelper::OpenInputStream() to avoid std::terminate().
Change-Id: I9c9c211de36fb0aeb2c33f62b094c9f4d9c85b3d
(cherry picked from commit f55914f7be1209718ff96527653cc33cd80f9d2e)
|
|
With this, _xmlsignatures/_rels/origin.sigs.rels and
_xmlsignatures/origin.sigs is written to the destination file.
Change-Id: I8d63a182e7cf05ed20195f88c90fba2a9a05379e
(cherry picked from commit 67785148837b4ba5ebef1b2cdf249a8f8cad8b9d)
|
|
Previously this code worked only for reading, as we assumed if it
doesn't exist, then the storage is not OOXML, either.
With this, DigitalSignaturesDialog::OKButtonHdl() gets a valid storage,
where it'll be able to write the actual signatures.
Change-Id: Iadf63a88c962386abc31225c02398761aea818cb
(cherry picked from commit 600a7a79ecffc47a68438d308f5829868c2f37e6)
|
|
When reading a signature, we just take the ODF signature stream or OOXML
signature storage.
When writing, we write to an ODF temporary stream / OOXML temporary
storage, read it back, and only the signatures dialog close handler
writes the signature back to the original file.
The underlying OOXML temporary storage's stream is the signature stream,
so only try to load signatures from the stream if it's not OOXML,
throwing a ZIP file at an XML parser is not a great idea.
Change-Id: I6e42d117b9c97676aaeaad158e78e39a2c39a5e8
(cherry picked from commit f4b2e2362513e4442fe1d133302bd9b487866c6a)
|
|
Change-Id: I29937cf6baa02bda7821b4bb44c95e5b8a278080
(cherry picked from commit d06e6505f454eeff69327b22d5a5592375d31518)
|
|
Change-Id: I88b0be8b375b7698224e08768d867b767c3a98ad
(cherry picked from commit a2779756374d9e71e9ed6a1d7665f64cc5eacb0f)
|