From 1f9acb2f71e95ce9333728ab19dea0aa8e12f819 Mon Sep 17 00:00:00 2001 From: Malte Timmermann Date: Tue, 27 Jul 2004 10:55:25 +0000 Subject: #i21596# Digital Signatures... --- .../inc/xmlsecurity/digitalsignaturesdialog.hxx | 15 +-- xmlsecurity/prj/d.lst | 1 + .../source/component/documentdigitalsignatures.cxx | 10 +- xmlsecurity/source/dialogs/certificateviewer.cxx | 7 +- .../source/dialogs/digitalsignaturesdialog.cxx | 139 +++++++++++---------- 5 files changed, 84 insertions(+), 88 deletions(-) (limited to 'xmlsecurity') diff --git a/xmlsecurity/inc/xmlsecurity/digitalsignaturesdialog.hxx b/xmlsecurity/inc/xmlsecurity/digitalsignaturesdialog.hxx index 3396413c768a..19b11abd7e21 100644 --- a/xmlsecurity/inc/xmlsecurity/digitalsignaturesdialog.hxx +++ b/xmlsecurity/inc/xmlsecurity/digitalsignaturesdialog.hxx @@ -2,9 +2,9 @@ * * $RCSfile: digitalsignaturesdialog.hxx,v $ * - * $Revision: 1.4 $ + * $Revision: 1.5 $ * - * last change: $Author: gt $ $Date: 2004-07-27 07:56:35 $ + * last change: $Author: mt $ $Date: 2004-07-27 11:55:25 $ * * The Contents of this file are made available subject to the terms of * either of the following licenses @@ -94,19 +94,14 @@ class HeaderBar; class DigitalSignaturesDialog : public ModalDialog { private: - enum SigState { S_NONE, S_VALID, S_BROKEN }; - XMLSignatureHelper maSignatureHelper; css::uno::Reference < css::embed::XStorage > mxStore; - SignatureInformations aCurrentSignatureInformations; + SignatureInformations maCurrentSignatureInformations; bool mbVerifySignatures; bool mbSignaturesChanged; DocumentSignatureMode meSignatureMode; - // HACK, until sig in storage works - rtl::OUString maSigFileName; - FixedText maHintDocFT; FixedText maHintBasicFT; FixedText maHintPackageFT; @@ -136,7 +131,6 @@ private: void ImplFillSignaturesBox(); void ImplShowSignaturesDetails(); - void SetState( SigState _eState ); public: DigitalSignaturesDialog( Window* pParent, cssu::Reference< css::lang::XMultiServiceFactory >& rxMSF, DocumentSignatureMode eMode, sal_Bool bReadOnly ); ~DigitalSignaturesDialog(); @@ -147,9 +141,6 @@ public: // Set the storage which should be signed or verified void SetStorage( const cssu::Reference < css::embed::XStorage >& rxStore ); - // HACK: Set a signature file name, use this until sig in storage works! - void SetSignatureFileName( const rtl::OUString& rName ) { maSigFileName = rName; } - // Execute the dialog... short Execute(); diff --git a/xmlsecurity/prj/d.lst b/xmlsecurity/prj/d.lst index 891a5d4b27c6..5d2d8bd971f0 100644 --- a/xmlsecurity/prj/d.lst +++ b/xmlsecurity/prj/d.lst @@ -1,4 +1,5 @@ ..\%__SRC%\bin\xsec_fw.dll %_DEST%\bin%_EXT%\xsec_fw.dll ..\%__SRC%\bin\xsec_xmlsec.dll %_DEST%\bin%_EXT%\xsec_xmlsec.dll ..\%__SRC%\bin\xmlsecurity.dll %_DEST%\bin%_EXT%\xmlsecurity.dll +..\%__SRC%\lib\*.so %_DEST%\bin%_EXT%\* ..\%__SRC%\bin\xmlsec*.res %_DEST%\bin%_EXT%\xmlsec*.res diff --git a/xmlsecurity/source/component/documentdigitalsignatures.cxx b/xmlsecurity/source/component/documentdigitalsignatures.cxx index d0d6cb643ac9..eadaf3c4b2e8 100644 --- a/xmlsecurity/source/component/documentdigitalsignatures.cxx +++ b/xmlsecurity/source/component/documentdigitalsignatures.cxx @@ -2,9 +2,9 @@ * * $RCSfile: documentdigitalsignatures.cxx,v $ * - * $Revision: 1.11 $ + * $Revision: 1.12 $ * - * last change: $Author: mt $ $Date: 2004-07-26 12:13:28 $ + * last change: $Author: mt $ $Date: 2004-07-27 11:55:25 $ * * The Contents of this file are made available subject to the terms of * either of the following licenses @@ -165,10 +165,10 @@ com::sun::star::uno::Sequence< ::com::sun::star::security::DocumentSignaturesInf aSignatureHelper.ReadAndVerifySignature( xInputStream ); } - aStreamHelper.Clear(); - aSignatureHelper.EndMission(); + aStreamHelper.Clear(); + uno::Reference< ::com::sun::star::xml::crypto::XSecurityEnvironment > xSecEnv = aSignatureHelper.GetSecurityEnvironment(); SignatureInformations aSignInfos = aSignatureHelper.GetSignatureInformations(); @@ -188,6 +188,8 @@ com::sun::star::uno::Sequence< ::com::sun::star::security::DocumentSignaturesInf aInfos[n].SignatureDate = String( rInfo.ouDate ).ToInt32(); aInfos[n].SignatureTime = String( rInfo.ouTime ).ToInt32(); + DBG_ASSERT( rInfo.nStatus != STATUS_INIT, "Signature not processed!" ); + aInfos[n].SignatureIsValid = ( rInfo.nStatus == STATUS_VERIFY_SUCCEED ); if ( aInfos[n].SignatureIsValid ) diff --git a/xmlsecurity/source/dialogs/certificateviewer.cxx b/xmlsecurity/source/dialogs/certificateviewer.cxx index 799e2f96b8ec..7e7b51827f64 100644 --- a/xmlsecurity/source/dialogs/certificateviewer.cxx +++ b/xmlsecurity/source/dialogs/certificateviewer.cxx @@ -2,9 +2,9 @@ * * $RCSfile: certificateviewer.cxx,v $ * - * $Revision: 1.13 $ + * $Revision: 1.14 $ * - * last change: $Author: gt $ $Date: 2004-07-27 09:00:35 $ + * last change: $Author: mt $ $Date: 2004-07-27 11:55:25 $ * * The Contents of this file are made available subject to the terms of * either of the following licenses @@ -412,7 +412,8 @@ CertificateViewerCertPathTP::CertificateViewerCertPathTP( Window* _pParent, Cert SvLBoxEntry* pParent = NULL; for( int i = nCnt; i; ) { - pParent = InsertCert( pParent, XmlSec::GetContentPart( pCertPath[ --i ]->getSubjectName(), aCN_Id ), pCertPath[ i ] ); + const Reference< security::XCertificate > rCert = pCertPath[ --i ]; + pParent = InsertCert( pParent, XmlSec::GetContentPart( rCert->getSubjectName(), aCN_Id ), rCert ); } maCertPathLB.Select( pParent ); diff --git a/xmlsecurity/source/dialogs/digitalsignaturesdialog.cxx b/xmlsecurity/source/dialogs/digitalsignaturesdialog.cxx index 62f8e7fc6f0b..615c304d8c37 100644 --- a/xmlsecurity/source/dialogs/digitalsignaturesdialog.cxx +++ b/xmlsecurity/source/dialogs/digitalsignaturesdialog.cxx @@ -2,9 +2,9 @@ * * $RCSfile: digitalsignaturesdialog.cxx,v $ * - * $Revision: 1.11 $ + * $Revision: 1.12 $ * - * last change: $Author: gt $ $Date: 2004-07-27 07:57:11 $ + * last change: $Author: mt $ $Date: 2004-07-27 11:55:25 $ * * The Contents of this file are made available subject to the terms of * either of the following licenses @@ -97,18 +97,6 @@ using namespace ::com::sun::star::security; #endif using namespace ::com::sun::star; -using namespace ::com::sun::star; - -void DigitalSignaturesDialog::SetState( SigState _eState ) -{ - bool bShowValid = _eState == S_VALID; - bool bShowInvalid = _eState == S_BROKEN; - - maSigsValidImg.Show( bShowValid ); - maSigsValidFI.Show( bShowValid ); - maSigsInvalidImg.Show( bShowInvalid ); - maSigsInvalidFI.Show( bShowInvalid ); -} DigitalSignaturesDialog::DigitalSignaturesDialog( Window* pParent, uno::Reference< lang::XMultiServiceFactory >& rxMSF, DocumentSignatureMode eMode, sal_Bool bReadOnly ) :ModalDialog ( pParent, XMLSEC_RES( RID_XMLSECDLG_DIGSIG ) ) @@ -136,8 +124,6 @@ DigitalSignaturesDialog::DigitalSignaturesDialog( Window* pParent, uno::Referenc FreeResource(); - SetState( S_NONE ); // first hide state image & info - mbVerifySignatures = true; mbSignaturesChanged = false; @@ -239,7 +225,7 @@ IMPL_LINK( DigitalSignaturesDialog, AddButtonHdl, Button*, EMPTYARG ) maSignatureHelper.GetSecurityEnvironment()->getPersonalCertificates(); uno::Reference xSecEnv = maSignatureHelper.GetSecurityEnvironment(); - CertificateChooser aChooser( this, xSecEnv, aCurrentSignatureInformations ); + CertificateChooser aChooser( this, xSecEnv, maCurrentSignatureInformations ); if( aChooser.Execute() ) { uno::Reference< ::com::sun::star::security::XCertificate > xCert = aChooser.GetSelectedCertificate(); @@ -294,9 +280,9 @@ IMPL_LINK( DigitalSignaturesDialog, AddButtonHdl, Button*, EMPTYARG ) uno::Reference< com::sun::star::xml::sax::XDocumentHandler> xDocumentHandler = maSignatureHelper.CreateDocumentHandlerWithHeader( xOutputStream ); // Export old signatures... - int nInfos = aCurrentSignatureInformations.size(); + int nInfos = maCurrentSignatureInformations.size(); for ( int n = 0; n < nInfos; n++ ) - maSignatureHelper.ExportSignature( xDocumentHandler, aCurrentSignatureInformations[n]); + maSignatureHelper.ExportSignature( xDocumentHandler, maCurrentSignatureInformations[n]); // Create a new one... bool bDone = maSignatureHelper.CreateAndWriteSignature( xDocumentHandler ); @@ -338,16 +324,16 @@ IMPL_LINK( DigitalSignaturesDialog, RemoveButtonHdl, Button*, EMPTYARG ) if( maSignaturesLB.FirstSelected() ) { USHORT nSelected = (USHORT) (sal_Int32) maSignaturesLB.FirstSelected()->GetUserData(); - aCurrentSignatureInformations.erase( aCurrentSignatureInformations.begin()+nSelected ); + maCurrentSignatureInformations.erase( maCurrentSignatureInformations.begin()+nSelected ); // Export all other signatures... SignatureStreamHelper aStreamHelper = DocumentSignatureHelper::OpenSignatureStream( mxStore, embed::ElementModes::WRITE|embed::ElementModes::TRUNCATE, meSignatureMode ); uno::Reference< io::XOutputStream > xOutputStream( aStreamHelper.xSignatureStream, uno::UNO_QUERY ); uno::Reference< com::sun::star::xml::sax::XDocumentHandler> xDocumentHandler = maSignatureHelper.CreateDocumentHandlerWithHeader( xOutputStream ); - int nInfos = aCurrentSignatureInformations.size(); + int nInfos = maCurrentSignatureInformations.size(); for( int n = 0 ; n < nInfos ; ++n ) - maSignatureHelper.ExportSignature( xDocumentHandler, aCurrentSignatureInformations[ n ] ); + maSignatureHelper.ExportSignature( xDocumentHandler, maCurrentSignatureInformations[ n ] ); maSignatureHelper.CloseDocumentHandler( xDocumentHandler); @@ -379,61 +365,78 @@ void DigitalSignaturesDialog::ImplFillSignaturesBox() uno::Reference< ::com::sun::star::xml::crypto::XSecurityEnvironment > xSecEnv = maSignatureHelper.GetSecurityEnvironment(); uno::Reference< ::com::sun::star::security::XCertificate > xCert; - String aCN_Id( String::CreateFromAscii( "CN" ) ); - String aNullStr; - int nInfos = aCurrentSignatureInformations.size(); - int nValidCnt = 0; - bool bValid; - for( int n = 0; n < nInfos; ++n ) + String aCN_Id( String::CreateFromAscii( "CN" ) ); + String aNullStr; + int nInfos = maCurrentSignatureInformations.size(); + int nValidSigs = 0; + + if( nInfos ) { - const SignatureInformation& rInfo = aCurrentSignatureInformations[n]; - xCert = xSecEnv->getCertificate( rInfo.ouX509IssuerName, numericStringToBigInteger( rInfo.ouX509SerialNumber ) ); + std::vector< rtl::OUString > aElementsToBeVerified = DocumentSignatureHelper::CreateElementList( mxStore, ::rtl::OUString(), meSignatureMode ); + for( int n = 0; n < nInfos; ++n ) + { + const SignatureInformation& rInfo = maCurrentSignatureInformations[n]; + xCert = xSecEnv->getCertificate( rInfo.ouX509IssuerName, numericStringToBigInteger( rInfo.ouX509SerialNumber ) ); - // If we don't get it, create it from signature data: - if ( !xCert.is() ) - xCert = xSecEnv->createCertificateFromAscii( rInfo.ouX509Certificate ) ; + // If we don't get it, create it from signature data: + if ( !xCert.is() ) + xCert = xSecEnv->createCertificateFromAscii( rInfo.ouX509Certificate ) ; - DBG_ASSERT( xCert.is(), "Certificate not found and can't be created!" ); + DBG_ASSERT( xCert.is(), "Certificate not found and can't be created!" ); - String aSubject; - String aIssuer; - String aDateTimeStr; - if( xCert.is() ) - { - aSubject = XmlSec::GetContentPart( xCert->getSubjectName(), aCN_Id ); - aIssuer = XmlSec::GetContentPart( rInfo.ouX509IssuerName, aCN_Id ); - aDateTimeStr = XmlSec::GetDateTimeString( rInfo.ouDate, rInfo.ouTime ); - } - else - { -#if OSL_DEBUG_LEVEL > 1 - aSubject = String::CreateFromAscii( "ERROR getting certificate!" ); -#endif - } + String aSubject; + String aIssuer; + String aDateTimeStr; + if( xCert.is() ) + { + aSubject = XmlSec::GetContentPart( xCert->getSubjectName(), aCN_Id ); + aIssuer = XmlSec::GetContentPart( rInfo.ouX509IssuerName, aCN_Id ); + aDateTimeStr = XmlSec::GetDateTimeString( rInfo.ouDate, rInfo.ouTime ); + } + + // New signatures are not verified, must be valid. Status is INIT. + bool bValid = ( rInfo.nStatus == STATUS_VERIFY_SUCCEED ) || ( rInfo.nStatus == STATUS_INIT ); + if ( bValid ) + { + // Can only be valid if ALL streams are signed, which means real stream count == signed stream count + int nRealCount = 0; + for ( int i = rInfo.vSignatureReferenceInfors.size(); i; ) + { + const SignatureReferenceInformation& rInf = rInfo.vSignatureReferenceInfors[--i]; + // There is also an extra entry of type TYPE_SAMEDOCUMENT_REFERENCE because of signature date. + if ( ( rInf.nType == TYPE_BINARYSTREAM_REFERENCE ) || ( rInf.nType == TYPE_XMLSTREAM_REFERENCE ) ) + nRealCount++; + } + bValid = ( aElementsToBeVerified.size() == nRealCount ); - bValid = true; - if( bValid ) - ++nValidCnt; + if( bValid ) + nValidSigs++; + } - Image aImg( bValid? maSigsValidImg.GetImage() : maSigsInvalidImg.GetImage() ); - SvLBoxEntry* pEntry = maSignaturesLB.InsertEntry( aNullStr, aImg, aImg ); - maSignaturesLB.SetEntryText( aSubject, pEntry, 1 ); - maSignaturesLB.SetEntryText( aIssuer, pEntry, 2 ); - maSignaturesLB.SetEntryText( aDateTimeStr, pEntry, 3 ); - pEntry->SetUserData( ( void* ) n ); // missuse user data as index + Image aImg( bValid? maSigsValidImg.GetImage() : maSigsInvalidImg.GetImage() ); + SvLBoxEntry* pEntry = maSignaturesLB.InsertEntry( aNullStr, aImg, aImg ); + maSignaturesLB.SetEntryText( aSubject, pEntry, 1 ); + maSignaturesLB.SetEntryText( aIssuer, pEntry, 2 ); + maSignaturesLB.SetEntryText( aDateTimeStr, pEntry, 3 ); + pEntry->SetUserData( ( void* ) n ); // missuse user data as index + } } - bValid = ( nValidCnt == nInfos ); - maSigsInvalidImg.SetImage( bValid? maSigsValidImg.GetImage() : maSigsInvalidImg.GetImage() ); + bool bAllSigsValid = ( nValidSigs == nInfos ); + bool bShowValidState = nInfos && bAllSigsValid; + bool bShowInvalidState = nInfos && !bAllSigsValid; + maSigsValidImg.Show( bShowValidState ); + maSigsValidFI.Show( bShowValidState ); + maSigsInvalidImg.Show( bShowInvalidState ); + maSigsInvalidFI.Show( bShowInvalidState ); - SetState( bValid? S_VALID : S_BROKEN ); SignatureHighlightHdl( NULL ); } void DigitalSignaturesDialog::ImplGetSignatureInformations() { - aCurrentSignatureInformations.clear(); + maCurrentSignatureInformations.clear(); maSignatureHelper.StartMission(); @@ -441,15 +444,13 @@ void DigitalSignaturesDialog::ImplGetSignatureInformations() if ( aStreamHelper.xSignatureStream.is() ) { uno::Reference< io::XInputStream > xInputStream( aStreamHelper.xSignatureStream, uno::UNO_QUERY ); - bool bVerifyOK = maSignatureHelper.ReadAndVerifySignature( xInputStream ); - - if ( bVerifyOK ) - aCurrentSignatureInformations = maSignatureHelper.GetSignatureInformations(); + maSignatureHelper.ReadAndVerifySignature( xInputStream ); } + maSignatureHelper.EndMission(); - aStreamHelper.Clear(); + maCurrentSignatureInformations = maSignatureHelper.GetSignatureInformations(); - maSignatureHelper.EndMission(); + aStreamHelper.Clear(); mbVerifySignatures = false; } @@ -459,7 +460,7 @@ void DigitalSignaturesDialog::ImplShowSignaturesDetails() if( maSignaturesLB.FirstSelected() ) { USHORT nSelected = (USHORT) (sal_Int32) maSignaturesLB.FirstSelected()->GetUserData(); - const SignatureInformation& rInfo = aCurrentSignatureInformations[ nSelected ]; + const SignatureInformation& rInfo = maCurrentSignatureInformations[ nSelected ]; uno::Reference< dcss::security::XCertificate > xCert = maSignatureHelper.GetSecurityEnvironment()->getCertificate( rInfo.ouX509IssuerName, numericStringToBigInteger( rInfo.ouX509SerialNumber ) ); // If we don't get it, create it from signature data: -- cgit v1.2.3