From d3219c5e801056c1c3ca0d9912794b804c2d763e Mon Sep 17 00:00:00 2001 From: Samuel Mehrbrodt Date: Mon, 10 Jul 2017 10:02:10 +0200 Subject: tdf#108977 Show signature info for keys we don't have locally gpg4libre Reviewed-on: https://gerrit.libreoffice.org/39742 Reviewed-by: Thorsten Behrens Tested-by: Thorsten Behrens (cherry picked from commit 820bd4b3b64a5746599c48c729037a959ff61c84) Change-Id: I89593224590007e61bce95c14922c08551282067 Reviewed-on: https://gerrit.libreoffice.org/39761 Tested-by: Jenkins Reviewed-by: Miklos Vajna --- xmlsecurity/inc/sigstruct.hxx | 1 + xmlsecurity/inc/xmlsignaturehelper.hxx | 2 +- xmlsecurity/inc/xsecctl.hxx | 4 +- .../source/dialogs/digitalsignaturesdialog.cxx | 47 ++++++++++++---------- .../source/helper/documentsignaturemanager.cxx | 2 +- xmlsecurity/source/helper/xmlsignaturehelper.cxx | 6 ++- xmlsecurity/source/helper/xsecctl.cxx | 7 ++++ xmlsecurity/source/helper/xsecparser.cxx | 16 ++++++++ xmlsecurity/source/helper/xsecparser.hxx | 2 + xmlsecurity/source/helper/xsecsign.cxx | 5 ++- xmlsecurity/source/helper/xsecverify.cxx | 11 +++++ 11 files changed, 76 insertions(+), 27 deletions(-) (limited to 'xmlsecurity') diff --git a/xmlsecurity/inc/sigstruct.hxx b/xmlsecurity/inc/sigstruct.hxx index 68e64176206b..ff6ee5e5d3a5 100644 --- a/xmlsecurity/inc/sigstruct.hxx +++ b/xmlsecurity/inc/sigstruct.hxx @@ -77,6 +77,7 @@ struct SignatureInformation OUString ouGpgKeyID; OUString ouGpgCertificate; + OUString ouGpgOwner; OUString ouSignatureValue; css::util::DateTime stDateTime; diff --git a/xmlsecurity/inc/xmlsignaturehelper.hxx b/xmlsecurity/inc/xmlsignaturehelper.hxx index 261a4792cd61..a473b1efd840 100644 --- a/xmlsecurity/inc/xmlsignaturehelper.hxx +++ b/xmlsecurity/inc/xmlsignaturehelper.hxx @@ -155,7 +155,7 @@ public: void AddEncapsulatedX509Certificate(const OUString& ouEncapsulatedX509Certificate); void SetGpgCertificate(sal_Int32 nSecurityId, const OUString& ouGpgCertDigest, - const OUString& ouGpgCert); + const OUString& ouGpgCert, const OUString& ouGpgOwner); void SetDateTime( sal_Int32 nSecurityId, const Date& rDate, const tools::Time& rTime ); void SetDescription(sal_Int32 nSecurityId, const OUString& rDescription); diff --git a/xmlsecurity/inc/xsecctl.hxx b/xmlsecurity/inc/xsecctl.hxx index a38c1cbf8e3d..9ddc22affbae 100644 --- a/xmlsecurity/inc/xsecctl.hxx +++ b/xmlsecurity/inc/xsecctl.hxx @@ -309,6 +309,7 @@ private: void setDigestValue( sal_Int32 nDigestID, OUString& ouDigestValue ); void setGpgKeyID( OUString& ouKeyID ); void setGpgCertificate( OUString& ouGpgCert ); + void setGpgOwner( OUString& ouGpgOwner ); void setDate( OUString& ouDate ); void setDescription(const OUString& rDescription); @@ -388,7 +389,8 @@ public: void setGpgCertificate( sal_Int32 nSecurityId, const OUString& ouCertDigest, - const OUString& ouCert); + const OUString& ouCert, + const OUString& ouOwner); void setDate( sal_Int32 nSecurityId, diff --git a/xmlsecurity/source/dialogs/digitalsignaturesdialog.cxx b/xmlsecurity/source/dialogs/digitalsignaturesdialog.cxx index 6df31eec715f..22154dc4b2a3 100644 --- a/xmlsecurity/source/dialogs/digitalsignaturesdialog.cxx +++ b/xmlsecurity/source/dialogs/digitalsignaturesdialog.cxx @@ -532,7 +532,6 @@ void DigitalSignaturesDialog::ImplFillSignaturesBox() const SignatureInformation& rInfo = maSignatureManager.maCurrentSignatureInformations[n]; uno::Reference< css::security::XCertificate > xCert = getCertificate(rInfo); - // TODO - should use pgpdata from info provider? OUString aSubject; OUString aIssuer; OUString aDateTimeStr; @@ -559,28 +558,34 @@ void DigitalSignaturesDialog::ImplFillSignaturesBox() aSubject = XmlSec::GetContentPart( xCert->getSubjectName() ); aIssuer = XmlSec::GetContentPart( xCert->getIssuerName() ); - // String with date and time information (#i20172#) - aDateTimeStr = XmlSec::GetDateTimeString( rInfo.stDateTime ); - aDescription = rInfo.ouDescription; - - // Decide type string. - if (maSignatureManager.mxStore.is()) - { - // XML based: XAdES or not. - if (!rInfo.ouCertDigest.isEmpty()) - aType = "XAdES"; - else - aType = "XML-DSig"; - } + } + else if (!rInfo.ouGpgCertificate.isEmpty()) + { + // In case we don't have the gpg key locally, get some data from the document + aIssuer = rInfo.ouGpgOwner; + } + + aDateTimeStr = XmlSec::GetDateTimeString( rInfo.stDateTime ); + aDescription = rInfo.ouDescription; + + // Decide type string. + if (maSignatureManager.mxStore.is()) + { + // XML based: XAdES or not. + if (!rInfo.ouCertDigest.isEmpty()) + aType = "XAdES"; else - { - // Assume PDF: PAdES or not. - if (rInfo.bHasSigningCertificate) - aType = "PAdES"; - else - aType = "PDF"; - } + aType = "XML-DSig"; } + else + { + // Assume PDF: PAdES or not. + if (rInfo.bHasSigningCertificate) + aType = "PAdES"; + else + aType = "PDF"; + } + bSigValid = ( rInfo.nStatus == css::xml::crypto::SecurityOperationStatus_OPERATION_SUCCEEDED ); if ( bSigValid ) diff --git a/xmlsecurity/source/helper/documentsignaturemanager.cxx b/xmlsecurity/source/helper/documentsignaturemanager.cxx index 41f7e5594cf2..4718555d54c2 100644 --- a/xmlsecurity/source/helper/documentsignaturemanager.cxx +++ b/xmlsecurity/source/helper/documentsignaturemanager.cxx @@ -292,7 +292,7 @@ bool DocumentSignatureManager::add(const uno::Reference& else SAL_WARN("xmlsecurity.helper", "XCertificate implementation without an xmlsecurity::Certificate one"); - maSignatureHelper.SetGpgCertificate(nSecurityId, aKeyId, aStrBuffer.makeStringAndClear()); + maSignatureHelper.SetGpgCertificate(nSecurityId, aKeyId, aStrBuffer.makeStringAndClear(), xCert->getIssuerName()); } else { diff --git a/xmlsecurity/source/helper/xmlsignaturehelper.cxx b/xmlsecurity/source/helper/xmlsignaturehelper.cxx index 6242518ce4e1..0c18624aec5c 100644 --- a/xmlsecurity/source/helper/xmlsignaturehelper.cxx +++ b/xmlsecurity/source/helper/xmlsignaturehelper.cxx @@ -125,12 +125,14 @@ void XMLSignatureHelper::AddEncapsulatedX509Certificate(const OUString& ouEncaps void XMLSignatureHelper::SetGpgCertificate(sal_Int32 nSecurityId, const OUString& ouGpgCertDigest, - const OUString& ouGpgCert) + const OUString& ouGpgCert, + const OUString& ouGpgOwner) { mpXSecController->setGpgCertificate( nSecurityId, ouGpgCertDigest, - ouGpgCert); + ouGpgCert, + ouGpgOwner); } void XMLSignatureHelper::SetDateTime( sal_Int32 nSecurityId, const ::Date& rDate, const tools::Time& rTime ) diff --git a/xmlsecurity/source/helper/xsecctl.cxx b/xmlsecurity/source/helper/xsecctl.cxx index ffadd0584692..d85c39dbf974 100644 --- a/xmlsecurity/source/helper/xsecctl.cxx +++ b/xmlsecurity/source/helper/xsecctl.cxx @@ -747,6 +747,13 @@ void XSecController::exportSignature( xDocumentHandler->characters( signatureInfo.ouGpgCertificate ); xDocumentHandler->endElement( "PGPKeyPacket" ); } + + /* Write PGPOwner element */ + xDocumentHandler->startElement( + "PGPOwner", + cssu::Reference< cssxs::XAttributeList > (new SvXMLAttributeList())); + xDocumentHandler->characters( signatureInfo.ouGpgOwner ); + xDocumentHandler->endElement( "PGPOwner" ); } xDocumentHandler->endElement( "PGPData" ); } diff --git a/xmlsecurity/source/helper/xsecparser.cxx b/xmlsecurity/source/helper/xsecparser.cxx index 6c402e73e0cb..1c1098c37261 100644 --- a/xmlsecurity/source/helper/xsecparser.cxx +++ b/xmlsecurity/source/helper/xsecparser.cxx @@ -37,6 +37,7 @@ XSecParser::XSecParser(XMLSignatureHelper& rXMLSignatureHelper, , m_bInX509Certificate(false) , m_bInGpgCertificate(false) , m_bInGpgKeyID(false) + , m_bInGpgOwner(false) , m_bInCertDigest(false) , m_bInEncapsulatedX509Certificate(false) , m_bInSigningTime(false) @@ -74,6 +75,7 @@ void SAL_CALL XSecParser::startDocument( ) m_bInX509Certificate = false; m_bInGpgCertificate = false; m_bInGpgKeyID = false; + m_bInGpgOwner = false; m_bInSignatureValue = false; m_bInDigestValue = false; m_bInDate = false; @@ -194,6 +196,11 @@ void SAL_CALL XSecParser::startElement( m_ouGpgCertificate.clear(); m_bInGpgCertificate = true; } + else if (aName == "PGPOwner") + { + m_ouGpgOwner.clear(); + m_bInGpgOwner = true; + } else if (aName == "SignatureValue") { m_ouSignatureValue.clear(); @@ -317,6 +324,11 @@ void SAL_CALL XSecParser::endElement( const OUString& aName ) m_pXSecController->setGpgCertificate( m_ouGpgCertificate ); m_bInGpgCertificate = false; } + else if (aName == "PGPOwner") + { + m_pXSecController->setGpgOwner( m_ouGpgOwner ); + m_bInGpgOwner = false; + } else if (aName == "xd:CertDigest") { m_pXSecController->setCertDigest( m_ouCertDigest ); @@ -388,6 +400,10 @@ void SAL_CALL XSecParser::characters( const OUString& aChars ) { m_ouGpgKeyID += aChars; } + else if (m_bInGpgOwner) + { + m_ouGpgOwner += aChars; + } else if (m_bInSignatureValue) { m_ouSignatureValue += aChars; diff --git a/xmlsecurity/source/helper/xsecparser.hxx b/xmlsecurity/source/helper/xsecparser.hxx index dd4d0c83c1e6..6056de4491f3 100644 --- a/xmlsecurity/source/helper/xsecparser.hxx +++ b/xmlsecurity/source/helper/xsecparser.hxx @@ -59,6 +59,7 @@ private: OUString m_ouX509Certificate; OUString m_ouGpgCertificate; OUString m_ouGpgKeyID; + OUString m_ouGpgOwner; OUString m_ouCertDigest; OUString m_ouEncapsulatedX509Certificate; OUString m_ouDigestValue; @@ -75,6 +76,7 @@ private: bool m_bInX509Certificate; bool m_bInGpgCertificate; bool m_bInGpgKeyID; + bool m_bInGpgOwner; bool m_bInCertDigest; bool m_bInEncapsulatedX509Certificate; bool m_bInSigningTime; diff --git a/xmlsecurity/source/helper/xsecsign.cxx b/xmlsecurity/source/helper/xsecsign.cxx index 452613b4d10b..278eba79f8af 100644 --- a/xmlsecurity/source/helper/xsecsign.cxx +++ b/xmlsecurity/source/helper/xsecsign.cxx @@ -242,7 +242,8 @@ void XSecController::setX509Certificate( void XSecController::setGpgCertificate( sal_Int32 nSecurityId, const OUString& ouCertDigest, - const OUString& ouCert) + const OUString& ouCert, + const OUString& ouOwner) { int index = findSignatureInfor( nSecurityId ); @@ -250,6 +251,7 @@ void XSecController::setGpgCertificate( { InternalSignatureInformation isi(nSecurityId, nullptr); isi.signatureInfor.ouGpgCertificate = ouCert; + isi.signatureInfor.ouGpgOwner = ouOwner; isi.signatureInfor.ouCertDigest = ouCertDigest; m_vInternalSignatureInformations.push_back( isi ); } @@ -258,6 +260,7 @@ void XSecController::setGpgCertificate( SignatureInformation &si = m_vInternalSignatureInformations[index].signatureInfor; si.ouGpgCertificate = ouCert; + si.ouGpgOwner = ouOwner; si.ouCertDigest = ouCertDigest; } } diff --git a/xmlsecurity/source/helper/xsecverify.cxx b/xmlsecurity/source/helper/xsecverify.cxx index ab2a8dec6100..ff0416ddd28c 100644 --- a/xmlsecurity/source/helper/xsecverify.cxx +++ b/xmlsecurity/source/helper/xsecverify.cxx @@ -292,6 +292,17 @@ void XSecController::setGpgCertificate( OUString& ouGpgCert ) isi.signatureInfor.ouGpgCertificate = ouGpgCert; } +void XSecController::setGpgOwner( OUString& ouGpgOwner ) +{ + if (m_vInternalSignatureInformations.empty()) + { + SAL_INFO("xmlsecurity.helper","XSecController::setGpgOwner: no signature"); + return; + } + InternalSignatureInformation &isi = m_vInternalSignatureInformations.back(); + isi.signatureInfor.ouGpgOwner = ouGpgOwner; +} + void XSecController::setDate( OUString& ouDate ) { if (m_vInternalSignatureInformations.empty()) -- cgit v1.2.3