xmlsecurity: move the sec context from the format helpers to the sign manager
The signature manager always creates an XML helper, and optionally creates a PDF helper as well. Both of them initialize xmlsec, and when the signature manager is deleted, there are two de-inits, leading to an assertion failure in xmlsec. Fix the problem by moving the duplicated xmlsec init to the signature manager. This has the additional benefit that general security-related code no longer has to talk to the XML helper, it can use the signature manager, which feels more natural. (What viewing a certificate had to do with XML?) Change-Id: If6a6bc433636445f3782849a367d4a7ac0be7688 Reviewed-on: https://gerrit.libreoffice.org/30695 Reviewed-by: Miklos Vajna <vmiklos@collabora.co.uk> Tested-by: Jenkins <ci@libreoffice.org>
This commit is contained in:
Miklos Vajna
@@ -47,6 +47,8 @@ public:
|
||||
css::uno::Reference<css::io::XStream> mxTempSignatureStream;
|
||||
/// Storage containing all OOXML signatures, unused for ODF.
|
||||
css::uno::Reference<css::embed::XStorage> mxTempSignatureStorage;
|
||||
css::uno::Reference<css::xml::crypto::XSEInitializer> mxSEInitializer;
|
||||
css::uno::Reference<css::xml::crypto::XXMLSecurityContext> mxSecurityContext;
|
||||
|
||||
DocumentSignatureManager(const css::uno::Reference<css::uno::XComponentContext>& xContext, DocumentSignatureMode eMode);
|
||||
~DocumentSignatureManager();
|
||||
@@ -70,6 +72,10 @@ public:
|
||||
// Checks if the document is a kind where it is relevant to distinguish between using XAdES or not
|
||||
bool IsXAdESRelevant();
|
||||
#endif
|
||||
/// Attempts to initialize the platform-specific crypto.
|
||||
bool init();
|
||||
/// Get the security environment.
|
||||
css::uno::Reference<css::xml::crypto::XSecurityEnvironment> getSecurityEnvironment();
|
||||
};
|
||||
|
||||
#endif // INCLUDED_XMLSECURITY_INC_DOCUMENTSIGNATUREMANAGER_HXX
|
||||
|
||||
@@ -25,8 +25,6 @@
|
||||
class XMLSECURITY_DLLPUBLIC PDFSignatureHelper
|
||||
{
|
||||
css::uno::Reference<css::uno::XComponentContext> m_xComponentContext;
|
||||
css::uno::Reference<css::xml::crypto::XSEInitializer> m_xSEInitializer;
|
||||
css::uno::Reference<css::xml::crypto::XXMLSecurityContext> m_xSecurityContext;
|
||||
SignatureInformations m_aSignatureInfos;
|
||||
|
||||
css::uno::Reference<css::security::XCertificate> m_xCertificate;
|
||||
@@ -35,7 +33,7 @@ class XMLSECURITY_DLLPUBLIC PDFSignatureHelper
|
||||
public:
|
||||
PDFSignatureHelper(const css::uno::Reference<css::uno::XComponentContext>& xComponentContext);
|
||||
bool ReadAndVerifySignature(const css::uno::Reference<css::io::XInputStream>& xInputStream);
|
||||
css::uno::Sequence<css::security::DocumentSignatureInformation> GetDocumentSignatureInformations() const;
|
||||
css::uno::Sequence<css::security::DocumentSignatureInformation> GetDocumentSignatureInformations(const css::uno::Reference<css::xml::crypto::XSecurityEnvironment>& xSecEnv) const;
|
||||
SignatureInformations GetSignatureInformations() const;
|
||||
|
||||
/// Return the ID of the next created signature.
|
||||
|
||||
@@ -100,9 +100,6 @@ private:
|
||||
css::uno::Reference< css::xml::crypto::sax::XSecurityController > mxSecurityController;
|
||||
css::uno::Reference< css::xml::crypto::XUriBinding > mxUriBinding;
|
||||
|
||||
css::uno::Reference< css::xml::crypto::XSEInitializer > mxSEInitializer;
|
||||
css::uno::Reference< css::xml::crypto::XXMLSecurityContext > mxSecurityContext;
|
||||
|
||||
std::vector<XMLSignatureCreationResult>
|
||||
maCreationResults;
|
||||
std::vector<XMLSignatureVerifyResult>
|
||||
@@ -123,10 +120,6 @@ public:
|
||||
XMLSignatureHelper(const css::uno::Reference< css::uno::XComponentContext >& mrCtx );
|
||||
~XMLSignatureHelper();
|
||||
|
||||
// Initialize the security context with default crypto token.
|
||||
// Returns true for success.
|
||||
bool Init();
|
||||
|
||||
// Set the storage which should be used by the default UriBinding
|
||||
// Must be set before StatrtMission().
|
||||
//sODFVersion indicates the ODF version
|
||||
@@ -137,15 +130,12 @@ public:
|
||||
// Default handler will verify all.
|
||||
void SetStartVerifySignatureHdl( const Link<LinkParamNone*,bool>& rLink );
|
||||
|
||||
// Get the security environment
|
||||
css::uno::Reference< css::xml::crypto::XSecurityEnvironment > GetSecurityEnvironment();
|
||||
|
||||
// After signing/verifying, get information about signatures
|
||||
SignatureInformation GetSignatureInformation( sal_Int32 nSecurityId ) const;
|
||||
SignatureInformations GetSignatureInformations() const;
|
||||
|
||||
// See XSecController for documentation
|
||||
void StartMission();
|
||||
void StartMission(const css::uno::Reference<css::xml::crypto::XXMLSecurityContext>& xSecurityContext);
|
||||
void EndMission();
|
||||
sal_Int32 GetNewSecurityId();
|
||||
/** sets data that describes the certificate.
|
||||
|
||||
@@ -106,7 +106,7 @@ public:
|
||||
private:
|
||||
void createDoc(const OUString& rURL);
|
||||
void createCalc(const OUString& rURL);
|
||||
uno::Reference<security::XCertificate> getCertificate(XMLSignatureHelper& rSignatureHelper);
|
||||
uno::Reference<security::XCertificate> getCertificate(DocumentSignatureManager& rSignatureManager);
|
||||
};
|
||||
|
||||
SigningTest::SigningTest()
|
||||
@@ -160,9 +160,9 @@ void SigningTest::createCalc(const OUString& rURL)
|
||||
mxComponent = loadFromDesktop(rURL, "com.sun.star.sheet.SpreadsheetDocument");
|
||||
}
|
||||
|
||||
uno::Reference<security::XCertificate> SigningTest::getCertificate(XMLSignatureHelper& rSignatureHelper)
|
||||
uno::Reference<security::XCertificate> SigningTest::getCertificate(DocumentSignatureManager& rSignatureManager)
|
||||
{
|
||||
uno::Reference<xml::crypto::XSecurityEnvironment> xSecurityEnvironment = rSignatureHelper.GetSecurityEnvironment();
|
||||
uno::Reference<xml::crypto::XSecurityEnvironment> xSecurityEnvironment = rSignatureManager.getSecurityEnvironment();
|
||||
OUString aCertificate;
|
||||
{
|
||||
SvFileStream aStream(m_directories.getURLFromSrc(DATA_DIRECTORY) + "certificate.crt", StreamMode::READ);
|
||||
@@ -191,14 +191,14 @@ void SigningTest::testDescription()
|
||||
xStorable->storeAsURL(aTempFile.GetURL(), aMediaDescriptor.getAsConstPropertyValueList());
|
||||
|
||||
DocumentSignatureManager aManager(mxComponentContext, DocumentSignatureMode::Content);
|
||||
CPPUNIT_ASSERT(aManager.maSignatureHelper.Init());
|
||||
CPPUNIT_ASSERT(aManager.init());
|
||||
uno::Reference <embed::XStorage> xStorage = comphelper::OStorageHelper::GetStorageOfFormatFromURL(ZIP_STORAGE_FORMAT_STRING, aTempFile.GetURL(), embed::ElementModes::READWRITE);
|
||||
CPPUNIT_ASSERT(xStorage.is());
|
||||
aManager.mxStore = xStorage;
|
||||
aManager.maSignatureHelper.SetStorage(xStorage, "1.2");
|
||||
|
||||
// Then add a signature document.
|
||||
uno::Reference<security::XCertificate> xCertificate = getCertificate(aManager.maSignatureHelper);
|
||||
uno::Reference<security::XCertificate> xCertificate = getCertificate(aManager);
|
||||
CPPUNIT_ASSERT(xCertificate.is());
|
||||
OUString aDescription("SigningTest::testDescription");
|
||||
sal_Int32 nSecurityId;
|
||||
@@ -224,14 +224,14 @@ void SigningTest::testOOXMLDescription()
|
||||
xStorable->storeAsURL(aTempFile.GetURL(), aMediaDescriptor.getAsConstPropertyValueList());
|
||||
|
||||
DocumentSignatureManager aManager(mxComponentContext, DocumentSignatureMode::Content);
|
||||
CPPUNIT_ASSERT(aManager.maSignatureHelper.Init());
|
||||
CPPUNIT_ASSERT(aManager.init());
|
||||
uno::Reference <embed::XStorage> xStorage = comphelper::OStorageHelper::GetStorageOfFormatFromURL(ZIP_STORAGE_FORMAT_STRING, aTempFile.GetURL(), embed::ElementModes::READWRITE);
|
||||
CPPUNIT_ASSERT(xStorage.is());
|
||||
aManager.mxStore = xStorage;
|
||||
aManager.maSignatureHelper.SetStorage(xStorage, "1.2");
|
||||
|
||||
// Then add a document signature.
|
||||
uno::Reference<security::XCertificate> xCertificate = getCertificate(aManager.maSignatureHelper);
|
||||
uno::Reference<security::XCertificate> xCertificate = getCertificate(aManager);
|
||||
CPPUNIT_ASSERT(xCertificate.is());
|
||||
OUString aDescription("SigningTest::testDescription");
|
||||
sal_Int32 nSecurityId;
|
||||
@@ -254,7 +254,7 @@ void SigningTest::testOOXMLAppend()
|
||||
osl::File::copy(m_directories.getURLFromSrc(DATA_DIRECTORY) + "partial.docx", aURL));
|
||||
// Load the test document as a storage and read its single signature.
|
||||
DocumentSignatureManager aManager(mxComponentContext, DocumentSignatureMode::Content);
|
||||
CPPUNIT_ASSERT(aManager.maSignatureHelper.Init());
|
||||
CPPUNIT_ASSERT(aManager.init());
|
||||
uno::Reference <embed::XStorage> xStorage = comphelper::OStorageHelper::GetStorageOfFormatFromURL(ZIP_STORAGE_FORMAT_STRING, aURL, embed::ElementModes::READWRITE);
|
||||
CPPUNIT_ASSERT(xStorage.is());
|
||||
aManager.mxStore = xStorage;
|
||||
@@ -264,7 +264,7 @@ void SigningTest::testOOXMLAppend()
|
||||
CPPUNIT_ASSERT_EQUAL(static_cast<std::size_t>(1), rInformations.size());
|
||||
|
||||
// Then add a second document signature.
|
||||
uno::Reference<security::XCertificate> xCertificate = getCertificate(aManager.maSignatureHelper);
|
||||
uno::Reference<security::XCertificate> xCertificate = getCertificate(aManager);
|
||||
CPPUNIT_ASSERT(xCertificate.is());
|
||||
sal_Int32 nSecurityId;
|
||||
aManager.add(xCertificate, OUString(), nSecurityId, false);
|
||||
@@ -279,7 +279,7 @@ void SigningTest::testOOXMLRemove()
|
||||
{
|
||||
// Load the test document as a storage and read its signatures: purpose1 and purpose2.
|
||||
DocumentSignatureManager aManager(mxComponentContext, DocumentSignatureMode::Content);
|
||||
CPPUNIT_ASSERT(aManager.maSignatureHelper.Init());
|
||||
CPPUNIT_ASSERT(aManager.init());
|
||||
OUString aURL = m_directories.getURLFromSrc(DATA_DIRECTORY) + "multi.docx";
|
||||
uno::Reference <embed::XStorage> xStorage = comphelper::OStorageHelper::GetStorageOfFormatFromURL(ZIP_STORAGE_FORMAT_STRING, aURL, embed::ElementModes::READWRITE);
|
||||
CPPUNIT_ASSERT(xStorage.is());
|
||||
@@ -290,7 +290,7 @@ void SigningTest::testOOXMLRemove()
|
||||
CPPUNIT_ASSERT_EQUAL(static_cast<std::size_t>(2), rInformations.size());
|
||||
|
||||
// Then remove the last added signature.
|
||||
uno::Reference<security::XCertificate> xCertificate = getCertificate(aManager.maSignatureHelper);
|
||||
uno::Reference<security::XCertificate> xCertificate = getCertificate(aManager);
|
||||
CPPUNIT_ASSERT(xCertificate.is());
|
||||
aManager.remove(0);
|
||||
|
||||
@@ -310,7 +310,7 @@ void SigningTest::testOOXMLRemoveAll()
|
||||
osl::File::copy(m_directories.getURLFromSrc(DATA_DIRECTORY) + "partial.docx", aURL));
|
||||
// Load the test document as a storage and read its single signature.
|
||||
DocumentSignatureManager aManager(mxComponentContext, DocumentSignatureMode::Content);
|
||||
CPPUNIT_ASSERT(aManager.maSignatureHelper.Init());
|
||||
CPPUNIT_ASSERT(aManager.init());
|
||||
uno::Reference <embed::XStorage> xStorage = comphelper::OStorageHelper::GetStorageOfFormatFromURL(ZIP_STORAGE_FORMAT_STRING, aURL, embed::ElementModes::READWRITE);
|
||||
CPPUNIT_ASSERT(xStorage.is());
|
||||
aManager.mxStore = xStorage;
|
||||
@@ -320,7 +320,7 @@ void SigningTest::testOOXMLRemoveAll()
|
||||
CPPUNIT_ASSERT_EQUAL(static_cast<std::size_t>(1), rInformations.size());
|
||||
|
||||
// Then remove the only signature in the document.
|
||||
uno::Reference<security::XCertificate> xCertificate = getCertificate(aManager.maSignatureHelper);
|
||||
uno::Reference<security::XCertificate> xCertificate = getCertificate(aManager);
|
||||
CPPUNIT_ASSERT(xCertificate.is());
|
||||
aManager.remove(0);
|
||||
aManager.read(/*bUseTempStream=*/true);
|
||||
|
||||
@@ -265,14 +265,23 @@ DocumentDigitalSignatures::ImplVerifySignatures(
|
||||
const Reference< css::embed::XStorage >& rxStorage,
|
||||
const Reference< css::io::XInputStream >& xSignStream, DocumentSignatureMode eMode ) throw (RuntimeException)
|
||||
{
|
||||
DocumentSignatureManager aSignatureManager(mxCtx, eMode);
|
||||
|
||||
bool bInit = aSignatureManager.init();
|
||||
|
||||
SAL_WARN_IF(!bInit, "xmlsecurity.comp", "Error initializing security context!");
|
||||
|
||||
if (!bInit)
|
||||
return uno::Sequence<security::DocumentSignatureInformation>(0);
|
||||
|
||||
if (!rxStorage.is())
|
||||
{
|
||||
if (xSignStream.is())
|
||||
{
|
||||
// Something not ZIP-based, try PDF.
|
||||
PDFSignatureHelper aSignatureHelper(mxCtx);
|
||||
if (aSignatureHelper.ReadAndVerifySignature(xSignStream))
|
||||
return aSignatureHelper.GetDocumentSignatureInformations();
|
||||
PDFSignatureHelper& rSignatureHelper = aSignatureManager.getPDFSignatureHelper();
|
||||
if (rSignatureHelper.ReadAndVerifySignature(xSignStream))
|
||||
return rSignatureHelper.GetDocumentSignatureInformations(aSignatureManager.getSecurityEnvironment());
|
||||
}
|
||||
|
||||
SAL_WARN( "xmlsecurity.comp", "Error, no XStorage provided");
|
||||
@@ -293,29 +302,21 @@ DocumentDigitalSignatures::ImplVerifySignatures(
|
||||
return Sequence< css::security::DocumentSignatureInformation >(0);
|
||||
|
||||
|
||||
XMLSignatureHelper aSignatureHelper( mxCtx );
|
||||
XMLSignatureHelper& rSignatureHelper = aSignatureManager.maSignatureHelper;
|
||||
rSignatureHelper.SetStorage(rxStorage, m_sODFVersion);
|
||||
|
||||
bool bInit = aSignatureHelper.Init();
|
||||
|
||||
SAL_WARN_IF( !bInit, "xmlsecurity.comp", "Error initializing security context!" );
|
||||
|
||||
if ( !bInit )
|
||||
return Sequence< css::security::DocumentSignatureInformation >(0);
|
||||
|
||||
aSignatureHelper.SetStorage(rxStorage, m_sODFVersion);
|
||||
|
||||
aSignatureHelper.StartMission();
|
||||
rSignatureHelper.StartMission(aSignatureManager.mxSecurityContext);
|
||||
|
||||
if (xInputStream.is())
|
||||
aSignatureHelper.ReadAndVerifySignature(xInputStream);
|
||||
rSignatureHelper.ReadAndVerifySignature(xInputStream);
|
||||
else if (aStreamHelper.nStorageFormat == embed::StorageFormats::OFOPXML)
|
||||
aSignatureHelper.ReadAndVerifySignatureStorage(aStreamHelper.xSignatureStorage);
|
||||
rSignatureHelper.ReadAndVerifySignatureStorage(aStreamHelper.xSignatureStorage);
|
||||
|
||||
aSignatureHelper.EndMission();
|
||||
rSignatureHelper.EndMission();
|
||||
|
||||
Reference< css::xml::crypto::XSecurityEnvironment > xSecEnv = aSignatureHelper.GetSecurityEnvironment();
|
||||
uno::Reference<xml::crypto::XSecurityEnvironment> xSecEnv = aSignatureManager.getSecurityEnvironment();
|
||||
|
||||
SignatureInformations aSignInfos = aSignatureHelper.GetSignatureInformations();
|
||||
SignatureInformations aSignInfos = rSignatureHelper.GetSignatureInformations();
|
||||
int nInfos = aSignInfos.size();
|
||||
Sequence< css::security::DocumentSignatureInformation > aInfos(nInfos);
|
||||
css::security::DocumentSignatureInformation* arInfos = aInfos.getArray();
|
||||
@@ -405,9 +406,10 @@ void DocumentDigitalSignatures::manageTrustedSources( ) throw (RuntimeException
|
||||
|
||||
Reference< css::xml::crypto::XSecurityEnvironment > xSecEnv;
|
||||
|
||||
XMLSignatureHelper aSignatureHelper( mxCtx );
|
||||
if ( aSignatureHelper.Init() )
|
||||
xSecEnv = aSignatureHelper.GetSecurityEnvironment();
|
||||
DocumentSignatureMode eMode{};
|
||||
DocumentSignatureManager aSignatureManager(mxCtx, eMode);
|
||||
if (aSignatureManager.init())
|
||||
xSecEnv = aSignatureManager.getSecurityEnvironment();
|
||||
|
||||
ScopedVclPtrInstance< MacroSecurity > aDlg( nullptr, mxCtx, xSecEnv );
|
||||
aDlg->Execute();
|
||||
@@ -416,15 +418,16 @@ void DocumentDigitalSignatures::manageTrustedSources( ) throw (RuntimeException
|
||||
void DocumentDigitalSignatures::showCertificate(
|
||||
const Reference< css::security::XCertificate >& Certificate ) throw (RuntimeException, std::exception)
|
||||
{
|
||||
XMLSignatureHelper aSignatureHelper( mxCtx );
|
||||
DocumentSignatureMode eMode{};
|
||||
DocumentSignatureManager aSignatureManager(mxCtx, eMode);
|
||||
|
||||
bool bInit = aSignatureHelper.Init();
|
||||
bool bInit = aSignatureManager.init();
|
||||
|
||||
SAL_WARN_IF( !bInit, "xmlsecurity.comp", "Error initializing security context!" );
|
||||
|
||||
if ( bInit )
|
||||
{
|
||||
ScopedVclPtrInstance< CertificateViewer > aViewer( nullptr, aSignatureHelper.GetSecurityEnvironment(), Certificate, false );
|
||||
ScopedVclPtrInstance<CertificateViewer> aViewer(nullptr, aSignatureManager.getSecurityEnvironment(), Certificate, false);
|
||||
aViewer->Execute();
|
||||
}
|
||||
|
||||
@@ -460,9 +463,10 @@ Reference< css::security::XCertificate > DocumentDigitalSignatures::chooseCertif
|
||||
{
|
||||
Reference< css::xml::crypto::XSecurityEnvironment > xSecEnv;
|
||||
|
||||
XMLSignatureHelper aSignatureHelper( mxCtx );
|
||||
if ( aSignatureHelper.Init() )
|
||||
xSecEnv = aSignatureHelper.GetSecurityEnvironment();
|
||||
DocumentSignatureMode eMode{};
|
||||
DocumentSignatureManager aSignatureManager(mxCtx, eMode);
|
||||
if (aSignatureManager.init())
|
||||
xSecEnv = aSignatureManager.getSecurityEnvironment();
|
||||
|
||||
ScopedVclPtrInstance< CertificateChooser > aChooser(nullptr, mxCtx, xSecEnv);
|
||||
|
||||
|
||||
@@ -212,7 +212,7 @@ void DigitalSignaturesDialog::dispose()
|
||||
|
||||
bool DigitalSignaturesDialog::Init()
|
||||
{
|
||||
bool bInit = maSignatureManager.maSignatureHelper.Init();
|
||||
bool bInit = maSignatureManager.init();
|
||||
|
||||
SAL_WARN_IF( !bInit, "xmlsecurity.dialogs", "Error initializing security context!" );
|
||||
|
||||
@@ -384,7 +384,7 @@ IMPL_LINK_NOARG(DigitalSignaturesDialog, AddButtonHdl, Button*, void)
|
||||
return;
|
||||
try
|
||||
{
|
||||
uno::Reference<css::xml::crypto::XSecurityEnvironment> xSecEnv = maSignatureManager.maSignatureHelper.GetSecurityEnvironment();
|
||||
uno::Reference<xml::crypto::XSecurityEnvironment> xSecEnv = maSignatureManager.getSecurityEnvironment();
|
||||
|
||||
ScopedVclPtrInstance< CertificateChooser > aChooser( this, mxCtx, xSecEnv );
|
||||
if ( aChooser->Execute() == RET_OK )
|
||||
@@ -457,7 +457,7 @@ void DigitalSignaturesDialog::ImplFillSignaturesBox()
|
||||
{
|
||||
m_pSignaturesLB->Clear();
|
||||
|
||||
uno::Reference< css::xml::crypto::XSecurityEnvironment > xSecEnv = maSignatureManager.maSignatureHelper.GetSecurityEnvironment();
|
||||
uno::Reference<xml::crypto::XSecurityEnvironment> xSecEnv = maSignatureManager.getSecurityEnvironment();
|
||||
uno::Reference<css::security::XSerialNumberAdapter> xSerialNumberAdapter =
|
||||
css::security::SerialNumberAdapter::create(mxCtx);
|
||||
|
||||
@@ -618,8 +618,7 @@ void DigitalSignaturesDialog::ImplShowSignaturesDetails()
|
||||
{
|
||||
sal_uInt16 nSelected = (sal_uInt16) reinterpret_cast<sal_uIntPtr>( m_pSignaturesLB->FirstSelected()->GetUserData() );
|
||||
const SignatureInformation& rInfo = maSignatureManager.maCurrentSignatureInformations[ nSelected ];
|
||||
css::uno::Reference<css::xml::crypto::XSecurityEnvironment > xSecEnv =
|
||||
maSignatureManager.maSignatureHelper.GetSecurityEnvironment();
|
||||
uno::Reference<xml::crypto::XSecurityEnvironment> xSecEnv = maSignatureManager.getSecurityEnvironment();
|
||||
css::uno::Reference<com::sun::star::security::XSerialNumberAdapter> xSerialNumberAdapter =
|
||||
css::security::SerialNumberAdapter::create(mxCtx);
|
||||
// Use Certificate from doc, not from key store
|
||||
@@ -633,7 +632,7 @@ void DigitalSignaturesDialog::ImplShowSignaturesDetails()
|
||||
SAL_WARN_IF( !xCert.is(), "xmlsecurity.dialogs", "Error getting Certificate!" );
|
||||
if ( xCert.is() )
|
||||
{
|
||||
ScopedVclPtrInstance< CertificateViewer > aViewer( this, maSignatureManager.maSignatureHelper.GetSecurityEnvironment(), xCert, false );
|
||||
ScopedVclPtrInstance<CertificateViewer> aViewer(this, maSignatureManager.getSecurityEnvironment(), xCert, false);
|
||||
aViewer->Execute();
|
||||
}
|
||||
}
|
||||
|
||||
@@ -25,6 +25,7 @@
|
||||
#include <com/sun/star/io/XTruncate.hpp>
|
||||
#include <com/sun/star/security/SerialNumberAdapter.hpp>
|
||||
#include <com/sun/star/embed/XTransactedObject.hpp>
|
||||
#include <com/sun/star/xml/crypto/SEInitializer.hpp>
|
||||
|
||||
#include <comphelper/storagehelper.hxx>
|
||||
#include <rtl/ustrbuf.hxx>
|
||||
@@ -47,11 +48,24 @@ DocumentSignatureManager::~DocumentSignatureManager()
|
||||
{
|
||||
}
|
||||
|
||||
bool DocumentSignatureManager::init()
|
||||
{
|
||||
SAL_WARN_IF(mxSEInitializer.is(), "xmlsecurity.helper", "DocumentSignatureManager::Init - mxSEInitializer already set!");
|
||||
SAL_WARN_IF(mxSecurityContext.is(), "xmlsecurity.helper", "DocumentSignatureManager::Init - mxSecurityContext already set!");
|
||||
|
||||
mxSEInitializer = css::xml::crypto::SEInitializer::create(mxContext);
|
||||
|
||||
if (mxSEInitializer.is())
|
||||
mxSecurityContext = mxSEInitializer->createSecurityContext(OUString());
|
||||
|
||||
return mxSecurityContext.is();
|
||||
}
|
||||
|
||||
PDFSignatureHelper& DocumentSignatureManager::getPDFSignatureHelper()
|
||||
{
|
||||
// It is important to create this only when dealing with PDF, in case both
|
||||
// this and XMLSignatureHelper is created, xmlsec gets confused, and
|
||||
// doesn't get correct result.
|
||||
if (!mxSecurityContext.is())
|
||||
init();
|
||||
|
||||
if (!mpPDFSignatureHelper)
|
||||
mpPDFSignatureHelper.reset(new PDFSignatureHelper(mxContext));
|
||||
|
||||
@@ -246,7 +260,7 @@ bool DocumentSignatureManager::add(const uno::Reference<security::XCertificate>&
|
||||
return true;
|
||||
}
|
||||
|
||||
maSignatureHelper.StartMission();
|
||||
maSignatureHelper.StartMission(mxSecurityContext);
|
||||
|
||||
nSecurityId = maSignatureHelper.GetNewSecurityId();
|
||||
|
||||
@@ -398,7 +412,7 @@ void DocumentSignatureManager::read(bool bUseTempStream, bool bCacheLastSignatur
|
||||
if (mxStore.is())
|
||||
{
|
||||
// ZIP-based: ODF or OOXML.
|
||||
maSignatureHelper.StartMission();
|
||||
maSignatureHelper.StartMission(mxSecurityContext);
|
||||
|
||||
SignatureStreamHelper aStreamHelper = ImplOpenSignatureStream(embed::ElementModes::READ, bUseTempStream);
|
||||
if (aStreamHelper.nStorageFormat != embed::StorageFormats::OFOPXML && aStreamHelper.xSignatureStream.is())
|
||||
@@ -474,4 +488,9 @@ void DocumentSignatureManager::write()
|
||||
}
|
||||
}
|
||||
|
||||
uno::Reference<xml::crypto::XSecurityEnvironment> DocumentSignatureManager::getSecurityEnvironment()
|
||||
{
|
||||
return mxSecurityContext.is() ? mxSecurityContext->getSecurityEnvironment() : uno::Reference<xml::crypto::XSecurityEnvironment>();
|
||||
}
|
||||
|
||||
/* vim:set shiftwidth=4 softtabstop=4 expandtab: */
|
||||
|
||||
@@ -26,10 +26,6 @@ using namespace ::com::sun::star;
|
||||
PDFSignatureHelper::PDFSignatureHelper(const uno::Reference<uno::XComponentContext>& xComponentContext)
|
||||
: m_xComponentContext(xComponentContext)
|
||||
{
|
||||
m_xSEInitializer = xml::crypto::SEInitializer::create(m_xComponentContext);
|
||||
if (m_xSEInitializer.is())
|
||||
// This initializes nss / mscrypto.
|
||||
m_xSecurityContext = m_xSEInitializer->createSecurityContext(OUString());
|
||||
}
|
||||
|
||||
bool PDFSignatureHelper::ReadAndVerifySignature(const uno::Reference<io::XInputStream>& xInputStream)
|
||||
@@ -76,24 +72,23 @@ SignatureInformations PDFSignatureHelper::GetSignatureInformations() const
|
||||
return m_aSignatureInfos;
|
||||
}
|
||||
|
||||
uno::Sequence<security::DocumentSignatureInformation> PDFSignatureHelper::GetDocumentSignatureInformations() const
|
||||
uno::Sequence<security::DocumentSignatureInformation> PDFSignatureHelper::GetDocumentSignatureInformations(const uno::Reference<xml::crypto::XSecurityEnvironment>& xSecEnv) const
|
||||
{
|
||||
uno::Sequence<security::DocumentSignatureInformation> aRet(m_aSignatureInfos.size());
|
||||
|
||||
uno::Reference<xml::crypto::XSecurityEnvironment> xSecurityEnvironment = m_xSecurityContext->getSecurityEnvironment();
|
||||
for (size_t i = 0; i < m_aSignatureInfos.size(); ++i)
|
||||
{
|
||||
const SignatureInformation& rInternal = m_aSignatureInfos[i];
|
||||
security::DocumentSignatureInformation& rExternal = aRet[i];
|
||||
rExternal.SignatureIsValid = rInternal.nStatus == xml::crypto::SecurityOperationStatus_OPERATION_SUCCEEDED;
|
||||
rExternal.Signer = xSecurityEnvironment->createCertificateFromAscii(rInternal.ouX509Certificate);
|
||||
rExternal.Signer = xSecEnv->createCertificateFromAscii(rInternal.ouX509Certificate);
|
||||
|
||||
// Verify certificate.
|
||||
if (rExternal.Signer.is())
|
||||
{
|
||||
try
|
||||
{
|
||||
rExternal.CertificateStatus = xSecurityEnvironment->verifyCertificate(rExternal.Signer, {});
|
||||
rExternal.CertificateStatus = xSecEnv->verifyCertificate(rExternal.Signer, {});
|
||||
}
|
||||
catch (const uno::SecurityException& rException)
|
||||
{
|
||||
|
||||
@@ -39,7 +39,6 @@
|
||||
#include <com/sun/star/beans/StringPair.hpp>
|
||||
#include <com/sun/star/xml/sax/Parser.hpp>
|
||||
#include <com/sun/star/xml/sax/Writer.hpp>
|
||||
#include <com/sun/star/xml/crypto/SEInitializer.hpp>
|
||||
#include <com/sun/star/embed/ElementModes.hpp>
|
||||
#include <com/sun/star/embed/XStorage.hpp>
|
||||
#include <com/sun/star/embed/StorageFormats.hpp>
|
||||
@@ -71,19 +70,6 @@ XMLSignatureHelper::~XMLSignatureHelper()
|
||||
{
|
||||
}
|
||||
|
||||
bool XMLSignatureHelper::Init()
|
||||
{
|
||||
SAL_WARN_IF( mxSEInitializer.is(), "xmlsecurity.helper", "XMLSignatureHelper::Init - mxSEInitializer already set!" );
|
||||
SAL_WARN_IF( mxSecurityContext.is(), "xmlsecurity.helper", "XMLSignatureHelper::Init - mxSecurityContext already set!" );
|
||||
|
||||
mxSEInitializer = css::xml::crypto::SEInitializer::create( mxCtx );
|
||||
|
||||
if ( mxSEInitializer.is() )
|
||||
mxSecurityContext = mxSEInitializer->createSecurityContext( OUString() );
|
||||
|
||||
return mxSecurityContext.is();
|
||||
}
|
||||
|
||||
void XMLSignatureHelper::SetStorage(
|
||||
const Reference < css::embed::XStorage >& rxStorage,
|
||||
const OUString& sODFVersion)
|
||||
@@ -101,12 +87,12 @@ void XMLSignatureHelper::SetStartVerifySignatureHdl( const Link<LinkParamNone*,b
|
||||
}
|
||||
|
||||
|
||||
void XMLSignatureHelper::StartMission()
|
||||
void XMLSignatureHelper::StartMission(const uno::Reference<xml::crypto::XXMLSecurityContext>& xSecurityContext)
|
||||
{
|
||||
if ( !mxUriBinding.is() )
|
||||
mxUriBinding = new UriBindingHelper();
|
||||
|
||||
mpXSecController->startMission( mxUriBinding, mxSecurityContext );
|
||||
mpXSecController->startMission(mxUriBinding, xSecurityContext);
|
||||
}
|
||||
|
||||
void XMLSignatureHelper::EndMission()
|
||||
@@ -314,11 +300,6 @@ SignatureInformations XMLSignatureHelper::GetSignatureInformations() const
|
||||
return mpXSecController->getSignatureInformations();
|
||||
}
|
||||
|
||||
uno::Reference< css::xml::crypto::XSecurityEnvironment > XMLSignatureHelper::GetSecurityEnvironment()
|
||||
{
|
||||
return (mxSecurityContext.is()?(mxSecurityContext->getSecurityEnvironment()): uno::Reference< css::xml::crypto::XSecurityEnvironment >());
|
||||
}
|
||||
|
||||
IMPL_LINK( XMLSignatureHelper, SignatureCreationResultListener, XMLSignatureCreationResult&, rResult, void )
|
||||
{
|
||||
maCreationResults.insert( maCreationResults.begin() + maCreationResults.size(), rResult );
|
||||
|
||||
Reference in New Issue
Block a user