libreoffice

Author	SHA1	Message	Date
Stephan Bergmann	33c81a4580	loplugin:externvar (clang-cl) Change-Id: I6f4c294cb15a4426545d05be7b0a7f26f580563c	2017-01-11 13:42:42 +01:00
Stephan Bergmann	91425be3c6	New loplugin:conststringvar: xmlsecurity Change-Id: Ifec5c8a9addca5976714eec64385b3f87e5380c5	2017-01-10 08:09:29 +01:00
Noel Grandin	b022985505	loplugin:unusedfields Change-Id: I9611511cb3480734dea3c3cbaf0d659071366ad1 Reviewed-on: https://gerrit.libreoffice.org/32873 Reviewed-by: Noel Grandin <noel.grandin@collabora.co.uk> Tested-by: Noel Grandin <noel.grandin@collabora.co.uk>	2017-01-10 06:28:22 +00:00
Stephan Bergmann	a32c0f4a1e	New loplugin:externvar: xmlsecurity Change-Id: I25ee9a65b481c63ab2629be54768793d254341b5	2017-01-09 15:38:51 +01:00
Miklos Vajna	9739392cbd	xmlsecurity: hold XMLSignatureTemplateImpl by rtl::Reference Going via UNO for a class in the same directory is an overkill. Change-Id: I3dd09a74b6113c472402632bd54bc5bcf32f69bf Reviewed-on: https://gerrit.libreoffice.org/32748 Reviewed-by: Miklos Vajna <vmiklos@collabora.co.uk> Tested-by: Jenkins <ci@libreoffice.org>	2017-01-05 15:31:33 +00:00
Noel Grandin	46d3163f77	loplugin:unusedmethods Change-Id: Ife4c8d948ffa116f044d43903de9485e43cfcae5 Reviewed-on: https://gerrit.libreoffice.org/32336 Tested-by: Jenkins <ci@libreoffice.org> Reviewed-by: Noel Grandin <noel.grandin@collabora.co.uk>	2016-12-23 04:46:35 +00:00
Tor Lillqvist	b1c1458760	Revert "[API CHANGE] createSecurityContext() was always called with an empty string" I got cold feet. I don't want to have to revert this many years later instead, when some obscure 3rd-party software stops working. This reverts commit `e1ce7bad62`.	2016-12-22 08:48:16 +02:00
Tor Lillqvist	e1ce7bad62	[API CHANGE] createSecurityContext() was always called with an empty string So drop the parameter then and propagate fallout in the Windows implementation in xmlsecurity. The NSS implementation already ignored the parameter completely. This interface is not 'published' and the parameter was even marked as 'reserved for internal use' so I doubt any external code has used it. Change-Id: I5915b941b79cfddadc8137c32ed07c20c9ccaa37	2016-12-21 21:24:09 +02:00
Noel Grandin	6b8ee3c9ba	convert VclButtonsType to scoped enum Change-Id: I9b91108c18e190060dc71546977aa8a3c11f06e1 Reviewed-on: https://gerrit.libreoffice.org/32285 Tested-by: Jenkins <ci@libreoffice.org> Reviewed-by: Thomas Arnhold <thomas@arnhold.org>	2016-12-21 16:19:37 +00:00
Tor Lillqvist	317278525a	Bin now unused fields Change-Id: Ie2179bc61ca59a5f5ea2bed1c5c0b2c1dea55474	2016-12-21 17:49:18 +02:00
Tor Lillqvist	62fe303d16	Bin now unused functions Change-Id: I515279becbb219c94a52bb1ebf9d1ab33402dae0	2016-12-21 17:49:18 +02:00
Tor Lillqvist	efe9d1df69	Don't add empty TODO functions to libxmlsec, and don't call them Change-Id: Iaec1de29a0e7f3ea8eb10869382401d121de2c8a	2016-12-21 17:35:24 +02:00
Miklos Vajna	517994c640	xmlsecurity: instantiate SignatureCreatorImpl directly in XSecController Going via UNO for a class in the same module is an overkill. Change-Id: I3a24bc770e40be5b0a6fc34206e92f968de060ae Reviewed-on: https://gerrit.libreoffice.org/32271 Reviewed-by: Miklos Vajna <vmiklos@collabora.co.uk> Tested-by: Jenkins <ci@libreoffice.org>	2016-12-21 08:06:26 +00:00
Stephan Bergmann	83d2c5180d	Adapt to no-longer explicit OUStringLiteral ctor ...from previous commit Change-Id: I062b7cd212c17e7eb5274476e6859228d0477c7f Reviewed-on: https://gerrit.libreoffice.org/32098 Reviewed-by: Stephan Bergmann <sbergman@redhat.com> Tested-by: Stephan Bergmann <sbergman@redhat.com>	2016-12-17 16:12:02 +00:00
Stephan Bergmann	54c401d775	loplugin:staticmethods (clang-cl) Change-Id: Id97600a7d29fbe938d67ea074ca12dd665a29cc3	2016-12-16 15:28:40 +01:00
Stephan Bergmann	721116c7ad	Phase out support for HAVE_BROKEN_STATIC_INITIALIZER_LIST ...I'm pondering a change that would make that a hard requirement, and from the comment in configure.ac it looks like only old Clang < 3.4 were affected. Change-Id: I8ef64f759fed1a45d88f94d0e8a60839ad10b263 Reviewed-on: https://gerrit.libreoffice.org/32029 Reviewed-by: Stephan Bergmann <sbergman@redhat.com> Tested-by: Stephan Bergmann <sbergman@redhat.com>	2016-12-15 11:24:53 +00:00
Miklos Vajna	a7c35729e0	xmlsecurity: hold XMLDocumentWrapper by rtl::Reference in XSecController Going via UNO for a class in the same module is an overkill. Change-Id: Idf706782e5844fd2e553c44966e1dd1104dce8e7 Reviewed-on: https://gerrit.libreoffice.org/32030 Reviewed-by: Miklos Vajna <vmiklos@collabora.co.uk> Tested-by: Jenkins <ci@libreoffice.org>	2016-12-15 09:15:38 +00:00
Stephan Bergmann	1f32fdc712	Unnecessary includes Change-Id: I9816e320d9ed31b8af50d20d207a9be21b58ace3	2016-12-15 08:50:20 +01:00
Adam Kasztenny	13cba3505f	tdf#95416 Fix an include for xmlsecurity Move one header file to inc/ Change-Id: If8f4bfcf29464011fe68573e7d4e67900aacc2cd Reviewed-on: https://gerrit.libreoffice.org/31891 Tested-by: Jenkins <ci@libreoffice.org> Reviewed-by: Miklos Vajna <vmiklos@collabora.co.uk>	2016-12-12 08:53:53 +00:00
Miklos Vajna	9bd471cb76	xmlsecurity: clean up not needed C2U macro in xmldocumentwrapper Also remove some auto-generated documentation that adds no useful information. Change-Id: I5e5c5dd6aaa3fb6953c38d6e82fa13737217c25c Reviewed-on: https://gerrit.libreoffice.org/31748 Reviewed-by: Miklos Vajna <vmiklos@collabora.co.uk> Tested-by: Jenkins <ci@libreoffice.org>	2016-12-08 09:17:53 +00:00
Miklos Vajna	81f7824a98	xmlsecurity DigitalSignaturesDialog: show signature type on the UI The code already knew if the signature was AdES-enabled or not, but that info wasn't available on the UI. The values are all names of standards, Andras says it's OK to have them non-translatable. Change-Id: I20baf0871fe2c84b04b7fc64014061e341744db8 Reviewed-on: https://gerrit.libreoffice.org/31718 Reviewed-by: Miklos Vajna <vmiklos@collabora.co.uk> Tested-by: Jenkins <ci@libreoffice.org>	2016-12-07 12:45:12 +00:00
Noel Grandin	50151db9f7	convert FSysStyle to o3tl::typed_flags Change-Id: I58a63a0e6f619442f21827064644ecd8ca57b8ff	2016-12-05 12:49:02 +02:00
Miklos Vajna	e58ed17e35	xmlsecurity mscrypto PDF verify: implement support for non-detached signatures This was the last unit test that was disabled on Windows due to missing implementation. Change-Id: Ia7d84f72bcdf79267c7de17cd8822ed02c378642 Reviewed-on: https://gerrit.libreoffice.org/31552 Reviewed-by: Miklos Vajna <vmiklos@collabora.co.uk> Tested-by: Jenkins <ci@libreoffice.org>	2016-12-02 15:41:01 +00:00
Miklos Vajna	61c81c4500	xmlsecurity PDF verify: don't hide signatures where digest match is uncertain Use case: the bugdoc has 2 signatures, one normal one and one with SubFilter=ETSI.RFC3161. By not hiding the second signature it's possible to counter-sign the document, even if we don't handle the contents of the second one. Change-Id: I580e1211072ec9839f01b529b569c98b702b6534 Reviewed-on: https://gerrit.libreoffice.org/31539 Reviewed-by: Miklos Vajna <vmiklos@collabora.co.uk> Tested-by: Jenkins <ci@libreoffice.org>	2016-12-02 13:16:54 +00:00
Miklos Vajna	c4cb8b5d14	xmlsecurity PDF verify: avoid seeking before the start of the stream Happened when the doc was smaller than 1024 bytes. Change-Id: Ie5eea5905a09722e7958495d26e6c78ee234d3ba Reviewed-on: https://gerrit.libreoffice.org/31500 Tested-by: Jenkins <ci@libreoffice.org> Reviewed-by: Miklos Vajna <vmiklos@collabora.co.uk>	2016-12-01 19:35:22 +00:00
Miklos Vajna	b1f91c0a04	xmlsecurity PDF verify: handle no EOL at EOF From a comment's point of view, EOF is just a terminator, similar to \r or \n. Change-Id: I120bf1e75f1eb81a550af643051e6fc472873eff Reviewed-on: https://gerrit.libreoffice.org/31499 Tested-by: Jenkins <ci@libreoffice.org> Reviewed-by: Miklos Vajna <vmiklos@collabora.co.uk>	2016-12-01 19:34:52 +00:00
Miklos Vajna	cdf2ae1b66	xmlsecurity PDF verify: fix reading names containing ']' Also fix parsing '<< /Foo [ /Bar ] >>'. Change-Id: I3375001730b4d2e447b0dd8a7809a7bfb013126c Reviewed-on: https://gerrit.libreoffice.org/31498 Tested-by: Jenkins <ci@libreoffice.org> Reviewed-by: Miklos Vajna <vmiklos@collabora.co.uk>	2016-12-01 19:34:25 +00:00
Miklos Vajna	e84993486b	xmlsecurity PDF verify: don't abort read on partial sign Map it to the partially signed (not all streams) ODF concept instead. Change-Id: I7fc931e622b9f10a1261cd475b01a2f038e37ece Reviewed-on: https://gerrit.libreoffice.org/31497 Tested-by: Jenkins <ci@libreoffice.org> Reviewed-by: Miklos Vajna <vmiklos@collabora.co.uk>	2016-12-01 19:34:14 +00:00
Miklos Vajna	c623a9f846	xmlsecurity PDF verify: handle boolean type as dictionary value This caused not finding the length of a stream -> could not actually verify signature. Change-Id: I696b6da49525eb53f7575c27f619d2116be51f1d Reviewed-on: https://gerrit.libreoffice.org/31490 Reviewed-by: Miklos Vajna <vmiklos@collabora.co.uk> Tested-by: Jenkins <ci@libreoffice.org>	2016-12-01 16:26:13 +00:00
Miklos Vajna	9b526a43e1	xmlsecurity PDF verify: CR is also a terminator of a comment If we skip to the first NL, then we start tokenizing some XML as PDF data and soon error out due to an unexpected keyword. Change-Id: I86b540a014e5a92ea4376ed765385a2ee568a3c1 Reviewed-on: https://gerrit.libreoffice.org/31472 Tested-by: Jenkins <ci@libreoffice.org> Reviewed-by: Miklos Vajna <vmiklos@collabora.co.uk>	2016-12-01 12:44:52 +00:00
Miklos Vajna	0233ff9523	xmlsecurity PDF verify: tolerate missing %%EOF in incremental updates This is broken, but work it around to avoid an infinite loop. Change-Id: I132a3c19cfe53e6166bfc1a881d1bfa5071f85d4 Reviewed-on: https://gerrit.libreoffice.org/31471 Tested-by: Jenkins <ci@libreoffice.org> Reviewed-by: Miklos Vajna <vmiklos@collabora.co.uk>	2016-12-01 12:29:32 +00:00
Miklos Vajna	055fd58711	xmlsecurity PDF verify: support non-detached signatures And a couple of other changes to accept the bugdoc from <https://github.com/esig/dss/ dss-pades/target/test-classes/plugtest/esig2014/ESIG-PAdES/RO/Signature-P-RO-4.pdf>. Change-Id: I0fca9ba0bfe927ef91ae2592a5026b05d19879fd Reviewed-on: https://gerrit.libreoffice.org/31462 Reviewed-by: Miklos Vajna <vmiklos@collabora.co.uk> Tested-by: Jenkins <ci@libreoffice.org>	2016-12-01 09:49:29 +00:00
Miklos Vajna	7920ba294b	xmlsecurity: instantiate SAXEventKeeperImpl directly in XSecController Going via UNO for a class in the same module is an overkill. Change-Id: I577660513022fde1576df19b412fcdb1ee2ad041 Reviewed-on: https://gerrit.libreoffice.org/31461 Reviewed-by: Miklos Vajna <vmiklos@collabora.co.uk> Tested-by: Jenkins <ci@libreoffice.org>	2016-12-01 09:42:07 +00:00
Miklos Vajna	7226ee0586	xmlsecurity: don't write unchanged signatures back to the file It's not useful, OTOH it can happen that something goes wrong and the result does not match the original. One situation when this can happen is when non-XAdES signatures are read, but the checkbox to write XAdES signature is enabled. Change-Id: Icafad914175b29f7c0245220258bd1420ccd7b9c Reviewed-on: https://gerrit.libreoffice.org/31437 Reviewed-by: Miklos Vajna <vmiklos@collabora.co.uk> Tested-by: Jenkins <ci@libreoffice.org>	2016-11-30 17:47:31 +00:00
Miklos Vajna	bef9ba5e06	xmlsecurity PDF verify: look for the signingCertificateV2 attribute This is a required part of the PAdES spec, but so far we only wrote it. As a start just expose if the attribute exists or not. Change-Id: Iae3815f764973a2fd29d72593236c2f484172101 Reviewed-on: https://gerrit.libreoffice.org/31436 Reviewed-by: Miklos Vajna <vmiklos@collabora.co.uk> Tested-by: Jenkins <ci@libreoffice.org>	2016-11-30 17:07:51 +00:00
Miklos Vajna	fd3db1cf77	CppunitTest_xmlsecurity_signing: fix this on Windows with non-empty cert store The NSS code earlier started to save the hash algo ID of the signature into the signature structure and I also added a unit test for this. This failed on Windows when the system had at least one signing certificate installed, as the mscrypto part of the patch was missing. Change-Id: Ib09e9e53292b5beb011c96ecf6f51a5ee10c15b0 Reviewed-on: https://gerrit.libreoffice.org/31323 Reviewed-by: Miklos Vajna <vmiklos@collabora.co.uk> Tested-by: Jenkins <ci@libreoffice.org>	2016-11-28 18:21:06 +00:00
Tor Lillqvist	0b719cd36d	No reason for these member functions to be virtual Not sure what the author was thinking, or what the comment '//Native methods' was supposed to mean. Change-Id: I9e45de6f24531a99770d98f415fea6a1cfd7d2c2	2016-11-28 11:40:05 +02:00
Tor Lillqvist	ed22c0cdb1	Bin SecurityEnvironment_MSCryptImpl::getPriKey() as it always returns NULL Fallout from my previous commit. Change-Id: I4436721e719514d6ecf7847113957827c910d65a	2016-11-28 11:40:05 +02:00
Tor Lillqvist	fb414a04fc	Bin SecurityEnvironment_MSCryptImpl::m_tPriKeyList as it was always empty Change-Id: I5f35c702ff9a613c6601cd0c3c42e9fc4f4e26a6	2016-11-28 11:40:04 +02:00
Tor Lillqvist	0ddcff2053	No need for this local function to be externally visible Change-Id: Idb2e716cdc4933c2691de2df21a4ee7afda9e597	2016-11-25 15:02:45 +02:00
Miklos Vajna	5cb580144c	CppunitTest_xmlsecurity_pdfsigning: add PAdES testcase Assert the two user-visible changes: SHA-256 hashes and the SubFilter of the signature. Change-Id: I12a2355e2ddfc368bed4430a7b5ad244b5778afe Reviewed-on: https://gerrit.libreoffice.org/31173 Tested-by: Jenkins <ci@libreoffice.org> Reviewed-by: Miklos Vajna <vmiklos@collabora.co.uk>	2016-11-25 07:12:48 +00:00
Miklos Vajna	8a279d7de4	xmlsecurity mscrypto PDF sign: conditionally add back CAdES SubFilter We can now write that on Windows as well when requested, after the signing-certificate attribute is implemented using mscrypto. With this, the PAdES validator at <http://signatures-conformance-checker.etsi.org/protected/upload.php?sigtype=padesconf> finds our Windows signature valid. Change-Id: Iaeb4c36a1eac14e3d3c3c12d9cfd9529e7663f77 Reviewed-on: https://gerrit.libreoffice.org/31162 Reviewed-by: Miklos Vajna <vmiklos@collabora.co.uk> Tested-by: Jenkins <ci@libreoffice.org>	2016-11-24 16:08:04 +00:00
Miklos Vajna	9691cea443	xmlsecurity: instantiate SignatureVerifierImpl directly in XSecController Going via UNO for a class in the same module sounds like an overkill. Change-Id: Iaa5b31d1b888c8d3f1c9b47ee787504191ce3d7d Reviewed-on: https://gerrit.libreoffice.org/31148 Reviewed-by: Miklos Vajna <vmiklos@collabora.co.uk> Tested-by: Jenkins <ci@libreoffice.org>	2016-11-24 14:22:45 +00:00
Tor Lillqvist	dcbfa4be9b	Show also the message for the last Windows error in our own error handler That is what the default libxmlsec error handler xmlSecMSCryptoErrorsDefaultCallback() does. Why show less information in our own handler? Change-Id: Ibc9f9b5066536d0f5cabbf2bda6d1fa14eca5613	2016-11-24 11:57:21 +02:00
Tor Lillqvist	8b8f315b51	Nothing from that namespace used here Change-Id: I05450a0af00b200145312301207b8f6d3af05145	2016-11-24 11:33:58 +02:00
Tor Lillqvist	8f08d48780	Bin copy-pasted comment that is meaningless here Change-Id: Ie18a1bd4c006a9c7a54dc79747cb7e300315640a	2016-11-24 11:32:05 +02:00
Miklos Vajna	cb851cbb09	vcl mscrypto PDF sign: add initial 'signing-certificate' signed attribute Equivalent of the earlier NSS commit, payload is just an empty sequence at the moment. Change-Id: I4639e2514ef01d23da04aedc30f63f9e8878223b Reviewed-on: https://gerrit.libreoffice.org/31108 Reviewed-by: Miklos Vajna <vmiklos@collabora.co.uk> Tested-by: Jenkins <ci@libreoffice.org>	2016-11-23 13:18:58 +00:00
Miklos Vajna	1ed86ee4eb	vcl PDF mscrypto sign: upgrade SHA-1 hash to SHA-256 Also: - avoid writing ETSI.CAdES.detached for now on Windows till doing so results in an invalid signature in Acrobat - extend the SEC_OID_PKCS1_SHA1_WITH_RSA_ENCRYPTION hack to do the same for SHA256 and SHA512 as well, as Acrobat and NSS accepts such signatures Change-Id: Ibb0a204504b29230dd712ffb709d2037c1007218	2016-11-22 20:27:50 +01:00
Miklos Vajna	c855aec445	xmlsecurity: no need to inherit from XSecurityController in XSecController Change-Id: If26be2b51a1fd8a6ad3e96928e2d142d1ced2845 Reviewed-on: https://gerrit.libreoffice.org/31074 Tested-by: Jenkins <ci@libreoffice.org> Reviewed-by: Miklos Vajna <vmiklos@collabora.co.uk>	2016-11-22 15:30:01 +00:00
Miklos Vajna	6971159bb4	Executable_pdfverify: move pdfverify.cxx to workben/ That's where the implementation of such internal test binaries usually are. Change-Id: Ib7d2eb95de96d0d82e90e51f58da3a0c15a2ec71 Reviewed-on: https://gerrit.libreoffice.org/31073 Tested-by: Jenkins <ci@libreoffice.org> Reviewed-by: Miklos Vajna <vmiklos@collabora.co.uk>	2016-11-22 14:00:02 +00:00

1 2 3 4 5 ...

1415 Commits