diff options
author | Tomaž Vajngerl <tomaz.vajngerl@collabora.co.uk> | 2018-10-24 10:56:15 +0200 |
---|---|---|
committer | Tomaž Vajngerl <quikee@gmail.com> | 2018-10-31 09:08:20 +0100 |
commit | 08c3c504644ee978c2ec75ba083765b6ffddf08c (patch) | |
tree | 9f970be2003c0b0d9d3da1202904faa758c8e5d5 | |
parent | 7513af89362a7d54e0210049d3644db5818950a5 (diff) |
lok: new function to add certificate to certificate DB
Also needed to extend XCertificateCreator with a new method
"addDERCertificateToTheDatabase".
Change-Id: I7b4df65365893bd5a0628aeec30b3156584849fe
Reviewed-on: https://gerrit.libreoffice.org/62273
Tested-by: Jenkins
Reviewed-by: Tomaž Vajngerl <quikee@gmail.com>
-rw-r--r-- | desktop/qa/desktop_lib/test_desktop_lib.cxx | 6 | ||||
-rw-r--r-- | desktop/source/lib/init.cxx | 52 | ||||
-rw-r--r-- | include/LibreOfficeKit/LibreOfficeKit.h | 5 | ||||
-rw-r--r-- | include/LibreOfficeKit/LibreOfficeKit.hxx | 15 | ||||
-rw-r--r-- | offapi/com/sun/star/xml/crypto/XCertificateCreator.idl | 9 | ||||
-rw-r--r-- | xmlsecurity/source/xmlsec/nss/securityenvironment_nssimpl.cxx | 7 | ||||
-rw-r--r-- | xmlsecurity/source/xmlsec/nss/securityenvironment_nssimpl.hxx | 4 |
7 files changed, 92 insertions, 6 deletions
diff --git a/desktop/qa/desktop_lib/test_desktop_lib.cxx b/desktop/qa/desktop_lib/test_desktop_lib.cxx index aeb4f0692c42..a225fb6ad85d 100644 --- a/desktop/qa/desktop_lib/test_desktop_lib.cxx +++ b/desktop/qa/desktop_lib/test_desktop_lib.cxx @@ -2356,11 +2356,11 @@ void DesktopLOKTest::testABI() CPPUNIT_ASSERT_EQUAL(documentClassOffset(40), offsetof(struct _LibreOfficeKitDocumentClass, postWindowExtTextInputEvent)); CPPUNIT_ASSERT_EQUAL(documentClassOffset(41), offsetof(struct _LibreOfficeKitDocumentClass, getPartInfo)); CPPUNIT_ASSERT_EQUAL(documentClassOffset(42), offsetof(struct _LibreOfficeKitDocumentClass, insertCertificate)); - CPPUNIT_ASSERT_EQUAL(documentClassOffset(43), offsetof(struct _LibreOfficeKitDocumentClass, getSignatureState)); - + CPPUNIT_ASSERT_EQUAL(documentClassOffset(43), offsetof(struct _LibreOfficeKitDocumentClass, addCertificate)); + CPPUNIT_ASSERT_EQUAL(documentClassOffset(44), offsetof(struct _LibreOfficeKitDocumentClass, getSignatureState)); // Extending is fine, update this, and add new assert for the offsetof the // new method - CPPUNIT_ASSERT_EQUAL(documentClassOffset(44), sizeof(struct _LibreOfficeKitDocumentClass)); + CPPUNIT_ASSERT_EQUAL(documentClassOffset(45), sizeof(struct _LibreOfficeKitDocumentClass)); } CPPUNIT_TEST_SUITE_REGISTRATION(DesktopLOKTest); diff --git a/desktop/source/lib/init.cxx b/desktop/source/lib/init.cxx index 1119886763ce..040218c1e314 100644 --- a/desktop/source/lib/init.cxx +++ b/desktop/source/lib/init.cxx @@ -696,6 +696,10 @@ static bool doc_insertCertificate(LibreOfficeKitDocument* pThis, const unsigned char* pPrivateKeyBinary, const int nPrivateKeyBinarySize); +static bool doc_addCertificate(LibreOfficeKitDocument* pThis, + const unsigned char* pCertificateBinary, + const int nCertificateBinarySize); + static int doc_getSignatureState(LibreOfficeKitDocument* pThis); LibLODocument_Impl::LibLODocument_Impl(const uno::Reference <css::lang::XComponent> &xComponent) @@ -759,6 +763,7 @@ LibLODocument_Impl::LibLODocument_Impl(const uno::Reference <css::lang::XCompone m_pDocumentClass->getPartInfo = doc_getPartInfo; m_pDocumentClass->insertCertificate = doc_insertCertificate; + m_pDocumentClass->addCertificate = doc_addCertificate; m_pDocumentClass->getSignatureState = doc_getSignatureState; gDocumentClass = m_pDocumentClass; @@ -3653,6 +3658,53 @@ static bool doc_insertCertificate(LibreOfficeKitDocument* pThis, return pObjectShell->SignDocumentContentUsingCertificate(xCertificate); } +static bool doc_addCertificate(LibreOfficeKitDocument* pThis, + const unsigned char* pCertificateBinary, const int nCertificateBinarySize) +{ + if (!xContext.is()) + return false; + + LibLODocument_Impl* pDocument = static_cast<LibLODocument_Impl*>(pThis); + + if (!pDocument->mxComponent.is()) + return false; + + SfxBaseModel* pBaseModel = dynamic_cast<SfxBaseModel*>(pDocument->mxComponent.get()); + if (!pBaseModel) + return false; + + SfxObjectShell* pObjectShell = pBaseModel->GetObjectShell(); + + if (!pObjectShell) + return false; + + uno::Reference<xml::crypto::XSEInitializer> xSEInitializer = xml::crypto::SEInitializer::create(xContext); + uno::Reference<xml::crypto::XXMLSecurityContext> xSecurityContext; + xSecurityContext = xSEInitializer->createSecurityContext(OUString()); + if (!xSecurityContext.is()) + return false; + + uno::Reference<xml::crypto::XSecurityEnvironment> xSecurityEnvironment; + xSecurityEnvironment = xSecurityContext->getSecurityEnvironment(); + uno::Reference<xml::crypto::XCertificateCreator> xCertificateCreator(xSecurityEnvironment, uno::UNO_QUERY); + + if (!xCertificateCreator.is()) + return false; + + uno::Sequence<sal_Int8> aCertificateSequence(nCertificateBinarySize); + std::copy(pCertificateBinary, pCertificateBinary + nCertificateBinarySize, aCertificateSequence.begin()); + + uno::Reference<security::XCertificate> xCertificate; + xCertificate = xCertificateCreator->addDERCertificateToTheDatabase(aCertificateSequence, "TCu,Cu,Tu"); + + if (!xCertificate.is()) + return false; + + SAL_INFO("lok", "Certificate Added = IssuerName: " << xCertificate->getIssuerName() << " SubjectName: " << xCertificate->getSubjectName()); + + return true; +} + static int doc_getSignatureState(LibreOfficeKitDocument* pThis) { LibLODocument_Impl* pDocument = static_cast<LibLODocument_Impl*>(pThis); diff --git a/include/LibreOfficeKit/LibreOfficeKit.h b/include/LibreOfficeKit/LibreOfficeKit.h index 238d93f162db..e052765ac794 100644 --- a/include/LibreOfficeKit/LibreOfficeKit.h +++ b/include/LibreOfficeKit/LibreOfficeKit.h @@ -330,6 +330,11 @@ struct _LibreOfficeKitDocumentClass const unsigned char* pPrivateKeyBinary, const int nPrivateKeyBinarySize); + /// @see lok::Document::addCertificate(). + bool (*addCertificate) (LibreOfficeKitDocument* pThis, + const unsigned char* pCertificateBinary, + const int nCertificateBinarySize); + /// @see lok::Document::getSignatureState(). int (*getSignatureState) (LibreOfficeKitDocument* pThis); diff --git a/include/LibreOfficeKit/LibreOfficeKit.hxx b/include/LibreOfficeKit/LibreOfficeKit.hxx index 829751f2efa9..c238d507c183 100644 --- a/include/LibreOfficeKit/LibreOfficeKit.hxx +++ b/include/LibreOfficeKit/LibreOfficeKit.hxx @@ -586,12 +586,23 @@ public: const unsigned char* pPrivateKeyBinary, const int nPrivateKeyBinarySize) { - return mpDoc->pClass->insertCertificate(mpDoc, - pCertificateBinary, pCertificateBinarySize, + return mpDoc->pClass->insertCertificate(mpDoc, + pCertificateBinary, pCertificateBinarySize, pPrivateKeyBinary, nPrivateKeyBinarySize); } /** + * Add the certificate (in binary form) to the certificate store. + * + */ + bool addCertificate(const unsigned char* pCertificateBinary, + const int pCertificateBinarySize) + { + return mpDoc->pClass->addCertificate(mpDoc, + pCertificateBinary, pCertificateBinarySize); + } + + /** * Verify signature of the document. * * Check possible values in include/sfx2/signaturestate.hxx diff --git a/offapi/com/sun/star/xml/crypto/XCertificateCreator.idl b/offapi/com/sun/star/xml/crypto/XCertificateCreator.idl index 6d920b37715c..3137aa00474b 100644 --- a/offapi/com/sun/star/xml/crypto/XCertificateCreator.idl +++ b/offapi/com/sun/star/xml/crypto/XCertificateCreator.idl @@ -27,13 +27,20 @@ module com { module sun { module star { module xml { module crypto { /** - * Interface for creating certificates + * Interface for creating and adding certificates * * @since LibreOffice 6.2 */ interface XCertificateCreator : com::sun::star::uno::XInterface { /** + * Adds a certificate to the certificate database with the trust provided by the trust string. + */ + com::sun::star::security::XCertificate addDERCertificateToTheDatabase( + [in] sequence<byte> aDerCertificate, + [in] string aTrustString); + + /** * Create certificate from raw DER encoded certificate and associate the private key with the certificate */ com::sun::star::security::XCertificate createDERCertificateWithPrivateKey( diff --git a/xmlsecurity/source/xmlsec/nss/securityenvironment_nssimpl.cxx b/xmlsecurity/source/xmlsec/nss/securityenvironment_nssimpl.cxx index bdf8000d886b..0abcc363dd18 100644 --- a/xmlsecurity/source/xmlsec/nss/securityenvironment_nssimpl.cxx +++ b/xmlsecurity/source/xmlsec/nss/securityenvironment_nssimpl.cxx @@ -909,6 +909,13 @@ uno::Reference<security::XCertificate> SecurityEnvironment_NssImpl::createDERCer return pX509Certificate; } +uno::Reference<security::XCertificate> SecurityEnvironment_NssImpl::addDERCertificateToTheDatabase( + uno::Sequence<sal_Int8> const & raDERCertificate, OUString const & raTrustString) +{ + X509Certificate_NssImpl* pX509Certificate = createAndAddCertificateFromPackage(raDERCertificate, raTrustString); + return pX509Certificate; +} + extern "C" SAL_DLLPUBLIC_EXPORT uno::XInterface* com_sun_star_xml_crypto_SecurityEnvironment_get_implementation( uno::XComponentContext* /*pCtx*/, uno::Sequence<uno::Any> const& /*rSeq*/) diff --git a/xmlsecurity/source/xmlsec/nss/securityenvironment_nssimpl.hxx b/xmlsecurity/source/xmlsec/nss/securityenvironment_nssimpl.hxx index 9829c9129771..2bb563c72627 100644 --- a/xmlsecurity/source/xmlsec/nss/securityenvironment_nssimpl.hxx +++ b/xmlsecurity/source/xmlsec/nss/securityenvironment_nssimpl.hxx @@ -116,6 +116,10 @@ private: virtual css::uno::Reference< css::security::XCertificate > SAL_CALL createCertificateFromAscii( const OUString& asciiCertificate ) override ; // Methods of XCertificateCreator + css::uno::Reference<css::security::XCertificate> SAL_CALL addDERCertificateToTheDatabase( + css::uno::Sequence<sal_Int8> const & raDERCertificate, + OUString const & raTrustString) override; + css::uno::Reference<css::security::XCertificate> SAL_CALL createDERCertificateWithPrivateKey( css::uno::Sequence<sal_Int8> const & raDERCertificate, css::uno::Sequence<sal_Int8> const & raPrivateKey) override; |