diff options
| author | Ivo Hinkelmann <ihi@openoffice.org> | 2009-09-17 13:53:54 +0000 |
|---|---|---|
| committer | Ivo Hinkelmann <ihi@openoffice.org> | 2009-09-17 13:53:54 +0000 |
| commit | 10ab1790956131e93f58090a30417187e6624775 (patch) | |
| tree | be83359068ccc07d91edc8469ceacfabf4ce9f26 | |
| parent | 23e1e999ad0d394a8b295491145c28d46e70f3d1 (diff) | |
CWS-TOOLING: integrate CWS encsig09
2009-09-14 15:11:29 +0200 oc r276125 : #i105049# MacroSignatur needs Macro
2009-09-09 17:09:46 +0200 jl r276005 : #i103989# could not signe encrypted doc containing a formular object
2009-09-09 13:11:24 +0200 jl r275985 : #i103989# could not signe encrypted doc containing a formular object
2009-09-08 15:54:02 +0200 mav r275934 : #i103906# fix the automation test scenario ( tempfile should be writable for the user )
2009-09-07 14:01:39 +0200 mav r275895 : #i103906# fix the problem with reload
2009-09-07 09:34:48 +0200 mav r275871 : #i104786# do the ODF version check only for ODF documents
2009-09-07 08:19:06 +0200 mav r275870 : #i104389# fix text
2009-09-06 22:24:21 +0200 mav r275867 : #i104786# check the consistency of ODF version
2009-09-06 22:23:24 +0200 mav r275866 : #i104786# check the consistency of ODF version
2009-09-06 22:23:00 +0200 mav r275865 : #i104786# check the consistency of ODF version
2009-09-06 22:22:36 +0200 mav r275864 : #i104786# check the consistency of ODF version
2009-09-06 22:22:03 +0200 mav r275863 : #i104786# check the consistency of ODF version
2009-09-02 17:09:30 +0200 mav r275722 : #i104715# let repairing mechanics use the streams correctly
2009-09-01 16:52:49 +0200 mav r275670 : #i104389# notify user not to trust the corrupted document
2009-09-01 16:31:37 +0200 mav r275668 : #i104389# use vnd.sun.star.zip: protocol to access zip files
2009-09-01 16:30:32 +0200 mav r275667 : #i104389# use vnd.sun.star.zip: protocol to access zip files
2009-09-01 16:22:13 +0200 jl r275666 : #i104339# small content change
2009-09-01 14:20:42 +0200 jl r275660 : #i103519# remove some debug output
2009-09-01 13:51:52 +0200 jl r275659 : #i103519# NSS uses '\' for escaping in distinguished names
2009-09-01 12:49:47 +0200 mav r275655 : #i104389# use zip-mode to read from jar files
2009-09-01 12:40:22 +0200 mav r275653 : #i104389# use zip-mode to read from jar files
2009-09-01 12:32:29 +0200 mav r275652 : #i104389# use constants
2009-08-31 21:58:00 +0200 mav r275637 : #i10000# fix warning
2009-08-31 21:11:17 +0200 mav r275636 : #i104227# adding of scripting signature removes the document signature
2009-08-31 20:55:05 +0200 mav r275635 : #i103905# ZipStorage supports Compressed property
2009-08-31 20:53:55 +0200 mav r275634 : #i103905# adjust macro signature transfer to usage of ZipStorage
2009-08-31 15:30:49 +0200 jl r275609 : #i103989# warning is shown as long the user does not click 'OK'
2009-08-31 14:36:10 +0200 jl r275608 : #i103989# changed warning text when signing macro and there is a document signature. This warning is only displayed once
2009-08-31 13:34:41 +0200 mav r275603 : #i104452# disable macros in repaired documents
2009-08-31 13:33:42 +0200 mav r275602 : #i104452# disable macros in repaired documents
2009-08-31 13:03:56 +0200 jl r275600 : #i45212# signature dialog could not be started when using read-only documents
2009-08-31 09:26:13 +0200 mav r275583 : #i104578# store the additional entry as the last one to workaround parsing problem in OOo3.1 and later
2009-08-30 20:54:25 +0200 mav r275562 : #i10000# adopt for unix
2009-08-30 10:56:00 +0200 mav r275561 : CWS-TOOLING: rebase CWS encsig09 to trunk@275331 (milestone: DEV300:m56)
2009-08-28 16:34:00 +0200 mav r275539 : #i104578# write necessary info in manifest.xml for ODF1.2 encrypted document
2009-08-28 14:04:22 +0200 mav r275533 : #104587# fix handling of readonly streams
2009-08-28 13:58:10 +0200 mav r275531 : #i104389# fix the broken document handling
2009-08-28 11:40:39 +0200 mav r275522 : #i104389# fix the signature streams check
2009-08-27 21:48:12 +0200 mav r275509 : #i103927# show the warning
2009-08-27 21:47:48 +0200 mav r275508 : #i103927# show the warning
2009-08-27 16:45:59 +0200 jl r275495 : #i45212# remove unused variable
2009-08-27 16:34:00 +0200 jl r275494 : #i103989#
2009-08-27 13:54:28 +0200 jl r275482 : #i103519# fixed replacement of 'S' by 'ST'
2009-08-27 12:32:21 +0200 mav r275472 : #i10000# fix warning
2009-08-27 11:58:11 +0200 mav r275467 : #i104389# handle the entry path correctly
2009-08-26 17:18:35 +0200 jl r275438 : #i103519# subject and issuer distinguished names were not properly displayed. The strings were obtained by system functions (Windows, NSS), which use quotes to escape the values, when they contain special characters
2009-08-26 11:00:20 +0200 mav r275403 : #i10000# fix warnings
2009-08-26 08:25:45 +0200 mav r275392 : #i10000# fix warning
2009-08-26 08:02:22 +0200 mav r275391 : #i10000# adopt for linux
2009-08-26 07:40:30 +0200 mav r275390 : #i10000# fix warning
2009-08-26 07:35:28 +0200 mav r275389 : #i10000# use correct include file name
2009-08-25 15:01:41 +0200 jl r275356 : #i103989# better check for mimetype of streams
2009-08-25 09:07:09 +0200 mav r275335 : CWS-TOOLING: rebase CWS encsig09 to trunk@274622 (milestone: DEV300:m54)
2009-08-24 18:17:02 +0200 mav r275329 : #i103927# check the nonencrypted streams
2009-08-24 18:14:14 +0200 mav r275328 : #i103927# check the nonencrypted streams
2009-08-24 17:59:34 +0200 mav r275327 : #i103927#,#i104389# check the package consistency and nonencrypted streams
2009-08-24 16:18:28 +0200 jl r275323 : #i103989# added comment
2009-08-24 13:08:47 +0200 jl r275305 : #i45212# #i66276# only write the X509Certificate element once and allow to add remove several certificates at a time
2009-08-21 12:57:28 +0200 ufi r275239 : 104339
2009-08-21 08:39:05 +0200 jl r275213 : #i10398# comparing URIs of signed files with the 'element list'
2009-08-20 13:39:47 +0200 jl r275178 : #i10398# displaying 'new partially signed' status in the status bar
2009-08-20 13:35:39 +0200 jl r275177 : #i10398# displaying 'new partially signed' status in the status bar
2009-08-20 13:29:06 +0200 jl r275176 : #i10398# displaying 'new partially signed' status in the status bar
2009-08-20 13:26:21 +0200 jl r275175 : #i10398# displaying 'new partially signed' status in the status bar
2009-08-20 12:05:09 +0200 ufi r275170 : i104339
2009-08-19 12:24:54 +0200 jl r275146 : #i10398# displaying 'old signature' icon and status in signature dialog
2009-08-18 15:18:48 +0200 jl r275111 : #i103989# document signatures containing manifest.xml are now validated according to the final ODF1.2 spec
2009-08-18 11:41:06 +0200 mav r275087 : #i103927# detect if encrypted ODF1.2 document contains nonencrypted streams
2009-08-18 11:35:13 +0200 mav r275085 : #i103927# detect if encrypted ODF1.2 document contains nonencrypted streams
2009-08-14 17:32:41 +0200 jl r274999 : #i103989# using c14n tranformation for XML streams
2009-08-14 15:27:43 +0200 jl r274987 : #i103989# remove special handling for encrypted document streams in UriBindingHelper::OpenInputStream, since we use zip storage this is not necessary anymore
2009-08-14 15:08:10 +0200 jl r274983 : #i103989# Showing a message when adding or removing a macro signature, that the document signature will be removed
2009-08-14 14:57:27 +0200 jl r274982 : #i103989# accesing Sequence at invalid index
2009-08-11 08:55:02 +0200 mav r274846 : #i103905# let signing service know if there is already a valid document signature
2009-08-10 11:33:37 +0200 jl r274799 : #i103905# do not truncate the stream
2009-08-10 10:43:47 +0200 mav r274797 : #i103905# provide the storage version
2009-08-07 16:58:46 +0200 jl r274780 : #i103989#
2009-08-07 16:56:19 +0200 jl r274779 : #i103989# using odf version string etc.
2009-08-07 15:20:53 +0200 mav r274771 : #i103905# provide the storage version
2009-08-07 15:19:12 +0200 mav r274770 : #i103905# provide the storage version
2009-08-07 12:41:45 +0200 mav r274758 : #103930# do not store thumbnail in case of encrypted document
2009-08-07 12:36:52 +0200 mav r274757 : #i103905# provide the storage version
2009-08-07 12:15:54 +0200 mav r274754 : #i103760# the signed state is not lost on saving
2009-08-07 12:06:19 +0200 mav r274753 : #i103760# avoid warning regarding signature removal on export
2009-08-07 12:06:01 +0200 mav r274752 : #i103760# avoid warning regarding signature removal on export
2009-08-06 08:47:34 +0200 mav r274703 : #i103905# allow to transport ODF version to the signing component
2009-08-05 21:34:42 +0200 mav r274701 : #i103905# allow to transport ODF version to the signing component
2009-08-05 15:48:17 +0200 mav r274683 : #i103905# allow to transport ODF version to the signing component
2009-08-05 14:58:12 +0200 jl r274673 : #i103989# documentsignature now signes all streams except documentsignatures.xml, all streams are processed as binary files
2009-08-05 12:00:32 +0200 mav r274648 : #i103905# allow to transport ODF version to the signing component
2009-08-04 10:57:04 +0200 jl r274612 : #i103989# added XInitialization
2009-07-31 10:32:27 +0200 mav r274516 : #i103905# use zip storage to sign documents
2009-07-30 14:01:33 +0200 mav r274489 : #i103906# optimize the usage of temporary medium
2009-07-30 14:00:28 +0200 mav r274488 : #i103906# optimize the usage of temporary medium
2009-07-30 13:59:09 +0200 mav r274487 : #i103906# optimize the usage of temporary medium
2009-07-30 13:50:44 +0200 mav r274485 : #i103906# optimize the usage of temporary medium
2009-07-30 13:49:53 +0200 mav r274484 : #i103906# optimize the usage of temporary medium
2009-07-30 13:49:13 +0200 mav r274483 : #i103906# optimize the usage of temporary medium
2009-07-30 13:47:09 +0200 mav r274482 : #i103905#,#i103906# let the signing process use zip-storage; optimize the usage of temporary medium
2009-07-21 09:10:31 +0200 mav r274159 : CWS-TOOLING: rebase CWS encsig09 to trunk@273468 (milestone: DEV300:m51)
2009-05-05 08:39:01 +0200 mav r271496 : #i100832# allow to sign macros only when there are any
34 files changed, 1776 insertions, 857 deletions
diff --git a/package/inc/ZipEntry.hxx b/package/inc/ZipEntry.hxx index aa311cc14ae9..eed7a7a7cff5 100644 --- a/package/inc/ZipEntry.hxx +++ b/package/inc/ZipEntry.hxx @@ -42,8 +42,8 @@ struct ZipEntry sal_Int32 nCompressedSize; sal_Int32 nSize; sal_Int32 nOffset; - sal_Int16 nNameLen; + sal_Int16 nPathLen; sal_Int16 nExtraLen; - ::rtl::OUString sName; + ::rtl::OUString sPath; }; #endif diff --git a/package/inc/ZipFile.hxx b/package/inc/ZipFile.hxx index aaabda3181f0..a954a1691c4b 100644 --- a/package/inc/ZipFile.hxx +++ b/package/inc/ZipFile.hxx @@ -65,7 +65,6 @@ class EncryptionData; class ZipFile { protected: - ::rtl::OUString sName; /* zip file name */ ::rtl::OUString sComment; /* zip file comment */ EntryHash aEntries; ByteGrabber aGrabber; diff --git a/package/inc/ZipPackage.hxx b/package/inc/ZipPackage.hxx index b733171edc4b..0549c06b6bb7 100644 --- a/package/inc/ZipPackage.hxx +++ b/package/inc/ZipPackage.hxx @@ -86,27 +86,28 @@ class ZipPackage : public cppu::WeakImplHelper7 protected: SotMutexHolderRef m_aMutexHolder; - ::com::sun::star::uno::Sequence < sal_Int8 > aEncryptionKey; - FolderHash aRecent; - ::rtl::OUString sURL; - sal_Bool bHasEncryptedEntries; - sal_Bool bUseManifest; - sal_Bool bForceRecovery; + ::com::sun::star::uno::Sequence < sal_Int8 > m_aEncryptionKey; + FolderHash m_aRecent; + ::rtl::OUString m_aURL; + sal_Bool m_bHasEncryptedEntries; + sal_Bool m_bHasNonEncryptedEntries; + sal_Bool m_bUseManifest; + sal_Bool m_bForceRecovery; sal_Bool m_bMediaTypeFallbackUsed; sal_Int16 m_nFormat; sal_Bool m_bAllowRemoveOnInsert; - InitialisationMode eMode; + InitialisationMode m_eMode; - ::com::sun::star::uno::Reference < com::sun::star::container::XNameContainer > xRootFolder; - ::com::sun::star::uno::Reference < com::sun::star::io::XStream > xStream; - ::com::sun::star::uno::Reference < com::sun::star::io::XInputStream > xContentStream; - ::com::sun::star::uno::Reference < com::sun::star::io::XSeekable > xContentSeek; - const ::com::sun::star::uno::Reference < com::sun::star::lang::XMultiServiceFactory > xFactory; + ::com::sun::star::uno::Reference < com::sun::star::container::XNameContainer > m_xRootFolder; + ::com::sun::star::uno::Reference < com::sun::star::io::XStream > m_xStream; + ::com::sun::star::uno::Reference < com::sun::star::io::XInputStream > m_xContentStream; + ::com::sun::star::uno::Reference < com::sun::star::io::XSeekable > m_xContentSeek; + const ::com::sun::star::uno::Reference < com::sun::star::lang::XMultiServiceFactory > m_xFactory; - ZipPackageFolder *pRootFolder; - ZipFile *pZipFile; + ZipPackageFolder *m_pRootFolder; + ZipFile *m_pZipFile; void parseManifest(); void parseContentType(); @@ -124,8 +125,8 @@ protected: public: ZipPackage (const ::com::sun::star::uno::Reference < com::sun::star::lang::XMultiServiceFactory > &xNewFactory); virtual ~ZipPackage( void ); - ZipFile& getZipFile() { return *pZipFile;} - const com::sun::star::uno::Sequence < sal_Int8 > & getEncryptionKey ( ) {return aEncryptionKey;} + ZipFile& getZipFile() { return *m_pZipFile;} + const com::sun::star::uno::Sequence < sal_Int8 > & getEncryptionKey ( ) {return m_aEncryptionKey;} sal_Int16 getFormat() const { return m_nFormat; } SotMutexHolderRef GetSharedMutexRef() { return m_aMutexHolder; } diff --git a/package/inc/ZipPackageFolder.hxx b/package/inc/ZipPackageFolder.hxx index dfe72a6975b9..1edbae7f5d3d 100644 --- a/package/inc/ZipPackageFolder.hxx +++ b/package/inc/ZipPackageFolder.hxx @@ -74,6 +74,8 @@ public: ::rtl::OUString& GetVersion() { return m_sVersion; } void SetVersion( const ::rtl::OUString& aVersion ) { m_sVersion = aVersion; } + sal_Bool LookForUnexpectedODF12Streams( const ::rtl::OUString& aPath ); + void setChildStreamsTypeByExtension( const ::com::sun::star::beans::StringPair& aPair ); void doInsertByName ( ZipPackageEntry *pEntry, sal_Bool bSetParent ) diff --git a/package/source/manifest/ManifestDefines.hxx b/package/source/manifest/ManifestDefines.hxx index 78d262358a0f..e64c650a386c 100644 --- a/package/source/manifest/ManifestDefines.hxx +++ b/package/source/manifest/ManifestDefines.hxx @@ -54,10 +54,17 @@ #define ATTRIBUTE_ALGORITHM_NAME "manifest:algorithm-name" #define ATTRIBUTE_INITIALISATION_VECTOR "manifest:initialisation-vector" +#define ELEMENT_START_KEY_GENERATION "manifest:start-key-generation" +#define ATTRIBUTE_START_KEY_GENERATION_NAME "manifest:start-key-generation-name" +#define ALGORITHM_SHA1 "SHA1" +#define ATTRIBUTE_KEY_SIZE "manifest:key-size" +#define START_KEY_SIZE "20" + #define ELEMENT_KEY_DERIVATION "manifest:key-derivation" #define ATTRIBUTE_KEY_DERIVATION_NAME "manifest:key-derivation-name" #define ATTRIBUTE_SALT "manifest:salt" #define ATTRIBUTE_ITERATION_COUNT "manifest:iteration-count" #define CHECKSUM_TYPE "SHA1/1K" +#define DERIVED_KEY_SIZE "16" #endif diff --git a/package/source/manifest/ManifestExport.cxx b/package/source/manifest/ManifestExport.cxx index 6ca9972cf729..4ae1785a0d8b 100644 --- a/package/source/manifest/ManifestExport.cxx +++ b/package/source/manifest/ManifestExport.cxx @@ -61,6 +61,7 @@ ManifestExport::ManifestExport(Reference < XDocumentHandler > xHandler, const S const OUString sManifestElement ( RTL_CONSTASCII_USTRINGPARAM ( ELEMENT_MANIFEST ) ); const OUString sEncryptionDataElement( RTL_CONSTASCII_USTRINGPARAM ( ELEMENT_ENCRYPTION_DATA ) ); const OUString sAlgorithmElement ( RTL_CONSTASCII_USTRINGPARAM ( ELEMENT_ALGORITHM ) ); + const OUString sStartKeyGenerationElement ( RTL_CONSTASCII_USTRINGPARAM ( ELEMENT_START_KEY_GENERATION ) ); const OUString sKeyDerivationElement( RTL_CONSTASCII_USTRINGPARAM ( ELEMENT_KEY_DERIVATION ) ); const OUString sCdataAttribute ( RTL_CONSTASCII_USTRINGPARAM ( ATTRIBUTE_CDATA ) ); @@ -68,10 +69,12 @@ ManifestExport::ManifestExport(Reference < XDocumentHandler > xHandler, const S const OUString sVersionAttribute ( RTL_CONSTASCII_USTRINGPARAM ( ATTRIBUTE_VERSION ) ); const OUString sFullPathAttribute ( RTL_CONSTASCII_USTRINGPARAM ( ATTRIBUTE_FULL_PATH ) ); const OUString sSizeAttribute ( RTL_CONSTASCII_USTRINGPARAM ( ATTRIBUTE_SIZE ) ); + const OUString sKeySizeAttribute ( RTL_CONSTASCII_USTRINGPARAM ( ATTRIBUTE_KEY_SIZE ) ); const OUString sSaltAttribute ( RTL_CONSTASCII_USTRINGPARAM ( ATTRIBUTE_SALT ) ); const OUString sInitialisationVectorAttribute ( RTL_CONSTASCII_USTRINGPARAM ( ATTRIBUTE_INITIALISATION_VECTOR ) ); const OUString sIterationCountAttribute ( RTL_CONSTASCII_USTRINGPARAM ( ATTRIBUTE_ITERATION_COUNT ) ); const OUString sAlgorithmNameAttribute ( RTL_CONSTASCII_USTRINGPARAM ( ATTRIBUTE_ALGORITHM_NAME ) ); + const OUString sStartKeyGenerationNameAttribute ( RTL_CONSTASCII_USTRINGPARAM ( ATTRIBUTE_START_KEY_GENERATION_NAME ) ); const OUString sKeyDerivationNameAttribute ( RTL_CONSTASCII_USTRINGPARAM ( ATTRIBUTE_KEY_DERIVATION_NAME ) ); const OUString sChecksumTypeAttribute ( RTL_CONSTASCII_USTRINGPARAM ( ATTRIBUTE_CHECKSUM_TYPE ) ); const OUString sChecksumAttribute ( RTL_CONSTASCII_USTRINGPARAM ( ATTRIBUTE_CHECKSUM) ); @@ -89,6 +92,9 @@ ManifestExport::ManifestExport(Reference < XDocumentHandler > xHandler, const S const OUString sBlowfish ( RTL_CONSTASCII_USTRINGPARAM ( "Blowfish CFB" ) ); const OUString sPBKDF2 ( RTL_CONSTASCII_USTRINGPARAM ( "PBKDF2" ) ); const OUString sChecksumType ( RTL_CONSTASCII_USTRINGPARAM ( CHECKSUM_TYPE ) ); + const OUString sStartKeySize ( RTL_CONSTASCII_USTRINGPARAM ( START_KEY_SIZE ) ); + const OUString sDerivedKeySize ( RTL_CONSTASCII_USTRINGPARAM ( DERIVED_KEY_SIZE ) ); + const OUString sSHA1 ( RTL_CONSTASCII_USTRINGPARAM ( ALGORITHM_SHA1 ) ); ::comphelper::AttributeList * pRootAttrList = new ::comphelper::AttributeList; const Sequence < PropertyValue > *pSequence = rManList.getConstArray(); @@ -96,15 +102,16 @@ ManifestExport::ManifestExport(Reference < XDocumentHandler > xHandler, const S // find the mediatype of the document if any OUString aDocMediaType; + OUString aDocVersion; for (sal_uInt32 nInd = 0; nInd < nManLength ; nInd++ ) { OUString aMediaType; OUString aPath; + OUString aVersion; const PropertyValue *pValue = pSequence[nInd].getConstArray(); for (sal_uInt32 j = 0, nNum = pSequence[nInd].getLength(); j < nNum; j++, pValue++) { - if (pValue->Name.equals (sMediaTypeProperty) ) { pValue->Value >>= aMediaType; @@ -113,20 +120,26 @@ ManifestExport::ManifestExport(Reference < XDocumentHandler > xHandler, const S { pValue->Value >>= aPath; } + else if (pValue->Name.equals (sVersionProperty) ) + { + pValue->Value >>= aVersion; + } - if ( aPath.getLength() && aMediaType.getLength() ) + if ( aPath.getLength() && aMediaType.getLength() && aVersion.getLength() ) break; } if ( aPath.equals( OUString( RTL_CONSTASCII_USTRINGPARAM( "/" ) ) ) ) { aDocMediaType = aMediaType; + aDocVersion = aVersion; break; } } sal_Bool bProvideDTD = sal_False; sal_Bool bAcceptNonemptyVersion = sal_False; + sal_Bool bStoreStartKeyGeneration = sal_False; if ( aDocMediaType.getLength() ) { if ( aDocMediaType.equals( OUString( RTL_CONSTASCII_USTRINGPARAM( MIMETYPE_OASIS_OPENDOCUMENT_TEXT_ASCII ) ) ) @@ -152,6 +165,11 @@ ManifestExport::ManifestExport(Reference < XDocumentHandler > xHandler, const S sCdataAttribute, OUString( RTL_CONSTASCII_USTRINGPARAM ( MANIFEST_OASIS_NAMESPACE ) ) ); bAcceptNonemptyVersion = sal_True; + if ( aDocVersion.compareTo( ODFVER_012_TEXT ) >= 0 ) + { + // this is ODF12 generation, let encrypted streams contain start-key-generation entry + bStoreStartKeyGeneration = sal_True; + } } else { @@ -224,6 +242,7 @@ ManifestExport::ManifestExport(Reference < XDocumentHandler > xHandler, const S xHandler->startElement( sFileEntryElement , xAttrList); if ( pVector && pSalt && pIterationCount ) { + // ==== Encryption Data ::comphelper::AttributeList * pNewAttrList = new ::comphelper::AttributeList; Reference < XAttributeList > xNewAttrList (pNewAttrList); OUStringBuffer aBuffer; @@ -239,6 +258,7 @@ ManifestExport::ManifestExport(Reference < XDocumentHandler > xHandler, const S } xHandler->startElement( sEncryptionDataElement , xNewAttrList); + // ==== Algorithm pNewAttrList = new ::comphelper::AttributeList; xNewAttrList = pNewAttrList; @@ -253,11 +273,15 @@ ManifestExport::ManifestExport(Reference < XDocumentHandler > xHandler, const S xHandler->ignorableWhitespace ( sWhiteSpace ); xHandler->endElement( sAlgorithmElement ); + // ==== Key Derivation pNewAttrList = new ::comphelper::AttributeList; xNewAttrList = pNewAttrList; pNewAttrList->AddAttribute ( sKeyDerivationNameAttribute, sCdataAttribute, sPBKDF2 ); + if ( bStoreStartKeyGeneration ) + pNewAttrList->AddAttribute ( sKeySizeAttribute, sCdataAttribute, sDerivedKeySize ); + sal_Int32 nCount = 0; pIterationCount->Value >>= nCount; aBuffer.append (nCount); @@ -271,6 +295,25 @@ ManifestExport::ManifestExport(Reference < XDocumentHandler > xHandler, const S xHandler->startElement( sKeyDerivationElement , xNewAttrList); xHandler->ignorableWhitespace ( sWhiteSpace ); xHandler->endElement( sKeyDerivationElement ); + + // we have to store start-key-generation element as the last one to workaround the parsing problem + // in OOo3.1 and older versions + if ( bStoreStartKeyGeneration ) + { + // ==== Start Key Generation + pNewAttrList = new ::comphelper::AttributeList; + xNewAttrList = pNewAttrList; + + // currently SHA1 is used to generate 20-bytes start key + pNewAttrList->AddAttribute ( sStartKeyGenerationNameAttribute, sCdataAttribute, sSHA1 ); + pNewAttrList->AddAttribute ( sKeySizeAttribute, sCdataAttribute, sStartKeySize ); + + xHandler->ignorableWhitespace ( sWhiteSpace ); + xHandler->startElement( sStartKeyGenerationElement , xNewAttrList); + xHandler->ignorableWhitespace ( sWhiteSpace ); + xHandler->endElement( sStartKeyGenerationElement ); + } + xHandler->ignorableWhitespace ( sWhiteSpace ); xHandler->endElement( sEncryptionDataElement ); } diff --git a/package/source/xstor/owriteablestream.cxx b/package/source/xstor/owriteablestream.cxx index 2b63d452a5bb..67e71baf8533 100644 --- a/package/source/xstor/owriteablestream.cxx +++ b/package/source/xstor/owriteablestream.cxx @@ -3171,7 +3171,7 @@ void SAL_CALL OWriteStream::setPropertyValue( const ::rtl::OUString& aPropertyNa m_pImpl->m_aProps[nInd].Value <<= bCompressedValueFromType; } } - else if ( m_pData->m_nStorageType == PACKAGE_STORAGE && aPropertyName.equalsAscii( "Compressed" ) ) + else if ( aPropertyName.equals( aCompressedString ) ) { // if the "Compressed" property is not set explicitly, the MediaType can change the default value m_pImpl->m_bCompressedSetExplicit = sal_True; @@ -3206,8 +3206,7 @@ void SAL_CALL OWriteStream::setPropertyValue( const ::rtl::OUString& aPropertyNa else throw lang::IllegalArgumentException(); //TODO } - else if ( m_pData->m_nStorageType == OFOPXML_STORAGE - && ( aPropertyName.equalsAscii( "MediaType" ) || aPropertyName.equalsAscii( "Compressed" ) ) ) + else if ( m_pData->m_nStorageType == OFOPXML_STORAGE && aPropertyName.equals( aMediaTypeString ) ) { for ( sal_Int32 nInd = 0; nInd < m_pImpl->m_aProps.getLength(); nInd++ ) { diff --git a/package/source/xstor/xstorage.cxx b/package/source/xstor/xstorage.cxx index b49fbd67b98d..4d0af7bb7619 100644 --- a/package/source/xstor/xstorage.cxx +++ b/package/source/xstor/xstorage.cxx @@ -3224,7 +3224,7 @@ sal_Bool SAL_CALL OStorage::isStreamElement( const ::rtl::OUString& aElementName m_pImpl->AddLog( ::rtl::OUString( RTL_CONSTASCII_USTRINGPARAM( OSL_LOG_PREFIX "Rethrow" ) ) ); uno::Any aCaught( ::cppu::getCaughtException() ); - throw embed::StorageWrappedTargetException( ::rtl::OUString( RTL_CONSTASCII_USTRINGPARAM( OSL_LOG_PREFIX "Can't detect whether it is a stream!" ) ), + throw lang::WrappedTargetRuntimeException( ::rtl::OUString( RTL_CONSTASCII_USTRINGPARAM( OSL_LOG_PREFIX "Can't detect whether it is a stream!" ) ), uno::Reference< io::XInputStream >(), aCaught ); } @@ -3293,7 +3293,7 @@ sal_Bool SAL_CALL OStorage::isStorageElement( const ::rtl::OUString& aElementNam m_pImpl->AddLog( ::rtl::OUString( RTL_CONSTASCII_USTRINGPARAM( OSL_LOG_PREFIX "Rethrow" ) ) ); uno::Any aCaught( ::cppu::getCaughtException() ); - throw embed::StorageWrappedTargetException( ::rtl::OUString( RTL_CONSTASCII_USTRINGPARAM( OSL_LOG_PREFIX "Can't detect whether it is a storage" ) ), + throw lang::WrappedTargetRuntimeException( ::rtl::OUString( RTL_CONSTASCII_USTRINGPARAM( OSL_LOG_PREFIX "can't detect whether it is a storage" ) ), uno::Reference< io::XInputStream >(), aCaught ); } @@ -4804,6 +4804,7 @@ void SAL_CALL OStorage::setPropertyValue( const ::rtl::OUString& aPropertyName, m_pImpl->m_bIsModified = sal_True; } else if ( m_pData->m_bIsRoot && ( aPropertyName.equalsAscii( "HasEncryptedEntries" ) + || aPropertyName.equalsAscii( "HasNonEncryptedEntries" ) || aPropertyName.equalsAscii( "URL" ) || aPropertyName.equalsAscii( "RepairPackage" ) ) || aPropertyName.equalsAscii( "IsRoot" ) @@ -4937,7 +4938,8 @@ uno::Any SAL_CALL OStorage::getPropertyValue( const ::rtl::OUString& aPropertyNa return uno::makeAny( sal_False ); // RepairPackage } - else if ( m_pData->m_nStorageType == PACKAGE_STORAGE && aPropertyName.equalsAscii( "HasEncryptedEntries" ) ) + else if ( m_pData->m_nStorageType == PACKAGE_STORAGE + && ( aPropertyName.equalsAscii( "HasEncryptedEntries" ) || aPropertyName.equalsAscii( "HasNonEncryptedEntries" ) ) ) { try { m_pImpl->ReadContents(); diff --git a/package/source/zipapi/ZipFile.cxx b/package/source/zipapi/ZipFile.cxx index 936ab2acd1bc..246cbd889015 100644 --- a/package/source/zipapi/ZipFile.cxx +++ b/package/source/zipapi/ZipFile.cxx @@ -608,7 +608,7 @@ sal_Bool ZipFile::readLOC( ZipEntry &rEntry ) throw(IOException, ZipException, RuntimeException) { sal_Int32 nTestSig, nTime, nCRC, nSize, nCompressedSize; - sal_Int16 nVersion, nFlag, nHow, nNameLen, nExtraLen; + sal_Int16 nVersion, nFlag, nHow, nPathLen, nExtraLen; sal_Int32 nPos = -rEntry.nOffset; aGrabber.seek(nPos); @@ -623,18 +623,32 @@ sal_Bool ZipFile::readLOC( ZipEntry &rEntry ) aGrabber >> nCRC; aGrabber >> nCompressedSize; aGrabber >> nSize; - aGrabber >> nNameLen; + aGrabber >> nPathLen; aGrabber >> nExtraLen; - rEntry.nOffset = static_cast < sal_Int32 > (aGrabber.getPosition()) + nNameLen + nExtraLen; + rEntry.nOffset = static_cast < sal_Int32 > (aGrabber.getPosition()) + nPathLen + nExtraLen; - if ( rEntry.nNameLen == -1 ) // the file was created - rEntry.nNameLen = nNameLen; + // read always in UTF8, some tools seem not to set UTF8 bit + uno::Sequence < sal_Int8 > aNameBuffer( nPathLen ); + sal_Int32 nRead = aGrabber.readBytes( aNameBuffer, nPathLen ); + if ( nRead < aNameBuffer.getLength() ) + aNameBuffer.realloc( nRead ); + + ::rtl::OUString sLOCPath = rtl::OUString::intern( (sal_Char *) aNameBuffer.getArray(), + aNameBuffer.getLength(), + RTL_TEXTENCODING_UTF8 ); + + if ( rEntry.nPathLen == -1 ) // the file was created + { + rEntry.nPathLen = nPathLen; + rEntry.sPath = sLOCPath; + } // the method can be reset for internal use so it is not checked sal_Bool bBroken = rEntry.nVersion != nVersion || rEntry.nFlag != nFlag || rEntry.nTime != nTime - || rEntry.nNameLen != nNameLen; + || rEntry.nPathLen != nPathLen + || !rEntry.sPath.equals( sLOCPath ); if ( bBroken && !bRecoveryMode ) throw ZipIOException( OUString( RTL_CONSTASCII_USTRINGPARAM( "The stream seems to be broken!" ) ), @@ -749,7 +763,7 @@ sal_Int32 ZipFile::readCEN() aMemGrabber >> aEntry.nCrc; aMemGrabber >> aEntry.nCompressedSize; aMemGrabber >> aEntry.nSize; - aMemGrabber >> aEntry.nNameLen; + aMemGrabber >> aEntry.nPathLen; aMemGrabber >> aEntry.nExtraLen; aMemGrabber >> nCommentLen; aMemGrabber.skipBytes ( 8 ); @@ -758,7 +772,7 @@ sal_Int32 ZipFile::readCEN() aEntry.nOffset += nLocPos; aEntry.nOffset *= -1; - if ( aEntry.nNameLen < 0 || aEntry.nNameLen > ZIP_MAXNAMELEN ) + if ( aEntry.nPathLen < 0 || aEntry.nPathLen > ZIP_MAXNAMELEN ) throw ZipException( OUString( RTL_CONSTASCII_USTRINGPARAM ( "name length exceeds ZIP_MAXNAMELEN bytes" ) ), Reference < XInterface > () ); if ( nCommentLen < 0 || nCommentLen > ZIP_MAXNAMELEN ) @@ -768,15 +782,15 @@ sal_Int32 ZipFile::readCEN() throw ZipException( OUString( RTL_CONSTASCII_USTRINGPARAM ( "extra header info exceeds ZIP_MAXEXTRA bytes") ), Reference < XInterface > () ); // read always in UTF8, some tools seem not to set UTF8 bit - aEntry.sName = rtl::OUString::intern ( (sal_Char *) aMemGrabber.getCurrentPos(), - aEntry.nNameLen, + aEntry.sPath = rtl::OUString::intern ( (sal_Char *) aMemGrabber.getCurrentPos(), + aEntry.nPathLen, RTL_TEXTENCODING_UTF8 ); - if ( !::comphelper::OStorageHelper::IsValidZipEntryFileName( aEntry.sName, sal_True ) ) + if ( !::comphelper::OStorageHelper::IsValidZipEntryFileName( aEntry.sPath, sal_True ) ) throw ZipException( OUString( RTL_CONSTASCII_USTRINGPARAM ( "Zip entry has an invalid name.") ), Reference < XInterface > () ); - aMemGrabber.skipBytes( aEntry.nNameLen + aEntry.nExtraLen + nCommentLen ); - aEntries[aEntry.sName] = aEntry; + aMemGrabber.skipBytes( aEntry.nPathLen + aEntry.nExtraLen + nCommentLen ); + aEntries[aEntry.sPath] = aEntry; } if (nCount != nTotal) @@ -830,7 +844,7 @@ sal_Int32 ZipFile::recover() aMemGrabber >> aEntry.nCrc; aMemGrabber >> aEntry.nCompressedSize; aMemGrabber >> aEntry.nSize; - aMemGrabber >> aEntry.nNameLen; + aMemGrabber >> aEntry.nPathLen; aMemGrabber >> aEntry.nExtraLen; sal_Int32 nDescrLength = @@ -842,32 +856,32 @@ sal_Int32 ZipFile::recover() // For OOo2.0 the whole package must be switched to unsigned values if ( aEntry.nCompressedSize < 0 ) aEntry.nCompressedSize = 0x7FFFFFFF; if ( aEntry.nSize < 0 ) aEntry.nSize = 0x7FFFFFFF; - if ( aEntry.nNameLen < 0 ) aEntry.nNameLen = 0x7FFF; + if ( aEntry.nPathLen < 0 ) aEntry.nPathLen = 0x7FFF; if ( aEntry.nExtraLen < 0 ) aEntry.nExtraLen = 0x7FFF; // End of quick fix - sal_Int32 nBlockLength = aEntry.nSize + aEntry.nNameLen + aEntry.nExtraLen + 30 + nDescrLength; - if ( aEntry.nNameLen <= ZIP_MAXNAMELEN && aEntry.nExtraLen < ZIP_MAXEXTRA + sal_Int32 nBlockLength = aEntry.nSize + aEntry.nPathLen + aEntry.nExtraLen + 30 + nDescrLength; + if ( aEntry.nPathLen <= ZIP_MAXNAMELEN && aEntry.nExtraLen < ZIP_MAXEXTRA && ( nGenPos + nPos + nBlockLength ) <= nLength ) { // read always in UTF8, some tools seem not to set UTF8 bit - if( nPos + 30 + aEntry.nNameLen <= nBufSize ) - aEntry.sName = OUString ( (sal_Char *) &pBuffer[nPos + 30], - aEntry.nNameLen, + if( nPos + 30 + aEntry.nPathLen <= nBufSize ) + aEntry.sPath = OUString ( (sal_Char *) &pBuffer[nPos + 30], + aEntry.nPathLen, RTL_TEXTENCODING_UTF8 ); else { Sequence < sal_Int8 > aFileName; aGrabber.seek( nGenPos + nPos + 30 ); - aGrabber.readBytes( aFileName, aEntry.nNameLen ); - aEntry.sName = OUString ( (sal_Char *) aFileName.getArray(), + aGrabber.readBytes( aFileName, aEntry.nPathLen ); + aEntry.sPath = OUString ( (sal_Char *) aFileName.getArray(), aFileName.getLength(), RTL_TEXTENCODING_UTF8 ); - aEntry.nNameLen = static_cast< sal_Int16 >(aFileName.getLength()); + aEntry.nPathLen = static_cast< sal_Int16 >(aFileName.getLength()); } - aEntry.nOffset = nGenPos + nPos + 30 + aEntry.nNameLen + aEntry.nExtraLen; + aEntry.nOffset = nGenPos + nPos + 30 + aEntry.nPathLen + aEntry.nExtraLen; if ( ( aEntry.nSize || aEntry.nCompressedSize ) && !checkSizeAndCRC( aEntry ) ) { @@ -876,8 +890,8 @@ sal_Int32 ZipFile::recover() aEntry.nSize = 0; } - if ( aEntries.find( aEntry.sName ) == aEntries.end() ) - aEntries[aEntry.sName] = aEntry; + if ( aEntries.find( aEntry.sPath ) == aEntries.end() ) + aEntries[aEntry.sPath] = aEntry; } } } diff --git a/package/source/zipapi/ZipOutputStream.cxx b/package/source/zipapi/ZipOutputStream.cxx index 65e8369e9095..1faa37176271 100644 --- a/package/source/zipapi/ZipOutputStream.cxx +++ b/package/source/zipapi/ZipOutputStream.cxx @@ -295,10 +295,10 @@ void ZipOutputStream::writeEND(sal_uInt32 nOffset, sal_uInt32 nLength) void ZipOutputStream::writeCEN( const ZipEntry &rEntry ) throw(IOException, RuntimeException) { - if ( !::comphelper::OStorageHelper::IsValidZipEntryFileName( rEntry.sName, sal_True ) ) + if ( !::comphelper::OStorageHelper::IsValidZipEntryFileName( rEntry.sPath, sal_True ) ) throw IOException( ::rtl::OUString( RTL_CONSTASCII_USTRINGPARAM( "Unexpected character is used in file name." ) ), Reference< XInterface >() ); - ::rtl::OString sUTF8Name = ::rtl::OUStringToOString( rEntry.sName, RTL_TEXTENCODING_UTF8 ); + ::rtl::OString sUTF8Name = ::rtl::OUStringToOString( rEntry.sPath, RTL_TEXTENCODING_UTF8 ); sal_Int16 nNameLength = static_cast < sal_Int16 > ( sUTF8Name.getLength() ); aChucker << CENSIG; @@ -344,10 +344,10 @@ void ZipOutputStream::writeEXT( const ZipEntry &rEntry ) sal_Int32 ZipOutputStream::writeLOC( const ZipEntry &rEntry ) throw(IOException, RuntimeException) { - if ( !::comphelper::OStorageHelper::IsValidZipEntryFileName( rEntry.sName, sal_True ) ) + if ( !::comphelper::OStorageHelper::IsValidZipEntryFileName( rEntry.sPath, sal_True ) ) throw IOException( ::rtl::OUString( RTL_CONSTASCII_USTRINGPARAM( "Unexpected character is used in file name." ) ), Reference< XInterface >() ); - ::rtl::OString sUTF8Name = ::rtl::OUStringToOString( rEntry.sName, RTL_TEXTENCODING_UTF8 ); + ::rtl::OString sUTF8Name = ::rtl::OUStringToOString( rEntry.sPath, RTL_TEXTENCODING_UTF8 ); sal_Int16 nNameLength = static_cast < sal_Int16 > ( sUTF8Name.getLength() ); aChucker << LOCSIG; diff --git a/package/source/zippackage/ZipPackage.cxx b/package/source/zippackage/ZipPackage.cxx index a8c3d20be274..b95711778e77 100644 --- a/package/source/zippackage/ZipPackage.cxx +++ b/package/source/zippackage/ZipPackage.cxx @@ -199,39 +199,40 @@ class DummyInputStream : public ::cppu::WeakImplHelper1< XInputStream > ZipPackage::ZipPackage (const uno::Reference < XMultiServiceFactory > &xNewFactory) : m_aMutexHolder( new SotMutexHolder ) -, bHasEncryptedEntries ( sal_False ) -, bUseManifest ( sal_True ) -, bForceRecovery ( sal_False ) +, m_bHasEncryptedEntries ( sal_False ) +, m_bHasNonEncryptedEntries ( sal_False ) +, m_bUseManifest ( sal_True ) +, m_bForceRecovery ( sal_False ) , m_bMediaTypeFallbackUsed ( sal_False ) , m_nFormat( PACKAGE_FORMAT ) // package is the default format , m_bAllowRemoveOnInsert( sal_True ) -, eMode ( e_IMode_None ) -, xFactory( xNewFactory ) -, pRootFolder( NULL ) -, pZipFile( NULL ) +, m_eMode ( e_IMode_None ) +, m_xFactory( xNewFactory ) +, m_pRootFolder( NULL ) +, m_pZipFile( NULL ) { - xRootFolder = pRootFolder = new ZipPackageFolder( xFactory, m_nFormat, m_bAllowRemoveOnInsert ); + m_xRootFolder = m_pRootFolder = new ZipPackageFolder( m_xFactory, m_nFormat, m_bAllowRemoveOnInsert ); } ZipPackage::~ZipPackage( void ) { - delete pZipFile; + delete m_pZipFile; // All folders and streams contain pointers to their parents, when a parent diappeares // it should disconnect all the children from itself during destruction automatically. - // So there is no need in explicit pRootFolder->releaseUpwardRef() call here any more - // since pRootFolder has no parent and cleaning of it's children will be done automatically - // during pRootFolder dieing by refcount. + // So there is no need in explicit m_pRootFolder->releaseUpwardRef() call here any more + // since m_pRootFolder has no parent and cleaning of it's children will be done automatically + // during m_pRootFolder dieing by refcount. #if 0 // As all folders and streams contain references to their parents, // we must remove these references so that they will be deleted when // the hash_map of the root folder is cleared, releasing all subfolders - // and substreams which in turn release theirs, etc. When xRootFolder is + // and substreams which in turn release theirs, etc. When m_xRootFolder is // released when this destructor completes, the folder tree should be // deleted fully (and automagically). - pRootFolder->releaseUpwardRef(); + m_pRootFolder->releaseUpwardRef(); #endif } @@ -241,13 +242,13 @@ void ZipPackage::parseManifest() { sal_Bool bManifestParsed = sal_False; const OUString sMeta ( RTL_CONSTASCII_USTRINGPARAM ( "META-INF" ) ); - if ( xRootFolder->hasByName( sMeta ) ) + if ( m_xRootFolder->hasByName( sMeta ) ) { const OUString sManifest (RTL_CONSTASCII_USTRINGPARAM( "manifest.xml") ); try { uno::Reference< XUnoTunnel > xTunnel; - Any aAny = xRootFolder->getByName( sMeta ); + Any aAny = m_xRootFolder->getByName( sMeta ); aAny >>= xTunnel; uno::Reference< XNameContainer > xMetaInfFolder( xTunnel, UNO_QUERY ); if ( xMetaInfFolder.is() && xMetaInfFolder->hasByName( sManifest ) ) @@ -258,7 +259,7 @@ void ZipPackage::parseManifest() if (xSink.is()) { OUString sManifestReader ( RTL_CONSTASCII_USTRINGPARAM ( "com.sun.star.packages.manifest.ManifestReader" ) ); - uno::Reference < XManifestReader > xReader (xFactory->createInstance( sManifestReader ), UNO_QUERY ); + uno::Reference < XManifestReader > xReader (m_xFactory->createInstance( sManifestReader ), UNO_QUERY ); if ( xReader.is() ) { const OUString sPropFullPath ( RTL_CONSTASCII_USTRINGPARAM ( "FullPath" ) ); @@ -300,6 +301,7 @@ void ZipPackage::parseManifest() else if (pValue[j].Name.equals( sPropDigest ) ) pDigest = &(pValue[j].Value); } + if (sPath.getLength() && hasByHierarchicalName ( sPath ) ) { aAny = getByHierarchicalName( sPath ); @@ -316,6 +318,7 @@ void ZipPackage::parseManifest() { pStream = reinterpret_cast < ZipPackageStream* > ( xUnoTunnel->getSomething(ZipPackageStream::static_getImplementationId())); pStream->SetMediaType ( sMediaType ); + pStream->SetFromManifest( sal_True ); if (pSalt && pVector && pCount && pSize) { @@ -344,9 +347,12 @@ void ZipPackage::parseManifest() pStream->SetToBeCompressed ( sal_True ); pStream->SetToBeEncrypted ( sal_True ); pStream->SetIsEncrypted ( sal_True ); - if ( !bHasEncryptedEntries && pStream->getName().compareToAscii ( "content.xml" ) == 0 ) - bHasEncryptedEntries = sal_True; + if ( !m_bHasEncryptedEntries + && pStream->getName().equals( ::rtl::OUString( RTL_CONSTASCII_USTRINGPARAM( "content.xml" ) ) ) ) + m_bHasEncryptedEntries = sal_True; } + else + m_bHasNonEncryptedEntries = sal_True; } } } @@ -354,7 +360,7 @@ void ZipPackage::parseManifest() bManifestParsed = sal_True; } else - VOS_ENSURE ( 0, "Couldn't get a ManifestReader!" ); // throw RuntimeException? + throw uno::RuntimeException( ::rtl::OUString( RTL_CONSTASCII_USTRINGPARAM( OSL_LOG_PREFIX "No manifes parser!" ) ), uno::Reference< uno::XInterface >() ); } // now hide the manifest.xml file from user @@ -363,46 +369,76 @@ void ZipPackage::parseManifest() } catch( Exception& ) { - if ( !bForceRecovery ) + if ( !m_bForceRecovery ) throw; } } + if ( !bManifestParsed && !m_bForceRecovery ) + throw ZipIOException( + ::rtl::OUString( RTL_CONSTASCII_USTRINGPARAM( OSL_LOG_PREFIX "Could not parse manifest.xml\n" ) ), + uno::Reference< uno::XInterface >() ); + const OUString sMimetype ( RTL_CONSTASCII_USTRINGPARAM ( "mimetype" ) ); - if ( xRootFolder->hasByName( sMimetype ) ) + if ( m_xRootFolder->hasByName( sMimetype ) ) { - if ( !bManifestParsed ) + // get mediatype from the "mimetype" stream + ::rtl::OUString aPackageMediatype; + uno::Reference< lang::XUnoTunnel > xMimeTypeTunnel; + m_xRootFolder->getByName( sMimetype ) >>= xMimeTypeTunnel; + uno::Reference < io::XActiveDataSink > xMimeSink( xMimeTypeTunnel, UNO_QUERY ); + if ( xMimeSink.is() ) { - // try to get mediatype from the "mimetype" stream - uno::Reference< lang::XUnoTunnel > xMimeTypeTunnel; - xRootFolder->getByName( sMimetype ) >>= xMimeTypeTunnel; - uno::Reference < io::XActiveDataSink > xMimeSink( xMimeTypeTunnel, UNO_QUERY ); - if ( xMimeSink.is() ) + uno::Reference< io::XInputStream > xMimeInStream = xMimeSink->getInputStream(); + if ( xMimeInStream.is() ) { - uno::Reference< io::XInputStream > xMimeInStream = xMimeSink->getInputStream(); - if ( xMimeInStream.is() ) - { - // Mediatypes longer than 1024 symbols should not appear here - uno::Sequence< sal_Int8 > aData( 1024 ); - sal_Int32 nRead = xMimeInStream->readBytes( aData, 1024 ); - OSL_ENSURE( nRead == aData.getLength(), "Difference between reading result and data!\n" ); - if ( nRead > aData.getLength() ) - nRead = aData.getLength(); - if ( nRead ) - { - ::rtl::OUString aFallBack( (sal_Char*)aData.getConstArray(), nRead, RTL_TEXTENCODING_ASCII_US ); - if ( aFallBack.compareToAscii( RTL_CONSTASCII_STRINGPARAM( "application/vnd." ) ) == 0 ) - { - // accept only types that look similar to own mediatypes - pRootFolder->SetMediaType( aFallBack ); - m_bMediaTypeFallbackUsed = sal_True; - } - } - } + // Mediatypes longer than 1024 symbols should not appear here + uno::Sequence< sal_Int8 > aData( 1024 ); + sal_Int32 nRead = xMimeInStream->readBytes( aData, 1024 ); + if ( nRead > aData.getLength() ) + nRead = aData.getLength(); + + if ( nRead ) + aPackageMediatype = ::rtl::OUString( (sal_Char*)aData.getConstArray(), nRead, RTL_TEXTENCODING_ASCII_US ); } + } + + if ( !bManifestParsed ) + { + // the manifest.xml could not be successfuly parsed, this is an inconsistent package + if ( aPackageMediatype.compareToAscii( RTL_CONSTASCII_STRINGPARAM( "application/vnd." ) ) == 0 ) + { + // accept only types that look similar to own mediatypes + m_pRootFolder->SetMediaType( aPackageMediatype ); + m_bMediaTypeFallbackUsed = sal_True; + } + } + else if ( !m_bForceRecovery ) + { + // the mimetype stream should contain the information from manifest.xml + if ( !m_pRootFolder->GetMediaType().equals( aPackageMediatype ) ) + throw ZipIOException( + ::rtl::OUString( RTL_CONSTASCII_USTRINGPARAM( OSL_LOG_PREFIX "mimetype conflicts with manifest.xml\n" ) ), + uno::Reference< uno::XInterface >() ); } - xRootFolder->removeByName( sMimetype ); + + m_xRootFolder->removeByName( sMimetype ); + } + + sal_Bool bODF12AndOlder = ( m_pRootFolder->GetVersion().compareTo( ODFVER_012_TEXT ) >= 0 ); + if ( !m_bForceRecovery && bODF12AndOlder && m_pRootFolder->LookForUnexpectedODF12Streams( ::rtl::OUString() ) ) + { + // this is an ODF1.2 document that contains streams not referred in the manifest.xml + throw ZipIOException( + ::rtl::OUString( RTL_CONSTASCII_USTRINGPARAM( OSL_LOG_PREFIX "there are streams not referred in manifest.xml\n" ) ), + uno::Reference< uno::XInterface >() ); + } + + if ( bODF12AndOlder ) + { + // it is ODF1.2 or later, let the META-INF folder be unavailable for user + m_xRootFolder->removeByName( sMeta ); } } } @@ -414,12 +450,12 @@ void ZipPackage::parseContentType() const ::rtl::OUString aContentTypes( RTL_CONSTASCII_USTRINGPARAM ( "[Content_Types].xml" ) ); try { // the content type must exist in OFOPXML format! - if ( !xRootFolder->hasByName( aContentTypes ) ) + if ( !m_xRootFolder->hasByName( aContentTypes ) ) throw io::IOException( ::rtl::OUString( RTL_CONSTASCII_USTRINGPARAM( OSL_LOG_PREFIX "Wrong format!" ) ), uno::Reference< uno::XInterface >() ); uno::Reference< lang::XUnoTunnel > xTunnel; - uno::Any aAny = xRootFolder->getByName( aContentTypes ); + uno::Any aAny = m_xRootFolder->getByName( aContentTypes ); aAny >>= xTunnel; uno::Reference < io::XActiveDataSink > xSink( xTunnel, UNO_QUERY ); if ( xSink.is() ) @@ -430,14 +466,14 @@ void ZipPackage::parseContentType() sal_Int32 nInd = 0; // here aContentTypeInfo[0] - Defaults, and aContentTypeInfo[1] - Overrides uno::Sequence< uno::Sequence< beans::StringPair > > aContentTypeInfo = - ::comphelper::OFOPXMLHelper::ReadContentTypeSequence( xInStream, xFactory ); + ::comphelper::OFOPXMLHelper::ReadContentTypeSequence( xInStream, m_xFactory ); if ( aContentTypeInfo.getLength() != 2 ) throw io::IOException( ::rtl::OUString( RTL_CONSTASCII_USTRINGPARAM( OSL_LOG_PREFIX ) ), uno::Reference< uno::XInterface >() ); // set the implicit types fist for ( nInd = 0; nInd < aContentTypeInfo[0].getLength(); nInd++ ) - pRootFolder->setChildStreamsTypeByExtension( aContentTypeInfo[0][nInd] ); + m_pRootFolder->setChildStreamsTypeByExtension( aContentTypeInfo[0][nInd] ); // now set the explicit types for ( nInd = 0; nInd < aContentTypeInfo[1].getLength(); nInd++ ) @@ -465,11 +501,11 @@ void ZipPackage::parseContentType() } } - xRootFolder->removeByName( aContentTypes ); + m_xRootFolder->removeByName( aContentTypes ); } catch( uno::Exception& ) { - if ( !bForceRecovery ) + if ( !m_bForceRecovery ) throw; } } @@ -477,7 +513,7 @@ void ZipPackage::parseContentType() void ZipPackage::getZipFileContents() { - auto_ptr < ZipEnumeration > pEnum ( pZipFile->entries() ); + auto_ptr < ZipEnumeration > pEnum ( m_pZipFile->entries() ); ZipPackageStream *pPkgStream; ZipPackageFolder *pPkgFolder, *pCurrent; OUString sTemp, sDirName; @@ -487,20 +523,20 @@ void ZipPackage::getZipFileContents() while (pEnum->hasMoreElements()) { nIndex = nOldIndex = 0; - pCurrent = pRootFolder; + pCurrent = m_pRootFolder; const ZipEntry & rEntry = *pEnum->nextElement(); - const OUString & rName = rEntry.sName; + const OUString & rName = rEntry.sPath; nStreamIndex = rName.lastIndexOf ( '/' ); if ( nStreamIndex != -1 ) { sDirName = rName.copy ( 0, nStreamIndex); - aIter = aRecent.find ( sDirName ); - if ( aIter != aRecent.end() ) + aIter = m_aRecent.find ( sDirName ); + if ( aIter != m_aRecent.end() ) pCurrent = (*aIter).second; } - if ( pCurrent == pRootFolder ) + if ( pCurrent == m_pRootFolder ) { while ( (nIndex = rName.indexOf('/', nOldIndex) ) != -1 ) { @@ -509,7 +545,7 @@ void ZipPackage::getZipFileContents() break; if ( !pCurrent->hasByName( sTemp ) ) { - pPkgFolder = new ZipPackageFolder( xFactory, m_nFormat, m_bAllowRemoveOnInsert ); + pPkgFolder = new ZipPackageFolder( m_xFactory, m_nFormat, m_bAllowRemoveOnInsert ); pPkgFolder->setName( sTemp ); pPkgFolder->doSetParent( pCurrent, sal_True ); pCurrent = pPkgFolder; @@ -519,13 +555,13 @@ void ZipPackage::getZipFileContents() nOldIndex = nIndex+1; } if ( nStreamIndex != -1 && sDirName.getLength() ) - aRecent [ sDirName ] = pCurrent; + m_aRecent [ sDirName ] = pCurrent; } if ( rName.getLength() -1 != nStreamIndex ) { nStreamIndex++; sTemp = rName.copy( nStreamIndex, rName.getLength() - nStreamIndex); - pPkgStream = new ZipPackageStream( *this, xFactory, m_bAllowRemoveOnInsert ); + pPkgStream = new ZipPackageStream( *this, m_xFactory, m_bAllowRemoveOnInsert ); pPkgStream->SetPackageMember( sal_True ); pPkgStream->setZipEntryOnLoading( rEntry ); pPkgStream->setName( sTemp ); @@ -555,13 +591,13 @@ void SAL_CALL ZipPackage::initialize( const Sequence< Any >& aArguments ) OUString aParamUrl; if ( (aArguments[ind] >>= aParamUrl)) { - eMode = e_IMode_URL; + m_eMode = e_IMode_URL; try { sal_Int32 nParam = aParamUrl.indexOf( '?' ); if ( nParam >= 0 ) { - sURL = aParamUrl.copy( 0, nParam ); + m_aURL = aParamUrl.copy( 0, nParam ); OUString aParam = aParamUrl.copy( nParam + 1 ); sal_Int32 nIndex = 0; @@ -570,28 +606,28 @@ void SAL_CALL ZipPackage::initialize( const Sequence< Any >& aArguments ) ::rtl::OUString aCommand = aParam.getToken( 0, '&', nIndex ); if ( aCommand.equals( OUString::createFromAscii( "repairpackage" ) ) ) { - bForceRecovery = sal_True; + m_bForceRecovery = sal_True; break; } else if ( aCommand.equals( OUString::createFromAscii( "purezip" ) ) ) { m_nFormat = ZIP_FORMAT; - pRootFolder->setPackageFormat_Impl( m_nFormat ); + m_pRootFolder->setPackageFormat_Impl( m_nFormat ); break; } else if ( aCommand.equals( OUString::createFromAscii( "ofopxml" ) ) ) { m_nFormat = OFOPXML_FORMAT; - pRootFolder->setPackageFormat_Impl( m_nFormat ); + m_pRootFolder->setPackageFormat_Impl( m_nFormat ); break; } } while ( nIndex >= 0 ); } else - sURL = aParamUrl; + m_aURL = aParamUrl; - Content aContent ( sURL, uno::Reference < XCommandEnvironment >() ); + Content aContent ( m_aURL, uno::Reference < XCommandEnvironment >() ); Any aAny = aContent.getPropertyValue( OUString::createFromAscii( "Size" ) ); sal_uInt64 aSize = 0; // kind of optimisation: treat empty files as nonexistent files @@ -601,7 +637,7 @@ void SAL_CALL ZipPackage::initialize( const Sequence< Any >& aArguments ) { uno::Reference < XActiveDataSink > xSink = new ZipPackageSink; if (aContent.openStream ( xSink ) ) - xContentStream = xSink->getInputStream(); + m_xContentStream = xSink->getInputStream(); } else bHaveZipFile = sal_False; @@ -614,20 +650,20 @@ void SAL_CALL ZipPackage::initialize( const Sequence< Any >& aArguments ) bHaveZipFile = sal_False; } } - else if ( (aArguments[ind] >>= xStream ) ) + else if ( (aArguments[ind] >>= m_xStream ) ) { // a writable stream can implement both XStream & XInputStream - eMode = e_IMode_XStream; - xContentStream = xStream->getInputStream(); + m_eMode = e_IMode_XStream; + m_xContentStream = m_xStream->getInputStream(); } - else if ( (aArguments[ind] >>= xContentStream) ) + else if ( (aArguments[ind] >>= m_xContentStream) ) { - eMode = e_IMode_XInputStream; + m_eMode = e_IMode_XInputStream; } else if ( ( aArguments[ind] >>= aNamedValue ) ) { if ( aNamedValue.Name.equalsAscii( "RepairPackage" ) ) - aNamedValue.Value >>= bForceRecovery; + aNamedValue.Value >>= m_bForceRecovery; else if ( aNamedValue.Name.equalsAscii( "PackageFormat" ) ) { // setting this argument to true means Package format @@ -638,27 +674,27 @@ void SAL_CALL ZipPackage::initialize( const Sequence< Any >& aArguments ) if ( !bPackFormat ) m_nFormat = ZIP_FORMAT; - pRootFolder->setPackageFormat_Impl( m_nFormat ); + m_pRootFolder->setPackageFormat_Impl( m_nFormat ); } else if ( aNamedValue.Name.equalsAscii( "StorageFormat" ) ) { ::rtl::OUString aFormatName; aNamedValue.Value >>= aFormatName; - if ( aFormatName.equalsAscii( "PackageFormat" ) ) + if ( aFormatName.equals( PACKAGE_STORAGE_FORMAT_STRING ) ) m_nFormat = PACKAGE_FORMAT; - else if ( aFormatName.equalsAscii( "ZipFormat" ) ) + else if ( aFormatName.equals( ZIP_STORAGE_FORMAT_STRING ) ) m_nFormat = ZIP_FORMAT; - else if ( aFormatName.equalsAscii( "OFOPXMLFormat" ) ) + else if ( aFormatName.equals( OFOPXML_STORAGE_FORMAT_STRING ) ) m_nFormat = OFOPXML_FORMAT; else throw lang::IllegalArgumentException( ::rtl::OUString( RTL_CONSTASCII_USTRINGPARAM( OSL_LOG_PREFIX ) ), uno::Reference< uno::XInterface >(), 1 ); - pRootFolder->setPackageFormat_Impl( m_nFormat ); + m_pRootFolder->setPackageFormat_Impl( m_nFormat ); } else if ( aNamedValue.Name.equalsAscii( "AllowRemoveOnInsert" ) ) { aNamedValue.Value >>= m_bAllowRemoveOnInsert; - pRootFolder->setRemoveOnInsertMode_Impl( m_bAllowRemoveOnInsert ); + m_pRootFolder->setRemoveOnInsertMode_Impl( m_bAllowRemoveOnInsert ); } // for now the progress handler is not used, probably it will never be @@ -674,16 +710,16 @@ void SAL_CALL ZipPackage::initialize( const Sequence< Any >& aArguments ) try { - if (xContentStream.is()) + if (m_xContentStream.is()) { // the stream must be seekable, if it is not it will be wrapped - xContentStream = ::comphelper::OSeekableInputWrapper::CheckSeekableCanWrap( xContentStream, xFactory ); - xContentSeek = uno::Reference < XSeekable > ( xContentStream, UNO_QUERY ); - if ( ! xContentSeek.is() ) + m_xContentStream = ::comphelper::OSeekableInputWrapper::CheckSeekableCanWrap( m_xContentStream, m_xFactory ); + m_xContentSeek = uno::Reference < XSeekable > ( m_xContentStream, UNO_QUERY ); + if ( ! m_xContentSeek.is() ) throw com::sun::star::uno::Exception ( OUString( RTL_CONSTASCII_USTRINGPARAM ( OSL_LOG_PREFIX "The package component _requires_ an XSeekable interface!" ) ), static_cast < ::cppu::OWeakObject * > ( this ) ); - if ( !xContentSeek->getLength() ) + if ( !m_xContentSeek->getLength() ) bHaveZipFile = sal_False; } else @@ -700,7 +736,7 @@ void SAL_CALL ZipPackage::initialize( const Sequence< Any >& aArguments ) { try { - pZipFile = new ZipFile ( xContentStream, xFactory, sal_True, bForceRecovery, xProgressHandler ); + m_pZipFile = new ZipFile ( m_xContentStream, m_xFactory, sal_True, m_bForceRecovery, xProgressHandler ); getZipFileContents(); } catch ( IOException & ) @@ -713,14 +749,14 @@ void SAL_CALL ZipPackage::initialize( const Sequence< Any >& aArguments ) } catch ( Exception & ) { - if( pZipFile ) { delete pZipFile; pZipFile = NULL; } + if( m_pZipFile ) { delete m_pZipFile; m_pZipFile = NULL; } throw; } if ( bBadZipFile ) { // clean up the memory, and tell the UCB about the error - if( pZipFile ) { delete pZipFile; pZipFile = NULL; } + if( m_pZipFile ) { delete m_pZipFile; m_pZipFile = NULL; } throw com::sun::star::packages::zip::ZipIOException ( OUString( RTL_CONSTASCII_USTRINGPARAM ( OSL_LOG_PREFIX "Bad Zip File." ) ), @@ -740,7 +776,7 @@ Any SAL_CALL ZipPackage::getByHierarchicalName( const OUString& aName ) FolderHash::iterator aIter; if ( (nIndex = aName.getLength() ) == 1 && *aName.getStr() == '/' ) - return makeAny ( uno::Reference < XUnoTunnel > (pRootFolder) ); + return makeAny ( uno::Reference < XUnoTunnel > (m_pRootFolder) ); else { nStreamIndex = aName.lastIndexOf ( '/' ); @@ -748,8 +784,8 @@ Any SAL_CALL ZipPackage::getByHierarchicalName( const OUString& aName ) if ( nStreamIndex != -1 ) { sDirName = aName.copy ( 0, nStreamIndex); - aIter = aRecent.find ( sDirName ); - if ( aIter != aRecent.end() ) + aIter = m_aRecent.find ( sDirName ); + if ( aIter != m_aRecent.end() ) { if ( bFolder ) { @@ -758,7 +794,7 @@ Any SAL_CALL ZipPackage::getByHierarchicalName( const OUString& aName ) if ( sTemp == (*aIter).second->getName() ) return makeAny ( uno::Reference < XUnoTunnel > ( (*aIter).second ) ); else - aRecent.erase ( aIter ); + m_aRecent.erase ( aIter ); } else { @@ -766,17 +802,17 @@ Any SAL_CALL ZipPackage::getByHierarchicalName( const OUString& aName ) if ( (*aIter).second->hasByName( sTemp ) ) return (*aIter).second->getByName( sTemp ); else - aRecent.erase( aIter ); + m_aRecent.erase( aIter ); } } } else { - if ( pRootFolder->hasByName ( aName ) ) - return pRootFolder->getByName ( aName ); + if ( m_pRootFolder->hasByName ( aName ) ) + return m_pRootFolder->getByName ( aName ); } nOldIndex = 0; - ZipPackageFolder * pCurrent = pRootFolder; + ZipPackageFolder * pCurrent = m_pRootFolder; ZipPackageFolder * pPrevious = NULL; while ( ( nIndex = aName.indexOf('/', nOldIndex)) != -1) { @@ -795,7 +831,7 @@ Any SAL_CALL ZipPackage::getByHierarchicalName( const OUString& aName ) if ( bFolder ) { if (nStreamIndex != -1 ) - aRecent[sDirName] = pPrevious; + m_aRecent[sDirName] = pPrevious; return makeAny ( uno::Reference < XUnoTunnel > ( pCurrent ) ); } else @@ -804,7 +840,7 @@ Any SAL_CALL ZipPackage::getByHierarchicalName( const OUString& aName ) if ( pCurrent->hasByName ( sTemp ) ) { if (nStreamIndex != -1 ) - aRecent[sDirName] = pCurrent; + m_aRecent[sDirName] = pCurrent; return pCurrent->getByName( sTemp ); } else @@ -829,8 +865,8 @@ sal_Bool SAL_CALL ZipPackage::hasByHierarchicalName( const OUString& aName ) if ( nStreamIndex != -1 ) { sDirName = aName.copy ( 0, nStreamIndex); - aIter = aRecent.find ( sDirName ); - if ( aIter != aRecent.end() ) + aIter = m_aRecent.find ( sDirName ); + if ( aIter != m_aRecent.end() ) { if ( bFolder ) { @@ -839,7 +875,7 @@ sal_Bool SAL_CALL ZipPackage::hasByHierarchicalName( const OUString& aName ) if ( sTemp == (*aIter).second->getName() ) return sal_True; else - aRecent.erase ( aIter ); + m_aRecent.erase ( aIter ); } else { @@ -847,16 +883,16 @@ sal_Bool SAL_CALL ZipPackage::hasByHierarchicalName( const OUString& aName ) if ( (*aIter).second->hasByName( sTemp ) ) return sal_True; else - aRecent.erase( aIter ); + m_aRecent.erase( aIter ); } } } else { - if ( pRootFolder->hasByName ( aName ) ) + if ( m_pRootFolder->hasByName ( aName ) ) return sal_True; } - ZipPackageFolder * pCurrent = pRootFolder; + ZipPackageFolder * pCurrent = m_pRootFolder; ZipPackageFolder * pPrevious = NULL; nOldIndex = 0; while ( ( nIndex = aName.indexOf('/', nOldIndex)) != -1) @@ -875,7 +911,7 @@ sal_Bool SAL_CALL ZipPackage::hasByHierarchicalName( const OUString& aName ) } if ( bFolder ) { - aRecent[sDirName] = pPrevious; + m_aRecent[sDirName] = pPrevious; return sal_True; } else @@ -884,7 +920,7 @@ sal_Bool SAL_CALL ZipPackage::hasByHierarchicalName( const OUString& aName ) if ( pCurrent->hasByName( sTemp ) ) { - aRecent[sDirName] = pCurrent; + m_aRecent[sDirName] = pCurrent; return sal_True; } } @@ -896,7 +932,7 @@ sal_Bool SAL_CALL ZipPackage::hasByHierarchicalName( const OUString& aName ) uno::Reference< XInterface > SAL_CALL ZipPackage::createInstance( ) throw(Exception, RuntimeException) { - uno::Reference < XInterface > xRef = *(new ZipPackageStream ( *this, xFactory, m_bAllowRemoveOnInsert )); + uno::Reference < XInterface > xRef = *(new ZipPackageStream ( *this, m_xFactory, m_bAllowRemoveOnInsert )); return xRef; } uno::Reference< XInterface > SAL_CALL ZipPackage::createInstanceWithArguments( const Sequence< Any >& aArguments ) @@ -907,9 +943,9 @@ uno::Reference< XInterface > SAL_CALL ZipPackage::createInstanceWithArguments( c if ( aArguments.getLength() ) aArguments[0] >>= bArg; if (bArg) - xRef = *new ZipPackageFolder ( xFactory, m_nFormat, m_bAllowRemoveOnInsert ); + xRef = *new ZipPackageFolder ( m_xFactory, m_nFormat, m_bAllowRemoveOnInsert ); else - xRef = *new ZipPackageStream ( *this, xFactory, m_bAllowRemoveOnInsert ); + xRef = *new ZipPackageStream ( *this, m_xFactory, m_bAllowRemoveOnInsert ); return xRef; } @@ -917,17 +953,17 @@ uno::Reference< XInterface > SAL_CALL ZipPackage::createInstanceWithArguments( c void ZipPackage::WriteMimetypeMagicFile( ZipOutputStream& aZipOut ) { const OUString sMime ( RTL_CONSTASCII_USTRINGPARAM ( "mimetype" ) ); - if (xRootFolder->hasByName( sMime ) ) - xRootFolder->removeByName( sMime ); + if (m_xRootFolder->hasByName( sMime ) ) + m_xRootFolder->removeByName( sMime ); ZipEntry * pEntry = new ZipEntry; - sal_Int32 nBufferLength = pRootFolder->GetMediaType( ).getLength(); - OString sMediaType = OUStringToOString( pRootFolder->GetMediaType(), RTL_TEXTENCODING_ASCII_US ); + sal_Int32 nBufferLength = m_pRootFolder->GetMediaType( ).getLength(); + OString sMediaType = OUStringToOString( m_pRootFolder->GetMediaType(), RTL_TEXTENCODING_ASCII_US ); Sequence< sal_Int8 > aType( (sal_Int8*)sMediaType.getStr(), nBufferLength ); - pEntry->sName = sMime; + pEntry->sPath = sMime; pEntry->nMethod = STORED; pEntry->nSize = pEntry->nCompressedSize = nBufferLength; pEntry->nTime = ZipOutputStream::getCurrentDosTime(); @@ -958,14 +994,14 @@ void ZipPackage::WriteManifest( ZipOutputStream& aZipOut, const vector< Sequence // Write the manifest uno::Reference < XOutputStream > xManOutStream; OUString sManifestWriter( RTL_CONSTASCII_USTRINGPARAM ( "com.sun.star.packages.manifest.ManifestWriter" ) ); - uno::Reference < XManifestWriter > xWriter ( xFactory->createInstance( sManifestWriter ), UNO_QUERY ); + uno::Reference < XManifestWriter > xWriter ( m_xFactory->createInstance( sManifestWriter ), UNO_QUERY ); if ( xWriter.is() ) { ZipEntry * pEntry = new ZipEntry; ZipPackageBuffer *pBuffer = new ZipPackageBuffer( n_ConstBufferSize ); xManOutStream = uno::Reference < XOutputStream > (*pBuffer, UNO_QUERY); - pEntry->sName = OUString( RTL_CONSTASCII_USTRINGPARAM ( "META-INF/manifest.xml") ); + pEntry->sPath = OUString( RTL_CONSTASCII_USTRINGPARAM ( "META-INF/manifest.xml") ); pEntry->nMethod = DEFLATED; pEntry->nCrc = pEntry->nSize = pEntry->nCompressedSize = -1; pEntry->nTime = ZipOutputStream::getCurrentDosTime(); @@ -1008,7 +1044,7 @@ void ZipPackage::WriteContentTypes( ZipOutputStream& aZipOut, const vector< Sequ ZipPackageBuffer *pBuffer = new ZipPackageBuffer( n_ConstBufferSize ); uno::Reference< io::XOutputStream > xConTypeOutStream( *pBuffer, UNO_QUERY ); - pEntry->sName = ::rtl::OUString( RTL_CONSTASCII_USTRINGPARAM ( "[Content_Types].xml") ); + pEntry->sPath = ::rtl::OUString( RTL_CONSTASCII_USTRINGPARAM ( "[Content_Types].xml") ); pEntry->nMethod = DEFLATED; pEntry->nCrc = pEntry->nSize = pEntry->nCompressedSize = -1; pEntry->nTime = ZipOutputStream::getCurrentDosTime(); @@ -1040,7 +1076,7 @@ void ZipPackage::WriteContentTypes( ZipOutputStream& aZipOut, const vector< Sequ aOverridesSequence.realloc( nSeqLength ); ::comphelper::OFOPXMLHelper::WriteContentSequence( - xConTypeOutStream, aDefaultsSequence, aOverridesSequence, xFactory ); + xConTypeOutStream, aDefaultsSequence, aOverridesSequence, m_xFactory ); sal_Int32 nBufferLength = static_cast < sal_Int32 > ( pBuffer->getPosition() ); pBuffer->realloc( nBufferLength ); @@ -1054,15 +1090,15 @@ void ZipPackage::WriteContentTypes( ZipOutputStream& aZipOut, const vector< Sequ void ZipPackage::ConnectTo( const uno::Reference< io::XInputStream >& xInStream ) { - xContentSeek.set( xInStream, uno::UNO_QUERY_THROW ); - xContentStream = xInStream; + m_xContentSeek.set( xInStream, uno::UNO_QUERY_THROW ); + m_xContentStream = xInStream; // seek back to the beginning of the temp file so we can read segments from it - xContentSeek->seek( 0 ); - if ( pZipFile ) - pZipFile->setInputStream( xContentStream ); + m_xContentSeek->seek( 0 ); + if ( m_pZipFile ) + m_pZipFile->setInputStream( m_xContentStream ); else - pZipFile = new ZipFile ( xContentStream, xFactory, sal_False ); + m_pZipFile = new ZipFile ( m_xContentStream, m_xFactory, sal_False ); } uno::Reference< io::XInputStream > ZipPackage::writeTempFile() @@ -1079,7 +1115,7 @@ uno::Reference< io::XInputStream > ZipPackage::writeTempFile() uno::Reference < io::XOutputStream > xTempOut; uno::Reference< io::XActiveDataStreamer > xSink; - if ( eMode == e_IMode_URL && !pZipFile && isLocalFile_Impl( sURL ) ) + if ( m_eMode == e_IMode_URL && !m_pZipFile && isLocalFile_Impl( m_aURL ) ) { xSink = openOriginalForOutput(); if( xSink.is() ) @@ -1093,10 +1129,10 @@ uno::Reference< io::XInputStream > ZipPackage::writeTempFile() } } } - else if ( eMode == e_IMode_XStream && !pZipFile ) + else if ( m_eMode == e_IMode_XStream && !m_pZipFile ) { // write directly to an empty stream - xTempOut = xStream->getOutputStream(); + xTempOut = m_xStream->getOutputStream(); if( xTempOut.is() ) bUseTemp = sal_False; } @@ -1105,7 +1141,7 @@ uno::Reference< io::XInputStream > ZipPackage::writeTempFile() { // create temporary file const OUString sServiceName ( RTL_CONSTASCII_USTRINGPARAM ( "com.sun.star.io.TempFile" ) ); - uno::Reference < io::XStream > xTempFile( xFactory->createInstance ( sServiceName ), UNO_QUERY_THROW ); + uno::Reference < io::XStream > xTempFile( m_xFactory->createInstance ( sServiceName ), UNO_QUERY_THROW ); xTempOut.set( xTempFile->getOutputStream(), UNO_SET_THROW ); xTempIn.set( xTempFile->getInputStream(), UNO_SET_THROW ); } @@ -1124,12 +1160,12 @@ uno::Reference< io::XInputStream > ZipPackage::writeTempFile() // META-INF directory implicitly created if does not exist const OUString sMeta ( RTL_CONSTASCII_USTRINGPARAM ( "META-INF" ) ); - if ( xRootFolder->hasByName( sMeta ) ) + if ( m_xRootFolder->hasByName( sMeta ) ) { const OUString sManifest (RTL_CONSTASCII_USTRINGPARAM( "manifest.xml") ); uno::Reference< XUnoTunnel > xTunnel; - Any aAny = xRootFolder->getByName( sMeta ); + Any aAny = m_xRootFolder->getByName( sMeta ); aAny >>= xTunnel; uno::Reference< XNameContainer > xMetaInfFolder( xTunnel, UNO_QUERY ); if ( xMetaInfFolder.is() && xMetaInfFolder->hasByName( sManifest ) ) @@ -1146,8 +1182,8 @@ uno::Reference< io::XInputStream > ZipPackage::writeTempFile() const ::rtl::OUString aContentTypes( RTL_CONSTASCII_USTRINGPARAM ( "[Content_Types].xml" ) ); - if ( xRootFolder->hasByName( aContentTypes ) ) - xRootFolder->removeByName( aContentTypes ); + if ( m_xRootFolder->hasByName( aContentTypes ) ) + m_xRootFolder->removeByName( aContentTypes ); } // Create a vector to store data for the manifest.xml file @@ -1161,9 +1197,9 @@ uno::Reference< io::XInputStream > ZipPackage::writeTempFile() { Sequence < PropertyValue > aPropSeq ( PKG_SIZE_NOENCR_MNFST ); aPropSeq [PKG_MNFST_MEDIATYPE].Name = sMediaType; - aPropSeq [PKG_MNFST_MEDIATYPE].Value <<= pRootFolder->GetMediaType( ); + aPropSeq [PKG_MNFST_MEDIATYPE].Value <<= m_pRootFolder->GetMediaType( ); aPropSeq [PKG_MNFST_VERSION].Name = sVersion; - aPropSeq [PKG_MNFST_VERSION].Value <<= pRootFolder->GetVersion( ); + aPropSeq [PKG_MNFST_VERSION].Value <<= m_pRootFolder->GetVersion( ); aPropSeq [PKG_MNFST_FULLPATH].Name = sFullPath; aPropSeq [PKG_MNFST_FULLPATH].Value <<= OUString ( RTL_CONSTASCII_USTRINGPARAM ( "/" ) ); @@ -1181,12 +1217,12 @@ uno::Reference< io::XInputStream > ZipPackage::writeTempFile() // call saveContents (it will recursively save sub-directories OUString aEmptyString; - pRootFolder->saveContents( aEmptyString, aManList, aZipOut, aEncryptionKey, aRandomPool ); + m_pRootFolder->saveContents( aEmptyString, aManList, aZipOut, m_aEncryptionKey, aRandomPool ); // Clean up random pool memory rtl_random_destroyPool ( aRandomPool ); - if( bUseManifest && m_nFormat == PACKAGE_FORMAT ) + if( m_bUseManifest && m_nFormat == PACKAGE_FORMAT ) { WriteManifest( aZipOut, aManList ); } @@ -1214,10 +1250,10 @@ uno::Reference< io::XInputStream > ZipPackage::writeTempFile() // no need to postpone switching to the new stream since the target was written directly uno::Reference< io::XInputStream > xNewStream; - if ( eMode == e_IMode_URL ) + if ( m_eMode == e_IMode_URL ) xNewStream = xSink->getStream()->getInputStream(); - else if ( eMode == e_IMode_XStream && xStream.is() ) - xNewStream = xStream->getInputStream(); + else if ( m_eMode == e_IMode_XStream && m_xStream.is() ) + xNewStream = m_xStream->getInputStream(); if ( xNewStream.is() ) ConnectTo( xNewStream ); @@ -1258,10 +1294,10 @@ uno::Reference< io::XInputStream > ZipPackage::writeTempFile() uno::Reference< XActiveDataStreamer > ZipPackage::openOriginalForOutput() { // open and truncate the original file - Content aOriginalContent (sURL, uno::Reference < XCommandEnvironment >() ); + Content aOriginalContent (m_aURL, uno::Reference < XCommandEnvironment >() ); uno::Reference< XActiveDataStreamer > xSink = new ActiveDataStreamer; - if ( eMode == e_IMode_URL ) + if ( m_eMode == e_IMode_URL ) { try { @@ -1313,7 +1349,7 @@ void SAL_CALL ZipPackage::commitChanges() // lock the component for the time of commiting ::osl::MutexGuard aGuard( m_aMutexHolder->GetMutex() ); - if ( eMode == e_IMode_XInputStream ) + if ( m_eMode == e_IMode_XInputStream ) { IOException aException; throw WrappedTargetException( OUString( RTL_CONSTASCII_USTRINGPARAM ( OSL_LOG_PREFIX "This package is read only!" ) ), @@ -1331,9 +1367,9 @@ void SAL_CALL ZipPackage::commitChanges() uno::Reference< io::XSeekable > xTempSeek( xTempInStream, uno::UNO_QUERY_THROW ); // switch to the new temporary stream only after the transfer - PostinitializationGuard( xTempInStream, *this ); + PostinitializationGuard aPostInitGuard( xTempInStream, *this ); - if ( eMode == e_IMode_XStream ) + if ( m_eMode == e_IMode_XStream ) { // First truncate our output stream uno::Reference < XOutputStream > xOutputStream; @@ -1343,7 +1379,7 @@ void SAL_CALL ZipPackage::commitChanges() { xTempSeek->seek( 0 ); - xOutputStream = xStream->getOutputStream(); + xOutputStream = m_xStream->getOutputStream(); uno::Reference < XTruncate > xTruncate ( xOutputStream, UNO_QUERY ); if ( !xTruncate.is() ) throw uno::RuntimeException( ::rtl::OUString( RTL_CONSTASCII_USTRINGPARAM( OSL_LOG_PREFIX ) ), uno::Reference< uno::XInterface >() ); @@ -1376,16 +1412,16 @@ void SAL_CALL ZipPackage::commitChanges() DisconnectFromTargetAndThrowException_Impl( xTempInStream ); } } - else if ( eMode == e_IMode_URL ) + else if ( m_eMode == e_IMode_URL ) { uno::Reference< XOutputStream > aOrigFileStream; sal_Bool bCanBeCorrupted = sal_False; - if( isLocalFile_Impl( sURL ) ) + if( isLocalFile_Impl( m_aURL ) ) { // write directly in case of local file uno::Reference< ::com::sun::star::ucb::XSimpleFileAccess > xSimpleAccess( - xFactory->createInstance( ::rtl::OUString::createFromAscii( "com.sun.star.ucb.SimpleFileAccess" ) ), + m_xFactory->createInstance( ::rtl::OUString::createFromAscii( "com.sun.star.ucb.SimpleFileAccess" ) ), uno::UNO_QUERY ); OSL_ENSURE( xSimpleAccess.is(), "Can't instatiate SimpleFileAccess service!\n" ); uno::Reference< io::XTruncate > xOrigTruncate; @@ -1393,7 +1429,7 @@ void SAL_CALL ZipPackage::commitChanges() { try { - aOrigFileStream = xSimpleAccess->openFileWrite( sURL ); + aOrigFileStream = xSimpleAccess->openFileWrite( m_aURL ); xOrigTruncate = uno::Reference< io::XTruncate >( aOrigFileStream, uno::UNO_QUERY_THROW ); // after successful truncation the file is already corrupted xOrigTruncate->truncate(); @@ -1431,7 +1467,7 @@ void SAL_CALL ZipPackage::commitChanges() if ( !xPropSet.is() ) throw uno::RuntimeException( ::rtl::OUString( RTL_CONSTASCII_USTRINGPARAM( OSL_LOG_PREFIX ) ), uno::Reference< uno::XInterface >() ); - OUString sTargetFolder = sURL.copy ( 0, sURL.lastIndexOf ( static_cast < sal_Unicode > ( '/' ) ) ); + OUString sTargetFolder = m_aURL.copy ( 0, m_aURL.lastIndexOf ( static_cast < sal_Unicode > ( '/' ) ) ); Content aContent ( sTargetFolder, uno::Reference < XCommandEnvironment > () ); OUString sTempURL; @@ -1442,7 +1478,7 @@ void SAL_CALL ZipPackage::commitChanges() aInfo.NameClash = NameClash::OVERWRITE; aInfo.MoveData = sal_False; aInfo.SourceURL = sTempURL; - aInfo.NewTitle = rtl::Uri::decode ( sURL.copy ( 1 + sURL.lastIndexOf ( static_cast < sal_Unicode > ( '/' ) ) ), + aInfo.NewTitle = rtl::Uri::decode ( m_aURL.copy ( 1 + m_aURL.lastIndexOf ( static_cast < sal_Unicode > ( '/' ) ) ), rtl_UriDecodeWithCharset, RTL_TEXTENCODING_UTF8 ); aAny <<= aInfo; @@ -1472,11 +1508,11 @@ void SAL_CALL ZipPackage::commitChanges() void ZipPackage::DisconnectFromTargetAndThrowException_Impl( const uno::Reference< io::XInputStream >& xTempStream ) { - xStream = uno::Reference< io::XStream >( xTempStream, uno::UNO_QUERY ); - if ( xStream.is() ) - eMode = e_IMode_XStream; + m_xStream = uno::Reference< io::XStream >( xTempStream, uno::UNO_QUERY ); + if ( m_xStream.is() ) + m_eMode = e_IMode_XStream; else - eMode = e_IMode_XInputStream; + m_eMode = e_IMode_XInputStream; ::rtl::OUString aTempURL; try { @@ -1596,16 +1632,17 @@ void SAL_CALL ZipPackage::setPropertyValue( const OUString& aPropertyName, const throw UnknownPropertyException( ::rtl::OUString( RTL_CONSTASCII_USTRINGPARAM( OSL_LOG_PREFIX ) ), uno::Reference< uno::XInterface >() ); if (aPropertyName.equalsAsciiL(RTL_CONSTASCII_STRINGPARAM("HasEncryptedEntries") ) + ||aPropertyName.equalsAsciiL(RTL_CONSTASCII_STRINGPARAM("HasNonEncryptedEntries") ) ||aPropertyName.equalsAsciiL(RTL_CONSTASCII_STRINGPARAM("MediaTypeFallbackUsed") ) ) throw PropertyVetoException( ::rtl::OUString( RTL_CONSTASCII_USTRINGPARAM( OSL_LOG_PREFIX ) ), uno::Reference< uno::XInterface >() ); else if (aPropertyName.equalsAsciiL(RTL_CONSTASCII_STRINGPARAM("EncryptionKey") ) ) { - if (!( aValue >>= aEncryptionKey ) ) + if (!( aValue >>= m_aEncryptionKey ) ) throw IllegalArgumentException( ::rtl::OUString( RTL_CONSTASCII_USTRINGPARAM( OSL_LOG_PREFIX ) ), uno::Reference< uno::XInterface >(), 2 ); } else if (aPropertyName.equalsAsciiL(RTL_CONSTASCII_STRINGPARAM("UseManifest") ) ) { - if (!( aValue >>= bUseManifest ) ) + if (!( aValue >>= m_bUseManifest ) ) throw IllegalArgumentException( ::rtl::OUString( RTL_CONSTASCII_USTRINGPARAM( OSL_LOG_PREFIX ) ), uno::Reference< uno::XInterface >(), 2 ); } else @@ -1621,17 +1658,22 @@ Any SAL_CALL ZipPackage::getPropertyValue( const OUString& PropertyName ) Any aAny; if (PropertyName.equalsAsciiL( RTL_CONSTASCII_STRINGPARAM ( "EncryptionKey" ) ) ) { - aAny <<= aEncryptionKey; + aAny <<= m_aEncryptionKey; return aAny; } else if (PropertyName.equalsAsciiL( RTL_CONSTASCII_STRINGPARAM ( "HasEncryptedEntries" ) ) ) { - aAny <<= bHasEncryptedEntries; + aAny <<= m_bHasEncryptedEntries; + return aAny; + } + else if (PropertyName.equalsAsciiL( RTL_CONSTASCII_STRINGPARAM ( "HasNonEncryptedEntries" ) ) ) + { + aAny <<= m_bHasNonEncryptedEntries; return aAny; } else if (PropertyName.equalsAsciiL( RTL_CONSTASCII_STRINGPARAM ( "UseManifest" ) ) ) { - aAny <<= bUseManifest; + aAny <<= m_bUseManifest; return aAny; } else if (PropertyName.equalsAsciiL( RTL_CONSTASCII_STRINGPARAM ( "MediaTypeFallbackUsed" ) ) ) diff --git a/package/source/zippackage/ZipPackageEntry.cxx b/package/source/zippackage/ZipPackageEntry.cxx index 78fbb7423aa7..b233e34c2a28 100644 --- a/package/source/zippackage/ZipPackageEntry.cxx +++ b/package/source/zippackage/ZipPackageEntry.cxx @@ -65,20 +65,20 @@ ZipPackageEntry::~ZipPackageEntry() OUString SAL_CALL ZipPackageEntry::getName( ) throw(RuntimeException) { - return aEntry.sName; + return msName; } void SAL_CALL ZipPackageEntry::setName( const OUString& aName ) throw(RuntimeException) { - if ( pParent && pParent->hasByName ( aEntry.sName ) ) - pParent->removeByName ( aEntry.sName ); + if ( pParent && msName.getLength() && pParent->hasByName ( msName ) ) + pParent->removeByName ( msName ); // unfortunately no other exception than RuntimeException can be thrown here // usually the package is used through storage implementation, the problem should be detected there if ( !::comphelper::OStorageHelper::IsValidZipEntryFileName( aName, sal_True ) ) throw RuntimeException( ::rtl::OUString( RTL_CONSTASCII_USTRINGPARAM( OSL_LOG_PREFIX "Unexpected character is used in file name." ) ), Reference< XInterface >() ); - aEntry.sName = aName; + msName = aName; if ( pParent ) pParent->doInsertByName ( this, sal_False ); @@ -94,7 +94,7 @@ void ZipPackageEntry::doSetParent ( ZipPackageFolder * pNewParent, sal_Bool bIns { // xParent = pParent = pNewParent; pParent = pNewParent; - if ( bInsert && !pNewParent->hasByName ( aEntry.sName ) ) + if ( bInsert && msName.getLength() && !pNewParent->hasByName ( msName ) ) pNewParent->doInsertByName ( this, sal_False ); } @@ -110,8 +110,8 @@ void SAL_CALL ZipPackageEntry::setParent( const Reference< XInterface >& xNewPar if ( pNewParent != pParent ) { - if ( pParent && pParent->hasByName ( aEntry.sName ) && mbAllowRemoveOnInsert ) - pParent->removeByName( aEntry.sName ); + if ( pParent && msName.getLength() && pParent->hasByName ( msName ) && mbAllowRemoveOnInsert ) + pParent->removeByName( msName ); doSetParent ( pNewParent, sal_True ); } } diff --git a/package/source/zippackage/ZipPackageEntry.hxx b/package/source/zippackage/ZipPackageEntry.hxx index 89fe4c6f225b..01b47d71f728 100644 --- a/package/source/zippackage/ZipPackageEntry.hxx +++ b/package/source/zippackage/ZipPackageEntry.hxx @@ -53,6 +53,7 @@ class ZipPackageEntry : public cppu::WeakImplHelper5 > { protected: + ::rtl::OUString msName; bool mbIsFolder:1; bool mbAllowRemoveOnInsert:1; // com::sun::star::uno::Reference < com::sun::star::container::XNameContainer > xParent; diff --git a/package/source/zippackage/ZipPackageFolder.cxx b/package/source/zippackage/ZipPackageFolder.cxx index 2787ad938df9..5215c07579d2 100644 --- a/package/source/zippackage/ZipPackageFolder.cxx +++ b/package/source/zippackage/ZipPackageFolder.cxx @@ -93,6 +93,60 @@ ZipPackageFolder::~ZipPackageFolder() { } +sal_Bool ZipPackageFolder::LookForUnexpectedODF12Streams( const ::rtl::OUString& aPath ) +{ + sal_Bool bHasUnexpected = sal_False; + + for ( ContentHash::const_iterator aCI = maContents.begin(), aEnd = maContents.end(); + !bHasUnexpected && aCI != aEnd; + aCI++) + { + const OUString &rShortName = (*aCI).first; + const ContentInfo &rInfo = *(*aCI).second; + + if ( rInfo.bFolder ) + { + if ( aPath.equals( ::rtl::OUString( RTL_CONSTASCII_USTRINGPARAM( "META-INF/" ) ) ) ) + { + // META-INF is not allowed to contain subfolders + bHasUnexpected = sal_True; + } + else + { + OUString sOwnPath = aPath + rShortName + OUString( RTL_CONSTASCII_USTRINGPARAM ( "/" ) ); + bHasUnexpected = rInfo.pFolder->LookForUnexpectedODF12Streams( sOwnPath ); + } + } + else + { + if ( aPath.equals( ::rtl::OUString( RTL_CONSTASCII_USTRINGPARAM( "META-INF/" ) ) ) ) + { + if ( !rShortName.equals( ::rtl::OUString( RTL_CONSTASCII_USTRINGPARAM( "manifest.xml" ) ) ) + && rShortName.indexOf( ::rtl::OUString( RTL_CONSTASCII_USTRINGPARAM( "signatures" ) ) ) == -1 ) + { + // a stream from META-INF with unexpected name + bHasUnexpected = sal_True; + } + + // streams from META-INF with expected names are allowed not to be registered in manifest.xml + } + else if ( !rInfo.pStream->IsFromManifest() ) + { + // the stream is not in META-INF and ist notregistered in manifest.xml, + // check whether it is an internal part of the package format + if ( aPath.getLength() + || !rShortName.equals( ::rtl::OUString( RTL_CONSTASCII_USTRINGPARAM( "mimetype" ) ) ) ) + { + // if it is not "mimetype" from the root it is not a part of the package + bHasUnexpected = sal_True; + } + } + } + } + + return bHasUnexpected; +} + void ZipPackageFolder::setChildStreamsTypeByExtension( const beans::StringPair& aPair ) { ::rtl::OUString aExt; @@ -112,9 +166,9 @@ void ZipPackageFolder::setChildStreamsTypeByExtension( const beans::StringPair& rInfo.pFolder->setChildStreamsTypeByExtension( aPair ); else { - sal_Int32 nNameLength = rShortName.getLength(); + sal_Int32 nPathLength = rShortName.getLength(); sal_Int32 nExtLength = aExt.getLength(); - if ( nNameLength >= nExtLength && rShortName.match( aExt, nNameLength - nExtLength ) ) + if ( nPathLength >= nExtLength && rShortName.match( aExt, nPathLength - nExtLength ) ) rInfo.pStream->SetMediaType( aPair.Second ); } } @@ -130,8 +184,8 @@ void ZipPackageFolder::copyZipEntry( ZipEntry &rDest, const ZipEntry &rSource) rDest.nCompressedSize = rSource.nCompressedSize; rDest.nSize = rSource.nSize; rDest.nOffset = rSource.nOffset; - rDest.sName = rSource.sName; - rDest.nNameLen = rSource.nNameLen; + rDest.sPath = rSource.sPath; + rDest.nPathLen = rSource.nPathLen; rDest.nExtraLen = rSource.nExtraLen; } @@ -271,9 +325,9 @@ void ZipPackageFolder::saveContents(OUString &rPath, std::vector < Sequence < Pr // it is an empty subfolder, use workaround to store it ZipEntry* pTempEntry = new ZipEntry(); ZipPackageFolder::copyZipEntry ( *pTempEntry, aEntry ); - pTempEntry->nNameLen = (sal_Int16)( ::rtl::OUStringToOString( rPath, RTL_TEXTENCODING_UTF8 ).getLength() ); + pTempEntry->nPathLen = (sal_Int16)( ::rtl::OUStringToOString( rPath, RTL_TEXTENCODING_UTF8 ).getLength() ); pTempEntry->nExtraLen = -1; - pTempEntry->sName = rPath; + pTempEntry->sPath = rPath; try { @@ -332,8 +386,8 @@ void ZipPackageFolder::saveContents(OUString &rPath, std::vector < Sequence < Pr // store the ZipEntry data in pTempEntry ZipPackageFolder::copyZipEntry ( *pTempEntry, pStream->aEntry ); - pTempEntry->sName = rPath + rShortName; - pTempEntry->nNameLen = (sal_Int16)( ::rtl::OUStringToOString( pTempEntry->sName, RTL_TEXTENCODING_UTF8 ).getLength() ); + pTempEntry->sPath = rPath + rShortName; + pTempEntry->nPathLen = (sal_Int16)( ::rtl::OUStringToOString( pTempEntry->sPath, RTL_TEXTENCODING_UTF8 ).getLength() ); sal_Bool bToBeEncrypted = pStream->IsToBeEncrypted() && (bHaveEncryptionKey || pStream->HasOwnKey()); sal_Bool bToBeCompressed = bToBeEncrypted ? sal_True : pStream->IsToBeCompressed(); @@ -343,7 +397,7 @@ void ZipPackageFolder::saveContents(OUString &rPath, std::vector < Sequence < Pr pValue[PKG_MNFST_VERSION].Name = sVersionProperty; pValue[PKG_MNFST_VERSION].Value <<= ::rtl::OUString(); // no version is stored for streams currently pValue[PKG_MNFST_FULLPATH].Name = sFullPathProperty; - pValue[PKG_MNFST_FULLPATH].Value <<= pTempEntry->sName; + pValue[PKG_MNFST_FULLPATH].Value <<= pTempEntry->sPath; OSL_ENSURE( pStream->GetStreamMode() != PACKAGE_STREAM_NOTSET, "Unacceptable ZipPackageStream mode!" ); @@ -633,7 +687,6 @@ void ZipPackageFolder::saveContents(OUString &rPath, std::vector < Sequence < Pr if ( pStream->IsEncrypted() ) pStream->setSize( nOwnStreamOrigSize ); - pStream->aEntry.sName = rShortName; pStream->aEntry.nOffset *= -1; } } @@ -726,9 +779,9 @@ void ZipPackageFolder::doInsertByName ( ZipPackageEntry *pEntry, sal_Bool bSetPa throw(IllegalArgumentException, ElementExistException, WrappedTargetException, RuntimeException) { if ( pEntry->IsFolder() ) - maContents[pEntry->aEntry.sName] = new ContentInfo ( static_cast < ZipPackageFolder *> ( pEntry ) ); + maContents[pEntry->getName()] = new ContentInfo ( static_cast < ZipPackageFolder *> ( pEntry ) ); else - maContents[pEntry->aEntry.sName] = new ContentInfo ( static_cast < ZipPackageStream *> ( pEntry ) ); + maContents[pEntry->getName()] = new ContentInfo ( static_cast < ZipPackageStream *> ( pEntry ) ); if ( bSetParent ) pEntry->setParent ( *this ); diff --git a/package/source/zippackage/ZipPackageStream.cxx b/package/source/zippackage/ZipPackageStream.cxx index b42a0e8ecde6..242e37bfb764 100644 --- a/package/source/zippackage/ZipPackageStream.cxx +++ b/package/source/zippackage/ZipPackageStream.cxx @@ -76,6 +76,7 @@ ZipPackageStream::ZipPackageStream ( ZipPackage & rNewPackage, , m_nMagicalHackSize( 0 ) , m_bHasSeekable( sal_False ) , m_bCompressedIsSetFromOutside( sal_False ) +, m_bFromManifest( sal_False ) { OSL_ENSURE( m_xFactory.is(), "No factory is provided to ZipPackageStream!\n" ); @@ -90,7 +91,7 @@ ZipPackageStream::ZipPackageStream ( ZipPackage & rNewPackage, aEntry.nCompressedSize = -1; aEntry.nSize = -1; aEntry.nOffset = -1; - aEntry.nNameLen = -1; + aEntry.nPathLen = -1; aEntry.nExtraLen = -1; if ( !aImplementationId.getLength() ) @@ -113,8 +114,8 @@ void ZipPackageStream::setZipEntryOnLoading( const ZipEntry &rInEntry) aEntry.nCompressedSize = rInEntry.nCompressedSize; aEntry.nSize = rInEntry.nSize; aEntry.nOffset = rInEntry.nOffset; - aEntry.sName = rInEntry.sName; - aEntry.nNameLen = rInEntry.nNameLen; + aEntry.sPath = rInEntry.sPath; + aEntry.nPathLen = rInEntry.nPathLen; aEntry.nExtraLen = rInEntry.nExtraLen; if ( aEntry.nMethod == STORED ) @@ -676,11 +677,11 @@ void SAL_CALL ZipPackageStream::setPropertyValue( const OUString& aPropertyName, OUString sTempString; if ( ( aValue >>= sTempString ) ) { - sal_Int32 nNameLength = sTempString.getLength(); - Sequence < sal_Int8 > aSequence ( nNameLength ); + sal_Int32 nPathLength = sTempString.getLength(); + Sequence < sal_Int8 > aSequence ( nPathLength ); sal_Int8 *pArray = aSequence.getArray(); const sal_Unicode *pChar = sTempString.getStr(); - for ( sal_Int16 i = 0; i < nNameLength; i++) + for ( sal_Int16 i = 0; i < nPathLength; i++) pArray[i] = static_cast < const sal_Int8 > (pChar[i]); aNewKey = aSequence; } diff --git a/package/source/zippackage/ZipPackageStream.hxx b/package/source/zippackage/ZipPackageStream.hxx index dd4cc7edb81b..e5aa1d24fcca 100644 --- a/package/source/zippackage/ZipPackageStream.hxx +++ b/package/source/zippackage/ZipPackageStream.hxx @@ -74,6 +74,8 @@ protected: sal_Bool m_bCompressedIsSetFromOutside; + sal_Bool m_bFromManifest; + ::com::sun::star::uno::Reference< ::com::sun::star::io::XInputStream >& GetOwnSeekStream(); public: @@ -82,6 +84,10 @@ public: sal_Bool IsToBeEncrypted () const { return bToBeEncrypted;} sal_Bool IsEncrypted () const { return bIsEncrypted;} sal_Bool IsPackageMember () const { return m_nStreamMode == PACKAGE_STREAM_PACKAGEMEMBER;} + + sal_Bool IsFromManifest() const { return m_bFromManifest; } + void SetFromManifest( sal_Bool bValue ) { m_bFromManifest = bValue; } + vos::ORef < EncryptionData > & getEncryptionData () { return xEncryptionData;} const com::sun::star::uno::Sequence < sal_Int8 >& getKey () const diff --git a/package/source/zippackage/zipfileaccess.cxx b/package/source/zippackage/zipfileaccess.cxx index 0a70c8d32b88..42f95d3a268f 100644 --- a/package/source/zippackage/zipfileaccess.cxx +++ b/package/source/zippackage/zipfileaccess.cxx @@ -289,7 +289,7 @@ uno::Sequence< ::rtl::OUString > SAL_CALL OZipFileAccess::getElementNames() aNames.realloc( nLen ); } - aNames[nLen-1] = (*aIter).second.sName; + aNames[nLen-1] = (*aIter).second.sPath; } if ( aNames.getLength() != nLen ) @@ -368,7 +368,7 @@ uno::Reference< io::XInputStream > SAL_CALL OZipFileAccess::getStreamByPattern( for ( EntryHash::iterator aIter = m_pZipFile->GetEntryHash().begin(); aIter != m_pZipFile->GetEntryHash().end(); aIter++ ) { - if ( StringGoodForPattern_Impl( (*aIter).second.sName, aPattern ) ) + if ( StringGoodForPattern_Impl( (*aIter).second.sPath, aPattern ) ) { uno::Reference< io::XInputStream > xEntryStream( m_pZipFile->getDataStream( (*aIter).second, new EncryptionData(), diff --git a/xmlsecurity/inc/xmlsecurity/digitalsignaturesdialog.hxx b/xmlsecurity/inc/xmlsecurity/digitalsignaturesdialog.hxx index 9e1f8d1667c2..a6e4afac417f 100644 --- a/xmlsecurity/inc/xmlsecurity/digitalsignaturesdialog.hxx +++ b/xmlsecurity/inc/xmlsecurity/digitalsignaturesdialog.hxx @@ -36,10 +36,12 @@ #include <vcl/button.hxx> #include <svtools/stdctrl.hxx> #include <svx/simptabl.hxx> +#include <com/sun/star/beans/PropertyValue.hpp> #include <xmlsecurity/documentsignaturehelper.hxx> #include <xmlsecurity/xmlsignaturehelper.hxx> + #ifndef _STLP_VECTOR #include <vector> #endif @@ -53,6 +55,8 @@ namespace io { class XStream; } namespace embed { class XStorage; } +namespace xml { namespace dom { + class XDocumentBuilder; } } }}} namespace css = com::sun::star; @@ -68,10 +72,12 @@ private: css::uno::Reference < css::embed::XStorage > mxStore; css::uno::Reference < css::io::XStream > mxSignatureStream; + css::uno::Reference < css::io::XStream > mxTempSignatureStream; SignatureInformations maCurrentSignatureInformations; bool mbVerifySignatures; bool mbSignaturesChanged; DocumentSignatureMode meSignatureMode; + css::uno::Sequence < css::uno::Sequence < css::beans::PropertyValue > > m_manifest; FixedText maHintDocFT; FixedText maHintBasicFT; @@ -83,6 +89,7 @@ private: FixedInfo maSigsInvalidFI; FixedImage maSigsNotvalidatedImg; FixedInfo maSigsNotvalidatedFI; + FixedInfo maSigsOldSignatureFI; PushButton maViewBtn; PushButton maAddBtn; @@ -93,17 +100,24 @@ private: CancelButton maCancelBtn; HelpButton maHelpBtn; + ::rtl::OUString m_sODFVersion; + //Signals if the document contains already a document signature. This is only + //importent when we are signing macros and if the value is true. + bool m_bHasDocumentSignature; + bool m_bWarningShowSignMacro; + DECL_LINK( ViewButtonHdl, Button* ); DECL_LINK( AddButtonHdl, Button* ); DECL_LINK( RemoveButtonHdl, Button* ); DECL_LINK( SignatureHighlightHdl, void* ); DECL_LINK( SignatureSelectHdl, void* ); DECL_LINK( StartVerifySignatureHdl, void* ); + DECL_LINK( OKButtonHdl, void* ); - void ImplGetSignatureInformations(); + void ImplGetSignatureInformations(bool bUseTempStream); void ImplFillSignaturesBox(); void ImplShowSignaturesDetails(); - SignatureStreamHelper ImplOpenSignatureStream( sal_Int32 eStreamMode ); + SignatureStreamHelper ImplOpenSignatureStream( sal_Int32 eStreamMode, bool bTempStream ); //Checks if adding is allowed. //See the spec at specs/www/appwide/security/Electronic_Signatures_and_Security.sxw @@ -111,10 +125,15 @@ private: bool canAdd(); bool canRemove(); + //Checks if a particular stream is a valid xml stream. Those are treated differently + //when they are signed (c14n transformation) + bool isXML(const ::rtl::OUString& rURI ); + bool canAddRemove(); + public: DigitalSignaturesDialog( Window* pParent, cssu::Reference< cssu::XComponentContext >& rxCtx, DocumentSignatureMode eMode, - sal_Bool bReadOnly ); + sal_Bool bReadOnly, const ::rtl::OUString& sODFVersion, bool bHasDocumentSignature); ~DigitalSignaturesDialog(); // Initialize the dialog and the security environment, returns TRUE on success diff --git a/xmlsecurity/inc/xmlsecurity/documentsignaturehelper.hxx b/xmlsecurity/inc/xmlsecurity/documentsignaturehelper.hxx index 615776b023b7..6fb4ac80badd 100644 --- a/xmlsecurity/inc/xmlsecurity/documentsignaturehelper.hxx +++ b/xmlsecurity/inc/xmlsecurity/documentsignaturehelper.hxx @@ -33,7 +33,7 @@ #include <com/sun/star/uno/Reference.h> #include <rtl/ustring.hxx> - +#include "xmlsecurity/sigstruct.hxx" #ifndef _STLP_VECTOR #include <vector> @@ -64,6 +64,13 @@ namespace css = com::sun::star; enum DocumentSignatureMode { SignatureModeDocumentContent, SignatureModeMacros, SignatureModePackage }; +enum DocumentSignatureAlgorithm +{ + OOo2Document, + OOo3_0Document, + OOo3_2Document +}; + struct SignatureStreamHelper { css::uno::Reference < css::embed::XStorage > xSignatureStorage; @@ -75,14 +82,24 @@ class DocumentSignatureHelper { public: - static SignatureStreamHelper OpenSignatureStream( const css::uno::Reference < css::embed::XStorage >& rxStore, sal_Int32 nOpenMode, DocumentSignatureMode eDocSigMode ); - static std::vector< rtl::OUString > CreateElementList( const css::uno::Reference < css::embed::XStorage >& rxStore, const ::rtl::OUString rRootStorageName, DocumentSignatureMode eMode ); - + static SignatureStreamHelper OpenSignatureStream( + const css::uno::Reference < css::embed::XStorage >& rxStore, sal_Int32 nOpenMode, + DocumentSignatureMode eDocSigMode ); + static std::vector< rtl::OUString > CreateElementList( + const css::uno::Reference < css::embed::XStorage >& rxStore, + const ::rtl::OUString rRootStorageName, DocumentSignatureMode eMode, + const DocumentSignatureAlgorithm mode); + static bool isODFPre_1_2(const ::rtl::OUString & sODFVersion); + static bool isOOo3_2_Signature(const SignatureInformation & sigInfo); + static DocumentSignatureAlgorithm getDocumentAlgorithm( + const ::rtl::OUString & sODFVersion, const SignatureInformation & sigInfo); + static bool checkIfAllFilesAreSigned( const ::std::vector< ::rtl::OUString > & sElementList, + const SignatureInformation & sigInfo, const DocumentSignatureAlgorithm alg); + static bool equalsReferenceUriManifestPath( + const ::rtl::OUString & rUri, const ::rtl::OUString & rPath); static ::rtl::OUString GetDocumentContentSignatureDefaultStreamName(); static ::rtl::OUString GetScriptingContentSignatureDefaultStreamName(); static ::rtl::OUString GetPackageSignatureDefaultStreamName(); - static bool isODFPre_1_2(const ::com::sun::star::uno::Reference < - ::com::sun::star::embed::XStorage >& /*rxStore*/); }; diff --git a/xmlsecurity/inc/xmlsecurity/global.hrc b/xmlsecurity/inc/xmlsecurity/global.hrc index 35e2f3910cef..ef59a9dafa01 100644 --- a/xmlsecurity/inc/xmlsecurity/global.hrc +++ b/xmlsecurity/inc/xmlsecurity/global.hrc @@ -47,8 +47,6 @@ #define RID_XMLSECTP_LOCK 1011 #define RID_XMLSECTP_LOCK_HC 1012 #define RID_XMLSECWB_NO_MOZILLA_PROFILE 1013 -#define RID_XMLSECDLG_OLD_ODF_FORMAT 1014 - #endif diff --git a/xmlsecurity/inc/xmlsecurity/xmlsignaturehelper.hxx b/xmlsecurity/inc/xmlsecurity/xmlsignaturehelper.hxx index 0b98ae55306f..53455b652fa5 100644 --- a/xmlsecurity/inc/xmlsecurity/xmlsignaturehelper.hxx +++ b/xmlsecurity/inc/xmlsecurity/xmlsignaturehelper.hxx @@ -145,9 +145,10 @@ public: void SetUriBinding( com::sun::star::uno::Reference< com::sun::star::xml::crypto::XUriBinding >& rxUriBinding ); com::sun::star::uno::Reference< com::sun::star::xml::crypto::XUriBinding > GetUriBinding() const; - // Set the storage which should be used by the default UriBinding - // Must be set before StatrtMission(). - void SetStorage( const com::sun::star::uno::Reference < com::sun::star::embed::XStorage >& rxStorage ); + // Set the storage which should be used by the default UriBinding + // Must be set before StatrtMission(). + //sODFVersion indicates the ODF version + void SetStorage( const com::sun::star::uno::Reference < com::sun::star::embed::XStorage >& rxStorage, ::rtl::OUString sODFVersion ); // Argument for the Link is a uno::Reference< xml::sax::XAttributeList >* // Return 1 to verify, 0 to skip. diff --git a/xmlsecurity/source/component/documentdigitalsignatures.cxx b/xmlsecurity/source/component/documentdigitalsignatures.cxx index c65aed21dd3f..dde41a4ac636 100644 --- a/xmlsecurity/source/component/documentdigitalsignatures.cxx +++ b/xmlsecurity/source/component/documentdigitalsignatures.cxx @@ -54,11 +54,14 @@ #include <tools/urlobj.hxx> #include <vcl/msgbox.hxx> #include <svtools/securityoptions.hxx> -#include <com/sun/star/security/CertificateValidity.hdl> +#include <com/sun/star/security/CertificateValidity.hpp> #include <com/sun/star/security/SerialNumberAdapter.hpp> #include <ucbhelper/contentbroker.hxx> #include <unotools/ucbhelper.hxx> #include <comphelper/componentcontext.hxx> +#include "comphelper/documentconstants.hxx" + +#include "com/sun/star/lang/IllegalArgumentException.hpp" #include <stdio.h> @@ -67,74 +70,145 @@ using namespace ::com::sun::star; using namespace ::com::sun::star::uno; namespace css = ::com::sun::star; -DocumentDigitalSignatures::DocumentDigitalSignatures( const Reference< XComponentContext >& rxCtx ) +#define OUSTR(x) ::rtl::OUString( RTL_CONSTASCII_USTRINGPARAM(x) ) + +DocumentDigitalSignatures::DocumentDigitalSignatures( const Reference< XComponentContext >& rxCtx ): + mxCtx(rxCtx), + m_sODFVersion(ODFVER_012_TEXT), + m_nArgumentsCount(0), + m_bHasDocumentSignature(false) +{ +} + +void DocumentDigitalSignatures::initialize( const Sequence< Any >& aArguments) + throw (css::uno::Exception, css::uno::RuntimeException) { - mxCtx = rxCtx; + if (aArguments.getLength() == 0 || aArguments.getLength() > 2) + throw css::lang::IllegalArgumentException( + OUSTR("DocumentDigitalSignatures::initialize requires one or two arguments"), + Reference<XInterface>(static_cast<XInitialization*>(this), UNO_QUERY), 0); + + m_nArgumentsCount = aArguments.getLength(); + + if (!(aArguments[0] >>= m_sODFVersion)) + throw css::lang::IllegalArgumentException( + OUSTR("DocumentDigitalSignatures::initialize: the first arguments must be a string"), + Reference<XInterface>(static_cast<XInitialization*>(this), UNO_QUERY), 0); + + if (aArguments.getLength() == 2 + && !(aArguments[1] >>= m_bHasDocumentSignature)) + throw css::lang::IllegalArgumentException( + OUSTR("DocumentDigitalSignatures::initialize: the second arguments must be a bool"), + Reference<XInterface>(static_cast<XInitialization*>(this), UNO_QUERY), 1); + + //the Version is supported as of ODF1.2, so for and 1.1 document or older we will receive the + //an empty string. In this case we set it to ODFVER_010_TEXT. Then we can later check easily + //if initialize was called. Only then m_sODFVersion.getLength() is greater than 0 + if (m_sODFVersion.getLength() == 0) + m_sODFVersion = ODFVER_010_TEXT; } -sal_Bool DocumentDigitalSignatures::signDocumentContent( const Reference< ::com::sun::star::embed::XStorage >& rxStorage, const ::com::sun::star::uno::Reference< ::com::sun::star::io::XStream >& xSignStream ) throw (RuntimeException) +sal_Bool DocumentDigitalSignatures::signDocumentContent( + const Reference< css::embed::XStorage >& rxStorage, + const Reference< css::io::XStream >& xSignStream) + throw (RuntimeException) { + OSL_ENSURE(m_sODFVersion.getLength(), "DocumentDigitalSignatures: ODF Version not set, assuming minimum 1.2"); return ImplViewSignatures( rxStorage, xSignStream, SignatureModeDocumentContent, false ); } -Sequence< ::com::sun::star::security::DocumentSignatureInformation > DocumentDigitalSignatures::verifyDocumentContentSignatures( const Reference< ::com::sun::star::embed::XStorage >& rxStorage, const ::com::sun::star::uno::Reference< ::com::sun::star::io::XInputStream >& xSignInStream ) throw (RuntimeException) +Sequence< css::security::DocumentSignatureInformation > +DocumentDigitalSignatures::verifyDocumentContentSignatures( + const Reference< css::embed::XStorage >& rxStorage, + const Reference< css::io::XInputStream >& xSignInStream ) throw (RuntimeException) { + OSL_ENSURE(m_sODFVersion.getLength(),"DocumentDigitalSignatures: ODF Version not set, assuming minimum 1.2"); return ImplVerifySignatures( rxStorage, xSignInStream, SignatureModeDocumentContent ); } -void DocumentDigitalSignatures::showDocumentContentSignatures( const Reference< ::com::sun::star::embed::XStorage >& rxStorage, const ::com::sun::star::uno::Reference< ::com::sun::star::io::XInputStream >& xSignInStream ) throw (RuntimeException) +void DocumentDigitalSignatures::showDocumentContentSignatures( + const Reference< css::embed::XStorage >& rxStorage, + const Reference< css::io::XInputStream >& xSignInStream ) throw (RuntimeException) { + OSL_ENSURE(m_sODFVersion.getLength(),"DocumentDigitalSignatures: ODF Version not set, assuming minimum 1.2"); ImplViewSignatures( rxStorage, xSignInStream, SignatureModeDocumentContent, true ); } -::rtl::OUString DocumentDigitalSignatures::getDocumentContentSignatureDefaultStreamName() throw (::com::sun::star::uno::RuntimeException) +::rtl::OUString DocumentDigitalSignatures::getDocumentContentSignatureDefaultStreamName() + throw (css::uno::RuntimeException) { return DocumentSignatureHelper::GetDocumentContentSignatureDefaultStreamName(); } -sal_Bool DocumentDigitalSignatures::signScriptingContent( const Reference< ::com::sun::star::embed::XStorage >& rxStorage, const ::com::sun::star::uno::Reference< ::com::sun::star::io::XStream >& xSignStream ) throw (RuntimeException) +sal_Bool DocumentDigitalSignatures::signScriptingContent( + const Reference< css::embed::XStorage >& rxStorage, + const Reference< css::io::XStream >& xSignStream ) throw (RuntimeException) { + OSL_ENSURE(m_sODFVersion.getLength(),"DocumentDigitalSignatures: ODF Version not set, assuming minimum 1.2"); + OSL_ENSURE(m_nArgumentsCount == 2, "DocumentDigitalSignatures: Service was not initialized properly"); return ImplViewSignatures( rxStorage, xSignStream, SignatureModeMacros, false ); } -Sequence< ::com::sun::star::security::DocumentSignatureInformation > DocumentDigitalSignatures::verifyScriptingContentSignatures( const Reference< ::com::sun::star::embed::XStorage >& rxStorage, const ::com::sun::star::uno::Reference< ::com::sun::star::io::XInputStream >& xSignInStream ) throw (RuntimeException) +Sequence< css::security::DocumentSignatureInformation > +DocumentDigitalSignatures::verifyScriptingContentSignatures( + const Reference< css::embed::XStorage >& rxStorage, + const Reference< css::io::XInputStream >& xSignInStream ) throw (RuntimeException) { + OSL_ENSURE(m_sODFVersion.getLength(),"DocumentDigitalSignatures: ODF Version not set, assuming minimum 1.2"); return ImplVerifySignatures( rxStorage, xSignInStream, SignatureModeMacros ); } -void DocumentDigitalSignatures::showScriptingContentSignatures( const Reference< ::com::sun::star::embed::XStorage >& rxStorage, const ::com::sun::star::uno::Reference< ::com::sun::star::io::XInputStream >& xSignInStream ) throw (RuntimeException) +void DocumentDigitalSignatures::showScriptingContentSignatures( + const Reference< css::embed::XStorage >& rxStorage, + const Reference< css::io::XInputStream >& xSignInStream ) throw (RuntimeException) { + OSL_ENSURE(m_sODFVersion.getLength(),"DocumentDigitalSignatures: ODF Version not set, assuming minimum 1.2"); ImplViewSignatures( rxStorage, xSignInStream, SignatureModeMacros, true ); } -::rtl::OUString DocumentDigitalSignatures::getScriptingContentSignatureDefaultStreamName() throw (::com::sun::star::uno::RuntimeException) +::rtl::OUString DocumentDigitalSignatures::getScriptingContentSignatureDefaultStreamName() + throw (css::uno::RuntimeException) { return DocumentSignatureHelper::GetScriptingContentSignatureDefaultStreamName(); } -sal_Bool DocumentDigitalSignatures::signPackage( const Reference< ::com::sun::star::embed::XStorage >& rxStorage, const ::com::sun::star::uno::Reference< ::com::sun::star::io::XStream >& xSignStream ) throw (RuntimeException) +sal_Bool DocumentDigitalSignatures::signPackage( + const Reference< css::embed::XStorage >& rxStorage, + const Reference< css::io::XStream >& xSignStream ) throw (RuntimeException) { + OSL_ENSURE(m_sODFVersion.getLength(),"DocumentDigitalSignatures: ODF Version not set, assuming minimum 1.2"); return ImplViewSignatures( rxStorage, xSignStream, SignatureModePackage, false ); } -Sequence< ::com::sun::star::security::DocumentSignatureInformation > DocumentDigitalSignatures::verifyPackageSignatures( const Reference< ::com::sun::star::embed::XStorage >& rxStorage, const ::com::sun::star::uno::Reference< ::com::sun::star::io::XInputStream >& xSignInStream ) throw (RuntimeException) +Sequence< css::security::DocumentSignatureInformation > +DocumentDigitalSignatures::verifyPackageSignatures( + const Reference< css::embed::XStorage >& rxStorage, + const Reference< css::io::XInputStream >& xSignInStream ) throw (RuntimeException) { + OSL_ENSURE(m_sODFVersion.getLength(),"DocumentDigitalSignatures: ODF Version not set, assuming minimum 1.2"); return ImplVerifySignatures( rxStorage, xSignInStream, SignatureModePackage ); } -void DocumentDigitalSignatures::showPackageSignatures( const Reference< ::com::sun::star::embed::XStorage >& rxStorage, const ::com::sun::star::uno::Reference< ::com::sun::star::io::XInputStream >& xSignInStream ) throw (RuntimeException) +void DocumentDigitalSignatures::showPackageSignatures( + const Reference< css::embed::XStorage >& rxStorage, + const Reference< css::io::XInputStream >& xSignInStream ) throw (RuntimeException) { + OSL_ENSURE(m_sODFVersion.getLength(),"DocumentDigitalSignatures: ODF Version not set, assuming minimum 1.2"); ImplViewSignatures( rxStorage, xSignInStream, SignatureModePackage, true ); } -::rtl::OUString DocumentDigitalSignatures::getPackageSignatureDefaultStreamName( ) throw (::com::sun::star::uno::RuntimeException) +::rtl::OUString DocumentDigitalSignatures::getPackageSignatureDefaultStreamName( ) + throw (::com::sun::star::uno::RuntimeException) { return DocumentSignatureHelper::GetPackageSignatureDefaultStreamName(); } -sal_Bool DocumentDigitalSignatures::ImplViewSignatures( const Reference< ::com::sun::star::embed::XStorage >& rxStorage, const ::com::sun::star::uno::Reference< ::com::sun::star::io::XInputStream >& xSignStream, DocumentSignatureMode eMode, bool bReadOnly ) throw (RuntimeException) +sal_Bool DocumentDigitalSignatures::ImplViewSignatures( + const Reference< css::embed::XStorage >& rxStorage, + const Reference< css::io::XInputStream >& xSignStream, + DocumentSignatureMode eMode, bool bReadOnly ) throw (RuntimeException) { Reference< io::XStream > xStream; if ( xSignStream.is() ) @@ -142,10 +216,13 @@ sal_Bool DocumentDigitalSignatures::ImplViewSignatures( const Reference< ::com:: return ImplViewSignatures( rxStorage, xStream, eMode, bReadOnly ); } -sal_Bool DocumentDigitalSignatures::ImplViewSignatures( const Reference< ::com::sun::star::embed::XStorage >& rxStorage, const ::com::sun::star::uno::Reference< ::com::sun::star::io::XStream >& xSignStream, DocumentSignatureMode eMode, bool bReadOnly ) throw (RuntimeException) +sal_Bool DocumentDigitalSignatures::ImplViewSignatures( + const Reference< css::embed::XStorage >& rxStorage, const Reference< css::io::XStream >& xSignStream, + DocumentSignatureMode eMode, bool bReadOnly ) throw (RuntimeException) { sal_Bool bChanges = sal_False; - DigitalSignaturesDialog aSignaturesDialog( NULL, mxCtx, eMode, bReadOnly ); + DigitalSignaturesDialog aSignaturesDialog( + NULL, mxCtx, eMode, bReadOnly, m_sODFVersion, m_bHasDocumentSignature); bool bInit = aSignaturesDialog.Init( rtl::OUString() ); DBG_ASSERT( bInit, "Error initializing security context!" ); if ( bInit ) @@ -175,7 +252,10 @@ sal_Bool DocumentDigitalSignatures::ImplViewSignatures( const Reference< ::com:: return bChanges; } -Sequence< ::com::sun::star::security::DocumentSignatureInformation > DocumentDigitalSignatures::ImplVerifySignatures( const Reference< ::com::sun::star::embed::XStorage >& rxStorage, const ::com::sun::star::uno::Reference< ::com::sun::star::io::XInputStream >& xSignStream, DocumentSignatureMode eMode ) throw (RuntimeException) +Sequence< css::security::DocumentSignatureInformation > +DocumentDigitalSignatures::ImplVerifySignatures( + const Reference< css::embed::XStorage >& rxStorage, + const Reference< css::io::XInputStream >& xSignStream, DocumentSignatureMode eMode ) throw (RuntimeException) { if (!rxStorage.is()) { @@ -206,7 +286,7 @@ Sequence< ::com::sun::star::security::DocumentSignatureInformation > DocumentDig if ( !bInit ) return Sequence< ::com::sun::star::security::DocumentSignatureInformation >(0); - aSignatureHelper.SetStorage( rxStorage ); + aSignatureHelper.SetStorage(rxStorage, m_sODFVersion); aSignatureHelper.StartMission(); @@ -223,12 +303,17 @@ Sequence< ::com::sun::star::security::DocumentSignatureInformation > DocumentDig if ( nInfos ) { - std::vector< rtl::OUString > aElementsToBeVerified = DocumentSignatureHelper::CreateElementList( rxStorage, ::rtl::OUString(), eMode ); - Reference<security::XSerialNumberAdapter> xSerialNumberAdapter = + Reference<security::XSerialNumberAdapter> xSerialNumberAdapter = ::com::sun::star::security::SerialNumberAdapter::create(mxCtx); for( int n = 0; n < nInfos; ++n ) { + DocumentSignatureAlgorithm mode = DocumentSignatureHelper::getDocumentAlgorithm( + m_sODFVersion, aSignInfos[n]); + const std::vector< rtl::OUString > aElementsToBeVerified = + DocumentSignatureHelper::CreateElementList( + rxStorage, ::rtl::OUString(), eMode, mode); + const SignatureInformation& rInfo = aSignInfos[n]; css::security::DocumentSignatureInformation& rSigInfo = arInfos[n]; @@ -273,17 +358,13 @@ Sequence< ::com::sun::star::security::DocumentSignatureInformation > DocumentDig if ( rSigInfo.SignatureIsValid ) { - // Can only be valid if ALL streams are signed, which means real stream count == signed stream count - unsigned int nRealCount = 0; - for ( int i = rInfo.vSignatureReferenceInfors.size(); i; ) - { - const SignatureReferenceInformation& rInf = rInfo.vSignatureReferenceInfors[--i]; - // There is also an extra entry of type TYPE_SAMEDOCUMENT_REFERENCE because of signature date. - if ( ( rInf.nType == TYPE_BINARYSTREAM_REFERENCE ) || ( rInf.nType == TYPE_XMLSTREAM_REFERENCE ) ) - nRealCount++; - } - rSigInfo.SignatureIsValid = ( aElementsToBeVerified.size() == nRealCount ); + rSigInfo.SignatureIsValid = + DocumentSignatureHelper::checkIfAllFilesAreSigned( + aElementsToBeVerified, rInfo, mode); } + if (eMode == SignatureModeDocumentContent) + rSigInfo.PartialDocumentSignature = + ! DocumentSignatureHelper::isOOo3_2_Signature(aSignInfos[n]); } } @@ -298,7 +379,7 @@ void DocumentDigitalSignatures::manageTrustedSources( ) throw (RuntimeException // Macro Security also has some options where no security environment is needed, so raise dialog anyway. // Later I should change the code so the Dialog creates the SecEnv on demand... - cssu::Reference< dcss::xml::crypto::XSecurityEnvironment > xSecEnv; + Reference< dcss::xml::crypto::XSecurityEnvironment > xSecEnv; XMLSignatureHelper aSignatureHelper( mxCtx ); if ( aSignatureHelper.Init( rtl::OUString() ) ) @@ -308,7 +389,8 @@ void DocumentDigitalSignatures::manageTrustedSources( ) throw (RuntimeException aDlg.Execute(); } -void DocumentDigitalSignatures::showCertificate( const Reference< ::com::sun::star::security::XCertificate >& _Certificate ) throw (RuntimeException) +void DocumentDigitalSignatures::showCertificate( + const Reference< css::security::XCertificate >& _Certificate ) throw (RuntimeException) { XMLSignatureHelper aSignatureHelper( mxCtx ); @@ -324,7 +406,8 @@ void DocumentDigitalSignatures::showCertificate( const Reference< ::com::sun::st } -::sal_Bool DocumentDigitalSignatures::isAuthorTrusted( const Reference< ::com::sun::star::security::XCertificate >& Author ) throw (RuntimeException) +::sal_Bool DocumentDigitalSignatures::isAuthorTrusted( + const Reference< css::security::XCertificate >& Author ) throw (RuntimeException) { sal_Bool bFound = sal_False; @@ -377,7 +460,8 @@ void DocumentDigitalSignatures::showCertificate( const Reference< ::com::sun::st return bFound; } -void DocumentDigitalSignatures::addAuthorToTrustedSources( const Reference< ::com::sun::star::security::XCertificate >& Author ) throw (RuntimeException) +void DocumentDigitalSignatures::addAuthorToTrustedSources( + const Reference< css::security::XCertificate >& Author ) throw (RuntimeException) { SvtSecurityOptions aSecOpts; diff --git a/xmlsecurity/source/component/documentdigitalsignatures.hxx b/xmlsecurity/source/component/documentdigitalsignatures.hxx index fb0328bc2347..35d22c62ca6a 100644 --- a/xmlsecurity/source/component/documentdigitalsignatures.hxx +++ b/xmlsecurity/source/component/documentdigitalsignatures.hxx @@ -31,21 +31,35 @@ #ifndef _XMLSECURITY_DOCUMENTDIGITALSIGNATURES_HXX #define _XMLSECURITY_DOCUMENTDIGITALSIGNATURES_HXX -#include <cppuhelper/implbase1.hxx> +#include <cppuhelper/implbase2.hxx> +#include "com/sun/star/lang/XInitialization.hpp" #include <com/sun/star/security/XDocumentDigitalSignatures.hpp> #include <com/sun/star/io/XStream.hpp> #include <com/sun/star/io/XInputStream.hpp> #include <xmlsecurity/documentsignaturehelper.hxx> +namespace com { namespace sun { namespace star { -class DocumentDigitalSignatures : public cppu::WeakImplHelper1 + namespace uno { + class XComponentContext; + } +}}} + +class DocumentDigitalSignatures : public cppu::WeakImplHelper2 < - com::sun::star::security::XDocumentDigitalSignatures + com::sun::star::security::XDocumentDigitalSignatures, + com::sun::star::lang::XInitialization > { private: com::sun::star::uno::Reference< com::sun::star::uno::XComponentContext > mxCtx; + // will be set by XInitialization. If not we assume true. false means an earlier version. + ::rtl::OUString m_sODFVersion; + //The number of arguments which were passed in XInitialization::initialize + int m_nArgumentsCount; + //Indicates if the document already contains a document signature + bool m_bHasDocumentSignature; sal_Bool ImplViewSignatures( const ::com::sun::star::uno::Reference< ::com::sun::star::embed::XStorage >& rxStorage, const ::com::sun::star::uno::Reference< ::com::sun::star::io::XStream >& xSignStream, DocumentSignatureMode eMode, bool bReadOnly ) throw (::com::sun::star::uno::RuntimeException); sal_Bool ImplViewSignatures( const ::com::sun::star::uno::Reference< ::com::sun::star::embed::XStorage >& rxStorage, const ::com::sun::star::uno::Reference< ::com::sun::star::io::XInputStream >& xSignStream, DocumentSignatureMode eMode, bool bReadOnly ) throw (::com::sun::star::uno::RuntimeException); @@ -58,6 +72,10 @@ public: static ::rtl::OUString GetImplementationName() throw (com::sun::star::uno::RuntimeException); static ::com::sun::star::uno::Sequence < ::rtl::OUString > GetSupportedServiceNames() throw (com::sun::star::uno::RuntimeException); + //XInitialization + void SAL_CALL initialize( const ::com::sun::star::uno::Sequence< ::com::sun::star::uno::Any >& aArguments ) + throw (::com::sun::star::uno::Exception, ::com::sun::star::uno::RuntimeException); + // XDocumentDigitalSignatures ::sal_Bool SAL_CALL signDocumentContent( const ::com::sun::star::uno::Reference< ::com::sun::star::embed::XStorage >& xStorage, const ::com::sun::star::uno::Reference< ::com::sun::star::io::XStream >& xSignStream ) throw (::com::sun::star::uno::RuntimeException); ::com::sun::star::uno::Sequence< ::com::sun::star::security::DocumentSignatureInformation > SAL_CALL verifyDocumentContentSignatures( const ::com::sun::star::uno::Reference< ::com::sun::star::embed::XStorage >& xStorage, const ::com::sun::star::uno::Reference< ::com::sun::star::io::XInputStream >& xSignInStream ) throw (::com::sun::star::uno::RuntimeException); diff --git a/xmlsecurity/source/dialogs/certificateviewer.cxx b/xmlsecurity/source/dialogs/certificateviewer.cxx index fb9b41d5f637..7f04872f7a63 100644 --- a/xmlsecurity/source/dialogs/certificateviewer.cxx +++ b/xmlsecurity/source/dialogs/certificateviewer.cxx @@ -311,8 +311,10 @@ CertificateViewerDetailsTP::CertificateViewerDetailsTP( Window* _pParent, Certif aDetails = XmlSec::GetHexString( aSeq, pHexSep, nLineBreak ); InsertElement( String( XMLSEC_RES( STR_SERIALNUM ) ), aLBEntry, aDetails, true ); - aLBEntry = XmlSec::GetPureContent( xCert->getIssuerName(), ", " ); - aDetails = XmlSec::GetPureContent( xCert->getIssuerName(), "\n", true ); + std::pair< ::rtl::OUString, ::rtl::OUString> pairIssuer = + XmlSec::GetDNForCertDetailsView(xCert->getIssuerName()); + aLBEntry = pairIssuer.first; + aDetails = pairIssuer.second; InsertElement( String( XMLSEC_RES( STR_ISSUER ) ), aLBEntry, aDetails ); /* aSeq = xCert->getIssuerUniqueID(); @@ -333,8 +335,10 @@ CertificateViewerDetailsTP::CertificateViewerDetailsTP( Window* _pParent, Certif aLBEntry += GetSettings().GetUILocaleDataWrapper().getTime( aDateTime.GetTime() ); InsertElement( String( XMLSEC_RES( STR_VALIDTO ) ), aLBEntry, aLBEntry ); - aLBEntry = XmlSec::GetPureContent( xCert->getSubjectName(), ", " ); - aDetails = XmlSec::GetPureContent( xCert->getSubjectName(), "\n", true ); + std::pair< ::rtl::OUString, ::rtl::OUString > pairSubject = + XmlSec::GetDNForCertDetailsView(xCert->getSubjectName()); + aLBEntry = pairSubject.first; + aDetails = pairSubject.second; InsertElement( String( XMLSEC_RES( STR_SUBJECT ) ), aLBEntry, aDetails ); /* aSeq = xCert->getSubjectUniqueID(); diff --git a/xmlsecurity/source/dialogs/dialogs.hrc b/xmlsecurity/source/dialogs/dialogs.hrc index ca329fabf71d..f62a2a422eaf 100644 --- a/xmlsecurity/source/dialogs/dialogs.hrc +++ b/xmlsecurity/source/dialogs/dialogs.hrc @@ -88,6 +88,7 @@ #define IMG_STATE_VALID_HC 13 #define IMG_STATE_BROKEN_HC 14 #define IMG_STATE_NOTVALIDATED_HC 15 +#define FI_STATE_OLDSIGNATURE 16 //#define DS_WIDTH DLGS_WIDTH //#define DS_HEIGHT DLGS_HEIGHT diff --git a/xmlsecurity/source/dialogs/digitalsignaturesdialog.cxx b/xmlsecurity/source/dialogs/digitalsignaturesdialog.cxx index 109959be1554..cf07edb7023e 100644 --- a/xmlsecurity/source/dialogs/digitalsignaturesdialog.cxx +++ b/xmlsecurity/source/dialogs/digitalsignaturesdialog.cxx @@ -48,13 +48,19 @@ #include <com/sun/star/security/CertificateValidity.hdl> #include <com/sun/star/packages/WrongPasswordException.hpp> #include <com/sun/star/security/SerialNumberAdapter.hpp> +#include <com/sun/star/security/XDocumentDigitalSignatures.hpp> +#include <com/sun/star/xml/dom/XDocumentBuilder.hpp> +#include <com/sun/star/packages/manifest/XManifestReader.hpp> + #include <rtl/ustrbuf.hxx> +#include <rtl/uri.hxx> #include <tools/date.hxx> #include <tools/time.hxx> #include "dialogs.hrc" +#include "digitalsignaturesdialog.hrc" #include "helpids.hrc" #include "resourcemanager.hxx" @@ -62,18 +68,20 @@ #include <unotools/configitem.hxx> #include <comphelper/componentcontext.hxx> +#define OUSTR(x) ::rtl::OUString( RTL_CONSTASCII_USTRINGPARAM(x) ) -using namespace ::com::sun::star::security; -namespace css = ::com::sun::star; /* HACK: disable some warnings for MS-C */ #ifdef _MSC_VER #pragma warning (disable : 4355) // 4355: this used in initializer-list #endif +using namespace ::com::sun::star::security; +using namespace ::com::sun::star::uno; using namespace ::com::sun::star; -using ::com::sun::star::uno::Sequence; +namespace css = ::com::sun::star; using ::rtl::OUString; + namespace { class SaveODFItem: public utl::ConfigItem @@ -109,49 +117,70 @@ namespace OUString(RTL_CONSTASCII_USTRINGPARAM( "[xmlsecurity] Could not open property Office.Common/Save/ODF/DefaultVersion")), 0); } - } -sal_Bool HandleStreamAsXML_Impl( const uno::Reference < embed::XStorage >& rxStore, const rtl::OUString& rURI ) +/* Using the zip storage, we cannot get the properties "MediaType" and "IsEncrypted" + We use the manifest to find out if a file is xml and if it is encrypted. + The parameter is an encoded uri. However, the manifest contains paths. Therefore + the path is encoded as uri, so they can be compared. +*/ +bool DigitalSignaturesDialog::isXML(const rtl::OUString& rURI ) { - sal_Bool bResult = sal_False; + OSL_ASSERT(mxStore.is()); - try + bool bIsXML = false; + bool bPropsAvailable = false; + const OUString sPropFullPath(RTL_CONSTASCII_USTRINGPARAM("FullPath")); + const OUString sPropMediaType(RTL_CONSTASCII_USTRINGPARAM("MediaType")); + const OUString sPropDigest(RTL_CONSTASCII_USTRINGPARAM("Digest")); + + for (int i = 0; i < m_manifest.getLength(); i++) { - sal_Int32 nSepPos = rURI.indexOf( '/' ); - if ( nSepPos == -1 ) + Any digest; + const Sequence< css::beans::PropertyValue >& entry = m_manifest[i]; + OUString sPath, sMediaType; + bool bEncrypted = false; + for (int j = 0; j < entry.getLength(); j++) { - uno::Reference< io::XStream > xStream; - xStream = rxStore->cloneStreamElement( rURI ); - if ( !xStream.is() ) - throw uno::RuntimeException(); - - ::rtl::OUString aMediaType; - sal_Bool bEncrypted = sal_False; - uno::Reference< beans::XPropertySet > xProps( xStream, uno::UNO_QUERY_THROW ); - xProps->getPropertyValue( ::rtl::OUString( RTL_CONSTASCII_USTRINGPARAM( "MediaType" ) ) ) >>= aMediaType; - xProps->getPropertyValue( ::rtl::OUString( RTL_CONSTASCII_USTRINGPARAM( "IsEncrypted" ) ) ) >>= bEncrypted; - bResult = ( aMediaType.equals( ::rtl::OUString( RTL_CONSTASCII_USTRINGPARAM( "text/xml" ) ) ) && !bEncrypted ); + const css::beans::PropertyValue & prop = entry[j]; + + if (prop.Name.equals( sPropFullPath ) ) + prop.Value >>= sPath; + else if (prop.Name.equals( sPropMediaType ) ) + prop.Value >>= sMediaType; + else if (prop.Name.equals( sPropDigest ) ) + bEncrypted = true; } - else + if (DocumentSignatureHelper::equalsReferenceUriManifestPath(rURI, sPath)) { - rtl::OUString aStoreName = rURI.copy( 0, nSepPos ); - rtl::OUString aElement = rURI.copy( nSepPos+1 ); - uno::Reference < embed::XStorage > xSubStore = rxStore->openStorageElement( aStoreName, embed::ElementModes::READ ); - bResult = HandleStreamAsXML_Impl( xSubStore, aElement ); + bIsXML = sMediaType.equals(OUSTR("text/xml")) && ! bEncrypted; + bPropsAvailable = true; + break; } } - catch( uno::Exception& ) + if (!bPropsAvailable) { - } - - return bResult; + //This would be the case for at least mimetype, META-INF/manifest.xml + //META-INF/macrosignatures.xml. + //Files can only be encrypted if they are in the manifest.xml. + //That is, the current file cannot be encrypted, otherwise bPropsAvailable + //would be true. + OUString aXMLExt( RTL_CONSTASCII_USTRINGPARAM( "XML" ) ); + sal_Int32 nSep = rURI.lastIndexOf( '.' ); + if ( nSep != (-1) ) + { + OUString aExt = rURI.copy( nSep+1 ); + if (aExt.equalsIgnoreAsciiCase(aXMLExt )) + bIsXML = true; + } + } + return bIsXML; } DigitalSignaturesDialog::DigitalSignaturesDialog( Window* pParent, uno::Reference< uno::XComponentContext >& rxCtx, DocumentSignatureMode eMode, - sal_Bool bReadOnly) + sal_Bool bReadOnly, const ::rtl::OUString& sODFVersion, bool bHasDocumentSignature) :ModalDialog ( pParent, XMLSEC_RES( RID_XMLSECDLG_DIGSIG ) ) ,mxCtx ( rxCtx ) ,maSignatureHelper ( rxCtx ) @@ -166,6 +195,7 @@ DigitalSignaturesDialog::DigitalSignaturesDialog( ,maSigsInvalidFI ( this, XMLSEC_RES( FI_STATE_BROKEN ) ) ,maSigsNotvalidatedImg( this, XMLSEC_RES( IMG_STATE_NOTVALIDATED ) ) ,maSigsNotvalidatedFI ( this, XMLSEC_RES( FI_STATE_NOTVALIDATED ) ) + ,maSigsOldSignatureFI ( this, XMLSEC_RES( FI_STATE_OLDSIGNATURE) ) ,maViewBtn ( this, XMLSEC_RES( BTN_VIEWCERT ) ) ,maAddBtn ( this, XMLSEC_RES( BTN_ADDCERT ) ) ,maRemoveBtn ( this, XMLSEC_RES( BTN_REMOVECERT ) ) @@ -173,6 +203,9 @@ DigitalSignaturesDialog::DigitalSignaturesDialog( ,maOKBtn ( this, XMLSEC_RES( BTN_OK ) ) ,maCancelBtn ( this, XMLSEC_RES( BTN_CANCEL ) ) ,maHelpBtn ( this, XMLSEC_RES( BTN_HELP ) ) + ,m_sODFVersion (sODFVersion) + ,m_bHasDocumentSignature(bHasDocumentSignature) + ,m_bWarningShowSignMacro(false) { // --> PB #i48253 the tablistbox needs its own unique id maSignaturesLB.Window::SetUniqueId( HID_XMLSEC_TREE_SIGNATURESDLG ); @@ -209,6 +242,8 @@ DigitalSignaturesDialog::DigitalSignaturesDialog( maRemoveBtn.SetClickHdl( LINK( this, DigitalSignaturesDialog, RemoveButtonHdl ) ); maRemoveBtn.Disable(); + maOKBtn.SetClickHdl( LINK( this, DigitalSignaturesDialog, OKButtonHdl) ); + switch( meSignatureMode ) { case SignatureModeDocumentContent: maHintDocFT.Show(); break; @@ -220,6 +255,7 @@ DigitalSignaturesDialog::DigitalSignaturesDialog( XmlSec::AlignAndFitImageAndControl( maSigsValidImg, maSigsValidFI, 5 ); XmlSec::AlignAndFitImageAndControl( maSigsInvalidImg, maSigsInvalidFI, 5 ); XmlSec::AlignAndFitImageAndControl( maSigsNotvalidatedImg, maSigsNotvalidatedFI, 5 ); + XmlSec::AlignAndFitImageAndControl( maSigsNotvalidatedImg, maSigsOldSignatureFI, 5 ); } DigitalSignaturesDialog::~DigitalSignaturesDialog() @@ -243,7 +279,21 @@ BOOL DigitalSignaturesDialog::Init( const rtl::OUString& rTokenName ) void DigitalSignaturesDialog::SetStorage( const com::sun::star::uno::Reference < com::sun::star::embed::XStorage >& rxStore ) { mxStore = rxStore; - maSignatureHelper.SetStorage( mxStore ); + maSignatureHelper.SetStorage( mxStore, m_sODFVersion); + + Reference < css::packages::manifest::XManifestReader > xReader( + mxCtx->getServiceManager()->createInstanceWithContext( + OUSTR("com.sun.star.packages.manifest.ManifestReader"), mxCtx), UNO_QUERY_THROW); + + //Get the manifest.xml + Reference < css::embed::XStorage > xSubStore(rxStore->openStorageElement( + OUSTR("META-INF"), css::embed::ElementModes::READ), UNO_QUERY_THROW); + + Reference< css::io::XInputStream > xStream( + xSubStore->openStreamElement(OUSTR("manifest.xml"), css::embed::ElementModes::READ), + UNO_QUERY_THROW); + + m_manifest = xReader->readManifestSequence(xStream); } void DigitalSignaturesDialog::SetSignatureStream( const cssu::Reference < css::io::XStream >& rxStream ) @@ -251,40 +301,70 @@ void DigitalSignaturesDialog::SetSignatureStream( const cssu::Reference < css::i mxSignatureStream = rxStream; } - -bool DigitalSignaturesDialog::canAdd() +bool DigitalSignaturesDialog::canAddRemove() { - bool ret = false; + //m56 + bool ret = true; OSL_ASSERT(mxStore.is()); - bool bDoc1_1 = DocumentSignatureHelper::isODFPre_1_2(mxStore); + bool bDoc1_1 = DocumentSignatureHelper::isODFPre_1_2(m_sODFVersion); SaveODFItem item; bool bSave1_1 = item.isLessODF1_2(); // see specification //cvs: specs/www/appwide/security/Electronic_Signatures_and_Security.sxw //Paragraph 'Behavior with regard to ODF 1.2' + //For both, macro and document if ( (!bSave1_1 && bDoc1_1) || (bSave1_1 && bDoc1_1) ) { //#4 ErrorBox err(NULL, XMLSEC_RES(RID_XMLSECDLG_OLD_ODF_FORMAT)); err.Execute(); + ret = false; } - else - ret = true; + //As of OOo 3.2 the document signature includes in macrosignatures.xml. That is + //adding a macro signature will break an existing document signature. + //The sfx2 will remove the documentsignature when the user adds a macro signature + if (meSignatureMode == SignatureModeMacros + && ret) + { + if (m_bHasDocumentSignature && !m_bWarningShowSignMacro) + { + //The warning says that the document signatures will be removed if the user + //continues. He can then either press 'OK' or 'NO' + //It the user presses 'Add' or 'Remove' several times then, then the warning + //is shown every time until the user presses 'OK'. From then on, the warning + //is not displayed anymore as long as the signatures dialog is alive. + if (QueryBox( + NULL, XMLSEC_RES(MSG_XMLSECDLG_QUERY_REMOVEDOCSIGNBEFORESIGN)).Execute() == RET_NO) + ret = false; + else + m_bWarningShowSignMacro = true; + + } + } return ret; } +bool DigitalSignaturesDialog::canAdd() +{ + if (canAddRemove()) + return true; + return false; +} + bool DigitalSignaturesDialog::canRemove() { - return canAdd(); + if (canAddRemove()) + return true; + return false; } short DigitalSignaturesDialog::Execute() { // Verify Signatures and add certificates to ListBox... mbVerifySignatures = true; - ImplGetSignatureInformations(); + ImplGetSignatureInformations(false); ImplFillSignaturesBox(); // Only verify once, content will not change. @@ -304,6 +384,35 @@ IMPL_LINK( DigitalSignaturesDialog, SignatureHighlightHdl, void*, EMPTYARG ) return 0; } +IMPL_LINK( DigitalSignaturesDialog, OKButtonHdl, void*, EMPTYARG ) +{ + // Export all other signatures... + SignatureStreamHelper aStreamHelper = ImplOpenSignatureStream( + embed::ElementModes::WRITE|embed::ElementModes::TRUNCATE, false ); + uno::Reference< io::XOutputStream > xOutputStream( + aStreamHelper.xSignatureStream, uno::UNO_QUERY ); + uno::Reference< com::sun::star::xml::sax::XDocumentHandler> xDocumentHandler = + maSignatureHelper.CreateDocumentHandlerWithHeader( xOutputStream ); + + int nInfos = maCurrentSignatureInformations.size(); + for( int n = 0 ; n < nInfos ; ++n ) + maSignatureHelper.ExportSignature( + xDocumentHandler, maCurrentSignatureInformations[ n ] ); + + maSignatureHelper.CloseDocumentHandler( xDocumentHandler); + + // If stream was not provided, we are responsible for committing it.... + if ( !mxSignatureStream.is() ) + { + uno::Reference< embed::XTransactedObject > xTrans( + aStreamHelper.xSignatureStorage, uno::UNO_QUERY ); + xTrans->commit(); + } + + EndDialog(RET_OK); + return 0; +} + IMPL_LINK( DigitalSignaturesDialog, SignatureSelectHdl, void*, EMPTYARG ) { ImplShowSignaturesDetails(); @@ -353,34 +462,33 @@ IMPL_LINK( DigitalSignaturesDialog, AddButtonHdl, Button*, EMPTYARG ) xCert->getIssuerName(), aCertSerial, aStrBuffer.makeStringAndClear()); + std::vector< rtl::OUString > aElements = + DocumentSignatureHelper::CreateElementList( + mxStore, rtl::OUString(), meSignatureMode, OOo3_2Document); - std::vector< rtl::OUString > aElements = DocumentSignatureHelper::CreateElementList( mxStore, rtl::OUString(), meSignatureMode ); - - ::rtl::OUString aXMLExt( RTL_CONSTASCII_USTRINGPARAM( "XML" ) ); sal_Int32 nElements = aElements.size(); for ( sal_Int32 n = 0; n < nElements; n++ ) { - bool bBinaryMode = true; - sal_Int32 nSep = aElements[n].lastIndexOf( '.' ); - if ( nSep != (-1) ) - { - ::rtl::OUString aExt = aElements[n].copy( nSep+1 ); - if ( aExt.equalsIgnoreAsciiCase( aXMLExt ) ) - { - bBinaryMode = !HandleStreamAsXML_Impl( mxStore, aElements[n] ); - } - } + bool bBinaryMode = !isXML(aElements[n]); maSignatureHelper.AddForSigning( nSecurityId, aElements[n], aElements[n], bBinaryMode ); } maSignatureHelper.SetDateTime( nSecurityId, Date(), Time() ); - SignatureStreamHelper aStreamHelper = ImplOpenSignatureStream( embed::ElementModes::WRITE|embed::ElementModes::TRUNCATE ); - uno::Reference< io::XOutputStream > xOutputStream( aStreamHelper.xSignatureStream, uno::UNO_QUERY ); - uno::Reference< com::sun::star::xml::sax::XDocumentHandler> xDocumentHandler = maSignatureHelper.CreateDocumentHandlerWithHeader( xOutputStream ); + // We open a signature stream in which the existing and the new + //signature is written. ImplGetSignatureInformation (later in this function) will + //then read the stream an will fill maCurrentSignatureInformations. The final signature + //is written when the user presses OK. Then only maCurrentSignatureInformation and + //a sax writer are used to write the information. + SignatureStreamHelper aStreamHelper = ImplOpenSignatureStream( + css::embed::ElementModes::WRITE|css::embed::ElementModes::TRUNCATE, true); + Reference< css::io::XOutputStream > xOutputStream( + aStreamHelper.xSignatureStream, UNO_QUERY_THROW); + Reference< css::xml::sax::XDocumentHandler> xDocumentHandler = + maSignatureHelper.CreateDocumentHandlerWithHeader( xOutputStream ); // Export old signatures... - int nInfos = maCurrentSignatureInformations.size(); + int nInfos = maCurrentSignatureInformations.size(); for ( int n = 0; n < nInfos; n++ ) maSignatureHelper.ExportSignature( xDocumentHandler, maCurrentSignatureInformations[n]); @@ -392,15 +500,10 @@ IMPL_LINK( DigitalSignaturesDialog, AddButtonHdl, Button*, EMPTYARG ) maSignatureHelper.EndMission(); - // If stream was not provided, we are responsible for committing it.... - if ( !mxSignatureStream.is() ) - { - uno::Reference< embed::XTransactedObject > xTrans( aStreamHelper.xSignatureStorage, uno::UNO_QUERY ); - xTrans->commit(); - } - aStreamHelper = SignatureStreamHelper(); // release objects... + mbSignaturesChanged = true; + sal_Int32 nStatus = maSignatureHelper.GetSignatureInformation( nSecurityId ).nStatus; if ( nStatus == ::com::sun::star::xml::crypto::SecurityOperationStatus_OPERATION_SUCCEEDED ) @@ -412,7 +515,7 @@ IMPL_LINK( DigitalSignaturesDialog, AddButtonHdl, Button*, EMPTYARG ) // will not contain // SecurityOperationStatus_OPERATION_SUCCEEDED mbVerifySignatures = true; - ImplGetSignatureInformations(); + ImplGetSignatureInformations(true); ImplFillSignaturesBox(); } } @@ -421,7 +524,7 @@ IMPL_LINK( DigitalSignaturesDialog, AddButtonHdl, Button*, EMPTYARG ) { DBG_ERROR( "Exception while adding a signature!" ); // Don't keep invalid entries... - ImplGetSignatureInformations(); + ImplGetSignatureInformations(true); ImplFillSignaturesBox(); } @@ -440,9 +543,12 @@ IMPL_LINK( DigitalSignaturesDialog, RemoveButtonHdl, Button*, EMPTYARG ) maCurrentSignatureInformations.erase( maCurrentSignatureInformations.begin()+nSelected ); // Export all other signatures... - SignatureStreamHelper aStreamHelper = ImplOpenSignatureStream( embed::ElementModes::WRITE|embed::ElementModes::TRUNCATE ); - uno::Reference< io::XOutputStream > xOutputStream( aStreamHelper.xSignatureStream, uno::UNO_QUERY ); - uno::Reference< com::sun::star::xml::sax::XDocumentHandler> xDocumentHandler = maSignatureHelper.CreateDocumentHandlerWithHeader( xOutputStream ); + SignatureStreamHelper aStreamHelper = ImplOpenSignatureStream( + css::embed::ElementModes::WRITE | css::embed::ElementModes::TRUNCATE, true); + Reference< css::io::XOutputStream > xOutputStream( + aStreamHelper.xSignatureStream, UNO_QUERY_THROW); + Reference< css::xml::sax::XDocumentHandler> xDocumentHandler = + maSignatureHelper.CreateDocumentHandlerWithHeader( xOutputStream ); int nInfos = maCurrentSignatureInformations.size(); for( int n = 0 ; n < nInfos ; ++n ) @@ -452,13 +558,6 @@ IMPL_LINK( DigitalSignaturesDialog, RemoveButtonHdl, Button*, EMPTYARG ) mbSignaturesChanged = true; - // If stream was not provided, we are responsible for committing it.... - if ( !mxSignatureStream.is() ) - { - uno::Reference< embed::XTransactedObject > xTrans( aStreamHelper.xSignatureStorage, uno::UNO_QUERY ); - xTrans->commit(); - } - aStreamHelper = SignatureStreamHelper(); // release objects... ImplFillSignaturesBox(); @@ -467,7 +566,7 @@ IMPL_LINK( DigitalSignaturesDialog, RemoveButtonHdl, Button*, EMPTYARG ) { DBG_ERROR( "Exception while removing a signature!" ); // Don't keep invalid entries... - ImplGetSignatureInformations(); + ImplGetSignatureInformations(true); ImplFillSignaturesBox(); } } @@ -493,12 +592,18 @@ void DigitalSignaturesDialog::ImplFillSignaturesBox() String aNullStr; int nInfos = maCurrentSignatureInformations.size(); int nValidSigs = 0, nValidCerts = 0; + bool bAllNewSignatures = true; if( nInfos ) { - std::vector< rtl::OUString > aElementsToBeVerified = DocumentSignatureHelper::CreateElementList( mxStore, ::rtl::OUString(), meSignatureMode ); for( int n = 0; n < nInfos; ++n ) { + DocumentSignatureAlgorithm mode = DocumentSignatureHelper::getDocumentAlgorithm( + m_sODFVersion, maCurrentSignatureInformations[n]); + std::vector< rtl::OUString > aElementsToBeVerified = + DocumentSignatureHelper::CreateElementList( + mxStore, ::rtl::OUString(), meSignatureMode, mode); + const SignatureInformation& rInfo = maCurrentSignatureInformations[n]; //First we try to get the certificate which is embedded in the XML Signature if (rInfo.ouX509Certificate.getLength()) @@ -559,28 +664,42 @@ void DigitalSignaturesDialog::ImplFillSignaturesBox() if ( bSigValid ) { - // Can only be valid if ALL streams are signed, which means real stream count == signed stream count - unsigned int nRealCount = 0; - for ( int i = rInfo.vSignatureReferenceInfors.size(); i; ) - { - const SignatureReferenceInformation& rInf = rInfo.vSignatureReferenceInfors[--i]; - // There is also an extra entry of type TYPE_SAMEDOCUMENT_REFERENCE because of signature date. - if ( ( rInf.nType == TYPE_BINARYSTREAM_REFERENCE ) || ( rInf.nType == TYPE_XMLSTREAM_REFERENCE ) ) - nRealCount++; - } - bSigValid = ( aElementsToBeVerified.size() == nRealCount ); + bSigValid = DocumentSignatureHelper::checkIfAllFilesAreSigned( + aElementsToBeVerified, rInfo, mode); if( bSigValid ) nValidSigs++; } Image aImage; - if ( bSigValid && bCertValid ) - aImage = maSigsValidImg.GetImage(); - else if ( bSigValid && !bCertValid ) - aImage = maSigsNotvalidatedImg.GetImage(); - else if ( !bSigValid ) + if (!bSigValid) + { aImage = maSigsInvalidImg.GetImage(); + } + else if (bSigValid && !bCertValid) + { + aImage = maSigsNotvalidatedImg.GetImage(); + } + //Check if the signature is a "old" document signature, that is, which was created + //by an version of OOo previous to 3.2 + else if (meSignatureMode == SignatureModeDocumentContent + && bSigValid && bCertValid && !DocumentSignatureHelper::isOOo3_2_Signature( + maCurrentSignatureInformations[n])) + { + aImage = maSigsNotvalidatedImg.GetImage(); + bAllNewSignatures &= false; + } + else if (meSignatureMode == SignatureModeDocumentContent + && bSigValid && bCertValid && DocumentSignatureHelper::isOOo3_2_Signature( + maCurrentSignatureInformations[n])) + { + aImage = maSigsValidImg.GetImage(); + } + else if (meSignatureMode == SignatureModeMacros + && bSigValid && bCertValid) + { + aImage = aImage = maSigsValidImg.GetImage(); + } SvLBoxEntry* pEntry = maSignaturesLB.InsertEntry( aNullStr, aImage, aImage ); maSignaturesLB.SetEntryText( aSubject, pEntry, 1 ); @@ -590,28 +709,37 @@ void DigitalSignaturesDialog::ImplFillSignaturesBox() } } - bool bAllSigsValid = ( nValidSigs == nInfos ); - bool bAllCertsValid = ( nValidCerts == nInfos ); - bool bShowValidState = nInfos && ( bAllSigsValid && bAllCertsValid ); - bool bShowNotValidatedState = nInfos && ( bAllSigsValid && !bAllCertsValid ); + bool bAllSigsValid = (nValidSigs == nInfos); + bool bAllCertsValid = (nValidCerts == nInfos); + bool bShowValidState = nInfos && (bAllSigsValid && bAllCertsValid && bAllNewSignatures); + + bool bShowNotValidatedState = nInfos && (bAllSigsValid && (!bAllCertsValid || !bAllNewSignatures)); bool bShowInvalidState = nInfos && !bAllSigsValid; - maSigsValidImg.Show( bShowValidState ); + + maSigsValidImg.Show( bShowValidState); maSigsValidFI.Show( bShowValidState ); maSigsInvalidImg.Show( bShowInvalidState ); maSigsInvalidFI.Show( bShowInvalidState ); - maSigsNotvalidatedImg.Show( bShowNotValidatedState ); - maSigsNotvalidatedFI.Show( bShowNotValidatedState ); + + maSigsNotvalidatedImg.Show(bShowNotValidatedState); + //bAllNewSignatures is always true if we are not in document mode + maSigsNotvalidatedFI.Show(nInfos && bAllSigsValid && ! bAllCertsValid); + maSigsOldSignatureFI.Show(nInfos && bAllSigsValid && bAllCertsValid && !bAllNewSignatures); SignatureHighlightHdl( NULL ); } -void DigitalSignaturesDialog::ImplGetSignatureInformations() + +//If bUseTempStream is true then the temporary signature stream is used. +//Otherwise the real signature stream is used. +void DigitalSignaturesDialog::ImplGetSignatureInformations(bool bUseTempStream) { maCurrentSignatureInformations.clear(); maSignatureHelper.StartMission(); - SignatureStreamHelper aStreamHelper = ImplOpenSignatureStream( embed::ElementModes::READ ); + SignatureStreamHelper aStreamHelper = ImplOpenSignatureStream( + css::embed::ElementModes::READ, bUseTempStream); if ( aStreamHelper.xSignatureStream.is() ) { uno::Reference< io::XInputStream > xInputStream( aStreamHelper.xSignatureStream, uno::UNO_QUERY ); @@ -651,30 +779,72 @@ void DigitalSignaturesDialog::ImplShowSignaturesDetails() } } -SignatureStreamHelper DigitalSignaturesDialog::ImplOpenSignatureStream( sal_Int32 nStreamOpenMode ) +//If bTempStream is true, then a temporary stream is return. If it is false then, the actual +//signature stream is used. +//Everytime the user presses Add a new temporary stream is created. +//We keep the temporary stream as member because ImplGetSignatureInformations +//will later access the stream to create DocumentSignatureInformation objects +//which are stored in maCurrentSignatureInformations. +SignatureStreamHelper DigitalSignaturesDialog::ImplOpenSignatureStream( + sal_Int32 nStreamOpenMode, bool bTempStream) { SignatureStreamHelper aHelper; - if ( !mxSignatureStream.is() ) + if (bTempStream) { - aHelper = DocumentSignatureHelper::OpenSignatureStream( mxStore, nStreamOpenMode, meSignatureMode ); + if (nStreamOpenMode & css::embed::ElementModes::TRUNCATE) + { + //We write always into a new temporary stream. + mxTempSignatureStream = Reference < css::io::XStream >( + mxCtx->getServiceManager()->createInstanceWithContext( + OUSTR( "com.sun.star.io.TempFile" ), mxCtx) , + UNO_QUERY_THROW); + aHelper.xSignatureStream = mxTempSignatureStream; + } + else + { + //When we read from the temp stream, then we must have previously + //created one. + OSL_ASSERT(mxTempSignatureStream.is()); + } + aHelper.xSignatureStream = mxTempSignatureStream; } else { - aHelper.xSignatureStream = mxSignatureStream; - if ( nStreamOpenMode & embed::ElementModes::TRUNCATE ) + //No temporary stream + if (!mxSignatureStream.is()) { - css::uno::Reference < css::io::XTruncate > xTruncate( mxSignatureStream, uno::UNO_QUERY ); - DBG_ASSERT( xTruncate.is(), "ImplOpenSignatureStream - Stream does not support xTruncate!" ); - xTruncate->truncate(); + //We may not have a dedicated stream for writing the signature + //So we take one directly from the storage + //Or DocumentDigitalSignatures::showDocumentContentSignatures was called, + //in which case Add/Remove is not allowed. This is done, for example, if the + //document is readonly + aHelper = DocumentSignatureHelper::OpenSignatureStream( + mxStore, nStreamOpenMode, meSignatureMode ); } else { - css::uno::Reference < css::io::XSeekable > xSeek( mxSignatureStream, uno::UNO_QUERY ); - DBG_ASSERT( xSeek.is(), "ImplOpenSignatureStream - Stream does not support xSeekable!" ); - xSeek->seek( 0 ); + aHelper.xSignatureStream = mxSignatureStream; } } + if (nStreamOpenMode & css::embed::ElementModes::TRUNCATE) + { + css::uno::Reference < css::io::XTruncate > xTruncate( + aHelper.xSignatureStream, UNO_QUERY_THROW); + DBG_ASSERT( xTruncate.is(), "ImplOpenSignatureStream - Stream does not support xTruncate!" ); + xTruncate->truncate(); + } + else if ( bTempStream || mxSignatureStream.is()) + { + //In case we read the signature stream from the storage directly, + //which is the case when DocumentDigitalSignatures::showDocumentContentSignatures + //then XSeakable is not supported + css::uno::Reference < css::io::XSeekable > xSeek( + aHelper.xSignatureStream, UNO_QUERY_THROW); + DBG_ASSERT( xSeek.is(), "ImplOpenSignatureStream - Stream does not support xSeekable!" ); + xSeek->seek( 0 ); + } + return aHelper; } diff --git a/xmlsecurity/source/dialogs/digitalsignaturesdialog.hrc b/xmlsecurity/source/dialogs/digitalsignaturesdialog.hrc new file mode 100644 index 000000000000..19054bd0399b --- /dev/null +++ b/xmlsecurity/source/dialogs/digitalsignaturesdialog.hrc @@ -0,0 +1,36 @@ +/*************************************************************************
+ *
+ * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
+ *
+ * Copyright 2008 by Sun Microsystems, Inc.
+ *
+ * OpenOffice.org - a multi-platform office productivity suite
+ *
+ * This file is part of OpenOffice.org.
+ *
+ * OpenOffice.org is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU Lesser General Public License version 3
+ * only, as published by the Free Software Foundation.
+ *
+ * OpenOffice.org is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU Lesser General Public License version 3 for more details
+ * (a copy is included in the LICENSE file that accompanied this code).
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * version 3 along with OpenOffice.org. If not, see
+ * <http://www.openoffice.org/license.html>
+ * for a copy of the LGPLv3 License.
+ *
+ ************************************************************************/
+
+#if ! defined INCLUDED_DIGITALSIGNATURESDIALOG_HRC
+#define INCLUDED_DIGITALSIGNATURESDIALOG_HRC
+
+//global.hrc in xmlsecurity/inc starts at 1000
+#define RID_DIGITALSIGNATUREDLG_START 2000
+
+#define RID_XMLSECDLG_OLD_ODF_FORMAT RID_DIGITALSIGNATUREDLG_START
+#define MSG_XMLSECDLG_QUERY_REMOVEDOCSIGNBEFORESIGN (RID_DIGITALSIGNATUREDLG_START + 1)
+#endif
diff --git a/xmlsecurity/source/dialogs/digitalsignaturesdialog.src b/xmlsecurity/source/dialogs/digitalsignaturesdialog.src index f102053ce615..016014fbb582 100644 --- a/xmlsecurity/source/dialogs/digitalsignaturesdialog.src +++ b/xmlsecurity/source/dialogs/digitalsignaturesdialog.src @@ -30,6 +30,7 @@ #include "dialogs.hrc" #include "helpids.hrc" +#include "digitalsignaturesdialog.hrc" ModalDialog RID_XMLSECDLG_DIGSIG { @@ -87,6 +88,7 @@ ModalDialog RID_XMLSECDLG_DIGSIG { Text [ en-US ] = "The signatures in this document are invalid"; }; + FixedImage IMG_STATE_VALID { Pos = MAP_APPFONT( DS_COL_0, DS_ROW_2A ); @@ -104,6 +106,13 @@ ModalDialog RID_XMLSECDLG_DIGSIG Hide = TRUE; Text [ en-US ] = "The signatures in this document are valid"; }; + FixedText FI_STATE_OLDSIGNATURE + { + Pos = MAP_APPFONT( DS_COL_0, DS_ROW_2A ); + Size = MAP_APPFONT( DS_COL_7-DS_COL_0, RSC_CD_FIXEDTEXT_HEIGHT ); + Hide = TRUE; + Text [ en-US ] = "Not all parts of the document are signed"; + }; FixedImage IMG_STATE_BROKEN { Pos = MAP_APPFONT( DS_COL_0, DS_ROW_2A ); @@ -205,3 +214,13 @@ ErrorBox RID_XMLSECDLG_OLD_ODF_FORMAT "Save document in ODF 1.2 format and add all desired signatures again."; }; + +QueryBox MSG_XMLSECDLG_QUERY_REMOVEDOCSIGNBEFORESIGN +{ + Buttons = WB_YES_NO ; + DefButton = WB_DEF_NO ; + Message [ en-US ] = "Adding or removing a macro signature will remove all document signatures.\n" + "Do you really want to continue?"; +}; + + diff --git a/xmlsecurity/source/dialogs/resourcemanager.cxx b/xmlsecurity/source/dialogs/resourcemanager.cxx index d8d444a24d18..693d003b0d77 100644 --- a/xmlsecurity/source/dialogs/resourcemanager.cxx +++ b/xmlsecurity/source/dialogs/resourcemanager.cxx @@ -38,7 +38,12 @@ #include <svtools/stdctrl.hxx> #include <svtools/solar.hrc> #include <svtools/syslocale.hxx> +#include <rtl/ustring.h> +#include <rtl/ustrbuf.h> +#include <vector> +using ::rtl::OUString; +using namespace std; namespace XmlSec { @@ -110,122 +115,249 @@ namespace XmlSec return GetLocaleData().getDate( GetDateTime( _rDT ) ); } - String GetPureContent( const String& _rRawString, const char* _pCommaReplacement, bool _bPreserveId ) + /* + Creates two strings based on the distinguished name which are displayed in the + certificate details view. The first string contains only the values of the attribute + and valudes pairs, which are separated by commas. All escape characters ('"') are + removed. + The second string is for the details view at the bottom. It shows the attribute/value + pairs on different lines. All escape characters ('"') are removed. + */ + pair< OUString, OUString> GetDNForCertDetailsView( const OUString & rRawString) { - enum STATE { PRE_ID, ID, EQUALSIGN, PRE_CONT, CONT }; - String s; - STATE e = _bPreserveId? PRE_ID : ID; - - const sal_Unicode* p = _rRawString.GetBuffer(); - sal_Unicode c; - const sal_Unicode cComma = ','; - const sal_Unicode cEqualSign = '='; - const sal_Unicode cSpace = ' '; - String aCommaReplacement; - if( _pCommaReplacement ) - aCommaReplacement = String::CreateFromAscii( _pCommaReplacement ); - - while( *p ) + vector< pair< OUString, OUString > > vecAttrValueOfDN = parseDN(rRawString); + ::rtl::OUStringBuffer s1, s2; + OUString sEqual(RTL_CONSTASCII_USTRINGPARAM(" = ")); + typedef vector< pair < OUString, OUString > >::const_iterator CIT; + for (CIT i = vecAttrValueOfDN.begin(); i < vecAttrValueOfDN.end(); i ++) { - c = *p; - switch( e ) + if (i != vecAttrValueOfDN.begin()) { - case PRE_ID: - if( c != cSpace ) - { - s += c; - e = ID; - } - break; - case ID: - if( _bPreserveId ) - s += c; - - if( c == cEqualSign ) - e = _bPreserveId? PRE_CONT : CONT; - break; - case EQUALSIGN: - break; - case PRE_CONT: - if( c != cSpace ) - { - s += c; - e = CONT; - } - break; - case CONT: - if( c == cComma ) - { - s += aCommaReplacement; - e = _bPreserveId? PRE_ID : ID; - } - else - s += c; - break; + s1.append(static_cast<sal_Unicode>(',')); + s2.append(static_cast<sal_Unicode>('\n')); } - - ++p; + s1.append(i->second); + s2.append(i->first); + s2.append(sEqual); + s2.append(i->second); } - -// xub_StrLen nEquPos = _rRawString.SearchAscii( "=" ); -// if( nEquPos == STRING_NOTFOUND ) -// s = _rRawString; -// else -// { -// ++nEquPos; -// s = String( _rRawString, nEquPos, STRING_MAXLEN ); -// s.EraseLeadingAndTrailingChars(); -// } - - return s; + return make_pair(s1.makeStringAndClear(), s2.makeStringAndClear()); } - String GetContentPart( const String& _rRawString, const String& _rPartId ) +/* + Whenever the attribute value contains special characters, such as '"' or ',' (without '') + then the value will be enclosed in double quotes by the respective Windows or NSS function + which we use to retrieve, for example, the subject name. If double quotes appear in the value then + they are escaped with a double quote. This function removes the escape characters. +*/ +#ifdef WNT +vector< pair< OUString, OUString> > parseDN(const OUString& rRawString) { - String s; - - xub_StrLen nContStart = _rRawString.Search( _rPartId ); - if( nContStart != STRING_NOTFOUND ) + vector< pair<OUString, OUString> > retVal; + bool bInEscape = false; + bool bInValue = false; + bool bInType = true; + sal_Int32 nTypeNameStart = 0; + OUString sType; + ::rtl::OUStringBuffer sbufValue; + sal_Int32 length = rRawString.getLength(); + + for (sal_Int32 i = 0; i < length; i++) { - nContStart = nContStart + _rPartId.Len(); - ++nContStart; // now it's start of content, directly after Id - - xub_StrLen nContEnd = _rRawString.Search( sal_Unicode( ',' ), nContStart ); + sal_Unicode c = rRawString[i]; - s = String( _rRawString, nContStart, nContEnd - nContStart ); + if (c == '=') + { + if (! bInValue) + { + sType = rRawString.copy(nTypeNameStart, i - nTypeNameStart); + sType = sType.trim(); + bInType = false; + } + else + { + sbufValue.append(c); + } + } + else if (c == '"') + { + if (!bInEscape) + { + //If this is the quote is the first of the couple which enclose the + //whole value, because the value contains special characters + //then we just drop it. That is, this character must be followed by + //a character which is not '"'. + if ( i + 1 < length && rRawString[i+1] == '"') + bInEscape = true; + else + bInValue = !bInValue; //value is enclosed in " " + } + else + { + //This quote is escaped by a preceding quote and therefore is + //part of the value + sbufValue.append(c); + bInEscape = false; + } + } + else if (c == ',') + { + //The comma separate the attribute value pairs. + //If the comma is not part of a value (the value would then be enclosed in '"'), + //then we have reached the end of the value + if (!bInValue) + { + OSL_ASSERT(sType.getLength()); + retVal.push_back(make_pair(sType, sbufValue.makeStringAndClear())); + sType = OUString(); + //The next char is the start of the new type + nTypeNameStart = i + 1; + bInType = true; + } + else + { + //The whole string is enclosed because it contains special characters. + //The enclosing '"' are not part of certificate but will be added by + //the function (Windows or NSS) which retrieves DN + sbufValue.append(c); + } + } + else + { + if (!bInType) + sbufValue.append(c); + } + } + if (sbufValue.getLength()) + { + OSL_ASSERT(sType.getLength()); + retVal.push_back(make_pair(sType, sbufValue.makeStringAndClear())); } + return retVal; + } +#else +vector< pair< OUString, OUString> > parseDN(const OUString& rRawString) + { + vector< pair<OUString, OUString> > retVal; + //bInEscape == true means that the preceding character is an escape character + bool bInEscape = false; + bool bInValue = false; + bool bInType = true; + sal_Int32 nTypeNameStart = 0; + OUString sType; + ::rtl::OUStringBuffer sbufValue; + sal_Int32 length = rRawString.getLength(); + + for (sal_Int32 i = 0; i < length; i++) + { + sal_Unicode c = rRawString[i]; - return s; + if (c == '=') + { + if (! bInValue) + { + sType = rRawString.copy(nTypeNameStart, i - nTypeNameStart); + sType = sType.trim(); + bInType = false; + } + else + { + sbufValue.append(c); + } + } + else if (c == '\\') + { + if (!bInEscape) + { + bInEscape = true; + } + else + { // bInEscape is true + sbufValue.append(c); + bInEscape = false; + } + } + else if (c == '"') + { + //an unescaped '"' is either at the beginning or end of the value + if (!bInEscape) + { + if ( !bInValue) + bInValue = true; + else if (bInValue) + bInValue = false; + } + else + { + //This quote is escaped by a preceding quote and therefore is + //part of the value + sbufValue.append(c); + bInEscape = false; + } + } + else if (c == ',') + { + //The comma separate the attribute value pairs. + //If the comma is not part of a value (the value would then be enclosed in '"'), + //then we have reached the end of the value + if (!bInValue) + { + OSL_ASSERT(sType.getLength()); + retVal.push_back(make_pair(sType, sbufValue.makeStringAndClear())); + sType = OUString(); + //The next char is the start of the new type + nTypeNameStart = i + 1; + bInType = true; + } + else + { + //The whole string is enclosed because it contains special characters. + //The enclosing '"' are not part of certificate but will be added by + //the function (Windows or NSS) which retrieves DN + sbufValue.append(c); + } + } + else + { + if (!bInType) + { + sbufValue.append(c); + bInEscape = false; + } + } + } + if (sbufValue.getLength()) + { + OSL_ASSERT(sType.getLength()); + retVal.push_back(make_pair(sType, sbufValue.makeStringAndClear())); + } + return retVal; } - /** - * This Method should consider some string like "C=CN-XXX , O=SUN-XXX , CN=Jack" , - * here the first CN represent china , and the second CN represent the common name , - * so I changed the method to handle this . - * By CP , mailto : chandler.peng@sun.com - **/ +#endif + String GetContentPart( const String& _rRawString ) { - // search over some parts to find a string - //static char* aIDs[] = { "CN", "OU", "O", "E", NULL }; - static char const * aIDs[] = { "CN=", "OU=", "O=", "E=", NULL };// By CP - String sPart; + char const * aIDs[] = { "CN", "OU", "O", "E", NULL }; + OUString retVal; int i = 0; + vector< pair< OUString, OUString > > vecAttrValueOfDN = parseDN(_rRawString); while ( aIDs[i] ) { - String sPartId = String::CreateFromAscii( aIDs[i++] ); - xub_StrLen nContStart = _rRawString.Search( sPartId ); - if ( nContStart != STRING_NOTFOUND ) + OUString sPartId = OUString::createFromAscii( aIDs[i++] ); + typedef vector< pair < OUString, OUString > >::const_iterator CIT; + for (CIT idn = vecAttrValueOfDN.begin(); idn != vecAttrValueOfDN.end(); idn++) { - nContStart = nContStart + sPartId.Len(); - //++nContStart; // now it's start of content, directly after Id // delete By CP - xub_StrLen nContEnd = _rRawString.Search( sal_Unicode( ',' ), nContStart ); - sPart = String( _rRawString, nContStart, nContEnd - nContStart ); - break; + if (idn->first.equals(sPartId)) + { + retVal = idn->second; + break; + } } + if (retVal.getLength()) + break; } - - return sPart; + return retVal; } String GetHexString( const ::com::sun::star::uno::Sequence< sal_Int8 >& _rSeq, const char* _pSep, UINT16 _nLineBreak ) diff --git a/xmlsecurity/source/dialogs/resourcemanager.hxx b/xmlsecurity/source/dialogs/resourcemanager.hxx index 500ba6501c39..0525010f0abe 100644 --- a/xmlsecurity/source/dialogs/resourcemanager.hxx +++ b/xmlsecurity/source/dialogs/resourcemanager.hxx @@ -36,6 +36,8 @@ #include <com/sun/star/util/DateTime.hpp> #include <com/sun/star/uno/Sequence.hxx> +#include <vector> + class FixedImage; class FixedInfo; class Control; @@ -51,10 +53,10 @@ namespace XmlSec String GetDateTimeString( const rtl::OUString& _rDate, const rtl::OUString& _rTime ); String GetDateString( const ::com::sun::star::util::DateTime& _rDT ); - String GetPureContent( const String& _rRawString, - const char* _pCommaReplacement = ", ", - bool _bPreserveId = false ); // strips "CN=" and so from string - String GetContentPart( const String& _rRawString, const String& _rPartId ); + std::vector< std::pair< ::rtl::OUString, ::rtl::OUString> > + parseDN(const ::rtl::OUString& rRawString); + std::pair< ::rtl::OUString, ::rtl::OUString> GetDNForCertDetailsView( + const ::rtl::OUString & rRawString); String GetContentPart( const String& _rRawString ); String GetHexString( const ::com::sun::star::uno::Sequence< sal_Int8 >& _rSeq, const char* _pSep = ":", UINT16 _nLineBreak = 0xFFFF ); diff --git a/xmlsecurity/source/helper/documentsignaturehelper.cxx b/xmlsecurity/source/helper/documentsignaturehelper.cxx index 37186bd2515c..340b4d14fb70 100644 --- a/xmlsecurity/source/helper/documentsignaturehelper.cxx +++ b/xmlsecurity/source/helper/documentsignaturehelper.cxx @@ -1,291 +1,465 @@ -/************************************************************************* - * - * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. - * - * Copyright 2008 by Sun Microsystems, Inc. - * - * OpenOffice.org - a multi-platform office productivity suite - * - * $RCSfile: documentsignaturehelper.cxx,v $ - * $Revision: 1.11 $ - * - * This file is part of OpenOffice.org. - * - * OpenOffice.org is free software: you can redistribute it and/or modify - * it under the terms of the GNU Lesser General Public License version 3 - * only, as published by the Free Software Foundation. - * - * OpenOffice.org is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU Lesser General Public License version 3 for more details - * (a copy is included in the LICENSE file that accompanied this code). - * - * You should have received a copy of the GNU Lesser General Public License - * version 3 along with OpenOffice.org. If not, see - * <http://www.openoffice.org/license.html> - * for a copy of the LGPLv3 License. - * - ************************************************************************/ - -// MARKER(update_precomp.py): autogen include statement, do not remove -#include "precompiled_xmlsecurity.hxx" - -#include <xmlsecurity/documentsignaturehelper.hxx> - -#include <com/sun/star/container/XNameAccess.hpp> -#include <com/sun/star/lang/XComponent.hpp> -#include <com/sun/star/lang/DisposedException.hpp> -#include <com/sun/star/embed/XStorage.hpp> -#include <com/sun/star/embed/ElementModes.hpp> -#include "com/sun/star/beans/XPropertySet.hpp" - -#include "comphelper/documentconstants.hxx" -#include <tools/debug.hxx> -#include "rtl/uri.hxx" - -using namespace ::com::sun::star; -namespace css = ::com::sun::star; - -namespace -{ -::rtl::OUString getElement(::rtl::OUString const & version, ::sal_Int32 * index) -{ - while (*index < version.getLength() && version[*index] == '0') { - ++*index; - } - return version.getToken(0, '.', *index); -} - - - -// Return 1 if version1 is greater then version 2, 0 if they are equal -//and -1 if version1 is less version 2 -int compareVersions( - ::rtl::OUString const & version1, ::rtl::OUString const & version2) +/*************************************************************************
+ *
+ * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
+ *
+ * Copyright 2008 by Sun Microsystems, Inc.
+ *
+ * OpenOffice.org - a multi-platform office productivity suite
+ *
+ * $RCSfile: documentsignaturehelper.cxx,v $
+ * $Revision: 1.11 $
+ *
+ * This file is part of OpenOffice.org.
+ *
+ * OpenOffice.org is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU Lesser General Public License version 3
+ * only, as published by the Free Software Foundation.
+ *
+ * OpenOffice.org is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU Lesser General Public License version 3 for more details
+ * (a copy is included in the LICENSE file that accompanied this code).
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * version 3 along with OpenOffice.org. If not, see
+ * <http://www.openoffice.org/license.html>
+ * for a copy of the LGPLv3 License.
+ *
+ ************************************************************************/
+
+// MARKER(update_precomp.py): autogen include statement, do not remove
+#include "precompiled_xmlsecurity.hxx"
+
+#include <xmlsecurity/documentsignaturehelper.hxx>
+
+#include <com/sun/star/container/XNameAccess.hpp>
+#include <com/sun/star/lang/XComponent.hpp>
+#include <com/sun/star/lang/DisposedException.hpp>
+#include <com/sun/star/embed/XStorage.hpp>
+#include <com/sun/star/embed/ElementModes.hpp>
+#include "com/sun/star/beans/XPropertySet.hpp"
+
+#include "comphelper/documentconstants.hxx"
+#include <tools/debug.hxx>
+#include "rtl/uri.hxx"
+
+using namespace ::com::sun::star::uno;
+//using namespace ::com::sun::star;
+namespace css = ::com::sun::star;
+using rtl::OUString;
+
+
+namespace
+{
+::rtl::OUString getElement(::rtl::OUString const & version, ::sal_Int32 * index)
+{
+ while (*index < version.getLength() && version[*index] == '0') {
+ ++*index;
+ }
+ return version.getToken(0, '.', *index);
+}
+
+
+
+// Return 1 if version1 is greater then version 2, 0 if they are equal
+//and -1 if version1 is less version 2
+int compareVersions(
+ ::rtl::OUString const & version1, ::rtl::OUString const & version2)
+{
+ for (::sal_Int32 i1 = 0, i2 = 0; i1 >= 0 || i2 >= 0;) {
+ ::rtl::OUString e1(getElement(version1, &i1));
+ ::rtl::OUString e2(getElement(version2, &i2));
+ if (e1.getLength() < e2.getLength()) {
+ return -1;
+ } else if (e1.getLength() > e2.getLength()) {
+ return 1;
+ } else if (e1 < e2) {
+ return -1;
+ } else if (e1 > e2) {
+ return 1;
+ }
+ }
+ return 0;
+}
+}
+//If the OOo 3.0 mode is used then we exclude
+//'mimetype' and all content of 'META-INF'.
+//If the argument 'bSigning' is true then the element list is created for a signing
+//operation in which case we use the latest signing algorithm. That is all elements
+//we find in the zip storage are added to the list. We do not support the old signatures
+//which did not contain all files.
+//If 'bSigning' is false, then we validate. If the user enabled validating according to OOo 3.0
+//then mimetype and all content of META-INF must be excluded.
+void ImplFillElementList(
+ std::vector< rtl::OUString >& rList, const Reference < css::embed::XStorage >& rxStore,
+ const ::rtl::OUString rRootStorageName, const bool bRecursive,
+ const DocumentSignatureAlgorithm mode)
+{
+ ::rtl::OUString aMetaInfName( RTL_CONSTASCII_USTRINGPARAM( "META-INF" ) );
+ ::rtl::OUString sMimeTypeName (RTL_CONSTASCII_USTRINGPARAM("mimetype"));
+ ::rtl::OUString aSep( RTL_CONSTASCII_USTRINGPARAM( "/" ) );
+
+ Reference < css::container::XNameAccess > xElements( rxStore, UNO_QUERY );
+ Sequence< ::rtl::OUString > aElements = xElements->getElementNames();
+ sal_Int32 nElements = aElements.getLength();
+ const ::rtl::OUString* pNames = aElements.getConstArray();
+
+ for ( sal_Int32 n = 0; n < nElements; n++ )
+ {
+ if (mode != OOo3_2Document
+ && (pNames[n] == aMetaInfName
+ || pNames[n] == sMimeTypeName))
+ {
+ continue;
+ }
+ else
+ {
+ ::rtl::OUString sEncName = ::rtl::Uri::encode(
+ pNames[n], rtl_UriCharClassRelSegment,
+ rtl_UriEncodeStrict, RTL_TEXTENCODING_UTF8);
+ if (sEncName.getLength() == 0 && pNames[n].getLength() != 0)
+ throw css::uno::Exception(::rtl::OUString(
+ RTL_CONSTASCII_USTRINGPARAM("Failed to encode element name of XStorage")), 0);
+
+ if ( rxStore->isStreamElement( pNames[n] ) )
+ {
+ //Exclude documentsignatures.xml!
+ if (pNames[n].equals(
+ DocumentSignatureHelper::GetDocumentContentSignatureDefaultStreamName()))
+ continue;
+ ::rtl::OUString aFullName( rRootStorageName + sEncName );
+ rList.push_back(aFullName);
+ }
+ else if ( bRecursive && rxStore->isStorageElement( pNames[n] ) )
+ {
+ Reference < css::embed::XStorage > xSubStore = rxStore->openStorageElement( pNames[n], css::embed::ElementModes::READ );
+ rtl::OUString aFullRootName( rRootStorageName + sEncName + aSep );
+ ImplFillElementList(rList, xSubStore, aFullRootName, bRecursive, mode);
+ }
+ }
+ }
+}
+
+
+bool DocumentSignatureHelper::isODFPre_1_2(const ::rtl::OUString & sVersion)
+{
+ //The property version exists only if the document is at least version 1.2
+ //That is, if the document has version 1.1 and sVersion is empty.
+ //The constant is defined in comphelper/documentconstants.hxx
+ if (compareVersions(sVersion, ODFVER_012_TEXT) == -1)
+ return true;
+ return false;
+}
+
+bool DocumentSignatureHelper::isOOo3_2_Signature(const SignatureInformation & sigInfo)
+{
+ ::rtl::OUString sManifestURI(RTL_CONSTASCII_USTRINGPARAM("META-INF/manifest.xml"));
+ bool bOOo3_2 = false;
+ typedef ::std::vector< SignatureReferenceInformation >::const_iterator CIT;
+ for (CIT i = sigInfo.vSignatureReferenceInfors.begin();
+ i < sigInfo.vSignatureReferenceInfors.end(); i++)
+ {
+ if (i->ouURI.equals(sManifestURI))
+ {
+ bOOo3_2 = true;
+ break;
+ }
+ }
+ return bOOo3_2;
+}
+
+DocumentSignatureAlgorithm
+DocumentSignatureHelper::getDocumentAlgorithm(
+ const ::rtl::OUString & sODFVersion, const SignatureInformation & sigInfo)
+{
+ OSL_ASSERT(sODFVersion.getLength());
+ DocumentSignatureAlgorithm mode = OOo3_2Document;
+ if (!isOOo3_2_Signature(sigInfo))
+ {
+ if (isODFPre_1_2(sODFVersion))
+ mode = OOo2Document;
+ else
+ mode = OOo3_0Document;
+ }
+ return mode;
+}
+
+//The function creates a list of files which are to be signed or for which
+//the signature is to be validated. The strings are UTF8 encoded URIs which
+//contain '/' as path separators.
+//
+//The algorithm how document signatures are created and validated has
+//changed over time. The change affects only which files within the document
+//are changed. Document signatures created by OOo 2.x only used particular files. Since
+//OOo 3.0 everything except "mimetype" and "META-INF" are signed. As of OOo 3.2 everything
+//except META-INF/documentsignatures.xml is signed.
+//Signatures are validated according to the algorithm which was then used for validation.
+//That is, when validating a signature which was created by OOo 3.0, then mimetype and
+//META-INF are not used.
+//
+//When a signature is created then we always use the latest algorithm. That is, we use
+//that of OOo 3.2
+std::vector< rtl::OUString >
+DocumentSignatureHelper::CreateElementList(
+ const Reference < css::embed::XStorage >& rxStore,
+ const ::rtl::OUString /*rRootStorageName*/, DocumentSignatureMode eMode,
+ const DocumentSignatureAlgorithm mode)
+{
+ std::vector< rtl::OUString > aElements;
+ ::rtl::OUString aSep( RTL_CONSTASCII_USTRINGPARAM( "/" ) );
+
+ switch ( eMode )
+ {
+ case SignatureModeDocumentContent:
+ {
+ if (mode == OOo2Document) //that is, ODF 1.0, 1.1
+ {
+ // 1) Main content
+ ImplFillElementList(aElements, rxStore, ::rtl::OUString(), false, mode);
+
+ // 2) Pictures...
+ rtl::OUString aSubStorageName( rtl::OUString::createFromAscii( "Pictures" ) );
+ try
+ {
+ Reference < css::embed::XStorage > xSubStore = rxStore->openStorageElement( aSubStorageName, css::embed::ElementModes::READ );
+ ImplFillElementList(aElements, xSubStore, aSubStorageName+aSep, true, mode);
+ }
+ catch(css::io::IOException& )
+ {
+ ; // Doesn't have to exist...
+ }
+ // 3) OLE....
+ aSubStorageName = rtl::OUString::createFromAscii( "ObjectReplacements" );
+ try
+ {
+ Reference < css::embed::XStorage > xSubStore = rxStore->openStorageElement( aSubStorageName, css::embed::ElementModes::READ );
+ ImplFillElementList(aElements, xSubStore, aSubStorageName+aSep, true, mode);
+ xSubStore.clear();
+
+ // Object folders...
+ rtl::OUString aMatchStr( rtl::OUString::createFromAscii( "Object " ) );
+ Reference < css::container::XNameAccess > xElements( rxStore, UNO_QUERY );
+ Sequence< ::rtl::OUString > aElementNames = xElements->getElementNames();
+ sal_Int32 nElements = aElementNames.getLength();
+ const ::rtl::OUString* pNames = aElementNames.getConstArray();
+ for ( sal_Int32 n = 0; n < nElements; n++ )
+ {
+ if ( ( pNames[n].match( aMatchStr ) ) && rxStore->isStorageElement( pNames[n] ) )
+ {
+ Reference < css::embed::XStorage > xTmpSubStore = rxStore->openStorageElement( pNames[n], css::embed::ElementModes::READ );
+ ImplFillElementList(aElements, xTmpSubStore, pNames[n]+aSep, true, mode);
+ }
+ }
+ }
+ catch( com::sun::star::io::IOException& )
+ {
+ ; // Doesn't have to exist...
+ }
+ }
+ else
+ {
+ // Everything except META-INF
+ ImplFillElementList(aElements, rxStore, ::rtl::OUString(), true, mode);
+ }
+ }
+ break;
+ case SignatureModeMacros:
+ {
+ // 1) Macros
+ rtl::OUString aSubStorageName( rtl::OUString::createFromAscii( "Basic" ) );
+ try
+ {
+ Reference < css::embed::XStorage > xSubStore = rxStore->openStorageElement( aSubStorageName, css::embed::ElementModes::READ );
+ ImplFillElementList(aElements, xSubStore, aSubStorageName+aSep, true, mode);
+ }
+ catch( com::sun::star::io::IOException& )
+ {
+ ; // Doesn't have to exist...
+ }
+
+ // 2) Dialogs
+ aSubStorageName = rtl::OUString::createFromAscii( "Dialogs") ;
+ try
+ {
+ Reference < css::embed::XStorage > xSubStore = rxStore->openStorageElement( aSubStorageName, css::embed::ElementModes::READ );
+ ImplFillElementList(aElements, xSubStore, aSubStorageName+aSep, true, mode);
+ }
+ catch( com::sun::star::io::IOException& )
+ {
+ ; // Doesn't have to exist...
+ }
+ // 3) Scripts
+ aSubStorageName = rtl::OUString::createFromAscii( "Scripts") ;
+ try
+ {
+ Reference < css::embed::XStorage > xSubStore = rxStore->openStorageElement( aSubStorageName, css::embed::ElementModes::READ );
+ ImplFillElementList(aElements, xSubStore, aSubStorageName+aSep, true, mode);
+ }
+ catch( css::io::IOException& )
+ {
+ ; // Doesn't have to exist...
+ }
+ }
+ break;
+ case SignatureModePackage:
+ {
+ // Everything except META-INF
+ ImplFillElementList(aElements, rxStore, ::rtl::OUString(), true, mode);
+ }
+ break;
+ }
+
+ return aElements;
+}
+
+SignatureStreamHelper DocumentSignatureHelper::OpenSignatureStream(
+ const Reference < css::embed::XStorage >& rxStore, sal_Int32 nOpenMode, DocumentSignatureMode eDocSigMode )
+{
+ sal_Int32 nSubStorageOpenMode = css::embed::ElementModes::READ;
+ if ( nOpenMode & css::embed::ElementModes::WRITE )
+ nSubStorageOpenMode = css::embed::ElementModes::WRITE;
+
+ SignatureStreamHelper aHelper;
+
+ try
+ {
+ ::rtl::OUString aSIGStoreName( RTL_CONSTASCII_USTRINGPARAM( "META-INF" ) );
+ aHelper.xSignatureStorage = rxStore->openStorageElement( aSIGStoreName, nSubStorageOpenMode );
+ if ( aHelper.xSignatureStorage.is() )
+ {
+ ::rtl::OUString aSIGStreamName;
+ if ( eDocSigMode == SignatureModeDocumentContent )
+ aSIGStreamName = DocumentSignatureHelper::GetDocumentContentSignatureDefaultStreamName();
+ else if ( eDocSigMode == SignatureModeMacros )
+ aSIGStreamName = DocumentSignatureHelper::GetScriptingContentSignatureDefaultStreamName();
+ else
+ aSIGStreamName = DocumentSignatureHelper::GetPackageSignatureDefaultStreamName();
+
+ aHelper.xSignatureStream = aHelper.xSignatureStorage->openStreamElement( aSIGStreamName, nOpenMode );
+ }
+ }
+ catch(css::io::IOException& )
+ {
+ // Doesn't have to exist...
+ DBG_ASSERT( nOpenMode == embed::ElementModes::READ, "Error creating signature stream..." );
+ }
+
+ return aHelper;
+}
+
+//sElementList contains all files which are expected to be signed. Only those files must me signed,
+//no more, no less.
+//The DocumentSignatureAlgorithm indicates if the document was created with OOo 2.x. Then
+//the uri s in the Reference elements in the signature, were not properly encoded.
+// For example: <Reference URI="ObjectReplacements/Object 1">
+bool DocumentSignatureHelper::checkIfAllFilesAreSigned(
+ const ::std::vector< ::rtl::OUString > & sElementList,
+ const SignatureInformation & sigInfo,
+ const DocumentSignatureAlgorithm alg)
+{
+ // Can only be valid if ALL streams are signed, which means real stream count == signed stream count
+ unsigned int nRealCount = 0;
+ for ( int i = sigInfo.vSignatureReferenceInfors.size(); i; )
+ {
+ const SignatureReferenceInformation& rInf = sigInfo.vSignatureReferenceInfors[--i];
+ // There is also an extra entry of type TYPE_SAMEDOCUMENT_REFERENCE because of signature date.
+ if ( ( rInf.nType == TYPE_BINARYSTREAM_REFERENCE ) || ( rInf.nType == TYPE_XMLSTREAM_REFERENCE ) )
+ {
+ ::rtl::OUString sReferenceURI = rInf.ouURI;
+ if (alg == OOo2Document)
+ {
+ //Comparing URIs is a difficult. Therefore we kind of normalize
+ //it before comparing. We assume that our URI do not have a leading "./"
+ //and fragments at the end (...#...)
+ sReferenceURI = ::rtl::Uri::encode(
+ sReferenceURI, rtl_UriCharClassPchar,
+ rtl_UriEncodeCheckEscapes, RTL_TEXTENCODING_UTF8);
+ }
+
+ //find the file in the element list
+ typedef ::std::vector< ::rtl::OUString >::const_iterator CIT;
+ for (CIT aIter = sElementList.begin(); aIter < sElementList.end(); aIter++)
+ {
+ ::rtl::OUString sElementListURI = *aIter;
+ if (alg == OOo2Document)
+ {
+ sElementListURI =
+ ::rtl::Uri::encode(
+ sElementListURI, rtl_UriCharClassPchar,
+ rtl_UriEncodeCheckEscapes, RTL_TEXTENCODING_UTF8);
+ }
+ if (sElementListURI.equals(sReferenceURI))
+ {
+ nRealCount++;
+ break;
+ }
+ }
+ }
+ }
+ return sElementList.size() == nRealCount;
+}
+
+/*Compares the Uri which are obtained from CreateElementList with + the path obtained from the manifest.xml. + Returns true if both strings are equal. +*/ +bool DocumentSignatureHelper::equalsReferenceUriManifestPath( + const OUString & rUri, const OUString & rPath) { - for (::sal_Int32 i1 = 0, i2 = 0; i1 >= 0 || i2 >= 0;) { - ::rtl::OUString e1(getElement(version1, &i1)); - ::rtl::OUString e2(getElement(version2, &i2)); - if (e1.getLength() < e2.getLength()) { - return -1; - } else if (e1.getLength() > e2.getLength()) { - return 1; - } else if (e1 < e2) { - return -1; - } else if (e1 > e2) { - return 1; - } - } - return 0; -} -} - -void ImplFillElementList( std::vector< rtl::OUString >& rList, const uno::Reference < embed::XStorage >& rxStore, const ::rtl::OUString rRootStorageName, bool bRecursive ) -{ - ::rtl::OUString aMetaInfName( RTL_CONSTASCII_USTRINGPARAM( "META-INF" ) ); - ::rtl::OUString aSep( RTL_CONSTASCII_USTRINGPARAM( "/" ) ); - - uno::Reference < container::XNameAccess > xElements( rxStore, uno::UNO_QUERY ); - uno::Sequence< ::rtl::OUString > aElements = xElements->getElementNames(); - sal_Int32 nElements = aElements.getLength(); - const ::rtl::OUString* pNames = aElements.getConstArray(); - for ( sal_Int32 n = 0; n < nElements; n++ ) - { - if ( pNames[n] != aMetaInfName ) - { - ::rtl::OUString sEncName = ::rtl::Uri::encode( - pNames[n], rtl_UriCharClassRelSegment, - rtl_UriEncodeStrict, RTL_TEXTENCODING_UTF8); - if (sEncName.getLength() == 0 && pNames[n].getLength() != 0) - throw css::uno::Exception(::rtl::OUString( - RTL_CONSTASCII_USTRINGPARAM("Failed to encode element name of XStorage")), 0); - - if ( rxStore->isStreamElement( pNames[n] ) ) - { - ::rtl::OUString aFullName( rRootStorageName + sEncName ); - rList.push_back(aFullName); - } - else if ( bRecursive && rxStore->isStorageElement( pNames[n] ) ) - { - uno::Reference < embed::XStorage > xSubStore = rxStore->openStorageElement( pNames[n], embed::ElementModes::READ ); - rtl::OUString aFullRootName( rRootStorageName + sEncName + aSep ); - ImplFillElementList( rList, xSubStore, aFullRootName, bRecursive ); - } - } - } -} - - -bool DocumentSignatureHelper::isODFPre_1_2(const uno::Reference < embed::XStorage >& rxStore) -{ - ::rtl::OUString sVersion; - uno::Reference< beans::XPropertySet > xProps(rxStore, uno::UNO_QUERY_THROW ); - xProps->getPropertyValue( ::rtl::OUString( RTL_CONSTASCII_USTRINGPARAM( "Version" ) ) ) >>= sVersion; - //The property version exists only if the document is at least version 1.2 - //The constant is defined in comphelper/documentconstants.hxx - if (compareVersions(sVersion, ODFVER_012_TEXT) == -1) - return true; - return false; -} - + bool retVal = false; + //split up the uri and path into segments. Both are separated by '/'
+ std::vector<OUString> vUriSegments;
+ sal_Int32 nIndex = 0;
+ do
+ {
+ OUString aToken = rUri.getToken( 0, '/', nIndex );
+ vUriSegments.push_back(aToken);
+ }
+ while (nIndex >= 0);
+
+ std::vector<OUString> vPathSegments;
+ nIndex = 0;
+ do
+ {
+ OUString aToken = rPath.getToken( 0, '/', nIndex );
+ vPathSegments.push_back(aToken);
+ }
+ while (nIndex >= 0);
+
+ //Now compare each segment of the uri with its counterpart from the path
+ if (vUriSegments.size() == vPathSegments.size())
+ {
+ retVal = true;
+ typedef std::vector<OUString>::const_iterator CIT;
+ for (CIT i = vUriSegments.begin(), j = vPathSegments.begin();
+ i != vUriSegments.end(); i++, j++)
+ {
+ //Decode the uri segment, so that %20 becomes ' ', etc.
+ OUString sDecUri = ::rtl::Uri::decode(
+ *i, rtl_UriDecodeWithCharset, RTL_TEXTENCODING_UTF8);
+ if (!sDecUri.equals(*j))
+ {
+ retVal = false;
+ break;
+ }
+ }
+ }
-std::vector< rtl::OUString > DocumentSignatureHelper::CreateElementList( const uno::Reference < embed::XStorage >& rxStore, const ::rtl::OUString /*rRootStorageName*/, DocumentSignatureMode eMode ) -{ - std::vector< rtl::OUString > aElements; - ::rtl::OUString aSep( RTL_CONSTASCII_USTRINGPARAM( "/" ) ); - - bool bPre1_2 = isODFPre_1_2(rxStore); - - switch ( eMode ) - { - case SignatureModeDocumentContent: - { - if (bPre1_2) - { - // 1) Main content - ImplFillElementList( aElements, rxStore, ::rtl::OUString(), false ); - - // 2) Pictures... - rtl::OUString aSubStorageName( rtl::OUString::createFromAscii( "Pictures" ) ); - try - { - uno::Reference < embed::XStorage > xSubStore = rxStore->openStorageElement( aSubStorageName, embed::ElementModes::READ ); - ImplFillElementList( aElements, xSubStore, aSubStorageName+aSep, true ); - } - catch( com::sun::star::io::IOException& ) - { - ; // Doesn't have to exist... - } - // 3) OLE.... - aSubStorageName = rtl::OUString::createFromAscii( "ObjectReplacements" ); - try - { - uno::Reference < embed::XStorage > xSubStore = rxStore->openStorageElement( aSubStorageName, embed::ElementModes::READ ); - ImplFillElementList( aElements, xSubStore, aSubStorageName+aSep, true ); - xSubStore.clear(); - - // Object folders... - rtl::OUString aMatchStr( rtl::OUString::createFromAscii( "Object " ) ); - uno::Reference < container::XNameAccess > xElements( rxStore, uno::UNO_QUERY ); - uno::Sequence< ::rtl::OUString > aElementNames = xElements->getElementNames(); - sal_Int32 nElements = aElementNames.getLength(); - const ::rtl::OUString* pNames = aElementNames.getConstArray(); - for ( sal_Int32 n = 0; n < nElements; n++ ) - { - if ( ( pNames[n].match( aMatchStr ) ) && rxStore->isStorageElement( pNames[n] ) ) - { - uno::Reference < embed::XStorage > xTmpSubStore = rxStore->openStorageElement( pNames[n], embed::ElementModes::READ ); - ImplFillElementList( aElements, xTmpSubStore, pNames[n]+aSep, true ); - } - } - } - catch( com::sun::star::io::IOException& ) - { - ; // Doesn't have to exist... - } - } - else - { - // Everything except META-INF - ImplFillElementList( aElements, rxStore, ::rtl::OUString(), true ); - } - } - break; - case SignatureModeMacros: - { - // 1) Macros - rtl::OUString aSubStorageName( rtl::OUString::createFromAscii( "Basic" ) ); - try - { - uno::Reference < embed::XStorage > xSubStore = rxStore->openStorageElement( aSubStorageName, embed::ElementModes::READ ); - ImplFillElementList( aElements, xSubStore, aSubStorageName+aSep, true ); - } - catch( com::sun::star::io::IOException& ) - { - ; // Doesn't have to exist... - } - - // 2) Dialogs - aSubStorageName = rtl::OUString::createFromAscii( "Dialogs") ; - try - { - uno::Reference < embed::XStorage > xSubStore = rxStore->openStorageElement( aSubStorageName, embed::ElementModes::READ ); - ImplFillElementList( aElements, xSubStore, aSubStorageName+aSep, true ); - } - catch( com::sun::star::io::IOException& ) - { - ; // Doesn't have to exist... - } - // 3) Scripts - aSubStorageName = rtl::OUString::createFromAscii( "Scripts") ; - try - { - uno::Reference < embed::XStorage > xSubStore = rxStore->openStorageElement( aSubStorageName, embed::ElementModes::READ ); - ImplFillElementList( aElements, xSubStore, aSubStorageName+aSep, true ); - } - catch( com::sun::star::io::IOException& ) - { - ; // Doesn't have to exist... - } - } - break; - case SignatureModePackage: - { - // Everything except META-INF - ImplFillElementList( aElements, rxStore, ::rtl::OUString(), true ); - } - break; - } - - return aElements; -} - -SignatureStreamHelper DocumentSignatureHelper::OpenSignatureStream( const uno::Reference < embed::XStorage >& rxStore, sal_Int32 nOpenMode, DocumentSignatureMode eDocSigMode ) -{ - sal_Int32 nSubStorageOpenMode = embed::ElementModes::READ; - if ( nOpenMode & embed::ElementModes::WRITE ) - nSubStorageOpenMode = embed::ElementModes::WRITE; - - SignatureStreamHelper aHelper; - - try - { - ::rtl::OUString aSIGStoreName( RTL_CONSTASCII_USTRINGPARAM( "META-INF" ) ); - aHelper.xSignatureStorage = rxStore->openStorageElement( aSIGStoreName, nSubStorageOpenMode ); - if ( aHelper.xSignatureStorage.is() ) - { - ::rtl::OUString aSIGStreamName; - if ( eDocSigMode == SignatureModeDocumentContent ) - aSIGStreamName = DocumentSignatureHelper::GetDocumentContentSignatureDefaultStreamName(); - else if ( eDocSigMode == SignatureModeMacros ) - aSIGStreamName = DocumentSignatureHelper::GetScriptingContentSignatureDefaultStreamName(); - else - aSIGStreamName = DocumentSignatureHelper::GetPackageSignatureDefaultStreamName(); - - aHelper.xSignatureStream = aHelper.xSignatureStorage->openStreamElement( aSIGStreamName, nOpenMode ); - } - } - catch( com::sun::star::io::IOException& ) - { - // Doesn't have to exist... - DBG_ASSERT( nOpenMode == embed::ElementModes::READ, "Error creating signature stream..." ); - } - - return aHelper; -} - -::rtl::OUString DocumentSignatureHelper::GetDocumentContentSignatureDefaultStreamName() -{ - return ::rtl::OUString( RTL_CONSTASCII_USTRINGPARAM( "documentsignatures.xml" ) ); -} - -::rtl::OUString DocumentSignatureHelper::GetScriptingContentSignatureDefaultStreamName() -{ - return ::rtl::OUString( RTL_CONSTASCII_USTRINGPARAM( "macrosignatures.xml" ) ); -} - -::rtl::OUString DocumentSignatureHelper::GetPackageSignatureDefaultStreamName() -{ - return ::rtl::OUString( RTL_CONSTASCII_USTRINGPARAM( "packagesignatures.xml" ) ); + return retVal; } +
+::rtl::OUString DocumentSignatureHelper::GetDocumentContentSignatureDefaultStreamName()
+{
+ return ::rtl::OUString( RTL_CONSTASCII_USTRINGPARAM( "documentsignatures.xml" ) );
+}
+
+::rtl::OUString DocumentSignatureHelper::GetScriptingContentSignatureDefaultStreamName()
+{
+ return ::rtl::OUString( RTL_CONSTASCII_USTRINGPARAM( "macrosignatures.xml" ) );
+}
+
+::rtl::OUString DocumentSignatureHelper::GetPackageSignatureDefaultStreamName()
+{
+ return ::rtl::OUString( RTL_CONSTASCII_USTRINGPARAM( "packagesignatures.xml" ) );
+}
diff --git a/xmlsecurity/source/helper/xmlsignaturehelper.cxx b/xmlsecurity/source/helper/xmlsignaturehelper.cxx index 8ef7c21dd39b..a5890544be00 100644 --- a/xmlsecurity/source/helper/xmlsignaturehelper.cxx +++ b/xmlsecurity/source/helper/xmlsignaturehelper.cxx @@ -64,6 +64,7 @@ #define NS_DOCUMENTSIGNATURES_ODF_1_2 "urn:oasis:names:tc:opendocument:xmlns:digitalsignature:1.0" using namespace ::com::sun::star; +using namespace ::com::sun::star::uno; XMLSignatureHelper::XMLSignatureHelper( const uno::Reference< uno::XComponentContext >& rxCtx) : mxCtx(rxCtx), mbODFPre1_2(false) @@ -110,12 +111,14 @@ com::sun::star::uno::Reference< com::sun::star::xml::crypto::XUriBinding > XMLSi return mxUriBinding; } -void XMLSignatureHelper::SetStorage( const com::sun::star::uno::Reference < com::sun::star::embed::XStorage >& rxStorage ) +void XMLSignatureHelper::SetStorage( + const Reference < css::embed::XStorage >& rxStorage, + ::rtl::OUString sODFVersion) { DBG_ASSERT( !mxUriBinding.is(), "SetStorage - UriBinding already set!" ); mxUriBinding = new UriBindingHelper( rxStorage ); DBG_ASSERT(rxStorage.is(), "SetStorage - empty storage!"); - mbODFPre1_2 = DocumentSignatureHelper::isODFPre_1_2(rxStorage); + mbODFPre1_2 = DocumentSignatureHelper::isODFPre_1_2(sODFVersion); } @@ -194,6 +197,7 @@ void XMLSignatureHelper::AddForSigning( sal_Int32 nSecurityId, const rtl::OUStri mpXSecController->signAStream( nSecurityId, uri, objectURL, bBinary ); } + uno::Reference<xml::sax::XDocumentHandler> XMLSignatureHelper::CreateDocumentHandlerWithHeader( const com::sun::star::uno::Reference< com::sun::star::io::XOutputStream >& xOutputStream ) { diff --git a/xmlsecurity/source/helper/xmlsignaturehelper2.cxx b/xmlsecurity/source/helper/xmlsignaturehelper2.cxx index 24738c0b6e98..9baa6d7061c4 100644 --- a/xmlsecurity/source/helper/xmlsignaturehelper2.cxx +++ b/xmlsecurity/source/helper/xmlsignaturehelper2.cxx @@ -204,42 +204,17 @@ uno::Reference < io::XInputStream > UriBindingHelper::OpenInputStream( const uno { // Cloning because of I can't keep all storage references open // MBA with think about a better API... - sal_Bool bEncrypted = sal_False; - const ::rtl::OUString sName = ::rtl::Uri::decode( rURI, rtl_UriDecodeStrict, rtl_UriCharClassRelSegment); if (sName.getLength() == 0 && rURI.getLength() != 0) throw uno::Exception(::rtl::OUString(RTL_CONSTASCII_USTRINGPARAM( "Could not decode URI for stream element.")), 0); - try - { - uno::Reference< io::XStream > xStream; - xStream = rxStore->cloneStreamElement( sName ); - if ( !xStream.is() ) - throw uno::RuntimeException(); - - try { - uno::Reference< beans::XPropertySet > xProps( xStream, uno::UNO_QUERY_THROW ); - xProps->getPropertyValue( ::rtl::OUString( RTL_CONSTASCII_USTRINGPARAM( "IsEncrypted" ) ) ) >>= bEncrypted; - } catch( uno::Exception ) - {} - - if ( !bEncrypted ) - xInStream = xStream->getInputStream(); - } - catch ( packages::WrongPasswordException& ) - { - bEncrypted = sal_True; - } - if ( bEncrypted ) - { - // this is an encrypted stream that should be handled accordingly - uno::Reference< embed::XStorageRawAccess > xRawStore( rxStore, uno::UNO_QUERY ); - OSL_ENSURE( xRawStore.is(), "Strange storage implementation is used for signing!\n" ); - if ( xRawStore.is() ) - xInStream = xRawStore->getPlainRawStreamElement( sName ); - } + uno::Reference< io::XStream > xStream; + xStream = rxStore->cloneStreamElement( sName ); + if ( !xStream.is() ) + throw uno::RuntimeException(); + xInStream = xStream->getInputStream(); } else { diff --git a/xmlsecurity/source/xmlsec/mscrypt/x509certificate_mscryptimpl.cxx b/xmlsecurity/source/xmlsec/mscrypt/x509certificate_mscryptimpl.cxx index 00049d2901fc..41dbd6232bce 100644 --- a/xmlsecurity/source/xmlsec/mscrypt/x509certificate_mscryptimpl.cxx +++ b/xmlsecurity/source/xmlsec/mscrypt/x509certificate_mscryptimpl.cxx @@ -43,6 +43,7 @@ #include <rtl/locale.h> #include <osl/nlsupport.h> #include <osl/process.h> +#include <utility> //CP : end @@ -53,36 +54,130 @@ using ::rtl::OUString ; using ::com::sun::star::security::XCertificate ; using ::com::sun::star::util::DateTime ; -/* - * mmi : because MS Crypto use the 'S' tag (equal to the 'ST' tag in NSS), but the NSS can't recognise - * it, so the 'S' tag should be changed to 'ST' tag - * - */ -OUString replaceTagSWithTagST(OUString oldDN) +#define OUSTR(x) ::rtl::OUString( RTL_CONSTASCII_USTRINGPARAM(x) ) + +/*Resturns the index withing rRawString where sTypeName starts and where it ends. + The starting index is pair.first. The ending index in pair.second points + one char after the last character of the type. + sTypeName can be + "S" or "CN" (without ""). Do not use spaces at the beginning of the type name. + If the type name is not found then pair.first and pair.second are -1. +*/ +std::pair< sal_Int32, sal_Int32 > +findTypeInDN(const OUString& rRawString, const OUString& sTypeName) { - - sal_Int32 nIndex = 0; - OUString newDN; - do + std::pair< sal_Int32, sal_Int32 > retVal; + bool bInEscape = false; + bool bInValue = false; + bool bFound = false; + sal_Int32 nTypeNameStart = 0; + sal_Int32 length = rRawString.getLength(); + + for (sal_Int32 i = 0; i < length; i++) { - OUString aToken = oldDN.getToken( 0, ',', nIndex ).trim(); - if (aToken.compareToAscii("S=",2) == 0) + sal_Unicode c = rRawString[i]; + + if (c == '=') { - newDN+=OUString::createFromAscii("ST="); - newDN+=aToken.copy(2); + if (! bInValue) + { + OUString sType = rRawString.copy(nTypeNameStart, i - nTypeNameStart); + sType = sType.trim(); + if (sType.equalsIgnoreAsciiCase(sTypeName)) + { + bFound = true; + break; + } + } } - else + else if (c == '"') { - newDN+=aToken; + if (!bInEscape) + { + //If this is the quote is the first of the couple which enclose the + //whole value, because the value contains special characters + //then we just drop it. That is, this character must be followed by + //a character which is not '"'. + if ( i + 1 < length && rRawString[i+1] == '"') + bInEscape = true; + else + bInValue = !bInValue; //value is enclosed in " " + } + else + { + //This quote is escaped by a preceding quote and therefore is + //part of the value + bInEscape = false; + } } + else if (c == ',') + { + //The comma separate the attribute value pairs. + //If the comma is not part of a value (the value would then be enclosed in '"'), + //then we have reached the end of the value + if (!bInValue) + { + //The next char is the start of the new type + nTypeNameStart = i + 1; + } + } + } - if (nIndex >= 0) + //Found the Type Name, but there can still be spaces after the last comma + //and the beginning of the type. + if (bFound) + { + while (true) + { + sal_Unicode c = rRawString[nTypeNameStart]; + if (c != ' ' && c != '\t') + //found + break; + nTypeNameStart ++; + } + // search end (one after last letter) + sal_Int32 nTypeNameEnd = nTypeNameStart; + nTypeNameEnd++; + while (true) { - newDN+=OUString::createFromAscii(","); + sal_Unicode c = rRawString[nTypeNameEnd]; + if (c == ' ' || c == '\t' || c == '=') + break; + nTypeNameEnd++; } - } while ( nIndex >= 0 ); + retVal = std::make_pair(nTypeNameStart, nTypeNameEnd); + } + else + { + retVal = std::make_pair(-1, -1); + } + return retVal; +} + - return newDN; +/* + MS Crypto uses the 'S' tag (equal to the 'ST' tag in NSS), but the NSS can't recognise + it, so the 'S' tag should be changed to 'ST' tag. However I am not sure if this is necessary + anymore, because we provide always the signers certificate when signing. So libmlsec can find + the private key based on the provided certificate (X509Certificate element) and does not need + the issuer name (X509IssuerName element). The issuer name in the xml signature has also no + effect for the signature nor the certificate validation. + In many RFCs, for example 4519, on speaks of 'ST'. However, the certificate does not contain + strings for type names. Instead it uses OIDs. + */ + +OUString replaceTagSWithTagST(OUString oldDN) +{ + std::pair<sal_Int32, sal_Int32 > pairIndex = findTypeInDN(oldDN, OUSTR("S")); + + if (pairIndex.first != -1) + { + OUString newDN = oldDN.copy(0, pairIndex.first); + newDN += OUSTR("ST"); + newDN += oldDN.copy(pairIndex.second); + return newDN; + } + return oldDN; } /* end */ @@ -159,7 +254,7 @@ sal_Int16 SAL_CALL X509Certificate_MSCryptImpl :: getVersion() throw ( ::com::su OUString xIssuer(issuer , cbIssuer ,encoding ) ; //By CP delete issuer ; - return replaceTagSWithTagST(xIssuer) ; + return replaceTagSWithTagST(xIssuer); } else { return OUString() ; } @@ -208,7 +303,7 @@ sal_Int16 SAL_CALL X509Certificate_MSCryptImpl :: getVersion() throw ( ::com::su OUString xSubject(subject , cbSubject ,encoding ) ; //By CP delete subject ; - return replaceTagSWithTagST(xSubject) ; + return replaceTagSWithTagST(xSubject); } else { return OUString() ; } |