[API CHANGE] extend css.security.XDocumentDigitalSignatures

Add support for macro and package signing with a provided certificate which is already possible for document signing since LO 6.2: boolean signScriptingContentWithCertificate( [in] ::com::sun::star::security::XCertificate xCertificate, [in] ::com::sun::star::embed::XStorage xStorage, [in] ::com::sun::star::io::XStream xStream); boolean signPackageWithCertificate( [in] ::com::sun::star::security::XCertificate xCertificate, [in] ::com::sun::star::embed::XStorage xStorage, [in] ::com::sun::star::io::XStream xStream); Change-Id: I9783cd317a7202691913be186eca95964b1e0ff7 Reviewed-on: https://gerrit.libreoffice.org/c/core/+/86141 Tested-by: Jenkins Reviewed-by: Thorsten Behrens <Thorsten.Behrens@CIB.de> (cherry picked from commit 697989d11e25b3eb83e5ca2dad5d71b178abfbc1) Reviewed-on: https://gerrit.libreoffice.org/c/core/+/107772 Tested-by: Thorsten Behrens <Thorsten.Behrens@CIB.de>
author: brinzing <oliver.brinzing@gmx.de> 2020-01-02 18:12:31 +0100
committer: Vasily Melenchuk <vasily.melenchuk@cib.de> 2021-04-15 11:21:16 +0300
commit: cc4987d3e566db2c4aa0675ae94f6c2f713d8a0a (patch)
tree: 4cc52a3c766400b6ccccc3b36ab0f8697f7797e8
parent: de64963a87c5d51797ec4034bf8c67346459e46d (diff)
2 files changed, 62 insertions, 2 deletions
diff --git a/offapi/com/sun/star/security/XDocumentDigitalSignatures.idl b/offapi/com/sun/star/security/XDocumentDigitalSignatures.idl
index d7e001c57607..ab9db97f881d 100644
--- a/offapi/com/sun/star/security/XDocumentDigitalSignatures.idl
+++ b/offapi/com/sun/star/security/XDocumentDigitalSignatures.idl
@@ -199,6 +199,23 @@ interface XDocumentDigitalSignatures : com::sun::star::uno::XInterface
                                         [in] ::com::sun::star::embed::XStorage xStorage,
                                         [in] ::com::sun::star::io::XStream xStream);
 
+    /** signs the content of the Scripting including macros and basic dialogs with the provided certificate.
+
+        <p>The rest of document content will not be signed.</p>
+
+        @since LibreOffice 6.5
+    */
+    boolean signScriptingContentWithCertificate([in] ::com::sun::star::security::XCertificate xCertificate,
+                                                [in] ::com::sun::star::embed::XStorage xStorage,
+                                                [in] ::com::sun::star::io::XStream xStream);
+
+    /** signs the full Package, which means everything in the storage except the content of META-INF with the provided certificate.
+
+        @since LibreOffice 6.5
+    */
+    boolean signPackageWithCertificate([in] ::com::sun::star::security::XCertificate xCertificate,
+                                                [in] ::com::sun::star::embed::XStorage xStorage,
+                                                [in] ::com::sun::star::io::XStream xStream);
 };
 
 } ; } ; } ; } ;
diff --git a/xmlsecurity/source/component/documentdigitalsignatures.cxx b/xmlsecurity/source/component/documentdigitalsignatures.cxx
index 594e9a55babc..b9254c144b8e 100644
--- a/xmlsecurity/source/component/documentdigitalsignatures.cxx
+++ b/xmlsecurity/source/component/documentdigitalsignatures.cxx
@@ -95,7 +95,12 @@ private:
     chooseCertificatesImpl(std::map<OUString, OUString>& rProperties, const UserAction eAction,
                            const CertificateKind certificateKind=CertificateKind_NONE);
 
-public:
+    bool signWithCertificateImpl(
+        css::uno::Reference<css::security::XCertificate> const& xCertificate,
+        css::uno::Reference<css::embed::XStorage> const& xStorage,
+        css::uno::Reference<css::io::XStream> const& xStream, DocumentSignatureMode eMode);
+
+ public:
     explicit DocumentDigitalSignatures(
         const css::uno::Reference<css::uno::XComponentContext>& rxCtx);
 
@@ -177,6 +182,16 @@ public:
                             css::uno::Reference<css::security::XCertificate> const & xCertificate,
                             css::uno::Reference<css::embed::XStorage> const & xStoragexStorage,
                             css::uno::Reference<css::io::XStream> const & xStream) override;
+
+    sal_Bool SAL_CALL signPackageWithCertificate(
+                            css::uno::Reference<css::security::XCertificate> const& xCertificate,
+                            css::uno::Reference<css::embed::XStorage> const& xStoragexStorage,
+                            css::uno::Reference<css::io::XStream> const& xStream) override;
+
+    sal_Bool SAL_CALL signScriptingContentWithCertificate(
+                            css::uno::Reference<css::security::XCertificate> const& xCertificate,
+                            css::uno::Reference<css::embed::XStorage> const& xStoragexStorage,
+                            css::uno::Reference<css::io::XStream> const& xStream) override;
 };
 
 DocumentDigitalSignatures::DocumentDigitalSignatures( const Reference< XComponentContext >& rxCtx ):
@@ -763,7 +778,35 @@ sal_Bool DocumentDigitalSignatures::signDocumentWithCertificate(
             css::uno::Reference<css::embed::XStorage> const & xStorage,
             css::uno::Reference<css::io::XStream> const & xStream)
 {
-    DocumentSignatureManager aSignatureManager(mxCtx, DocumentSignatureMode::Content);
+    return signWithCertificateImpl(xCertificate, xStorage, xStream, DocumentSignatureMode::Content);
+}
+
+sal_Bool DocumentDigitalSignatures::signPackageWithCertificate(
+    css::uno::Reference<css::security::XCertificate> const& xCertificate,
+    css::uno::Reference<css::embed::XStorage> const& xStorage,
+    css::uno::Reference<css::io::XStream> const& xStream)
+{
+    return signWithCertificateImpl(xCertificate, xStorage, xStream, DocumentSignatureMode::Package);
+}
+
+sal_Bool DocumentDigitalSignatures::signScriptingContentWithCertificate(
+    css::uno::Reference<css::security::XCertificate> const& xCertificate,
+    css::uno::Reference<css::embed::XStorage> const& xStorage,
+    css::uno::Reference<css::io::XStream> const& xStream)
+{
+    return signWithCertificateImpl(xCertificate, xStorage, xStream, DocumentSignatureMode::Macros);
+}
+
+bool DocumentDigitalSignatures::signWithCertificateImpl(
+    css::uno::Reference<css::security::XCertificate> const& xCertificate,
+    css::uno::Reference<css::embed::XStorage> const& xStorage,
+    css::uno::Reference<css::io::XStream> const& xStream,
+    DocumentSignatureMode eMode)
+{
+    OSL_ENSURE(!m_sODFVersion.isEmpty(),
+               "DocumentDigitalSignatures: ODF Version not set, assuming minimum 1.2");
+
+    DocumentSignatureManager aSignatureManager(mxCtx, eMode);
 
     if (!aSignatureManager.init())
         return false;
author	brinzing <oliver.brinzing@gmx.de>	2020-01-02 18:12:31 +0100
committer	Vasily Melenchuk <vasily.melenchuk@cib.de>	2021-04-15 11:21:16 +0300
commit	cc4987d3e566db2c4aa0675ae94f6c2f713d8a0a (patch)
tree	4cc52a3c766400b6ccccc3b36ab0f8697f7797e8
parent	de64963a87c5d51797ec4034bf8c67346459e46d (diff)