diff options
| author | Miklos Vajna <vmiklos@collabora.co.uk> | 2016-02-10 12:23:56 +0100 |
|---|---|---|
| committer | Miklos Vajna <vmiklos@collabora.co.uk> | 2016-02-10 13:45:45 +0100 |
| commit | e6077ccc69c65156476f1855c5c9711814e8e226 (patch) | |
| tree | 6d1ecaffa4ec383ebc817f50311c119bbae6f216 | |
| parent | ff1982dc3f577913b9c15bd5c57776cf72918878 (diff) | |
xmlsecurity OOXML export: write RelationshipTransform algo arguments
The usual generator/meta stream and the signatures itself are the
excluded ones. It seems everything else has to be listed explicitly.
Change-Id: Ie0f3e161aa0c2e1cb97ad3d9d012ac78078e287a
| -rw-r--r-- | xmlsecurity/source/helper/xsecctl.cxx | 43 | ||||
| -rw-r--r-- | xmlsecurity/source/helper/xsecctl.hxx | 6 |
2 files changed, 48 insertions, 1 deletions
diff --git a/xmlsecurity/source/helper/xsecctl.cxx b/xmlsecurity/source/helper/xsecctl.cxx index bc60efd6b283..aa7f7b4d77a7 100644 --- a/xmlsecurity/source/helper/xsecctl.cxx +++ b/xmlsecurity/source/helper/xsecctl.cxx @@ -31,11 +31,13 @@ #include <com/sun/star/xml/crypto/SecurityOperationStatus.hpp> #include <com/sun/star/embed/XHierarchicalStorageAccess.hpp> #include <com/sun/star/embed/ElementModes.hpp> +#include <com/sun/star/beans/StringPair.hpp> #include <xmloff/attrlist.hxx> #include <rtl/math.hxx> #include <rtl/ref.hxx> #include <unotools/datetime.hxx> +#include <comphelper/ofopxmlhelper.hxx> namespace cssu = com::sun::star::uno; namespace cssl = com::sun::star::lang; @@ -996,6 +998,21 @@ static bool lcl_isOOXMLBlacklist(const OUString& rStreamName) return std::find_if(vBlacklist.begin(), vBlacklist.end(), [&](const OUStringLiteral& rLiteral) { return rStreamName.startsWith(rLiteral); }) != vBlacklist.end(); } +/// Should we intentionally not sign this relation type? +static bool lcl_isOOXMLRelationBlacklist(const OUString& rRelationName) +{ +#if !HAVE_BROKEN_STATIC_INITILIZER_LIST + static +#endif + const std::initializer_list<OUStringLiteral> vBlacklist = + { + OUStringLiteral("http://schemas.openxmlformats.org/officeDocument/2006/relationships/extended-properties"), + OUStringLiteral("http://schemas.openxmlformats.org/package/2006/relationships/metadata/core-properties"), + OUStringLiteral("http://schemas.openxmlformats.org/package/2006/relationships/digital-signature/origin") + }; + return std::find(vBlacklist.begin(), vBlacklist.end(), rRelationName) != vBlacklist.end(); +} + void XSecController::exportOOXMLSignature(const uno::Reference<embed::XStorage>& xRootStorage, const uno::Reference<xml::sax::XDocumentHandler>& xDocumentHandler, const SignatureInformation& rInformation) { uno::Reference<embed::XHierarchicalStorageAccess> xHierarchicalStorageAccess(xRootStorage, uno::UNO_QUERY); @@ -1111,6 +1128,32 @@ void XSecController::exportOOXMLSignature(const uno::Reference<embed::XStorage>& pAttributeList->AddAttribute(ATTR_ALGORITHM, ALGO_RELATIONSHIP); xDocumentHandler->startElement(TAG_TRANSFORM, uno::Reference<xml::sax::XAttributeList>(pAttributeList.get())); } + + uno::Sequence< uno::Sequence<beans::StringPair> > aRelationsInfo = comphelper::OFOPXMLHelper::ReadRelationsInfoSequence(xRelStream, aURI, mxCtx); + for (const uno::Sequence<beans::StringPair>& rPairs : aRelationsInfo) + { + OUString aId; + OUString aType; + for (const beans::StringPair& rPair : rPairs) + { + if (rPair.First == "Id") + aId = rPair.Second; + else if (rPair.First == "Type") + aType = rPair.Second; + } + + if (lcl_isOOXMLRelationBlacklist(aType)) + continue; + + { + rtl::Reference<SvXMLAttributeList> pAttributeList(new SvXMLAttributeList()); + pAttributeList->AddAttribute(ATTR_XMLNS ":" NSTAG_MDSSI, NS_MDSSI); + pAttributeList->AddAttribute(ATTR_SOURCEID, aId); + xDocumentHandler->startElement(NSTAG_MDSSI ":" TAG_RELATIONSHIPREFERENCE, uno::Reference<xml::sax::XAttributeList>(pAttributeList.get())); + } + xDocumentHandler->endElement(NSTAG_MDSSI ":" TAG_RELATIONSHIPREFERENCE); + } + xDocumentHandler->endElement(TAG_TRANSFORM); { rtl::Reference<SvXMLAttributeList> pAttributeList(new SvXMLAttributeList()); diff --git a/xmlsecurity/source/helper/xsecctl.hxx b/xmlsecurity/source/helper/xsecctl.hxx index 8e87e1ea1fb4..1bcf180eba99 100644 --- a/xmlsecurity/source/helper/xsecctl.hxx +++ b/xmlsecurity/source/helper/xsecctl.hxx @@ -84,20 +84,24 @@ #define TAG_DESCRIPTION "description" #define TAG_QUALIFYINGPROPERTIES "QualifyingProperties" #define TAG_SIGNEDPROPERTIES "SignedProperties" +#define TAG_RELATIONSHIPREFERENCE "RelationshipReference" #define ATTR_XMLNS "xmlns" #define ATTR_ALGORITHM "Algorithm" #define ATTR_URI "URI" #define ATTR_ID "Id" #define ATTR_TARGET "Target" +#define ATTR_SOURCEID "SourceId" #define NSTAG_DC "dc" #define NSTAG_XD "xd" +#define NSTAG_MDSSI "mdssi" #define NS_XMLDSIG "http://www.w3.org/2000/09/xmldsig#" //#define NS_DATETIME "http://www.ietf.org/rfcXXXX.txt" #define NS_DC "http://purl.org/dc/elements/1.1/" #define NS_XD "http://uri.etsi.org/01903/v1.3.2#" +#define NS_MDSSI "http://schemas.openxmlformats.org/package/2006/digital-signature" #define ALGO_C14N "http://www.w3.org/TR/2001/REC-xml-c14n-20010315" #define ALGO_RSASHA1 "http://www.w3.org/2000/09/xmldsig#rsa-sha1" @@ -515,7 +519,7 @@ public: /// Writes XML elements inside a single OOXML signature's <Signature> element. bool WriteOOXMLSignature(const css::uno::Reference<css::embed::XStorage>& xRootStorage, const css::uno::Reference<css::xml::sax::XDocumentHandler>& xDocumentHandler); /// Exports an OOXML signature, called by WriteOOXMLSignature(). - static void exportOOXMLSignature(const css::uno::Reference<css::embed::XStorage>& xRootStorage, const css::uno::Reference<css::xml::sax::XDocumentHandler>& xDocumentHandler, const SignatureInformation& rInformation); + void exportOOXMLSignature(const css::uno::Reference<css::embed::XStorage>& xRootStorage, const css::uno::Reference<css::xml::sax::XDocumentHandler>& xDocumentHandler, const SignatureInformation& rInformation); }; #endif |