diff options
| author | Moritz Duge <moritz.duge@allotropia.de> | 2024-08-06 20:01:18 +0200 |
|---|---|---|
| committer | Thorsten Behrens <thorsten.behrens@allotropia.de> | 2024-08-13 01:07:28 +0200 |
| commit | 9383f83b05f3049c350bbc784618da3d6f1a5556 (patch) | |
| tree | d09e43cd91cf85bffb0bb098119335ba0a49e6db | |
| parent | 6b05f6d7d5fd85d666a6d8b65864a46eea13b86d (diff) | |
tdf#161909: request GPG keys exclusively for chooseCertificatesImpl
For ODF encryption, only GPG keys are allowed. And key selection for this currently only works correctly, because all X.509 implementations (nss and mscrypt) yield empty results when asked for public keys (encryption).
This commit is a first step to make the selection for GPG keys explicit.
Other code still needs to be changed to make use of this new function
argument.
Change-Id: Ia6b8ecb901c0f54a9a58b1bd0efaa7154ffbd285
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/171638
Tested-by: Jenkins
Reviewed-by: Thorsten Behrens <thorsten.behrens@allotropia.de>
| -rw-r--r-- | xmlsecurity/source/component/documentdigitalsignatures.cxx | 5 | ||||
| -rw-r--r-- | xmlsecurity/source/dialogs/certificatechooser.cxx | 1 |
2 files changed, 4 insertions, 2 deletions
diff --git a/xmlsecurity/source/component/documentdigitalsignatures.cxx b/xmlsecurity/source/component/documentdigitalsignatures.cxx index 3833a76e81e5..b6ec7eeb3baa 100644 --- a/xmlsecurity/source/component/documentdigitalsignatures.cxx +++ b/xmlsecurity/source/component/documentdigitalsignatures.cxx @@ -698,8 +698,9 @@ DocumentDigitalSignatures::chooseCertificatesImpl(std::map<OUString, OUString>& DocumentSignatureManager aSignatureManager(mxCtx, {}); if (aSignatureManager.init()) { - xSecContexts.push_back(aSignatureManager.getSecurityContext()); - // Don't include OpenPGP if only X.509 certs are requested + // Include OpenPGP and / or X.509 as requested. + if (certificateKind == CertificateKind_NONE || certificateKind == CertificateKind_X509) + xSecContexts.push_back(aSignatureManager.getSecurityContext()); if (certificateKind == CertificateKind_NONE || certificateKind == CertificateKind_OPENPGP) xSecContexts.push_back(aSignatureManager.getGpgSecurityContext()); } diff --git a/xmlsecurity/source/dialogs/certificatechooser.cxx b/xmlsecurity/source/dialogs/certificatechooser.cxx index 178ffe777c7b..b74389d92304 100644 --- a/xmlsecurity/source/dialogs/certificatechooser.cxx +++ b/xmlsecurity/source/dialogs/certificatechooser.cxx @@ -197,6 +197,7 @@ void CertificateChooser::ImplInitialize(bool mbSearch) if (meAction == CertificateChooserUserAction::Sign || meAction == CertificateChooserUserAction::SelectSign) xCerts = secEnvironment->getPersonalCertificates(); else + // Currently (master 2024-07) all X.509 implementations (nss+mscrypt) give an empty list. xCerts = secEnvironment->getAllCertificates(); for (sal_Int32 nCert = xCerts.getLength(); nCert;) |