diff options
| author | Miklos Vajna <vmiklos@collabora.com> | 2020-06-25 14:32:11 +0200 |
|---|---|---|
| committer | Miklos Vajna <vmiklos@collabora.com> | 2020-06-25 15:41:03 +0200 |
| commit | c3f8702241b625db994bcb059d8c91c25fd43e53 (patch) | |
| tree | cce24d3abf7bb2b4d64b73d27d9840b00004a7a7 | |
| parent | 029a6f72f88612e21093f56939aaf5aefbeadeb1 (diff) | |
sd signature line: pass the model down to xmlsecurity
So it can avoid SfxObjectShell::Current(), which is only correct when a
single document is open.
Also add an sfx2::DigitalSignatures interface so this can be done
without UNO API changes.
Change-Id: Ie81996b8f1e8851975b27c43a53f9d23e316004e
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/97116
Reviewed-by: Miklos Vajna <vmiklos@collabora.com>
Tested-by: Jenkins
| -rw-r--r-- | include/sfx2/digitalsignatures.hxx | 38 | ||||
| -rw-r--r-- | include/sfx2/docfile.hxx | 10 | ||||
| -rw-r--r-- | sfx2/source/doc/docfile.cxx | 22 | ||||
| -rw-r--r-- | sfx2/source/doc/objserv.cxx | 3 | ||||
| -rw-r--r-- | xmlsecurity/inc/documentsignaturemanager.hxx | 6 | ||||
| -rw-r--r-- | xmlsecurity/inc/pdfsignaturehelper.hxx | 7 | ||||
| -rw-r--r-- | xmlsecurity/source/component/documentdigitalsignatures.cxx | 51 | ||||
| -rw-r--r-- | xmlsecurity/source/helper/documentsignaturemanager.cxx | 8 | ||||
| -rw-r--r-- | xmlsecurity/source/helper/pdfsignaturehelper.cxx | 15 |
9 files changed, 126 insertions, 34 deletions
diff --git a/include/sfx2/digitalsignatures.hxx b/include/sfx2/digitalsignatures.hxx new file mode 100644 index 000000000000..8f0e161b42a6 --- /dev/null +++ b/include/sfx2/digitalsignatures.hxx @@ -0,0 +1,38 @@ +/* -*- Mode: C++; tab-width: 4; indent-tabs-mode: nil; c-basic-offset: 4 -*- */ +/* + * This file is part of the LibreOffice project. + * + * This Source Code Form is subject to the terms of the Mozilla Public + * License, v. 2.0. If a copy of the MPL was not distributed with this + * file, You can obtain one at http://mozilla.org/MPL/2.0/. + */ + +#pragma once + +#include <com/sun/star/embed/XStorage.hpp> +#include <com/sun/star/frame/XModel.hpp> +#include <com/sun/star/io/XStream.hpp> +#include <com/sun/star/security/XCertificate.hpp> + +#include <sal/types.h> + +namespace sfx2 +{ +/// Extension of css::security::XDocumentDigitalSignatures for internal purposes. +class SAL_NO_VTABLE SAL_DLLPUBLIC_RTTI DigitalSignatures +{ +public: + /// Same as signDocumentWithCertificate(), but passes the xModel as well. + virtual bool + SignModelWithCertificate(const css::uno::Reference<css::frame::XModel>& xModel, + const css::uno::Reference<css::security::XCertificate>& xCertificate, + const css::uno::Reference<css::embed::XStorage>& xStorage, + const css::uno::Reference<css::io::XStream>& xStream) + = 0; + +protected: + ~DigitalSignatures() noexcept = default; +}; +} + +/* vim:set shiftwidth=4 softtabstop=4 expandtab: */ diff --git a/include/sfx2/docfile.hxx b/include/sfx2/docfile.hxx index 288634808505..8dbe60fa1445 100644 --- a/include/sfx2/docfile.hxx +++ b/include/sfx2/docfile.hxx @@ -41,6 +41,10 @@ namespace com::sun::star::ucb { class XCommandEnvironment; } namespace com::sun::star::ucb { class XContent; } namespace com::sun::star::util { struct DateTime; } namespace com::sun::star::util { struct RevisionTag; } +namespace com::sun::star::frame +{ +class XModel; +} namespace ucbhelper { class Content; } class SvKeyValueIterator; @@ -261,9 +265,9 @@ public: = css::uno::Reference<css::graphic::XGraphic>(), const OUString& aComment = OUString()); - SAL_DLLPRIVATE bool - SignDocumentContentUsingCertificate(bool bHasValidDocumentSignature, - const css::uno::Reference<css::security::XCertificate>& xCertificate); + SAL_DLLPRIVATE bool SignDocumentContentUsingCertificate( + const css::uno::Reference<css::frame::XModel>& xModel, bool bHasValidDocumentSignature, + const css::uno::Reference<css::security::XCertificate>& xCertificate); // the following two methods must be used and make sense only during saving currently // TODO/LATER: in future the signature state should be controlled by the medium not by the document diff --git a/sfx2/source/doc/docfile.cxx b/sfx2/source/doc/docfile.cxx index 09c6f8cbb6ed..908802be2f33 100644 --- a/sfx2/source/doc/docfile.cxx +++ b/sfx2/source/doc/docfile.cxx @@ -42,6 +42,7 @@ #include <com/sun/star/embed/ElementModes.hpp> #include <com/sun/star/embed/UseBackupException.hpp> #include <com/sun/star/embed/XOptimizedStorage.hpp> +#include <com/sun/star/frame/XModel.hpp> #include <com/sun/star/graphic/XGraphic.hpp> #include <com/sun/star/ucb/ContentCreationException.hpp> #include <com/sun/star/ucb/InteractiveIOException.hpp> @@ -117,6 +118,7 @@ #include <vcl/svapp.hxx> #include <tools/diagnose_ex.h> #include <unotools/fltrcfg.hxx> +#include <sfx2/digitalsignatures.hxx> #include <com/sun/star/io/WrongFormatException.hpp> @@ -3767,8 +3769,9 @@ void SfxMedium::CreateTempFileNoCopy() CloseStorage(); } -bool SfxMedium::SignDocumentContentUsingCertificate(bool bHasValidDocumentSignature, - const Reference<XCertificate>& xCertificate) +bool SfxMedium::SignDocumentContentUsingCertificate( + const css::uno::Reference<css::frame::XModel>& xModel, bool bHasValidDocumentSignature, + const Reference<XCertificate>& xCertificate) { bool bChanges = false; @@ -3784,6 +3787,11 @@ bool SfxMedium::SignDocumentContentUsingCertificate(bool bHasValidDocumentSignat uno::Reference< security::XDocumentDigitalSignatures > xSigner( security::DocumentDigitalSignatures::createWithVersionAndValidSignature( comphelper::getProcessComponentContext(), aODFVersion, bHasValidDocumentSignature ) ); + auto xModelSigner = dynamic_cast<sfx2::DigitalSignatures*>(xSigner.get()); + if (!xModelSigner) + { + return bChanges; + } uno::Reference< embed::XStorage > xWriteableZipStor; @@ -3830,7 +3838,8 @@ bool SfxMedium::SignDocumentContentUsingCertificate(bool bHasValidDocumentSignat if (GetFilter() && GetFilter()->IsOwnFormat()) xStream.set(xMetaInf->openStreamElement(xSigner->getDocumentContentSignatureDefaultStreamName(), embed::ElementModes::READWRITE), uno::UNO_SET_THROW); - bool bSuccess = xSigner->signDocumentWithCertificate(xCertificate, GetZipStorageToSign_Impl(), xStream); + bool bSuccess = xModelSigner->SignModelWithCertificate( + xModel, xCertificate, GetZipStorageToSign_Impl(), xStream); if (bSuccess) { @@ -3850,8 +3859,8 @@ bool SfxMedium::SignDocumentContentUsingCertificate(bool bHasValidDocumentSignat uno::Reference<io::XStream> xStream; // We need read-write to be able to add the signature relation. - bool bSuccess =xSigner->signDocumentWithCertificate( - xCertificate, GetZipStorageToSign_Impl(/*bReadOnly=*/false), xStream); + bool bSuccess = xModelSigner->SignModelWithCertificate( + xModel, xCertificate, GetZipStorageToSign_Impl(/*bReadOnly=*/false), xStream); if (bSuccess) { @@ -3868,7 +3877,8 @@ bool SfxMedium::SignDocumentContentUsingCertificate(bool bHasValidDocumentSignat // Something not ZIP based: e.g. PDF. std::unique_ptr<SvStream> pStream(utl::UcbStreamHelper::CreateStream(GetName(), StreamMode::READ | StreamMode::WRITE)); uno::Reference<io::XStream> xStream(new utl::OStreamWrapper(*pStream)); - if (xSigner->signDocumentWithCertificate(xCertificate, uno::Reference<embed::XStorage>(), xStream)) + if (xModelSigner->SignModelWithCertificate( + xModel, xCertificate, uno::Reference<embed::XStorage>(), xStream)) bChanges = true; } } diff --git a/sfx2/source/doc/objserv.cxx b/sfx2/source/doc/objserv.cxx index c2280edfd34b..85406b99ace3 100644 --- a/sfx2/source/doc/objserv.cxx +++ b/sfx2/source/doc/objserv.cxx @@ -1928,7 +1928,8 @@ bool SfxObjectShell::SignDocumentContentUsingCertificate(const Reference<XCertif return false; // 3. Sign - bool bSignSuccess = GetMedium()->SignDocumentContentUsingCertificate(HasValidSignatures(), xCertificate); + bool bSignSuccess = GetMedium()->SignDocumentContentUsingCertificate( + GetBaseModel(), HasValidSignatures(), xCertificate); // 4. AfterSigning AfterSigning(bSignSuccess, false); diff --git a/xmlsecurity/inc/documentsignaturemanager.hxx b/xmlsecurity/inc/documentsignaturemanager.hxx index 3d001966f3b0..e7149c3fe195 100644 --- a/xmlsecurity/inc/documentsignaturemanager.hxx +++ b/xmlsecurity/inc/documentsignaturemanager.hxx @@ -44,6 +44,10 @@ namespace embed { class XStorage; } +namespace frame +{ +class XModel; +} namespace graphic { class XGraphic; @@ -69,6 +73,7 @@ private: DocumentSignatureMode const meSignatureMode; css::uno::Sequence<css::uno::Sequence<css::beans::PropertyValue>> m_manifest; css::uno::Reference<css::io::XStream> mxSignatureStream; + css::uno::Reference<css::frame::XModel> mxModel; css::uno::Reference<css::io::XStream> mxTempSignatureStream; /// Storage containing all OOXML signatures, unused for ODF. css::uno::Reference<css::embed::XStorage> mxTempSignatureStorage; @@ -125,6 +130,7 @@ public: { mxSignatureStream = xSignatureStream; } + void setModel(const css::uno::Reference<css::frame::XModel>& xModel); const css::uno::Reference<css::embed::XStorage>& getStore() const { return mxStore; } DocumentSignatureMode getSignatureMode() const { return meSignatureMode; } SignatureInformations& getCurrentSignatureInformations() diff --git a/xmlsecurity/inc/pdfsignaturehelper.hxx b/xmlsecurity/inc/pdfsignaturehelper.hxx index f23a371d2820..f8f1e893beb2 100644 --- a/xmlsecurity/inc/pdfsignaturehelper.hxx +++ b/xmlsecurity/inc/pdfsignaturehelper.hxx @@ -21,6 +21,10 @@ namespace sun { namespace star { +namespace frame +{ +class XModel; +} namespace io { class XInputStream; @@ -67,7 +71,8 @@ public: /// Comment / reason to be used next time signing is performed. void SetDescription(const OUString& rDescription); /// Append a new signature at the end of xInputStream. - bool Sign(const css::uno::Reference<css::io::XInputStream>& xInputStream, bool bAdES); + bool Sign(const css::uno::Reference<css::frame::XModel>& xModel, + const css::uno::Reference<css::io::XInputStream>& xInputStream, bool bAdES); /// Remove the signature at nPosition (and all dependent signatures) from xInputStream. static bool RemoveSignature(const css::uno::Reference<css::io::XInputStream>& xInputStream, sal_uInt16 nPosition); diff --git a/xmlsecurity/source/component/documentdigitalsignatures.cxx b/xmlsecurity/source/component/documentdigitalsignatures.cxx index d149bf5e30b2..3baab59e03ac 100644 --- a/xmlsecurity/source/component/documentdigitalsignatures.cxx +++ b/xmlsecurity/source/component/documentdigitalsignatures.cxx @@ -57,6 +57,7 @@ #include <com/sun/star/lang/IllegalArgumentException.hpp> #include <com/sun/star/security/XDocumentDigitalSignatures.hpp> #include <com/sun/star/xml/crypto/XXMLSecurityContext.hpp> +#include <sfx2/digitalsignatures.hxx> #include <map> @@ -67,10 +68,10 @@ using namespace css::security; using namespace css::xml::crypto; namespace { - class DocumentDigitalSignatures : public cppu::WeakImplHelper<css::security::XDocumentDigitalSignatures, - css::lang::XInitialization, css::lang::XServiceInfo> + css::lang::XInitialization, css::lang::XServiceInfo>, + public sfx2::DigitalSignatures { private: css::uno::Reference<css::uno::XComponentContext> mxCtx; @@ -103,12 +104,14 @@ private: chooseCertificatesImpl(std::map<OUString, OUString>& rProperties, const UserAction eAction, const CertificateKind certificateKind=CertificateKind_NONE); - bool signWithCertificateImpl( - css::uno::Reference<css::security::XCertificate> const& xCertificate, - css::uno::Reference<css::embed::XStorage> const& xStorage, - css::uno::Reference<css::io::XStream> const& xStream, DocumentSignatureMode eMode); + bool + signWithCertificateImpl(const uno::Reference<frame::XModel>& /*xModel*/, + css::uno::Reference<css::security::XCertificate> const& xCertificate, + css::uno::Reference<css::embed::XStorage> const& xStorage, + css::uno::Reference<css::io::XStream> const& xStream, + DocumentSignatureMode eMode); - public: +public: explicit DocumentDigitalSignatures( const css::uno::Reference<css::uno::XComponentContext>& rxCtx); @@ -205,6 +208,13 @@ private: { mxParentWindow = rParentwindow; } + + /// See sfx2::DigitalSignatures::SignModelWithCertificate(). + bool + SignModelWithCertificate(const css::uno::Reference<css::frame::XModel>& xModel, + const css::uno::Reference<css::security::XCertificate>& xCertificate, + const css::uno::Reference<css::embed::XStorage>& xStorage, + const css::uno::Reference<css::io::XStream>& xStream) override; }; } @@ -785,7 +795,19 @@ sal_Bool DocumentDigitalSignatures::signDocumentWithCertificate( css::uno::Reference<css::embed::XStorage> const & xStorage, css::uno::Reference<css::io::XStream> const & xStream) { - return signWithCertificateImpl(xCertificate, xStorage, xStream, DocumentSignatureMode::Content); + uno::Reference<frame::XModel> xModel; + return signWithCertificateImpl(xModel, xCertificate, xStorage, xStream, + DocumentSignatureMode::Content); +} + +bool DocumentDigitalSignatures::SignModelWithCertificate( + const uno::Reference<frame::XModel>& xModel, + const css::uno::Reference<css::security::XCertificate>& xCertificate, + const css::uno::Reference<css::embed::XStorage>& xStorage, + const css::uno::Reference<css::io::XStream>& xStream) +{ + return signWithCertificateImpl(xModel, xCertificate, xStorage, xStream, + DocumentSignatureMode::Content); } sal_Bool DocumentDigitalSignatures::signPackageWithCertificate( @@ -793,7 +815,9 @@ sal_Bool DocumentDigitalSignatures::signPackageWithCertificate( css::uno::Reference<css::embed::XStorage> const& xStorage, css::uno::Reference<css::io::XStream> const& xStream) { - return signWithCertificateImpl(xCertificate, xStorage, xStream, DocumentSignatureMode::Package); + uno::Reference<frame::XModel> xModel; + return signWithCertificateImpl(xModel, xCertificate, xStorage, xStream, + DocumentSignatureMode::Package); } sal_Bool DocumentDigitalSignatures::signScriptingContentWithCertificate( @@ -801,14 +825,16 @@ sal_Bool DocumentDigitalSignatures::signScriptingContentWithCertificate( css::uno::Reference<css::embed::XStorage> const& xStorage, css::uno::Reference<css::io::XStream> const& xStream) { - return signWithCertificateImpl(xCertificate, xStorage, xStream, DocumentSignatureMode::Macros); + uno::Reference<frame::XModel> xModel; + return signWithCertificateImpl(xModel, xCertificate, xStorage, xStream, + DocumentSignatureMode::Macros); } bool DocumentDigitalSignatures::signWithCertificateImpl( + const uno::Reference<frame::XModel>& xModel, css::uno::Reference<css::security::XCertificate> const& xCertificate, css::uno::Reference<css::embed::XStorage> const& xStorage, - css::uno::Reference<css::io::XStream> const& xStream, - DocumentSignatureMode eMode) + css::uno::Reference<css::io::XStream> const& xStream, DocumentSignatureMode eMode) { OSL_ENSURE(!m_sODFVersion.isEmpty(), "DocumentDigitalSignatures: ODF Version not set, assuming minimum 1.2"); @@ -821,6 +847,7 @@ bool DocumentDigitalSignatures::signWithCertificateImpl( aSignatureManager.setStore(xStorage); aSignatureManager.getSignatureHelper().SetStorage(xStorage, m_sODFVersion); aSignatureManager.setSignatureStream(xStream); + aSignatureManager.setModel(xModel); Reference<XXMLSecurityContext> xSecurityContext = aSignatureManager.getSecurityContext(); diff --git a/xmlsecurity/source/helper/documentsignaturemanager.cxx b/xmlsecurity/source/helper/documentsignaturemanager.cxx index 79d2cdf26b61..295522775951 100644 --- a/xmlsecurity/source/helper/documentsignaturemanager.cxx +++ b/xmlsecurity/source/helper/documentsignaturemanager.cxx @@ -35,6 +35,7 @@ #include <com/sun/star/container/XNameAccess.hpp> #include <com/sun/star/xml/sax/XDocumentHandler.hpp> #include <com/sun/star/xml/sax/XWriter.hpp> +#include <com/sun/star/frame/XModel.hpp> #include <comphelper/base64.hxx> #include <comphelper/storagehelper.hxx> @@ -359,7 +360,7 @@ bool DocumentSignatureManager::add( getPDFSignatureHelper().SetX509Certificate(xCert); getPDFSignatureHelper().SetDescription(rDescription); uno::Reference<io::XInputStream> xInputStream(mxSignatureStream, uno::UNO_QUERY); - if (!getPDFSignatureHelper().Sign(xInputStream, bAdESCompliant)) + if (!getPDFSignatureHelper().Sign(mxModel, xInputStream, bAdESCompliant)) { SAL_WARN("xmlsecurity.helper", "PDFSignatureHelper::Sign() failed"); return false; @@ -684,4 +685,9 @@ DocumentSignatureManager::getGpgSecurityContext() const return mxGpgSecurityContext; } +void DocumentSignatureManager::setModel(const uno::Reference<frame::XModel>& xModel) +{ + mxModel = xModel; +} + /* vim:set shiftwidth=4 softtabstop=4 expandtab: */ diff --git a/xmlsecurity/source/helper/pdfsignaturehelper.cxx b/xmlsecurity/source/helper/pdfsignaturehelper.cxx index 79979c715bff..fe65745b3e90 100644 --- a/xmlsecurity/source/helper/pdfsignaturehelper.cxx +++ b/xmlsecurity/source/helper/pdfsignaturehelper.cxx @@ -57,15 +57,9 @@ bool GetSignatureLinePage(const uno::Reference<frame::XModel>& xModel, sal_Int32 } /// If the currently selected shape is a Draw signature line, export that to PDF. -void GetSignatureLineShape(sal_Int32& rPage, std::vector<sal_Int8>& rSignatureLineShape) +void GetSignatureLineShape(const uno::Reference<frame::XModel>& xModel, sal_Int32& rPage, + std::vector<sal_Int8>& rSignatureLineShape) { - SfxObjectShell* pObjectShell = SfxObjectShell::Current(); - if (!pObjectShell) - { - return; - } - - uno::Reference<frame::XModel> xModel = pObjectShell->GetBaseModel(); if (!xModel.is()) { return; @@ -214,7 +208,8 @@ void PDFSignatureHelper::SetDescription(const OUString& rDescription) m_aDescription = rDescription; } -bool PDFSignatureHelper::Sign(const uno::Reference<io::XInputStream>& xInputStream, bool bAdES) +bool PDFSignatureHelper::Sign(const uno::Reference<frame::XModel>& xModel, + const uno::Reference<io::XInputStream>& xInputStream, bool bAdES) { std::unique_ptr<SvStream> pStream(utl::UcbStreamHelper::CreateStream(xInputStream, true)); vcl::filter::PDFDocument aDocument; @@ -226,7 +221,7 @@ bool PDFSignatureHelper::Sign(const uno::Reference<io::XInputStream>& xInputStre sal_Int32 nPage = 0; std::vector<sal_Int8> aSignatureLineShape; - GetSignatureLineShape(nPage, aSignatureLineShape); + GetSignatureLineShape(xModel, nPage, aSignatureLineShape); if (nPage > 0) { // UNO page number is 1-based. |