diff options
author | Sarper Akdemir <sarper.akdemir@allotropia.de> | 2024-07-31 11:03:13 +0200 |
---|---|---|
committer | Sarper Akdemir <sarper.akdemir@allotropia.de> | 2024-08-05 13:15:31 +0200 |
commit | 9786f8ea59ccc9225871888d23b5af9ed16a5e5f (patch) | |
tree | 5553cceb80caa1efa8e1b1713b2cd3728f7e3927 /comphelper/source | |
parent | 50455fa6a223f34b59aca3c837ce79aebf9bb5aa (diff) |
tdf#159040 tdf#162206: better the user key selection and test sign with default
fix GPG CertificateImpl::getSHA1Thumbprint not returning a
sequence of bytes as the thumbprint. (that is what the
documented API states, and what all of the code assumed.)
now /org.openoffice.UserProfile/Data/signingkey and
encryptionkey stores the key's SHA1Thumbprint for better
identification of keys. Previously on the key name was being
used.
fix annoying NSS Certificate Database password prompt
appearing on Tools->Options if the certificate database is
password protected.
improve Tools->Options->UserData user key selection and
display of information.
add a ui test for "Sign with default certificate"
interaction in the save dialog.
Change-Id: I1036856003f58f494838e0f81ca0fe18e821f528
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/171395
Tested-by: Jenkins
Reviewed-by: Sarper Akdemir <sarper.akdemir@allotropia.de>
Diffstat (limited to 'comphelper/source')
-rw-r--r-- | comphelper/source/misc/storagehelper.cxx | 24 | ||||
-rw-r--r-- | comphelper/source/misc/xmlsechelper.cxx | 16 |
2 files changed, 21 insertions, 19 deletions
diff --git a/comphelper/source/misc/storagehelper.cxx b/comphelper/source/misc/storagehelper.cxx index 8d7786205d79..29e9512c2e9e 100644 --- a/comphelper/source/misc/storagehelper.cxx +++ b/comphelper/source/misc/storagehelper.cxx @@ -55,6 +55,7 @@ #include <comphelper/propertyvalue.hxx> #include <comphelper/storagehelper.hxx> #include <comphelper/sequence.hxx> +#include <comphelper/xmlsechelper.hxx> #include <cppuhelper/exc_hlp.hxx> #include <o3tl/string_view.hxx> @@ -485,16 +486,15 @@ OStorageHelper::CreateGpgPackageEncryptionData(const css::uno::Reference<css::aw ctx->setArmor(false); } - uno::Sequence < sal_Int8 > aKeyID; + OString aKeyID; if (cert.is()) - aKeyID = cert->getSHA1Thumbprint(); - - std::vector<GpgME::Key> keys { - ctx->key( - reinterpret_cast<const char*>(aKeyID.getConstArray()), - err, false) - }; + aKeyID + = OUStringToOString(comphelper::xmlsec::GetHexString(cert->getSHA1Thumbprint(), ""), + RTL_TEXTENCODING_UTF8); + } + + std::vector<GpgME::Key> keys{ ctx->key(aKeyID.getStr(), err, false) }; // ctx is setup now, let's encrypt the lot! GpgME::Data plain( @@ -549,9 +549,11 @@ OStorageHelper::CreateGpgPackageEncryptionData(const css::uno::Reference<css::aw SAL_INFO("comphelper.crypto", "Generated gpg crypto of length: " << len); - uno::Sequence< beans::NamedValue > aGpgEncryptionEntry{ - { u"KeyId"_ustr, uno::Any(aKeyID) }, - { u"KeyPacket"_ustr, uno::Any(aKeyID) }, + uno::Sequence<sal_Int8> aKeyIdSequence + = comphelper::arrayToSequence<sal_Int8>(aKeyID.getStr(), aKeyID.getLength() + 1); + uno::Sequence<beans::NamedValue> aGpgEncryptionEntry{ + { u"KeyId"_ustr, uno::Any(aKeyIdSequence) }, + { u"KeyPacket"_ustr, uno::Any(aKeyIdSequence) }, { u"CipherValue"_ustr, uno::Any(aCipherValue) } }; diff --git a/comphelper/source/misc/xmlsechelper.cxx b/comphelper/source/misc/xmlsechelper.cxx index 69dd3b6571bb..f810de47af69 100644 --- a/comphelper/source/misc/xmlsechelper.cxx +++ b/comphelper/source/misc/xmlsechelper.cxx @@ -312,7 +312,7 @@ std::vector< std::pair< OUString, OUString> > parseDN(std::u16string_view rRawSt css::uno::Reference<css::security::XCertificate> FindCertInContext( const css::uno::Reference<css::xml::crypto::XXMLSecurityContext>& xSecurityContext, - const OUString& rContentPart) + const OUString& rSHA1Thumbprint) { if (!xSecurityContext.is()) return {}; @@ -325,13 +325,13 @@ std::vector< std::pair< OUString, OUString> > parseDN(std::u16string_view rRawSt auto aCertsIter = asNonConstRange(xCertificates); auto pxCert - = std::find_if(aCertsIter.begin(), aCertsIter.end(), - [&rContentPart](auto& xCert) - { - return comphelper::xmlsec::GetContentPart( - xCert->getSubjectName(), xCert->getCertificateKind()) - == rContentPart; - }); + = std::find_if(aCertsIter.begin(), aCertsIter.end(), + [&rSHA1Thumbprint](auto& xCert) + { + return rSHA1Thumbprint + == GetHexString(xCert->getSHA1Thumbprint(), ""); + }); + if (pxCert == aCertsIter.end()) return {}; |