summaryrefslogtreecommitdiff
path: root/comphelper/source
diff options
context:
space:
mode:
authorSarper Akdemir <sarper.akdemir@allotropia.de>2024-07-31 11:03:13 +0200
committerSarper Akdemir <sarper.akdemir@allotropia.de>2024-08-05 13:15:31 +0200
commit9786f8ea59ccc9225871888d23b5af9ed16a5e5f (patch)
tree5553cceb80caa1efa8e1b1713b2cd3728f7e3927 /comphelper/source
parent50455fa6a223f34b59aca3c837ce79aebf9bb5aa (diff)
tdf#159040 tdf#162206: better the user key selection and test sign with default
fix GPG CertificateImpl::getSHA1Thumbprint not returning a sequence of bytes as the thumbprint. (that is what the documented API states, and what all of the code assumed.) now /org.openoffice.UserProfile/Data/signingkey and encryptionkey stores the key's SHA1Thumbprint for better identification of keys. Previously on the key name was being used. fix annoying NSS Certificate Database password prompt appearing on Tools->Options if the certificate database is password protected. improve Tools->Options->UserData user key selection and display of information. add a ui test for "Sign with default certificate" interaction in the save dialog. Change-Id: I1036856003f58f494838e0f81ca0fe18e821f528 Reviewed-on: https://gerrit.libreoffice.org/c/core/+/171395 Tested-by: Jenkins Reviewed-by: Sarper Akdemir <sarper.akdemir@allotropia.de>
Diffstat (limited to 'comphelper/source')
-rw-r--r--comphelper/source/misc/storagehelper.cxx24
-rw-r--r--comphelper/source/misc/xmlsechelper.cxx16
2 files changed, 21 insertions, 19 deletions
diff --git a/comphelper/source/misc/storagehelper.cxx b/comphelper/source/misc/storagehelper.cxx
index 8d7786205d79..29e9512c2e9e 100644
--- a/comphelper/source/misc/storagehelper.cxx
+++ b/comphelper/source/misc/storagehelper.cxx
@@ -55,6 +55,7 @@
#include <comphelper/propertyvalue.hxx>
#include <comphelper/storagehelper.hxx>
#include <comphelper/sequence.hxx>
+#include <comphelper/xmlsechelper.hxx>
#include <cppuhelper/exc_hlp.hxx>
#include <o3tl/string_view.hxx>
@@ -485,16 +486,15 @@ OStorageHelper::CreateGpgPackageEncryptionData(const css::uno::Reference<css::aw
ctx->setArmor(false);
}
- uno::Sequence < sal_Int8 > aKeyID;
+ OString aKeyID;
if (cert.is())
- aKeyID = cert->getSHA1Thumbprint();
-
- std::vector<GpgME::Key> keys
{
- ctx->key(
- reinterpret_cast<const char*>(aKeyID.getConstArray()),
- err, false)
- };
+ aKeyID
+ = OUStringToOString(comphelper::xmlsec::GetHexString(cert->getSHA1Thumbprint(), ""),
+ RTL_TEXTENCODING_UTF8);
+ }
+
+ std::vector<GpgME::Key> keys{ ctx->key(aKeyID.getStr(), err, false) };
// ctx is setup now, let's encrypt the lot!
GpgME::Data plain(
@@ -549,9 +549,11 @@ OStorageHelper::CreateGpgPackageEncryptionData(const css::uno::Reference<css::aw
SAL_INFO("comphelper.crypto", "Generated gpg crypto of length: " << len);
- uno::Sequence< beans::NamedValue > aGpgEncryptionEntry{
- { u"KeyId"_ustr, uno::Any(aKeyID) },
- { u"KeyPacket"_ustr, uno::Any(aKeyID) },
+ uno::Sequence<sal_Int8> aKeyIdSequence
+ = comphelper::arrayToSequence<sal_Int8>(aKeyID.getStr(), aKeyID.getLength() + 1);
+ uno::Sequence<beans::NamedValue> aGpgEncryptionEntry{
+ { u"KeyId"_ustr, uno::Any(aKeyIdSequence) },
+ { u"KeyPacket"_ustr, uno::Any(aKeyIdSequence) },
{ u"CipherValue"_ustr, uno::Any(aCipherValue) }
};
diff --git a/comphelper/source/misc/xmlsechelper.cxx b/comphelper/source/misc/xmlsechelper.cxx
index 69dd3b6571bb..f810de47af69 100644
--- a/comphelper/source/misc/xmlsechelper.cxx
+++ b/comphelper/source/misc/xmlsechelper.cxx
@@ -312,7 +312,7 @@ std::vector< std::pair< OUString, OUString> > parseDN(std::u16string_view rRawSt
css::uno::Reference<css::security::XCertificate> FindCertInContext(
const css::uno::Reference<css::xml::crypto::XXMLSecurityContext>& xSecurityContext,
- const OUString& rContentPart)
+ const OUString& rSHA1Thumbprint)
{
if (!xSecurityContext.is())
return {};
@@ -325,13 +325,13 @@ std::vector< std::pair< OUString, OUString> > parseDN(std::u16string_view rRawSt
auto aCertsIter = asNonConstRange(xCertificates);
auto pxCert
- = std::find_if(aCertsIter.begin(), aCertsIter.end(),
- [&rContentPart](auto& xCert)
- {
- return comphelper::xmlsec::GetContentPart(
- xCert->getSubjectName(), xCert->getCertificateKind())
- == rContentPart;
- });
+ = std::find_if(aCertsIter.begin(), aCertsIter.end(),
+ [&rSHA1Thumbprint](auto& xCert)
+ {
+ return rSHA1Thumbprint
+ == GetHexString(xCert->getSHA1Thumbprint(), "");
+ });
+
if (pxCert == aCertsIter.end())
return {};