diff options
author | Samuel Mehrbrodt <Samuel.Mehrbrodt@cib.de> | 2020-03-23 12:11:24 +0100 |
---|---|---|
committer | Thorsten Behrens <Thorsten.Behrens@CIB.de> | 2020-05-01 17:49:04 +0200 |
commit | 53006b7618b02b6744feddaea051effc72a17bfa (patch) | |
tree | 114c1273d7d687c56b4d3993f7bdfeb942b1fdb3 /dbaccess/source | |
parent | c00e8e4eba51caef8b86c270e4212a3be770803d (diff) |
Related tdf#97694 Check Base macro signatures on load
Change-Id: I45c6eae633c41585c6c7e4c5fff0b187a6dc1f60
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/90908
Tested-by: Jenkins
Reviewed-by: Samuel Mehrbrodt <Samuel.Mehrbrodt@cib.de>
(cherry picked from commit f2f93434f4795646255e5d8edd31fa08b8b2ffab)
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/93133
Reviewed-by: Thorsten Behrens <Thorsten.Behrens@CIB.de>
Diffstat (limited to 'dbaccess/source')
-rw-r--r-- | dbaccess/source/core/dataaccess/ModelImpl.cxx | 56 | ||||
-rw-r--r-- | dbaccess/source/core/inc/ModelImpl.hxx | 2 |
2 files changed, 54 insertions, 4 deletions
diff --git a/dbaccess/source/core/dataaccess/ModelImpl.cxx b/dbaccess/source/core/dataaccess/ModelImpl.cxx index 2912c625c465..2f156bc6f130 100644 --- a/dbaccess/source/core/dataaccess/ModelImpl.cxx +++ b/dbaccess/source/core/dataaccess/ModelImpl.cxx @@ -39,13 +39,18 @@ #include <com/sun/star/script/DocumentScriptLibraryContainer.hpp> #include <com/sun/star/script/DocumentDialogLibraryContainer.hpp> #include <com/sun/star/util/NumberFormatsSupplier.hpp> +#include <com/sun/star/security/DocumentDigitalSignatures.hpp> +#include <com/sun/star/security/XDocumentDigitalSignatures.hpp> #include <connectivity/dbexception.hxx> #include <cppuhelper/exc_hlp.hxx> #include <cppuhelper/implbase.hxx> #include <cppuhelper/typeprovider.hxx> +#include <comphelper/documentinfo.hxx> +#include <comphelper/storagehelper.hxx> #include <comphelper/types.hxx> #include <rtl/digest.h> +#include <comphelper/processfactory.hxx> #include <sfx2/signaturestate.hxx> #include <tools/debug.hxx> #include <tools/diagnose_ex.h> @@ -59,6 +64,7 @@ #include <algorithm> +using namespace css; using namespace ::com::sun::star::document; using namespace ::com::sun::star::sdbc; using namespace ::com::sun::star::sdbcx; @@ -363,6 +369,7 @@ ODatabaseModelImpl::ODatabaseModelImpl( const Reference< XComponentContext >& _r ,m_aEmbeddedMacros() ,m_bModificationLock( false ) ,m_bDocumentInitialized( false ) + ,m_nScriptingSignatureState(SignatureState::UNKNOWN) ,m_aContext( _rxContext ) ,m_nLoginTimeout(0) ,m_bReadOnly(false) @@ -1281,13 +1288,54 @@ Reference< XEmbeddedScripts > ODatabaseModelImpl::getEmbeddedDocumentScripts() c SignatureState ODatabaseModelImpl::getScriptingSignatureState() { // no support for signatures at the moment - return SignatureState::NOSIGNATURES; + return m_nScriptingSignatureState; } -bool ODatabaseModelImpl::hasTrustedScriptingSignature( bool /*bAllowUIToAddAuthor*/ ) +bool ODatabaseModelImpl::hasTrustedScriptingSignature(bool /*bAllowUIToAddAuthor*/) { - // no support for signatures at the moment - return false; + bool bResult = false; + + try + { + // Don't use m_xDocumentStorage, that somehow has an incomplete storage representation + // which leads to signatures not being found + Reference<XStorage> xStorage = comphelper::OStorageHelper::GetStorageOfFormatFromURL( + ZIP_STORAGE_FORMAT_STRING, m_sDocFileLocation, ElementModes::READ); + OUString aVersion; + try + { + uno::Reference<beans::XPropertySet> xPropSet(xStorage, uno::UNO_QUERY_THROW); + xPropSet->getPropertyValue("Version") >>= aVersion; + } + catch (uno::Exception&) + { + } + + uno::Reference<security::XDocumentDigitalSignatures> xSigner( + security::DocumentDigitalSignatures::createWithVersion( + comphelper::getProcessComponentContext(), aVersion)); + uno::Sequence<security::DocumentSignatureInformation> aInfo + = xSigner->verifyScriptingContentSignatures(xStorage, + uno::Reference<io::XInputStream>()); + + if (!aInfo.hasElements()) + return false; + + m_nScriptingSignatureState = DocumentSignatures::getSignatureState(aInfo); + if (m_nScriptingSignatureState == SignatureState::OK + || m_nScriptingSignatureState == SignatureState::NOTVALIDATED) + { + bResult = std::any_of(aInfo.begin(), aInfo.end(), + [&xSigner](const security::DocumentSignatureInformation& rInfo) { + return xSigner->isAuthorTrusted(rInfo.Signer); + }); + } + } + catch (uno::Exception&) + { + } + + return bResult; } void ODatabaseModelImpl::storageIsModified() diff --git a/dbaccess/source/core/inc/ModelImpl.hxx b/dbaccess/source/core/inc/ModelImpl.hxx index e938cf830dca..d28899d42ed2 100644 --- a/dbaccess/source/core/inc/ModelImpl.hxx +++ b/dbaccess/source/core/inc/ModelImpl.hxx @@ -184,6 +184,8 @@ private: */ OUString m_sDocumentURL; + SignatureState m_nScriptingSignatureState; + public: OWeakConnectionArray m_aConnections; const css::uno::Reference< css::uno::XComponentContext > m_aContext; |