diff options
| author | Miklos Vajna <vmiklos@collabora.com> | 2024-11-14 10:37:02 +0100 |
|---|---|---|
| committer | Miklos Vajna <vmiklos@collabora.com> | 2024-11-14 17:28:21 +0100 |
| commit | 39bf87f943cce9a0b5a784bc7426b5b98bbc6992 (patch) | |
| tree | e161d275661e00ca1ab89734911fc1363e311d70 /sfx2/source | |
| parent | 89714f9e3ea07381f315686a16cc3ee4a7ccabeb (diff) | |
cool#9992 lok doc sign, hash extract: add signatureTime parameter
Execute getCommandValues('Signature') on the same document twice, you
get different hashes, because the content includes a timestamp, which
changes, so it's not possible to know if the hash is stable or not.
Also, working with a provided timestamp will needed for
<https://docs.eideasy.com/electronic-signatures/api-flow-with-file-hashes-pdf.html#_4-add-the-signature-to-the-pdf-file>
anyway.
Fix the problem by adding a signatureTime parameter and this way we can
have a test that makes sure we get the same hash if the time is
provided.
With this, the hash extraction part is meant to be ~complete.
Change-Id: If5e1e5bcf84c3b777f26b2ded24dcca48ea9ad94
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/176601
Reviewed-by: Miklos Vajna <vmiklos@collabora.com>
Tested-by: Jenkins
Diffstat (limited to 'sfx2/source')
| -rw-r--r-- | sfx2/source/view/lokhelper.cxx | 36 |
1 files changed, 36 insertions, 0 deletions
diff --git a/sfx2/source/view/lokhelper.cxx b/sfx2/source/view/lokhelper.cxx index f8e819a2cb93..5bcb9ef22b98 100644 --- a/sfx2/source/view/lokhelper.cxx +++ b/sfx2/source/view/lokhelper.cxx @@ -43,6 +43,7 @@ #include <comphelper/base64.hxx> #include <tools/json_writer.hxx> #include <svl/cryptosign.hxx> +#include <tools/urlobj.hxx> #include <boost/property_tree/json_parser.hpp> @@ -1000,6 +1001,33 @@ bool SfxLokHelper::supportsCommand(std::u16string_view rCommand) return std::find(vSupport.begin(), vSupport.end(), rCommand) != vSupport.end(); } +std::map<OUString, OUString> SfxLokHelper::parseCommandParameters(std::u16string_view rCommand) +{ + std::map<OUString, OUString> aMap; + + INetURLObject aParser(rCommand); + OUString aArguments = aParser.GetParam(); + sal_Int32 nParamIndex = 0; + do + { + std::u16string_view aParam = o3tl::getToken(aArguments, 0, '&', nParamIndex); + sal_Int32 nIndex = 0; + OUString aKey; + OUString aValue; + do + { + std::u16string_view aToken = o3tl::getToken(aParam, 0, '=', nIndex); + if (aKey.isEmpty()) + aKey = aToken; + else + aValue = aToken; + } while (nIndex >= 0); + aMap[aKey] = INetURLObject::decode(aValue, INetURLObject::DecodeMechanism::WithCharset); + } while (nParamIndex >= 0); + + return aMap; +} + void SfxLokHelper::getCommandValues(tools::JsonWriter& rJsonWriter, std::string_view rCommand) { static constexpr OStringLiteral aSignature(".uno:Signature"); @@ -1015,6 +1043,14 @@ void SfxLokHelper::getCommandValues(tools::JsonWriter& rJsonWriter, std::string_ } svl::crypto::SigningContext aSigningContext; + std::map<OUString, OUString> aMap + = SfxLokHelper::parseCommandParameters(OUString::fromUtf8(rCommand)); + auto it = aMap.find("signatureTime"); + if (it != aMap.end()) + { + // Signature time is provided: prefer it over the system time. + aSigningContext.m_nSignatureTime = it->second.toInt64(); + } pObjectShell->SignDocumentContentUsingCertificate(aSigningContext); rJsonWriter.put("signatureTime", aSigningContext.m_nSignatureTime); |