Related tdf#97694 Check Base macro signatures on load

Change-Id: I45c6eae633c41585c6c7e4c5fff0b187a6dc1f60 Reviewed-on: https://gerrit.libreoffice.org/c/core/+/90908 Tested-by: Jenkins Reviewed-by: Samuel Mehrbrodt <Samuel.Mehrbrodt@cib.de> (cherry picked from commit f2f93434f4795646255e5d8edd31fa08b8b2ffab) Reviewed-on: https://gerrit.libreoffice.org/c/core/+/93133 Reviewed-by: Thorsten Behrens <Thorsten.Behrens@CIB.de>
author: Samuel Mehrbrodt <Samuel.Mehrbrodt@cib.de> 2020-03-23 12:11:24 +0100
committer: Thorsten Behrens <Thorsten.Behrens@CIB.de> 2020-05-01 17:49:04 +0200
commit: 53006b7618b02b6744feddaea051effc72a17bfa (patch)
tree: 114c1273d7d687c56b4d3993f7bdfeb942b1fdb3 /sfx2
parent: c00e8e4eba51caef8b86c270e4212a3be770803d (diff)
5 files changed, 63 insertions, 41 deletions
diff --git a/sfx2/Library_sfx.mk b/sfx2/Library_sfx.mk
index 5bd8cfca2720..8f386caaa283 100644
--- a/sfx2/Library_sfx.mk
+++ b/sfx2/Library_sfx.mk
@@ -228,6 +228,7 @@ $(eval $(call gb_Library_add_exception_objects,sfx,\
     sfx2/source/doc/sfxbasemodel \
     sfx2/source/doc/sfxmodelfactory \
     sfx2/source/doc/SfxRedactionHelper \
+    sfx2/source/doc/signaturestate \
     sfx2/source/doc/syspath \
     sfx2/source/doc/zoomitem \
     sfx2/source/doc/templatedlg \
diff --git a/sfx2/source/doc/objmisc.cxx b/sfx2/source/doc/objmisc.cxx
index 3254eb18d7b0..25db3d85238e 100644
--- a/sfx2/source/doc/objmisc.cxx
+++ b/sfx2/source/doc/objmisc.cxx
@@ -1822,7 +1822,7 @@ bool SfxObjectShell_Impl::hasTrustedScriptingSignature( bool bAllowUIToAddAuthor
             if ( aInfo.hasElements() )
             {
                 if ( nScriptingSignatureState == SignatureState::UNKNOWN )
-                    nScriptingSignatureState = SfxObjectShell::ImplCheckSignaturesInformation( aInfo );
+                    nScriptingSignatureState = DocumentSignatures::getSignatureState(aInfo);
 
                 if ( nScriptingSignatureState == SignatureState::OK
                   || nScriptingSignatureState == SignatureState::NOTVALIDATED )
diff --git a/sfx2/source/doc/objserv.cxx b/sfx2/source/doc/objserv.cxx
index b438d2d4e269..51276917bd5e 100644
--- a/sfx2/source/doc/objserv.cxx
+++ b/sfx2/source/doc/objserv.cxx
@@ -1521,44 +1521,6 @@ void SfxObjectShell::StateView_Impl(SfxItemSet& /*rSet*/)
 {
 }
 
-SignatureState SfxObjectShell::ImplCheckSignaturesInformation( const uno::Sequence< security::DocumentSignatureInformation >& aInfos )
-{
-    bool bCertValid = true;
-    SignatureState nResult = SignatureState::NOSIGNATURES;
-    bool bCompleteSignature = true;
-    if( aInfos.hasElements() )
-    {
-        nResult = SignatureState::OK;
-        for ( const auto& rInfo : aInfos )
-        {
-            if ( bCertValid )
-            {
-                sal_Int32 nCertStat = rInfo.CertificateStatus;
-                bCertValid = nCertStat == security::CertificateValidity::VALID;
-            }
-
-            if ( !rInfo.SignatureIsValid )
-            {
-                nResult = SignatureState::BROKEN;
-                break; // we know enough
-            }
-            bCompleteSignature &= !rInfo.PartialDocumentSignature;
-        }
-    }
-
-    if (nResult == SignatureState::OK && !bCertValid && !bCompleteSignature)
-        nResult = SignatureState::NOTVALIDATED_PARTIAL_OK;
-    else if (nResult == SignatureState::OK && !bCertValid)
-        nResult = SignatureState::NOTVALIDATED;
-    else if ( nResult == SignatureState::OK && bCertValid && !bCompleteSignature)
-        nResult = SignatureState::PARTIAL_OK;
-
-    // this code must not check whether the document is modified
-    // it should only check the provided info
-
-    return nResult;
-}
-
 /// Does this ZIP storage have a signature stream?
 static bool HasSignatureStream(const uno::Reference<embed::XStorage>& xStorage)
 {
@@ -1656,7 +1618,7 @@ SignatureState SfxObjectShell::ImplGetSignatureState( bool bScriptingContent )
         *pState = SignatureState::NOSIGNATURES;
 
         uno::Sequence< security::DocumentSignatureInformation > aInfos = GetDocumentSignatureInformation( bScriptingContent );
-        *pState = ImplCheckSignaturesInformation( aInfos );
+        *pState = DocumentSignatures::getSignatureState(aInfos);
     }
 
     if ( *pState == SignatureState::OK || *pState == SignatureState::NOTVALIDATED
diff --git a/sfx2/source/doc/objstor.cxx b/sfx2/source/doc/objstor.cxx
index f162bd5dfa92..6d7b3f99ee69 100644
--- a/sfx2/source/doc/objstor.cxx
+++ b/sfx2/source/doc/objstor.cxx
@@ -1604,7 +1604,7 @@ bool SfxObjectShell::SaveTo_Impl
                         uno::Sequence< security::DocumentSignatureInformation > aInfos =
                             xDDSigns->verifyScriptingContentSignatures( xTarget,
                                                                         uno::Reference< io::XInputStream >() );
-                        SignatureState nState = ImplCheckSignaturesInformation( aInfos );
+                        SignatureState nState = DocumentSignatures::getSignatureState(aInfos);
                         if ( nState == SignatureState::OK || nState == SignatureState::NOTVALIDATED
                             || nState == SignatureState::PARTIAL_OK)
                         {
diff --git a/sfx2/source/doc/signaturestate.cxx b/sfx2/source/doc/signaturestate.cxx
new file mode 100644
index 000000000000..d511fa31afed
--- /dev/null
+++ b/sfx2/source/doc/signaturestate.cxx
@@ -0,0 +1,59 @@
+/* -*- Mode: C++; tab-width: 4; indent-tabs-mode: nil; c-basic-offset: 4; fill-column: 100 -*- */
+/*
+ * This file is part of the LibreOffice project.
+ *
+ * This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/.
+ */
+
+#include <sfx2/signaturestate.hxx>
+
+#include <com/sun/star/security/CertificateValidity.hpp>
+#include <com/sun/star/security/DocumentSignatureInformation.hpp>
+
+using namespace css;
+
+namespace DocumentSignatures
+{
+SignatureState
+getSignatureState(const uno::Sequence<security::DocumentSignatureInformation>& aSigInfo)
+{
+    bool bCertValid = true;
+    SignatureState nResult = SignatureState::NOSIGNATURES;
+    bool bCompleteSignature = true;
+    if (!aSigInfo.hasElements())
+        return nResult;
+
+    nResult = SignatureState::OK;
+    for (const auto& rInfo : aSigInfo)
+    {
+        if (bCertValid)
+        {
+            sal_Int32 nCertStat = rInfo.CertificateStatus;
+            bCertValid = nCertStat == security::CertificateValidity::VALID;
+        }
+
+        if (!rInfo.SignatureIsValid)
+        {
+            nResult = SignatureState::BROKEN;
+            break;
+        }
+        bCompleteSignature &= !rInfo.PartialDocumentSignature;
+    }
+
+    if (nResult == SignatureState::OK && !bCertValid && !bCompleteSignature)
+        nResult = SignatureState::NOTVALIDATED_PARTIAL_OK;
+    else if (nResult == SignatureState::OK && !bCertValid)
+        nResult = SignatureState::NOTVALIDATED;
+    else if (nResult == SignatureState::OK && bCertValid && !bCompleteSignature)
+        nResult = SignatureState::PARTIAL_OK;
+
+    // this code must not check whether the document is modified
+    // it should only check the provided info
+
+    return nResult;
+}
+}
+
+/* vim:set shiftwidth=4 softtabstop=4 expandtab cinoptions=b1,g0,N-s cinkeys+=0=break: */
author	Samuel Mehrbrodt <Samuel.Mehrbrodt@cib.de>	2020-03-23 12:11:24 +0100
committer	Thorsten Behrens <Thorsten.Behrens@CIB.de>	2020-05-01 17:49:04 +0200
commit	53006b7618b02b6744feddaea051effc72a17bfa (patch)
tree	114c1273d7d687c56b4d3993f7bdfeb942b1fdb3 /sfx2
parent	c00e8e4eba51caef8b86c270e4212a3be770803d (diff)