diff options
author | Miklos Vajna <vmiklos@collabora.com> | 2020-09-04 17:17:48 +0200 |
---|---|---|
committer | Miklos Vajna <vmiklos@collabora.com> | 2020-09-04 18:39:37 +0200 |
commit | 61834cd574568613f0b0a2ee099a60fa5a8d9804 (patch) | |
tree | a53cbd1242fcf6450512148473743bf551c57061 /xmlsecurity/qa | |
parent | c9173b4042d6d4dc2e4b028e133ea60631f6e87d (diff) |
xmlsecurity: pdf incremental updates that are non-commenting are invalid
I.e. it's OK to add incremental updates for annotation/commenting
purposes and that doesn't invalite existing signatures. Everything else
does.
Change-Id: I4607c242b3c6f6b01517b02407e9e7a095e2e069
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/102057
Reviewed-by: Miklos Vajna <vmiklos@collabora.com>
Tested-by: Jenkins
Diffstat (limited to 'xmlsecurity/qa')
-rw-r--r-- | xmlsecurity/qa/unit/signing/data/hide-and-replace-shadow-file-signed-2.pdf | bin | 0 -> 17896 bytes | |||
-rw-r--r-- | xmlsecurity/qa/unit/signing/signing.cxx | 16 |
2 files changed, 16 insertions, 0 deletions
diff --git a/xmlsecurity/qa/unit/signing/data/hide-and-replace-shadow-file-signed-2.pdf b/xmlsecurity/qa/unit/signing/data/hide-and-replace-shadow-file-signed-2.pdf Binary files differnew file mode 100644 index 000000000000..f2b1a71096b2 --- /dev/null +++ b/xmlsecurity/qa/unit/signing/data/hide-and-replace-shadow-file-signed-2.pdf diff --git a/xmlsecurity/qa/unit/signing/signing.cxx b/xmlsecurity/qa/unit/signing/signing.cxx index 774dd5e82721..6f9d05b4651a 100644 --- a/xmlsecurity/qa/unit/signing/signing.cxx +++ b/xmlsecurity/qa/unit/signing/signing.cxx @@ -568,6 +568,22 @@ CPPUNIT_TEST_FIXTURE(SigningTest, testPDFBad) static_cast<int>(pObjectShell->GetDocumentSignatureState())); } +CPPUNIT_TEST_FIXTURE(SigningTest, testPDFHideAndReplace) +{ + createDoc(m_directories.getURLFromSrc(DATA_DIRECTORY) + + "hide-and-replace-shadow-file-signed-2.pdf"); + SfxBaseModel* pBaseModel = dynamic_cast<SfxBaseModel*>(mxComponent.get()); + CPPUNIT_ASSERT(pBaseModel); + SfxObjectShell* pObjectShell = pBaseModel->GetObjectShell(); + CPPUNIT_ASSERT(pObjectShell); + // Without the accompanying fix in place, this test would have failed with: + // - Expected: 2 (BROKEN) + // - Actual : 6 (NOTVALIDATED_PARTIAL_OK) + // i.e. a non-commenting update after a signature was not marked as invalid. + CPPUNIT_ASSERT_EQUAL(static_cast<int>(SignatureState::BROKEN), + static_cast<int>(pObjectShell->GetDocumentSignatureState())); +} + /// Test a typical PDF which is not signed. CPPUNIT_TEST_FIXTURE(SigningTest, testPDFNo) { |