xmlsecurity: add initial PDFSignatureHelper

This splits most of the PDF signature code out of the pdfverify
executable, and puts it into the xmlsecurity library instead.

The PDFSignatureHelper now attempts to verify PDF signatures, and code
in sdext / sfx2 also calls it (even if PDF is not a ZIP-based format).

Change-Id: I7b8b3ac9c976e4ea4f3796b1cda07c8a2c97bd02
Reviewed-on: https://gerrit.libreoffice.org/29751
Reviewed-by: Miklos Vajna <vmiklos@collabora.co.uk>
Tested-by: Jenkins <ci@libreoffice.org>

1 files changed, 9 insertions, 0 deletions

diff --git a/xmlsecurity/source/component/documentdigitalsignatures.cxx b/xmlsecurity/source/component/documentdigitalsignatures.cxx
index cfa3d247634f..2fa08a442cd3 100644
--- a/xmlsecurity/source/component/documentdigitalsignatures.cxx
+++ b/xmlsecurity/source/component/documentdigitalsignatures.cxx
@@ -24,6 +24,7 @@
 #include <macrosecurity.hxx>
 #include <biginteger.hxx>
 #include <global.hrc>
+#include <pdfsignaturehelper.hxx>
 
 #include <sax/tools/converter.hxx>
 
@@ -259,6 +260,14 @@ DocumentDigitalSignatures::ImplVerifySignatures(
 {
     if (!rxStorage.is())
     {
+        if (xSignStream.is())
+        {
+            // Something not ZIP-based, try PDF.
+            PDFSignatureHelper aSignatureHelper;
+            if (aSignatureHelper.ReadAndVerifySignature(xSignStream))
+                return aSignatureHelper.GetDocumentSignatureInformations();
+        }
+
         SAL_WARN( "xmlsecurity.comp", "Error, no XStorage provided");
         return Sequence<css::security::DocumentSignatureInformation>();
     }