diff options
author | Miklos Vajna <vmiklos@collabora.co.uk> | 2016-11-08 14:10:05 +0100 |
---|---|---|
committer | Miklos Vajna <vmiklos@collabora.co.uk> | 2016-11-08 14:50:56 +0000 |
commit | a69873d212c903ea8a1f0d5ca40ae3f08b83a871 (patch) | |
tree | f1554b070e0525da09eaf482908780901b1ee324 /xmlsecurity/source/component | |
parent | 2573f6bba6b3033143b776650f03fd4813669e5b (diff) |
xmlsecurity: move the sec context from the format helpers to the sign manager
The signature manager always creates an XML helper, and optionally creates a
PDF helper as well. Both of them initialize xmlsec, and when the signature
manager is deleted, there are two de-inits, leading to an assertion failure in
xmlsec.
Fix the problem by moving the duplicated xmlsec init to the signature manager.
This has the additional benefit that general security-related code no longer
has to talk to the XML helper, it can use the signature manager, which feels
more natural. (What viewing a certificate had to do with XML?)
Change-Id: If6a6bc433636445f3782849a367d4a7ac0be7688
Reviewed-on: https://gerrit.libreoffice.org/30695
Reviewed-by: Miklos Vajna <vmiklos@collabora.co.uk>
Tested-by: Jenkins <ci@libreoffice.org>
Diffstat (limited to 'xmlsecurity/source/component')
-rw-r--r-- | xmlsecurity/source/component/documentdigitalsignatures.cxx | 60 |
1 files changed, 32 insertions, 28 deletions
diff --git a/xmlsecurity/source/component/documentdigitalsignatures.cxx b/xmlsecurity/source/component/documentdigitalsignatures.cxx index 4320a88dc59e..92eca28cad38 100644 --- a/xmlsecurity/source/component/documentdigitalsignatures.cxx +++ b/xmlsecurity/source/component/documentdigitalsignatures.cxx @@ -265,14 +265,23 @@ DocumentDigitalSignatures::ImplVerifySignatures( const Reference< css::embed::XStorage >& rxStorage, const Reference< css::io::XInputStream >& xSignStream, DocumentSignatureMode eMode ) throw (RuntimeException) { + DocumentSignatureManager aSignatureManager(mxCtx, eMode); + + bool bInit = aSignatureManager.init(); + + SAL_WARN_IF(!bInit, "xmlsecurity.comp", "Error initializing security context!"); + + if (!bInit) + return uno::Sequence<security::DocumentSignatureInformation>(0); + if (!rxStorage.is()) { if (xSignStream.is()) { // Something not ZIP-based, try PDF. - PDFSignatureHelper aSignatureHelper(mxCtx); - if (aSignatureHelper.ReadAndVerifySignature(xSignStream)) - return aSignatureHelper.GetDocumentSignatureInformations(); + PDFSignatureHelper& rSignatureHelper = aSignatureManager.getPDFSignatureHelper(); + if (rSignatureHelper.ReadAndVerifySignature(xSignStream)) + return rSignatureHelper.GetDocumentSignatureInformations(aSignatureManager.getSecurityEnvironment()); } SAL_WARN( "xmlsecurity.comp", "Error, no XStorage provided"); @@ -293,29 +302,21 @@ DocumentDigitalSignatures::ImplVerifySignatures( return Sequence< css::security::DocumentSignatureInformation >(0); - XMLSignatureHelper aSignatureHelper( mxCtx ); - - bool bInit = aSignatureHelper.Init(); - - SAL_WARN_IF( !bInit, "xmlsecurity.comp", "Error initializing security context!" ); - - if ( !bInit ) - return Sequence< css::security::DocumentSignatureInformation >(0); - - aSignatureHelper.SetStorage(rxStorage, m_sODFVersion); + XMLSignatureHelper& rSignatureHelper = aSignatureManager.maSignatureHelper; + rSignatureHelper.SetStorage(rxStorage, m_sODFVersion); - aSignatureHelper.StartMission(); + rSignatureHelper.StartMission(aSignatureManager.mxSecurityContext); if (xInputStream.is()) - aSignatureHelper.ReadAndVerifySignature(xInputStream); + rSignatureHelper.ReadAndVerifySignature(xInputStream); else if (aStreamHelper.nStorageFormat == embed::StorageFormats::OFOPXML) - aSignatureHelper.ReadAndVerifySignatureStorage(aStreamHelper.xSignatureStorage); + rSignatureHelper.ReadAndVerifySignatureStorage(aStreamHelper.xSignatureStorage); - aSignatureHelper.EndMission(); + rSignatureHelper.EndMission(); - Reference< css::xml::crypto::XSecurityEnvironment > xSecEnv = aSignatureHelper.GetSecurityEnvironment(); + uno::Reference<xml::crypto::XSecurityEnvironment> xSecEnv = aSignatureManager.getSecurityEnvironment(); - SignatureInformations aSignInfos = aSignatureHelper.GetSignatureInformations(); + SignatureInformations aSignInfos = rSignatureHelper.GetSignatureInformations(); int nInfos = aSignInfos.size(); Sequence< css::security::DocumentSignatureInformation > aInfos(nInfos); css::security::DocumentSignatureInformation* arInfos = aInfos.getArray(); @@ -405,9 +406,10 @@ void DocumentDigitalSignatures::manageTrustedSources( ) throw (RuntimeException Reference< css::xml::crypto::XSecurityEnvironment > xSecEnv; - XMLSignatureHelper aSignatureHelper( mxCtx ); - if ( aSignatureHelper.Init() ) - xSecEnv = aSignatureHelper.GetSecurityEnvironment(); + DocumentSignatureMode eMode{}; + DocumentSignatureManager aSignatureManager(mxCtx, eMode); + if (aSignatureManager.init()) + xSecEnv = aSignatureManager.getSecurityEnvironment(); ScopedVclPtrInstance< MacroSecurity > aDlg( nullptr, mxCtx, xSecEnv ); aDlg->Execute(); @@ -416,15 +418,16 @@ void DocumentDigitalSignatures::manageTrustedSources( ) throw (RuntimeException void DocumentDigitalSignatures::showCertificate( const Reference< css::security::XCertificate >& Certificate ) throw (RuntimeException, std::exception) { - XMLSignatureHelper aSignatureHelper( mxCtx ); + DocumentSignatureMode eMode{}; + DocumentSignatureManager aSignatureManager(mxCtx, eMode); - bool bInit = aSignatureHelper.Init(); + bool bInit = aSignatureManager.init(); SAL_WARN_IF( !bInit, "xmlsecurity.comp", "Error initializing security context!" ); if ( bInit ) { - ScopedVclPtrInstance< CertificateViewer > aViewer( nullptr, aSignatureHelper.GetSecurityEnvironment(), Certificate, false ); + ScopedVclPtrInstance<CertificateViewer> aViewer(nullptr, aSignatureManager.getSecurityEnvironment(), Certificate, false); aViewer->Execute(); } @@ -460,9 +463,10 @@ Reference< css::security::XCertificate > DocumentDigitalSignatures::chooseCertif { Reference< css::xml::crypto::XSecurityEnvironment > xSecEnv; - XMLSignatureHelper aSignatureHelper( mxCtx ); - if ( aSignatureHelper.Init() ) - xSecEnv = aSignatureHelper.GetSecurityEnvironment(); + DocumentSignatureMode eMode{}; + DocumentSignatureManager aSignatureManager(mxCtx, eMode); + if (aSignatureManager.init()) + xSecEnv = aSignatureManager.getSecurityEnvironment(); ScopedVclPtrInstance< CertificateChooser > aChooser(nullptr, mxCtx, xSecEnv); |