xmlsecurity: move the sec context from the format helpers to the sign manager

The signature manager always creates an XML helper, and optionally creates a PDF helper as well. Both of them initialize xmlsec, and when the signature manager is deleted, there are two de-inits, leading to an assertion failure in xmlsec. Fix the problem by moving the duplicated xmlsec init to the signature manager. This has the additional benefit that general security-related code no longer has to talk to the XML helper, it can use the signature manager, which feels more natural. (What viewing a certificate had to do with XML?) Change-Id: If6a6bc433636445f3782849a367d4a7ac0be7688 Reviewed-on: https://gerrit.libreoffice.org/30695 Reviewed-by: Miklos Vajna <vmiklos@collabora.co.uk> Tested-by: Jenkins <ci@libreoffice.org>
author: Miklos Vajna <vmiklos@collabora.co.uk> 2016-11-08 14:10:05 +0100
committer: Miklos Vajna <vmiklos@collabora.co.uk> 2016-11-08 14:50:56 +0000
commit: a69873d212c903ea8a1f0d5ca40ae3f08b83a871 (patch)
tree: f1554b070e0525da09eaf482908780901b1ee324 /xmlsecurity/source/component
parent: 2573f6bba6b3033143b776650f03fd4813669e5b (diff)
1 files changed, 32 insertions, 28 deletions
diff --git a/xmlsecurity/source/component/documentdigitalsignatures.cxx b/xmlsecurity/source/component/documentdigitalsignatures.cxx
index 4320a88dc59e..92eca28cad38 100644
--- a/xmlsecurity/source/component/documentdigitalsignatures.cxx
+++ b/xmlsecurity/source/component/documentdigitalsignatures.cxx
@@ -265,14 +265,23 @@ DocumentDigitalSignatures::ImplVerifySignatures(
     const Reference< css::embed::XStorage >& rxStorage,
     const Reference< css::io::XInputStream >& xSignStream, DocumentSignatureMode eMode ) throw (RuntimeException)
 {
+    DocumentSignatureManager aSignatureManager(mxCtx, eMode);
+
+    bool bInit = aSignatureManager.init();
+
+    SAL_WARN_IF(!bInit, "xmlsecurity.comp", "Error initializing security context!");
+
+    if (!bInit)
+        return uno::Sequence<security::DocumentSignatureInformation>(0);
+
     if (!rxStorage.is())
     {
         if (xSignStream.is())
         {
             // Something not ZIP-based, try PDF.
-            PDFSignatureHelper aSignatureHelper(mxCtx);
-            if (aSignatureHelper.ReadAndVerifySignature(xSignStream))
-                return aSignatureHelper.GetDocumentSignatureInformations();
+            PDFSignatureHelper& rSignatureHelper = aSignatureManager.getPDFSignatureHelper();
+            if (rSignatureHelper.ReadAndVerifySignature(xSignStream))
+                return rSignatureHelper.GetDocumentSignatureInformations(aSignatureManager.getSecurityEnvironment());
         }
 
         SAL_WARN( "xmlsecurity.comp", "Error, no XStorage provided");
@@ -293,29 +302,21 @@ DocumentDigitalSignatures::ImplVerifySignatures(
         return Sequence< css::security::DocumentSignatureInformation >(0);
 
 
-    XMLSignatureHelper aSignatureHelper( mxCtx );
-
-    bool bInit = aSignatureHelper.Init();
-
-    SAL_WARN_IF( !bInit, "xmlsecurity.comp", "Error initializing security context!" );
-
-    if ( !bInit )
-        return Sequence< css::security::DocumentSignatureInformation >(0);
-
-    aSignatureHelper.SetStorage(rxStorage, m_sODFVersion);
+    XMLSignatureHelper& rSignatureHelper = aSignatureManager.maSignatureHelper;
+    rSignatureHelper.SetStorage(rxStorage, m_sODFVersion);
 
-    aSignatureHelper.StartMission();
+    rSignatureHelper.StartMission(aSignatureManager.mxSecurityContext);
 
     if (xInputStream.is())
-        aSignatureHelper.ReadAndVerifySignature(xInputStream);
+        rSignatureHelper.ReadAndVerifySignature(xInputStream);
     else if (aStreamHelper.nStorageFormat == embed::StorageFormats::OFOPXML)
-        aSignatureHelper.ReadAndVerifySignatureStorage(aStreamHelper.xSignatureStorage);
+        rSignatureHelper.ReadAndVerifySignatureStorage(aStreamHelper.xSignatureStorage);
 
-    aSignatureHelper.EndMission();
+    rSignatureHelper.EndMission();
 
-    Reference< css::xml::crypto::XSecurityEnvironment > xSecEnv = aSignatureHelper.GetSecurityEnvironment();
+    uno::Reference<xml::crypto::XSecurityEnvironment> xSecEnv = aSignatureManager.getSecurityEnvironment();
 
-    SignatureInformations aSignInfos = aSignatureHelper.GetSignatureInformations();
+    SignatureInformations aSignInfos = rSignatureHelper.GetSignatureInformations();
     int nInfos = aSignInfos.size();
     Sequence< css::security::DocumentSignatureInformation > aInfos(nInfos);
     css::security::DocumentSignatureInformation* arInfos = aInfos.getArray();
@@ -405,9 +406,10 @@ void DocumentDigitalSignatures::manageTrustedSources(  ) throw (RuntimeException
 
     Reference< css::xml::crypto::XSecurityEnvironment > xSecEnv;
 
-    XMLSignatureHelper aSignatureHelper( mxCtx );
-    if ( aSignatureHelper.Init() )
-        xSecEnv = aSignatureHelper.GetSecurityEnvironment();
+    DocumentSignatureMode eMode{};
+    DocumentSignatureManager aSignatureManager(mxCtx, eMode);
+    if (aSignatureManager.init())
+        xSecEnv = aSignatureManager.getSecurityEnvironment();
 
     ScopedVclPtrInstance< MacroSecurity > aDlg( nullptr, mxCtx, xSecEnv );
     aDlg->Execute();
@@ -416,15 +418,16 @@ void DocumentDigitalSignatures::manageTrustedSources(  ) throw (RuntimeException
 void DocumentDigitalSignatures::showCertificate(
     const Reference< css::security::XCertificate >& Certificate ) throw (RuntimeException, std::exception)
 {
-    XMLSignatureHelper aSignatureHelper( mxCtx );
+    DocumentSignatureMode eMode{};
+    DocumentSignatureManager aSignatureManager(mxCtx, eMode);
 
-    bool bInit = aSignatureHelper.Init();
+    bool bInit = aSignatureManager.init();
 
     SAL_WARN_IF( !bInit, "xmlsecurity.comp", "Error initializing security context!" );
 
     if ( bInit )
     {
-        ScopedVclPtrInstance< CertificateViewer > aViewer( nullptr, aSignatureHelper.GetSecurityEnvironment(), Certificate, false );
+        ScopedVclPtrInstance<CertificateViewer> aViewer(nullptr, aSignatureManager.getSecurityEnvironment(), Certificate, false);
         aViewer->Execute();
     }
 
@@ -460,9 +463,10 @@ Reference< css::security::XCertificate > DocumentDigitalSignatures::chooseCertif
 {
     Reference< css::xml::crypto::XSecurityEnvironment > xSecEnv;
 
-    XMLSignatureHelper aSignatureHelper( mxCtx );
-    if ( aSignatureHelper.Init() )
-        xSecEnv = aSignatureHelper.GetSecurityEnvironment();
+    DocumentSignatureMode eMode{};
+    DocumentSignatureManager aSignatureManager(mxCtx, eMode);
+    if (aSignatureManager.init())
+        xSecEnv = aSignatureManager.getSecurityEnvironment();
 
     ScopedVclPtrInstance< CertificateChooser > aChooser(nullptr, mxCtx, xSecEnv);
author	Miklos Vajna <vmiklos@collabora.co.uk>	2016-11-08 14:10:05 +0100
committer	Miklos Vajna <vmiklos@collabora.co.uk>	2016-11-08 14:50:56 +0000
commit	a69873d212c903ea8a1f0d5ca40ae3f08b83a871 (patch)
tree	f1554b070e0525da09eaf482908780901b1ee324 /xmlsecurity/source/component
parent	2573f6bba6b3033143b776650f03fd4813669e5b (diff)