cool#9992 lok doc sign: only take sign cert from the view in the cert chooser

Have two views, in case both of them haver sign certs configured in the NSS database, then the cert chooser would present both, which is not wanted. The problem is that the NSS database contains sign certs from all views, so working from the database is not what we want for the LOK case. Fix the problem by passing the SfxViewShell from the sign dialog to the certificate chooser dialog, and then the chooser can work from the view in LOK mode. Searching for other uses of getPersonalCertificates(), the comphelper/ one is not relevant for the LOK case (gpg is disabled there); the PDF case is only for the UNO API, so those don't necessarily need adjusting. Change-Id: Ic7027b8d218b2bde3c8bf134a4b11c14fd9c3570 Reviewed-on: https://gerrit.libreoffice.org/c/core/+/174002 Reviewed-by: Miklos Vajna <vmiklos@collabora.com> Tested-by: Jenkins
author: Miklos Vajna <vmiklos@collabora.com> 2024-09-27 08:12:04 +0200
committer: Miklos Vajna <vmiklos@collabora.com> 2024-09-27 10:01:30 +0200
commit: a581dbf9829d8407a611907c35c8af632b1397b5 (patch)
tree: 85fdab6fb9b286098619269d9b66b210f4c7b8a7 /xmlsecurity/source/dialogs
parent: 522d2aaf1ca830bcf3bca816b06cc8faa893cd0d (diff)
2 files changed, 21 insertions, 2 deletions
diff --git a/xmlsecurity/source/dialogs/certificatechooser.cxx b/xmlsecurity/source/dialogs/certificatechooser.cxx
index e612027ba759..74ee62475fc0 100644
--- a/xmlsecurity/source/dialogs/certificatechooser.cxx
+++ b/xmlsecurity/source/dialogs/certificatechooser.cxx
@@ -26,6 +26,8 @@
 #include <comphelper/processfactory.hxx>
 #include <comphelper/sequence.hxx>
 #include <comphelper/xmlsechelper.hxx>
+#include <comphelper/lok.hxx>
+#include <sfx2/viewsh.hxx>
 
 #include <com/sun/star/security/NoPasswordException.hpp>
 #include <com/sun/star/security/CertificateCharacters.hpp>
@@ -42,10 +44,12 @@ using namespace comphelper;
 using namespace css;
 
 CertificateChooser::CertificateChooser(weld::Window* _pParent,
+                                       SfxViewShell* pViewShell,
                                        std::vector< css::uno::Reference< css::xml::crypto::XXMLSecurityContext > > && rxSecurityContexts,
                                        CertificateChooserUserAction eAction)
     : GenericDialogController(_pParent, u"xmlsec/ui/selectcertificatedialog.ui"_ustr, u"SelectCertificateDialog"_ustr)
     , meAction(eAction)
+    , m_pViewShell(pViewShell)
     , m_xFTSign(m_xBuilder->weld_label(u"sign"_ustr))
     , m_xFTEncrypt(m_xBuilder->weld_label(u"encrypt"_ustr))
     , m_xFTLoadedCerts(m_xBuilder->weld_label(u"loaded-certs"_ustr))
@@ -206,7 +210,21 @@ void CertificateChooser::ImplInitialize(bool mbSearch)
             else
             {
                 if (meAction == CertificateChooserUserAction::Sign || meAction == CertificateChooserUserAction::SelectSign)
-                    xCerts = secEnvironment->getPersonalCertificates();
+                {
+                    if (comphelper::LibreOfficeKit::isActive())
+                    {
+                        // The LOK case takes the signing certificate from the view.
+                        if (m_pViewShell && m_pViewShell->GetSigningCertificate().is())
+                        {
+                            xCerts = { m_pViewShell->GetSigningCertificate() };
+                        }
+                    }
+                    else
+                    {
+                        // Otherwise working from the system cert store is OK.
+                        xCerts = secEnvironment->getPersonalCertificates();
+                    }
+                }
                 else
                     // Currently (master 2024-07) all X.509 implementations (nss+mscrypt) give an empty list.
                     xCerts = secEnvironment->getAllCertificates();
diff --git a/xmlsecurity/source/dialogs/digitalsignaturesdialog.cxx b/xmlsecurity/source/dialogs/digitalsignaturesdialog.cxx
index 4dcd9d387ccc..ba6c5343ead7 100644
--- a/xmlsecurity/source/dialogs/digitalsignaturesdialog.cxx
+++ b/xmlsecurity/source/dialogs/digitalsignaturesdialog.cxx
@@ -200,6 +200,7 @@ DigitalSignaturesDialog::DigitalSignaturesDialog(
     , m_sODFVersion (std::move(sODFVersion))
     , m_bHasDocumentSignature(bHasDocumentSignature)
     , m_bWarningShowSignMacro(false)
+    , m_pViewShell(pViewShell)
     , m_xHintDocFT(m_xBuilder->weld_label(u"dochint"_ustr))
     , m_xHintBasicFT(m_xBuilder->weld_label(u"macrohint"_ustr))
     , m_xSignaturesLB(m_xBuilder->weld_tree_view(u"signatures"_ustr))
@@ -491,7 +492,7 @@ IMPL_LINK_NOARG(DigitalSignaturesDialog, AddButtonHdl, weld::Button&, void)
         if (DocumentSignatureHelper::CanSignWithGPG(maSignatureManager.getStore(), m_sODFVersion))
             xSecContexts.push_back(maSignatureManager.getGpgSecurityContext());
 
-        std::unique_ptr<CertificateChooser> aChooser = CertificateChooser::getInstance(m_xDialog.get(), std::move(xSecContexts), CertificateChooserUserAction::Sign);
+        std::unique_ptr<CertificateChooser> aChooser = CertificateChooser::getInstance(m_xDialog.get(), m_pViewShell, std::move(xSecContexts), CertificateChooserUserAction::Sign);
         while (aChooser->run() == RET_OK)
         {
             sal_Int32 nSecurityId;
author	Miklos Vajna <vmiklos@collabora.com>	2024-09-27 08:12:04 +0200
committer	Miklos Vajna <vmiklos@collabora.com>	2024-09-27 10:01:30 +0200
commit	a581dbf9829d8407a611907c35c8af632b1397b5 (patch)
tree	85fdab6fb9b286098619269d9b66b210f4c7b8a7 /xmlsecurity/source/dialogs
parent	522d2aaf1ca830bcf3bca816b06cc8faa893cd0d (diff)