diff options
| author | Patrick Luby <guibmacdev@gmail.com> | 2024-03-24 12:46:45 -0400 |
|---|---|---|
| committer | Thorsten Behrens <thorsten.behrens@allotropia.de> | 2024-03-26 10:01:31 +0100 |
| commit | 6a049e417b029f3733fcee05f99a3e8875aefdb8 (patch) | |
| tree | 80d98c7940446aa6e3a42aae8ab141e50788ff5a /xmlsecurity/source | |
| parent | a3eefc0fbe7d9a9ed946979c97a41181cd043593 (diff) | |
tdf#160184 ask user if they want to trust an untrusted certificate
gpgme contexts uses the "auto" trust model by default which only
allows encrypting with keys that have their trust level set to
"Ultimate". The gpg command, however, gives the user the option
to encrypt with a certificate that has a lower trust level so
emulate that bahavior by asking the user if they want to trust
the certificate for just this operation only.
Also, abort saving if no certificates are selected which is an
indication that the user cancelled the Select Certificate dialog.
Change-Id: I20951b1e31b2dcf8adb82243742f8c00fbaca8c2
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/165260
Tested-by: Jenkins
Reviewed-by: Patrick Luby <guibomacdev@gmail.com>
Reviewed-by: Thorsten Behrens <thorsten.behrens@allotropia.de>
Diffstat (limited to 'xmlsecurity/source')
| -rw-r--r-- | xmlsecurity/source/component/documentdigitalsignatures.cxx | 14 |
1 files changed, 14 insertions, 0 deletions
diff --git a/xmlsecurity/source/component/documentdigitalsignatures.cxx b/xmlsecurity/source/component/documentdigitalsignatures.cxx index a06fcc81d128..f6ffd9a7566f 100644 --- a/xmlsecurity/source/component/documentdigitalsignatures.cxx +++ b/xmlsecurity/source/component/documentdigitalsignatures.cxx @@ -201,6 +201,9 @@ public: css::uno::Reference<css::embed::XStorage> const& xStoragexStorage, css::uno::Reference<css::io::XStream> const& xStream) override; + sal_Bool SAL_CALL trustUntrustedCertificate( + css::uno::Reference<css::security::XCertificate> const& xCertificate) override; + sal_Bool SAL_CALL signScriptingContentWithCertificate( css::uno::Reference<css::security::XCertificate> const& xCertificate, css::uno::Reference<css::embed::XStorage> const& xStoragexStorage, @@ -840,6 +843,17 @@ sal_Bool DocumentDigitalSignatures::signPackageWithCertificate( DocumentSignatureMode::Package); } +sal_Bool DocumentDigitalSignatures::trustUntrustedCertificate( + css::uno::Reference<css::security::XCertificate> const& xCertificate) +{ + OUString aSubjectName(comphelper::xmlsec::GetContentPart(xCertificate->getSubjectName(), xCertificate->getCertificateKind())); + OUString aMsg(XsResId(STR_TRUST_UNTRUSTED_PUBKEY)); + aMsg = aMsg.replaceFirst("%{data}", aSubjectName); + std::unique_ptr<weld::MessageDialog> m_xQueryBox(Application::CreateMessageDialog(nullptr, VclMessageType::Error, VclButtonsType::YesNo, aMsg)); + m_xQueryBox->set_default_response(RET_NO); + return m_xQueryBox->run() == RET_YES; +} + sal_Bool DocumentDigitalSignatures::signScriptingContentWithCertificate( css::uno::Reference<css::security::XCertificate> const& xCertificate, css::uno::Reference<css::embed::XStorage> const& xStorage, |