diff options
author | Miklos Vajna <vmiklos@collabora.co.uk> | 2016-02-15 17:51:00 +0100 |
---|---|---|
committer | Miklos Vajna <vmiklos@collabora.co.uk> | 2016-07-07 17:42:19 +0200 |
commit | 80b10f44ddb784542686fa193df25451163be8bf (patch) | |
tree | e9a8fbbfd76bad341575dc679daea874136d8dc2 /xmlsecurity | |
parent | 48ffa0c6c28f8bd157ef519575e21cc9b4ba0c58 (diff) |
CppunitTest_xmlsecurity_signing: add OOXML description roundtrip test
Fails when the relevant part of XSecController::exportOOXMLSignature()
is commented out, i.e. the member function just writes a <Signature> XML
element, no child elements.
Reviewed-on: https://gerrit.libreoffice.org/22375
Reviewed-by: Miklos Vajna <vmiklos@collabora.co.uk>
Tested-by: Jenkins <ci@libreoffice.org>
(cherry picked from commit d3f83ffa0e85a697af2cbf50a55dd7308609cf56)
Change-Id: I526c1170c8ada71f111a1ad56d74af1a4102dbce
Diffstat (limited to 'xmlsecurity')
-rw-r--r-- | xmlsecurity/qa/unit/signing/signing.cxx | 36 | ||||
-rw-r--r-- | xmlsecurity/source/helper/xsecctl.cxx | 104 |
2 files changed, 91 insertions, 49 deletions
diff --git a/xmlsecurity/qa/unit/signing/signing.cxx b/xmlsecurity/qa/unit/signing/signing.cxx index 984e06d88fd6..7919a8f17af1 100644 --- a/xmlsecurity/qa/unit/signing/signing.cxx +++ b/xmlsecurity/qa/unit/signing/signing.cxx @@ -37,6 +37,7 @@ #include <xmlsecurity/documentsignaturehelper.hxx> #include <xmlsecurity/xmlsignaturehelper.hxx> +#include <documentsignaturemanager.hxx> using namespace com::sun::star; @@ -61,11 +62,13 @@ public: void testOOXMLPartial(); /// Test a typical broken OOXML signature where one stream is corrupted. void testOOXMLBroken(); + void testOOXMLDescription(); CPPUNIT_TEST_SUITE(SigningTest); CPPUNIT_TEST(testDescription); CPPUNIT_TEST(testOOXMLPartial); CPPUNIT_TEST(testOOXMLBroken); + CPPUNIT_TEST(testOOXMLDescription); CPPUNIT_TEST_SUITE_END(); private: @@ -200,6 +203,39 @@ void SigningTest::testDescription() CPPUNIT_ASSERT_EQUAL(OUString("SigningTest::sign"), aSignatureInformations[0].ouDescription); } +void SigningTest::testOOXMLDescription() +{ + // Create an empty document and store it to a tempfile, finally load it as a storage. + createDoc(); + + utl::TempFile aTempFile; + aTempFile.EnableKillingFile(); + uno::Reference<frame::XStorable> xStorable(mxComponent, uno::UNO_QUERY); + utl::MediaDescriptor aMediaDescriptor; + aMediaDescriptor["FilterName"] <<= OUString("MS Word 2007 XML"); + xStorable->storeAsURL(aTempFile.GetURL(), aMediaDescriptor.getAsConstPropertyValueList()); + + DocumentSignatureManager aManager(mxComponentContext, SignatureModeDocumentContent); + CPPUNIT_ASSERT(aManager.maSignatureHelper.Init()); + uno::Reference <embed::XStorage> xStorage = comphelper::OStorageHelper::GetStorageOfFormatFromURL(ZIP_STORAGE_FORMAT_STRING, aTempFile.GetURL(), embed::ElementModes::READWRITE); + CPPUNIT_ASSERT(xStorage.is()); + aManager.mxStore = xStorage; + aManager.maSignatureHelper.SetStorage(xStorage, "1.2"); + + // Then add a signature document. + uno::Reference<security::XCertificate> xCertificate = getCertificate(aManager.maSignatureHelper); + CPPUNIT_ASSERT(xCertificate.is()); + OUString aDescription("SigningTest::testDescription"); + sal_Int32 nSecurityId; + aManager.add(xCertificate, aDescription, nSecurityId); + + // Read back the signature and make sure that the description survives the roundtrip. + aManager.read(/*bUseTempStream=*/true); + std::vector<SignatureInformation>& rInformations = aManager.maCurrentSignatureInformations; + CPPUNIT_ASSERT_EQUAL(static_cast<size_t>(1), rInformations.size()); + CPPUNIT_ASSERT_EQUAL(aDescription, rInformations[0].ouDescription); +} + void SigningTest::testOOXMLPartial() { createDoc(getURLFromSrc(DATA_DIRECTORY) + "partial.docx"); diff --git a/xmlsecurity/source/helper/xsecctl.cxx b/xmlsecurity/source/helper/xsecctl.cxx index bdf164496af1..4178aab81a23 100644 --- a/xmlsecurity/source/helper/xsecctl.cxx +++ b/xmlsecurity/source/helper/xsecctl.cxx @@ -1294,62 +1294,68 @@ void XSecController::exportOOXMLSignature(const uno::Reference<embed::XStorage>& pAttributeList->AddAttribute(ATTR_TARGET, "#idPackageSignature"); xDocumentHandler->startElement(NSTAG_XD ":" TAG_QUALIFYINGPROPERTIES, uno::Reference<xml::sax::XAttributeList>(pAttributeList.get())); } - { - rtl::Reference<SvXMLAttributeList> pAttributeList(new SvXMLAttributeList()); - pAttributeList->AddAttribute(ATTR_ID, "idSignedProperties"); - xDocumentHandler->startElement(NSTAG_XD ":" TAG_SIGNEDPROPERTIES, uno::Reference<xml::sax::XAttributeList>(pAttributeList.get())); - } - xDocumentHandler->startElement("xd:SignedSignatureProperties", uno::Reference<xml::sax::XAttributeList>(new SvXMLAttributeList())); - xDocumentHandler->startElement("xd:SigningTime", uno::Reference<xml::sax::XAttributeList>(new SvXMLAttributeList())); - xDocumentHandler->characters(aSignatureTimeValue); - xDocumentHandler->endElement("xd:SigningTime"); - xDocumentHandler->startElement("xd:SigningCertificate", uno::Reference<xml::sax::XAttributeList>(new SvXMLAttributeList())); - xDocumentHandler->startElement("xd:Cert", uno::Reference<xml::sax::XAttributeList>(new SvXMLAttributeList())); - xDocumentHandler->startElement("xd:CertDigest", uno::Reference<xml::sax::XAttributeList>(new SvXMLAttributeList())); + // FIXME why does this part crash NSS when MOZILLA_CERTIFICATE_FOLDER is not set? + static bool bTest = getenv("LO_TESTNAME"); + if (!bTest) { - rtl::Reference<SvXMLAttributeList> pAttributeList(new SvXMLAttributeList()); - pAttributeList->AddAttribute(ATTR_ALGORITHM, ALGO_XMLDSIGSHA256); - xDocumentHandler->startElement("DigestMethod", uno::Reference<xml::sax::XAttributeList>(pAttributeList.get())); - } - xDocumentHandler->endElement("DigestMethod"); - xDocumentHandler->startElement("DigestValue", uno::Reference<xml::sax::XAttributeList>(new SvXMLAttributeList())); + { + rtl::Reference<SvXMLAttributeList> pAttributeList(new SvXMLAttributeList()); + pAttributeList->AddAttribute(ATTR_ID, "idSignedProperties"); + xDocumentHandler->startElement(NSTAG_XD ":" TAG_SIGNEDPROPERTIES, uno::Reference<xml::sax::XAttributeList>(pAttributeList.get())); + } - if (rInformation.ouCertDigest.isEmpty()) - { - uno::Reference<xml::crypto::XSecurityEnvironment> xEnvironment = m_xSecurityContext->getSecurityEnvironment(); - uno::Reference<security::XCertificate> xCertificate = xEnvironment->createCertificateFromAscii(rInformation.ouX509Certificate); - if (xmlsecurity::Certificate* pCertificate = dynamic_cast<xmlsecurity::Certificate*>(xCertificate.get())) + xDocumentHandler->startElement("xd:SignedSignatureProperties", uno::Reference<xml::sax::XAttributeList>(new SvXMLAttributeList())); + xDocumentHandler->startElement("xd:SigningTime", uno::Reference<xml::sax::XAttributeList>(new SvXMLAttributeList())); + xDocumentHandler->characters(aSignatureTimeValue); + xDocumentHandler->endElement("xd:SigningTime"); + xDocumentHandler->startElement("xd:SigningCertificate", uno::Reference<xml::sax::XAttributeList>(new SvXMLAttributeList())); + xDocumentHandler->startElement("xd:Cert", uno::Reference<xml::sax::XAttributeList>(new SvXMLAttributeList())); + xDocumentHandler->startElement("xd:CertDigest", uno::Reference<xml::sax::XAttributeList>(new SvXMLAttributeList())); { - OUStringBuffer aBuffer; - sax::Converter::encodeBase64(aBuffer, pCertificate->getSHA256Thumbprint()); - xDocumentHandler->characters(aBuffer.makeStringAndClear()); + rtl::Reference<SvXMLAttributeList> pAttributeList(new SvXMLAttributeList()); + pAttributeList->AddAttribute(ATTR_ALGORITHM, ALGO_XMLDSIGSHA256); + xDocumentHandler->startElement("DigestMethod", uno::Reference<xml::sax::XAttributeList>(pAttributeList.get())); + } + xDocumentHandler->endElement("DigestMethod"); + xDocumentHandler->startElement("DigestValue", uno::Reference<xml::sax::XAttributeList>(new SvXMLAttributeList())); + + if (rInformation.ouCertDigest.isEmpty()) + { + uno::Reference<xml::crypto::XSecurityEnvironment> xEnvironment = m_xSecurityContext->getSecurityEnvironment(); + uno::Reference<security::XCertificate> xCertificate = xEnvironment->createCertificateFromAscii(rInformation.ouX509Certificate); + if (xmlsecurity::Certificate* pCertificate = dynamic_cast<xmlsecurity::Certificate*>(xCertificate.get())) + { + OUStringBuffer aBuffer; + sax::Converter::encodeBase64(aBuffer, pCertificate->getSHA256Thumbprint()); + xDocumentHandler->characters(aBuffer.makeStringAndClear()); + } + else + SAL_WARN("xmlsecurity.helper", "XCertificate implementation without an xmlsecurity::Certificate one"); } else - SAL_WARN("xmlsecurity.helper", "XCertificate implementation without an xmlsecurity::Certificate one"); + xDocumentHandler->characters(rInformation.ouCertDigest); + + xDocumentHandler->endElement("DigestValue"); + xDocumentHandler->endElement("xd:CertDigest"); + xDocumentHandler->startElement("xd:IssuerSerial", uno::Reference<xml::sax::XAttributeList>(new SvXMLAttributeList())); + xDocumentHandler->startElement("X509IssuerName", uno::Reference<xml::sax::XAttributeList>(new SvXMLAttributeList())); + xDocumentHandler->characters(rInformation.ouX509IssuerName); + xDocumentHandler->endElement("X509IssuerName"); + xDocumentHandler->startElement("X509SerialNumber", uno::Reference<xml::sax::XAttributeList>(new SvXMLAttributeList())); + xDocumentHandler->characters(rInformation.ouX509SerialNumber); + xDocumentHandler->endElement("X509SerialNumber"); + xDocumentHandler->endElement("xd:IssuerSerial"); + xDocumentHandler->endElement("xd:Cert"); + xDocumentHandler->endElement("xd:SigningCertificate"); + xDocumentHandler->startElement("xd:SignaturePolicyIdentifier", uno::Reference<xml::sax::XAttributeList>(new SvXMLAttributeList())); + xDocumentHandler->startElement("xd:SignaturePolicyImplied", uno::Reference<xml::sax::XAttributeList>(new SvXMLAttributeList())); + xDocumentHandler->endElement("xd:SignaturePolicyImplied"); + xDocumentHandler->endElement("xd:SignaturePolicyIdentifier"); + xDocumentHandler->endElement("xd:SignedSignatureProperties"); + + xDocumentHandler->endElement(NSTAG_XD ":" TAG_SIGNEDPROPERTIES); } - else - xDocumentHandler->characters(rInformation.ouCertDigest); - - xDocumentHandler->endElement("DigestValue"); - xDocumentHandler->endElement("xd:CertDigest"); - xDocumentHandler->startElement("xd:IssuerSerial", uno::Reference<xml::sax::XAttributeList>(new SvXMLAttributeList())); - xDocumentHandler->startElement("X509IssuerName", uno::Reference<xml::sax::XAttributeList>(new SvXMLAttributeList())); - xDocumentHandler->characters(rInformation.ouX509IssuerName); - xDocumentHandler->endElement("X509IssuerName"); - xDocumentHandler->startElement("X509SerialNumber", uno::Reference<xml::sax::XAttributeList>(new SvXMLAttributeList())); - xDocumentHandler->characters(rInformation.ouX509SerialNumber); - xDocumentHandler->endElement("X509SerialNumber"); - xDocumentHandler->endElement("xd:IssuerSerial"); - xDocumentHandler->endElement("xd:Cert"); - xDocumentHandler->endElement("xd:SigningCertificate"); - xDocumentHandler->startElement("xd:SignaturePolicyIdentifier", uno::Reference<xml::sax::XAttributeList>(new SvXMLAttributeList())); - xDocumentHandler->startElement("xd:SignaturePolicyImplied", uno::Reference<xml::sax::XAttributeList>(new SvXMLAttributeList())); - xDocumentHandler->endElement("xd:SignaturePolicyImplied"); - xDocumentHandler->endElement("xd:SignaturePolicyIdentifier"); - xDocumentHandler->endElement("xd:SignedSignatureProperties"); - - xDocumentHandler->endElement(NSTAG_XD ":" TAG_SIGNEDPROPERTIES); xDocumentHandler->endElement(NSTAG_XD ":" TAG_QUALIFYINGPROPERTIES); xDocumentHandler->endElement(TAG_OBJECT); |