diff options
| author | Samuel Mehrbrodt <Samuel.Mehrbrodt@cib.de> | 2017-06-27 16:33:59 +0200 |
|---|---|---|
| committer | Samuel Mehrbrodt <Samuel.Mehrbrodt@cib.de> | 2017-06-28 09:39:29 +0200 |
| commit | 0d7b437260ec991ee70769e7fb1002973e431f12 (patch) | |
| tree | af4c1d3f2b831ee889782403b503a0d4b9553739 /xmlsecurity | |
| parent | 7931ef2abbcef22de5cdddd26738e4dd8d1d8ca5 (diff) | |
tdf#108794 gpg4libre: Use key id to get the right key
Change-Id: I5950d192e19e652cbb7680db426bfbd28907a1cb
Reviewed-on: https://gerrit.libreoffice.org/39308
Tested-by: Jenkins <ci@libreoffice.org>
Reviewed-by: Samuel Mehrbrodt <Samuel.Mehrbrodt@cib.de>
Diffstat (limited to 'xmlsecurity')
| -rw-r--r-- | xmlsecurity/source/dialogs/digitalsignaturesdialog.cxx | 2 | ||||
| -rw-r--r-- | xmlsecurity/source/gpg/SecurityEnvironment.cxx | 14 | ||||
| -rw-r--r-- | xmlsecurity/source/gpg/SecurityEnvironment.hxx | 3 |
3 files changed, 13 insertions, 6 deletions
diff --git a/xmlsecurity/source/dialogs/digitalsignaturesdialog.cxx b/xmlsecurity/source/dialogs/digitalsignaturesdialog.cxx index 6f6ea28a40d1..5cb148db7aa1 100644 --- a/xmlsecurity/source/dialogs/digitalsignaturesdialog.cxx +++ b/xmlsecurity/source/dialogs/digitalsignaturesdialog.cxx @@ -687,7 +687,7 @@ uno::Reference<security::XCertificate> DigitalSignaturesDialog::getCertificate(c if (!xCert.is()) xCert = xSecEnv->getCertificate( rInfo.ouX509IssuerName, xmlsecurity::numericStringToBigInteger( rInfo.ouX509SerialNumber ) ); if (!xCert.is()) - xCert = xGpgSecEnv->getCertificate( rInfo.ouX509IssuerName, xmlsecurity::numericStringToBigInteger( rInfo.ouX509SerialNumber ) ); + xCert = xGpgSecEnv->getCertificate( rInfo.ouGpgKeyID, xmlsecurity::numericStringToBigInteger("") ); SAL_WARN_IF( !xCert.is(), "xmlsecurity.dialogs", "Certificate not found and can't be created!" ); diff --git a/xmlsecurity/source/gpg/SecurityEnvironment.cxx b/xmlsecurity/source/gpg/SecurityEnvironment.cxx index 37abf31111a1..45c89f1545d0 100644 --- a/xmlsecurity/source/gpg/SecurityEnvironment.cxx +++ b/xmlsecurity/source/gpg/SecurityEnvironment.cxx @@ -16,6 +16,7 @@ #include <key.h> #include <keylistresult.h> +#include "xmlsec-wrapper.h" using namespace css; using namespace css::security; @@ -97,18 +98,23 @@ Sequence< Reference < XCertificate > > SecurityEnvironmentGpg::getPersonalCertif return xCertificateSequence; } -Reference< XCertificate > SecurityEnvironmentGpg::getCertificate( const OUString& issuerName, const Sequence< sal_Int8 >& /*serialNumber*/ ) +Reference< XCertificate > SecurityEnvironmentGpg::getCertificate( const OUString& keyId, const Sequence< sal_Int8 >& /*serialNumber*/ ) { CertificateImpl* xCert=nullptr; + //xmlChar* pSignatureValue=xmlNodeGetContent(cur); + OString ostr = OUStringToOString( keyId , RTL_TEXTENCODING_UTF8 ); + const xmlChar* strKeyId = reinterpret_cast<const xmlChar*>(ostr.getStr()); + if(xmlSecBase64Decode(strKeyId, const_cast<xmlSecByte*>(strKeyId), xmlStrlen(strKeyId)) < 0) + throw RuntimeException("Base64 decode failed"); + m_ctx->setKeyListMode(GPGME_KEYLIST_MODE_LOCAL); - OString ostr = OUStringToOString( issuerName , RTL_TEXTENCODING_UTF8 ); - GpgME::Error err = m_ctx->startKeyListing(ostr.getStr(), true); + GpgME::Error err = m_ctx->startKeyListing("", true); while (!err) { GpgME::Key k = m_ctx->nextKey(err); if (err) break; - if (!k.isInvalid()) { + if (!k.isInvalid() && strcmp(k.keyID(), reinterpret_cast<const char*>(strKeyId)) == 0) { xCert = new CertificateImpl(); xCert->setCertificate(m_ctx.get(), k); m_ctx->endKeyListing(); diff --git a/xmlsecurity/source/gpg/SecurityEnvironment.hxx b/xmlsecurity/source/gpg/SecurityEnvironment.hxx index 66d79bb8643e..2af512bc746b 100644 --- a/xmlsecurity/source/gpg/SecurityEnvironment.hxx +++ b/xmlsecurity/source/gpg/SecurityEnvironment.hxx @@ -55,7 +55,8 @@ public: virtual css::uno::Sequence< css::uno::Reference< css::security::XCertificate > > SAL_CALL getPersonalCertificates() override; - virtual css::uno::Reference< css::security::XCertificate > SAL_CALL getCertificate( const OUString& issuerName, const css::uno::Sequence< sal_Int8 >& serialNumber ) override; + /** We reinterpret the first parameter (originally issuerName) as keyId. We have no other way to identify a gpg key. */ + virtual css::uno::Reference< css::security::XCertificate > SAL_CALL getCertificate( const OUString& keyId, const css::uno::Sequence< sal_Int8 >& serialNumber ) override; virtual css::uno::Sequence< css::uno::Reference< css::security::XCertificate > > SAL_CALL buildCertificatePath( const css::uno::Reference< css::security::XCertificate >& beginCert ) override; |