| Age | Commit message (Collapse) | Author |
|---|
|
Change-Id: Ibf313b8948a493043006ebf3a8281487c1f67b48
Reviewed-on: https://gerrit.libreoffice.org/25532
Tested-by: Jenkins <ci@libreoffice.org>
Reviewed-by: Tor Lillqvist <tml@collabora.com>
Tested-by: Tor Lillqvist <tml@collabora.com>
|
|
Change-Id: I25ba55456be62307348eec529bfd434f8a90bac4
|
|
The names for the KeyUsage bits defined in RFC3280 are stored in the
.ui file for localisation
Change-Id: Ia2cbfd28c8a5df6c94d4926fe98ea7048ff41dde
|
|
Change-Id: I7168d44dab8e6a8e37bb7920d744ff32f5e52907
Reviewed-on: https://gerrit.libreoffice.org/24019
Tested-by: Jenkins <ci@libreoffice.org>
Reviewed-by: Noel Grandin <noelgrandin@gmail.com>
|
|
remove <boost/noncopyable.hpp> in pch and
remove boost from makefile if it was the only boost entry.
Change-Id: Icb945ae59c137571f4f63807601738eea5c3e831
Reviewed-on: https://gerrit.libreoffice.org/24061
Tested-by: Jenkins <ci@libreoffice.org>
Reviewed-by: Michael Stahl <mstahl@redhat.com>
|
|
Change-Id: I6075ee18168f19e73c415bf4f0c3423b7a489175
|
|
and unused using-declarations from Reference.h
Change-Id: I297a7ae6044fa329d245ecf08fd5c4cb930f5b19
Reviewed-on: https://gerrit.libreoffice.org/23735
Tested-by: Jenkins <ci@libreoffice.org>
Reviewed-by: Markus Mohrhard <markus.mohrhard@googlemail.com>
|
|
move include/vcl/impdel.hxx to vcl/inc/
include impdel.hxx in salframe.hxx
remove vcl/impdel.hxx includes in pch
add missing <list> includes
Change-Id: Id146363b2e20ce0238542929c26a83efb1e8c4bd
Reviewed-on: https://gerrit.libreoffice.org/23664
Tested-by: Jenkins <ci@libreoffice.org>
Reviewed-by: Noel Grandin <noelgrandin@gmail.com>
|
|
Change-Id: I4b89f97671ab526e5731d2f1f99802e23f3fd4b5
|
|
The signature relation refers to _xmlsignatures/origin.sigs, but
that's not written when all signatures are removed.
Change-Id: I5ee1c8849962cba4b338e6f43243bcf89aedad36
|
|
To be able to unit-test this later without creating a vcl dialog.
Change-Id: I4794e212ffefc2efa3bddaf58e6c6bf2a4ea8d9a
|
|
So that it'll be possible to call that code without an active dialog,
from a headless unit test.
Change-Id: I1728a666ff5d84b337efd7e2b7eb68469896257a
|
|
When adding a signature, first we export it to a temp. storage, then
read it back, show the verification to the user, and then later we do or
do not write the temp. storage back to the original one.
This means the signature gets exported two times, and MSO only considers
the final result valid. So when caching signatures (to avoid a real
export based on our data model), don't cache the one we just added to
the temp. storage, but do a real export second time as well.
With this, MSO considers our appended signature (next to an existing
one) valid, too.
Change-Id: I4d615298463e037ea4e654ff5c3addcef8b0a094
|
|
We append a new signature to a document by re-exporting the existing
ones, then writing the new signature. Given that existing signatures
aren't canonicalized before hashing, write them back as-is.
With this, our own signature verification is happy about the export
result, containing an existing and a newly created signature.
Change-Id: I0ff57a2266c6070a945f0c45ca5793406678be60
|
|
Every other aspect of the certificate is calculated earlier in
DocumentSignatureManager, so calculate the digest there as well.
Change-Id: Icd97f3ecb084bbce60fcdfa496b6aaf0ac75026d
|
|
Internal headers should not be exposed, rather
xmlsec-wrapper.h should be used. Unfortunately,
the latter causes undefined symbols on Linux
when pch is enabled.
Change-Id: Id68f1cde5090f1a8ba9530894e08edbeb3ad4165
Reviewed-on: https://gerrit.libreoffice.org/22811
Tested-by: Jenkins <ci@libreoffice.org>
Reviewed-by: Stephan Bergmann <sbergman@redhat.com>
|
|
...where external/libxmlsec/ExternalProject_xmlsec.mk uses win32/configure.js
instead of configure. But that inconsistency generally got hidden on Windows by
xmlsecurity/inc/pch/precompiled_xsec_xmlsec.hxx including the raw xmlsec include
files instead of xmlsecurity/xmlsec-wrapper.h, so only gets noticed when using
--disable-pch (as is needed when building with clang-cl).
TODO: Don't know how to fix bin/update_pch so that precompiled_xsec_xmlsec.hxx
doesn't get broken again on the next update.
Change-Id: If385066a1e0f949d943aab7e9a5e969fbf0d0794
|
|
stage 2 of replacing usage of various checks for the windows platform
with the compiler-defined '_WIN32' macro
In this stage we focus on replacing usage of the WIN macro
Change-Id: Ie8a4a63198a6de96bd158ecd707dadafb9c8ea84
Reviewed-on: https://gerrit.libreoffice.org/22393
Tested-by: Jenkins <ci@libreoffice.org>
Reviewed-by: Noel Grandin <noelgrandin@gmail.com>
|
|
It's hard to unit test signing when the logic is implemented in the Add
and OK button handlers.
Change-Id: I5e07df69cd808cf170e21dfd55f2f44bc79c58a8
|
|
Another redundant field: it's the SHA-256 digest of the certificate data
for OOXML, not used for ODF. We need to store it after import, as we no
longer have the security environment at hand when we store the signature
to the persistent storage.
Change-Id: I3bcccb3c7c4f4178c0b267ce87777fba543f8716
|
|
OOXML export will need an SHA-256 hash of the certificate, introducing
a css::security::XCertificate2 just for this would be probably an
overkill. The same will have to be done in the mscrypto backend in the
near future.
Change-Id: Id2df06416a713927edd60e1253ff8e1c09dd706a
|
|
Our own importer is happy about the export result already, but MSO is
more picky, and mandates the correct content types for both
_xmlsignatures/origin.sigs and the individual signature streams.
With this, MSO can open the signed file again (while previously it just
declared the file corrupted), though it still declares the signature
invalid.
Change-Id: I199ad96bb91e7ce03fdf1f10f9500db4e05bb5c1
|
|
Change-Id: Ia24a1b64d4adfc0db537704779ca25cfd86cac8f
|
|
Change-Id: I5fd400f095998184107c10afa95fe8b12c123d33
|
|
In ODF, they're relative to the package root, in OOXML they always start
with a leading slash.
Also, in OOXML the stream URI should have its content type as the
suffix.
Change-Id: Iac570ed15533a23c8a6098f99b716f90e1bac0e0
|
|
A ridiculously fast way of doing this is:
for i in $(pcregrep -l -M -r --include='.*[hc]xx$' \
--exclude-dir=workdir --exclude-dir=instdir '^
{3,}' .)
do
perl -0777 -i -pe 's/^
{3,}/
/gm' $i
done
Change-Id: Iebb93eccbee9e4fc5c4380474ba595858a27ac2c
Reviewed-on: https://gerrit.libreoffice.org/22224
Tested-by: Jenkins <ci@libreoffice.org>
Reviewed-by: Chris Sherlock <chris.sherlock79@gmail.com>
|
|
Change-Id: I77b30f28ae5a6fad360d7cada9acfaa9c324408b
Reviewed-on: https://gerrit.libreoffice.org/22216
Reviewed-by: Chris Sherlock <chris.sherlock79@gmail.com>
Tested-by: Chris Sherlock <chris.sherlock79@gmail.com>
|
|
Having them in the file apptypes.hxx isn't necessary helpful, IMO so
I've split the types into inputtypes.hxx and exceptiontypes.hxx
Change-Id: I89a1ff168c3ae276b2f5486669d4ec2dda062d57
|
|
It's just the root element so far.
Change-Id: If32e9e5bf339f639a20fa88d85e826e14f65dac2
|
|
_rels/origin.sigs.rels of the _xmlsignatures temporary storage now
contains references to the individual signature streams.
Change-Id: I619bd81989e3b62fc4282e0e72fbfa780d1fb8bd
|
|
It's an empty file, with the only purpose to have relations, referencing
the individual signature streams. The only tricky part is that a temp
file needs closeOutput() to flush its contents, flush() is not enough.
Change-Id: I92ac61bce201c97a727ff02b1bb74599573a1807
|
|
A 'signatures relation' is kind of a pointer that says where is the list
of signatures. When adding the first signature, this has to be created,
in addition to the actual signature relation.
This is yet another difference to ODF signing, where the signature is
just another additional stream in the package, while OOXML signing first
modifies the package to add the signatures relation, and then signs the
streams, so the input storage of the OOXML signing can't be a read-only
storage.
Change-Id: I81a976c945b28ddf7f347c4a7bfd51f98a1fc225
|
|
First step towards having a working export, since OOXML uses one stream
/ signature, so we need a storage for all signatures, not just a stream.
Change-Id: Id5edfd3ce7e8e4177b0071badc6eb4330a525281
|
|
Change-Id: If4d1e4071995f07212fad958b0226d5824d168f8
Reviewed-on: https://gerrit.libreoffice.org/21989
Reviewed-by: Noel Grandin <noelgrandin@gmail.com>
Tested-by: Noel Grandin <noelgrandin@gmail.com>
|
|
Change-Id: Ida3f77a763c55a7ec8a52a3de4521d18a952e752
|
|
Change-Id: I07ce23d698fea9338a85b086a5a3c3418e8c8290
|
|
Change-Id: I64dbf379a2d01ff46c5c32655958c63b04d86895
|
|
Fixes and improvements to support Precompiled Headers
on Linux.
Change-Id: I8145c146b0dba56c7a4d0fdf9c330164b67ada53
Reviewed-on: https://gerrit.libreoffice.org/21307
Tested-by: Jenkins <ci@libreoffice.org>
Reviewed-by: Ashod Nakashian <ashnakash@gmail.com>
|
|
Change-Id: I9a5940027423ff0791fa7da0b79b617412ce6b86
Reviewed-on: https://gerrit.libreoffice.org/21209
Tested-by: Jenkins <ci@libreoffice.org>
Reviewed-by: Ashod Nakashian <ashnakash@gmail.com>
|
|
Now that the user can provide a description of the signature, it makes
sense to allow multiple signatures from the same user, assuming that the
descriptions explain the purpose of the different signatures.
Change-Id: I2cd4680594732d6b40dc3ffbcb6b4a9a6ca87919
|
|
Change-Id: I6fdbcb342d06e05b4965ccf7f593ac130426828a
|
|
Change-Id: Ic2248b3bc6460e65bdf4eb30af4f8893a7f0e68d
|
|
First step to be able to add a comment while signing a document.
Change-Id: I8f7ab95de5015b723481e94bd72585caf754288f
|
|
Change-Id: I962544005b5d408f7c044a02eefe09b87d8a81fe
|
|
Change-Id: I274958964292f78c802748e17fca7f265ae5a4b8
Reviewed-on: https://gerrit.libreoffice.org/20429
Tested-by: Jenkins <ci@libreoffice.org>
Reviewed-by: Stephan Bergmann <sbergman@redhat.com>
|
|
Improved the isolation of windows headers.
Specifically, RGB macro is better handled now.
Change-Id: I0eeea16d0de9da3455810c80b0715f7b54ae8c3f
Reviewed-on: https://gerrit.libreoffice.org/20039
Tested-by: Jenkins <ci@libreoffice.org>
Reviewed-by: Michael Stahl <mstahl@redhat.com>
|
|
and improve the script a little
Change-Id: I2792ea4dd5df3a50736fbe209225c3f16fb86b84
Reviewed-on: https://gerrit.libreoffice.org/20033
Reviewed-by: Noel Grandin <noelgrandin@gmail.com>
Tested-by: Noel Grandin <noelgrandin@gmail.com>
|
|
Ported update_pch.sh to Python with improved performance
and features. The new script is invoked from the same
update_pch.sh which calls it for each library in
parallel, although it can be invoked directly.
The ported script (update_pch) updates all PCH files
in ~15 seconds where the old script took ~4500 seconds.
In addition, the new script supports 3-tiered headers
(system, module, and local) and is very flexible to
support other improvement. It has a per-library
optimal configuration settings that can be updated
using another new scripts (update_pch_autotune.sh)
which finds optimal per-PCH settings.
PCH files have been generated using the new scripts
which builds significantly faster (2-3x, depending
on module and configuration) and the intermediate
binaries are noticably smaller (by several GBs).
The new script stamps each generated PCH file with
the command that generated it to make it trivial
for users to update them, and also adds the command
to invoke another script (update_pch_bisect) that
helps find missing headers or conflicting headers
that may break the build after updating the PCH.
Finally update_pch has built-in unit-tests for
makefile parsing and other core functionality.
Change-Id: Ib933b50e50374d7e2e7e3e95ba8799b0cc8a27fa
Reviewed-on: https://gerrit.libreoffice.org/19965
Tested-by: Jenkins <ci@libreoffice.org>
Reviewed-by: Caolán McNamara <caolanm@redhat.com>
Tested-by: Caolán McNamara <caolanm@redhat.com>
|
|
Change-Id: I2ea407acd763ef2d7dae2d3b8f32525523ac8274
|
|
Change-Id: I328ac7a95ccc87732efae48b567a0556865928f3
|
