Age | Commit message (Collapse) | Author |
|
The code already knew if the signature was AdES-enabled or not, but that
info wasn't available on the UI.
The values are all names of standards, Andras says it's OK to have them
non-translatable.
(cherry picked from commit 81f7824a9839d3230b4e58424a64a393e8ee0223)
Change-Id: I20baf0871fe2c84b04b7fc64014061e341744db8
Reviewed-on: https://gerrit.libreoffice.org/31724
Tested-by: Jenkins <ci@libreoffice.org>
Reviewed-by: Miklos Vajna <vmiklos@collabora.co.uk>
|
|
This is a combination of 6 commits:
1) xmlsecurity PDF verify: look for the signingCertificateV2 attribute
This is a required part of the PAdES spec, but so far we only wrote it.
As a start just expose if the attribute exists or not.
(cherry picked from commit bef9ba5e062b340b1835db94620f7ea4fa0b123b)
2) xmlsecurity: don't write unchanged signatures back to the file
It's not useful, OTOH it can happen that something goes wrong and the
result does not match the original.
One situation when this can happen is when non-XAdES signatures are
read, but the checkbox to write XAdES signature is enabled.
(cherry picked from commit 7226ee0586191a495f427c2adbde68b1a47d2dbc)
3) xmlsecurity PDF verify: support non-detached signatures
And a couple of other changes to accept the bugdoc from
<https://github.com/esig/dss/
dss-pades/target/test-classes/plugtest/esig2014/ESIG-PAdES/RO/Signature-P-RO-4.pdf>.
(cherry picked from commit 055fd58711d57af4d96214aebd71b713303d5527)
4) xmlsecurity PDF verify: tolerate missing %%EOF in incremental updates
This is broken, but work it around to avoid an infinite loop.
(cherry picked from commit 0233ff952372e9a15edf92beccba463d74c46c33)
5) xmlsecurity PDF verify: CR is also a terminator of a comment
If we skip to the first NL, then we start tokenizing some XML as PDF
data and soon error out due to an unexpected keyword.
(cherry picked from commit 9b526a43e10a565875c879063f6df4bfe2ba9a80)
6) xmlsecurity PDF verify: handle boolean type as dictionary value
This caused not finding the length of a stream -> could not actually
verify signature.
(cherry picked from commit c623a9f846c713b19a0d58337af4f4354aeffa6e)
Change-Id: I696b6da49525eb53f7575c27f619d2116be51f1d
Reviewed-on: https://gerrit.libreoffice.org/31503
Tested-by: Jenkins <ci@libreoffice.org>
Reviewed-by: Miklos Vajna <vmiklos@collabora.co.uk>
|
|
And rename it to AdES, as the PDF PAdES generation will be affected by
this checkbox in the near future.
Change-Id: I06121e4eb9debac7a55a737a71780c2fa5c4d084
Reviewed-on: https://gerrit.libreoffice.org/30908
Reviewed-by: Miklos Vajna <vmiklos@collabora.co.uk>
Tested-by: Tor Lillqvist <tml@collabora.com>
|
|
Pass an XAdES flag to a couple more functions and adapt to that.
Factor out writeDigestMethod() and writeSignedProperties() from
OOXMLSecExporter::Impl to DocumentSignatureHelper and use them in an
additional place.
Write xd:UnsignedProperties with EncapsulatedX509Certificate. Probably
much more work needed.
Change-Id: I2a0cd1db6dd487b9c7ba256ad29473de3d271cd8
|
|
The signature manager always creates an XML helper, and optionally creates a
PDF helper as well. Both of them initialize xmlsec, and when the signature
manager is deleted, there are two de-inits, leading to an assertion failure in
xmlsec.
Fix the problem by moving the duplicated xmlsec init to the signature manager.
This has the additional benefit that general security-related code no longer
has to talk to the XML helper, it can use the signature manager, which feels
more natural. (What viewing a certificate had to do with XML?)
Change-Id: If6a6bc433636445f3782849a367d4a7ac0be7688
Reviewed-on: https://gerrit.libreoffice.org/30695
Reviewed-by: Miklos Vajna <vmiklos@collabora.co.uk>
Tested-by: Jenkins <ci@libreoffice.org>
|
|
xmlsecurity is such a mess. Too many different classes that actually
have more or less identical life-time, with names that smell of
delusions of grandeur. "Manager", "security framework controller" etc
for stuff that actually exist only during the execution of a simple
dialog. And then a "helper" class that actually in on a higher level
than a "framework controller". But oh well.
Change-Id: I86e461b1bc91a0d8f5b7fb9f13a5be201729df1e
|
|
Change-Id: I4b87541c6e64e6b2b7c912f47a80a4aa37842014
|
|
Change-Id: I0d7e6a14ec890b8a1dbdea3685b543b63426c628
|
|
Also:
- handle PDF in DocumentSignatureManager::write(), so the PDF file is
not truncated when closing the document signatures dialog, and
- handle PDF in DigitalSignaturesDialog::canAddRemove()
Change-Id: I77c1fcdcbdcb079ce934f37546129d9d280e5d2e
|
|
DocumentSignatureHelper::isOOo3_2_Signature() checks if the manifest
stream of the ZIP package is signed. A PDF file has no storage, so don't
do that check for that format.
With this, a valid PDF signature is shown as valid in the Digital
Signatures dialog as well.
Change-Id: I58c1cbd665b7c5894d1cfa193061a9370f76c8c4
|
|
It doesn't actually show any details yet, but it shows a selectable
empty line, to be filled in with details.
Change-Id: Ib35f13e5c779fe1a28933c1a0761682e9f5de62d
Reviewed-on: https://gerrit.libreoffice.org/29775
Tested-by: Jenkins <ci@libreoffice.org>
Reviewed-by: Miklos Vajna <vmiklos@collabora.co.uk>
|
|
Change-Id: I9e6d499788467e5215464cf8f5146721b847909c
|
|
Change-Id: I12865d743daa3e6479edb60584d5bd01f88e818d
|
|
Change-Id: Ia6ed5f71931a6141efb3d5e5eb329149d6850342
|
|
I left a prefix on the names "Map" so that I would not have to re-arrange
each name too much, since I can't start identifiers with digits like "100thMM"
And remove RSC_EXTRAMAPUNIT, which doesn't seem to be doing anything anymore.
Change-Id: I5187824aa87e30caf5357b51b5384b5ab919d224
Reviewed-on: https://gerrit.libreoffice.org/29096
Reviewed-by: Noel Grandin <noel.grandin@collabora.co.uk>
Tested-by: Noel Grandin <noel.grandin@collabora.co.uk>
|
|
...which was introduced with 3ead3ad52f9bb2f9d1d6cf8dfc73a0a25e6778ed "Gradually
typed Link" to distinguish the new, typed versions from the old, untyped ones,
but is no longer necessary since 382eb1a23c390154619c385414bdbe6f6e461173
"remove untyped Link<>" removed the old versions.
Change-Id: I494025df486a16a45861fcd8192dfe0275b1103c
|
|
Change-Id: I538596a99e632178d928ff7e66ad45c71b73c6fd
Reviewed-on: https://gerrit.libreoffice.org/28018
Reviewed-by: Noel Grandin <noelgrandin@gmail.com>
Tested-by: Noel Grandin <noelgrandin@gmail.com>
|
|
since...
commit ba81e5c6bd420b41a84ade6ccd774011a8089f7f
Date: Thu May 28 21:35:43 2015 +0100
tdf#91702 - fix stack-based MessBox allocation.
There is no special ScopedVclPtr<X>::Create or
ScopedVclPtrInstance<X>::Create just
VclPtr<X>::Create and a raw VclPtr<X>::Create()->foo
doesn't call dispose on the owned X
Change-Id: Ifacc8d5e742820701307c3c37b9b86487667d84f
|
|
... implementing signed years with year 0 gap.
Date(31,12,-1) last day BCE
Date(1,1,1) first day CE
New class Date member functions:
* AddYears(sal_Int16) to be used instead of
aDate.SetYear(aDate.GetYear()+sal_Int16) to handle year 0 gap.
* convenience GetNextYear() to be used insted of GetYear()+1
* convenience GetPrevYear() to be used insted of GetYear()-1
* AddMonths(sal_Int32)
* operator=(const css::util::Date&)
New class DateTime member functions:
* operator=(const css::util::DateTime&)
Made some conversion ctors explicit, specifically Date(sal_Int32)
Adapted hopefully all places that used a sal_uInt16 year to use
sal_Int16 where appropriate.
Eliminated some quirks in date handling found on the fly.
Added era handling to i18npool icu calendar setting interface, which
missing was responsible for 0001-01-01 entered in Calc being set as
-0001-01-01, hence subtracting one day resulted in -0002-12-31.
Change-Id: I77b39fba9599ebd5067d7864f6c9ebe01f6f578f
Reviewed-on: https://gerrit.libreoffice.org/27049
Reviewed-by: Eike Rathke <erack@redhat.com>
Tested-by: Jenkins <ci@libreoffice.org>
|
|
Change-Id: Ie6dd8317cb5add8a5072dd6aca2833d2d22b78d9
|
|
Change-Id: I85eda1c33016c1461d897fc0a3b70457209a7405
Reviewed-on: https://gerrit.libreoffice.org/26806
Tested-by: Jenkins <ci@libreoffice.org>
Reviewed-by: Noel Grandin <noelgrandin@gmail.com>
|
|
...like the "Security Warning: Domain Name Mismatch" WarnDialog (cf.
TITLE_UUI_SSLWARN_DOMAINMISMATCH in uui), not only a CertificateChooser.
Regression introduced with c42be58e4c006ab3e1f262b644789cba8659d0ab "Show the
certificate use also in the View Certificate dialog", for which this fix is
hopefully fine.
Change-Id: I6efced1ebaad07c314fe7a5dd1cdc8e91d34555e
|
|
Change-Id: I6ce045db236b81aa8bc7bce2a0e20c4132c5931f
|
|
Change-Id: Ideec43617ff214b7e0dcbb0a1969955b34ee19e4
Reviewed-on: https://gerrit.libreoffice.org/26196
Tested-by: Jenkins <ci@libreoffice.org>
Reviewed-by: Noel Grandin <noelgrandin@gmail.com>
|
|
Change-Id: I400d728c5d99228c5ca52e369037395b4da2af5c
Reviewed-on: https://gerrit.libreoffice.org/26187
Tested-by: Jenkins <ci@libreoffice.org>
Reviewed-by: Noel Grandin <noelgrandin@gmail.com>
|
|
Change-Id: Ia034fb16ce75caeb69fd746d4a602cd5fcfef6d1
Reviewed-on: https://gerrit.libreoffice.org/25817
Tested-by: Jenkins <ci@libreoffice.org>
Reviewed-by: Noel Grandin <noelgrandin@gmail.com>
|
|
Change-Id: I976536849fa5585c96cee23b660c56d3d0116933
Reviewed-on: https://gerrit.libreoffice.org/25720
Tested-by: Jenkins <ci@libreoffice.org>
Reviewed-by: Noel Grandin <noelgrandin@gmail.com>
|
|
Change-Id: Ibf313b8948a493043006ebf3a8281487c1f67b48
Reviewed-on: https://gerrit.libreoffice.org/25532
Tested-by: Jenkins <ci@libreoffice.org>
Reviewed-by: Tor Lillqvist <tml@collabora.com>
Tested-by: Tor Lillqvist <tml@collabora.com>
|
|
The odd one out is the usage in Formula, which attempts
to restore focus to a particular window identified by
an unique id. In this case restore focus by keeping a VclPtr
to the desired window.
Change-Id: I1dc335325c109d75745c6bba2e12662e6ae50638
|
|
Change-Id: I25ba55456be62307348eec529bfd434f8a90bac4
|
|
Change-Id: I30520ef862d5c925d1f5c236fb37aa719005bb49
|
|
The names for the KeyUsage bits defined in RFC3280 are stored in the
.ui file for localisation
Change-Id: Ia2cbfd28c8a5df6c94d4926fe98ea7048ff41dde
|
|
Change-Id: I7168d44dab8e6a8e37bb7920d744ff32f5e52907
Reviewed-on: https://gerrit.libreoffice.org/24019
Tested-by: Jenkins <ci@libreoffice.org>
Reviewed-by: Noel Grandin <noelgrandin@gmail.com>
|
|
Change-Id: I6075ee18168f19e73c415bf4f0c3423b7a489175
|
|
Change-Id: I4b89f97671ab526e5731d2f1f99802e23f3fd4b5
|
|
To be able to unit-test this later without creating a vcl dialog.
Change-Id: I4794e212ffefc2efa3bddaf58e6c6bf2a4ea8d9a
|
|
So that it'll be possible to call that code without an active dialog,
from a headless unit test.
Change-Id: I1728a666ff5d84b337efd7e2b7eb68469896257a
|
|
When adding a signature, first we export it to a temp. storage, then
read it back, show the verification to the user, and then later we do or
do not write the temp. storage back to the original one.
This means the signature gets exported two times, and MSO only considers
the final result valid. So when caching signatures (to avoid a real
export based on our data model), don't cache the one we just added to
the temp. storage, but do a real export second time as well.
With this, MSO considers our appended signature (next to an existing
one) valid, too.
Change-Id: I4d615298463e037ea4e654ff5c3addcef8b0a094
|
|
stage 2 of replacing usage of various checks for the windows platform
with the compiler-defined '_WIN32' macro
In this stage we focus on replacing usage of the WIN macro
Change-Id: Ie8a4a63198a6de96bd158ecd707dadafb9c8ea84
Reviewed-on: https://gerrit.libreoffice.org/22393
Tested-by: Jenkins <ci@libreoffice.org>
Reviewed-by: Noel Grandin <noelgrandin@gmail.com>
|
|
It's hard to unit test signing when the logic is implemented in the Add
and OK button handlers.
Change-Id: I5e07df69cd808cf170e21dfd55f2f44bc79c58a8
|
|
Our own importer is happy about the export result already, but MSO is
more picky, and mandates the correct content types for both
_xmlsignatures/origin.sigs and the individual signature streams.
With this, MSO can open the signed file again (while previously it just
declared the file corrupted), though it still declares the signature
invalid.
Change-Id: I199ad96bb91e7ce03fdf1f10f9500db4e05bb5c1
|
|
Change-Id: Ia24a1b64d4adfc0db537704779ca25cfd86cac8f
|
|
With this, _xmlsignatures/_rels/origin.sigs.rels and
_xmlsignatures/origin.sigs is written to the destination file.
Change-Id: I8d63a182e7cf05ed20195f88c90fba2a9a05379e
|
|
When reading a signature, we just take the ODF signature stream or OOXML
signature storage.
When writing, we write to an ODF temporary stream / OOXML temporary
storage, read it back, and only the signatures dialog close handler
writes the signature back to the original file.
The underlying OOXML temporary storage's stream is the signature stream,
so only try to load signatures from the stream if it's not OOXML,
throwing a ZIP file at an XML parser is not a great idea.
Change-Id: I6e42d117b9c97676aaeaad158e78e39a2c39a5e8
|
|
Change-Id: I5fd400f095998184107c10afa95fe8b12c123d33
|
|
In ODF, they're relative to the package root, in OOXML they always start
with a leading slash.
Also, in OOXML the stream URI should have its content type as the
suffix.
Change-Id: Iac570ed15533a23c8a6098f99b716f90e1bac0e0
|
|
This can be inspected after the add button handler finishes, but the
dialog is still alive.
Change-Id: I18ece31545de6d306a26b44d372f54df8221a456
|
|
It's just the root element so far.
Change-Id: If32e9e5bf339f639a20fa88d85e826e14f65dac2
|
|
_rels/origin.sigs.rels of the _xmlsignatures temporary storage now
contains references to the individual signature streams.
Change-Id: I619bd81989e3b62fc4282e0e72fbfa780d1fb8bd
|
|
It's an empty file, with the only purpose to have relations, referencing
the individual signature streams. The only tricky part is that a temp
file needs closeOutput() to flush its contents, flush() is not enough.
Change-Id: I92ac61bce201c97a727ff02b1bb74599573a1807
|