Age | Commit message (Collapse) | Author |
|
These files had a consistent style previously, keep them that way.
Change-Id: I6347efd4a301ddd758f4661778c0dfb68585940d
|
|
Change-Id: I64239dfcfbc2383c2bf53c0cb86196d3f2c79330
|
|
Accept and store a set of EncapsulatedX509Certificate data for a
signature.
Change-Id: Iae69502bc8caa0287c8f6d6c352256bdda22406b
|
|
Pass an XAdES flag to a couple more functions and adapt to that.
Factor out writeDigestMethod() and writeSignedProperties() from
OOXMLSecExporter::Impl to DocumentSignatureHelper and use them in an
additional place.
Write xd:UnsignedProperties with EncapsulatedX509Certificate. Probably
much more work needed.
Change-Id: I2a0cd1db6dd487b9c7ba256ad29473de3d271cd8
|
|
The signature manager always creates an XML helper, and optionally creates a
PDF helper as well. Both of them initialize xmlsec, and when the signature
manager is deleted, there are two de-inits, leading to an assertion failure in
xmlsec.
Fix the problem by moving the duplicated xmlsec init to the signature manager.
This has the additional benefit that general security-related code no longer
has to talk to the XML helper, it can use the signature manager, which feels
more natural. (What viewing a certificate had to do with XML?)
Change-Id: If6a6bc433636445f3782849a367d4a7ac0be7688
Reviewed-on: https://gerrit.libreoffice.org/30695
Reviewed-by: Miklos Vajna <vmiklos@collabora.co.uk>
Tested-by: Jenkins <ci@libreoffice.org>
|
|
Remove SignatureInformation::nSecurityEnvironmentIndex as it was
always -1.
Change-Id: I39247e5c40ce36e394c30b450626eca533f46267
|
|
The XSecController::setX509Certificate() overload that took a
sal_Int32 nSecurityEnvironmentIndex was called in just one place, and
-1 was always passed for the nSecurityEnvironmentIndex.
Change-Id: Ic37b7053c90a6fbb8b4e5b6485483d34c605b965
|
|
xmlsecurity is such a mess. Too many different classes that actually
have more or less identical life-time, with names that smell of
delusions of grandeur. "Manager", "security framework controller" etc
for stuff that actually exist only during the execution of a simple
dialog. And then a "helper" class that actually in on a higher level
than a "framework controller". But oh well.
Change-Id: I86e461b1bc91a0d8f5b7fb9f13a5be201729df1e
|
|
It was only assigned to. Some follow-up simplification.
Change-Id: I3b522064e946667d3a4c8fb82ee40bd0d44dd569
|
|
No need to have a comment saying 'write signatures' when calling a
function that is called WriteSignature(). (Actually, the function name
is slightly misleading, as it says 'signature' in singular while what
it actually does is write multiple signatures, if present.)
Also drop some leftover comments that were related to code that was
commented out already in 2004 or 2007 and removed completely in 2010.
Change-Id: I7a53b3eabb81fc03c66e746f78267be4c1751b0f
|
|
All the catch blocks for classes derivved from uno::Exception
contained the same single statement as the catch block for
uno::Exception itself.
Change-Id: Ic33b432416abfda7557862d25237dc7221585327
|
|
Change-Id: I4ebdca6a7d09a228122842a79b217ac2611a7c06
|
|
It has been commented out since creation in 2004.
Change-Id: I25ff3ff953430ecbb84fecd3228e662a9c3e1276
|
|
Change-Id: I0d7e6a14ec890b8a1dbdea3685b543b63426c628
|
|
...after 1b98f38cfac2ac6caa7f178f70bcd9c5f74f16a4 "css.xml.sax.XAttributeList is
broken by design"
Change-Id: I052baf70f7798c47a9022bb7623149cb41069227
|
|
In the Java interface it was reportedly copied from, getValue can return null to
indicate a missing attribute, but in UNOIDL that's not possible. The workaround
that implementations of the UNOIDL interface resorted to is apparently to return
an empty string (another option would have been to throw an exception).
But the code in xmlsecurity appears to be written under the ill assumption that
getValueByName would return null for a missing attribute. What the code as
written actually did check was whether the return value is an empty string
(because it picks the operator ==(OUString const &, sal_Unicode const *)
overload, which happens to treat a null second argument like an empty string).
Ideally, the code in xmlsecurity would have some way to tell a missing attribute
from an empty one (via some extended XAttributeList2, or by iterating over all
getNameByIndex, or ...). But for none of the affected attributes it seems
expected that the attribute's value could be an empty string, so checking for an
empty string seems to work reasonably well in practice. So keep it simple and
just check for an empty string properly.
Thanks to Tor for spotting that odd xmlsecurity code.
Change-Id: Ib068ee98ef818683a43309ab4d7c3a4731e8deff
|
|
Change-Id: I78e85923e2c5da366c0bec0812c8fe0240310b67
|
|
They just make grepping harder, and don't really avoid a risk of
mistyping. For instance, there were both TAG_TRANSFORM and
TAG_TRANSFORMS (with values "Transform" and "Transforms"), so if you
think you are likely to misspell "Transforms" as "Transform", you are
as likely to misspell TAG_TRANSFORMS as TAG_TRANSFORM. Typos affecting
generated XML should be catched by unit tests anyway.
Some of the (newer) code here is already in this style, using string
literals directly for tags and attributes, so this change just makes
the style more uniform.
I did not touch the macros that have long URIs as value. For them
there is some usefulness in having the shorter macros in the
code. (But the names of the ALGO_* macros are not consistently
constructed from the URIs.)
Change-Id: I9130395f45fafc13fb2a6ac47e98177647e27cf9
|
|
We should also just use the string literals as such in the code (some
newer parts of this module already does that), and not hide them
behind preprocessor macros. An Easy Hack?
Change-Id: I3ab5793ff265a4aceff2fed1562a54bfb0ce3ccb
|
|
PDF signatures are always chained, so when removing a signature not only
the item at a given position should be removed on the UI, but the whole
position-last range.
Change-Id: I76b14308885267cdac994fa957218a8b7df6b3cf
|
|
We can mandate that the byte range end is the end of the file for the
last signature only.
With this, signing a previously unsigned file multiple times works, so
add a matching testcase for that as well.
Change-Id: I8fe5482890fca4dab8da6305aa7fc7f60df612d8
|
|
Change-Id: If75874ee12197edd367f5527a37e467041005794
|
|
Change-Id: I460d5e7c431d2613999db86a73d4e14663ff038d
|
|
Change-Id: Ia5829219eda13832857848267afae25167a31ab8
|
|
Change-Id: Ie0116a7c9c51268204647499b26f4247e55e0523
|
|
Unlike with ZIP-based storage, it can happen that the removal fails, so
make sure we only remove the signature from the listbox when
PDFDocument::RemoveSignature() succeeds.
Change-Id: I3241fc11425686bc1ea5452b8f602e053aec0769
Reviewed-on: https://gerrit.libreoffice.org/30224
Reviewed-by: Miklos Vajna <vmiklos@collabora.co.uk>
Tested-by: Jenkins <ci@libreoffice.org>
|
|
Extract appendUnicodeTextString() from the PDF writer impl, and reuse it
in xmlsecurity, to share code.
Change-Id: Icdc2f89132cd29e07280001e30bad97e0a644654
Reviewed-on: https://gerrit.libreoffice.org/30110
Reviewed-by: Miklos Vajna <vmiklos@collabora.co.uk>
Tested-by: Jenkins <ci@libreoffice.org>
|
|
Also:
- handle PDF in DocumentSignatureManager::write(), so the PDF file is
not truncated when closing the document signatures dialog, and
- handle PDF in DigitalSignaturesDialog::canAddRemove()
Change-Id: I77c1fcdcbdcb079ce934f37546129d9d280e5d2e
|
|
An unsigned PDF can be signed now, but the stream still gets truncated
on closing the dialog.
Change-Id: I12dd50bf577cd23b3355f6c6d03e71a9c0dbcfab
|
|
We patch xmlsec to not verify certificates, and the PDF tokenizer in
xmlsecurity doesn't do that, either. The point of doing so, is that the
DocumentSignatureInformation UNO struct has separate CertificateStatus
and SignatureIsValid fields for the validity of the certificate and the
signature.
That means the certificate has to be validated somewhere as well.
ZIP-based formats do that in
DocumentDigitalSignatures::ImplVerifySignatures(), and this commit
implements the same for PDF signatures, too.
Change-Id: Ic486afc8f392625b1efcad989fd9053b014a261b
Reviewed-on: https://gerrit.libreoffice.org/29889
Tested-by: Jenkins <ci@libreoffice.org>
Reviewed-by: Miklos Vajna <vmiklos@collabora.co.uk>
|
|
So that the UI can show the correct "Signed by" and "Digital ID issued
by" fields.
Change-Id: Ied2fed480f48baf60cffb4f0ce762a726beab006
Reviewed-on: https://gerrit.libreoffice.org/29776
Tested-by: Jenkins <ci@libreoffice.org>
Reviewed-by: Miklos Vajna <vmiklos@collabora.co.uk>
|
|
It doesn't actually show any details yet, but it shows a selectable
empty line, to be filled in with details.
Change-Id: Ib35f13e5c779fe1a28933c1a0761682e9f5de62d
Reviewed-on: https://gerrit.libreoffice.org/29775
Tested-by: Jenkins <ci@libreoffice.org>
Reviewed-by: Miklos Vajna <vmiklos@collabora.co.uk>
|
|
The custom code took care of NSS only, the shared code will handle
mscrypto as well.
Change-Id: I73b904d2e0750d2d847eaaf1ac2b02d41b37d357
Reviewed-on: https://gerrit.libreoffice.org/29763
Reviewed-by: Miklos Vajna <vmiklos@collabora.co.uk>
Tested-by: Jenkins <ci@libreoffice.org>
|
|
This splits most of the PDF signature code out of the pdfverify
executable, and puts it into the xmlsecurity library instead.
The PDFSignatureHelper now attempts to verify PDF signatures, and code
in sdext / sfx2 also calls it (even if PDF is not a ZIP-based format).
Change-Id: I7b8b3ac9c976e4ea4f3796b1cda07c8a2c97bd02
Reviewed-on: https://gerrit.libreoffice.org/29751
Reviewed-by: Miklos Vajna <vmiklos@collabora.co.uk>
Tested-by: Jenkins <ci@libreoffice.org>
|
|
...which was introduced with 3ead3ad52f9bb2f9d1d6cf8dfc73a0a25e6778ed "Gradually
typed Link" to distinguish the new, typed versions from the old, untyped ones,
but is no longer necessary since 382eb1a23c390154619c385414bdbe6f6e461173
"remove untyped Link<>" removed the old versions.
Change-Id: I494025df486a16a45861fcd8192dfe0275b1103c
|
|
The issue of 362d4f0cd4e50111edfae9d30c90602c37ed65a2 "Explicitly mark
overriding destructors as 'virtual'" appears to no longer be a problem with
MSVC 2013.
(The little change in the rewriting code of compilerplugins/clang/override.cxx
was necessary to prevent an endless loop when adding "override" to
OOO_DLLPUBLIC_CHARTTOOLS virtual ~CloseableLifeTimeManager();
in chart2/source/inc/LifeTime.hxx, getting stuck in the leading
OOO_DLLPUBLIC_CHARTTOOLS macro. Can't remember what that
isAtEndOfImmediateMacroExpansion thing was originally necessary for, anyway.)
Change-Id: I534c634504d7216b9bb632c2775c04eaf27e927e
|
|
And instead attempt to set up the test environment correctly.
Change-Id: I06c10b96749c0464da8d2dd9a59b48f16baeead5
Reviewed-on: https://gerrit.libreoffice.org/27785
Reviewed-by: Miklos Vajna <vmiklos@collabora.co.uk>
Tested-by: Jenkins <ci@libreoffice.org>
|
|
Change-Id: I4258bcc97273d8bb7a8c4879fac02a427f76e18c
Reviewed-on: https://gerrit.libreoffice.org/27317
Tested-by: Jenkins <ci@libreoffice.org>
Reviewed-by: Noel Grandin <noelgrandin@gmail.com>
|
|
Change-Id: Ie6dd8317cb5add8a5072dd6aca2833d2d22b78d9
|
|
Change-Id: I6ce045db236b81aa8bc7bce2a0e20c4132c5931f
|
|
Change-Id: Ideec43617ff214b7e0dcbb0a1969955b34ee19e4
Reviewed-on: https://gerrit.libreoffice.org/26196
Tested-by: Jenkins <ci@libreoffice.org>
Reviewed-by: Noel Grandin <noelgrandin@gmail.com>
|
|
Change-Id: Ibf313b8948a493043006ebf3a8281487c1f67b48
Reviewed-on: https://gerrit.libreoffice.org/25532
Tested-by: Jenkins <ci@libreoffice.org>
Reviewed-by: Tor Lillqvist <tml@collabora.com>
Tested-by: Tor Lillqvist <tml@collabora.com>
|
|
Change-Id: Iabde7a84b9c2758e0d2b2ffe0fb99fcfa51ff124
Reviewed-on: https://gerrit.libreoffice.org/25075
Tested-by: Jenkins <ci@libreoffice.org>
Reviewed-by: Noel Grandin <noelgrandin@gmail.com>
|
|
Change-Id: I334411c6b57c028ffb41b5deb72002f9d54038c3
Reviewed-on: https://gerrit.libreoffice.org/24923
Tested-by: Jenkins <ci@libreoffice.org>
Reviewed-by: Noel Grandin <noelgrandin@gmail.com>
|
|
Change-Id: I96cef821fc1d87963b8928af5dfc8ba97557da74
|
|
Change-Id: I7168d44dab8e6a8e37bb7920d744ff32f5e52907
Reviewed-on: https://gerrit.libreoffice.org/24019
Tested-by: Jenkins <ci@libreoffice.org>
Reviewed-by: Noel Grandin <noelgrandin@gmail.com>
|
|
And include <cstddef> where necessary.
Change-Id: Icc1208528d6a8b04375d55ccbf3cd6ef046b454f
Reviewed-on: https://gerrit.libreoffice.org/23796
Reviewed-by: Miklos Vajna <vmiklos@collabora.co.uk>
Tested-by: Jenkins <ci@libreoffice.org>
|
|
Change-Id: Ia29868d1832b529d438a5a5448b751683c226846
|
|
Change-Id: I4b89f97671ab526e5731d2f1f99802e23f3fd4b5
|
|
It was odd that import code had its own OOXMLSecParser, but export code
was buried in the controller.
Change-Id: Ie1964bf9c54a8b779981e8d72bf4810090cf960c
|