Age | Commit message (Collapse) | Author |
|
Change-Id: I58a63a0e6f619442f21827064644ecd8ca57b8ff
|
|
This was the last unit test that was disabled on Windows due to missing
implementation.
Change-Id: Ia7d84f72bcdf79267c7de17cd8822ed02c378642
Reviewed-on: https://gerrit.libreoffice.org/31552
Reviewed-by: Miklos Vajna <vmiklos@collabora.co.uk>
Tested-by: Jenkins <ci@libreoffice.org>
|
|
Use case: the bugdoc has 2 signatures, one normal one and one with
SubFilter=ETSI.RFC3161. By not hiding the second signature it's possible
to counter-sign the document, even if we don't handle the contents of
the second one.
Change-Id: I580e1211072ec9839f01b529b569c98b702b6534
Reviewed-on: https://gerrit.libreoffice.org/31539
Reviewed-by: Miklos Vajna <vmiklos@collabora.co.uk>
Tested-by: Jenkins <ci@libreoffice.org>
|
|
Happened when the doc was smaller than 1024 bytes.
Change-Id: Ie5eea5905a09722e7958495d26e6c78ee234d3ba
Reviewed-on: https://gerrit.libreoffice.org/31500
Tested-by: Jenkins <ci@libreoffice.org>
Reviewed-by: Miklos Vajna <vmiklos@collabora.co.uk>
|
|
From a comment's point of view, EOF is just a terminator, similar to \r
or \n.
Change-Id: I120bf1e75f1eb81a550af643051e6fc472873eff
Reviewed-on: https://gerrit.libreoffice.org/31499
Tested-by: Jenkins <ci@libreoffice.org>
Reviewed-by: Miklos Vajna <vmiklos@collabora.co.uk>
|
|
Also fix parsing '<< /Foo [ /Bar ] >>'.
Change-Id: I3375001730b4d2e447b0dd8a7809a7bfb013126c
Reviewed-on: https://gerrit.libreoffice.org/31498
Tested-by: Jenkins <ci@libreoffice.org>
Reviewed-by: Miklos Vajna <vmiklos@collabora.co.uk>
|
|
Map it to the partially signed (not all streams) ODF concept instead.
Change-Id: I7fc931e622b9f10a1261cd475b01a2f038e37ece
Reviewed-on: https://gerrit.libreoffice.org/31497
Tested-by: Jenkins <ci@libreoffice.org>
Reviewed-by: Miklos Vajna <vmiklos@collabora.co.uk>
|
|
This caused not finding the length of a stream -> could not actually
verify signature.
Change-Id: I696b6da49525eb53f7575c27f619d2116be51f1d
Reviewed-on: https://gerrit.libreoffice.org/31490
Reviewed-by: Miklos Vajna <vmiklos@collabora.co.uk>
Tested-by: Jenkins <ci@libreoffice.org>
|
|
If we skip to the first NL, then we start tokenizing some XML as PDF
data and soon error out due to an unexpected keyword.
Change-Id: I86b540a014e5a92ea4376ed765385a2ee568a3c1
Reviewed-on: https://gerrit.libreoffice.org/31472
Tested-by: Jenkins <ci@libreoffice.org>
Reviewed-by: Miklos Vajna <vmiklos@collabora.co.uk>
|
|
This is broken, but work it around to avoid an infinite loop.
Change-Id: I132a3c19cfe53e6166bfc1a881d1bfa5071f85d4
Reviewed-on: https://gerrit.libreoffice.org/31471
Tested-by: Jenkins <ci@libreoffice.org>
Reviewed-by: Miklos Vajna <vmiklos@collabora.co.uk>
|
|
And a couple of other changes to accept the bugdoc from
<https://github.com/esig/dss/
dss-pades/target/test-classes/plugtest/esig2014/ESIG-PAdES/RO/Signature-P-RO-4.pdf>.
Change-Id: I0fca9ba0bfe927ef91ae2592a5026b05d19879fd
Reviewed-on: https://gerrit.libreoffice.org/31462
Reviewed-by: Miklos Vajna <vmiklos@collabora.co.uk>
Tested-by: Jenkins <ci@libreoffice.org>
|
|
Going via UNO for a class in the same module is an overkill.
Change-Id: I577660513022fde1576df19b412fcdb1ee2ad041
Reviewed-on: https://gerrit.libreoffice.org/31461
Reviewed-by: Miklos Vajna <vmiklos@collabora.co.uk>
Tested-by: Jenkins <ci@libreoffice.org>
|
|
It's not useful, OTOH it can happen that something goes wrong and the
result does not match the original.
One situation when this can happen is when non-XAdES signatures are
read, but the checkbox to write XAdES signature is enabled.
Change-Id: Icafad914175b29f7c0245220258bd1420ccd7b9c
Reviewed-on: https://gerrit.libreoffice.org/31437
Reviewed-by: Miklos Vajna <vmiklos@collabora.co.uk>
Tested-by: Jenkins <ci@libreoffice.org>
|
|
This is a required part of the PAdES spec, but so far we only wrote it.
As a start just expose if the attribute exists or not.
Change-Id: Iae3815f764973a2fd29d72593236c2f484172101
Reviewed-on: https://gerrit.libreoffice.org/31436
Reviewed-by: Miklos Vajna <vmiklos@collabora.co.uk>
Tested-by: Jenkins <ci@libreoffice.org>
|
|
As a start just make sure we accept "ETSI.CAdES.detached" as a valid
SubFilter value.
Change-Id: I19f480a5a24df0f451261d6d9a0dd9bd72ff6cc1
Reviewed-on: https://gerrit.libreoffice.org/31414
Tested-by: Jenkins <ci@libreoffice.org>
Reviewed-by: Miklos Vajna <vmiklos@collabora.co.uk>
|
|
1) Make sure we handle the case when the document has a signature
stream, but it's empty.
2) Make sure we find a given XAdES-enabled ODF document valid.
Previously this was tested only dynamically, i.e. breaking both the
import and the export at the same time went unnoticed.
Change-Id: Icaa29cfa1f5b817459239ee8dbdc3bf023a2a1a7
Reviewed-on: https://gerrit.libreoffice.org/31413
Tested-by: Jenkins <ci@libreoffice.org>
Reviewed-by: Miklos Vajna <vmiklos@collabora.co.uk>
|
|
The NSS code earlier started to save the hash algo ID of the signature
into the signature structure and I also added a unit test for this. This
failed on Windows when the system had at least one signing certificate
installed, as the mscrypto part of the patch was missing.
Change-Id: Ib09e9e53292b5beb011c96ecf6f51a5ee10c15b0
Reviewed-on: https://gerrit.libreoffice.org/31323
Reviewed-by: Miklos Vajna <vmiklos@collabora.co.uk>
Tested-by: Jenkins <ci@libreoffice.org>
|
|
Not sure what the author was thinking, or what the comment '//Native
methods' was supposed to mean.
Change-Id: I9e45de6f24531a99770d98f415fea6a1cfd7d2c2
|
|
Fallout from my previous commit.
Change-Id: I4436721e719514d6ecf7847113957827c910d65a
|
|
Change-Id: I5f35c702ff9a613c6601cd0c3c42e9fc4f4e26a6
|
|
...as otherwise dynamic_cast<xmlsecurity::pdfio::PDFNameElement*>(...) in
xmlsecurity/qa/unit/pdfsigning/pdfsigning.cxx will fail at least on macOS,
causing CppunitTest_xmlsecurity_pdfsigning to fail.
Change-Id: I7c41c994a1e6145b4740a97ffe47d0c42c4e3ca0
|
|
Change-Id: Idb2e716cdc4933c2691de2df21a4ee7afda9e597
|
|
Assert the two user-visible changes: SHA-256 hashes and the SubFilter of the
signature.
Change-Id: I12a2355e2ddfc368bed4430a7b5ad244b5778afe
Reviewed-on: https://gerrit.libreoffice.org/31173
Tested-by: Jenkins <ci@libreoffice.org>
Reviewed-by: Miklos Vajna <vmiklos@collabora.co.uk>
|
|
Assert the two user-visible changes: SHA-256 hashes and the digest of
the signing certificate.
Change-Id: I0f931ef06f9bfc4be4eaa02a7530d57a414430c1
Reviewed-on: https://gerrit.libreoffice.org/31172
Reviewed-by: Miklos Vajna <vmiklos@collabora.co.uk>
Tested-by: Jenkins <ci@libreoffice.org>
|
|
This makes this suite in sync with CppunitTest_xmlsecurity_pdfsigning. A
signing certificate is available on 64bit NSS platforms, as there we
provide a pre-created NSS db, but on other platforms by default there is
just no signing certificate. The certificate.crt I added earlier is not
enough, that's just the certificate, but it doesn't provide a private
key.
Change-Id: Ie09d70fc9bc7ab752382eef96659bedb414553f5
|
|
We can now write that on Windows as well when requested, after the
signing-certificate attribute is implemented using mscrypto.
With this, the PAdES validator at
<http://signatures-conformance-checker.etsi.org/protected/upload.php?sigtype=padesconf>
finds our Windows signature valid.
Change-Id: Iaeb4c36a1eac14e3d3c3c12d9cfd9529e7663f77
Reviewed-on: https://gerrit.libreoffice.org/31162
Reviewed-by: Miklos Vajna <vmiklos@collabora.co.uk>
Tested-by: Jenkins <ci@libreoffice.org>
|
|
Going via UNO for a class in the same module sounds like an overkill.
Change-Id: Iaa5b31d1b888c8d3f1c9b47ee787504191ce3d7d
Reviewed-on: https://gerrit.libreoffice.org/31148
Reviewed-by: Miklos Vajna <vmiklos@collabora.co.uk>
Tested-by: Jenkins <ci@libreoffice.org>
|
|
That is what the default libxmlsec error handler
xmlSecMSCryptoErrorsDefaultCallback() does. Why show less information
in our own handler?
Change-Id: Ibc9f9b5066536d0f5cabbf2bda6d1fa14eca5613
|
|
Change-Id: I05450a0af00b200145312301207b8f6d3af05145
|
|
Change-Id: Ie18a1bd4c006a9c7a54dc79747cb7e300315640a
|
|
Equivalent of the earlier NSS commit, payload is just an empty sequence
at the moment.
Change-Id: I4639e2514ef01d23da04aedc30f63f9e8878223b
Reviewed-on: https://gerrit.libreoffice.org/31108
Reviewed-by: Miklos Vajna <vmiklos@collabora.co.uk>
Tested-by: Jenkins <ci@libreoffice.org>
|
|
Also:
- avoid writing ETSI.CAdES.detached for now on Windows till doing so
results in an invalid signature in Acrobat
- extend the SEC_OID_PKCS1_SHA1_WITH_RSA_ENCRYPTION hack to do the same
for SHA256 and SHA512 as well, as Acrobat and NSS accepts such
signatures
Change-Id: Ibb0a204504b29230dd712ffb709d2037c1007218
|
|
Change-Id: If26be2b51a1fd8a6ad3e96928e2d142d1ced2845
Reviewed-on: https://gerrit.libreoffice.org/31074
Tested-by: Jenkins <ci@libreoffice.org>
Reviewed-by: Miklos Vajna <vmiklos@collabora.co.uk>
|
|
That's where the implementation of such internal test binaries usually
are.
Change-Id: Ib7d2eb95de96d0d82e90e51f58da3a0c15a2ec71
Reviewed-on: https://gerrit.libreoffice.org/31073
Tested-by: Jenkins <ci@libreoffice.org>
Reviewed-by: Miklos Vajna <vmiklos@collabora.co.uk>
|
|
Change-Id: I28bb2a33c02d8eadced584d3d3f2b62b2e847324
|
|
this is motivated by the new screenshot feature
the initial proposed solution involved running make screenshot once per lang
which took ~6 hours for --with-lang=ALL on tb68 a reasonnably big
windows slavebot.
with this patch, one can run make screenshot just once and get all the screenshot
the elapsed time is 36 inutes on the same box/same config a 10x improvement.
Change-Id: I4339caebf915c118aa455de2a7e56e1a4e413939
Reviewed-on: https://gerrit.libreoffice.org/30970
Tested-by: Jenkins <ci@libreoffice.org>
Reviewed-by: Norbert Thiebaud <nthiebaud@gmail.com>
|
|
Change-Id: Iac3d2206388fde23d2f3d7a05b23978851cf2800
|
|
Change-Id: Ife64ab3683479baf152357a6167718f13c9b6089
Reviewed-on: https://gerrit.libreoffice.org/30964
Reviewed-by: Miklos Vajna <vmiklos@collabora.co.uk>
Tested-by: Jenkins <ci@libreoffice.org>
|
|
Change-Id: I15a00a8c6f8c8e735694baa25e06ed4db0875d43
|
|
not randomly scattered through the code
found with something like:
git ls-files *.cpp | xargs grep -Pzl "(?s){.*#include"
Change-Id: I9c242fa4ef99e8677f2800d7ec9f16d16e488351
Reviewed-on: https://gerrit.libreoffice.org/30952
Tested-by: Jenkins <ci@libreoffice.org>
Reviewed-by: Noel Grandin <noel.grandin@collabora.co.uk>
|
|
Page 21 of "PAdES baseline signatures" specification from
<http://www.etsi.org/deliver/etsi_en/319100_319199/31914201/01.01.01_60/en_31914201v010101p.pdf>
says:
"The Signature Dictionary shall contain a value of ETSI.CAdES.detached
for the key SubFilter."
So in case the UI has the adescompliant checkbox enabled, write that
value instead of the Adobe default.
Change-Id: I69e606a32fb09bebd5e9b25b32150d1b8672f544
|
|
Change-Id: I90db6e3c69a6dc90ce1df0dbb5b9d7a81cd1bbea
|
|
And rename it to AdES, as the PDF PAdES generation will be affected by
this checkbox in the near future.
Change-Id: I06121e4eb9debac7a55a737a71780c2fa5c4d084
Reviewed-on: https://gerrit.libreoffice.org/30908
Reviewed-by: Miklos Vajna <vmiklos@collabora.co.uk>
Tested-by: Tor Lillqvist <tml@collabora.com>
|
|
Change-Id: Ic7aa466c62eb8850d3c6b50c0e10b0575bd9b82e
|
|
Change-Id: Ic15c34c77ff24a506b59ed02db3cfbb6722d0f25
|
|
Change-Id: If5793cd8a721ac5b4fce5280b6180f2827c72501
|
|
Change-Id: I3e38b1d445c368c28e807202b94c603bd2b2c672
Reviewed-on: https://gerrit.libreoffice.org/30872
Reviewed-by: Samuel Mehrbrodt <Samuel.Mehrbrodt@cib.de>
Tested-by: Samuel Mehrbrodt <Samuel.Mehrbrodt@cib.de>
|
|
Change-Id: I8ed5242a4337da2ec1568d92bebfdad4915e6128
|
|
These files had a consistent style previously, keep them that way.
Change-Id: I6347efd4a301ddd758f4661778c0dfb68585940d
|
|
Change-Id: Ie6713d1bdf0010e5bc0bb70ca995c4dd36408673
|