| Age | Commit message (Collapse) | Author |
|---|
|
stage 2 of replacing usage of various checks for the windows platform
with the compiler-defined '_WIN32' macro
In this stage we focus on replacing usage of the WIN macro
Change-Id: Ie8a4a63198a6de96bd158ecd707dadafb9c8ea84
Reviewed-on: https://gerrit.libreoffice.org/22393
Tested-by: Jenkins <ci@libreoffice.org>
Reviewed-by: Noel Grandin <noelgrandin@gmail.com>
|
|
Fails when the relevant part of XSecController::exportOOXMLSignature()
is commented out, i.e. the member function just writes a <Signature> XML
element, no child elements.
Change-Id: I526c1170c8ada71f111a1ad56d74af1a4102dbce
Reviewed-on: https://gerrit.libreoffice.org/22375
Reviewed-by: Miklos Vajna <vmiklos@collabora.co.uk>
Tested-by: Jenkins <ci@libreoffice.org>
|
|
Change-Id: I97acb4a2e9aedb15671d65f6995faeab4ff5716f
|
|
It's hard to unit test signing when the logic is implemented in the Add
and OK button handlers.
Change-Id: I5e07df69cd808cf170e21dfd55f2f44bc79c58a8
|
|
This wasn't a problem when we signed MSO-produced documents that have
these all the time, but it was a problem for LO-produced documents.
We don't add an explicit content type for _xmlsignatures/origin.sigs, so
need a default for the .sigs extension.
Change-Id: Ic5d0647991c42f9f1ef3519986a4bd1b56de396d
|
|
Change-Id: Idf60c9adcbc6d7467df92b48995bcb5c0bc3465b
Reviewed-on: https://gerrit.libreoffice.org/22308
Reviewed-by: Miklos Vajna <vmiklos@collabora.co.uk>
Tested-by: Jenkins <ci@libreoffice.org>
|
|
With this, our own import is happy when we sign LO-generated OOXML
files.
Change-Id: I977d7db5cf18fec1f33c480ab6e58852f2433923
|
|
Change-Id: I5c67db0369d5eb24178e7173ac716dd8e96dfd47
|
|
With this, our signature on a DOCX file is accepted by Word as well.
Change-Id: Ibd6bc77aa3f86a9b7f55f165383d1322ecb24f47
|
|
Another redundant field: it's the SHA-256 digest of the certificate data
for OOXML, not used for ODF. We need to store it after import, as we no
longer have the security environment at hand when we store the signature
to the persistent storage.
Change-Id: I3bcccb3c7c4f4178c0b267ce87777fba543f8716
|
|
OOXML export will need an SHA-256 hash of the certificate, introducing
a css::security::XCertificate2 just for this would be probably an
overkill. The same will have to be done in the mscrypto backend in the
near future.
Change-Id: Id2df06416a713927edd60e1253ff8e1c09dd706a
|
|
Again, just to help the exporter not loose information.
Change-Id: Icc729d6a58321695fa59e009a328fca56d5ef514
|
|
This is redundant, but it's needed to survive an export -> import ->
export flow, and at the end required in the OOXML result.
Change-Id: I0779950b6464b4e15f4da452c163cddbc3d03a3d
|
|
Our own importer is happy about the export result already, but MSO is
more picky, and mandates the correct content types for both
_xmlsignatures/origin.sigs and the individual signature streams.
With this, MSO can open the signed file again (while previously it just
declared the file corrupted), though it still declares the signature
invalid.
Change-Id: I199ad96bb91e7ce03fdf1f10f9500db4e05bb5c1
|
|
The problem was that the final export lacked the "#" prefix in the
same-document reference names. Fix this by doing what the ODF export
does: don't let the signature informations (data model) contain the "#",
just prepend it right before writing the name out.
This way it won't matter if the source of the name is an import (which
doesn't keep the "#") or a new signature (which did, previously), we'll
always write exactly one "#".
Change-Id: I18b6a5ba55b7e79ace537b7ecf575a7abc71e281
|
|
Change-Id: Ia24a1b64d4adfc0db537704779ca25cfd86cac8f
|
|
The root cause (and that still needs fixing) is that the OOXML signature
export fails to start same-document references with a "#" character.
OTOH, even if that happens, it's better to throw uno::RuntimeException
in UriBindingHelper::OpenInputStream() to avoid std::terminate().
Change-Id: I9c9c211de36fb0aeb2c33f62b094c9f4d9c85b3d
|
|
With this, _xmlsignatures/_rels/origin.sigs.rels and
_xmlsignatures/origin.sigs is written to the destination file.
Change-Id: I8d63a182e7cf05ed20195f88c90fba2a9a05379e
|
|
Previously this code worked only for reading, as we assumed if it
doesn't exist, then the storage is not OOXML, either.
With this, DigitalSignaturesDialog::OKButtonHdl() gets a valid storage,
where it'll be able to write the actual signatures.
Change-Id: Iadf63a88c962386abc31225c02398761aea818cb
|
|
When reading a signature, we just take the ODF signature stream or OOXML
signature storage.
When writing, we write to an ODF temporary stream / OOXML temporary
storage, read it back, and only the signatures dialog close handler
writes the signature back to the original file.
The underlying OOXML temporary storage's stream is the signature stream,
so only try to load signatures from the stream if it's not OOXML,
throwing a ZIP file at an XML parser is not a great idea.
Change-Id: I6e42d117b9c97676aaeaad158e78e39a2c39a5e8
|
|
Change-Id: I29937cf6baa02bda7821b4bb44c95e5b8a278080
|
|
Change-Id: I88b0be8b375b7698224e08768d867b767c3a98ad
|
|
The usual generator/meta stream and the signatures itself are the
excluded ones. It seems everything else has to be listed explicitly.
Change-Id: Ie0f3e161aa0c2e1cb97ad3d9d012ac78078e287a
|
|
Change-Id: I5fd400f095998184107c10afa95fe8b12c123d33
|
|
Again, just to not pointlessly differ from what MSO does.
Change-Id: I49f4744db1489120d300349fcd40756c0bed7de9
|
|
In ODF, they're relative to the package root, in OOXML they always start
with a leading slash.
Also, in OOXML the stream URI should have its content type as the
suffix.
Change-Id: Iac570ed15533a23c8a6098f99b716f90e1bac0e0
|
|
If the signature refers to an XML element with that id, we must export
at least a stub, otherwise xmlSecDSigCtxSign() will refuse to do
anything with the signature template.
With this, at least some calculated hashes and signature values appear
in the OOXML output.
Change-Id: Iff26c6ae0b97bf3509144a66a2c23070100a5974
|
|
So that we pass the correct node to xmlSecDSigCtxSign().
SAXEventKeeperImpl::startElement() always marks the first node written
by XSecController, which is the Signature node for ODF, but for OOXML,
the Signature node is the root element.
Fix the problem by writing the root element in
XSecController::exportOOXMLSignature() instead of doing it earlier,
similar how it's done for ODF (where we intentionally want to not mark
the root node).
Change-Id: Id0a76f155726ad53a996e9327454b8795497ac7b
|
|
At least that's what MSO does, probably intentionally.
Change-Id: I0722faaac4b9b93dad66753b8bb4f0e196adddf2
|
|
Change-Id: I3f99cd51232e7c60bf72a79412e5ed0b08851ba7
|
|
Change-Id: I8a0c85195992137fbc8a559cacdb389cea03671a
|
|
A ridiculously fast way of doing this is:
for i in $(pcregrep -l -M -r --include='.*[hc]xx$' \
--exclude-dir=workdir --exclude-dir=instdir '^
{3,}' .)
do
perl -0777 -i -pe 's/^
{3,}/
/gm' $i
done
Change-Id: Iebb93eccbee9e4fc5c4380474ba595858a27ac2c
Reviewed-on: https://gerrit.libreoffice.org/22224
Tested-by: Jenkins <ci@libreoffice.org>
Reviewed-by: Chris Sherlock <chris.sherlock79@gmail.com>
|
|
Change-Id: I77b30f28ae5a6fad360d7cada9acfaa9c324408b
Reviewed-on: https://gerrit.libreoffice.org/22216
Reviewed-by: Chris Sherlock <chris.sherlock79@gmail.com>
Tested-by: Chris Sherlock <chris.sherlock79@gmail.com>
|
|
Change-Id: Ib522a6ce9663b5f56888debb911296360da484d6
|
|
Change-Id: I7c5055e3bfaa81cae4c91842e9e3681d41d5c3b6
|
|
Change-Id: I5a2924c3c0af02a4630921bae6117f11655206c2
|
|
Change-Id: I1d8556487608e5a0bee2ae5f7a4b25a60579f4a9
|
|
They are kind of a special case for ODF, but OOXML uses these
exclusively, and then one of them refers to the actual package streams.
Change-Id: I4663eef4bd718a7563effd6cafa790126db6d8c7
|
|
This can be inspected after the add button handler finishes, but the
dialog is still alive.
Change-Id: I18ece31545de6d306a26b44d372f54df8221a456
|
|
Change-Id: I445a50d5c7d12609e4043bfedc41cdea456fa52f
|
|
Change-Id: I1cac26d1133722285abe038085ad81dc16be6d8f
|
|
Change-Id: I368a0254a8c8eff0ec7c56ecec4c0a462ae32252
|
|
Change-Id: I74585aa5a50cd335f4fd0a3ba4fed230b98993c3
|
|
Having them in the file apptypes.hxx isn't necessary helpful, IMO so
I've split the types into inputtypes.hxx and exceptiontypes.hxx
Change-Id: I89a1ff168c3ae276b2f5486669d4ec2dda062d57
|
|
It's just the root element so far.
Change-Id: If32e9e5bf339f639a20fa88d85e826e14f65dac2
|
|
_rels/origin.sigs.rels of the _xmlsignatures temporary storage now
contains references to the individual signature streams.
Change-Id: I619bd81989e3b62fc4282e0e72fbfa780d1fb8bd
|
|
It's an empty file, with the only purpose to have relations, referencing
the individual signature streams. The only tricky part is that a temp
file needs closeOutput() to flush its contents, flush() is not enough.
Change-Id: I92ac61bce201c97a727ff02b1bb74599573a1807
|
|
A 'signatures relation' is kind of a pointer that says where is the list
of signatures. When adding the first signature, this has to be created,
in addition to the actual signature relation.
This is yet another difference to ODF signing, where the signature is
just another additional stream in the package, while OOXML signing first
modifies the package to add the signatures relation, and then signs the
streams, so the input storage of the OOXML signing can't be a read-only
storage.
Change-Id: I81a976c945b28ddf7f347c4a7bfd51f98a1fc225
|
|
Instead just pass an empty stream, xmlsecurity knows how to look up its
signature storage from the root one.
With this, opening the digital signatures dialog, clicking on add, and
then OK in both dialogs no longer results in an (empty) META-INF storage
written to an OOXML file.
Change-Id: I7e4a93687465ec19be307917ec00cde08ed8092f
|
|
We'll need individual streams instead for OOXML.
Change-Id: Ia3a7172af39ebfb815d44b645b217da15e41c197
|
