Age	Commit message (Collapse)	Author
2023-01-14	XUnoTunnel->dynamic_cast in SecurityEnvironmentGpg	Noel Grandin
	Change-Id: I8535b32de2c7cb71a5108211af0e896029ff5608 Reviewed-on: https://gerrit.libreoffice.org/c/core/+/145501 Tested-by: Jenkins Reviewed-by: Noel Grandin <noel.grandin@collabora.co.uk>
2023-01-14	XUnoTunnel->dynamic_cast in XMLElementWrapper_XmlSecImpl	Noel Grandin
	Change-Id: Ie0654c8ba6367b575c289b63ac02668ae38066c5 Reviewed-on: https://gerrit.libreoffice.org/c/core/+/145495 Tested-by: Jenkins Reviewed-by: Noel Grandin <noel.grandin@collabora.co.uk>
2022-12-20	Use SecurityEnvironmentGpg's XUnoTunnel instead of dynamic_cast	Stephan Bergmann
	...where 88ac77c0bc21accfd6f5c404217c3c2aaef2d674 "gpg4libre: List and view GPG keys" had introduced SecurityEnvironmentGpg complete with (apparently unused) XUnoTunnel, but then cae5f2a543b31552ccd9765aca5eb514fa694e07 "gpg4libre: initial GPG signature generation" and 0e226d4c193824d79f71d6918038de48afffaf26 "gpg4libre: initial GPG signature validation" had failed to make use of it. (See the upcoming commit introducing loplugin:unocast on why such dynamic_casts from UNO types are dangerous.) Change-Id: I29cc5c1cec9c2e98528c7257993f300d131bf41c Reviewed-on: https://gerrit.libreoffice.org/c/core/+/144509 Tested-by: Jenkins Reviewed-by: Stephan Bergmann <sbergman@redhat.com>
2022-12-19	Use XUnoTunnel instead of dynamic_cast here too	Stephan Bergmann
	...like in other code accessing XMLElementWrapper_XmlSecImpl. (See the upcoming commit introducing loplugin:unocast on why such dynamic_casts from UNO types are dangerous.) Change-Id: Ib67332dd2d6a1aa31f5515940fdd6f4a9f638bbb Reviewed-on: https://gerrit.libreoffice.org/c/core/+/144508 Tested-by: Jenkins Reviewed-by: Stephan Bergmann <sbergman@redhat.com>
2022-10-27	Update libxmlsec to 1.2.35	Miklos Vajna
	- backport 2 patches to fix the build - replace calls to the now deprecated xmlSecBase64Decode() Change-Id: Ib3254002fff5e49bb6dd4eb1bf62e7d2ee7be83e Reviewed-on: https://gerrit.libreoffice.org/c/core/+/141865 Reviewed-by: Miklos Vajna <vmiklos@collabora.com> Tested-by: Jenkins
2020-04-02	xmlsec-wrapper.h must be included before any xmlsec header	Mike Kaganski
	This fixes structs size mismatch between xmlsec and its users because of XMLSEC_NO_SIZE_T not yet defined at the time of their definition. See https://lists.freedesktop.org/archives/libreoffice/2020-April/084800.html Change-Id: I8de9a012f849d9a5a84f5ce580484b66192d1e06 Reviewed-on: https://gerrit.libreoffice.org/c/core/+/91531 Tested-by: Jenkins Reviewed-by: Miklos Vajna <vmiklos@collabora.com>
2020-01-28	remove some unused local vars	Noel Grandin
	found by my new aggressive unused var plugin. these are unused return values from function calls Change-Id: I3359c583f535828f192cb833762dfedc008d82f0 Reviewed-on: https://gerrit.libreoffice.org/c/core/+/87439 Tested-by: Jenkins Reviewed-by: Noel Grandin <noel.grandin@collabora.co.uk>
2019-07-31	Improved loplugin:stringconstant (now that GCC 7 supports it): xmlsecurity	Stephan Bergmann
	Change-Id: I47c93247b9a34abf4b95966833664e63eb57f133 Reviewed-on: https://gerrit.libreoffice.org/76621 Tested-by: Jenkins Reviewed-by: Stephan Bergmann <sbergman@redhat.com>
2019-05-09	tdf#42949 Fix IWYU warnings in xmlsecurity/*cxx	Gabor Kelemen
	Found with bin/find-unneeded-includes Only removal proposals are dealt with here. Change-Id: I89c77656ea4021cb16bd122cb1dd1cd803390c3d Reviewed-on: https://gerrit.libreoffice.org/71765 Tested-by: Jenkins Reviewed-by: Miklos Vajna <vmiklos@collabora.com>
2018-11-04	replace double-checked locking patterns with thread safe local statics	Mike Kaganski
	Change-Id: I1bf67196e97411aeecc13ed4f91d1088a315e323 Reviewed-on: https://gerrit.libreoffice.org/62839 Tested-by: Jenkins Reviewed-by: Mike Kaganski <mike.kaganski@collabora.com>
2018-07-19	loplugin:unusedmethods	Noel Grandin
	Change-Id: I2b7a055a44c63bfc072b82580811898e177fbb8e Reviewed-on: https://gerrit.libreoffice.org/57628 Tested-by: Jenkins Reviewed-by: Noel Grandin <noel.grandin@collabora.co.uk>
2018-07-12	Add missing sal/log.hxx headers	Gabor Kelemen
	rtl/string.hxx and rtl/ustring.hxx both unnecessarily #include <sal/log.hxx> (and don't make use of it themselves), but many other files happen to depend on it. This is a continuation of commit 6ff2d84ade299cb3d14d4110e4cf1a4b8070c030 to be able to remove those unneeded includes. This commit adds missing headers to every file found by: grep -FwL sal/log.hxx $(git grep -Elw 'SAL_INFO\|SAL_INFO_IF\|SAL_WARN\|SAL_WARN_IF\|SAL_DETAIL_LOG_STREAM\|SAL_WHERE\|SAL_STREAM\|SAL_DEBUG') to directories w* x* Change-Id: I27bff44da3d34d24262031c7489e755311599bc5 Reviewed-on: https://gerrit.libreoffice.org/57307 Tested-by: Jenkins Reviewed-by: Miklos Vajna <vmiklos@collabora.co.uk>
2018-03-02	xmlsecurity: create XMLElementWrapper instances with a constructor	Miklos Vajna
	Change-Id: I0fe7d0a21b0ea35b537466316a637a0a46c52fe5 Reviewed-on: https://gerrit.libreoffice.org/50601 Reviewed-by: Miklos Vajna <vmiklos@collabora.co.uk> Tested-by: Jenkins <ci@libreoffice.org>
2018-01-17	coverity#1427630 Unchecked return value	Caolán McNamara
	Change-Id: If92d5b080ce9a4e28fe15da1448f74ecf0a31257
2017-12-05	gpg4libre: add gpgme config header where gpgme.h is included	Thorsten Behrens
	Also pull in config_lgpl.h in that case. Change-Id: Iae4e56ee8023066581c562c66305875a0fe15f37 Reviewed-on: https://gerrit.libreoffice.org/45809 Tested-by: Jenkins <ci@libreoffice.org> Reviewed-by: Thorsten Behrens <Thorsten.Behrens@CIB.de>
2017-11-27	Silence clang-cl -Werror,-Wundef in workdir/UnpackedTarball/gpgmepp/ includes	Stephan Bergmann
	> workdir/UnpackedTarball/libgpg-error/src\gpg-error.h(709,5): error: '__GNUC__' is not defined, evaluates to 0 [-Werror,-Wundef] > #if __GNUC__ > ^ > 1 error generated. Change-Id: Icae46745069431e60faa7d2e6ca44ab800e72b95 Reviewed-on: https://gerrit.libreoffice.org/45341 Reviewed-by: Stephan Bergmann <sbergman@redhat.com> Tested-by: Stephan Bergmann <sbergman@redhat.com>
2017-10-23	loplugin:includeform: xmlsecurity	Stephan Bergmann
	Change-Id: I9c3eca51fec52a255fcf280fe4e5ecc2ebbee5f3
2017-07-17	gpg4libre: Import public key payload if verification result != valid	Katarina Behrens
	it is essential to look closer at the results of verification (code doing that was removed by commit bdbebda1d80f538f946b14042) to be able to proceed with importing public key payload from the file if needed I've also killed one more instance of xmlStrlen being used on binary data Change-Id: I8cd45fe963c8dde91727471ddbebe6943374a121 Reviewed-on: https://gerrit.libreoffice.org/40066 Tested-by: Jenkins <ci@libreoffice.org> Reviewed-by: Thorsten Behrens <Thorsten.Behrens@CIB.de>
2017-07-17	gpg4libre: use full SHA1 hash for key identification	Thorsten Behrens
	Read and write full 20 bytes/40 hex chars of SHA1 key hash, instead of some abridged versions. See also https://lists.debian.org/debian-devel/2016/08/msg00215.html Change-Id: I741afc94ac7cf559880fe55ff02420723e13310d Reviewed-on: https://gerrit.libreoffice.org/40027 Reviewed-by: Thorsten Behrens <Thorsten.Behrens@CIB.de> Tested-by: Thorsten Behrens <Thorsten.Behrens@CIB.de>
2017-07-14	tdf#108831 PGP signature shown as invalid	Samuel Mehrbrodt
	It was valid, but not trusted. We need to show the owner trust in another place. gpg4libre Change-Id: I344a7b064a22c16b647c73d52f7abd91cfc86be9 Reviewed-on: https://gerrit.libreoffice.org/39826 Reviewed-by: Katarina Behrens <Katarina.Behrens@cib.de> Tested-by: Jenkins <ci@libreoffice.org> Reviewed-by: Thorsten Behrens <Thorsten.Behrens@CIB.de> Tested-by: Thorsten Behrens <Thorsten.Behrens@CIB.de>
2017-07-14	gpg4libre: Don't use xmlStrlen on binary data	Katarina Behrens
	Odd things happen inside gpgme if the buffer is prematurely truncated due to \n char and valid signature is then evaluated as invalid Change-Id: I24d4d22af06a3dde6eb7fdfc12953cf1b5f19c1e Reviewed-on: https://gerrit.libreoffice.org/39945 Reviewed-by: Samuel Mehrbrodt <Samuel.Mehrbrodt@cib.de> Tested-by: Jenkins <ci@libreoffice.org> Reviewed-by: Katarina Behrens <Katarina.Behrens@cib.de>
2017-06-28	gpg4libre: Don't call production code inside an assert()	Samuel Mehrbrodt
	Won't work in non-debug builds Change-Id: I64f9c416890ddd02ec8efc0f59ded145cc17896a Reviewed-on: https://gerrit.libreoffice.org/39345 Tested-by: Jenkins <ci@libreoffice.org> Reviewed-by: Samuel Mehrbrodt <Samuel.Mehrbrodt@cib.de>
2017-06-25	gpg4libre: import public key payload if initial validation fails	Thorsten Behrens
	Since maybe we don't know the key yet? Change-Id: I8b7e3f472d4731d9fb8bb675d81bdad257aa9230 Reviewed-on: https://gerrit.libreoffice.org/39194 Reviewed-by: Thorsten Behrens <Thorsten.Behrens@CIB.de> Tested-by: Thorsten Behrens <Thorsten.Behrens@CIB.de>
2017-06-25	gpg4libre: save some space, extract binary key/sign data	Thorsten Behrens
	Since callers will base64-encode this anyway, again Change-Id: I0962d102fa0f2b95eaa2e608539cc291125f0321 Reviewed-on: https://gerrit.libreoffice.org/39193 Reviewed-by: Thorsten Behrens <Thorsten.Behrens@CIB.de> Tested-by: Thorsten Behrens <Thorsten.Behrens@CIB.de>
2017-06-25	gpg4libre: base64-encode and decode SignatureValue	Thorsten Behrens
	which xmldsig-core actually requires Change-Id: I92a6e192865919d844009be042dad36106a19fc8 Reviewed-on: https://gerrit.libreoffice.org/39192 Tested-by: Jenkins <ci@libreoffice.org> Reviewed-by: Thorsten Behrens <Thorsten.Behrens@CIB.de>
2017-06-24	gpp4libre: error handling, proper key extraction	Thorsten Behrens
	Change-Id: I1cb219f825393309219a4ebfb406482050b91228 Reviewed-on: https://gerrit.libreoffice.org/39191 Tested-by: Jenkins <ci@libreoffice.org> Reviewed-by: Thorsten Behrens <Thorsten.Behrens@CIB.de>
2017-06-23	XMLSignature_GpgImpl: Use cppu::supportsService	Samuel Mehrbrodt
	Change-Id: Ic093462c957aa445aab43f95ac22af3a3df1d709
2017-06-23	XMLSignature_GpgImpl: Clean up namespaces	Samuel Mehrbrodt
	Change-Id: I34aa59171b5d440bdd6bdec80badf7a3eb42bd3f
2017-06-21	gpg4libre: actually take key from user selection	Thorsten Behrens
	Change-Id: I6b18865913492d41a8e0206a430e267fe78c553a
2017-06-21	gpg4libre: some code improvements, add metadata for OpenPGP keys	Thorsten Behrens
	Change-Id: I1beb692b9a9a34b5f0cf743ba9e4a145ac582184
2017-06-21	gpg4libre: write PGPData info, get more metadata out for gpg key	Thorsten Behrens
	Change-Id: Ia560869ec02fca7fe4219136e1fe939e13f1e4c2
2017-06-21	gpg4libre: now use the gpg security env	Thorsten Behrens
	Change-Id: I84e4d6872aab27f5b11ec727787a2eab80ef6a66
2017-06-21	gpg4libre: Make signature dialog work with two signing services	Samuel Mehrbrodt
	Change-Id: I0b47e6dba38222bb6b4f778c4206d3b37bc93089
2017-06-21	gpg4libre: initial GPG signature validation	Thorsten Behrens
	Change-Id: I80afd77f74a6cb3f3fb7da03a6a4b74b132360d2
2017-06-21	gpg4libre: fix gpg signature generation	Thorsten Behrens
	Change-Id: I6eb95c948b6c8c9b8dee21215b430921bf454bb9
2017-06-21	gpg4libre: share static xmlsec lib between nss and gpg	Thorsten Behrens
	In the end, the gpgme implementation uses enough of xmlsec functionality that splitting those (and ending up with two copies) was just not worth it. Change-Id: Ida87c848e4e6a770e3c697add9ceb589a9ec3930
2017-05-18	gpg4libre: fix windows build	Thorsten Behrens
	Change-Id: I66b809bbf2f5ab5d9c1eaf40ba8f2c91f4bc8007
2017-05-18	gpg4libre: initial GPG signature generation	Thorsten Behrens
	* takes XML-Sec signature template * calculates digest for all added reference streams * produces signature value over canonicalized signature template * writes same as detached signature into template, streams that out Change-Id: I303e080dc25c440175fe1ae897f03cf356d5d0f2 Reviewed-on: https://gerrit.libreoffice.org/36106 Reviewed-by: Siegmund Gorr <siegmund.gorr@cib.de> Reviewed-by: Thorsten Behrens <Thorsten.Behrens@CIB.de> Tested-by: Thorsten Behrens <Thorsten.Behrens@CIB.de>