xmlsecurity: make DocumentSignatureManager members private

Change-Id: I1262ca0dc2b2f843bdd6277415ee7967e9e59458 Reviewed-on: https://gerrit.libreoffice.org/72320 Tested-by: Jenkins Reviewed-by: Miklos Vajna <vmiklos@collabora.com>

xmlsecurity: make DocumentSignatureManager members private
Change-Id: I1262ca0dc2b2f843bdd6277415ee7967e9e59458 Reviewed-on: https://gerrit.libreoffice.org/72320 Tested-by: Jenkins Reviewed-by: Miklos Vajna <vmiklos@collabora.com>
7661e356 · Miklos Vajna · 8acc15b5 · 7661e356 · 7661e356 · 7661e356
Kaydet (Commit) 7661e356 authored May 14, 2019 tarafından Miklos Vajna
5 changed files
--- a/xmlsecurity/inc/documentsignaturemanager.hxx
+++ b/xmlsecurity/inc/documentsignaturemanager.hxx
@@ -60,7 +60,7 @@ class PDFSignatureHelper;
 /// Manages signatures (addition, removal), used by DigitalSignaturesDialog.
 class XMLSECURITY_DLLPUBLIC DocumentSignatureManager
 {
-public:
+private:
    css::uno::Reference<css::uno::XComponentContext> mxContext;
    css::uno::Reference<css::embed::XStorage> mxStore;
    XMLSignatureHelper maSignatureHelper;
@@ -77,9 +77,11 @@ public:
    css::uno::Reference<css::xml::crypto::XSEInitializer> mxGpgSEInitializer;
    css::uno::Reference<css::xml::crypto::XXMLSecurityContext> mxGpgSecurityContext;

+public:
    DocumentSignatureManager(const css::uno::Reference<css::uno::XComponentContext>& xContext,
                             DocumentSignatureMode eMode);
    ~DocumentSignatureManager();
+
    /**
     * Checks if a particular stream is a valid xml stream. Those are treated
     * differently when they are signed (c14n transformation)
@@ -116,6 +118,19 @@ public:
    css::uno::Reference<css::xml::crypto::XSecurityEnvironment> getGpgSecurityEnvironment();
    css::uno::Reference<css::xml::crypto::XXMLSecurityContext> const& getSecurityContext();
    css::uno::Reference<css::xml::crypto::XXMLSecurityContext> const& getGpgSecurityContext();
+    void setStore(const css::uno::Reference<css::embed::XStorage>& xStore) { mxStore = xStore; }
+    XMLSignatureHelper& getSignatureHelper() { return maSignatureHelper; }
+    bool hasPDFSignatureHelper() { return mpPDFSignatureHelper.get(); }
+    void setSignatureStream(const css::uno::Reference<css::io::XStream>& xSignatureStream)
+    {
+        mxSignatureStream = xSignatureStream;
+    }
+    css::uno::Reference<css::embed::XStorage> getStore() { return mxStore; }
+    DocumentSignatureMode getSignatureMode() const { return meSignatureMode; }
+    SignatureInformations& getCurrentSignatureInformations()
+    {
+        return maCurrentSignatureInformations;
+    }
 };

 #endif // INCLUDED_XMLSECURITY_INC_DOCUMENTSIGNATUREMANAGER_HXX

--- a/xmlsecurity/qa/unit/pdfsigning/pdfsigning.cxx
+++ b/xmlsecurity/qa/unit/pdfsigning/pdfsigning.cxx
@@ -285,9 +285,9 @@ CPPUNIT_TEST_FIXTURE(PDFSigningTest, testPDFRemoveAll)
    std::unique_ptr<SvStream> pStream
        = utl::UcbStreamHelper::CreateStream(aOutURL, StreamMode::READ | StreamMode::WRITE);
    uno::Reference<io::XStream> xStream(new utl::OStreamWrapper(std::move(pStream)));
-    aManager.mxSignatureStream = xStream;
+    aManager.setSignatureStream(xStream);
    aManager.read(/*bUseTempStream=*/false);
-    std::vector<SignatureInformation>& rInformations = aManager.maCurrentSignatureInformations;
+    std::vector<SignatureInformation>& rInformations = aManager.getCurrentSignatureInformations();
    // This was 1 when NSS_CMSSignerInfo_GetSigningCertificate() failed, which
    // means that we only used the locally imported certificates for
    // verification, not the ones provided in the PDF signature data.
@@ -315,12 +315,12 @@ CPPUNIT_TEST_FIXTURE(PDFSigningTest, testTdf107782)
    std::unique_ptr<SvStream> pStream
        = utl::UcbStreamHelper::CreateStream(aURL, StreamMode::READ | StreamMode::WRITE);
    uno::Reference<io::XStream> xStream(new utl::OStreamWrapper(std::move(pStream)));
-    aManager.mxSignatureStream = xStream;
+    aManager.setSignatureStream(xStream);
    aManager.read(/*bUseTempStream=*/false);
-    CPPUNIT_ASSERT(aManager.mpPDFSignatureHelper);
+    CPPUNIT_ASSERT(aManager.hasPDFSignatureHelper());

    // This failed with an std::bad_alloc exception on Windows.
-    aManager.mpPDFSignatureHelper->GetDocumentSignatureInformations(
+    aManager.getPDFSignatureHelper().GetDocumentSignatureInformations(
        aManager.getSecurityEnvironment());
 }

@@ -486,11 +486,11 @@ CPPUNIT_TEST_FIXTURE(PDFSigningTest, testUnknownSubFilter)
        m_directories.getURLFromSrc(DATA_DIRECTORY) + "cr-comment.pdf", StreamMode::STD_READ);
    uno::Reference<io::XStream> xStream(new utl::OStreamWrapper(std::move(pStream)));
    DocumentSignatureManager aManager(mxComponentContext, DocumentSignatureMode::Content);
-    aManager.mxSignatureStream = xStream;
+    aManager.setSignatureStream(xStream);
    aManager.read(/*bUseTempStream=*/false);

    // Make sure we find both signatures, even if the second has unknown SubFilter.
-    std::vector<SignatureInformation>& rInformations = aManager.maCurrentSignatureInformations;
+    std::vector<SignatureInformation>& rInformations = aManager.getCurrentSignatureInformations();
    CPPUNIT_ASSERT_EQUAL(static_cast<std::size_t>(2), rInformations.size());
 }


--- a/xmlsecurity/qa/unit/signing/signing.cxx
+++ b/xmlsecurity/qa/unit/signing/signing.cxx
@@ -209,8 +209,8 @@ CPPUNIT_TEST_FIXTURE(SigningTest, testDescription)
        = comphelper::OStorageHelper::GetStorageOfFormatFromURL(
            ZIP_STORAGE_FORMAT_STRING, aTempFile.GetURL(), embed::ElementModes::READWRITE);
    CPPUNIT_ASSERT(xStorage.is());
-    aManager.mxStore = xStorage;
-    aManager.maSignatureHelper.SetStorage(xStorage, "1.2");
+    aManager.setStore(xStorage);
+    aManager.getSignatureHelper().SetStorage(xStorage, "1.2");

    // Then add a signature document.
    uno::Reference<security::XCertificate> xCertificate
@@ -223,7 +223,7 @@ CPPUNIT_TEST_FIXTURE(SigningTest, testDescription)

    // Read back the signature and make sure that the description survives the roundtrip.
    aManager.read(/*bUseTempStream=*/true);
-    std::vector<SignatureInformation>& rInformations = aManager.maCurrentSignatureInformations;
+    std::vector<SignatureInformation>& rInformations = aManager.getCurrentSignatureInformations();
    CPPUNIT_ASSERT_EQUAL(static_cast<std::size_t>(1), rInformations.size());
    CPPUNIT_ASSERT_EQUAL(aDescription, rInformations[0].ouDescription);
 }
@@ -246,8 +246,8 @@ CPPUNIT_TEST_FIXTURE(SigningTest, testECDSA)
        = comphelper::OStorageHelper::GetStorageOfFormatFromURL(
            ZIP_STORAGE_FORMAT_STRING, aTempFile.GetURL(), embed::ElementModes::READWRITE);
    CPPUNIT_ASSERT(xStorage.is());
-    aManager.mxStore = xStorage;
-    aManager.maSignatureHelper.SetStorage(xStorage, "1.2");
+    aManager.setStore(xStorage);
+    aManager.getSignatureHelper().SetStorage(xStorage, "1.2");

    // Then add a signature.
    uno::Reference<security::XCertificate> xCertificate
@@ -260,7 +260,7 @@ CPPUNIT_TEST_FIXTURE(SigningTest, testECDSA)

    // Read back the signature and make sure that it's valid.
    aManager.read(/*bUseTempStream=*/true);
-    std::vector<SignatureInformation>& rInformations = aManager.maCurrentSignatureInformations;
+    std::vector<SignatureInformation>& rInformations = aManager.getCurrentSignatureInformations();
    CPPUNIT_ASSERT_EQUAL(static_cast<std::size_t>(1), rInformations.size());
    // This was SecurityOperationStatus_UNKNOWN, signing with an ECDSA key was
    // broken.
@@ -286,8 +286,8 @@ CPPUNIT_TEST_FIXTURE(SigningTest, testECDSAOOXML)
        = comphelper::OStorageHelper::GetStorageOfFormatFromURL(
            ZIP_STORAGE_FORMAT_STRING, aTempFile.GetURL(), embed::ElementModes::READWRITE);
    CPPUNIT_ASSERT(xStorage.is());
-    aManager.mxStore = xStorage;
-    aManager.maSignatureHelper.SetStorage(xStorage, "1.2");
+    aManager.setStore(xStorage);
+    aManager.getSignatureHelper().SetStorage(xStorage, "1.2");

    // Then add a document signature.
    uno::Reference<security::XCertificate> xCertificate
@@ -301,7 +301,7 @@ CPPUNIT_TEST_FIXTURE(SigningTest, testECDSAOOXML)

    // Read back the signature and make sure that it's valid.
    aManager.read(/*bUseTempStream=*/true);
-    std::vector<SignatureInformation>& rInformations = aManager.maCurrentSignatureInformations;
+    std::vector<SignatureInformation>& rInformations = aManager.getCurrentSignatureInformations();
    CPPUNIT_ASSERT_EQUAL(static_cast<std::size_t>(1), rInformations.size());
    // This was SecurityOperationStatus_UNKNOWN, signing with an ECDSA key was
    // broken.
@@ -328,7 +328,7 @@ CPPUNIT_TEST_FIXTURE(SigningTest, testECDSAPDF)
        aTempFile.GetURL(), StreamMode::READ | StreamMode::WRITE));
    uno::Reference<io::XStream> xStream(new utl::OStreamWrapper(*pStream));
    CPPUNIT_ASSERT(xStream.is());
-    aManager.mxSignatureStream = xStream;
+    aManager.setSignatureStream(xStream);

    // Then add a document signature.
    uno::Reference<security::XCertificate> xCertificate
@@ -342,7 +342,7 @@ CPPUNIT_TEST_FIXTURE(SigningTest, testECDSAPDF)

    // Read back the signature and make sure that it's valid.
    aManager.read(/*bUseTempStream=*/false);
-    std::vector<SignatureInformation>& rInformations = aManager.maCurrentSignatureInformations;
+    std::vector<SignatureInformation>& rInformations = aManager.getCurrentSignatureInformations();
    CPPUNIT_ASSERT_EQUAL(static_cast<std::size_t>(1), rInformations.size());
    // This was SecurityOperationStatus_UNKNOWN, signing with an ECDSA key was
    // broken.
@@ -368,8 +368,8 @@ CPPUNIT_TEST_FIXTURE(SigningTest, testOOXMLDescription)
        = comphelper::OStorageHelper::GetStorageOfFormatFromURL(
            ZIP_STORAGE_FORMAT_STRING, aTempFile.GetURL(), embed::ElementModes::READWRITE);
    CPPUNIT_ASSERT(xStorage.is());
-    aManager.mxStore = xStorage;
-    aManager.maSignatureHelper.SetStorage(xStorage, "1.2");
+    aManager.setStore(xStorage);
+    aManager.getSignatureHelper().SetStorage(xStorage, "1.2");

    // Then add a document signature.
    uno::Reference<security::XCertificate> xCertificate
@@ -382,7 +382,7 @@ CPPUNIT_TEST_FIXTURE(SigningTest, testOOXMLDescription)

    // Read back the signature and make sure that the description survives the roundtrip.
    aManager.read(/*bUseTempStream=*/true);
-    std::vector<SignatureInformation>& rInformations = aManager.maCurrentSignatureInformations;
+    std::vector<SignatureInformation>& rInformations = aManager.getCurrentSignatureInformations();
    CPPUNIT_ASSERT_EQUAL(static_cast<std::size_t>(1), rInformations.size());
    CPPUNIT_ASSERT_EQUAL(aDescription, rInformations[0].ouDescription);
 }
@@ -404,10 +404,10 @@ CPPUNIT_TEST_FIXTURE(SigningTest, testOOXMLAppend)
        = comphelper::OStorageHelper::GetStorageOfFormatFromURL(ZIP_STORAGE_FORMAT_STRING, aURL,
                                                                embed::ElementModes::READWRITE);
    CPPUNIT_ASSERT(xStorage.is());
-    aManager.mxStore = xStorage;
-    aManager.maSignatureHelper.SetStorage(xStorage, "1.2");
+    aManager.setStore(xStorage);
+    aManager.getSignatureHelper().SetStorage(xStorage, "1.2");
    aManager.read(/*bUseTempStream=*/false);
-    std::vector<SignatureInformation>& rInformations = aManager.maCurrentSignatureInformations;
+    std::vector<SignatureInformation>& rInformations = aManager.getCurrentSignatureInformations();
    CPPUNIT_ASSERT_EQUAL(static_cast<std::size_t>(1), rInformations.size());

    // Then add a second document signature.
@@ -440,10 +440,10 @@ CPPUNIT_TEST_FIXTURE(SigningTest, testOOXMLRemove)
        = comphelper::OStorageHelper::GetStorageOfFormatFromURL(ZIP_STORAGE_FORMAT_STRING, aURL,
                                                                embed::ElementModes::READWRITE);
    CPPUNIT_ASSERT(xStorage.is());
-    aManager.mxStore = xStorage;
-    aManager.maSignatureHelper.SetStorage(xStorage, "1.2");
+    aManager.setStore(xStorage);
+    aManager.getSignatureHelper().SetStorage(xStorage, "1.2");
    aManager.read(/*bUseTempStream=*/false);
-    std::vector<SignatureInformation>& rInformations = aManager.maCurrentSignatureInformations;
+    std::vector<SignatureInformation>& rInformations = aManager.getCurrentSignatureInformations();
    CPPUNIT_ASSERT_EQUAL(static_cast<std::size_t>(2), rInformations.size());

    // Then remove the last added signature.
@@ -476,10 +476,10 @@ CPPUNIT_TEST_FIXTURE(SigningTest, testOOXMLRemoveAll)
        = comphelper::OStorageHelper::GetStorageOfFormatFromURL(ZIP_STORAGE_FORMAT_STRING, aURL,
                                                                embed::ElementModes::READWRITE);
    CPPUNIT_ASSERT(xStorage.is());
-    aManager.mxStore = xStorage;
-    aManager.maSignatureHelper.SetStorage(xStorage, "1.2");
+    aManager.setStore(xStorage);
+    aManager.getSignatureHelper().SetStorage(xStorage, "1.2");
    aManager.read(/*bUseTempStream=*/false);
-    std::vector<SignatureInformation>& rInformations = aManager.maCurrentSignatureInformations;
+    std::vector<SignatureInformation>& rInformations = aManager.getCurrentSignatureInformations();
    CPPUNIT_ASSERT_EQUAL(static_cast<std::size_t>(1), rInformations.size());

    // Then remove the only signature in the document.
@@ -714,8 +714,8 @@ CPPUNIT_TEST_FIXTURE(SigningTest, testXAdESNotype)
        = comphelper::OStorageHelper::GetStorageOfFormatFromURL(
            ZIP_STORAGE_FORMAT_STRING, aTempFile.GetURL(), embed::ElementModes::READWRITE);
    CPPUNIT_ASSERT(xStorage.is());
-    aManager.mxStore = xStorage;
-    aManager.maSignatureHelper.SetStorage(xStorage, "1.2");
+    aManager.setStore(xStorage);
+    aManager.getSignatureHelper().SetStorage(xStorage, "1.2");
    aManager.read(/*bUseTempStream=*/false);

    // Create a new signature.
@@ -775,8 +775,8 @@ CPPUNIT_TEST_FIXTURE(SigningTest, testXAdES)
        = comphelper::OStorageHelper::GetStorageOfFormatFromURL(
            ZIP_STORAGE_FORMAT_STRING, aTempFile.GetURL(), embed::ElementModes::READWRITE);
    CPPUNIT_ASSERT(xStorage.is());
-    aManager.mxStore = xStorage;
-    aManager.maSignatureHelper.SetStorage(xStorage, "1.2");
+    aManager.setStore(xStorage);
+    aManager.getSignatureHelper().SetStorage(xStorage, "1.2");

    // Create a signature.
    uno::Reference<security::XCertificate> xCertificate

--- a/xmlsecurity/source/component/documentdigitalsignatures.cxx
+++ b/xmlsecurity/source/component/documentdigitalsignatures.cxx
@@ -271,9 +271,9 @@ sal_Bool DocumentDigitalSignatures::signSignatureLine(
    if (!aSignatureManager.init())
        return false;

-    aSignatureManager.mxStore = rxStorage;
-    aSignatureManager.maSignatureHelper.SetStorage(rxStorage, m_sODFVersion);
-    aSignatureManager.mxSignatureStream = xSignStream;
+    aSignatureManager.setStore(rxStorage);
+    aSignatureManager.getSignatureHelper().SetStorage(rxStorage, m_sODFVersion);
+    aSignatureManager.setSignatureStream(xSignStream);

    Reference<XXMLSecurityContext> xSecurityContext;
    Reference<XServiceInfo> xServiceInfo(xCertificate, UNO_QUERY);
@@ -480,10 +480,10 @@ DocumentDigitalSignatures::ImplVerifySignatures(
        return Sequence< css::security::DocumentSignatureInformation >(0);


-    XMLSignatureHelper& rSignatureHelper = aSignatureManager.maSignatureHelper;
+    XMLSignatureHelper& rSignatureHelper = aSignatureManager.getSignatureHelper();
    rSignatureHelper.SetStorage(rxStorage, m_sODFVersion);

-    rSignatureHelper.StartMission(aSignatureManager.mxSecurityContext);
+    rSignatureHelper.StartMission(aSignatureManager.getSecurityContext());

    if (xInputStream.is())
        rSignatureHelper.ReadAndVerifySignature(xInputStream);
@@ -769,9 +769,9 @@ sal_Bool DocumentDigitalSignatures::signDocumentWithCertificate(
    if (!aSignatureManager.init())
        return false;

-    aSignatureManager.mxStore = xStorage;
-    aSignatureManager.maSignatureHelper.SetStorage(xStorage, m_sODFVersion);
-    aSignatureManager.mxSignatureStream = xStream;
+    aSignatureManager.setStore(xStorage);
+    aSignatureManager.getSignatureHelper().SetStorage(xStorage, m_sODFVersion);
+    aSignatureManager.setSignatureStream(xStream);

    Reference<XXMLSecurityContext> xSecurityContext;
    Reference<XServiceInfo> xServiceInfo(xCertificate, UNO_QUERY);

--- a/xmlsecurity/source/dialogs/digitalsignaturesdialog.cxx
+++ b/xmlsecurity/source/dialogs/digitalsignaturesdialog.cxx
@@ -170,7 +170,7 @@ DigitalSignaturesDialog::DigitalSignaturesDialog(

    m_xCloseBtn->connect_clicked( LINK( this, DigitalSignaturesDialog, OKButtonHdl) );

-    switch( maSignatureManager.meSignatureMode )
+    switch( maSignatureManager.getSignatureMode() )
    {
        case DocumentSignatureMode::Content:
            m_xHintDocFT->show();
@@ -196,7 +196,7 @@ bool DigitalSignaturesDialog::Init()

    if ( bInit )
    {
-        maSignatureManager.maSignatureHelper.SetStartVerifySignatureHdl( LINK( this, DigitalSignaturesDialog, StartVerifySignatureHdl ) );
+        maSignatureManager.getSignatureHelper().SetStartVerifySignatureHdl( LINK( this, DigitalSignaturesDialog, StartVerifySignatureHdl ) );
    }

    return bInit;
@@ -212,13 +212,13 @@ void DigitalSignaturesDialog::SetStorage( const css::uno::Reference < css::embed
        return;
    }

-    maSignatureManager.mxStore = rxStore;
-    maSignatureManager.maSignatureHelper.SetStorage( maSignatureManager.mxStore, m_sODFVersion);
+    maSignatureManager.setStore(rxStore);
+    maSignatureManager.getSignatureHelper().SetStorage( maSignatureManager.getStore(), m_sODFVersion);
 }

 void DigitalSignaturesDialog::SetSignatureStream( const css::uno::Reference < css::io::XStream >& rxStream )
 {
-    maSignatureManager.mxSignatureStream = rxStream;
+    maSignatureManager.setSignatureStream(rxStream);
 }

 bool DigitalSignaturesDialog::canAddRemove()
@@ -227,16 +227,16 @@ bool DigitalSignaturesDialog::canAddRemove()
    //'canAdd' and 'canRemove' case
    bool ret = true;

-    uno::Reference<container::XNameAccess> xNameAccess(maSignatureManager.mxStore, uno::UNO_QUERY);
+    uno::Reference<container::XNameAccess> xNameAccess(maSignatureManager.getStore(), uno::UNO_QUERY);
    if (xNameAccess.is() && xNameAccess->hasByName("[Content_Types].xml"))
        // It's always possible to append an OOXML signature.
        return ret;

-    if (!maSignatureManager.mxStore.is())
+    if (!maSignatureManager.getStore().is())
        // It's always possible to append a PDF signature.
        return ret;

-    OSL_ASSERT(maSignatureManager.mxStore.is());
+    OSL_ASSERT(maSignatureManager.getStore().is());
    bool bDoc1_1 = DocumentSignatureHelper::isODFPre_1_2(m_sODFVersion);
    SaveODFItem item;
    bool bSave1_1 = item.isLessODF1_2();
@@ -258,7 +258,7 @@ bool DigitalSignaturesDialog::canAddRemove()
    //As of OOo 3.2 the document signature includes in macrosignatures.xml. That is
    //adding a macro signature will break an existing document signature.
    //The sfx2 will remove the documentsignature when the user adds a macro signature
-    if (maSignatureManager.meSignatureMode == DocumentSignatureMode::Macros
+    if (maSignatureManager.getSignatureMode() == DocumentSignatureMode::Macros
        && ret)
    {
        if (m_bHasDocumentSignature && !m_bWarningShowSignMacro)
@@ -290,7 +290,7 @@ bool DigitalSignaturesDialog::canRemove()
 {
    bool bRet = true;

-    if ( maSignatureManager.meSignatureMode == DocumentSignatureMode::Content )
+    if ( maSignatureManager.getSignatureMode() == DocumentSignatureMode::Content )
    {
        std::unique_ptr<weld::MessageDialog> xBox(Application::CreateMessageDialog(m_xDialog.get(),
                                                  VclMessageType::Question, VclButtonsType::YesNo,
@@ -319,7 +319,7 @@ short DigitalSignaturesDialog::run()
    // consequences, as I noticed when I tried to use DocumentSignatureManager::IsXAdESRelevant()
    // (which now is in #if 0).

-    if (!maSignatureManager.maCurrentSignatureInformations.empty())
+    if (!maSignatureManager.getCurrentSignatureInformations().empty())
    {
        // If the document has only SHA-1 signatures we probably want it to stay that way?
    }
@@ -371,7 +371,7 @@ IMPL_LINK_NOARG(DigitalSignaturesDialog, AddButtonHdl, weld::Button&, void)
        std::vector<uno::Reference<xml::crypto::XXMLSecurityContext>> xSecContexts;
        xSecContexts.push_back(maSignatureManager.getSecurityContext());
        // Gpg signing is only possible with ODF >= 1.2 documents
-        if (DocumentSignatureHelper::CanSignWithGPG(maSignatureManager.mxStore, m_sODFVersion))
+        if (DocumentSignatureHelper::CanSignWithGPG(maSignatureManager.getStore(), m_sODFVersion))
            xSecContexts.push_back(maSignatureManager.getGpgSecurityContext());

        CertificateChooser aChooser(m_xDialog.get(), xSecContexts, UserAction::Sign);
@@ -385,9 +385,9 @@ IMPL_LINK_NOARG(DigitalSignaturesDialog, AddButtonHdl, weld::Button&, void)

            xml::crypto::SecurityOperationStatus nStatus = xml::crypto::SecurityOperationStatus_OPERATION_SUCCEEDED;

-            if (maSignatureManager.mxStore.is())
+            if (maSignatureManager.getStore().is())
                // In the PDF case the signature information is only available after parsing.
-                nStatus = maSignatureManager.maSignatureHelper.GetSignatureInformation( nSecurityId ).nStatus;
+                nStatus = maSignatureManager.getSignatureHelper().GetSignatureInformation( nSecurityId ).nStatus;

            if ( nStatus == css::xml::crypto::SecurityOperationStatus_OPERATION_SUCCEEDED )
            {
@@ -502,7 +502,7 @@ void DigitalSignaturesDialog::ImplFillSignaturesBox()
 {
    m_xSignaturesLB->clear();

-    size_t nInfos = maSignatureManager.maCurrentSignatureInformations.size();
+    size_t nInfos = maSignatureManager.getCurrentSignatureInformations().size();
    size_t nValidSigs = 0, nValidCerts = 0;
    bool bAllNewSignatures = true;

@@ -511,12 +511,12 @@ void DigitalSignaturesDialog::ImplFillSignaturesBox()
        for( size_t n = 0; n < nInfos; ++n )
        {
            DocumentSignatureAlgorithm mode = DocumentSignatureHelper::getDocumentAlgorithm(
-                m_sODFVersion, maSignatureManager.maCurrentSignatureInformations[n]);
+                m_sODFVersion, maSignatureManager.getCurrentSignatureInformations()[n]);
            std::vector< OUString > aElementsToBeVerified;
-            if (maSignatureManager.mxStore.is())
-                aElementsToBeVerified = DocumentSignatureHelper::CreateElementList(maSignatureManager.mxStore, maSignatureManager.meSignatureMode, mode);
+            if (maSignatureManager.getStore().is())
+                aElementsToBeVerified = DocumentSignatureHelper::CreateElementList(maSignatureManager.getStore(), maSignatureManager.getSignatureMode(), mode);

-            const SignatureInformation& rInfo = maSignatureManager.maCurrentSignatureInformations[n];
+            const SignatureInformation& rInfo = maSignatureManager.getCurrentSignatureInformations()[n];
            uno::Reference< css::security::XCertificate > xCert = getCertificate(rInfo);

            OUString aSubject;
@@ -555,7 +555,7 @@ void DigitalSignaturesDialog::ImplFillSignaturesBox()
            aDescription = rInfo.ouDescription;

            // Decide type string.
-            if (maSignatureManager.mxStore.is())
+            if (maSignatureManager.getStore().is())
            {
                // OpenPGP
                if (!rInfo.ouGpgCertificate.isEmpty())
@@ -599,20 +599,20 @@ void DigitalSignaturesDialog::ImplFillSignaturesBox()
            //by an version of OOo previous to 3.2
            // If there is no storage, then it's pointless to check storage
            // stream references.
-            else if (maSignatureManager.meSignatureMode == DocumentSignatureMode::Content
-                && (maSignatureManager.mxStore.is() && !DocumentSignatureHelper::isOOo3_2_Signature(
-                maSignatureManager.maCurrentSignatureInformations[n])))
+            else if (maSignatureManager.getSignatureMode() == DocumentSignatureMode::Content
+                && (maSignatureManager.getStore().is() && !DocumentSignatureHelper::isOOo3_2_Signature(
+                maSignatureManager.getCurrentSignatureInformations()[n])))
            {
                sImage = BMP_SIG_NOT_VALIDATED;
                bAllNewSignatures = false;
            }
-            else if (maSignatureManager.meSignatureMode == DocumentSignatureMode::Content
+            else if (maSignatureManager.getSignatureMode() == DocumentSignatureMode::Content
                && DocumentSignatureHelper::isOOo3_2_Signature(
-                maSignatureManager.maCurrentSignatureInformations[n]))
+                maSignatureManager.getCurrentSignatureInformations()[n]))
            {
                sImage = BMP_SIG_VALID;
            }
-            else if (maSignatureManager.meSignatureMode == DocumentSignatureMode::Macros)
+            else if (maSignatureManager.getSignatureMode() == DocumentSignatureMode::Macros)
            {
                sImage = BMP_SIG_VALID;
            }
@@ -707,7 +707,7 @@ void DigitalSignaturesDialog::ImplShowSignaturesDetails()
    if (nEntry != -1)
    {
        sal_uInt16 nSelected = m_xSignaturesLB->get_id(nEntry).toUInt32();
-        const SignatureInformation& rInfo = maSignatureManager.maCurrentSignatureInformations[ nSelected ];
+        const SignatureInformation& rInfo = maSignatureManager.getCurrentSignatureInformations()[ nSelected ];
        uno::Reference<security::XCertificate> xCert = getCertificate(rInfo);

        if ( xCert.is() )