Sign Signature Line

This adds a new context menu entry "Sign Signature Line" to signature lines.
You can directly sign the document from there.

Still missing is the updating of the graphic to reflect the valid/invalid
signature state.

Change-Id: Ib8bc8c57f9d5370a10e379f86f9e41e57c715e3f
Reviewed-on: https://gerrit.libreoffice.org/53778Tested-by: Jenkins <ci@libreoffice.org>
Reviewed-by: Samuel Mehrbrodt <Samuel.Mehrbrodt@cib.de>

cui/source/dialogs/SignSignatureLineDialog.cxx

@@ -15,10 +15,12 @@
 #include <strings.hrc>
 
 #include <comphelper/processfactory.hxx>
+#include <comphelper/storagehelper.hxx>
 #include <comphelper/xmltools.hxx>
 #include <tools/stream.hxx>
 #include <unotools/streamwrap.hxx>
 #include <vcl/weld.hxx>
+#include <sfx2/objsh.hxx>
 
 #include <com/sun/star/beans/XPropertySet.hpp>
 #include <com/sun/star/drawing/XShape.hpp>
@@ -137,40 +139,57 @@ void SignSignatureLineDialog::ValidateFields()
 
 void SignSignatureLineDialog::Apply()
 {
-    // Read svg and replace placeholder texts
-    OUString aSvgImage(getSignatureImage());
-    aSvgImage = aSvgImage.replaceAll("[SIGNER_NAME]", getCDataString(m_aSuggestedSignerName));
-    aSvgImage = aSvgImage.replaceAll("[SIGNER_TITLE]", getCDataString(m_aSuggestedSignerTitle));
-
-    aSvgImage = aSvgImage.replaceAll("[SIGNATURE]", getCDataString(m_xEditName->get_text()));
-    OUString aIssuerLine = CuiResId(RID_SVXSTR_SIGNATURELINE_SIGNED_BY)
-                               .replaceFirst("%1", m_xSelectedCertifate->getIssuerName());
-    aSvgImage = aSvgImage.replaceAll("[SIGNED_BY]", getCDataString(aIssuerLine));
-    aSvgImage = aSvgImage.replaceAll("[INVALID_SIGNATURE]", "");
-
-    OUString aDate;
-    if (m_bShowSignDate)
+    if (!m_xSelectedCertifate.is())
     {
-        const SvtSysLocale aSysLocale;
-        const LocaleDataWrapper& rLocaleData = aSysLocale.GetLocaleData();
-        Date aDateTime(Date::SYSTEM);
-        aDate = rLocaleData.getDate(aDateTime);
+        SAL_WARN("cui.dialogs", "No certificate selected!");
     }
-    aSvgImage = aSvgImage.replaceAll("[DATE]", aDate);
 
-    // Insert/Update graphic
-    SvMemoryStream aSvgStream(4096, 4096);
-    aSvgStream.WriteOString(OUStringToOString(aSvgImage, RTL_TEXTENCODING_UTF8));
-    Reference<XInputStream> xInputStream(new utl::OSeekableInputStreamWrapper(aSvgStream));
-    Reference<XComponentContext> xContext(comphelper::getProcessComponentContext());
-    Reference<XGraphicProvider> xProvider = css::graphic::GraphicProvider::create(xContext);
+    SfxObjectShell* pShell = SfxObjectShell::Current();
+    pShell->SignDocumentContent(m_xSelectedCertifate);
 
-    Sequence<PropertyValue> aMediaProperties(1);
-    aMediaProperties[0].Name = "InputStream";
-    aMediaProperties[0].Value <<= xInputStream;
-    Reference<XGraphic> xGraphic(xProvider->queryGraphic(aMediaProperties));
+    bool bSuccess = false; // TODO
 
-    m_xShapeProperties->setPropertyValue("Graphic", Any(xGraphic));
+    if (bSuccess)
+    {
+        // Read svg and replace placeholder texts
+        OUString aSvgImage(getSignatureImage());
+        aSvgImage = aSvgImage.replaceAll("[SIGNER_NAME]", getCDataString(m_aSuggestedSignerName));
+        aSvgImage = aSvgImage.replaceAll("[SIGNER_TITLE]", getCDataString(m_aSuggestedSignerTitle));
+
+        aSvgImage = aSvgImage.replaceAll("[SIGNATURE]", getCDataString(m_xEditName->get_text()));
+        OUString aIssuerLine = CuiResId(RID_SVXSTR_SIGNATURELINE_SIGNED_BY)
+                                   .replaceFirst("%1", m_xSelectedCertifate->getIssuerName());
+        aSvgImage = aSvgImage.replaceAll("[SIGNED_BY]", getCDataString(aIssuerLine));
+        aSvgImage = aSvgImage.replaceAll("[INVALID_SIGNATURE]", "");
+
+        OUString aDate;
+        if (m_bShowSignDate)
+        {
+            const SvtSysLocale aSysLocale;
+            const LocaleDataWrapper& rLocaleData = aSysLocale.GetLocaleData();
+            Date aDateTime(Date::SYSTEM);
+            aDate = rLocaleData.getDate(aDateTime);
+        }
+        aSvgImage = aSvgImage.replaceAll("[DATE]", aDate);
+
+        // Insert/Update graphic
+        SvMemoryStream aSvgStream(4096, 4096);
+        aSvgStream.WriteOString(OUStringToOString(aSvgImage, RTL_TEXTENCODING_UTF8));
+        Reference<XInputStream> xInputStream(new utl::OSeekableInputStreamWrapper(aSvgStream));
+        Reference<XComponentContext> xContext(comphelper::getProcessComponentContext());
+        Reference<XGraphicProvider> xProvider = css::graphic::GraphicProvider::create(xContext);
+
+        Sequence<PropertyValue> aMediaProperties(1);
+        aMediaProperties[0].Name = "InputStream";
+        aMediaProperties[0].Value <<= xInputStream;
+        Reference<XGraphic> xGraphic(xProvider->queryGraphic(aMediaProperties));
+
+        m_xShapeProperties->setPropertyValue("Graphic", Any(xGraphic));
+    }
+    else
+    {
+        // TODO: Show error dialog
+    }
 }
 
 /* vim:set shiftwidth=4 softtabstop=4 expandtab cinoptions=b1,g0,N-s cinkeys+=0=break: */

include/sfx2/docfile.hxx

@@ -35,6 +35,7 @@
 #include <com/sun/star/lang/XServiceInfo.hpp>
 #include <com/sun/star/ucb/XContent.hpp>
 #include <com/sun/star/ucb/XCommandEnvironment.hpp>
+#include <com/sun/star/security/XCertificate.hpp>
 #include <com/sun/star/task/XInteractionHandler.hpp>
 #include <com/sun/star/embed/XStorage.hpp>
 #include <com/sun/star/beans/PropertyValue.hpp>
@@ -262,7 +263,10 @@ public:
                              const INetURLObject& aDest,
                              const css::uno::Reference< css::ucb::XCommandEnvironment >& xComEnv );
 
-    SAL_DLLPRIVATE bool SignContents_Impl( bool bScriptingContent, const OUString& aODFVersion, bool bHasValidDocumentSignature );
+    SAL_DLLPRIVATE bool
+    SignContents_Impl(const css::uno::Reference<css::security::XCertificate> xCert,
+                      bool bScriptingContent, const OUString& aODFVersion,
+                      bool bHasValidDocumentSignature);
 
     // the following two methods must be used and make sense only during saving currently
     // TODO/LATER: in future the signature state should be controlled by the medium not by the document

include/sfx2/objsh.hxx

@@ -356,6 +356,7 @@ public:
     // xmlsec05, check with SFX team
     SignatureState              GetDocumentSignatureState();
     void                        SignDocumentContent();
+    void                        SignDocumentContent(css::uno::Reference<css::security::XCertificate> xCert);
     SignatureState              GetScriptingSignatureState();
     void                        SignScriptingContent();
     DECL_LINK(SignDocumentHandler, Button*, void);
@@ -738,7 +739,10 @@ public:
             const css::uno::Reference< css::security::XDocumentDigitalSignatures >& xSigner
                 = css::uno::Reference< css::security::XDocumentDigitalSignatures >() );
 
-    SAL_DLLPRIVATE void ImplSign( bool bScriptingContent = false );
+    SAL_DLLPRIVATE void
+    ImplSign(const css::uno::Reference<css::security::XCertificate> xCert,
+             bool bScriptingContent = false);
+
     SAL_DLLPRIVATE bool QuerySaveSizeExceededModules_Impl( const css::uno::Reference< css::task::XInteractionHandler >& xHandler );
     SAL_DLLPRIVATE bool QueryAllowExoticFormat_Impl( const css::uno::Reference< css::task::XInteractionHandler >& xHandler,
                                                      const OUString& rURL,

offapi/com/sun/star/security/XDocumentDigitalSignatures.idl

@@ -46,6 +46,17 @@ interface XDocumentDigitalSignatures : com::sun::star::uno::XInterface
     boolean signDocumentContent( [in] ::com::sun::star::embed::XStorage xStorage,
                                  [in] ::com::sun::star::io::XStream xSignStream);
 
+    /** Signs the content of the document including text and pictures
+        using the given XCertificate
+
+       Macros will not be signed.
+
+       @since LibreOffice 6.1
+     */
+    boolean signDocumentContentWithCertificate( [in] ::com::sun::star::embed::XStorage xStorage,
+                                                [in] ::com::sun::star::io::XStream xSignStream,
+                                                [in] ::com::sun::star::security::XCertificate xCertificate);
+
     /** checks for digital signatures and their status.
 
         <p>Only document content will be checked.</p>

sfx2/source/doc/docfile.cxx

@@ -70,6 +70,7 @@
 #include <com/sun/star/beans/PropertyValue.hpp>
 #include <com/sun/star/security/DocumentSignatureInformation.hpp>
 #include <com/sun/star/security/DocumentDigitalSignatures.hpp>
+#include <com/sun/star/security/XCertificate.hpp>
 #include <o3tl/make_unique.hxx>
 #include <tools/urlobj.hxx>
 #include <tools/fileutil.hxx>
@@ -136,6 +137,7 @@ using namespace ::com::sun::star::uno;
 using namespace ::com::sun::star::ucb;
 using namespace ::com::sun::star::beans;
 using namespace ::com::sun::star::io;
+using namespace ::com::sun::star::security;
 
 namespace {
 
@@ -3659,7 +3661,8 @@ void SfxMedium::CreateTempFileNoCopy()
     CloseStorage();
 }
 
-bool SfxMedium::SignContents_Impl( bool bScriptingContent, const OUString& aODFVersion, bool bHasValidDocumentSignature )
+bool SfxMedium::SignContents_Impl(const Reference<XCertificate> xCert, bool bScriptingContent,
+                                  const OUString& aODFVersion, bool bHasValidDocumentSignature)
 {
     bool bChanges = false;
 
@@ -3747,7 +3750,15 @@ bool SfxMedium::SignContents_Impl( bool bScriptingContent, const OUString& aODFV
                         if (GetFilter() && GetFilter()->IsOwnFormat())
                             xStream.set(xMetaInf->openStreamElement(xSigner->getDocumentContentSignatureDefaultStreamName(), embed::ElementModes::READWRITE), uno::UNO_SET_THROW);
 
-                        if ( xSigner->signDocumentContent( GetZipStorageToSign_Impl(), xStream ) )
+                        bool bSuccess = false;
+                        if (xCert.is())
+                            bSuccess = xSigner->signDocumentContentWithCertificate(
+                                GetZipStorageToSign_Impl(), xStream, xCert);
+                        else
+                            bSuccess = xSigner->signDocumentContent(GetZipStorageToSign_Impl(),
+                                                                    xStream);
+
+                        if (bSuccess)
                         {
                             uno::Reference< embed::XTransactedObject > xTransact( xMetaInf, uno::UNO_QUERY_THROW );
                             xTransact->commit();
@@ -3763,8 +3774,21 @@ bool SfxMedium::SignContents_Impl( bool bScriptingContent, const OUString& aODFV
                     {
                         // OOXML.
                         uno::Reference<io::XStream> xStream;
-                        // We need read-write to be able to add the signature relation.
-                        if (xSigner->signDocumentContent(GetZipStorageToSign_Impl(/*bReadOnly=*/false), xStream))
+
+                        bool bSuccess = false;
+                        if (xCert.is())
+                        {
+                            bSuccess = xSigner->signDocumentContentWithCertificate(
+                                GetZipStorageToSign_Impl(), xStream, xCert);
+                        }
+                        else
+                        {
+                            // We need read-write to be able to add the signature relation.
+                            bSuccess =xSigner->signDocumentContent(
+                                GetZipStorageToSign_Impl(/*bReadOnly=*/false), xStream);
+                        }
+
+                        if (bSuccess)
                         {
                             uno::Reference<embed::XTransactedObject> xTransact(xWriteableZipStor, uno::UNO_QUERY_THROW);
                             xTransact->commit();

sfx2/source/doc/objserv.cxx

@@ -33,6 +33,7 @@
 #include <com/sun/star/container/XNameAccess.hpp>
 #include <com/sun/star/document/XCmisDocument.hpp>
 #include <com/sun/star/document/XExporter.hpp>
+#include <com/sun/star/security/XCertificate.hpp>
 #include <com/sun/star/task/ErrorCodeIOException.hpp>
 #include <com/sun/star/task/InteractionHandler.hpp>
 #include <com/sun/star/task/XStatusIndicator.hpp>
@@ -111,6 +112,7 @@ using namespace ::com::sun::star::awt;
 using namespace ::com::sun::star::container;
 using namespace ::com::sun::star::beans;
 using namespace ::com::sun::star::document;
+using namespace ::com::sun::star::security;
 using namespace ::com::sun::star::task;
 
 #define ShellClass_SfxObjectShell
@@ -1359,7 +1361,8 @@ SignatureState SfxObjectShell::ImplGetSignatureState( bool bScriptingContent )
     return *pState;
 }
 
-void SfxObjectShell::ImplSign( bool bScriptingContent )
+void SfxObjectShell::ImplSign(Reference<XCertificate> xCert,
+                              bool bScriptingContent)
 {
     // Check if it is stored in OASIS format...
     if  (   GetMedium()
@@ -1480,21 +1483,18 @@ void SfxObjectShell::ImplSign( bool bScriptingContent )
     {
         GetMedium()->CloseAndRelease();
 
-        // We sign only ODF1.2, that means that if this point has been reached,
-        // the ODF1.2 signing process should be used.
-        // This code still might be called to show the signature of ODF1.1 document.
-        bool bSigned = GetMedium()->SignContents_Impl(
-            bScriptingContent,
-            aODFVersion,
-            pImpl->nDocumentSignatureState == SignatureState::OK
+        bool bHasValidSignatures = pImpl->nDocumentSignatureState == SignatureState::OK
             || pImpl->nDocumentSignatureState == SignatureState::NOTVALIDATED
-            || pImpl->nDocumentSignatureState == SignatureState::PARTIAL_OK);
+            || pImpl->nDocumentSignatureState == SignatureState::PARTIAL_OK;
+
+        bool bSignSuccess = GetMedium()->SignContents_Impl(
+            xCert, bScriptingContent, aODFVersion, bHasValidSignatures);
 
         pImpl->m_bSavingForSigning = true;
         DoSaveCompleted( GetMedium() );
         pImpl->m_bSavingForSigning = false;
 
-        if ( bSigned )
+        if ( bSignSuccess )
         {
             if ( bScriptingContent )
             {
@@ -1523,7 +1523,12 @@ SignatureState SfxObjectShell::GetDocumentSignatureState()
 
 void SfxObjectShell::SignDocumentContent()
 {
-    ImplSign();
+    ImplSign(Reference<XCertificate>());
+}
+
+void SfxObjectShell::SignDocumentContent(const Reference<XCertificate> xCert)
+{
+    ImplSign(xCert);
 }
 
 SignatureState SfxObjectShell::GetScriptingSignatureState()
@@ -1533,7 +1538,7 @@ SignatureState SfxObjectShell::GetScriptingSignatureState()
 
 void SfxObjectShell::SignScriptingContent()
 {
-    ImplSign( true );
+    ImplSign( Reference<XCertificate>(), true );
 }
 
 namespace

xmlsecurity/source/component/documentdigitalsignatures.cxx

@@ -48,9 +48,12 @@
 #include <cppuhelper/supportsservice.hxx>
 #include <com/sun/star/lang/IllegalArgumentException.hpp>
 #include <com/sun/star/security/XDocumentDigitalSignatures.hpp>
+#include <com/sun/star/xml/crypto/XXMLSecurityContext.hpp>
 
 using namespace css;
 using namespace css::uno;
+using namespace css::lang;
+using namespace css::xml::crypto;
 
 class DocumentDigitalSignatures
     : public cppu::WeakImplHelper<css::security::XDocumentDigitalSignatures,
@@ -101,6 +104,10 @@ public:
     sal_Bool SAL_CALL
     signDocumentContent(const css::uno::Reference<css::embed::XStorage>& xStorage,
                         const css::uno::Reference<css::io::XStream>& xSignStream) override;
+    sal_Bool SAL_CALL signDocumentContentWithCertificate(
+        const css::uno::Reference<css::embed::XStorage>& Storage,
+        const css::uno::Reference<css::io::XStream>& xSignStream,
+        const css::uno::Reference<css::security::XCertificate>& xCertificate) override;
     css::uno::Sequence<css::security::DocumentSignatureInformation>
         SAL_CALL verifyDocumentContentSignatures(
             const css::uno::Reference<css::embed::XStorage>& xStorage,
@@ -215,6 +222,51 @@ sal_Bool DocumentDigitalSignatures::signDocumentContent(
     return ImplViewSignatures( rxStorage, xSignStream, DocumentSignatureMode::Content, false );
 }
 
+sal_Bool DocumentDigitalSignatures::signDocumentContentWithCertificate(
+    const Reference<css::embed::XStorage>& rxStorage,
+    const Reference<css::io::XStream>& xSignStream,
+    const Reference<css::security::XCertificate>& xCertificate)
+{
+    OSL_ENSURE(!m_sODFVersion.isEmpty(),
+               "DocumentDigitalSignatures: ODF Version not set, assuming minimum 1.2");
+
+    DocumentSignatureManager aSignatureManager(mxCtx, DocumentSignatureMode::Content);
+
+    if (!aSignatureManager.init())
+        return false;
+
+    aSignatureManager.mxStore = rxStorage;
+    aSignatureManager.maSignatureHelper.SetStorage(rxStorage, m_sODFVersion);
+    aSignatureManager.mxSignatureStream = xSignStream;
+
+    Reference<XXMLSecurityContext> xSecurityContext;
+    Reference<XServiceInfo> xServiceInfo(xCertificate, UNO_QUERY);
+    if (xServiceInfo->getImplementationName()
+        == "com.sun.star.xml.security.gpg.XCertificate_GpgImpl")
+        xSecurityContext = aSignatureManager.getGpgSecurityContext();
+    else
+        xSecurityContext = aSignatureManager.getSecurityContext();
+
+    sal_Int32 nSecurityId;
+    OUString aDescription("");
+    bool bSuccess
+        = aSignatureManager.add(xCertificate, xSecurityContext, aDescription, nSecurityId, true);
+    if (!bSuccess)
+        return false;
+
+    // Need to have this to verify the signature
+    aSignatureManager.read(/*bUseTempStream=*/true, /*bCacheLastSignature=*/false);
+    aSignatureManager.write(true);
+
+    if (rxStorage.is() && !xSignStream.is())
+    {
+        uno::Reference<embed::XTransactedObject> xTrans(rxStorage, uno::UNO_QUERY);
+        xTrans->commit();
+    }
+
+    return true;
+}
+
 Sequence< css::security::DocumentSignatureInformation >
 DocumentDigitalSignatures::verifyDocumentContentSignatures(
     const Reference< css::embed::XStorage >& rxStorage,

xmlsecurity/source/gpg/CertificateImpl.cxx

@@ -13,6 +13,7 @@
 
 #include <comphelper/servicehelper.hxx>
 #include <comphelper/sequence.hxx>
+#include <cppuhelper/supportsservice.hxx>
 
 #include <com/sun/star/security/KeyUsage.hpp>
 #include <officecfg/Office/Common.hxx>
@@ -246,4 +247,19 @@ const GpgME::Key* CertificateImpl::getCertificate() const
     return &m_pKey;
 }
 
+/* XServiceInfo */
+OUString SAL_CALL CertificateImpl::getImplementationName()
+{
+    return OUString("com.sun.star.xml.security.gpg.XCertificate_GpgImpl");
+}
+
+/* XServiceInfo */
+sal_Bool SAL_CALL CertificateImpl::supportsService(const OUString& serviceName)
+{
+    return cppu::supportsService(this, serviceName);
+}
+
+/* XServiceInfo */
+Sequence<OUString> SAL_CALL CertificateImpl::getSupportedServiceNames() { return { OUString() }; }
+
 /* vim:set shiftwidth=4 softtabstop=4 expandtab: */

xmlsecurity/source/gpg/CertificateImpl.hxx

@@ -21,6 +21,7 @@
 #include <com/sun/star/uno/Exception.hpp>
 #include <com/sun/star/uno/RuntimeException.hpp>
 #include <com/sun/star/uno/Sequence.hxx>
+#include <com/sun/star/lang/XServiceInfo.hpp>
 #include <com/sun/star/lang/XUnoTunnel.hpp>
 #include <com/sun/star/uno/SecurityException.hpp>
 #include <com/sun/star/security/CertificateKind.hpp>
@@ -36,7 +37,8 @@
 #endif
 
 class CertificateImpl : public cppu::WeakImplHelper< css::security::XCertificate,
-                                                     css::lang::XUnoTunnel >,
+                                                     css::lang::XUnoTunnel,
+                                                     css::lang::XServiceInfo >,
                         public xmlsecurity::Certificate
 {
 private:
@@ -91,6 +93,11 @@ public:
     // Helper methods
     void setCertificate(GpgME::Context* ctx, const GpgME::Key& key);
     const GpgME::Key* getCertificate() const;
+
+    // XServiceInfo
+    virtual OUString SAL_CALL getImplementationName() override;
+    virtual sal_Bool SAL_CALL supportsService(const OUString& ServiceName) override;
+    virtual css::uno::Sequence<OUString> SAL_CALL getSupportedServiceNames() override;
 } ;
 
 #endif // INCLUDED_XMLSECURITY_SOURCE_GPG_X509CERTIFICATE_HXX

xmlsecurity/source/xmlsec/mscrypt/x509certificate_mscryptimpl.cxx

@@ -22,6 +22,7 @@
 #include <sal/config.h>
 #include <comphelper/servicehelper.hxx>
 #include <comphelper/windowserrorstring.hxx>
+#include <cppuhelper/supportsservice.hxx>
 #include "x509certificate_mscryptimpl.hxx"
 #include <certificateextension_xmlsecimpl.hxx>
 #include "sanextension_mscryptimpl.hxx"
@@ -643,4 +644,22 @@ sal_Int32 SAL_CALL X509Certificate_MSCryptImpl::getCertificateUsage(  )
     return usage;
 }
 
+/* XServiceInfo */
+OUString SAL_CALL X509Certificate_MSCryptImpl::getImplementationName()
+{
+    return OUString("com.sun.star.xml.security.gpg.XCertificate_MsCryptImpl");
+}
+
+/* XServiceInfo */
+sal_Bool SAL_CALL X509Certificate_MSCryptImpl::supportsService(const OUString& serviceName)
+{
+    return cppu::supportsService(this, serviceName);
+}
+
+/* XServiceInfo */
+Sequence<OUString> SAL_CALL X509Certificate_MSCryptImpl::getSupportedServiceNames()
+{
+    return { OUString() };
+}
+
 /* vim:set shiftwidth=4 softtabstop=4 expandtab: */

xmlsecurity/source/xmlsec/mscrypt/x509certificate_mscryptimpl.hxx

@@ -31,6 +31,7 @@
 #include <cppuhelper/implbase.hxx>
 #include <com/sun/star/uno/Exception.hpp>
 #include <com/sun/star/lang/XUnoTunnel.hpp>
+#include <com/sun/star/lang/XServiceInfo.hpp>
 #include <com/sun/star/uno/SecurityException.hpp>
 #include <com/sun/star/security/CertificateKind.hpp>
 #include <com/sun/star/security/XCertificate.hpp>
@@ -38,7 +39,8 @@
 
 class X509Certificate_MSCryptImpl : public ::cppu::WeakImplHelper<
     css::security::XCertificate ,
-    css::lang::XUnoTunnel > , public xmlsecurity::Certificate
+    css::lang::XUnoTunnel,
+    css::lang::XServiceInfo > , public xmlsecurity::Certificate
 {
     private:
         const CERT_CONTEXT* m_pCertContext ;
@@ -84,6 +86,11 @@ class X509Certificate_MSCryptImpl : public ::cppu::WeakImplHelper<
         const CERT_CONTEXT* getMswcryCert() const ;
         /// @throws css::uno::RuntimeException
         void setRawCert( css::uno::Sequence< sal_Int8 > const & rawCert ) ;
+
+        // XServiceInfo
+        virtual OUString SAL_CALL getImplementationName() override;
+        virtual sal_Bool SAL_CALL supportsService(const OUString& ServiceName) override;
+        virtual css::uno::Sequence<OUString> SAL_CALL getSupportedServiceNames() override;
 } ;
 
 #endif // INCLUDED_XMLSECURITY_SOURCE_XMLSEC_MSCRYPT_X509CERTIFICATE_MSCRYPTIMPL_HXX

xmlsecurity/source/xmlsec/nss/x509certificate_nssimpl.cxx

@@ -28,6 +28,7 @@
 
 #include <sal/config.h>
 #include <comphelper/servicehelper.hxx>
+#include <cppuhelper/supportsservice.hxx>
 #include <rtl/ref.hxx>
 #include "x509certificate_nssimpl.hxx"
 
@@ -492,4 +493,19 @@ sal_Int32 SAL_CALL X509Certificate_NssImpl::getCertificateUsage(  )
     return usage;
 }
 
+/* XServiceInfo */
+OUString SAL_CALL X509Certificate_NssImpl::getImplementationName()
+{
+    return OUString("com.sun.star.xml.security.gpg.XCertificate_NssImpl");
+}
+
+/* XServiceInfo */
+sal_Bool SAL_CALL X509Certificate_NssImpl::supportsService(const OUString& serviceName)
+{
+    return cppu::supportsService(this, serviceName);
+}
+
+/* XServiceInfo */
+Sequence<OUString> SAL_CALL X509Certificate_NssImpl::getSupportedServiceNames() { return { OUString() }; }
+
 /* vim:set shiftwidth=4 softtabstop=4 expandtab: */

xmlsecurity/source/xmlsec/nss/x509certificate_nssimpl.hxx

@@ -26,6 +26,7 @@
 #include <cppuhelper/implbase.hxx>
 #include <com/sun/star/uno/Exception.hpp>
 #include <com/sun/star/lang/XUnoTunnel.hpp>
+#include <com/sun/star/lang/XServiceInfo.hpp>
 #include <com/sun/star/uno/SecurityException.hpp>
 #include <com/sun/star/security/CertificateKind.hpp>
 #include <com/sun/star/security/XCertificate.hpp>
@@ -35,7 +36,8 @@
 
 class X509Certificate_NssImpl : public ::cppu::WeakImplHelper<
     css::security::XCertificate ,
-    css::lang::XUnoTunnel > , public xmlsecurity::Certificate
+    css::lang::XUnoTunnel,
+    css::lang::XServiceInfo > , public xmlsecurity::Certificate
 {
     private:
         CERTCertificate* m_pCert ;
@@ -90,6 +92,11 @@ class X509Certificate_NssImpl : public ::cppu::WeakImplHelper<
         const CERTCertificate* getNssCert() const ;
         /// @throws css::uno::RuntimeException
         void setRawCert( const css::uno::Sequence< sal_Int8 >& rawCert ) ;
+
+        // XServiceInfo
+        virtual OUString SAL_CALL getImplementationName() override;
+        virtual sal_Bool SAL_CALL supportsService(const OUString& ServiceName) override;
+        virtual css::uno::Sequence<OUString> SAL_CALL getSupportedServiceNames() override;
 } ;
 
 #endif // INCLUDED_XMLSECURITY_SOURCE_XMLSEC_NSS_X509CERTIFICATE_NSSIMPL_HXX