gpg4libre: List and view GPG keys

* Add GPG implementation of css::xml::crypto UNO interfaces (part of that is only stub atm) * List gpg keys along with other certificates * Viewing gpg certificates: Not all properties are implemented yet Change-Id: I7f60b26efe949a94bf8fe1b8d4d428002c2995b1 Reviewed-on: https://gerrit.libreoffice.org/33843Tested-by: Jenkins <ci@libreoffice.org> Reviewed-by: Siegmund Gorr <siegmund.gorr@cib.de> Reviewed-by: Thorsten Behrens <Thorsten.Behrens@CIB.de>

gpg4libre: List and view GPG keys
* Add GPG implementation of css::xml::crypto UNO interfaces (part of that is only stub atm) * List gpg keys along with other certificates * Viewing gpg certificates: Not all properties are implemented yet Change-Id: I7f60b26efe949a94bf8fe1b8d4d428002c2995b1 Reviewed-on: https://gerrit.libreoffice.org/33843Tested-by: Jenkins <ci@libreoffice.org> Reviewed-by: Siegmund Gorr <siegmund.gorr@cib.de> Reviewed-by: Thorsten Behrens <Thorsten.Behrens@CIB.de>
88ac77c0 · Samuel Mehrbrodt · Thorsten Behrens · ed0e8f97 · 88ac77c0 · 88ac77c0
Kaydet (Commit) 88ac77c0 authored Şub 02, 2017 tarafından Samuel Mehrbrodt Kaydeden (comit) Thorsten Behrens Mar 04, 2017
41 changed files
--- a/Repository.mk
+++ b/Repository.mk
@@ -624,6 +624,7 @@ $(eval $(call gb_Helper_register_libraries_for_install,PLAINLIBS_OOO,ooo, \
 	xmlsecurity \
 	xsec_fw \
 	xsec_xmlsec \
+	$(if $(filter-out MACOSX WNT,$(OS)),xsec_gpg) \
 	xstor \
 	$(if $(filter $(OS),MACOSX), \
 		macab1 \

--- a/bin/update_pch
+++ b/bin/update_pch
@@ -124,6 +124,7 @@ DEFAULTS = \
    'xmlsecurity.xmlsecurity'           : ( 6, EXCLUDE, INCLUDE, INCLUDE), #   5.1
    'xmlsecurity.xsec_fw'               : ( 2, EXCLUDE, INCLUDE, EXCLUDE), #   2.7
    'xmlsecurity.xsec_xmlsec'           : ( 2, EXCLUDE, INCLUDE, INCLUDE), #   4.4
+    'xmlsecurity.xsec_gpg'              : ( 2, EXCLUDE, INCLUDE, INCLUDE), #   ?
 }

 def remove_rare(raw, min_use=-1):

--- a/compilerplugins/clang/plugin.cxx
+++ b/compilerplugins/clang/plugin.cxx
@@ -43,7 +43,8 @@ bool Plugin::ignoreLocation( SourceLocation loc )
    const char* bufferName = compiler.getSourceManager().getPresumedLoc( expansionLoc ).getFilename();
    if (bufferName == NULL
        || strncmp( bufferName, SRCDIR "/external/", strlen( SRCDIR "/external/" )) == 0
-        || strcmp( bufferName, SRCDIR "/sdext/source/pdfimport/wrapper/keyword_list" ) == 0 )
+        || strcmp( bufferName, SRCDIR "/sdext/source/pdfimport/wrapper/keyword_list" ) == 0
+        || strncmp( bufferName, SRCDIR "/xmlsecurity/source/gpg", strlen( SRCDIR "/xmlsecurity/source/gpg" )) == 0 )
            // workdir/CustomTarget/sdext/pdfimport/hash.cxx is generated from
            // sdext/source/pdfimport/wrapper/keyword_list by gperf, which
            // inserts various #line directives denoting the latter into the

--- a/offapi/UnoApi_offapi.mk
+++ b/offapi/UnoApi_offapi.mk
@@ -463,6 +463,13 @@ $(eval $(call gb_UnoApi_add_idlfiles_nohdl,offapi,com/sun/star/xml/crypto,\
 	SEInitializer \
 	XMLSecurityContext \
 ))
+$(eval $(call gb_UnoApi_add_idlfiles_nohdl,offapi,com/sun/star/xml/crypto/gpg,\
+	GpgSecurityEnvironment \
+	GpgSEInitializer \
+	GpgXMLEncryption \
+	GpgXMLSecurityContext \
+	GpgXMLSignature \
+))
 $(eval $(call gb_UnoApi_add_idlfiles_nohdl,offapi,com/sun/star/xml/dom,\
 	DocumentBuilder \
 	SAXDocumentBuilder \

--- a/offapi/com/sun/star/xml/crypto/gpg/GpgSEInitializer.idl
+++ b/offapi/com/sun/star/xml/crypto/gpg/GpgSEInitializer.idl
+/* -*- Mode: C++; tab-width: 4; indent-tabs-mode: nil; c-basic-offset: 4 -*- */
+/*
+ * This file is part of the LibreOffice project.
+ *
+ * This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/.
+ */
+
+#ifndef __com_sun_star_xml_crypto_gpg_GpgSEInitializer_idl_
+#define __com_sun_star_xml_crypto_gpg_GpgSEInitializer_idl_
+
+#include <com/sun/star/xml/crypto/XSEInitializer.idl>
+
+module com { module sun { module star { module xml { module crypto { module gpg {
+
+/**
+ * Service implementing XSEInitializer
+ *
+ * @since LibreOffice 5.4
+ */
+service GpgSEInitializer : XSEInitializer;
+
+} ; } ; } ; } ; } ; } ;
+
+#endif
+
+/* vim:set shiftwidth=4 softtabstop=4 expandtab: */
--- a/offapi/com/sun/star/xml/crypto/gpg/GpgSecurityEnvironment.idl
+++ b/offapi/com/sun/star/xml/crypto/gpg/GpgSecurityEnvironment.idl
+/* -*- Mode: C++; tab-width: 4; indent-tabs-mode: nil; c-basic-offset: 4 -*- */
+/*
+ * This file is part of the LibreOffice project.
+ *
+ * This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/.
+ */
+
+#ifndef __com_sun_star_xml_crypto_gpg_GpgSecurityEnvironment_idl_
+#define __com_sun_star_xml_crypto_gpg_GpgSecurityEnvironment_idl_
+
+#include <com/sun/star/xml/crypto/XSecurityEnvironment.idl>
+
+module com { module sun { module star { module xml { module crypto { module gpg {
+
+/**
+ * Service implementing XSecurityEnvironment
+ *
+ * @since LibreOffice 5.4
+ */
+service GpgSecurityEnvironment : XSecurityEnvironment;
+
+} ; } ; } ; } ; } ; } ;
+
+#endif
+
+/* vim:set shiftwidth=4 softtabstop=4 expandtab: */
--- a/offapi/com/sun/star/xml/crypto/gpg/GpgXMLEncryption.idl
+++ b/offapi/com/sun/star/xml/crypto/gpg/GpgXMLEncryption.idl
+/* -*- Mode: C++; tab-width: 4; indent-tabs-mode: nil; c-basic-offset: 4 -*- */
+/*
+ * This file is part of the LibreOffice project.
+ *
+ * This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/.
+ */
+
+#ifndef __com_sun_star_xml_crypto_gpg_GpgXMLEncryption_idl_
+#define __com_sun_star_xml_crypto_gpg_GpgXMLEncryption_idl_
+
+#include <com/sun/star/uno/XInterface.idl>
+#include <com/sun/star/uno/Exception.idl>
+#include <com/sun/star/xml/crypto/XXMLEncryption.idl>
+#include <com/sun/star/lang/XInitialization.idl>
+
+module com { module sun { module star { module xml { module crypto { module gpg {
+
+/**
+ * Service implementing XXMLEncryption
+ *
+ * @since LibreOffice 5.4
+ */
+service GpgXMLEncryption {
+    interface com::sun::star::xml::crypto::XXMLEncryption ;
+    interface com::sun::star::lang::XInitialization ;
+} ;
+
+} ; } ; } ; } ; } ; } ;
+
+#endif
+
+/* vim:set shiftwidth=4 softtabstop=4 expandtab: */
--- a/offapi/com/sun/star/xml/crypto/gpg/GpgXMLSecurityContext.idl
+++ b/offapi/com/sun/star/xml/crypto/gpg/GpgXMLSecurityContext.idl
+/* -*- Mode: C++; tab-width: 4; indent-tabs-mode: nil; c-basic-offset: 4 -*- */
+/*
+ * This file is part of the LibreOffice project.
+ *
+ * This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/.
+ */
+
+#ifndef __com_sun_star_xml_crypto_gpg_GpgXMLSecurityContext_idl_
+#define __com_sun_star_xml_crypto_gpg_GpgXMLSecurityContext_idl_
+
+#include <com/sun/star/xml/crypto/XXMLSecurityContext.idl>
+
+module com { module sun { module star { module xml { module crypto { module gpg {
+
+/**
+ * Service implementing XXMLSecurityContext
+ *
+ * @since LibreOffice 5.4
+ */
+service GpgXMLSecurityContext : XXMLSecurityContext;
+
+} ; } ; } ; } ; } ; } ;
+
+#endif
+
+/* vim:set shiftwidth=4 softtabstop=4 expandtab: */
--- a/offapi/com/sun/star/xml/crypto/gpg/GpgXMLSignature.idl
+++ b/offapi/com/sun/star/xml/crypto/gpg/GpgXMLSignature.idl
+/* -*- Mode: C++; tab-width: 4; indent-tabs-mode: nil; c-basic-offset: 4 -*- */
+/*
+ * This file is part of the LibreOffice project.
+ *
+ * This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/.
+ */
+
+#ifndef __com_sun_star_xml_crypto_gpg_GpgXmlSignature_idl_
+#define __com_sun_star_xml_crypto_gpg_GpgXmlSignature_idl_
+
+#include <com/sun/star/uno/XInterface.idl>
+#include <com/sun/star/uno/Exception.idl>
+#include <com/sun/star/xml/crypto/XXMLSignature.idl>
+#include <com/sun/star/lang/XInitialization.idl>
+
+module com { module sun { module star { module xml { module crypto { module gpg {
+
+/**
+ * Service implementing XXMLSignature
+ *
+ * @since LibreOffice 5.4
+ */
+service GpgXMLSignature {
+    interface com::sun::star::xml::crypto::XXMLSignature ;
+    interface com::sun::star::lang::XInitialization ;
+} ;
+
+} ; } ; } ; } ; } ; } ;
+
+#endif
+
+/* vim:set shiftwidth=4 softtabstop=4 expandtab: */
--- a/postprocess/Rdb_services.mk
+++ b/postprocess/Rdb_services.mk
@@ -109,6 +109,7 @@ $(eval $(call gb_Rdb_add_components,services,\
 	xmloff/source/transform/xof \
 	xmloff/util/xo \
 	xmlscript/util/xmlscript \
+	$(if $(filter-out MACOSX WNT,$(OS)),xmlsecurity/util/xsec_gpg) \
 	$(if $(ENABLE_NSS), \
 		xmlsecurity/util/xmlsecurity \
 		xmlsecurity/util/xsec_xmlsec$(if $(filter WNT,$(OS)),.windows)) \

--- a/xmlsecurity/Library_xmlsecurity.mk
+++ b/xmlsecurity/Library_xmlsecurity.mk
@@ -20,7 +20,7 @@ $(eval $(call gb_Library_add_defs,xmlsecurity,\
    -DXMLSECURITY_DLLIMPLEMENTATION \
 ))

-$(eval $(call gb_Library_use_external,xmlsecurity,boost_headers))
+$(eval $(call gb_Library_use_externals,xmlsecurity,boost_headers))

 $(eval $(call gb_Library_set_precompiled_header,xmlsecurity,$(SRCDIR)/xmlsecurity/inc/pch/precompiled_xmlsecurity))

@@ -46,6 +46,12 @@ $(eval $(call gb_Library_use_libraries,xmlsecurity,\
 	$(gb_UWINAPI) \
 ))

+ifneq ($(filter-out WNT MACOSX,$(OS)),)
+$(eval $(call gb_Library_use_libraries,xmlsecurity,\
+	xsec_gpg \
+))
+endif
+
 $(eval $(call gb_Library_add_exception_objects,xmlsecurity,\
 	xmlsecurity/source/component/certificatecontainer \
 	xmlsecurity/source/component/documentdigitalsignatures \

--- a/xmlsecurity/Library_xsec_gpg.mk
+++ b/xmlsecurity/Library_xsec_gpg.mk
+# -*- Mode: makefile-gmake; tab-width: 4; indent-tabs-mode: t -*-
+#
+# This file is part of the LibreOffice project.
+#
+# This Source Code Form is subject to the terms of the Mozilla Public
+# License, v. 2.0. If a copy of the MPL was not distributed with this
+# file, You can obtain one at http://mozilla.org/MPL/2.0/.
+#
+
+$(eval $(call gb_Library_Library,xsec_gpg))
+
+$(eval $(call gb_Library_set_componentfile,xsec_gpg,xmlsecurity/util/xsec_gpg))
+
+$(eval $(call gb_Library_set_include,xsec_gpg,\
+	$$(INCLUDE) \
+	-I$(SRCDIR)/xmlsecurity/inc \
+	-I$(SRCDIR)/xmlsecurity/source/gpg \
+))
+
+$(eval $(call gb_Library_add_defs,xsec_gpg,\
+	-DXSECFW_DLLIMPLEMENTATION \
+	-DXMLSEC_CRYPTO_GPG \
+))
+
+$(eval $(call gb_Library_use_custom_headers,xsec_gpg,\
+	officecfg/registry \
+))
+
+$(eval $(call gb_Library_use_sdk_api,xsec_gpg))
+
+$(eval $(call gb_Library_set_precompiled_header,xsec_gpg,$(SRCDIR)/xmlsecurity/inc/pch/precompiled_xsec_gpg))
+
+$(eval $(call gb_Library_use_externals,xsec_gpg,gpgmepp))
+
+$(eval $(call gb_Library_use_libraries,xsec_gpg,\
+	comphelper \
+	cppu \
+	cppuhelper \
+	sal \
+	svl \
+	tl \
+	xo \
+	$(gb_UWINAPI) \
+))
+
+$(eval $(call gb_Library_add_exception_objects,xsec_gpg,\
+	xmlsecurity/source/gpg/CertificateImpl \
+	xmlsecurity/source/gpg/CipherContext \
+	xmlsecurity/source/gpg/DigestContext \
+	xmlsecurity/source/gpg/GpgComponentFactory \
+	xmlsecurity/source/gpg/SecurityEnvironment \
+	xmlsecurity/source/gpg/SEInitializer \
+	xmlsecurity/source/gpg/XMLEncryption \
+	xmlsecurity/source/gpg/XMLSecurityContext \
+	xmlsecurity/source/gpg/XMLSignature \
+))
+
+# vim: set noet sw=4 ts=4:
--- a/xmlsecurity/Module_xmlsecurity.mk
+++ b/xmlsecurity/Module_xmlsecurity.mk
@@ -19,6 +19,12 @@ $(eval $(call gb_Module_add_targets,xmlsecurity,\
 	Library_xsec_xmlsec \
 ))

+ifneq ($(filter-out WNT MACOSX,$(OS)),)
+$(eval $(call gb_Module_add_targets,xmlsecurity,\
+	Library_xsec_gpg \
+))
+endif
+
 $(eval $(call gb_Module_add_slowcheck_targets,xmlsecurity,\
    CppunitTest_xmlsecurity_signing \
    CppunitTest_xmlsecurity_pdfsigning \

--- a/xmlsecurity/README
+++ b/xmlsecurity/README
 Stuff for document signing.

-This code provides dialogs, and infrastructure wrapping libxmlsec that
+This code provides dialogs, and infrastructure wrapping libxmlsec and gpgme that
 implements document signing.
--- a/xmlsecurity/inc/certificatechooser.hxx
+++ b/xmlsecurity/inc/certificatechooser.hxx
@@ -40,12 +40,19 @@ namespace xml { namespace crypto {

 class HeaderBar;

+struct UserData
+{
+    css::uno::Reference<css::security::XCertificate> xCertificate;
+    css::uno::Reference<css::xml::crypto::XSecurityEnvironment> xSecurityEnvironment;
+};
+
 class CertificateChooser : public ModalDialog
 {
 private:
    css::uno::Reference< css::uno::XComponentContext > mxCtx;
-    css::uno::Reference< css::xml::crypto::XSecurityEnvironment > mxSecurityEnvironment;
+    std::vector< css::uno::Reference< css::xml::crypto::XSecurityEnvironment > > mxSecurityEnvironments;
    css::uno::Sequence< css::uno::Reference< css::security::XCertificate > > maCerts;
+    std::vector<std::shared_ptr<UserData>> mvUserData;

    VclPtr<SvSimpleTable>   m_pCertLB;
    VclPtr<PushButton>      m_pViewBtn;
@@ -54,8 +61,6 @@ private:

    bool                    mbInitialized;

-    sal_uInt16              GetSelectedEntryPos() const;
-
    DECL_LINK(ViewButtonHdl, Button*, void);
    DECL_LINK(CertificateHighlightHdl, SvTreeListBox*, void );
    DECL_LINK(CertificateSelectHdl, SvTreeListBox*, bool );
@@ -66,7 +71,9 @@ private:
    void HandleOneUsageBit(OUString& string, int& bits, int bit, const char *name);

 public:
-    CertificateChooser(vcl::Window* pParent, css::uno::Reference< css::uno::XComponentContext>& rxCtx, css::uno::Reference< css::xml::crypto::XSecurityEnvironment >& rxSecurityEnvironment);
+    CertificateChooser(vcl::Window* pParent,
+                       css::uno::Reference< css::uno::XComponentContext>& rxCtx,
+                       std::vector< css::uno::Reference< css::xml::crypto::XSecurityEnvironment > >& rxSecurityEnvironments);
    virtual ~CertificateChooser() override;
    virtual void dispose() override;


--- a/xmlsecurity/inc/documentsignaturemanager.hxx
+++ b/xmlsecurity/inc/documentsignaturemanager.hxx
@@ -49,6 +49,8 @@ public:
    css::uno::Reference<css::embed::XStorage> mxTempSignatureStorage;
    css::uno::Reference<css::xml::crypto::XSEInitializer> mxSEInitializer;
    css::uno::Reference<css::xml::crypto::XXMLSecurityContext> mxSecurityContext;
+    css::uno::Reference<css::xml::crypto::XSEInitializer> mxGpgSEInitializer;
+    css::uno::Reference<css::xml::crypto::XXMLSecurityContext> mxGpgSecurityContext;

    DocumentSignatureManager(const css::uno::Reference<css::uno::XComponentContext>& xContext, DocumentSignatureMode eMode);
    ~DocumentSignatureManager();
@@ -76,6 +78,7 @@ public:
    bool init();
    /// Get the security environment.
    css::uno::Reference<css::xml::crypto::XSecurityEnvironment> getSecurityEnvironment();
+    css::uno::Reference<css::xml::crypto::XSecurityEnvironment> getGpgSecurityEnvironment();
 };

 #endif // INCLUDED_XMLSECURITY_INC_DOCUMENTSIGNATUREMANAGER_HXX

--- a/xmlsecurity/inc/pch/precompiled_xsec_gpg.cxx
+++ b/xmlsecurity/inc/pch/precompiled_xsec_gpg.cxx
+/* -*- Mode: C++; tab-width: 4; indent-tabs-mode: nil; c-basic-offset: 4 -*- */
+/*
+ * This file is part of the LibreOffice project.
+ *
+ * This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/.
+ */
+
+#include "precompiled_xsec_gpg.hxx"
+
+/* vim:set shiftwidth=4 softtabstop=4 expandtab: */
+
--- a/xmlsecurity/inc/pch/precompiled_xsec_gpg.hxx
+++ b/xmlsecurity/inc/pch/precompiled_xsec_gpg.hxx
+/* -*- Mode: C++; tab-width: 4; indent-tabs-mode: nil; c-basic-offset: 4 -*- */
+/*
+ * This file is part of the LibreOffice project.
+ *
+ * This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/.
+ */
+
+/*
+ This file has been autogenerated by update_pch.sh. It is possible to edit it
+ manually (such as when an include file has been moved/renamed/removed). All such
+ manual changes will be rewritten by the next run of update_pch.sh (which presumably
+ also fixes all possible problems, so it's usually better to use it).
+
+ Generated on 2017-03-03 09:38:52 using:
+ ./bin/update_pch xmlsecurity/ xsec_gpg --cutoff=1 --exclude:system --include:module --include:local
+
+ If after updating build fails, use the following command to locate conflicting headers:
+ ./bin/update_pch_bisect ./xmlsecurity/inc/pch/precompiled_xsec_gpg.hxx "make xmlsecurity/.build" --find-conflicts
+*/
+
+#include <context.h>
+#include <gpgme.h>
+#include <key.h>
+#include <keylistresult.h>
+#include <list>
+#include <com/sun/star/xml/crypto/gpg/GpgSecurityEnvironment.hpp>
+#include <com/sun/star/xml/crypto/gpg/GpgXMLSecurityContext.hpp>
+#include <comphelper/processfactory.hxx>
+#include <comphelper/servicehelper.hxx>
+#include <cppuhelper/factory.hxx>
+#include <cppuhelper/supportsservice.hxx>
+
+/* vim:set shiftwidth=4 softtabstop=4 expandtab: */
--- a/xmlsecurity/source/component/documentdigitalsignatures.cxx
+++ b/xmlsecurity/source/component/documentdigitalsignatures.cxx
@@ -447,14 +447,16 @@ sal_Bool DocumentDigitalSignatures::isAuthorTrusted(

 Reference< css::security::XCertificate > DocumentDigitalSignatures::chooseCertificate(OUString& rDescription)
 {
-    Reference< css::xml::crypto::XSecurityEnvironment > xSecEnv;
+    std::vector< Reference< css::xml::crypto::XSecurityEnvironment > > xSecEnvs;

    DocumentSignatureMode eMode{};
    DocumentSignatureManager aSignatureManager(mxCtx, eMode);
-    if (aSignatureManager.init())
-        xSecEnv = aSignatureManager.getSecurityEnvironment();
+    if (aSignatureManager.init()) {
+        xSecEnvs.push_back(aSignatureManager.getSecurityEnvironment());
+        xSecEnvs.push_back(aSignatureManager.getGpgSecurityEnvironment());
+    }

-    ScopedVclPtrInstance< CertificateChooser > aChooser(nullptr, mxCtx, xSecEnv);
+    ScopedVclPtrInstance< CertificateChooser > aChooser(nullptr, mxCtx, xSecEnvs);

    if (aChooser->Execute() != RET_OK)
        return Reference< css::security::XCertificate >(nullptr);

--- a/xmlsecurity/source/dialogs/certificatechooser.cxx
+++ b/xmlsecurity/source/dialogs/certificatechooser.cxx
@@ -32,23 +32,13 @@
 #include <vcl/msgbox.hxx>
 #include <svtools/treelistentry.hxx>

-using namespace ::com::sun::star;
+using namespace css;

-#define INVAL_SEL       0xFFFF
-
-sal_uInt16 CertificateChooser::GetSelectedEntryPos() const
-{
-    sal_uInt16  nSel = INVAL_SEL;
-
-    SvTreeListEntry* pSel = m_pCertLB->FirstSelected();
-    if( pSel )
-        nSel = (sal_uInt16) reinterpret_cast<sal_uIntPtr>( pSel->GetUserData() );
-
-    return (sal_uInt16) nSel;
-}
-
-CertificateChooser::CertificateChooser(vcl::Window* _pParent, uno::Reference<uno::XComponentContext>& _rxCtx, uno::Reference<xml::crypto::XSecurityEnvironment>& _rxSecurityEnvironment)
-    : ModalDialog(_pParent, "SelectCertificateDialog", "xmlsec/ui/selectcertificatedialog.ui")
+CertificateChooser::CertificateChooser(vcl::Window* _pParent,
+                                       uno::Reference<uno::XComponentContext>& _rxCtx,
+                                       std::vector< css::uno::Reference< css::xml::crypto::XSecurityEnvironment > >& rxSecurityEnvironments)
+    : ModalDialog(_pParent, "SelectCertificateDialog", "xmlsec/ui/selectcertificatedialog.ui"),
+    mvUserData()
 {
    get(m_pOKBtn, "ok");
    get(m_pViewBtn, "viewcert");
@@ -71,7 +61,7 @@ CertificateChooser::CertificateChooser(vcl::Window* _pParent, uno::Reference<uno
    m_pViewBtn->SetClickHdl( LINK( this, CertificateChooser, ViewButtonHdl ) );

    mxCtx = _rxCtx;
-    mxSecurityEnvironment = _rxSecurityEnvironment;
+    mxSecurityEnvironments = rxSecurityEnvironments;
    mbInitialized = false;

    // disable buttons
@@ -89,6 +79,7 @@ void CertificateChooser::dispose()
    m_pViewBtn.clear();
    m_pOKBtn.clear();
    m_pDescriptionED.clear();
+    mvUserData.clear();
    ModalDialog::dispose();
 }

@@ -159,36 +150,44 @@ void CertificateChooser::ImplInitialize()
    if ( mbInitialized )
        return;

-    try
+    for (auto &secEnvironment : mxSecurityEnvironments)
    {
-        maCerts = mxSecurityEnvironment->getPersonalCertificates();
-    }
-    catch (security::NoPasswordException&)
-    {
-    }
-
-    sal_Int32 nCertificates = maCerts.getLength();
-    for( sal_Int32 nCert = nCertificates; nCert; )
-    {
-        uno::Reference< security::XCertificate > xCert = maCerts[ --nCert ];
-        // Check if we have a private key for this...
-        long nCertificateCharacters = mxSecurityEnvironment->getCertificateCharacters(xCert);
+        uno::Sequence< uno::Reference< security::XCertificate > > xCerts;
+        try
+        {
+            xCerts = secEnvironment->getPersonalCertificates();
+        }
+        catch (security::NoPasswordException&)
+        {
+        }

-        if (!(nCertificateCharacters & security::CertificateCharacters::HAS_PRIVATE_KEY))
+        sal_Int32 nCertificates = xCerts.getLength();
+        for( sal_Int32 nCert = nCertificates; nCert; )
        {
-            ::comphelper::removeElementAt( maCerts, nCert );
-            nCertificates = maCerts.getLength();
+            uno::Reference< security::XCertificate > xCert = xCerts[ --nCert ];
+            // Check if we have a private key for this...
+            long nCertificateCharacters = secEnvironment->getCertificateCharacters(xCert);
+
+            if (!(nCertificateCharacters & security::CertificateCharacters::HAS_PRIVATE_KEY))
+            {
+                ::comphelper::removeElementAt( xCerts, nCert );
+                nCertificates = xCerts.getLength();
+            }
        }
-    }

-    // fill list of certificates; the first entry will be selected
-    for ( sal_Int32 nC = 0; nC < nCertificates; ++nC )
-    {
-        SvTreeListEntry* pEntry = m_pCertLB->InsertEntry( XmlSec::GetContentPart( maCerts[ nC ]->getSubjectName() )
-            + "\t" + XmlSec::GetContentPart( maCerts[ nC ]->getIssuerName() )
-            + "\t" + UsageInClearText( maCerts[ nC ]->getCertificateUsage() )
-            + "\t" + XmlSec::GetDateString( maCerts[ nC ]->getNotValidAfter() ) );
-        pEntry->SetUserData( reinterpret_cast<void*>(nC) ); // missuse user data as index
+        // fill list of certificates; the first entry will be selected
+        for ( sal_Int32 nC = 0; nC < nCertificates; ++nC )
+        {
+            std::shared_ptr<UserData> userData = std::make_shared<UserData>();
+            userData->xCertificate = xCerts[ nC ];
+            userData->xSecurityEnvironment = secEnvironment;
+            mvUserData.push_back(userData);
+            SvTreeListEntry* pEntry = m_pCertLB->InsertEntry( XmlSec::GetContentPart( xCerts[ nC ]->getSubjectName() )
+                + "\t" + XmlSec::GetContentPart( xCerts[ nC ]->getIssuerName() )
+                + "\t" + UsageInClearText( xCerts[ nC ]->getCertificateUsage() )
+                + "\t" + XmlSec::GetDateString( xCerts[ nC ]->getNotValidAfter() ) );
+            pEntry->SetUserData( userData.get() );
+        }
    }

    // enable/disable buttons
@@ -199,10 +198,12 @@ void CertificateChooser::ImplInitialize()

 uno::Reference< css::security::XCertificate > CertificateChooser::GetSelectedCertificate()
 {
-    uno::Reference< css::security::XCertificate > xCert;
-    sal_uInt16  nSelected = GetSelectedEntryPos();
-    if ( nSelected < maCerts.getLength() )
-        xCert = maCerts[ nSelected ];
+    SvTreeListEntry* pSel = m_pCertLB->FirstSelected();
+    if( !pSel )
+        return uno::Reference< css::security::XCertificate >();
+
+    UserData* userData = static_cast<UserData*>(pSel->GetUserData());
+    uno::Reference<security::XCertificate> xCert = userData->xCertificate;
    return xCert;
 }

@@ -232,12 +233,17 @@ IMPL_LINK_NOARG(CertificateChooser, ViewButtonHdl, Button*, void)

 void CertificateChooser::ImplShowCertificateDetails()
 {
-    uno::Reference< css::security::XCertificate > xCert = GetSelectedCertificate();
-    if( xCert.is() )
-    {
-        ScopedVclPtrInstance< CertificateViewer > aViewer( this, mxSecurityEnvironment, xCert, true );
-        aViewer->Execute();
-    }
+    SvTreeListEntry* pSel = m_pCertLB->FirstSelected();
+    if( !pSel )
+        return;
+
+    UserData* userData = static_cast<UserData*>(pSel->GetUserData());
+
+    if (!userData->xSecurityEnvironment.is() || !userData->xCertificate.is())
+        return;
+
+    ScopedVclPtrInstance< CertificateViewer > aViewer( this, userData->xSecurityEnvironment, userData->xCertificate, true );
+    aViewer->Execute();
 }

 /* vim:set shiftwidth=4 softtabstop=4 expandtab: */
--- a/xmlsecurity/source/dialogs/digitalsignaturesdialog.cxx
+++ b/xmlsecurity/source/dialogs/digitalsignaturesdialog.cxx
@@ -383,9 +383,11 @@ IMPL_LINK_NOARG(DigitalSignaturesDialog, AddButtonHdl, Button*, void)
        return;
    try
    {
-        uno::Reference<xml::crypto::XSecurityEnvironment> xSecEnv = maSignatureManager.getSecurityEnvironment();
+        std::vector<uno::Reference<xml::crypto::XSecurityEnvironment>> xSecEnvs;
+        xSecEnvs.push_back(maSignatureManager.getSecurityEnvironment());
+        xSecEnvs.push_back(maSignatureManager.getGpgSecurityEnvironment());

-        ScopedVclPtrInstance< CertificateChooser > aChooser( this, mxCtx, xSecEnv );
+        ScopedVclPtrInstance< CertificateChooser > aChooser( this, mxCtx, xSecEnvs );
        if ( aChooser->Execute() == RET_OK )
        {
            sal_Int32 nSecurityId;

--- a/xmlsecurity/source/dialogs/resourcemanager.cxx
+++ b/xmlsecurity/source/dialogs/resourcemanager.cxx
@@ -289,8 +289,22 @@ vector< pair< OUString, OUString> > parseDN(const OUString& rRawString)
    OUString GetContentPart( const OUString& _rRawString )
    {
        char const * aIDs[] = { "CN", "OU", "O", "E", nullptr };
-        OUString retVal;
+        bool shouldBeParsed = false;
        int i = 0;
+        while ( aIDs[i] )
+        {
+            if (_rRawString.startsWith(OUString::createFromAscii(aIDs[i++])))
+            {
+                shouldBeParsed = true;
+                break;
+            }
+        }
+
+        if (!shouldBeParsed)
+            return _rRawString;
+
+        OUString retVal;
+        i = 0;
        vector< pair< OUString, OUString > > vecAttrValueOfDN = parseDN(_rRawString);
        while ( aIDs[i] )
        {

--- a/xmlsecurity/source/gpg/CertificateImpl.cxx
+++ b/xmlsecurity/source/gpg/CertificateImpl.cxx
+/* -*- Mode: C++; tab-width: 4; indent-tabs-mode: nil; c-basic-offset: 4 -*- */
+/*
+ * This file is part of the LibreOffice project.
+ *
+ * This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/.
+ */
+
+#include "CertificateImpl.hxx"
+
+#include <comphelper/servicehelper.hxx>
+
+using namespace css;
+using namespace css::uno;
+using namespace css::security;
+using namespace css::util;
+
+CertificateImpl::CertificateImpl() :
+    m_pKey(nullptr)
+{
+}
+
+CertificateImpl::~CertificateImpl()
+{
+}
+
+//Methods from XCertificateImpl
+sal_Int16 SAL_CALL CertificateImpl::getVersion()
+    throw ( RuntimeException, std::exception)
+{
+    return 0;
+}
+
+Sequence< sal_Int8 > SAL_CALL CertificateImpl::getSerialNumber()
+    throw ( RuntimeException, std::exception)
+{
+    return Sequence< sal_Int8 > ();
+}
+
+OUString SAL_CALL CertificateImpl::getIssuerName()