Kaydet (Commit) 9b4c6892 authored tarafından Samuel Mehrbrodt's avatar Samuel Mehrbrodt

tdf#118569 Signature Line: When signing ooxml, only show X.509 certificates

Also fixes a bug where signing was aborted after saving as docx.

Change-Id: Ic42b7de2400be0bc55da03b017a545ceaedef9f9
Reviewed-on: https://gerrit.libreoffice.org/60480
Tested-by: Jenkins
Reviewed-by: 's avatarSamuel Mehrbrodt <Samuel.Mehrbrodt@cib.de>
üst 2419fa71
......@@ -20,6 +20,8 @@
#include <unotools/streamwrap.hxx>
#include <utility>
#include <vcl/weld.hxx>
#include <sfx2/docfile.hxx>
#include <sfx2/docfilt.hxx>
#include <sfx2/objsh.hxx>
#include <com/sun/star/beans/XPropertySet.hpp>
......@@ -29,6 +31,7 @@
#include <com/sun/star/graphic/XGraphicProvider.hpp>
#include <com/sun/star/io/XInputStream.hpp>
#include <com/sun/star/lang/XMultiServiceFactory.hpp>
#include <com/sun/star/security/CertificateKind.hpp>
#include <com/sun/star/security/DocumentDigitalSignatures.hpp>
#include <com/sun/star/security/XCertificate.hpp>
#include <com/sun/star/security/XDocumentDigitalSignatures.hpp>
......@@ -116,10 +119,20 @@ SignSignatureLineDialog::SignSignatureLineDialog(weld::Widget* pParent, Referenc
IMPL_LINK_NOARG(SignSignatureLineDialog, chooseCertificate, weld::Button&, void)
{
// Document needs to be saved before selecting a certificate
SfxObjectShell* pShell = SfxObjectShell::Current();
if (!pShell->PrepareForSigning(m_xDialog.get()))
return;
Reference<XDocumentDigitalSignatures> xSigner(DocumentDigitalSignatures::createWithVersion(
comphelper::getProcessComponentContext(), "1.2"));
OUString aDescription;
Reference<XCertificate> xSignCertificate = xSigner->selectSigningCertificate(aDescription);
CertificateKind certificateKind = CertificateKind_NONE;
// When signing ooxml, we only want X.509 certificates
if (pShell->GetMedium()->GetFilter()->IsAlienFormat())
certificateKind = CertificateKind_X509;
Reference<XCertificate> xSignCertificate
= xSigner->selectSigningCertificateWithType(certificateKind, aDescription);
if (xSignCertificate.is())
{
......
......@@ -25,7 +25,13 @@ enum CertificateKind
/** OpenPGP format of a certificate
*/
OPENPGP
OPENPGP,
/** No format specified
*
* @since LibreOffice 6.2
*/
NONE
};
} ; } ; } ; } ;
......
......@@ -168,6 +168,15 @@ interface XDocumentDigitalSignatures : com::sun::star::uno::XInterface
*/
com::sun::star::security::XCertificate selectSigningCertificate( [out] string Description );
/** This shows the certificate selection dialog and allows to only select the certificate
without actually signing the document. Only certificates of the given type will be shown.
@since LibreOffice 6.2
*/
com::sun::star::security::XCertificate selectSigningCertificateWithType(
[in] CertificateKind certificateKind,
[out] string Description);
/** This method shows the CertificateChooser dialog with all certificates, private and
other people's. Useful when choosing certificate/key for encryption
......
......@@ -1410,23 +1410,6 @@ SignatureState SfxObjectShell::ImplGetSignatureState( bool bScriptingContent )
bool SfxObjectShell::PrepareForSigning(weld::Window* pDialogParent)
{
// Check if it is stored in OASIS format...
if ( GetMedium()
&& GetMedium()->GetFilter()
&& !GetMedium()->GetName().isEmpty()
&& ( (!GetMedium()->GetFilter()->IsOwnFormat() && !GetMedium()->GetFilter()->GetSupportsSigning())
|| (GetMedium()->GetFilter()->IsOwnFormat() && !GetMedium()->HasStorage_Impl())
)
)
{
// Only OASIS and OOo6.x formats will be handled further
std::unique_ptr<weld::MessageDialog> xBox(Application::CreateMessageDialog(pDialogParent,
VclMessageType::Info, VclButtonsType::Ok, SfxResId(STR_INFO_WRONGDOCFORMAT)));
xBox->run();
return false;
}
// check whether the document is signed
ImplGetSignatureState(); // document signature
if (GetMedium() && GetMedium()->GetFilter() && GetMedium()->GetFilter()->IsOwnFormat())
......@@ -1470,14 +1453,17 @@ bool SfxObjectShell::PrepareForSigning(weld::Window* pDialogParent)
SetModified();
ExecFile_Impl( aSaveRequest );
// Check if it is stored in OASIS format...
if ( GetMedium() && GetMedium()->GetFilter()
&& ( !GetMedium()->GetFilter()->IsOwnFormat() || !GetMedium()->HasStorage_Impl()
|| SotStorage::GetVersion( GetMedium()->GetStorage() ) <= SOFFICE_FILEFORMAT_60 ) )
// Check if it is stored a format which supports signing
if (GetMedium() && GetMedium()->GetFilter() && !GetMedium()->GetName().isEmpty()
&& ((!GetMedium()->GetFilter()->IsOwnFormat()
&& !GetMedium()->GetFilter()->GetSupportsSigning())
|| (GetMedium()->GetFilter()->IsOwnFormat()
&& !GetMedium()->HasStorage_Impl())))
{
// Only OASIS format will be handled further
std::unique_ptr<weld::MessageDialog> xBox(Application::CreateMessageDialog(pDialogParent,
VclMessageType::Info, VclButtonsType::Ok, SfxResId(STR_INFO_WRONGDOCFORMAT)));
std::unique_ptr<weld::MessageDialog> xBox(Application::CreateMessageDialog(
pDialogParent, VclMessageType::Info, VclButtonsType::Ok,
SfxResId(STR_INFO_WRONGDOCFORMAT)));
xBox->run();
return false;
}
......
......@@ -41,6 +41,7 @@
#include <vcl/weld.hxx>
#include <unotools/securityoptions.hxx>
#include <com/sun/star/security/CertificateValidity.hpp>
#include <com/sun/star/security/CertificateKind.hpp>
#include <comphelper/base64.hxx>
#include <comphelper/documentconstants.hxx>
#include <comphelper/propertyvalue.hxx>
......@@ -54,6 +55,7 @@
using namespace css;
using namespace css::uno;
using namespace css::lang;
using namespace css::security;
using namespace css::xml::crypto;
class DocumentDigitalSignatures
......@@ -86,7 +88,8 @@ private:
DocumentSignatureMode eMode);
css::uno::Sequence<css::uno::Reference<css::security::XCertificate>>
chooseCertificatesImpl(std::map<OUString, OUString>& rProperties, const UserAction eAction);
chooseCertificatesImpl(std::map<OUString, OUString>& rProperties, const UserAction eAction,
const CertificateKind certificateKind=CertificateKind_NONE);
public:
explicit DocumentDigitalSignatures(
......@@ -158,6 +161,9 @@ public:
SAL_CALL chooseSigningCertificate(OUString& rDescription) override;
css::uno::Reference<css::security::XCertificate>
SAL_CALL selectSigningCertificate(OUString& rDescription) override;
css::uno::Reference<css::security::XCertificate>
SAL_CALL selectSigningCertificateWithType(const CertificateKind certificateKind,
OUString& rDescription) override;
css::uno::Sequence<css::uno::Reference<css::security::XCertificate>>
SAL_CALL chooseEncryptionCertificate() override;
css::uno::Reference<css::security::XCertificate> SAL_CALL chooseCertificateWithProps(
......@@ -614,14 +620,19 @@ sal_Bool DocumentDigitalSignatures::isAuthorTrusted(
return bFound;
}
uno::Sequence< Reference< css::security::XCertificate > > DocumentDigitalSignatures::chooseCertificatesImpl(std::map<OUString, OUString>& rProperties, const UserAction eAction)
uno::Sequence<Reference<css::security::XCertificate>>
DocumentDigitalSignatures::chooseCertificatesImpl(std::map<OUString, OUString>& rProperties,
const UserAction eAction,
const CertificateKind certificateKind)
{
std::vector< Reference< css::xml::crypto::XXMLSecurityContext > > xSecContexts;
DocumentSignatureManager aSignatureManager(mxCtx, {});
if (aSignatureManager.init()) {
xSecContexts.push_back(aSignatureManager.getSecurityContext());
xSecContexts.push_back(aSignatureManager.getGpgSecurityContext());
// Don't include OpenPGP if only X.509 certs are requested
if (certificateKind == CertificateKind_NONE || certificateKind == CertificateKind_OPENPGP)
xSecContexts.push_back(aSignatureManager.getGpgSecurityContext());
}
ScopedVclPtrInstance< CertificateChooser > aChooser(nullptr, mxCtx, xSecContexts, eAction);
......@@ -660,6 +671,17 @@ Reference< css::security::XCertificate > DocumentDigitalSignatures::selectSignin
return xCert;
}
Reference<css::security::XCertificate>
DocumentDigitalSignatures::selectSigningCertificateWithType(const CertificateKind certificateKind,
OUString& rDescription)
{
std::map<OUString, OUString> aProperties;
Reference<css::security::XCertificate> xCert
= chooseCertificatesImpl(aProperties, UserAction::SelectSign, certificateKind)[0];
rDescription = aProperties["Description"];
return xCert;
}
css::uno::Sequence< Reference< css::security::XCertificate > > DocumentDigitalSignatures::chooseEncryptionCertificate()
{
std::map<OUString, OUString> aProperties;
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment