xmlsecuity: show PDF signature in the doc signatures dialog

It doesn't actually show any details yet, but it shows a selectable empty line, to be filled in with details. Change-Id: Ib35f13e5c779fe1a28933c1a0761682e9f5de62d Reviewed-on: https://gerrit.libreoffice.org/29775Tested-by: Jenkins <ci@libreoffice.org> Reviewed-by: Miklos Vajna <vmiklos@collabora.co.uk>

xmlsecuity: show PDF signature in the doc signatures dialog
It doesn't actually show any details yet, but it shows a selectable empty line, to be filled in with details. Change-Id: Ib35f13e5c779fe1a28933c1a0761682e9f5de62d Reviewed-on: https://gerrit.libreoffice.org/29775Tested-by: Jenkins <ci@libreoffice.org> Reviewed-by: Miklos Vajna <vmiklos@collabora.co.uk>
3b6f7f38 · Miklos Vajna · 52c79bbd · 3b6f7f38 · 3b6f7f38 · 3b6f7f38
Kaydet (Commit) 3b6f7f38 authored Eki 13, 2016 tarafından Miklos Vajna
5 changed files
--- a/xmlsecurity/inc/documentsignaturemanager.hxx
+++ b/xmlsecurity/inc/documentsignaturemanager.hxx
@@ -21,8 +21,12 @@
 #define INCLUDED_XMLSECURITY_INC_DOCUMENTSIGNATUREMANAGER_HXX

 #include "xmlsecuritydllapi.h"
+
+#include <memory>
+
 #include <sigstruct.hxx>
 #include <xmlsignaturehelper.hxx>
+#include <pdfsignaturehelper.hxx>
 #include <com/sun/star/uno/XComponentContext.hpp>
 #include <com/sun/star/embed/XStorage.hpp>
 #include <documentsignaturehelper.hxx>
@@ -35,6 +39,7 @@ public:
    css::uno::Reference<css::uno::XComponentContext> mxContext;
    css::uno::Reference<css::embed::XStorage> mxStore;
    XMLSignatureHelper maSignatureHelper;
+    std::unique_ptr<PDFSignatureHelper> mpPDFSignatureHelper;
    SignatureInformations maCurrentSignatureInformations;
    DocumentSignatureMode meSignatureMode;
    css::uno::Sequence< css::uno::Sequence<css::beans::PropertyValue> > m_manifest;
@@ -59,6 +64,8 @@ public:
    void read(bool bUseTempStream, bool bCacheLastSignature = true);
    /// Write signatures back to the persistent storage.
    void write();
+    /// Lazy creation of PDF helper.
+    PDFSignatureHelper& getPDFSignatureHelper();
 };

 #endif // INCLUDED_XMLSECURITY_INC_DOCUMENTSIGNATUREMANAGER_HXX

--- a/xmlsecurity/inc/pdfsignaturehelper.hxx
+++ b/xmlsecurity/inc/pdfsignaturehelper.hxx
@@ -13,26 +13,27 @@

 #include <xmlsecuritydllapi.h>

-#include <vector>
-
 #include <com/sun/star/io/XInputStream.hpp>
 #include <com/sun/star/security/DocumentSignatureInformation.hpp>
 #include <com/sun/star/uno/XComponentContext.hpp>
 #include <com/sun/star/xml/crypto/XSEInitializer.hpp>
 #include <com/sun/star/xml/crypto/XXMLSecurityContext.hpp>

+#include <sigstruct.hxx>
+
 /// Handles signatures of a PDF file.
 class XMLSECURITY_DLLPUBLIC PDFSignatureHelper
 {
    css::uno::Reference<css::uno::XComponentContext> m_xComponentContext;
    css::uno::Reference<css::xml::crypto::XSEInitializer> m_xSEInitializer;
    css::uno::Reference<css::xml::crypto::XXMLSecurityContext> m_xSecurityContext;
-    std::vector<css::security::DocumentSignatureInformation> m_aSignatureInfos;
+    SignatureInformations m_aSignatureInfos;

 public:
    PDFSignatureHelper(const css::uno::Reference<css::uno::XComponentContext>& xComponentContext);
    bool ReadAndVerifySignature(const css::uno::Reference<css::io::XInputStream>& xInputStream);
-    css::uno::Sequence<css::security::DocumentSignatureInformation> GetDocumentSignatureInformations();
+    css::uno::Sequence<css::security::DocumentSignatureInformation> GetDocumentSignatureInformations() const;
+    SignatureInformations GetSignatureInformations() const;
 };

 #endif // INCLUDED_XMLSECURITY_INC_PDFSIGNATUREHELPER_HXX

--- a/xmlsecurity/source/dialogs/digitalsignaturesdialog.cxx
+++ b/xmlsecurity/source/dialogs/digitalsignaturesdialog.cxx
@@ -432,9 +432,9 @@ void DigitalSignaturesDialog::ImplFillSignaturesBox()
        {
            DocumentSignatureAlgorithm mode = DocumentSignatureHelper::getDocumentAlgorithm(
                m_sODFVersion, maSignatureManager.maCurrentSignatureInformations[n]);
-            std::vector< OUString > aElementsToBeVerified =
-                DocumentSignatureHelper::CreateElementList(
-                maSignatureManager.mxStore, maSignatureManager.meSignatureMode, mode);
+            std::vector< OUString > aElementsToBeVerified;
+            if (maSignatureManager.mxStore.is())
+                aElementsToBeVerified = DocumentSignatureHelper::CreateElementList(maSignatureManager.mxStore, maSignatureManager.meSignatureMode, mode);

            const SignatureInformation& rInfo = maSignatureManager.maCurrentSignatureInformations[n];
            //First we try to get the certificate which is embedded in the XML Signature

--- a/xmlsecurity/source/helper/documentsignaturemanager.cxx
+++ b/xmlsecurity/source/helper/documentsignaturemanager.cxx
@@ -47,6 +47,17 @@ DocumentSignatureManager::~DocumentSignatureManager()
 {
 }

+PDFSignatureHelper& DocumentSignatureManager::getPDFSignatureHelper()
+{
+    // It is important to create this only when dealing with PDF, in case both
+    // this and XMLSignatureHelper is created, xmlsec gets confused, and
+    // doesn't get correct result.
+    if (!mpPDFSignatureHelper)
+        mpPDFSignatureHelper.reset(new PDFSignatureHelper(mxContext));
+
+    return *mpPDFSignatureHelper;
+}
+
 /* Using the zip storage, we cannot get the properties "MediaType" and "IsEncrypted"
    We use the manifest to find out if a file is xml and if it is encrypted.
    The parameter is an encoded uri. However, the manifest contains paths. Therefore
@@ -331,19 +342,30 @@ void DocumentSignatureManager::read(bool bUseTempStream, bool bCacheLastSignatur
 {
    maCurrentSignatureInformations.clear();

-    maSignatureHelper.StartMission();
+    if (mxStore.is())
+    {
+        // ZIP-based: ODF or OOXML.
+        maSignatureHelper.StartMission();

-    SignatureStreamHelper aStreamHelper = ImplOpenSignatureStream(embed::ElementModes::READ, bUseTempStream);
-    if (aStreamHelper.nStorageFormat != embed::StorageFormats::OFOPXML && aStreamHelper.xSignatureStream.is())
+        SignatureStreamHelper aStreamHelper = ImplOpenSignatureStream(embed::ElementModes::READ, bUseTempStream);
+        if (aStreamHelper.nStorageFormat != embed::StorageFormats::OFOPXML && aStreamHelper.xSignatureStream.is())
+        {
+            uno::Reference< io::XInputStream > xInputStream(aStreamHelper.xSignatureStream, uno::UNO_QUERY);
+            maSignatureHelper.ReadAndVerifySignature(xInputStream);
+        }
+        else if (aStreamHelper.nStorageFormat == embed::StorageFormats::OFOPXML && aStreamHelper.xSignatureStorage.is())
+            maSignatureHelper.ReadAndVerifySignatureStorage(aStreamHelper.xSignatureStorage, bCacheLastSignature);
+        maSignatureHelper.EndMission();
+
+        maCurrentSignatureInformations = maSignatureHelper.GetSignatureInformations();
+    }
+    else
    {
-        uno::Reference< io::XInputStream > xInputStream(aStreamHelper.xSignatureStream, uno::UNO_QUERY);
-        maSignatureHelper.ReadAndVerifySignature(xInputStream);
+        // Something not ZIP based, try PDF.
+        uno::Reference<io::XInputStream> xInputStream(mxSignatureStream, uno::UNO_QUERY);
+        if (getPDFSignatureHelper().ReadAndVerifySignature(xInputStream))
+            maCurrentSignatureInformations = getPDFSignatureHelper().GetSignatureInformations();
    }
-    else if (aStreamHelper.nStorageFormat == embed::StorageFormats::OFOPXML && aStreamHelper.xSignatureStorage.is())
-        maSignatureHelper.ReadAndVerifySignatureStorage(aStreamHelper.xSignatureStorage, bCacheLastSignature);
-    maSignatureHelper.EndMission();
-
-    maCurrentSignatureInformations = maSignatureHelper.GetSignatureInformations();
 }

 void DocumentSignatureManager::write()

--- a/xmlsecurity/source/helper/pdfsignaturehelper.cxx
+++ b/xmlsecurity/source/helper/pdfsignaturehelper.cxx
@@ -52,7 +52,7 @@ bool PDFSignatureHelper::ReadAndVerifySignature(const uno::Reference<io::XInputS

    for (size_t i = 0; i < aSignatures.size(); ++i)
    {
-        security::DocumentSignatureInformation aInfo;
+        SignatureInformation aInfo(i);

        bool bDigestMatch;
        if (!xmlsecurity::pdfio::PDFDocument::ValidateSignature(*pStream, aSignatures[i], bDigestMatch))
@@ -61,16 +61,33 @@ bool PDFSignatureHelper::ReadAndVerifySignature(const uno::Reference<io::XInputS
            continue;
        }

-        aInfo.SignatureIsValid = bDigestMatch;
+        if (bDigestMatch)
+            aInfo.nStatus = xml::crypto::SecurityOperationStatus_OPERATION_SUCCEEDED;
+        else
+            aInfo.nStatus = xml::crypto::SecurityOperationStatus_UNKNOWN;
        m_aSignatureInfos.push_back(aInfo);
    }

    return true;
 }

-uno::Sequence<security::DocumentSignatureInformation> PDFSignatureHelper::GetDocumentSignatureInformations()
+SignatureInformations PDFSignatureHelper::GetSignatureInformations() const
 {
-    return comphelper::containerToSequence(m_aSignatureInfos);
+    return m_aSignatureInfos;
+}
+
+uno::Sequence<security::DocumentSignatureInformation> PDFSignatureHelper::GetDocumentSignatureInformations() const
+{
+    uno::Sequence<security::DocumentSignatureInformation> aRet(m_aSignatureInfos.size());
+
+    for (size_t i = 0; i < m_aSignatureInfos.size(); ++i)
+    {
+        const SignatureInformation& rInternal = m_aSignatureInfos[i];
+        security::DocumentSignatureInformation& rExternal = aRet[i];
+        rExternal.SignatureIsValid = rInternal.nStatus == xml::crypto::SecurityOperationStatus_OPERATION_SUCCEEDED;
+    }
+
+    return aRet;
 }

 /* vim:set shiftwidth=4 softtabstop=4 expandtab: */