TSCP: include certificate usage in paragraph signatures

Change-Id: I6f4b891a016c67051efd9033329065d7e3c8a06b
Reviewed-on: https://gerrit.libreoffice.org/43022Tested-by: Jenkins <ci@libreoffice.org>
Reviewed-by: Ashod Nakashian <ashnakash@gmail.com>

comphelper/source/misc/storagehelper.cxx

@@ -433,7 +433,7 @@ uno::Sequence< beans::NamedValue > OStorageHelper::CreateGpgPackageEncryptionDat
         security::DocumentDigitalSignatures::createWithVersion(
             comphelper::getProcessComponentContext(), "1.2" ) );
 
-    // The use may provide a description while choosing a certificate.
+    // The user may provide a description while choosing a certificate.
     OUString aDescription;
     uno::Reference< security::XCertificate > xSignCertificate=
         xSigner->chooseEncryptionCertificate(aDescription);

offapi/com/sun/star/security/XDocumentDigitalSignatures.idl

@@ -150,6 +150,13 @@ interface XDocumentDigitalSignatures : com::sun::star::uno::XInterface
      */
     com::sun::star::security::XCertificate chooseEncryptionCertificate( [out] string Description );
 
+    /**  This method shows the CertificateChooser dialog, used by document and PDF signing
+         Shows only private certificates and returns usage string in addition to description.
+
+         @since LibreOffice 6.0
+     */
+    com::sun::star::security::XCertificate chooseCertificateWithProps( [out] sequence<::com::sun::star::beans::PropertyValue> Properties);
+
 } ;
 
 } ; } ; } ; } ;

sw/inc/UndoParagraphSignature.hxx

@@ -37,6 +37,7 @@ private:
     uno::Reference<text::XTextField> m_xField;
     uno::Reference<text::XTextContent> m_xParent;
     OUString m_signature;
+    OUString m_usage;
     OUString m_display;
     const bool m_bRemove;
 

sw/source/core/edit/edfcol.cxx

@@ -91,6 +91,7 @@ namespace
 static const OUString MetaFilename("bails.rdf");
 static const OUString MetaNS("urn:bails");
 static const OUString ParagraphSignatureRDFName = "loext:paragraph:signature";
+static const OUString ParagraphSignatureUsageRDFName = "loext:paragraph:signature:usage";
 static const OUString ParagraphClassificationRDFName = "loext:paragraph:classification";
 static const OUString MetadataFieldServiceName = "com.sun.star.text.textfield.MetadataField";
 static const OUString DocInfoServiceName = "com.sun.star.text.TextField.DocInfo.Custom";
@@ -271,7 +272,9 @@ lcl_MakeParagraphSignatureFieldText(const uno::Reference<frame::XModel>& xModel,
             valid = svl::crypto::Signing::Verify(data, false, sig, aInfo);
             valid = valid && aInfo.nStatus == css::xml::crypto::SecurityOperationStatus_OPERATION_SUCCEEDED;
 
-            msg = SwResId(STR_SIGNED_BY) + ": " + aInfo.ouSubject + ", " + aInfo.ouDateTime + ": ";
+            const auto it2 = aStatements.find(ParagraphSignatureUsageRDFName);
+            msg = (it2 != aStatements.end() ? (it2->second + ", ") : OUString());
+            msg += SwResId(STR_SIGNED_BY) + ": " + aInfo.ouSubject + ", " + aInfo.ouDateTime + ": ";
             if (valid)
                 msg += SwResId(STR_VALID);
             else
@@ -285,7 +288,8 @@ lcl_MakeParagraphSignatureFieldText(const uno::Reference<frame::XModel>& xModel,
 /// Creates and inserts Paragraph Signature Metadata field and creates the RDF entry
 uno::Reference<text::XTextField> lcl_InsertParagraphSignature(const uno::Reference<frame::XModel>& xModel,
                                                               const uno::Reference<text::XTextContent>& xParent,
-                                                              const OUString& signature)
+                                                              const OUString& signature,
+                                                              const OUString& usage)
 {
     uno::Reference<lang::XMultiServiceFactory> xMultiServiceFactory(xModel, uno::UNO_QUERY);
     auto xField = uno::Reference<text::XTextField>(xMultiServiceFactory->createInstance(MetadataFieldServiceName), uno::UNO_QUERY);
@@ -295,6 +299,7 @@ uno::Reference<text::XTextField> lcl_InsertParagraphSignature(const uno::Referen
 
     const css::uno::Reference<css::rdf::XResource> xSubject(xField, uno::UNO_QUERY);
     SwRDFHelper::addStatement(xModel, MetaNS, MetaFilename, xSubject, ParagraphSignatureRDFName, signature);
+    SwRDFHelper::addStatement(xModel, MetaNS, MetaFilename, xSubject, ParagraphSignatureUsageRDFName, usage);
 
     return xField;
 }
@@ -1222,6 +1227,10 @@ SwUndoParagraphSigning::SwUndoParagraphSigning(const SwPosition& rPos,
     if (it != aStatements.end())
         m_signature = it->second;
 
+    const auto it2 = aStatements.find(ParagraphSignatureUsageRDFName);
+    if (it2 != aStatements.end())
+        m_usage = it->second;
+
     uno::Reference<css::text::XTextRange> xText(m_xField, uno::UNO_QUERY);
     m_display = xText->getString();
 }
@@ -1261,7 +1270,7 @@ void SwUndoParagraphSigning::Insert()
             m_pDoc->GetIDocumentUndoRedo().DoUndo(isUndoEnabled);
         });
 
-    m_xField = lcl_InsertParagraphSignature(m_pDoc->GetDocShell()->GetBaseModel(), m_xParent, m_signature);
+    m_xField = lcl_InsertParagraphSignature(m_pDoc->GetDocShell()->GetBaseModel(), m_xParent, m_signature, m_usage);
 
     uno::Reference<css::text::XTextRange> xText(m_xField, uno::UNO_QUERY);
     xText->setString(m_display);
@@ -1308,8 +1317,8 @@ void SwEditShell::SignParagraph()
         security::DocumentDigitalSignatures::createWithVersion(
             comphelper::getProcessComponentContext(), "1.2" ) );
 
-    OUString aDescription;
-    uno::Reference<security::XCertificate> xCertificate = xSigner->chooseCertificate(aDescription);
+    uno::Sequence<css::beans::PropertyValue> aProperties;
+    uno::Reference<security::XCertificate> xCertificate = xSigner->chooseCertificateWithProps(aProperties);
     if (!xCertificate.is())
         return;
 
@@ -1322,6 +1331,16 @@ void SwEditShell::SignParagraph()
 
     const OUString signature = OStringToOUString(sigBuf.makeStringAndClear(), RTL_TEXTENCODING_UTF8, 0);
 
+    std::vector<css::beans::PropertyValue> vec = comphelper::sequenceToContainer<std::vector<css::beans::PropertyValue>>(aProperties);
+    auto it = std::find_if(vec.begin(), vec.end(), [](const beans::PropertyValue& rValue)
+                                                    {
+                                                        return rValue.Name == "Usage";
+                                                    });
+
+    OUString aUsage;
+    if (it != vec.end())
+        it->Value >>= aUsage;
+
     // 4. Add metadata
     // Prevent validation since this will trigger a premature validation
     // upon inserting, but before setting the metadata.
@@ -1333,7 +1352,7 @@ void SwEditShell::SignParagraph()
     GetDoc()->GetIDocumentUndoRedo().StartUndo(SwUndoId::PARA_SIGN_ADD, nullptr);
 
     const uno::Reference<frame::XModel> xModel = pDocShell->GetBaseModel();
-    uno::Reference<css::text::XTextField> xField = lcl_InsertParagraphSignature(xModel, xParent, signature);
+    uno::Reference<css::text::XTextField> xField = lcl_InsertParagraphSignature(xModel, xParent, signature, aUsage);
 
     lcl_UpdateParagraphSignatureField(GetDoc(), xModel, xField, utf8Text);
 

xmlsecurity/inc/certificatechooser.hxx

@@ -97,6 +97,9 @@ public:
     /// Gets the description string provided when selecting the certificate.
     OUString GetDescription();
 
+    /// Returns the usage string of the selected certificate, if any.
+    OUString GetUsageText();
+
     OUString UsageInClearText(int bits);
 };
 

xmlsecurity/source/component/documentdigitalsignatures.cxx

@@ -43,6 +43,8 @@
 #include <unotools/securityoptions.hxx>
 #include <com/sun/star/security/CertificateValidity.hpp>
 #include <comphelper/documentconstants.hxx>
+#include <comphelper/propertyvalue.hxx>
+#include <comphelper/sequence.hxx>
 #include <cppuhelper/supportsservice.hxx>
 #include <com/sun/star/lang/IllegalArgumentException.hpp>
 
@@ -445,7 +447,7 @@ sal_Bool DocumentDigitalSignatures::isAuthorTrusted(
     return bFound;
 }
 
-Reference< css::security::XCertificate > DocumentDigitalSignatures::chooseCertificateImpl(OUString& rDescription, UserAction eAction)
+Reference< css::security::XCertificate > DocumentDigitalSignatures::chooseCertificateImpl(std::map<OUString, OUString>& rProperties, const UserAction eAction)
 {
     std::vector< Reference< css::xml::crypto::XXMLSecurityContext > > xSecContexts;
 
@@ -461,7 +463,8 @@ Reference< css::security::XCertificate > DocumentDigitalSignatures::chooseCertif
         return Reference< css::security::XCertificate >(nullptr);
 
     Reference< css::security::XCertificate > xCert = aChooser->GetSelectedCertificate();
-    rDescription = aChooser->GetDescription();
+    rProperties["Description"] = aChooser->GetDescription();
+    rProperties["Usage"] = aChooser->GetUsageText();
 
     if ( !xCert.is() )
         return Reference< css::security::XCertificate >(nullptr);
@@ -471,17 +474,38 @@ Reference< css::security::XCertificate > DocumentDigitalSignatures::chooseCertif
 
 Reference< css::security::XCertificate > DocumentDigitalSignatures::chooseCertificate(OUString& rDescription)
 {
-    return chooseCertificateImpl( rDescription, UserAction::Sign );
+    return chooseSigningCertificate( rDescription );
 }
 
 Reference< css::security::XCertificate > DocumentDigitalSignatures::chooseSigningCertificate(OUString& rDescription)
 {
-    return chooseCertificateImpl( rDescription, UserAction::Sign );
+    std::map<OUString, OUString> aProperties;
+    Reference< css::security::XCertificate > xCert = chooseCertificateImpl( aProperties, UserAction::Sign );
+    rDescription = aProperties["Description"];
+    return xCert;
 }
 
 Reference< css::security::XCertificate > DocumentDigitalSignatures::chooseEncryptionCertificate(OUString& rDescription)
 {
-    return chooseCertificateImpl( rDescription, UserAction::Encrypt );
+    std::map<OUString, OUString> aProperties;
+    Reference< css::security::XCertificate > xCert = chooseCertificateImpl( aProperties, UserAction::Encrypt );
+    rDescription = aProperties["Description"];
+    return xCert;
+}
+
+css::uno::Reference< css::security::XCertificate > DocumentDigitalSignatures::chooseCertificateWithProps(Sequence<::com::sun::star::beans::PropertyValue>& rProperties)
+{
+    std::map<OUString, OUString> aProperties;
+    auto xCert = chooseCertificateImpl( aProperties, UserAction::Sign );
+
+    std::vector<css::beans::PropertyValue> vec;
+    for (const auto& pair : aProperties)
+    {
+        vec.emplace_back(comphelper::makePropertyValue(pair.first, pair.second));
+    }
+
+    rProperties = comphelper::containerToSequence(vec);
+    return xCert;
 }
 
 sal_Bool DocumentDigitalSignatures::isLocationTrusted( const OUString& Location )

xmlsecurity/source/component/documentdigitalsignatures.hxx

@@ -27,6 +27,7 @@
 #include <com/sun/star/security/XDocumentDigitalSignatures.hpp>
 #include <com/sun/star/io/XStream.hpp>
 #include <com/sun/star/io/XInputStream.hpp>
+#include <com/sun/star/uno/Sequence.hxx>
 #include <certificatechooser.hxx>
 #include <documentsignaturehelper.hxx>
 
@@ -62,7 +63,7 @@ private:
     /// @throws css::uno::RuntimeException
     css::uno::Sequence< css::security::DocumentSignatureInformation > ImplVerifySignatures( const css::uno::Reference< css::embed::XStorage >& rxStorage, const ::com::sun::star::uno::Reference< css::io::XInputStream >& xSignStream, DocumentSignatureMode eMode );
 
-    css::uno::Reference< css::security::XCertificate > chooseCertificateImpl(OUString& rDescription, UserAction eAction);
+    css::uno::Reference< css::security::XCertificate > chooseCertificateImpl(std::map<OUString, OUString>& rProperties, const UserAction eAction);
 
 public:
     explicit DocumentDigitalSignatures( const css::uno::Reference< css::uno::XComponentContext>& rxCtx );
@@ -106,6 +107,7 @@ public:
     css::uno::Reference< css::security::XCertificate > SAL_CALL chooseCertificate(OUString& rDescription) override;
     css::uno::Reference< css::security::XCertificate > SAL_CALL chooseSigningCertificate(OUString& rDescription) override;
     css::uno::Reference< css::security::XCertificate > SAL_CALL chooseEncryptionCertificate(OUString& rDescription) override;
+    css::uno::Reference< css::security::XCertificate > SAL_CALL chooseCertificateWithProps(css::uno::Sequence<::com::sun::star::beans::PropertyValue>& Properties) override;
 };
 
 /// @throws css::uno::Exception

xmlsecurity/source/dialogs/certificatechooser.cxx

@@ -255,6 +255,12 @@ OUString CertificateChooser::GetDescription()
     return m_pDescriptionED->GetText();
 }
 
+OUString CertificateChooser::GetUsageText()
+{
+    uno::Reference<css::security::XCertificate> xCert = GetSelectedCertificate();
+    return xCert.is() ? UsageInClearText(xCert->getCertificateUsage()) : OUString();
+}
+
 IMPL_LINK_NOARG(CertificateChooser, CertificateHighlightHdl, SvTreeListBox*, void)
 {
     bool bEnable = GetSelectedCertificate().is();