cui/source/dialogs/SignSignatureLineDialog.cxx | 15 ++++- offapi/com/sun/star/security/CertificateKind.idl | 8 ++ offapi/com/sun/star/security/XDocumentDigitalSignatures.idl | 9 +++ sfx2/source/doc/objserv.cxx | 34 +++--------- xmlsecurity/source/component/documentdigitalsignatures.cxx | 28 ++++++++- 5 files changed, 65 insertions(+), 29 deletions(-)
New commits: commit 9b4c6892630a98c1218aca72827f718184a4b5f0 Author: Samuel Mehrbrodt <[email protected]> AuthorDate: Fri Sep 14 10:30:36 2018 +0200 Commit: Samuel Mehrbrodt <[email protected]> CommitDate: Mon Sep 17 10:05:37 2018 +0200 tdf#118569 Signature Line: When signing ooxml, only show X.509 certificates Also fixes a bug where signing was aborted after saving as docx. Change-Id: Ic42b7de2400be0bc55da03b017a545ceaedef9f9 Reviewed-on: https://gerrit.libreoffice.org/60480 Tested-by: Jenkins Reviewed-by: Samuel Mehrbrodt <[email protected]> diff --git a/cui/source/dialogs/SignSignatureLineDialog.cxx b/cui/source/dialogs/SignSignatureLineDialog.cxx index 9b3be762b2d9..72c4e5f2e6a3 100644 --- a/cui/source/dialogs/SignSignatureLineDialog.cxx +++ b/cui/source/dialogs/SignSignatureLineDialog.cxx @@ -20,6 +20,8 @@ #include <unotools/streamwrap.hxx> #include <utility> #include <vcl/weld.hxx> +#include <sfx2/docfile.hxx> +#include <sfx2/docfilt.hxx> #include <sfx2/objsh.hxx> #include <com/sun/star/beans/XPropertySet.hpp> @@ -29,6 +31,7 @@ #include <com/sun/star/graphic/XGraphicProvider.hpp> #include <com/sun/star/io/XInputStream.hpp> #include <com/sun/star/lang/XMultiServiceFactory.hpp> +#include <com/sun/star/security/CertificateKind.hpp> #include <com/sun/star/security/DocumentDigitalSignatures.hpp> #include <com/sun/star/security/XCertificate.hpp> #include <com/sun/star/security/XDocumentDigitalSignatures.hpp> @@ -116,10 +119,20 @@ SignSignatureLineDialog::SignSignatureLineDialog(weld::Widget* pParent, Referenc IMPL_LINK_NOARG(SignSignatureLineDialog, chooseCertificate, weld::Button&, void) { + // Document needs to be saved before selecting a certificate + SfxObjectShell* pShell = SfxObjectShell::Current(); + if (!pShell->PrepareForSigning(m_xDialog.get())) + return; + Reference<XDocumentDigitalSignatures> xSigner(DocumentDigitalSignatures::createWithVersion( comphelper::getProcessComponentContext(), "1.2")); OUString aDescription; - Reference<XCertificate> xSignCertificate = xSigner->selectSigningCertificate(aDescription); + CertificateKind certificateKind = CertificateKind_NONE; + // When signing ooxml, we only want X.509 certificates + if (pShell->GetMedium()->GetFilter()->IsAlienFormat()) + certificateKind = CertificateKind_X509; + Reference<XCertificate> xSignCertificate + = xSigner->selectSigningCertificateWithType(certificateKind, aDescription); if (xSignCertificate.is()) { diff --git a/offapi/com/sun/star/security/CertificateKind.idl b/offapi/com/sun/star/security/CertificateKind.idl index 9f6230452c4b..111591866875 100644 --- a/offapi/com/sun/star/security/CertificateKind.idl +++ b/offapi/com/sun/star/security/CertificateKind.idl @@ -25,7 +25,13 @@ enum CertificateKind /** OpenPGP format of a certificate */ - OPENPGP + OPENPGP, + + /** No format specified + * + * @since LibreOffice 6.2 + */ + NONE }; } ; } ; } ; } ; diff --git a/offapi/com/sun/star/security/XDocumentDigitalSignatures.idl b/offapi/com/sun/star/security/XDocumentDigitalSignatures.idl index 0e4d6c82d553..ebd42c6ecef6 100644 --- a/offapi/com/sun/star/security/XDocumentDigitalSignatures.idl +++ b/offapi/com/sun/star/security/XDocumentDigitalSignatures.idl @@ -168,6 +168,15 @@ interface XDocumentDigitalSignatures : com::sun::star::uno::XInterface */ com::sun::star::security::XCertificate selectSigningCertificate( [out] string Description ); + /** This shows the certificate selection dialog and allows to only select the certificate + without actually signing the document. Only certificates of the given type will be shown. + + @since LibreOffice 6.2 + */ + com::sun::star::security::XCertificate selectSigningCertificateWithType( + [in] CertificateKind certificateKind, + [out] string Description); + /** This method shows the CertificateChooser dialog with all certificates, private and other people's. Useful when choosing certificate/key for encryption diff --git a/sfx2/source/doc/objserv.cxx b/sfx2/source/doc/objserv.cxx index b3db07931fbc..6cfed0679a4a 100644 --- a/sfx2/source/doc/objserv.cxx +++ b/sfx2/source/doc/objserv.cxx @@ -1410,23 +1410,6 @@ SignatureState SfxObjectShell::ImplGetSignatureState( bool bScriptingContent ) bool SfxObjectShell::PrepareForSigning(weld::Window* pDialogParent) { - // Check if it is stored in OASIS format... - if ( GetMedium() - && GetMedium()->GetFilter() - && !GetMedium()->GetName().isEmpty() - && ( (!GetMedium()->GetFilter()->IsOwnFormat() && !GetMedium()->GetFilter()->GetSupportsSigning()) - || (GetMedium()->GetFilter()->IsOwnFormat() && !GetMedium()->HasStorage_Impl()) - ) - ) - { - // Only OASIS and OOo6.x formats will be handled further - std::unique_ptr<weld::MessageDialog> xBox(Application::CreateMessageDialog(pDialogParent, - VclMessageType::Info, VclButtonsType::Ok, SfxResId(STR_INFO_WRONGDOCFORMAT))); - - xBox->run(); - return false; - } - // check whether the document is signed ImplGetSignatureState(); // document signature if (GetMedium() && GetMedium()->GetFilter() && GetMedium()->GetFilter()->IsOwnFormat()) @@ -1470,14 +1453,17 @@ bool SfxObjectShell::PrepareForSigning(weld::Window* pDialogParent) SetModified(); ExecFile_Impl( aSaveRequest ); - // Check if it is stored in OASIS format... - if ( GetMedium() && GetMedium()->GetFilter() - && ( !GetMedium()->GetFilter()->IsOwnFormat() || !GetMedium()->HasStorage_Impl() - || SotStorage::GetVersion( GetMedium()->GetStorage() ) <= SOFFICE_FILEFORMAT_60 ) ) + // Check if it is stored a format which supports signing + if (GetMedium() && GetMedium()->GetFilter() && !GetMedium()->GetName().isEmpty() + && ((!GetMedium()->GetFilter()->IsOwnFormat() + && !GetMedium()->GetFilter()->GetSupportsSigning()) + || (GetMedium()->GetFilter()->IsOwnFormat() + && !GetMedium()->HasStorage_Impl()))) { - // Only OASIS format will be handled further - std::unique_ptr<weld::MessageDialog> xBox(Application::CreateMessageDialog(pDialogParent, - VclMessageType::Info, VclButtonsType::Ok, SfxResId(STR_INFO_WRONGDOCFORMAT))); + std::unique_ptr<weld::MessageDialog> xBox(Application::CreateMessageDialog( + pDialogParent, VclMessageType::Info, VclButtonsType::Ok, + SfxResId(STR_INFO_WRONGDOCFORMAT))); + xBox->run(); return false; } diff --git a/xmlsecurity/source/component/documentdigitalsignatures.cxx b/xmlsecurity/source/component/documentdigitalsignatures.cxx index e97733fe2208..23689c1e4fa3 100644 --- a/xmlsecurity/source/component/documentdigitalsignatures.cxx +++ b/xmlsecurity/source/component/documentdigitalsignatures.cxx @@ -41,6 +41,7 @@ #include <vcl/weld.hxx> #include <unotools/securityoptions.hxx> #include <com/sun/star/security/CertificateValidity.hpp> +#include <com/sun/star/security/CertificateKind.hpp> #include <comphelper/base64.hxx> #include <comphelper/documentconstants.hxx> #include <comphelper/propertyvalue.hxx> @@ -54,6 +55,7 @@ using namespace css; using namespace css::uno; using namespace css::lang; +using namespace css::security; using namespace css::xml::crypto; class DocumentDigitalSignatures @@ -86,7 +88,8 @@ private: DocumentSignatureMode eMode); css::uno::Sequence<css::uno::Reference<css::security::XCertificate>> - chooseCertificatesImpl(std::map<OUString, OUString>& rProperties, const UserAction eAction); + chooseCertificatesImpl(std::map<OUString, OUString>& rProperties, const UserAction eAction, + const CertificateKind certificateKind=CertificateKind_NONE); public: explicit DocumentDigitalSignatures( @@ -158,6 +161,9 @@ public: SAL_CALL chooseSigningCertificate(OUString& rDescription) override; css::uno::Reference<css::security::XCertificate> SAL_CALL selectSigningCertificate(OUString& rDescription) override; + css::uno::Reference<css::security::XCertificate> + SAL_CALL selectSigningCertificateWithType(const CertificateKind certificateKind, + OUString& rDescription) override; css::uno::Sequence<css::uno::Reference<css::security::XCertificate>> SAL_CALL chooseEncryptionCertificate() override; css::uno::Reference<css::security::XCertificate> SAL_CALL chooseCertificateWithProps( @@ -614,14 +620,19 @@ sal_Bool DocumentDigitalSignatures::isAuthorTrusted( return bFound; } -uno::Sequence< Reference< css::security::XCertificate > > DocumentDigitalSignatures::chooseCertificatesImpl(std::map<OUString, OUString>& rProperties, const UserAction eAction) +uno::Sequence<Reference<css::security::XCertificate>> +DocumentDigitalSignatures::chooseCertificatesImpl(std::map<OUString, OUString>& rProperties, + const UserAction eAction, + const CertificateKind certificateKind) { std::vector< Reference< css::xml::crypto::XXMLSecurityContext > > xSecContexts; DocumentSignatureManager aSignatureManager(mxCtx, {}); if (aSignatureManager.init()) { xSecContexts.push_back(aSignatureManager.getSecurityContext()); - xSecContexts.push_back(aSignatureManager.getGpgSecurityContext()); + // Don't include OpenPGP if only X.509 certs are requested + if (certificateKind == CertificateKind_NONE || certificateKind == CertificateKind_OPENPGP) + xSecContexts.push_back(aSignatureManager.getGpgSecurityContext()); } ScopedVclPtrInstance< CertificateChooser > aChooser(nullptr, mxCtx, xSecContexts, eAction); @@ -660,6 +671,17 @@ Reference< css::security::XCertificate > DocumentDigitalSignatures::selectSignin return xCert; } +Reference<css::security::XCertificate> +DocumentDigitalSignatures::selectSigningCertificateWithType(const CertificateKind certificateKind, + OUString& rDescription) +{ + std::map<OUString, OUString> aProperties; + Reference<css::security::XCertificate> xCert + = chooseCertificatesImpl(aProperties, UserAction::SelectSign, certificateKind)[0]; + rDescription = aProperties["Description"]; + return xCert; +} + css::uno::Sequence< Reference< css::security::XCertificate > > DocumentDigitalSignatures::chooseEncryptionCertificate() { std::map<OUString, OUString> aProperties; _______________________________________________ Libreoffice-commits mailing list [email protected] https://lists.freedesktop.org/mailman/listinfo/libreoffice-commits
