core.git: sfx2/source xmlsecurity/qa
sfx2/source/doc/objstor.cxx |3 - xmlsecurity/qa/unit/signing/signing2.cxx | 58 --- 2 files changed, 31 insertions(+), 30 deletions(-) New commits: commit d0dcd87788910e3c9f67a2b68534019c05b77bad Author: Thorsten Behrens AuthorDate: Mon Jan 15 00:26:02 2024 +0100 Commit: Thorsten Behrens CommitDate: Tue Jan 23 21:41:03 2024 +0100 Make wholesome ODF package encryption the default Change-Id: I825ae7a5e4b80d390804a7bb2cfdfc3b1843bd07 Reviewed-on: https://gerrit.libreoffice.org/c/core/+/162066 Tested-by: Jenkins Reviewed-by: Thorsten Behrens diff --git a/sfx2/source/doc/objstor.cxx b/sfx2/source/doc/objstor.cxx index 854389ae31be..27fb68c83f87 100644 --- a/sfx2/source/doc/objstor.cxx +++ b/sfx2/source/doc/objstor.cxx @@ -170,8 +170,7 @@ bool SfxObjectShell::QuerySlotExecutable( sal_uInt16 /*nSlotId*/ ) static bool UseODFWholesomeEncryption(SvtSaveOptions::ODFSaneDefaultVersion const nODFVersion) { -return nODFVersion == SvtSaveOptions::ODFSVER_LATEST_EXTENDED -&& officecfg::Office::Common::Misc::ExperimentalMode::get(); +return nODFVersion == SvtSaveOptions::ODFSVER_LATEST_EXTENDED; } bool GetEncryptionData_Impl( const SfxItemSet* pSet, uno::Sequence< beans::NamedValue >& o_rEncryptionData ) diff --git a/xmlsecurity/qa/unit/signing/signing2.cxx b/xmlsecurity/qa/unit/signing/signing2.cxx index 71e887df236a..dd6f9e09a83d 100644 --- a/xmlsecurity/qa/unit/signing/signing2.cxx +++ b/xmlsecurity/qa/unit/signing/signing2.cxx @@ -128,9 +128,21 @@ CPPUNIT_TEST_FIXTURE(SigningTest2, testPasswordPreserveMacroSignatureODF13) CPPUNIT_ASSERT_EQUAL(SignatureState::OK, pObjectShell->GetScriptingSignatureState()); } -saveAndReload("writer8", "password"); { -// test standard ODF 1.2/1.3/1.4 encryption +// test the old, standard ODF 1.2/1.3/1.4 encryption +Resetter resetter([]() { +std::shared_ptr pBatch( +comphelper::ConfigurationChanges::create()); +officecfg::Office::Common::Save::ODF::DefaultVersion::set(3, pBatch); +return pBatch->commit(); +}); +std::shared_ptr pBatch( +comphelper::ConfigurationChanges::create()); +officecfg::Office::Common::Save::ODF::DefaultVersion::set(10, pBatch); +pBatch->commit(); + +saveAndReload("writer8", "password"); + xmlDocUniquePtr pXmlDoc = parseExport("META-INF/manifest.xml"); assertXPath(pXmlDoc, "/manifest:manifest"_ostr, "version"_ostr, "1.3"); assertXPath(pXmlDoc, "/manifest:manifest/manifest:file-entry[@manifest:size != '0']"_ostr, @@ -174,18 +186,7 @@ CPPUNIT_TEST_FIXTURE(SigningTest2, testPasswordPreserveMacroSignatureODF13) } { -Resetter resetter([]() { -std::shared_ptr pBatch( -comphelper::ConfigurationChanges::create()); -officecfg::Office::Common::Misc::ExperimentalMode::set(false, pBatch); -return pBatch->commit(); -}); -std::shared_ptr pBatch( -comphelper::ConfigurationChanges::create()); -officecfg::Office::Common::Misc::ExperimentalMode::set(true, pBatch); -pBatch->commit(); - -// store it experimental - reload +// store it with new wholesome ODF extended encryption - reload saveAndReload("writer8", "password"); // test wholesome ODF extended encryption @@ -253,18 +254,7 @@ CPPUNIT_TEST_FIXTURE(SigningTest2, testPasswordPreserveMacroSignatureODFWholesom } { -Resetter resetter([]() { -std::shared_ptr pBatch( -comphelper::ConfigurationChanges::create()); -officecfg::Office::Common::Misc::ExperimentalMode::set(false, pBatch); -return pBatch->commit(); -}); -std::shared_ptr pBatch( -comphelper::ConfigurationChanges::create()); -officecfg::Office::Common::Misc::ExperimentalMode::set(true, pBatch); -pBatch->commit(); - -// store it experimental - reload +// store it with new wholesome ODF extended encryption - reload saveAndReload("writer8", "password"); // test wholesome ODF extended encryption @@ -321,9 +311,21 @@ CPPUNIT_TEST_FIXTURE(SigningTest2, testPasswordPreserveMacroSignatureODFWholesom CPPUNIT_ASSERT_EQUAL(SignatureState::OK, pObjectShell->GetScriptingSignatureState()); } -saveAndReload("writer8", "password"); { -// test standard ODF 1.2/1.3/1.4 encryption +// test the old, standard ODF 1.2/1.3/1.4 encryption +Resetter resetter([]() { +std::shared_ptr pBatch( +comphelper::ConfigurationChanges::create()); +officecfg::Office::Common::Save::ODF::DefaultVersion::set(3, pBatch); +return pBatch->commit(); +}); +std::shared_ptr pBatch( +
[Libreoffice-commits] core.git: sfx2/source xmlsecurity/qa
sfx2/source/doc/objmisc.cxx |3 +++ xmlsecurity/qa/unit/signing/signing.cxx | 30 ++ 2 files changed, 9 insertions(+), 24 deletions(-) New commits: commit 929d46bbf42aefc1f6cf046c2b9cf3d7c4e1efc5 Author: Jan-Marek Glogowski AuthorDate: Thu Mar 12 18:07:48 2020 +0100 Commit: Thorsten Behrens CommitDate: Fri Mar 13 00:37:46 2020 +0100 tdf#42316 always evaluate macro signatures on load As already stated in the comments of the signing unit tests, disabling macro security will not only ignore the signatures, but actually drop the macro signature, as these are never evaluated and as a result can't be restored for the new document. Change-Id: Ie41a9e72d3367c2eed58a52387bb67d8c41abff3 Reviewed-on: https://gerrit.libreoffice.org/c/core/+/90435 Tested-by: Jenkins Reviewed-by: Thorsten Behrens diff --git a/sfx2/source/doc/objmisc.cxx b/sfx2/source/doc/objmisc.cxx index 0f155cc7e4f9..43a5f5b10800 100644 --- a/sfx2/source/doc/objmisc.cxx +++ b/sfx2/source/doc/objmisc.cxx @@ -928,6 +928,9 @@ void SfxObjectShell::BreakMacroSign_Impl( bool bBreakMacroSign ) void SfxObjectShell::CheckSecurityOnLoading_Impl() { +// make sure LO evaluates the macro signatures, so it can be preserved +GetScriptingSignatureState(); + uno::Reference< task::XInteractionHandler > xInteraction; if ( GetMedium() ) xInteraction = GetMedium()->GetInteractionHandler(); diff --git a/xmlsecurity/qa/unit/signing/signing.cxx b/xmlsecurity/qa/unit/signing/signing.cxx index 5a3cdb55f608..2609ae91cd24 100644 --- a/xmlsecurity/qa/unit/signing/signing.cxx +++ b/xmlsecurity/qa/unit/signing/signing.cxx @@ -1009,15 +1009,9 @@ CPPUNIT_TEST_FIXTURE(SigningTest, testPreserveMacroTemplateSignature12_ODF) ODFVER_012_TEXT); // create new document from template -// we can't use createDoc / MacrosTest::loadFromDesktop, because ALWAYS_EXECUTE_NO_WARN -// won't verify the signature for templates, so the resulting document won't be able to -// preserve the templates signature. mxComponent->dispose(); -mxComponent = mxDesktop->loadComponentFromURL( -aURL, "_default", 0, -comphelper::InitPropertySequence( -{ { "MacroExecutionMode", - uno::Any(document::MacroExecMode::FROM_LIST_AND_SIGNED_NO_WARN) } })); +mxComponent = mxDesktop->loadComponentFromURL(aURL, "_default", 0, + uno::Sequence(0)); CPPUNIT_ASSERT_MESSAGE(OUStringToOString(sLoadMessage, RTL_TEXTENCODING_UTF8).getStr(), mxComponent.is()); @@ -1119,15 +1113,9 @@ CPPUNIT_TEST_FIXTURE(SigningTest, testDropMacroTemplateSignature) SignatureState::NOTVALIDATED, OUString()); // create new document from template -// we can't use createDoc / MacrosTest::loadFromDesktop, because ALWAYS_EXECUTE_NO_WARN -// won't verify the signature for templates, so the resulting document won't be able to -// preserve the templates signature. mxComponent->dispose(); -mxComponent = mxDesktop->loadComponentFromURL( -aURL, "_default", 0, -comphelper::InitPropertySequence( -{ { "MacroExecutionMode", - uno::Any(document::MacroExecMode::FROM_LIST_AND_SIGNED_NO_WARN) } })); +mxComponent = mxDesktop->loadComponentFromURL(aURL, "_default", 0, + uno::Sequence(0)); CPPUNIT_ASSERT_MESSAGE(OUStringToOString(sLoadMessage, RTL_TEXTENCODING_UTF8).getStr(), mxComponent.is()); @@ -1252,15 +1240,9 @@ CPPUNIT_TEST_FIXTURE(SigningTest, testPreserveMacroTemplateSignature10) SignatureState::NOTVALIDATED, OUString()); // create new document from template -// we can't use createDoc / MacrosTest::loadFromDesktop, because ALWAYS_EXECUTE_NO_WARN -// won't verify the signature for templates, so the resulting document won't be able to -// preserve the templates signature. mxComponent->dispose(); -mxComponent = mxDesktop->loadComponentFromURL( -aURL, "_default", 0, -comphelper::InitPropertySequence( -{ { "MacroExecutionMode", - uno::Any(document::MacroExecMode::FROM_LIST_AND_SIGNED_NO_WARN) } })); +mxComponent = mxDesktop->loadComponentFromURL(aURL, "_default", 0, + uno::Sequence(0)); CPPUNIT_ASSERT_MESSAGE(OUStringToOString(sLoadMessage, RTL_TEXTENCODING_UTF8).getStr(), mxComponent.is()); ___ Libreoffice-commits mailing list libreoffice-comm...@lists.freedesktop.org https://lists.freedesktop.org/mailman/listinfo/libreoffice-commits
[Libreoffice-commits] core.git: sfx2/source xmlsecurity/qa
sfx2/source/doc/objstor.cxx | 15 +- xmlsecurity/qa/unit/signing/signing.cxx | 181 2 files changed, 174 insertions(+), 22 deletions(-) New commits: commit 4aa6e2cb2245eddab87fb451add94159a7604246 Author: Jan-Marek Glogowski AuthorDate: Fri Oct 11 13:09:59 2019 +0200 Commit: Samuel Mehrbrodt CommitDate: Wed Oct 16 13:44:17 2019 +0200 tdf#42316 handle saving to template filters This extends the filter comparison from commit c3a1c83ff5af ("tdf#42316 preserve macro signature of templates"). The original patch just stripped "_template" from the source filter to find equal document types, which just enables the "template => document" case. This patch also strips the "_template" from the target filter, which fixes the "document or template => template" cases. This also extends the signing save tests: * OTT 1.2 => OTT 1.2 - preserve * ODT 1.2 => OTT 1.2 - preserve * OTT 1.0 => OTT 1.0 - preserve * ODT 1.0 => OTT 1.0 - preserve * OTT 1.0 => OTT 1.2 - drop Change-Id: Ie297258a4d9f9aa4beb25786c6ba240b6f16f49b Reviewed-on: https://gerrit.libreoffice.org/80654 Tested-by: Jenkins Reviewed-by: Samuel Mehrbrodt diff --git a/sfx2/source/doc/objstor.cxx b/sfx2/source/doc/objstor.cxx index 5dfcd6829df5..901432384ac2 100644 --- a/sfx2/source/doc/objstor.cxx +++ b/sfx2/source/doc/objstor.cxx @@ -1089,6 +1089,15 @@ private: }; } +static OUString lcl_strip_template(const OUString ) +{ +static const OUString sPostfix("_template"); +OUString sRes(aString); +if (sRes.endsWith(sPostfix)) +sRes = sRes.copy(0, sRes.getLength() - sPostfix.getLength()); +return sRes; +} + bool SfxObjectShell::SaveTo_Impl ( SfxMedium , // Medium, in which it will be stored @@ -1168,10 +1177,8 @@ bool SfxObjectShell::SaveTo_Impl // preserve only if the same filter has been used // for templates, strip the _template from the filter name for comparison -OUString aMediumFilter = pMedium->GetFilter()->GetFilterName(); -if (aMediumFilter.endsWith("_template")) -aMediumFilter = aMediumFilter.copy(0, aMediumFilter.getLength() - 9); -bTryToPreserveScriptSignature = pMedium->GetFilter() && pFilter && aMediumFilter == pFilter->GetFilterName(); +const OUString aMediumFilter = lcl_strip_template(pMedium->GetFilter()->GetFilterName()); +bTryToPreserveScriptSignature = pMedium->GetFilter() && pFilter && aMediumFilter == lcl_strip_template(pFilter->GetFilterName()); // signatures were specified in ODF 1.2 but were used since much longer. // LO will still correctly validate an old style signature on an ODF 1.2 diff --git a/xmlsecurity/qa/unit/signing/signing.cxx b/xmlsecurity/qa/unit/signing/signing.cxx index 982e06523c64..f2039b609e7e 100644 --- a/xmlsecurity/qa/unit/signing/signing.cxx +++ b/xmlsecurity/qa/unit/signing/signing.cxx @@ -995,7 +995,7 @@ SfxObjectShell* SigningTest::assertDocument(const ::CppUnit::SourceLine aSrcLine } /// Test if a macro signature from a OTT 1.2 template is preserved for ODT 1.2 -CPPUNIT_TEST_FIXTURE(SigningTest, testPreserveMacroTemplateSignature12) +CPPUNIT_TEST_FIXTURE(SigningTest, testPreserveMacroTemplateSignature12_ODF) { const OUString aURL(m_directories.getURLFromSrc(DATA_DIRECTORY) + "tdf42316_odt12.ott"); const OUString sLoadMessage = "loading failed: " + aURL; @@ -1009,12 +1009,12 @@ CPPUNIT_TEST_FIXTURE(SigningTest, testPreserveMacroTemplateSignature12) // we are a template, and have a valid document and macro signature assertDocument(CPPUNIT_SOURCELINE(), "writer8_template", SignatureState::OK, SignatureState::OK, ODFVER_012_TEXT); -mxComponent->dispose(); // create new document from template // we can't use createDoc / MacrosTest::loadFromDesktop, because ALWAYS_EXECUTE_NO_WARN // won't verify the signature for templates, so the resulting document won't be able to // preserve the templates signature. +mxComponent->dispose(); mxComponent = mxDesktop->loadComponentFromURL( aURL, "_default", 0, comphelper::InitPropertySequence( @@ -1028,26 +1028,80 @@ CPPUNIT_TEST_FIXTURE(SigningTest, testPreserveMacroTemplateSignature12) SignatureState::OK, ODFVER_012_TEXT); // save as new ODT document -utl::TempFile aTempFileSaveAs; -aTempFileSaveAs.EnableKillingFile(); +utl::TempFile aTempFileSaveAsODT; +aTempFileSaveAsODT.EnableKillingFile(); try { uno::Reference xDocStorable(mxComponent, uno::UNO_QUERY); uno::Sequence descSaveAs( comphelper::InitPropertySequence({ { "FilterName", uno::Any(OUString("writer8")) } })); -xDocStorable->storeAsURL(aTempFileSaveAs.GetURL(), descSaveAs); +