xmlsecurity/inc/xmlsecurity/documentsignaturehelper.hxx | 7 + xmlsecurity/inc/xmlsecurity/xmlsignaturehelper.hxx | 5 xmlsecurity/source/component/documentdigitalsignatures.cxx | 8 - xmlsecurity/source/helper/documentsignaturehelper.cxx | 13 ++ xmlsecurity/source/helper/xmlsignaturehelper.cxx | 80 +++++++++++++ xmlsecurity/source/helper/xsecctl.cxx | 1 xmlsecurity/source/helper/xsecctl.hxx | 2 xmlsecurity/source/helper/xsecverify.cxx | 11 - 8 files changed, 118 insertions(+), 9 deletions(-)
New commits: commit dbfb82b6da0f4e6d7be9a0010eb4db8e1bf92ee0 Author: Miklos Vajna <[email protected]> Date: Wed Jan 13 09:37:10 2016 +0100 xmlsecurity: refactor to allow multiple signature parser implementations Change-Id: I1d1ae4a0bf41b89fe2f8db9b44d3b0b7a0dfd1cd diff --git a/xmlsecurity/source/helper/xsecctl.cxx b/xmlsecurity/source/helper/xsecctl.cxx index 2cdfbb1..cc6a2e1 100644 --- a/xmlsecurity/source/helper/xsecctl.cxx +++ b/xmlsecurity/source/helper/xsecctl.cxx @@ -56,7 +56,6 @@ XSecController::XSecController( const cssu::Reference<cssu::XComponentContext>& , m_nStatusOfSecurityComponents(UNINITIALIZED) , m_bIsSAXEventKeeperSticky(false) , m_pErrorMessage(nullptr) - , m_pXSecParser(nullptr) , m_nReservedSignatureId(0) , m_bVerifyCurrentSignature(false) { diff --git a/xmlsecurity/source/helper/xsecctl.hxx b/xmlsecurity/source/helper/xsecctl.hxx index 916fb3c..734ecdb 100644 --- a/xmlsecurity/source/helper/xsecctl.hxx +++ b/xmlsecurity/source/helper/xsecctl.hxx @@ -310,7 +310,7 @@ private: /* * the XSecParser which is used to parse the signature stream */ - XSecParser *m_pXSecParser; + css::uno::Reference<css::xml::sax::XDocumentHandler> m_xSecParser; /* * the caller assigned signature id for the next signature in the diff --git a/xmlsecurity/source/helper/xsecverify.cxx b/xmlsecurity/source/helper/xsecverify.cxx index 6f09354..ba89bad 100644 --- a/xmlsecurity/source/helper/xsecverify.cxx +++ b/xmlsecurity/source/helper/xsecverify.cxx @@ -31,6 +31,7 @@ #include <sal/log.hxx> #include <unotools/datetime.hxx> +using namespace com::sun::star; namespace cssu = com::sun::star::uno; namespace cssl = com::sun::star::lang; namespace cssxc = com::sun::star::xml::crypto; @@ -371,7 +372,7 @@ void XSecController::collectToVerify( const OUString& referenceId ) void XSecController::addSignature( sal_Int32 nSignatureId ) { - DBG_ASSERT( m_pXSecParser != nullptr, "No XSecParser initialized" ); + DBG_ASSERT( m_xSecParser.is(), "No XSecParser initialized" ); m_nReservedSignatureId = nSignatureId; m_bVerifyCurrentSignature = true; @@ -379,18 +380,18 @@ void XSecController::addSignature( sal_Int32 nSignatureId ) cssu::Reference< cssxs::XDocumentHandler > XSecController::createSignatureReader() { - m_pXSecParser = new XSecParser( this, nullptr ); - cssu::Reference< cssl::XInitialization > xInitialization = m_pXSecParser; + m_xSecParser = new XSecParser( this, nullptr ); + cssu::Reference< cssl::XInitialization > xInitialization(m_xSecParser, uno::UNO_QUERY); setSAXChainConnector(xInitialization, nullptr, nullptr); - return m_pXSecParser; + return m_xSecParser; } void XSecController::releaseSignatureReader() { clearSAXChainConnector( ); - m_pXSecParser = nullptr; + m_xSecParser.clear(); } /* vim:set shiftwidth=4 softtabstop=4 expandtab: */ commit 5524754e9f7c936f7152f49815af0e11d9c92613 Author: Miklos Vajna <[email protected]> Date: Wed Jan 13 09:36:06 2016 +0100 xmlsecurity: initial XMLSignatureHelper::ReadAndVerifySignatureStorageStream() Change-Id: Ida3f77a763c55a7ec8a52a3de4521d18a952e752 diff --git a/xmlsecurity/inc/xmlsecurity/xmlsignaturehelper.hxx b/xmlsecurity/inc/xmlsecurity/xmlsignaturehelper.hxx index bf5cfea..ea954d1 100644 --- a/xmlsecurity/inc/xmlsecurity/xmlsignaturehelper.hxx +++ b/xmlsecurity/inc/xmlsecurity/xmlsignaturehelper.hxx @@ -178,8 +178,10 @@ public: static void CloseDocumentHandler( const ::com::sun::star::uno::Reference< com::sun::star::xml::sax::XDocumentHandler>& xDocumentHandler ); static void ExportSignature( const com::sun::star::uno::Reference< com::sun::star::xml::sax::XDocumentHandler >& xDocumentHandler, const SignatureInformation& signatureInfo ); - /// Read and verify an OOXML signature. + /// Read and verify OOXML signatures. bool ReadAndVerifySignatureStorage(const css::uno::Reference<css::embed::XStorage>& xStorage); + /// Read and verify a single OOXML signature. + bool ReadAndVerifySignatureStorageStream(const css::uno::Reference<css::io::XInputStream>& xInputStream); }; #endif // INCLUDED_XMLSECURITY_INC_XMLSECURITY_XMLSIGNATUREHELPER_HXX diff --git a/xmlsecurity/source/helper/xmlsignaturehelper.cxx b/xmlsecurity/source/helper/xmlsignaturehelper.cxx index 89d5d95..95f26e3 100644 --- a/xmlsecurity/source/helper/xmlsignaturehelper.cxx +++ b/xmlsecurity/source/helper/xmlsignaturehelper.cxx @@ -368,7 +368,9 @@ bool XMLSignatureHelper::ReadAndVerifySignatureStorage(const uno::Reference<embe std::vector<beans::StringPair>::iterator it = std::find_if(aRelation.begin(), aRelation.end(), [](const beans::StringPair& rPair) { return rPair.First == "Target"; }); if (it != aRelation.end()) { - // TODO now handle it->Second + uno::Reference<io::XInputStream> xInputStream(xStorage->openStreamElement(it->Second, nOpenMode), uno::UNO_QUERY); + if (!ReadAndVerifySignatureStorageStream(xInputStream)) + return false; } } } @@ -376,4 +378,45 @@ bool XMLSignatureHelper::ReadAndVerifySignatureStorage(const uno::Reference<embe return true; } +bool XMLSignatureHelper::ReadAndVerifySignatureStorageStream(const css::uno::Reference<css::io::XInputStream>& xInputStream) +{ + mbError = false; + + // Create the input source. + xml::sax::InputSource aParserInput; + aParserInput.aInputStream = xInputStream; + + // Create the sax parser. + uno::Reference<xml::sax::XParser> xParser = xml::sax::Parser::create(mxCtx); + + // Create the signature reader. + uno::Reference<xml::sax::XDocumentHandler> xHandler = mpXSecController->createSignatureReader(); + + // Create the signature listener. + ImplXMLSignatureListener* pSignatureListener = new ImplXMLSignatureListener( + LINK(this, XMLSignatureHelper, SignatureCreationResultListener), + LINK(this, XMLSignatureHelper, SignatureVerifyResultListener), + LINK(this, XMLSignatureHelper, StartVerifySignatureElement)); + uno::Reference<xml::sax::XDocumentHandler> xSignatureListener(pSignatureListener); + + // Parser -> signature listener -> signature reader. + pSignatureListener->setNextHandler(xHandler); + xParser->setDocumentHandler(xSignatureListener); + + // Parse the stream. + try + { + xParser->parseStream(aParserInput); + } + catch(const uno::Exception& rException) + { + SAL_WARN("xmlsecurity.helper", "XMLSignatureHelper::ReadAndVerifySignatureStorageStream: " << rException.Message); + } + + pSignatureListener->setNextHandler(nullptr); + mpXSecController->releaseSignatureReader(); + + return !mbError; +} + /* vim:set shiftwidth=4 softtabstop=4 expandtab: */ commit 64b49f20af80150ec551d0c4d9638731e023217f Author: Miklos Vajna <[email protected]> Date: Wed Jan 13 09:35:35 2016 +0100 xmlsecurity: read OOXML signature relations Change-Id: I9d2f6e6285e3db6c72d298a7d0b4ebb321936506 diff --git a/xmlsecurity/source/helper/xmlsignaturehelper.cxx b/xmlsecurity/source/helper/xmlsignaturehelper.cxx index e2d808c..89d5d95 100644 --- a/xmlsecurity/source/helper/xmlsignaturehelper.cxx +++ b/xmlsecurity/source/helper/xmlsignaturehelper.cxx @@ -35,12 +35,17 @@ #include <com/sun/star/io/XActiveDataSource.hpp> #include <com/sun/star/lang/XComponent.hpp> #include <com/sun/star/beans/XPropertySet.hpp> +#include <com/sun/star/beans/StringPair.hpp> #include <com/sun/star/xml/sax/Parser.hpp> #include <com/sun/star/xml/sax/Writer.hpp> #include <com/sun/star/xml/crypto/SEInitializer.hpp> +#include <com/sun/star/embed/ElementModes.hpp> +#include <com/sun/star/embed/XStorage.hpp> #include <tools/date.hxx> #include <tools/time.hxx> +#include <comphelper/ofopxmlhelper.hxx> +#include <comphelper/sequence.hxx> #define TAG_DOCUMENTSIGNATURES "document-signatures" #define NS_DOCUMENTSIGNATURES "http://openoffice.org/2004/documentsignatures"; @@ -301,11 +306,6 @@ bool XMLSignatureHelper::ReadAndVerifySignature( const com::sun::star::uno::Refe return !mbError; } -bool XMLSignatureHelper::ReadAndVerifySignatureStorage(const css::uno::Reference<css::embed::XStorage>& /*xStorage*/) -{ - return true; -} - SignatureInformation XMLSignatureHelper::GetSignatureInformation( sal_Int32 nSecurityId ) const { return mpXSecController->getSignatureInformation( nSecurityId ); @@ -344,4 +344,36 @@ IMPL_LINK_NOARG_TYPED( XMLSignatureHelper, StartVerifySignatureElement, LinkPara } } +namespace +{ +bool lcl_isSignatureType(const beans::StringPair& rPair) +{ + return rPair.First == "Type" && rPair.Second == "http://schemas.openxmlformats.org/package/2006/relationships/digital-signature/signature";; +} +} + +bool XMLSignatureHelper::ReadAndVerifySignatureStorage(const uno::Reference<embed::XStorage>& xStorage) +{ + sal_Int32 nOpenMode = embed::ElementModes::READ; + uno::Reference<embed::XStorage> xSubStorage = xStorage->openStorageElement("_rels", nOpenMode); + uno::Reference<io::XInputStream> xRelStream(xSubStorage->openStreamElement("origin.sigs.rels", nOpenMode), uno::UNO_QUERY); + uno::Sequence< uno::Sequence<beans::StringPair> > aRelationsInfo; + aRelationsInfo = comphelper::OFOPXMLHelper::ReadRelationsInfoSequence(xRelStream, "origin.sigs.rels", mxCtx); + + for (const uno::Sequence<beans::StringPair>& rRelation : aRelationsInfo) + { + auto aRelation = comphelper::sequenceToContainer< std::vector<beans::StringPair> >(rRelation); + if (std::find_if(aRelation.begin(), aRelation.end(), lcl_isSignatureType) != aRelation.end()) + { + std::vector<beans::StringPair>::iterator it = std::find_if(aRelation.begin(), aRelation.end(), [](const beans::StringPair& rPair) { return rPair.First == "Target"; }); + if (it != aRelation.end()) + { + // TODO now handle it->Second + } + } + } + + return true; +} + /* vim:set shiftwidth=4 softtabstop=4 expandtab: */ commit e62ba5bb3f032e7064bf1f643bae449b0e612787 Author: Miklos Vajna <[email protected]> Date: Wed Jan 13 09:34:01 2016 +0100 xmlsecurity: don't assume the signature is always a single stream Change-Id: I07ce23d698fea9338a85b086a5a3c3418e8c8290 diff --git a/xmlsecurity/inc/xmlsecurity/documentsignaturehelper.hxx b/xmlsecurity/inc/xmlsecurity/documentsignaturehelper.hxx index 06a666e..9b423a1 100644 --- a/xmlsecurity/inc/xmlsecurity/documentsignaturehelper.hxx +++ b/xmlsecurity/inc/xmlsecurity/documentsignaturehelper.hxx @@ -60,6 +60,13 @@ struct SignatureStreamHelper { css::uno::Reference < css::embed::XStorage > xSignatureStorage; css::uno::Reference < css::io::XStream > xSignatureStream; + /// If this is embed::StorageFormats::OFOPXML, then it's expected that xSignatureStream is an empty reference. + sal_Int32 nStorageFormat; + + SignatureStreamHelper() + : nStorageFormat(0) + { + } }; diff --git a/xmlsecurity/inc/xmlsecurity/xmlsignaturehelper.hxx b/xmlsecurity/inc/xmlsecurity/xmlsignaturehelper.hxx index 8babab5..bf5cfea 100644 --- a/xmlsecurity/inc/xmlsecurity/xmlsignaturehelper.hxx +++ b/xmlsecurity/inc/xmlsecurity/xmlsignaturehelper.hxx @@ -177,6 +177,9 @@ public: ::com::sun::star::uno::Reference< ::com::sun::star::xml::sax::XWriter> CreateDocumentHandlerWithHeader( const com::sun::star::uno::Reference< com::sun::star::io::XOutputStream >& xOutputStream ); static void CloseDocumentHandler( const ::com::sun::star::uno::Reference< com::sun::star::xml::sax::XDocumentHandler>& xDocumentHandler ); static void ExportSignature( const com::sun::star::uno::Reference< com::sun::star::xml::sax::XDocumentHandler >& xDocumentHandler, const SignatureInformation& signatureInfo ); + + /// Read and verify an OOXML signature. + bool ReadAndVerifySignatureStorage(const css::uno::Reference<css::embed::XStorage>& xStorage); }; #endif // INCLUDED_XMLSECURITY_INC_XMLSECURITY_XMLSIGNATUREHELPER_HXX diff --git a/xmlsecurity/source/component/documentdigitalsignatures.cxx b/xmlsecurity/source/component/documentdigitalsignatures.cxx index 8406fc5..728c345 100644 --- a/xmlsecurity/source/component/documentdigitalsignatures.cxx +++ b/xmlsecurity/source/component/documentdigitalsignatures.cxx @@ -29,6 +29,7 @@ #include <../dialogs/resourcemanager.hxx> #include <com/sun/star/embed/XStorage.hpp> +#include <com/sun/star/embed/StorageFormats.hpp> #include <com/sun/star/embed/XTransactedObject.hpp> #include <com/sun/star/embed/ElementModes.hpp> #include <com/sun/star/ucb/XContent.hpp> @@ -272,7 +273,7 @@ DocumentDigitalSignatures::ImplVerifySignatures( xInputStream.set( aStreamHelper.xSignatureStream, UNO_QUERY ); } - if ( !xInputStream.is() ) + if (!xInputStream.is() && aStreamHelper.nStorageFormat != embed::StorageFormats::OFOPXML) return Sequence< ::com::sun::star::security::DocumentSignatureInformation >(0); @@ -289,7 +290,10 @@ DocumentDigitalSignatures::ImplVerifySignatures( aSignatureHelper.StartMission(); - aSignatureHelper.ReadAndVerifySignature( xInputStream ); + if (xInputStream.is()) + aSignatureHelper.ReadAndVerifySignature(xInputStream); + else if (aStreamHelper.nStorageFormat == embed::StorageFormats::OFOPXML) + aSignatureHelper.ReadAndVerifySignatureStorage(aStreamHelper.xSignatureStorage); aSignatureHelper.EndMission(); diff --git a/xmlsecurity/source/helper/documentsignaturehelper.cxx b/xmlsecurity/source/helper/documentsignaturehelper.cxx index fd916c6..6150492 100644 --- a/xmlsecurity/source/helper/documentsignaturehelper.cxx +++ b/xmlsecurity/source/helper/documentsignaturehelper.cxx @@ -24,6 +24,7 @@ #include <com/sun/star/lang/XComponent.hpp> #include <com/sun/star/lang/DisposedException.hpp> #include <com/sun/star/embed/XStorage.hpp> +#include <com/sun/star/embed/StorageFormats.hpp> #include <com/sun/star/embed/ElementModes.hpp> #include <com/sun/star/beans/XPropertySet.hpp> @@ -330,6 +331,18 @@ SignatureStreamHelper DocumentSignatureHelper::OpenSignatureStream( DBG_ASSERT( nOpenMode == css::embed::ElementModes::READ, "Error creating signature stream..." ); } } + else if(xNameAccess->hasByName("_xmlsignatures")) + { + try + { + aHelper.xSignatureStorage = rxStore->openStorageElement("_xmlsignatures", nSubStorageOpenMode); + aHelper.nStorageFormat = embed::StorageFormats::OFOPXML; + } + catch (const io::IOException& rException) + { + SAL_WARN("xmlsecurity.helper", "DocumentSignatureHelper::OpenSignatureStream: " << rException.Message); + } + } return aHelper; } diff --git a/xmlsecurity/source/helper/xmlsignaturehelper.cxx b/xmlsecurity/source/helper/xmlsignaturehelper.cxx index 2498aff..e2d808c 100644 --- a/xmlsecurity/source/helper/xmlsignaturehelper.cxx +++ b/xmlsecurity/source/helper/xmlsignaturehelper.cxx @@ -301,6 +301,11 @@ bool XMLSignatureHelper::ReadAndVerifySignature( const com::sun::star::uno::Refe return !mbError; } +bool XMLSignatureHelper::ReadAndVerifySignatureStorage(const css::uno::Reference<css::embed::XStorage>& /*xStorage*/) +{ + return true; +} + SignatureInformation XMLSignatureHelper::GetSignatureInformation( sal_Int32 nSecurityId ) const { return mpXSecController->getSignatureInformation( nSecurityId ); _______________________________________________ Libreoffice-commits mailing list [email protected] http://lists.freedesktop.org/mailman/listinfo/libreoffice-commits
