desktop/CppunitTest_desktop_lib.mk | 32 ------ desktop/qa/data/certificate.der |binary desktop/qa/desktop_lib/test_desktop_lib.cxx | 43 ++++++++ offapi/UnoApi_offapi.mk | 1 offapi/com/sun/star/xml/crypto/XCertificateCreator.idl | 48 ++++++++++ xmlsecurity/source/helper/xmlsignaturehelper.cxx | 26 +---- xmlsecurity/source/xmlsec/nss/securityenvironment_nssimpl.cxx | 17 ++- 7 files changed, 113 insertions(+), 54 deletions(-)
New commits: commit 728718b0fe7c5697bd7e96b008f6d911d31c7279 Author: Tomaž Vajngerl <tomaz.vajng...@collabora.co.uk> AuthorDate: Thu Oct 18 10:29:45 2018 +0200 Commit: Miklos Vajna <vmik...@collabora.co.uk> CommitDate: Thu Nov 8 14:56:49 2018 +0100 xmlsignaturehelper: fix comments, no change Change-Id: Ibfdf92712264ad37aafed53db0fe8e8c4fea4699 Reviewed-on: https://gerrit.libreoffice.org/61913 Tested-by: Jenkins Reviewed-by: Tomaž Vajngerl <qui...@gmail.com> (cherry picked from commit a113aff7add62da5f2f8ffe0be453af4b1b79866) diff --git a/xmlsecurity/source/helper/xmlsignaturehelper.cxx b/xmlsecurity/source/helper/xmlsignaturehelper.cxx index 33406fe2a829..de2812a6fa21 100644 --- a/xmlsecurity/source/helper/xmlsignaturehelper.cxx +++ b/xmlsecurity/source/helper/xmlsignaturehelper.cxx @@ -244,32 +244,22 @@ bool XMLSignatureHelper::ReadAndVerifySignature( const css::uno::Reference< css: SAL_WARN_IF(!xInputStream.is(), "xmlsecurity.helper", "input stream missing"); - /* - * prepare ParserInputSrouce - */ + // prepare ParserInputSrouce xml::sax::InputSource aParserInput; aParserInput.aInputStream = xInputStream; - /* - * get SAX parser component - */ + // get SAX parser component uno::Reference< xml::sax::XParser > xParser = xml::sax::Parser::create(mxCtx); - /* - * create a signature reader - */ + // create a signature reader uno::Reference< xml::sax::XDocumentHandler > xHandler = mpXSecController->createSignatureReader(*this); - /* - * setup the connection: - * Parser -> SignatureReader - */ + // setup the connection: + // Parser -> SignatureReader xParser->setDocumentHandler( xHandler ); - /* - * parser the stream - */ + // parser the stream try { xParser->parseStream( aParserInput ); @@ -279,9 +269,7 @@ bool XMLSignatureHelper::ReadAndVerifySignature( const css::uno::Reference< css: mbError = true; } - /* - * release the signature reader - */ + // release the signature reader mpXSecController->releaseSignatureReader( ); return !mbError; commit db4b4bdfc9b5dd7c4110668897a5eeb1910fc31a Author: Tomaž Vajngerl <tomaz.vajng...@collabora.co.uk> AuthorDate: Thu Oct 18 10:27:16 2018 +0200 Commit: Miklos Vajna <vmik...@collabora.co.uk> CommitDate: Thu Nov 8 14:56:33 2018 +0100 xmlsecurity: UNO interface to create cert. and private key new XCertificateCreator interface which can be used to create a certificate and a associated private key, both in DER format Change-Id: I24caf053f1f2b7357a836047b88b4ce418470eac Reviewed-on: https://gerrit.libreoffice.org/61912 Tested-by: Jenkins Reviewed-by: Tomaž Vajngerl <qui...@gmail.com> (cherry picked from commit bdde44d5525caf2240a6ea900336ac973121f145) diff --git a/offapi/UnoApi_offapi.mk b/offapi/UnoApi_offapi.mk index 135c8c7be120..d0d00b2204ea 100644 --- a/offapi/UnoApi_offapi.mk +++ b/offapi/UnoApi_offapi.mk @@ -4226,6 +4226,7 @@ $(eval $(call gb_UnoApi_add_idlfiles,offapi,com/sun/star/xml/crypto,\ CipherID \ DigestID \ SecurityOperationStatus \ + XCertificateCreator \ XCipherContext \ XCipherContextSupplier \ XDigestContext \ diff --git a/offapi/com/sun/star/xml/crypto/XCertificateCreator.idl b/offapi/com/sun/star/xml/crypto/XCertificateCreator.idl new file mode 100644 index 000000000000..6d920b37715c --- /dev/null +++ b/offapi/com/sun/star/xml/crypto/XCertificateCreator.idl @@ -0,0 +1,48 @@ +/* -*- Mode: C++; tab-width: 4; indent-tabs-mode: nil; c-basic-offset: 4 -*- */ +/* + * This file is part of the LibreOffice project. + * + * This Source Code Form is subject to the terms of the Mozilla Public + * License, v. 2.0. If a copy of the MPL was not distributed with this + * file, You can obtain one at http://mozilla.org/MPL/2.0/. + * + * This file incorporates work covered by the following license notice: + * + * Licensed to the Apache Software Foundation (ASF) under one or more + * contributor license agreements. See the NOTICE file distributed + * with this work for additional information regarding copyright + * ownership. The ASF licenses this file to you under the Apache + * License, Version 2.0 (the "License"); you may not use this file + * except in compliance with the License. You may obtain a copy of + * the License at http://www.apache.org/licenses/LICENSE-2.0 . + */ + +#ifndef __com_sun_star_xml_crypto_xsecurityenvironment_idl_ +#define __com_sun_star_xml_crypto_xsecurityenvironment_idl_ + +#include <com/sun/star/uno/XInterface.idl> +#include <com/sun/star/uno/Exception.idl> +#include <com/sun/star/security/XCertificate.idl> + +module com { module sun { module star { module xml { module crypto { + +/** + * Interface for creating certificates + * + * @since LibreOffice 6.2 + */ +interface XCertificateCreator : com::sun::star::uno::XInterface +{ + /** + * Create certificate from raw DER encoded certificate and associate the private key with the certificate + */ + com::sun::star::security::XCertificate createDERCertificateWithPrivateKey( + [in] sequence<byte> aDerCertificate, + [in] sequence<byte> aPrivateKey) raises (com::sun::star::uno::SecurityException); +}; + +} ; } ; } ; } ; } ; + +#endif + +/* vim:set shiftwidth=4 softtabstop=4 expandtab: */ commit 0a294a206d0f23a54792df25eb8486d89478b02b Author: Tomaž Vajngerl <tomaz.vajng...@collabora.co.uk> AuthorDate: Mon Oct 15 10:15:32 2018 +0200 Commit: Miklos Vajna <vmik...@collabora.co.uk> CommitDate: Thu Nov 8 14:56:09 2018 +0100 lokit: test for the new signing API functions Reviewed-on: https://gerrit.libreoffice.org/61782 Tested-by: Jenkins Reviewed-by: Tomaž Vajngerl <qui...@gmail.com> (cherry picked from commit d2242cb1b88cc7d7af1990965925d19557b9f347) Conflicts: desktop/CppunitTest_desktop_lib.mk Change-Id: I3ab2f3986955eb82451704fc2386b64f208da554 diff --git a/desktop/CppunitTest_desktop_lib.mk b/desktop/CppunitTest_desktop_lib.mk index 7f7a7c77c88b..9f7c0cef788c 100644 --- a/desktop/CppunitTest_desktop_lib.mk +++ b/desktop/CppunitTest_desktop_lib.mk @@ -29,6 +29,7 @@ $(eval $(call gb_CppunitTest_use_libraries,desktop_lib, \ test \ unotest \ utl \ + tl \ vcl \ )) @@ -48,36 +49,7 @@ $(eval $(call gb_CppunitTest_use_ure,desktop_lib)) $(eval $(call gb_CppunitTest_use_vcl,desktop_lib)) -$(eval $(call gb_CppunitTest_use_components,desktop_lib,\ - comphelper/util/comphelp \ - configmgr/source/configmgr \ - dtrans/util/mcnttype \ - filter/source/config/cache/filterconfig1 \ - filter/source/storagefilterdetect/storagefd \ - framework/util/fwk \ - i18npool/util/i18npool \ - package/source/xstor/xstor \ - package/util/package2 \ - sax/source/expatwrap/expwrap \ - sfx2/util/sfx \ - svl/source/fsstor/fsstorage \ - svtools/util/svt \ - sw/util/sw \ - sw/util/swd \ - sc/util/sc \ - sc/util/scd \ - sd/util/sd \ - sd/util/sdd \ - toolkit/util/tk \ - ucb/source/core/ucb1 \ - ucb/source/ucp/file/ucpfile1 \ - unoxml/source/service/unoxml \ - uui/util/uui \ - xmloff/util/xo \ - i18npool/source/search/i18nsearch \ - filter/source/graphic/graphicfilter \ - linguistic/source/lng \ -)) +$(eval $(call gb_CppunitTest_use_rdb,desktop_lib,services)) $(eval $(call gb_CppunitTest_use_configuration,desktop_lib)) diff --git a/desktop/qa/data/certificate.der b/desktop/qa/data/certificate.der new file mode 100644 index 000000000000..2a750ab281af Binary files /dev/null and b/desktop/qa/data/certificate.der differ diff --git a/desktop/qa/desktop_lib/test_desktop_lib.cxx b/desktop/qa/desktop_lib/test_desktop_lib.cxx index aea7dea4988f..752a14af81ef 100644 --- a/desktop/qa/desktop_lib/test_desktop_lib.cxx +++ b/desktop/qa/desktop_lib/test_desktop_lib.cxx @@ -19,6 +19,8 @@ #include <com/sun/star/text/TextContentAnchorType.hpp> #include <boost/property_tree/json_parser.hpp> +#include <com/sun/star/frame/XStorable.hpp> + #include <vcl/scheduler.hxx> #include <comphelper/processfactory.hxx> #include <rtl/uri.hxx> @@ -116,6 +118,8 @@ public: void testCommentsCallbacksWriter(); void testRunMacro(); void testExtractParameter(); + void testGetSignatureState(); + void testInsertCertificate(); void testABI(); CPPUNIT_TEST_SUITE(DesktopLOKTest); @@ -159,6 +163,8 @@ public: CPPUNIT_TEST(testCommentsCallbacksWriter); CPPUNIT_TEST(testRunMacro); CPPUNIT_TEST(testExtractParameter); + CPPUNIT_TEST(testGetSignatureState); + CPPUNIT_TEST(testInsertCertificate); CPPUNIT_TEST(testABI); CPPUNIT_TEST_SUITE_END(); @@ -2240,6 +2246,43 @@ void DesktopLOKTest::testExtractParameter() comphelper::LibreOfficeKit::setActive(false); } +void DesktopLOKTest::testGetSignatureState() +{ + comphelper::LibreOfficeKit::setActive(); + LibLODocument_Impl* pDocument = loadDoc("blank_text.odt"); + Scheduler::ProcessEventsToIdle(); + pDocument->m_pDocumentClass->initializeForRendering(pDocument, "{}"); + int nState = pDocument->m_pDocumentClass->getSignatureState(pDocument); + CPPUNIT_ASSERT_EQUAL(int(0), nState); + comphelper::LibreOfficeKit::setActive(false); +} + +void DesktopLOKTest::testInsertCertificate() +{ + comphelper::LibreOfficeKit::setActive(); + + LibLODocument_Impl* pDocument = loadDoc("blank_text.odt"); + + Scheduler::ProcessEventsToIdle(); + CPPUNIT_ASSERT(mxComponent.is()); + pDocument->m_pDocumentClass->initializeForRendering(pDocument, "{}"); + + OUString aFileURL; + createFileURL("certificate.der", aFileURL); + + SvFileStream aStream(aFileURL, StreamMode::READ); + sal_uInt64 nSize = aStream.remainingSize(); + + std::vector<unsigned char> aCertificate; + aCertificate.resize(nSize); + aStream.ReadBytes(aCertificate.data(), nSize); + + bool bResult = pDocument->m_pDocumentClass->insertCertificate(pDocument, aCertificate.data(), int(aCertificate.size())); + CPPUNIT_ASSERT(bResult); + + comphelper::LibreOfficeKit::setActive(false); +} + namespace { size_t documentClassOffset(int i) commit 641f71239f1d09272e8dbc93bb20fda88b57112d Author: Tomaž Vajngerl <tomaz.vajng...@collabora.co.uk> AuthorDate: Mon Oct 15 10:14:04 2018 +0200 Commit: Miklos Vajna <vmik...@collabora.co.uk> CommitDate: Thu Nov 8 14:55:18 2018 +0100 xmlsecurity: prevent seg. fault if there is no private key Change-Id: I8c6917c63bbdcf0d9bb2eb1c89745186feb263f8 Reviewed-on: https://gerrit.libreoffice.org/61781 Reviewed-by: Tomaž Vajngerl <qui...@gmail.com> Tested-by: Tomaž Vajngerl <qui...@gmail.com> (cherry picked from commit 2077c5e4e10a8254206945520f084e6216464d6a) diff --git a/xmlsecurity/source/xmlsec/nss/securityenvironment_nssimpl.cxx b/xmlsecurity/source/xmlsec/nss/securityenvironment_nssimpl.cxx index 380ae4d4ee40..3ba0062e86b4 100644 --- a/xmlsecurity/source/xmlsec/nss/securityenvironment_nssimpl.cxx +++ b/xmlsecurity/source/xmlsec/nss/securityenvironment_nssimpl.cxx @@ -945,11 +945,18 @@ xmlSecKeysMngrPtr SecurityEnvironment_NssImpl::createKeysManager() { { if (auto pCERTCertificate = const_cast<CERTCertificate*>(pCertificate->getNssCert())) { - SECKEYPrivateKey* pPrivateKey = PK11_FindPrivateKeyFromCert(pCERTCertificate->slot, pCERTCertificate, nullptr); - xmlSecKeyDataPtr pKeyData = xmlSecNssPKIAdoptKey(pPrivateKey, nullptr); - xmlSecKeyPtr pKey = xmlSecKeyCreate(); - xmlSecKeySetValue(pKey, pKeyData); - xmlSecNssAppDefaultKeysMngrAdoptKey(pKeysMngr, pKey); + if (pCERTCertificate && pCERTCertificate->slot) + { + SECKEYPrivateKey* pPrivateKey = PK11_FindPrivateKeyFromCert(pCERTCertificate->slot, pCERTCertificate, nullptr); + xmlSecKeyDataPtr pKeyData = xmlSecNssPKIAdoptKey(pPrivateKey, nullptr); + xmlSecKeyPtr pKey = xmlSecKeyCreate(); + xmlSecKeySetValue(pKey, pKeyData); + xmlSecNssAppDefaultKeysMngrAdoptKey(pKeysMngr, pKey); + } + else + { + SAL_WARN("xmlsecurity.xmlsec", "Can't get the private key from the certificate."); + } } } _______________________________________________ Libreoffice-commits mailing list libreoffice-comm...@lists.freedesktop.org https://lists.freedesktop.org/mailman/listinfo/libreoffice-commits