xmlsecurity/inc/documentsignaturemanager.hxx | 2 xmlsecurity/source/dialogs/digitalsignaturesdialog.cxx | 21 ---- xmlsecurity/source/helper/documentsignaturemanager.cxx | 78 ++++++++++++----- 3 files changed, 60 insertions(+), 41 deletions(-)
New commits: commit 0dba32368950553e7bd9f1845aada5d89ce760a5 Author: Tomaž Vajngerl <tomaz.vajng...@collabora.co.uk> AuthorDate: Mon Dec 24 15:11:30 2018 +0100 Commit: Thorsten Behrens <thorsten.behr...@cib.de> CommitDate: Thu Oct 24 07:52:31 2019 +0200 Fix signing empty Configurations2/accelerator/current.xml When determining if a file is an XML file for siging, we need to read the manifest file to get an accurate detection. In case when we were signing in the GUI the manifest file was read when the storage was set. When we didn't sign over the GUI, the manifest was never read: the code was only present in the GUI code - "documentsignaturesdialog.cxx" so the detection was wrong and isXML returned "true" for current.xml. With this we move the manifest reading to DigitalSignatureManager, where the manifest is read when needed. Reviewed-on: https://gerrit.libreoffice.org/65600 Tested-by: Jenkins Reviewed-by: Tomaž Vajngerl <qui...@gmail.com> (cherry picked from commit 49fcd3bbb30f93763fc5cb80fa6ac5cec5d00834) Change-Id: If45a32af6410bc5f7c5afdb976b182bd69ab7d6b Reviewed-on: https://gerrit.libreoffice.org/81417 Reviewed-by: Thorsten Behrens <thorsten.behr...@cib.de> Tested-by: Thorsten Behrens <thorsten.behr...@cib.de> diff --git a/xmlsecurity/inc/documentsignaturemanager.hxx b/xmlsecurity/inc/documentsignaturemanager.hxx index f88820f03803..d5f27a4386ac 100644 --- a/xmlsecurity/inc/documentsignaturemanager.hxx +++ b/xmlsecurity/inc/documentsignaturemanager.hxx @@ -62,6 +62,8 @@ public: * differently when they are signed (c14n transformation) */ bool isXML(const OUString& rURI); + bool readManifest(); + SignatureStreamHelper ImplOpenSignatureStream(sal_Int32 nStreamOpenMode, bool bTempStream); /// Add a new signature, using xCert as a signing certificate, and rDescription as description. bool add(const css::uno::Reference<css::security::XCertificate>& xCert, diff --git a/xmlsecurity/source/dialogs/digitalsignaturesdialog.cxx b/xmlsecurity/source/dialogs/digitalsignaturesdialog.cxx index 88caf75eb0e6..60f38b23f00e 100644 --- a/xmlsecurity/source/dialogs/digitalsignaturesdialog.cxx +++ b/xmlsecurity/source/dialogs/digitalsignaturesdialog.cxx @@ -36,7 +36,6 @@ #include <com/sun/star/security/CertificateKind.hpp> #include <com/sun/star/security/XDocumentDigitalSignatures.hpp> #include <com/sun/star/xml/dom/XDocumentBuilder.hpp> -#include <com/sun/star/packages/manifest/ManifestReader.hpp> #include <com/sun/star/system/SystemShellExecute.hpp> #include <com/sun/star/system/SystemShellExecuteFlags.hpp> #include <com/sun/star/system/SystemShellExecuteException.hpp> @@ -242,26 +241,6 @@ void DigitalSignaturesDialog::SetStorage( const css::uno::Reference < css::embed maSignatureManager.mxStore = rxStore; maSignatureManager.maSignatureHelper.SetStorage( maSignatureManager.mxStore, m_sODFVersion); - - Reference < css::packages::manifest::XManifestReader > xReader = - css::packages::manifest::ManifestReader::create(mxCtx); - - uno::Reference<container::XNameAccess> xNameAccess(rxStore, uno::UNO_QUERY); - if (!xNameAccess.is()) - return; - - if (xNameAccess->hasByName("META-INF")) - { - //Get the manifest.xml - Reference < css::embed::XStorage > xSubStore(rxStore->openStorageElement( - "META-INF", css::embed::ElementModes::READ), UNO_QUERY_THROW); - - Reference< css::io::XInputStream > xStream( - xSubStore->openStreamElement("manifest.xml", css::embed::ElementModes::READ), - UNO_QUERY_THROW); - - maSignatureManager.m_manifest = xReader->readManifestSequence(xStream); - } } void DigitalSignaturesDialog::SetSignatureStream( const css::uno::Reference < css::io::XStream >& rxStream ) diff --git a/xmlsecurity/source/helper/documentsignaturemanager.cxx b/xmlsecurity/source/helper/documentsignaturemanager.cxx index c88c18964b22..290b98da65c6 100644 --- a/xmlsecurity/source/helper/documentsignaturemanager.cxx +++ b/xmlsecurity/source/helper/documentsignaturemanager.cxx @@ -29,7 +29,8 @@ #include <com/sun/star/embed/XTransactedObject.hpp> #include <com/sun/star/xml/crypto/SEInitializer.hpp> #include <com/sun/star/lang/XServiceInfo.hpp> -#include <com/sun/star/graphic/XGraphic.hpp> +#include <com/sun/star/beans/PropertyValue.hpp> +#include <com/sun/star/packages/manifest/ManifestReader.hpp> #include <comphelper/base64.hxx> #include <comphelper/storagehelper.hxx> @@ -125,6 +126,40 @@ bool DocumentSignatureManager::IsXAdESRelevant() } #endif +bool DocumentSignatureManager::readManifest() +{ + // Check if manifest was already read + if (m_manifest.getLength() > 0) + return true; + + if (!mxContext.is()) + return false; + + if (!mxStore.is()) + return false; + + uno::Reference<packages::manifest::XManifestReader> xReader + = packages::manifest::ManifestReader::create(mxContext); + + uno::Reference<container::XNameAccess> xNameAccess(mxStore, uno::UNO_QUERY); + if (!xNameAccess.is()) + return false; + + if (xNameAccess->hasByName("META-INF")) + { + //Get the manifest.xml + uno::Reference<embed::XStorage> xSubStore( + mxStore->openStorageElement("META-INF", embed::ElementModes::READ), UNO_QUERY_THROW); + + uno::Reference<io::XInputStream> xStream( + xSubStore->openStreamElement("manifest.xml", css::embed::ElementModes::READ), + UNO_QUERY_THROW); + + m_manifest = xReader->readManifestSequence(xStream); + } + return true; +} + /* Using the zip storage, we cannot get the properties "MediaType" and "IsEncrypted" We use the manifest to find out if a file is xml and if it is encrypted. The parameter is an encoded uri. However, the manifest contains paths. Therefore @@ -140,27 +175,30 @@ bool DocumentSignatureManager::isXML(const OUString& rURI) const OUString sPropMediaType("MediaType"); const OUString sPropDigest("Digest"); - for (int i = 0; i < m_manifest.getLength(); i++) + if (readManifest()) { - const uno::Sequence<beans::PropertyValue>& entry = m_manifest[i]; - OUString sPath, sMediaType; - bool bEncrypted = false; - for (int j = 0; j < entry.getLength(); j++) + for (int i = 0; i < m_manifest.getLength(); i++) { - const beans::PropertyValue& prop = entry[j]; - - if (prop.Name == sPropFullPath) - prop.Value >>= sPath; - else if (prop.Name == sPropMediaType) - prop.Value >>= sMediaType; - else if (prop.Name == sPropDigest) - bEncrypted = true; - } - if (DocumentSignatureHelper::equalsReferenceUriManifestPath(rURI, sPath)) - { - bIsXML = sMediaType == "text/xml" && !bEncrypted; - bPropsAvailable = true; - break; + const uno::Sequence<beans::PropertyValue>& entry = m_manifest[i]; + OUString sPath, sMediaType; + bool bEncrypted = false; + for (int j = 0; j < entry.getLength(); j++) + { + const beans::PropertyValue& prop = entry[j]; + + if (prop.Name == sPropFullPath) + prop.Value >>= sPath; + else if (prop.Name == sPropMediaType) + prop.Value >>= sMediaType; + else if (prop.Name == sPropDigest) + bEncrypted = true; + } + if (DocumentSignatureHelper::equalsReferenceUriManifestPath(rURI, sPath)) + { + bIsXML = sMediaType == "text/xml" && !bEncrypted; + bPropsAvailable = true; + break; + } } } if (!bPropsAvailable) _______________________________________________ Libreoffice-commits mailing list libreoffice-comm...@lists.freedesktop.org https://lists.freedesktop.org/mailman/listinfo/libreoffice-commits