RepositoryExternal.mk | 2 external/nss/ExternalProject_nss.mk | 8 external/nss/nsinstall.py | 12 xmlsecurity/qa/unit/signing/data/02_doc_macros_signed_by_attacker_manipulated.odt |binary xmlsecurity/qa/unit/signing/data/02_doc_signed_by_attacker_manipulated.odt |binary xmlsecurity/qa/unit/signing/data/02_doc_signed_by_attacker_manipulated2.odt |binary xmlsecurity/qa/unit/signing/data/02_doc_signed_by_attacker_manipulated_triple.odt |binary xmlsecurity/qa/unit/signing/data/02_doc_signed_by_trusted_person_manipulated.odt |binary xmlsecurity/qa/unit/signing/data/signed_with_x509certificate_chain.odt |binary xmlsecurity/qa/unit/signing/signing.cxx | 122 ++++++++++ 10 files changed, 135 insertions(+), 9 deletions(-)
New commits: commit 549b0e970f38f41d0c82f7f9e1e32d1b3924ce38 Author: Michael Stahl <[email protected]> AuthorDate: Fri Feb 26 17:29:37 2021 +0100 Commit: Andras Timar <[email protected]> CommitDate: Sun Nov 7 19:00:59 2021 +0100 xmlsecurity: add tests for multiple X509Data/X509Certificate Change-Id: If50ae8156f81c1053aa8fbfc3148da64bb8e1442 Reviewed-on: https://gerrit.libreoffice.org/c/core/+/123438 Tested-by: Michael Stahl <[email protected]> Reviewed-by: Michael Stahl <[email protected]> diff --git a/xmlsecurity/qa/unit/signing/data/02_doc_macros_signed_by_attacker_manipulated.odt b/xmlsecurity/qa/unit/signing/data/02_doc_macros_signed_by_attacker_manipulated.odt new file mode 100644 index 000000000000..d63e4b6b7b72 Binary files /dev/null and b/xmlsecurity/qa/unit/signing/data/02_doc_macros_signed_by_attacker_manipulated.odt differ diff --git a/xmlsecurity/qa/unit/signing/data/02_doc_signed_by_attacker_manipulated.odt b/xmlsecurity/qa/unit/signing/data/02_doc_signed_by_attacker_manipulated.odt new file mode 100644 index 000000000000..0190abb00f23 Binary files /dev/null and b/xmlsecurity/qa/unit/signing/data/02_doc_signed_by_attacker_manipulated.odt differ diff --git a/xmlsecurity/qa/unit/signing/data/02_doc_signed_by_attacker_manipulated2.odt b/xmlsecurity/qa/unit/signing/data/02_doc_signed_by_attacker_manipulated2.odt new file mode 100644 index 000000000000..f4b4198f94a6 Binary files /dev/null and b/xmlsecurity/qa/unit/signing/data/02_doc_signed_by_attacker_manipulated2.odt differ diff --git a/xmlsecurity/qa/unit/signing/data/02_doc_signed_by_attacker_manipulated_triple.odt b/xmlsecurity/qa/unit/signing/data/02_doc_signed_by_attacker_manipulated_triple.odt new file mode 100644 index 000000000000..558bdee47e59 Binary files /dev/null and b/xmlsecurity/qa/unit/signing/data/02_doc_signed_by_attacker_manipulated_triple.odt differ diff --git a/xmlsecurity/qa/unit/signing/data/signed_with_x509certificate_chain.odt b/xmlsecurity/qa/unit/signing/data/signed_with_x509certificate_chain.odt new file mode 100644 index 000000000000..5e519dd8b7e7 Binary files /dev/null and b/xmlsecurity/qa/unit/signing/data/signed_with_x509certificate_chain.odt differ diff --git a/xmlsecurity/qa/unit/signing/signing.cxx b/xmlsecurity/qa/unit/signing/signing.cxx index eb4eb969600e..0f9b52a45367 100644 --- a/xmlsecurity/qa/unit/signing/signing.cxx +++ b/xmlsecurity/qa/unit/signing/signing.cxx @@ -24,6 +24,7 @@ #include <com/sun/star/embed/XTransactedObject.hpp> #include <com/sun/star/frame/Desktop.hpp> #include <com/sun/star/frame/XStorable.hpp> +#include <com/sun/star/security/CertificateValidity.hpp> #include <com/sun/star/security/DocumentDigitalSignatures.hpp> #include <com/sun/star/security/XDocumentDigitalSignatures.hpp> #include <com/sun/star/xml/crypto/SEInitializer.hpp> @@ -540,6 +541,105 @@ CPPUNIT_TEST_FIXTURE(SigningTest, testODFUnsignedTimestamp) CPPUNIT_ASSERT_EQUAL(sal_Int32(18183742), infos[0].SignatureTime); } +CPPUNIT_TEST_FIXTURE(SigningTest, testODFX509CertificateChain) +{ + createDoc(m_directories.getURLFromSrc(DATA_DIRECTORY) + + "signed_with_x509certificate_chain.odt"); + SfxBaseModel* pBaseModel = dynamic_cast<SfxBaseModel*>(mxComponent.get()); + CPPUNIT_ASSERT(pBaseModel); + SfxObjectShell* pObjectShell = pBaseModel->GetObjectShell(); + CPPUNIT_ASSERT(pObjectShell); + SignatureState nActual = pObjectShell->GetDocumentSignatureState(); + CPPUNIT_ASSERT_MESSAGE( + (OString::number(o3tl::underlyingEnumValue(nActual)).getStr()), + (nActual == SignatureState::NOTVALIDATED || nActual == SignatureState::OK)); + uno::Sequence<security::DocumentSignatureInformation> const infos( + pObjectShell->GetDocumentSignatureInformation(false)); + CPPUNIT_ASSERT_EQUAL(sal_Int32(1), infos.getLength()); + // check that the signing certificate was picked, not one of the 2 CA ones + CPPUNIT_ASSERT_EQUAL(security::CertificateValidity::VALID, infos[0].CertificateStatus); + CPPUNIT_ASSERT(infos[0].Signer.is()); + CPPUNIT_ASSERT_EQUAL( + OUString("CN=Xmlsecurity RSA Test example Alice,O=Xmlsecurity RSA Test,ST=England,C=UK"), + infos[0].Signer->getSubjectName()); +} + +CPPUNIT_TEST_FIXTURE(SigningTest, testODFDoubleX509Data) +{ + createDoc(m_directories.getURLFromSrc(DATA_DIRECTORY) + + "02_doc_signed_by_attacker_manipulated.odt"); + SfxBaseModel* pBaseModel = dynamic_cast<SfxBaseModel*>(mxComponent.get()); + CPPUNIT_ASSERT(pBaseModel); + SfxObjectShell* pObjectShell = pBaseModel->GetObjectShell(); + CPPUNIT_ASSERT(pObjectShell); + SignatureState nActual = pObjectShell->GetDocumentSignatureState(); + CPPUNIT_ASSERT_MESSAGE( + (OString::number(o3tl::underlyingEnumValue(nActual)).getStr()), + (nActual == SignatureState::NOTVALIDATED || nActual == SignatureState::OK)); + uno::Sequence<security::DocumentSignatureInformation> const infos( + pObjectShell->GetDocumentSignatureInformation(false)); + CPPUNIT_ASSERT_EQUAL(sal_Int32(1), infos.getLength()); + CPPUNIT_ASSERT_EQUAL(security::CertificateValidity::INVALID, infos[0].CertificateStatus); + CPPUNIT_ASSERT(!infos[0].Signer.is()); +} + +CPPUNIT_TEST_FIXTURE(SigningTest, testODFTripleX509Data) +{ + createDoc(m_directories.getURLFromSrc(DATA_DIRECTORY) + + "02_doc_signed_by_attacker_manipulated_triple.odt"); + SfxBaseModel* pBaseModel = dynamic_cast<SfxBaseModel*>(mxComponent.get()); + CPPUNIT_ASSERT(pBaseModel); + SfxObjectShell* pObjectShell = pBaseModel->GetObjectShell(); + CPPUNIT_ASSERT(pObjectShell); + SignatureState nActual = pObjectShell->GetDocumentSignatureState(); + // here, libxmlsec will pick the 1st X509Data but signing key is the 2nd + CPPUNIT_ASSERT_EQUAL_MESSAGE((OString::number(o3tl::underlyingEnumValue(nActual)).getStr()), + SignatureState::BROKEN, nActual); + uno::Sequence<security::DocumentSignatureInformation> const infos( + pObjectShell->GetDocumentSignatureInformation(false)); + CPPUNIT_ASSERT_EQUAL(sal_Int32(1), infos.getLength()); + CPPUNIT_ASSERT_EQUAL(security::CertificateValidity::INVALID, infos[0].CertificateStatus); + CPPUNIT_ASSERT(!infos[0].Signer.is()); +} + +CPPUNIT_TEST_FIXTURE(SigningTest, testODFMacroDoubleX509Data) +{ + createDoc(m_directories.getURLFromSrc(DATA_DIRECTORY) + + "02_doc_macros_signed_by_attacker_manipulated.odt"); + SfxBaseModel* pBaseModel = dynamic_cast<SfxBaseModel*>(mxComponent.get()); + CPPUNIT_ASSERT(pBaseModel); + SfxObjectShell* pObjectShell = pBaseModel->GetObjectShell(); + CPPUNIT_ASSERT(pObjectShell); + SignatureState nActual = pObjectShell->GetScriptingSignatureState(); + CPPUNIT_ASSERT_MESSAGE( + (OString::number(o3tl::underlyingEnumValue(nActual)).getStr()), + (nActual == SignatureState::NOTVALIDATED || nActual == SignatureState::OK)); + uno::Sequence<security::DocumentSignatureInformation> const infos( + pObjectShell->GetDocumentSignatureInformation(true)); + CPPUNIT_ASSERT_EQUAL(sal_Int32(1), infos.getLength()); + CPPUNIT_ASSERT_EQUAL(security::CertificateValidity::INVALID, infos[0].CertificateStatus); + CPPUNIT_ASSERT(!infos[0].Signer.is()); +} + +CPPUNIT_TEST_FIXTURE(SigningTest, testODFDoubleX509Certificate) +{ + createDoc(m_directories.getURLFromSrc(DATA_DIRECTORY) + + "02_doc_signed_by_attacker_manipulated2.odt"); + SfxBaseModel* pBaseModel = dynamic_cast<SfxBaseModel*>(mxComponent.get()); + CPPUNIT_ASSERT(pBaseModel); + SfxObjectShell* pObjectShell = pBaseModel->GetObjectShell(); + CPPUNIT_ASSERT(pObjectShell); + SignatureState nActual = pObjectShell->GetDocumentSignatureState(); + CPPUNIT_ASSERT_MESSAGE( + (OString::number(o3tl::underlyingEnumValue(nActual)).getStr()), + (nActual == SignatureState::NOTVALIDATED || nActual == SignatureState::OK)); + uno::Sequence<security::DocumentSignatureInformation> const infos( + pObjectShell->GetDocumentSignatureInformation(false)); + CPPUNIT_ASSERT_EQUAL(sal_Int32(1), infos.getLength()); + CPPUNIT_ASSERT_EQUAL(security::CertificateValidity::INVALID, infos[0].CertificateStatus); + CPPUNIT_ASSERT(!infos[0].Signer.is()); +} + /// Test a typical OOXML where a number of (but not all) streams are signed. CPPUNIT_TEST_FIXTURE(SigningTest, testOOXMLPartial) { commit e1b3e8f63774db6f7dfe1db3098a4dc0ea059eb3 Author: Michael Stahl <[email protected]> AuthorDate: Fri Feb 26 17:24:10 2021 +0100 Commit: Andras Timar <[email protected]> CommitDate: Sun Nov 7 19:00:20 2021 +0100 xmlsecurity: add test for timestamps Change-Id: I6ce64ca7c59639684779144ed0ed8d36c4aca32b Reviewed-on: https://gerrit.libreoffice.org/c/core/+/123437 Tested-by: Michael Stahl <[email protected]> Reviewed-by: Michael Stahl <[email protected]> diff --git a/xmlsecurity/qa/unit/signing/data/02_doc_signed_by_trusted_person_manipulated.odt b/xmlsecurity/qa/unit/signing/data/02_doc_signed_by_trusted_person_manipulated.odt new file mode 100644 index 000000000000..4136b32e5610 Binary files /dev/null and b/xmlsecurity/qa/unit/signing/data/02_doc_signed_by_trusted_person_manipulated.odt differ diff --git a/xmlsecurity/qa/unit/signing/signing.cxx b/xmlsecurity/qa/unit/signing/signing.cxx index d25b87fdd7f3..eb4eb969600e 100644 --- a/xmlsecurity/qa/unit/signing/signing.cxx +++ b/xmlsecurity/qa/unit/signing/signing.cxx @@ -518,6 +518,28 @@ CPPUNIT_TEST_FIXTURE(SigningTest, testODFNo) static_cast<int>(pObjectShell->GetDocumentSignatureState())); } +// document has one signed timestamp and one unsigned timestamp +CPPUNIT_TEST_FIXTURE(SigningTest, testODFUnsignedTimestamp) +{ + createDoc(m_directories.getURLFromSrc(DATA_DIRECTORY) + + "02_doc_signed_by_trusted_person_manipulated.odt"); + SfxBaseModel* pBaseModel = dynamic_cast<SfxBaseModel*>(mxComponent.get()); + CPPUNIT_ASSERT(pBaseModel); + SfxObjectShell* pObjectShell = pBaseModel->GetObjectShell(); + CPPUNIT_ASSERT(pObjectShell); + SignatureState nActual = pObjectShell->GetDocumentSignatureState(); + CPPUNIT_ASSERT_MESSAGE( + (OString::number(o3tl::underlyingEnumValue(nActual)).getStr()), + (nActual == SignatureState::NOTVALIDATED || nActual == SignatureState::OK)); + uno::Sequence<security::DocumentSignatureInformation> const infos( + pObjectShell->GetDocumentSignatureInformation(false)); + CPPUNIT_ASSERT_EQUAL(sal_Int32(1), infos.getLength()); + // was: 66666666 + CPPUNIT_ASSERT_EQUAL(sal_Int32(20210126), infos[0].SignatureDate); + // was: 0 + CPPUNIT_ASSERT_EQUAL(sal_Int32(18183742), infos[0].SignatureTime); +} + /// Test a typical OOXML where a number of (but not all) streams are signed. CPPUNIT_TEST_FIXTURE(SigningTest, testOOXMLPartial) { commit c1b0268a46a477370469080f6d6ed2a1612c0ec4 Author: Michael Stahl <[email protected]> AuthorDate: Tue Jan 19 11:28:41 2021 +0100 Commit: Andras Timar <[email protected]> CommitDate: Sun Nov 7 18:59:51 2021 +0100 nss: fix parallel build race in nsinstall.py File "/home/tdf/lode/jenkins/workspace/android_aarch64/external/nss/nsinstall.py", line 112, in nsinstall os.makedirs(args[0]) File "/opt/rh/rh-python38/root/usr/lib64/python3.8/os.py", line 223, in makedirs mkdir(name, mode) FileExistsError: [Errno 17] File exists: '../../../../dist/public/dbm' ../../../coreconf/rules.mk:119: recipe for target '../../../../dist/public/dbm/d' failed Change-Id: I4273e6d3d5fa520353fff8738823ef281fe237ed Reviewed-on: https://gerrit.libreoffice.org/c/core/+/109619 Tested-by: Jenkins Reviewed-by: Michael Stahl <[email protected]> (cherry picked from commit 6f5186a94dcd1989cdd819e35163af0542912559) Reviewed-on: https://gerrit.libreoffice.org/c/core/+/109587 Reviewed-by: Thorsten Behrens <[email protected]> (cherry picked from commit 01fffa977e28b2a671f195daa3a1aaa4cbe3b258) Reviewed-on: https://gerrit.libreoffice.org/c/core/+/109765 Tested-by: Michael Stahl <[email protected]> diff --git a/external/nss/ExternalProject_nss.mk b/external/nss/ExternalProject_nss.mk index 5150a27b6a62..49726ff224d4 100644 --- a/external/nss/ExternalProject_nss.mk +++ b/external/nss/ExternalProject_nss.mk @@ -16,7 +16,9 @@ $(eval $(call gb_ExternalProject_register_targets,nss,\ )) ifeq ($(OS),WNT) -$(call gb_ExternalProject_get_state_target,nss,build): $(call gb_ExternalExecutable_get_dependencies,python) +$(call gb_ExternalProject_get_state_target,nss,build): \ + $(call gb_ExternalExecutable_get_dependencies,python) \ + $(SRCDIR)/external/nss/nsinstall.py $(call gb_ExternalProject_run,build,\ $(if $(MSVC_USE_DEBUG_RUNTIME),USE_DEBUG_RTL=1,BUILD_OPT=1) \ $(if $(gb_Module_CURRENTMODULE_SYMBOLS_ENABLED), \ @@ -35,7 +37,9 @@ $(call gb_ExternalProject_get_state_target,nss,build): $(call gb_ExternalExecuta else # OS!=WNT # make sure to specify NSPR_CONFIGURE_OPTS as env (before make command), so nss can append it's own defaults # OTOH specify e.g. CC and NSINSTALL as arguments (after make command), so they will overrule nss makefile values -$(call gb_ExternalProject_get_state_target,nss,build): $(call gb_ExternalExecutable_get_dependencies,python) +$(call gb_ExternalProject_get_state_target,nss,build): \ + $(call gb_ExternalExecutable_get_dependencies,python) \ + $(SRCDIR)/external/nss/nsinstall.py $(call gb_ExternalProject_run,build,\ $(if $(filter ANDROID FREEBSD LINUX MACOSX,$(OS)),$(if $(filter X86_64,$(CPUNAME)),USE_64=1)) \ $(if $(filter ANDROID,$(OS)),$(if $(filter AARCH64,$(CPUNAME)),USE_64=1)) \ diff --git a/external/nss/nsinstall.py b/external/nss/nsinstall.py index 80e9c1679373..d90a85e6c540 100644 --- a/external/nss/nsinstall.py +++ b/external/nss/nsinstall.py @@ -99,17 +99,17 @@ def nsinstall(argv): if options.D: if len(args) != 1: return 1 - if os.path.exists(args[0]): + try: + if options.m: + os.makedirs(args[0], options.m) + else: + os.makedirs(args[0]) + except FileExistsError: if not os.path.isdir(args[0]): sys.stderr.write('nsinstall: ' + args[0] + ' is not a directory\n') sys.exit(1) if options.m: os.chmod(args[0], options.m) - sys.exit() - if options.m: - os.makedirs(args[0], options.m) - else: - os.makedirs(args[0]) return 0 # nsinstall arg1 [...] directory commit d93dc2ad645cece666c01eb1fb8279c92313f95c Author: Stephan Bergmann <[email protected]> AuthorDate: Thu Jan 7 10:15:51 2021 +0100 Commit: Andras Timar <[email protected]> CommitDate: Sun Nov 7 18:59:02 2021 +0100 openssl_headers depends on generated opensslconf.h ...at workdir/UnpackedTarball/openssl/include/openssl/opensslconf.h, as can be seen with failed builds like <https://ci.libreoffice.org//job/lo_tb_master_mac/35209>: [...] > [build PAT] openssl > [build C ] UnpackedTarball/mariadb-connector-c/plugins/auth/caching_sha2_pw.c > [build C ] UnpackedTarball/mariadb-connector-c/libmariadb/secure/openssl_crypt.c > [build DEP] LNK:Library/libclucene.dylib > [build LNK] Library/libclucene.dylib > In file included from /Users/tdf/lode/jenkins/workspace/lo_tb_master_mac/workdir/UnpackedTarball/mariadb-connector-c/libmariadb/secure/openssl_crypt.c:21: > /Users/tdf/lode/jenkins/workspace/lo_tb_master_mac/workdir/UnpackedTarball/openssl/include/openssl/evp.h:13:11: fatal error: 'openssl/opensslconf.h' file not found > # include <openssl/opensslconf.h> > ^~~~~~~~~~~~~~~~~~~~~~~ > 1 error generated. Change-Id: Ied1dcdd0afb6099e9218671c6a06c0edaafc931e Reviewed-on: https://gerrit.libreoffice.org/c/core/+/108928 Tested-by: Jenkins Reviewed-by: Stephan Bergmann <[email protected]> (cherry picked from commit 0f7008e91f45cf8e3cee6f372ce012b38a795e26) Reviewed-on: https://gerrit.libreoffice.org/c/core/+/108911 Reviewed-by: Michael Stahl <[email protected]> (cherry picked from commit 74b6e9d45a7f97c8723f638a784017be99f3a8c2) Reviewed-on: https://gerrit.libreoffice.org/c/core/+/109339 Tested-by: Michael Stahl <[email protected]> diff --git a/RepositoryExternal.mk b/RepositoryExternal.mk index 96f0106f0293..bed2cf19725f 100644 --- a/RepositoryExternal.mk +++ b/RepositoryExternal.mk @@ -1578,7 +1578,7 @@ $(call gb_ExternalProject_use_package,$(1),openssl) endef define gb_LinkTarget__use_openssl_headers -$(call gb_LinkTarget_use_external_project,$(1),openssl) +$(call gb_LinkTarget_use_external_project,$(1),openssl,full) $(call gb_LinkTarget_set_include,$(1),\ -I$(call gb_UnpackedTarball_get_dir,openssl)/include \ $$(INCLUDE) \
