comphelper/source/misc/storagehelper.cxx | 2 - cui/source/options/optgenrl.cxx | 2 - offapi/com/sun/star/security/XDocumentDigitalSignatures.idl | 15 +++++++++--- xmlsecurity/source/component/documentdigitalsignatures.cxx | 7 +++-- 4 files changed, 18 insertions(+), 8 deletions(-)
New commits: commit 8f9f04297602a29726089227a0903ca177c98f43 Author: Moritz Duge <[email protected]> AuthorDate: Thu Aug 8 15:16:25 2024 +0200 Commit: Thorsten Behrens <[email protected]> CommitDate: Tue Aug 13 01:09:01 2024 +0200 tdf#161909: make showing GPG keys only an explicit functionality Before this change, selecting only GPG keys for ODF encrpytion relied on the fact, that all X.509 implementations (nss+mscrypt) implement listing public keys (getAllCertificates) as a stub. See previous change Ia6b8ecb9 Change-Id: Icb36a4cefd60b94407129ff73fe62f9250bfbee5 Reviewed-on: https://gerrit.libreoffice.org/c/core/+/171639 Tested-by: Jenkins Reviewed-by: Thorsten Behrens <[email protected]> diff --git a/comphelper/source/misc/storagehelper.cxx b/comphelper/source/misc/storagehelper.cxx index 29e9512c2e9e..74f056851466 100644 --- a/comphelper/source/misc/storagehelper.cxx +++ b/comphelper/source/misc/storagehelper.cxx @@ -461,7 +461,7 @@ OStorageHelper::CreateGpgPackageEncryptionData(const css::uno::Reference<css::aw // fire up certificate chooser dialog - user can multi-select! const uno::Sequence< uno::Reference< security::XCertificate > > xSignCertificates= - xSigner->chooseEncryptionCertificate(); + xSigner->chooseEncryptionCertificate(css::security::CertificateKind_OPENPGP); if (!xSignCertificates.hasElements()) return uno::Sequence< beans::NamedValue >(); // user cancelled diff --git a/cui/source/options/optgenrl.cxx b/cui/source/options/optgenrl.cxx index c956a9eb1ed8..a9242cc40500 100644 --- a/cui/source/options/optgenrl.cxx +++ b/cui/source/options/optgenrl.cxx @@ -334,7 +334,7 @@ IMPL_LINK(SvxGeneralTabPage, ChooseKeyButtonHdl, weld::Button&, rButton, void) } else if (m_xEncryptionKeyButton.get() == &rButton) { - auto xCerts = xD->chooseEncryptionCertificate(); + auto xCerts = xD->chooseEncryptionCertificate(css::security::CertificateKind_OPENPGP); if(xCerts.hasElements()) xCertificate = xCerts[0]; } diff --git a/offapi/com/sun/star/security/XDocumentDigitalSignatures.idl b/offapi/com/sun/star/security/XDocumentDigitalSignatures.idl index cba242258601..d85be941c8d1 100644 --- a/offapi/com/sun/star/security/XDocumentDigitalSignatures.idl +++ b/offapi/com/sun/star/security/XDocumentDigitalSignatures.idl @@ -161,6 +161,10 @@ interface XDocumentDigitalSignatures : com::sun::star::uno::XInterface /** This shows the certificate selection dialog and allows to only select the certificate without actually signing the document. Only certificates of the given type will be shown. + @param certificateKind + com::sun::star::security::CertificateKind ENUM to choose only from certificates of a certain type. + CertificateKind_NONE lists all types of certificates for choosing. + @since LibreOffice 6.2 */ com::sun::star::security::XCertificate selectSigningCertificateWithType( @@ -168,11 +172,16 @@ interface XDocumentDigitalSignatures : com::sun::star::uno::XInterface [out] string Description); /** This method shows the CertificateChooser dialog with all certificates, private and - other people's. Useful when choosing certificate/key for encryption + other people's. Useful when choosing certificate/key for encryption. - @since LibreOffice 6.0 + @param certificateKind + com::sun::star::security::CertificateKind ENUM to choose only from certificates of a certain type. + CertificateKind_NONE lists all types of certificates for choosing. + + @since LibreOffice 25.2 */ - sequence< com::sun::star::security::XCertificate > chooseEncryptionCertificate( ); + sequence< com::sun::star::security::XCertificate > chooseEncryptionCertificate( + [in] CertificateKind certificateKind); /** This method shows the CertificateChooser dialog, used by document and PDF signing Shows only private certificates and returns usage string in addition to description. diff --git a/xmlsecurity/source/component/documentdigitalsignatures.cxx b/xmlsecurity/source/component/documentdigitalsignatures.cxx index b6ec7eeb3baa..c49b7427f67d 100644 --- a/xmlsecurity/source/component/documentdigitalsignatures.cxx +++ b/xmlsecurity/source/component/documentdigitalsignatures.cxx @@ -179,7 +179,7 @@ public: SAL_CALL selectSigningCertificateWithType(const CertificateKind certificateKind, OUString& rDescription) override; css::uno::Sequence<css::uno::Reference<css::security::XCertificate>> - SAL_CALL chooseEncryptionCertificate() override; + SAL_CALL chooseEncryptionCertificate(const CertificateKind certificateKind) override; css::uno::Reference<css::security::XCertificate> SAL_CALL chooseCertificateWithProps( css::uno::Sequence<::com::sun::star::beans::PropertyValue>& Properties) override; @@ -749,11 +749,12 @@ DocumentDigitalSignatures::selectSigningCertificateWithType(const CertificateKin return xCert; } -css::uno::Sequence< Reference< css::security::XCertificate > > DocumentDigitalSignatures::chooseEncryptionCertificate() +css::uno::Sequence<Reference<css::security::XCertificate>> +DocumentDigitalSignatures::chooseEncryptionCertificate(const CertificateKind certificateKind) { std::map<OUString, OUString> aProperties; uno::Sequence< Reference< css::security::XCertificate > > aCerts= - chooseCertificatesImpl( aProperties, CertificateChooserUserAction::Encrypt ); + chooseCertificatesImpl( aProperties, CertificateChooserUserAction::Encrypt , certificateKind ); if (aCerts.getLength() == 1 && !aCerts[0].is()) // our error case contract is: empty sequence, so map that! return uno::Sequence< Reference< css::security::XCertificate > >();
