subject:"\[Libreoffice\-commits\] core.git\: xmlsecurity\/inc xmlsecurity\/qa xmlsecurity\/source"

[Libreoffice-commits] core.git: xmlsecurity/inc xmlsecurity/qa xmlsecurity/source

2022-09-29 Thread Noel Grandin (via logerrit)

 xmlsecurity/inc/documentsignaturehelper.hxx   |6 +--
 xmlsecurity/inc/xmlsignaturehelper.hxx|2 -
 xmlsecurity/qa/unit/signing/signing.cxx   |   22 +--
 xmlsecurity/source/helper/documentsignaturehelper.cxx |   26 +++---
 xmlsecurity/source/helper/xmlsignaturehelper.cxx  |2 -
 xmlsecurity/source/xmlsec/nss/x509certificate_nssimpl.cxx |   12 +++---
 6 files changed, 35 insertions(+), 35 deletions(-)

New commits:
commit a08468c1a5255d3fb04cd8a0dc627acdea40426a
Author: Noel Grandin 
AuthorDate: Wed Sep 28 16:12:18 2022 +0200
Commit: Noel Grandin 
CommitDate: Thu Sep 29 09:10:50 2022 +0200

use more string_view in xmlsecurity

Change-Id: I245961d0116a7a72f8506cfc0b009990e35c6796
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/140710
Tested-by: Jenkins
Reviewed-by: Noel Grandin 

diff --git a/xmlsecurity/inc/documentsignaturehelper.hxx 
b/xmlsecurity/inc/documentsignaturehelper.hxx
index b18ccf103e20..eb50b3761423 100644
--- a/xmlsecurity/inc/documentsignaturehelper.hxx
+++ b/xmlsecurity/inc/documentsignaturehelper.hxx
@@ -70,14 +70,14 @@ namespace DocumentSignatureHelper
 DocumentSignatureMode eMode,
 const DocumentSignatureAlgorithm mode);
 
-bool isODFPre_1_2(const OUString & sODFVersion);
+bool isODFPre_1_2(std::u16string_view sODFVersion);
 bool isOOo3_2_Signature(const SignatureInformation & sigInfo);
 
 DocumentSignatureAlgorithm getDocumentAlgorithm(
-const OUString & sODFVersion, const SignatureInformation & sigInfo);
+std::u16string_view sODFVersion, const SignatureInformation & sigInfo);
 
 bool CanSignWithGPG(const css::uno::Reference < css::embed::XStorage >& 
rxStore,
-const OUString& sOdfVersion);
+std::u16string_view sOdfVersion);
 
 bool checkIfAllFilesAreSigned( const ::std::vector< OUString > & 
sElementList,
 const SignatureInformation & sigInfo, const DocumentSignatureAlgorithm 
alg);
diff --git a/xmlsecurity/inc/xmlsignaturehelper.hxx 
b/xmlsecurity/inc/xmlsignaturehelper.hxx
index de7de9908205..d6e2b90eebac 100644
--- a/xmlsecurity/inc/xmlsignaturehelper.hxx
+++ b/xmlsecurity/inc/xmlsignaturehelper.hxx
@@ -83,7 +83,7 @@ public:
 // Set the storage which should be used by the default UriBinding
 // Must be set before StartMission().
 //sODFVersion indicates  the ODF version
-voidSetStorage( const css::uno::Reference < css::embed::XStorage 
>& rxStorage, const OUString& sODFVersion );
+voidSetStorage( const css::uno::Reference < css::embed::XStorage 
>& rxStorage, std::u16string_view sODFVersion );
 
 // Argument for the Link is a uno::Reference< 
xml::sax::XAttributeList >*
 // Return 1 to verify, 0 to skip.
diff --git a/xmlsecurity/qa/unit/signing/signing.cxx 
b/xmlsecurity/qa/unit/signing/signing.cxx
index 48fc42091e02..19dc3821288d 100644
--- a/xmlsecurity/qa/unit/signing/signing.cxx
+++ b/xmlsecurity/qa/unit/signing/signing.cxx
@@ -185,7 +185,7 @@ CPPUNIT_TEST_FIXTURE(SigningTest, testDescription)
 ZIP_STORAGE_FORMAT_STRING, aTempFile.GetURL(), 
embed::ElementModes::READWRITE);
 CPPUNIT_ASSERT(xStorage.is());
 aManager.setStore(xStorage);
-aManager.getSignatureHelper().SetStorage(xStorage, "1.2");
+aManager.getSignatureHelper().SetStorage(xStorage, u"1.2");
 
 // Then add a signature document.
 uno::Reference xCertificate
@@ -222,7 +222,7 @@ CPPUNIT_TEST_FIXTURE(SigningTest, testECDSA)
 ZIP_STORAGE_FORMAT_STRING, aTempFile.GetURL(), 
embed::ElementModes::READWRITE);
 CPPUNIT_ASSERT(xStorage.is());
 aManager.setStore(xStorage);
-aManager.getSignatureHelper().SetStorage(xStorage, "1.2");
+aManager.getSignatureHelper().SetStorage(xStorage, u"1.2");
 
 // Then add a signature.
 uno::Reference xCertificate
@@ -261,7 +261,7 @@ CPPUNIT_TEST_FIXTURE(SigningTest, testECDSAOOXML)
 ZIP_STORAGE_FORMAT_STRING, aTempFile.GetURL(), 
embed::ElementModes::READWRITE);
 CPPUNIT_ASSERT(xStorage.is());
 aManager.setStore(xStorage);
-aManager.getSignatureHelper().SetStorage(xStorage, "1.2");
+aManager.getSignatureHelper().SetStorage(xStorage, u"1.2");
 
 // Then add a document signature.
 uno::Reference xCertificate
@@ -347,7 +347,7 @@ CPPUNIT_TEST_FIXTURE(SigningTest, testOOXMLDescription)
 ZIP_STORAGE_FORMAT_STRING, aTempFile.GetURL(), 
embed::ElementModes::READWRITE);
 CPPUNIT_ASSERT(xStorage.is());
 aManager.setStore(xStorage);
-aManager.getSignatureHelper().SetStorage(xStorage, "1.2");
+aManager.getSignatureHelper().SetStorage(xStorage, u"1.2");
 
 // Then add a document signature.
 uno::Reference xCertificate
@@ -383,7 +383,7 @@ CPPUNIT_TEST_FIXTURE(SigningTest, testOOXMLAppend)

[Libreoffice-commits] core.git: xmlsecurity/inc xmlsecurity/qa xmlsecurity/source

2019-05-15 Thread Miklos Vajna (via logerrit)

 xmlsecurity/inc/documentsignaturemanager.hxx   |   17 +++-
 xmlsecurity/qa/unit/pdfsigning/pdfsigning.cxx  |   14 +--
 xmlsecurity/qa/unit/signing/signing.cxx|   54 ++---
 xmlsecurity/source/component/documentdigitalsignatures.cxx |   16 +--
 xmlsecurity/source/dialogs/digitalsignaturesdialog.cxx |   54 ++---
 5 files changed, 85 insertions(+), 70 deletions(-)

New commits:
commit 7661e356c42e30bf4e2c2842c663f1c3a5ffebc2
Author: Miklos Vajna 
AuthorDate: Tue May 14 22:53:34 2019 +0200
Commit: Miklos Vajna 
CommitDate: Wed May 15 09:04:41 2019 +0200

xmlsecurity: make DocumentSignatureManager members private

Change-Id: I1262ca0dc2b2f843bdd6277415ee7967e9e59458
Reviewed-on: https://gerrit.libreoffice.org/72320
Tested-by: Jenkins
Reviewed-by: Miklos Vajna 

diff --git a/xmlsecurity/inc/documentsignaturemanager.hxx 
b/xmlsecurity/inc/documentsignaturemanager.hxx
index 71c1475687a3..2bbc5043f65b 100644
--- a/xmlsecurity/inc/documentsignaturemanager.hxx
+++ b/xmlsecurity/inc/documentsignaturemanager.hxx
@@ -60,7 +60,7 @@ class PDFSignatureHelper;
 /// Manages signatures (addition, removal), used by DigitalSignaturesDialog.
 class XMLSECURITY_DLLPUBLIC DocumentSignatureManager
 {
-public:
+private:
 css::uno::Reference mxContext;
 css::uno::Reference mxStore;
 XMLSignatureHelper maSignatureHelper;
@@ -77,9 +77,11 @@ public:
 css::uno::Reference mxGpgSEInitializer;
 css::uno::Reference 
mxGpgSecurityContext;
 
+public:
 DocumentSignatureManager(const 
css::uno::Reference& xContext,
  DocumentSignatureMode eMode);
 ~DocumentSignatureManager();
+
 /**
  * Checks if a particular stream is a valid xml stream. Those are treated
  * differently when they are signed (c14n transformation)
@@ -116,6 +118,19 @@ public:
 css::uno::Reference 
getGpgSecurityEnvironment();
 css::uno::Reference const& 
getSecurityContext();
 css::uno::Reference const& 
getGpgSecurityContext();
+void setStore(const css::uno::Reference& xStore) { 
mxStore = xStore; }
+XMLSignatureHelper& getSignatureHelper() { return maSignatureHelper; }
+bool hasPDFSignatureHelper() { return mpPDFSignatureHelper.get(); }
+void setSignatureStream(const css::uno::Reference& 
xSignatureStream)
+{
+mxSignatureStream = xSignatureStream;
+}
+css::uno::Reference getStore() { return mxStore; }
+DocumentSignatureMode getSignatureMode() const { return meSignatureMode; }
+SignatureInformations& getCurrentSignatureInformations()
+{
+return maCurrentSignatureInformations;
+}
 };
 
 #endif // INCLUDED_XMLSECURITY_INC_DOCUMENTSIGNATUREMANAGER_HXX
diff --git a/xmlsecurity/qa/unit/pdfsigning/pdfsigning.cxx 
b/xmlsecurity/qa/unit/pdfsigning/pdfsigning.cxx
index d04f8a675669..97e0b7d28f97 100644
--- a/xmlsecurity/qa/unit/pdfsigning/pdfsigning.cxx
+++ b/xmlsecurity/qa/unit/pdfsigning/pdfsigning.cxx
@@ -285,9 +285,9 @@ CPPUNIT_TEST_FIXTURE(PDFSigningTest, testPDFRemoveAll)
 std::unique_ptr pStream
 = utl::UcbStreamHelper::CreateStream(aOutURL, StreamMode::READ | 
StreamMode::WRITE);
 uno::Reference xStream(new 
utl::OStreamWrapper(std::move(pStream)));
-aManager.mxSignatureStream = xStream;
+aManager.setSignatureStream(xStream);
 aManager.read(/*bUseTempStream=*/false);
-std::vector& rInformations = 
aManager.maCurrentSignatureInformations;
+std::vector& rInformations = 
aManager.getCurrentSignatureInformations();
 // This was 1 when NSS_CMSSignerInfo_GetSigningCertificate() failed, which
 // means that we only used the locally imported certificates for
 // verification, not the ones provided in the PDF signature data.
@@ -315,12 +315,12 @@ CPPUNIT_TEST_FIXTURE(PDFSigningTest, testTdf107782)
 std::unique_ptr pStream
 = utl::UcbStreamHelper::CreateStream(aURL, StreamMode::READ | 
StreamMode::WRITE);
 uno::Reference xStream(new 
utl::OStreamWrapper(std::move(pStream)));
-aManager.mxSignatureStream = xStream;
+aManager.setSignatureStream(xStream);
 aManager.read(/*bUseTempStream=*/false);
-CPPUNIT_ASSERT(aManager.mpPDFSignatureHelper);
+CPPUNIT_ASSERT(aManager.hasPDFSignatureHelper());
 
 // This failed with an std::bad_alloc exception on Windows.
-aManager.mpPDFSignatureHelper->GetDocumentSignatureInformations(
+aManager.getPDFSignatureHelper().GetDocumentSignatureInformations(
 aManager.getSecurityEnvironment());
 }
 
@@ -486,11 +486,11 @@ CPPUNIT_TEST_FIXTURE(PDFSigningTest, testUnknownSubFilter)
 m_directories.getURLFromSrc(DATA_DIRECTORY) + "cr-comment.pdf", 
StreamMode::STD_READ);
 uno::Reference xStream(new 
utl::OStreamWrapper(std::move(pStream)));
 DocumentSignatureManager aManager(mxComponentContext, 
DocumentSignatureMode::Content);
-aManager.mxSignatureStream = xStream;
+aManager.setSignatureStream(xStream);

[Libreoffice-commits] core.git: xmlsecurity/inc xmlsecurity/qa xmlsecurity/source

2016-11-24 Thread Miklos Vajna

 xmlsecurity/inc/pdfio/pdfdocument.hxx |   66 
 xmlsecurity/inc/sigstruct.hxx |3 +
 xmlsecurity/qa/unit/pdfsigning/pdfsigning.cxx |   28 +++---
 xmlsecurity/source/pdfio/pdfdocument.cxx  |   70 +-
 4 files changed, 93 insertions(+), 74 deletions(-)

New commits:
commit 5cb580144c286117db485e605c79ce1139cb94fb
Author: Miklos Vajna 
Date:   Thu Nov 24 17:37:09 2016 +0100

CppunitTest_xmlsecurity_pdfsigning: add PAdES testcase

Assert the two user-visible changes: SHA-256 hashes and the SubFilter of the
signature.

Change-Id: I12a2355e2ddfc368bed4430a7b5ad244b5778afe
Reviewed-on: https://gerrit.libreoffice.org/31173
Tested-by: Jenkins 
Reviewed-by: Miklos Vajna 

diff --git a/xmlsecurity/inc/pdfio/pdfdocument.hxx 
b/xmlsecurity/inc/pdfio/pdfdocument.hxx
index 31a0546..e2f2913 100644
--- a/xmlsecurity/inc/pdfio/pdfdocument.hxx
+++ b/xmlsecurity/inc/pdfio/pdfdocument.hxx
@@ -27,9 +27,12 @@ namespace pdfio
 {
 
 class PDFTrailerElement;
-class PDFObjectElement;
 class PDFHexStringElement;
 class PDFReferenceElement;
+class PDFDocument;
+class PDFDictionaryElement;
+class PDFArrayElement;
+class PDFStreamElement;
 
 /// A byte range in a PDF file.
 class PDFElement
@@ -39,6 +42,67 @@ public:
 virtual ~PDFElement() { }
 };
 
+/// Indirect object: something with a unique ID.
+class XMLSECURITY_DLLPUBLIC PDFObjectElement : public PDFElement
+{
+PDFDocument& m_rDoc;
+double m_fObjectValue;
+double m_fGenerationValue;
+std::map m_aDictionary;
+/// Position after the '<<' token.
+sal_uInt64 m_nDictionaryOffset;
+/// Length of the dictionary buffer till (before) the '<<' token.
+sal_uInt64 m_nDictionaryLength;
+PDFDictionaryElement* m_pDictionaryElement;
+/// The contained direct array, if any.
+PDFArrayElement* m_pArrayElement;
+/// The stream of this object, used when this is an object stream.
+PDFStreamElement* m_pStreamElement;
+/// Objects of an object stream.
+std::vector< std::unique_ptr > m_aStoredElements;
+/// Elements of an object in an object stream.
+std::vector< std::unique_ptr > m_aElements;
+/// Uncompressed buffer of an object in an object stream.
+std::unique_ptr m_pStreamBuffer;
+
+public:
+PDFObjectElement(PDFDocument& rDoc, double fObjectValue, double 
fGenerationValue);
+bool Read(SvStream& rStream) override;
+PDFElement* Lookup(const OString& rDictionaryKey);
+PDFObjectElement* LookupObject(const OString& rDictionaryKey);
+double GetObjectValue() const;
+void SetDictionaryOffset(sal_uInt64 nDictionaryOffset);
+sal_uInt64 GetDictionaryOffset();
+void SetDictionaryLength(sal_uInt64 nDictionaryLength);
+sal_uInt64 GetDictionaryLength();
+PDFDictionaryElement* GetDictionary() const;
+void SetDictionary(PDFDictionaryElement* pDictionaryElement);
+void SetArray(PDFArrayElement* pArrayElement);
+void SetStream(PDFStreamElement* pStreamElement);
+PDFArrayElement* GetArray() const;
+/// Parse objects stored in this object stream.
+void ParseStoredObjects();
+std::vector< std::unique_ptr >& GetStoredElements();
+SvMemoryStream* GetStreamBuffer() const;
+void SetStreamBuffer(std::unique_ptr& pStreamBuffer);
+};
+
+/// Name object: a key string.
+class XMLSECURITY_DLLPUBLIC PDFNameElement : public PDFElement
+{
+OString m_aValue;
+/// Offset after the '/' token.
+sal_uInt64 m_nLocation;
+/// Length till the next token start.
+sal_uInt64 m_nLength;
+public:
+PDFNameElement();
+bool Read(SvStream& rStream) override;
+const OString& GetValue() const;
+sal_uInt64 GetLocation() const;
+sal_uInt64 GetLength() const;
+};
+
 enum class TokenizeMode
 {
 /// Full file.
diff --git a/xmlsecurity/inc/sigstruct.hxx b/xmlsecurity/inc/sigstruct.hxx
index 6dd4f7f..ab455d5 100644
--- a/xmlsecurity/inc/sigstruct.hxx
+++ b/xmlsecurity/inc/sigstruct.hxx
@@ -102,11 +102,14 @@ struct SignatureInformation
 OUString ouCertDigest;
 /// A full OOXML signguature for unchanged roundtrip, empty for ODF.
 css::uno::Sequence aSignatureBytes;
+/// For PDF: digest format, from css::xml::crypto::DigestID
+sal_Int32 nDigestID;
 
 SignatureInformation( sal_Int32 nId )
 {
 nSecurityId = nId;
 nStatus = css::xml::crypto::SecurityOperationStatus_UNKNOWN;
+nDigestID = 0;
 }
 };
 
diff --git a/xmlsecurity/qa/unit/pdfsigning/pdfsigning.cxx 
b/xmlsecurity/qa/unit/pdfsigning/pdfsigning.cxx
index 99e176b..4d0ce52 100644
--- a/xmlsecurity/qa/unit/pdfsigning/pdfsigning.cxx
+++ b/xmlsecurity/qa/unit/pdfsigning/pdfsigning.cxx
@@ -40,7 +40,7 @@ class PDFSigningTest : public test::BootstrapFixture
  * Read a pdf and make sure that it has the expected number of valid
  * signatures.
  */

[Libreoffice-commits] core.git: xmlsecurity/inc xmlsecurity/qa xmlsecurity/source

2016-11-17 Thread Miklos Vajna

 xmlsecurity/inc/documentsignaturemanager.hxx   |2 +-
 xmlsecurity/inc/pdfio/pdfdocument.hxx  |4 ++--
 xmlsecurity/inc/pdfsignaturehelper.hxx |2 +-
 xmlsecurity/qa/unit/pdfsigning/pdfsigning.cxx  |2 +-
 xmlsecurity/source/helper/documentsignaturemanager.cxx |   10 +-
 xmlsecurity/source/helper/pdfsignaturehelper.cxx   |4 ++--
 xmlsecurity/source/pdfio/pdfdocument.cxx   |   14 +-
 xmlsecurity/source/pdfio/pdfverify.cxx |2 +-
 8 files changed, 22 insertions(+), 18 deletions(-)

New commits:
commit 972c1e9e7239ef84611b01dad5b112af8f353d3c
Author: Miklos Vajna 
Date:   Thu Nov 17 12:40:06 2016 +0100

xmlsecurity PDF sign: handle AdES when writing SubFilter

Page 21 of "PAdES baseline signatures" specification from


says:

"The Signature Dictionary shall contain a value of ETSI.CAdES.detached
for the key SubFilter."

So in case the UI has the adescompliant checkbox enabled, write that
value instead of the Adobe default.

Change-Id: I69e606a32fb09bebd5e9b25b32150d1b8672f544

diff --git a/xmlsecurity/inc/documentsignaturemanager.hxx 
b/xmlsecurity/inc/documentsignaturemanager.hxx
index 08bdcf6..fe9f9a4 100644
--- a/xmlsecurity/inc/documentsignaturemanager.hxx
+++ b/xmlsecurity/inc/documentsignaturemanager.hxx
@@ -59,7 +59,7 @@ public:
 bool isXML(const OUString& rURI);
 SignatureStreamHelper ImplOpenSignatureStream(sal_Int32 eStreamMode, bool 
bTempStream);
 /// Add a new signature, using xCert as a signing certificate, and 
rDescription as description.
-bool add(const css::uno::Reference& xCert, 
const OUString& rDescription, sal_Int32& nSecurityId, bool 
bXAdESCompliantIfODF);
+bool add(const css::uno::Reference& xCert, 
const OUString& rDescription, sal_Int32& nSecurityId, bool bAdESCompliant);
 /// Remove signature at nPosition.
 void remove(sal_uInt16 nPosition);
 /// Read signatures from either a temp stream or the real storage.
diff --git a/xmlsecurity/inc/pdfio/pdfdocument.hxx 
b/xmlsecurity/inc/pdfio/pdfdocument.hxx
index c282ea6..31a0546 100644
--- a/xmlsecurity/inc/pdfio/pdfdocument.hxx
+++ b/xmlsecurity/inc/pdfio/pdfdocument.hxx
@@ -117,7 +117,7 @@ class XMLSECURITY_DLLPUBLIC PDFDocument
 /// Suggest a minimal, yet free signature ID to use for the next signature.
 sal_uInt32 GetNextSignature();
 /// Write the signature object as part of signing.
-sal_Int32 WriteSignatureObject(const OUString& rDescription, sal_uInt64& 
rLastByteRangeOffset, sal_Int64& rSignatureContentOffset);
+sal_Int32 WriteSignatureObject(const OUString& rDescription, bool bAdES, 
sal_uInt64& rLastByteRangeOffset, sal_Int64& rSignatureContentOffset);
 /// Write the appearance object as part of signing.
 sal_Int32 WriteAppearanceObject();
 /// Write the annot object as part of signing.
@@ -162,7 +162,7 @@ public:
 /// Read elements from the start of the stream till its end.
 bool Read(SvStream& rStream);
 /// Sign the read document with xCertificate in the edit buffer.
-bool Sign(const css::uno::Reference& 
xCertificate, const OUString& rDescription);
+bool Sign(const css::uno::Reference& 
xCertificate, const OUString& rDescription, bool bAdES);
 /// Serializes the contents of the edit buffer.
 bool Write(SvStream& rStream);
 /// Get a list of signatures embedded into this document.
diff --git a/xmlsecurity/inc/pdfsignaturehelper.hxx 
b/xmlsecurity/inc/pdfsignaturehelper.hxx
index 55d8567..7efdbfb 100644
--- a/xmlsecurity/inc/pdfsignaturehelper.hxx
+++ b/xmlsecurity/inc/pdfsignaturehelper.hxx
@@ -43,7 +43,7 @@ public:
 /// Comment / reason to be used next time signing is performed.
 void SetDescription(const OUString& rDescription);
 /// Append a new signature at the end of xInputStream.
-bool Sign(const css::uno::Reference& xInputStream);
+bool Sign(const css::uno::Reference& xInputStream, 
bool bAdES);
 /// Remove the signature at nPosition (and all dependent signatures) from 
xInputStream.
 static bool RemoveSignature(const 
css::uno::Reference& xInputStream, sal_uInt16 nPosition);
 };
diff --git a/xmlsecurity/qa/unit/pdfsigning/pdfsigning.cxx 
b/xmlsecurity/qa/unit/pdfsigning/pdfsigning.cxx
index d052e5f..99e176b 100644
--- a/xmlsecurity/qa/unit/pdfsigning/pdfsigning.cxx
+++ b/xmlsecurity/qa/unit/pdfsigning/pdfsigning.cxx
@@ -142,7 +142,7 @@ bool PDFSigningTest::sign(const OUString& rInURL, const 
OUString& rOutURL, size_
 // NSS failed to parse it's own profile or Windows has no 
certificates installed.
 return false;
 }
-CPPUNIT_ASSERT(aDocument.Sign(aCertificates[0], "test"));
+CPPUNIT_ASSERT(aDocument.Sign(aCertificates[0], "test", 
/*bAdES=*/true));

[Libreoffice-commits] core.git: xmlsecurity/inc xmlsecurity/qa xmlsecurity/source

2016-11-10 Thread Tor Lillqvist

 xmlsecurity/inc/documentsignaturehelper.hxx|8 ++
 xmlsecurity/inc/documentsignaturemanager.hxx   |2 
 xmlsecurity/inc/sigstruct.hxx  |2 
 xmlsecurity/inc/xmlsignaturehelper.hxx |5 +
 xmlsecurity/qa/unit/signing/signing.cxx|2 
 xmlsecurity/source/dialogs/digitalsignaturesdialog.cxx |2 
 xmlsecurity/source/helper/documentsignaturehelper.cxx  |   58 +++
 xmlsecurity/source/helper/documentsignaturemanager.cxx |8 +-
 xmlsecurity/source/helper/ooxmlsecexporter.cxx |   61 +---
 xmlsecurity/source/helper/xmlsignaturehelper.cxx   |5 -
 xmlsecurity/source/helper/xsecctl.cxx  |   63 -
 xmlsecurity/source/helper/xsecctl.hxx  |3 
 xmlsecurity/source/helper/xsecparser.cxx   |   21 -
 xmlsecurity/source/helper/xsecparser.hxx   |2 
 xmlsecurity/source/helper/xsecsign.cxx |4 -
 15 files changed, 170 insertions(+), 76 deletions(-)

New commits:
commit 59547a54958914f57f5a9bcff6434c3acca042f6
Author: Tor Lillqvist 
Date:   Wed Nov 9 15:14:03 2016 +0200

More work in progress on XAdES compliant ODF signing

Pass an XAdES flag to a couple more functions and adapt to that.

Factor out writeDigestMethod() and writeSignedProperties() from
OOXMLSecExporter::Impl to DocumentSignatureHelper and use them in an
additional place.

Write xd:UnsignedProperties with EncapsulatedX509Certificate. Probably
much more work needed.

Change-Id: I2a0cd1db6dd487b9c7ba256ad29473de3d271cd8

diff --git a/xmlsecurity/inc/documentsignaturehelper.hxx 
b/xmlsecurity/inc/documentsignaturehelper.hxx
index 50c8d43..10268e7 100644
--- a/xmlsecurity/inc/documentsignaturehelper.hxx
+++ b/xmlsecurity/inc/documentsignaturehelper.hxx
@@ -21,6 +21,7 @@
 #define INCLUDED_XMLSECURITY_INC_DOCUMENTSIGNATUREHELPER_HXX
 
 #include 
+#include 
 #include 
 #include "sigstruct.hxx"
 #include "xmlsecuritydllapi.h"
@@ -92,6 +93,13 @@ namespace DocumentSignatureHelper
 
 /// In case the storage is OOXML, prepend a leading '/' and append content 
type to the element URIs.
 void AppendContentTypes(const css::uno::Reference& 
xStorage, std::vector& rElements);
+
+void writeDigestMethod(
+const css::uno::Reference& 
xDocumentHandler);
+void writeSignedProperties(
+const css::uno::Reference& 
xDocumentHandler,
+const SignatureInformation& signatureInfo,
+const OUString& sDate);
 };
 
 #endif // INCLUDED_XMLSECURITY_INC_DOCUMENTSIGNATUREHELPER_HXX
diff --git a/xmlsecurity/inc/documentsignaturemanager.hxx 
b/xmlsecurity/inc/documentsignaturemanager.hxx
index 7062303..08bdcf6 100644
--- a/xmlsecurity/inc/documentsignaturemanager.hxx
+++ b/xmlsecurity/inc/documentsignaturemanager.hxx
@@ -65,7 +65,7 @@ public:
 /// Read signatures from either a temp stream or the real storage.
 void read(bool bUseTempStream, bool bCacheLastSignature = true);
 /// Write signatures back to the persistent storage.
-void write();
+void write(bool bXAdESCompliantIfODF);
 /// Lazy creation of PDF helper.
 PDFSignatureHelper& getPDFSignatureHelper();
 #if 0
diff --git a/xmlsecurity/inc/sigstruct.hxx b/xmlsecurity/inc/sigstruct.hxx
index 1b6cdb8..85cf085 100644
--- a/xmlsecurity/inc/sigstruct.hxx
+++ b/xmlsecurity/inc/sigstruct.hxx
@@ -96,7 +96,7 @@ struct SignatureInformation
 OUString ouDescription;
 /// The Id attribute of the  element that contains the 
.
 OUString ouDescriptionPropertyId;
-/// OOXML certificate SHA-256 digest, empty for ODF.
+/// OOXML certificate SHA-256 digest, empty for ODF except when doing 
XAdES signature.
 OUString ouCertDigest;
 /// A full OOXML signguature for unchanged roundtrip, empty for ODF.
 css::uno::Sequence aSignatureBytes;
diff --git a/xmlsecurity/inc/xmlsignaturehelper.hxx 
b/xmlsecurity/inc/xmlsignaturehelper.hxx
index c2a163b..89eeb55 100644
--- a/xmlsecurity/inc/xmlsignaturehelper.hxx
+++ b/xmlsecurity/inc/xmlsignaturehelper.hxx
@@ -171,7 +171,10 @@ public:
 // will be very useful, see Mission 3 in the new "multisigdemo" 
program   :-)
 css::uno::Reference< css::xml::sax::XWriter> 
CreateDocumentHandlerWithHeader( const css::uno::Reference< 
css::io::XOutputStream >& xOutputStream );
 static void CloseDocumentHandler( const css::uno::Reference< 
css::xml::sax::XDocumentHandler>& xDocumentHandler );
-static void ExportSignature( const css::uno::Reference< 
css::xml::sax::XDocumentHandler >& xDocumentHandler, const 
SignatureInformation& signatureInfo );
+static void ExportSignature(
+const css::uno::Reference< css::xml::sax::XDocumentHandler >& 
xDocumentHandler,
+const SignatureInformation& signatureInfo,
+bool bXAdESCompliantIfODF );
 
 /// Read and verify OOXML signatures.
 bool

[Libreoffice-commits] core.git: xmlsecurity/inc xmlsecurity/qa xmlsecurity/source

2016-11-08 Thread Miklos Vajna

 xmlsecurity/inc/documentsignaturemanager.hxx   |6 +
 xmlsecurity/inc/pdfsignaturehelper.hxx |4 
 xmlsecurity/inc/xmlsignaturehelper.hxx |   12 --
 xmlsecurity/qa/unit/signing/signing.cxx|   26 ++---
 xmlsecurity/source/component/documentdigitalsignatures.cxx |   60 ++---
 xmlsecurity/source/dialogs/digitalsignaturesdialog.cxx |   11 +-
 xmlsecurity/source/helper/documentsignaturemanager.cxx |   29 +-
 xmlsecurity/source/helper/pdfsignaturehelper.cxx   |   11 --
 xmlsecurity/source/helper/xmlsignaturehelper.cxx   |   23 
 9 files changed, 87 insertions(+), 95 deletions(-)

New commits:
commit a69873d212c903ea8a1f0d5ca40ae3f08b83a871
Author: Miklos Vajna 
Date:   Tue Nov 8 14:10:05 2016 +0100

xmlsecurity: move the sec context from the format helpers to the sign 
manager

The signature manager always creates an XML helper, and optionally creates a
PDF helper as well. Both of them initialize xmlsec, and when the signature
manager is deleted, there are two de-inits, leading to an assertion failure 
in
xmlsec.

Fix the problem by moving the duplicated xmlsec init to the signature 
manager.
This has the additional benefit that general security-related code no longer
has to talk to the XML helper, it can use the signature manager, which feels
more natural. (What viewing a certificate had to do with XML?)

Change-Id: If6a6bc433636445f3782849a367d4a7ac0be7688
Reviewed-on: https://gerrit.libreoffice.org/30695
Reviewed-by: Miklos Vajna 
Tested-by: Jenkins 

diff --git a/xmlsecurity/inc/documentsignaturemanager.hxx 
b/xmlsecurity/inc/documentsignaturemanager.hxx
index fd981d7..7062303 100644
--- a/xmlsecurity/inc/documentsignaturemanager.hxx
+++ b/xmlsecurity/inc/documentsignaturemanager.hxx
@@ -47,6 +47,8 @@ public:
 css::uno::Reference mxTempSignatureStream;
 /// Storage containing all OOXML signatures, unused for ODF.
 css::uno::Reference mxTempSignatureStorage;
+css::uno::Reference mxSEInitializer;
+css::uno::Reference 
mxSecurityContext;
 
 DocumentSignatureManager(const 
css::uno::Reference& xContext, 
DocumentSignatureMode eMode);
 ~DocumentSignatureManager();
@@ -70,6 +72,10 @@ public:
 // Checks if the document is a kind where it is relevant to distinguish 
between using XAdES or not
 bool IsXAdESRelevant();
 #endif
+/// Attempts to initialize the platform-specific crypto.
+bool init();
+/// Get the security environment.
+css::uno::Reference 
getSecurityEnvironment();
 };
 
 #endif // INCLUDED_XMLSECURITY_INC_DOCUMENTSIGNATUREMANAGER_HXX
diff --git a/xmlsecurity/inc/pdfsignaturehelper.hxx 
b/xmlsecurity/inc/pdfsignaturehelper.hxx
index cd9a3e2..55d8567 100644
--- a/xmlsecurity/inc/pdfsignaturehelper.hxx
+++ b/xmlsecurity/inc/pdfsignaturehelper.hxx
@@ -25,8 +25,6 @@
 class XMLSECURITY_DLLPUBLIC PDFSignatureHelper
 {
 css::uno::Reference m_xComponentContext;
-css::uno::Reference m_xSEInitializer;
-css::uno::Reference 
m_xSecurityContext;
 SignatureInformations m_aSignatureInfos;
 
 css::uno::Reference m_xCertificate;
@@ -35,7 +33,7 @@ class XMLSECURITY_DLLPUBLIC PDFSignatureHelper
 public:
 PDFSignatureHelper(const css::uno::Reference& 
xComponentContext);
 bool ReadAndVerifySignature(const 
css::uno::Reference& xInputStream);
-css::uno::Sequence 
GetDocumentSignatureInformations() const;
+css::uno::Sequence 
GetDocumentSignatureInformations(const 
css::uno::Reference& xSecEnv) const;
 SignatureInformations GetSignatureInformations() const;
 
 /// Return the ID of the next created signature.
diff --git a/xmlsecurity/inc/xmlsignaturehelper.hxx 
b/xmlsecurity/inc/xmlsignaturehelper.hxx
index 8e0c658..c2a163b 100644
--- a/xmlsecurity/inc/xmlsignaturehelper.hxx
+++ b/xmlsecurity/inc/xmlsignaturehelper.hxx
@@ -100,9 +100,6 @@ private:
 css::uno::Reference< css::xml::crypto::sax::XSecurityController > 
mxSecurityController;
 css::uno::Reference< css::xml::crypto::XUriBinding > mxUriBinding;
 
-css::uno::Reference< css::xml::crypto::XSEInitializer > mxSEInitializer;
-css::uno::Reference< css::xml::crypto::XXMLSecurityContext > 
mxSecurityContext;
-
 std::vector
 maCreationResults;
 std::vector
@@ -123,10 +120,6 @@ public:
 XMLSignatureHelper(const css::uno::Reference< css::uno::XComponentContext 
>& mrCtx );
 ~XMLSignatureHelper();
 
-// Initialize the security context with default crypto token.
-// Returns true for success.
-boolInit();
-
 // Set the storage which should be used by the default UriBinding
 // Must be set before StatrtMission().
 //sODFVersion indicates  the ODF version
@@ -137,15 +130,12 @@ public:
 // Default handler will verify all.
 void

[Libreoffice-commits] core.git: xmlsecurity/inc xmlsecurity/qa xmlsecurity/source xmlsecurity/uiconfig

2016-11-08 Thread Tor Lillqvist

 xmlsecurity/inc/digitalsignaturesdialog.hxx|7 +-
 xmlsecurity/inc/documentsignaturemanager.hxx   |6 +
 xmlsecurity/inc/sigstruct.hxx  |   17 +
 xmlsecurity/inc/xmlsignaturehelper.hxx |4 -
 xmlsecurity/qa/unit/signing/signing.cxx|6 -
 xmlsecurity/source/component/documentdigitalsignatures.cxx |4 +
 xmlsecurity/source/component/documentdigitalsignatures.hxx |5 +
 xmlsecurity/source/dialogs/digitalsignaturesdialog.cxx |   37 ++--
 xmlsecurity/source/helper/documentsignaturemanager.cxx |   28 -
 xmlsecurity/source/helper/ooxmlsecparser.cxx   |8 +-
 xmlsecurity/source/helper/xmlsignaturehelper.cxx   |8 +-
 xmlsecurity/source/helper/xsecctl.cxx  |8 +-
 xmlsecurity/source/helper/xsecctl.hxx  |   29 ++---
 xmlsecurity/source/helper/xsecparser.cxx   |   25 ++--
 xmlsecurity/source/helper/xsecparser.hxx   |4 +
 xmlsecurity/source/helper/xsecsign.cxx |   40 +++--
 xmlsecurity/source/helper/xsecverify.cxx   |   12 ++-
 xmlsecurity/uiconfig/ui/digitalsignaturesdialog.ui |   15 
 18 files changed, 201 insertions(+), 62 deletions(-)

New commits:
commit b2318479c8635af8e022ff4f844e85a1f6b9f4de
Author: Tor Lillqvist 
Date:   Sat Oct 29 09:50:28 2016 +0300

Work in progress on supporting XAdES-compliant signatures for ODF

xmlsecurity is such a mess. Too many different classes that actually
have more or less identical life-time, with names that smell of
delusions of grandeur. "Manager", "security framework controller" etc
for stuff that actually exist only during the execution of a simple
dialog. And then a "helper" class that actually in on a higher level
than a "framework controller". But oh well.

Change-Id: I86e461b1bc91a0d8f5b7fb9f13a5be201729df1e

diff --git a/xmlsecurity/inc/digitalsignaturesdialog.hxx 
b/xmlsecurity/inc/digitalsignaturesdialog.hxx
index f58dccf..c9226e6 100644
--- a/xmlsecurity/inc/digitalsignaturesdialog.hxx
+++ b/xmlsecurity/inc/digitalsignaturesdialog.hxx
@@ -70,6 +70,8 @@ private:
 VclPtr m_pSigsOldSignatureImg;
 VclPtr  m_pSigsOldSignatureFI;
 
+VclPtr   m_pXAdESCompliantCB;
+
 VclPtr m_pViewBtn;
 VclPtr m_pAddBtn;
 VclPtr m_pRemoveBtn;
@@ -82,6 +84,9 @@ private:
 bool m_bHasDocumentSignature;
 bool m_bWarningShowSignMacro;
 
+bool m_bXAdESCompliant;
+
+DECL_LINK(XAdESCompliantCheckBoxHdl, CheckBox&, void);
 DECL_LINK(ViewButtonHdl, Button*, void);
 DECL_LINK(AddButtonHdl, Button*, void);
 DECL_LINK(RemoveButtonHdl, Button*, void);
@@ -90,7 +95,7 @@ private:
 DECL_LINK(StartVerifySignatureHdl, LinkParamNone*, bool );
 DECL_LINK(OKButtonHdl, Button*, void );
 
-voidImplGetSignatureInformations(bool bUseTempStream, bool 
bCacheLastSignature = true);
+voidImplGetSignatureInformations(bool bUseTempStream, bool 
bCacheLastSignature);
 voidImplFillSignaturesBox();
 voidImplShowSignaturesDetails();
 
diff --git a/xmlsecurity/inc/documentsignaturemanager.hxx 
b/xmlsecurity/inc/documentsignaturemanager.hxx
index 097c0e1..fd981d7 100644
--- a/xmlsecurity/inc/documentsignaturemanager.hxx
+++ b/xmlsecurity/inc/documentsignaturemanager.hxx
@@ -57,7 +57,7 @@ public:
 bool isXML(const OUString& rURI);
 SignatureStreamHelper ImplOpenSignatureStream(sal_Int32 eStreamMode, bool 
bTempStream);
 /// Add a new signature, using xCert as a signing certificate, and 
rDescription as description.
-bool add(const css::uno::Reference& xCert, 
const OUString& rDescription, sal_Int32& nSecurityId);
+bool add(const css::uno::Reference& xCert, 
const OUString& rDescription, sal_Int32& nSecurityId, bool 
bXAdESCompliantIfODF);
 /// Remove signature at nPosition.
 void remove(sal_uInt16 nPosition);
 /// Read signatures from either a temp stream or the real storage.
@@ -66,6 +66,10 @@ public:
 void write();
 /// Lazy creation of PDF helper.
 PDFSignatureHelper& getPDFSignatureHelper();
+#if 0
+// Checks if the document is a kind where it is relevant to distinguish 
between using XAdES or not
+bool IsXAdESRelevant();
+#endif
 };
 
 #endif // INCLUDED_XMLSECURITY_INC_DOCUMENTSIGNATUREMANAGER_HXX
diff --git a/xmlsecurity/inc/sigstruct.hxx b/xmlsecurity/inc/sigstruct.hxx
index 610845c..e662d36 100644
--- a/xmlsecurity/inc/sigstruct.hxx
+++ b/xmlsecurity/inc/sigstruct.hxx
@@ -23,6 +23,7 @@
 #include 
 #include 
 #include 
+#include 
 #include 
 
 #include 
@@ -41,11 +42,23 @@ struct SignatureReferenceInformation
 {
 SignatureReferenceType  nType;
 OUString   ouURI;
+// For ODF: XAdES digests (SHA256) or the old

[Libreoffice-commits] core.git: xmlsecurity/inc xmlsecurity/qa xmlsecurity/source

2016-11-04 Thread Miklos Vajna

 xmlsecurity/inc/pdfio/pdfdocument.hxx  |7 +++
 xmlsecurity/qa/unit/pdfsigning/data/pdf14lowin.pdf |binary
 xmlsecurity/qa/unit/pdfsigning/pdfsigning.cxx  |   12 
 xmlsecurity/source/pdfio/pdfdocument.cxx   |   17 +++--
 4 files changed, 34 insertions(+), 2 deletions(-)

New commits:
commit d0edff60c786c4975b433890d277397673871418
Author: Miklos Vajna 
Date:   Fri Nov 4 10:18:08 2016 +0100

xmlsecurity PDF NSS verify: handle SHA1_WITH_RSA

SHA1_WITH_RSA is a signing algorithm, not a digest one, but let's
accept it, so LO on Linux can verify a signature generated by LO on
Windows.

It's annoying that equivalent mapping in NSS is not part of their public
API.

Change-Id: I97186fcc1d118f922e5ee3cb472aa5b52bc4b5ca

diff --git a/xmlsecurity/inc/pdfio/pdfdocument.hxx 
b/xmlsecurity/inc/pdfio/pdfdocument.hxx
index 37457c0..ca70c94 100644
--- a/xmlsecurity/inc/pdfio/pdfdocument.hxx
+++ b/xmlsecurity/inc/pdfio/pdfdocument.hxx
@@ -116,6 +116,8 @@ public:
 PDFDocument();
 PDFDocument& operator=(const PDFDocument&) = delete;
 PDFDocument(const PDFDocument&) = delete;
+/// @name Low-level functions, to be used by PDFElement subclasses.
+//@{
 static OString ReadKeyword(SvStream& rStream);
 static size_t FindStartXRef(SvStream& rStream);
 void ReadXRef(SvStream& rStream);
@@ -136,13 +138,17 @@ public:
 bool Tokenize(SvStream& rStream, TokenizeMode eMode, std::vector< 
std::unique_ptr >& rElements, PDFObjectElement* pObject);
 /// Register an object (owned directly or indirectly by m_aElements) as a 
provder for a given ID.
 void SetIDObject(size_t nID, PDFObjectElement* pObject);
+//@}
 
+/// @name High-level functions, to be used by others.
+//@{
 /// Read elements from the start of the stream till its end.
 bool Read(SvStream& rStream);
 /// Sign the read document with xCertificate in the edit buffer.
 bool Sign(const css::uno::Reference& 
xCertificate, const OUString& rDescription);
 /// Serializes the contents of the edit buffer.
 bool Write(SvStream& rStream);
+/// Get a list of signatures embedded into this document.
 std::vector GetSignatureWidgets();
 /**
  * @param rInformation The actual result.
@@ -152,6 +158,7 @@ public:
 static bool ValidateSignature(SvStream& rStream, PDFObjectElement* 
pSignature, SignatureInformation& rInformation, bool bLast);
 /// Remove the nth signature from read document in the edit buffer.
 bool RemoveSignature(size_t nPosition);
+//@}
 };
 
 } // namespace pdfio
diff --git a/xmlsecurity/qa/unit/pdfsigning/data/pdf14lowin.pdf 
b/xmlsecurity/qa/unit/pdfsigning/data/pdf14lowin.pdf
new file mode 100644
index 000..5270151
Binary files /dev/null and b/xmlsecurity/qa/unit/pdfsigning/data/pdf14lowin.pdf 
differ
diff --git a/xmlsecurity/qa/unit/pdfsigning/pdfsigning.cxx 
b/xmlsecurity/qa/unit/pdfsigning/pdfsigning.cxx
index 5a95586..a6c764d 100644
--- a/xmlsecurity/qa/unit/pdfsigning/pdfsigning.cxx
+++ b/xmlsecurity/qa/unit/pdfsigning/pdfsigning.cxx
@@ -58,6 +58,8 @@ public:
 void testPDF14Adobe();
 /// Test a PDF 1.6 document, signed by Adobe.
 void testPDF16Adobe();
+/// Test a PDF 1.4 document, signed by LO on Windows.
+void testPDF14LOWin();
 
 CPPUNIT_TEST_SUITE(PDFSigningTest);
 CPPUNIT_TEST(testPDFAdd);
@@ -66,6 +68,7 @@ public:
 CPPUNIT_TEST(testPDFRemoveAll);
 CPPUNIT_TEST(testPDF14Adobe);
 CPPUNIT_TEST(testPDF16Adobe);
+CPPUNIT_TEST(testPDF14LOWin);
 CPPUNIT_TEST_SUITE_END();
 };
 
@@ -267,6 +270,15 @@ void PDFSigningTest::testPDF16Adobe()
 verify(m_directories.getURLFromSrc(DATA_DIRECTORY) + "pdf16adobe.pdf", 1);
 }
 
+void PDFSigningTest::testPDF14LOWin()
+{
+// mscrypto used SEC_OID_PKCS1_SHA1_WITH_RSA_ENCRYPTION as a digest
+// algorithm when it meant SEC_OID_SHA1, make sure we tolerate that on all
+// platforms.
+// This failed, as NSS HASH_Create() didn't handle the sign algorithm.
+verify(m_directories.getURLFromSrc(DATA_DIRECTORY) + "pdf14lowin.pdf", 1);
+}
+
 CPPUNIT_TEST_SUITE_REGISTRATION(PDFSigningTest);
 
 CPPUNIT_PLUGIN_IMPLEMENT();
diff --git a/xmlsecurity/source/pdfio/pdfdocument.cxx 
b/xmlsecurity/source/pdfio/pdfdocument.cxx
index 6822e14..bfd66d2 100644
--- a/xmlsecurity/source/pdfio/pdfdocument.cxx
+++ b/xmlsecurity/source/pdfio/pdfdocument.cxx
@@ -1760,7 +1760,20 @@ bool PDFDocument::ValidateSignature(SvStream& rStream, 
PDFObjectElement* pSignat
 }
 
 SECItem aAlgorithm = 
NSS_CMSSignedData_GetDigestAlgs(pCMSSignedData)[0]->algorithm;
-HASH_HashType eHashType = 
HASH_GetHashTypeByOidTag(SECOID_FindOIDTag());
+SECOidTag eOidTag = SECOID_FindOIDTag();
+
+// Map a sign algorithm to a digest algorithm.
+// See NSS_CMSUtil_MapSignAlgs(), which is private to us.
+switch (eOidTag)
+{
+case

[Libreoffice-commits] core.git: xmlsecurity/inc xmlsecurity/qa xmlsecurity/source

2016-11-02 Thread Miklos Vajna

 xmlsecurity/inc/pdfio/pdfdocument.hxx  |   50 ++
 xmlsecurity/qa/unit/pdfsigning/data/pdf16adobe.pdf |binary
 xmlsecurity/qa/unit/pdfsigning/pdfsigning.cxx  |   14 
 xmlsecurity/source/pdfio/pdfdocument.cxx   |  439 +++--
 4 files changed, 382 insertions(+), 121 deletions(-)

New commits:
commit b0d1a39e995871ef81cb58e8f1587a771fdd2deb
Author: Miklos Vajna 
Date:   Wed Nov 2 11:10:35 2016 +0100

xmlsecurity PDF verify: add support for object streams

Adobe Acrobat uses object streams (PDF 1.6) when it signs a PDF exported
from LO (PDF 1.4), with this we can verify that signature.

If the PDF had at least one signature in LO, then the doc is not
upgraded from PDF 1.4, so that was working already.

Change-Id: I54b4447ca965a8ba1ffc69bde228ab6f0bda59ee

diff --git a/xmlsecurity/inc/pdfio/pdfdocument.hxx 
b/xmlsecurity/inc/pdfio/pdfdocument.hxx
index 95663e6c..37457c0 100644
--- a/xmlsecurity/inc/pdfio/pdfdocument.hxx
+++ b/xmlsecurity/inc/pdfio/pdfdocument.hxx
@@ -45,7 +45,40 @@ enum class TokenizeMode
 /// Till the first %%EOF token.
 EOF_TOKEN,
 /// Till the end of the current object.
-END_OF_OBJECT
+END_OF_OBJECT,
+/// Same as END_OF_OBJECT, but for object streams (no endobj keyword).
+STORED_OBJECT
+};
+
+/// The type column of an entry in a cross-reference stream.
+enum class XRefEntryType
+{
+/// xref "n" or xref stream "1".
+NOT_COMPRESSED,
+/// xref stream "2.
+COMPRESSED
+};
+
+/// An entry in a cross-reference stream.
+struct XRefEntry
+{
+XRefEntryType m_eType;
+/**
+ * Non-compressed: The byte offset of the object, starting from the
+ * beginning of the file.
+ * Compressed: The object number of the object stream in which this object 
is
+ * stored.
+ */
+sal_uInt64 m_nOffset;
+/**
+ * Non-compressed: The generation number of the object.
+ * Compressed: The index of this object within the object stream.
+ */
+sal_uInt64 m_nGenerationNumber;
+/// Are changed as part of an incremental update?.
+bool m_bDirty;
+
+XRefEntry();
 };
 
 /**
@@ -60,9 +93,7 @@ class XMLSECURITY_DLLPUBLIC PDFDocument
 /// This vector owns all elements.
 std::vector< std::unique_ptr > m_aElements;
 /// Object ID <-> object offset map.
-std::map m_aXRef;
-/// Object ID <-> "are changed as part of an incremental update?" map.
-std::map m_aXRefDirty;
+std::map m_aXRef;
 /// Object offset <-> Object pointer map.
 std::map m_aOffsetObjects;
 /// Object ID <-> Object pointer map.
@@ -80,8 +111,6 @@ class XMLSECURITY_DLLPUBLIC PDFDocument
 static int AsHex(char ch);
 /// Decode a hex dump.
 static std::vector DecodeHexString(PDFHexStringElement* 
pElement);
-/// Tokenize elements from current offset.
-bool Tokenize(SvStream& rStream, TokenizeMode eMode);
 
 public:
 PDFDocument();
@@ -99,7 +128,14 @@ public:
 std::vector GetPages();
 /// Remember the end location of an EOF token.
 void PushBackEOF(size_t nOffset);
-const std::map& GetIDObjects() const;
+/// Look up object based on object number, possibly by parsing object 
streams.
+PDFObjectElement* LookupObject(size_t nObjectNumber);
+/// Access to the input document, even after the inpust ream is gone.
+SvMemoryStream& GetEditBuffer();
+/// Tokenize elements from current offset.
+bool Tokenize(SvStream& rStream, TokenizeMode eMode, std::vector< 
std::unique_ptr >& rElements, PDFObjectElement* pObject);
+/// Register an object (owned directly or indirectly by m_aElements) as a 
provder for a given ID.
+void SetIDObject(size_t nID, PDFObjectElement* pObject);
 
 /// Read elements from the start of the stream till its end.
 bool Read(SvStream& rStream);
diff --git a/xmlsecurity/qa/unit/pdfsigning/data/pdf16adobe.pdf 
b/xmlsecurity/qa/unit/pdfsigning/data/pdf16adobe.pdf
new file mode 100644
index 000..ac1c5f3
Binary files /dev/null and b/xmlsecurity/qa/unit/pdfsigning/data/pdf16adobe.pdf 
differ
diff --git a/xmlsecurity/qa/unit/pdfsigning/pdfsigning.cxx 
b/xmlsecurity/qa/unit/pdfsigning/pdfsigning.cxx
index 469ded6..2f7ef57 100644
--- a/xmlsecurity/qa/unit/pdfsigning/pdfsigning.cxx
+++ b/xmlsecurity/qa/unit/pdfsigning/pdfsigning.cxx
@@ -57,6 +57,8 @@ public:
 void testPDFRemoveAll();
 /// Test a PDF 1.4 document, signed by Adobe.
 void testPDF14Adobe();
+/// Test a PDF 1.6 document, signed by Adobe.
+void testPDF16Adobe();
 
 CPPUNIT_TEST_SUITE(PDFSigningTest);
 CPPUNIT_TEST(testPDFAdd);
@@ -64,6 +66,7 @@ public:
 CPPUNIT_TEST(testPDFRemove);
 CPPUNIT_TEST(testPDFRemoveAll);
 CPPUNIT_TEST(testPDF14Adobe);
+CPPUNIT_TEST(testPDF16Adobe);
 CPPUNIT_TEST_SUITE_END();
 };
 
@@ -254,6 +257,17 @@

[Libreoffice-commits] core.git: xmlsecurity/inc xmlsecurity/qa xmlsecurity/source

2016-11-01 Thread Tor Lillqvist

 xmlsecurity/inc/documentsignaturehelper.hxx|   15 +---
 xmlsecurity/qa/unit/pdfsigning/pdfsigning.cxx  |2 -
 xmlsecurity/qa/unit/signing/signing.cxx|   10 ++---
 xmlsecurity/source/component/documentdigitalsignatures.cxx |   20 +-
 xmlsecurity/source/dialogs/digitalsignaturesdialog.cxx |   20 +++---
 xmlsecurity/source/helper/documentsignaturehelper.cxx  |   24 ++---
 xmlsecurity/source/helper/documentsignaturemanager.cxx |2 -
 7 files changed, 52 insertions(+), 41 deletions(-)

New commits:
commit 0bbc15aa24d08c4051c8afc67da345517a07707a
Author: Tor Lillqvist 
Date:   Tue Nov 1 14:49:56 2016 +0200

Use enum class for two local enums

Change-Id: I0d7e6a14ec890b8a1dbdea3685b543b63426c628

diff --git a/xmlsecurity/inc/documentsignaturehelper.hxx 
b/xmlsecurity/inc/documentsignaturehelper.hxx
index 4767e58..d2eb803 100644
--- a/xmlsecurity/inc/documentsignaturehelper.hxx
+++ b/xmlsecurity/inc/documentsignaturehelper.hxx
@@ -47,13 +47,18 @@ namespace embed {
 
  **/
 
-enum DocumentSignatureMode { SignatureModeDocumentContent, 
SignatureModeMacros, SignatureModePackage };
+enum class DocumentSignatureMode
+{
+Content,
+Macros,
+Package
+};
 
-enum DocumentSignatureAlgorithm
+enum class DocumentSignatureAlgorithm
 {
-OOo2Document,
-OOo3_0Document,
-OOo3_2Document
+OOo2,
+OOo3_0,
+OOo3_2
 };
 
 struct SignatureStreamHelper
diff --git a/xmlsecurity/qa/unit/pdfsigning/pdfsigning.cxx 
b/xmlsecurity/qa/unit/pdfsigning/pdfsigning.cxx
index 5ee1322..469ded6 100644
--- a/xmlsecurity/qa/unit/pdfsigning/pdfsigning.cxx
+++ b/xmlsecurity/qa/unit/pdfsigning/pdfsigning.cxx
@@ -221,7 +221,7 @@ void PDFSigningTest::testPDFRemoveAll()
 OUString aOutURL = aTargetDir + "remove-all.pdf";
 CPPUNIT_ASSERT_EQUAL(osl::File::RC::E_None, 
osl::File::copy(m_directories.getURLFromSrc(DATA_DIRECTORY) + "2good.pdf", 
aOutURL));
 // Load the test document as a storage and read its two signatures.
-DocumentSignatureManager aManager(mxComponentContext, 
SignatureModeDocumentContent);
+DocumentSignatureManager aManager(mxComponentContext, 
DocumentSignatureMode::Content);
 SvStream* pStream = utl::UcbStreamHelper::CreateStream(aOutURL, 
StreamMode::READ | StreamMode::WRITE);
 uno::Reference xStream(new utl::OStreamWrapper(*pStream));
 aManager.mxSignatureStream = xStream;
diff --git a/xmlsecurity/qa/unit/signing/signing.cxx 
b/xmlsecurity/qa/unit/signing/signing.cxx
index 465a25f..6415586 100644
--- a/xmlsecurity/qa/unit/signing/signing.cxx
+++ b/xmlsecurity/qa/unit/signing/signing.cxx
@@ -190,7 +190,7 @@ void SigningTest::testDescription()
 aMediaDescriptor["FilterName"] <<= OUString("writer8");
 xStorable->storeAsURL(aTempFile.GetURL(), 
aMediaDescriptor.getAsConstPropertyValueList());
 
-DocumentSignatureManager aManager(mxComponentContext, 
SignatureModeDocumentContent);
+DocumentSignatureManager aManager(mxComponentContext, 
DocumentSignatureMode::Content);
 CPPUNIT_ASSERT(aManager.maSignatureHelper.Init());
 uno::Reference  xStorage = 
comphelper::OStorageHelper::GetStorageOfFormatFromURL(ZIP_STORAGE_FORMAT_STRING,
 aTempFile.GetURL(), embed::ElementModes::READWRITE);
 CPPUNIT_ASSERT(xStorage.is());
@@ -223,7 +223,7 @@ void SigningTest::testOOXMLDescription()
 aMediaDescriptor["FilterName"] <<= OUString("MS Word 2007 XML");
 xStorable->storeAsURL(aTempFile.GetURL(), 
aMediaDescriptor.getAsConstPropertyValueList());
 
-DocumentSignatureManager aManager(mxComponentContext, 
SignatureModeDocumentContent);
+DocumentSignatureManager aManager(mxComponentContext, 
DocumentSignatureMode::Content);
 CPPUNIT_ASSERT(aManager.maSignatureHelper.Init());
 uno::Reference  xStorage = 
comphelper::OStorageHelper::GetStorageOfFormatFromURL(ZIP_STORAGE_FORMAT_STRING,
 aTempFile.GetURL(), embed::ElementModes::READWRITE);
 CPPUNIT_ASSERT(xStorage.is());
@@ -253,7 +253,7 @@ void SigningTest::testOOXMLAppend()
 CPPUNIT_ASSERT_EQUAL(osl::File::RC::E_None,
  
osl::File::copy(m_directories.getURLFromSrc(DATA_DIRECTORY) + "partial.docx", 
aURL));
 // Load the test document as a storage and read its single signature.
-DocumentSignatureManager aManager(mxComponentContext, 
SignatureModeDocumentContent);
+DocumentSignatureManager aManager(mxComponentContext, 
DocumentSignatureMode::Content);
 CPPUNIT_ASSERT(aManager.maSignatureHelper.Init());
 uno::Reference  xStorage = 
comphelper::OStorageHelper::GetStorageOfFormatFromURL(ZIP_STORAGE_FORMAT_STRING,
 aURL, embed::ElementModes::READWRITE);
 CPPUNIT_ASSERT(xStorage.is());
@@ -278,7 +278,7 @@ void SigningTest::testOOXMLAppend()
 void SigningTest::testOOXMLRemove()
 {
 // Load the test document as a storage and read its signatures: purpose1 
and purpose2.
-

[Libreoffice-commits] core.git: xmlsecurity/inc xmlsecurity/qa xmlsecurity/source

2016-03-14 Thread Noel Grandin

 xmlsecurity/inc/xmlsecurity/biginteger.hxx|4 
 xmlsecurity/inc/xmlsecurity/sigstruct.hxx |6 
 xmlsecurity/inc/xmlsecurity/xmlsignaturehelper.hxx|   34 +-
 xmlsecurity/qa/certext/SanCertExt.cxx |2 
 xmlsecurity/source/component/certificatecontainer.cxx |   18 -
 xmlsecurity/source/component/documentdigitalsignatures.cxx|   16 
 xmlsecurity/source/component/documentdigitalsignatures.hxx|   66 
++--
 xmlsecurity/source/dialogs/certificatechooser.cxx |2 
 xmlsecurity/source/dialogs/digitalsignaturesdialog.cxx|   22 -
 xmlsecurity/source/dialogs/macrosecurity.cxx  |2 
 xmlsecurity/source/dialogs/resourcemanager.cxx|8 
 xmlsecurity/source/dialogs/resourcemanager.hxx|8 
 xmlsecurity/source/framework/buffernode.hxx   |   13 
 xmlsecurity/source/framework/decryptorimpl.hxx|   57 
+--
 xmlsecurity/source/framework/elementcollector.cxx |4 
 xmlsecurity/source/framework/elementcollector.hxx |   19 -
 xmlsecurity/source/framework/elementmark.hxx  |4 
 xmlsecurity/source/framework/encryptionengine.cxx |2 
 xmlsecurity/source/framework/encryptionengine.hxx |   19 -
 xmlsecurity/source/framework/encryptorimpl.hxx|   62 
+--
 xmlsecurity/source/framework/saxeventkeeperimpl.hxx   |  152 
-
 xmlsecurity/source/framework/securityengine.cxx   |8 
 xmlsecurity/source/framework/securityengine.hxx   |   25 -
 xmlsecurity/source/framework/signaturecreatorimpl.hxx |   57 
+--
 xmlsecurity/source/framework/signatureengine.cxx  |6 
 xmlsecurity/source/framework/signatureengine.hxx  |   35 --
 xmlsecurity/source/framework/signatureverifierimpl.hxx|   57 
+--
 xmlsecurity/source/framework/xmlencryptiontemplateimpl.cxx|   18 -
 xmlsecurity/source/framework/xmlencryptiontemplateimpl.hxx|   48 +-
 xmlsecurity/source/framework/xmlsignaturetemplateimpl.cxx |   35 --
 xmlsecurity/source/framework/xmlsignaturetemplateimpl.hxx |   60 
+--
 xmlsecurity/source/helper/documentsignaturehelper.cxx |6 
 xmlsecurity/source/helper/xmlsignaturehelper.cxx  |   18 -
 xmlsecurity/source/helper/xmlsignaturehelper2.cxx |   28 -
 xmlsecurity/source/helper/xmlsignaturehelper2.hxx |   66 
+---
 xmlsecurity/source/helper/xsecctl.cxx |   12 
 xmlsecurity/source/helper/xsecctl.hxx |   96 
++---
 xmlsecurity/source/helper/xsecparser.hxx  |   44 +-
 xmlsecurity/source/helper/xsecsign.cxx|6 
 xmlsecurity/source/helper/xsecverify.cxx  |2 
 xmlsecurity/source/xmlsec/certificateextension_xmlsecimpl.cxx |6 
 xmlsecurity/source/xmlsec/certificateextension_xmlsecimpl.hxx |   12 
 xmlsecurity/source/xmlsec/errorcallback.hxx   |2 
 xmlsecurity/source/xmlsec/mscrypt/sanextension_mscryptimpl.cxx|   12 
 xmlsecurity/source/xmlsec/mscrypt/sanextension_mscryptimpl.hxx|   16 
 xmlsecurity/source/xmlsec/mscrypt/securityenvironment_mscryptimpl.cxx |   34 +-
 xmlsecurity/source/xmlsec/mscrypt/securityenvironment_mscryptimpl.hxx |  114 
+++---
 xmlsecurity/source/xmlsec/mscrypt/seinitializer_mscryptimpl.hxx   |   41 +-
 xmlsecurity/source/xmlsec/mscrypt/x509certificate_mscryptimpl.cxx |   44 +-
 xmlsecurity/source/xmlsec/mscrypt/x509certificate_mscryptimpl.hxx |   55 
+--
 xmlsecurity/source/xmlsec/mscrypt/xmlencryption_mscryptimpl.cxx   |   16 
 xmlsecurity/source/xmlsec/mscrypt/xmlencryption_mscryptimpl.hxx   |   44 +-
 xmlsecurity/source/xmlsec/mscrypt/xmlsecuritycontext_mscryptimpl.cxx  |   18 -
 xmlsecurity/source/xmlsec/mscrypt/xmlsecuritycontext_mscryptimpl.hxx  |   42 +-
 xmlsecurity/source/xmlsec/mscrypt/xmlsignature_mscryptimpl.cxx|   22 -
 xmlsecurity/source/xmlsec/mscrypt/xmlsignature_mscryptimpl.hxx|   44 +-
 xmlsecurity/source/xmlsec/nss/ciphercontext.hxx   |   10 
 xmlsecurity/source/xmlsec/nss/digestcontext.hxx   |6 
 xmlsecurity/source/xmlsec/nss/nssinitializer.hxx  |   32 -
 xmlsecurity/source/xmlsec/nss/sanextension_nssimpl.cxx|   12 
 xmlsecurity/source/xmlsec/nss/sanextension_nssimpl.hxx|   16 
 xmlsecurity/source/xmlsec/nss/securityenvironment_nssimpl.cxx |   18 -

[Libreoffice-commits] core.git: xmlsecurity/inc xmlsecurity/qa xmlsecurity/source

[Libreoffice-commits] core.git: xmlsecurity/inc xmlsecurity/qa xmlsecurity/source

[Libreoffice-commits] core.git: xmlsecurity/inc xmlsecurity/qa xmlsecurity/source

[Libreoffice-commits] core.git: xmlsecurity/inc xmlsecurity/qa xmlsecurity/source

[Libreoffice-commits] core.git: xmlsecurity/inc xmlsecurity/qa xmlsecurity/source

[Libreoffice-commits] core.git: xmlsecurity/inc xmlsecurity/qa xmlsecurity/source

[Libreoffice-commits] core.git: xmlsecurity/inc xmlsecurity/qa xmlsecurity/source xmlsecurity/uiconfig

[Libreoffice-commits] core.git: xmlsecurity/inc xmlsecurity/qa xmlsecurity/source

[Libreoffice-commits] core.git: xmlsecurity/inc xmlsecurity/qa xmlsecurity/source

[Libreoffice-commits] core.git: xmlsecurity/inc xmlsecurity/qa xmlsecurity/source

[Libreoffice-commits] core.git: xmlsecurity/inc xmlsecurity/qa xmlsecurity/source

11 matches

Site Navigation

Mail list logo

Footer information