[Libreoffice-commits] core.git: 2 commits - xmlsecurity/source

2023-01-13 Thread Noel Grandin (via logerrit) 
 xmlsecurity/source/xmlsec/mscrypt/securityenvironment_mscryptimpl.cxx |   13 
++
 xmlsecurity/source/xmlsec/mscrypt/securityenvironment_mscryptimpl.hxx |7 
-
 xmlsecurity/source/xmlsec/mscrypt/seinitializer_mscryptimpl.cxx   |3 --
 xmlsecurity/source/xmlsec/mscrypt/x509certificate_mscryptimpl.cxx |3 --
 xmlsecurity/source/xmlsec/mscrypt/x509certificate_mscryptimpl.hxx |5 
---
 xmlsecurity/source/xmlsec/mscrypt/xmlsignature_mscryptimpl.cxx|6 
+---
 6 files changed, 7 insertions(+), 30 deletions(-)

New commits:
commit 1fd4e669a99225459fc3b5bf082487c2644ce691
Author: Noel Grandin 
AuthorDate: Fri Jan 13 15:30:14 2023 +0200
Commit: Noel Grandin 
CommitDate: Fri Jan 13 15:52:33 2023 +

XUnoTunnel->dynamic_cast in X509Certificate_MSCryptImpl

Change-Id: If61114df98f4096798281a28ffcdf58168ff7fdc
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/145475
Tested-by: Jenkins
Reviewed-by: Noel Grandin 

diff --git 
a/xmlsecurity/source/xmlsec/mscrypt/securityenvironment_mscryptimpl.cxx 
b/xmlsecurity/source/xmlsec/mscrypt/securityenvironment_mscryptimpl.cxx
index cad73681efff..68b29fd2d3c7 100644
--- a/xmlsecurity/source/xmlsec/mscrypt/securityenvironment_mscryptimpl.cxx
+++ b/xmlsecurity/source/xmlsec/mscrypt/securityenvironment_mscryptimpl.cxx
@@ -584,8 +584,7 @@ uno::Sequence< uno::Reference < XCertificate > > 
SecurityEnvironment_MSCryptImpl
 chainPara.cbSize = sizeof( CERT_CHAIN_PARA ) ;
 chainPara.RequestedUsage = certUsage ;
 
-uno::Reference< XUnoTunnel > xCertTunnel( begin, uno::UNO_QUERY_THROW ) ;
-const auto* xcert = 
comphelper::getFromUnoTunnel(xCertTunnel);
+const auto* xcert = 
dynamic_cast(begin.get());
 if( xcert == nullptr ) {
 throw uno::RuntimeException() ;
 }
@@ -805,11 +804,9 @@ sal_Int32 
SecurityEnvironment_MSCryptImpl::verifyCertificate(
 PCCERT_CHAIN_CONTEXT pChainContext = nullptr;
 PCCERT_CONTEXT pCertContext = nullptr;
 
-uno::Reference< XUnoTunnel > xCertTunnel( aCert, uno::UNO_QUERY_THROW ) ;
-
 SAL_INFO("xmlsecurity.xmlsec", "Start verification of certificate: " << 
aCert->getSubjectName());
 
-const auto* xcert = 
comphelper::getFromUnoTunnel(xCertTunnel);
+const auto* xcert = 
dynamic_cast(aCert.get());
 if( xcert == nullptr ) {
 throw uno::RuntimeException() ;
 }
@@ -973,8 +970,7 @@ sal_Int32 
SecurityEnvironment_MSCryptImpl::getCertificateCharacters( const css::
 sal_Int32 characters ;
 PCCERT_CONTEXT pCertContext ;
 
-uno::Reference< XUnoTunnel > xCertTunnel( aCert, uno::UNO_QUERY_THROW ) ;
-const auto* xcert = 
comphelper::getFromUnoTunnel(xCertTunnel);
+const auto* xcert = 
dynamic_cast(aCert.get());
 if( xcert == nullptr ) {
 throw uno::RuntimeException() ;
 }
diff --git a/xmlsecurity/source/xmlsec/mscrypt/x509certificate_mscryptimpl.cxx 
b/xmlsecurity/source/xmlsec/mscrypt/x509certificate_mscryptimpl.cxx
index 88bf6169bf11..9c671d0c21c0 100644
--- a/xmlsecurity/source/xmlsec/mscrypt/x509certificate_mscryptimpl.cxx
+++ b/xmlsecurity/source/xmlsec/mscrypt/x509certificate_mscryptimpl.cxx
@@ -457,9 +457,6 @@ void X509Certificate_MSCryptImpl::setRawCert( Sequence< 
sal_Int8 > const & rawCe
 }
 }
 
-/* XUnoTunnel */
-UNO3_GETIMPLEMENTATION_IMPL(X509Certificate_MSCryptImpl);
-
 static OUString findOIDDescription(char const *oid)
 {
 OUString ouOID = OUString::createFromAscii( oid );
diff --git a/xmlsecurity/source/xmlsec/mscrypt/x509certificate_mscryptimpl.hxx 
b/xmlsecurity/source/xmlsec/mscrypt/x509certificate_mscryptimpl.hxx
index 9bd6a34ce68e..ba02281794f6 100644
--- a/xmlsecurity/source/xmlsec/mscrypt/x509certificate_mscryptimpl.hxx
+++ b/xmlsecurity/source/xmlsec/mscrypt/x509certificate_mscryptimpl.hxx
@@ -30,7 +30,6 @@
 #include 
 #include 
 #include 
-#include 
 #include 
 #include 
 #include 
@@ -39,7 +38,6 @@
 
 class X509Certificate_MSCryptImpl : public ::cppu::WeakImplHelper<
 css::security::XCertificate ,
-css::lang::XUnoTunnel,
 css::lang::XServiceInfo > , public xmlsecurity::Certificate
 {
 private:
@@ -72,9 +70,6 @@ class X509Certificate_MSCryptImpl : public 
::cppu::WeakImplHelper<
 
 virtual sal_Int32 SAL_CALL getCertificateUsage( ) override;
 
-//Methods from XUnoTunnel
-UNO3_GETIMPLEMENTATION_DECL(X509Certificate_MSCryptImpl)
-
 /// @see xmlsecurity::Certificate::getSHA256Thumbprint().
 virtual css::uno::Sequence getSHA256Thumbprint() override;
 
commit 817dc69bb6c96f7494510cd45262aae677323a47
Author: Noel Grandin 
AuthorDate: Fri Jan 13 15:27:02 2023 +0200
Commit: Noel Grandin 
CommitDate: Fri Jan 13 15:52:25 2023 +

XUnoTunnel->dynamic_cast in SecurityEnvironment_MSCryptImpl

Change-Id: Idb013bd71b2a90cd6fb8927b199eb36e9bfd9c06
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/145474
Tested-by: Jenkins
Reviewed-by: Noel Grandin 

diff --git

[Libreoffice-commits] core.git: 2 commits - xmlsecurity/source

2022-11-05 Thread Caolán McNamara (via logerrit) 
 xmlsecurity/source/xmlsec/nss/securityenvironment_nssimpl.cxx |7 +--
 1 file changed, 5 insertions(+), 2 deletions(-)

New commits:
commit 3635f65a65da6198d770d5148b68a81c271b9169
Author: Caolán McNamara 
AuthorDate: Sat Nov 5 15:02:16 2022 +
Commit: Caolán McNamara 
CommitDate: Sat Nov 5 21:00:53 2022 +0100

fix a potential mem leak

Change-Id: Ibc5f978b0db17e9e3fc633e843f476052570edfc
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/142332
Tested-by: Jenkins
Reviewed-by: Caolán McNamara 

diff --git a/xmlsecurity/source/xmlsec/nss/securityenvironment_nssimpl.cxx 
b/xmlsecurity/source/xmlsec/nss/securityenvironment_nssimpl.cxx
index 3aa9cab78a51..990ea86a9bbb 100644
--- a/xmlsecurity/source/xmlsec/nss/securityenvironment_nssimpl.cxx
+++ b/xmlsecurity/source/xmlsec/nss/securityenvironment_nssimpl.cxx
@@ -477,7 +477,10 @@ Reference< XCertificate > 
SecurityEnvironment_NssImpl::createCertificateFromAsci
 xmlSecSize certSize;
 int nRet = xmlSecBase64Decode_ex( chCert, 
reinterpret_cast(chCert), xmlStrlen( chCert ),  ) ;
 if (nRet < 0 || certSize == 0)
+{
+xmlFree(chCert);
 return nullptr;
+}
 
 Sequence< sal_Int8 > rawCert(comphelper::arrayToSequence(chCert, 
certSize)) ;
 
commit 5336952fc7fa6f8e1ae9652f59c87e29693694d4
Author: Caolán McNamara 
AuthorDate: Sat Nov 5 15:01:08 2022 +
Commit: Caolán McNamara 
CommitDate: Sat Nov 5 21:00:37 2022 +0100

cid#1516654 Unchecked return value

Change-Id: I19fcac7f1c4dff3bd18fe0cee0188e207edd4251
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/142330
Tested-by: Jenkins
Reviewed-by: Caolán McNamara 

diff --git a/xmlsecurity/source/xmlsec/nss/securityenvironment_nssimpl.cxx 
b/xmlsecurity/source/xmlsec/nss/securityenvironment_nssimpl.cxx
index 97f2ce3b4ea7..3aa9cab78a51 100644
--- a/xmlsecurity/source/xmlsec/nss/securityenvironment_nssimpl.cxx
+++ b/xmlsecurity/source/xmlsec/nss/securityenvironment_nssimpl.cxx
@@ -475,8 +475,8 @@ Reference< XCertificate > 
SecurityEnvironment_NssImpl::createCertificateFromAsci
 OString oscert = OUStringToOString( asciiCertificate , 
RTL_TEXTENCODING_ASCII_US ) ;
 xmlChar* chCert = xmlStrndup( reinterpret_cast(oscert.getStr()), static_cast(oscert.getLength()) ) ;
 xmlSecSize certSize;
-xmlSecBase64Decode_ex( chCert, reinterpret_cast(chCert), 
xmlStrlen( chCert ),  ) ;
-if (certSize == 0)
+int nRet = xmlSecBase64Decode_ex( chCert, 
reinterpret_cast(chCert), xmlStrlen( chCert ),  ) ;
+if (nRet < 0 || certSize == 0)
 return nullptr;
 
 Sequence< sal_Int8 > rawCert(comphelper::arrayToSequence(chCert, 
certSize)) ;

[Libreoffice-commits] core.git: 2 commits - xmlsecurity/source

2021-07-26 Thread Caolán McNamara (via logerrit) 
 xmlsecurity/source/helper/ooxmlsecparser.cxx |  156 ++---
 xmlsecurity/source/helper/xsecparser.cxx |  194 +--
 2 files changed, 175 insertions(+), 175 deletions(-)

New commits:
commit 4ce8c219fc4cc252e4f2546c2a59ee0447efa7ee
Author: Caolán McNamara 
AuthorDate: Mon Jul 26 19:44:38 2021 +0100
Commit: Caolán McNamara 
CommitDate: Mon Jul 26 22:44:37 2021 +0200

cid#1489423 Big parameter passed by value

and

cid#1489424 Big parameter passed by value
cid#1489425 Big parameter passed by value
cid#1489427 Big parameter passed by value
cid#1489432 Big parameter passed by value
cid#1489435 Big parameter passed by value
cid#1489436 Big parameter passed by value
cid#1489439 Big parameter passed by value
cid#1489441 Big parameter passed by value
cid#1489443 Big parameter passed by value
cid#1489445 Big parameter passed by value
cid#1489451 Big parameter passed by value
cid#1489459 Big parameter passed by value
cid#1489462 Big parameter passed by value
cid#1489463 Big parameter passed by value
cid#1489465 Big parameter passed by value
cid#1489467 Big parameter passed by value
cid#1489468 Big parameter passed by value
cid#1489469 Big parameter passed by value
cid#1489473 Big parameter passed by value
cid#1489475 Big parameter passed by value
cid#1489476 Big parameter passed by value
cid#1489477 Big parameter passed by value
cid#1489479 Big parameter passed by value
cid#1489481 Big parameter passed by value
cid#1489489 Big parameter passed by value
cid#1489491 Big parameter passed by value
cid#1489493 Big parameter passed by value
cid#1489495 Big parameter passed by value
cid#1489498 Big parameter passed by value
cid#1489501 Big parameter passed by value
cid#1489504 Big parameter passed by value
cid#1489508 Big parameter passed by value
cid#1489509 Big parameter passed by value
cid#1489513 Big parameter passed by value
cid#1489516 Big parameter passed by value
cid#1489518 Big parameter passed by value
cid#1489521 Big parameter passed by value
cid#1489533 Big parameter passed by value
cid#1489534 Big parameter passed by value
cid#1489537 Big parameter passed by value
cid#1489538 Big parameter passed by value
cid#1489540 Big parameter passed by value

Change-Id: If613144a64087b4e0459f5935e1adbcb0e0330b8
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/119531
Tested-by: Jenkins
Reviewed-by: Caolán McNamara 

diff --git a/xmlsecurity/source/helper/xsecparser.cxx 
b/xmlsecurity/source/helper/xsecparser.cxx
index f12e7031e349..2e07a1d14f8c 100644
--- a/xmlsecurity/source/helper/xsecparser.cxx
+++ b/xmlsecurity/source/helper/xsecparser.cxx
@@ -39,8 +39,8 @@ class XSecParser::Context
 std::optional m_pOldNamespaceMap;
 
 public:
-Context(XSecParser & rParser,
-std::optional pOldNamespaceMap)
+Context(XSecParser& rParser,
+std::optional&& pOldNamespaceMap)
 : m_rParser(rParser)
 , m_pOldNamespaceMap(std::move(pOldNamespaceMap))
 {
@@ -74,8 +74,8 @@ class XSecParser::UnknownContext
 : public XSecParser::Context
 {
 public:
-UnknownContext(XSecParser & rParser,
-std::optional pOldNamespaceMap)
+UnknownContext(XSecParser& rParser,
+std::optional&& pOldNamespaceMap)
 : XSecParser::Context(rParser, std::move(pOldNamespaceMap))
 {
 }
@@ -113,8 +113,8 @@ class XSecParser::ReferencedContextImpl
 bool m_isReferenced;
 
 public:
-ReferencedContextImpl(XSecParser & rParser,
-std::optional pOldNamespaceMap,
+ReferencedContextImpl(XSecParser& rParser,
+std::optional&& pOldNamespaceMap,
 bool const isReferenced)
 : XSecParser::Context(rParser, std::move(pOldNamespaceMap))
 , m_isReferenced(isReferenced)
@@ -139,8 +139,8 @@ class XSecParser::LoPGPOwnerContext
 OUString m_Value;
 
 public:
-LoPGPOwnerContext(XSecParser & rParser,
-std::optional pOldNamespaceMap)
+LoPGPOwnerContext(XSecParser& rParser,
+std::optional&& pOldNamespaceMap)
 : XSecParser::Context(rParser, std::move(pOldNamespaceMap))
 {
 }
@@ -163,8 +163,8 @@ class XSecParser::DsPGPKeyPacketContext
 OUString m_Value;
 
 public:
-DsPGPKeyPacketContext(XSecParser & rParser,
-std::optional pOldNamespaceMap)
+DsPGPKeyPacketContext(XSecParser& rParser,
+std::optional&& pOldNamespaceMap)
 : XSecParser::Context(rParser, std::move(pOldNamespaceMap))
 {
 }
@@ -187,8 +187,8 @@ class XSecParser::DsPGPKeyIDContext
 OUString m_Value;
 
 public:
-

[Libreoffice-commits] core.git: 2 commits - xmlsecurity/source

2018-10-20 Thread Libreoffice Gerrit user 
 xmlsecurity/source/dialogs/digitalsignaturesdialog.cxx|   63 
--
 xmlsecurity/source/xmlsec/mscrypt/securityenvironment_mscryptimpl.cxx |4 
 2 files changed, 33 insertions(+), 34 deletions(-)

New commits:
commit fc6dd83ba24a9fed9c61caddfba701d6835bc80c
Author: Caolán McNamara 
AuthorDate: Fri Oct 19 16:13:27 2018 +0100
Commit: Caolán McNamara 
CommitDate: Sat Oct 20 19:51:39 2018 +0200

pvs-studio: Expression 'pCertContext' is always true.

Change-Id: Iefd9b082e44dc22e9bd7fb2856f44c8db6d8482f
Reviewed-on: https://gerrit.libreoffice.org/62051
Tested-by: Jenkins
Reviewed-by: Caolán McNamara 
Tested-by: Caolán McNamara 

diff --git 
a/xmlsecurity/source/xmlsec/mscrypt/securityenvironment_mscryptimpl.cxx 
b/xmlsecurity/source/xmlsec/mscrypt/securityenvironment_mscryptimpl.cxx
index 2a545ba568b5..5e6dfcb93a99 100644
--- a/xmlsecurity/source/xmlsec/mscrypt/securityenvironment_mscryptimpl.cxx
+++ b/xmlsecurity/source/xmlsec/mscrypt/securityenvironment_mscryptimpl.cxx
@@ -589,8 +589,8 @@ uno::Reference< XCertificate > 
SecurityEnvironment_MSCryptImpl::getCertificate(
 if( certInfo.Issuer.pbData ) free( certInfo.Issuer.pbData ) ;
 
 if( pCertContext != nullptr ) {
-xcert = MswcryCertContextToXCert( pCertContext ) ;
-if( pCertContext ) CertFreeCertificateContext( pCertContext ) ;
+xcert = MswcryCertContextToXCert(pCertContext);
+CertFreeCertificateContext(pCertContext);
 } else {
 xcert = nullptr ;
 }
commit f9ccf6216022dcaf70bd01e51feb5c88b5f03731
Author: Caolán McNamara 
AuthorDate: Fri Oct 19 16:22:08 2018 +0100
Commit: Caolán McNamara 
CommitDate: Sat Oct 20 19:51:27 2018 +0200

rework to check cPath against nullptr only on !WNT

Change-Id: Iaca0d47b07f4b31b70ddeccb87f0f84019be81cd
Reviewed-on: https://gerrit.libreoffice.org/62055
Tested-by: Jenkins
Reviewed-by: Caolán McNamara 
Tested-by: Caolán McNamara 

diff --git a/xmlsecurity/source/dialogs/digitalsignaturesdialog.cxx 
b/xmlsecurity/source/dialogs/digitalsignaturesdialog.cxx
index 61300fdf6156..98f9bd1da127 100644
--- a/xmlsecurity/source/dialogs/digitalsignaturesdialog.cxx
+++ b/xmlsecurity/source/dialogs/digitalsignaturesdialog.cxx
@@ -501,41 +501,40 @@ IMPL_STATIC_LINK(DigitalSignaturesDialog, 
CertMgrButtonHdl, Button*, pButton, vo
 #else
 const OUString aGUIServers[] = { OUString("kleopatra"), 
OUString("seahorse"),  OUString("gpa"), OUString("kgpg") };
 const char* cPath = getenv("PATH");
+if (!cPath)
+return;
 #endif
 
-if (cPath)
+OUString aPath(cPath, strlen(cPath), osl_getThreadTextEncoding());
+OUString sFoundGUIServer, sExecutable;
+
+for ( auto const  : aGUIServers )
+{
+osl::FileBase::RC searchError = osl::File::searchFileURL(rServer, 
aPath, sFoundGUIServer );
+if (searchError == osl::FileBase::E_None)
+{
+osl::File::getSystemPathFromFileURL( sFoundGUIServer, sExecutable 
);
+break;
+}
+
+}
+
+if ( !sExecutable.isEmpty() )
+{
+uno::Reference< uno::XComponentContext > xContext =
+::comphelper::getProcessComponentContext();
+uno::Reference< css::system::XSystemShellExecute > xSystemShell(
+ css::system::SystemShellExecute::create(xContext) );
+
+xSystemShell->execute( sExecutable, OUString(),
+css::system::SystemShellExecuteFlags::DEFAULTS );
+}
+else
 {
-   OUString aPath(cPath, strlen(cPath), osl_getThreadTextEncoding());
-   OUString sFoundGUIServer, sExecutable;
-
-   for ( auto const  : aGUIServers )
-   {
-   osl::FileBase::RC searchError = osl::File::searchFileURL(rServer, 
aPath, sFoundGUIServer );
-   if (searchError == osl::FileBase::E_None)
-   {
-   osl::File::getSystemPathFromFileURL( sFoundGUIServer, 
sExecutable );
-   break;
-   }
-
-   }
-
-   if ( !sExecutable.isEmpty() )
-   {
-   uno::Reference< uno::XComponentContext > xContext =
-   ::comphelper::getProcessComponentContext();
-   uno::Reference< css::system::XSystemShellExecute > xSystemShell(
-css::system::SystemShellExecute::create(xContext) );
-
-   xSystemShell->execute( sExecutable, OUString(),
-   css::system::SystemShellExecuteFlags::DEFAULTS );
-   }
-   else
-   {
-   std::unique_ptr 
xInfoBox(Application::CreateMessageDialog(pButton->GetFrameWeld(),
- VclMessageType::Info, 
VclButtonsType::Ok,
- 
XsResId(STR_XMLSECDLG_NO_CERT_MANAGER)));
-   xInfoBox->run();
-   }
+std::unique_ptr 
xInfoBox(Application::CreateMessageDialog(pButton->GetFrameWeld(),
+  VclMessageType::Info,

[Libreoffice-commits] core.git: 2 commits - xmlsecurity/source

2016-12-21 Thread Tor Lillqvist 
 xmlsecurity/source/xmlsec/mscrypt/securityenvironment_mscryptimpl.cxx |   66 
--
 xmlsecurity/source/xmlsec/mscrypt/securityenvironment_mscryptimpl.hxx |9 -
 2 files changed, 1 insertion(+), 74 deletions(-)

New commits:
commit 317278525afbaca6d1f0f49b36046b419032733c
Author: Tor Lillqvist 
Date:   Wed Dec 21 17:45:45 2016 +0200

Bin now unused fields

Change-Id: Ie2179bc61ca59a5f5ea2bed1c5c0b2c1dea55474

diff --git 
a/xmlsecurity/source/xmlsec/mscrypt/securityenvironment_mscryptimpl.cxx 
b/xmlsecurity/source/xmlsec/mscrypt/securityenvironment_mscryptimpl.cxx
index 2c76152..599cebf 100644
--- a/xmlsecurity/source/xmlsec/mscrypt/securityenvironment_mscryptimpl.cxx
+++ b/xmlsecurity/source/xmlsec/mscrypt/securityenvironment_mscryptimpl.cxx
@@ -105,7 +105,7 @@ void traceTrustStatus(DWORD err)
 }
 }
 
-SecurityEnvironment_MSCryptImpl::SecurityEnvironment_MSCryptImpl( const 
Reference< XMultiServiceFactory >& aFactory ) : m_hProv( NULL ) , 
m_pszContainer( nullptr ) , m_hKeyStore( nullptr ), m_hCertStore( nullptr ), 
m_hMySystemStore(nullptr), m_hRootSystemStore(nullptr), 
m_hTrustSystemStore(nullptr), m_hCaSystemStore(nullptr), m_bEnableDefault( 
false ), m_tSymKeyList() , m_tPubKeyList() , m_xServiceManager( aFactory ){
+SecurityEnvironment_MSCryptImpl::SecurityEnvironment_MSCryptImpl( const 
Reference< XMultiServiceFactory >& aFactory ) : m_hProv( NULL ) , 
m_pszContainer( nullptr ) , m_hKeyStore( nullptr ), m_hCertStore( nullptr ), 
m_hMySystemStore(nullptr), m_hRootSystemStore(nullptr), 
m_hTrustSystemStore(nullptr), m_hCaSystemStore(nullptr), m_bEnableDefault( 
false ), m_xServiceManager( aFactory ){
 
 }
 
@@ -151,20 +151,6 @@ 
SecurityEnvironment_MSCryptImpl::~SecurityEnvironment_MSCryptImpl() {
 CertCloseStore( m_hCaSystemStore, CERT_CLOSE_STORE_CHECK_FLAG ) ;
 m_hCaSystemStore = nullptr ;
 }
-
-if( !m_tSymKeyList.empty()  ) {
-std::list< HCRYPTKEY >::iterator symKeyIt ;
-
-for( symKeyIt = m_tSymKeyList.begin() ; symKeyIt != 
m_tSymKeyList.end() ; ++symKeyIt )
-CryptDestroyKey( *symKeyIt ) ;
-}
-
-if( !m_tPubKeyList.empty()  ) {
-std::list< HCRYPTKEY >::iterator pubKeyIt ;
-
-for( pubKeyIt = m_tPubKeyList.begin() ; pubKeyIt != 
m_tPubKeyList.end() ; ++pubKeyIt )
-CryptDestroyKey( *pubKeyIt ) ;
-}
 }
 
 /* XServiceInfo */
diff --git 
a/xmlsecurity/source/xmlsec/mscrypt/securityenvironment_mscryptimpl.hxx 
b/xmlsecurity/source/xmlsec/mscrypt/securityenvironment_mscryptimpl.hxx
index 725da0d..3f4129a 100644
--- a/xmlsecurity/source/xmlsec/mscrypt/securityenvironment_mscryptimpl.hxx
+++ b/xmlsecurity/source/xmlsec/mscrypt/securityenvironment_mscryptimpl.hxx
@@ -75,10 +75,6 @@ class SecurityEnvironment_MSCryptImpl : public 
::cppu::WeakImplHelper<
 //Enable default system cryptography setting
 boolm_bEnableDefault ;
 
-//External keys
-std::list< HCRYPTKEY >  m_tSymKeyList ;
-std::list< HCRYPTKEY >  m_tPubKeyList ;
-
 //Service manager
 css::uno::Reference< css::lang::XMultiServiceFactory > 
m_xServiceManager ;
 
commit 62fe303d167fbfe99d41cfa625942486e65fbe06
Author: Tor Lillqvist 
Date:   Wed Dec 21 17:44:11 2016 +0200

Bin now unused functions

Change-Id: I515279becbb219c94a52bb1ebf9d1ab33402dae0

diff --git 
a/xmlsecurity/source/xmlsec/mscrypt/securityenvironment_mscryptimpl.cxx 
b/xmlsecurity/source/xmlsec/mscrypt/securityenvironment_mscryptimpl.cxx
index 9da1520..2c76152 100644
--- a/xmlsecurity/source/xmlsec/mscrypt/securityenvironment_mscryptimpl.cxx
+++ b/xmlsecurity/source/xmlsec/mscrypt/securityenvironment_mscryptimpl.cxx
@@ -294,56 +294,6 @@ void SecurityEnvironment_MSCryptImpl::setCertDb( 
HCERTSTORE aCertDb ) throw( Exc
 }
 }
 
-void SecurityEnvironment_MSCryptImpl::adoptSymKey( HCRYPTKEY aSymKey ) throw( 
Exception , RuntimeException ) {
-HCRYPTKEY   symkey ;
-std::list< HCRYPTKEY >::iterator keyIt ;
-
-if( aSymKey != NULL ) {
-//First try to find the key in the list
-for( keyIt = m_tSymKeyList.begin() ; keyIt != m_tSymKeyList.end() ; 
++keyIt ) {
-if( *keyIt == aSymKey )
-return ;
-}
-
-//If we do not find the key in the list, add a new node
-symkey = aSymKey ;
-
-try {
-m_tSymKeyList.push_back( symkey ) ;
-} catch ( Exception& ) {
-CryptDestroyKey( symkey ) ;
-}
-}
-}
-
-HCRYPTKEY SecurityEnvironment_MSCryptImpl::getSymKey( unsigned int position ) 
throw( Exception , RuntimeException ) {
-HCRYPTKEY symkey ;
-std::list< HCRYPTKEY >::iterator keyIt ;
-unsigned int pos ;
-
-symkey = NULL ;
-for( pos = 0, keyIt = m_tSymKeyList.begin() ; pos < position && keyIt != 
m_tSymKeyList.end() ; ++pos , ++keyIt ) ;
-
-if( pos == position && keyIt !=

[Libreoffice-commits] core.git: 2 commits - xmlsecurity/source

2016-11-15 Thread Tor Lillqvist 
 xmlsecurity/source/helper/xsecctl.cxx  |4 +++-
 xmlsecurity/source/helper/xsecsign.cxx |6 ++
 2 files changed, 9 insertions(+), 1 deletion(-)

New commits:
commit 087705c72dcf555951c49b95476568adbab74edf
Author: Tor Lillqvist 
Date:   Tue Nov 15 21:12:11 2016 +0200

Add the Target for xd:QualifyingProperties

Change-Id: Ic15c34c77ff24a506b59ed02db3cfbb6722d0f25

diff --git a/xmlsecurity/source/helper/xsecctl.cxx 
b/xmlsecurity/source/helper/xsecctl.cxx
index 46de812..2223ef0 100644
--- a/xmlsecurity/source/helper/xsecctl.cxx
+++ b/xmlsecurity/source/helper/xsecctl.cxx
@@ -883,9 +883,11 @@ void XSecController::exportSignature(
 "Object",
 cssu::Reference< cssxs::XAttributeList > (pAttributeList));
 {
+pAttributeList = new SvXMLAttributeList();
+pAttributeList->AddAttribute("Target", "#" + 
signatureInfo.ouSignatureId);
 xDocumentHandler->startElement(
 "xd:QualifyingProperties",
-cssu::Reference< cssxs::XAttributeList > (new 
SvXMLAttributeList()));
+cssu::Reference< cssxs::XAttributeList > (pAttributeList));
 
DocumentSignatureHelper::writeSignedProperties(xDocumentHandler, signatureInfo, 
sDate);
 writeUnsignedProperties(xDocumentHandler, signatureInfo);
 xDocumentHandler->endElement( "xd:QualifyingProperties" );
commit 108b0a5e37d649ee8b2b41a6695e03032d648226
Author: Tor Lillqvist 
Date:   Tue Nov 15 20:16:07 2016 +0200

Sign also the xd:SignedProperties

Change-Id: If5793cd8a721ac5b4fce5280b6180f2827c72501

diff --git a/xmlsecurity/source/helper/xsecsign.cxx 
b/xmlsecurity/source/helper/xsecsign.cxx
index a838a9c..a43e75b 100644
--- a/xmlsecurity/source/helper/xsecsign.cxx
+++ b/xmlsecurity/source/helper/xsecsign.cxx
@@ -168,6 +168,12 @@ cssu::Reference< cssxc::sax::XReferenceResolvedListener > 
XSecController::prepar
 
internalSignatureInfor.addReference(SignatureReferenceType::SAMEDOCUMENT, 
digestID, internalSignatureInfor.signatureInfor.ouPropertyId, -1 );
 size++;
 
+if (bXAdESCompliantIfODF)
+{
+
internalSignatureInfor.addReference(SignatureReferenceType::SAMEDOCUMENT, 
digestID, "idSignedProperties", -1);
+size++;
+}
+
 if (!internalSignatureInfor.signatureInfor.ouDescription.isEmpty())
 {
 // Only mention the hash of the description in the signature if 
it's non-empty.
___
Libreoffice-commits mailing list
libreoffice-comm...@lists.freedesktop.org
https://lists.freedesktop.org/mailman/listinfo/libreoffice-commits

[Libreoffice-commits] core.git: 2 commits - xmlsecurity/source

2016-11-09 Thread Miklos Vajna 
 xmlsecurity/source/pdfio/pdfdocument.cxx |  380 +++
 1 file changed, 289 insertions(+), 91 deletions(-)

New commits:
commit 2a7e39eac2f44ad48455c8a5c04242b1fc92c726
Author: Miklos Vajna 
Date:   Wed Nov 9 15:49:35 2016 +0100

xmlsecurity PDF sign: conditionally write xref stream

In case the input document used a PDF 1.5 xref stream, not an old xref
table, then write that as part of the incremental update. Acrobat seems
to require this.

Change-Id: I9f1f73140c26308f8720aa1ffe1b905d0e60ede0
Reviewed-on: https://gerrit.libreoffice.org/30724
Tested-by: Jenkins 
Reviewed-by: Miklos Vajna 

diff --git a/xmlsecurity/source/pdfio/pdfdocument.cxx 
b/xmlsecurity/source/pdfio/pdfdocument.cxx
index 3b90bf3..8bd942f 100644
--- a/xmlsecurity/source/pdfio/pdfdocument.cxx
+++ b/xmlsecurity/source/pdfio/pdfdocument.cxx
@@ -667,80 +667,197 @@ bool PDFDocument::Sign(const 
uno::Reference& xCertificat
 m_aEditBuffer.WriteCharPtr(">>\nendobj\n\n");
 }
 
-// Write the xref table.
 sal_uInt64 nXRefOffset = m_aEditBuffer.Tell();
-m_aEditBuffer.WriteCharPtr("xref\n");
-for (const auto& rXRef : m_aXRef)
-{
-size_t nObject = rXRef.first;
-size_t nOffset = rXRef.second.m_nOffset;
-if (!rXRef.second.m_bDirty)
-continue;
-
-m_aEditBuffer.WriteUInt32AsString(nObject);
-m_aEditBuffer.WriteCharPtr(" 1\n");
-OStringBuffer aBuffer;
-aBuffer.append(static_cast(nOffset));
-while (aBuffer.getLength() < 10)
-aBuffer.insert(0, "0");
-if (nObject == 0)
-aBuffer.append(" 65535 f \n");
-else
-aBuffer.append(" 0 n \n");
-m_aEditBuffer.WriteOString(aBuffer.toString());
-}
-
-// Write the trailer.
-m_aEditBuffer.WriteCharPtr("trailer\nGetGenerationValue());
-m_aEditBuffer.WriteCharPtr(" R\n");
-PDFReferenceElement* pInfo = nullptr;
 if (m_pXRefStream)
-pInfo = 
dynamic_cast(m_pXRefStream->Lookup("Info"));
-else
-pInfo = dynamic_cast(m_pTrailer->Lookup("Info"));
-if (pInfo)
 {
-m_aEditBuffer.WriteCharPtr("/Info ");
-m_aEditBuffer.WriteUInt32AsString(pInfo->GetObjectValue());
+// Write the xref stream.
+// This is a bit meta: the xref stream stores its own offset.
+sal_Int32 nXRefStreamId = m_aXRef.size();
+XRefEntry aXRefStreamEntry;
+aXRefStreamEntry.m_nOffset = nXRefOffset;
+aXRefStreamEntry.m_bDirty = true;
+m_aXRef[nXRefStreamId] = aXRefStreamEntry;
+
+// Write stream data.
+SvMemoryStream aXRefStream;
+for (const auto& rXRef : m_aXRef)
+{
+const XRefEntry& rEntry = rXRef.second;
+
+if (!rEntry.m_bDirty)
+continue;
+
+// First field.
+unsigned char nType = 0;
+switch (rEntry.m_eType)
+{
+case XRefEntryType::FREE:
+nType = 0;
+break;
+case XRefEntryType::NOT_COMPRESSED:
+nType = 1;
+break;
+case XRefEntryType::COMPRESSED:
+nType = 2;
+break;
+}
+aXRefStream.WriteUChar(nType);
+
+// Second field.
+const size_t nOffsetLen = 3;
+for (size_t i = 0; i < nOffsetLen; ++i)
+{
+size_t nByte = nOffsetLen - i - 1;
+// Fields requiring more than one byte are stored with the
+// high-order byte first.
+unsigned char nCh = (rEntry.m_nOffset & (0xff << (nByte * 8))) 
>> (nByte * 8);
+aXRefStream.WriteUChar(nCh);
+}
+
+// Third field.
+aXRefStream.WriteUChar(0);
+}
+
+m_aEditBuffer.WriteUInt32AsString(nXRefStreamId);
+m_aEditBuffer.WriteCharPtr(" 0 obj\n<<");
+
+// ID.
+auto pID = dynamic_cast(m_pXRefStream->Lookup("ID"));
+if (pID)
+{
+const std::vector& rElements = pID->GetElements();
+m_aEditBuffer.WriteCharPtr("/ID [ <");
+for (size_t i = 0; i < rElements.size(); ++i)
+{
+auto pIDString = 
dynamic_cast(rElements[i]);
+if (!pIDString)
+continue;
+
+m_aEditBuffer.WriteOString(pIDString->GetValue());
+if ((i + 1) < rElements.size())
+m_aEditBuffer.WriteCharPtr("> <");
+}
+m_aEditBuffer.WriteCharPtr("> ] ");
+}
+
+// Index.
+

[Libreoffice-commits] core.git: 2 commits - xmlsecurity/source

2016-10-17 Thread Miklos Vajna 
 xmlsecurity/source/helper/pdfsignaturehelper.cxx |   17 +
 xmlsecurity/source/pdfio/pdfdocument.cxx |   74 ---
 2 files changed, 70 insertions(+), 21 deletions(-)

New commits:
commit d19cb7f5974216d3c52f758f00557a001dd1bd40
Author: Miklos Vajna 
Date:   Mon Oct 17 08:13:03 2016 +0200

xmlsecurity: detect if PDF signature doesn't sign the whole file

For ODF signatures we require that all streams of the storage are
signed.  The PDF equivalent of this is to ensure that the byte range is
the entire file, including the signature dictionary but excluding the
signature value itself.

Change-Id: Ie47f42913e2aa960f35079eb981768cd47fb9f92
Reviewed-on: https://gerrit.libreoffice.org/29890
Tested-by: Jenkins 
Reviewed-by: Miklos Vajna 

diff --git a/xmlsecurity/source/pdfio/pdfdocument.cxx 
b/xmlsecurity/source/pdfio/pdfdocument.cxx
index 4711084..8cd2b5c 100644
--- a/xmlsecurity/source/pdfio/pdfdocument.cxx
+++ b/xmlsecurity/source/pdfio/pdfdocument.cxx
@@ -777,6 +777,54 @@ bool PDFDocument::ValidateSignature(SvStream& rStream, 
PDFObjectElement* pSignat
 rInformation.ouDescription = aBuffer.makeStringAndClear();
 }
 
+// Build a list of offset-length pairs, representing the signed bytes.
+std::vector> aByteRanges;
+size_t nByteRangeOffset = 0;
+const std::vector& rByteRangeElements = 
pByteRange->GetElements();
+for (size_t i = 0; i < rByteRangeElements.size(); ++i)
+{
+auto pNumber = dynamic_cast(rByteRangeElements[i]);
+if (!pNumber)
+{
+SAL_WARN("xmlsecurity.pdfio", "PDFDocument::ValidateSignature: 
signature offset and length has to be a number");
+return false;
+}
+
+if (i % 2 == 0)
+{
+nByteRangeOffset = pNumber->GetValue();
+continue;
+}
+size_t nByteRangeLength = pNumber->GetValue();
+aByteRanges.push_back(std::make_pair(nByteRangeOffset, 
nByteRangeLength));
+}
+
+// Detect if the byte ranges don't cover everything, but the signature 
itself.
+if (aByteRanges.size() < 2)
+{
+SAL_WARN("xmlsecurity.pdfio", "PDFDocument::ValidateSignature: 
expected 2 byte ranges");
+return false;
+}
+if (aByteRanges[0].first != 0)
+{
+SAL_WARN("xmlsecurity.pdfio", "PDFDocument::ValidateSignature: first 
range start is not 0");
+return false;
+}
+// 2 is the leading "<" and the trailing ">" around the hex string.
+size_t nSignatureLength = pContents->GetValue().getLength() + 2;
+if (aByteRanges[1].first != (aByteRanges[0].second + nSignatureLength))
+{
+SAL_WARN("xmlsecurity.pdfio", "PDFDocument::ValidateSignature: second 
range start is not the end of the signature");
+return false;
+}
+rStream.Seek(STREAM_SEEK_TO_END);
+size_t nFileEnd = rStream.Tell();
+if ((aByteRanges[1].first + aByteRanges[1].second) != nFileEnd)
+{
+SAL_WARN("xmlsecurity.pdfio", "PDFDocument::ValidateSignature: second 
range end is not the end of the file");
+return false;
+}
+
 // At this point there is no obviously missing info to validate the
 // signature.
 std::vector aSignature = 
PDFDocument::DecodeHexString(pContents);
@@ -837,37 +885,21 @@ bool PDFDocument::ValidateSignature(SvStream& rStream, 
PDFObjectElement* pSignat
 }
 
 // We have a hash, update it with the byte ranges.
-size_t nByteRangeOffset = 0;
-const std::vector& rByteRangeElements = 
pByteRange->GetElements();
-for (size_t i = 0; i < rByteRangeElements.size(); ++i)
+for (const auto& rByteRange : aByteRanges)
 {
-auto pNumber = dynamic_cast(rByteRangeElements[i]);
-if (!pNumber)
-{
-SAL_WARN("xmlsecurity.pdfio", "PDFDocument::ValidateSignature: 
signature offset and length has to be a number");
-return false;
-}
-
-if (i % 2 == 0)
-{
-nByteRangeOffset = pNumber->GetValue();
-continue;
-}
-
-rStream.Seek(nByteRangeOffset);
-size_t nByteRangeLength = pNumber->GetValue();
+rStream.Seek(rByteRange.first);
 
 // And now hash this byte range.
 const int nChunkLen = 4096;
 std::vector aBuffer(nChunkLen);
-for (size_t nByte = 0; nByte < nByteRangeLength;)
+for (size_t nByte = 0; nByte < rByteRange.second;)
 {
-size_t nRemainingSize = nByteRangeLength - nByte;
+size_t nRemainingSize = rByteRange.second - nByte;
 if (nRemainingSize < nChunkLen)
 {
 rStream.ReadBytes(aBuffer.data(), nRemainingSize);
 HASH_Update(pHASHContext, aBuffer.data(), nRemainingSize);
-

[Libreoffice-commits] core.git: 2 commits - xmlsecurity/source

2016-02-12 Thread Miklos Vajna 
 xmlsecurity/source/helper/documentsignaturehelper.cxx |6 +-
 1 file changed, 5 insertions(+), 1 deletion(-)

New commits:
commit 1e52ec3951f3e9d687bdff20a6378cb2f4819a90
Author: Miklos Vajna 
Date:   Fri Feb 12 11:17:29 2016 +0100

xmlsecurity OOXML export: never sign [Content_Types].xml

With this, our own import is happy when we sign LO-generated OOXML
files.

Change-Id: I977d7db5cf18fec1f33c480ab6e58852f2433923

diff --git a/xmlsecurity/source/helper/documentsignaturehelper.cxx 
b/xmlsecurity/source/helper/documentsignaturehelper.cxx
index 2262e06..9c14715 100644
--- a/xmlsecurity/source/helper/documentsignaturehelper.cxx
+++ b/xmlsecurity/source/helper/documentsignaturehelper.cxx
@@ -93,6 +93,10 @@ void ImplFillElementList(
 
 for ( sal_Int32 n = 0; n < nElements; n++ )
 {
+if (pNames[n] == "[Content_Types].xml")
+// OOXML
+continue;
+
 if (mode != OOo3_2Document
 && (pNames[n] == "META-INF" || pNames[n] == "mimetype"))
 {
commit 35ed9089373b4b63ecc656bd4dd57fc6f128c622
Author: Miklos Vajna 
Date:   Fri Feb 12 11:10:24 2016 +0100

xmlsecurity: fix typo in DocumentSignatureHelper::AppendContentTypes()

Change-Id: I5c67db0369d5eb24178e7173ac716dd8e96dfd47

diff --git a/xmlsecurity/source/helper/documentsignaturehelper.cxx 
b/xmlsecurity/source/helper/documentsignaturehelper.cxx
index 46b270e..2262e06 100644
--- a/xmlsecurity/source/helper/documentsignaturehelper.cxx
+++ b/xmlsecurity/source/helper/documentsignaturehelper.cxx
@@ -333,7 +333,7 @@ void DocumentSignatureHelper::AppendContentTypes(const 
uno::Referencehttps://lists.freedesktop.org/mailman/listinfo/libreoffice-commits

[Libreoffice-commits] core.git: 2 commits - xmlsecurity/source

2016-02-09 Thread Miklos Vajna 
 xmlsecurity/source/helper/xmlsignaturehelper.cxx |6 --
 xmlsecurity/source/helper/xsecctl.cxx|   21 +
 xmlsecurity/source/helper/xsecctl.hxx|4 
 3 files changed, 25 insertions(+), 6 deletions(-)

New commits:
commit 52c60fac3672476a0260248d3eb6f9ac7b96667f
Author: Miklos Vajna 
Date:   Tue Feb 9 12:28:56 2016 +0100

xmlsecurity: OOXML export of idSignedProperties stub

If the signature refers to an XML element with that id, we must export
at least a stub, otherwise xmlSecDSigCtxSign() will refuse to do
anything with the signature template.

With this, at least some calculated hashes and signature values appear
in the OOXML output.

Change-Id: Iff26c6ae0b97bf3509144a66a2c23070100a5974

diff --git a/xmlsecurity/source/helper/xsecctl.cxx 
b/xmlsecurity/source/helper/xsecctl.cxx
index 13c09af..b4c3031 100644
--- a/xmlsecurity/source/helper/xsecctl.cxx
+++ b/xmlsecurity/source/helper/xsecctl.cxx
@@ -1109,7 +1109,21 @@ void XSecController::exportOOXMLSignature(const 
uno::ReferenceendElement(TAG_OBJECT);
 
 xDocumentHandler->startElement(TAG_OBJECT, 
uno::Reference(new SvXMLAttributeList()));
+{
+rtl::Reference pAttributeList(new 
SvXMLAttributeList());
+pAttributeList->AddAttribute(ATTR_XMLNS ":" NSTAG_XD, NS_XD);
+pAttributeList->AddAttribute(ATTR_TARGET, "#idPackageSignature");
+xDocumentHandler->startElement(NSTAG_XD ":" TAG_QUALIFYINGPROPERTIES, 
uno::Reference(pAttributeList.get()));
+}
+{
+rtl::Reference pAttributeList(new 
SvXMLAttributeList());
+pAttributeList->AddAttribute(ATTR_ID, "idSignedProperties");
+xDocumentHandler->startElement(NSTAG_XD ":" TAG_SIGNEDPROPERTIES, 
uno::Reference(pAttributeList.get()));
+}
+xDocumentHandler->endElement(NSTAG_XD ":" TAG_SIGNEDPROPERTIES);
+xDocumentHandler->endElement(NSTAG_XD ":" TAG_QUALIFYINGPROPERTIES);
 xDocumentHandler->endElement(TAG_OBJECT);
+
 xDocumentHandler->endElement(TAG_SIGNATURE);
 }
 
diff --git a/xmlsecurity/source/helper/xsecctl.hxx 
b/xmlsecurity/source/helper/xsecctl.hxx
index c7f5647..ea436e3 100644
--- a/xmlsecurity/source/helper/xsecctl.hxx
+++ b/xmlsecurity/source/helper/xsecctl.hxx
@@ -81,6 +81,8 @@
 #define TAG_TIMESTAMP   "timestamp"
 #define TAG_DATE"date"
 #define TAG_DESCRIPTION "description"
+#define TAG_QUALIFYINGPROPERTIES "QualifyingProperties"
+#define TAG_SIGNEDPROPERTIES "SignedProperties"
 
 #define ATTR_XMLNS  "xmlns"
 #define ATTR_ALGORITHM  "Algorithm"
@@ -89,10 +91,12 @@
 #define ATTR_TARGET "Target"
 
 #define NSTAG_DC"dc"
+#define NSTAG_XD "xd"
 
 #define NS_XMLDSIG  "http://www.w3.org/2000/09/xmldsig#;
 //#define NS_DATETIME   "http://www.ietf.org/rfc.txt;
 #define NS_DC   "http://purl.org/dc/elements/1.1/;
+#define NS_XD "http://uri.etsi.org/01903/v1.3.2#;
 
 #define ALGO_C14N   "http://www.w3.org/TR/2001/REC-xml-c14n-20010315;
 #define ALGO_RSASHA1"http://www.w3.org/2000/09/xmldsig#rsa-sha1;
commit 4dcee42b44f56fec0b90ee6f7edc87adecdc
Author: Miklos Vajna 
Date:   Tue Feb 9 12:10:46 2016 +0100

xmlsecurity: mark the Signature, not the SignedInfo during OOXML export

So that we pass the correct node to xmlSecDSigCtxSign().
SAXEventKeeperImpl::startElement() always marks the first node written
by XSecController, which is the Signature node for ODF, but for OOXML,
the Signature node is the root element.

Fix the problem by writing the root element in
XSecController::exportOOXMLSignature() instead of doing it earlier,
similar how it's done for ODF (where we intentionally want to not mark
the root node).

Change-Id: Id0a76f155726ad53a996e9327454b8795497ac7b

diff --git a/xmlsecurity/source/helper/xmlsignaturehelper.cxx 
b/xmlsecurity/source/helper/xmlsignaturehelper.cxx
index f653248..bf80548 100644
--- a/xmlsecurity/source/helper/xmlsignaturehelper.cxx
+++ b/xmlsecurity/source/helper/xmlsignaturehelper.cxx
@@ -500,17 +500,11 @@ bool 
XMLSignatureHelper::CreateAndWriteOOXMLSignature(css::uno::ReferencesetOutputStream(xOutputStream);
 xSaxWriter->startDocument();
 
-SvXMLAttributeList* pAttributeList = new SvXMLAttributeList();
-pAttributeList->AddAttribute(ATTR_XMLNS, NS_XMLDSIG);
-pAttributeList->AddAttribute(ATTR_ID, "idPackageSignature");
-xSaxWriter->startElement(TAG_SIGNATURE, 
uno::Reference(pAttributeList));
-
 mbError = false;
 uno::Reference xDocumentHandler(xSaxWriter, 
uno::UNO_QUERY);
 if (!mpXSecController->WriteOOXMLSignature(xDocumentHandler))
 mbError = true;
 
-xSaxWriter->endElement(TAG_SIGNATURE);
 xSaxWriter->endDocument();
 
 return !mbError;
diff --git a/xmlsecurity/source/helper/xsecctl.cxx 
b/xmlsecurity/source/helper/xsecctl.cxx
index

[Libreoffice-commits] core.git: 2 commits - xmlsecurity/source

2016-02-08 Thread Miklos Vajna 
 xmlsecurity/source/helper/xmlsignaturehelper.cxx |3 +
 xmlsecurity/source/helper/xsecctl.cxx|6 ++
 xmlsecurity/source/helper/xsecctl.hxx|5 ++
 xmlsecurity/source/helper/xsecsign.cxx   |   57 +++
 4 files changed, 71 insertions(+)

New commits:
commit 95d45e8a19babfc319b3e92ee89bb13fd9924631
Author: Miklos Vajna 
Date:   Mon Feb 8 12:41:07 2016 +0100

xmlsecurity: export OOXML 

Change-Id: I1cac26d1133722285abe038085ad81dc16be6d8f

diff --git a/xmlsecurity/source/helper/xsecctl.cxx 
b/xmlsecurity/source/helper/xsecctl.cxx
index cc6a2e1..fcbd828 100644
--- a/xmlsecurity/source/helper/xsecctl.cxx
+++ b/xmlsecurity/source/helper/xsecctl.cxx
@@ -975,6 +975,12 @@ void XSecController::exportSignature(
 xDocumentHandler->endElement( tag_Signature );
 }
 
+void XSecController::exportOOXMLSignature(const 
uno::Reference& xDocumentHandler, const 
SignatureInformation& /*rInformation*/)
+{
+xDocumentHandler->startElement(TAG_SIGNEDINFO, 
uno::Reference(new SvXMLAttributeList()));
+xDocumentHandler->endElement(TAG_SIGNEDINFO);
+}
+
 SignatureInformation XSecController::getSignatureInformation( sal_Int32 
nSecurityId ) const
 {
 SignatureInformation aInf( 0 );
diff --git a/xmlsecurity/source/helper/xsecctl.hxx 
b/xmlsecurity/source/helper/xsecctl.hxx
index ff7ee0e..967e603 100644
--- a/xmlsecurity/source/helper/xsecctl.hxx
+++ b/xmlsecurity/source/helper/xsecctl.hxx
@@ -506,6 +506,8 @@ public:
 
 /// Writes XML elements inside a single OOXML signature's  
element.
 bool WriteOOXMLSignature(const 
css::uno::Reference& xDocumentHandler);
+/// Exports an OOXML signature, called by WriteOOXMLSignature().
+static void exportOOXMLSignature(const 
css::uno::Reference& xDocumentHandler, const 
SignatureInformation& rInformation);
 };
 
 #endif
diff --git a/xmlsecurity/source/helper/xsecsign.cxx 
b/xmlsecurity/source/helper/xsecsign.cxx
index 8b658df..4f1e523 100644
--- a/xmlsecurity/source/helper/xsecsign.cxx
+++ b/xmlsecurity/source/helper/xsecsign.cxx
@@ -357,10 +357,59 @@ bool XSecController::WriteSignature(
 return rc;
 }
 
-bool XSecController::WriteOOXMLSignature(const 
uno::Reference& /*xDocumentHandler*/)
+bool XSecController::WriteOOXMLSignature(const 
uno::Reference& xDocumentHandler)
 {
 bool bRet = false;
 
+SAL_WARN_IF(!xDocumentHandler.is(), "xmlsecurity.helper", "empty 
xDocumentHandler reference");
+
+// Chain the SAXEventKeeper to the SAX chain.
+chainOn(/*bRetrievingLastEvent=*/true);
+
+if (m_nStatusOfSecurityComponents == INITIALIZED)
+{
+m_bIsSAXEventKeeperSticky = true;
+m_xSAXEventKeeper->setNextHandler(xDocumentHandler);
+
+try
+{
+// Export the signature template.
+cssu::Reference 
xSEKHandler(m_xSAXEventKeeper, uno::UNO_QUERY);
+
+for (size_t i = 0; i < m_vInternalSignatureInformations.size(); 
++i)
+{
+InternalSignatureInformation& rInformation = 
m_vInternalSignatureInformations[i];
+
+// Prepare the signature creator.
+rInformation.xReferenceResolvedListener = 
prepareSignatureToWrite(rInformation);
+
+exportOOXMLSignature(xSEKHandler, rInformation.signatureInfor);
+}
+
+m_bIsSAXEventKeeperSticky = false;
+chainOff();
+
+bRet = true;
+}
+catch (const xml::sax::SAXException&)
+{
+m_pErrorMessage = ERROR_SAXEXCEPTIONDURINGCREATION;
+}
+catch(const io::IOException&)
+{
+m_pErrorMessage = ERROR_IOEXCEPTIONDURINGCREATION;
+}
+catch(const uno::Exception&)
+{
+m_pErrorMessage = ERROR_EXCEPTIONDURINGCREATION;
+}
+
+m_xSAXEventKeeper->setNextHandler(nullptr);
+m_bIsSAXEventKeeperSticky = false;
+}
+else
+m_pErrorMessage = ERROR_CANNOTCREATEXMLSECURITYCOMPONENT;
+
 return bRet;
 }
 
commit 1eda4ad5bab6ac65c0c61bbbef6946129566b7cc
Author: Miklos Vajna 
Date:   Mon Feb 8 12:29:28 2016 +0100

xmlsecurity: initial WriteOOXMLSignature()

Change-Id: I368a0254a8c8eff0ec7c56ecec4c0a462ae32252

diff --git a/xmlsecurity/source/helper/xmlsignaturehelper.cxx 
b/xmlsecurity/source/helper/xmlsignaturehelper.cxx
index bea6ed7..f653248 100644
--- a/xmlsecurity/source/helper/xmlsignaturehelper.cxx
+++ b/xmlsecurity/source/helper/xmlsignaturehelper.cxx
@@ -506,6 +506,9 @@ bool 
XMLSignatureHelper::CreateAndWriteOOXMLSignature(css::uno::ReferencestartElement(TAG_SIGNATURE, 
uno::Reference(pAttributeList));
 
 mbError = false;
+uno::Reference xDocumentHandler(xSaxWriter, 
uno::UNO_QUERY);
+if (!mpXSecController->WriteOOXMLSignature(xDocumentHandler))
+mbError = true;
 
 xSaxWriter->endElement(TAG_SIGNATURE);
 xSaxWriter->endDocument();
diff --git