1*06b3ce53SAndrew Rist /**************************************************************
2cdf0e10cSrcweir *
3*06b3ce53SAndrew Rist * Licensed to the Apache Software Foundation (ASF) under one
4*06b3ce53SAndrew Rist * or more contributor license agreements. See the NOTICE file
5*06b3ce53SAndrew Rist * distributed with this work for additional information
6*06b3ce53SAndrew Rist * regarding copyright ownership. The ASF licenses this file
7*06b3ce53SAndrew Rist * to you under the Apache License, Version 2.0 (the
8*06b3ce53SAndrew Rist * "License"); you may not use this file except in compliance
9*06b3ce53SAndrew Rist * with the License. You may obtain a copy of the License at
10*06b3ce53SAndrew Rist *
11*06b3ce53SAndrew Rist * http://www.apache.org/licenses/LICENSE-2.0
12*06b3ce53SAndrew Rist *
13*06b3ce53SAndrew Rist * Unless required by applicable law or agreed to in writing,
14*06b3ce53SAndrew Rist * software distributed under the License is distributed on an
15*06b3ce53SAndrew Rist * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
16*06b3ce53SAndrew Rist * KIND, either express or implied. See the License for the
17*06b3ce53SAndrew Rist * specific language governing permissions and limitations
18*06b3ce53SAndrew Rist * under the License.
19*06b3ce53SAndrew Rist *
20*06b3ce53SAndrew Rist *************************************************************/
21*06b3ce53SAndrew Rist
22*06b3ce53SAndrew Rist
23cdf0e10cSrcweir
24cdf0e10cSrcweir // MARKER(update_precomp.py): autogen include statement, do not remove
25cdf0e10cSrcweir #include "precompiled_xmlsecurity.hxx"
26cdf0e10cSrcweir #include <xmlsecurity/digitalsignaturesdialog.hxx>
27cdf0e10cSrcweir #include <xmlsecurity/certificatechooser.hxx>
28cdf0e10cSrcweir #include <xmlsecurity/certificateviewer.hxx>
29cdf0e10cSrcweir #include <xmlsecurity/biginteger.hxx>
30cdf0e10cSrcweir #include <xmloff/xmluconv.hxx>
31cdf0e10cSrcweir #include <com/sun/star/embed/XStorage.hpp>
32cdf0e10cSrcweir #include <com/sun/star/embed/ElementModes.hpp>
33cdf0e10cSrcweir #include <com/sun/star/io/XSeekable.hpp>
34cdf0e10cSrcweir #include <com/sun/star/io/XTruncate.hpp>
35cdf0e10cSrcweir #include <com/sun/star/embed/XTransactedObject.hpp>
36cdf0e10cSrcweir #include <com/sun/star/container/XNameAccess.hpp>
37cdf0e10cSrcweir #include <com/sun/star/lang/XComponent.hpp>
38cdf0e10cSrcweir #include <com/sun/star/security/NoPasswordException.hpp>
39cdf0e10cSrcweir #include <com/sun/star/lang/DisposedException.hpp>
40cdf0e10cSrcweir #include <com/sun/star/beans/XPropertySet.hpp>
41cdf0e10cSrcweir #include <com/sun/star/security/CertificateValidity.hdl>
42cdf0e10cSrcweir #include <com/sun/star/packages/WrongPasswordException.hpp>
43cdf0e10cSrcweir #include <com/sun/star/security/SerialNumberAdapter.hpp>
44cdf0e10cSrcweir #include <com/sun/star/security/XDocumentDigitalSignatures.hpp>
45cdf0e10cSrcweir #include <com/sun/star/xml/dom/XDocumentBuilder.hpp>
46cdf0e10cSrcweir #include <com/sun/star/packages/manifest/XManifestReader.hpp>
47cdf0e10cSrcweir
48cdf0e10cSrcweir
49cdf0e10cSrcweir #include <rtl/ustrbuf.hxx>
50cdf0e10cSrcweir #include <rtl/uri.hxx>
51cdf0e10cSrcweir
52cdf0e10cSrcweir #include <tools/date.hxx>
53cdf0e10cSrcweir #include <tools/time.hxx>
54cdf0e10cSrcweir
55cdf0e10cSrcweir #include "dialogs.hrc"
56cdf0e10cSrcweir #include "digitalsignaturesdialog.hrc"
57cdf0e10cSrcweir #include "helpids.hrc"
58cdf0e10cSrcweir #include "resourcemanager.hxx"
59cdf0e10cSrcweir
60cdf0e10cSrcweir #include <vcl/msgbox.hxx> // Until encrypted docs work...
61cdf0e10cSrcweir #include <unotools/configitem.hxx>
62cdf0e10cSrcweir #include <comphelper/componentcontext.hxx>
63cdf0e10cSrcweir
64cdf0e10cSrcweir #define OUSTR(x) ::rtl::OUString( RTL_CONSTASCII_USTRINGPARAM(x) )
65cdf0e10cSrcweir
66cdf0e10cSrcweir
67cdf0e10cSrcweir /* HACK: disable some warnings for MS-C */
68cdf0e10cSrcweir #ifdef _MSC_VER
69cdf0e10cSrcweir #pragma warning (disable : 4355) // 4355: this used in initializer-list
70cdf0e10cSrcweir #endif
71cdf0e10cSrcweir
72cdf0e10cSrcweir using namespace ::com::sun::star::security;
73cdf0e10cSrcweir using namespace ::com::sun::star::uno;
74cdf0e10cSrcweir using namespace ::com::sun::star;
75cdf0e10cSrcweir namespace css = ::com::sun::star;
76cdf0e10cSrcweir using ::rtl::OUString;
77cdf0e10cSrcweir
78cdf0e10cSrcweir namespace
79cdf0e10cSrcweir {
80cdf0e10cSrcweir class SaveODFItem: public utl::ConfigItem
81cdf0e10cSrcweir {
82cdf0e10cSrcweir sal_Int16 m_nODF;
83cdf0e10cSrcweir public:
84cdf0e10cSrcweir virtual void Commit();
85cdf0e10cSrcweir virtual void Notify( const ::com::sun::star::uno::Sequence< rtl::OUString >& aPropertyNames );
86cdf0e10cSrcweir SaveODFItem();
87cdf0e10cSrcweir //See group ODF in Common.xcs
isLessODF1_2()88cdf0e10cSrcweir bool isLessODF1_2()
89cdf0e10cSrcweir {
90cdf0e10cSrcweir return m_nODF < 3;
91cdf0e10cSrcweir }
92cdf0e10cSrcweir };
93cdf0e10cSrcweir
Commit()94cdf0e10cSrcweir void SaveODFItem::Commit() {}
Notify(const::com::sun::star::uno::Sequence<rtl::OUString> &)95cdf0e10cSrcweir void SaveODFItem::Notify( const ::com::sun::star::uno::Sequence< rtl::OUString >& ) {}
96cdf0e10cSrcweir
SaveODFItem()97cdf0e10cSrcweir SaveODFItem::SaveODFItem(): utl::ConfigItem(::rtl::OUString(RTL_CONSTASCII_USTRINGPARAM(
98cdf0e10cSrcweir "Office.Common/Save"))), m_nODF(0)
99cdf0e10cSrcweir {
100cdf0e10cSrcweir OUString sDef(RTL_CONSTASCII_USTRINGPARAM("ODF/DefaultVersion"));
101cdf0e10cSrcweir Sequence< css::uno::Any > aValues = GetProperties( Sequence<OUString>(&sDef,1) );
102cdf0e10cSrcweir if ( aValues.getLength() == 1)
103cdf0e10cSrcweir {
104cdf0e10cSrcweir sal_Int16 nTmp = 0;
105cdf0e10cSrcweir if ( aValues[0] >>= nTmp )
106cdf0e10cSrcweir m_nODF = nTmp;
107cdf0e10cSrcweir else
108cdf0e10cSrcweir throw uno::RuntimeException(
109cdf0e10cSrcweir OUString(RTL_CONSTASCII_USTRINGPARAM(
110cdf0e10cSrcweir "[xmlsecurity]SaveODFItem::SaveODFItem(): Wrong Type!")), 0 );
111cdf0e10cSrcweir
112cdf0e10cSrcweir }
113cdf0e10cSrcweir else
114cdf0e10cSrcweir throw uno::RuntimeException(
115cdf0e10cSrcweir OUString(RTL_CONSTASCII_USTRINGPARAM(
116cdf0e10cSrcweir "[xmlsecurity] Could not open property Office.Common/Save/ODF/DefaultVersion")), 0);
117cdf0e10cSrcweir }
118cdf0e10cSrcweir }
119cdf0e10cSrcweir
120cdf0e10cSrcweir /* Using the zip storage, we cannot get the properties "MediaType" and "IsEncrypted"
121cdf0e10cSrcweir We use the manifest to find out if a file is xml and if it is encrypted.
122cdf0e10cSrcweir The parameter is an encoded uri. However, the manifest contains paths. Therefore
123cdf0e10cSrcweir the path is encoded as uri, so they can be compared.
124cdf0e10cSrcweir */
isXML(const rtl::OUString & rURI)125cdf0e10cSrcweir bool DigitalSignaturesDialog::isXML(const rtl::OUString& rURI )
126cdf0e10cSrcweir {
127cdf0e10cSrcweir OSL_ASSERT(mxStore.is());
128cdf0e10cSrcweir
129cdf0e10cSrcweir bool bIsXML = false;
130cdf0e10cSrcweir bool bPropsAvailable = false;
131cdf0e10cSrcweir const OUString sPropFullPath(RTL_CONSTASCII_USTRINGPARAM("FullPath"));
132cdf0e10cSrcweir const OUString sPropMediaType(RTL_CONSTASCII_USTRINGPARAM("MediaType"));
133cdf0e10cSrcweir const OUString sPropDigest(RTL_CONSTASCII_USTRINGPARAM("Digest"));
134cdf0e10cSrcweir
135cdf0e10cSrcweir for (int i = 0; i < m_manifest.getLength(); i++)
136cdf0e10cSrcweir {
137cdf0e10cSrcweir Any digest;
138cdf0e10cSrcweir const Sequence< css::beans::PropertyValue >& entry = m_manifest[i];
139cdf0e10cSrcweir OUString sPath, sMediaType;
140cdf0e10cSrcweir bool bEncrypted = false;
141cdf0e10cSrcweir for (int j = 0; j < entry.getLength(); j++)
142cdf0e10cSrcweir {
143cdf0e10cSrcweir const css::beans::PropertyValue & prop = entry[j];
144cdf0e10cSrcweir
145cdf0e10cSrcweir if (prop.Name.equals( sPropFullPath ) )
146cdf0e10cSrcweir prop.Value >>= sPath;
147cdf0e10cSrcweir else if (prop.Name.equals( sPropMediaType ) )
148cdf0e10cSrcweir prop.Value >>= sMediaType;
149cdf0e10cSrcweir else if (prop.Name.equals( sPropDigest ) )
150cdf0e10cSrcweir bEncrypted = true;
151cdf0e10cSrcweir }
152cdf0e10cSrcweir if (DocumentSignatureHelper::equalsReferenceUriManifestPath(rURI, sPath))
153cdf0e10cSrcweir {
154cdf0e10cSrcweir bIsXML = sMediaType.equals(OUSTR("text/xml")) && ! bEncrypted;
155cdf0e10cSrcweir bPropsAvailable = true;
156cdf0e10cSrcweir break;
157cdf0e10cSrcweir }
158cdf0e10cSrcweir }
159cdf0e10cSrcweir if (!bPropsAvailable)
160cdf0e10cSrcweir {
161cdf0e10cSrcweir //This would be the case for at least mimetype, META-INF/manifest.xml
162cdf0e10cSrcweir //META-INF/macrosignatures.xml.
163cdf0e10cSrcweir //Files can only be encrypted if they are in the manifest.xml.
164cdf0e10cSrcweir //That is, the current file cannot be encrypted, otherwise bPropsAvailable
165cdf0e10cSrcweir //would be true.
166cdf0e10cSrcweir OUString aXMLExt( RTL_CONSTASCII_USTRINGPARAM( "XML" ) );
167cdf0e10cSrcweir sal_Int32 nSep = rURI.lastIndexOf( '.' );
168cdf0e10cSrcweir if ( nSep != (-1) )
169cdf0e10cSrcweir {
170cdf0e10cSrcweir OUString aExt = rURI.copy( nSep+1 );
171cdf0e10cSrcweir if (aExt.equalsIgnoreAsciiCase(aXMLExt ))
172cdf0e10cSrcweir bIsXML = true;
173cdf0e10cSrcweir }
174cdf0e10cSrcweir }
175cdf0e10cSrcweir return bIsXML;
176cdf0e10cSrcweir }
177cdf0e10cSrcweir
DigitalSignaturesDialog(Window * pParent,uno::Reference<uno::XComponentContext> & rxCtx,DocumentSignatureMode eMode,sal_Bool bReadOnly,const::rtl::OUString & sODFVersion,bool bHasDocumentSignature)178cdf0e10cSrcweir DigitalSignaturesDialog::DigitalSignaturesDialog(
179cdf0e10cSrcweir Window* pParent,
180cdf0e10cSrcweir uno::Reference< uno::XComponentContext >& rxCtx, DocumentSignatureMode eMode,
181cdf0e10cSrcweir sal_Bool bReadOnly, const ::rtl::OUString& sODFVersion, bool bHasDocumentSignature)
182cdf0e10cSrcweir :ModalDialog ( pParent, XMLSEC_RES( RID_XMLSECDLG_DIGSIG ) )
183cdf0e10cSrcweir ,mxCtx ( rxCtx )
184cdf0e10cSrcweir ,maSignatureHelper ( rxCtx )
185cdf0e10cSrcweir ,meSignatureMode ( eMode )
186cdf0e10cSrcweir ,maHintDocFT ( this, XMLSEC_RES( FT_HINT_DOC ) )
187cdf0e10cSrcweir ,maHintBasicFT ( this, XMLSEC_RES( FT_HINT_BASIC ) )
188cdf0e10cSrcweir ,maHintPackageFT ( this, XMLSEC_RES( FT_HINT_PACK ) )
189cdf0e10cSrcweir ,maSignaturesLB ( this, XMLSEC_RES( LB_SIGNATURES ) )
190cdf0e10cSrcweir ,maSigsValidImg ( this, XMLSEC_RES( IMG_STATE_VALID ) )
191cdf0e10cSrcweir ,maSigsValidFI ( this, XMLSEC_RES( FI_STATE_VALID ) )
192cdf0e10cSrcweir ,maSigsInvalidImg ( this, XMLSEC_RES( IMG_STATE_BROKEN ) )
193cdf0e10cSrcweir ,maSigsInvalidFI ( this, XMLSEC_RES( FI_STATE_BROKEN ) )
194cdf0e10cSrcweir ,maSigsNotvalidatedImg( this, XMLSEC_RES( IMG_STATE_NOTVALIDATED ) )
195cdf0e10cSrcweir ,maSigsNotvalidatedFI ( this, XMLSEC_RES( FI_STATE_NOTVALIDATED ) )
196cdf0e10cSrcweir ,maSigsOldSignatureFI ( this, XMLSEC_RES( FI_STATE_OLDSIGNATURE) )
197cdf0e10cSrcweir ,maViewBtn ( this, XMLSEC_RES( BTN_VIEWCERT ) )
198cdf0e10cSrcweir ,maAddBtn ( this, XMLSEC_RES( BTN_ADDCERT ) )
199cdf0e10cSrcweir ,maRemoveBtn ( this, XMLSEC_RES( BTN_REMOVECERT ) )
200cdf0e10cSrcweir ,maBottomSepFL ( this, XMLSEC_RES( FL_BOTTOM_SEP ) )
201cdf0e10cSrcweir ,maOKBtn ( this, XMLSEC_RES( BTN_OK ) )
202cdf0e10cSrcweir ,maHelpBtn ( this, XMLSEC_RES( BTN_HELP ) )
203cdf0e10cSrcweir ,m_sODFVersion (sODFVersion)
204cdf0e10cSrcweir ,m_bHasDocumentSignature(bHasDocumentSignature)
205cdf0e10cSrcweir ,m_bWarningShowSignMacro(false)
206cdf0e10cSrcweir {
207cdf0e10cSrcweir // --> PB #i48253 the tablistbox needs its own unique id
208cdf0e10cSrcweir maSignaturesLB.Window::SetUniqueId( HID_XMLSEC_TREE_SIGNATURESDLG );
209cdf0e10cSrcweir // <--
210cdf0e10cSrcweir Size aControlSize( maSignaturesLB.GetSizePixel() );
211cdf0e10cSrcweir aControlSize = maSignaturesLB.PixelToLogic( aControlSize, MapMode( MAP_APPFONT ) );
212cdf0e10cSrcweir const long nControlWidth = aControlSize.Width();
213cdf0e10cSrcweir static long nTabs[] = { 4, 0, 6*nControlWidth/100, 36*nControlWidth/100, 74*nControlWidth/100 };
214cdf0e10cSrcweir maSignaturesLB.SetTabs( &nTabs[ 0 ] );
215cdf0e10cSrcweir maSignaturesLB.InsertHeaderEntry( String( XMLSEC_RES( STR_HEADERBAR ) ) );
216cdf0e10cSrcweir
217cdf0e10cSrcweir maSigsNotvalidatedFI.SetText( String( XMLSEC_RES( STR_NO_INFO_TO_VERIFY ) ) );
218cdf0e10cSrcweir
219cdf0e10cSrcweir if ( GetSettings().GetStyleSettings().GetHighContrastMode() )
220cdf0e10cSrcweir {
221cdf0e10cSrcweir // high contrast mode needs other images
222cdf0e10cSrcweir maSigsValidImg.SetImage( Image( XMLSEC_RES( IMG_STATE_VALID_HC ) ) );
223cdf0e10cSrcweir maSigsInvalidImg.SetImage( Image( XMLSEC_RES( IMG_STATE_BROKEN_HC ) ) );
224cdf0e10cSrcweir maSigsNotvalidatedImg.SetImage( Image( XMLSEC_RES( IMG_STATE_NOTVALIDATED_HC ) ) );
225cdf0e10cSrcweir }
226cdf0e10cSrcweir
227cdf0e10cSrcweir FreeResource();
228cdf0e10cSrcweir
229cdf0e10cSrcweir mbVerifySignatures = true;
230cdf0e10cSrcweir mbSignaturesChanged = false;
231cdf0e10cSrcweir
232cdf0e10cSrcweir maSignaturesLB.SetSelectHdl( LINK( this, DigitalSignaturesDialog, SignatureHighlightHdl ) );
233cdf0e10cSrcweir maSignaturesLB.SetDoubleClickHdl( LINK( this, DigitalSignaturesDialog, SignatureSelectHdl ) );
234cdf0e10cSrcweir
235cdf0e10cSrcweir maViewBtn.SetClickHdl( LINK( this, DigitalSignaturesDialog, ViewButtonHdl ) );
236cdf0e10cSrcweir maViewBtn.Disable();
237cdf0e10cSrcweir
238cdf0e10cSrcweir maAddBtn.SetClickHdl( LINK( this, DigitalSignaturesDialog, AddButtonHdl ) );
239cdf0e10cSrcweir if ( bReadOnly )
240cdf0e10cSrcweir maAddBtn.Disable();
241cdf0e10cSrcweir
242cdf0e10cSrcweir maRemoveBtn.SetClickHdl( LINK( this, DigitalSignaturesDialog, RemoveButtonHdl ) );
243cdf0e10cSrcweir maRemoveBtn.Disable();
244cdf0e10cSrcweir
245cdf0e10cSrcweir maOKBtn.SetClickHdl( LINK( this, DigitalSignaturesDialog, OKButtonHdl) );
246cdf0e10cSrcweir
247cdf0e10cSrcweir switch( meSignatureMode )
248cdf0e10cSrcweir {
249cdf0e10cSrcweir case SignatureModeDocumentContent: maHintDocFT.Show(); break;
250cdf0e10cSrcweir case SignatureModeMacros: maHintBasicFT.Show(); break;
251cdf0e10cSrcweir case SignatureModePackage: maHintPackageFT.Show(); break;
252cdf0e10cSrcweir }
253cdf0e10cSrcweir
254cdf0e10cSrcweir // adjust fixed text to images
255cdf0e10cSrcweir XmlSec::AlignAndFitImageAndControl( maSigsValidImg, maSigsValidFI, 5 );
256cdf0e10cSrcweir XmlSec::AlignAndFitImageAndControl( maSigsInvalidImg, maSigsInvalidFI, 5 );
257cdf0e10cSrcweir XmlSec::AlignAndFitImageAndControl( maSigsNotvalidatedImg, maSigsNotvalidatedFI, 5 );
258cdf0e10cSrcweir XmlSec::AlignAndFitImageAndControl( maSigsNotvalidatedImg, maSigsOldSignatureFI, 5 );
259cdf0e10cSrcweir }
260cdf0e10cSrcweir
~DigitalSignaturesDialog()261cdf0e10cSrcweir DigitalSignaturesDialog::~DigitalSignaturesDialog()
262cdf0e10cSrcweir {
263cdf0e10cSrcweir }
264cdf0e10cSrcweir
Init()265cdf0e10cSrcweir sal_Bool DigitalSignaturesDialog::Init()
266cdf0e10cSrcweir {
267cdf0e10cSrcweir bool bInit = maSignatureHelper.Init();
268cdf0e10cSrcweir
269cdf0e10cSrcweir DBG_ASSERT( bInit, "Error initializing security context!" );
270cdf0e10cSrcweir
271cdf0e10cSrcweir if ( bInit )
272cdf0e10cSrcweir {
273cdf0e10cSrcweir maSignatureHelper.SetStartVerifySignatureHdl( LINK( this, DigitalSignaturesDialog, StartVerifySignatureHdl ) );
274cdf0e10cSrcweir }
275cdf0e10cSrcweir
276cdf0e10cSrcweir return bInit;
277cdf0e10cSrcweir }
278cdf0e10cSrcweir
SetStorage(const com::sun::star::uno::Reference<com::sun::star::embed::XStorage> & rxStore)279cdf0e10cSrcweir void DigitalSignaturesDialog::SetStorage( const com::sun::star::uno::Reference < com::sun::star::embed::XStorage >& rxStore )
280cdf0e10cSrcweir {
281cdf0e10cSrcweir mxStore = rxStore;
282cdf0e10cSrcweir maSignatureHelper.SetStorage( mxStore, m_sODFVersion);
283cdf0e10cSrcweir
284cdf0e10cSrcweir Reference < css::packages::manifest::XManifestReader > xReader(
285cdf0e10cSrcweir mxCtx->getServiceManager()->createInstanceWithContext(
286cdf0e10cSrcweir OUSTR("com.sun.star.packages.manifest.ManifestReader"), mxCtx), UNO_QUERY_THROW);
287cdf0e10cSrcweir
288cdf0e10cSrcweir //Get the manifest.xml
289cdf0e10cSrcweir Reference < css::embed::XStorage > xSubStore(rxStore->openStorageElement(
290cdf0e10cSrcweir OUSTR("META-INF"), css::embed::ElementModes::READ), UNO_QUERY_THROW);
291cdf0e10cSrcweir
292cdf0e10cSrcweir Reference< css::io::XInputStream > xStream(
293cdf0e10cSrcweir xSubStore->openStreamElement(OUSTR("manifest.xml"), css::embed::ElementModes::READ),
294cdf0e10cSrcweir UNO_QUERY_THROW);
295cdf0e10cSrcweir
296cdf0e10cSrcweir m_manifest = xReader->readManifestSequence(xStream);
297cdf0e10cSrcweir }
298cdf0e10cSrcweir
SetSignatureStream(const cssu::Reference<css::io::XStream> & rxStream)299cdf0e10cSrcweir void DigitalSignaturesDialog::SetSignatureStream( const cssu::Reference < css::io::XStream >& rxStream )
300cdf0e10cSrcweir {
301cdf0e10cSrcweir mxSignatureStream = rxStream;
302cdf0e10cSrcweir }
303cdf0e10cSrcweir
canAddRemove()304cdf0e10cSrcweir bool DigitalSignaturesDialog::canAddRemove()
305cdf0e10cSrcweir {
306cdf0e10cSrcweir //m56
307cdf0e10cSrcweir bool ret = true;
308cdf0e10cSrcweir OSL_ASSERT(mxStore.is());
309cdf0e10cSrcweir bool bDoc1_1 = DocumentSignatureHelper::isODFPre_1_2(m_sODFVersion);
310cdf0e10cSrcweir SaveODFItem item;
311cdf0e10cSrcweir bool bSave1_1 = item.isLessODF1_2();
312cdf0e10cSrcweir
313cdf0e10cSrcweir // see specification
314cdf0e10cSrcweir //cvs: specs/www/appwide/security/Electronic_Signatures_and_Security.sxw
315cdf0e10cSrcweir //Paragraph 'Behavior with regard to ODF 1.2'
316cdf0e10cSrcweir //For both, macro and document
317cdf0e10cSrcweir if ( (!bSave1_1 && bDoc1_1) || (bSave1_1 && bDoc1_1) )
318cdf0e10cSrcweir {
319cdf0e10cSrcweir //#4
320cdf0e10cSrcweir ErrorBox err(NULL, XMLSEC_RES(RID_XMLSECDLG_OLD_ODF_FORMAT));
321cdf0e10cSrcweir err.Execute();
322cdf0e10cSrcweir ret = false;
323cdf0e10cSrcweir }
324cdf0e10cSrcweir
325cdf0e10cSrcweir //As of OOo 3.2 the document signature includes in macrosignatures.xml. That is
326cdf0e10cSrcweir //adding a macro signature will break an existing document signature.
327cdf0e10cSrcweir //The sfx2 will remove the documentsignature when the user adds a macro signature
328cdf0e10cSrcweir if (meSignatureMode == SignatureModeMacros
329cdf0e10cSrcweir && ret)
330cdf0e10cSrcweir {
331cdf0e10cSrcweir if (m_bHasDocumentSignature && !m_bWarningShowSignMacro)
332cdf0e10cSrcweir {
333cdf0e10cSrcweir //The warning says that the document signatures will be removed if the user
334cdf0e10cSrcweir //continues. He can then either press 'OK' or 'NO'
335cdf0e10cSrcweir //It the user presses 'Add' or 'Remove' several times then, then the warning
336cdf0e10cSrcweir //is shown every time until the user presses 'OK'. From then on, the warning
337cdf0e10cSrcweir //is not displayed anymore as long as the signatures dialog is alive.
338cdf0e10cSrcweir if (QueryBox(
339cdf0e10cSrcweir NULL, XMLSEC_RES(MSG_XMLSECDLG_QUERY_REMOVEDOCSIGNBEFORESIGN)).Execute() == RET_NO)
340cdf0e10cSrcweir ret = false;
341cdf0e10cSrcweir else
342cdf0e10cSrcweir m_bWarningShowSignMacro = true;
343cdf0e10cSrcweir
344cdf0e10cSrcweir }
345cdf0e10cSrcweir }
346cdf0e10cSrcweir return ret;
347cdf0e10cSrcweir }
348cdf0e10cSrcweir
canAdd()349cdf0e10cSrcweir bool DigitalSignaturesDialog::canAdd()
350cdf0e10cSrcweir {
351cdf0e10cSrcweir if (canAddRemove())
352cdf0e10cSrcweir return true;
353cdf0e10cSrcweir return false;
354cdf0e10cSrcweir }
355cdf0e10cSrcweir
canRemove()356cdf0e10cSrcweir bool DigitalSignaturesDialog::canRemove()
357cdf0e10cSrcweir {
358cdf0e10cSrcweir if (canAddRemove())
359cdf0e10cSrcweir return true;
360cdf0e10cSrcweir return false;
361cdf0e10cSrcweir }
362cdf0e10cSrcweir
Execute()363cdf0e10cSrcweir short DigitalSignaturesDialog::Execute()
364cdf0e10cSrcweir {
365cdf0e10cSrcweir // Verify Signatures and add certificates to ListBox...
366cdf0e10cSrcweir mbVerifySignatures = true;
367cdf0e10cSrcweir ImplGetSignatureInformations(false);
368cdf0e10cSrcweir ImplFillSignaturesBox();
369cdf0e10cSrcweir
370cdf0e10cSrcweir // Only verify once, content will not change.
371cdf0e10cSrcweir // But for refreshing signature information, StartVerifySignatureHdl will be called after each add/remove
372cdf0e10cSrcweir mbVerifySignatures = false;
373cdf0e10cSrcweir
374cdf0e10cSrcweir return Dialog::Execute();
375cdf0e10cSrcweir }
376cdf0e10cSrcweir
IMPL_LINK(DigitalSignaturesDialog,SignatureHighlightHdl,void *,EMPTYARG)377cdf0e10cSrcweir IMPL_LINK( DigitalSignaturesDialog, SignatureHighlightHdl, void*, EMPTYARG )
378cdf0e10cSrcweir {
379cdf0e10cSrcweir bool bSel = maSignaturesLB.FirstSelected() ? true : false;
380cdf0e10cSrcweir maViewBtn.Enable( bSel );
381cdf0e10cSrcweir if ( maAddBtn.IsEnabled() ) // not read only
382cdf0e10cSrcweir maRemoveBtn.Enable( bSel );
383cdf0e10cSrcweir
384cdf0e10cSrcweir return 0;
385cdf0e10cSrcweir }
386cdf0e10cSrcweir
IMPL_LINK(DigitalSignaturesDialog,OKButtonHdl,void *,EMPTYARG)387cdf0e10cSrcweir IMPL_LINK( DigitalSignaturesDialog, OKButtonHdl, void*, EMPTYARG )
388cdf0e10cSrcweir {
389cdf0e10cSrcweir // Export all other signatures...
390cdf0e10cSrcweir SignatureStreamHelper aStreamHelper = ImplOpenSignatureStream(
391cdf0e10cSrcweir embed::ElementModes::WRITE|embed::ElementModes::TRUNCATE, false );
392cdf0e10cSrcweir uno::Reference< io::XOutputStream > xOutputStream(
393cdf0e10cSrcweir aStreamHelper.xSignatureStream, uno::UNO_QUERY );
394cdf0e10cSrcweir uno::Reference< com::sun::star::xml::sax::XDocumentHandler> xDocumentHandler =
395cdf0e10cSrcweir maSignatureHelper.CreateDocumentHandlerWithHeader( xOutputStream );
396cdf0e10cSrcweir
397cdf0e10cSrcweir int nInfos = maCurrentSignatureInformations.size();
398cdf0e10cSrcweir for( int n = 0 ; n < nInfos ; ++n )
399cdf0e10cSrcweir maSignatureHelper.ExportSignature(
400cdf0e10cSrcweir xDocumentHandler, maCurrentSignatureInformations[ n ] );
401cdf0e10cSrcweir
402cdf0e10cSrcweir maSignatureHelper.CloseDocumentHandler( xDocumentHandler);
403cdf0e10cSrcweir
404cdf0e10cSrcweir // If stream was not provided, we are responsible for committing it....
405cdf0e10cSrcweir if ( !mxSignatureStream.is() )
406cdf0e10cSrcweir {
407cdf0e10cSrcweir uno::Reference< embed::XTransactedObject > xTrans(
408cdf0e10cSrcweir aStreamHelper.xSignatureStorage, uno::UNO_QUERY );
409cdf0e10cSrcweir xTrans->commit();
410cdf0e10cSrcweir }
411cdf0e10cSrcweir
412cdf0e10cSrcweir EndDialog(RET_OK);
413cdf0e10cSrcweir return 0;
414cdf0e10cSrcweir }
415cdf0e10cSrcweir
IMPL_LINK(DigitalSignaturesDialog,SignatureSelectHdl,void *,EMPTYARG)416cdf0e10cSrcweir IMPL_LINK( DigitalSignaturesDialog, SignatureSelectHdl, void*, EMPTYARG )
417cdf0e10cSrcweir {
418cdf0e10cSrcweir ImplShowSignaturesDetails();
419cdf0e10cSrcweir return 0;
420cdf0e10cSrcweir }
421cdf0e10cSrcweir
IMPL_LINK(DigitalSignaturesDialog,ViewButtonHdl,Button *,EMPTYARG)422cdf0e10cSrcweir IMPL_LINK( DigitalSignaturesDialog, ViewButtonHdl, Button*, EMPTYARG )
423cdf0e10cSrcweir {
424cdf0e10cSrcweir ImplShowSignaturesDetails();
425cdf0e10cSrcweir return 0;
426cdf0e10cSrcweir }
427cdf0e10cSrcweir
IMPL_LINK(DigitalSignaturesDialog,AddButtonHdl,Button *,EMPTYARG)428cdf0e10cSrcweir IMPL_LINK( DigitalSignaturesDialog, AddButtonHdl, Button*, EMPTYARG )
429cdf0e10cSrcweir {
430cdf0e10cSrcweir if( ! canAdd())
431cdf0e10cSrcweir return 0;
432cdf0e10cSrcweir try
433cdf0e10cSrcweir {
434cdf0e10cSrcweir uno::Reference<com::sun::star::xml::crypto::XSecurityEnvironment> xSecEnv = maSignatureHelper.GetSecurityEnvironment();
435cdf0e10cSrcweir
436cdf0e10cSrcweir uno::Reference<com::sun::star::security::XSerialNumberAdapter> xSerialNumberAdapter =
437cdf0e10cSrcweir ::com::sun::star::security::SerialNumberAdapter::create(mxCtx);
438cdf0e10cSrcweir CertificateChooser aChooser( this, mxCtx, xSecEnv, maCurrentSignatureInformations );
439cdf0e10cSrcweir if ( aChooser.Execute() == RET_OK )
440cdf0e10cSrcweir {
441cdf0e10cSrcweir uno::Reference< ::com::sun::star::security::XCertificate > xCert = aChooser.GetSelectedCertificate();
442cdf0e10cSrcweir if ( !xCert.is() )
443cdf0e10cSrcweir {
444cdf0e10cSrcweir DBG_ERRORFILE( "no certificate selected" );
445cdf0e10cSrcweir return -1;
446cdf0e10cSrcweir }
447cdf0e10cSrcweir rtl::OUString aCertSerial = xSerialNumberAdapter->toString( xCert->getSerialNumber() );
448cdf0e10cSrcweir if ( !aCertSerial.getLength() )
449cdf0e10cSrcweir {
450cdf0e10cSrcweir DBG_ERROR( "Error in Certificate, problem with serial number!" );
451cdf0e10cSrcweir return -1;
452cdf0e10cSrcweir }
453cdf0e10cSrcweir
454cdf0e10cSrcweir maSignatureHelper.StartMission();
455cdf0e10cSrcweir
456cdf0e10cSrcweir sal_Int32 nSecurityId = maSignatureHelper.GetNewSecurityId();
457cdf0e10cSrcweir
458cdf0e10cSrcweir rtl::OUStringBuffer aStrBuffer;
459cdf0e10cSrcweir SvXMLUnitConverter::encodeBase64(aStrBuffer, xCert->getEncoded());
460cdf0e10cSrcweir
461cdf0e10cSrcweir maSignatureHelper.SetX509Certificate( nSecurityId,
462cdf0e10cSrcweir xCert->getIssuerName(), aCertSerial,
463cdf0e10cSrcweir aStrBuffer.makeStringAndClear());
464cdf0e10cSrcweir
465cdf0e10cSrcweir std::vector< rtl::OUString > aElements =
466cdf0e10cSrcweir DocumentSignatureHelper::CreateElementList(
467cdf0e10cSrcweir mxStore, rtl::OUString(), meSignatureMode, OOo3_2Document);
468cdf0e10cSrcweir
469cdf0e10cSrcweir sal_Int32 nElements = aElements.size();
470cdf0e10cSrcweir for ( sal_Int32 n = 0; n < nElements; n++ )
471cdf0e10cSrcweir {
472cdf0e10cSrcweir bool bBinaryMode = !isXML(aElements[n]);
473cdf0e10cSrcweir maSignatureHelper.AddForSigning( nSecurityId, aElements[n], aElements[n], bBinaryMode );
474cdf0e10cSrcweir }
475cdf0e10cSrcweir
476cdf0e10cSrcweir maSignatureHelper.SetDateTime( nSecurityId, Date(), Time() );
477cdf0e10cSrcweir
478cdf0e10cSrcweir // We open a signature stream in which the existing and the new
479cdf0e10cSrcweir //signature is written. ImplGetSignatureInformation (later in this function) will
480cdf0e10cSrcweir //then read the stream an will fill maCurrentSignatureInformations. The final signature
481cdf0e10cSrcweir //is written when the user presses OK. Then only maCurrentSignatureInformation and
482cdf0e10cSrcweir //a sax writer are used to write the information.
483cdf0e10cSrcweir SignatureStreamHelper aStreamHelper = ImplOpenSignatureStream(
484cdf0e10cSrcweir css::embed::ElementModes::WRITE|css::embed::ElementModes::TRUNCATE, true);
485cdf0e10cSrcweir Reference< css::io::XOutputStream > xOutputStream(
486cdf0e10cSrcweir aStreamHelper.xSignatureStream, UNO_QUERY_THROW);
487cdf0e10cSrcweir Reference< css::xml::sax::XDocumentHandler> xDocumentHandler =
488cdf0e10cSrcweir maSignatureHelper.CreateDocumentHandlerWithHeader( xOutputStream );
489cdf0e10cSrcweir
490cdf0e10cSrcweir // Export old signatures...
491cdf0e10cSrcweir int nInfos = maCurrentSignatureInformations.size();
492cdf0e10cSrcweir for ( int n = 0; n < nInfos; n++ )
493cdf0e10cSrcweir maSignatureHelper.ExportSignature( xDocumentHandler, maCurrentSignatureInformations[n]);
494cdf0e10cSrcweir
495cdf0e10cSrcweir // Create a new one...
496cdf0e10cSrcweir maSignatureHelper.CreateAndWriteSignature( xDocumentHandler );
497cdf0e10cSrcweir
498cdf0e10cSrcweir // That's it...
499cdf0e10cSrcweir maSignatureHelper.CloseDocumentHandler( xDocumentHandler);
500cdf0e10cSrcweir
501cdf0e10cSrcweir maSignatureHelper.EndMission();
502cdf0e10cSrcweir
503cdf0e10cSrcweir aStreamHelper = SignatureStreamHelper(); // release objects...
504cdf0e10cSrcweir
505cdf0e10cSrcweir mbSignaturesChanged = true;
506cdf0e10cSrcweir
507cdf0e10cSrcweir sal_Int32 nStatus = maSignatureHelper.GetSignatureInformation( nSecurityId ).nStatus;
508cdf0e10cSrcweir
509cdf0e10cSrcweir if ( nStatus == ::com::sun::star::xml::crypto::SecurityOperationStatus_OPERATION_SUCCEEDED )
510cdf0e10cSrcweir {
511cdf0e10cSrcweir mbSignaturesChanged = true;
512cdf0e10cSrcweir
513cdf0e10cSrcweir // Can't simply remember current information, need parsing for getting full information :(
514cdf0e10cSrcweir // We need to verify the signatures again, otherwise the status in the signature information
515cdf0e10cSrcweir // will not contain
516cdf0e10cSrcweir // SecurityOperationStatus_OPERATION_SUCCEEDED
517cdf0e10cSrcweir mbVerifySignatures = true;
518cdf0e10cSrcweir ImplGetSignatureInformations(true);
519cdf0e10cSrcweir ImplFillSignaturesBox();
520cdf0e10cSrcweir }
521cdf0e10cSrcweir }
522cdf0e10cSrcweir }
523cdf0e10cSrcweir catch ( uno::Exception& )
524cdf0e10cSrcweir {
525cdf0e10cSrcweir DBG_ERROR( "Exception while adding a signature!" );
526cdf0e10cSrcweir // Don't keep invalid entries...
527cdf0e10cSrcweir ImplGetSignatureInformations(true);
528cdf0e10cSrcweir ImplFillSignaturesBox();
529cdf0e10cSrcweir }
530cdf0e10cSrcweir
531cdf0e10cSrcweir return 0;
532cdf0e10cSrcweir }
533cdf0e10cSrcweir
IMPL_LINK(DigitalSignaturesDialog,RemoveButtonHdl,Button *,EMPTYARG)534cdf0e10cSrcweir IMPL_LINK( DigitalSignaturesDialog, RemoveButtonHdl, Button*, EMPTYARG )
535cdf0e10cSrcweir {
536cdf0e10cSrcweir if (!canRemove())
537cdf0e10cSrcweir return 0;
538cdf0e10cSrcweir if( maSignaturesLB.FirstSelected() )
539cdf0e10cSrcweir {
540cdf0e10cSrcweir try
541cdf0e10cSrcweir {
542cdf0e10cSrcweir sal_uInt16 nSelected = (sal_uInt16) (sal_uIntPtr) maSignaturesLB.FirstSelected()->GetUserData();
543cdf0e10cSrcweir maCurrentSignatureInformations.erase( maCurrentSignatureInformations.begin()+nSelected );
544cdf0e10cSrcweir
545cdf0e10cSrcweir // Export all other signatures...
546cdf0e10cSrcweir SignatureStreamHelper aStreamHelper = ImplOpenSignatureStream(
547cdf0e10cSrcweir css::embed::ElementModes::WRITE | css::embed::ElementModes::TRUNCATE, true);
548cdf0e10cSrcweir Reference< css::io::XOutputStream > xOutputStream(
549cdf0e10cSrcweir aStreamHelper.xSignatureStream, UNO_QUERY_THROW);
550cdf0e10cSrcweir Reference< css::xml::sax::XDocumentHandler> xDocumentHandler =
551cdf0e10cSrcweir maSignatureHelper.CreateDocumentHandlerWithHeader( xOutputStream );
552cdf0e10cSrcweir
553cdf0e10cSrcweir int nInfos = maCurrentSignatureInformations.size();
554cdf0e10cSrcweir for( int n = 0 ; n < nInfos ; ++n )
555cdf0e10cSrcweir maSignatureHelper.ExportSignature( xDocumentHandler, maCurrentSignatureInformations[ n ] );
556cdf0e10cSrcweir
557cdf0e10cSrcweir maSignatureHelper.CloseDocumentHandler( xDocumentHandler);
558cdf0e10cSrcweir
559cdf0e10cSrcweir mbSignaturesChanged = true;
560cdf0e10cSrcweir
561cdf0e10cSrcweir aStreamHelper = SignatureStreamHelper(); // release objects...
562cdf0e10cSrcweir
563cdf0e10cSrcweir ImplFillSignaturesBox();
564cdf0e10cSrcweir }
565cdf0e10cSrcweir catch ( uno::Exception& )
566cdf0e10cSrcweir {
567cdf0e10cSrcweir DBG_ERROR( "Exception while removing a signature!" );
568cdf0e10cSrcweir // Don't keep invalid entries...
569cdf0e10cSrcweir ImplGetSignatureInformations(true);
570cdf0e10cSrcweir ImplFillSignaturesBox();
571cdf0e10cSrcweir }
572cdf0e10cSrcweir }
573cdf0e10cSrcweir
574cdf0e10cSrcweir return 0;
575cdf0e10cSrcweir }
576cdf0e10cSrcweir
IMPL_LINK(DigitalSignaturesDialog,StartVerifySignatureHdl,void *,EMPTYARG)577cdf0e10cSrcweir IMPL_LINK( DigitalSignaturesDialog, StartVerifySignatureHdl, void*, EMPTYARG )
578cdf0e10cSrcweir {
579cdf0e10cSrcweir return mbVerifySignatures ? 1 : 0;
580cdf0e10cSrcweir }
581cdf0e10cSrcweir
ImplFillSignaturesBox()582cdf0e10cSrcweir void DigitalSignaturesDialog::ImplFillSignaturesBox()
583cdf0e10cSrcweir {
584cdf0e10cSrcweir maSignaturesLB.Clear();
585cdf0e10cSrcweir
586cdf0e10cSrcweir uno::Reference< ::com::sun::star::xml::crypto::XSecurityEnvironment > xSecEnv = maSignatureHelper.GetSecurityEnvironment();
587cdf0e10cSrcweir uno::Reference<com::sun::star::security::XSerialNumberAdapter> xSerialNumberAdapter =
588cdf0e10cSrcweir ::com::sun::star::security::SerialNumberAdapter::create(mxCtx);
589cdf0e10cSrcweir
590cdf0e10cSrcweir uno::Reference< ::com::sun::star::security::XCertificate > xCert;
591cdf0e10cSrcweir
592cdf0e10cSrcweir String aNullStr;
593cdf0e10cSrcweir int nInfos = maCurrentSignatureInformations.size();
594cdf0e10cSrcweir int nValidSigs = 0, nValidCerts = 0;
595cdf0e10cSrcweir bool bAllNewSignatures = true;
596cdf0e10cSrcweir
597cdf0e10cSrcweir if( nInfos )
598cdf0e10cSrcweir {
599cdf0e10cSrcweir for( int n = 0; n < nInfos; ++n )
600cdf0e10cSrcweir {
601cdf0e10cSrcweir DocumentSignatureAlgorithm mode = DocumentSignatureHelper::getDocumentAlgorithm(
602cdf0e10cSrcweir m_sODFVersion, maCurrentSignatureInformations[n]);
603cdf0e10cSrcweir std::vector< rtl::OUString > aElementsToBeVerified =
604cdf0e10cSrcweir DocumentSignatureHelper::CreateElementList(
605cdf0e10cSrcweir mxStore, ::rtl::OUString(), meSignatureMode, mode);
606cdf0e10cSrcweir
607cdf0e10cSrcweir const SignatureInformation& rInfo = maCurrentSignatureInformations[n];
608cdf0e10cSrcweir //First we try to get the certificate which is embedded in the XML Signature
609cdf0e10cSrcweir if (rInfo.ouX509Certificate.getLength())
610cdf0e10cSrcweir xCert = xSecEnv->createCertificateFromAscii(rInfo.ouX509Certificate);
611cdf0e10cSrcweir else {
612cdf0e10cSrcweir //There must be an embedded certificate because we use it to get the
613cdf0e10cSrcweir //issuer name. We cannot use /Signature/KeyInfo/X509Data/X509IssuerName
614cdf0e10cSrcweir //because it could be modified by an attacker. The issuer is displayed
615cdf0e10cSrcweir //in the digital signature dialog.
616cdf0e10cSrcweir //Comparing the X509IssuerName with the one from the X509Certificate in order
617cdf0e10cSrcweir //to find out if the X509IssuerName was modified does not work. See #i62684
618cdf0e10cSrcweir DBG_ASSERT(sal_False, "Could not find embedded certificate!");
619cdf0e10cSrcweir }
620cdf0e10cSrcweir
621cdf0e10cSrcweir //In case there is no embedded certificate we try to get it from a local store
622cdf0e10cSrcweir //Todo: This probably could be removed, see above.
623cdf0e10cSrcweir if (!xCert.is())
624cdf0e10cSrcweir xCert = xSecEnv->getCertificate( rInfo.ouX509IssuerName, xSerialNumberAdapter->toSequence( rInfo.ouX509SerialNumber ) );
625cdf0e10cSrcweir
626cdf0e10cSrcweir DBG_ASSERT( xCert.is(), "Certificate not found and can't be created!" );
627cdf0e10cSrcweir
628cdf0e10cSrcweir String aSubject;
629cdf0e10cSrcweir String aIssuer;
630cdf0e10cSrcweir String aDateTimeStr;
631cdf0e10cSrcweir
632cdf0e10cSrcweir bool bSigValid = false;
633cdf0e10cSrcweir bool bCertValid = false;
634cdf0e10cSrcweir if( xCert.is() )
635cdf0e10cSrcweir {
636cdf0e10cSrcweir //check the validity of the cert
637cdf0e10cSrcweir try {
638cdf0e10cSrcweir sal_Int32 certResult = xSecEnv->verifyCertificate(xCert,
639cdf0e10cSrcweir Sequence<css::uno::Reference<css::security::XCertificate> >());
640cdf0e10cSrcweir
641cdf0e10cSrcweir bCertValid = certResult == css::security::CertificateValidity::VALID ? true : false;
642cdf0e10cSrcweir if ( bCertValid )
643cdf0e10cSrcweir nValidCerts++;
644cdf0e10cSrcweir
645cdf0e10cSrcweir } catch (css::uno::SecurityException& ) {
646cdf0e10cSrcweir OSL_ENSURE(0, "Verification of certificate failed");
647cdf0e10cSrcweir bCertValid = false;
648cdf0e10cSrcweir }
649cdf0e10cSrcweir
650cdf0e10cSrcweir aSubject = XmlSec::GetContentPart( xCert->getSubjectName() );
651cdf0e10cSrcweir aIssuer = XmlSec::GetContentPart( xCert->getIssuerName() );
652cdf0e10cSrcweir // --> PB 2004-10-12 #i20172# String with date and time information
653cdf0e10cSrcweir aDateTimeStr = XmlSec::GetDateTimeString( rInfo.stDateTime );
654cdf0e10cSrcweir }
655cdf0e10cSrcweir bSigValid = ( rInfo.nStatus == ::com::sun::star::xml::crypto::SecurityOperationStatus_OPERATION_SUCCEEDED );
656cdf0e10cSrcweir
657cdf0e10cSrcweir if ( bSigValid )
658cdf0e10cSrcweir {
659cdf0e10cSrcweir bSigValid = DocumentSignatureHelper::checkIfAllFilesAreSigned(
660cdf0e10cSrcweir aElementsToBeVerified, rInfo, mode);
661cdf0e10cSrcweir
662cdf0e10cSrcweir if( bSigValid )
663cdf0e10cSrcweir nValidSigs++;
664cdf0e10cSrcweir }
665cdf0e10cSrcweir
666cdf0e10cSrcweir Image aImage;
667cdf0e10cSrcweir if (!bSigValid)
668cdf0e10cSrcweir {
669cdf0e10cSrcweir aImage = maSigsInvalidImg.GetImage();
670cdf0e10cSrcweir }
671cdf0e10cSrcweir else if (bSigValid && !bCertValid)
672cdf0e10cSrcweir {
673cdf0e10cSrcweir aImage = maSigsNotvalidatedImg.GetImage();
674cdf0e10cSrcweir }
675cdf0e10cSrcweir //Check if the signature is a "old" document signature, that is, which was created
676cdf0e10cSrcweir //by an version of OOo previous to 3.2
677cdf0e10cSrcweir else if (meSignatureMode == SignatureModeDocumentContent
678cdf0e10cSrcweir && bSigValid && bCertValid && !DocumentSignatureHelper::isOOo3_2_Signature(
679cdf0e10cSrcweir maCurrentSignatureInformations[n]))
680cdf0e10cSrcweir {
681cdf0e10cSrcweir aImage = maSigsNotvalidatedImg.GetImage();
682cdf0e10cSrcweir bAllNewSignatures &= false;
683cdf0e10cSrcweir }
684cdf0e10cSrcweir else if (meSignatureMode == SignatureModeDocumentContent
685cdf0e10cSrcweir && bSigValid && bCertValid && DocumentSignatureHelper::isOOo3_2_Signature(
686cdf0e10cSrcweir maCurrentSignatureInformations[n]))
687cdf0e10cSrcweir {
688cdf0e10cSrcweir aImage = maSigsValidImg.GetImage();
689cdf0e10cSrcweir }
690cdf0e10cSrcweir else if (meSignatureMode == SignatureModeMacros
691cdf0e10cSrcweir && bSigValid && bCertValid)
692cdf0e10cSrcweir {
693cdf0e10cSrcweir aImage = aImage = maSigsValidImg.GetImage();
694cdf0e10cSrcweir }
695cdf0e10cSrcweir
696cdf0e10cSrcweir SvLBoxEntry* pEntry = maSignaturesLB.InsertEntry( aNullStr, aImage, aImage );
697cdf0e10cSrcweir maSignaturesLB.SetEntryText( aSubject, pEntry, 1 );
698cdf0e10cSrcweir maSignaturesLB.SetEntryText( aIssuer, pEntry, 2 );
699cdf0e10cSrcweir maSignaturesLB.SetEntryText( aDateTimeStr, pEntry, 3 );
700cdf0e10cSrcweir pEntry->SetUserData( ( void* ) n ); // missuse user data as index
701cdf0e10cSrcweir }
702cdf0e10cSrcweir }
703cdf0e10cSrcweir
704cdf0e10cSrcweir bool bAllSigsValid = (nValidSigs == nInfos);
705cdf0e10cSrcweir bool bAllCertsValid = (nValidCerts == nInfos);
706cdf0e10cSrcweir bool bShowValidState = nInfos && (bAllSigsValid && bAllCertsValid && bAllNewSignatures);
707cdf0e10cSrcweir
708cdf0e10cSrcweir bool bShowNotValidatedState = nInfos && (bAllSigsValid && (!bAllCertsValid || !bAllNewSignatures));
709cdf0e10cSrcweir bool bShowInvalidState = nInfos && !bAllSigsValid;
710cdf0e10cSrcweir
711cdf0e10cSrcweir maSigsValidImg.Show( bShowValidState);
712cdf0e10cSrcweir maSigsValidFI.Show( bShowValidState );
713cdf0e10cSrcweir maSigsInvalidImg.Show( bShowInvalidState );
714cdf0e10cSrcweir maSigsInvalidFI.Show( bShowInvalidState );
715cdf0e10cSrcweir
716cdf0e10cSrcweir maSigsNotvalidatedImg.Show(bShowNotValidatedState);
717cdf0e10cSrcweir //bAllNewSignatures is always true if we are not in document mode
718cdf0e10cSrcweir maSigsNotvalidatedFI.Show(nInfos && bAllSigsValid && ! bAllCertsValid);
719cdf0e10cSrcweir maSigsOldSignatureFI.Show(nInfos && bAllSigsValid && bAllCertsValid && !bAllNewSignatures);
720cdf0e10cSrcweir
721cdf0e10cSrcweir SignatureHighlightHdl( NULL );
722cdf0e10cSrcweir }
723cdf0e10cSrcweir
724cdf0e10cSrcweir
725cdf0e10cSrcweir //If bUseTempStream is true then the temporary signature stream is used.
726cdf0e10cSrcweir //Otherwise the real signature stream is used.
ImplGetSignatureInformations(bool bUseTempStream)727cdf0e10cSrcweir void DigitalSignaturesDialog::ImplGetSignatureInformations(bool bUseTempStream)
728cdf0e10cSrcweir {
729cdf0e10cSrcweir maCurrentSignatureInformations.clear();
730cdf0e10cSrcweir
731cdf0e10cSrcweir maSignatureHelper.StartMission();
732cdf0e10cSrcweir
733cdf0e10cSrcweir SignatureStreamHelper aStreamHelper = ImplOpenSignatureStream(
734cdf0e10cSrcweir css::embed::ElementModes::READ, bUseTempStream);
735cdf0e10cSrcweir if ( aStreamHelper.xSignatureStream.is() )
736cdf0e10cSrcweir {
737cdf0e10cSrcweir uno::Reference< io::XInputStream > xInputStream( aStreamHelper.xSignatureStream, uno::UNO_QUERY );
738cdf0e10cSrcweir maSignatureHelper.ReadAndVerifySignature( xInputStream );
739cdf0e10cSrcweir }
740cdf0e10cSrcweir maSignatureHelper.EndMission();
741cdf0e10cSrcweir
742cdf0e10cSrcweir maCurrentSignatureInformations = maSignatureHelper.GetSignatureInformations();
743cdf0e10cSrcweir
744cdf0e10cSrcweir mbVerifySignatures = false;
745cdf0e10cSrcweir }
746cdf0e10cSrcweir
ImplShowSignaturesDetails()747cdf0e10cSrcweir void DigitalSignaturesDialog::ImplShowSignaturesDetails()
748cdf0e10cSrcweir {
749cdf0e10cSrcweir if( maSignaturesLB.FirstSelected() )
750cdf0e10cSrcweir {
751cdf0e10cSrcweir sal_uInt16 nSelected = (sal_uInt16) (sal_uIntPtr) maSignaturesLB.FirstSelected()->GetUserData();
752cdf0e10cSrcweir const SignatureInformation& rInfo = maCurrentSignatureInformations[ nSelected ];
753cdf0e10cSrcweir css::uno::Reference<css::xml::crypto::XSecurityEnvironment > xSecEnv =
754cdf0e10cSrcweir maSignatureHelper.GetSecurityEnvironment();
755cdf0e10cSrcweir css::uno::Reference<com::sun::star::security::XSerialNumberAdapter> xSerialNumberAdapter =
756cdf0e10cSrcweir ::com::sun::star::security::SerialNumberAdapter::create(mxCtx);
757cdf0e10cSrcweir // Use Certificate from doc, not from key store
758cdf0e10cSrcweir uno::Reference< dcss::security::XCertificate > xCert;
759cdf0e10cSrcweir if (rInfo.ouX509Certificate.getLength())
760cdf0e10cSrcweir xCert = xSecEnv->createCertificateFromAscii(rInfo.ouX509Certificate);
761cdf0e10cSrcweir //fallback if no certificate is embedded, get if from store
762cdf0e10cSrcweir if (!xCert.is())
763cdf0e10cSrcweir xCert = xSecEnv->getCertificate( rInfo.ouX509IssuerName, xSerialNumberAdapter->toSequence( rInfo.ouX509SerialNumber ) );
764cdf0e10cSrcweir
765cdf0e10cSrcweir DBG_ASSERT( xCert.is(), "Error getting cCertificate!" );
766cdf0e10cSrcweir if ( xCert.is() )
767cdf0e10cSrcweir {
768cdf0e10cSrcweir CertificateViewer aViewer( this, maSignatureHelper.GetSecurityEnvironment(), xCert, sal_False );
769cdf0e10cSrcweir aViewer.Execute();
770cdf0e10cSrcweir }
771cdf0e10cSrcweir }
772cdf0e10cSrcweir }
773cdf0e10cSrcweir
774cdf0e10cSrcweir //If bTempStream is true, then a temporary stream is return. If it is false then, the actual
775cdf0e10cSrcweir //signature stream is used.
776cdf0e10cSrcweir //Everytime the user presses Add a new temporary stream is created.
777cdf0e10cSrcweir //We keep the temporary stream as member because ImplGetSignatureInformations
778cdf0e10cSrcweir //will later access the stream to create DocumentSignatureInformation objects
779cdf0e10cSrcweir //which are stored in maCurrentSignatureInformations.
ImplOpenSignatureStream(sal_Int32 nStreamOpenMode,bool bTempStream)780cdf0e10cSrcweir SignatureStreamHelper DigitalSignaturesDialog::ImplOpenSignatureStream(
781cdf0e10cSrcweir sal_Int32 nStreamOpenMode, bool bTempStream)
782cdf0e10cSrcweir {
783cdf0e10cSrcweir SignatureStreamHelper aHelper;
784cdf0e10cSrcweir if (bTempStream)
785cdf0e10cSrcweir {
786cdf0e10cSrcweir if (nStreamOpenMode & css::embed::ElementModes::TRUNCATE)
787cdf0e10cSrcweir {
788cdf0e10cSrcweir //We write always into a new temporary stream.
789cdf0e10cSrcweir mxTempSignatureStream = Reference < css::io::XStream >(
790cdf0e10cSrcweir mxCtx->getServiceManager()->createInstanceWithContext(
791cdf0e10cSrcweir OUSTR( "com.sun.star.io.TempFile" ), mxCtx) ,
792cdf0e10cSrcweir UNO_QUERY_THROW);
793cdf0e10cSrcweir aHelper.xSignatureStream = mxTempSignatureStream;
794cdf0e10cSrcweir }
795cdf0e10cSrcweir else
796cdf0e10cSrcweir {
797cdf0e10cSrcweir //When we read from the temp stream, then we must have previously
798cdf0e10cSrcweir //created one.
799cdf0e10cSrcweir OSL_ASSERT(mxTempSignatureStream.is());
800cdf0e10cSrcweir }
801cdf0e10cSrcweir aHelper.xSignatureStream = mxTempSignatureStream;
802cdf0e10cSrcweir }
803cdf0e10cSrcweir else
804cdf0e10cSrcweir {
805cdf0e10cSrcweir //No temporary stream
806cdf0e10cSrcweir if (!mxSignatureStream.is())
807cdf0e10cSrcweir {
808cdf0e10cSrcweir //We may not have a dedicated stream for writing the signature
809cdf0e10cSrcweir //So we take one directly from the storage
810cdf0e10cSrcweir //Or DocumentDigitalSignatures::showDocumentContentSignatures was called,
811cdf0e10cSrcweir //in which case Add/Remove is not allowed. This is done, for example, if the
812cdf0e10cSrcweir //document is readonly
813cdf0e10cSrcweir aHelper = DocumentSignatureHelper::OpenSignatureStream(
814cdf0e10cSrcweir mxStore, nStreamOpenMode, meSignatureMode );
815cdf0e10cSrcweir }
816cdf0e10cSrcweir else
817cdf0e10cSrcweir {
818cdf0e10cSrcweir aHelper.xSignatureStream = mxSignatureStream;
819cdf0e10cSrcweir }
820cdf0e10cSrcweir }
821cdf0e10cSrcweir
822cdf0e10cSrcweir if (nStreamOpenMode & css::embed::ElementModes::TRUNCATE)
823cdf0e10cSrcweir {
824cdf0e10cSrcweir css::uno::Reference < css::io::XTruncate > xTruncate(
825cdf0e10cSrcweir aHelper.xSignatureStream, UNO_QUERY_THROW);
826cdf0e10cSrcweir DBG_ASSERT( xTruncate.is(), "ImplOpenSignatureStream - Stream does not support xTruncate!" );
827cdf0e10cSrcweir xTruncate->truncate();
828cdf0e10cSrcweir }
829cdf0e10cSrcweir else if ( bTempStream || mxSignatureStream.is())
830cdf0e10cSrcweir {
831cdf0e10cSrcweir //In case we read the signature stream from the storage directly,
832cdf0e10cSrcweir //which is the case when DocumentDigitalSignatures::showDocumentContentSignatures
833cdf0e10cSrcweir //then XSeakable is not supported
834cdf0e10cSrcweir css::uno::Reference < css::io::XSeekable > xSeek(
835cdf0e10cSrcweir aHelper.xSignatureStream, UNO_QUERY_THROW);
836cdf0e10cSrcweir DBG_ASSERT( xSeek.is(), "ImplOpenSignatureStream - Stream does not support xSeekable!" );
837cdf0e10cSrcweir xSeek->seek( 0 );
838cdf0e10cSrcweir }
839cdf0e10cSrcweir
840cdf0e10cSrcweir return aHelper;
841cdf0e10cSrcweir }
842cdf0e10cSrcweir
843