use proper struct for trusted authors
instead of passing around a Sequence<String>, there is no need
to use UNO types here.
Change-Id: I1b9a1b6919f830d8ce29139b4362b979a669d505
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/107396
Tested-by: Jenkins
Reviewed-by: Noel Grandin <noel.grandin@collabora.co.uk>
diff --git a/include/unotools/securityoptions.hxx b/include/unotools/securityoptions.hxx
index 85ae5e6..7a339a9 100644
--- a/include/unotools/securityoptions.hxx
+++ b/include/unotools/securityoptions.hxx
@@ -63,17 +63,17 @@ class SAL_WARN_UNUSED UNOTOOLS_DLLPUBLIC SvtSecurityOptions final : public utl::
BlockUntrustedRefererLinks
};
typedef css::uno::Sequence< OUString > Certificate;
/*
// MT: Doesn't work for sequence...
struct Certificate
{
OUString SubjectName;
OUString SerialNumber;
OUString RawData;
bool operator==(const Certificate& other) const
{
return SubjectName == other.SubjectName && SerialNumber == other.SerialNumber && RawData == other.RawData;
}
};
*/
public:
SvtSecurityOptions();
@@ -155,8 +155,8 @@ class SAL_WARN_UNUSED UNOTOOLS_DLLPUBLIC SvtSecurityOptions final : public utl::
bool isTrustedLocationUriForUpdatingLinks(OUString const & uri) const;
css::uno::Sequence< Certificate > GetTrustedAuthors ( ) const;
void SetTrustedAuthors ( const css::uno::Sequence< Certificate >& rAuthors );
std::vector< Certificate > GetTrustedAuthors() const;
void SetTrustedAuthors( const std::vector< Certificate >& rAuthors );
// for bool options only!
bool IsOptionSet ( EOption eOption ) const;
diff --git a/unotools/source/config/securityoptions.cxx b/unotools/source/config/securityoptions.cxx
index 5131803..7acb0ff 100644
--- a/unotools/source/config/securityoptions.cxx
+++ b/unotools/source/config/securityoptions.cxx
@@ -41,7 +41,7 @@ using namespace ::com::sun::star::uno;
#define ROOTNODE_SECURITY "Office.Common/Security/Scripting"
#define DEFAULT_SECUREURL Sequence< OUString >()
#define DEFAULT_TRUSTEDAUTHORS Sequence< SvtSecurityOptions::Certificate >()
#define DEFAULT_TRUSTEDAUTHORS std::vector< SvtSecurityOptions::Certificate >()
#define PROPERTYNAME_SECUREURL u"SecureURL"
#define PROPERTYNAME_DOCWARN_SAVEORSEND u"WarnSaveOrSendDoc"
@@ -120,8 +120,8 @@ class SvtSecurityOptions_Impl : public ConfigItem
inline bool IsMacroDisabled ( ) const;
const Sequence< SvtSecurityOptions::Certificate >& GetTrustedAuthors( ) const { return m_seqTrustedAuthors;}
void SetTrustedAuthors ( const Sequence< SvtSecurityOptions::Certificate >& rAuthors );
const std::vector< SvtSecurityOptions::Certificate >& GetTrustedAuthors() const { return m_seqTrustedAuthors;}
void SetTrustedAuthors ( const std::vector< SvtSecurityOptions::Certificate >& rAuthors );
bool IsOptionSet ( SvtSecurityOptions::EOption eOption ) const;
void SetOption ( SvtSecurityOptions::EOption eOption, bool bValue );
@@ -151,7 +151,7 @@ class SvtSecurityOptions_Impl : public ConfigItem
bool m_bCtrlClickHyperlink;
bool m_bBlockUntrustedRefererLinks;
sal_Int32 m_nSecLevel;
Sequence< SvtSecurityOptions::Certificate > m_seqTrustedAuthors;
std::vector< SvtSecurityOptions::Certificate > m_seqTrustedAuthors;
bool m_bDisableMacros;
bool m_bROSecureURLs;
@@ -330,7 +330,7 @@ void SvtSecurityOptions_Impl::SetProperty( sal_Int32 nProperty, const Any& rValu
void SvtSecurityOptions_Impl::LoadAuthors()
{
m_seqTrustedAuthors.realloc( 0 ); // first clear
m_seqTrustedAuthors.clear(); // first clear
const Sequence< OUString > lAuthors = GetNodeNames( PROPERTYNAME_MACRO_TRUSTEDAUTHORS );
sal_Int32 c1 = lAuthors.getLength();
if( !c1 )
@@ -356,26 +356,26 @@ void SvtSecurityOptions_Impl::LoadAuthors()
return;
std::vector< SvtSecurityOptions::Certificate > v;
SvtSecurityOptions::Certificate aCert( 3 );
SvtSecurityOptions::Certificate aCert;
i2 = 0;
for( sal_Int32 i1 = 0; i1 < c1; ++i1 )
{
lValues[ i2 ] >>= aCert[ 0 ];
lValues[ i2 ] >>= aCert.SubjectName;
++i2;
lValues[ i2 ] >>= aCert[ 1 ];
lValues[ i2 ] >>= aCert.SerialNumber;
++i2;
lValues[ i2 ] >>= aCert[ 2 ];
lValues[ i2 ] >>= aCert.RawData;
++i2;
// Filter out TrustedAuthor entries with empty RawData, which
// would cause an unexpected std::bad_alloc in
// SecurityEnvironment_NssImpl::createCertificateFromAscii and
// have been observed in the wild (fdo#55019):
if( !aCert[ 2 ].isEmpty() )
if( !aCert.RawData.isEmpty() )
{
v.push_back( aCert );
}
}
m_seqTrustedAuthors = comphelper::containerToSequence(v);
m_seqTrustedAuthors = v;
}
sal_Int32 SvtSecurityOptions_Impl::GetHandle( std::u16string_view rName )
@@ -583,7 +583,7 @@ void SvtSecurityOptions_Impl::ImplCommit()
bDone = !m_bROTrustedAuthors;
if( bDone )
{
sal_Int32 nCnt = m_seqTrustedAuthors.getLength();
sal_Int32 nCnt = m_seqTrustedAuthors.size();
if( nCnt )
{
for( sal_Int32 i = 0; i < nCnt; ++i )
@@ -593,11 +593,11 @@ void SvtSecurityOptions_Impl::ImplCommit()
+ OUString::number(i) + "/");
Sequence< css::beans::PropertyValue > lPropertyValues( 3 );
lPropertyValues[ 0 ].Name = aPrefix + PROPERTYNAME_TRUSTEDAUTHOR_SUBJECTNAME;
lPropertyValues[ 0 ].Value <<= m_seqTrustedAuthors[ i ][0];
lPropertyValues[ 0 ].Value <<= m_seqTrustedAuthors[ i ].SubjectName;
lPropertyValues[ 1 ].Name = aPrefix + PROPERTYNAME_TRUSTEDAUTHOR_SERIALNUMBER;
lPropertyValues[ 1 ].Value <<= m_seqTrustedAuthors[ i ][1];
lPropertyValues[ 1 ].Value <<= m_seqTrustedAuthors[ i ].SerialNumber;
lPropertyValues[ 2 ].Name = aPrefix + PROPERTYNAME_TRUSTEDAUTHOR_RAWDATA;
lPropertyValues[ 2 ].Value <<= m_seqTrustedAuthors[ i ][2];
lPropertyValues[ 2 ].Value <<= m_seqTrustedAuthors[ i ].RawData;
SetSetProperties( PROPERTYNAME_MACRO_TRUSTEDAUTHORS, lPropertyValues );
}
@@ -717,7 +717,7 @@ void SvtSecurityOptions_Impl::SetMacroSecurityLevel( sal_Int32 _nLevel )
}
void SvtSecurityOptions_Impl::SetTrustedAuthors( const Sequence< SvtSecurityOptions::Certificate >& rAuthors )
void SvtSecurityOptions_Impl::SetTrustedAuthors( const std::vector< SvtSecurityOptions::Certificate >& rAuthors )
{
DBG_ASSERT(!m_bROTrustedAuthors, "SvtSecurityOptions_Impl::SetTrustedAuthors()\nYou tried to write on a readonly value!\n");
if( !m_bROTrustedAuthors && rAuthors != m_seqTrustedAuthors )
@@ -893,13 +893,13 @@ bool SvtSecurityOptions::IsMacroDisabled() const
return m_pImpl->IsMacroDisabled();
}
Sequence< SvtSecurityOptions::Certificate > SvtSecurityOptions::GetTrustedAuthors() const
std::vector< SvtSecurityOptions::Certificate > SvtSecurityOptions::GetTrustedAuthors() const
{
MutexGuard aGuard( GetInitMutex() );
return m_pImpl->GetTrustedAuthors();
}
void SvtSecurityOptions::SetTrustedAuthors( const Sequence< Certificate >& rAuthors )
void SvtSecurityOptions::SetTrustedAuthors( const std::vector< Certificate >& rAuthors )
{
MutexGuard aGuard( GetInitMutex() );
m_pImpl->SetTrustedAuthors( rAuthors );
diff --git a/xmlsecurity/inc/macrosecurity.hxx b/xmlsecurity/inc/macrosecurity.hxx
index 74d35ae..4461188 100644
--- a/xmlsecurity/inc/macrosecurity.hxx
+++ b/xmlsecurity/inc/macrosecurity.hxx
@@ -92,7 +92,7 @@ public:
class MacroSecurityTrustedSourcesTP : public MacroSecurityTP
{
private:
css::uno::Sequence< SvtSecurityOptions::Certificate > m_aTrustedAuthors;
std::vector< SvtSecurityOptions::Certificate > m_aTrustedAuthors;
bool mbAuthorsReadonly;
bool mbURLsReadonly;
diff --git a/xmlsecurity/source/component/documentdigitalsignatures.cxx b/xmlsecurity/source/component/documentdigitalsignatures.cxx
index f69bbb4..ac9f25c 100644
--- a/xmlsecurity/source/component/documentdigitalsignatures.cxx
+++ b/xmlsecurity/source/component/documentdigitalsignatures.cxx
@@ -653,12 +653,12 @@ sal_Bool DocumentDigitalSignatures::isAuthorTrusted(
{
OUString sSerialNum = xmlsecurity::bigIntegerToNumericString( Author->getSerialNumber() );
Sequence< SvtSecurityOptions::Certificate > aTrustedAuthors = SvtSecurityOptions().GetTrustedAuthors();
std::vector< SvtSecurityOptions::Certificate > aTrustedAuthors = SvtSecurityOptions().GetTrustedAuthors();
return std::any_of(aTrustedAuthors.begin(), aTrustedAuthors.end(),
[&Author, &sSerialNum](const SvtSecurityOptions::Certificate& rAuthor) {
return ( rAuthor[0] == Author->getIssuerName() )
&& ( rAuthor[1] == sSerialNum );
return ( rAuthor.SubjectName == Author->getIssuerName() )
&& ( rAuthor.SerialNumber == sSerialNum );
});
}
@@ -762,20 +762,16 @@ void DocumentDigitalSignatures::addAuthorToTrustedSources(
{
SvtSecurityOptions aSecOpts;
SvtSecurityOptions::Certificate aNewCert( 3 );
aNewCert[ 0 ] = Author->getIssuerName();
aNewCert[ 1 ] = xmlsecurity::bigIntegerToNumericString( Author->getSerialNumber() );
SvtSecurityOptions::Certificate aNewCert;
aNewCert.SubjectName = Author->getIssuerName();
aNewCert.SerialNumber = xmlsecurity::bigIntegerToNumericString( Author->getSerialNumber() );
OUStringBuffer aStrBuffer;
::comphelper::Base64::encode(aStrBuffer, Author->getEncoded());
aNewCert[ 2 ] = aStrBuffer.makeStringAndClear();
aNewCert.RawData = aStrBuffer.makeStringAndClear();
Sequence< SvtSecurityOptions::Certificate > aTrustedAuthors = aSecOpts.GetTrustedAuthors();
sal_Int32 nCnt = aTrustedAuthors.getLength();
aTrustedAuthors.realloc( nCnt + 1 );
aTrustedAuthors[ nCnt ] = aNewCert;
std::vector< SvtSecurityOptions::Certificate > aTrustedAuthors = aSecOpts.GetTrustedAuthors();
aTrustedAuthors.push_back( aNewCert );
aSecOpts.SetTrustedAuthors( aTrustedAuthors );
}
diff --git a/xmlsecurity/source/dialogs/macrosecurity.cxx b/xmlsecurity/source/dialogs/macrosecurity.cxx
index 540a62e..ac4d7bc 100644
--- a/xmlsecurity/source/dialogs/macrosecurity.cxx
+++ b/xmlsecurity/source/dialogs/macrosecurity.cxx
@@ -216,23 +216,23 @@ IMPL_LINK_NOARG(MacroSecurityTrustedSourcesTP, ViewCertPBHdl, weld::Button&, voi
uno::Reference< css::security::XCertificate > xCert;
try
{
xCert = m_pDlg->m_xSecurityEnvironment->getCertificate(m_aTrustedAuthors[nSelected][0],
xmlsecurity::numericStringToBigInteger(m_aTrustedAuthors[nSelected][1]));
xCert = m_pDlg->m_xSecurityEnvironment->getCertificate(m_aTrustedAuthors[nSelected].SubjectName,
xmlsecurity::numericStringToBigInteger(m_aTrustedAuthors[nSelected].SerialNumber));
}
catch (...)
{
TOOLS_WARN_EXCEPTION("xmlsecurity.dialogs", "matching certificate not found for: " << m_aTrustedAuthors[nSelected][0]);
TOOLS_WARN_EXCEPTION("xmlsecurity.dialogs", "matching certificate not found for: " << m_aTrustedAuthors[nSelected].SubjectName);
}
if (!xCert.is())
{
try
{
xCert = m_pDlg->m_xSecurityEnvironment->createCertificateFromAscii(m_aTrustedAuthors[nSelected][2]);
xCert = m_pDlg->m_xSecurityEnvironment->createCertificateFromAscii(m_aTrustedAuthors[nSelected].RawData);
}
catch (...)
{
TOOLS_WARN_EXCEPTION("xmlsecurity.dialogs", "certificate data couldn't be parsed: " << m_aTrustedAuthors[nSelected][2]);
TOOLS_WARN_EXCEPTION("xmlsecurity.dialogs", "certificate data couldn't be parsed: " << m_aTrustedAuthors[nSelected].RawData);
}
}
@@ -243,7 +243,7 @@ IMPL_LINK_NOARG(MacroSecurityTrustedSourcesTP, ViewCertPBHdl, weld::Button&, voi
}
else
// should never happen, as we parsed the certificate data when we added it!
ShowBrokenCertificateError(m_aTrustedAuthors[nSelected][2]);
ShowBrokenCertificateError(m_aTrustedAuthors[nSelected].RawData);
}
IMPL_LINK_NOARG(MacroSecurityTrustedSourcesTP, RemoveCertPBHdl, weld::Button&, void)
@@ -252,7 +252,7 @@ IMPL_LINK_NOARG(MacroSecurityTrustedSourcesTP, RemoveCertPBHdl, weld::Button&, v
if (nEntry != -1)
{
sal_uInt16 nAuthor = m_xTrustCertLB->get_id(nEntry).toUInt32();
::comphelper::removeElementAt( m_aTrustedAuthors, nAuthor );
m_aTrustedAuthors.erase(m_aTrustedAuthors.begin() + nAuthor);
FillCertLB();
ImplCheckButtons();
@@ -328,19 +328,19 @@ void MacroSecurityTrustedSourcesTP::FillCertLB(const bool bShowWarnings)
{
m_xTrustCertLB->clear();
sal_uInt32 nEntries = m_aTrustedAuthors.getLength();
sal_uInt32 nEntries = m_aTrustedAuthors.size();
if ( !(nEntries && m_pDlg->m_xSecurityEnvironment.is()) )
return;
for( sal_uInt32 nEntry = 0 ; nEntry < nEntries ; ++nEntry )
{
css::uno::Sequence< OUString >& rEntry = m_aTrustedAuthors[ nEntry ];
SvtSecurityOptions::Certificate& rEntry = m_aTrustedAuthors[ nEntry ];
try
{
// create from RawData
uno::Reference< css::security::XCertificate > xCert = m_pDlg->m_xSecurityEnvironment->createCertificateFromAscii(rEntry[2]);
uno::Reference< css::security::XCertificate > xCert = m_pDlg->m_xSecurityEnvironment->createCertificateFromAscii(rEntry.RawData);
m_xTrustCertLB->append(OUString::number(nEntry), xmlsec::GetContentPart(xCert->getSubjectName(), xCert->getCertificateKind()));
m_xTrustCertLB->set_text(nEntry, xmlsec::GetContentPart(xCert->getIssuerName(), xCert->getCertificateKind()), 1);
m_xTrustCertLB->set_text(nEntry, utl::GetDateTimeString(xCert->getNotValidAfter()), 2);
@@ -349,8 +349,8 @@ void MacroSecurityTrustedSourcesTP::FillCertLB(const bool bShowWarnings)
{
if (bShowWarnings)
{
TOOLS_WARN_EXCEPTION("xmlsecurity.dialogs", "certificate data couldn't be parsed: " << rEntry[2]);
OUString sData = rEntry[2];
TOOLS_WARN_EXCEPTION("xmlsecurity.dialogs", "certificate data couldn't be parsed: " << rEntry.RawData);
OUString sData = rEntry.RawData;
css::uno::Any tools_warn_exception(DbgGetCaughtException());
OUString sException = OStringToOUString(exceptionToString(tools_warn_exception), RTL_TEXTENCODING_UTF8);
if (!sException.isEmpty())
