Related tdf#97694 Check Base macro signatures on load
Change-Id: I45c6eae633c41585c6c7e4c5fff0b187a6dc1f60
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/90908
Tested-by: Jenkins
Reviewed-by: Samuel Mehrbrodt <Samuel.Mehrbrodt@cib.de>
diff --git a/dbaccess/source/core/dataaccess/ModelImpl.cxx b/dbaccess/source/core/dataaccess/ModelImpl.cxx
index c446950..35a4f8f 100644
--- a/dbaccess/source/core/dataaccess/ModelImpl.cxx
+++ b/dbaccess/source/core/dataaccess/ModelImpl.cxx
@@ -36,10 +36,15 @@
#include <com/sun/star/script/DocumentScriptLibraryContainer.hpp>
#include <com/sun/star/script/DocumentDialogLibraryContainer.hpp>
#include <com/sun/star/util/NumberFormatsSupplier.hpp>
#include <com/sun/star/security/DocumentDigitalSignatures.hpp>
#include <com/sun/star/security/XDocumentDigitalSignatures.hpp>
#include <cppuhelper/exc_hlp.hxx>
#include <cppuhelper/implbase.hxx>
#include <comphelper/documentinfo.hxx>
#include <comphelper/storagehelper.hxx>
#include <comphelper/types.hxx>
#include <comphelper/processfactory.hxx>
#include <sfx2/signaturestate.hxx>
#include <tools/diagnose_ex.h>
#include <osl/diagnose.h>
@@ -50,6 +55,7 @@
#include <algorithm>
using namespace css;
using namespace ::com::sun::star::document;
using namespace ::com::sun::star::sdbc;
using namespace ::com::sun::star::sdbcx;
@@ -353,6 +359,7 @@ ODatabaseModelImpl::ODatabaseModelImpl( const Reference< XComponentContext >& _r
,m_aEmbeddedMacros()
,m_bModificationLock( false )
,m_bDocumentInitialized( false )
,m_nScriptingSignatureState(SignatureState::UNKNOWN)
,m_aContext( _rxContext )
,m_nLoginTimeout(0)
,m_bReadOnly(false)
@@ -1271,13 +1278,54 @@ Reference< XEmbeddedScripts > ODatabaseModelImpl::getEmbeddedDocumentScripts() c
SignatureState ODatabaseModelImpl::getScriptingSignatureState()
{
// no support for signatures at the moment
return SignatureState::NOSIGNATURES;
return m_nScriptingSignatureState;
}
bool ODatabaseModelImpl::hasTrustedScriptingSignature( bool /*bAllowUIToAddAuthor*/ )
bool ODatabaseModelImpl::hasTrustedScriptingSignature(bool /*bAllowUIToAddAuthor*/)
{
// no support for signatures at the moment
return false;
bool bResult = false;
try
{
// Don't use m_xDocumentStorage, that somehow has an incomplete storage representation
// which leads to signatures not being found
Reference<XStorage> xStorage = comphelper::OStorageHelper::GetStorageOfFormatFromURL(
ZIP_STORAGE_FORMAT_STRING, m_sDocFileLocation, ElementModes::READ);
OUString aVersion;
try
{
uno::Reference<beans::XPropertySet> xPropSet(xStorage, uno::UNO_QUERY_THROW);
xPropSet->getPropertyValue("Version") >>= aVersion;
}
catch (uno::Exception&)
{
}
uno::Reference<security::XDocumentDigitalSignatures> xSigner(
security::DocumentDigitalSignatures::createWithVersion(
comphelper::getProcessComponentContext(), aVersion));
uno::Sequence<security::DocumentSignatureInformation> aInfo
= xSigner->verifyScriptingContentSignatures(xStorage,
uno::Reference<io::XInputStream>());
if (!aInfo.hasElements())
return false;
m_nScriptingSignatureState = DocumentSignatures::getSignatureState(aInfo);
if (m_nScriptingSignatureState == SignatureState::OK
|| m_nScriptingSignatureState == SignatureState::NOTVALIDATED)
{
bResult = std::any_of(aInfo.begin(), aInfo.end(),
[&xSigner](const security::DocumentSignatureInformation& rInfo) {
return xSigner->isAuthorTrusted(rInfo.Signer);
});
}
}
catch (uno::Exception&)
{
}
return bResult;
}
void ODatabaseModelImpl::storageIsModified()
diff --git a/dbaccess/source/core/inc/ModelImpl.hxx b/dbaccess/source/core/inc/ModelImpl.hxx
index d86ac74..d67029c 100644
--- a/dbaccess/source/core/inc/ModelImpl.hxx
+++ b/dbaccess/source/core/inc/ModelImpl.hxx
@@ -158,6 +158,8 @@ private:
*/
OUString m_sDocumentURL;
SignatureState m_nScriptingSignatureState;
public:
OWeakConnectionArray m_aConnections;
const css::uno::Reference< css::uno::XComponentContext > m_aContext;
diff --git a/include/sfx2/objsh.hxx b/include/sfx2/objsh.hxx
index 083ad2d..dd7d637 100644
--- a/include/sfx2/objsh.hxx
+++ b/include/sfx2/objsh.hxx
@@ -685,8 +685,6 @@ public:
SAL_DLLPRIVATE void BreakMacroSign_Impl( bool bBreakMacroSing );
SAL_DLLPRIVATE void CheckSecurityOnLoading_Impl();
SAL_DLLPRIVATE void CheckForBrokenDocSignatures_Impl();
SAL_DLLPRIVATE static SignatureState ImplCheckSignaturesInformation(
const css::uno::Sequence< css::security::DocumentSignatureInformation >& aInfos );
SAL_DLLPRIVATE void CheckEncryption_Impl( const css::uno::Reference< css::task::XInteractionHandler >& xHandler );
SAL_DLLPRIVATE void SetModifyPasswordEntered( bool bEntered = true );
SAL_DLLPRIVATE bool IsModifyPasswordEntered() const;
diff --git a/include/sfx2/signaturestate.hxx b/include/sfx2/signaturestate.hxx
index 8bdfdfa..e480e56 100644
--- a/include/sfx2/signaturestate.hxx
+++ b/include/sfx2/signaturestate.hxx
@@ -20,6 +20,10 @@
#ifndef INCLUDED_SFX2_SIGNATURESTATE_HXX
#define INCLUDED_SFX2_SIGNATURESTATE_HXX
#include <sfx2/dllapi.h>
#include <com/sun/star/security/DocumentSignatureInformation.hpp>
enum class SignatureState
{
// FIXME: Do these values have to be these, and given at all, or is this just cargo cult?
@@ -38,6 +42,13 @@ enum class SignatureState
NOTVALIDATED_PARTIAL_OK = 6
};
namespace DocumentSignatures
{
/** Get document signature state */
SFX2_DLLPUBLIC SignatureState
getSignatureState(const css::uno::Sequence<css::security::DocumentSignatureInformation>& aInfos);
}
#endif // INCLUDED_SFX2_SIGNATURESTATE_HXX
/* vim:set shiftwidth=4 softtabstop=4 expandtab: */
diff --git a/sfx2/Library_sfx.mk b/sfx2/Library_sfx.mk
index bcd9aa2..0ca31c3 100644
--- a/sfx2/Library_sfx.mk
+++ b/sfx2/Library_sfx.mk
@@ -231,6 +231,7 @@ $(eval $(call gb_Library_add_exception_objects,sfx,\
sfx2/source/doc/sfxbasemodel \
sfx2/source/doc/sfxmodelfactory \
sfx2/source/doc/SfxRedactionHelper \
sfx2/source/doc/signaturestate \
sfx2/source/doc/syspath \
sfx2/source/doc/zoomitem \
sfx2/source/doc/templatedlg \
diff --git a/sfx2/source/doc/objmisc.cxx b/sfx2/source/doc/objmisc.cxx
index 43a5f5b..7bf2c77 100644
--- a/sfx2/source/doc/objmisc.cxx
+++ b/sfx2/source/doc/objmisc.cxx
@@ -1810,7 +1810,7 @@ bool SfxObjectShell_Impl::hasTrustedScriptingSignature( bool bAllowUIToAddAuthor
if ( aInfo.hasElements() )
{
if ( nScriptingSignatureState == SignatureState::UNKNOWN )
nScriptingSignatureState = SfxObjectShell::ImplCheckSignaturesInformation( aInfo );
nScriptingSignatureState = DocumentSignatures::getSignatureState(aInfo);
if ( nScriptingSignatureState == SignatureState::OK
|| nScriptingSignatureState == SignatureState::NOTVALIDATED )
diff --git a/sfx2/source/doc/objserv.cxx b/sfx2/source/doc/objserv.cxx
index a4e4381..96f9320 100644
--- a/sfx2/source/doc/objserv.cxx
+++ b/sfx2/source/doc/objserv.cxx
@@ -1501,44 +1501,6 @@ void SfxObjectShell::StateView_Impl(SfxItemSet& /*rSet*/)
{
}
SignatureState SfxObjectShell::ImplCheckSignaturesInformation( const uno::Sequence< security::DocumentSignatureInformation >& aInfos )
{
bool bCertValid = true;
SignatureState nResult = SignatureState::NOSIGNATURES;
bool bCompleteSignature = true;
if( aInfos.hasElements() )
{
nResult = SignatureState::OK;
for ( const auto& rInfo : aInfos )
{
if ( bCertValid )
{
sal_Int32 nCertStat = rInfo.CertificateStatus;
bCertValid = nCertStat == security::CertificateValidity::VALID;
}
if ( !rInfo.SignatureIsValid )
{
nResult = SignatureState::BROKEN;
break; // we know enough
}
bCompleteSignature &= !rInfo.PartialDocumentSignature;
}
}
if (nResult == SignatureState::OK && !bCertValid && !bCompleteSignature)
nResult = SignatureState::NOTVALIDATED_PARTIAL_OK;
else if (nResult == SignatureState::OK && !bCertValid)
nResult = SignatureState::NOTVALIDATED;
else if ( nResult == SignatureState::OK && bCertValid && !bCompleteSignature)
nResult = SignatureState::PARTIAL_OK;
// this code must not check whether the document is modified
// it should only check the provided info
return nResult;
}
/// Does this ZIP storage have a signature stream?
static bool HasSignatureStream(const uno::Reference<embed::XStorage>& xStorage)
{
@@ -1636,7 +1598,7 @@ SignatureState SfxObjectShell::ImplGetSignatureState( bool bScriptingContent )
*pState = SignatureState::NOSIGNATURES;
uno::Sequence< security::DocumentSignatureInformation > aInfos = GetDocumentSignatureInformation( bScriptingContent );
*pState = ImplCheckSignaturesInformation( aInfos );
*pState = DocumentSignatures::getSignatureState(aInfos);
}
if ( *pState == SignatureState::OK || *pState == SignatureState::NOTVALIDATED
diff --git a/sfx2/source/doc/objstor.cxx b/sfx2/source/doc/objstor.cxx
index 56b8fdde..67e6421 100644
--- a/sfx2/source/doc/objstor.cxx
+++ b/sfx2/source/doc/objstor.cxx
@@ -1582,7 +1582,7 @@ bool SfxObjectShell::SaveTo_Impl
uno::Sequence< security::DocumentSignatureInformation > aInfos =
xDDSigns->verifyScriptingContentSignatures( xTarget,
uno::Reference< io::XInputStream >() );
SignatureState nState = ImplCheckSignaturesInformation( aInfos );
SignatureState nState = DocumentSignatures::getSignatureState(aInfos);
if ( nState == SignatureState::OK || nState == SignatureState::NOTVALIDATED
|| nState == SignatureState::PARTIAL_OK)
{
diff --git a/sfx2/source/doc/signaturestate.cxx b/sfx2/source/doc/signaturestate.cxx
new file mode 100644
index 0000000..d511fa3
--- /dev/null
+++ b/sfx2/source/doc/signaturestate.cxx
@@ -0,0 +1,59 @@
/* -*- Mode: C++; tab-width: 4; indent-tabs-mode: nil; c-basic-offset: 4; fill-column: 100 -*- */
/*
* This file is part of the LibreOffice project.
*
* This Source Code Form is subject to the terms of the Mozilla Public
* License, v. 2.0. If a copy of the MPL was not distributed with this
* file, You can obtain one at http://mozilla.org/MPL/2.0/.
*/
#include <sfx2/signaturestate.hxx>
#include <com/sun/star/security/CertificateValidity.hpp>
#include <com/sun/star/security/DocumentSignatureInformation.hpp>
using namespace css;
namespace DocumentSignatures
{
SignatureState
getSignatureState(const uno::Sequence<security::DocumentSignatureInformation>& aSigInfo)
{
bool bCertValid = true;
SignatureState nResult = SignatureState::NOSIGNATURES;
bool bCompleteSignature = true;
if (!aSigInfo.hasElements())
return nResult;
nResult = SignatureState::OK;
for (const auto& rInfo : aSigInfo)
{
if (bCertValid)
{
sal_Int32 nCertStat = rInfo.CertificateStatus;
bCertValid = nCertStat == security::CertificateValidity::VALID;
}
if (!rInfo.SignatureIsValid)
{
nResult = SignatureState::BROKEN;
break;
}
bCompleteSignature &= !rInfo.PartialDocumentSignature;
}
if (nResult == SignatureState::OK && !bCertValid && !bCompleteSignature)
nResult = SignatureState::NOTVALIDATED_PARTIAL_OK;
else if (nResult == SignatureState::OK && !bCertValid)
nResult = SignatureState::NOTVALIDATED;
else if (nResult == SignatureState::OK && bCertValid && !bCompleteSignature)
nResult = SignatureState::PARTIAL_OK;
// this code must not check whether the document is modified
// it should only check the provided info
return nResult;
}
}
/* vim:set shiftwidth=4 softtabstop=4 expandtab cinoptions=b1,g0,N-s cinkeys+=0=break: */
