1*cdf0e10cSrcweir /************************************************************************* 2*cdf0e10cSrcweir * 3*cdf0e10cSrcweir * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. 4*cdf0e10cSrcweir * 5*cdf0e10cSrcweir * Copyright 2000, 2010 Oracle and/or its affiliates. 6*cdf0e10cSrcweir * 7*cdf0e10cSrcweir * OpenOffice.org - a multi-platform office productivity suite 8*cdf0e10cSrcweir * 9*cdf0e10cSrcweir * This file is part of OpenOffice.org. 10*cdf0e10cSrcweir * 11*cdf0e10cSrcweir * OpenOffice.org is free software: you can redistribute it and/or modify 12*cdf0e10cSrcweir * it under the terms of the GNU Lesser General Public License version 3 13*cdf0e10cSrcweir * only, as published by the Free Software Foundation. 14*cdf0e10cSrcweir * 15*cdf0e10cSrcweir * OpenOffice.org is distributed in the hope that it will be useful, 16*cdf0e10cSrcweir * but WITHOUT ANY WARRANTY; without even the implied warranty of 17*cdf0e10cSrcweir * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 18*cdf0e10cSrcweir * GNU Lesser General Public License version 3 for more details 19*cdf0e10cSrcweir * (a copy is included in the LICENSE file that accompanied this code). 20*cdf0e10cSrcweir * 21*cdf0e10cSrcweir * You should have received a copy of the GNU Lesser General Public License 22*cdf0e10cSrcweir * version 3 along with OpenOffice.org. If not, see 23*cdf0e10cSrcweir * <http://www.openoffice.org/license.html> 24*cdf0e10cSrcweir * for a copy of the LGPLv3 License. 25*cdf0e10cSrcweir * 26*cdf0e10cSrcweir ************************************************************************/ 27*cdf0e10cSrcweir 28*cdf0e10cSrcweir // MARKER(update_precomp.py): autogen include statement, do not remove 29*cdf0e10cSrcweir #include "precompiled_xmlsecurity.hxx" 30*cdf0e10cSrcweir #include <xmlsecurity/digitalsignaturesdialog.hxx> 31*cdf0e10cSrcweir #include <xmlsecurity/certificatechooser.hxx> 32*cdf0e10cSrcweir #include <xmlsecurity/certificateviewer.hxx> 33*cdf0e10cSrcweir #include <xmlsecurity/biginteger.hxx> 34*cdf0e10cSrcweir #include <xmloff/xmluconv.hxx> 35*cdf0e10cSrcweir #include <com/sun/star/embed/XStorage.hpp> 36*cdf0e10cSrcweir #include <com/sun/star/embed/ElementModes.hpp> 37*cdf0e10cSrcweir #include <com/sun/star/io/XSeekable.hpp> 38*cdf0e10cSrcweir #include <com/sun/star/io/XTruncate.hpp> 39*cdf0e10cSrcweir #include <com/sun/star/embed/XTransactedObject.hpp> 40*cdf0e10cSrcweir #include <com/sun/star/container/XNameAccess.hpp> 41*cdf0e10cSrcweir #include <com/sun/star/lang/XComponent.hpp> 42*cdf0e10cSrcweir #include <com/sun/star/security/NoPasswordException.hpp> 43*cdf0e10cSrcweir #include <com/sun/star/lang/DisposedException.hpp> 44*cdf0e10cSrcweir #include <com/sun/star/beans/XPropertySet.hpp> 45*cdf0e10cSrcweir #include <com/sun/star/security/CertificateValidity.hdl> 46*cdf0e10cSrcweir #include <com/sun/star/packages/WrongPasswordException.hpp> 47*cdf0e10cSrcweir #include <com/sun/star/security/SerialNumberAdapter.hpp> 48*cdf0e10cSrcweir #include <com/sun/star/security/XDocumentDigitalSignatures.hpp> 49*cdf0e10cSrcweir #include <com/sun/star/xml/dom/XDocumentBuilder.hpp> 50*cdf0e10cSrcweir #include <com/sun/star/packages/manifest/XManifestReader.hpp> 51*cdf0e10cSrcweir 52*cdf0e10cSrcweir 53*cdf0e10cSrcweir #include <rtl/ustrbuf.hxx> 54*cdf0e10cSrcweir #include <rtl/uri.hxx> 55*cdf0e10cSrcweir 56*cdf0e10cSrcweir #include <tools/date.hxx> 57*cdf0e10cSrcweir #include <tools/time.hxx> 58*cdf0e10cSrcweir 59*cdf0e10cSrcweir #include "dialogs.hrc" 60*cdf0e10cSrcweir #include "digitalsignaturesdialog.hrc" 61*cdf0e10cSrcweir #include "helpids.hrc" 62*cdf0e10cSrcweir #include "resourcemanager.hxx" 63*cdf0e10cSrcweir 64*cdf0e10cSrcweir #include <vcl/msgbox.hxx> // Until encrypted docs work... 65*cdf0e10cSrcweir #include <unotools/configitem.hxx> 66*cdf0e10cSrcweir #include <comphelper/componentcontext.hxx> 67*cdf0e10cSrcweir 68*cdf0e10cSrcweir #define OUSTR(x) ::rtl::OUString( RTL_CONSTASCII_USTRINGPARAM(x) ) 69*cdf0e10cSrcweir 70*cdf0e10cSrcweir 71*cdf0e10cSrcweir /* HACK: disable some warnings for MS-C */ 72*cdf0e10cSrcweir #ifdef _MSC_VER 73*cdf0e10cSrcweir #pragma warning (disable : 4355) // 4355: this used in initializer-list 74*cdf0e10cSrcweir #endif 75*cdf0e10cSrcweir 76*cdf0e10cSrcweir using namespace ::com::sun::star::security; 77*cdf0e10cSrcweir using namespace ::com::sun::star::uno; 78*cdf0e10cSrcweir using namespace ::com::sun::star; 79*cdf0e10cSrcweir namespace css = ::com::sun::star; 80*cdf0e10cSrcweir using ::rtl::OUString; 81*cdf0e10cSrcweir 82*cdf0e10cSrcweir namespace 83*cdf0e10cSrcweir { 84*cdf0e10cSrcweir class SaveODFItem: public utl::ConfigItem 85*cdf0e10cSrcweir { 86*cdf0e10cSrcweir sal_Int16 m_nODF; 87*cdf0e10cSrcweir public: 88*cdf0e10cSrcweir virtual void Commit(); 89*cdf0e10cSrcweir virtual void Notify( const ::com::sun::star::uno::Sequence< rtl::OUString >& aPropertyNames ); 90*cdf0e10cSrcweir SaveODFItem(); 91*cdf0e10cSrcweir //See group ODF in Common.xcs 92*cdf0e10cSrcweir bool isLessODF1_2() 93*cdf0e10cSrcweir { 94*cdf0e10cSrcweir return m_nODF < 3; 95*cdf0e10cSrcweir } 96*cdf0e10cSrcweir }; 97*cdf0e10cSrcweir 98*cdf0e10cSrcweir void SaveODFItem::Commit() {} 99*cdf0e10cSrcweir void SaveODFItem::Notify( const ::com::sun::star::uno::Sequence< rtl::OUString >& ) {} 100*cdf0e10cSrcweir 101*cdf0e10cSrcweir SaveODFItem::SaveODFItem(): utl::ConfigItem(::rtl::OUString(RTL_CONSTASCII_USTRINGPARAM( 102*cdf0e10cSrcweir "Office.Common/Save"))), m_nODF(0) 103*cdf0e10cSrcweir { 104*cdf0e10cSrcweir OUString sDef(RTL_CONSTASCII_USTRINGPARAM("ODF/DefaultVersion")); 105*cdf0e10cSrcweir Sequence< css::uno::Any > aValues = GetProperties( Sequence<OUString>(&sDef,1) ); 106*cdf0e10cSrcweir if ( aValues.getLength() == 1) 107*cdf0e10cSrcweir { 108*cdf0e10cSrcweir sal_Int16 nTmp = 0; 109*cdf0e10cSrcweir if ( aValues[0] >>= nTmp ) 110*cdf0e10cSrcweir m_nODF = nTmp; 111*cdf0e10cSrcweir else 112*cdf0e10cSrcweir throw uno::RuntimeException( 113*cdf0e10cSrcweir OUString(RTL_CONSTASCII_USTRINGPARAM( 114*cdf0e10cSrcweir "[xmlsecurity]SaveODFItem::SaveODFItem(): Wrong Type!")), 0 ); 115*cdf0e10cSrcweir 116*cdf0e10cSrcweir } 117*cdf0e10cSrcweir else 118*cdf0e10cSrcweir throw uno::RuntimeException( 119*cdf0e10cSrcweir OUString(RTL_CONSTASCII_USTRINGPARAM( 120*cdf0e10cSrcweir "[xmlsecurity] Could not open property Office.Common/Save/ODF/DefaultVersion")), 0); 121*cdf0e10cSrcweir } 122*cdf0e10cSrcweir } 123*cdf0e10cSrcweir 124*cdf0e10cSrcweir /* Using the zip storage, we cannot get the properties "MediaType" and "IsEncrypted" 125*cdf0e10cSrcweir We use the manifest to find out if a file is xml and if it is encrypted. 126*cdf0e10cSrcweir The parameter is an encoded uri. However, the manifest contains paths. Therefore 127*cdf0e10cSrcweir the path is encoded as uri, so they can be compared. 128*cdf0e10cSrcweir */ 129*cdf0e10cSrcweir bool DigitalSignaturesDialog::isXML(const rtl::OUString& rURI ) 130*cdf0e10cSrcweir { 131*cdf0e10cSrcweir OSL_ASSERT(mxStore.is()); 132*cdf0e10cSrcweir 133*cdf0e10cSrcweir bool bIsXML = false; 134*cdf0e10cSrcweir bool bPropsAvailable = false; 135*cdf0e10cSrcweir const OUString sPropFullPath(RTL_CONSTASCII_USTRINGPARAM("FullPath")); 136*cdf0e10cSrcweir const OUString sPropMediaType(RTL_CONSTASCII_USTRINGPARAM("MediaType")); 137*cdf0e10cSrcweir const OUString sPropDigest(RTL_CONSTASCII_USTRINGPARAM("Digest")); 138*cdf0e10cSrcweir 139*cdf0e10cSrcweir for (int i = 0; i < m_manifest.getLength(); i++) 140*cdf0e10cSrcweir { 141*cdf0e10cSrcweir Any digest; 142*cdf0e10cSrcweir const Sequence< css::beans::PropertyValue >& entry = m_manifest[i]; 143*cdf0e10cSrcweir OUString sPath, sMediaType; 144*cdf0e10cSrcweir bool bEncrypted = false; 145*cdf0e10cSrcweir for (int j = 0; j < entry.getLength(); j++) 146*cdf0e10cSrcweir { 147*cdf0e10cSrcweir const css::beans::PropertyValue & prop = entry[j]; 148*cdf0e10cSrcweir 149*cdf0e10cSrcweir if (prop.Name.equals( sPropFullPath ) ) 150*cdf0e10cSrcweir prop.Value >>= sPath; 151*cdf0e10cSrcweir else if (prop.Name.equals( sPropMediaType ) ) 152*cdf0e10cSrcweir prop.Value >>= sMediaType; 153*cdf0e10cSrcweir else if (prop.Name.equals( sPropDigest ) ) 154*cdf0e10cSrcweir bEncrypted = true; 155*cdf0e10cSrcweir } 156*cdf0e10cSrcweir if (DocumentSignatureHelper::equalsReferenceUriManifestPath(rURI, sPath)) 157*cdf0e10cSrcweir { 158*cdf0e10cSrcweir bIsXML = sMediaType.equals(OUSTR("text/xml")) && ! bEncrypted; 159*cdf0e10cSrcweir bPropsAvailable = true; 160*cdf0e10cSrcweir break; 161*cdf0e10cSrcweir } 162*cdf0e10cSrcweir } 163*cdf0e10cSrcweir if (!bPropsAvailable) 164*cdf0e10cSrcweir { 165*cdf0e10cSrcweir //This would be the case for at least mimetype, META-INF/manifest.xml 166*cdf0e10cSrcweir //META-INF/macrosignatures.xml. 167*cdf0e10cSrcweir //Files can only be encrypted if they are in the manifest.xml. 168*cdf0e10cSrcweir //That is, the current file cannot be encrypted, otherwise bPropsAvailable 169*cdf0e10cSrcweir //would be true. 170*cdf0e10cSrcweir OUString aXMLExt( RTL_CONSTASCII_USTRINGPARAM( "XML" ) ); 171*cdf0e10cSrcweir sal_Int32 nSep = rURI.lastIndexOf( '.' ); 172*cdf0e10cSrcweir if ( nSep != (-1) ) 173*cdf0e10cSrcweir { 174*cdf0e10cSrcweir OUString aExt = rURI.copy( nSep+1 ); 175*cdf0e10cSrcweir if (aExt.equalsIgnoreAsciiCase(aXMLExt )) 176*cdf0e10cSrcweir bIsXML = true; 177*cdf0e10cSrcweir } 178*cdf0e10cSrcweir } 179*cdf0e10cSrcweir return bIsXML; 180*cdf0e10cSrcweir } 181*cdf0e10cSrcweir 182*cdf0e10cSrcweir DigitalSignaturesDialog::DigitalSignaturesDialog( 183*cdf0e10cSrcweir Window* pParent, 184*cdf0e10cSrcweir uno::Reference< uno::XComponentContext >& rxCtx, DocumentSignatureMode eMode, 185*cdf0e10cSrcweir sal_Bool bReadOnly, const ::rtl::OUString& sODFVersion, bool bHasDocumentSignature) 186*cdf0e10cSrcweir :ModalDialog ( pParent, XMLSEC_RES( RID_XMLSECDLG_DIGSIG ) ) 187*cdf0e10cSrcweir ,mxCtx ( rxCtx ) 188*cdf0e10cSrcweir ,maSignatureHelper ( rxCtx ) 189*cdf0e10cSrcweir ,meSignatureMode ( eMode ) 190*cdf0e10cSrcweir ,maHintDocFT ( this, XMLSEC_RES( FT_HINT_DOC ) ) 191*cdf0e10cSrcweir ,maHintBasicFT ( this, XMLSEC_RES( FT_HINT_BASIC ) ) 192*cdf0e10cSrcweir ,maHintPackageFT ( this, XMLSEC_RES( FT_HINT_PACK ) ) 193*cdf0e10cSrcweir ,maSignaturesLB ( this, XMLSEC_RES( LB_SIGNATURES ) ) 194*cdf0e10cSrcweir ,maSigsValidImg ( this, XMLSEC_RES( IMG_STATE_VALID ) ) 195*cdf0e10cSrcweir ,maSigsValidFI ( this, XMLSEC_RES( FI_STATE_VALID ) ) 196*cdf0e10cSrcweir ,maSigsInvalidImg ( this, XMLSEC_RES( IMG_STATE_BROKEN ) ) 197*cdf0e10cSrcweir ,maSigsInvalidFI ( this, XMLSEC_RES( FI_STATE_BROKEN ) ) 198*cdf0e10cSrcweir ,maSigsNotvalidatedImg( this, XMLSEC_RES( IMG_STATE_NOTVALIDATED ) ) 199*cdf0e10cSrcweir ,maSigsNotvalidatedFI ( this, XMLSEC_RES( FI_STATE_NOTVALIDATED ) ) 200*cdf0e10cSrcweir ,maSigsOldSignatureFI ( this, XMLSEC_RES( FI_STATE_OLDSIGNATURE) ) 201*cdf0e10cSrcweir ,maViewBtn ( this, XMLSEC_RES( BTN_VIEWCERT ) ) 202*cdf0e10cSrcweir ,maAddBtn ( this, XMLSEC_RES( BTN_ADDCERT ) ) 203*cdf0e10cSrcweir ,maRemoveBtn ( this, XMLSEC_RES( BTN_REMOVECERT ) ) 204*cdf0e10cSrcweir ,maBottomSepFL ( this, XMLSEC_RES( FL_BOTTOM_SEP ) ) 205*cdf0e10cSrcweir ,maOKBtn ( this, XMLSEC_RES( BTN_OK ) ) 206*cdf0e10cSrcweir ,maHelpBtn ( this, XMLSEC_RES( BTN_HELP ) ) 207*cdf0e10cSrcweir ,m_sODFVersion (sODFVersion) 208*cdf0e10cSrcweir ,m_bHasDocumentSignature(bHasDocumentSignature) 209*cdf0e10cSrcweir ,m_bWarningShowSignMacro(false) 210*cdf0e10cSrcweir { 211*cdf0e10cSrcweir // --> PB #i48253 the tablistbox needs its own unique id 212*cdf0e10cSrcweir maSignaturesLB.Window::SetUniqueId( HID_XMLSEC_TREE_SIGNATURESDLG ); 213*cdf0e10cSrcweir // <-- 214*cdf0e10cSrcweir Size aControlSize( maSignaturesLB.GetSizePixel() ); 215*cdf0e10cSrcweir aControlSize = maSignaturesLB.PixelToLogic( aControlSize, MapMode( MAP_APPFONT ) ); 216*cdf0e10cSrcweir const long nControlWidth = aControlSize.Width(); 217*cdf0e10cSrcweir static long nTabs[] = { 4, 0, 6*nControlWidth/100, 36*nControlWidth/100, 74*nControlWidth/100 }; 218*cdf0e10cSrcweir maSignaturesLB.SetTabs( &nTabs[ 0 ] ); 219*cdf0e10cSrcweir maSignaturesLB.InsertHeaderEntry( String( XMLSEC_RES( STR_HEADERBAR ) ) ); 220*cdf0e10cSrcweir 221*cdf0e10cSrcweir maSigsNotvalidatedFI.SetText( String( XMLSEC_RES( STR_NO_INFO_TO_VERIFY ) ) ); 222*cdf0e10cSrcweir 223*cdf0e10cSrcweir if ( GetSettings().GetStyleSettings().GetHighContrastMode() ) 224*cdf0e10cSrcweir { 225*cdf0e10cSrcweir // high contrast mode needs other images 226*cdf0e10cSrcweir maSigsValidImg.SetImage( Image( XMLSEC_RES( IMG_STATE_VALID_HC ) ) ); 227*cdf0e10cSrcweir maSigsInvalidImg.SetImage( Image( XMLSEC_RES( IMG_STATE_BROKEN_HC ) ) ); 228*cdf0e10cSrcweir maSigsNotvalidatedImg.SetImage( Image( XMLSEC_RES( IMG_STATE_NOTVALIDATED_HC ) ) ); 229*cdf0e10cSrcweir } 230*cdf0e10cSrcweir 231*cdf0e10cSrcweir FreeResource(); 232*cdf0e10cSrcweir 233*cdf0e10cSrcweir mbVerifySignatures = true; 234*cdf0e10cSrcweir mbSignaturesChanged = false; 235*cdf0e10cSrcweir 236*cdf0e10cSrcweir maSignaturesLB.SetSelectHdl( LINK( this, DigitalSignaturesDialog, SignatureHighlightHdl ) ); 237*cdf0e10cSrcweir maSignaturesLB.SetDoubleClickHdl( LINK( this, DigitalSignaturesDialog, SignatureSelectHdl ) ); 238*cdf0e10cSrcweir 239*cdf0e10cSrcweir maViewBtn.SetClickHdl( LINK( this, DigitalSignaturesDialog, ViewButtonHdl ) ); 240*cdf0e10cSrcweir maViewBtn.Disable(); 241*cdf0e10cSrcweir 242*cdf0e10cSrcweir maAddBtn.SetClickHdl( LINK( this, DigitalSignaturesDialog, AddButtonHdl ) ); 243*cdf0e10cSrcweir if ( bReadOnly ) 244*cdf0e10cSrcweir maAddBtn.Disable(); 245*cdf0e10cSrcweir 246*cdf0e10cSrcweir maRemoveBtn.SetClickHdl( LINK( this, DigitalSignaturesDialog, RemoveButtonHdl ) ); 247*cdf0e10cSrcweir maRemoveBtn.Disable(); 248*cdf0e10cSrcweir 249*cdf0e10cSrcweir maOKBtn.SetClickHdl( LINK( this, DigitalSignaturesDialog, OKButtonHdl) ); 250*cdf0e10cSrcweir 251*cdf0e10cSrcweir switch( meSignatureMode ) 252*cdf0e10cSrcweir { 253*cdf0e10cSrcweir case SignatureModeDocumentContent: maHintDocFT.Show(); break; 254*cdf0e10cSrcweir case SignatureModeMacros: maHintBasicFT.Show(); break; 255*cdf0e10cSrcweir case SignatureModePackage: maHintPackageFT.Show(); break; 256*cdf0e10cSrcweir } 257*cdf0e10cSrcweir 258*cdf0e10cSrcweir // adjust fixed text to images 259*cdf0e10cSrcweir XmlSec::AlignAndFitImageAndControl( maSigsValidImg, maSigsValidFI, 5 ); 260*cdf0e10cSrcweir XmlSec::AlignAndFitImageAndControl( maSigsInvalidImg, maSigsInvalidFI, 5 ); 261*cdf0e10cSrcweir XmlSec::AlignAndFitImageAndControl( maSigsNotvalidatedImg, maSigsNotvalidatedFI, 5 ); 262*cdf0e10cSrcweir XmlSec::AlignAndFitImageAndControl( maSigsNotvalidatedImg, maSigsOldSignatureFI, 5 ); 263*cdf0e10cSrcweir } 264*cdf0e10cSrcweir 265*cdf0e10cSrcweir DigitalSignaturesDialog::~DigitalSignaturesDialog() 266*cdf0e10cSrcweir { 267*cdf0e10cSrcweir } 268*cdf0e10cSrcweir 269*cdf0e10cSrcweir sal_Bool DigitalSignaturesDialog::Init() 270*cdf0e10cSrcweir { 271*cdf0e10cSrcweir bool bInit = maSignatureHelper.Init(); 272*cdf0e10cSrcweir 273*cdf0e10cSrcweir DBG_ASSERT( bInit, "Error initializing security context!" ); 274*cdf0e10cSrcweir 275*cdf0e10cSrcweir if ( bInit ) 276*cdf0e10cSrcweir { 277*cdf0e10cSrcweir maSignatureHelper.SetStartVerifySignatureHdl( LINK( this, DigitalSignaturesDialog, StartVerifySignatureHdl ) ); 278*cdf0e10cSrcweir } 279*cdf0e10cSrcweir 280*cdf0e10cSrcweir return bInit; 281*cdf0e10cSrcweir } 282*cdf0e10cSrcweir 283*cdf0e10cSrcweir void DigitalSignaturesDialog::SetStorage( const com::sun::star::uno::Reference < com::sun::star::embed::XStorage >& rxStore ) 284*cdf0e10cSrcweir { 285*cdf0e10cSrcweir mxStore = rxStore; 286*cdf0e10cSrcweir maSignatureHelper.SetStorage( mxStore, m_sODFVersion); 287*cdf0e10cSrcweir 288*cdf0e10cSrcweir Reference < css::packages::manifest::XManifestReader > xReader( 289*cdf0e10cSrcweir mxCtx->getServiceManager()->createInstanceWithContext( 290*cdf0e10cSrcweir OUSTR("com.sun.star.packages.manifest.ManifestReader"), mxCtx), UNO_QUERY_THROW); 291*cdf0e10cSrcweir 292*cdf0e10cSrcweir //Get the manifest.xml 293*cdf0e10cSrcweir Reference < css::embed::XStorage > xSubStore(rxStore->openStorageElement( 294*cdf0e10cSrcweir OUSTR("META-INF"), css::embed::ElementModes::READ), UNO_QUERY_THROW); 295*cdf0e10cSrcweir 296*cdf0e10cSrcweir Reference< css::io::XInputStream > xStream( 297*cdf0e10cSrcweir xSubStore->openStreamElement(OUSTR("manifest.xml"), css::embed::ElementModes::READ), 298*cdf0e10cSrcweir UNO_QUERY_THROW); 299*cdf0e10cSrcweir 300*cdf0e10cSrcweir m_manifest = xReader->readManifestSequence(xStream); 301*cdf0e10cSrcweir } 302*cdf0e10cSrcweir 303*cdf0e10cSrcweir void DigitalSignaturesDialog::SetSignatureStream( const cssu::Reference < css::io::XStream >& rxStream ) 304*cdf0e10cSrcweir { 305*cdf0e10cSrcweir mxSignatureStream = rxStream; 306*cdf0e10cSrcweir } 307*cdf0e10cSrcweir 308*cdf0e10cSrcweir bool DigitalSignaturesDialog::canAddRemove() 309*cdf0e10cSrcweir { 310*cdf0e10cSrcweir //m56 311*cdf0e10cSrcweir bool ret = true; 312*cdf0e10cSrcweir OSL_ASSERT(mxStore.is()); 313*cdf0e10cSrcweir bool bDoc1_1 = DocumentSignatureHelper::isODFPre_1_2(m_sODFVersion); 314*cdf0e10cSrcweir SaveODFItem item; 315*cdf0e10cSrcweir bool bSave1_1 = item.isLessODF1_2(); 316*cdf0e10cSrcweir 317*cdf0e10cSrcweir // see specification 318*cdf0e10cSrcweir //cvs: specs/www/appwide/security/Electronic_Signatures_and_Security.sxw 319*cdf0e10cSrcweir //Paragraph 'Behavior with regard to ODF 1.2' 320*cdf0e10cSrcweir //For both, macro and document 321*cdf0e10cSrcweir if ( (!bSave1_1 && bDoc1_1) || (bSave1_1 && bDoc1_1) ) 322*cdf0e10cSrcweir { 323*cdf0e10cSrcweir //#4 324*cdf0e10cSrcweir ErrorBox err(NULL, XMLSEC_RES(RID_XMLSECDLG_OLD_ODF_FORMAT)); 325*cdf0e10cSrcweir err.Execute(); 326*cdf0e10cSrcweir ret = false; 327*cdf0e10cSrcweir } 328*cdf0e10cSrcweir 329*cdf0e10cSrcweir //As of OOo 3.2 the document signature includes in macrosignatures.xml. That is 330*cdf0e10cSrcweir //adding a macro signature will break an existing document signature. 331*cdf0e10cSrcweir //The sfx2 will remove the documentsignature when the user adds a macro signature 332*cdf0e10cSrcweir if (meSignatureMode == SignatureModeMacros 333*cdf0e10cSrcweir && ret) 334*cdf0e10cSrcweir { 335*cdf0e10cSrcweir if (m_bHasDocumentSignature && !m_bWarningShowSignMacro) 336*cdf0e10cSrcweir { 337*cdf0e10cSrcweir //The warning says that the document signatures will be removed if the user 338*cdf0e10cSrcweir //continues. He can then either press 'OK' or 'NO' 339*cdf0e10cSrcweir //It the user presses 'Add' or 'Remove' several times then, then the warning 340*cdf0e10cSrcweir //is shown every time until the user presses 'OK'. From then on, the warning 341*cdf0e10cSrcweir //is not displayed anymore as long as the signatures dialog is alive. 342*cdf0e10cSrcweir if (QueryBox( 343*cdf0e10cSrcweir NULL, XMLSEC_RES(MSG_XMLSECDLG_QUERY_REMOVEDOCSIGNBEFORESIGN)).Execute() == RET_NO) 344*cdf0e10cSrcweir ret = false; 345*cdf0e10cSrcweir else 346*cdf0e10cSrcweir m_bWarningShowSignMacro = true; 347*cdf0e10cSrcweir 348*cdf0e10cSrcweir } 349*cdf0e10cSrcweir } 350*cdf0e10cSrcweir return ret; 351*cdf0e10cSrcweir } 352*cdf0e10cSrcweir 353*cdf0e10cSrcweir bool DigitalSignaturesDialog::canAdd() 354*cdf0e10cSrcweir { 355*cdf0e10cSrcweir if (canAddRemove()) 356*cdf0e10cSrcweir return true; 357*cdf0e10cSrcweir return false; 358*cdf0e10cSrcweir } 359*cdf0e10cSrcweir 360*cdf0e10cSrcweir bool DigitalSignaturesDialog::canRemove() 361*cdf0e10cSrcweir { 362*cdf0e10cSrcweir if (canAddRemove()) 363*cdf0e10cSrcweir return true; 364*cdf0e10cSrcweir return false; 365*cdf0e10cSrcweir } 366*cdf0e10cSrcweir 367*cdf0e10cSrcweir short DigitalSignaturesDialog::Execute() 368*cdf0e10cSrcweir { 369*cdf0e10cSrcweir // Verify Signatures and add certificates to ListBox... 370*cdf0e10cSrcweir mbVerifySignatures = true; 371*cdf0e10cSrcweir ImplGetSignatureInformations(false); 372*cdf0e10cSrcweir ImplFillSignaturesBox(); 373*cdf0e10cSrcweir 374*cdf0e10cSrcweir // Only verify once, content will not change. 375*cdf0e10cSrcweir // But for refreshing signature information, StartVerifySignatureHdl will be called after each add/remove 376*cdf0e10cSrcweir mbVerifySignatures = false; 377*cdf0e10cSrcweir 378*cdf0e10cSrcweir return Dialog::Execute(); 379*cdf0e10cSrcweir } 380*cdf0e10cSrcweir 381*cdf0e10cSrcweir IMPL_LINK( DigitalSignaturesDialog, SignatureHighlightHdl, void*, EMPTYARG ) 382*cdf0e10cSrcweir { 383*cdf0e10cSrcweir bool bSel = maSignaturesLB.FirstSelected() ? true : false; 384*cdf0e10cSrcweir maViewBtn.Enable( bSel ); 385*cdf0e10cSrcweir if ( maAddBtn.IsEnabled() ) // not read only 386*cdf0e10cSrcweir maRemoveBtn.Enable( bSel ); 387*cdf0e10cSrcweir 388*cdf0e10cSrcweir return 0; 389*cdf0e10cSrcweir } 390*cdf0e10cSrcweir 391*cdf0e10cSrcweir IMPL_LINK( DigitalSignaturesDialog, OKButtonHdl, void*, EMPTYARG ) 392*cdf0e10cSrcweir { 393*cdf0e10cSrcweir // Export all other signatures... 394*cdf0e10cSrcweir SignatureStreamHelper aStreamHelper = ImplOpenSignatureStream( 395*cdf0e10cSrcweir embed::ElementModes::WRITE|embed::ElementModes::TRUNCATE, false ); 396*cdf0e10cSrcweir uno::Reference< io::XOutputStream > xOutputStream( 397*cdf0e10cSrcweir aStreamHelper.xSignatureStream, uno::UNO_QUERY ); 398*cdf0e10cSrcweir uno::Reference< com::sun::star::xml::sax::XDocumentHandler> xDocumentHandler = 399*cdf0e10cSrcweir maSignatureHelper.CreateDocumentHandlerWithHeader( xOutputStream ); 400*cdf0e10cSrcweir 401*cdf0e10cSrcweir int nInfos = maCurrentSignatureInformations.size(); 402*cdf0e10cSrcweir for( int n = 0 ; n < nInfos ; ++n ) 403*cdf0e10cSrcweir maSignatureHelper.ExportSignature( 404*cdf0e10cSrcweir xDocumentHandler, maCurrentSignatureInformations[ n ] ); 405*cdf0e10cSrcweir 406*cdf0e10cSrcweir maSignatureHelper.CloseDocumentHandler( xDocumentHandler); 407*cdf0e10cSrcweir 408*cdf0e10cSrcweir // If stream was not provided, we are responsible for committing it.... 409*cdf0e10cSrcweir if ( !mxSignatureStream.is() ) 410*cdf0e10cSrcweir { 411*cdf0e10cSrcweir uno::Reference< embed::XTransactedObject > xTrans( 412*cdf0e10cSrcweir aStreamHelper.xSignatureStorage, uno::UNO_QUERY ); 413*cdf0e10cSrcweir xTrans->commit(); 414*cdf0e10cSrcweir } 415*cdf0e10cSrcweir 416*cdf0e10cSrcweir EndDialog(RET_OK); 417*cdf0e10cSrcweir return 0; 418*cdf0e10cSrcweir } 419*cdf0e10cSrcweir 420*cdf0e10cSrcweir IMPL_LINK( DigitalSignaturesDialog, SignatureSelectHdl, void*, EMPTYARG ) 421*cdf0e10cSrcweir { 422*cdf0e10cSrcweir ImplShowSignaturesDetails(); 423*cdf0e10cSrcweir return 0; 424*cdf0e10cSrcweir } 425*cdf0e10cSrcweir 426*cdf0e10cSrcweir IMPL_LINK( DigitalSignaturesDialog, ViewButtonHdl, Button*, EMPTYARG ) 427*cdf0e10cSrcweir { 428*cdf0e10cSrcweir ImplShowSignaturesDetails(); 429*cdf0e10cSrcweir return 0; 430*cdf0e10cSrcweir } 431*cdf0e10cSrcweir 432*cdf0e10cSrcweir IMPL_LINK( DigitalSignaturesDialog, AddButtonHdl, Button*, EMPTYARG ) 433*cdf0e10cSrcweir { 434*cdf0e10cSrcweir if( ! canAdd()) 435*cdf0e10cSrcweir return 0; 436*cdf0e10cSrcweir try 437*cdf0e10cSrcweir { 438*cdf0e10cSrcweir uno::Reference<com::sun::star::xml::crypto::XSecurityEnvironment> xSecEnv = maSignatureHelper.GetSecurityEnvironment(); 439*cdf0e10cSrcweir 440*cdf0e10cSrcweir uno::Reference<com::sun::star::security::XSerialNumberAdapter> xSerialNumberAdapter = 441*cdf0e10cSrcweir ::com::sun::star::security::SerialNumberAdapter::create(mxCtx); 442*cdf0e10cSrcweir CertificateChooser aChooser( this, mxCtx, xSecEnv, maCurrentSignatureInformations ); 443*cdf0e10cSrcweir if ( aChooser.Execute() == RET_OK ) 444*cdf0e10cSrcweir { 445*cdf0e10cSrcweir uno::Reference< ::com::sun::star::security::XCertificate > xCert = aChooser.GetSelectedCertificate(); 446*cdf0e10cSrcweir if ( !xCert.is() ) 447*cdf0e10cSrcweir { 448*cdf0e10cSrcweir DBG_ERRORFILE( "no certificate selected" ); 449*cdf0e10cSrcweir return -1; 450*cdf0e10cSrcweir } 451*cdf0e10cSrcweir rtl::OUString aCertSerial = xSerialNumberAdapter->toString( xCert->getSerialNumber() ); 452*cdf0e10cSrcweir if ( !aCertSerial.getLength() ) 453*cdf0e10cSrcweir { 454*cdf0e10cSrcweir DBG_ERROR( "Error in Certificate, problem with serial number!" ); 455*cdf0e10cSrcweir return -1; 456*cdf0e10cSrcweir } 457*cdf0e10cSrcweir 458*cdf0e10cSrcweir maSignatureHelper.StartMission(); 459*cdf0e10cSrcweir 460*cdf0e10cSrcweir sal_Int32 nSecurityId = maSignatureHelper.GetNewSecurityId(); 461*cdf0e10cSrcweir 462*cdf0e10cSrcweir rtl::OUStringBuffer aStrBuffer; 463*cdf0e10cSrcweir SvXMLUnitConverter::encodeBase64(aStrBuffer, xCert->getEncoded()); 464*cdf0e10cSrcweir 465*cdf0e10cSrcweir maSignatureHelper.SetX509Certificate( nSecurityId, 466*cdf0e10cSrcweir xCert->getIssuerName(), aCertSerial, 467*cdf0e10cSrcweir aStrBuffer.makeStringAndClear()); 468*cdf0e10cSrcweir 469*cdf0e10cSrcweir std::vector< rtl::OUString > aElements = 470*cdf0e10cSrcweir DocumentSignatureHelper::CreateElementList( 471*cdf0e10cSrcweir mxStore, rtl::OUString(), meSignatureMode, OOo3_2Document); 472*cdf0e10cSrcweir 473*cdf0e10cSrcweir sal_Int32 nElements = aElements.size(); 474*cdf0e10cSrcweir for ( sal_Int32 n = 0; n < nElements; n++ ) 475*cdf0e10cSrcweir { 476*cdf0e10cSrcweir bool bBinaryMode = !isXML(aElements[n]); 477*cdf0e10cSrcweir maSignatureHelper.AddForSigning( nSecurityId, aElements[n], aElements[n], bBinaryMode ); 478*cdf0e10cSrcweir } 479*cdf0e10cSrcweir 480*cdf0e10cSrcweir maSignatureHelper.SetDateTime( nSecurityId, Date(), Time() ); 481*cdf0e10cSrcweir 482*cdf0e10cSrcweir // We open a signature stream in which the existing and the new 483*cdf0e10cSrcweir //signature is written. ImplGetSignatureInformation (later in this function) will 484*cdf0e10cSrcweir //then read the stream an will fill maCurrentSignatureInformations. The final signature 485*cdf0e10cSrcweir //is written when the user presses OK. Then only maCurrentSignatureInformation and 486*cdf0e10cSrcweir //a sax writer are used to write the information. 487*cdf0e10cSrcweir SignatureStreamHelper aStreamHelper = ImplOpenSignatureStream( 488*cdf0e10cSrcweir css::embed::ElementModes::WRITE|css::embed::ElementModes::TRUNCATE, true); 489*cdf0e10cSrcweir Reference< css::io::XOutputStream > xOutputStream( 490*cdf0e10cSrcweir aStreamHelper.xSignatureStream, UNO_QUERY_THROW); 491*cdf0e10cSrcweir Reference< css::xml::sax::XDocumentHandler> xDocumentHandler = 492*cdf0e10cSrcweir maSignatureHelper.CreateDocumentHandlerWithHeader( xOutputStream ); 493*cdf0e10cSrcweir 494*cdf0e10cSrcweir // Export old signatures... 495*cdf0e10cSrcweir int nInfos = maCurrentSignatureInformations.size(); 496*cdf0e10cSrcweir for ( int n = 0; n < nInfos; n++ ) 497*cdf0e10cSrcweir maSignatureHelper.ExportSignature( xDocumentHandler, maCurrentSignatureInformations[n]); 498*cdf0e10cSrcweir 499*cdf0e10cSrcweir // Create a new one... 500*cdf0e10cSrcweir maSignatureHelper.CreateAndWriteSignature( xDocumentHandler ); 501*cdf0e10cSrcweir 502*cdf0e10cSrcweir // That's it... 503*cdf0e10cSrcweir maSignatureHelper.CloseDocumentHandler( xDocumentHandler); 504*cdf0e10cSrcweir 505*cdf0e10cSrcweir maSignatureHelper.EndMission(); 506*cdf0e10cSrcweir 507*cdf0e10cSrcweir aStreamHelper = SignatureStreamHelper(); // release objects... 508*cdf0e10cSrcweir 509*cdf0e10cSrcweir mbSignaturesChanged = true; 510*cdf0e10cSrcweir 511*cdf0e10cSrcweir sal_Int32 nStatus = maSignatureHelper.GetSignatureInformation( nSecurityId ).nStatus; 512*cdf0e10cSrcweir 513*cdf0e10cSrcweir if ( nStatus == ::com::sun::star::xml::crypto::SecurityOperationStatus_OPERATION_SUCCEEDED ) 514*cdf0e10cSrcweir { 515*cdf0e10cSrcweir mbSignaturesChanged = true; 516*cdf0e10cSrcweir 517*cdf0e10cSrcweir // Can't simply remember current information, need parsing for getting full information :( 518*cdf0e10cSrcweir // We need to verify the signatures again, otherwise the status in the signature information 519*cdf0e10cSrcweir // will not contain 520*cdf0e10cSrcweir // SecurityOperationStatus_OPERATION_SUCCEEDED 521*cdf0e10cSrcweir mbVerifySignatures = true; 522*cdf0e10cSrcweir ImplGetSignatureInformations(true); 523*cdf0e10cSrcweir ImplFillSignaturesBox(); 524*cdf0e10cSrcweir } 525*cdf0e10cSrcweir } 526*cdf0e10cSrcweir } 527*cdf0e10cSrcweir catch ( uno::Exception& ) 528*cdf0e10cSrcweir { 529*cdf0e10cSrcweir DBG_ERROR( "Exception while adding a signature!" ); 530*cdf0e10cSrcweir // Don't keep invalid entries... 531*cdf0e10cSrcweir ImplGetSignatureInformations(true); 532*cdf0e10cSrcweir ImplFillSignaturesBox(); 533*cdf0e10cSrcweir } 534*cdf0e10cSrcweir 535*cdf0e10cSrcweir return 0; 536*cdf0e10cSrcweir } 537*cdf0e10cSrcweir 538*cdf0e10cSrcweir IMPL_LINK( DigitalSignaturesDialog, RemoveButtonHdl, Button*, EMPTYARG ) 539*cdf0e10cSrcweir { 540*cdf0e10cSrcweir if (!canRemove()) 541*cdf0e10cSrcweir return 0; 542*cdf0e10cSrcweir if( maSignaturesLB.FirstSelected() ) 543*cdf0e10cSrcweir { 544*cdf0e10cSrcweir try 545*cdf0e10cSrcweir { 546*cdf0e10cSrcweir sal_uInt16 nSelected = (sal_uInt16) (sal_uIntPtr) maSignaturesLB.FirstSelected()->GetUserData(); 547*cdf0e10cSrcweir maCurrentSignatureInformations.erase( maCurrentSignatureInformations.begin()+nSelected ); 548*cdf0e10cSrcweir 549*cdf0e10cSrcweir // Export all other signatures... 550*cdf0e10cSrcweir SignatureStreamHelper aStreamHelper = ImplOpenSignatureStream( 551*cdf0e10cSrcweir css::embed::ElementModes::WRITE | css::embed::ElementModes::TRUNCATE, true); 552*cdf0e10cSrcweir Reference< css::io::XOutputStream > xOutputStream( 553*cdf0e10cSrcweir aStreamHelper.xSignatureStream, UNO_QUERY_THROW); 554*cdf0e10cSrcweir Reference< css::xml::sax::XDocumentHandler> xDocumentHandler = 555*cdf0e10cSrcweir maSignatureHelper.CreateDocumentHandlerWithHeader( xOutputStream ); 556*cdf0e10cSrcweir 557*cdf0e10cSrcweir int nInfos = maCurrentSignatureInformations.size(); 558*cdf0e10cSrcweir for( int n = 0 ; n < nInfos ; ++n ) 559*cdf0e10cSrcweir maSignatureHelper.ExportSignature( xDocumentHandler, maCurrentSignatureInformations[ n ] ); 560*cdf0e10cSrcweir 561*cdf0e10cSrcweir maSignatureHelper.CloseDocumentHandler( xDocumentHandler); 562*cdf0e10cSrcweir 563*cdf0e10cSrcweir mbSignaturesChanged = true; 564*cdf0e10cSrcweir 565*cdf0e10cSrcweir aStreamHelper = SignatureStreamHelper(); // release objects... 566*cdf0e10cSrcweir 567*cdf0e10cSrcweir ImplFillSignaturesBox(); 568*cdf0e10cSrcweir } 569*cdf0e10cSrcweir catch ( uno::Exception& ) 570*cdf0e10cSrcweir { 571*cdf0e10cSrcweir DBG_ERROR( "Exception while removing a signature!" ); 572*cdf0e10cSrcweir // Don't keep invalid entries... 573*cdf0e10cSrcweir ImplGetSignatureInformations(true); 574*cdf0e10cSrcweir ImplFillSignaturesBox(); 575*cdf0e10cSrcweir } 576*cdf0e10cSrcweir } 577*cdf0e10cSrcweir 578*cdf0e10cSrcweir return 0; 579*cdf0e10cSrcweir } 580*cdf0e10cSrcweir 581*cdf0e10cSrcweir IMPL_LINK( DigitalSignaturesDialog, StartVerifySignatureHdl, void*, EMPTYARG ) 582*cdf0e10cSrcweir { 583*cdf0e10cSrcweir return mbVerifySignatures ? 1 : 0; 584*cdf0e10cSrcweir } 585*cdf0e10cSrcweir 586*cdf0e10cSrcweir void DigitalSignaturesDialog::ImplFillSignaturesBox() 587*cdf0e10cSrcweir { 588*cdf0e10cSrcweir maSignaturesLB.Clear(); 589*cdf0e10cSrcweir 590*cdf0e10cSrcweir uno::Reference< ::com::sun::star::xml::crypto::XSecurityEnvironment > xSecEnv = maSignatureHelper.GetSecurityEnvironment(); 591*cdf0e10cSrcweir uno::Reference<com::sun::star::security::XSerialNumberAdapter> xSerialNumberAdapter = 592*cdf0e10cSrcweir ::com::sun::star::security::SerialNumberAdapter::create(mxCtx); 593*cdf0e10cSrcweir 594*cdf0e10cSrcweir uno::Reference< ::com::sun::star::security::XCertificate > xCert; 595*cdf0e10cSrcweir 596*cdf0e10cSrcweir String aNullStr; 597*cdf0e10cSrcweir int nInfos = maCurrentSignatureInformations.size(); 598*cdf0e10cSrcweir int nValidSigs = 0, nValidCerts = 0; 599*cdf0e10cSrcweir bool bAllNewSignatures = true; 600*cdf0e10cSrcweir 601*cdf0e10cSrcweir if( nInfos ) 602*cdf0e10cSrcweir { 603*cdf0e10cSrcweir for( int n = 0; n < nInfos; ++n ) 604*cdf0e10cSrcweir { 605*cdf0e10cSrcweir DocumentSignatureAlgorithm mode = DocumentSignatureHelper::getDocumentAlgorithm( 606*cdf0e10cSrcweir m_sODFVersion, maCurrentSignatureInformations[n]); 607*cdf0e10cSrcweir std::vector< rtl::OUString > aElementsToBeVerified = 608*cdf0e10cSrcweir DocumentSignatureHelper::CreateElementList( 609*cdf0e10cSrcweir mxStore, ::rtl::OUString(), meSignatureMode, mode); 610*cdf0e10cSrcweir 611*cdf0e10cSrcweir const SignatureInformation& rInfo = maCurrentSignatureInformations[n]; 612*cdf0e10cSrcweir //First we try to get the certificate which is embedded in the XML Signature 613*cdf0e10cSrcweir if (rInfo.ouX509Certificate.getLength()) 614*cdf0e10cSrcweir xCert = xSecEnv->createCertificateFromAscii(rInfo.ouX509Certificate); 615*cdf0e10cSrcweir else { 616*cdf0e10cSrcweir //There must be an embedded certificate because we use it to get the 617*cdf0e10cSrcweir //issuer name. We cannot use /Signature/KeyInfo/X509Data/X509IssuerName 618*cdf0e10cSrcweir //because it could be modified by an attacker. The issuer is displayed 619*cdf0e10cSrcweir //in the digital signature dialog. 620*cdf0e10cSrcweir //Comparing the X509IssuerName with the one from the X509Certificate in order 621*cdf0e10cSrcweir //to find out if the X509IssuerName was modified does not work. See #i62684 622*cdf0e10cSrcweir DBG_ASSERT(sal_False, "Could not find embedded certificate!"); 623*cdf0e10cSrcweir } 624*cdf0e10cSrcweir 625*cdf0e10cSrcweir //In case there is no embedded certificate we try to get it from a local store 626*cdf0e10cSrcweir //Todo: This probably could be removed, see above. 627*cdf0e10cSrcweir if (!xCert.is()) 628*cdf0e10cSrcweir xCert = xSecEnv->getCertificate( rInfo.ouX509IssuerName, xSerialNumberAdapter->toSequence( rInfo.ouX509SerialNumber ) ); 629*cdf0e10cSrcweir 630*cdf0e10cSrcweir DBG_ASSERT( xCert.is(), "Certificate not found and can't be created!" ); 631*cdf0e10cSrcweir 632*cdf0e10cSrcweir String aSubject; 633*cdf0e10cSrcweir String aIssuer; 634*cdf0e10cSrcweir String aDateTimeStr; 635*cdf0e10cSrcweir 636*cdf0e10cSrcweir bool bSigValid = false; 637*cdf0e10cSrcweir bool bCertValid = false; 638*cdf0e10cSrcweir if( xCert.is() ) 639*cdf0e10cSrcweir { 640*cdf0e10cSrcweir //check the validity of the cert 641*cdf0e10cSrcweir try { 642*cdf0e10cSrcweir sal_Int32 certResult = xSecEnv->verifyCertificate(xCert, 643*cdf0e10cSrcweir Sequence<css::uno::Reference<css::security::XCertificate> >()); 644*cdf0e10cSrcweir 645*cdf0e10cSrcweir bCertValid = certResult == css::security::CertificateValidity::VALID ? true : false; 646*cdf0e10cSrcweir if ( bCertValid ) 647*cdf0e10cSrcweir nValidCerts++; 648*cdf0e10cSrcweir 649*cdf0e10cSrcweir } catch (css::uno::SecurityException& ) { 650*cdf0e10cSrcweir OSL_ENSURE(0, "Verification of certificate failed"); 651*cdf0e10cSrcweir bCertValid = false; 652*cdf0e10cSrcweir } 653*cdf0e10cSrcweir 654*cdf0e10cSrcweir aSubject = XmlSec::GetContentPart( xCert->getSubjectName() ); 655*cdf0e10cSrcweir aIssuer = XmlSec::GetContentPart( xCert->getIssuerName() ); 656*cdf0e10cSrcweir // --> PB 2004-10-12 #i20172# String with date and time information 657*cdf0e10cSrcweir aDateTimeStr = XmlSec::GetDateTimeString( rInfo.stDateTime ); 658*cdf0e10cSrcweir } 659*cdf0e10cSrcweir bSigValid = ( rInfo.nStatus == ::com::sun::star::xml::crypto::SecurityOperationStatus_OPERATION_SUCCEEDED ); 660*cdf0e10cSrcweir 661*cdf0e10cSrcweir if ( bSigValid ) 662*cdf0e10cSrcweir { 663*cdf0e10cSrcweir bSigValid = DocumentSignatureHelper::checkIfAllFilesAreSigned( 664*cdf0e10cSrcweir aElementsToBeVerified, rInfo, mode); 665*cdf0e10cSrcweir 666*cdf0e10cSrcweir if( bSigValid ) 667*cdf0e10cSrcweir nValidSigs++; 668*cdf0e10cSrcweir } 669*cdf0e10cSrcweir 670*cdf0e10cSrcweir Image aImage; 671*cdf0e10cSrcweir if (!bSigValid) 672*cdf0e10cSrcweir { 673*cdf0e10cSrcweir aImage = maSigsInvalidImg.GetImage(); 674*cdf0e10cSrcweir } 675*cdf0e10cSrcweir else if (bSigValid && !bCertValid) 676*cdf0e10cSrcweir { 677*cdf0e10cSrcweir aImage = maSigsNotvalidatedImg.GetImage(); 678*cdf0e10cSrcweir } 679*cdf0e10cSrcweir //Check if the signature is a "old" document signature, that is, which was created 680*cdf0e10cSrcweir //by an version of OOo previous to 3.2 681*cdf0e10cSrcweir else if (meSignatureMode == SignatureModeDocumentContent 682*cdf0e10cSrcweir && bSigValid && bCertValid && !DocumentSignatureHelper::isOOo3_2_Signature( 683*cdf0e10cSrcweir maCurrentSignatureInformations[n])) 684*cdf0e10cSrcweir { 685*cdf0e10cSrcweir aImage = maSigsNotvalidatedImg.GetImage(); 686*cdf0e10cSrcweir bAllNewSignatures &= false; 687*cdf0e10cSrcweir } 688*cdf0e10cSrcweir else if (meSignatureMode == SignatureModeDocumentContent 689*cdf0e10cSrcweir && bSigValid && bCertValid && DocumentSignatureHelper::isOOo3_2_Signature( 690*cdf0e10cSrcweir maCurrentSignatureInformations[n])) 691*cdf0e10cSrcweir { 692*cdf0e10cSrcweir aImage = maSigsValidImg.GetImage(); 693*cdf0e10cSrcweir } 694*cdf0e10cSrcweir else if (meSignatureMode == SignatureModeMacros 695*cdf0e10cSrcweir && bSigValid && bCertValid) 696*cdf0e10cSrcweir { 697*cdf0e10cSrcweir aImage = aImage = maSigsValidImg.GetImage(); 698*cdf0e10cSrcweir } 699*cdf0e10cSrcweir 700*cdf0e10cSrcweir SvLBoxEntry* pEntry = maSignaturesLB.InsertEntry( aNullStr, aImage, aImage ); 701*cdf0e10cSrcweir maSignaturesLB.SetEntryText( aSubject, pEntry, 1 ); 702*cdf0e10cSrcweir maSignaturesLB.SetEntryText( aIssuer, pEntry, 2 ); 703*cdf0e10cSrcweir maSignaturesLB.SetEntryText( aDateTimeStr, pEntry, 3 ); 704*cdf0e10cSrcweir pEntry->SetUserData( ( void* ) n ); // missuse user data as index 705*cdf0e10cSrcweir } 706*cdf0e10cSrcweir } 707*cdf0e10cSrcweir 708*cdf0e10cSrcweir bool bAllSigsValid = (nValidSigs == nInfos); 709*cdf0e10cSrcweir bool bAllCertsValid = (nValidCerts == nInfos); 710*cdf0e10cSrcweir bool bShowValidState = nInfos && (bAllSigsValid && bAllCertsValid && bAllNewSignatures); 711*cdf0e10cSrcweir 712*cdf0e10cSrcweir bool bShowNotValidatedState = nInfos && (bAllSigsValid && (!bAllCertsValid || !bAllNewSignatures)); 713*cdf0e10cSrcweir bool bShowInvalidState = nInfos && !bAllSigsValid; 714*cdf0e10cSrcweir 715*cdf0e10cSrcweir maSigsValidImg.Show( bShowValidState); 716*cdf0e10cSrcweir maSigsValidFI.Show( bShowValidState ); 717*cdf0e10cSrcweir maSigsInvalidImg.Show( bShowInvalidState ); 718*cdf0e10cSrcweir maSigsInvalidFI.Show( bShowInvalidState ); 719*cdf0e10cSrcweir 720*cdf0e10cSrcweir maSigsNotvalidatedImg.Show(bShowNotValidatedState); 721*cdf0e10cSrcweir //bAllNewSignatures is always true if we are not in document mode 722*cdf0e10cSrcweir maSigsNotvalidatedFI.Show(nInfos && bAllSigsValid && ! bAllCertsValid); 723*cdf0e10cSrcweir maSigsOldSignatureFI.Show(nInfos && bAllSigsValid && bAllCertsValid && !bAllNewSignatures); 724*cdf0e10cSrcweir 725*cdf0e10cSrcweir SignatureHighlightHdl( NULL ); 726*cdf0e10cSrcweir } 727*cdf0e10cSrcweir 728*cdf0e10cSrcweir 729*cdf0e10cSrcweir //If bUseTempStream is true then the temporary signature stream is used. 730*cdf0e10cSrcweir //Otherwise the real signature stream is used. 731*cdf0e10cSrcweir void DigitalSignaturesDialog::ImplGetSignatureInformations(bool bUseTempStream) 732*cdf0e10cSrcweir { 733*cdf0e10cSrcweir maCurrentSignatureInformations.clear(); 734*cdf0e10cSrcweir 735*cdf0e10cSrcweir maSignatureHelper.StartMission(); 736*cdf0e10cSrcweir 737*cdf0e10cSrcweir SignatureStreamHelper aStreamHelper = ImplOpenSignatureStream( 738*cdf0e10cSrcweir css::embed::ElementModes::READ, bUseTempStream); 739*cdf0e10cSrcweir if ( aStreamHelper.xSignatureStream.is() ) 740*cdf0e10cSrcweir { 741*cdf0e10cSrcweir uno::Reference< io::XInputStream > xInputStream( aStreamHelper.xSignatureStream, uno::UNO_QUERY ); 742*cdf0e10cSrcweir maSignatureHelper.ReadAndVerifySignature( xInputStream ); 743*cdf0e10cSrcweir } 744*cdf0e10cSrcweir maSignatureHelper.EndMission(); 745*cdf0e10cSrcweir 746*cdf0e10cSrcweir maCurrentSignatureInformations = maSignatureHelper.GetSignatureInformations(); 747*cdf0e10cSrcweir 748*cdf0e10cSrcweir mbVerifySignatures = false; 749*cdf0e10cSrcweir } 750*cdf0e10cSrcweir 751*cdf0e10cSrcweir void DigitalSignaturesDialog::ImplShowSignaturesDetails() 752*cdf0e10cSrcweir { 753*cdf0e10cSrcweir if( maSignaturesLB.FirstSelected() ) 754*cdf0e10cSrcweir { 755*cdf0e10cSrcweir sal_uInt16 nSelected = (sal_uInt16) (sal_uIntPtr) maSignaturesLB.FirstSelected()->GetUserData(); 756*cdf0e10cSrcweir const SignatureInformation& rInfo = maCurrentSignatureInformations[ nSelected ]; 757*cdf0e10cSrcweir css::uno::Reference<css::xml::crypto::XSecurityEnvironment > xSecEnv = 758*cdf0e10cSrcweir maSignatureHelper.GetSecurityEnvironment(); 759*cdf0e10cSrcweir css::uno::Reference<com::sun::star::security::XSerialNumberAdapter> xSerialNumberAdapter = 760*cdf0e10cSrcweir ::com::sun::star::security::SerialNumberAdapter::create(mxCtx); 761*cdf0e10cSrcweir // Use Certificate from doc, not from key store 762*cdf0e10cSrcweir uno::Reference< dcss::security::XCertificate > xCert; 763*cdf0e10cSrcweir if (rInfo.ouX509Certificate.getLength()) 764*cdf0e10cSrcweir xCert = xSecEnv->createCertificateFromAscii(rInfo.ouX509Certificate); 765*cdf0e10cSrcweir //fallback if no certificate is embedded, get if from store 766*cdf0e10cSrcweir if (!xCert.is()) 767*cdf0e10cSrcweir xCert = xSecEnv->getCertificate( rInfo.ouX509IssuerName, xSerialNumberAdapter->toSequence( rInfo.ouX509SerialNumber ) ); 768*cdf0e10cSrcweir 769*cdf0e10cSrcweir DBG_ASSERT( xCert.is(), "Error getting cCertificate!" ); 770*cdf0e10cSrcweir if ( xCert.is() ) 771*cdf0e10cSrcweir { 772*cdf0e10cSrcweir CertificateViewer aViewer( this, maSignatureHelper.GetSecurityEnvironment(), xCert, sal_False ); 773*cdf0e10cSrcweir aViewer.Execute(); 774*cdf0e10cSrcweir } 775*cdf0e10cSrcweir } 776*cdf0e10cSrcweir } 777*cdf0e10cSrcweir 778*cdf0e10cSrcweir //If bTempStream is true, then a temporary stream is return. If it is false then, the actual 779*cdf0e10cSrcweir //signature stream is used. 780*cdf0e10cSrcweir //Everytime the user presses Add a new temporary stream is created. 781*cdf0e10cSrcweir //We keep the temporary stream as member because ImplGetSignatureInformations 782*cdf0e10cSrcweir //will later access the stream to create DocumentSignatureInformation objects 783*cdf0e10cSrcweir //which are stored in maCurrentSignatureInformations. 784*cdf0e10cSrcweir SignatureStreamHelper DigitalSignaturesDialog::ImplOpenSignatureStream( 785*cdf0e10cSrcweir sal_Int32 nStreamOpenMode, bool bTempStream) 786*cdf0e10cSrcweir { 787*cdf0e10cSrcweir SignatureStreamHelper aHelper; 788*cdf0e10cSrcweir if (bTempStream) 789*cdf0e10cSrcweir { 790*cdf0e10cSrcweir if (nStreamOpenMode & css::embed::ElementModes::TRUNCATE) 791*cdf0e10cSrcweir { 792*cdf0e10cSrcweir //We write always into a new temporary stream. 793*cdf0e10cSrcweir mxTempSignatureStream = Reference < css::io::XStream >( 794*cdf0e10cSrcweir mxCtx->getServiceManager()->createInstanceWithContext( 795*cdf0e10cSrcweir OUSTR( "com.sun.star.io.TempFile" ), mxCtx) , 796*cdf0e10cSrcweir UNO_QUERY_THROW); 797*cdf0e10cSrcweir aHelper.xSignatureStream = mxTempSignatureStream; 798*cdf0e10cSrcweir } 799*cdf0e10cSrcweir else 800*cdf0e10cSrcweir { 801*cdf0e10cSrcweir //When we read from the temp stream, then we must have previously 802*cdf0e10cSrcweir //created one. 803*cdf0e10cSrcweir OSL_ASSERT(mxTempSignatureStream.is()); 804*cdf0e10cSrcweir } 805*cdf0e10cSrcweir aHelper.xSignatureStream = mxTempSignatureStream; 806*cdf0e10cSrcweir } 807*cdf0e10cSrcweir else 808*cdf0e10cSrcweir { 809*cdf0e10cSrcweir //No temporary stream 810*cdf0e10cSrcweir if (!mxSignatureStream.is()) 811*cdf0e10cSrcweir { 812*cdf0e10cSrcweir //We may not have a dedicated stream for writing the signature 813*cdf0e10cSrcweir //So we take one directly from the storage 814*cdf0e10cSrcweir //Or DocumentDigitalSignatures::showDocumentContentSignatures was called, 815*cdf0e10cSrcweir //in which case Add/Remove is not allowed. This is done, for example, if the 816*cdf0e10cSrcweir //document is readonly 817*cdf0e10cSrcweir aHelper = DocumentSignatureHelper::OpenSignatureStream( 818*cdf0e10cSrcweir mxStore, nStreamOpenMode, meSignatureMode ); 819*cdf0e10cSrcweir } 820*cdf0e10cSrcweir else 821*cdf0e10cSrcweir { 822*cdf0e10cSrcweir aHelper.xSignatureStream = mxSignatureStream; 823*cdf0e10cSrcweir } 824*cdf0e10cSrcweir } 825*cdf0e10cSrcweir 826*cdf0e10cSrcweir if (nStreamOpenMode & css::embed::ElementModes::TRUNCATE) 827*cdf0e10cSrcweir { 828*cdf0e10cSrcweir css::uno::Reference < css::io::XTruncate > xTruncate( 829*cdf0e10cSrcweir aHelper.xSignatureStream, UNO_QUERY_THROW); 830*cdf0e10cSrcweir DBG_ASSERT( xTruncate.is(), "ImplOpenSignatureStream - Stream does not support xTruncate!" ); 831*cdf0e10cSrcweir xTruncate->truncate(); 832*cdf0e10cSrcweir } 833*cdf0e10cSrcweir else if ( bTempStream || mxSignatureStream.is()) 834*cdf0e10cSrcweir { 835*cdf0e10cSrcweir //In case we read the signature stream from the storage directly, 836*cdf0e10cSrcweir //which is the case when DocumentDigitalSignatures::showDocumentContentSignatures 837*cdf0e10cSrcweir //then XSeakable is not supported 838*cdf0e10cSrcweir css::uno::Reference < css::io::XSeekable > xSeek( 839*cdf0e10cSrcweir aHelper.xSignatureStream, UNO_QUERY_THROW); 840*cdf0e10cSrcweir DBG_ASSERT( xSeek.is(), "ImplOpenSignatureStream - Stream does not support xSeekable!" ); 841*cdf0e10cSrcweir xSeek->seek( 0 ); 842*cdf0e10cSrcweir } 843*cdf0e10cSrcweir 844*cdf0e10cSrcweir return aHelper; 845*cdf0e10cSrcweir } 846*cdf0e10cSrcweir 847