1*06b3ce53SAndrew Rist /************************************************************** 2cdf0e10cSrcweir * 3*06b3ce53SAndrew Rist * Licensed to the Apache Software Foundation (ASF) under one 4*06b3ce53SAndrew Rist * or more contributor license agreements. See the NOTICE file 5*06b3ce53SAndrew Rist * distributed with this work for additional information 6*06b3ce53SAndrew Rist * regarding copyright ownership. The ASF licenses this file 7*06b3ce53SAndrew Rist * to you under the Apache License, Version 2.0 (the 8*06b3ce53SAndrew Rist * "License"); you may not use this file except in compliance 9*06b3ce53SAndrew Rist * with the License. You may obtain a copy of the License at 10cdf0e10cSrcweir * 11*06b3ce53SAndrew Rist * http://www.apache.org/licenses/LICENSE-2.0 12cdf0e10cSrcweir * 13*06b3ce53SAndrew Rist * Unless required by applicable law or agreed to in writing, 14*06b3ce53SAndrew Rist * software distributed under the License is distributed on an 15*06b3ce53SAndrew Rist * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY 16*06b3ce53SAndrew Rist * KIND, either express or implied. See the License for the 17*06b3ce53SAndrew Rist * specific language governing permissions and limitations 18*06b3ce53SAndrew Rist * under the License. 19cdf0e10cSrcweir * 20*06b3ce53SAndrew Rist *************************************************************/ 21*06b3ce53SAndrew Rist 22*06b3ce53SAndrew Rist 23cdf0e10cSrcweir 24cdf0e10cSrcweir // MARKER(update_precomp.py): autogen include statement, do not remove 25cdf0e10cSrcweir #include "precompiled_xmlsecurity.hxx" 26cdf0e10cSrcweir #include <xmlsecurity/digitalsignaturesdialog.hxx> 27cdf0e10cSrcweir #include <xmlsecurity/certificatechooser.hxx> 28cdf0e10cSrcweir #include <xmlsecurity/certificateviewer.hxx> 29cdf0e10cSrcweir #include <xmlsecurity/biginteger.hxx> 30cdf0e10cSrcweir #include <xmloff/xmluconv.hxx> 31cdf0e10cSrcweir #include <com/sun/star/embed/XStorage.hpp> 32cdf0e10cSrcweir #include <com/sun/star/embed/ElementModes.hpp> 33cdf0e10cSrcweir #include <com/sun/star/io/XSeekable.hpp> 34cdf0e10cSrcweir #include <com/sun/star/io/XTruncate.hpp> 35cdf0e10cSrcweir #include <com/sun/star/embed/XTransactedObject.hpp> 36cdf0e10cSrcweir #include <com/sun/star/container/XNameAccess.hpp> 37cdf0e10cSrcweir #include <com/sun/star/lang/XComponent.hpp> 38cdf0e10cSrcweir #include <com/sun/star/security/NoPasswordException.hpp> 39cdf0e10cSrcweir #include <com/sun/star/lang/DisposedException.hpp> 40cdf0e10cSrcweir #include <com/sun/star/beans/XPropertySet.hpp> 41cdf0e10cSrcweir #include <com/sun/star/security/CertificateValidity.hdl> 42cdf0e10cSrcweir #include <com/sun/star/packages/WrongPasswordException.hpp> 43cdf0e10cSrcweir #include <com/sun/star/security/SerialNumberAdapter.hpp> 44cdf0e10cSrcweir #include <com/sun/star/security/XDocumentDigitalSignatures.hpp> 45cdf0e10cSrcweir #include <com/sun/star/xml/dom/XDocumentBuilder.hpp> 46cdf0e10cSrcweir #include <com/sun/star/packages/manifest/XManifestReader.hpp> 47cdf0e10cSrcweir 48cdf0e10cSrcweir 49cdf0e10cSrcweir #include <rtl/ustrbuf.hxx> 50cdf0e10cSrcweir #include <rtl/uri.hxx> 51cdf0e10cSrcweir 52cdf0e10cSrcweir #include <tools/date.hxx> 53cdf0e10cSrcweir #include <tools/time.hxx> 54cdf0e10cSrcweir 55cdf0e10cSrcweir #include "dialogs.hrc" 56cdf0e10cSrcweir #include "digitalsignaturesdialog.hrc" 57cdf0e10cSrcweir #include "helpids.hrc" 58cdf0e10cSrcweir #include "resourcemanager.hxx" 59cdf0e10cSrcweir 60cdf0e10cSrcweir #include <vcl/msgbox.hxx> // Until encrypted docs work... 61cdf0e10cSrcweir #include <unotools/configitem.hxx> 62cdf0e10cSrcweir #include <comphelper/componentcontext.hxx> 63cdf0e10cSrcweir 64cdf0e10cSrcweir #define OUSTR(x) ::rtl::OUString( RTL_CONSTASCII_USTRINGPARAM(x) ) 65cdf0e10cSrcweir 66cdf0e10cSrcweir 67cdf0e10cSrcweir /* HACK: disable some warnings for MS-C */ 68cdf0e10cSrcweir #ifdef _MSC_VER 69cdf0e10cSrcweir #pragma warning (disable : 4355) // 4355: this used in initializer-list 70cdf0e10cSrcweir #endif 71cdf0e10cSrcweir 72cdf0e10cSrcweir using namespace ::com::sun::star::security; 73cdf0e10cSrcweir using namespace ::com::sun::star::uno; 74cdf0e10cSrcweir using namespace ::com::sun::star; 75cdf0e10cSrcweir namespace css = ::com::sun::star; 76cdf0e10cSrcweir using ::rtl::OUString; 77cdf0e10cSrcweir 78cdf0e10cSrcweir namespace 79cdf0e10cSrcweir { 80cdf0e10cSrcweir class SaveODFItem: public utl::ConfigItem 81cdf0e10cSrcweir { 82cdf0e10cSrcweir sal_Int16 m_nODF; 83cdf0e10cSrcweir public: 84cdf0e10cSrcweir virtual void Commit(); 85cdf0e10cSrcweir virtual void Notify( const ::com::sun::star::uno::Sequence< rtl::OUString >& aPropertyNames ); 86cdf0e10cSrcweir SaveODFItem(); 87cdf0e10cSrcweir //See group ODF in Common.xcs 88cdf0e10cSrcweir bool isLessODF1_2() 89cdf0e10cSrcweir { 90cdf0e10cSrcweir return m_nODF < 3; 91cdf0e10cSrcweir } 92cdf0e10cSrcweir }; 93cdf0e10cSrcweir 94cdf0e10cSrcweir void SaveODFItem::Commit() {} 95cdf0e10cSrcweir void SaveODFItem::Notify( const ::com::sun::star::uno::Sequence< rtl::OUString >& ) {} 96cdf0e10cSrcweir 97cdf0e10cSrcweir SaveODFItem::SaveODFItem(): utl::ConfigItem(::rtl::OUString(RTL_CONSTASCII_USTRINGPARAM( 98cdf0e10cSrcweir "Office.Common/Save"))), m_nODF(0) 99cdf0e10cSrcweir { 100cdf0e10cSrcweir OUString sDef(RTL_CONSTASCII_USTRINGPARAM("ODF/DefaultVersion")); 101cdf0e10cSrcweir Sequence< css::uno::Any > aValues = GetProperties( Sequence<OUString>(&sDef,1) ); 102cdf0e10cSrcweir if ( aValues.getLength() == 1) 103cdf0e10cSrcweir { 104cdf0e10cSrcweir sal_Int16 nTmp = 0; 105cdf0e10cSrcweir if ( aValues[0] >>= nTmp ) 106cdf0e10cSrcweir m_nODF = nTmp; 107cdf0e10cSrcweir else 108cdf0e10cSrcweir throw uno::RuntimeException( 109cdf0e10cSrcweir OUString(RTL_CONSTASCII_USTRINGPARAM( 110cdf0e10cSrcweir "[xmlsecurity]SaveODFItem::SaveODFItem(): Wrong Type!")), 0 ); 111cdf0e10cSrcweir 112cdf0e10cSrcweir } 113cdf0e10cSrcweir else 114cdf0e10cSrcweir throw uno::RuntimeException( 115cdf0e10cSrcweir OUString(RTL_CONSTASCII_USTRINGPARAM( 116cdf0e10cSrcweir "[xmlsecurity] Could not open property Office.Common/Save/ODF/DefaultVersion")), 0); 117cdf0e10cSrcweir } 118cdf0e10cSrcweir } 119cdf0e10cSrcweir 120cdf0e10cSrcweir /* Using the zip storage, we cannot get the properties "MediaType" and "IsEncrypted" 121cdf0e10cSrcweir We use the manifest to find out if a file is xml and if it is encrypted. 122cdf0e10cSrcweir The parameter is an encoded uri. However, the manifest contains paths. Therefore 123cdf0e10cSrcweir the path is encoded as uri, so they can be compared. 124cdf0e10cSrcweir */ 125cdf0e10cSrcweir bool DigitalSignaturesDialog::isXML(const rtl::OUString& rURI ) 126cdf0e10cSrcweir { 127cdf0e10cSrcweir OSL_ASSERT(mxStore.is()); 128cdf0e10cSrcweir 129cdf0e10cSrcweir bool bIsXML = false; 130cdf0e10cSrcweir bool bPropsAvailable = false; 131cdf0e10cSrcweir const OUString sPropFullPath(RTL_CONSTASCII_USTRINGPARAM("FullPath")); 132cdf0e10cSrcweir const OUString sPropMediaType(RTL_CONSTASCII_USTRINGPARAM("MediaType")); 133cdf0e10cSrcweir const OUString sPropDigest(RTL_CONSTASCII_USTRINGPARAM("Digest")); 134cdf0e10cSrcweir 135cdf0e10cSrcweir for (int i = 0; i < m_manifest.getLength(); i++) 136cdf0e10cSrcweir { 137cdf0e10cSrcweir Any digest; 138cdf0e10cSrcweir const Sequence< css::beans::PropertyValue >& entry = m_manifest[i]; 139cdf0e10cSrcweir OUString sPath, sMediaType; 140cdf0e10cSrcweir bool bEncrypted = false; 141cdf0e10cSrcweir for (int j = 0; j < entry.getLength(); j++) 142cdf0e10cSrcweir { 143cdf0e10cSrcweir const css::beans::PropertyValue & prop = entry[j]; 144cdf0e10cSrcweir 145cdf0e10cSrcweir if (prop.Name.equals( sPropFullPath ) ) 146cdf0e10cSrcweir prop.Value >>= sPath; 147cdf0e10cSrcweir else if (prop.Name.equals( sPropMediaType ) ) 148cdf0e10cSrcweir prop.Value >>= sMediaType; 149cdf0e10cSrcweir else if (prop.Name.equals( sPropDigest ) ) 150cdf0e10cSrcweir bEncrypted = true; 151cdf0e10cSrcweir } 152cdf0e10cSrcweir if (DocumentSignatureHelper::equalsReferenceUriManifestPath(rURI, sPath)) 153cdf0e10cSrcweir { 154cdf0e10cSrcweir bIsXML = sMediaType.equals(OUSTR("text/xml")) && ! bEncrypted; 155cdf0e10cSrcweir bPropsAvailable = true; 156cdf0e10cSrcweir break; 157cdf0e10cSrcweir } 158cdf0e10cSrcweir } 159cdf0e10cSrcweir if (!bPropsAvailable) 160cdf0e10cSrcweir { 161cdf0e10cSrcweir //This would be the case for at least mimetype, META-INF/manifest.xml 162cdf0e10cSrcweir //META-INF/macrosignatures.xml. 163cdf0e10cSrcweir //Files can only be encrypted if they are in the manifest.xml. 164cdf0e10cSrcweir //That is, the current file cannot be encrypted, otherwise bPropsAvailable 165cdf0e10cSrcweir //would be true. 166cdf0e10cSrcweir OUString aXMLExt( RTL_CONSTASCII_USTRINGPARAM( "XML" ) ); 167cdf0e10cSrcweir sal_Int32 nSep = rURI.lastIndexOf( '.' ); 168cdf0e10cSrcweir if ( nSep != (-1) ) 169cdf0e10cSrcweir { 170cdf0e10cSrcweir OUString aExt = rURI.copy( nSep+1 ); 171cdf0e10cSrcweir if (aExt.equalsIgnoreAsciiCase(aXMLExt )) 172cdf0e10cSrcweir bIsXML = true; 173cdf0e10cSrcweir } 174cdf0e10cSrcweir } 175cdf0e10cSrcweir return bIsXML; 176cdf0e10cSrcweir } 177cdf0e10cSrcweir 178cdf0e10cSrcweir DigitalSignaturesDialog::DigitalSignaturesDialog( 179cdf0e10cSrcweir Window* pParent, 180cdf0e10cSrcweir uno::Reference< uno::XComponentContext >& rxCtx, DocumentSignatureMode eMode, 181cdf0e10cSrcweir sal_Bool bReadOnly, const ::rtl::OUString& sODFVersion, bool bHasDocumentSignature) 182cdf0e10cSrcweir :ModalDialog ( pParent, XMLSEC_RES( RID_XMLSECDLG_DIGSIG ) ) 183cdf0e10cSrcweir ,mxCtx ( rxCtx ) 184cdf0e10cSrcweir ,maSignatureHelper ( rxCtx ) 185cdf0e10cSrcweir ,meSignatureMode ( eMode ) 186cdf0e10cSrcweir ,maHintDocFT ( this, XMLSEC_RES( FT_HINT_DOC ) ) 187cdf0e10cSrcweir ,maHintBasicFT ( this, XMLSEC_RES( FT_HINT_BASIC ) ) 188cdf0e10cSrcweir ,maHintPackageFT ( this, XMLSEC_RES( FT_HINT_PACK ) ) 189cdf0e10cSrcweir ,maSignaturesLB ( this, XMLSEC_RES( LB_SIGNATURES ) ) 190cdf0e10cSrcweir ,maSigsValidImg ( this, XMLSEC_RES( IMG_STATE_VALID ) ) 191cdf0e10cSrcweir ,maSigsValidFI ( this, XMLSEC_RES( FI_STATE_VALID ) ) 192cdf0e10cSrcweir ,maSigsInvalidImg ( this, XMLSEC_RES( IMG_STATE_BROKEN ) ) 193cdf0e10cSrcweir ,maSigsInvalidFI ( this, XMLSEC_RES( FI_STATE_BROKEN ) ) 194cdf0e10cSrcweir ,maSigsNotvalidatedImg( this, XMLSEC_RES( IMG_STATE_NOTVALIDATED ) ) 195cdf0e10cSrcweir ,maSigsNotvalidatedFI ( this, XMLSEC_RES( FI_STATE_NOTVALIDATED ) ) 196cdf0e10cSrcweir ,maSigsOldSignatureFI ( this, XMLSEC_RES( FI_STATE_OLDSIGNATURE) ) 197cdf0e10cSrcweir ,maViewBtn ( this, XMLSEC_RES( BTN_VIEWCERT ) ) 198cdf0e10cSrcweir ,maAddBtn ( this, XMLSEC_RES( BTN_ADDCERT ) ) 199cdf0e10cSrcweir ,maRemoveBtn ( this, XMLSEC_RES( BTN_REMOVECERT ) ) 200cdf0e10cSrcweir ,maBottomSepFL ( this, XMLSEC_RES( FL_BOTTOM_SEP ) ) 201cdf0e10cSrcweir ,maOKBtn ( this, XMLSEC_RES( BTN_OK ) ) 202cdf0e10cSrcweir ,maHelpBtn ( this, XMLSEC_RES( BTN_HELP ) ) 203cdf0e10cSrcweir ,m_sODFVersion (sODFVersion) 204cdf0e10cSrcweir ,m_bHasDocumentSignature(bHasDocumentSignature) 205cdf0e10cSrcweir ,m_bWarningShowSignMacro(false) 206cdf0e10cSrcweir { 207cdf0e10cSrcweir // --> PB #i48253 the tablistbox needs its own unique id 208cdf0e10cSrcweir maSignaturesLB.Window::SetUniqueId( HID_XMLSEC_TREE_SIGNATURESDLG ); 209cdf0e10cSrcweir // <-- 210cdf0e10cSrcweir Size aControlSize( maSignaturesLB.GetSizePixel() ); 211cdf0e10cSrcweir aControlSize = maSignaturesLB.PixelToLogic( aControlSize, MapMode( MAP_APPFONT ) ); 212cdf0e10cSrcweir const long nControlWidth = aControlSize.Width(); 213cdf0e10cSrcweir static long nTabs[] = { 4, 0, 6*nControlWidth/100, 36*nControlWidth/100, 74*nControlWidth/100 }; 214cdf0e10cSrcweir maSignaturesLB.SetTabs( &nTabs[ 0 ] ); 215cdf0e10cSrcweir maSignaturesLB.InsertHeaderEntry( String( XMLSEC_RES( STR_HEADERBAR ) ) ); 216cdf0e10cSrcweir 217cdf0e10cSrcweir maSigsNotvalidatedFI.SetText( String( XMLSEC_RES( STR_NO_INFO_TO_VERIFY ) ) ); 218cdf0e10cSrcweir 219cdf0e10cSrcweir if ( GetSettings().GetStyleSettings().GetHighContrastMode() ) 220cdf0e10cSrcweir { 221cdf0e10cSrcweir // high contrast mode needs other images 222cdf0e10cSrcweir maSigsValidImg.SetImage( Image( XMLSEC_RES( IMG_STATE_VALID_HC ) ) ); 223cdf0e10cSrcweir maSigsInvalidImg.SetImage( Image( XMLSEC_RES( IMG_STATE_BROKEN_HC ) ) ); 224cdf0e10cSrcweir maSigsNotvalidatedImg.SetImage( Image( XMLSEC_RES( IMG_STATE_NOTVALIDATED_HC ) ) ); 225cdf0e10cSrcweir } 226cdf0e10cSrcweir 227cdf0e10cSrcweir FreeResource(); 228cdf0e10cSrcweir 229cdf0e10cSrcweir mbVerifySignatures = true; 230cdf0e10cSrcweir mbSignaturesChanged = false; 231cdf0e10cSrcweir 232cdf0e10cSrcweir maSignaturesLB.SetSelectHdl( LINK( this, DigitalSignaturesDialog, SignatureHighlightHdl ) ); 233cdf0e10cSrcweir maSignaturesLB.SetDoubleClickHdl( LINK( this, DigitalSignaturesDialog, SignatureSelectHdl ) ); 234cdf0e10cSrcweir 235cdf0e10cSrcweir maViewBtn.SetClickHdl( LINK( this, DigitalSignaturesDialog, ViewButtonHdl ) ); 236cdf0e10cSrcweir maViewBtn.Disable(); 237cdf0e10cSrcweir 238cdf0e10cSrcweir maAddBtn.SetClickHdl( LINK( this, DigitalSignaturesDialog, AddButtonHdl ) ); 239cdf0e10cSrcweir if ( bReadOnly ) 240cdf0e10cSrcweir maAddBtn.Disable(); 241cdf0e10cSrcweir 242cdf0e10cSrcweir maRemoveBtn.SetClickHdl( LINK( this, DigitalSignaturesDialog, RemoveButtonHdl ) ); 243cdf0e10cSrcweir maRemoveBtn.Disable(); 244cdf0e10cSrcweir 245cdf0e10cSrcweir maOKBtn.SetClickHdl( LINK( this, DigitalSignaturesDialog, OKButtonHdl) ); 246cdf0e10cSrcweir 247cdf0e10cSrcweir switch( meSignatureMode ) 248cdf0e10cSrcweir { 249cdf0e10cSrcweir case SignatureModeDocumentContent: maHintDocFT.Show(); break; 250cdf0e10cSrcweir case SignatureModeMacros: maHintBasicFT.Show(); break; 251cdf0e10cSrcweir case SignatureModePackage: maHintPackageFT.Show(); break; 252cdf0e10cSrcweir } 253cdf0e10cSrcweir 254cdf0e10cSrcweir // adjust fixed text to images 255cdf0e10cSrcweir XmlSec::AlignAndFitImageAndControl( maSigsValidImg, maSigsValidFI, 5 ); 256cdf0e10cSrcweir XmlSec::AlignAndFitImageAndControl( maSigsInvalidImg, maSigsInvalidFI, 5 ); 257cdf0e10cSrcweir XmlSec::AlignAndFitImageAndControl( maSigsNotvalidatedImg, maSigsNotvalidatedFI, 5 ); 258cdf0e10cSrcweir XmlSec::AlignAndFitImageAndControl( maSigsNotvalidatedImg, maSigsOldSignatureFI, 5 ); 259cdf0e10cSrcweir } 260cdf0e10cSrcweir 261cdf0e10cSrcweir DigitalSignaturesDialog::~DigitalSignaturesDialog() 262cdf0e10cSrcweir { 263cdf0e10cSrcweir } 264cdf0e10cSrcweir 265cdf0e10cSrcweir sal_Bool DigitalSignaturesDialog::Init() 266cdf0e10cSrcweir { 267cdf0e10cSrcweir bool bInit = maSignatureHelper.Init(); 268cdf0e10cSrcweir 269cdf0e10cSrcweir DBG_ASSERT( bInit, "Error initializing security context!" ); 270cdf0e10cSrcweir 271cdf0e10cSrcweir if ( bInit ) 272cdf0e10cSrcweir { 273cdf0e10cSrcweir maSignatureHelper.SetStartVerifySignatureHdl( LINK( this, DigitalSignaturesDialog, StartVerifySignatureHdl ) ); 274cdf0e10cSrcweir } 275cdf0e10cSrcweir 276cdf0e10cSrcweir return bInit; 277cdf0e10cSrcweir } 278cdf0e10cSrcweir 279cdf0e10cSrcweir void DigitalSignaturesDialog::SetStorage( const com::sun::star::uno::Reference < com::sun::star::embed::XStorage >& rxStore ) 280cdf0e10cSrcweir { 281cdf0e10cSrcweir mxStore = rxStore; 282cdf0e10cSrcweir maSignatureHelper.SetStorage( mxStore, m_sODFVersion); 283cdf0e10cSrcweir 284cdf0e10cSrcweir Reference < css::packages::manifest::XManifestReader > xReader( 285cdf0e10cSrcweir mxCtx->getServiceManager()->createInstanceWithContext( 286cdf0e10cSrcweir OUSTR("com.sun.star.packages.manifest.ManifestReader"), mxCtx), UNO_QUERY_THROW); 287cdf0e10cSrcweir 288cdf0e10cSrcweir //Get the manifest.xml 289cdf0e10cSrcweir Reference < css::embed::XStorage > xSubStore(rxStore->openStorageElement( 290cdf0e10cSrcweir OUSTR("META-INF"), css::embed::ElementModes::READ), UNO_QUERY_THROW); 291cdf0e10cSrcweir 292cdf0e10cSrcweir Reference< css::io::XInputStream > xStream( 293cdf0e10cSrcweir xSubStore->openStreamElement(OUSTR("manifest.xml"), css::embed::ElementModes::READ), 294cdf0e10cSrcweir UNO_QUERY_THROW); 295cdf0e10cSrcweir 296cdf0e10cSrcweir m_manifest = xReader->readManifestSequence(xStream); 297cdf0e10cSrcweir } 298cdf0e10cSrcweir 299cdf0e10cSrcweir void DigitalSignaturesDialog::SetSignatureStream( const cssu::Reference < css::io::XStream >& rxStream ) 300cdf0e10cSrcweir { 301cdf0e10cSrcweir mxSignatureStream = rxStream; 302cdf0e10cSrcweir } 303cdf0e10cSrcweir 304cdf0e10cSrcweir bool DigitalSignaturesDialog::canAddRemove() 305cdf0e10cSrcweir { 306cdf0e10cSrcweir //m56 307cdf0e10cSrcweir bool ret = true; 308cdf0e10cSrcweir OSL_ASSERT(mxStore.is()); 309cdf0e10cSrcweir bool bDoc1_1 = DocumentSignatureHelper::isODFPre_1_2(m_sODFVersion); 310cdf0e10cSrcweir SaveODFItem item; 311cdf0e10cSrcweir bool bSave1_1 = item.isLessODF1_2(); 312cdf0e10cSrcweir 313cdf0e10cSrcweir // see specification 314cdf0e10cSrcweir //cvs: specs/www/appwide/security/Electronic_Signatures_and_Security.sxw 315cdf0e10cSrcweir //Paragraph 'Behavior with regard to ODF 1.2' 316cdf0e10cSrcweir //For both, macro and document 317cdf0e10cSrcweir if ( (!bSave1_1 && bDoc1_1) || (bSave1_1 && bDoc1_1) ) 318cdf0e10cSrcweir { 319cdf0e10cSrcweir //#4 320cdf0e10cSrcweir ErrorBox err(NULL, XMLSEC_RES(RID_XMLSECDLG_OLD_ODF_FORMAT)); 321cdf0e10cSrcweir err.Execute(); 322cdf0e10cSrcweir ret = false; 323cdf0e10cSrcweir } 324cdf0e10cSrcweir 325cdf0e10cSrcweir //As of OOo 3.2 the document signature includes in macrosignatures.xml. That is 326cdf0e10cSrcweir //adding a macro signature will break an existing document signature. 327cdf0e10cSrcweir //The sfx2 will remove the documentsignature when the user adds a macro signature 328cdf0e10cSrcweir if (meSignatureMode == SignatureModeMacros 329cdf0e10cSrcweir && ret) 330cdf0e10cSrcweir { 331cdf0e10cSrcweir if (m_bHasDocumentSignature && !m_bWarningShowSignMacro) 332cdf0e10cSrcweir { 333cdf0e10cSrcweir //The warning says that the document signatures will be removed if the user 334cdf0e10cSrcweir //continues. He can then either press 'OK' or 'NO' 335cdf0e10cSrcweir //It the user presses 'Add' or 'Remove' several times then, then the warning 336cdf0e10cSrcweir //is shown every time until the user presses 'OK'. From then on, the warning 337cdf0e10cSrcweir //is not displayed anymore as long as the signatures dialog is alive. 338cdf0e10cSrcweir if (QueryBox( 339cdf0e10cSrcweir NULL, XMLSEC_RES(MSG_XMLSECDLG_QUERY_REMOVEDOCSIGNBEFORESIGN)).Execute() == RET_NO) 340cdf0e10cSrcweir ret = false; 341cdf0e10cSrcweir else 342cdf0e10cSrcweir m_bWarningShowSignMacro = true; 343cdf0e10cSrcweir 344cdf0e10cSrcweir } 345cdf0e10cSrcweir } 346cdf0e10cSrcweir return ret; 347cdf0e10cSrcweir } 348cdf0e10cSrcweir 349cdf0e10cSrcweir bool DigitalSignaturesDialog::canAdd() 350cdf0e10cSrcweir { 351cdf0e10cSrcweir if (canAddRemove()) 352cdf0e10cSrcweir return true; 353cdf0e10cSrcweir return false; 354cdf0e10cSrcweir } 355cdf0e10cSrcweir 356cdf0e10cSrcweir bool DigitalSignaturesDialog::canRemove() 357cdf0e10cSrcweir { 358cdf0e10cSrcweir if (canAddRemove()) 359cdf0e10cSrcweir return true; 360cdf0e10cSrcweir return false; 361cdf0e10cSrcweir } 362cdf0e10cSrcweir 363cdf0e10cSrcweir short DigitalSignaturesDialog::Execute() 364cdf0e10cSrcweir { 365cdf0e10cSrcweir // Verify Signatures and add certificates to ListBox... 366cdf0e10cSrcweir mbVerifySignatures = true; 367cdf0e10cSrcweir ImplGetSignatureInformations(false); 368cdf0e10cSrcweir ImplFillSignaturesBox(); 369cdf0e10cSrcweir 370cdf0e10cSrcweir // Only verify once, content will not change. 371cdf0e10cSrcweir // But for refreshing signature information, StartVerifySignatureHdl will be called after each add/remove 372cdf0e10cSrcweir mbVerifySignatures = false; 373cdf0e10cSrcweir 374cdf0e10cSrcweir return Dialog::Execute(); 375cdf0e10cSrcweir } 376cdf0e10cSrcweir 377cdf0e10cSrcweir IMPL_LINK( DigitalSignaturesDialog, SignatureHighlightHdl, void*, EMPTYARG ) 378cdf0e10cSrcweir { 379cdf0e10cSrcweir bool bSel = maSignaturesLB.FirstSelected() ? true : false; 380cdf0e10cSrcweir maViewBtn.Enable( bSel ); 381cdf0e10cSrcweir if ( maAddBtn.IsEnabled() ) // not read only 382cdf0e10cSrcweir maRemoveBtn.Enable( bSel ); 383cdf0e10cSrcweir 384cdf0e10cSrcweir return 0; 385cdf0e10cSrcweir } 386cdf0e10cSrcweir 387cdf0e10cSrcweir IMPL_LINK( DigitalSignaturesDialog, OKButtonHdl, void*, EMPTYARG ) 388cdf0e10cSrcweir { 389cdf0e10cSrcweir // Export all other signatures... 390cdf0e10cSrcweir SignatureStreamHelper aStreamHelper = ImplOpenSignatureStream( 391cdf0e10cSrcweir embed::ElementModes::WRITE|embed::ElementModes::TRUNCATE, false ); 392cdf0e10cSrcweir uno::Reference< io::XOutputStream > xOutputStream( 393cdf0e10cSrcweir aStreamHelper.xSignatureStream, uno::UNO_QUERY ); 394cdf0e10cSrcweir uno::Reference< com::sun::star::xml::sax::XDocumentHandler> xDocumentHandler = 395cdf0e10cSrcweir maSignatureHelper.CreateDocumentHandlerWithHeader( xOutputStream ); 396cdf0e10cSrcweir 397cdf0e10cSrcweir int nInfos = maCurrentSignatureInformations.size(); 398cdf0e10cSrcweir for( int n = 0 ; n < nInfos ; ++n ) 399cdf0e10cSrcweir maSignatureHelper.ExportSignature( 400cdf0e10cSrcweir xDocumentHandler, maCurrentSignatureInformations[ n ] ); 401cdf0e10cSrcweir 402cdf0e10cSrcweir maSignatureHelper.CloseDocumentHandler( xDocumentHandler); 403cdf0e10cSrcweir 404cdf0e10cSrcweir // If stream was not provided, we are responsible for committing it.... 405cdf0e10cSrcweir if ( !mxSignatureStream.is() ) 406cdf0e10cSrcweir { 407cdf0e10cSrcweir uno::Reference< embed::XTransactedObject > xTrans( 408cdf0e10cSrcweir aStreamHelper.xSignatureStorage, uno::UNO_QUERY ); 409cdf0e10cSrcweir xTrans->commit(); 410cdf0e10cSrcweir } 411cdf0e10cSrcweir 412cdf0e10cSrcweir EndDialog(RET_OK); 413cdf0e10cSrcweir return 0; 414cdf0e10cSrcweir } 415cdf0e10cSrcweir 416cdf0e10cSrcweir IMPL_LINK( DigitalSignaturesDialog, SignatureSelectHdl, void*, EMPTYARG ) 417cdf0e10cSrcweir { 418cdf0e10cSrcweir ImplShowSignaturesDetails(); 419cdf0e10cSrcweir return 0; 420cdf0e10cSrcweir } 421cdf0e10cSrcweir 422cdf0e10cSrcweir IMPL_LINK( DigitalSignaturesDialog, ViewButtonHdl, Button*, EMPTYARG ) 423cdf0e10cSrcweir { 424cdf0e10cSrcweir ImplShowSignaturesDetails(); 425cdf0e10cSrcweir return 0; 426cdf0e10cSrcweir } 427cdf0e10cSrcweir 428cdf0e10cSrcweir IMPL_LINK( DigitalSignaturesDialog, AddButtonHdl, Button*, EMPTYARG ) 429cdf0e10cSrcweir { 430cdf0e10cSrcweir if( ! canAdd()) 431cdf0e10cSrcweir return 0; 432cdf0e10cSrcweir try 433cdf0e10cSrcweir { 434cdf0e10cSrcweir uno::Reference<com::sun::star::xml::crypto::XSecurityEnvironment> xSecEnv = maSignatureHelper.GetSecurityEnvironment(); 435cdf0e10cSrcweir 436cdf0e10cSrcweir uno::Reference<com::sun::star::security::XSerialNumberAdapter> xSerialNumberAdapter = 437cdf0e10cSrcweir ::com::sun::star::security::SerialNumberAdapter::create(mxCtx); 438cdf0e10cSrcweir CertificateChooser aChooser( this, mxCtx, xSecEnv, maCurrentSignatureInformations ); 439cdf0e10cSrcweir if ( aChooser.Execute() == RET_OK ) 440cdf0e10cSrcweir { 441cdf0e10cSrcweir uno::Reference< ::com::sun::star::security::XCertificate > xCert = aChooser.GetSelectedCertificate(); 442cdf0e10cSrcweir if ( !xCert.is() ) 443cdf0e10cSrcweir { 444cdf0e10cSrcweir DBG_ERRORFILE( "no certificate selected" ); 445cdf0e10cSrcweir return -1; 446cdf0e10cSrcweir } 447cdf0e10cSrcweir rtl::OUString aCertSerial = xSerialNumberAdapter->toString( xCert->getSerialNumber() ); 448cdf0e10cSrcweir if ( !aCertSerial.getLength() ) 449cdf0e10cSrcweir { 450cdf0e10cSrcweir DBG_ERROR( "Error in Certificate, problem with serial number!" ); 451cdf0e10cSrcweir return -1; 452cdf0e10cSrcweir } 453cdf0e10cSrcweir 454cdf0e10cSrcweir maSignatureHelper.StartMission(); 455cdf0e10cSrcweir 456cdf0e10cSrcweir sal_Int32 nSecurityId = maSignatureHelper.GetNewSecurityId(); 457cdf0e10cSrcweir 458cdf0e10cSrcweir rtl::OUStringBuffer aStrBuffer; 459cdf0e10cSrcweir SvXMLUnitConverter::encodeBase64(aStrBuffer, xCert->getEncoded()); 460cdf0e10cSrcweir 461cdf0e10cSrcweir maSignatureHelper.SetX509Certificate( nSecurityId, 462cdf0e10cSrcweir xCert->getIssuerName(), aCertSerial, 463cdf0e10cSrcweir aStrBuffer.makeStringAndClear()); 464cdf0e10cSrcweir 465cdf0e10cSrcweir std::vector< rtl::OUString > aElements = 466cdf0e10cSrcweir DocumentSignatureHelper::CreateElementList( 467cdf0e10cSrcweir mxStore, rtl::OUString(), meSignatureMode, OOo3_2Document); 468cdf0e10cSrcweir 469cdf0e10cSrcweir sal_Int32 nElements = aElements.size(); 470cdf0e10cSrcweir for ( sal_Int32 n = 0; n < nElements; n++ ) 471cdf0e10cSrcweir { 472cdf0e10cSrcweir bool bBinaryMode = !isXML(aElements[n]); 473cdf0e10cSrcweir maSignatureHelper.AddForSigning( nSecurityId, aElements[n], aElements[n], bBinaryMode ); 474cdf0e10cSrcweir } 475cdf0e10cSrcweir 476cdf0e10cSrcweir maSignatureHelper.SetDateTime( nSecurityId, Date(), Time() ); 477cdf0e10cSrcweir 478cdf0e10cSrcweir // We open a signature stream in which the existing and the new 479cdf0e10cSrcweir //signature is written. ImplGetSignatureInformation (later in this function) will 480cdf0e10cSrcweir //then read the stream an will fill maCurrentSignatureInformations. The final signature 481cdf0e10cSrcweir //is written when the user presses OK. Then only maCurrentSignatureInformation and 482cdf0e10cSrcweir //a sax writer are used to write the information. 483cdf0e10cSrcweir SignatureStreamHelper aStreamHelper = ImplOpenSignatureStream( 484cdf0e10cSrcweir css::embed::ElementModes::WRITE|css::embed::ElementModes::TRUNCATE, true); 485cdf0e10cSrcweir Reference< css::io::XOutputStream > xOutputStream( 486cdf0e10cSrcweir aStreamHelper.xSignatureStream, UNO_QUERY_THROW); 487cdf0e10cSrcweir Reference< css::xml::sax::XDocumentHandler> xDocumentHandler = 488cdf0e10cSrcweir maSignatureHelper.CreateDocumentHandlerWithHeader( xOutputStream ); 489cdf0e10cSrcweir 490cdf0e10cSrcweir // Export old signatures... 491cdf0e10cSrcweir int nInfos = maCurrentSignatureInformations.size(); 492cdf0e10cSrcweir for ( int n = 0; n < nInfos; n++ ) 493cdf0e10cSrcweir maSignatureHelper.ExportSignature( xDocumentHandler, maCurrentSignatureInformations[n]); 494cdf0e10cSrcweir 495cdf0e10cSrcweir // Create a new one... 496cdf0e10cSrcweir maSignatureHelper.CreateAndWriteSignature( xDocumentHandler ); 497cdf0e10cSrcweir 498cdf0e10cSrcweir // That's it... 499cdf0e10cSrcweir maSignatureHelper.CloseDocumentHandler( xDocumentHandler); 500cdf0e10cSrcweir 501cdf0e10cSrcweir maSignatureHelper.EndMission(); 502cdf0e10cSrcweir 503cdf0e10cSrcweir aStreamHelper = SignatureStreamHelper(); // release objects... 504cdf0e10cSrcweir 505cdf0e10cSrcweir mbSignaturesChanged = true; 506cdf0e10cSrcweir 507cdf0e10cSrcweir sal_Int32 nStatus = maSignatureHelper.GetSignatureInformation( nSecurityId ).nStatus; 508cdf0e10cSrcweir 509cdf0e10cSrcweir if ( nStatus == ::com::sun::star::xml::crypto::SecurityOperationStatus_OPERATION_SUCCEEDED ) 510cdf0e10cSrcweir { 511cdf0e10cSrcweir mbSignaturesChanged = true; 512cdf0e10cSrcweir 513cdf0e10cSrcweir // Can't simply remember current information, need parsing for getting full information :( 514cdf0e10cSrcweir // We need to verify the signatures again, otherwise the status in the signature information 515cdf0e10cSrcweir // will not contain 516cdf0e10cSrcweir // SecurityOperationStatus_OPERATION_SUCCEEDED 517cdf0e10cSrcweir mbVerifySignatures = true; 518cdf0e10cSrcweir ImplGetSignatureInformations(true); 519cdf0e10cSrcweir ImplFillSignaturesBox(); 520cdf0e10cSrcweir } 521cdf0e10cSrcweir } 522cdf0e10cSrcweir } 523cdf0e10cSrcweir catch ( uno::Exception& ) 524cdf0e10cSrcweir { 525cdf0e10cSrcweir DBG_ERROR( "Exception while adding a signature!" ); 526cdf0e10cSrcweir // Don't keep invalid entries... 527cdf0e10cSrcweir ImplGetSignatureInformations(true); 528cdf0e10cSrcweir ImplFillSignaturesBox(); 529cdf0e10cSrcweir } 530cdf0e10cSrcweir 531cdf0e10cSrcweir return 0; 532cdf0e10cSrcweir } 533cdf0e10cSrcweir 534cdf0e10cSrcweir IMPL_LINK( DigitalSignaturesDialog, RemoveButtonHdl, Button*, EMPTYARG ) 535cdf0e10cSrcweir { 536cdf0e10cSrcweir if (!canRemove()) 537cdf0e10cSrcweir return 0; 538cdf0e10cSrcweir if( maSignaturesLB.FirstSelected() ) 539cdf0e10cSrcweir { 540cdf0e10cSrcweir try 541cdf0e10cSrcweir { 542cdf0e10cSrcweir sal_uInt16 nSelected = (sal_uInt16) (sal_uIntPtr) maSignaturesLB.FirstSelected()->GetUserData(); 543cdf0e10cSrcweir maCurrentSignatureInformations.erase( maCurrentSignatureInformations.begin()+nSelected ); 544cdf0e10cSrcweir 545cdf0e10cSrcweir // Export all other signatures... 546cdf0e10cSrcweir SignatureStreamHelper aStreamHelper = ImplOpenSignatureStream( 547cdf0e10cSrcweir css::embed::ElementModes::WRITE | css::embed::ElementModes::TRUNCATE, true); 548cdf0e10cSrcweir Reference< css::io::XOutputStream > xOutputStream( 549cdf0e10cSrcweir aStreamHelper.xSignatureStream, UNO_QUERY_THROW); 550cdf0e10cSrcweir Reference< css::xml::sax::XDocumentHandler> xDocumentHandler = 551cdf0e10cSrcweir maSignatureHelper.CreateDocumentHandlerWithHeader( xOutputStream ); 552cdf0e10cSrcweir 553cdf0e10cSrcweir int nInfos = maCurrentSignatureInformations.size(); 554cdf0e10cSrcweir for( int n = 0 ; n < nInfos ; ++n ) 555cdf0e10cSrcweir maSignatureHelper.ExportSignature( xDocumentHandler, maCurrentSignatureInformations[ n ] ); 556cdf0e10cSrcweir 557cdf0e10cSrcweir maSignatureHelper.CloseDocumentHandler( xDocumentHandler); 558cdf0e10cSrcweir 559cdf0e10cSrcweir mbSignaturesChanged = true; 560cdf0e10cSrcweir 561cdf0e10cSrcweir aStreamHelper = SignatureStreamHelper(); // release objects... 562cdf0e10cSrcweir 563cdf0e10cSrcweir ImplFillSignaturesBox(); 564cdf0e10cSrcweir } 565cdf0e10cSrcweir catch ( uno::Exception& ) 566cdf0e10cSrcweir { 567cdf0e10cSrcweir DBG_ERROR( "Exception while removing a signature!" ); 568cdf0e10cSrcweir // Don't keep invalid entries... 569cdf0e10cSrcweir ImplGetSignatureInformations(true); 570cdf0e10cSrcweir ImplFillSignaturesBox(); 571cdf0e10cSrcweir } 572cdf0e10cSrcweir } 573cdf0e10cSrcweir 574cdf0e10cSrcweir return 0; 575cdf0e10cSrcweir } 576cdf0e10cSrcweir 577cdf0e10cSrcweir IMPL_LINK( DigitalSignaturesDialog, StartVerifySignatureHdl, void*, EMPTYARG ) 578cdf0e10cSrcweir { 579cdf0e10cSrcweir return mbVerifySignatures ? 1 : 0; 580cdf0e10cSrcweir } 581cdf0e10cSrcweir 582cdf0e10cSrcweir void DigitalSignaturesDialog::ImplFillSignaturesBox() 583cdf0e10cSrcweir { 584cdf0e10cSrcweir maSignaturesLB.Clear(); 585cdf0e10cSrcweir 586cdf0e10cSrcweir uno::Reference< ::com::sun::star::xml::crypto::XSecurityEnvironment > xSecEnv = maSignatureHelper.GetSecurityEnvironment(); 587cdf0e10cSrcweir uno::Reference<com::sun::star::security::XSerialNumberAdapter> xSerialNumberAdapter = 588cdf0e10cSrcweir ::com::sun::star::security::SerialNumberAdapter::create(mxCtx); 589cdf0e10cSrcweir 590cdf0e10cSrcweir uno::Reference< ::com::sun::star::security::XCertificate > xCert; 591cdf0e10cSrcweir 592cdf0e10cSrcweir String aNullStr; 593cdf0e10cSrcweir int nInfos = maCurrentSignatureInformations.size(); 594cdf0e10cSrcweir int nValidSigs = 0, nValidCerts = 0; 595cdf0e10cSrcweir bool bAllNewSignatures = true; 596cdf0e10cSrcweir 597cdf0e10cSrcweir if( nInfos ) 598cdf0e10cSrcweir { 599cdf0e10cSrcweir for( int n = 0; n < nInfos; ++n ) 600cdf0e10cSrcweir { 601cdf0e10cSrcweir DocumentSignatureAlgorithm mode = DocumentSignatureHelper::getDocumentAlgorithm( 602cdf0e10cSrcweir m_sODFVersion, maCurrentSignatureInformations[n]); 603cdf0e10cSrcweir std::vector< rtl::OUString > aElementsToBeVerified = 604cdf0e10cSrcweir DocumentSignatureHelper::CreateElementList( 605cdf0e10cSrcweir mxStore, ::rtl::OUString(), meSignatureMode, mode); 606cdf0e10cSrcweir 607cdf0e10cSrcweir const SignatureInformation& rInfo = maCurrentSignatureInformations[n]; 608cdf0e10cSrcweir //First we try to get the certificate which is embedded in the XML Signature 609cdf0e10cSrcweir if (rInfo.ouX509Certificate.getLength()) 610cdf0e10cSrcweir xCert = xSecEnv->createCertificateFromAscii(rInfo.ouX509Certificate); 611cdf0e10cSrcweir else { 612cdf0e10cSrcweir //There must be an embedded certificate because we use it to get the 613cdf0e10cSrcweir //issuer name. We cannot use /Signature/KeyInfo/X509Data/X509IssuerName 614cdf0e10cSrcweir //because it could be modified by an attacker. The issuer is displayed 615cdf0e10cSrcweir //in the digital signature dialog. 616cdf0e10cSrcweir //Comparing the X509IssuerName with the one from the X509Certificate in order 617cdf0e10cSrcweir //to find out if the X509IssuerName was modified does not work. See #i62684 618cdf0e10cSrcweir DBG_ASSERT(sal_False, "Could not find embedded certificate!"); 619cdf0e10cSrcweir } 620cdf0e10cSrcweir 621cdf0e10cSrcweir //In case there is no embedded certificate we try to get it from a local store 622cdf0e10cSrcweir //Todo: This probably could be removed, see above. 623cdf0e10cSrcweir if (!xCert.is()) 624cdf0e10cSrcweir xCert = xSecEnv->getCertificate( rInfo.ouX509IssuerName, xSerialNumberAdapter->toSequence( rInfo.ouX509SerialNumber ) ); 625cdf0e10cSrcweir 626cdf0e10cSrcweir DBG_ASSERT( xCert.is(), "Certificate not found and can't be created!" ); 627cdf0e10cSrcweir 628cdf0e10cSrcweir String aSubject; 629cdf0e10cSrcweir String aIssuer; 630cdf0e10cSrcweir String aDateTimeStr; 631cdf0e10cSrcweir 632cdf0e10cSrcweir bool bSigValid = false; 633cdf0e10cSrcweir bool bCertValid = false; 634cdf0e10cSrcweir if( xCert.is() ) 635cdf0e10cSrcweir { 636cdf0e10cSrcweir //check the validity of the cert 637cdf0e10cSrcweir try { 638cdf0e10cSrcweir sal_Int32 certResult = xSecEnv->verifyCertificate(xCert, 639cdf0e10cSrcweir Sequence<css::uno::Reference<css::security::XCertificate> >()); 640cdf0e10cSrcweir 641cdf0e10cSrcweir bCertValid = certResult == css::security::CertificateValidity::VALID ? true : false; 642cdf0e10cSrcweir if ( bCertValid ) 643cdf0e10cSrcweir nValidCerts++; 644cdf0e10cSrcweir 645cdf0e10cSrcweir } catch (css::uno::SecurityException& ) { 646cdf0e10cSrcweir OSL_ENSURE(0, "Verification of certificate failed"); 647cdf0e10cSrcweir bCertValid = false; 648cdf0e10cSrcweir } 649cdf0e10cSrcweir 650cdf0e10cSrcweir aSubject = XmlSec::GetContentPart( xCert->getSubjectName() ); 651cdf0e10cSrcweir aIssuer = XmlSec::GetContentPart( xCert->getIssuerName() ); 652cdf0e10cSrcweir // --> PB 2004-10-12 #i20172# String with date and time information 653cdf0e10cSrcweir aDateTimeStr = XmlSec::GetDateTimeString( rInfo.stDateTime ); 654cdf0e10cSrcweir } 655cdf0e10cSrcweir bSigValid = ( rInfo.nStatus == ::com::sun::star::xml::crypto::SecurityOperationStatus_OPERATION_SUCCEEDED ); 656cdf0e10cSrcweir 657cdf0e10cSrcweir if ( bSigValid ) 658cdf0e10cSrcweir { 659cdf0e10cSrcweir bSigValid = DocumentSignatureHelper::checkIfAllFilesAreSigned( 660cdf0e10cSrcweir aElementsToBeVerified, rInfo, mode); 661cdf0e10cSrcweir 662cdf0e10cSrcweir if( bSigValid ) 663cdf0e10cSrcweir nValidSigs++; 664cdf0e10cSrcweir } 665cdf0e10cSrcweir 666cdf0e10cSrcweir Image aImage; 667cdf0e10cSrcweir if (!bSigValid) 668cdf0e10cSrcweir { 669cdf0e10cSrcweir aImage = maSigsInvalidImg.GetImage(); 670cdf0e10cSrcweir } 671cdf0e10cSrcweir else if (bSigValid && !bCertValid) 672cdf0e10cSrcweir { 673cdf0e10cSrcweir aImage = maSigsNotvalidatedImg.GetImage(); 674cdf0e10cSrcweir } 675cdf0e10cSrcweir //Check if the signature is a "old" document signature, that is, which was created 676cdf0e10cSrcweir //by an version of OOo previous to 3.2 677cdf0e10cSrcweir else if (meSignatureMode == SignatureModeDocumentContent 678cdf0e10cSrcweir && bSigValid && bCertValid && !DocumentSignatureHelper::isOOo3_2_Signature( 679cdf0e10cSrcweir maCurrentSignatureInformations[n])) 680cdf0e10cSrcweir { 681cdf0e10cSrcweir aImage = maSigsNotvalidatedImg.GetImage(); 682cdf0e10cSrcweir bAllNewSignatures &= false; 683cdf0e10cSrcweir } 684cdf0e10cSrcweir else if (meSignatureMode == SignatureModeDocumentContent 685cdf0e10cSrcweir && bSigValid && bCertValid && DocumentSignatureHelper::isOOo3_2_Signature( 686cdf0e10cSrcweir maCurrentSignatureInformations[n])) 687cdf0e10cSrcweir { 688cdf0e10cSrcweir aImage = maSigsValidImg.GetImage(); 689cdf0e10cSrcweir } 690cdf0e10cSrcweir else if (meSignatureMode == SignatureModeMacros 691cdf0e10cSrcweir && bSigValid && bCertValid) 692cdf0e10cSrcweir { 693cdf0e10cSrcweir aImage = aImage = maSigsValidImg.GetImage(); 694cdf0e10cSrcweir } 695cdf0e10cSrcweir 696cdf0e10cSrcweir SvLBoxEntry* pEntry = maSignaturesLB.InsertEntry( aNullStr, aImage, aImage ); 697cdf0e10cSrcweir maSignaturesLB.SetEntryText( aSubject, pEntry, 1 ); 698cdf0e10cSrcweir maSignaturesLB.SetEntryText( aIssuer, pEntry, 2 ); 699cdf0e10cSrcweir maSignaturesLB.SetEntryText( aDateTimeStr, pEntry, 3 ); 700cdf0e10cSrcweir pEntry->SetUserData( ( void* ) n ); // missuse user data as index 701cdf0e10cSrcweir } 702cdf0e10cSrcweir } 703cdf0e10cSrcweir 704cdf0e10cSrcweir bool bAllSigsValid = (nValidSigs == nInfos); 705cdf0e10cSrcweir bool bAllCertsValid = (nValidCerts == nInfos); 706cdf0e10cSrcweir bool bShowValidState = nInfos && (bAllSigsValid && bAllCertsValid && bAllNewSignatures); 707cdf0e10cSrcweir 708cdf0e10cSrcweir bool bShowNotValidatedState = nInfos && (bAllSigsValid && (!bAllCertsValid || !bAllNewSignatures)); 709cdf0e10cSrcweir bool bShowInvalidState = nInfos && !bAllSigsValid; 710cdf0e10cSrcweir 711cdf0e10cSrcweir maSigsValidImg.Show( bShowValidState); 712cdf0e10cSrcweir maSigsValidFI.Show( bShowValidState ); 713cdf0e10cSrcweir maSigsInvalidImg.Show( bShowInvalidState ); 714cdf0e10cSrcweir maSigsInvalidFI.Show( bShowInvalidState ); 715cdf0e10cSrcweir 716cdf0e10cSrcweir maSigsNotvalidatedImg.Show(bShowNotValidatedState); 717cdf0e10cSrcweir //bAllNewSignatures is always true if we are not in document mode 718cdf0e10cSrcweir maSigsNotvalidatedFI.Show(nInfos && bAllSigsValid && ! bAllCertsValid); 719cdf0e10cSrcweir maSigsOldSignatureFI.Show(nInfos && bAllSigsValid && bAllCertsValid && !bAllNewSignatures); 720cdf0e10cSrcweir 721cdf0e10cSrcweir SignatureHighlightHdl( NULL ); 722cdf0e10cSrcweir } 723cdf0e10cSrcweir 724cdf0e10cSrcweir 725cdf0e10cSrcweir //If bUseTempStream is true then the temporary signature stream is used. 726cdf0e10cSrcweir //Otherwise the real signature stream is used. 727cdf0e10cSrcweir void DigitalSignaturesDialog::ImplGetSignatureInformations(bool bUseTempStream) 728cdf0e10cSrcweir { 729cdf0e10cSrcweir maCurrentSignatureInformations.clear(); 730cdf0e10cSrcweir 731cdf0e10cSrcweir maSignatureHelper.StartMission(); 732cdf0e10cSrcweir 733cdf0e10cSrcweir SignatureStreamHelper aStreamHelper = ImplOpenSignatureStream( 734cdf0e10cSrcweir css::embed::ElementModes::READ, bUseTempStream); 735cdf0e10cSrcweir if ( aStreamHelper.xSignatureStream.is() ) 736cdf0e10cSrcweir { 737cdf0e10cSrcweir uno::Reference< io::XInputStream > xInputStream( aStreamHelper.xSignatureStream, uno::UNO_QUERY ); 738cdf0e10cSrcweir maSignatureHelper.ReadAndVerifySignature( xInputStream ); 739cdf0e10cSrcweir } 740cdf0e10cSrcweir maSignatureHelper.EndMission(); 741cdf0e10cSrcweir 742cdf0e10cSrcweir maCurrentSignatureInformations = maSignatureHelper.GetSignatureInformations(); 743cdf0e10cSrcweir 744cdf0e10cSrcweir mbVerifySignatures = false; 745cdf0e10cSrcweir } 746cdf0e10cSrcweir 747cdf0e10cSrcweir void DigitalSignaturesDialog::ImplShowSignaturesDetails() 748cdf0e10cSrcweir { 749cdf0e10cSrcweir if( maSignaturesLB.FirstSelected() ) 750cdf0e10cSrcweir { 751cdf0e10cSrcweir sal_uInt16 nSelected = (sal_uInt16) (sal_uIntPtr) maSignaturesLB.FirstSelected()->GetUserData(); 752cdf0e10cSrcweir const SignatureInformation& rInfo = maCurrentSignatureInformations[ nSelected ]; 753cdf0e10cSrcweir css::uno::Reference<css::xml::crypto::XSecurityEnvironment > xSecEnv = 754cdf0e10cSrcweir maSignatureHelper.GetSecurityEnvironment(); 755cdf0e10cSrcweir css::uno::Reference<com::sun::star::security::XSerialNumberAdapter> xSerialNumberAdapter = 756cdf0e10cSrcweir ::com::sun::star::security::SerialNumberAdapter::create(mxCtx); 757cdf0e10cSrcweir // Use Certificate from doc, not from key store 758cdf0e10cSrcweir uno::Reference< dcss::security::XCertificate > xCert; 759cdf0e10cSrcweir if (rInfo.ouX509Certificate.getLength()) 760cdf0e10cSrcweir xCert = xSecEnv->createCertificateFromAscii(rInfo.ouX509Certificate); 761cdf0e10cSrcweir //fallback if no certificate is embedded, get if from store 762cdf0e10cSrcweir if (!xCert.is()) 763cdf0e10cSrcweir xCert = xSecEnv->getCertificate( rInfo.ouX509IssuerName, xSerialNumberAdapter->toSequence( rInfo.ouX509SerialNumber ) ); 764cdf0e10cSrcweir 765cdf0e10cSrcweir DBG_ASSERT( xCert.is(), "Error getting cCertificate!" ); 766cdf0e10cSrcweir if ( xCert.is() ) 767cdf0e10cSrcweir { 768cdf0e10cSrcweir CertificateViewer aViewer( this, maSignatureHelper.GetSecurityEnvironment(), xCert, sal_False ); 769cdf0e10cSrcweir aViewer.Execute(); 770cdf0e10cSrcweir } 771cdf0e10cSrcweir } 772cdf0e10cSrcweir } 773cdf0e10cSrcweir 774cdf0e10cSrcweir //If bTempStream is true, then a temporary stream is return. If it is false then, the actual 775cdf0e10cSrcweir //signature stream is used. 776cdf0e10cSrcweir //Everytime the user presses Add a new temporary stream is created. 777cdf0e10cSrcweir //We keep the temporary stream as member because ImplGetSignatureInformations 778cdf0e10cSrcweir //will later access the stream to create DocumentSignatureInformation objects 779cdf0e10cSrcweir //which are stored in maCurrentSignatureInformations. 780cdf0e10cSrcweir SignatureStreamHelper DigitalSignaturesDialog::ImplOpenSignatureStream( 781cdf0e10cSrcweir sal_Int32 nStreamOpenMode, bool bTempStream) 782cdf0e10cSrcweir { 783cdf0e10cSrcweir SignatureStreamHelper aHelper; 784cdf0e10cSrcweir if (bTempStream) 785cdf0e10cSrcweir { 786cdf0e10cSrcweir if (nStreamOpenMode & css::embed::ElementModes::TRUNCATE) 787cdf0e10cSrcweir { 788cdf0e10cSrcweir //We write always into a new temporary stream. 789cdf0e10cSrcweir mxTempSignatureStream = Reference < css::io::XStream >( 790cdf0e10cSrcweir mxCtx->getServiceManager()->createInstanceWithContext( 791cdf0e10cSrcweir OUSTR( "com.sun.star.io.TempFile" ), mxCtx) , 792cdf0e10cSrcweir UNO_QUERY_THROW); 793cdf0e10cSrcweir aHelper.xSignatureStream = mxTempSignatureStream; 794cdf0e10cSrcweir } 795cdf0e10cSrcweir else 796cdf0e10cSrcweir { 797cdf0e10cSrcweir //When we read from the temp stream, then we must have previously 798cdf0e10cSrcweir //created one. 799cdf0e10cSrcweir OSL_ASSERT(mxTempSignatureStream.is()); 800cdf0e10cSrcweir } 801cdf0e10cSrcweir aHelper.xSignatureStream = mxTempSignatureStream; 802cdf0e10cSrcweir } 803cdf0e10cSrcweir else 804cdf0e10cSrcweir { 805cdf0e10cSrcweir //No temporary stream 806cdf0e10cSrcweir if (!mxSignatureStream.is()) 807cdf0e10cSrcweir { 808cdf0e10cSrcweir //We may not have a dedicated stream for writing the signature 809cdf0e10cSrcweir //So we take one directly from the storage 810cdf0e10cSrcweir //Or DocumentDigitalSignatures::showDocumentContentSignatures was called, 811cdf0e10cSrcweir //in which case Add/Remove is not allowed. This is done, for example, if the 812cdf0e10cSrcweir //document is readonly 813cdf0e10cSrcweir aHelper = DocumentSignatureHelper::OpenSignatureStream( 814cdf0e10cSrcweir mxStore, nStreamOpenMode, meSignatureMode ); 815cdf0e10cSrcweir } 816cdf0e10cSrcweir else 817cdf0e10cSrcweir { 818cdf0e10cSrcweir aHelper.xSignatureStream = mxSignatureStream; 819cdf0e10cSrcweir } 820cdf0e10cSrcweir } 821cdf0e10cSrcweir 822cdf0e10cSrcweir if (nStreamOpenMode & css::embed::ElementModes::TRUNCATE) 823cdf0e10cSrcweir { 824cdf0e10cSrcweir css::uno::Reference < css::io::XTruncate > xTruncate( 825cdf0e10cSrcweir aHelper.xSignatureStream, UNO_QUERY_THROW); 826cdf0e10cSrcweir DBG_ASSERT( xTruncate.is(), "ImplOpenSignatureStream - Stream does not support xTruncate!" ); 827cdf0e10cSrcweir xTruncate->truncate(); 828cdf0e10cSrcweir } 829cdf0e10cSrcweir else if ( bTempStream || mxSignatureStream.is()) 830cdf0e10cSrcweir { 831cdf0e10cSrcweir //In case we read the signature stream from the storage directly, 832cdf0e10cSrcweir //which is the case when DocumentDigitalSignatures::showDocumentContentSignatures 833cdf0e10cSrcweir //then XSeakable is not supported 834cdf0e10cSrcweir css::uno::Reference < css::io::XSeekable > xSeek( 835cdf0e10cSrcweir aHelper.xSignatureStream, UNO_QUERY_THROW); 836cdf0e10cSrcweir DBG_ASSERT( xSeek.is(), "ImplOpenSignatureStream - Stream does not support xSeekable!" ); 837cdf0e10cSrcweir xSeek->seek( 0 ); 838cdf0e10cSrcweir } 839cdf0e10cSrcweir 840cdf0e10cSrcweir return aHelper; 841cdf0e10cSrcweir } 842cdf0e10cSrcweir 843