desktop/source/lib/init.cxx | 94 +++++++++++++++++++++++++++++++++++++++++--- 1 file changed, 88 insertions(+), 6 deletions(-)
New commits: commit d7a88b902af983145b196990949e89420e5bc4cf Author: Tomaž Vajngerl <tomaz.vajng...@collabora.co.uk> AuthorDate: Thu Nov 29 21:53:48 2018 +0100 Commit: Tomaž Vajngerl <qui...@gmail.com> CommitDate: Sat Dec 1 09:07:33 2018 +0100 Add SolarMutexGuard where needed When triggering rechecking of signature status, an assert fails and brings down the program because we don't hold a SolarMutex. The rechecking of signature status needs to broadcasts. Change-Id: Ib500b06d2e191465df1e0da2097ddb1b6b06725a Reviewed-on: https://gerrit.libreoffice.org/64292 Tested-by: Jenkins Reviewed-by: Tomaž Vajngerl <qui...@gmail.com> diff --git a/desktop/source/lib/init.cxx b/desktop/source/lib/init.cxx index d96c7737157d..f235728e65bb 100644 --- a/desktop/source/lib/init.cxx +++ b/desktop/source/lib/init.cxx @@ -3802,6 +3802,8 @@ static bool doc_insertCertificate(LibreOfficeKitDocument* pThis, if (!xCertificate.is()) return false; + SolarMutexGuard aGuard; + return pObjectShell->SignDocumentContentUsingCertificate(xCertificate); } @@ -3879,6 +3881,8 @@ static int doc_getSignatureState(LibreOfficeKitDocument* pThis) if (!pObjectShell) return int(SignatureState::UNKNOWN); + SolarMutexGuard aGuard; + pObjectShell->RecheckSignature(false); return int(pObjectShell->GetDocumentSignatureState()); commit d69edca3e004ab8669b3363b4755da8bb42f62fc Author: Tomaž Vajngerl <tomaz.vajng...@collabora.co.uk> AuthorDate: Thu Nov 29 21:52:26 2018 +0100 Commit: Tomaž Vajngerl <qui...@gmail.com> CommitDate: Sat Dec 1 09:07:25 2018 +0100 lokit: convert PEM certificate to DER if it is detected as such Change-Id: I1ae105067c109a32f4acc34749b425d9e4e26514 Reviewed-on: https://gerrit.libreoffice.org/64291 Tested-by: Jenkins Reviewed-by: Tomaž Vajngerl <qui...@gmail.com> diff --git a/desktop/source/lib/init.cxx b/desktop/source/lib/init.cxx index a7ce8182ebd1..d96c7737157d 100644 --- a/desktop/source/lib/init.cxx +++ b/desktop/source/lib/init.cxx @@ -48,6 +48,7 @@ #include <comphelper/propertysequence.hxx> #include <comphelper/scopeguard.hxx> #include <comphelper/threadpool.hxx> +#include <comphelper/base64.hxx> #include <com/sun/star/beans/XPropertySet.hpp> #include <com/sun/star/container/XNameAccess.hpp> @@ -526,6 +527,48 @@ int lcl_getViewId(const std::string& payload) return 0; } +std::string extractCertificate(const std::string & certificate) +{ + const std::string header("-----BEGIN CERTIFICATE-----"); + const std::string footer("-----END CERTIFICATE-----"); + + std::string result; + + size_t pos1 = certificate.find(header); + if (pos1 == std::string::npos) + return result; + + size_t pos2 = certificate.find(footer, pos1 + 1); + if (pos2 == std::string::npos) + return result; + + pos1 = pos1 + header.length(); + pos2 = pos2 - pos1; + + return certificate.substr(pos1, pos2); +} + +std::string extractPrivateKey(const std::string & privateKey) +{ + const std::string header("-----BEGIN PRIVATE KEY-----"); + const std::string footer("-----END PRIVATE KEY-----"); + + std::string result; + + size_t pos1 = privateKey.find(header); + if (pos1 == std::string::npos) + return result; + + size_t pos2 = privateKey.find(footer, pos1 + 1); + if (pos2 == std::string::npos) + return result; + + pos1 = pos1 + header.length(); + pos2 = pos2 - pos1; + + return privateKey.substr(pos1, pos2); +} + } // end anonymous namespace // Could be anonymous in principle, but for the unit testing purposes, we @@ -3724,11 +3767,34 @@ static bool doc_insertCertificate(LibreOfficeKitDocument* pThis, if (!xCertificateCreator.is()) return false; - uno::Sequence<sal_Int8> aCertificateSequence(nCertificateBinarySize); - std::copy(pCertificateBinary, pCertificateBinary + nCertificateBinarySize, aCertificateSequence.begin()); + uno::Sequence<sal_Int8> aCertificateSequence; - uno::Sequence<sal_Int8> aPrivateKeySequence(nPrivateKeySize); - std::copy(pPrivateKeyBinary, pPrivateKeyBinary + nPrivateKeySize, aPrivateKeySequence.begin()); + std::string aCertificateString(reinterpret_cast<const char*>(pCertificateBinary), nCertificateBinarySize); + std::string aCertificateBase64String = extractCertificate(aCertificateString); + if (!aCertificateBase64String.empty()) + { + OUString aBase64OUString = OUString::createFromAscii(aCertificateBase64String.c_str()); + comphelper::Base64::decode(aCertificateSequence, aBase64OUString); + } + else + { + aCertificateSequence.realloc(nCertificateBinarySize); + std::copy(pCertificateBinary, pCertificateBinary + nCertificateBinarySize, aCertificateSequence.begin()); + } + + uno::Sequence<sal_Int8> aPrivateKeySequence; + std::string aPrivateKeyString(reinterpret_cast<const char*>(pPrivateKeyBinary), nPrivateKeySize); + std::string aPrivateKeyBase64String = extractPrivateKey(aPrivateKeyString); + if (!aPrivateKeyBase64String.empty()) + { + OUString aBase64OUString = OUString::createFromAscii(aPrivateKeyBase64String.c_str()); + comphelper::Base64::decode(aPrivateKeySequence, aBase64OUString); + } + else + { + aPrivateKeySequence.realloc(nPrivateKeySize); + std::copy(pPrivateKeyBinary, pPrivateKeyBinary + nPrivateKeySize, aPrivateKeySequence.begin()); + } uno::Reference<security::XCertificate> xCertificate; xCertificate = xCertificateCreator->createDERCertificateWithPrivateKey(aCertificateSequence, aPrivateKeySequence); @@ -3772,8 +3838,20 @@ static bool doc_addCertificate(LibreOfficeKitDocument* pThis, if (!xCertificateCreator.is()) return false; - uno::Sequence<sal_Int8> aCertificateSequence(nCertificateBinarySize); - std::copy(pCertificateBinary, pCertificateBinary + nCertificateBinarySize, aCertificateSequence.begin()); + uno::Sequence<sal_Int8> aCertificateSequence; + + std::string aCertificateString(reinterpret_cast<const char*>(pCertificateBinary), nCertificateBinarySize); + std::string aCertificateBase64String = extractCertificate(aCertificateString); + if (!aCertificateBase64String.empty()) + { + OUString aBase64OUString = OUString::createFromAscii(aCertificateBase64String.c_str()); + comphelper::Base64::decode(aCertificateSequence, aBase64OUString); + } + else + { + aCertificateSequence.realloc(nCertificateBinarySize); + std::copy(pCertificateBinary, pCertificateBinary + nCertificateBinarySize, aCertificateSequence.begin()); + } uno::Reference<security::XCertificate> xCertificate; xCertificate = xCertificateCreator->addDERCertificateToTheDatabase(aCertificateSequence, "TCu,Cu,Tu"); _______________________________________________ Libreoffice-commits mailing list libreoffice-comm...@lists.freedesktop.org https://lists.freedesktop.org/mailman/listinfo/libreoffice-commits