xmlsecurity/inc/certificatechooser.hxx | 7 +++-
xmlsecurity/inc/digitalsignaturesdialog.hxx | 2 +
xmlsecurity/source/component/documentdigitalsignatures.cxx | 2 -
xmlsecurity/source/dialogs/certificatechooser.cxx | 20 ++++++++++++-
xmlsecurity/source/dialogs/digitalsignaturesdialog.cxx | 3 +
5 files changed, 30 insertions(+), 4 deletions(-)
New commits:
commit a581dbf9829d8407a611907c35c8af632b1397b5
Author: Miklos Vajna <vmik...@collabora.com>
AuthorDate: Fri Sep 27 08:12:04 2024 +0200
Commit: Miklos Vajna <vmik...@collabora.com>
CommitDate: Fri Sep 27 10:01:30 2024 +0200
cool#9992 lok doc sign: only take sign cert from the view in the cert
chooser
Have two views, in case both of them haver sign certs configured in the
NSS database, then the cert chooser would present both, which is not
wanted.
The problem is that the NSS database contains sign certs from all views,
so working from the database is not what we want for the LOK case.
Fix the problem by passing the SfxViewShell from the sign dialog to the
certificate chooser dialog, and then the chooser can work from the view
in LOK mode.
Searching for other uses of getPersonalCertificates(), the comphelper/
one is not relevant for the LOK case (gpg is disabled there); the PDF
case is only for the UNO API, so those don't necessarily need adjusting.
Change-Id: Ic7027b8d218b2bde3c8bf134a4b11c14fd9c3570
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/174002
Reviewed-by: Miklos Vajna <vmik...@collabora.com>
Tested-by: Jenkins
diff --git a/xmlsecurity/inc/certificatechooser.hxx
b/xmlsecurity/inc/certificatechooser.hxx
index 9f7b2e2407d5..dbed2ce5c225 100644
--- a/xmlsecurity/inc/certificatechooser.hxx
+++ b/xmlsecurity/inc/certificatechooser.hxx
@@ -33,6 +33,8 @@ namespace com::sun::star {
namespace com::sun::star::xml::crypto { class XXMLSecurityContext; }
+class SfxViewShell;
+
struct CertificateChooserUserData
{
css::uno::Reference<css::security::XCertificate> xCertificate;
@@ -55,6 +57,7 @@ private:
bool mbInitialized;
CertificateChooserUserAction const meAction;
+ SfxViewShell* m_pViewShell;
OUString msPreferredKey;
css::uno::Reference<css::security::XCertificate> mxEncryptToSelf;
@@ -85,11 +88,13 @@ private:
public:
CertificateChooser(weld::Window* pParent,
+ SfxViewShell* pViewShell,
std::vector< css::uno::Reference<
css::xml::crypto::XXMLSecurityContext > > && rxSecurityContexts,
CertificateChooserUserAction eAction);
virtual ~CertificateChooser() override;
static std::unique_ptr<CertificateChooser> getInstance(weld::Window*
_pParent,
+ SfxViewShell* pViewShell,
std::vector< css::uno::Reference<
css::xml::crypto::XXMLSecurityContext > > && rxSecurityContexts,
CertificateChooserUserAction eAction) {
// Don't reuse CertificateChooser instances
@@ -100,7 +105,7 @@ public:
// in the Digital Signatures dialog
// 2. File > Save As the document, check the "Encrypt with GPG key"
// checkbox, press Encrypt, and crash in Dialog::ImplStartExecute()
- return std::make_unique<CertificateChooser>(_pParent,
std::move(rxSecurityContexts), eAction);
+ return std::make_unique<CertificateChooser>(_pParent, pViewShell,
std::move(rxSecurityContexts), eAction);
}
short run() override;
diff --git a/xmlsecurity/inc/digitalsignaturesdialog.hxx
b/xmlsecurity/inc/digitalsignaturesdialog.hxx
index 11331ff7db36..ad0db53720f8 100644
--- a/xmlsecurity/inc/digitalsignaturesdialog.hxx
+++ b/xmlsecurity/inc/digitalsignaturesdialog.hxx
@@ -52,6 +52,8 @@ private:
bool m_bAdESCompliant = true;
+ SfxViewShell* m_pViewShell;
+
std::unique_ptr<weld::Label> m_xHintDocFT;
std::unique_ptr<weld::Label> m_xHintBasicFT;
std::unique_ptr<weld::TreeView> m_xSignaturesLB;
diff --git a/xmlsecurity/source/component/documentdigitalsignatures.cxx
b/xmlsecurity/source/component/documentdigitalsignatures.cxx
index af6551d7c7e5..3e6ed32bf493 100644
--- a/xmlsecurity/source/component/documentdigitalsignatures.cxx
+++ b/xmlsecurity/source/component/documentdigitalsignatures.cxx
@@ -651,7 +651,7 @@
DocumentDigitalSignatures::chooseCertificatesImpl(std::map<OUString, OUString>&
xSecContexts.push_back(aSignatureManager.getGpgSecurityContext());
}
- std::unique_ptr<CertificateChooser> aChooser =
CertificateChooser::getInstance(Application::GetFrameWeld(mxParentWindow),
std::move(xSecContexts), eAction);
+ std::unique_ptr<CertificateChooser> aChooser =
CertificateChooser::getInstance(Application::GetFrameWeld(mxParentWindow),
nullptr, std::move(xSecContexts), eAction);
if (aChooser->run() != RET_OK)
return { Reference< css::security::XCertificate >(nullptr) };
diff --git a/xmlsecurity/source/dialogs/certificatechooser.cxx
b/xmlsecurity/source/dialogs/certificatechooser.cxx
index e612027ba759..74ee62475fc0 100644
--- a/xmlsecurity/source/dialogs/certificatechooser.cxx
+++ b/xmlsecurity/source/dialogs/certificatechooser.cxx
@@ -26,6 +26,8 @@
#include <comphelper/processfactory.hxx>
#include <comphelper/sequence.hxx>
#include <comphelper/xmlsechelper.hxx>
+#include <comphelper/lok.hxx>
+#include <sfx2/viewsh.hxx>
#include <com/sun/star/security/NoPasswordException.hpp>
#include <com/sun/star/security/CertificateCharacters.hpp>
@@ -42,10 +44,12 @@ using namespace comphelper;
using namespace css;
CertificateChooser::CertificateChooser(weld::Window* _pParent,
+ SfxViewShell* pViewShell,
std::vector< css::uno::Reference<
css::xml::crypto::XXMLSecurityContext > > && rxSecurityContexts,
CertificateChooserUserAction eAction)
: GenericDialogController(_pParent,
u"xmlsec/ui/selectcertificatedialog.ui"_ustr, u"SelectCertificateDialog"_ustr)
, meAction(eAction)
+ , m_pViewShell(pViewShell)
, m_xFTSign(m_xBuilder->weld_label(u"sign"_ustr))
, m_xFTEncrypt(m_xBuilder->weld_label(u"encrypt"_ustr))
, m_xFTLoadedCerts(m_xBuilder->weld_label(u"loaded-certs"_ustr))
@@ -206,7 +210,21 @@ void CertificateChooser::ImplInitialize(bool mbSearch)
else
{
if (meAction == CertificateChooserUserAction::Sign || meAction
== CertificateChooserUserAction::SelectSign)
- xCerts = secEnvironment->getPersonalCertificates();
+ {
+ if (comphelper::LibreOfficeKit::isActive())
+ {
+ // The LOK case takes the signing certificate from the
view.
+ if (m_pViewShell &&
m_pViewShell->GetSigningCertificate().is())
+ {
+ xCerts = { m_pViewShell->GetSigningCertificate() };
+ }
+ }
+ else
+ {
+ // Otherwise working from the system cert store is OK.
+ xCerts = secEnvironment->getPersonalCertificates();
+ }
+ }
else
// Currently (master 2024-07) all X.509 implementations
(nss+mscrypt) give an empty list.
xCerts = secEnvironment->getAllCertificates();
diff --git a/xmlsecurity/source/dialogs/digitalsignaturesdialog.cxx
b/xmlsecurity/source/dialogs/digitalsignaturesdialog.cxx
index 4dcd9d387ccc..ba6c5343ead7 100644
--- a/xmlsecurity/source/dialogs/digitalsignaturesdialog.cxx
+++ b/xmlsecurity/source/dialogs/digitalsignaturesdialog.cxx
@@ -200,6 +200,7 @@ DigitalSignaturesDialog::DigitalSignaturesDialog(
, m_sODFVersion (std::move(sODFVersion))
, m_bHasDocumentSignature(bHasDocumentSignature)
, m_bWarningShowSignMacro(false)
+ , m_pViewShell(pViewShell)
, m_xHintDocFT(m_xBuilder->weld_label(u"dochint"_ustr))
, m_xHintBasicFT(m_xBuilder->weld_label(u"macrohint"_ustr))
, m_xSignaturesLB(m_xBuilder->weld_tree_view(u"signatures"_ustr))
@@ -491,7 +492,7 @@ IMPL_LINK_NOARG(DigitalSignaturesDialog, AddButtonHdl,
weld::Button&, void)
if
(DocumentSignatureHelper::CanSignWithGPG(maSignatureManager.getStore(),
m_sODFVersion))
xSecContexts.push_back(maSignatureManager.getGpgSecurityContext());
- std::unique_ptr<CertificateChooser> aChooser =
CertificateChooser::getInstance(m_xDialog.get(), std::move(xSecContexts),
CertificateChooserUserAction::Sign);
+ std::unique_ptr<CertificateChooser> aChooser =
CertificateChooser::getInstance(m_xDialog.get(), m_pViewShell,
std::move(xSecContexts), CertificateChooserUserAction::Sign);
while (aChooser->run() == RET_OK)
{
sal_Int32 nSecurityId;
