xmlsecurity/inc/documentsignaturehelper.hxx            |    3 ++
 xmlsecurity/source/dialogs/digitalsignaturesdialog.cxx |    5 +++-
 xmlsecurity/source/helper/documentsignaturehelper.cxx  |   19 +++++++++++++++++
 xmlsecurity/source/helper/documentsignaturemanager.cxx |    1 
 4 files changed, 26 insertions(+), 2 deletions(-)
New commits:
commit e2378bbf4539455e445205ad868c43246ec423ed
Author: Samuel Mehrbrodt <samuel.mehrbr...@cib.de>
Date:   Mon Jun 26 12:32:48 2017 +0200

    tdf#108711 GPG key selection should only be possible for ODF >= 1.2 
documents
    
    gpg4libre
    
    Change-Id: I6dbdaefddacf55c9381d156ada20cb3f25d4b3cb
    Reviewed-on: https://gerrit.libreoffice.org/39263
    Tested-by: Jenkins <c...@libreoffice.org>
    Reviewed-by: Samuel Mehrbrodt <samuel.mehrbr...@cib.de>

diff --git a/xmlsecurity/inc/documentsignaturehelper.hxx 
b/xmlsecurity/inc/documentsignaturehelper.hxx
index c2b5b85e34a2..a8f3cb1f5d40 100644
--- a/xmlsecurity/inc/documentsignaturehelper.hxx
+++ b/xmlsecurity/inc/documentsignaturehelper.hxx
@@ -81,6 +81,9 @@ namespace DocumentSignatureHelper
     DocumentSignatureAlgorithm getDocumentAlgorithm(
         const OUString & sODFVersion, const SignatureInformation & sigInfo);
 
+    bool CanSignWithGPG(const css::uno::Reference < css::embed::XStorage >& 
rxStore,
+                        const OUString& sOdfVersion);
+
     bool checkIfAllFilesAreSigned( const ::std::vector< OUString > & 
sElementList,
         const SignatureInformation & sigInfo, const DocumentSignatureAlgorithm 
alg);
 
diff --git a/xmlsecurity/source/dialogs/digitalsignaturesdialog.cxx 
b/xmlsecurity/source/dialogs/digitalsignaturesdialog.cxx
index 3437b1255598..b3984acf548e 100644
--- a/xmlsecurity/source/dialogs/digitalsignaturesdialog.cxx
+++ b/xmlsecurity/source/dialogs/digitalsignaturesdialog.cxx
@@ -25,6 +25,7 @@
 
 #include <com/sun/star/embed/XStorage.hpp>
 #include <com/sun/star/embed/ElementModes.hpp>
+#include <com/sun/star/embed/StorageFormats.hpp>
 #include <com/sun/star/container/XNameAccess.hpp>
 #include <com/sun/star/lang/XComponent.hpp>
 #include <com/sun/star/security/NoPasswordException.hpp>
@@ -401,7 +402,9 @@ IMPL_LINK_NOARG(DigitalSignaturesDialog, AddButtonHdl, 
Button*, void)
     {
         std::vector<uno::Reference<xml::crypto::XXMLSecurityContext>> 
xSecContexts;
         xSecContexts.push_back(maSignatureManager.getSecurityContext());
-        xSecContexts.push_back(maSignatureManager.getGpgSecurityContext());
+        // Gpg signing is only possible with ODF >= 1.2 documents
+        if 
(DocumentSignatureHelper::CanSignWithGPG(maSignatureManager.mxStore, 
m_sODFVersion))
+            xSecContexts.push_back(maSignatureManager.getGpgSecurityContext());
 
         ScopedVclPtrInstance< CertificateChooser > aChooser( this, mxCtx, 
xSecContexts );
         if ( aChooser->Execute() == RET_OK )
diff --git a/xmlsecurity/source/helper/documentsignaturehelper.cxx 
b/xmlsecurity/source/helper/documentsignaturehelper.cxx
index 618b69445222..161f36e4ed66 100644
--- a/xmlsecurity/source/helper/documentsignaturehelper.cxx
+++ b/xmlsecurity/source/helper/documentsignaturehelper.cxx
@@ -403,6 +403,25 @@ SignatureStreamHelper 
DocumentSignatureHelper::OpenSignatureStream(
     return aHelper;
 }
 
+/** Check whether the current file can be signed with GPG (only ODF >= 1.2 can 
currently) */
+bool DocumentSignatureHelper::CanSignWithGPG(
+    const Reference < css::embed::XStorage >& rxStore,
+    const OUString& sOdfVersion)
+{
+    uno::Reference<container::XNameAccess> xNameAccess(rxStore, 
uno::UNO_QUERY);
+    if (!xNameAccess.is())
+        throw RuntimeException();
+
+    if (xNameAccess->hasByName("META-INF")) // ODF
+    {
+        return !isODFPre_1_2(sOdfVersion);
+    }
+
+    return false;
+}
+
+
+
 //sElementList contains all files which are expected to be signed. Only those 
files must me signed,
 //no more, no less.
 //The DocumentSignatureAlgorithm indicates if the document was created with 
OOo 2.x. Then
diff --git a/xmlsecurity/source/helper/documentsignaturemanager.cxx 
b/xmlsecurity/source/helper/documentsignaturemanager.cxx
index ee863e4c2530..41f7e5594cf2 100644
--- a/xmlsecurity/source/helper/documentsignaturemanager.cxx
+++ b/xmlsecurity/source/helper/documentsignaturemanager.cxx
@@ -269,7 +269,6 @@ bool DocumentSignatureManager::add(const 
uno::Reference<security::XCertificate>&
     if (xServiceInfo->getImplementationName() == 
"com.sun.star.xml.security.gpg.XMLSecurityContext_GpgImpl")
     {
         // GPG keys only really have PGPKeyId and PGPKeyPacket
-        // TODO: prevent selection of gpg keys for pdfs and ooxml early on!
         if (!mxStore.is())
         {
             SAL_WARN("xmlsecurity.helper", "cannot sign pdfs with GPG keys");
_______________________________________________
Libreoffice-commits mailing list
libreoffice-comm...@lists.freedesktop.org
https://lists.freedesktop.org/mailman/listinfo/libreoffice-commits

Reply via email to