diff options
author | Samuel Mehrbrodt <Samuel.Mehrbrodt@cib.de> | 2020-03-23 12:11:24 +0100 |
---|---|---|
committer | Samuel Mehrbrodt <Samuel.Mehrbrodt@cib.de> | 2020-03-23 16:14:12 +0100 |
commit | f2f93434f4795646255e5d8edd31fa08b8b2ffab (patch) | |
tree | 579a427067eebd928cf1b162d8fc6eca40810e5c /dbaccess | |
parent | python3: upgrade to release 3.7.7 (diff) | |
download | core-f2f93434f4795646255e5d8edd31fa08b8b2ffab.tar.gz core-f2f93434f4795646255e5d8edd31fa08b8b2ffab.zip |
Related tdf#97694 Check Base macro signatures on load
Change-Id: I45c6eae633c41585c6c7e4c5fff0b187a6dc1f60
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/90908
Tested-by: Jenkins
Reviewed-by: Samuel Mehrbrodt <Samuel.Mehrbrodt@cib.de>
Diffstat (limited to 'dbaccess')
-rw-r--r-- | dbaccess/source/core/dataaccess/ModelImpl.cxx | 56 | ||||
-rw-r--r-- | dbaccess/source/core/inc/ModelImpl.hxx | 2 |
2 files changed, 54 insertions, 4 deletions
diff --git a/dbaccess/source/core/dataaccess/ModelImpl.cxx b/dbaccess/source/core/dataaccess/ModelImpl.cxx index c446950afa54..35a4f8f83f71 100644 --- a/dbaccess/source/core/dataaccess/ModelImpl.cxx +++ b/dbaccess/source/core/dataaccess/ModelImpl.cxx @@ -36,10 +36,15 @@ #include <com/sun/star/script/DocumentScriptLibraryContainer.hpp> #include <com/sun/star/script/DocumentDialogLibraryContainer.hpp> #include <com/sun/star/util/NumberFormatsSupplier.hpp> +#include <com/sun/star/security/DocumentDigitalSignatures.hpp> +#include <com/sun/star/security/XDocumentDigitalSignatures.hpp> #include <cppuhelper/exc_hlp.hxx> #include <cppuhelper/implbase.hxx> +#include <comphelper/documentinfo.hxx> +#include <comphelper/storagehelper.hxx> #include <comphelper/types.hxx> +#include <comphelper/processfactory.hxx> #include <sfx2/signaturestate.hxx> #include <tools/diagnose_ex.h> #include <osl/diagnose.h> @@ -50,6 +55,7 @@ #include <algorithm> +using namespace css; using namespace ::com::sun::star::document; using namespace ::com::sun::star::sdbc; using namespace ::com::sun::star::sdbcx; @@ -353,6 +359,7 @@ ODatabaseModelImpl::ODatabaseModelImpl( const Reference< XComponentContext >& _r ,m_aEmbeddedMacros() ,m_bModificationLock( false ) ,m_bDocumentInitialized( false ) + ,m_nScriptingSignatureState(SignatureState::UNKNOWN) ,m_aContext( _rxContext ) ,m_nLoginTimeout(0) ,m_bReadOnly(false) @@ -1271,13 +1278,54 @@ Reference< XEmbeddedScripts > ODatabaseModelImpl::getEmbeddedDocumentScripts() c SignatureState ODatabaseModelImpl::getScriptingSignatureState() { // no support for signatures at the moment - return SignatureState::NOSIGNATURES; + return m_nScriptingSignatureState; } -bool ODatabaseModelImpl::hasTrustedScriptingSignature( bool /*bAllowUIToAddAuthor*/ ) +bool ODatabaseModelImpl::hasTrustedScriptingSignature(bool /*bAllowUIToAddAuthor*/) { - // no support for signatures at the moment - return false; + bool bResult = false; + + try + { + // Don't use m_xDocumentStorage, that somehow has an incomplete storage representation + // which leads to signatures not being found + Reference<XStorage> xStorage = comphelper::OStorageHelper::GetStorageOfFormatFromURL( + ZIP_STORAGE_FORMAT_STRING, m_sDocFileLocation, ElementModes::READ); + OUString aVersion; + try + { + uno::Reference<beans::XPropertySet> xPropSet(xStorage, uno::UNO_QUERY_THROW); + xPropSet->getPropertyValue("Version") >>= aVersion; + } + catch (uno::Exception&) + { + } + + uno::Reference<security::XDocumentDigitalSignatures> xSigner( + security::DocumentDigitalSignatures::createWithVersion( + comphelper::getProcessComponentContext(), aVersion)); + uno::Sequence<security::DocumentSignatureInformation> aInfo + = xSigner->verifyScriptingContentSignatures(xStorage, + uno::Reference<io::XInputStream>()); + + if (!aInfo.hasElements()) + return false; + + m_nScriptingSignatureState = DocumentSignatures::getSignatureState(aInfo); + if (m_nScriptingSignatureState == SignatureState::OK + || m_nScriptingSignatureState == SignatureState::NOTVALIDATED) + { + bResult = std::any_of(aInfo.begin(), aInfo.end(), + [&xSigner](const security::DocumentSignatureInformation& rInfo) { + return xSigner->isAuthorTrusted(rInfo.Signer); + }); + } + } + catch (uno::Exception&) + { + } + + return bResult; } void ODatabaseModelImpl::storageIsModified() diff --git a/dbaccess/source/core/inc/ModelImpl.hxx b/dbaccess/source/core/inc/ModelImpl.hxx index d86ac74ef7fc..d67029c3bfb5 100644 --- a/dbaccess/source/core/inc/ModelImpl.hxx +++ b/dbaccess/source/core/inc/ModelImpl.hxx @@ -158,6 +158,8 @@ private: */ OUString m_sDocumentURL; + SignatureState m_nScriptingSignatureState; + public: OWeakConnectionArray m_aConnections; const css::uno::Reference< css::uno::XComponentContext > m_aContext; |