LibreOffice Module xmlsecurity (master) 1
ooxmlsecexporter.cxx
Go to the documentation of this file.
1/* -*- Mode: C++; tab-width: 4; indent-tabs-mode: nil; c-basic-offset: 4 -*- */
2/*
3 * This file is part of the LibreOffice project.
4 *
5 * This Source Code Form is subject to the terms of the Mozilla Public
6 * License, v. 2.0. If a copy of the MPL was not distributed with this
7 * file, You can obtain one at http://mozilla.org/MPL/2.0/.
8 */
9
10#include "ooxmlsecexporter.hxx"
11
12#include <algorithm>
13#include <memory>
14#include <string_view>
15
16#include <com/sun/star/embed/ElementModes.hpp>
17#include <com/sun/star/embed/XHierarchicalStorageAccess.hpp>
18#include <com/sun/star/embed/XStorage.hpp>
19#include <com/sun/star/beans/StringPair.hpp>
20#include <com/sun/star/xml/sax/XDocumentHandler.hpp>
21
22#include <comphelper/attributelist.hxx>
23#include <comphelper/ofopxmlhelper.hxx>
24#include <o3tl/string_view.hxx>
25#include <rtl/ref.hxx>
26#include <sal/log.hxx>
27#include <svx/xoutbmp.hxx>
28#include <unotools/datetime.hxx>
29#include <vcl/salctype.hxx>
30
31#include <documentsignaturehelper.hxx>
32#include <xsecctl.hxx>
33
34using namespace com::sun::star;
35using namespace css::xml::sax;
36
37struct OOXMLSecExporter::Impl
38{
39private:
40 const uno::Reference<uno::XComponentContext>& m_xComponentContext;
41 const uno::Reference<embed::XStorage>& m_xRootStorage;
42 const uno::Reference<xml::sax::XDocumentHandler>& m_xDocumentHandler;
43 const SignatureInformation& m_rInformation;
44 OUString m_aSignatureTimeValue;
45
46public:
47 Impl(const uno::Reference<uno::XComponentContext>& xComponentContext,
48 const uno::Reference<embed::XStorage>& xRootStorage,
49 const uno::Reference<xml::sax::XDocumentHandler>& xDocumentHandler,
50 const SignatureInformation& rInformation)
51 : m_xComponentContext(xComponentContext)
52 , m_xRootStorage(xRootStorage)
53 , m_xDocumentHandler(xDocumentHandler)
54 , m_rInformation(rInformation)
55 {
56 }
57
59 static bool isOOXMLDenylist(std::u16string_view rStreamName);
61 static bool isOOXMLRelationDenylist(const OUString& rRelationName);
62
63 const uno::Reference<xml::sax::XDocumentHandler>& getDocumentHandler() const
64 {
65 return m_xDocumentHandler;
66 }
67
68 void writeSignature();
69 void writeSignedInfo();
70 void writeCanonicalizationMethod();
71 void writeCanonicalizationTransform();
72 void writeSignatureMethod();
73 void writeSignedInfoReferences();
74 void writeSignatureValue();
75 void writeKeyInfo();
76 void writePackageObject();
77 void writeManifest();
78 void writeRelationshipTransform(const OUString& rURI);
80 void writePackageObjectSignatureProperties();
82 void writeManifestReference(const SignatureReferenceInformation& rReference);
83 void writeOfficeObject();
85 void writeSignatureInfo();
86 void writePackageSignature();
87 void writeSignatureLineImages();
88};
89
90bool OOXMLSecExporter::Impl::isOOXMLDenylist(std::u16string_view rStreamName)
91{
92 static const std::initializer_list<std::u16string_view> vDenylist
93 = { u"/%5BContent_Types%5D.xml", u"/docProps/app.xml", u"/docProps/core.xml",
94 // Don't attempt to sign other signatures for now.
95 u"/_xmlsignatures" };
96 // Just check the prefix, as we don't care about the content type part of the stream name.
97 return std::any_of(vDenylist.begin(), vDenylist.end(),
98 [&](const std::u16string_view& rLiteral) {
99 return o3tl::starts_with(rStreamName, rLiteral);
100 });
101}
102
103bool OOXMLSecExporter::Impl::isOOXMLRelationDenylist(const OUString& rRelationName)
104{
105 static const std::initializer_list<std::u16string_view> vDenylist = {
106 u"http://schemas.openxmlformats.org/officeDocument/2006/relationships/extended-properties",
107 u"http://schemas.openxmlformats.org/package/2006/relationships/metadata/core-properties",
108 u"http://schemas.openxmlformats.org/package/2006/relationships/digital-signature/origin"
109 };
110 return std::find(vDenylist.begin(), vDenylist.end(), rRelationName) != vDenylist.end();
111}
112
113void OOXMLSecExporter::Impl::writeSignedInfo()
114{
115 m_xDocumentHandler->startElement(
116 "SignedInfo", uno::Reference<xml::sax::XAttributeList>(new comphelper::AttributeList()));
117
118 writeCanonicalizationMethod();
119 writeSignatureMethod();
120 writeSignedInfoReferences();
121
122 m_xDocumentHandler->endElement("SignedInfo");
123}
124
125void OOXMLSecExporter::Impl::writeCanonicalizationMethod()
126{
127 rtl::Reference<comphelper::AttributeList> pAttributeList(new comphelper::AttributeList());
128 pAttributeList->AddAttribute("Algorithm", ALGO_C14N);
129 m_xDocumentHandler->startElement("CanonicalizationMethod",
130 uno::Reference<xml::sax::XAttributeList>(pAttributeList));
131 m_xDocumentHandler->endElement("CanonicalizationMethod");
132}
133
134void OOXMLSecExporter::Impl::writeCanonicalizationTransform()
135{
136 rtl::Reference<comphelper::AttributeList> pAttributeList(new comphelper::AttributeList());
137 pAttributeList->AddAttribute("Algorithm", ALGO_C14N);
138 m_xDocumentHandler->startElement("Transform",
139 uno::Reference<xml::sax::XAttributeList>(pAttributeList));
140 m_xDocumentHandler->endElement("Transform");
141}
142
143void OOXMLSecExporter::Impl::writeSignatureMethod()
144{
145 rtl::Reference<comphelper::AttributeList> pAttributeList(new comphelper::AttributeList());
146
147 if (m_rInformation.eAlgorithmID == svl::crypto::SignatureMethodAlgorithm::ECDSA)
148 pAttributeList->AddAttribute("Algorithm", ALGO_ECDSASHA256);
149 else
150 pAttributeList->AddAttribute("Algorithm", ALGO_RSASHA256);
151
152 m_xDocumentHandler->startElement("SignatureMethod",
153 uno::Reference<xml::sax::XAttributeList>(pAttributeList));
154 m_xDocumentHandler->endElement("SignatureMethod");
155}
156
157void OOXMLSecExporter::Impl::writeSignedInfoReferences()
158{
159 const SignatureReferenceInformations& rReferences = m_rInformation.vSignatureReferenceInfors;
160 for (const SignatureReferenceInformation& rReference : rReferences)
161 {
162 if (rReference.nType == SignatureReferenceType::SAMEDOCUMENT)
163 {
164 {
165 rtl::Reference<comphelper::AttributeList> pAttributeList(
166 new comphelper::AttributeList());
167 if (!rReference.ouURI.startsWith("idSignedProperties"))
168 pAttributeList->AddAttribute("Type",
169 "http://www.w3.org/2000/09/xmldsig#Object");
170 else
171 pAttributeList->AddAttribute("Type",
172 "http://uri.etsi.org/01903#SignedProperties");
173 pAttributeList->AddAttribute("URI", "#" + rReference.ouURI);
174 m_xDocumentHandler->startElement(
175 "Reference", uno::Reference<xml::sax::XAttributeList>(pAttributeList));
176 }
177 if (rReference.ouURI.startsWith("idSignedProperties"))
178 {
179 m_xDocumentHandler->startElement(
180 "Transforms",
181 uno::Reference<xml::sax::XAttributeList>(new comphelper::AttributeList()));
182 writeCanonicalizationTransform();
183 m_xDocumentHandler->endElement("Transforms");
184 }
185
186 DocumentSignatureHelper::writeDigestMethod(m_xDocumentHandler);
187 m_xDocumentHandler->startElement(
188 "DigestValue",
189 uno::Reference<xml::sax::XAttributeList>(new comphelper::AttributeList()));
190 m_xDocumentHandler->characters(rReference.ouDigestValue);
191 m_xDocumentHandler->endElement("DigestValue");
192 m_xDocumentHandler->endElement("Reference");
193 }
194 }
195}
196
197void OOXMLSecExporter::Impl::writeSignatureValue()
198{
199 m_xDocumentHandler->startElement("SignatureValue", uno::Reference<xml::sax::XAttributeList>(
200 new comphelper::AttributeList()));
201 m_xDocumentHandler->characters(m_rInformation.ouSignatureValue);
202 m_xDocumentHandler->endElement("SignatureValue");
203}
204
205void OOXMLSecExporter::Impl::writeKeyInfo()
206{
207 m_xDocumentHandler->startElement(
208 "KeyInfo", uno::Reference<xml::sax::XAttributeList>(new comphelper::AttributeList()));
209 assert(m_rInformation.GetSigningCertificate());
210 for (auto const& rData : m_rInformation.X509Datas)
211 {
212 m_xDocumentHandler->startElement(
213 "X509Data", uno::Reference<xml::sax::XAttributeList>(new comphelper::AttributeList()));
214 for (auto const& it : rData)
215 {
216 m_xDocumentHandler->startElement(
217 "X509Certificate",
218 uno::Reference<xml::sax::XAttributeList>(new comphelper::AttributeList()));
219 m_xDocumentHandler->characters(it.X509Certificate);
220 m_xDocumentHandler->endElement("X509Certificate");
221 }
222 m_xDocumentHandler->endElement("X509Data");
223 }
224 m_xDocumentHandler->endElement("KeyInfo");
225}
226
227void OOXMLSecExporter::Impl::writePackageObject()
228{
229 rtl::Reference<comphelper::AttributeList> pAttributeList(new comphelper::AttributeList());
230 pAttributeList->AddAttribute("Id", "idPackageObject_" + m_rInformation.ouSignatureId);
231 m_xDocumentHandler->startElement("Object",
232 uno::Reference<xml::sax::XAttributeList>(pAttributeList));
233
234 writeManifest();
235 writePackageObjectSignatureProperties();
236
237 m_xDocumentHandler->endElement("Object");
238}
239
240void OOXMLSecExporter::Impl::writeManifest()
241{
242 m_xDocumentHandler->startElement(
243 "Manifest", uno::Reference<xml::sax::XAttributeList>(new comphelper::AttributeList()));
244 const SignatureReferenceInformations& rReferences = m_rInformation.vSignatureReferenceInfors;
245 for (const SignatureReferenceInformation& rReference : rReferences)
246 {
247 if (rReference.nType != SignatureReferenceType::SAMEDOCUMENT)
248 {
249 if (OOXMLSecExporter::Impl::isOOXMLDenylist(rReference.ouURI))
250 continue;
251
252 writeManifestReference(rReference);
253 }
254 }
255 m_xDocumentHandler->endElement("Manifest");
256}
257
258void OOXMLSecExporter::Impl::writeRelationshipTransform(const OUString& rURI)
259{
260 uno::Reference<embed::XHierarchicalStorageAccess> xHierarchicalStorageAccess(m_xRootStorage,
261 uno::UNO_QUERY);
262 uno::Reference<io::XInputStream> xRelStream(
263 xHierarchicalStorageAccess->openStreamElementByHierarchicalName(rURI,
264 embed::ElementModes::READ),
265 uno::UNO_QUERY);
266 {
267 rtl::Reference<comphelper::AttributeList> pAttributeList(new comphelper::AttributeList());
268 pAttributeList->AddAttribute("Algorithm", ALGO_RELATIONSHIP);
269 m_xDocumentHandler->startElement("Transform",
270 uno::Reference<xml::sax::XAttributeList>(pAttributeList));
271 }
272
273 const uno::Sequence<uno::Sequence<beans::StringPair>> aRelationsInfo
274 = comphelper::OFOPXMLHelper::ReadRelationsInfoSequence(xRelStream, rURI,
275 m_xComponentContext);
276 for (const uno::Sequence<beans::StringPair>& rPairs : aRelationsInfo)
277 {
278 OUString aId;
279 OUString aType;
280 for (const beans::StringPair& rPair : rPairs)
281 {
282 if (rPair.First == "Id")
283 aId = rPair.Second;
284 else if (rPair.First == "Type")
285 aType = rPair.Second;
286 }
287
288 if (OOXMLSecExporter::Impl::isOOXMLRelationDenylist(aType))
289 continue;
290
291 rtl::Reference<comphelper::AttributeList> pAttributeList(new comphelper::AttributeList());
292 pAttributeList->AddAttribute("xmlns:mdssi", NS_MDSSI);
293 pAttributeList->AddAttribute("SourceId", aId);
294 m_xDocumentHandler->startElement("mdssi:RelationshipReference",
295 uno::Reference<xml::sax::XAttributeList>(pAttributeList));
296 m_xDocumentHandler->endElement("mdssi:RelationshipReference");
297 }
298
299 m_xDocumentHandler->endElement("Transform");
300}
301
302void OOXMLSecExporter::Impl::writePackageObjectSignatureProperties()
303{
304 m_xDocumentHandler->startElement(
305 "SignatureProperties",
306 uno::Reference<xml::sax::XAttributeList>(new comphelper::AttributeList()));
307 {
308 rtl::Reference<comphelper::AttributeList> pAttributeList(new comphelper::AttributeList());
309 pAttributeList->AddAttribute("Id", "idSignatureTime_" + m_rInformation.ouSignatureId);
310 pAttributeList->AddAttribute("Target", "#" + m_rInformation.ouSignatureId);
311 m_xDocumentHandler->startElement("SignatureProperty",
312 uno::Reference<xml::sax::XAttributeList>(pAttributeList));
313 }
314 {
315 rtl::Reference<comphelper::AttributeList> pAttributeList(new comphelper::AttributeList());
316 pAttributeList->AddAttribute("xmlns:mdssi", NS_MDSSI);
317 m_xDocumentHandler->startElement("mdssi:SignatureTime",
318 uno::Reference<xml::sax::XAttributeList>(pAttributeList));
319 }
320 m_xDocumentHandler->startElement(
321 "mdssi:Format", uno::Reference<xml::sax::XAttributeList>(new comphelper::AttributeList()));
322 m_xDocumentHandler->characters("YYYY-MM-DDThh:mm:ssTZD");
323 m_xDocumentHandler->endElement("mdssi:Format");
324
325 m_xDocumentHandler->startElement(
326 "mdssi:Value", uno::Reference<xml::sax::XAttributeList>(new comphelper::AttributeList()));
327 if (!m_rInformation.ouDateTime.isEmpty())
328 m_aSignatureTimeValue = m_rInformation.ouDateTime;
329 else
330 {
331 m_aSignatureTimeValue = utl::toISO8601(m_rInformation.stDateTime);
332 // Ignore sub-seconds.
333 sal_Int32 nCommaPos = m_aSignatureTimeValue.indexOf(',');
334 if (nCommaPos != -1)
335 {
336 m_aSignatureTimeValue
337 = OUString::Concat(m_aSignatureTimeValue.subView(0, nCommaPos)) + "Z";
338 }
339 }
340 m_xDocumentHandler->characters(m_aSignatureTimeValue);
341 m_xDocumentHandler->endElement("mdssi:Value");
342
343 m_xDocumentHandler->endElement("mdssi:SignatureTime");
344 m_xDocumentHandler->endElement("SignatureProperty");
345 m_xDocumentHandler->endElement("SignatureProperties");
346}
347
348void OOXMLSecExporter::Impl::writeManifestReference(const SignatureReferenceInformation& rReference)
349{
350 rtl::Reference<comphelper::AttributeList> pAttributeList(new comphelper::AttributeList());
351 pAttributeList->AddAttribute("URI", rReference.ouURI);
352 m_xDocumentHandler->startElement("Reference",
353 uno::Reference<xml::sax::XAttributeList>(pAttributeList));
354
355 // Transforms
356 if (rReference.ouURI.endsWith(
357 "?ContentType=application/vnd.openxmlformats-package.relationships+xml"))
358 {
359 OUString aURI = rReference.ouURI;
360 // Ignore leading slash.
361 if (aURI.startsWith("/"))
362 aURI = aURI.copy(1);
363 // Ignore query part of the URI.
364 sal_Int32 nQueryPos = aURI.indexOf('?');
365 if (nQueryPos != -1)
366 aURI = aURI.copy(0, nQueryPos);
367
368 m_xDocumentHandler->startElement("Transforms", uno::Reference<xml::sax::XAttributeList>(
369 new comphelper::AttributeList()));
370
371 writeRelationshipTransform(aURI);
372 writeCanonicalizationTransform();
373
374 m_xDocumentHandler->endElement("Transforms");
375 }
376
377 DocumentSignatureHelper::writeDigestMethod(m_xDocumentHandler);
378 m_xDocumentHandler->startElement(
379 "DigestValue", uno::Reference<xml::sax::XAttributeList>(new comphelper::AttributeList()));
380 m_xDocumentHandler->characters(rReference.ouDigestValue);
381 m_xDocumentHandler->endElement("DigestValue");
382 m_xDocumentHandler->endElement("Reference");
383}
384
385void OOXMLSecExporter::Impl::writeOfficeObject()
386{
387 {
388 rtl::Reference<comphelper::AttributeList> pAttributeList(new comphelper::AttributeList());
389 pAttributeList->AddAttribute("Id", "idOfficeObject_" + m_rInformation.ouSignatureId);
390 m_xDocumentHandler->startElement("Object",
391 uno::Reference<xml::sax::XAttributeList>(pAttributeList));
392 }
393 m_xDocumentHandler->startElement(
394 "SignatureProperties",
395 uno::Reference<xml::sax::XAttributeList>(new comphelper::AttributeList()));
396 {
397 rtl::Reference<comphelper::AttributeList> pAttributeList(new comphelper::AttributeList());
398 pAttributeList->AddAttribute("Id", "idOfficeV1Details_" + m_rInformation.ouSignatureId);
399 pAttributeList->AddAttribute("Target", "#" + m_rInformation.ouSignatureId);
400 m_xDocumentHandler->startElement("SignatureProperty",
401 uno::Reference<xml::sax::XAttributeList>(pAttributeList));
402 }
403 writeSignatureInfo();
404 m_xDocumentHandler->endElement("SignatureProperty");
405 m_xDocumentHandler->endElement("SignatureProperties");
406 m_xDocumentHandler->endElement("Object");
407}
408
409void OOXMLSecExporter::Impl::writeSignatureInfo()
410{
411 rtl::Reference<comphelper::AttributeList> pAttributeList(new comphelper::AttributeList());
412 pAttributeList->AddAttribute("xmlns", "http://schemas.microsoft.com/office/2006/digsig");
413 m_xDocumentHandler->startElement("SignatureInfoV1",
414 uno::Reference<xml::sax::XAttributeList>(pAttributeList));
415
416 m_xDocumentHandler->startElement(
417 "SetupID", uno::Reference<xml::sax::XAttributeList>(new comphelper::AttributeList()));
418 m_xDocumentHandler->characters(m_rInformation.ouSignatureLineId);
419 m_xDocumentHandler->endElement("SetupID");
420 m_xDocumentHandler->startElement(
421 "SignatureText", uno::Reference<xml::sax::XAttributeList>(new comphelper::AttributeList()));
422 m_xDocumentHandler->endElement("SignatureText");
423 m_xDocumentHandler->startElement("SignatureImage", uno::Reference<xml::sax::XAttributeList>(
424 new comphelper::AttributeList()));
425 m_xDocumentHandler->endElement("SignatureImage");
426 m_xDocumentHandler->startElement("SignatureComments", uno::Reference<xml::sax::XAttributeList>(
427 new comphelper::AttributeList()));
428 m_xDocumentHandler->characters(m_rInformation.ouDescription);
429 m_xDocumentHandler->endElement("SignatureComments");
430 // Just hardcode something valid according to [MS-OFFCRYPTO].
431 m_xDocumentHandler->startElement("WindowsVersion", uno::Reference<xml::sax::XAttributeList>(
432 new comphelper::AttributeList()));
433 m_xDocumentHandler->characters("6.1");
434 m_xDocumentHandler->endElement("WindowsVersion");
435 m_xDocumentHandler->startElement(
436 "OfficeVersion", uno::Reference<xml::sax::XAttributeList>(new comphelper::AttributeList()));
437 m_xDocumentHandler->characters("16.0");
438 m_xDocumentHandler->endElement("OfficeVersion");
439 m_xDocumentHandler->startElement("ApplicationVersion", uno::Reference<xml::sax::XAttributeList>(
440 new comphelper::AttributeList()));
441 m_xDocumentHandler->characters("16.0");
442 m_xDocumentHandler->endElement("ApplicationVersion");
443 m_xDocumentHandler->startElement(
444 "Monitors", uno::Reference<xml::sax::XAttributeList>(new comphelper::AttributeList()));
445 m_xDocumentHandler->characters("1");
446 m_xDocumentHandler->endElement("Monitors");
447 m_xDocumentHandler->startElement(
448 "HorizontalResolution",
449 uno::Reference<xml::sax::XAttributeList>(new comphelper::AttributeList()));
450 m_xDocumentHandler->characters("1280");
451 m_xDocumentHandler->endElement("HorizontalResolution");
452 m_xDocumentHandler->startElement("VerticalResolution", uno::Reference<xml::sax::XAttributeList>(
453 new comphelper::AttributeList()));
454 m_xDocumentHandler->characters("800");
455 m_xDocumentHandler->endElement("VerticalResolution");
456 m_xDocumentHandler->startElement(
457 "ColorDepth", uno::Reference<xml::sax::XAttributeList>(new comphelper::AttributeList()));
458 m_xDocumentHandler->characters("32");
459 m_xDocumentHandler->endElement("ColorDepth");
460 m_xDocumentHandler->startElement(
461 "SignatureProviderId",
462 uno::Reference<xml::sax::XAttributeList>(new comphelper::AttributeList()));
463 m_xDocumentHandler->characters("{00000000-0000-0000-0000-000000000000}");
464 m_xDocumentHandler->endElement("SignatureProviderId");
465 m_xDocumentHandler->startElement(
466 "SignatureProviderUrl",
467 uno::Reference<xml::sax::XAttributeList>(new comphelper::AttributeList()));
468 m_xDocumentHandler->endElement("SignatureProviderUrl");
469 m_xDocumentHandler->startElement(
470 "SignatureProviderDetails",
471 uno::Reference<xml::sax::XAttributeList>(new comphelper::AttributeList()));
472 m_xDocumentHandler->characters(
473 "9"); // This is what MSO 2016 writes, though [MS-OFFCRYPTO] doesn't document what the value means.
474 m_xDocumentHandler->endElement("SignatureProviderDetails");
475 m_xDocumentHandler->startElement(
476 "SignatureType", uno::Reference<xml::sax::XAttributeList>(new comphelper::AttributeList()));
477 m_xDocumentHandler->characters("2");
478 m_xDocumentHandler->endElement("SignatureType");
479
480 m_xDocumentHandler->endElement("SignatureInfoV1");
481}
482
483void OOXMLSecExporter::Impl::writePackageSignature()
484{
485 m_xDocumentHandler->startElement(
486 "Object", uno::Reference<xml::sax::XAttributeList>(new comphelper::AttributeList()));
487 {
488 rtl::Reference<comphelper::AttributeList> pAttributeList(new comphelper::AttributeList());
489 pAttributeList->AddAttribute("xmlns:xd", NS_XD);
490 pAttributeList->AddAttribute("Target", "#" + m_rInformation.ouSignatureId);
491 m_xDocumentHandler->startElement("xd:QualifyingProperties",
492 uno::Reference<xml::sax::XAttributeList>(pAttributeList));
493 }
494
495 DocumentSignatureHelper::writeSignedProperties(m_xDocumentHandler, m_rInformation,
496 m_aSignatureTimeValue, false);
497
498 m_xDocumentHandler->endElement("xd:QualifyingProperties");
499 m_xDocumentHandler->endElement("Object");
500}
501
502void OOXMLSecExporter::Impl::writeSignatureLineImages()
503{
504 if (m_rInformation.aValidSignatureImage.is())
505 {
506 rtl::Reference<comphelper::AttributeList> pAttributeList(new comphelper::AttributeList());
507 pAttributeList->AddAttribute("Id", "idValidSigLnImg");
508 m_xDocumentHandler->startElement("Object",
509 uno::Reference<xml::sax::XAttributeList>(pAttributeList));
510 OUString aGraphicInBase64;
511 Graphic aGraphic(m_rInformation.aValidSignatureImage);
512 if (!XOutBitmap::GraphicToBase64(aGraphic, aGraphicInBase64, false, ConvertDataFormat::EMF))
513 SAL_WARN("xmlsecurity.helper", "could not convert graphic to base64");
514 m_xDocumentHandler->characters(aGraphicInBase64);
515 m_xDocumentHandler->endElement("Object");
516 }
517 if (!m_rInformation.aInvalidSignatureImage.is())
518 return;
519
520 rtl::Reference<comphelper::AttributeList> pAttributeList(new comphelper::AttributeList());
521 pAttributeList->AddAttribute("Id", "idInvalidSigLnImg");
522 m_xDocumentHandler->startElement("Object",
523 uno::Reference<xml::sax::XAttributeList>(pAttributeList));
524 OUString aGraphicInBase64;
525 Graphic aGraphic(m_rInformation.aInvalidSignatureImage);
526 if (!XOutBitmap::GraphicToBase64(aGraphic, aGraphicInBase64, false, ConvertDataFormat::EMF))
527 SAL_WARN("xmlsecurity.helper", "could not convert graphic to base64");
528 m_xDocumentHandler->characters(aGraphicInBase64);
529 m_xDocumentHandler->endElement("Object");
530}
531
532void OOXMLSecExporter::Impl::writeSignature()
533{
534 rtl::Reference<comphelper::AttributeList> pAttributeList(new comphelper::AttributeList());
535 pAttributeList->AddAttribute("xmlns", NS_XMLDSIG);
536 pAttributeList->AddAttribute("Id", m_rInformation.ouSignatureId);
537 getDocumentHandler()->startElement("Signature",
538 uno::Reference<xml::sax::XAttributeList>(pAttributeList));
539
540 writeSignedInfo();
541 writeSignatureValue();
542 writeKeyInfo();
543 writePackageObject();
544 writeOfficeObject();
545 writePackageSignature();
546 writeSignatureLineImages();
547
548 getDocumentHandler()->endElement("Signature");
549}
550
551OOXMLSecExporter::OOXMLSecExporter(
552 const uno::Reference<uno::XComponentContext>& xComponentContext,
553 const uno::Reference<embed::XStorage>& xRootStorage,
554 const uno::Reference<xml::sax::XDocumentHandler>& xDocumentHandler,
555 const SignatureInformation& rInformation)
556 : m_pImpl(
557 std::make_unique<Impl>(xComponentContext, xRootStorage, xDocumentHandler, rInformation))
558{
559}
560
561OOXMLSecExporter::~OOXMLSecExporter() = default;
562
563void OOXMLSecExporter::writeSignature() { m_pImpl->writeSignature(); }
564
565/* vim:set shiftwidth=4 softtabstop=4 expandtab: */
OOXMLSecExporter::OOXMLSecExporter
OOXMLSecExporter(const css::uno::Reference< css::uno::XComponentContext > &xComponentContext, const css::uno::Reference< css::embed::XStorage > &xRootStorage, const css::uno::Reference< css::xml::sax::XDocumentHandler > &xDocumentHandler, const SignatureInformation &rInformation)
Definition: ooxmlsecexporter.cxx:551
OOXMLSecExporter::m_pImpl
std::unique_ptr< Impl > m_pImpl
Definition: ooxmlsecexporter.hxx:35
XOutBitmap::GraphicToBase64
static bool GraphicToBase64(const Graphic &rGraphic, OUString &rOUString, bool bAddPrefix=true, ConvertDataFormat aTargetFormat=ConvertDataFormat::Unknown)
m_xComponentContext
Reference< XComponentContext > const m_xComponentContext
u
float u
SAL_WARN
#define SAL_WARN(area, stream)
DocumentSignatureHelper::writeDigestMethod
void writeDigestMethod(const css::uno::Reference< css::xml::sax::XDocumentHandler > &xDocumentHandler)
DocumentSignatureHelper::writeSignedProperties
void writeSignedProperties(const css::uno::Reference< css::xml::sax::XDocumentHandler > &xDocumentHandler, const SignatureInformation &signatureInfo, const OUString &sDate, const bool bWriteSignatureLineData)
comphelper::OFOPXMLHelper::ReadRelationsInfoSequence
uno::Sequence< uno::Sequence< beans::StringPair > > ReadRelationsInfoSequence(const uno::Reference< io::XInputStream > &xInStream, std::u16string_view aStreamName, const uno::Reference< uno::XComponentContext > &rContext)
utl::toISO8601
OUString toISO8601(const css::util::DateTime &rDateTime)
SignatureReferenceInformations
::std::vector< SignatureReferenceInformation > SignatureReferenceInformations
string_view.hxx
OOXMLSecExporter::Impl::getDocumentHandler
const uno::Reference< xml::sax::XDocumentHandler > & getDocumentHandler() const
Definition: ooxmlsecexporter.cxx:63
OOXMLSecExporter::Impl::writeSignatureInfo
void writeSignatureInfo()
Writes <SignatureInfoV1>.
Definition: ooxmlsecexporter.cxx:409
OOXMLSecExporter::Impl::writeManifestReference
void writeManifestReference(const SignatureReferenceInformation &rReference)
Writes a single <Reference> inside <Manifest>.
Definition: ooxmlsecexporter.cxx:348
OOXMLSecExporter::Impl::m_xComponentContext
const uno::Reference< uno::XComponentContext > & m_xComponentContext
Definition: ooxmlsecexporter.cxx:40
OOXMLSecExporter::Impl::m_xDocumentHandler
const uno::Reference< xml::sax::XDocumentHandler > & m_xDocumentHandler
Definition: ooxmlsecexporter.cxx:42
OOXMLSecExporter::Impl::m_xRootStorage
const uno::Reference< embed::XStorage > & m_xRootStorage
Definition: ooxmlsecexporter.cxx:41
OOXMLSecExporter::Impl::isOOXMLDenylist
static bool isOOXMLDenylist(std::u16string_view rStreamName)
Should we intentionally not sign this stream?
Definition: ooxmlsecexporter.cxx:90
OOXMLSecExporter::Impl::writeRelationshipTransform
void writeRelationshipTransform(const OUString &rURI)
Definition: ooxmlsecexporter.cxx:258
OOXMLSecExporter::Impl::m_rInformation
const SignatureInformation & m_rInformation
Definition: ooxmlsecexporter.cxx:43
OOXMLSecExporter::Impl::Impl
Impl(const uno::Reference< uno::XComponentContext > &xComponentContext, const uno::Reference< embed::XStorage > &xRootStorage, const uno::Reference< xml::sax::XDocumentHandler > &xDocumentHandler, const SignatureInformation &rInformation)
Definition: ooxmlsecexporter.cxx:47
OOXMLSecExporter::Impl::writePackageObjectSignatureProperties
void writePackageObjectSignatureProperties()
Writes <SignatureProperties> inside idPackageObject.
Definition: ooxmlsecexporter.cxx:302
OOXMLSecExporter::Impl::isOOXMLRelationDenylist
static bool isOOXMLRelationDenylist(const OUString &rRelationName)
Should we intentionally not sign this relation type?
Definition: ooxmlsecexporter.cxx:103
NS_XMLDSIG
constexpr OUStringLiteral NS_XMLDSIG
Definition: xsecctl.hxx:45
NS_XD
constexpr OUStringLiteral NS_XD
Definition: xsecctl.hxx:47
NS_MDSSI
constexpr OUStringLiteral NS_MDSSI
Definition: xsecctl.hxx:48
ALGO_RELATIONSHIP
constexpr OUStringLiteral ALGO_RELATIONSHIP
Definition: xsecctl.hxx:61
ALGO_RSASHA256
constexpr OUStringLiteral ALGO_RSASHA256
Definition: xsecctl.hxx:53
ALGO_C14N
constexpr OUStringLiteral ALGO_C14N
Definition: xsecctl.hxx:51
ALGO_ECDSASHA256
constexpr OUStringLiteral ALGO_ECDSASHA256
Definition: xsecctl.hxx:56
Generated on Sun Jul 30 2023 04:29:53 for LibreOffice Module xmlsecurity (master) by doxygen 1.9.3