search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
nss: upgrade to release 3.73
[LibreOffice.git] / xmlsecurity / source / helper / documentsignaturehelper.cxx
blob94f7d9a813fe5f67f0d7893afedce3d67b1a9275
1 /* -*- Mode: C++; tab-width: 4; indent-tabs-mode: nil; c-basic-offset: 4 -*- */
2 /*
3 * This file is part of the LibreOffice project.
4 *
5 * This Source Code Form is subject to the terms of the Mozilla Public
6 * License, v. 2.0. If a copy of the MPL was not distributed with this
7 * file, You can obtain one at http://mozilla.org/MPL/2.0/.
8 *
9 * This file incorporates work covered by the following license notice:
10 *
11 * Licensed to the Apache Software Foundation (ASF) under one or more
12 * contributor license agreements. See the NOTICE file distributed
13 * with this work for additional information regarding copyright
14 * ownership. The ASF licenses this file to you under the Apache
15 * License, Version 2.0 (the "License"); you may not use this file
16 * except in compliance with the License. You may obtain a copy of
17 * the License at http://www.apache.org/licenses/LICENSE-2.0 .
18 */
19
20
21 #include <documentsignaturehelper.hxx>
22
23 #include <algorithm>
24 #include <functional>
25
26 #include <com/sun/star/io/IOException.hpp>
27 #include <com/sun/star/embed/XStorage.hpp>
28 #include <com/sun/star/embed/StorageFormats.hpp>
29 #include <com/sun/star/embed/ElementModes.hpp>
30 #include <com/sun/star/beans/StringPair.hpp>
31 #include <com/sun/star/xml/sax/XDocumentHandler.hpp>
32
33 #include <comphelper/documentconstants.hxx>
34 #include <comphelper/ofopxmlhelper.hxx>
35 #include <comphelper/processfactory.hxx>
36 #include <osl/diagnose.h>
37 #include <rtl/ref.hxx>
38 #include <rtl/uri.hxx>
39 #include <sal/log.hxx>
40 #include <svx/xoutbmp.hxx>
41 #include <tools/diagnose_ex.h>
42 #include <xmloff/attrlist.hxx>
43
44 #include <xsecctl.hxx>
45
46 using namespace ::com::sun::star;
47 using namespace ::com::sun::star::uno;
48 using namespace css::xml::sax;
49
50 namespace
51 {
52 OUString getElement(OUString const & version, ::sal_Int32 * index)
53 {
54 while (*index < version.getLength() && version[*index] == '0') {
55 ++*index;
56 }
57 return version.getToken(0, '.', *index);
58 }
59
60
61 // Return 1 if version1 is greater than version 2, 0 if they are equal
62 //and -1 if version1 is less version 2
63 int compareVersions(
64 OUString const & version1, OUString const & version2)
65 {
66 for (::sal_Int32 i1 = 0, i2 = 0; i1 >= 0 || i2 >= 0;) {
67 OUString e1(getElement(version1, &i1));
68 OUString e2(getElement(version2, &i2));
69 if (e1.getLength() < e2.getLength()) {
70 return -1;
71 } else if (e1.getLength() > e2.getLength()) {
72 return 1;
73 } else if (e1 < e2) {
74 return -1;
75 } else if (e1 > e2) {
76 return 1;
77 }
78 }
79 return 0;
80 }
81 }
82
83 static void ImplFillElementList(
84 std::vector< OUString >& rList, const Reference < css::embed::XStorage >& rxStore,
85 const OUString& rRootStorageName, const bool bRecursive,
86 const DocumentSignatureAlgorithm mode)
87 {
88 const Sequence< OUString > aElements = rxStore->getElementNames();
89
90 for ( const auto& rName : aElements )
91 {
92 if (rName == "[Content_Types].xml")
93 // OOXML
94 continue;
95
96 // If the user enabled validating according to OOo 3.0
97 // then mimetype and all content of META-INF must be excluded.
98 if (mode != DocumentSignatureAlgorithm::OOo3_2
99 && (rName == "META-INF" || rName == "mimetype"))
100 {
101 continue;
102 }
103 else
104 {
105 OUString sEncName = ::rtl::Uri::encode(
106 rName, rtl_UriCharClassRelSegment,
107 rtl_UriEncodeStrict, RTL_TEXTENCODING_UTF8);
108 if (sEncName.isEmpty() && !rName.isEmpty())
109 throw css::uno::RuntimeException("Failed to encode element name of XStorage", nullptr);
110
111 if ( rxStore->isStreamElement( rName ) )
112 {
113 //Exclude documentsignatures.xml!
114 if (rName ==
115 DocumentSignatureHelper::GetDocumentContentSignatureDefaultStreamName())
116 continue;
117 OUString aFullName( rRootStorageName + sEncName );
118 rList.push_back(aFullName);
119 }
120 else if ( bRecursive && rxStore->isStorageElement( rName ) )
121 {
122 Reference < css::embed::XStorage > xSubStore = rxStore->openStorageElement( rName, css::embed::ElementModes::READ );
123 OUString aFullRootName( rRootStorageName + sEncName + "/" );
124 ImplFillElementList(rList, xSubStore, aFullRootName, bRecursive, mode);
125 }
126 }
127 }
128 }
129
130
131 bool DocumentSignatureHelper::isODFPre_1_2(const OUString & sVersion)
132 {
133 //The property version exists only if the document is at least version 1.2
134 //That is, if the document has version 1.1 and sVersion is empty.
135 //The constant is defined in comphelper/documentconstants.hxx
136 return compareVersions(sVersion, ODFVER_012_TEXT) == -1;
137 }
138
139 bool DocumentSignatureHelper::isOOo3_2_Signature(const SignatureInformation & sigInfo)
140 {
141 return std::any_of(sigInfo.vSignatureReferenceInfors.cbegin(),
142 sigInfo.vSignatureReferenceInfors.cend(),
143 [](const SignatureReferenceInformation& info) { return info.ouURI == "META-INF/manifest.xml"; });
144 }
145
146 DocumentSignatureAlgorithm
147 DocumentSignatureHelper::getDocumentAlgorithm(
148 const OUString & sODFVersion, const SignatureInformation & sigInfo)
149 {
150 OSL_ASSERT(!sODFVersion.isEmpty());
151 DocumentSignatureAlgorithm mode = DocumentSignatureAlgorithm::OOo3_2;
152 if (!isOOo3_2_Signature(sigInfo))
153 {
154 if (isODFPre_1_2(sODFVersion))
155 mode = DocumentSignatureAlgorithm::OOo2;
156 else
157 mode = DocumentSignatureAlgorithm::OOo3_0;
158 }
159 return mode;
160 }
161
162 //The function creates a list of files which are to be signed or for which
163 //the signature is to be validated. The strings are UTF8 encoded URIs which
164 //contain '/' as path separators.
165 //
166 //The algorithm how document signatures are created and validated has
167 //changed over time. The change affects only which files within the document
168 //are changed. Document signatures created by OOo 2.x only used particular files. Since
169 //OOo 3.0 everything except "mimetype" and "META-INF" are signed. As of OOo 3.2 everything
170 //except META-INF/documentsignatures.xml is signed.
171 //Signatures are validated according to the algorithm which was then used for validation.
172 //That is, when validating a signature which was created by OOo 3.0, then mimetype and
173 //META-INF are not used.
174 //
175 //When a signature is created then we always use the latest algorithm. That is, we use
176 //that of OOo 3.2
177 std::vector< OUString >
178 DocumentSignatureHelper::CreateElementList(
179 const Reference < css::embed::XStorage >& rxStore,
180 DocumentSignatureMode eMode,
181 const DocumentSignatureAlgorithm mode)
182 {
183 std::vector< OUString > aElements;
184 OUString aSep( "/" );
185
186 switch ( eMode )
187 {
188 case DocumentSignatureMode::Content:
189 {
190 if (mode == DocumentSignatureAlgorithm::OOo2) //that is, ODF 1.0, 1.1
191 {
192 // 1) Main content
193 ImplFillElementList(aElements, rxStore, OUString(), false, mode);
194
195 // 2) Pictures...
196 OUString aSubStorageName( "Pictures" );
197 try
198 {
199 Reference < css::embed::XStorage > xSubStore = rxStore->openStorageElement( aSubStorageName, css::embed::ElementModes::READ );
200 ImplFillElementList(aElements, xSubStore, aSubStorageName+aSep, true, mode);
201 }
202 catch(css::io::IOException& )
203 {
204 ; // Doesn't have to exist...
205 }
206 // 3) OLE...
207 aSubStorageName = "ObjectReplacements";
208 try
209 {
210 Reference < css::embed::XStorage > xSubStore = rxStore->openStorageElement( aSubStorageName, css::embed::ElementModes::READ );
211 ImplFillElementList(aElements, xSubStore, aSubStorageName+aSep, true, mode);
212 xSubStore.clear();
213
214 // Object folders...
215 const Sequence< OUString > aElementNames = rxStore->getElementNames();
216 for ( const auto& rName : aElementNames )
217 {
218 if ( ( rName.match( "Object " ) ) && rxStore->isStorageElement( rName ) )
219 {
220 Reference < css::embed::XStorage > xTmpSubStore = rxStore->openStorageElement( rName, css::embed::ElementModes::READ );
221 ImplFillElementList(aElements, xTmpSubStore, rName+aSep, true, mode);
222 }
223 }
224 }
225 catch( css::io::IOException& )
226 {
227 ; // Doesn't have to exist...
228 }
229 }
230 else
231 {
232 // Everything except META-INF
233 ImplFillElementList(aElements, rxStore, OUString(), true, mode);
234 }
235 }
236 break;
237 case DocumentSignatureMode::Macros:
238 {
239 // 1) Macros
240 OUString aSubStorageName( "Basic" );
241 try
242 {
243 Reference < css::embed::XStorage > xSubStore = rxStore->openStorageElement( aSubStorageName, css::embed::ElementModes::READ );
244 ImplFillElementList(aElements, xSubStore, aSubStorageName+aSep, true, mode);
245 }
246 catch( css::io::IOException& )
247 {
248 ; // Doesn't have to exist...
249 }
250
251 // 2) Dialogs
252 aSubStorageName = "Dialogs";
253 try
254 {
255 Reference < css::embed::XStorage > xSubStore = rxStore->openStorageElement( aSubStorageName, css::embed::ElementModes::READ );
256 ImplFillElementList(aElements, xSubStore, aSubStorageName+aSep, true, mode);
257 }
258 catch( css::io::IOException& )
259 {
260 ; // Doesn't have to exist...
261 }
262 // 3) Scripts
263 aSubStorageName = "Scripts";
264 try
265 {
266 Reference < css::embed::XStorage > xSubStore = rxStore->openStorageElement( aSubStorageName, css::embed::ElementModes::READ );
267 ImplFillElementList(aElements, xSubStore, aSubStorageName+aSep, true, mode);
268 }
269 catch( css::io::IOException& )
270 {
271 ; // Doesn't have to exist...
272 }
273 }
274 break;
275 case DocumentSignatureMode::Package:
276 {
277 // Everything except META-INF
278 ImplFillElementList(aElements, rxStore, OUString(), true, mode);
279 }
280 break;
281 }
282
283 return aElements;
284 }
285
286 void DocumentSignatureHelper::AppendContentTypes(const uno::Reference<embed::XStorage>& xStorage, std::vector<OUString>& rElements)
287 {
288 if (!xStorage.is() || !xStorage->hasByName("[Content_Types].xml"))
289 // ODF
290 return;
291
292 uno::Reference<io::XInputStream> xRelStream(xStorage->openStreamElement("[Content_Types].xml", embed::ElementModes::READ), uno::UNO_QUERY);
293 uno::Sequence< uno::Sequence<beans::StringPair> > aContentTypeInfo = comphelper::OFOPXMLHelper::ReadContentTypeSequence(xRelStream, comphelper::getProcessComponentContext());
294 if (aContentTypeInfo.getLength() < 2)
295 {
296 SAL_WARN("xmlsecurity.helper", "no defaults or overrides in aContentTypeInfo");
297 return;
298 }
299 uno::Sequence<beans::StringPair>& rDefaults = aContentTypeInfo[0];
300 uno::Sequence<beans::StringPair>& rOverrides = aContentTypeInfo[1];
301
302 for (OUString& rElement : rElements)
303 {
304 auto it = std::find_if(rOverrides.begin(), rOverrides.end(), [&](const beans::StringPair& rPair)
305 {
306 return rPair.First == "/" + rElement;
307 });
308
309 if (it != rOverrides.end())
310 {
311 rElement = "/" + rElement + "?ContentType=" + it->Second;
312 continue;
313 }
314
315 it = std::find_if(rDefaults.begin(), rDefaults.end(), [&](const beans::StringPair& rPair)
316 {
317 return rElement.endsWith(OUString("." + rPair.First));
318 });
319
320 if (it != rDefaults.end())
321 {
322 rElement = "/" + rElement + "?ContentType=" + it->Second;
323 continue;
324 }
325 SAL_WARN("xmlsecurity.helper", "found no content type for " << rElement);
326 }
327
328 std::sort(rElements.begin(), rElements.end());
329 }
330
331 SignatureStreamHelper DocumentSignatureHelper::OpenSignatureStream(
332 const Reference < css::embed::XStorage >& rxStore, sal_Int32 nOpenMode, DocumentSignatureMode eDocSigMode )
333 {
334 sal_Int32 nSubStorageOpenMode = css::embed::ElementModes::READ;
335 if ( nOpenMode & css::embed::ElementModes::WRITE )
336 nSubStorageOpenMode = css::embed::ElementModes::WRITE;
337
338 SignatureStreamHelper aHelper;
339
340 if (!rxStore.is())
341 return aHelper;
342
343 if (rxStore->hasByName("META-INF"))
344 {
345 try
346 {
347 aHelper.xSignatureStorage = rxStore->openStorageElement( "META-INF", nSubStorageOpenMode );
348 if ( aHelper.xSignatureStorage.is() )
349 {
350 OUString aSIGStreamName;
351 if ( eDocSigMode == DocumentSignatureMode::Content )
352 aSIGStreamName = DocumentSignatureHelper::GetDocumentContentSignatureDefaultStreamName();
353 else if ( eDocSigMode == DocumentSignatureMode::Macros )
354 aSIGStreamName = DocumentSignatureHelper::GetScriptingContentSignatureDefaultStreamName();
355 else
356 aSIGStreamName = DocumentSignatureHelper::GetPackageSignatureDefaultStreamName();
357
358 aHelper.xSignatureStream = aHelper.xSignatureStorage->openStreamElement( aSIGStreamName, nOpenMode );
359 }
360 }
361 catch(css::io::IOException& )
362 {
363 // Doesn't have to exist...
364 SAL_WARN_IF( nOpenMode != css::embed::ElementModes::READ, "xmlsecurity.helper", "Error creating signature stream..." );
365 }
366 }
367 else if(rxStore->hasByName("[Content_Types].xml"))
368 {
369 try
370 {
371 if (rxStore->hasByName("_xmlsignatures") && (nOpenMode & embed::ElementModes::TRUNCATE))
372 // Truncate, then all signatures will be written -> remove previous ones.
373 rxStore->removeElement("_xmlsignatures");
374
375 aHelper.xSignatureStorage = rxStore->openStorageElement("_xmlsignatures", nSubStorageOpenMode);
376 aHelper.nStorageFormat = embed::StorageFormats::OFOPXML;
377 }
378 catch (const io::IOException&)
379 {
380 TOOLS_WARN_EXCEPTION_IF(nOpenMode != css::embed::ElementModes::READ, "xmlsecurity.helper", "DocumentSignatureHelper::OpenSignatureStream:");
381 }
382 }
383
384 return aHelper;
385 }
386
387 /** Check whether the current file can be signed with GPG (only ODF >= 1.2 can currently) */
388 bool DocumentSignatureHelper::CanSignWithGPG(
389 const Reference < css::embed::XStorage >& rxStore,
390 const OUString& sOdfVersion)
391 {
392 if (!rxStore.is())
393 return false;
394
395 if (rxStore->hasByName("META-INF")) // ODF
396 {
397 return !isODFPre_1_2(sOdfVersion);
398 }
399
400 return false;
401 }
402
403
404
405 //sElementList contains all files which are expected to be signed. Only those files must me signed,
406 //no more, no less.
407 //The DocumentSignatureAlgorithm indicates if the document was created with OOo 2.x. Then
408 //the uri s in the Reference elements in the signature, were not properly encoded.
409 // For example: <Reference URI="ObjectReplacements/Object 1">
410 bool DocumentSignatureHelper::checkIfAllFilesAreSigned(
411 const ::std::vector< OUString > & sElementList,
412 const SignatureInformation & sigInfo,
413 const DocumentSignatureAlgorithm alg)
414 {
415 // Can only be valid if ALL streams are signed, which means real stream count == signed stream count
416 unsigned int nRealCount = 0;
417 std::function<OUString(const OUString&)> fEncode = [](const OUString& rStr) { return rStr; };
418 if (alg == DocumentSignatureAlgorithm::OOo2)
419 //Comparing URIs is a difficult. Therefore we kind of normalize
420 //it before comparing. We assume that our URI do not have a leading "./"
421 //and fragments at the end (...#...)
422 fEncode = [](const OUString& rStr) {
423 return rtl::Uri::encode(rStr, rtl_UriCharClassPchar, rtl_UriEncodeCheckEscapes, RTL_TEXTENCODING_UTF8);
424 };
425
426 for ( int i = sigInfo.vSignatureReferenceInfors.size(); i; )
427 {
428 const SignatureReferenceInformation& rInf = sigInfo.vSignatureReferenceInfors[--i];
429 // There is also an extra entry of type SignatureReferenceType::SAMEDOCUMENT because of signature date.
430 if ( ( rInf.nType == SignatureReferenceType::BINARYSTREAM ) || ( rInf.nType == SignatureReferenceType::XMLSTREAM ) )
431 {
432 //find the file in the element list
433 if (std::any_of(sElementList.cbegin(), sElementList.cend(),
434 [&fEncode, &rInf](const OUString& rElement) { return fEncode(rElement) == fEncode(rInf.ouURI); }))
435 nRealCount++;
436 }
437 }
438 return sElementList.size() == nRealCount;
439 }
440
441 /*Compares the Uri which are obtained from CreateElementList with
442 the path obtained from the manifest.xml.
443 Returns true if both strings are equal.
444 */
445 bool DocumentSignatureHelper::equalsReferenceUriManifestPath(
446 const OUString & rUri, const OUString & rPath)
447 {
448 //split up the uri and path into segments. Both are separated by '/'
449 std::vector<OUString> vUriSegments;
450 for (sal_Int32 nIndex = 0; nIndex >= 0; )
451 vUriSegments.push_back(rUri.getToken( 0, '/', nIndex ));
452
453 std::vector<OUString> vPathSegments;
454 for (sal_Int32 nIndex = 0; nIndex >= 0; )
455 vPathSegments.push_back(rPath.getToken( 0, '/', nIndex ));
456
457 if (vUriSegments.size() != vPathSegments.size())
458 return false;
459
460 //Now compare each segment of the uri with its counterpart from the path
461 return std::equal(
462 vUriSegments.cbegin(), vUriSegments.cend(), vPathSegments.cbegin(),
463 [](const OUString& rUriSegment, const OUString& rPathSegment) {
464 //Decode the uri segment, so that %20 becomes ' ', etc.
465 OUString sDecUri = rtl::Uri::decode(rUriSegment, rtl_UriDecodeWithCharset, RTL_TEXTENCODING_UTF8);
466 return sDecUri == rPathSegment;
467 });
468 }
469
470 OUString DocumentSignatureHelper::GetDocumentContentSignatureDefaultStreamName()
471 {
472 return "documentsignatures.xml";
473 }
474
475 OUString DocumentSignatureHelper::GetScriptingContentSignatureDefaultStreamName()
476 {
477 return "macrosignatures.xml";
478 }
479
480 OUString DocumentSignatureHelper::GetPackageSignatureDefaultStreamName()
481 {
482 return "packagesignatures.xml";
483 }
484
485 void DocumentSignatureHelper::writeDigestMethod(
486 const uno::Reference<xml::sax::XDocumentHandler>& xDocumentHandler)
487 {
488 rtl::Reference<SvXMLAttributeList> pAttributeList(new SvXMLAttributeList());
489 pAttributeList->AddAttribute("Algorithm", ALGO_XMLDSIGSHA256);
490 xDocumentHandler->startElement("DigestMethod", uno::Reference<xml::sax::XAttributeList>(pAttributeList.get()));
491 xDocumentHandler->endElement("DigestMethod");
492 }
493
494 static void WriteXadesCert(
495 uno::Reference<xml::sax::XDocumentHandler> const& xDocumentHandler,
496 SignatureInformation::X509CertInfo const& rCertInfo)
497 {
498 xDocumentHandler->startElement("xd:Cert", uno::Reference<xml::sax::XAttributeList>(new SvXMLAttributeList()));
499 xDocumentHandler->startElement("xd:CertDigest", uno::Reference<xml::sax::XAttributeList>(new SvXMLAttributeList()));
500 DocumentSignatureHelper::writeDigestMethod(xDocumentHandler);
501 xDocumentHandler->startElement("DigestValue", uno::Reference<xml::sax::XAttributeList>(new SvXMLAttributeList()));
502 assert(!rCertInfo.CertDigest.isEmpty());
503 xDocumentHandler->characters(rCertInfo.CertDigest);
504 xDocumentHandler->endElement("DigestValue");
505 xDocumentHandler->endElement("xd:CertDigest");
506 xDocumentHandler->startElement("xd:IssuerSerial", uno::Reference<xml::sax::XAttributeList>(new SvXMLAttributeList()));
507 xDocumentHandler->startElement("X509IssuerName", uno::Reference<xml::sax::XAttributeList>(new SvXMLAttributeList()));
508 xDocumentHandler->characters(rCertInfo.X509IssuerName);
509 xDocumentHandler->endElement("X509IssuerName");
510 xDocumentHandler->startElement("X509SerialNumber", uno::Reference<xml::sax::XAttributeList>(new SvXMLAttributeList()));
511 xDocumentHandler->characters(rCertInfo.X509SerialNumber);
512 xDocumentHandler->endElement("X509SerialNumber");
513 xDocumentHandler->endElement("xd:IssuerSerial");
514 xDocumentHandler->endElement("xd:Cert");
515 }
516
517 void DocumentSignatureHelper::writeSignedProperties(
518 const uno::Reference<xml::sax::XDocumentHandler>& xDocumentHandler,
519 const SignatureInformation& signatureInfo,
520 const OUString& sDate, const bool bWriteSignatureLineData)
521 {
522 {
523 rtl::Reference<SvXMLAttributeList> pAttributeList(new SvXMLAttributeList());
524 pAttributeList->AddAttribute("Id", "idSignedProperties");
525 xDocumentHandler->startElement("xd:SignedProperties", uno::Reference<xml::sax::XAttributeList>(pAttributeList.get()));
526 }
527
528 xDocumentHandler->startElement("xd:SignedSignatureProperties", uno::Reference<xml::sax::XAttributeList>(new SvXMLAttributeList()));
529 xDocumentHandler->startElement("xd:SigningTime", uno::Reference<xml::sax::XAttributeList>(new SvXMLAttributeList()));
530 xDocumentHandler->characters(sDate);
531 xDocumentHandler->endElement("xd:SigningTime");
532 xDocumentHandler->startElement("xd:SigningCertificate", uno::Reference<xml::sax::XAttributeList>(new SvXMLAttributeList()));
533 assert(signatureInfo.GetSigningCertificate() || !signatureInfo.ouGpgKeyID.isEmpty());
534 if (signatureInfo.GetSigningCertificate())
535 {
536 // how should this deal with multiple X509Data elements?
537 // for now, let's write all of the certificates ...
538 for (auto const& rData : signatureInfo.X509Datas)
539 {
540 for (auto const& it : rData)
541 {
542 WriteXadesCert(xDocumentHandler, it);
543 }
544 }
545 }
546 else
547 {
548 // for PGP, write empty mandatory X509IssuerName, X509SerialNumber
549 SignatureInformation::X509CertInfo temp;
550 temp.CertDigest = signatureInfo.ouGpgKeyID;
551 WriteXadesCert(xDocumentHandler, temp);
552 }
553 xDocumentHandler->endElement("xd:SigningCertificate");
554 xDocumentHandler->startElement("xd:SignaturePolicyIdentifier", uno::Reference<xml::sax::XAttributeList>(new SvXMLAttributeList()));
555 xDocumentHandler->startElement("xd:SignaturePolicyImplied", uno::Reference<xml::sax::XAttributeList>(new SvXMLAttributeList()));
556 xDocumentHandler->endElement("xd:SignaturePolicyImplied");
557 xDocumentHandler->endElement("xd:SignaturePolicyIdentifier");
558
559 if (bWriteSignatureLineData && !signatureInfo.ouSignatureLineId.isEmpty()
560 && signatureInfo.aValidSignatureImage.is() && signatureInfo.aInvalidSignatureImage.is())
561 {
562 rtl::Reference<SvXMLAttributeList> pAttributeList(new SvXMLAttributeList());
563 pAttributeList->AddAttribute(
564 "xmlns:loext", "urn:org:documentfoundation:names:experimental:office:xmlns:loext:1.0");
565 xDocumentHandler->startElement(
566 "loext:SignatureLine",
567 Reference<XAttributeList>(pAttributeList.get()));
568
569 {
570 // Write SignatureLineId element
571 xDocumentHandler->startElement(
572 "loext:SignatureLineId",
573 Reference<XAttributeList>(new SvXMLAttributeList()));
574 xDocumentHandler->characters(signatureInfo.ouSignatureLineId);
575 xDocumentHandler->endElement("loext:SignatureLineId");
576 }
577
578 {
579 // Write SignatureLineValidImage element
580 xDocumentHandler->startElement(
581 "loext:SignatureLineValidImage",
582 Reference<XAttributeList>(new SvXMLAttributeList()));
583
584 OUString aGraphicInBase64;
585 Graphic aGraphic(signatureInfo.aValidSignatureImage);
586 if (!XOutBitmap::GraphicToBase64(aGraphic, aGraphicInBase64, false))
587 SAL_WARN("xmlsecurity.helper", "could not convert graphic to base64");
588
589 xDocumentHandler->characters(aGraphicInBase64);
590 xDocumentHandler->endElement("loext:SignatureLineValidImage");
591 }
592
593 {
594 // Write SignatureLineInvalidImage element
595 xDocumentHandler->startElement(
596 "loext:SignatureLineInvalidImage",
597 Reference<XAttributeList>(new SvXMLAttributeList()));
598 OUString aGraphicInBase64;
599 Graphic aGraphic(signatureInfo.aInvalidSignatureImage);
600 if (!XOutBitmap::GraphicToBase64(aGraphic, aGraphicInBase64, false))
601 SAL_WARN("xmlsecurity.helper", "could not convert graphic to base64");
602 xDocumentHandler->characters(aGraphicInBase64);
603 xDocumentHandler->endElement("loext:SignatureLineInvalidImage");
604 }
605
606 xDocumentHandler->endElement("loext:SignatureLine");
607 }
608
609 xDocumentHandler->endElement("xd:SignedSignatureProperties");
610
611 xDocumentHandler->endElement("xd:SignedProperties");
612 }
613
614 /* vim:set shiftwidth=4 softtabstop=4 expandtab: */
FREE OFFICE SUITE