XMLSecurity Module Documentation Update

Updated the README Documentation file for xmlsecurity module. Fixed
broken sxd file for signatures workflow. Added dumb certificates creator
shell script for testing purposes in qa.

Change-Id: Ibee17193a1a38348f2e7fc460dfdd0c54dd31f9b
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/155932
Tested-by: Jenkins
Reviewed-by: Thorsten Behrens <thorsten.behrens@allotropia.de>

xmlsecurity/README.md

@@ -1,4 +1,6 @@
-# Stuff for Document Signing
+# Document Signing
+
+## Introduction
 
 This code provides dialogs, and infrastructure wrapping `libxmlsec` and
 `gpgme` that implements document signing.
@@ -10,6 +12,31 @@ to the digital signature of the document, when signing it.
 The document signing can be done both for the source ODF/OOXML files and
 the exported PDF files. It is also possible to sign existing PDF files.
 
+## Module Contents
+
+ * `doc`: OpenDocument workflow legacy information with some illustrations to have an idea of the workflow, for starters check `doc/OpenDocumentSignatures-Workflow.odt`.
+ * `inc`: Headers to a subset of source files inside the module, parts like `source/framework` have headers inside the folder.
+ * `qa`: Unit tests for signing and shell scripts for certificates creation for testing.
+ * `test_docs`: Documents & certificates used for testing.
+ * `source`: More on that below.
+ * `uiconfig`: User interface configuration for different dialogs, it is recommended to navigate from relevant source file to the .ui file linked in the class which will be under `uiconfig/ui`.
+ * `util`: UNO passive registration config for GPG/ NSS.
+
+## Source Primary Contents
+
+ * `component`: Main implementation of `DocumentDigitalSignatuers` where the interaction with security environment and certificates occur.
+ * `dialogs`: Certificate & Signatures management dialogs.
+   * `certificatechooser`: Dialog that allows you to find and choose certificates or signatures for encryption.
+   * `certificateviewer`: More detailed information about each certificate.
+   * `digitalsignaturesdialog`: Main window for signatures of the documents and the start point of signing document.
+ * `framework`: Various elements for verifying signatures and running security engine.
+ * `gpg`: The implementation of encrypting with GPG and security environment initialization.
+ * `helper`: Some helper classes that include signatures manager and the helpers for PDF signing, UriBinding, and XML signatures. It also include helper tools for XSecurityEnvironment.
+ * `xmlsec`: XML, NSS, MSCrypt encryption/ signing tools, more on the low-level side of actual implementation of algorithms.
+
+
+## PDF Testing
+
 To test the signed PDFs, one can use the `pdfverify` in this way:
 
     ./bin/run pdfverify $PWD/xmlsecurity/qa/unit/pdfsigning/data/2good.pdf

xmlsecurity/qa/create-certs/create-dump-certs.sh

@@ -0,0 +1,31 @@
+#!/usr/bin/env bash
+#
+# This file is part of the LibreOffice project.
+#
+# This Source Code Form is subject to the terms of the Mozilla Public
+# License, v. 2.0. If a copy of the MPL was not distributed with this
+# file, You can obtain one at http://mozilla.org/MPL/2.0/.
+#
+# This script generates 100 certificates (modifiable) for cases of testing UI latency for instance.
+#
+# Basically, it creates certificates with sender same as reciever following User [number] pattern.
+#
+
+for ((i=1; i<=100; i++))
+do
+    gpg --batch --gen-key <<EOF
+        %no-protection
+        Key-Type: RSA
+        Key-Length: 2048
+        Subkey-Type: RSA
+        Subkey-Length: 2048
+        Name-Real: User $i
+        Name-Email: user$i@example.com
+        Expire-Date: 1y
+        %commit
+EOF
+
+    gpg --armor --export user$i@example.com > user$i.asc
+
+    echo "Generated certificate for User $i"
+done