strepsirrhini/office-gobmx
9
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
office-gobmx/xmlsecurity
History
Miklos Vajna 7d56dae337 tdf#127236 vcl: fix missing encryption of PDF images during export 
Regression from commit 78e25558e8
(tdf#106059 PDF export: create a reference XObject for JPG images with
PDF data, 2017-02-23), once a PDF image was inserted to a document, an
encrypted PDF export lost those images.

The reason for this is that we started to preserve PDF images as vector
data with the above commit, but this means we copied over PDF objects
from PDF images to the export result as-is, so encryption was not
performed for them.

Fix this by separating the write of the PDF object headers, stream
content and object footer and then calling
checkAndEnableStreamEncryption() / disableStreamEncryption() for each
object, even if it's not something our PDF export created but comes from
a PDF image.

Note that when existing PDF files are signed, PDF objects are also
copied into a vcl::filter::PDFDocument, but such PDF images are never
encrypted, so it's fine to have stub implementations in
vcl::filter::PDFDocument.

Change-Id: I2f74b9f51cd35b4319221532ca890e197bab9cf3
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/137242
Reviewed-by: Miklos Vajna <vmiklos@collabora.com>
Tested-by: Jenkins
2022-07-20 12:54:45 +02:00
..
doc
inc
qa tdf#127236 vcl: fix missing encryption of PDF images during export 2022-07-20 12:54:45 +02:00
source tdf#127236 vcl: fix missing encryption of PDF images during export 2022-07-20 12:54:45 +02:00
test_docs
uiconfig/ui
util
workben Replace old png writer in pdfverify.cxx 2022-07-19 16:20:38 +02:00
AllLangMoTarget_xsc.mk
CppunitTest_qa_certext.mk
CppunitTest_xmlsecurity_dialogs_test.mk
CppunitTest_xmlsecurity_pdfsigning.mk
CppunitTest_xmlsecurity_signing.mk
Executable_pdfverify.mk
IwyuFilter_xmlsecurity.yaml
Library_xmlsecurity.mk
Library_xsec_xmlsec.mk
Makefile
Module_xmlsecurity.mk
README.md
UIConfig_xmlsec.mk

README.md

Stuff for Document Signing

This code provides dialogs, and infrastructure wrapping libxmlsec and gpgme that implements document signing.

For signing a document, a personal key pair is used, which consists of a private key and a public key, which is added to the document in addition to the digital signature of the document, when signing it.

The document signing can be done both for the source ODF/OOXML files and the exported PDF files. It is also possible to sign existing PDF files.

To test the signed PDFs, one can use the pdfverify in this way:

./bin/run pdfverify $PWD/xmlsecurity/qa/unit/pdfsigning/data/2good.pdf

The file parameter should be an absolute path.

This is the output of pdfverify for 2good.pdf:

verifying signatures
found 2 signatures
signature #0: digest match? 1
signature #0: partial? 0
signature #1: digest match? 1
signature #1: partial? 0

References