bee22fd433
Documents signed using an invalid (e.g., not having a trusted root) certificate give signatures that obviously can't pass validity tests. Change-Id: Id4b097516e06c548ea42cad65d76bbd8a6853cc4 Reviewed-on: https://gerrit.libreoffice.org/c/core/+/137620 Tested-by: Mike Kaganski <mike.kaganski@collabora.com> Reviewed-by: Mike Kaganski <mike.kaganski@collabora.com> |
||
|---|---|---|
| .. | ||
| doc | ||
| inc | ||
| qa | ||
| source | ||
| test_docs | ||
| uiconfig/ui | ||
| util | ||
| workben | ||
| AllLangMoTarget_xsc.mk | ||
| CppunitTest_qa_certext.mk | ||
| CppunitTest_xmlsecurity_dialogs_test.mk | ||
| CppunitTest_xmlsecurity_pdfsigning.mk | ||
| CppunitTest_xmlsecurity_signing.mk | ||
| Executable_pdfverify.mk | ||
| IwyuFilter_xmlsecurity.yaml | ||
| Library_xmlsecurity.mk | ||
| Library_xsec_xmlsec.mk | ||
| Makefile | ||
| Module_xmlsecurity.mk | ||
| README.md | ||
| UIConfig_xmlsec.mk | ||
Stuff for Document Signing
This code provides dialogs, and infrastructure wrapping libxmlsec and
gpgme that implements document signing.
For signing a document, a personal key pair is used, which consists of a private key and a public key, which is added to the document in addition to the digital signature of the document, when signing it.
The document signing can be done both for the source ODF/OOXML files and the exported PDF files. It is also possible to sign existing PDF files.
To test the signed PDFs, one can use the pdfverify in this way:
./bin/run pdfverify $PWD/xmlsecurity/qa/unit/pdfsigning/data/2good.pdf
The file parameter should be an absolute path.
This is the output of pdfverify for 2good.pdf:
verifying signatures
found 2 signatures
signature #0: digest match? 1
signature #0: partial? 0
signature #1: digest match? 1
signature #1: partial? 0