remove ability to trust not validated macro signatures in high securitydistro/mimo/mimo-6-3

Giving the user the option to determine if they should trust an invalid signature in HIGH macro security doesn't make sense. CommonName of the signature is the most prominent feature presented and the CommonName of a certificate can be easily forged for an invalid signature, tricking the user into accepting an invalid signature. in the HIGH macro security setting only show the pop-up to enable/disable signed macro if the certificate signature can be validated. cherry-picked without UI/String altering bits for 24-2 Change-Id: Ia766fb701660160ee5dc9f6e077f4012a44ce721 Reviewed-on: https://gerrit.libreoffice.org/c/core/+/168667 Tested-by: Jenkins Reviewed-by: Sarper Akdemir <sarper.akdemir@allotropia.de> (cherry picked from commit 2beaa3be3829303e948d401f492dbfd239d60aad) Reviewed-on: https://gerrit.libreoffice.org/c/core/+/169525 Reviewed-by: Thorsten Behrens <thorsten.behrens@allotropia.de> Reviewed-on: https://gerrit.libreoffice.org/c/core/+/171306 Reviewed-by: Caolán McNamara <caolan.mcnamara@collabora.com> Tested-by: Caolán McNamara <caolan.mcnamara@collabora.com> Reviewed-on: https://gerrit.libreoffice.org/c/core/+/171314 Reviewed-on: https://gerrit.libreoffice.org/c/core/+/171315 Reviewed-on: https://gerrit.libreoffice.org/c/core/+/171317 Reviewed-on: https://gerrit.libreoffice.org/c/core/+/171323 Reviewed-on: https://gerrit.libreoffice.org/c/core/+/171325
author: Sarper Akdemir <sarper.akdemir@allotropia.de> 2024-06-11 12:39:36 +0200
committer: Caolán McNamara <caolan.mcnamara@collabora.com> 2024-07-31 15:48:42 +0200
commit: 7eac192e7b5c29c71871757c47b3fd5afe0fbddb (patch)
tree: b8742bf5cf599dbf0fba51d0a2ad9c4de8dbd7bc
parent: 0412b3b7587f70b35e17f705b803ade3efe31269 (diff)
1 files changed, 6 insertions, 2 deletions
diff --git a/sfx2/source/doc/docmacromode.cxx b/sfx2/source/doc/docmacromode.cxx
index f1fd2373ee5a..17fcd5f260d8 100644
--- a/sfx2/source/doc/docmacromode.cxx
+++ b/sfx2/source/doc/docmacromode.cxx
@@ -229,14 +229,18 @@ namespace sfx2
             // check whether the document is signed with trusted certificate
             if ( nMacroExecutionMode != MacroExecMode::FROM_LIST )
             {
+                SignatureState nSignatureState = m_xData->m_rDocumentAccess.getScriptingSignatureState();
+
                 // the trusted macro check will also retrieve the signature state ( small optimization )
                 const SvtSecurityOptions aSecOption;
                 const bool bAllowUIToAddAuthor = nMacroExecutionMode != MacroExecMode::FROM_LIST_AND_SIGNED_NO_WARN
                                                  && (nMacroExecutionMode == MacroExecMode::ALWAYS_EXECUTE
-                                                     || !aSecOption.IsReadOnly(SvtSecurityOptions::EOption::MacroTrustedAuthors));
+                                                     || !aSecOption.IsReadOnly(SvtSecurityOptions::EOption::MacroTrustedAuthors))
+                                                 && (nMacroExecutionMode != MacroExecMode::FROM_LIST_AND_SIGNED_WARN
+                                                     || nSignatureState == SignatureState::OK);
+
                 const bool bHasTrustedMacroSignature = m_xData->m_rDocumentAccess.hasTrustedScriptingSignature(bAllowUIToAddAuthor);
 
-                SignatureState nSignatureState = m_xData->m_rDocumentAccess.getScriptingSignatureState();
                 if ( nSignatureState == SignatureState::BROKEN )
                 {
                     if (!bAllowUIToAddAuthor)
author	Sarper Akdemir <sarper.akdemir@allotropia.de>	2024-06-11 12:39:36 +0200
committer	Caolán McNamara <caolan.mcnamara@collabora.com>	2024-07-31 15:48:42 +0200
commit	7eac192e7b5c29c71871757c47b3fd5afe0fbddb (patch)
tree	b8742bf5cf599dbf0fba51d0a2ad9c4de8dbd7bc
parent	0412b3b7587f70b35e17f705b803ade3efe31269 (diff)