[stable30] Digitally sign documents via software certificates #4170
Conversation
Document signing needs to store keys as richdocuments settings. This involves the signing key, certificate and the matching CA chain. As a first step, add code to the personal settings to be able to set a CA chain that issues the signing key / certificate. Setting and getting the setting is possible after this; the setting is not yet exposed in the WOPI CheckFileInfo response. <CollaboraOnline/online#9992 (comment)> has instructions on how to generate self-signed certificates for document signing for development purposes. Related to nextcloud#4123 Signed-off-by: Miklos Vajna <[email protected]> (cherry picked from commit 20ca5fd)
…FileInfo This setting was already possible to read and write from the personal settings UI, but was not available towards Collabora Online. Other private user settings like the Zotero API key are exposed in the WOPI CheckFileInfo reply. Do the same here: if the feature is enabled in general and this is not a public share, then include the signature CA setting in the CheckFileInfo response. The same still needs doing for the signature cert/key. Related to nextcloud#4123 Signed-off-by: Miklos Vajna <[email protected]> (cherry picked from commit 6ca8071)
…, too (fixes nextcloud#4123) The CA chain for the document signing was already a user setting & it was exposed in the WOPI CheckFileInfo, but the actual signing certificate & key was missing, so signing was not possible. These are typically in a similar PEM format using just ASCII characters, so providing a textarea where the user can paste them sounds like a good fit. Add the read/write of this setting and also expose it as part of the private user info in WOPI CheckFileInfo. With this, once all 3 are configured, it's possible to sign a document in Nextcloud Office, using the Signature button on the Home tab of the notebookbar. Signed-off-by: Miklos Vajna <[email protected]> (cherry picked from commit adfb905)
|
@elzody could you please review this? Thanks. I got no conflicts while backporting, FWIW. |
|
@vmiklos thanks i'll take a look today, sorry for being slow on this! |
|
@vmiklos Since this is a feature, normally we would not backport features and they'd just be included in the next release. Is this something really needed from the Collabora side in NC 30 or can it wait for 31, or was Julius already expecting it to be backported as well? He's out sick so unfortunately have not been able to reach him yet about it. |
|
@elzody we would like to really have this backported if we can : ) |
|
Thanks for the review! :-) |
|
Hello there, We hope that the review process is going smooth and is helpful for you. We want to ensure your pull request is reviewed to your satisfaction. If you have a moment, our community management team would very much appreciate your feedback on your experience with this PR review process. Your feedback is valuable to us as we continuously strive to improve our community developer experience. Please take a moment to complete our short survey by clicking on the following link: https://cloud.nextcloud.com/apps/forms/s/i9Ago4EQRZ7TWxjfmeEpPkf6 Thank you for contributing to Nextcloud and we hope to hear from you soon! (If you believe you should not receive this message, you can add yourself to the blocklist.) |
Summary
This is a backport to Nextcloud 30, seeing that effectively the original PR just added 3 new settings, so hopefully no need to wait till Nextcloud 31.