diff options
Diffstat (limited to 'xmlsecurity/inc')
-rw-r--r-- | xmlsecurity/inc/makefile.mk | 47 | ||||
-rw-r--r-- | xmlsecurity/inc/pch/precompiled_xmlsecurity.cxx | 29 | ||||
-rw-r--r-- | xmlsecurity/inc/pch/precompiled_xmlsecurity.hxx | 32 | ||||
-rw-r--r-- | xmlsecurity/inc/xmlsecurity/biginteger.hxx | 43 | ||||
-rw-r--r-- | xmlsecurity/inc/xmlsecurity/certificatechooser.hxx | 94 | ||||
-rw-r--r-- | xmlsecurity/inc/xmlsecurity/certificateviewer.hxx | 165 | ||||
-rw-r--r-- | xmlsecurity/inc/xmlsecurity/certvalidity.hxx | 37 | ||||
-rw-r--r-- | xmlsecurity/inc/xmlsecurity/digitalsignaturesdialog.hxx | 150 | ||||
-rw-r--r-- | xmlsecurity/inc/xmlsecurity/documentsignaturehelper.hxx | 103 | ||||
-rw-r--r-- | xmlsecurity/inc/xmlsecurity/global.hrc | 49 | ||||
-rw-r--r-- | xmlsecurity/inc/xmlsecurity/macrosecurity.hxx | 175 | ||||
-rw-r--r-- | xmlsecurity/inc/xmlsecurity/sigstruct.hxx | 112 | ||||
-rw-r--r-- | xmlsecurity/inc/xmlsecurity/stbcontrl.hxx | 57 | ||||
-rw-r--r-- | xmlsecurity/inc/xmlsecurity/warnings.hxx | 89 | ||||
-rw-r--r-- | xmlsecurity/inc/xmlsecurity/xmlsignaturehelper.hxx | 207 |
15 files changed, 1389 insertions, 0 deletions
diff --git a/xmlsecurity/inc/makefile.mk b/xmlsecurity/inc/makefile.mk new file mode 100644 index 000000000000..e3ee4509ae73 --- /dev/null +++ b/xmlsecurity/inc/makefile.mk @@ -0,0 +1,47 @@ +#************************************************************************* +# +# DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. +# +# Copyright 2000, 2010 Oracle and/or its affiliates. +# +# OpenOffice.org - a multi-platform office productivity suite +# +# This file is part of OpenOffice.org. +# +# OpenOffice.org is free software: you can redistribute it and/or modify +# it under the terms of the GNU Lesser General Public License version 3 +# only, as published by the Free Software Foundation. +# +# OpenOffice.org is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU Lesser General Public License version 3 for more details +# (a copy is included in the LICENSE file that accompanied this code). +# +# You should have received a copy of the GNU Lesser General Public License +# version 3 along with OpenOffice.org. If not, see +# <http://www.openoffice.org/license.html> +# for a copy of the LGPLv3 License. +# +#************************************************************************* +PRJ=.. + +PRJNAME=xmlsecurity +TARGET=inc + +# --- Settings ----------------------------------------------------- + +.INCLUDE : settings.mk + +# --- Files -------------------------------------------------------- +# --- Targets ------------------------------------------------------- + +.INCLUDE : target.mk + +.IF "$(ENABLE_PCH)"!="" +ALLTAR : \ + $(SLO)$/precompiled.pch \ + $(SLO)$/precompiled_ex.pch + +.ENDIF # "$(ENABLE_PCH)"!="" + diff --git a/xmlsecurity/inc/pch/precompiled_xmlsecurity.cxx b/xmlsecurity/inc/pch/precompiled_xmlsecurity.cxx new file mode 100644 index 000000000000..42b0254306c2 --- /dev/null +++ b/xmlsecurity/inc/pch/precompiled_xmlsecurity.cxx @@ -0,0 +1,29 @@ +/************************************************************************* + * + * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. + * + * Copyright 2000, 2010 Oracle and/or its affiliates. + * + * OpenOffice.org - a multi-platform office productivity suite + * + * This file is part of OpenOffice.org. + * + * OpenOffice.org is free software: you can redistribute it and/or modify + * it under the terms of the GNU Lesser General Public License version 3 + * only, as published by the Free Software Foundation. + * + * OpenOffice.org is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU Lesser General Public License version 3 for more details + * (a copy is included in the LICENSE file that accompanied this code). + * + * You should have received a copy of the GNU Lesser General Public License + * version 3 along with OpenOffice.org. If not, see + * <http://www.openoffice.org/license.html> + * for a copy of the LGPLv3 License. + * + ************************************************************************/ + +#include "precompiled_xmlsecurity.hxx" + diff --git a/xmlsecurity/inc/pch/precompiled_xmlsecurity.hxx b/xmlsecurity/inc/pch/precompiled_xmlsecurity.hxx new file mode 100644 index 000000000000..f2701c727e99 --- /dev/null +++ b/xmlsecurity/inc/pch/precompiled_xmlsecurity.hxx @@ -0,0 +1,32 @@ +/************************************************************************* + * + * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. + * + * Copyright 2000, 2010 Oracle and/or its affiliates. + * + * OpenOffice.org - a multi-platform office productivity suite + * + * This file is part of OpenOffice.org. + * + * OpenOffice.org is free software: you can redistribute it and/or modify + * it under the terms of the GNU Lesser General Public License version 3 + * only, as published by the Free Software Foundation. + * + * OpenOffice.org is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU Lesser General Public License version 3 for more details + * (a copy is included in the LICENSE file that accompanied this code). + * + * You should have received a copy of the GNU Lesser General Public License + * version 3 along with OpenOffice.org. If not, see + * <http://www.openoffice.org/license.html> + * for a copy of the LGPLv3 License. + * + ************************************************************************/ + +// MARKER(update_precomp.py): Generated on 2006-09-01 17:50:21.795105 + +#ifdef PRECOMPILED_HEADERS +#endif + diff --git a/xmlsecurity/inc/xmlsecurity/biginteger.hxx b/xmlsecurity/inc/xmlsecurity/biginteger.hxx new file mode 100644 index 000000000000..b77c7c3bb8c6 --- /dev/null +++ b/xmlsecurity/inc/xmlsecurity/biginteger.hxx @@ -0,0 +1,43 @@ +/************************************************************************* + * + * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. + * + * Copyright 2000, 2010 Oracle and/or its affiliates. + * + * OpenOffice.org - a multi-platform office productivity suite + * + * This file is part of OpenOffice.org. + * + * OpenOffice.org is free software: you can redistribute it and/or modify + * it under the terms of the GNU Lesser General Public License version 3 + * only, as published by the Free Software Foundation. + * + * OpenOffice.org is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU Lesser General Public License version 3 for more details + * (a copy is included in the LICENSE file that accompanied this code). + * + * You should have received a copy of the GNU Lesser General Public License + * version 3 along with OpenOffice.org. If not, see + * <http://www.openoffice.org/license.html> + * for a copy of the LGPLv3 License. + * + ************************************************************************/ + +#ifndef _XMLSECURITY_BIGINTEGER_HXX +#define _XMLSECURITY_BIGINTEGER_HXX + +#include <sal/config.h> +#include <rtl/ustring.hxx> + +#ifndef _COM_SUN_STAR_UNO_REFERENCE_HPP_ +#include <com/sun/star/uno/Reference.hxx> +#endif +#include "com/sun/star/uno/Sequence.h" + +rtl::OUString bigIntegerToNumericString( ::com::sun::star::uno::Sequence< sal_Int8 > serial ); +::com::sun::star::uno::Sequence< sal_Int8 > numericStringToBigInteger ( rtl::OUString serialNumber ); + +#endif + diff --git a/xmlsecurity/inc/xmlsecurity/certificatechooser.hxx b/xmlsecurity/inc/xmlsecurity/certificatechooser.hxx new file mode 100644 index 000000000000..1f822e8df096 --- /dev/null +++ b/xmlsecurity/inc/xmlsecurity/certificatechooser.hxx @@ -0,0 +1,94 @@ +/************************************************************************* + * + * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. + * + * Copyright 2000, 2010 Oracle and/or its affiliates. + * + * OpenOffice.org - a multi-platform office productivity suite + * + * This file is part of OpenOffice.org. + * + * OpenOffice.org is free software: you can redistribute it and/or modify + * it under the terms of the GNU Lesser General Public License version 3 + * only, as published by the Free Software Foundation. + * + * OpenOffice.org is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU Lesser General Public License version 3 for more details + * (a copy is included in the LICENSE file that accompanied this code). + * + * You should have received a copy of the GNU Lesser General Public License + * version 3 along with OpenOffice.org. If not, see + * <http://www.openoffice.org/license.html> + * for a copy of the LGPLv3 License. + * + ************************************************************************/ + +#ifndef _XMLSECURITY_CERTIFICATECHOOSER_HXX +#define _XMLSECURITY_CERTIFICATECHOOSER_HXX + +#include <vcl/dialog.hxx> +#include <vcl/fixed.hxx> +#include <vcl/button.hxx> +#include <svx/simptabl.hxx> + +namespace com { +namespace sun { +namespace star { +namespace security { + class XCertificate; } +namespace xml { namespace crypto { + class XSecurityEnvironment; }} +}}} + +#include <com/sun/star/uno/Sequence.hxx> +#include <xmlsecurity/sigstruct.hxx> + +namespace css = com::sun::star; +namespace cssu = com::sun::star::uno; +namespace dcss = ::com::sun::star; + +class HeaderBar; + +class CertificateChooser : public ModalDialog +{ +private: + cssu::Reference< cssu::XComponentContext > mxCtx; + cssu::Reference< dcss::xml::crypto::XSecurityEnvironment > mxSecurityEnvironment; + cssu::Sequence< cssu::Reference< dcss::security::XCertificate > > maCerts; + SignatureInformations maCertsToIgnore; + + FixedText maHintFT; + SvxSimpleTable maCertLB; // PB 2006/02/02 #i48648 now SvHeaderTabListBox + + PushButton maViewBtn; + + FixedLine maBottomSepFL; + OKButton maOKBtn; + CancelButton maCancelBtn; + HelpButton maHelpBtn; + + BOOL mbInitialized; + + USHORT GetSelectedEntryPos( void ) const; +// DECL_LINK( Initialize, void* ); + DECL_LINK( ViewButtonHdl, Button* ); + DECL_LINK( CertificateHighlightHdl, void* ); + DECL_LINK( CertificateSelectHdl, void* ); + + void ImplShowCertificateDetails(); + void ImplInitialize(); + +public: + CertificateChooser( Window* pParent, cssu::Reference< cssu::XComponentContext>& rxCtx, cssu::Reference< dcss::xml::crypto::XSecurityEnvironment >& rxSecurityEnvironment, const SignatureInformations& rCertsToIgnore ); + ~CertificateChooser(); + + short Execute(); + + cssu::Reference< dcss::security::XCertificate > GetSelectedCertificate(); + +}; + +#endif // _XMLSECURITY_CERTIFICATECHOOSER_HXX + diff --git a/xmlsecurity/inc/xmlsecurity/certificateviewer.hxx b/xmlsecurity/inc/xmlsecurity/certificateviewer.hxx new file mode 100644 index 000000000000..10727ad63d47 --- /dev/null +++ b/xmlsecurity/inc/xmlsecurity/certificateviewer.hxx @@ -0,0 +1,165 @@ +/************************************************************************* + * + * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. + * + * Copyright 2000, 2010 Oracle and/or its affiliates. + * + * OpenOffice.org - a multi-platform office productivity suite + * + * This file is part of OpenOffice.org. + * + * OpenOffice.org is free software: you can redistribute it and/or modify + * it under the terms of the GNU Lesser General Public License version 3 + * only, as published by the Free Software Foundation. + * + * OpenOffice.org is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU Lesser General Public License version 3 for more details + * (a copy is included in the LICENSE file that accompanied this code). + * + * You should have received a copy of the GNU Lesser General Public License + * version 3 along with OpenOffice.org. If not, see + * <http://www.openoffice.org/license.html> + * for a copy of the LGPLv3 License. + * + ************************************************************************/ + +#ifndef _XMLSECURITY_CERTIFICATEVIEWER_HXX +#define _XMLSECURITY_CERTIFICATEVIEWER_HXX + +#include <vcl/fixed.hxx> +#include <vcl/button.hxx> +#include <vcl/lstbox.hxx> +#include <vcl/tabdlg.hxx> +#include <vcl/tabctrl.hxx> +#include <vcl/tabpage.hxx> +#include <svtools/stdctrl.hxx> +#include <svx/simptabl.hxx> +#include <svtools/svmedit.hxx> + +namespace com { +namespace sun { +namespace star { +namespace security { + class XCertificate; } +namespace xml { namespace crypto { + class XSecurityEnvironment; }} +}}} + +namespace css = com::sun::star; +namespace cssu = com::sun::star::uno; +namespace dcss = ::com::sun::star; + +class CertificateViewer : public TabDialog +{ +private: + friend class CertificateViewerGeneralTP; + friend class CertificateViewerDetailsTP; + friend class CertificateViewerCertPathTP; + + TabControl maTabCtrl; + OKButton maOkBtn; + HelpButton maHelpBtn; + + BOOL mbCheckForPrivateKey; + + cssu::Reference< dcss::xml::crypto::XSecurityEnvironment > mxSecurityEnvironment; + cssu::Reference< dcss::security::XCertificate > mxCert; +public: + CertificateViewer( Window* pParent, const cssu::Reference< dcss::xml::crypto::XSecurityEnvironment >& rxSecurityEnvironment, const cssu::Reference< dcss::security::XCertificate >& rXCert, BOOL bCheckForPrivateKey ); + virtual ~CertificateViewer(); +}; + + +class CertificateViewerTP : public TabPage +{ +protected: + CertificateViewer* mpDlg; +public: + CertificateViewerTP( Window* _pParent, const ResId& _rResId, CertificateViewer* _pDlg ); + inline void SetTabDlg( CertificateViewer* pTabDlg ); +}; + +inline void CertificateViewerTP::SetTabDlg( CertificateViewer* _pTabDlg ) +{ + mpDlg = _pTabDlg; +} + + +class CertificateViewerGeneralTP : public CertificateViewerTP +{ +private: + Window maFrameWin; + FixedImage maCertImg; + FixedInfo maCertInfoFI; + FixedLine maSep1FL; + FixedInfo maHintNotTrustedFI; + FixedLine maSep2FL; + FixedInfo maIssuedToLabelFI; + FixedInfo maIssuedToFI; + FixedInfo maIssuedByLabelFI; + FixedInfo maIssuedByFI; + FixedInfo maValidDateFI; + FixedImage maKeyImg; + FixedInfo maHintCorrespPrivKeyFI; +public: + CertificateViewerGeneralTP( Window* pParent, CertificateViewer* _pDlg ); + + virtual void ActivatePage(); +}; + + +class CertificateViewerDetailsTP : public CertificateViewerTP +{ +private: + SvxSimpleTable maElementsLB; // PB 2006/02/02 #i48648 now SvHeaderTabListBox + MultiLineEdit maElementML; + Font maStdFont; + Font maFixedWidthFont; + + DECL_LINK( ElementSelectHdl, void* ); + void Clear( void ); + void InsertElement( const String& _rField, const String& _rValue, + const String& _rDetails, bool _bFixedWidthFont = false ); +public: + CertificateViewerDetailsTP( Window* pParent, CertificateViewer* _pDlg ); + virtual ~CertificateViewerDetailsTP(); + + virtual void ActivatePage(); +}; + + +class CertificateViewerCertPathTP : public CertificateViewerTP +{ +private: + FixedText maCertPathFT; + SvTreeListBox maCertPathLB; + PushButton maViewCertPB; + FixedText maCertStatusFT; + MultiLineEdit maCertStatusML; + + CertificateViewer* mpParent; + bool mbFirstActivateDone; + Image maCertImage; + Image maCertNotValidatedImage; + String msCertOK; + String msCertNotValidated; + + DECL_LINK( ViewCertHdl, void* ); + DECL_LINK( CertSelectHdl, void* ); + void Clear( void ); + SvLBoxEntry* InsertCert( SvLBoxEntry* _pParent, const String& _rName, + cssu::Reference< dcss::security::XCertificate > rxCert, + bool bValid); + +public: + CertificateViewerCertPathTP( Window* pParent, CertificateViewer* _pDlg ); + virtual ~CertificateViewerCertPathTP(); + + virtual void ActivatePage(); +}; + + +#endif // _XMLSECURITY_CERTIFICATEVIEWER_HXX + diff --git a/xmlsecurity/inc/xmlsecurity/certvalidity.hxx b/xmlsecurity/inc/xmlsecurity/certvalidity.hxx new file mode 100644 index 000000000000..20fb05579029 --- /dev/null +++ b/xmlsecurity/inc/xmlsecurity/certvalidity.hxx @@ -0,0 +1,37 @@ +/************************************************************************* + * + * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. + * + * Copyright 2000, 2010 Oracle and/or its affiliates. + * + * OpenOffice.org - a multi-platform office productivity suite + * + * This file is part of OpenOffice.org. + * + * OpenOffice.org is free software: you can redistribute it and/or modify + * it under the terms of the GNU Lesser General Public License version 3 + * only, as published by the Free Software Foundation. + * + * OpenOffice.org is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU Lesser General Public License version 3 for more details + * (a copy is included in the LICENSE file that accompanied this code). + * + * You should have received a copy of the GNU Lesser General Public License + * version 3 along with OpenOffice.org. If not, see + * <http://www.openoffice.org/license.html> + * for a copy of the LGPLv3 License. + * + ************************************************************************/ + +#ifndef _XMLSECURITY_BIGINTEGER_HXX +#define _XMLSECURITY_BIGINTEGER_HXX + +#include <sal/config.h> +#include <rtl/ustring.hxx> + +rtl::OUString certificateValidityToOUString( ::sal_Int32 certValidity ) ; + +#endif + diff --git a/xmlsecurity/inc/xmlsecurity/digitalsignaturesdialog.hxx b/xmlsecurity/inc/xmlsecurity/digitalsignaturesdialog.hxx new file mode 100644 index 000000000000..4d48aad47555 --- /dev/null +++ b/xmlsecurity/inc/xmlsecurity/digitalsignaturesdialog.hxx @@ -0,0 +1,150 @@ +/************************************************************************* + * + * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. + * + * Copyright 2000, 2010 Oracle and/or its affiliates. + * + * OpenOffice.org - a multi-platform office productivity suite + * + * This file is part of OpenOffice.org. + * + * OpenOffice.org is free software: you can redistribute it and/or modify + * it under the terms of the GNU Lesser General Public License version 3 + * only, as published by the Free Software Foundation. + * + * OpenOffice.org is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU Lesser General Public License version 3 for more details + * (a copy is included in the LICENSE file that accompanied this code). + * + * You should have received a copy of the GNU Lesser General Public License + * version 3 along with OpenOffice.org. If not, see + * <http://www.openoffice.org/license.html> + * for a copy of the LGPLv3 License. + * + ************************************************************************/ + +#ifndef _XMLSECURITY_DIGITALSIGNATURESDIALOG_HXX +#define _XMLSECURITY_DIGITALSIGNATURESDIALOG_HXX + +#include <vcl/dialog.hxx> +#include <vcl/fixed.hxx> +#include <vcl/button.hxx> +#include <svtools/stdctrl.hxx> +#include <svx/simptabl.hxx> +#include <com/sun/star/beans/PropertyValue.hpp> + +#include <xmlsecurity/documentsignaturehelper.hxx> +#include <xmlsecurity/xmlsignaturehelper.hxx> + + +#ifndef _STLP_VECTOR +#include <vector> +#endif + +namespace com { +namespace sun { +namespace star { +namespace lang { + class XMultiServiceFactory; } +namespace io { + class XStream; } +namespace embed { + class XStorage; } +namespace xml { namespace dom { + class XDocumentBuilder; } } +}}} + +namespace css = com::sun::star; +namespace cssu = com::sun::star::uno; + +class HeaderBar; + +class DigitalSignaturesDialog : public ModalDialog +{ +private: + cssu::Reference< cssu::XComponentContext >& mxCtx; + XMLSignatureHelper maSignatureHelper; + + css::uno::Reference < css::embed::XStorage > mxStore; + css::uno::Reference < css::io::XStream > mxSignatureStream; + css::uno::Reference < css::io::XStream > mxTempSignatureStream; + SignatureInformations maCurrentSignatureInformations; + bool mbVerifySignatures; + bool mbSignaturesChanged; + DocumentSignatureMode meSignatureMode; + css::uno::Sequence < css::uno::Sequence < css::beans::PropertyValue > > m_manifest; + + FixedText maHintDocFT; + FixedText maHintBasicFT; + FixedText maHintPackageFT; + SvxSimpleTable maSignaturesLB; // PB 2006/02/02 #i48648 now SvHeaderTabListBox + FixedImage maSigsValidImg; + FixedInfo maSigsValidFI; + FixedImage maSigsInvalidImg; + FixedInfo maSigsInvalidFI; + FixedImage maSigsNotvalidatedImg; + FixedInfo maSigsNotvalidatedFI; + FixedInfo maSigsOldSignatureFI; + + PushButton maViewBtn; + PushButton maAddBtn; + PushButton maRemoveBtn; + + FixedLine maBottomSepFL; + OKButton maOKBtn; + HelpButton maHelpBtn; + + ::rtl::OUString m_sODFVersion; + //Signals if the document contains already a document signature. This is only + //importent when we are signing macros and if the value is true. + bool m_bHasDocumentSignature; + bool m_bWarningShowSignMacro; + + DECL_LINK( ViewButtonHdl, Button* ); + DECL_LINK( AddButtonHdl, Button* ); + DECL_LINK( RemoveButtonHdl, Button* ); + DECL_LINK( SignatureHighlightHdl, void* ); + DECL_LINK( SignatureSelectHdl, void* ); + DECL_LINK( StartVerifySignatureHdl, void* ); + DECL_LINK( OKButtonHdl, void* ); + + void ImplGetSignatureInformations(bool bUseTempStream); + void ImplFillSignaturesBox(); + void ImplShowSignaturesDetails(); + SignatureStreamHelper ImplOpenSignatureStream( sal_Int32 eStreamMode, bool bTempStream ); + + //Checks if adding is allowed. + //See the spec at specs/www/appwide/security/Electronic_Signatures_and_Security.sxw + //(6.6.2)Behaviour with regard to ODF 1.2 + bool canAdd(); + bool canRemove(); + + //Checks if a particular stream is a valid xml stream. Those are treated differently + //when they are signed (c14n transformation) + bool isXML(const ::rtl::OUString& rURI ); + bool canAddRemove(); + +public: + DigitalSignaturesDialog( Window* pParent, cssu::Reference< + cssu::XComponentContext >& rxCtx, DocumentSignatureMode eMode, + sal_Bool bReadOnly, const ::rtl::OUString& sODFVersion, bool bHasDocumentSignature); + ~DigitalSignaturesDialog(); + + // Initialize the dialog and the security environment, returns TRUE on success + BOOL Init( const rtl::OUString& rTokenName ); + + // Set the storage which should be signed or verified + void SetStorage( const cssu::Reference < css::embed::XStorage >& rxStore ); + void SetSignatureStream( const cssu::Reference < css::io::XStream >& rxStream ); + + // Execute the dialog... + short Execute(); + + // Did signatures change? + sal_Bool SignaturesChanged() const { return mbSignaturesChanged; } +}; + +#endif // _XMLSECURITY_DIGITALSIGNATURESDIALOG_HXX + diff --git a/xmlsecurity/inc/xmlsecurity/documentsignaturehelper.hxx b/xmlsecurity/inc/xmlsecurity/documentsignaturehelper.hxx new file mode 100644 index 000000000000..14d6a160bd01 --- /dev/null +++ b/xmlsecurity/inc/xmlsecurity/documentsignaturehelper.hxx @@ -0,0 +1,103 @@ +/************************************************************************* + * + * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. + * + * Copyright 2000, 2010 Oracle and/or its affiliates. + * + * OpenOffice.org - a multi-platform office productivity suite + * + * This file is part of OpenOffice.org. + * + * OpenOffice.org is free software: you can redistribute it and/or modify + * it under the terms of the GNU Lesser General Public License version 3 + * only, as published by the Free Software Foundation. + * + * OpenOffice.org is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU Lesser General Public License version 3 for more details + * (a copy is included in the LICENSE file that accompanied this code). + * + * You should have received a copy of the GNU Lesser General Public License + * version 3 along with OpenOffice.org. If not, see + * <http://www.openoffice.org/license.html> + * for a copy of the LGPLv3 License. + * + ************************************************************************/ + +#ifndef _XMLSECURITY_DOCUMENTSIGNATUREHELPER_HXX +#define _XMLSECURITY_DOCUMENTSIGNATUREHELPER_HXX + +#include <com/sun/star/uno/Reference.h> +#include <rtl/ustring.hxx> +#include "xmlsecurity/sigstruct.hxx" + +#ifndef _STLP_VECTOR +#include <vector> +#endif + + +namespace com { +namespace sun { +namespace star { +namespace io { + class XStream; } +namespace embed { + class XStorage; } +}}} + +namespace css = com::sun::star; + + +/********************************************************** + DocumentSignatureHelper + + Helper class for signing and verifieng document signatures + + Functions: + 1. help to create a list of content to be signed/verified + + **********************************************************/ + +enum DocumentSignatureMode { SignatureModeDocumentContent, SignatureModeMacros, SignatureModePackage }; + +enum DocumentSignatureAlgorithm +{ + OOo2Document, + OOo3_0Document, + OOo3_2Document +}; + +struct SignatureStreamHelper +{ + css::uno::Reference < css::embed::XStorage > xSignatureStorage; + css::uno::Reference < css::io::XStream > xSignatureStream; +}; + + +class DocumentSignatureHelper +{ +public: + + static SignatureStreamHelper OpenSignatureStream( + const css::uno::Reference < css::embed::XStorage >& rxStore, sal_Int32 nOpenMode, + DocumentSignatureMode eDocSigMode ); + static std::vector< rtl::OUString > CreateElementList( + const css::uno::Reference < css::embed::XStorage >& rxStore, + const ::rtl::OUString rRootStorageName, DocumentSignatureMode eMode, + const DocumentSignatureAlgorithm mode); + static bool isODFPre_1_2(const ::rtl::OUString & sODFVersion); + static bool isOOo3_2_Signature(const SignatureInformation & sigInfo); + static DocumentSignatureAlgorithm getDocumentAlgorithm( + const ::rtl::OUString & sODFVersion, const SignatureInformation & sigInfo); + static bool checkIfAllFilesAreSigned( const ::std::vector< ::rtl::OUString > & sElementList, + const SignatureInformation & sigInfo, const DocumentSignatureAlgorithm alg); + static bool equalsReferenceUriManifestPath( + const ::rtl::OUString & rUri, const ::rtl::OUString & rPath); + static ::rtl::OUString GetDocumentContentSignatureDefaultStreamName(); + static ::rtl::OUString GetScriptingContentSignatureDefaultStreamName(); + static ::rtl::OUString GetPackageSignatureDefaultStreamName(); + +}; + +#endif // _XMLSECURITY_XMLSIGNATUREHELPER_HXX diff --git a/xmlsecurity/inc/xmlsecurity/global.hrc b/xmlsecurity/inc/xmlsecurity/global.hrc new file mode 100644 index 000000000000..57a9a95e88b3 --- /dev/null +++ b/xmlsecurity/inc/xmlsecurity/global.hrc @@ -0,0 +1,49 @@ +/************************************************************************* + * + * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. + * + * Copyright 2000, 2010 Oracle and/or its affiliates. + * + * OpenOffice.org - a multi-platform office productivity suite + * + * This file is part of OpenOffice.org. + * + * OpenOffice.org is free software: you can redistribute it and/or modify + * it under the terms of the GNU Lesser General Public License version 3 + * only, as published by the Free Software Foundation. + * + * OpenOffice.org is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU Lesser General Public License version 3 for more details + * (a copy is included in the LICENSE file that accompanied this code). + * + * You should have received a copy of the GNU Lesser General Public License + * version 3 along with OpenOffice.org. If not, see + * <http://www.openoffice.org/license.html> + * for a copy of the LGPLv3 License. + * + ************************************************************************/ + +#ifndef _XMLSEC_GLOBAL_HRC +#define _XMLSEC_GLOBAL_HRC + +// global resource ids + +#define RID_XMLSECDLG_DIGSIG 1000 +#define RID_XMLSECDLG_CERTCHOOSER 1001 +#define RID_XMLSECDLG_CERTVIEWER 1002 +#define RID_XMLSECTP_GENERAL 1003 +#define RID_XMLSECTP_DETAILS 1004 +#define RID_XMLSECTP_CERTPATH 1005 +#define RID_XMLSECTP_MACROSEC 1006 +#define RID_XMLSECTP_SECLEVEL 1007 +#define RID_XMLSECTP_TRUSTSOURCES 1008 +#define RID_XMLSECTP_MACROWARN 1009 +#define RID_XMLSECTP_READONLY_CONFIG_TIP 1010 +#define RID_XMLSECTP_LOCK 1011 +#define RID_XMLSECTP_LOCK_HC 1012 +#define RID_XMLSECWB_NO_MOZILLA_PROFILE 1013 + +#endif + diff --git a/xmlsecurity/inc/xmlsecurity/macrosecurity.hxx b/xmlsecurity/inc/xmlsecurity/macrosecurity.hxx new file mode 100644 index 000000000000..2b4b57c00425 --- /dev/null +++ b/xmlsecurity/inc/xmlsecurity/macrosecurity.hxx @@ -0,0 +1,175 @@ +/************************************************************************* + * + * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. + * + * Copyright 2000, 2010 Oracle and/or its affiliates. + * + * OpenOffice.org - a multi-platform office productivity suite + * + * This file is part of OpenOffice.org. + * + * OpenOffice.org is free software: you can redistribute it and/or modify + * it under the terms of the GNU Lesser General Public License version 3 + * only, as published by the Free Software Foundation. + * + * OpenOffice.org is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU Lesser General Public License version 3 for more details + * (a copy is included in the LICENSE file that accompanied this code). + * + * You should have received a copy of the GNU Lesser General Public License + * version 3 along with OpenOffice.org. If not, see + * <http://www.openoffice.org/license.html> + * for a copy of the LGPLv3 License. + * + ************************************************************************/ + +#ifndef _XMLSECURITY_MACROSECURITY_HXX +#define _XMLSECURITY_MACROSECURITY_HXX + +#include <vcl/fixed.hxx> +#include <vcl/button.hxx> +#include <vcl/lstbox.hxx> +#include <vcl/tabdlg.hxx> +#include <vcl/tabctrl.hxx> +#include <vcl/tabpage.hxx> +#include <svtools/stdctrl.hxx> +#include <svx/simptabl.hxx> +#include <unotools/securityoptions.hxx> + +namespace com { +namespace sun { +namespace star { +namespace xml { namespace crypto { + class XSecurityEnvironment; }} +}}} + +namespace css = com::sun::star; +namespace cssu = com::sun::star::uno; +namespace dcss = ::com::sun::star; + +class MacroSecurityTP; + +class ReadOnlyImage : public FixedImage +{ +public: + ReadOnlyImage(Window* pParent, const ResId rResId); + ~ReadOnlyImage(); + + virtual void RequestHelp( const HelpEvent& rHEvt ); + static const String& GetHelpTip(); +}; + +class MacroSecurity : public TabDialog +{ +private: + friend class MacroSecurityLevelTP; + friend class MacroSecurityTrustedSourcesTP; + + TabControl maTabCtrl; + OKButton maOkBtn; + CancelButton maCancelBtn; + HelpButton maHelpBtn; + PushButton maResetBtn; + + cssu::Reference< cssu::XComponentContext > mxCtx; + cssu::Reference< dcss::xml::crypto::XSecurityEnvironment > mxSecurityEnvironment; + SvtSecurityOptions maSecOptions; + + MacroSecurityTP* mpLevelTP; + MacroSecurityTP* mpTrustSrcTP; + + DECL_LINK( OkBtnHdl, void* ); +public: + MacroSecurity( Window* pParent, const cssu::Reference< cssu::XComponentContext>& rxCtx, const cssu::Reference< dcss::xml::crypto::XSecurityEnvironment >& rxSecurityEnvironment ); + virtual ~MacroSecurity(); + + inline void EnableReset( bool _bEnable = true ); +}; + +inline void MacroSecurity::EnableReset( bool _bEnable ) +{ + maResetBtn.Enable ( _bEnable ); +} + +class MacroSecurityTP : public TabPage +{ +protected: + MacroSecurity* mpDlg; +public: + MacroSecurityTP( Window* _pParent, const ResId& _rResId, MacroSecurity* _pDlg ); + inline void SetTabDlg( MacroSecurity* pTabDlg ); + + virtual void ClosePage( void ) = 0; +}; + +inline void MacroSecurityTP::SetTabDlg( MacroSecurity* _pTabDlg ) +{ + mpDlg = _pTabDlg; +} + + +class MacroSecurityLevelTP : public MacroSecurityTP +{ +private: + FixedLine maSecLevelFL; + ReadOnlyImage maSecReadonlyFI; + RadioButton maVeryHighRB; + RadioButton maHighRB; + RadioButton maMediumRB; + RadioButton maLowRB; + + USHORT mnCurLevel; + +protected: + DECL_LINK( RadioButtonHdl, RadioButton* ); + +public: + MacroSecurityLevelTP( Window* pParent, MacroSecurity* _pDlg ); + + virtual void ClosePage( void ); +}; + + +class MacroSecurityTrustedSourcesTP : public MacroSecurityTP +{ +private: + FixedLine maTrustCertFL; + ReadOnlyImage maTrustCertROFI; + SvxSimpleTable maTrustCertLB; // PB 2006/02/02 #i48648 now SvHeaderTabListBox + PushButton maAddCertPB; + PushButton maViewCertPB; + PushButton maRemoveCertPB; + FixedLine maTrustFileLocFL; + ReadOnlyImage maTrustFileROFI; + FixedInfo maTrustFileLocFI; + ListBox maTrustFileLocLB; + PushButton maAddLocPB; + PushButton maRemoveLocPB; + + cssu::Sequence< SvtSecurityOptions::Certificate > maTrustedAuthors; + + sal_Bool mbAuthorsReadonly; + sal_Bool mbURLsReadonly; + + DECL_LINK( ViewCertPBHdl, void* ); + DECL_LINK( RemoveCertPBHdl, void* ); + DECL_LINK( AddLocPBHdl, void* ); + DECL_LINK( RemoveLocPBHdl, void* ); + DECL_LINK( TrustCertLBSelectHdl, void* ); + DECL_LINK( TrustFileLocLBSelectHdl, void* ); + + void FillCertLB( void ); + void ImplCheckButtons(); + +public: + MacroSecurityTrustedSourcesTP( Window* pParent, MacroSecurity* _pDlg ); + + virtual void ActivatePage(); + virtual void ClosePage( void ); +}; + + +#endif // _XMLSECURITY_MACROSECURITY_HXX + diff --git a/xmlsecurity/inc/xmlsecurity/sigstruct.hxx b/xmlsecurity/inc/xmlsecurity/sigstruct.hxx new file mode 100644 index 000000000000..345380835d70 --- /dev/null +++ b/xmlsecurity/inc/xmlsecurity/sigstruct.hxx @@ -0,0 +1,112 @@ +/************************************************************************* + * + * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. + * + * Copyright 2000, 2010 Oracle and/or its affiliates. + * + * OpenOffice.org - a multi-platform office productivity suite + * + * This file is part of OpenOffice.org. + * + * OpenOffice.org is free software: you can redistribute it and/or modify + * it under the terms of the GNU Lesser General Public License version 3 + * only, as published by the Free Software Foundation. + * + * OpenOffice.org is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU Lesser General Public License version 3 for more details + * (a copy is included in the LICENSE file that accompanied this code). + * + * You should have received a copy of the GNU Lesser General Public License + * version 3 along with OpenOffice.org. If not, see + * <http://www.openoffice.org/license.html> + * for a copy of the LGPLv3 License. + * + ************************************************************************/ + +#ifndef _SIGSTRUCT_HXX +#define _SIGSTRUCT_HXX + +#include <rtl/ustring.hxx> +#include <com/sun/star/util/DateTime.hpp> + +#include <com/sun/star/xml/crypto/SecurityOperationStatus.hpp> + +#ifndef INCLUDED_VECTOR +#include <vector> +#define INCLUDED_VECTOR +#endif + +/* + * signature status + */ +/* +#define STATUS_INIT 0 +#define STATUS_CREATION_SUCCEED 1 +#define STATUS_CREATION_FAIL 2 +#define STATUS_VERIFY_SUCCEED 3 +#define STATUS_VERIFY_FAIL 4 +*/ + +/* + * type of reference + */ +#define TYPE_SAMEDOCUMENT_REFERENCE 1 +#define TYPE_BINARYSTREAM_REFERENCE 2 +#define TYPE_XMLSTREAM_REFERENCE 3 + +struct SignatureReferenceInformation +{ + sal_Int32 nType; + rtl::OUString ouURI; + rtl::OUString ouDigestValue; + + SignatureReferenceInformation( sal_Int32 type, rtl::OUString uri ) + { + nType = type; + ouURI = uri; + } +}; + +typedef ::std::vector< SignatureReferenceInformation > SignatureReferenceInformations; + +struct SignatureInformation +{ + sal_Int32 nSecurityId; + sal_Int32 nSecurityEnvironmentIndex; + ::com::sun::star::xml::crypto::SecurityOperationStatus nStatus; + SignatureReferenceInformations vSignatureReferenceInfors; + rtl::OUString ouX509IssuerName; + rtl::OUString ouX509SerialNumber; + rtl::OUString ouX509Certificate; + rtl::OUString ouSignatureValue; + ::com::sun::star::util::DateTime stDateTime; + + //We also keep the date and time as string. This is done when this + //structure is created as a result of a XML signature being read. + //When then a signature is added or another removed, then the original + //XML signatures are written again (unless they have been removed). + //If the date time string is converted into the DateTime structure + //then information can be lost because it only holds a fractional + //of a second with a accuracy of one hundredth of second. + //If the string contains + //milli seconds (because the document was created by an application other than OOo) + //and the converted time is written back, then the string looks different + //and the signature is broken. + rtl::OUString ouDateTime; + rtl::OUString ouSignatureId; + rtl::OUString ouPropertyId; + + SignatureInformation( sal_Int32 nId ) + { + nSecurityId = nId; + nStatus = ::com::sun::star::xml::crypto::SecurityOperationStatus_UNKNOWN; + nSecurityEnvironmentIndex = -1; + } +}; + +typedef ::std::vector< SignatureInformation > SignatureInformations; + +#endif + diff --git a/xmlsecurity/inc/xmlsecurity/stbcontrl.hxx b/xmlsecurity/inc/xmlsecurity/stbcontrl.hxx new file mode 100644 index 000000000000..b10465db2208 --- /dev/null +++ b/xmlsecurity/inc/xmlsecurity/stbcontrl.hxx @@ -0,0 +1,57 @@ +/************************************************************************* + * + * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. + * + * Copyright 2000, 2010 Oracle and/or its affiliates. + * + * OpenOffice.org - a multi-platform office productivity suite + * + * This file is part of OpenOffice.org. + * + * OpenOffice.org is free software: you can redistribute it and/or modify + * it under the terms of the GNU Lesser General Public License version 3 + * only, as published by the Free Software Foundation. + * + * OpenOffice.org is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU Lesser General Public License version 3 for more details + * (a copy is included in the LICENSE file that accompanied this code). + * + * You should have received a copy of the GNU Lesser General Public License + * version 3 along with OpenOffice.org. If not, see + * <http://www.openoffice.org/license.html> + * for a copy of the LGPLv3 License. + * + ************************************************************************/ + +#ifndef _XMLSECURITY_STBCONTRL_HXX +#define _XMLSECURITY_STBCONTRL_HXX + +#include <sfx2/stbitem.hxx> + + +class SvxSizeItem; + +// class SvxPosSizeToolBoxControl ---------------------------------------- + +class XmlSecStatusBarControl : public SfxStatusBarControl +{ +private: + struct XmlSecStatusBarControl_Impl; + + XmlSecStatusBarControl_Impl* mpImpl; + +public: + SFX_DECL_STATUSBAR_CONTROL(); + + XmlSecStatusBarControl( USHORT _nId, StatusBar& _rStb, SfxBindings& _rBind ); + ~XmlSecStatusBarControl(); + + virtual void StateChanged( USHORT nSID, SfxItemState eState, const SfxPoolItem* pState ); + virtual void Paint( const UserDrawEvent& rEvt ); + virtual void Command( const CommandEvent& rCEvt ); +}; + +#endif + diff --git a/xmlsecurity/inc/xmlsecurity/warnings.hxx b/xmlsecurity/inc/xmlsecurity/warnings.hxx new file mode 100644 index 000000000000..a8f0b033616d --- /dev/null +++ b/xmlsecurity/inc/xmlsecurity/warnings.hxx @@ -0,0 +1,89 @@ +/************************************************************************* + * + * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. + * + * Copyright 2000, 2010 Oracle and/or its affiliates. + * + * OpenOffice.org - a multi-platform office productivity suite + * + * This file is part of OpenOffice.org. + * + * OpenOffice.org is free software: you can redistribute it and/or modify + * it under the terms of the GNU Lesser General Public License version 3 + * only, as published by the Free Software Foundation. + * + * OpenOffice.org is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU Lesser General Public License version 3 for more details + * (a copy is included in the LICENSE file that accompanied this code). + * + * You should have received a copy of the GNU Lesser General Public License + * version 3 along with OpenOffice.org. If not, see + * <http://www.openoffice.org/license.html> + * for a copy of the LGPLv3 License. + * + ************************************************************************/ + +#ifndef _XMLSECURITY_WARNINGS_HXX +#define _XMLSECURITY_WARNINGS_HXX + +#include <vcl/dialog.hxx> +#include <svtools/stdctrl.hxx> +#include <vcl/button.hxx> +#include <svx/simptabl.hxx> + +namespace com { +namespace sun { +namespace star { +namespace security { + class XCertificate; } +namespace xml { namespace crypto { + class XSecurityEnvironment; }} +}}} + +#include <com/sun/star/uno/Sequence.hxx> +#include <xmlsecurity/sigstruct.hxx> + +namespace css = com::sun::star; +namespace cssu = com::sun::star::uno; +namespace dcss = ::com::sun::star; + +class HeaderBar; + +class MacroWarning : public ModalDialog +{ +private: + // XSecurityEnvironment is needed for building the certification path + cssu::Reference< dcss::xml::crypto::XSecurityEnvironment > mxSecurityEnvironment; + +// cssu::Sequence< cssu::Reference< dcss::security::XCertificate > > maCerts; + cssu::Reference< dcss::security::XCertificate > mxCert; + +// FixedImage maQuestionMarkFI; + FixedInfo maDocNameFI; + FixedInfo maDescr1aFI; + FixedInfo maDescr1bFI; + FixedInfo maSignsFI; + PushButton maViewSignsBtn; + FixedInfo maDescr2FI; + CheckBox maAlwaysTrustCB; + FixedLine maBottomSepFL; + PushButton maEnableBtn; + CancelButton maDisableBtn; + HelpButton maHelpBtn; + + const bool mbSignedMode; // modus of dialog (signed / unsigned macros) + + DECL_LINK( ViewSignsBtnHdl, void* ); + DECL_LINK( EnableBtnHdl, void* ); +// DECL_LINK( DisableBtnHdl, void* ); + +public: + MacroWarning( Window* pParent, cssu::Reference< dcss::xml::crypto::XSecurityEnvironment >& _rxSecurityEnvironment, cssu::Reference< dcss::security::XCertificate >& _rxCert ); + MacroWarning( Window* pParent ); + ~MacroWarning(); +}; + +#endif + diff --git a/xmlsecurity/inc/xmlsecurity/xmlsignaturehelper.hxx b/xmlsecurity/inc/xmlsecurity/xmlsignaturehelper.hxx new file mode 100644 index 000000000000..4869b4728567 --- /dev/null +++ b/xmlsecurity/inc/xmlsecurity/xmlsignaturehelper.hxx @@ -0,0 +1,207 @@ +/************************************************************************* + * + * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. + * + * Copyright 2000, 2010 Oracle and/or its affiliates. + * + * OpenOffice.org - a multi-platform office productivity suite + * + * This file is part of OpenOffice.org. + * + * OpenOffice.org is free software: you can redistribute it and/or modify + * it under the terms of the GNU Lesser General Public License version 3 + * only, as published by the Free Software Foundation. + * + * OpenOffice.org is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU Lesser General Public License version 3 for more details + * (a copy is included in the LICENSE file that accompanied this code). + * + * You should have received a copy of the GNU Lesser General Public License + * version 3 along with OpenOffice.org. If not, see + * <http://www.openoffice.org/license.html> + * for a copy of the LGPLv3 License. + * + ************************************************************************/ + +#ifndef _XMLSECURITY_XMLSIGNATUREHELPER_HXX +#define _XMLSECURITY_XMLSIGNATUREHELPER_HXX + +#ifndef _STLP_VECTOR +#include <vector> +#endif + +#include <tools/link.hxx> + +#include <rtl/ustring.hxx> + +#include <xmlsecurity/sigstruct.hxx> + +#include <com/sun/star/uno/XComponentContext.hpp> +#include <com/sun/star/xml/sax/XDocumentHandler.hpp> +#include <com/sun/star/xml/crypto/XUriBinding.hpp> +#include <com/sun/star/xml/crypto/XSEInitializer.hpp> +#include <com/sun/star/xml/crypto/sax/XSecurityController.hpp> +#include <com/sun/star/xml/crypto/sax/XSignatureCreationResultListener.hpp> +#include <com/sun/star/xml/crypto/sax/XSignatureVerifyResultListener.hpp> + +class XSecController; +class Date; +class Time; + +namespace com { +namespace sun { +namespace star { +namespace io { + class XOutputStream; + class XInputStream; } +namespace embed { + class XStorage; } +}}} + +struct XMLSignatureCreationResult +{ + sal_Int32 nSecurityId; + com::sun::star::xml::crypto::SecurityOperationStatus nSignatureCreationResult; + + XMLSignatureCreationResult( sal_Int32 nId, com::sun::star::xml::crypto::SecurityOperationStatus nResult ) + { + nSecurityId = nId; + nSignatureCreationResult = nResult; + } +}; + +struct XMLSignatureVerifyResult +{ + sal_Int32 nSecurityId; + com::sun::star::xml::crypto::SecurityOperationStatus nSignatureVerifyResult; + + XMLSignatureVerifyResult( sal_Int32 nId, com::sun::star::xml::crypto::SecurityOperationStatus nResult ) + { + nSecurityId = nId; + nSignatureVerifyResult = nResult; + } +}; + +typedef ::std::vector<XMLSignatureCreationResult> XMLSignatureCreationResults; +typedef ::std::vector<XMLSignatureVerifyResult> XMLSignatureVerifyResults; + + + +/********************************************************** + XMLSignatureHelper + + Helper class for the XML Security framework + + Functions: + 1. help to create a security context; + 2. help to listen signature creation result; + 3. help to listen signature verify result; + 4. help to indicate which signature to verify. + + **********************************************************/ + +class XMLSignatureHelper +{ +private: + ::com::sun::star::uno::Reference< com::sun::star::uno::XComponentContext > mxCtx; + ::com::sun::star::uno::Reference< com::sun::star::xml::crypto::sax::XSecurityController > mxSecurityController; + ::com::sun::star::uno::Reference< com::sun::star::xml::crypto::XUriBinding > mxUriBinding; + + ::com::sun::star::uno::Reference< com::sun::star::xml::crypto::XSEInitializer > mxSEInitializer; + ::com::sun::star::uno::Reference< com::sun::star::xml::crypto::XXMLSecurityContext > mxSecurityContext; + + XMLSignatureCreationResults maCreationResults; + XMLSignatureVerifyResults maVerifyResults; + XSecController* mpXSecController; + bool mbError; + bool mbODFPre1_2; + Link maStartVerifySignatureHdl; + +private: + void ImplCreateSEInitializer(); + DECL_LINK( SignatureCreationResultListener, XMLSignatureCreationResult*); + DECL_LINK( SignatureVerifyResultListener, XMLSignatureVerifyResult* ); + DECL_LINK( StartVerifySignatureElement, const com::sun::star::uno::Reference< com::sun::star::xml::sax::XAttributeList >* ); + + // Not allowed: + XMLSignatureHelper(const XMLSignatureHelper&); + +public: + XMLSignatureHelper(const com::sun::star::uno::Reference< com::sun::star::uno::XComponentContext >& mrCtx ); + ~XMLSignatureHelper(); + + // Initialize the security context with given crypto token. + // Empty string means default crypto token. + // Returns true for success. + bool Init( const rtl::OUString& rTokenPath ); + + // Set UriBinding to create input streams to open files. + // Default implementation is capable to open files from disk. + void SetUriBinding( com::sun::star::uno::Reference< com::sun::star::xml::crypto::XUriBinding >& rxUriBinding ); + com::sun::star::uno::Reference< com::sun::star::xml::crypto::XUriBinding > GetUriBinding() const; + + // Set the storage which should be used by the default UriBinding + // Must be set before StatrtMission(). + //sODFVersion indicates the ODF version + void SetStorage( const com::sun::star::uno::Reference < com::sun::star::embed::XStorage >& rxStorage, ::rtl::OUString sODFVersion ); + + // Argument for the Link is a uno::Reference< xml::sax::XAttributeList >* + // Return 1 to verify, 0 to skip. + // Default handler will verify all. + void SetStartVerifySignatureHdl( const Link& rLink ); + + // Get the security environment + ::com::sun::star::uno::Reference< ::com::sun::star::xml::crypto::XSecurityEnvironment > GetSecurityEnvironment(); + ::com::sun::star::uno::Reference< ::com::sun::star::xml::crypto::XSecurityEnvironment > GetSecurityEnvironmentByIndex(sal_Int32 nId); + sal_Int32 GetSecurityEnvironmentNumber(); + + // After signing/veryfieng, get information about signatures + SignatureInformation GetSignatureInformation( sal_Int32 nSecurityId ) const; + SignatureInformations GetSignatureInformations() const; + + // See XSecController for documentation + void StartMission(); + void EndMission(); + sal_Int32 GetNewSecurityId(); + /** sets data that describes the certificate. + + It is absolutely necessary that the parameter ouX509IssuerName is set. It contains + the base64 encoded certificate, which is DER encoded. The XMLSec needs it to find + the private key. Although issuer name and certificate should be sufficient to identify + the certificate the implementation in XMLSec is broken, both for Windows and mozilla. + The reason is that they use functions to find the certificate which take as parameter + the DER encoded ASN.1 issuer name. The issuer name is a DName, where most attributes + are of type DirectoryName, which is a choice of 5 string types. This information is + not contained in the issuer string and while it is converted to the ASN.1 name the + conversion function must assume a particular type, which is often wrong. For example, + the Windows function CertStrToName will use a T.61 string if the string does not contain + special characters. So if the certificate uses simple characters but encodes the + issuer attributes in Utf8, then CertStrToName will use T.61. The resulting DER encoded + ASN.1 name now contains different bytes which indicate the string type. The functions + for finding the certificate apparently use memcmp - hence they fail to find the + certificate. + */ + void SetX509Certificate(sal_Int32 nSecurityId, const rtl::OUString& ouX509IssuerName, + const rtl::OUString& ouX509SerialNumber, const rtl::OUString& ouX509Cert); + + void SetX509Certificate(sal_Int32 nSecurityId, sal_Int32 nSecurityEnvironmentIndex, + const rtl::OUString& ouX509IssuerName, const rtl::OUString& ouX509SerialNumber, + const rtl::OUString& ouX509Cert); + void SetDateTime( sal_Int32 nSecurityId, const Date& rDate, const Time& rTime ); + + void AddForSigning( sal_Int32 securityId, const rtl::OUString& uri, const rtl::OUString& objectURL, sal_Bool bBinary ); + bool CreateAndWriteSignature( const com::sun::star::uno::Reference< com::sun::star::xml::sax::XDocumentHandler >& xDocumentHandler ); + bool CreateAndWriteSignature( const com::sun::star::uno::Reference< com::sun::star::io::XOutputStream >& xOutputStream ); + bool ReadAndVerifySignature( const com::sun::star::uno::Reference< com::sun::star::io::XInputStream >& xInputStream ); + + // MT: ??? I think only for adding/removing, not for new signatures... + // MM: Yes, but if you want to insert a new signature into an existing signature file, those function + // will be very usefull, see Mission 3 in the new "multisigdemo" program :-) + ::com::sun::star::uno::Reference< ::com::sun::star::xml::sax::XDocumentHandler> CreateDocumentHandlerWithHeader( const com::sun::star::uno::Reference< com::sun::star::io::XOutputStream >& xOutputStream ); + void CloseDocumentHandler( const ::com::sun::star::uno::Reference< com::sun::star::xml::sax::XDocumentHandler>& xDocumentHandler ); + void ExportSignature( const com::sun::star::uno::Reference< com::sun::star::xml::sax::XDocumentHandler >& xDocumentHandler, const SignatureInformation& signatureInfo ); +}; + +#endif // _XMLSECURITY_XMLSIGNATUREHELPER_HXX |