diff options
Diffstat (limited to 'xmlsecurity/source/gpg')
| -rw-r--r-- | xmlsecurity/source/gpg/CertificateImpl.cxx | 52 | ||||
| -rw-r--r-- | xmlsecurity/source/gpg/CertificateImpl.hxx | 3 | ||||
| -rw-r--r-- | xmlsecurity/source/gpg/SecurityEnvironment.cxx | 9 | ||||
| -rw-r--r-- | xmlsecurity/source/gpg/xmlsignature_gpgimpl.cxx | 4 |
4 files changed, 54 insertions, 14 deletions
diff --git a/xmlsecurity/source/gpg/CertificateImpl.cxx b/xmlsecurity/source/gpg/CertificateImpl.cxx index 9dd988d05d9f..c0f48e309c7c 100644 --- a/xmlsecurity/source/gpg/CertificateImpl.cxx +++ b/xmlsecurity/source/gpg/CertificateImpl.cxx @@ -10,9 +10,14 @@ #include "CertificateImpl.hxx" #include <comphelper/servicehelper.hxx> +#include <comphelper/sequence.hxx> #include <com/sun/star/security/KeyUsage.hpp> +#include <gpgme.h> +#include <context.h> +#include <data.h> + using namespace css; using namespace css::uno; using namespace css::security; @@ -25,6 +30,7 @@ CertificateImpl::CertificateImpl() : CertificateImpl::~CertificateImpl() { + // TODO: cleanup key } //Methods from XCertificateImpl @@ -35,8 +41,10 @@ sal_Int16 SAL_CALL CertificateImpl::getVersion() Sequence< sal_Int8 > SAL_CALL CertificateImpl::getSerialNumber() { - // Empty for gpg - return Sequence< sal_Int8 > (); + // This is mapped to the fingerprint for gpg + const char* keyId = m_pKey.primaryFingerprint(); + return comphelper::arrayToSequence<sal_Int8>( + keyId, strlen(keyId)); } OUString SAL_CALL CertificateImpl::getIssuerName() @@ -113,8 +121,8 @@ Reference< XCertificateExtension > SAL_CALL CertificateImpl::findCertificateExte Sequence< sal_Int8 > SAL_CALL CertificateImpl::getEncoded() { - // Empty for gpg - return Sequence< sal_Int8 > (); + // Export key to base64Empty for gpg + return m_aBits; } OUString SAL_CALL CertificateImpl::getSubjectPublicKeyAlgorithm() @@ -146,20 +154,26 @@ OUString SAL_CALL CertificateImpl::getSignatureAlgorithm() Sequence< sal_Int8 > SAL_CALL CertificateImpl::getSHA1Thumbprint() { - // Empty for gpg - return Sequence< sal_Int8 > (); + // This is mapped to the short keyID for gpg + const char* keyId = m_pKey.shortKeyID(); + return comphelper::arrayToSequence<sal_Int8>( + keyId, strlen(keyId)); } uno::Sequence<sal_Int8> CertificateImpl::getSHA256Thumbprint() { - // Empty for gpg - return Sequence< sal_Int8 > (); + // This is mapped to the long keyID for gpg + const char* keyId = m_pKey.keyID(); + return comphelper::arrayToSequence<sal_Int8>( + keyId, strlen(keyId)); } Sequence< sal_Int8 > SAL_CALL CertificateImpl::getMD5Thumbprint() { - // Empty for gpg - return Sequence< sal_Int8 > (); + // This is mapped to the short keyID for gpg + const char* keyId = m_pKey.shortKeyID(); + return comphelper::arrayToSequence<sal_Int8>( + keyId, strlen(keyId)); } CertificateKind SAL_CALL CertificateImpl::getCertificateKind() @@ -192,9 +206,25 @@ const Sequence< sal_Int8>& CertificateImpl::getUnoTunnelId() { return CertificateImplUnoTunnelId::get().getSeq(); } -void CertificateImpl::setCertificate(GpgME::Key key) +void CertificateImpl::setCertificate(GpgME::Context* ctx, const GpgME::Key& key) { m_pKey = key; + + // extract key data, store into m_aBits + GpgME::Data data_out; + ctx->exportPublicKeys(key.keyID(), data_out); + + // TODO: needs some error handling + data_out.seek(0,SEEK_SET); + int len=0, curr=0; char buf; + while( (curr=data_out.read(&buf, 1)) ) + len += curr; + + // write bits to sequence of bytes + m_aBits.realloc(len); + data_out.seek(0,SEEK_SET); + if( data_out.read(m_aBits.getArray(), len) != len ) + throw RuntimeException("The GpgME library failed to initialize for the OpenPGP protocol."); } const GpgME::Key* CertificateImpl::getCertificate() const diff --git a/xmlsecurity/source/gpg/CertificateImpl.hxx b/xmlsecurity/source/gpg/CertificateImpl.hxx index b750993639a7..9db3ab85de14 100644 --- a/xmlsecurity/source/gpg/CertificateImpl.hxx +++ b/xmlsecurity/source/gpg/CertificateImpl.hxx @@ -34,6 +34,7 @@ class CertificateImpl : public cppu::WeakImplHelper< css::security::XCertificate { private: GpgME::Key m_pKey; + css::uno::Sequence< sal_Int8 > m_aBits; public: CertificateImpl(); @@ -81,7 +82,7 @@ public: virtual css::security::CertificateKind getCertificateKind() override; // Helper methods - void setCertificate(GpgME::Key key); + void setCertificate(GpgME::Context* ctx, const GpgME::Key& key); const GpgME::Key* getCertificate() const; } ; diff --git a/xmlsecurity/source/gpg/SecurityEnvironment.cxx b/xmlsecurity/source/gpg/SecurityEnvironment.cxx index 83e6170a98c1..d120b2a985fa 100644 --- a/xmlsecurity/source/gpg/SecurityEnvironment.cxx +++ b/xmlsecurity/source/gpg/SecurityEnvironment.cxx @@ -59,11 +59,13 @@ OUString SecurityEnvironmentGpg::getSecurityEnvironmentInformation() Sequence< Reference < XCertificate > > SecurityEnvironmentGpg::getPersonalCertificates() { + // TODO: move to central init GpgME::initializeLibrary(); GpgME::Error err = GpgME::checkEngine(GpgME::OpenPGP); if (err) throw RuntimeException("The GpgME library failed to initialize for the OpenPGP protocol."); + // TODO: keep that around for SecurityEnvironmentGpg lifetime GpgME::Context* ctx = GpgME::Context::createForProtocol(GpgME::OpenPGP); if (ctx == nullptr) throw RuntimeException("The GpgME library failed to initialize for the OpenPGP protocol."); @@ -79,7 +81,7 @@ Sequence< Reference < XCertificate > > SecurityEnvironmentGpg::getPersonalCertif break; if (!k.isInvalid()) { xCert = new CertificateImpl(); - xCert->setCertificate(k); + xCert->setCertificate(ctx,k); certsList.push_back(xCert); } } @@ -96,11 +98,13 @@ Sequence< Reference < XCertificate > > SecurityEnvironmentGpg::getPersonalCertif Reference< XCertificate > SecurityEnvironmentGpg::getCertificate( const OUString& issuerName, const Sequence< sal_Int8 >& /*serialNumber*/ ) { + // TODO: move to central init GpgME::initializeLibrary(); GpgME::Error err = GpgME::checkEngine(GpgME::OpenPGP); if (err) throw RuntimeException("The GpgME library failed to initialize for the OpenPGP protocol."); + // TODO: keep that around for SecurityEnvironmentGpg lifetime GpgME::Context* ctx = GpgME::Context::createForProtocol(GpgME::OpenPGP); if (ctx == nullptr) throw RuntimeException("The GpgME library failed to initialize for the OpenPGP protocol."); @@ -117,13 +121,14 @@ Reference< XCertificate > SecurityEnvironmentGpg::getCertificate( const OUString break; if (!k.isInvalid()) { xCert = new CertificateImpl(); - xCert->setCertificate(k); + xCert->setCertificate(ctx, k); ctx->endKeyListing(); return xCert; } } ctx->endKeyListing(); + // TODO: cleanup ctx return nullptr; } diff --git a/xmlsecurity/source/gpg/xmlsignature_gpgimpl.cxx b/xmlsecurity/source/gpg/xmlsignature_gpgimpl.cxx index 686258eeca00..b9219f0f3281 100644 --- a/xmlsecurity/source/gpg/xmlsignature_gpgimpl.cxx +++ b/xmlsecurity/source/gpg/xmlsignature_gpgimpl.cxx @@ -171,10 +171,12 @@ SAL_CALL XMLSignature_GpgImpl::generate( throw RuntimeException("The GpgME library failed to initialize for the OpenPGP protocol."); //Sign the template via gpgme + // TODO move init to central place GpgME::initializeLibrary(); if( GpgME::checkEngine(GpgME::OpenPGP) ) throw RuntimeException("The GpgME library failed to initialize for the OpenPGP protocol."); + // TODO get ctx from SecurityEnv? GpgME::Context* ctx = GpgME::Context::createForProtocol(GpgME::OpenPGP); if( ctx == nullptr ) throw RuntimeException("The GpgME library failed to initialize for the OpenPGP protocol."); @@ -315,10 +317,12 @@ SAL_CALL XMLSignature_GpgImpl::validate( throw RuntimeException("The GpgME library failed to initialize for the OpenPGP protocol."); // Validate the template via gpgme + // TODO move init to central place GpgME::initializeLibrary(); if( GpgME::checkEngine(GpgME::OpenPGP) ) throw RuntimeException("The GpgME library failed to initialize for the OpenPGP protocol."); + // TODO get ctx from SecurityEnv? GpgME::Context* ctx = GpgME::Context::createForProtocol(GpgME::OpenPGP); if( ctx == nullptr ) throw RuntimeException("The GpgME library failed to initialize for the OpenPGP protocol."); |