diff options
Diffstat (limited to 'xmlsecurity/source')
109 files changed, 30125 insertions, 0 deletions
diff --git a/xmlsecurity/source/component/certificatecontainer.cxx b/xmlsecurity/source/component/certificatecontainer.cxx new file mode 100644 index 000000000000..dc310d389084 --- /dev/null +++ b/xmlsecurity/source/component/certificatecontainer.cxx @@ -0,0 +1,174 @@ +/************************************************************************* + * + * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. + * + * Copyright 2008 by Sun Microsystems, Inc. + * + * OpenOffice.org - a multi-platform office productivity suite + * + * $RCSfile: certificatecontainer.cxx,v $ + * $Revision: 1.3 $ + * + * This file is part of OpenOffice.org. + * + * OpenOffice.org is free software: you can redistribute it and/or modify + * it under the terms of the GNU Lesser General Public License version 3 + * only, as published by the Free Software Foundation. + * + * OpenOffice.org is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU Lesser General Public License version 3 for more details + * (a copy is included in the LICENSE file that accompanied this code). + * + * You should have received a copy of the GNU Lesser General Public License + * version 3 along with OpenOffice.org. If not, see + * <http://www.openoffice.org/license.html> + * for a copy of the LGPLv3 License. + * + ************************************************************************/ + +#include "precompiled_xmlsecurity.hxx" +#include <certificatecontainer.hxx> + +#include <sal/config.h> + +using namespace ::com::sun::star::uno; + + +sal_Bool +CertificateContainer::searchMap( const ::rtl::OUString & url, const ::rtl::OUString & certificate_name, Map &_certMap ) +{ + Map::iterator p = _certMap.find(url); + + ::sal_Bool ret = sal_False; + + while( p != _certMap.end() ) + { + ret = (sal_Bool) (*p).second.equals(certificate_name); + if( ret ) + break; + p++; + } + + return ret; +} +// ------------------------------------------------------------------- + +sal_Bool +CertificateContainer::isTemporaryCertificate ( const ::rtl::OUString & url, const ::rtl::OUString & certificate_name ) + throw(::com::sun::star::uno::RuntimeException) +{ + return searchMap( url, certificate_name, certMap); +} + +// ------------------------------------------------------------------- + +sal_Bool +CertificateContainer::isCertificateTrust ( const ::rtl::OUString & url, const ::rtl::OUString & certificate_name ) + throw(::com::sun::star::uno::RuntimeException) +{ + return searchMap( url, certificate_name, certTrustMap); +} + +// ------------------------------------------------------------------- +sal_Bool +CertificateContainer::addCertificate( const ::rtl::OUString & url, const ::rtl::OUString & certificate_name, ::sal_Bool trust ) + throw(::com::sun::star::uno::RuntimeException) +{ + certMap.insert( Map::value_type( url, certificate_name ) ); + + //remember that the cert is trusted + if (trust) + certTrustMap.insert( Map::value_type( url, certificate_name ) ); + + return true; +} + +//------------------------------------------------------------------------- +::security::CertificateContainerStatus +CertificateContainer::hasCertificate( const ::rtl::OUString & url, const ::rtl::OUString & certificate_name ) throw(::com::sun::star::uno::RuntimeException) +{ + if ( isTemporaryCertificate( url, certificate_name ) ) + { + if ( isCertificateTrust( url, certificate_name ) ) + return security::CertificateContainerStatus( security::CertificateContainerStatus_TRUSTED ); + else + return security::CertificateContainerStatus_UNTRUSTED; + } else + { + return security::CertificateContainerStatus_NOCERT; + } +} +//------------------------------------------------------------------------- + +::rtl::OUString SAL_CALL +CertificateContainer::getImplementationName( ) + throw(::com::sun::star::uno::RuntimeException) +{ + return impl_getStaticImplementationName(); +} + +//------------------------------------------------------------------------- + +sal_Bool SAL_CALL +CertificateContainer::supportsService( const ::rtl::OUString& ServiceName ) + throw(::com::sun::star::uno::RuntimeException) +{ + if ( ServiceName.compareToAscii("com.sun.star.security.CertificateContainer") == 0 ) + return sal_True; + else + return sal_False; +} + +//------------------------------------------------------------------------- + +Sequence< ::rtl::OUString > SAL_CALL +CertificateContainer::getSupportedServiceNames( ) + throw(::com::sun::star::uno::RuntimeException) +{ + return impl_getStaticSupportedServiceNames(); +} + +//------------------------------------------------------------------------- + +Sequence< ::rtl::OUString > SAL_CALL +CertificateContainer::impl_getStaticSupportedServiceNames( ) + throw(::com::sun::star::uno::RuntimeException) +{ + Sequence< ::rtl::OUString > aRet(1); + *aRet.getArray() = ::rtl::OUString::createFromAscii("com.sun.star.security.CertificateContainer"); + return aRet; +} + +//------------------------------------------------------------------------- + +::rtl::OUString SAL_CALL +CertificateContainer::impl_getStaticImplementationName() + throw(::com::sun::star::uno::RuntimeException) +{ + return ::rtl::OUString::createFromAscii("com.sun.star.security.CertificateContainer"); +} + +//------------------------------------------------------------------------- + +Reference< XInterface > SAL_CALL CertificateContainer::impl_createInstance( const Reference< XMultiServiceFactory >& xServiceManager ) + throw( RuntimeException ) +{ + return Reference< XInterface >( *new CertificateContainer( xServiceManager ) ); +} + +//------------------------------------------------------------------------- + +Reference< XSingleServiceFactory > SAL_CALL +CertificateContainer::impl_createFactory( const Reference< XMultiServiceFactory >& ServiceManager ) + throw(RuntimeException) +{ + Reference< XSingleServiceFactory > xReturn( ::cppu::createOneInstanceFactory( ServiceManager, + CertificateContainer::impl_getStaticImplementationName(), + CertificateContainer::impl_createInstance, + CertificateContainer::impl_getStaticSupportedServiceNames())); + + return xReturn; +} + diff --git a/xmlsecurity/source/component/certificatecontainer.hxx b/xmlsecurity/source/component/certificatecontainer.hxx new file mode 100644 index 000000000000..6ff63fab0257 --- /dev/null +++ b/xmlsecurity/source/component/certificatecontainer.hxx @@ -0,0 +1,102 @@ +/************************************************************************* + * + * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. + * + * Copyright 2008 by Sun Microsystems, Inc. + * + * OpenOffice.org - a multi-platform office productivity suite + * + * $RCSfile: certificatecontainer.hxx,v $ + * $Revision: 1.3 $ + * + * This file is part of OpenOffice.org. + * + * OpenOffice.org is free software: you can redistribute it and/or modify + * it under the terms of the GNU Lesser General Public License version 3 + * only, as published by the Free Software Foundation. + * + * OpenOffice.org is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU Lesser General Public License version 3 for more details + * (a copy is included in the LICENSE file that accompanied this code). + * + * You should have received a copy of the GNU Lesser General Public License + * version 3 along with OpenOffice.org. If not, see + * <http://www.openoffice.org/license.html> + * for a copy of the LGPLv3 License. + * + ************************************************************************/ + +#ifndef _XCERTIFICATECONTAINER_HXX_ +#define _XCERTIFICATECONTAINER_HXX_ + +#include <com/sun/star/lang/XServiceInfo.hpp> +#include <com/sun/star/lang/XSingleServiceFactory.hpp> +#include <com/sun/star/lang/XMultiServiceFactory.hpp> +#include <cppuhelper/factory.hxx> +#include <cppuhelper/implbase2.hxx> + +#ifndef _XCERTIFICATECONTAINER_HPP_ +#include <com/sun/star/security/XCertificateContainer.hpp> +#endif + +#ifndef _CERTIFICATECONTAINERSTATUS_HPP_ +#include <com/sun/star/security/CertificateContainerStatus.hpp> +#endif + + +#include <vector> +#include <map> + +using namespace com::sun::star; +using namespace cppu; +using namespace ::com::sun::star::uno; +using namespace ::com::sun::star::lang; + +class CertificateContainer : public ::cppu::WeakImplHelper2< ::com::sun::star::lang::XServiceInfo, ::com::sun::star::security::XCertificateContainer > +{ + private: + typedef std::map< ::rtl::OUString, ::rtl::OUString > Map; + Map certMap; + Map certTrustMap; + + ::sal_Bool SAL_CALL searchMap( const ::rtl::OUString & url, const ::rtl::OUString & certificate_name, Map &_certMap ); + virtual ::sal_Bool SAL_CALL isTemporaryCertificate( const ::rtl::OUString & url, const ::rtl::OUString & certificate_name ) throw(::com::sun::star::uno::RuntimeException); + virtual ::sal_Bool SAL_CALL isCertificateTrust( const ::rtl::OUString & url, const ::rtl::OUString & certificate_name ) throw(::com::sun::star::uno::RuntimeException); + + public: + + CertificateContainer(const ::com::sun::star::uno::Reference< ::com::sun::star::lang::XMultiServiceFactory >& ) {}; + virtual ~CertificateContainer(){}; + + virtual ::sal_Bool SAL_CALL addCertificate( const ::rtl::OUString & url, const ::rtl::OUString & certificate_name, ::sal_Bool trust ) throw(::com::sun::star::uno::RuntimeException); + virtual ::security::CertificateContainerStatus SAL_CALL hasCertificate( const ::rtl::OUString & url, const ::rtl::OUString & certificate_name ) throw(::com::sun::star::uno::RuntimeException); + // provide factory + static ::rtl::OUString SAL_CALL + impl_getStaticImplementationName( ) throw(::com::sun::star::uno::RuntimeException); + + static ::com::sun::star::uno::Sequence< ::rtl::OUString > SAL_CALL + impl_getStaticSupportedServiceNames( ) throw(::com::sun::star::uno::RuntimeException); + + static ::com::sun::star::uno::Reference< ::com::sun::star::lang::XSingleServiceFactory > SAL_CALL + impl_createFactory( const ::com::sun::star::uno::Reference< ::com::sun::star::lang::XMultiServiceFactory >& ServiceManager ) throw(::com::sun::star::uno::RuntimeException); + + static ::com::sun::star::uno::Reference< ::com::sun::star::uno::XInterface > SAL_CALL + impl_createInstance( const ::com::sun::star::uno::Reference< ::com::sun::star::lang::XMultiServiceFactory >& xServiceManager ) throw( ::com::sun::star::uno::RuntimeException ); + + // XServiceInfo + virtual ::rtl::OUString SAL_CALL + getImplementationName( ) throw(::com::sun::star::uno::RuntimeException); + virtual ::sal_Bool SAL_CALL + supportsService( const ::rtl::OUString& ServiceName ) throw(::com::sun::star::uno::RuntimeException); + + virtual ::com::sun::star::uno::Sequence< ::rtl::OUString > SAL_CALL + getSupportedServiceNames( ) throw(::com::sun::star::uno::RuntimeException); + +}; + + + +#endif + diff --git a/xmlsecurity/source/component/documentdigitalsignatures.cxx b/xmlsecurity/source/component/documentdigitalsignatures.cxx new file mode 100644 index 000000000000..dde41a4ac636 --- /dev/null +++ b/xmlsecurity/source/component/documentdigitalsignatures.cxx @@ -0,0 +1,519 @@ +/************************************************************************* + * + * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. + * + * Copyright 2008 by Sun Microsystems, Inc. + * + * OpenOffice.org - a multi-platform office productivity suite + * + * $RCSfile: documentdigitalsignatures.cxx,v $ + * $Revision: 1.32 $ + * + * This file is part of OpenOffice.org. + * + * OpenOffice.org is free software: you can redistribute it and/or modify + * it under the terms of the GNU Lesser General Public License version 3 + * only, as published by the Free Software Foundation. + * + * OpenOffice.org is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU Lesser General Public License version 3 for more details + * (a copy is included in the LICENSE file that accompanied this code). + * + * You should have received a copy of the GNU Lesser General Public License + * version 3 along with OpenOffice.org. If not, see + * <http://www.openoffice.org/license.html> + * for a copy of the LGPLv3 License. + * + ************************************************************************/ + +// MARKER(update_precomp.py): autogen include statement, do not remove + +#include "precompiled_xmlsecurity.hxx" + +#include <documentdigitalsignatures.hxx> +#include <xmlsecurity/digitalsignaturesdialog.hxx> +#include <xmlsecurity/certificateviewer.hxx> +#include <xmlsecurity/macrosecurity.hxx> +#include <xmlsecurity/biginteger.hxx> +#include <xmlsecurity/global.hrc> + +#include <xmloff/xmluconv.hxx> + +#include <../dialogs/resourcemanager.hxx> +#include <com/sun/star/embed/XStorage.hpp> +#include <com/sun/star/embed/XTransactedObject.hpp> +#include <com/sun/star/embed/ElementModes.hpp> +#include <com/sun/star/ucb/XContent.hpp> +#include <com/sun/star/ucb/XContentProvider.hpp> +#include <com/sun/star/ucb/XContentIdentifierFactory.hpp> +#include <com/sun/star/ucb/XCommandEnvironment.hpp> +#include <com/sun/star/ucb/XCommandProcessor.hpp> +#include <com/sun/star/ucb/Command.hpp> +#include <tools/urlobj.hxx> +#include <vcl/msgbox.hxx> +#include <svtools/securityoptions.hxx> +#include <com/sun/star/security/CertificateValidity.hpp> +#include <com/sun/star/security/SerialNumberAdapter.hpp> +#include <ucbhelper/contentbroker.hxx> +#include <unotools/ucbhelper.hxx> +#include <comphelper/componentcontext.hxx> +#include "comphelper/documentconstants.hxx" + +#include "com/sun/star/lang/IllegalArgumentException.hpp" + +#include <stdio.h> + + +using namespace ::com::sun::star; +using namespace ::com::sun::star::uno; +namespace css = ::com::sun::star; + +#define OUSTR(x) ::rtl::OUString( RTL_CONSTASCII_USTRINGPARAM(x) ) + +DocumentDigitalSignatures::DocumentDigitalSignatures( const Reference< XComponentContext >& rxCtx ): + mxCtx(rxCtx), + m_sODFVersion(ODFVER_012_TEXT), + m_nArgumentsCount(0), + m_bHasDocumentSignature(false) +{ +} + +void DocumentDigitalSignatures::initialize( const Sequence< Any >& aArguments) + throw (css::uno::Exception, css::uno::RuntimeException) +{ + if (aArguments.getLength() == 0 || aArguments.getLength() > 2) + throw css::lang::IllegalArgumentException( + OUSTR("DocumentDigitalSignatures::initialize requires one or two arguments"), + Reference<XInterface>(static_cast<XInitialization*>(this), UNO_QUERY), 0); + + m_nArgumentsCount = aArguments.getLength(); + + if (!(aArguments[0] >>= m_sODFVersion)) + throw css::lang::IllegalArgumentException( + OUSTR("DocumentDigitalSignatures::initialize: the first arguments must be a string"), + Reference<XInterface>(static_cast<XInitialization*>(this), UNO_QUERY), 0); + + if (aArguments.getLength() == 2 + && !(aArguments[1] >>= m_bHasDocumentSignature)) + throw css::lang::IllegalArgumentException( + OUSTR("DocumentDigitalSignatures::initialize: the second arguments must be a bool"), + Reference<XInterface>(static_cast<XInitialization*>(this), UNO_QUERY), 1); + + //the Version is supported as of ODF1.2, so for and 1.1 document or older we will receive the + //an empty string. In this case we set it to ODFVER_010_TEXT. Then we can later check easily + //if initialize was called. Only then m_sODFVersion.getLength() is greater than 0 + if (m_sODFVersion.getLength() == 0) + m_sODFVersion = ODFVER_010_TEXT; +} + +sal_Bool DocumentDigitalSignatures::signDocumentContent( + const Reference< css::embed::XStorage >& rxStorage, + const Reference< css::io::XStream >& xSignStream) + throw (RuntimeException) +{ + OSL_ENSURE(m_sODFVersion.getLength(), "DocumentDigitalSignatures: ODF Version not set, assuming minimum 1.2"); + return ImplViewSignatures( rxStorage, xSignStream, SignatureModeDocumentContent, false ); +} + +Sequence< css::security::DocumentSignatureInformation > +DocumentDigitalSignatures::verifyDocumentContentSignatures( + const Reference< css::embed::XStorage >& rxStorage, + const Reference< css::io::XInputStream >& xSignInStream ) throw (RuntimeException) +{ + OSL_ENSURE(m_sODFVersion.getLength(),"DocumentDigitalSignatures: ODF Version not set, assuming minimum 1.2"); + return ImplVerifySignatures( rxStorage, xSignInStream, SignatureModeDocumentContent ); +} + +void DocumentDigitalSignatures::showDocumentContentSignatures( + const Reference< css::embed::XStorage >& rxStorage, + const Reference< css::io::XInputStream >& xSignInStream ) throw (RuntimeException) +{ + OSL_ENSURE(m_sODFVersion.getLength(),"DocumentDigitalSignatures: ODF Version not set, assuming minimum 1.2"); + ImplViewSignatures( rxStorage, xSignInStream, SignatureModeDocumentContent, true ); +} + +::rtl::OUString DocumentDigitalSignatures::getDocumentContentSignatureDefaultStreamName() + throw (css::uno::RuntimeException) +{ + return DocumentSignatureHelper::GetDocumentContentSignatureDefaultStreamName(); +} + +sal_Bool DocumentDigitalSignatures::signScriptingContent( + const Reference< css::embed::XStorage >& rxStorage, + const Reference< css::io::XStream >& xSignStream ) throw (RuntimeException) +{ + OSL_ENSURE(m_sODFVersion.getLength(),"DocumentDigitalSignatures: ODF Version not set, assuming minimum 1.2"); + OSL_ENSURE(m_nArgumentsCount == 2, "DocumentDigitalSignatures: Service was not initialized properly"); + return ImplViewSignatures( rxStorage, xSignStream, SignatureModeMacros, false ); +} + +Sequence< css::security::DocumentSignatureInformation > +DocumentDigitalSignatures::verifyScriptingContentSignatures( + const Reference< css::embed::XStorage >& rxStorage, + const Reference< css::io::XInputStream >& xSignInStream ) throw (RuntimeException) +{ + OSL_ENSURE(m_sODFVersion.getLength(),"DocumentDigitalSignatures: ODF Version not set, assuming minimum 1.2"); + return ImplVerifySignatures( rxStorage, xSignInStream, SignatureModeMacros ); +} + +void DocumentDigitalSignatures::showScriptingContentSignatures( + const Reference< css::embed::XStorage >& rxStorage, + const Reference< css::io::XInputStream >& xSignInStream ) throw (RuntimeException) +{ + OSL_ENSURE(m_sODFVersion.getLength(),"DocumentDigitalSignatures: ODF Version not set, assuming minimum 1.2"); + ImplViewSignatures( rxStorage, xSignInStream, SignatureModeMacros, true ); +} + +::rtl::OUString DocumentDigitalSignatures::getScriptingContentSignatureDefaultStreamName() + throw (css::uno::RuntimeException) +{ + return DocumentSignatureHelper::GetScriptingContentSignatureDefaultStreamName(); +} + + +sal_Bool DocumentDigitalSignatures::signPackage( + const Reference< css::embed::XStorage >& rxStorage, + const Reference< css::io::XStream >& xSignStream ) throw (RuntimeException) +{ + OSL_ENSURE(m_sODFVersion.getLength(),"DocumentDigitalSignatures: ODF Version not set, assuming minimum 1.2"); + return ImplViewSignatures( rxStorage, xSignStream, SignatureModePackage, false ); +} + +Sequence< css::security::DocumentSignatureInformation > +DocumentDigitalSignatures::verifyPackageSignatures( + const Reference< css::embed::XStorage >& rxStorage, + const Reference< css::io::XInputStream >& xSignInStream ) throw (RuntimeException) +{ + OSL_ENSURE(m_sODFVersion.getLength(),"DocumentDigitalSignatures: ODF Version not set, assuming minimum 1.2"); + return ImplVerifySignatures( rxStorage, xSignInStream, SignatureModePackage ); +} + +void DocumentDigitalSignatures::showPackageSignatures( + const Reference< css::embed::XStorage >& rxStorage, + const Reference< css::io::XInputStream >& xSignInStream ) throw (RuntimeException) +{ + OSL_ENSURE(m_sODFVersion.getLength(),"DocumentDigitalSignatures: ODF Version not set, assuming minimum 1.2"); + ImplViewSignatures( rxStorage, xSignInStream, SignatureModePackage, true ); +} + +::rtl::OUString DocumentDigitalSignatures::getPackageSignatureDefaultStreamName( ) + throw (::com::sun::star::uno::RuntimeException) +{ + return DocumentSignatureHelper::GetPackageSignatureDefaultStreamName(); +} + + +sal_Bool DocumentDigitalSignatures::ImplViewSignatures( + const Reference< css::embed::XStorage >& rxStorage, + const Reference< css::io::XInputStream >& xSignStream, + DocumentSignatureMode eMode, bool bReadOnly ) throw (RuntimeException) +{ + Reference< io::XStream > xStream; + if ( xSignStream.is() ) + xStream = Reference< io::XStream >( xSignStream, UNO_QUERY ); + return ImplViewSignatures( rxStorage, xStream, eMode, bReadOnly ); +} + +sal_Bool DocumentDigitalSignatures::ImplViewSignatures( + const Reference< css::embed::XStorage >& rxStorage, const Reference< css::io::XStream >& xSignStream, + DocumentSignatureMode eMode, bool bReadOnly ) throw (RuntimeException) +{ + sal_Bool bChanges = sal_False; + DigitalSignaturesDialog aSignaturesDialog( + NULL, mxCtx, eMode, bReadOnly, m_sODFVersion, m_bHasDocumentSignature); + bool bInit = aSignaturesDialog.Init( rtl::OUString() ); + DBG_ASSERT( bInit, "Error initializing security context!" ); + if ( bInit ) + { + aSignaturesDialog.SetStorage( rxStorage ); + aSignaturesDialog.SetSignatureStream( xSignStream ); + if ( aSignaturesDialog.Execute() ) + { + if ( aSignaturesDialog.SignaturesChanged() ) + { + bChanges = TRUE; + // If we have a storage and no stream, we are responsible for commit + if ( rxStorage.is() && !xSignStream.is() ) + { + uno::Reference< embed::XTransactedObject > xTrans( rxStorage, uno::UNO_QUERY ); + xTrans->commit(); + } + } + } + } + else + { + WarningBox aBox( NULL, XMLSEC_RES( RID_XMLSECWB_NO_MOZILLA_PROFILE ) ); + aBox.Execute(); + } + + return bChanges; +} + +Sequence< css::security::DocumentSignatureInformation > +DocumentDigitalSignatures::ImplVerifySignatures( + const Reference< css::embed::XStorage >& rxStorage, + const Reference< css::io::XInputStream >& xSignStream, DocumentSignatureMode eMode ) throw (RuntimeException) +{ + if (!rxStorage.is()) + { + DBG_ASSERT(0, "Error, no XStorage provided"); + return Sequence<css::security::DocumentSignatureInformation>(); + } + // First check for the InputStream, to avoid unnecessary initialization of the security environemnt... + SignatureStreamHelper aStreamHelper; + Reference< io::XInputStream > xInputStream = xSignStream; + + if ( !xInputStream.is() ) + { + aStreamHelper = DocumentSignatureHelper::OpenSignatureStream( rxStorage, embed::ElementModes::READ, eMode ); + if ( aStreamHelper.xSignatureStream.is() ) + xInputStream = Reference< io::XInputStream >( aStreamHelper.xSignatureStream, UNO_QUERY ); + } + + if ( !xInputStream.is() ) + return Sequence< ::com::sun::star::security::DocumentSignatureInformation >(0); + + + XMLSignatureHelper aSignatureHelper( mxCtx ); + + bool bInit = aSignatureHelper.Init( rtl::OUString() ); + + DBG_ASSERT( bInit, "Error initializing security context!" ); + + if ( !bInit ) + return Sequence< ::com::sun::star::security::DocumentSignatureInformation >(0); + + aSignatureHelper.SetStorage(rxStorage, m_sODFVersion); + + aSignatureHelper.StartMission(); + + aSignatureHelper.ReadAndVerifySignature( xInputStream ); + + aSignatureHelper.EndMission(); + + Reference< ::com::sun::star::xml::crypto::XSecurityEnvironment > xSecEnv = aSignatureHelper.GetSecurityEnvironment(); + + SignatureInformations aSignInfos = aSignatureHelper.GetSignatureInformations(); + int nInfos = aSignInfos.size(); + Sequence< css::security::DocumentSignatureInformation > aInfos(nInfos); + css::security::DocumentSignatureInformation* arInfos = aInfos.getArray(); + + if ( nInfos ) + { + Reference<security::XSerialNumberAdapter> xSerialNumberAdapter = + ::com::sun::star::security::SerialNumberAdapter::create(mxCtx); + + for( int n = 0; n < nInfos; ++n ) + { + DocumentSignatureAlgorithm mode = DocumentSignatureHelper::getDocumentAlgorithm( + m_sODFVersion, aSignInfos[n]); + const std::vector< rtl::OUString > aElementsToBeVerified = + DocumentSignatureHelper::CreateElementList( + rxStorage, ::rtl::OUString(), eMode, mode); + + const SignatureInformation& rInfo = aSignInfos[n]; + css::security::DocumentSignatureInformation& rSigInfo = arInfos[n]; + + if (rInfo.ouX509Certificate.getLength()) + rSigInfo.Signer = xSecEnv->createCertificateFromAscii( rInfo.ouX509Certificate ) ; + if (!rSigInfo.Signer.is()) + rSigInfo.Signer = xSecEnv->getCertificate( rInfo.ouX509IssuerName, xSerialNumberAdapter->toSequence( rInfo.ouX509SerialNumber ) ); + + // --> PB 2004-12-14 #i38744# time support again + Date aDate( rInfo.stDateTime.Day, rInfo.stDateTime.Month, rInfo.stDateTime.Year ); + Time aTime( rInfo.stDateTime.Hours, rInfo.stDateTime.Minutes, + rInfo.stDateTime.Seconds, rInfo.stDateTime.HundredthSeconds ); + rSigInfo.SignatureDate = aDate.GetDate(); + rSigInfo.SignatureTime = aTime.GetTime(); + + // Verify certificate + //We have patched our version of libxmlsec, so that it does not verify the certificates. This has two + //reasons. First we want two separate status for signature and certificate. Second libxmlsec calls + //CERT_VerifyCertificate (solaris, linux) falsly, so that it always regards the certificate as valid. + //On Window the checking of the certificate path is buggy. It does name matching (issuer, subject name) + //to find the parent certificate. It does not take into account that there can be several certificates + //with the same subject name. + if (rSigInfo.Signer.is()) + { + try { + rSigInfo.CertificateStatus = xSecEnv->verifyCertificate(rSigInfo.Signer, + Sequence<Reference<css::security::XCertificate> >()); + } catch (SecurityException& ) { + OSL_ENSURE(0, "Verification of certificate failed"); + rSigInfo.CertificateStatus = css::security::CertificateValidity::INVALID; + } + } + else + { + //We should always be aible to get the certificates because it is contained in the document, + //unless the document is damaged so that signature xml file could not be parsed. + rSigInfo.CertificateStatus = css::security::CertificateValidity::INVALID; + } + + rSigInfo.SignatureIsValid = ( rInfo.nStatus == ::com::sun::star::xml::crypto::SecurityOperationStatus_OPERATION_SUCCEEDED ); + + + if ( rSigInfo.SignatureIsValid ) + { + rSigInfo.SignatureIsValid = + DocumentSignatureHelper::checkIfAllFilesAreSigned( + aElementsToBeVerified, rInfo, mode); + } + if (eMode == SignatureModeDocumentContent) + rSigInfo.PartialDocumentSignature = + ! DocumentSignatureHelper::isOOo3_2_Signature(aSignInfos[n]); + + } + } + return aInfos; + +} + +void DocumentDigitalSignatures::manageTrustedSources( ) throw (RuntimeException) +{ + // MT: i45295 + // SecEnv is only needed to display certificate information from trusted sources. + // Macro Security also has some options where no security environment is needed, so raise dialog anyway. + // Later I should change the code so the Dialog creates the SecEnv on demand... + + Reference< dcss::xml::crypto::XSecurityEnvironment > xSecEnv; + + XMLSignatureHelper aSignatureHelper( mxCtx ); + if ( aSignatureHelper.Init( rtl::OUString() ) ) + xSecEnv = aSignatureHelper.GetSecurityEnvironment(); + + MacroSecurity aDlg( NULL, mxCtx, xSecEnv ); + aDlg.Execute(); +} + +void DocumentDigitalSignatures::showCertificate( + const Reference< css::security::XCertificate >& _Certificate ) throw (RuntimeException) +{ + XMLSignatureHelper aSignatureHelper( mxCtx ); + + bool bInit = aSignatureHelper.Init( rtl::OUString() ); + + DBG_ASSERT( bInit, "Error initializing security context!" ); + + if ( bInit ) + { + CertificateViewer aViewer( NULL, aSignatureHelper.GetSecurityEnvironment(), _Certificate, FALSE ); + aViewer.Execute(); + } + +} + +::sal_Bool DocumentDigitalSignatures::isAuthorTrusted( + const Reference< css::security::XCertificate >& Author ) throw (RuntimeException) +{ + sal_Bool bFound = sal_False; + + Reference<security::XSerialNumberAdapter> xSerialNumberAdapter = + ::com::sun::star::security::SerialNumberAdapter::create(mxCtx); + + ::rtl::OUString sSerialNum = xSerialNumberAdapter->toString( Author->getSerialNumber() ); + + Sequence< SvtSecurityOptions::Certificate > aTrustedAuthors = SvtSecurityOptions().GetTrustedAuthors(); + const SvtSecurityOptions::Certificate* pAuthors = aTrustedAuthors.getConstArray(); + const SvtSecurityOptions::Certificate* pAuthorsEnd = pAuthors + aTrustedAuthors.getLength(); + for ( ; pAuthors != pAuthorsEnd; ++pAuthors ) + { + SvtSecurityOptions::Certificate aAuthor = *pAuthors; + if ( ( aAuthor[0] == Author->getIssuerName() ) && ( aAuthor[1] == sSerialNum ) ) + { + bFound = sal_True; + break; + } + } + + return bFound; +} + +::sal_Bool DocumentDigitalSignatures::isLocationTrusted( const ::rtl::OUString& Location ) throw (RuntimeException) +{ + sal_Bool bFound = sal_False; + INetURLObject aLocObj( Location ); + INetURLObject aLocObjLowCase( Location.toAsciiLowerCase() ); // will be used for case insensitive comparing + + ::com::sun::star::uno::Reference< ::com::sun::star::ucb::XContentProvider > xContentProvider; + ::ucbhelper::ContentBroker* pBroker = NULL; + + //warning free code + //if ( aLocObj.GetProtocol() == INET_PROT_FILE && ( pBroker = ::ucbhelper::ContentBroker::get() ) ) + // xContentProvider = pBroker->getContentProviderInterface(); + if ( aLocObj.GetProtocol() == INET_PROT_FILE) + { + pBroker = ::ucbhelper::ContentBroker::get(); + if (pBroker) + xContentProvider = pBroker->getContentProviderInterface(); + } + + Sequence< ::rtl::OUString > aSecURLs = SvtSecurityOptions().GetSecureURLs(); + const ::rtl::OUString* pSecURLs = aSecURLs.getConstArray(); + const ::rtl::OUString* pSecURLsEnd = pSecURLs + aSecURLs.getLength(); + for ( ; pSecURLs != pSecURLsEnd && !bFound; ++pSecURLs ) + bFound = ::utl::UCBContentHelper::IsSubPath( *pSecURLs, Location, xContentProvider ); + + return bFound; +} + +void DocumentDigitalSignatures::addAuthorToTrustedSources( + const Reference< css::security::XCertificate >& Author ) throw (RuntimeException) +{ + SvtSecurityOptions aSecOpts; + + Reference<security::XSerialNumberAdapter> xSerialNumberAdapter = + ::com::sun::star::security::SerialNumberAdapter::create(mxCtx); + + SvtSecurityOptions::Certificate aNewCert( 3 ); + aNewCert[ 0 ] = Author->getIssuerName(); + aNewCert[ 1 ] = xSerialNumberAdapter->toString( Author->getSerialNumber() ); + + rtl::OUStringBuffer aStrBuffer; + SvXMLUnitConverter::encodeBase64(aStrBuffer, Author->getEncoded()); + aNewCert[ 2 ] = aStrBuffer.makeStringAndClear(); + + + Sequence< SvtSecurityOptions::Certificate > aTrustedAuthors = aSecOpts.GetTrustedAuthors(); + sal_Int32 nCnt = aTrustedAuthors.getLength(); + aTrustedAuthors.realloc( nCnt + 1 ); + aTrustedAuthors[ nCnt ] = aNewCert; + + aSecOpts.SetTrustedAuthors( aTrustedAuthors ); +} + +void DocumentDigitalSignatures::addLocationToTrustedSources( const ::rtl::OUString& Location ) throw (RuntimeException) +{ + SvtSecurityOptions aSecOpt; + + Sequence< ::rtl::OUString > aSecURLs = aSecOpt.GetSecureURLs(); + sal_Int32 nCnt = aSecURLs.getLength(); + aSecURLs.realloc( nCnt + 1 ); + aSecURLs[ nCnt ] = Location; + + aSecOpt.SetSecureURLs( aSecURLs ); +} + +rtl::OUString DocumentDigitalSignatures::GetImplementationName() throw (RuntimeException) +{ + return rtl::OUString ( RTL_CONSTASCII_USTRINGPARAM ( "com.sun.star.security.DocumentDigitalSignatures" ) ); +} + +Sequence< rtl::OUString > DocumentDigitalSignatures::GetSupportedServiceNames() throw (cssu::RuntimeException) +{ + Sequence < rtl::OUString > aRet(1); + rtl::OUString* pArray = aRet.getArray(); + pArray[0] = rtl::OUString( RTL_CONSTASCII_USTRINGPARAM ( "com.sun.star.security.DocumentDigitalSignatures" ) ); + return aRet; +} + + +Reference< XInterface > DocumentDigitalSignatures_CreateInstance( + const Reference< XComponentContext >& rCtx) throw ( Exception ) +{ + return (cppu::OWeakObject*) new DocumentDigitalSignatures( rCtx ); +} + diff --git a/xmlsecurity/source/component/documentdigitalsignatures.hxx b/xmlsecurity/source/component/documentdigitalsignatures.hxx new file mode 100644 index 000000000000..35d22c62ca6a --- /dev/null +++ b/xmlsecurity/source/component/documentdigitalsignatures.hxx @@ -0,0 +1,104 @@ +/************************************************************************* + * + * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. + * + * Copyright 2008 by Sun Microsystems, Inc. + * + * OpenOffice.org - a multi-platform office productivity suite + * + * $RCSfile: documentdigitalsignatures.hxx,v $ + * $Revision: 1.9 $ + * + * This file is part of OpenOffice.org. + * + * OpenOffice.org is free software: you can redistribute it and/or modify + * it under the terms of the GNU Lesser General Public License version 3 + * only, as published by the Free Software Foundation. + * + * OpenOffice.org is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU Lesser General Public License version 3 for more details + * (a copy is included in the LICENSE file that accompanied this code). + * + * You should have received a copy of the GNU Lesser General Public License + * version 3 along with OpenOffice.org. If not, see + * <http://www.openoffice.org/license.html> + * for a copy of the LGPLv3 License. + * + ************************************************************************/ + +#ifndef _XMLSECURITY_DOCUMENTDIGITALSIGNATURES_HXX +#define _XMLSECURITY_DOCUMENTDIGITALSIGNATURES_HXX + +#include <cppuhelper/implbase2.hxx> + +#include "com/sun/star/lang/XInitialization.hpp" +#include <com/sun/star/security/XDocumentDigitalSignatures.hpp> +#include <com/sun/star/io/XStream.hpp> +#include <com/sun/star/io/XInputStream.hpp> +#include <xmlsecurity/documentsignaturehelper.hxx> + +namespace com { namespace sun { namespace star { + + namespace uno { + class XComponentContext; + } +}}} + +class DocumentDigitalSignatures : public cppu::WeakImplHelper2 +< + com::sun::star::security::XDocumentDigitalSignatures, + com::sun::star::lang::XInitialization +> +{ +private: + com::sun::star::uno::Reference< com::sun::star::uno::XComponentContext > mxCtx; + // will be set by XInitialization. If not we assume true. false means an earlier version. + ::rtl::OUString m_sODFVersion; + //The number of arguments which were passed in XInitialization::initialize + int m_nArgumentsCount; + //Indicates if the document already contains a document signature + bool m_bHasDocumentSignature; + + sal_Bool ImplViewSignatures( const ::com::sun::star::uno::Reference< ::com::sun::star::embed::XStorage >& rxStorage, const ::com::sun::star::uno::Reference< ::com::sun::star::io::XStream >& xSignStream, DocumentSignatureMode eMode, bool bReadOnly ) throw (::com::sun::star::uno::RuntimeException); + sal_Bool ImplViewSignatures( const ::com::sun::star::uno::Reference< ::com::sun::star::embed::XStorage >& rxStorage, const ::com::sun::star::uno::Reference< ::com::sun::star::io::XInputStream >& xSignStream, DocumentSignatureMode eMode, bool bReadOnly ) throw (::com::sun::star::uno::RuntimeException); + com::sun::star::uno::Sequence< ::com::sun::star::security::DocumentSignatureInformation > ImplVerifySignatures( const ::com::sun::star::uno::Reference< ::com::sun::star::embed::XStorage >& rxStorage, const ::com::sun::star::uno::Reference< ::com::sun::star::io::XInputStream >& xSignStream, DocumentSignatureMode eMode ) throw (::com::sun::star::uno::RuntimeException); + +public: + DocumentDigitalSignatures( const com::sun::star::uno::Reference< com::sun::star::uno::XComponentContext>& rxCtx ); + + // for service registration... + static ::rtl::OUString GetImplementationName() throw (com::sun::star::uno::RuntimeException); + static ::com::sun::star::uno::Sequence < ::rtl::OUString > GetSupportedServiceNames() throw (com::sun::star::uno::RuntimeException); + + //XInitialization + void SAL_CALL initialize( const ::com::sun::star::uno::Sequence< ::com::sun::star::uno::Any >& aArguments ) + throw (::com::sun::star::uno::Exception, ::com::sun::star::uno::RuntimeException); + + // XDocumentDigitalSignatures + ::sal_Bool SAL_CALL signDocumentContent( const ::com::sun::star::uno::Reference< ::com::sun::star::embed::XStorage >& xStorage, const ::com::sun::star::uno::Reference< ::com::sun::star::io::XStream >& xSignStream ) throw (::com::sun::star::uno::RuntimeException); + ::com::sun::star::uno::Sequence< ::com::sun::star::security::DocumentSignatureInformation > SAL_CALL verifyDocumentContentSignatures( const ::com::sun::star::uno::Reference< ::com::sun::star::embed::XStorage >& xStorage, const ::com::sun::star::uno::Reference< ::com::sun::star::io::XInputStream >& xSignInStream ) throw (::com::sun::star::uno::RuntimeException); + void SAL_CALL showDocumentContentSignatures( const ::com::sun::star::uno::Reference< ::com::sun::star::embed::XStorage >& xStorage, const ::com::sun::star::uno::Reference< ::com::sun::star::io::XInputStream >& xSignInStream ) throw (::com::sun::star::uno::RuntimeException); + ::rtl::OUString SAL_CALL getDocumentContentSignatureDefaultStreamName( ) throw (::com::sun::star::uno::RuntimeException); + ::sal_Bool SAL_CALL signScriptingContent( const ::com::sun::star::uno::Reference< ::com::sun::star::embed::XStorage >& xStorage, const ::com::sun::star::uno::Reference< ::com::sun::star::io::XStream >& xSignStream ) throw (::com::sun::star::uno::RuntimeException); + ::com::sun::star::uno::Sequence< ::com::sun::star::security::DocumentSignatureInformation > SAL_CALL verifyScriptingContentSignatures( const ::com::sun::star::uno::Reference< ::com::sun::star::embed::XStorage >& xStorage, const ::com::sun::star::uno::Reference< ::com::sun::star::io::XInputStream >& xSignInStream ) throw (::com::sun::star::uno::RuntimeException); + void SAL_CALL showScriptingContentSignatures( const ::com::sun::star::uno::Reference< ::com::sun::star::embed::XStorage >& xStorage, const ::com::sun::star::uno::Reference< ::com::sun::star::io::XInputStream >& xSignInStream ) throw (::com::sun::star::uno::RuntimeException); + ::rtl::OUString SAL_CALL getScriptingContentSignatureDefaultStreamName( ) throw (::com::sun::star::uno::RuntimeException); + ::sal_Bool SAL_CALL signPackage( const ::com::sun::star::uno::Reference< ::com::sun::star::embed::XStorage >& Storage, const ::com::sun::star::uno::Reference< ::com::sun::star::io::XStream >& xSignStream ) throw (::com::sun::star::uno::RuntimeException); + ::com::sun::star::uno::Sequence< ::com::sun::star::security::DocumentSignatureInformation > SAL_CALL verifyPackageSignatures( const ::com::sun::star::uno::Reference< ::com::sun::star::embed::XStorage >& Storage, const ::com::sun::star::uno::Reference< ::com::sun::star::io::XInputStream >& xSignInStream ) throw (::com::sun::star::uno::RuntimeException); + void SAL_CALL showPackageSignatures( const ::com::sun::star::uno::Reference< ::com::sun::star::embed::XStorage >& xStorage, const ::com::sun::star::uno::Reference< ::com::sun::star::io::XInputStream >& xSignInStream ) throw (::com::sun::star::uno::RuntimeException); + ::rtl::OUString SAL_CALL getPackageSignatureDefaultStreamName( ) throw (::com::sun::star::uno::RuntimeException); + void SAL_CALL showCertificate( const ::com::sun::star::uno::Reference< ::com::sun::star::security::XCertificate >& Certificate ) throw (::com::sun::star::uno::RuntimeException); + void SAL_CALL manageTrustedSources( ) throw (::com::sun::star::uno::RuntimeException); + ::sal_Bool SAL_CALL isAuthorTrusted( const ::com::sun::star::uno::Reference< ::com::sun::star::security::XCertificate >& Author ) throw (::com::sun::star::uno::RuntimeException); + ::sal_Bool SAL_CALL isLocationTrusted( const ::rtl::OUString& Location ) throw (::com::sun::star::uno::RuntimeException); + void SAL_CALL addAuthorToTrustedSources( const ::com::sun::star::uno::Reference< ::com::sun::star::security::XCertificate >& Author ) throw (::com::sun::star::uno::RuntimeException); + void SAL_CALL addLocationToTrustedSources( const ::rtl::OUString& Location ) throw (::com::sun::star::uno::RuntimeException); + +}; + +com::sun::star::uno::Reference< com::sun::star::uno::XInterface > SAL_CALL DocumentDigitalSignatures_CreateInstance( + const com::sun::star::uno::Reference< com::sun::star::uno::XComponentContext >& rCtx) throw ( com::sun::star::uno::Exception ); + +#endif // _XMLSECURITY_DOCUMENTDIGITALSIGNATURES_HXX diff --git a/xmlsecurity/source/component/makefile.mk b/xmlsecurity/source/component/makefile.mk new file mode 100644 index 000000000000..2aeb715b7743 --- /dev/null +++ b/xmlsecurity/source/component/makefile.mk @@ -0,0 +1,58 @@ +#************************************************************************* +# +# DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. +# +# Copyright 2008 by Sun Microsystems, Inc. +# +# OpenOffice.org - a multi-platform office productivity suite +# +# $RCSfile: makefile.mk,v $ +# +# $Revision: 1.6 $ +# +# This file is part of OpenOffice.org. +# +# OpenOffice.org is free software: you can redistribute it and/or modify +# it under the terms of the GNU Lesser General Public License version 3 +# only, as published by the Free Software Foundation. +# +# OpenOffice.org is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU Lesser General Public License version 3 for more details +# (a copy is included in the LICENSE file that accompanied this code). +# +# You should have received a copy of the GNU Lesser General Public License +# version 3 along with OpenOffice.org. If not, see +# <http://www.openoffice.org/license.html> +# for a copy of the LGPLv3 License. +# +#************************************************************************* + +PRJ=..$/.. + +PRJNAME=xmlsecurity +TARGET=component + +ENABLE_EXCEPTIONS=TRUE + +# --- Settings ----------------------------------------------------- + +.INCLUDE : settings.mk +.INCLUDE : $(PRJ)$/util$/target.pmk + +# --- Files -------------------------------------------------------- + +SRS1NAME=component +SRC1FILES = \ + warnbox.src + +SLOFILES= \ + $(SLO)$/documentdigitalsignatures.obj \ + $(SLO)$/registerservices.obj \ + $(SLO)$/certificatecontainer.obj + +# --- Targets ------------------------------------------------------ + +.INCLUDE : target.mk + diff --git a/xmlsecurity/source/component/registerservices.cxx b/xmlsecurity/source/component/registerservices.cxx new file mode 100644 index 000000000000..061a9dbf70bd --- /dev/null +++ b/xmlsecurity/source/component/registerservices.cxx @@ -0,0 +1,133 @@ +/************************************************************************* + * + * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. + * + * Copyright 2008 by Sun Microsystems, Inc. + * + * OpenOffice.org - a multi-platform office productivity suite + * + * $RCSfile: registerservices.cxx,v $ + * $Revision: 1.7 $ + * + * This file is part of OpenOffice.org. + * + * OpenOffice.org is free software: you can redistribute it and/or modify + * it under the terms of the GNU Lesser General Public License version 3 + * only, as published by the Free Software Foundation. + * + * OpenOffice.org is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU Lesser General Public License version 3 for more details + * (a copy is included in the LICENSE file that accompanied this code). + * + * You should have received a copy of the GNU Lesser General Public License + * version 3 along with OpenOffice.org. If not, see + * <http://www.openoffice.org/license.html> + * for a copy of the LGPLv3 License. + * + ************************************************************************/ + +// MARKER(update_precomp.py): autogen include statement, do not remove +#include "precompiled_xmlsecurity.hxx" + +#include <tools/debug.hxx> +#include <com/sun/star/lang/XSingleServiceFactory.hpp> + +#include <cppuhelper/factory.hxx> + + +#include <documentdigitalsignatures.hxx> +#include <certificatecontainer.hxx> + +using namespace ::com::sun::star; + +extern "C" +{ +void SAL_CALL component_getImplementationEnvironment( const sal_Char ** ppEnvTypeName, uno_Environment ** ) +{ + *ppEnvTypeName = CPPU_CURRENT_LANGUAGE_BINDING_NAME; +} + +sal_Bool SAL_CALL component_writeInfo( void* /*pServiceManager*/, void* pRegistryKey ) +{ + if (pRegistryKey) + { + try + { + sal_Int32 nPos = 0; + // SERVICE DocumentDigitalSignatures + nPos = 0; + uno::Reference< registry::XRegistryKey > xNewKey( + reinterpret_cast< registry::XRegistryKey* >( pRegistryKey )->createKey( DocumentDigitalSignatures::GetImplementationName() ) ); + + xNewKey = xNewKey->createKey( rtl::OUString::createFromAscii( "/UNO/SERVICES" ) ); + + const uno::Sequence< rtl::OUString >& rSNL = DocumentDigitalSignatures::GetSupportedServiceNames(); + const rtl::OUString* pArray = rSNL.getConstArray(); + for ( nPos = rSNL.getLength(); nPos--; ) + xNewKey->createKey( pArray[nPos] ); + + // SERVICE CertificateContainer + nPos = 0; + uno::Reference< registry::XRegistryKey > xNewKeyCertificateContainer( + reinterpret_cast< registry::XRegistryKey* >( pRegistryKey )->createKey( CertificateContainer::impl_getStaticImplementationName() ) ); + xNewKeyCertificateContainer = xNewKeyCertificateContainer->createKey( rtl::OUString::createFromAscii( "/UNO/SERVICES" ) ); + + const uno::Sequence< rtl::OUString >& rSNLCertificateContainer = CertificateContainer::impl_getStaticSupportedServiceNames(); + const rtl::OUString* pArrayCertificateContainer = rSNLCertificateContainer.getConstArray(); + for ( nPos = rSNLCertificateContainer.getLength(); nPos--; ) + xNewKeyCertificateContainer->createKey( pArrayCertificateContainer[nPos] ); + + //----------------------------- + + return sal_True; + } + catch (registry::InvalidRegistryException &) + { + DBG_ERROR( "InvalidRegistryException!" ); + } + } + return sal_False; +} + +void* SAL_CALL component_getFactory( const sal_Char * pImplName, void * pServiceManager, void * /*pRegistryKey*/ ) +{ + void* pRet = 0; + uno::Reference< XInterface > xFactory; + + //Decryptor + rtl::OUString implName = rtl::OUString::createFromAscii( pImplName ); + + if ( pServiceManager && implName.equals( DocumentDigitalSignatures::GetImplementationName() ) ) + { + // DocumentDigitalSignatures + xFactory = cppu::createSingleComponentFactory( + DocumentDigitalSignatures_CreateInstance, + rtl::OUString::createFromAscii( pImplName ), + DocumentDigitalSignatures::GetSupportedServiceNames() ); + } + else if ( pServiceManager && implName.equals( CertificateContainer::impl_getStaticImplementationName() )) + { + // CertificateContainer + xFactory = cppu::createOneInstanceFactory( + reinterpret_cast< lang::XMultiServiceFactory * >( pServiceManager ), + rtl::OUString::createFromAscii( pImplName ), + CertificateContainer::impl_createInstance, + CertificateContainer::impl_getStaticSupportedServiceNames() ); + } + + if (xFactory.is()) + { + xFactory->acquire(); + pRet = xFactory.get(); + } + return pRet; +} + +} // extern "C" + + + + + diff --git a/xmlsecurity/source/component/warnbox.src b/xmlsecurity/source/component/warnbox.src new file mode 100644 index 000000000000..954b156287eb --- /dev/null +++ b/xmlsecurity/source/component/warnbox.src @@ -0,0 +1,39 @@ +/************************************************************************* + * + * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. + * + * Copyright 2008 by Sun Microsystems, Inc. + * + * OpenOffice.org - a multi-platform office productivity suite + * + * $RCSfile: warnbox.src,v $ + * $Revision: 1.6 $ + * + * This file is part of OpenOffice.org. + * + * OpenOffice.org is free software: you can redistribute it and/or modify + * it under the terms of the GNU Lesser General Public License version 3 + * only, as published by the Free Software Foundation. + * + * OpenOffice.org is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU Lesser General Public License version 3 for more details + * (a copy is included in the LICENSE file that accompanied this code). + * + * You should have received a copy of the GNU Lesser General Public License + * version 3 along with OpenOffice.org. If not, see + * <http://www.openoffice.org/license.html> + * for a copy of the LGPLv3 License. + * + ************************************************************************/ + +#include <xmlsecurity/global.hrc> + +WarningBox RID_XMLSECWB_NO_MOZILLA_PROFILE +{ + Buttons = WB_OK ; + DefButton = WB_DEF_OK ; + Message [ en-US ] = "Digital signatures functionality could not be used, because no Mozilla user profile was found. Please check the Mozilla installation." ; +}; + diff --git a/xmlsecurity/source/dialogs/certificatechooser.cxx b/xmlsecurity/source/dialogs/certificatechooser.cxx new file mode 100644 index 000000000000..1da33b586fe7 --- /dev/null +++ b/xmlsecurity/source/dialogs/certificatechooser.cxx @@ -0,0 +1,241 @@ +/************************************************************************* + * + * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. + * + * Copyright 2008 by Sun Microsystems, Inc. + * + * OpenOffice.org - a multi-platform office productivity suite + * + * $RCSfile: certificatechooser.cxx,v $ + * $Revision: 1.13 $ + * + * This file is part of OpenOffice.org. + * + * OpenOffice.org is free software: you can redistribute it and/or modify + * it under the terms of the GNU Lesser General Public License version 3 + * only, as published by the Free Software Foundation. + * + * OpenOffice.org is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU Lesser General Public License version 3 for more details + * (a copy is included in the LICENSE file that accompanied this code). + * + * You should have received a copy of the GNU Lesser General Public License + * version 3 along with OpenOffice.org. If not, see + * <http://www.openoffice.org/license.html> + * for a copy of the LGPLv3 License. + * + ************************************************************************/ + +// MARKER(update_precomp.py): autogen include statement, do not remove +#include "precompiled_xmlsecurity.hxx" + +#include <xmlsecurity/certificatechooser.hxx> +#include <xmlsecurity/certificateviewer.hxx> +#include <xmlsecurity/biginteger.hxx> +#include <com/sun/star/xml/crypto/XSecurityEnvironment.hpp> +#include <comphelper/sequence.hxx> +#include <comphelper/processfactory.hxx> + +#include <com/sun/star/security/NoPasswordException.hpp> +#include <com/sun/star/security/CertificateCharacters.hpp> +#include <com/sun/star/security/SerialNumberAdapter.hpp> + +#include <dialogs.hrc> +#include <resourcemanager.hxx> +#include <vcl/msgbox.hxx> + +/* HACK: disable some warnings for MS-C */ +#ifdef _MSC_VER +#pragma warning (disable : 4355) // 4355: this used in initializer-list +#endif + +using namespace ::com::sun::star; + +#define INVAL_SEL 0xFFFF + +USHORT CertificateChooser::GetSelectedEntryPos( void ) const +{ + USHORT nSel = INVAL_SEL; + + SvLBoxEntry* pSel = maCertLB.FirstSelected(); + if( pSel ) + nSel = (USHORT) ( sal_uIntPtr ) pSel->GetUserData(); + + return (USHORT) nSel; +} + +CertificateChooser::CertificateChooser( Window* _pParent, uno::Reference< uno::XComponentContext>& _rxCtx, uno::Reference< dcss::xml::crypto::XSecurityEnvironment >& _rxSecurityEnvironment, const SignatureInformations& _rCertsToIgnore ) + :ModalDialog ( _pParent, XMLSEC_RES( RID_XMLSECDLG_CERTCHOOSER ) ) + ,maCertsToIgnore( _rCertsToIgnore ) + ,maHintFT ( this, XMLSEC_RES( FT_HINT_SELECT ) ) + ,maCertLB ( this, XMLSEC_RES( LB_SIGNATURES ) ) + ,maViewBtn ( this, XMLSEC_RES( BTN_VIEWCERT ) ) + ,maBottomSepFL ( this, XMLSEC_RES( FL_BOTTOM_SEP ) ) + ,maOKBtn ( this, XMLSEC_RES( BTN_OK ) ) + ,maCancelBtn ( this, XMLSEC_RES( BTN_CANCEL ) ) + ,maHelpBtn ( this, XMLSEC_RES( BTN_HELP ) ) +{ + static long nTabs[] = { 3, 0, 30*CS_LB_WIDTH/100, 60*CS_LB_WIDTH/100 }; + maCertLB.SetTabs( &nTabs[0] ); + maCertLB.InsertHeaderEntry( String( XMLSEC_RES( STR_HEADERBAR ) ) ); + maCertLB.SetSelectHdl( LINK( this, CertificateChooser, CertificateHighlightHdl ) ); + maCertLB.SetDoubleClickHdl( LINK( this, CertificateChooser, CertificateSelectHdl ) ); + maViewBtn.SetClickHdl( LINK( this, CertificateChooser, ViewButtonHdl ) ); + + FreeResource(); + + mxCtx = _rxCtx; + mxSecurityEnvironment = _rxSecurityEnvironment; + mbInitialized = FALSE; + + // disable buttons + CertificateHighlightHdl( NULL ); +} + +CertificateChooser::~CertificateChooser() +{ +} + +short CertificateChooser::Execute() +{ + // #i48432# + // We can't check for personal certificates before raising this dialog, + // because the mozilla implementation throws a NoPassword exception, + // if the user pressed cancel, and also if the database does not exist! + // But in the later case, the is no password query, and the user is confused + // that nothing happens when pressing "Add..." in the SignatureDialog. + + // PostUserEvent( LINK( this, CertificateChooser, Initialize ) ); + + // PostUserLink behavior is to slow, so do it directly before Execute(). + // Problem: This Dialog should be visible right now, and the parent should not be accessible. + // Show, Update, DIsableInput... + + Window* pMe = this; + Window* pParent = GetParent(); + if ( pParent ) + pParent->EnableInput( FALSE ); + pMe->Show(); + pMe->Update(); + ImplInitialize(); + if ( pParent ) + pParent->EnableInput( TRUE ); + return ModalDialog::Execute(); +} + +// IMPL_LINK( CertificateChooser, Initialize, void*, EMPTYARG ) +void CertificateChooser::ImplInitialize() +{ + if ( !mbInitialized ) + { + try + { + maCerts = mxSecurityEnvironment->getPersonalCertificates(); + } + catch (security::NoPasswordException&) + { + } + + uno::Reference< dcss::security::XSerialNumberAdapter> xSerialNumberAdapter = + ::com::sun::star::security::SerialNumberAdapter::create(mxCtx); + + sal_Int32 nCertificates = maCerts.getLength(); + sal_Int32 nCertificatesToIgnore = maCertsToIgnore.size(); + for( sal_Int32 nCert = nCertificates; nCert; ) + { + uno::Reference< security::XCertificate > xCert = maCerts[ --nCert ]; + sal_Bool bIgnoreThis = false; + + // Do we already use that? + if( nCertificatesToIgnore ) + { + rtl::OUString aIssuerName = xCert->getIssuerName(); + for( sal_Int32 nSig = 0; nSig < nCertificatesToIgnore; ++nSig ) + { + const SignatureInformation& rInf = maCertsToIgnore[ nSig ]; + if ( ( aIssuerName == rInf.ouX509IssuerName ) && + ( xSerialNumberAdapter->toString( xCert->getSerialNumber() ) == rInf.ouX509SerialNumber ) ) + { + bIgnoreThis = true; + break; + } + } + } + + if ( !bIgnoreThis ) + { + // Check if we have a private key for this... + long nCertificateCharacters = mxSecurityEnvironment->getCertificateCharacters( xCert ); + + if ( !( nCertificateCharacters & security::CertificateCharacters::HAS_PRIVATE_KEY ) ) + bIgnoreThis = true; + + } + + if ( bIgnoreThis ) + { + ::comphelper::removeElementAt( maCerts, nCert ); + nCertificates = maCerts.getLength(); + } + } + + // fill list of certificates; the first entry will be selected + for ( sal_Int32 nC = 0; nC < nCertificates; ++nC ) + { + String sEntry( XmlSec::GetContentPart( maCerts[ nC ]->getSubjectName() ) ); + sEntry += '\t'; + sEntry += XmlSec::GetContentPart( maCerts[ nC ]->getIssuerName() ); + sEntry += '\t'; + sEntry += XmlSec::GetDateString( maCerts[ nC ]->getNotValidAfter() ); + SvLBoxEntry* pEntry = maCertLB.InsertEntry( sEntry ); + pEntry->SetUserData( ( void* )nC ); // missuse user data as index + } + + // enable/disable buttons + CertificateHighlightHdl( NULL ); + mbInitialized = TRUE; + } +} + + +uno::Reference< dcss::security::XCertificate > CertificateChooser::GetSelectedCertificate() +{ + uno::Reference< dcss::security::XCertificate > xCert; + USHORT nSelected = GetSelectedEntryPos(); + if ( nSelected < maCerts.getLength() ) + xCert = maCerts[ nSelected ]; + return xCert; +} + +IMPL_LINK( CertificateChooser, CertificateHighlightHdl, void*, EMPTYARG ) +{ + sal_Bool bEnable = GetSelectedCertificate().is(); + maViewBtn.Enable( bEnable ); + maOKBtn.Enable( bEnable ); + return 0; +} + +IMPL_LINK( CertificateChooser, CertificateSelectHdl, void*, EMPTYARG ) +{ + EndDialog( RET_OK ); + return 0; +} + +IMPL_LINK( CertificateChooser, ViewButtonHdl, Button*, EMPTYARG ) +{ + ImplShowCertificateDetails(); + return 0; +} + +void CertificateChooser::ImplShowCertificateDetails() +{ + uno::Reference< dcss::security::XCertificate > xCert = GetSelectedCertificate(); + if( xCert.is() ) + { + CertificateViewer aViewer( this, mxSecurityEnvironment, xCert, TRUE ); + aViewer.Execute(); + } +} + diff --git a/xmlsecurity/source/dialogs/certificatechooser.src b/xmlsecurity/source/dialogs/certificatechooser.src new file mode 100644 index 000000000000..896ccb103bbf --- /dev/null +++ b/xmlsecurity/source/dialogs/certificatechooser.src @@ -0,0 +1,90 @@ +/************************************************************************* + * + * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. + * + * Copyright 2008 by Sun Microsystems, Inc. + * + * OpenOffice.org - a multi-platform office productivity suite + * + * $RCSfile: certificatechooser.src,v $ + * $Revision: 1.8 $ + * + * This file is part of OpenOffice.org. + * + * OpenOffice.org is free software: you can redistribute it and/or modify + * it under the terms of the GNU Lesser General Public License version 3 + * only, as published by the Free Software Foundation. + * + * OpenOffice.org is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU Lesser General Public License version 3 for more details + * (a copy is included in the LICENSE file that accompanied this code). + * + * You should have received a copy of the GNU Lesser General Public License + * version 3 along with OpenOffice.org. If not, see + * <http://www.openoffice.org/license.html> + * for a copy of the LGPLv3 License. + * + ************************************************************************/ + +#include "dialogs.hrc" +#include "helpids.hrc" + +ModalDialog RID_XMLSECDLG_CERTCHOOSER +{ + HelpId = HID_XMLSEC_DLG_CERTCHOOSER; + Size = MAP_APPFONT( CS_WIDTH, CS_HEIGHT ); + OutputSize = TRUE; + Closeable = TRUE; + Moveable = TRUE; + SVLook = TRUE; + + Text [ en-US ] = "Select Certificate"; + + FixedText FT_HINT_SELECT + { + Pos = MAP_APPFONT( CS_COL_0, CS_ROW_0 ); + Size = MAP_APPFONT( CS_COL_2-CS_COL_0, RSC_CD_FIXEDTEXT_HEIGHT ); + Text [ en-US ] = "Select the certificate you want to use for signing"; + }; + Control LB_SIGNATURES + { + HelpId = HID_XMLSEC_CTRL_CHOOSESIGNATURES; + Pos = MAP_APPFONT( CS_COL_0, CS_ROW_1 ); + Size = MAP_APPFONT( CS_LB_WIDTH, CS_ROW_2-CS_ROW_1 ); + SVLook = TRUE; + Border = TRUE; + }; + String STR_HEADERBAR + { + Text [ en-US ] = "Issued to\tIssued by\tExpiration date"; + }; + PushButton BTN_VIEWCERT + { + Pos = MAP_APPFONT( CS_COL_1, CS_ROW_3 ); + Size = MAP_APPFONT( CS_COL_2-CS_COL_1, RSC_CD_PUSHBUTTON_HEIGHT ); + Text [ en-US ] = "View Certificate..."; + }; + FixedLine FL_BOTTOM_SEP + { + Pos = MAP_APPFONT( 0, DLGS_BOTTOM_FL_Y( CS_HEIGHT ) ); + Size = MAP_APPFONT( CS_WIDTH, RSC_CD_FIXEDLINE_HEIGHT ); + }; + OKButton BTN_OK + { + DefButton = TRUE; + Pos = MAP_APPFONT( DLGS_BOTTOM_OK_X( CS_WIDTH ), DLGS_BOTTOM_BTN_Y( CS_HEIGHT ) ); + Size = MAP_APPFONT( RSC_CD_PUSHBUTTON_WIDTH, RSC_CD_PUSHBUTTON_HEIGHT ); + }; + CancelButton BTN_CANCEL + { + Pos = MAP_APPFONT( DLGS_BOTTOM_CANCEL_X( CS_WIDTH ), DLGS_BOTTOM_BTN_Y( CS_HEIGHT ) ); + Size = MAP_APPFONT( RSC_CD_PUSHBUTTON_WIDTH, RSC_CD_PUSHBUTTON_HEIGHT ); + }; + HelpButton BTN_HELP + { + Pos = MAP_APPFONT( DLGS_BOTTOM_HELP_X( CS_WIDTH ), DLGS_BOTTOM_BTN_Y( CS_HEIGHT ) ); + Size = MAP_APPFONT( RSC_CD_PUSHBUTTON_WIDTH, RSC_CD_PUSHBUTTON_HEIGHT ); + }; +}; diff --git a/xmlsecurity/source/dialogs/certificateviewer.cxx b/xmlsecurity/source/dialogs/certificateviewer.cxx new file mode 100644 index 000000000000..765649ba3bf7 --- /dev/null +++ b/xmlsecurity/source/dialogs/certificateviewer.cxx @@ -0,0 +1,570 @@ +/************************************************************************* + * + * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. + * + * Copyright 2008 by Sun Microsystems, Inc. + * + * OpenOffice.org - a multi-platform office productivity suite + * + * $RCSfile: certificateviewer.cxx,v $ + * $Revision: 1.25 $ + * + * This file is part of OpenOffice.org. + * + * OpenOffice.org is free software: you can redistribute it and/or modify + * it under the terms of the GNU Lesser General Public License version 3 + * only, as published by the Free Software Foundation. + * + * OpenOffice.org is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU Lesser General Public License version 3 for more details + * (a copy is included in the LICENSE file that accompanied this code). + * + * You should have received a copy of the GNU Lesser General Public License + * version 3 along with OpenOffice.org. If not, see + * <http://www.openoffice.org/license.html> + * for a copy of the LGPLv3 License. + * + ************************************************************************/ + +// MARKER(update_precomp.py): autogen include statement, do not remove +#include "precompiled_xmlsecurity.hxx" +#include <xmlsecurity/certificateviewer.hxx> +#include <com/sun/star/security/XCertificate.hpp> + +#include <com/sun/star/security/CertificateCharacters.hpp> +#include <com/sun/star/xml/crypto/XSecurityEnvironment.hpp> +#include <com/sun/star/security/CertificateValidity.hpp> + +#include <unotools/localedatawrapper.hxx> +#include <unotools/datetime.hxx> + +#include "dialogs.hrc" +#include "resourcemanager.hxx" + +/* HACK: disable some warnings for MS-C */ +#ifdef _MSC_VER +#pragma warning (disable : 4355) // 4355: this used in initializer-list +#endif + +using namespace ::com::sun::star; +using namespace ::com::sun::star::uno; +namespace css = ::com::sun::star; + + +namespace +{ + void ShrinkToFit( FixedImage& _rImage ); + void AdjustPosAndSize( Control& _rCtrl, Point& _rStartIn_EndOut, long _nXOffset = 0 ); + + void ShrinkToFit( FixedImage& _rImg ) + { + _rImg.SetSizePixel( _rImg.GetImage().GetSizePixel() ); + } + + void AdjustPosAndSize( Control& _rCtrl, Point& _rStartIn_EndOut, long _nOffs ) + { + _rCtrl.SetPosPixel( _rStartIn_EndOut ); + _rStartIn_EndOut.X() += XmlSec::ShrinkToFitWidth( _rCtrl, _nOffs ); + } +} + +CertificateViewer::CertificateViewer( + Window* _pParent, + const cssu::Reference< dcss::xml::crypto::XSecurityEnvironment >& _rxSecurityEnvironment, + const cssu::Reference< dcss::security::XCertificate >& _rXCert, BOOL bCheckForPrivateKey ) + :TabDialog ( _pParent, XMLSEC_RES( RID_XMLSECDLG_CERTVIEWER ) ) + ,maTabCtrl ( this, XMLSEC_RES( 1 ) ) + ,maOkBtn ( this, XMLSEC_RES( BTN_OK ) ) + ,maHelpBtn ( this, XMLSEC_RES( BTN_HELP ) ) +{ + FreeResource(); + + mbCheckForPrivateKey = bCheckForPrivateKey; + + mxSecurityEnvironment = _rxSecurityEnvironment; + mxCert = _rXCert; + + maTabCtrl.SetTabPage( RID_XMLSECTP_GENERAL, new CertificateViewerGeneralTP( &maTabCtrl, this ) ); + maTabCtrl.SetTabPage( RID_XMLSECTP_DETAILS, new CertificateViewerDetailsTP( &maTabCtrl, this ) ); + maTabCtrl.SetTabPage( RID_XMLSECTP_CERTPATH, new CertificateViewerCertPathTP( &maTabCtrl, this ) ); + maTabCtrl.SetCurPageId( RID_XMLSECTP_GENERAL ); +} + +CertificateViewer::~CertificateViewer() +{ + delete maTabCtrl.GetTabPage( RID_XMLSECTP_CERTPATH ); + delete maTabCtrl.GetTabPage( RID_XMLSECTP_DETAILS ); + delete maTabCtrl.GetTabPage( RID_XMLSECTP_GENERAL ); +} + +CertificateViewerTP::CertificateViewerTP( Window* _pParent, const ResId& _rResId, CertificateViewer* _pDlg ) + :TabPage ( _pParent, _rResId ) + ,mpDlg ( _pDlg ) +{ +} + + +CertificateViewerGeneralTP::CertificateViewerGeneralTP( Window* _pParent, CertificateViewer* _pDlg ) + :CertificateViewerTP ( _pParent, XMLSEC_RES( RID_XMLSECTP_GENERAL ), _pDlg ) + ,maFrameWin ( this, XMLSEC_RES( WIN_FRAME ) ) + ,maCertImg ( this, XMLSEC_RES( IMG_CERT ) ) + ,maCertInfoFI ( this, XMLSEC_RES( FI_CERTINFO ) ) + ,maSep1FL ( this, XMLSEC_RES( FL_SEP1 ) ) + ,maHintNotTrustedFI ( this, XMLSEC_RES( FI_HINTNOTTRUST ) ) + ,maSep2FL ( this, XMLSEC_RES( FL_SEP2 ) ) + ,maIssuedToLabelFI ( this, XMLSEC_RES( FI_ISSTOLABEL ) ) + ,maIssuedToFI ( this, XMLSEC_RES( FI_ISSTO ) ) + ,maIssuedByLabelFI ( this, XMLSEC_RES( FI_ISSBYLABEL ) ) + ,maIssuedByFI ( this, XMLSEC_RES( FI_ISSBY ) ) + ,maValidDateFI ( this, XMLSEC_RES( FI_VALIDDATE ) ) + ,maKeyImg ( this, XMLSEC_RES( IMG_KEY ) ) + ,maHintCorrespPrivKeyFI ( this, XMLSEC_RES( FI_CORRPRIVKEY ) ) +{ + if ( GetSettings().GetStyleSettings().GetHighContrastMode() ) + maKeyImg.SetImage( Image( XMLSEC_RES( IMG_KEY_HC ) ) ); + + //Verify the certificate + sal_Int32 certStatus = mpDlg->mxSecurityEnvironment->verifyCertificate(mpDlg->mxCert, + Sequence<Reference<css::security::XCertificate> >()); + //We currently have two status + //These errors are alloweds + sal_Int32 validCertErrors = css::security::CertificateValidity::VALID + | css::security::CertificateValidity::UNKNOWN_REVOKATION; + + //Build a mask to filter out the allowed errors + sal_Int32 mask = ~validCertErrors; + // "subtract" the allowed error flags from the result + sal_Int32 certErrors = certStatus & mask; + bool bCertValid = certErrors > 0 ? false : true; + + bool bHC = GetSettings().GetStyleSettings().GetHighContrastMode(); + if ( !bCertValid ) + { + maCertImg.SetImage( + Image( XMLSEC_RES( bHC ? IMG_STATE_NOT_VALIDATED_HC : IMG_STATE_NOT_VALIDATED ) ) ); + maHintNotTrustedFI.SetText( String( XMLSEC_RES( STR_CERTIFICATE_NOT_VALIDATED ) ) ); + } + else if ( bHC ) + maCertImg.SetImage( Image( XMLSEC_RES( IMG_STATE_CERIFICATED_HC ) ) ); + + FreeResource(); + + Wallpaper aBack( GetSettings().GetStyleSettings().GetWindowColor() ); + maFrameWin.SetBackground( aBack ); + maCertImg.SetBackground( aBack ); + maCertInfoFI.SetBackground( aBack ); + maSep1FL.SetBackground( aBack ); + maHintNotTrustedFI.SetBackground( aBack ); + maSep2FL.SetBackground( aBack ); + maIssuedToLabelFI.SetBackground( aBack ); + maIssuedToFI.SetBackground( aBack ); + maIssuedByLabelFI.SetBackground( aBack ); + maIssuedByFI.SetBackground( aBack ); + maValidDateFI.SetBackground( aBack ); + maKeyImg.SetBackground( aBack ); + maHintCorrespPrivKeyFI.SetBackground( aBack ); + + // make some bold + Font aFnt( maCertInfoFI.GetFont() ); + aFnt.SetWeight( WEIGHT_BOLD ); + maCertInfoFI.SetFont( aFnt ); + maHintNotTrustedFI.SetFont( aFnt ); + maIssuedToLabelFI.SetFont( aFnt ); + maIssuedByLabelFI.SetFont( aFnt ); + maValidDateFI.SetFont( aFnt ); + + // insert data + cssu::Reference< dcss::security::XCertificate > xCert = mpDlg->mxCert; + + maIssuedToFI.SetText( XmlSec::GetContentPart( xCert->getSubjectName() ) ); + maIssuedByFI.SetText( XmlSec::GetContentPart( xCert->getIssuerName() ) ); + + // dynamic length because of the different languages + long nWidth1 = maIssuedToLabelFI.GetTextWidth( maIssuedToLabelFI.GetText() ); + long nWidth2 = maIssuedByLabelFI.GetTextWidth( maIssuedByLabelFI.GetText() ); + long nNewWidth = Max( nWidth1, nWidth2 ) + 5; + Size aNewSize = maIssuedToLabelFI.GetSizePixel(); + aNewSize.Width() = nNewWidth; + maIssuedToLabelFI.SetSizePixel( aNewSize ); + maIssuedByLabelFI.SetSizePixel( aNewSize ); + long nNewX = maIssuedToLabelFI.GetPosPixel().X() + nNewWidth + 1; + Point aNewPos = maIssuedToFI.GetPosPixel(); + aNewPos.X() = nNewX; + maIssuedToFI.SetPosPixel( aNewPos ); + aNewPos = maIssuedByFI.GetPosPixel(); + aNewPos.X() = nNewX; + maIssuedByFI.SetPosPixel( aNewPos ); + nNewWidth = maValidDateFI.GetSizePixel().Width() - nNewX; + aNewSize = maIssuedToFI.GetSizePixel(); + aNewSize.Width() = nNewWidth; + maIssuedToFI.SetSizePixel( aNewSize ); + maIssuedByFI.SetSizePixel( aNewSize ); + + DateTime aDateTimeStart; + DateTime aDateTimeEnd; + utl::typeConvert( xCert->getNotValidBefore(), aDateTimeStart ); + utl::typeConvert( xCert->getNotValidAfter(), aDateTimeEnd ); + String sText = maValidDateFI.GetText(); + sText.SearchAndReplace( String::CreateFromAscii( "%SDATE%" ), + GetSettings().GetUILocaleDataWrapper().getDate( aDateTimeStart.GetDate() ) ); + sText.SearchAndReplace( String::CreateFromAscii( "%EDATE%" ), + GetSettings().GetUILocaleDataWrapper().getDate( aDateTimeEnd.GetDate() ) ); + maValidDateFI.SetText( sText ); + + // adjust position of fixed text depending on image sizes + ShrinkToFit( maCertImg ); + ShrinkToFit( maKeyImg ); + XmlSec::AlignAfterImage( maCertImg, maCertInfoFI, 12 ); + XmlSec::AlignAfterImage( maKeyImg, maHintCorrespPrivKeyFI, 12 ); + + // Check if we have the private key... + BOOL bHasPrivateKey = FALSE; + // #i41270# Check only if we have that certificate in our security environment + if ( _pDlg->mbCheckForPrivateKey ) + { + long nCertificateCharacters = _pDlg->mxSecurityEnvironment->getCertificateCharacters( xCert ); + bHasPrivateKey = ( nCertificateCharacters & security::CertificateCharacters::HAS_PRIVATE_KEY ) ? TRUE : FALSE; + } + if ( !bHasPrivateKey ) + { + maKeyImg.Hide(); + maHintCorrespPrivKeyFI.Hide(); + } +} + +void CertificateViewerGeneralTP::ActivatePage() +{ + +} + + +struct Details_UserDatat +{ + String maTxt; + bool mbFixedWidthFont; + + inline Details_UserDatat( const String& _rTxt, bool _bFixedWidthFont ); +}; + +inline Details_UserDatat::Details_UserDatat( const String& _rTxt, bool _bFixedWidthFont ) + :maTxt ( _rTxt ) + ,mbFixedWidthFont ( _bFixedWidthFont ) +{ +} + + +void CertificateViewerDetailsTP::Clear( void ) +{ + maElementML.SetText( String() ); + ULONG i = 0; + SvLBoxEntry* pEntry = maElementsLB.GetEntry( i ); + while( pEntry ) + { + delete ( Details_UserDatat* ) pEntry->GetUserData(); + ++i; + pEntry = maElementsLB.GetEntry( i ); + } + + maElementsLB.Clear(); +} + +void CertificateViewerDetailsTP::InsertElement( const String& _rField, const String& _rValue, + const String& _rDetails, bool _bFixedWidthFont ) +{ + SvLBoxEntry* pEntry = maElementsLB.InsertEntry( _rField ); + maElementsLB.SetEntryText( _rValue, pEntry, 1 ); + pEntry->SetUserData( ( void* ) new Details_UserDatat( _rDetails, _bFixedWidthFont ) ); +} + +CertificateViewerDetailsTP::CertificateViewerDetailsTP( Window* _pParent, CertificateViewer* _pDlg ) + :CertificateViewerTP ( _pParent, XMLSEC_RES( RID_XMLSECTP_DETAILS ), _pDlg ) + ,maElementsLB ( this, XMLSEC_RES( LB_ELEMENTS ) ) + ,maElementML ( this, XMLSEC_RES( ML_ELEMENT ) ) + ,maStdFont ( maElementML.GetControlFont() ) + ,maFixedWidthFont ( OutputDevice::GetDefaultFont( DEFAULTFONT_UI_FIXED, LANGUAGE_DONTKNOW, DEFAULTFONT_FLAGS_ONLYONE, this ) ) +{ + WinBits nStyle = maElementsLB.GetStyle(); + nStyle &= ~WB_HSCROLL; + maElementsLB.SetStyle( nStyle ); + + maFixedWidthFont.SetHeight( maStdFont.GetHeight() ); + + static long nTabs[] = { 2, 0, 30*CS_LB_WIDTH/100 }; + maElementsLB.SetTabs( &nTabs[ 0 ] ); + maElementsLB.InsertHeaderEntry( String( XMLSEC_RES( STR_HEADERBAR ) ) ); + + // fill list box + Reference< security::XCertificate > xCert = mpDlg->mxCert; + UINT16 nLineBreak = 16; + const char* pHexSep = " "; + String aLBEntry; + String aDetails; + // --> PB 2004-10-11 #i35107# - 0 == "V1", 1 == "V2", ..., n = "V(n+1)" + aLBEntry = String::CreateFromAscii( "V" ); + aLBEntry += String::CreateFromInt32( xCert->getVersion() + 1 ); + // <-- + InsertElement( String( XMLSEC_RES( STR_VERSION ) ), aLBEntry, aLBEntry ); + Sequence< sal_Int8 > aSeq = xCert->getSerialNumber(); + aLBEntry = XmlSec::GetHexString( aSeq, pHexSep ); + aDetails = XmlSec::GetHexString( aSeq, pHexSep, nLineBreak ); + InsertElement( String( XMLSEC_RES( STR_SERIALNUM ) ), aLBEntry, aDetails, true ); + + std::pair< ::rtl::OUString, ::rtl::OUString> pairIssuer = + XmlSec::GetDNForCertDetailsView(xCert->getIssuerName()); + aLBEntry = pairIssuer.first; + aDetails = pairIssuer.second; + InsertElement( String( XMLSEC_RES( STR_ISSUER ) ), aLBEntry, aDetails ); + /* + aSeq = xCert->getIssuerUniqueID(); + aLBEntry = XmlSec::GetHexString( aSeq, pHexSep ); + aDetails = XmlSec::GetHexString( aSeq, pHexSep, nLineBreak ); + InsertElement( String( XMLSEC_RES( STR_ISSUER_ID ) ), aLBEntry, aDetails, true ); + */ + + DateTime aDateTime; + utl::typeConvert( xCert->getNotValidBefore(), aDateTime ); + aLBEntry = GetSettings().GetUILocaleDataWrapper().getDate( aDateTime.GetDate() ); + aLBEntry += String::CreateFromAscii( " " ); + aLBEntry += GetSettings().GetUILocaleDataWrapper().getTime( aDateTime.GetTime() ); + InsertElement( String( XMLSEC_RES( STR_VALIDFROM ) ), aLBEntry, aLBEntry ); + utl::typeConvert( xCert->getNotValidAfter(), aDateTime ); + aLBEntry = GetSettings().GetUILocaleDataWrapper().getDate( aDateTime.GetDate() ); + aLBEntry += String::CreateFromAscii( " " ); + aLBEntry += GetSettings().GetUILocaleDataWrapper().getTime( aDateTime.GetTime() ); + InsertElement( String( XMLSEC_RES( STR_VALIDTO ) ), aLBEntry, aLBEntry ); + + std::pair< ::rtl::OUString, ::rtl::OUString > pairSubject = + XmlSec::GetDNForCertDetailsView(xCert->getSubjectName()); + aLBEntry = pairSubject.first; + aDetails = pairSubject.second; + InsertElement( String( XMLSEC_RES( STR_SUBJECT ) ), aLBEntry, aDetails ); + /* + aSeq = xCert->getSubjectUniqueID(); + aLBEntry = XmlSec::GetHexString( aSeq, pHexSep ); + aDetails = XmlSec::GetHexString( aSeq, pHexSep, nLineBreak ); + InsertElement( String( XMLSEC_RES( STR_SUBJECT_ID ) ), aLBEntry, aDetails, true ); + */ + aLBEntry = aDetails = xCert->getSubjectPublicKeyAlgorithm(); + InsertElement( String( XMLSEC_RES( STR_SUBJECT_PUBKEY_ALGO ) ), aLBEntry, aDetails ); + aSeq = xCert->getSubjectPublicKeyValue(); + aLBEntry = XmlSec::GetHexString( aSeq, pHexSep ); + aDetails = XmlSec::GetHexString( aSeq, pHexSep, nLineBreak ); + InsertElement( String( XMLSEC_RES( STR_SUBJECT_PUBKEY_VAL ) ), aLBEntry, aDetails, true ); + + aLBEntry = aDetails = xCert->getSignatureAlgorithm(); + InsertElement( String( XMLSEC_RES( STR_SIGNATURE_ALGO ) ), aLBEntry, aDetails ); + + aSeq = xCert->getSHA1Thumbprint(); + aLBEntry = XmlSec::GetHexString( aSeq, pHexSep ); + aDetails = XmlSec::GetHexString( aSeq, pHexSep, nLineBreak ); + InsertElement( String( XMLSEC_RES( STR_THUMBPRINT_SHA1 ) ), aLBEntry, aDetails, true ); + + aSeq = xCert->getMD5Thumbprint(); + aLBEntry = XmlSec::GetHexString( aSeq, pHexSep ); + aDetails = XmlSec::GetHexString( aSeq, pHexSep, nLineBreak ); + InsertElement( String( XMLSEC_RES( STR_THUMBPRINT_MD5 ) ), aLBEntry, aDetails, true ); + + FreeResource(); + + maElementsLB.SetSelectHdl( LINK( this, CertificateViewerDetailsTP, ElementSelectHdl ) ); +} + +CertificateViewerDetailsTP::~CertificateViewerDetailsTP() +{ + Clear(); +} + +void CertificateViewerDetailsTP::ActivatePage() +{ +} + +IMPL_LINK( CertificateViewerDetailsTP, ElementSelectHdl, void*, EMPTYARG ) +{ + SvLBoxEntry* pEntry = maElementsLB.FirstSelected(); + String aElementText; + bool bFixedWidthFont; + if( pEntry ) + { + const Details_UserDatat* p = ( Details_UserDatat* ) pEntry->GetUserData(); + aElementText = p->maTxt; + bFixedWidthFont = p->mbFixedWidthFont; + } + else + bFixedWidthFont = false; + + maElementML.SetFont( bFixedWidthFont? maFixedWidthFont : maStdFont ); + maElementML.SetControlFont( bFixedWidthFont? maFixedWidthFont : maStdFont ); + maElementML.SetText( aElementText ); + + return 0; +} + +struct CertPath_UserData +{ + cssu::Reference< dcss::security::XCertificate > mxCert; + String maStatus; + bool mbValid; + + CertPath_UserData( cssu::Reference< dcss::security::XCertificate > xCert, bool bValid): + mxCert(xCert), + mbValid(bValid) + { + } +}; + + +CertificateViewerCertPathTP::CertificateViewerCertPathTP( Window* _pParent, CertificateViewer* _pDlg ) + :CertificateViewerTP ( _pParent, XMLSEC_RES( RID_XMLSECTP_CERTPATH ), _pDlg ) + ,maCertPathFT ( this, XMLSEC_RES( FT_CERTPATH ) ) + ,maCertPathLB ( this, XMLSEC_RES( LB_SIGNATURES ) ) + ,maViewCertPB ( this, XMLSEC_RES( BTN_VIEWCERT ) ) + ,maCertStatusFT ( this, XMLSEC_RES( FT_CERTSTATUS ) ) + ,maCertStatusML ( this, XMLSEC_RES( ML_CERTSTATUS ) ) + ,mpParent ( _pDlg ) + ,mbFirstActivateDone ( false ) + ,maCertImage ( XMLSEC_RES( IMG_CERT_SMALL ) ) + ,maCertNotValidatedImage( XMLSEC_RES( IMG_CERT_NOTVALIDATED_SMALL ) ) + ,msCertOK ( XMLSEC_RES( STR_PATH_CERT_OK ) ) + ,msCertNotValidated ( XMLSEC_RES( STR_PATH_CERT_NOT_VALIDATED ) ) + +{ + if ( GetSettings().GetStyleSettings().GetHighContrastMode() ) + { + maCertImage = Image( XMLSEC_RES( IMG_CERT_SMALL_HC ) ); + maCertNotValidatedImage = Image( XMLSEC_RES( IMG_CERT_NOTVALIDATED_SMALL_HC ) ); + } + + FreeResource(); + + maCertPathLB.SetNodeDefaultImages(); + maCertPathLB.SetSublistOpenWithLeftRight(); + maCertPathLB.SetSelectHdl( LINK( this, CertificateViewerCertPathTP, CertSelectHdl ) ); + maViewCertPB.SetClickHdl( LINK( this, CertificateViewerCertPathTP, ViewCertHdl ) ); + + // check if buttontext is to wide + const long nOffset = 10; + String sText = maViewCertPB.GetText(); + long nTxtW = maViewCertPB.GetTextWidth( sText ); + if ( sText.Search( '~' ) == STRING_NOTFOUND ) + nTxtW += nOffset; + long nBtnW = maViewCertPB.GetSizePixel().Width(); + if ( nTxtW > nBtnW ) + { + // broaden the button + long nDelta = nTxtW - nBtnW; + Size aNewSize = maViewCertPB.GetSizePixel(); + aNewSize.Width() += nDelta; + maViewCertPB.SetSizePixel( aNewSize ); + // and give it a new position + Point aNewPos = maViewCertPB.GetPosPixel(); + aNewPos.X() -= nDelta; + maViewCertPB.SetPosPixel( aNewPos ); + } +} + +CertificateViewerCertPathTP::~CertificateViewerCertPathTP() +{ + Clear(); +} + +void CertificateViewerCertPathTP::ActivatePage() +{ + if ( !mbFirstActivateDone ) + { + mbFirstActivateDone = true; + Sequence< Reference< security::XCertificate > > aCertPath = + mpParent->mxSecurityEnvironment->buildCertificatePath( mpParent->mxCert ); + const Reference< security::XCertificate >* pCertPath = aCertPath.getConstArray(); + + String aState; + sal_Int32 i, nCnt = aCertPath.getLength(); + SvLBoxEntry* pParent = NULL; + for( i = nCnt; i; ) + { + const Reference< security::XCertificate > rCert = pCertPath[ --i ]; + String sName = XmlSec::GetContentPart( rCert->getSubjectName() ); + //Verify the certificate + sal_Int32 certStatus = mpDlg->mxSecurityEnvironment->verifyCertificate(rCert, + Sequence<Reference<css::security::XCertificate> >()); + //We currently have two status + //These errors are alloweds + sal_Int32 validCertErrors = css::security::CertificateValidity::VALID + | css::security::CertificateValidity::UNKNOWN_REVOKATION; + + //Build a mask to filter out the allowed errors + sal_Int32 mask = ~validCertErrors; + // "subtract" the allowed error flags from the result + sal_Int32 certErrors = certStatus & mask; + bool bCertValid = certErrors > 0 ? false : true; + pParent = InsertCert( pParent, sName, rCert, bCertValid); + } + + maCertPathLB.Select( pParent ); + maViewCertPB.Disable(); // Own certificate selected + + while( pParent ) + { + maCertPathLB.Expand( pParent ); + pParent = maCertPathLB.GetParent( pParent ); + } + + CertSelectHdl( NULL ); + } +} + +IMPL_LINK( CertificateViewerCertPathTP, ViewCertHdl, void*, EMPTYARG ) +{ + SvLBoxEntry* pEntry = maCertPathLB.FirstSelected(); + if( pEntry ) + { + CertificateViewer aViewer( this, mpDlg->mxSecurityEnvironment, ((CertPath_UserData*)pEntry->GetUserData())->mxCert, FALSE ); + aViewer.Execute(); + } + + return 0; +} + +IMPL_LINK( CertificateViewerCertPathTP, CertSelectHdl, void*, EMPTYARG ) +{ + String sStatus; + SvLBoxEntry* pEntry = maCertPathLB.FirstSelected(); + if( pEntry ) + { + CertPath_UserData* pData = (CertPath_UserData*) pEntry->GetUserData(); + if ( pData ) + sStatus = pData->mbValid ? msCertOK : msCertNotValidated; + } + + maCertStatusML.SetText( sStatus ); + maViewCertPB.Enable( pEntry && ( pEntry != maCertPathLB.Last() ) ); + return 0; +} + +void CertificateViewerCertPathTP::Clear( void ) +{ + maCertStatusML.SetText( String() ); + ULONG i = 0; + SvLBoxEntry* pEntry = maCertPathLB.GetEntry( i ); + while( pEntry ) + { + delete ( CertPath_UserData* ) pEntry->GetUserData(); + ++i; + pEntry = maCertPathLB.GetEntry( i ); + } + + maCertPathLB.Clear(); +} + +SvLBoxEntry* CertificateViewerCertPathTP::InsertCert( + SvLBoxEntry* _pParent, const String& _rName, cssu::Reference< dcss::security::XCertificate > rxCert, + bool bValid) +{ + Image aImage = bValid ? maCertImage : maCertNotValidatedImage; + SvLBoxEntry* pEntry = maCertPathLB.InsertEntry( _rName, aImage, aImage, _pParent ); + pEntry->SetUserData( ( void* ) new CertPath_UserData( rxCert, bValid ) ); + + return pEntry; +} + diff --git a/xmlsecurity/source/dialogs/certificateviewer.src b/xmlsecurity/source/dialogs/certificateviewer.src new file mode 100644 index 000000000000..d2c812551c86 --- /dev/null +++ b/xmlsecurity/source/dialogs/certificateviewer.src @@ -0,0 +1,350 @@ +/************************************************************************* + * + * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. + * + * Copyright 2008 by Sun Microsystems, Inc. + * + * OpenOffice.org - a multi-platform office productivity suite + * + * $RCSfile: certificateviewer.src,v $ + * $Revision: 1.15 $ + * + * This file is part of OpenOffice.org. + * + * OpenOffice.org is free software: you can redistribute it and/or modify + * it under the terms of the GNU Lesser General Public License version 3 + * only, as published by the Free Software Foundation. + * + * OpenOffice.org is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU Lesser General Public License version 3 for more details + * (a copy is included in the LICENSE file that accompanied this code). + * + * You should have received a copy of the GNU Lesser General Public License + * version 3 along with OpenOffice.org. If not, see + * <http://www.openoffice.org/license.html> + * for a copy of the LGPLv3 License. + * + ************************************************************************/ +#include "dialogs.hrc" +#include "helpids.hrc" + +TabDialog RID_XMLSECDLG_CERTVIEWER +{ + HelpID = HID_XMLSEC_DLG_CERTVIEWER; + Size = MAP_APPFONT( TD_WIDTH, TD_HEIGHT ); + OutputSize = TRUE; + Closeable = TRUE; + Moveable = TRUE; + SVLook = TRUE; + + Text [ en-US ] = "View Certificate"; + TabControl 1 + { + Pos = MAP_APPFONT( TD_SP_INNERBORDER_LEFT, TD_SP_INNERBORDER_TOP ); + Size = MAP_APPFONT( TP_WIDTH, TP_HEIGHT+RIDDER_HEIGHT ); + SVLook = TRUE ; + PageList = + { + PageItem + { + Identifier = RID_XMLSECTP_GENERAL; + Text [ en-US ] = "General"; + }; + PageItem + { + Identifier = RID_XMLSECTP_DETAILS; + Text [ en-US ] = "Details"; + }; + PageItem + { + Identifier = RID_XMLSECTP_CERTPATH; + Text [ en-US ] = "Certification Path"; + }; + }; + }; + OKButton BTN_OK + { + Pos = MAP_APPFONT( CV_COL_A, CV_ROW_A ); + Size = MAP_APPFONT( RSC_CD_PUSHBUTTON_WIDTH, RSC_CD_PUSHBUTTON_HEIGHT ); + DefButton = TRUE; + }; + HelpButton BTN_HELP + { + Pos = MAP_APPFONT( CV_COL_C, CV_ROW_A ); + Size = MAP_APPFONT( RSC_CD_PUSHBUTTON_WIDTH, RSC_CD_PUSHBUTTON_HEIGHT ); + }; +}; + +TabPage RID_XMLSECTP_GENERAL +{ + HelpId = HID_XMLSEC_TP_GENERAL; + Size = MAP_APPFONT( TP_WIDTH, TP_HEIGHT ); + OutputSize = TRUE; + Hide = TRUE; + SVLook = TRUE; + Window WIN_FRAME + { + SVLook = TRUE; + Border = TRUE; + Pos = MAP_APPFONT( CV_COL_0, CV_ROW_0 ); + Size = MAP_APPFONT( CV_CONT_WIDTH, CV_CONT_HEIGHT ); + }; + FixedImage IMG_CERT + { + Pos = MAP_APPFONT( CW_COL_0, CW_ROW_0 ); + Size = MAP_APPFONT( IMG1_WIDTH, IMG1_HEIGHT ); + Fixed = Image + { + ImageBitmap = Bitmap { File = "certificate_40x56.png"; }; + MaskColor = STD_MASKCOLOR; + }; + }; + FixedText FI_CERTINFO + { + Pos = MAP_APPFONT( CW_COL_3, CW_ROW_1 ); + Size = MAP_APPFONT( CW_COL_5-CW_COL_3, RSC_CD_FIXEDTEXT_HEIGHT ); + Text [ en-US ] = " Certificate Information"; + }; + FixedLine FL_SEP1 + { + Pos = MAP_APPFONT( CW_COL_0, CW_ROW_3 ); + Size = MAP_APPFONT( CW_COL_5-CW_COL_0, RSC_CD_FIXEDLINE_HEIGHT ); + }; + FixedText FI_HINTNOTTRUST + { + Pos = MAP_APPFONT( CW_COL_1, CW_ROW_4 ); + Size = MAP_APPFONT( CW_COL_5a-CW_COL_1, CW_ROW_4a-CW_ROW_4 ); + WordBreak = TRUE; + Text [ en-US ] = "This certificate is intended for the following purpose(s):"; + }; + FixedLine FL_SEP2 + { + Pos = MAP_APPFONT( CW_COL_0, CW_ROW_5 ); + Size = MAP_APPFONT( CW_COL_5-CW_COL_0, RSC_CD_FIXEDLINE_HEIGHT ); + }; + FixedText FI_ISSTOLABEL + { + Pos = MAP_APPFONT( CW_COL_1, CW_ROW_6 ); + Size = MAP_APPFONT( CW_COL_4-CW_COL_1-1, RSC_CD_FIXEDTEXT_HEIGHT ); + Text [ en-US ] = "Issued to:"; + }; + FixedText FI_ISSTO + { + Pos = MAP_APPFONT( CW_COL_4, CW_ROW_6 ); + Size = MAP_APPFONT( CW_COL_5-CW_COL_4, RSC_CD_FIXEDTEXT_HEIGHT ); + }; + FixedText FI_ISSBYLABEL + { + Pos = MAP_APPFONT( CW_COL_1, CW_ROW_7 ); + Size = MAP_APPFONT( CW_COL_4-CW_COL_1-1, RSC_CD_FIXEDTEXT_HEIGHT ); + Text [ en-US ] = "Issued by:"; + }; + FixedText FI_ISSBY + { + Pos = MAP_APPFONT( CW_COL_4, CW_ROW_7 ); + Size = MAP_APPFONT( CW_COL_5-CW_COL_4, RSC_CD_FIXEDTEXT_HEIGHT ); + }; + FixedText FI_VALIDDATE + { + Pos = MAP_APPFONT( CW_COL_1, CW_ROW_8 ); + Size = MAP_APPFONT( CW_COL_5-CW_COL_1-1, RSC_CD_FIXEDTEXT_HEIGHT ); + Text [ en-US ] = "Valid from %SDATE% to %EDATE%"; + }; + FixedImage IMG_KEY + { + Pos = MAP_APPFONT( CW_COL_0, CW_ROW_9 ); + Size = MAP_APPFONT( IMG2_WIDTH, IMG2_HEIGHT ); + Fixed = Image + { + ImageBitmap = Bitmap { File = "key_12.png"; }; + MaskColor = STD_MASKCOLOR; + }; + }; + FixedText FI_CORRPRIVKEY + { + Pos = MAP_APPFONT( CW_COL_1a, CW_ROW_10 ); + Size = MAP_APPFONT( CW_COL_5-CW_COL_1a, RSC_CD_FIXEDTEXT_HEIGHT ); + Text [ en-US ] = "You have a private key that corresponds to this certificate."; + }; + String STR_CERTIFICATE_NOT_VALIDATED + { + Text [ en-US ] = "The certificate could not be validated."; + }; + Image IMG_STATE_NOT_VALIDATED + { + ImageBitmap = Bitmap { File = "notcertificate_40x56.png"; }; + MaskColor = STD_MASKCOLOR; + }; + Image IMG_STATE_CERIFICATED_HC + { + ImageBitmap = Bitmap { File = "certificate_40x56_h.png"; }; + MaskColor = STD_MASKCOLOR; + }; + Image IMG_STATE_NOT_VALIDATED_HC + { + ImageBitmap = Bitmap { File = "notcertificate_40x56_h.png"; }; + MaskColor = STD_MASKCOLOR; + }; + Image IMG_KEY_HC + { + ImageBitmap = Bitmap { File = "key_12_h.png"; }; + MaskColor = STD_MASKCOLOR; + }; +}; + +TabPage RID_XMLSECTP_DETAILS +{ + HelpId = HID_XMLSEC_TP_DETAILS; + Size = MAP_APPFONT( TP_WIDTH, TP_HEIGHT ); + OutputSize = TRUE; + Hide = TRUE; + SVLook = TRUE; + Control LB_ELEMENTS + { + HelpId = HID_XMLSEC_CTRL_ELEMENTS; + Pos = MAP_APPFONT( CV_COL_0, CV_ROW_0 ); + Size = MAP_APPFONT( CV_CONT_WIDTH, CV_ROW_1-CV_ROW_0 ); + SVLook = TRUE; + Border = TRUE; + }; + String STR_HEADERBAR + { + Text [ en-US ] = "Field\tValue"; + }; + MultiLineEdit ML_ELEMENT + { + Pos = MAP_APPFONT( CV_COL_0, CV_ROW_2 ); + Size = MAP_APPFONT( CV_CONT_WIDTH, CV_ROW_3-CV_ROW_2 ); + ReadOnly = TRUE; + Border = TRUE; + VSCROLL = TRUE; + }; + String STR_VERSION + { + Text [ en-US ] = "Version"; + }; + String STR_SERIALNUM + { + Text [ en-US ] = "Serial Number"; + }; + String STR_SIGALGORITHM + { + Text [ en-US ] = "Signature Algorithm"; + }; + String STR_ISSUER + { + Text [ en-US ] = "Issuer"; + }; + String STR_ISSUER_ID + { + Text [ en-US ] = "Issuer Unique ID"; + }; + String STR_VALIDFROM + { + Text [ en-US ] = "Valid From"; + }; + String STR_VALIDTO + { + Text [ en-US ] = "Valid to"; + }; + String STR_SUBJECT + { + Text [ en-US ] = "Subject"; + }; + String STR_SUBJECT_ID + { + Text [ en-US ] = "Subject Unique ID"; + }; + String STR_SUBJECT_PUBKEY_ALGO + { + Text [ en-US ] = "Subject Algorithm"; + }; + String STR_SUBJECT_PUBKEY_VAL + { + Text [ en-US ] = "Public Key"; + }; + String STR_SIGNATURE_ALGO + { + Text [ en-US ] = "Signature Algorithm"; + }; + String STR_THUMBPRINT_SHA1 + { + Text [ en-US ] = "Thumbprint SHA1"; + }; + String STR_THUMBPRINT_MD5 + { + Text [ en-US ] = "Thumbprint MD5"; + }; +}; + +TabPage RID_XMLSECTP_CERTPATH +{ + HelpId = HID_XMLSEC_TP_CERTPATH; + Size = MAP_APPFONT( TP_WIDTH, TP_HEIGHT ); + OutputSize = TRUE; + Hide = TRUE; + SVLook = TRUE; + FixedText FT_CERTPATH + { + Pos = MAP_APPFONT( CV_COL_0, CVP_ROW_0 ); + Size = MAP_APPFONT( CV_CONT_WIDTH, RSC_CD_FIXEDTEXT_HEIGHT ); + Text [ en-US ] = "Certification path"; + }; + Control LB_SIGNATURES + { + HelpId = HID_XMLSEC_CTRL_VIEWSIGNATURES; + Pos = MAP_APPFONT( CV_COL_0, CVP_ROW_1 ); + Size = MAP_APPFONT( CV_CONT_WIDTH, REST_HEIGHT/3*2 ); + SVLook = TRUE; + Border = TRUE; + }; + PushButton BTN_VIEWCERT + { + Pos = MAP_APPFONT( CV_COL_1-(CV_COL_B-CV_COL_A), CVP_ROW_2 ); + Size = MAP_APPFONT( CV_COL_B-CV_COL_A, RSC_CD_PUSHBUTTON_HEIGHT ); + Text [ en-US ] = "View Certificate..."; + }; + FixedText FT_CERTSTATUS + { + Pos = MAP_APPFONT( CV_COL_0, CVP_ROW_3 ); + Size = MAP_APPFONT( CV_CONT_WIDTH, RSC_CD_FIXEDTEXT_HEIGHT ); + Text [ en-US ] = "Certification status"; + }; + MultiLineEdit ML_CERTSTATUS + { + Pos = MAP_APPFONT( CV_COL_0, CVP_ROW_4 ); + Size = MAP_APPFONT( CV_CONT_WIDTH, REST_HEIGHT/3 ); + ReadOnly = TRUE; + Border = TRUE; + }; + Image IMG_CERT_SMALL + { + ImageBitmap = Bitmap { File = "certificate_16.png"; }; + MaskColor = STD_MASKCOLOR; + }; + Image IMG_CERT_SMALL_HC + { + ImageBitmap = Bitmap { File = "certificate_16_h.png"; }; + MaskColor = STD_MASKCOLOR; + }; + Image IMG_CERT_NOTVALIDATED_SMALL + { + ImageBitmap = Bitmap { File = "notcertificate_16.png"; }; + MaskColor = STD_MASKCOLOR; + }; + Image IMG_CERT_NOTVALIDATED_SMALL_HC + { + ImageBitmap = Bitmap { File = "notcertificate_16_h.png"; }; + MaskColor = STD_MASKCOLOR; + }; + String STR_PATH_CERT_OK + { + Text [ en-US ] = "The certificate is OK."; + }; + String STR_PATH_CERT_NOT_VALIDATED + { + Text [ en-US ] = "The certificate could not be validated."; + }; +}; diff --git a/xmlsecurity/source/dialogs/dialogs.hrc b/xmlsecurity/source/dialogs/dialogs.hrc new file mode 100644 index 000000000000..f62a2a422eaf --- /dev/null +++ b/xmlsecurity/source/dialogs/dialogs.hrc @@ -0,0 +1,363 @@ +/************************************************************************* + * + * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. + * + * Copyright 2008 by Sun Microsystems, Inc. + * + * OpenOffice.org - a multi-platform office productivity suite + * + * $RCSfile: dialogs.hrc,v $ + * $Revision: 1.18 $ + * + * This file is part of OpenOffice.org. + * + * OpenOffice.org is free software: you can redistribute it and/or modify + * it under the terms of the GNU Lesser General Public License version 3 + * only, as published by the Free Software Foundation. + * + * OpenOffice.org is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU Lesser General Public License version 3 for more details + * (a copy is included in the LICENSE file that accompanied this code). + * + * You should have received a copy of the GNU Lesser General Public License + * version 3 along with OpenOffice.org. If not, see + * <http://www.openoffice.org/license.html> + * for a copy of the LGPLv3 License. + * + ************************************************************************/ + +#ifndef _DIALOGS_HRC +#define _DIALOGS_HRC + +#include <svtools/controldims.hrc> +#include <xmlsecurity/global.hrc> + +#define STD_MASKCOLOR Color{Red=0xffff;Green=0x0000;Blue=0xffff;} + +#define FL_BOTTOM_SEP 50 +#define BTN_OK 51 +#define BTN_CANCEL 52 +#define BTN_HELP 53 +#define LB_SIGNATURES 54 +#define BTN_VIEWCERT 55 +#define STR_HEADERBAR 56 +#define BTN_RESET 57 +#define STR_VALID_SIGNATURE 58 +#define STR_NO_INFO_TO_VERIFY 59 +#define STR_INVALID_SIGNATURE 60 + +// --------- general metrics --------- +#define DLGS_WIDTH 287 +#define DLGS_HEIGHT 195 +// --------- ... for tab dialogs ----- +#define TP_WIDTH 260 +#define TP_HEIGHT 185 +#define RIDDER_HEIGHT (RSC_CD_PUSHBUTTON_HEIGHT) +#define TD_SP_INNERBORDER_LEFT 3 +#define TD_SP_INNERBORDER_RIGHT 3 +#define TD_SP_INNERBORDER_TOP 3 +#define TD_SP_INNERBORDER_BOTTOM 3 +#define TD_WIDTH (TP_WIDTH+RSC_SP_DLG_INNERBORDER_LEFT+RSC_SP_DLG_INNERBORDER_RIGHT) +#define TD_HEIGHT (TP_HEIGHT+TD_SP_INNERBORDER_TOP+2*TD_SP_INNERBORDER_BOTTOM+RSC_CD_PUSHBUTTON_HEIGHT+RIDDER_HEIGHT) + +#define SEP_FL_SPACE_Y 6 +#define SEP_FL_ADJ_Y(val) (val-3) +#define DLGS_BOTTOM_BTN_L(dlgh) (dlgh-RSC_SP_DLG_INNERBORDER_BOTTOM) +#define DLGS_BOTTOM_BTN_Y(dlgh) (DLGS_BOTTOM_BTN_L(dlgh)-RSC_CD_PUSHBUTTON_HEIGHT) +#define DLGS_BOTTOM_FL_Y(dlgh) (DLGS_BOTTOM_BTN_Y(dlgh)-SEP_FL_SPACE_Y-5) +#define DLGS_BOTTOM_LAST_CTRL_L(dlgh) (DLGS_BOTTOM_BTN_Y(dlgh)-2*SEP_FL_SPACE_Y-3) +#define DLGS_BOTTOM_HELP_X(dlgw) (dlgw-RSC_SP_DLG_INNERBORDER_RIGHT-RSC_CD_PUSHBUTTON_WIDTH) +#define DLGS_BOTTOM_CANCEL_X(dlgw) (DLGS_BOTTOM_HELP_X(dlgw)-RSC_SP_CTRL_X-RSC_CD_PUSHBUTTON_WIDTH) +#define DLGS_BOTTOM_OK_X(dlgw) (DLGS_BOTTOM_CANCEL_X(dlgw)-RSC_SP_CTRL_DESC_X-RSC_CD_PUSHBUTTON_WIDTH) + + +// --------- dialog Digital Signatures --------- +#define BTN_ADDCERT 2 +#define BTN_REMOVECERT 3 +#define FT_HINT_DOC 4 +#define FT_HINT_BASIC 5 +#define FT_HINT_PACK 6 +#define IMG_STATE_VALID 7 +#define FI_STATE_VALID 8 +#define IMG_STATE_BROKEN 9 +#define FI_STATE_BROKEN 10 +#define IMG_STATE_NOTVALIDATED 11 +#define FI_STATE_NOTVALIDATED 12 +#define IMG_STATE_VALID_HC 13 +#define IMG_STATE_BROKEN_HC 14 +#define IMG_STATE_NOTVALIDATED_HC 15 +#define FI_STATE_OLDSIGNATURE 16 + +//#define DS_WIDTH DLGS_WIDTH +//#define DS_HEIGHT DLGS_HEIGHT +#define DS_BTNWIDTH_1 70 +#define DS_BTNSPACE_X RSC_SP_CTRL_X +#define DS_WIDTH (RSC_SP_DLG_INNERBORDER_LEFT+RSC_SP_DLG_INNERBORDER_RIGHT+2*DS_BTNSPACE_X+3*DS_BTNWIDTH_1) +#define DS_HEIGHT (DLGS_WIDTH*2/3) + +#define DS_COL_0 RSC_SP_DLG_INNERBORDER_LEFT +//#define DS_COL_MID (DS_WIDTH/2) +//#define DS_COL_3 (DS_COL_MID-(DS_BTNWIDTH_1/2)) +//#define DS_COL_4 (DS_COL_2+DS_BTNWIDTH_1) +//#define DS_COL_2 (DS_COL_3-DS_BTNSPACE_X) +//#define DS_COL_1 (DS_COL_2-DS_BTNWIDTH_1) +#define DS_COL_1 DS_COL_0 +#define DS_COL_2 (DS_COL_1+DS_BTNWIDTH_1) +#define DS_COL_3 (DS_COL_2+DS_BTNSPACE_X) +#define DS_COL_4 (DS_COL_3+DS_BTNWIDTH_1) +#define DS_COL_5 (DS_COL_4+DS_BTNSPACE_X) +//#define DS_COL_6 (DS_COL_5+DS_BTNWIDTH_1) +#define DS_COL_7 (DS_WIDTH-RSC_SP_DLG_INNERBORDER_RIGHT) +#define DS_COL_6 DS_COL_7 + +#define DS_ROW_0 RSC_SP_DLG_INNERBORDER_TOP +#define DS_ROW_1 (DS_ROW_0+RSC_CD_FIXEDTEXT_HEIGHT+RSC_SP_CTRL_DESC_X) +#define DS_ROW_7 DLGS_BOTTOM_BTN_L(DS_HEIGHT) +#define DS_ROW_6 DLGS_BOTTOM_BTN_Y(DS_HEIGHT) +#define DS_ROW_5 DLGS_BOTTOM_FL_Y(DS_HEIGHT) +#define DS_ROW_4 DLGS_BOTTOM_LAST_CTRL_L(DS_HEIGHT) +#define DS_ROW_3 (DS_ROW_4-RSC_CD_PUSHBUTTON_HEIGHT) +#define DS_ROW_2A (DS_ROW_3-RSC_CD_FIXEDTEXT_HEIGHT-RSC_SP_CTRL_Y) +#define DS_ROW_2 (DS_ROW_2A-RSC_SP_CTRL_GROUP_Y) + +#define DS_LB_WIDTH (DS_COL_7-DS_COL_0) + +// --------- dialog Ceritficate chooser --------- +#define FT_HINT_SELECT 1 + +#define CS_WIDTH DLGS_WIDTH +#define CS_HEIGHT DLGS_HEIGHT +#define CS_BTNWIDTH_1 DS_BTNWIDTH_1 + +#define CS_COL_0 RSC_SP_DLG_INNERBORDER_LEFT +#define CS_COL_2 (CS_WIDTH-RSC_SP_DLG_INNERBORDER_RIGHT) +#define CS_COL_1 (CS_COL_2-CS_BTNWIDTH_1) + +#define CS_ROW_0 RSC_SP_DLG_INNERBORDER_TOP +#define CS_ROW_1 (CS_ROW_0+RSC_CD_FIXEDTEXT_HEIGHT+RSC_SP_CTRL_DESC_X) +#define CS_ROW_4 DLGS_BOTTOM_LAST_CTRL_L(CS_HEIGHT) +#define CS_ROW_3 (CS_ROW_4-RSC_CD_PUSHBUTTON_HEIGHT) +#define CS_ROW_2 (CS_ROW_3-RSC_SP_CTRL_Y) + +#define CS_LB_WIDTH (CS_COL_2-CS_COL_0) + +// --------- tab dialog Certificate viewer --------- + +#define CV_COL_0 TD_SP_INNERBORDER_LEFT +#define CV_COL_1 (TP_WIDTH-RSC_SP_TBPG_INNERBORDER_RIGHT) +#define CV_ROW_0 RSC_SP_TBPG_INNERBORDER_TOP +#define CV_ROW_3 (TP_HEIGHT-RSC_SP_TBPG_INNERBORDER_BOTTOM) +#define CV_CONT_WIDTH (CV_COL_1-CV_COL_0) +#define CV_CONT_HEIGHT (CV_ROW_3-CV_ROW_0) +#define CV_ROW_1 (CV_ROW_0+2*CV_CONT_HEIGHT/3) +#define CV_ROW_2 (CV_ROW_1+RSC_SP_CTRL_GROUP_Y) + +#define CV_COL_D (TD_WIDTH-TD_SP_INNERBORDER_RIGHT) +#define CV_COL_C (CV_COL_D-RSC_CD_PUSHBUTTON_WIDTH) +#define CV_COL_B (CV_COL_C-RSC_SP_CTRL_X) +#define CV_COL_A (CV_COL_B-RSC_CD_PUSHBUTTON_WIDTH) + +#define CV_ROW_B (TD_HEIGHT-TD_SP_INNERBORDER_BOTTOM) +#define CV_ROW_A (CV_ROW_B-RSC_CD_PUSHBUTTON_HEIGHT) + +// --------- tab page Certificate viewer - General --------- +#define WIN_FRAME 2 +#define IMG_CERT 3 +#define FI_CERTINFO 4 +#define FL_SEP1 5 +#define FI_HINTNOTTRUST 6 +#define FL_SEP2 7 +#define FI_ISSTOLABEL 8 +#define FI_ISSTO 9 +#define FI_ISSBYLABEL 10 +#define FI_ISSBY 11 +#define FI_VALIDDATE 12 +#define IMG_KEY 13 +#define FI_CORRPRIVKEY 14 +#define STR_CERTIFICATE_NOT_VALIDATED 15 +#define IMG_STATE_NOT_VALIDATED 16 +#define IMG_STATE_CERIFICATED_HC 17 +#define IMG_STATE_NOT_VALIDATED_HC 18 +#define IMG_KEY_HC 19 + +#define IMG1_WIDTH 33 +#define IMG1_HEIGHT 22 +#define IMG2_WIDTH 20 +#define IMG2_HEIGHT 20 +#define DATE_WIDTH 30 +#define CW_COL_0 (CV_COL_0+RSC_SP_GRP_INNERBORDER_LEFT) +#define CW_COL_1 (CW_COL_0+RSC_SP_FLGR_SPACE_X) +#define CW_COL_1a (CW_COL_0+IMG2_WIDTH+1) +#define CW_COL_2 (CW_COL_0+IMG1_WIDTH) +#define CW_COL_3 (CW_COL_2+RSC_SP_CTRL_GROUP_X) +#define CW_COL_4 (CW_COL_1+40) +#define CW_COL_5 (CV_CONT_WIDTH-RSC_SP_GRP_INNERBORDER_RIGHT) +#define CW_COL_5a (CW_COL_5-RSC_SP_GRP_INNERBORDER_RIGHT) +#define CW_COL_4a (CW_COL_1+38) +#define CW_COL_4b (CW_COL_4a+DATE_WIDTH) +#define CW_COL_4c (CW_COL_4b+3) +#define CW_COL_4d (CW_COL_4c+8) +#define CW_COL_4e (CW_COL_4d+3) +#define CW_ROW_0 (CV_ROW_0+RSC_SP_GRP_INNERBORDER_TOP) +#define CW_ROW_1 (CW_ROW_0+RSC_SP_GRP_INNERBORDER_TOP) +#define CW_ROW_2 (CW_ROW_0+IMG1_HEIGHT) +#define CW_ROW_3 (CW_ROW_2+3) +#define CW_ROW_4 (CW_ROW_3+RSC_SP_CTRL_Y+RSC_CD_FIXEDLINE_HEIGHT) +#define CW_ROW_4a (CW_ROW_4+35) +#define CW_ROW_5 (CW_ROW_4a+3) +#define CW_ROW_6 (CW_ROW_5+RSC_SP_CTRL_Y+RSC_CD_FIXEDLINE_HEIGHT) +#define CW_ROW_7 (CW_ROW_6+RSC_SP_CTRL_Y+RSC_CD_FIXEDTEXT_HEIGHT) +#define CW_ROW_8 (CW_ROW_7+RSC_SP_CTRL_Y+RSC_CD_FIXEDTEXT_HEIGHT) +#define CW_ROW_9 (CW_ROW_8+RSC_SP_CTRL_Y+RSC_CD_FIXEDTEXT_HEIGHT) +#define CW_ROW_10 (CW_ROW_9+2) +#define CW_ROW_11 (CW_ROW_9+IMG2_HEIGHT) + +// --------- tab page Certificate viewer - Details --------- + +#define LB_ELEMENTS 1 +#define ML_ELEMENT 2 + +#define STR_VERSION 1 +#define STR_SERIALNUM 2 +#define STR_SIGALGORITHM 3 +#define STR_ISSUER 4 +#define STR_ISSUER_ID 5 +#define STR_VALIDFROM 6 +#define STR_VALIDTO 7 +#define STR_SUBJECT 8 +#define STR_SUBJECT_ID 9 +#define STR_SUBJECT_PUBKEY_ALGO 10 +#define STR_SUBJECT_PUBKEY_VAL 11 +#define STR_SIGNATURE_ALGO 12 +#define STR_THUMBPRINT_SHA1 13 +#define STR_THUMBPRINT_MD5 14 + +// --------- tab page Certificate viewer - Certification Path --------- + +#define FT_CERTPATH 1 +#define FT_CERTSTATUS 2 +#define ML_CERTSTATUS 3 +#define IMG_CERT_SMALL 4 +#define IMG_CERT_SMALL_HC 5 +#define IMG_CERT_NOTVALIDATED_SMALL 6 +#define IMG_CERT_NOTVALIDATED_SMALL_HC 7 +#define STR_PATH_CERT_OK 8 +#define STR_PATH_CERT_NOT_VALIDATED 9 + +#define CVP_ROW_0 RSC_SP_TBPG_INNERBORDER_TOP +#define CVP_ROW_1 (CVP_ROW_0+RSC_CD_FIXEDTEXT_HEIGHT+RSC_SP_CTRL_DESC_Y) +#define REST_HEIGHT (TP_HEIGHT-CVP_ROW_1-2*RSC_SP_GRP_SPACE_Y-RSC_CD_FIXEDTEXT_HEIGHT-RSC_CD_PUSHBUTTON_HEIGHT) +#define CVP_ROW_2 (CVP_ROW_1+REST_HEIGHT/3*2+RSC_SP_CTRL_DESC_Y) +#define CVP_ROW_3 (CVP_ROW_2+RSC_CD_PUSHBUTTON_HEIGHT) +#define CVP_ROW_4 (CVP_ROW_3+RSC_CD_FIXEDTEXT_HEIGHT+RSC_SP_CTRL_DESC_Y) + +//#define CV_ROW_0A (CV_ROW_0+RSC_SP_CTRL_DESC_Y+RSC_CD_FIXEDTEXT_HEIGHT) +//#define CV_ROW_2A (CV_ROW_2+RSC_SP_CTRL_DESC_Y+RSC_CD_FIXEDTEXT_HEIGHT) + +// --------- tab dialog macro security --------- + +#define MS_COL_A (TD_WIDTH-RSC_SP_DLG_INNERBORDER_LEFT) +#define MS_COL_B (MS_COL_A-RSC_CD_PUSHBUTTON_WIDTH) +#define MS_COL_C (MS_COL_B-RSC_SP_CTRL_X) +#define MS_COL_D (MS_COL_C-RSC_CD_PUSHBUTTON_WIDTH) +#define MS_COL_E (MS_COL_D-RSC_SP_CTRL_X) +#define MS_COL_F (MS_COL_E-RSC_CD_PUSHBUTTON_WIDTH) +#define MS_COL_G (MS_COL_F-RSC_SP_CTRL_X) +#define MS_COL_H (MS_COL_G-RSC_CD_PUSHBUTTON_WIDTH) + +// --------- tab page security level --------- + +#define FL_SECLEVEL 1 +#define RB_VERYHIGH 2 +#define RB_HIGH 3 +#define RB_MEDIUM 4 +#define RB_LOW 5 +#define FI_SEC_READONLY 6 + +#define RSC_BIG_RADIOBUTTON 40 +#define SL_RB_DIST_Y (RSC_SP_FLGR_SPACE_Y+RSC_BIG_RADIOBUTTON) +#define SL_COL_0 RSC_SP_TBPG_INNERBORDER_LEFT +#define SL_COL_1 (SL_COL_0+RSC_SP_FLGR_SPACE_X) +#define SL_COL_3 (TP_WIDTH-RSC_SP_TBPG_INNERBORDER_RIGHT) +#define SL_COL_2 ((SL_COL_3-SL_COL_1)*100/105) +#define SL_ROW_0 RSC_SP_TBPG_INNERBORDER_TOP +#define SL_ROW_1 (SL_ROW_0+SL_RB_DIST_Y) +#define SL_ROW_2 (SL_ROW_1+SL_RB_DIST_Y) +#define SL_ROW_3 (SL_ROW_2+SL_RB_DIST_Y) +#define SL_ROW_4 (TP_HEIGHT-RSC_SP_TBPG_INNERBORDER_BOTTOM) + +// --------- tab page trusted sources --------- + +#define FL_TRUSTCERT 1 +#define LB_TRUSTCERT 2 +#define PB_ADD_TRUSTCERT 3 +#define PB_VIEW_TRUSTCERT 4 +#define PB_REMOVE_TRUSTCERT 5 +#define FL_TRUSTFILELOC 6 +#define FI_TRUSTFILELOC 7 +#define LB_TRUSTFILELOC 8 +#define FL_ADD_TRUSTFILELOC 9 +#define FL_REMOVE_TRUSTFILELOC 10 +#define FI_TRUSTCERT_RO 11 +#define FI_TRUSTFILE_RO 12 + +#define TS_COL_0 RSC_SP_TBPG_INNERBORDER_LEFT +#define TS_COL_1 (TS_COL_0+RSC_SP_FLGR_SPACE_X) +#define TS_COL_8 (TP_WIDTH-RSC_SP_TBPG_INNERBORDER_RIGHT) +#define TS_COL_7 (TS_COL_8-RSC_SP_FLGR_SPACE_X) +#define TS_COL_6 (TS_COL_7-RSC_CD_PUSHBUTTON_WIDTH) +#define TS_COL_5 (TS_COL_6-RSC_SP_CTRL_GROUP_X) +#define TS_COL_4 (TS_COL_5-RSC_CD_PUSHBUTTON_WIDTH) +#define TS_COL_3 (TS_COL_4-RSC_SP_CTRL_GROUP_X) +#define TS_COL_2 (TS_COL_3-RSC_CD_PUSHBUTTON_WIDTH) + +#define RSC_CD_TABLISTBOX_HEIGHT 6*RSC_BS_CHARHEIGHT +#define TS_ROW_0 RSC_SP_TBPG_INNERBORDER_TOP +#define TS_ROW_1 (TS_ROW_0+RSC_CD_FIXEDLINE_HEIGHT+RSC_SP_FLGR_SPACE_Y) +#define TS_ROW_2 (TS_ROW_1+RSC_CD_TABLISTBOX_HEIGHT+RSC_SP_FLGR_SPACE_Y) +#define TS_ROW_3 (TS_ROW_2+RSC_CD_PUSHBUTTON_HEIGHT+RSC_SP_FLGR_SPACE_Y) +#define TS_ROW_4 (TS_ROW_3+RSC_CD_FIXEDLINE_HEIGHT+RSC_SP_FLGR_SPACE_Y) +#define TS_ROW_5 (TS_ROW_4+3*RSC_CD_FIXEDTEXT_HEIGHT+RSC_SP_FLGR_SPACE_Y) + +#define TS_ROW_8 (TP_HEIGHT-RSC_SP_TBPG_INNERBORDER_BOTTOM) +#define TS_ROW_7 (TS_ROW_8-RSC_CD_PUSHBUTTON_HEIGHT) +#define TS_ROW_6 (TS_ROW_7-RSC_SP_FLGR_SPACE_Y) + +// --------- signed macro warning --------- + +#define FI_DOCNAME 1 +#define FI_DESCR1A 2 +#define FI_SIGNS 3 +#define PB_VIEWSIGNS 4 +#define FI_DESCR2 5 +#define CB_ALWAYSTRUST 6 +#define PB_ENABLE 7 +#define PB_DISABLE 8 +#define FI_DESCR1B 9 + +#define MW_WIDTH DLGS_WIDTH +#define MW_HEIGHT DLGS_HEIGHT + +#define MW_SYMBOL_WIDTH (20) + +#define MW_COL_0 (RSC_SP_DLG_INNERBORDER_LEFT) +#define MW_COL_1 (MW_COL_0+MW_SYMBOL_WIDTH) +#define MW_COL_4 (MW_WIDTH-RSC_SP_DLG_INNERBORDER_RIGHT) +#define MW_COL_3 (MW_COL_4-RSC_CD_PUSHBUTTON_WIDTH) +#define MW_COL_2 (MW_COL_3-RSC_SP_CTRL_DESC_X) +#define MW_COL_A (DLGS_BOTTOM_OK_X(MW_WIDTH)) +#define MW_COL_C (DLGS_BOTTOM_CANCEL_X(MW_WIDTH)) +#define MW_COL_E (DLGS_BOTTOM_HELP_X(MW_WIDTH)) +#define MW_ROW_0 (RSC_SP_DLG_INNERBORDER_TOP) +#define MW_ROW_1 (MW_ROW_0+3*RSC_CD_FIXEDTEXT_HEIGHT+RSC_SP_CTRL_Y) +#define MW_ROW_2 (MW_ROW_1+RSC_CD_FIXEDTEXT_HEIGHT+RSC_SP_CTRL_Y) +#define MW_ROW_7 (MW_HEIGHT-RSC_SP_DLG_INNERBORDER_BOTTOM) +#define MW_ROW_6 (DLGS_BOTTOM_BTN_Y(MW_HEIGHT)) +#define MW_ROW_5 (DLGS_BOTTOM_FL_Y(MW_HEIGHT)) +#define MW_ROW_4 (MW_ROW_5-RSC_CD_CHECKBOX_HEIGHT-RSC_SP_CTRL_Y) +#define MW_ROW_3 (MW_ROW_4-4*RSC_CD_FIXEDTEXT_HEIGHT+RSC_SP_CTRL_Y) + +#endif + diff --git a/xmlsecurity/source/dialogs/digitalsignaturesdialog.cxx b/xmlsecurity/source/dialogs/digitalsignaturesdialog.cxx new file mode 100644 index 000000000000..e8a484f38944 --- /dev/null +++ b/xmlsecurity/source/dialogs/digitalsignaturesdialog.cxx @@ -0,0 +1,850 @@ +/************************************************************************* + * + * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. + * + * Copyright 2008 by Sun Microsystems, Inc. + * + * OpenOffice.org - a multi-platform office productivity suite + * + * $RCSfile: digitalsignaturesdialog.cxx,v $ + * $Revision: 1.36 $ + * + * This file is part of OpenOffice.org. + * + * OpenOffice.org is free software: you can redistribute it and/or modify + * it under the terms of the GNU Lesser General Public License version 3 + * only, as published by the Free Software Foundation. + * + * OpenOffice.org is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU Lesser General Public License version 3 for more details + * (a copy is included in the LICENSE file that accompanied this code). + * + * You should have received a copy of the GNU Lesser General Public License + * version 3 along with OpenOffice.org. If not, see + * <http://www.openoffice.org/license.html> + * for a copy of the LGPLv3 License. + * + ************************************************************************/ + +// MARKER(update_precomp.py): autogen include statement, do not remove +#include "precompiled_xmlsecurity.hxx" +#include <xmlsecurity/digitalsignaturesdialog.hxx> +#include <xmlsecurity/certificatechooser.hxx> +#include <xmlsecurity/certificateviewer.hxx> +#include <xmlsecurity/biginteger.hxx> +#include <xmloff/xmluconv.hxx> +#include <com/sun/star/embed/XStorage.hpp> +#include <com/sun/star/embed/ElementModes.hpp> +#include <com/sun/star/io/XSeekable.hpp> +#include <com/sun/star/io/XTruncate.hpp> +#include <com/sun/star/embed/XTransactedObject.hpp> +#include <com/sun/star/container/XNameAccess.hpp> +#include <com/sun/star/lang/XComponent.hpp> +#include <com/sun/star/security/NoPasswordException.hpp> +#include <com/sun/star/lang/DisposedException.hpp> +#include <com/sun/star/beans/XPropertySet.hpp> +#include <com/sun/star/security/CertificateValidity.hdl> +#include <com/sun/star/packages/WrongPasswordException.hpp> +#include <com/sun/star/security/SerialNumberAdapter.hpp> +#include <com/sun/star/security/XDocumentDigitalSignatures.hpp> +#include <com/sun/star/xml/dom/XDocumentBuilder.hpp> +#include <com/sun/star/packages/manifest/XManifestReader.hpp> + + +#include <rtl/ustrbuf.hxx> +#include <rtl/uri.hxx> + +#include <tools/date.hxx> +#include <tools/time.hxx> + +#include "dialogs.hrc" +#include "digitalsignaturesdialog.hrc" +#include "helpids.hrc" +#include "resourcemanager.hxx" + +#include <vcl/msgbox.hxx> // Until encrypted docs work... +#include <unotools/configitem.hxx> +#include <comphelper/componentcontext.hxx> + +#define OUSTR(x) ::rtl::OUString( RTL_CONSTASCII_USTRINGPARAM(x) ) + + +/* HACK: disable some warnings for MS-C */ +#ifdef _MSC_VER +#pragma warning (disable : 4355) // 4355: this used in initializer-list +#endif + +using namespace ::com::sun::star::security; +using namespace ::com::sun::star::uno; +using namespace ::com::sun::star; +namespace css = ::com::sun::star; +using ::rtl::OUString; + +namespace +{ + class SaveODFItem: public utl::ConfigItem + { + sal_Int16 m_nODF; + public: + SaveODFItem(); + //See group ODF in Common.xcs + bool isLessODF1_2() + { + return m_nODF < 3; + } + }; + + SaveODFItem::SaveODFItem(): utl::ConfigItem(::rtl::OUString(RTL_CONSTASCII_USTRINGPARAM( + "Office.Common/Save"))), m_nODF(0) + { + OUString sDef(RTL_CONSTASCII_USTRINGPARAM("ODF/DefaultVersion")); + Sequence< css::uno::Any > aValues = GetProperties( Sequence<OUString>(&sDef,1) ); + if ( aValues.getLength() == 1) + { + sal_Int16 nTmp = 0; + if ( aValues[0] >>= nTmp ) + m_nODF = nTmp; + else + throw uno::RuntimeException( + OUString(RTL_CONSTASCII_USTRINGPARAM( + "[xmlsecurity]SaveODFItem::SaveODFItem(): Wrong Type!")), 0 ); + + } + else + throw uno::RuntimeException( + OUString(RTL_CONSTASCII_USTRINGPARAM( + "[xmlsecurity] Could not open property Office.Common/Save/ODF/DefaultVersion")), 0); + } +} + +/* Using the zip storage, we cannot get the properties "MediaType" and "IsEncrypted" + We use the manifest to find out if a file is xml and if it is encrypted. + The parameter is an encoded uri. However, the manifest contains paths. Therefore + the path is encoded as uri, so they can be compared. +*/ +bool DigitalSignaturesDialog::isXML(const rtl::OUString& rURI ) +{ + OSL_ASSERT(mxStore.is()); + + bool bIsXML = false; + bool bPropsAvailable = false; + const OUString sPropFullPath(RTL_CONSTASCII_USTRINGPARAM("FullPath")); + const OUString sPropMediaType(RTL_CONSTASCII_USTRINGPARAM("MediaType")); + const OUString sPropDigest(RTL_CONSTASCII_USTRINGPARAM("Digest")); + + for (int i = 0; i < m_manifest.getLength(); i++) + { + Any digest; + const Sequence< css::beans::PropertyValue >& entry = m_manifest[i]; + OUString sPath, sMediaType; + bool bEncrypted = false; + for (int j = 0; j < entry.getLength(); j++) + { + const css::beans::PropertyValue & prop = entry[j]; + + if (prop.Name.equals( sPropFullPath ) ) + prop.Value >>= sPath; + else if (prop.Name.equals( sPropMediaType ) ) + prop.Value >>= sMediaType; + else if (prop.Name.equals( sPropDigest ) ) + bEncrypted = true; + } + if (DocumentSignatureHelper::equalsReferenceUriManifestPath(rURI, sPath)) + { + bIsXML = sMediaType.equals(OUSTR("text/xml")) && ! bEncrypted; + bPropsAvailable = true; + break; + } + } + if (!bPropsAvailable) + { + //This would be the case for at least mimetype, META-INF/manifest.xml + //META-INF/macrosignatures.xml. + //Files can only be encrypted if they are in the manifest.xml. + //That is, the current file cannot be encrypted, otherwise bPropsAvailable + //would be true. + OUString aXMLExt( RTL_CONSTASCII_USTRINGPARAM( "XML" ) ); + sal_Int32 nSep = rURI.lastIndexOf( '.' ); + if ( nSep != (-1) ) + { + OUString aExt = rURI.copy( nSep+1 ); + if (aExt.equalsIgnoreAsciiCase(aXMLExt )) + bIsXML = true; + } + } + return bIsXML; +} + +DigitalSignaturesDialog::DigitalSignaturesDialog( + Window* pParent, + uno::Reference< uno::XComponentContext >& rxCtx, DocumentSignatureMode eMode, + sal_Bool bReadOnly, const ::rtl::OUString& sODFVersion, bool bHasDocumentSignature) + :ModalDialog ( pParent, XMLSEC_RES( RID_XMLSECDLG_DIGSIG ) ) + ,mxCtx ( rxCtx ) + ,maSignatureHelper ( rxCtx ) + ,meSignatureMode ( eMode ) + ,maHintDocFT ( this, XMLSEC_RES( FT_HINT_DOC ) ) + ,maHintBasicFT ( this, XMLSEC_RES( FT_HINT_BASIC ) ) + ,maHintPackageFT ( this, XMLSEC_RES( FT_HINT_PACK ) ) + ,maSignaturesLB ( this, XMLSEC_RES( LB_SIGNATURES ) ) + ,maSigsValidImg ( this, XMLSEC_RES( IMG_STATE_VALID ) ) + ,maSigsValidFI ( this, XMLSEC_RES( FI_STATE_VALID ) ) + ,maSigsInvalidImg ( this, XMLSEC_RES( IMG_STATE_BROKEN ) ) + ,maSigsInvalidFI ( this, XMLSEC_RES( FI_STATE_BROKEN ) ) + ,maSigsNotvalidatedImg( this, XMLSEC_RES( IMG_STATE_NOTVALIDATED ) ) + ,maSigsNotvalidatedFI ( this, XMLSEC_RES( FI_STATE_NOTVALIDATED ) ) + ,maSigsOldSignatureFI ( this, XMLSEC_RES( FI_STATE_OLDSIGNATURE) ) + ,maViewBtn ( this, XMLSEC_RES( BTN_VIEWCERT ) ) + ,maAddBtn ( this, XMLSEC_RES( BTN_ADDCERT ) ) + ,maRemoveBtn ( this, XMLSEC_RES( BTN_REMOVECERT ) ) + ,maBottomSepFL ( this, XMLSEC_RES( FL_BOTTOM_SEP ) ) + ,maOKBtn ( this, XMLSEC_RES( BTN_OK ) ) + ,maCancelBtn ( this, XMLSEC_RES( BTN_CANCEL ) ) + ,maHelpBtn ( this, XMLSEC_RES( BTN_HELP ) ) + ,m_sODFVersion (sODFVersion) + ,m_bHasDocumentSignature(bHasDocumentSignature) + ,m_bWarningShowSignMacro(false) +{ + // --> PB #i48253 the tablistbox needs its own unique id + maSignaturesLB.Window::SetUniqueId( HID_XMLSEC_TREE_SIGNATURESDLG ); + // <-- + static long nTabs[] = { 4, 0, 6*DS_LB_WIDTH/100, 36*DS_LB_WIDTH/100, 74*DS_LB_WIDTH/100 }; + maSignaturesLB.SetTabs( &nTabs[ 0 ] ); + maSignaturesLB.InsertHeaderEntry( String( XMLSEC_RES( STR_HEADERBAR ) ) ); + + maSigsNotvalidatedFI.SetText( String( XMLSEC_RES( STR_NO_INFO_TO_VERIFY ) ) ); + + if ( GetSettings().GetStyleSettings().GetHighContrastMode() ) + { + // high contrast mode needs other images + maSigsValidImg.SetImage( Image( XMLSEC_RES( IMG_STATE_VALID_HC ) ) ); + maSigsInvalidImg.SetImage( Image( XMLSEC_RES( IMG_STATE_BROKEN_HC ) ) ); + maSigsNotvalidatedImg.SetImage( Image( XMLSEC_RES( IMG_STATE_NOTVALIDATED_HC ) ) ); + } + + FreeResource(); + + mbVerifySignatures = true; + mbSignaturesChanged = false; + + maSignaturesLB.SetSelectHdl( LINK( this, DigitalSignaturesDialog, SignatureHighlightHdl ) ); + maSignaturesLB.SetDoubleClickHdl( LINK( this, DigitalSignaturesDialog, SignatureSelectHdl ) ); + + maViewBtn.SetClickHdl( LINK( this, DigitalSignaturesDialog, ViewButtonHdl ) ); + maViewBtn.Disable(); + + maAddBtn.SetClickHdl( LINK( this, DigitalSignaturesDialog, AddButtonHdl ) ); + if ( bReadOnly ) + maAddBtn.Disable(); + + maRemoveBtn.SetClickHdl( LINK( this, DigitalSignaturesDialog, RemoveButtonHdl ) ); + maRemoveBtn.Disable(); + + maOKBtn.SetClickHdl( LINK( this, DigitalSignaturesDialog, OKButtonHdl) ); + + switch( meSignatureMode ) + { + case SignatureModeDocumentContent: maHintDocFT.Show(); break; + case SignatureModeMacros: maHintBasicFT.Show(); break; + case SignatureModePackage: maHintPackageFT.Show(); break; + } + + // adjust fixed text to images + XmlSec::AlignAndFitImageAndControl( maSigsValidImg, maSigsValidFI, 5 ); + XmlSec::AlignAndFitImageAndControl( maSigsInvalidImg, maSigsInvalidFI, 5 ); + XmlSec::AlignAndFitImageAndControl( maSigsNotvalidatedImg, maSigsNotvalidatedFI, 5 ); + XmlSec::AlignAndFitImageAndControl( maSigsNotvalidatedImg, maSigsOldSignatureFI, 5 ); +} + +DigitalSignaturesDialog::~DigitalSignaturesDialog() +{ +} + +BOOL DigitalSignaturesDialog::Init( const rtl::OUString& rTokenName ) +{ + bool bInit = maSignatureHelper.Init( rTokenName ); + + DBG_ASSERT( bInit, "Error initializing security context!" ); + + if ( bInit ) + { + maSignatureHelper.SetStartVerifySignatureHdl( LINK( this, DigitalSignaturesDialog, StartVerifySignatureHdl ) ); + } + + return bInit; +} + +void DigitalSignaturesDialog::SetStorage( const com::sun::star::uno::Reference < com::sun::star::embed::XStorage >& rxStore ) +{ + mxStore = rxStore; + maSignatureHelper.SetStorage( mxStore, m_sODFVersion); + + Reference < css::packages::manifest::XManifestReader > xReader( + mxCtx->getServiceManager()->createInstanceWithContext( + OUSTR("com.sun.star.packages.manifest.ManifestReader"), mxCtx), UNO_QUERY_THROW); + + //Get the manifest.xml + Reference < css::embed::XStorage > xSubStore(rxStore->openStorageElement( + OUSTR("META-INF"), css::embed::ElementModes::READ), UNO_QUERY_THROW); + + Reference< css::io::XInputStream > xStream( + xSubStore->openStreamElement(OUSTR("manifest.xml"), css::embed::ElementModes::READ), + UNO_QUERY_THROW); + + m_manifest = xReader->readManifestSequence(xStream); +} + +void DigitalSignaturesDialog::SetSignatureStream( const cssu::Reference < css::io::XStream >& rxStream ) +{ + mxSignatureStream = rxStream; +} + +bool DigitalSignaturesDialog::canAddRemove() +{ + //m56 + bool ret = true; + OSL_ASSERT(mxStore.is()); + bool bDoc1_1 = DocumentSignatureHelper::isODFPre_1_2(m_sODFVersion); + SaveODFItem item; + bool bSave1_1 = item.isLessODF1_2(); + + // see specification + //cvs: specs/www/appwide/security/Electronic_Signatures_and_Security.sxw + //Paragraph 'Behavior with regard to ODF 1.2' + //For both, macro and document + if ( (!bSave1_1 && bDoc1_1) || (bSave1_1 && bDoc1_1) ) + { + //#4 + ErrorBox err(NULL, XMLSEC_RES(RID_XMLSECDLG_OLD_ODF_FORMAT)); + err.Execute(); + ret = false; + } + + //As of OOo 3.2 the document signature includes in macrosignatures.xml. That is + //adding a macro signature will break an existing document signature. + //The sfx2 will remove the documentsignature when the user adds a macro signature + if (meSignatureMode == SignatureModeMacros + && ret) + { + if (m_bHasDocumentSignature && !m_bWarningShowSignMacro) + { + //The warning says that the document signatures will be removed if the user + //continues. He can then either press 'OK' or 'NO' + //It the user presses 'Add' or 'Remove' several times then, then the warning + //is shown every time until the user presses 'OK'. From then on, the warning + //is not displayed anymore as long as the signatures dialog is alive. + if (QueryBox( + NULL, XMLSEC_RES(MSG_XMLSECDLG_QUERY_REMOVEDOCSIGNBEFORESIGN)).Execute() == RET_NO) + ret = false; + else + m_bWarningShowSignMacro = true; + + } + } + return ret; +} + +bool DigitalSignaturesDialog::canAdd() +{ + if (canAddRemove()) + return true; + return false; +} + +bool DigitalSignaturesDialog::canRemove() +{ + if (canAddRemove()) + return true; + return false; +} + +short DigitalSignaturesDialog::Execute() +{ + // Verify Signatures and add certificates to ListBox... + mbVerifySignatures = true; + ImplGetSignatureInformations(false); + ImplFillSignaturesBox(); + + // Only verify once, content will not change. + // But for refreshing signature information, StartVerifySignatureHdl will be called after each add/remove + mbVerifySignatures = false; + + return Dialog::Execute(); +} + +IMPL_LINK( DigitalSignaturesDialog, SignatureHighlightHdl, void*, EMPTYARG ) +{ + bool bSel = maSignaturesLB.FirstSelected() ? true : false; + maViewBtn.Enable( bSel ); + if ( maAddBtn.IsEnabled() ) // not read only + maRemoveBtn.Enable( bSel ); + + return 0; +} + +IMPL_LINK( DigitalSignaturesDialog, OKButtonHdl, void*, EMPTYARG ) +{ + // Export all other signatures... + SignatureStreamHelper aStreamHelper = ImplOpenSignatureStream( + embed::ElementModes::WRITE|embed::ElementModes::TRUNCATE, false ); + uno::Reference< io::XOutputStream > xOutputStream( + aStreamHelper.xSignatureStream, uno::UNO_QUERY ); + uno::Reference< com::sun::star::xml::sax::XDocumentHandler> xDocumentHandler = + maSignatureHelper.CreateDocumentHandlerWithHeader( xOutputStream ); + + int nInfos = maCurrentSignatureInformations.size(); + for( int n = 0 ; n < nInfos ; ++n ) + maSignatureHelper.ExportSignature( + xDocumentHandler, maCurrentSignatureInformations[ n ] ); + + maSignatureHelper.CloseDocumentHandler( xDocumentHandler); + + // If stream was not provided, we are responsible for committing it.... + if ( !mxSignatureStream.is() ) + { + uno::Reference< embed::XTransactedObject > xTrans( + aStreamHelper.xSignatureStorage, uno::UNO_QUERY ); + xTrans->commit(); + } + + EndDialog(RET_OK); + return 0; +} + +IMPL_LINK( DigitalSignaturesDialog, SignatureSelectHdl, void*, EMPTYARG ) +{ + ImplShowSignaturesDetails(); + return 0; +} + +IMPL_LINK( DigitalSignaturesDialog, ViewButtonHdl, Button*, EMPTYARG ) +{ + ImplShowSignaturesDetails(); + return 0; +} + +IMPL_LINK( DigitalSignaturesDialog, AddButtonHdl, Button*, EMPTYARG ) +{ + if( ! canAdd()) + return 0; + try + { + uno::Reference<com::sun::star::xml::crypto::XSecurityEnvironment> xSecEnv = maSignatureHelper.GetSecurityEnvironment(); + + uno::Reference<com::sun::star::security::XSerialNumberAdapter> xSerialNumberAdapter = + ::com::sun::star::security::SerialNumberAdapter::create(mxCtx); + CertificateChooser aChooser( this, mxCtx, xSecEnv, maCurrentSignatureInformations ); + if ( aChooser.Execute() == RET_OK ) + { + uno::Reference< ::com::sun::star::security::XCertificate > xCert = aChooser.GetSelectedCertificate(); + if ( !xCert.is() ) + { + DBG_ERRORFILE( "no certificate selected" ); + return -1; + } + rtl::OUString aCertSerial = xSerialNumberAdapter->toString( xCert->getSerialNumber() ); + if ( !aCertSerial.getLength() ) + { + DBG_ERROR( "Error in Certificate, problem with serial number!" ); + return -1; + } + + maSignatureHelper.StartMission(); + + sal_Int32 nSecurityId = maSignatureHelper.GetNewSecurityId(); + + rtl::OUStringBuffer aStrBuffer; + SvXMLUnitConverter::encodeBase64(aStrBuffer, xCert->getEncoded()); + + maSignatureHelper.SetX509Certificate( nSecurityId, + xCert->getIssuerName(), aCertSerial, + aStrBuffer.makeStringAndClear()); + + std::vector< rtl::OUString > aElements = + DocumentSignatureHelper::CreateElementList( + mxStore, rtl::OUString(), meSignatureMode, OOo3_2Document); + + sal_Int32 nElements = aElements.size(); + for ( sal_Int32 n = 0; n < nElements; n++ ) + { + bool bBinaryMode = !isXML(aElements[n]); + maSignatureHelper.AddForSigning( nSecurityId, aElements[n], aElements[n], bBinaryMode ); + } + + maSignatureHelper.SetDateTime( nSecurityId, Date(), Time() ); + + // We open a signature stream in which the existing and the new + //signature is written. ImplGetSignatureInformation (later in this function) will + //then read the stream an will fill maCurrentSignatureInformations. The final signature + //is written when the user presses OK. Then only maCurrentSignatureInformation and + //a sax writer are used to write the information. + SignatureStreamHelper aStreamHelper = ImplOpenSignatureStream( + css::embed::ElementModes::WRITE|css::embed::ElementModes::TRUNCATE, true); + Reference< css::io::XOutputStream > xOutputStream( + aStreamHelper.xSignatureStream, UNO_QUERY_THROW); + Reference< css::xml::sax::XDocumentHandler> xDocumentHandler = + maSignatureHelper.CreateDocumentHandlerWithHeader( xOutputStream ); + + // Export old signatures... + int nInfos = maCurrentSignatureInformations.size(); + for ( int n = 0; n < nInfos; n++ ) + maSignatureHelper.ExportSignature( xDocumentHandler, maCurrentSignatureInformations[n]); + + // Create a new one... + maSignatureHelper.CreateAndWriteSignature( xDocumentHandler ); + + // That's it... + maSignatureHelper.CloseDocumentHandler( xDocumentHandler); + + maSignatureHelper.EndMission(); + + aStreamHelper = SignatureStreamHelper(); // release objects... + + mbSignaturesChanged = true; + + sal_Int32 nStatus = maSignatureHelper.GetSignatureInformation( nSecurityId ).nStatus; + + if ( nStatus == ::com::sun::star::xml::crypto::SecurityOperationStatus_OPERATION_SUCCEEDED ) + { + mbSignaturesChanged = true; + + // Can't simply remember current information, need parsing for getting full information :( + // We need to verify the signatures again, otherwise the status in the signature information + // will not contain + // SecurityOperationStatus_OPERATION_SUCCEEDED + mbVerifySignatures = true; + ImplGetSignatureInformations(true); + ImplFillSignaturesBox(); + } + } + } + catch ( uno::Exception& ) + { + DBG_ERROR( "Exception while adding a signature!" ); + // Don't keep invalid entries... + ImplGetSignatureInformations(true); + ImplFillSignaturesBox(); + } + + return 0; +} + +IMPL_LINK( DigitalSignaturesDialog, RemoveButtonHdl, Button*, EMPTYARG ) +{ + if (!canRemove()) + return 0; + if( maSignaturesLB.FirstSelected() ) + { + try + { + USHORT nSelected = (USHORT) (sal_uIntPtr) maSignaturesLB.FirstSelected()->GetUserData(); + maCurrentSignatureInformations.erase( maCurrentSignatureInformations.begin()+nSelected ); + + // Export all other signatures... + SignatureStreamHelper aStreamHelper = ImplOpenSignatureStream( + css::embed::ElementModes::WRITE | css::embed::ElementModes::TRUNCATE, true); + Reference< css::io::XOutputStream > xOutputStream( + aStreamHelper.xSignatureStream, UNO_QUERY_THROW); + Reference< css::xml::sax::XDocumentHandler> xDocumentHandler = + maSignatureHelper.CreateDocumentHandlerWithHeader( xOutputStream ); + + int nInfos = maCurrentSignatureInformations.size(); + for( int n = 0 ; n < nInfos ; ++n ) + maSignatureHelper.ExportSignature( xDocumentHandler, maCurrentSignatureInformations[ n ] ); + + maSignatureHelper.CloseDocumentHandler( xDocumentHandler); + + mbSignaturesChanged = true; + + aStreamHelper = SignatureStreamHelper(); // release objects... + + ImplFillSignaturesBox(); + } + catch ( uno::Exception& ) + { + DBG_ERROR( "Exception while removing a signature!" ); + // Don't keep invalid entries... + ImplGetSignatureInformations(true); + ImplFillSignaturesBox(); + } + } + + return 0; +} + +IMPL_LINK( DigitalSignaturesDialog, StartVerifySignatureHdl, void*, EMPTYARG ) +{ + return mbVerifySignatures ? 1 : 0; +} + +void DigitalSignaturesDialog::ImplFillSignaturesBox() +{ + maSignaturesLB.Clear(); + + uno::Reference< ::com::sun::star::xml::crypto::XSecurityEnvironment > xSecEnv = maSignatureHelper.GetSecurityEnvironment(); + uno::Reference<com::sun::star::security::XSerialNumberAdapter> xSerialNumberAdapter = + ::com::sun::star::security::SerialNumberAdapter::create(mxCtx); + + uno::Reference< ::com::sun::star::security::XCertificate > xCert; + + String aNullStr; + int nInfos = maCurrentSignatureInformations.size(); + int nValidSigs = 0, nValidCerts = 0; + bool bAllNewSignatures = true; + + if( nInfos ) + { + for( int n = 0; n < nInfos; ++n ) + { + DocumentSignatureAlgorithm mode = DocumentSignatureHelper::getDocumentAlgorithm( + m_sODFVersion, maCurrentSignatureInformations[n]); + std::vector< rtl::OUString > aElementsToBeVerified = + DocumentSignatureHelper::CreateElementList( + mxStore, ::rtl::OUString(), meSignatureMode, mode); + + const SignatureInformation& rInfo = maCurrentSignatureInformations[n]; + //First we try to get the certificate which is embedded in the XML Signature + if (rInfo.ouX509Certificate.getLength()) + xCert = xSecEnv->createCertificateFromAscii(rInfo.ouX509Certificate); + else { + //There must be an embedded certificate because we use it to get the + //issuer name. We cannot use /Signature/KeyInfo/X509Data/X509IssuerName + //because it could be modified by an attacker. The issuer is displayed + //in the digital signature dialog. + //Comparing the X509IssuerName with the one from the X509Certificate in order + //to find out if the X509IssuerName was modified does not work. See #i62684 + DBG_ASSERT(sal_False, "Could not find embedded certificate!"); + } + + //In case there is no embedded certificate we try to get it from a local store + //Todo: This probably could be removed, see above. + if (!xCert.is()) + xCert = xSecEnv->getCertificate( rInfo.ouX509IssuerName, xSerialNumberAdapter->toSequence( rInfo.ouX509SerialNumber ) ); + + DBG_ASSERT( xCert.is(), "Certificate not found and can't be created!" ); + + String aSubject; + String aIssuer; + String aDateTimeStr; + + bool bSigValid = false; + bool bCertValid = false; + if( xCert.is() ) + { + //check the validity of the cert + try { + sal_Int32 certResult = xSecEnv->verifyCertificate(xCert, + Sequence<css::uno::Reference<css::security::XCertificate> >()); + + //These errors are alloweds + sal_Int32 validErrors = css::security::CertificateValidity::VALID + | css::security::CertificateValidity::UNKNOWN_REVOKATION; + + //Build a mask to filter out the allowed errors + sal_Int32 mask = ~validErrors; + // "subtract" the allowed error flags from the result + sal_Int32 errors = certResult & mask; + bCertValid = errors > 0 ? false : true; + if ( bCertValid ) + nValidCerts++; + + } catch (css::uno::SecurityException& ) { + OSL_ENSURE(0, "Verification of certificate failed"); + bCertValid = false; + } + + aSubject = XmlSec::GetContentPart( xCert->getSubjectName() ); + aIssuer = XmlSec::GetContentPart( xCert->getIssuerName() ); + // --> PB 2004-10-12 #i20172# String with date and time information + aDateTimeStr = XmlSec::GetDateTimeString( rInfo.stDateTime ); + } + bSigValid = ( rInfo.nStatus == ::com::sun::star::xml::crypto::SecurityOperationStatus_OPERATION_SUCCEEDED ); + + if ( bSigValid ) + { + bSigValid = DocumentSignatureHelper::checkIfAllFilesAreSigned( + aElementsToBeVerified, rInfo, mode); + + if( bSigValid ) + nValidSigs++; + } + + Image aImage; + if (!bSigValid) + { + aImage = maSigsInvalidImg.GetImage(); + } + else if (bSigValid && !bCertValid) + { + aImage = maSigsNotvalidatedImg.GetImage(); + } + //Check if the signature is a "old" document signature, that is, which was created + //by an version of OOo previous to 3.2 + else if (meSignatureMode == SignatureModeDocumentContent + && bSigValid && bCertValid && !DocumentSignatureHelper::isOOo3_2_Signature( + maCurrentSignatureInformations[n])) + { + aImage = maSigsNotvalidatedImg.GetImage(); + bAllNewSignatures &= false; + } + else if (meSignatureMode == SignatureModeDocumentContent + && bSigValid && bCertValid && DocumentSignatureHelper::isOOo3_2_Signature( + maCurrentSignatureInformations[n])) + { + aImage = maSigsValidImg.GetImage(); + } + else if (meSignatureMode == SignatureModeMacros + && bSigValid && bCertValid) + { + aImage = aImage = maSigsValidImg.GetImage(); + } + + SvLBoxEntry* pEntry = maSignaturesLB.InsertEntry( aNullStr, aImage, aImage ); + maSignaturesLB.SetEntryText( aSubject, pEntry, 1 ); + maSignaturesLB.SetEntryText( aIssuer, pEntry, 2 ); + maSignaturesLB.SetEntryText( aDateTimeStr, pEntry, 3 ); + pEntry->SetUserData( ( void* ) n ); // missuse user data as index + } + } + + bool bAllSigsValid = (nValidSigs == nInfos); + bool bAllCertsValid = (nValidCerts == nInfos); + bool bShowValidState = nInfos && (bAllSigsValid && bAllCertsValid && bAllNewSignatures); + + bool bShowNotValidatedState = nInfos && (bAllSigsValid && (!bAllCertsValid || !bAllNewSignatures)); + bool bShowInvalidState = nInfos && !bAllSigsValid; + + maSigsValidImg.Show( bShowValidState); + maSigsValidFI.Show( bShowValidState ); + maSigsInvalidImg.Show( bShowInvalidState ); + maSigsInvalidFI.Show( bShowInvalidState ); + + maSigsNotvalidatedImg.Show(bShowNotValidatedState); + //bAllNewSignatures is always true if we are not in document mode + maSigsNotvalidatedFI.Show(nInfos && bAllSigsValid && ! bAllCertsValid); + maSigsOldSignatureFI.Show(nInfos && bAllSigsValid && bAllCertsValid && !bAllNewSignatures); + + SignatureHighlightHdl( NULL ); +} + + +//If bUseTempStream is true then the temporary signature stream is used. +//Otherwise the real signature stream is used. +void DigitalSignaturesDialog::ImplGetSignatureInformations(bool bUseTempStream) +{ + maCurrentSignatureInformations.clear(); + + maSignatureHelper.StartMission(); + + SignatureStreamHelper aStreamHelper = ImplOpenSignatureStream( + css::embed::ElementModes::READ, bUseTempStream); + if ( aStreamHelper.xSignatureStream.is() ) + { + uno::Reference< io::XInputStream > xInputStream( aStreamHelper.xSignatureStream, uno::UNO_QUERY ); + maSignatureHelper.ReadAndVerifySignature( xInputStream ); + } + maSignatureHelper.EndMission(); + + maCurrentSignatureInformations = maSignatureHelper.GetSignatureInformations(); + + mbVerifySignatures = false; +} + +void DigitalSignaturesDialog::ImplShowSignaturesDetails() +{ + if( maSignaturesLB.FirstSelected() ) + { + USHORT nSelected = (USHORT) (sal_uIntPtr) maSignaturesLB.FirstSelected()->GetUserData(); + const SignatureInformation& rInfo = maCurrentSignatureInformations[ nSelected ]; + css::uno::Reference<css::xml::crypto::XSecurityEnvironment > xSecEnv = + maSignatureHelper.GetSecurityEnvironment(); + css::uno::Reference<com::sun::star::security::XSerialNumberAdapter> xSerialNumberAdapter = + ::com::sun::star::security::SerialNumberAdapter::create(mxCtx); + // Use Certificate from doc, not from key store + uno::Reference< dcss::security::XCertificate > xCert; + if (rInfo.ouX509Certificate.getLength()) + xCert = xSecEnv->createCertificateFromAscii(rInfo.ouX509Certificate); + //fallback if no certificate is embedded, get if from store + if (!xCert.is()) + xCert = xSecEnv->getCertificate( rInfo.ouX509IssuerName, xSerialNumberAdapter->toSequence( rInfo.ouX509SerialNumber ) ); + + DBG_ASSERT( xCert.is(), "Error getting cCertificate!" ); + if ( xCert.is() ) + { + CertificateViewer aViewer( this, maSignatureHelper.GetSecurityEnvironment(), xCert, FALSE ); + aViewer.Execute(); + } + } +} + +//If bTempStream is true, then a temporary stream is return. If it is false then, the actual +//signature stream is used. +//Everytime the user presses Add a new temporary stream is created. +//We keep the temporary stream as member because ImplGetSignatureInformations +//will later access the stream to create DocumentSignatureInformation objects +//which are stored in maCurrentSignatureInformations. +SignatureStreamHelper DigitalSignaturesDialog::ImplOpenSignatureStream( + sal_Int32 nStreamOpenMode, bool bTempStream) +{ + SignatureStreamHelper aHelper; + if (bTempStream) + { + if (nStreamOpenMode & css::embed::ElementModes::TRUNCATE) + { + //We write always into a new temporary stream. + mxTempSignatureStream = Reference < css::io::XStream >( + mxCtx->getServiceManager()->createInstanceWithContext( + OUSTR( "com.sun.star.io.TempFile" ), mxCtx) , + UNO_QUERY_THROW); + aHelper.xSignatureStream = mxTempSignatureStream; + } + else + { + //When we read from the temp stream, then we must have previously + //created one. + OSL_ASSERT(mxTempSignatureStream.is()); + } + aHelper.xSignatureStream = mxTempSignatureStream; + } + else + { + //No temporary stream + if (!mxSignatureStream.is()) + { + //We may not have a dedicated stream for writing the signature + //So we take one directly from the storage + //Or DocumentDigitalSignatures::showDocumentContentSignatures was called, + //in which case Add/Remove is not allowed. This is done, for example, if the + //document is readonly + aHelper = DocumentSignatureHelper::OpenSignatureStream( + mxStore, nStreamOpenMode, meSignatureMode ); + } + else + { + aHelper.xSignatureStream = mxSignatureStream; + } + } + + if (nStreamOpenMode & css::embed::ElementModes::TRUNCATE) + { + css::uno::Reference < css::io::XTruncate > xTruncate( + aHelper.xSignatureStream, UNO_QUERY_THROW); + DBG_ASSERT( xTruncate.is(), "ImplOpenSignatureStream - Stream does not support xTruncate!" ); + xTruncate->truncate(); + } + else if ( bTempStream || mxSignatureStream.is()) + { + //In case we read the signature stream from the storage directly, + //which is the case when DocumentDigitalSignatures::showDocumentContentSignatures + //then XSeakable is not supported + css::uno::Reference < css::io::XSeekable > xSeek( + aHelper.xSignatureStream, UNO_QUERY_THROW); + DBG_ASSERT( xSeek.is(), "ImplOpenSignatureStream - Stream does not support xSeekable!" ); + xSeek->seek( 0 ); + } + + return aHelper; +} + diff --git a/xmlsecurity/source/dialogs/digitalsignaturesdialog.hrc b/xmlsecurity/source/dialogs/digitalsignaturesdialog.hrc new file mode 100644 index 000000000000..19054bd0399b --- /dev/null +++ b/xmlsecurity/source/dialogs/digitalsignaturesdialog.hrc @@ -0,0 +1,36 @@ +/*************************************************************************
+ *
+ * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
+ *
+ * Copyright 2008 by Sun Microsystems, Inc.
+ *
+ * OpenOffice.org - a multi-platform office productivity suite
+ *
+ * This file is part of OpenOffice.org.
+ *
+ * OpenOffice.org is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU Lesser General Public License version 3
+ * only, as published by the Free Software Foundation.
+ *
+ * OpenOffice.org is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU Lesser General Public License version 3 for more details
+ * (a copy is included in the LICENSE file that accompanied this code).
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * version 3 along with OpenOffice.org. If not, see
+ * <http://www.openoffice.org/license.html>
+ * for a copy of the LGPLv3 License.
+ *
+ ************************************************************************/
+
+#if ! defined INCLUDED_DIGITALSIGNATURESDIALOG_HRC
+#define INCLUDED_DIGITALSIGNATURESDIALOG_HRC
+
+//global.hrc in xmlsecurity/inc starts at 1000
+#define RID_DIGITALSIGNATUREDLG_START 2000
+
+#define RID_XMLSECDLG_OLD_ODF_FORMAT RID_DIGITALSIGNATUREDLG_START
+#define MSG_XMLSECDLG_QUERY_REMOVEDOCSIGNBEFORESIGN (RID_DIGITALSIGNATUREDLG_START + 1)
+#endif
diff --git a/xmlsecurity/source/dialogs/digitalsignaturesdialog.src b/xmlsecurity/source/dialogs/digitalsignaturesdialog.src new file mode 100644 index 000000000000..016014fbb582 --- /dev/null +++ b/xmlsecurity/source/dialogs/digitalsignaturesdialog.src @@ -0,0 +1,226 @@ +/************************************************************************* + * + * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. + * + * Copyright 2008 by Sun Microsystems, Inc. + * + * OpenOffice.org - a multi-platform office productivity suite + * + * $RCSfile: digitalsignaturesdialog.src,v $ + * $Revision: 1.12 $ + * + * This file is part of OpenOffice.org. + * + * OpenOffice.org is free software: you can redistribute it and/or modify + * it under the terms of the GNU Lesser General Public License version 3 + * only, as published by the Free Software Foundation. + * + * OpenOffice.org is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU Lesser General Public License version 3 for more details + * (a copy is included in the LICENSE file that accompanied this code). + * + * You should have received a copy of the GNU Lesser General Public License + * version 3 along with OpenOffice.org. If not, see + * <http://www.openoffice.org/license.html> + * for a copy of the LGPLv3 License. + * + ************************************************************************/ + +#include "dialogs.hrc" +#include "helpids.hrc" +#include "digitalsignaturesdialog.hrc" + +ModalDialog RID_XMLSECDLG_DIGSIG +{ + HelpId = HID_XMLSEC_DLG_DIGSIG; + Size = MAP_APPFONT( DS_WIDTH, DS_HEIGHT ); + OutputSize = TRUE; + Closeable = TRUE; + Moveable = TRUE; + SVLook = TRUE; + + Text [ en-US ] = "Digital Signatures"; + + FixedText FT_HINT_DOC + { + Pos = MAP_APPFONT( DS_COL_0, DS_ROW_0 ); + Size = MAP_APPFONT( DS_COL_7-DS_COL_0, RSC_CD_FIXEDTEXT_HEIGHT ); + Hide = TRUE; + Text [ en-US ] = "The following have signed the document content:"; + }; + FixedText FT_HINT_BASIC + { + Pos = MAP_APPFONT( DS_COL_0, DS_ROW_0 ); + Size = MAP_APPFONT( DS_COL_7-DS_COL_0, RSC_CD_FIXEDTEXT_HEIGHT ); + Hide = TRUE; + Text [ en-US ] = "The following have signed the document macro:"; + }; + FixedText FT_HINT_PACK + { + Pos = MAP_APPFONT( DS_COL_0, DS_ROW_0 ); + Size = MAP_APPFONT( DS_COL_7-DS_COL_0, RSC_CD_FIXEDTEXT_HEIGHT ); + Hide = TRUE; + Text [ en-US ] = "The following have signed this package:"; + }; + Control LB_SIGNATURES + { + HelpId = HID_XMLSEC_CTRL_SIGNATURESDLG; + Pos = MAP_APPFONT( DS_COL_0, DS_ROW_1 ); + Size = MAP_APPFONT( DS_LB_WIDTH, DS_ROW_2-DS_ROW_1 ); + SVLook = TRUE; + Border = TRUE; + }; + String STR_HEADERBAR + { + Text [ en-US ] = "\tSigned by\tDigital ID issued by\tDate"; + }; + String STR_VALID_SIGNATURE + { + Text [ en-US ] = "Valid signature"; + }; + String STR_NO_INFO_TO_VERIFY + { + Text [ en-US ] = "Certificate could not be validated"; + }; + String STR_INVALID_SIGNATURE + { + Text [ en-US ] = "The signatures in this document are invalid"; + }; + + FixedImage IMG_STATE_VALID + { + Pos = MAP_APPFONT( DS_COL_0, DS_ROW_2A ); + Size = MAP_APPFONT( IMG1_WIDTH, IMG1_HEIGHT ); + Fixed = Image + { + ImageBitmap = Bitmap { File = "signet_11x16.png"; }; + MaskColor = STD_MASKCOLOR; + }; + }; + FixedText FI_STATE_VALID + { + Pos = MAP_APPFONT( DS_COL_0, DS_ROW_2A ); + Size = MAP_APPFONT( DS_COL_7-DS_COL_0, RSC_CD_FIXEDTEXT_HEIGHT ); + Hide = TRUE; + Text [ en-US ] = "The signatures in this document are valid"; + }; + FixedText FI_STATE_OLDSIGNATURE + { + Pos = MAP_APPFONT( DS_COL_0, DS_ROW_2A ); + Size = MAP_APPFONT( DS_COL_7-DS_COL_0, RSC_CD_FIXEDTEXT_HEIGHT ); + Hide = TRUE; + Text [ en-US ] = "Not all parts of the document are signed"; + }; + FixedImage IMG_STATE_BROKEN + { + Pos = MAP_APPFONT( DS_COL_0, DS_ROW_2A ); + Size = MAP_APPFONT( IMG1_WIDTH, IMG1_HEIGHT ); + Fixed = Image + { + ImageBitmap = Bitmap { File = "caution_11x16.png"; }; + MaskColor = STD_MASKCOLOR; + }; + }; + FixedText FI_STATE_BROKEN + { + Pos = MAP_APPFONT( DS_COL_0, DS_ROW_2A ); + Size = MAP_APPFONT( DS_COL_7-DS_COL_0, RSC_CD_FIXEDTEXT_HEIGHT ); + Hide = TRUE; + Text [ en-US ] = "The signatures in this document are invalid"; + }; + FixedImage IMG_STATE_NOTVALIDATED + { + Pos = MAP_APPFONT( DS_COL_0, DS_ROW_2A ); + Size = MAP_APPFONT( IMG1_WIDTH, IMG1_HEIGHT ); + Fixed = Image + { + ImageBitmap = Bitmap { File = "notcertificate_16.png"; }; + MaskColor = STD_MASKCOLOR; + }; + }; + FixedText FI_STATE_NOTVALIDATED + { + Pos = MAP_APPFONT( DS_COL_0, DS_ROW_2A ); + Size = MAP_APPFONT( DS_COL_7-DS_COL_0, RSC_CD_FIXEDTEXT_HEIGHT ); + Hide = TRUE; + }; + PushButton BTN_VIEWCERT + { + Pos = MAP_APPFONT( DS_COL_1, DS_ROW_3 ); + Size = MAP_APPFONT( DS_COL_2-DS_COL_1, RSC_CD_PUSHBUTTON_HEIGHT ); + Text [ en-US ] = "View Certificate..."; + }; + PushButton BTN_ADDCERT + { + Pos = MAP_APPFONT( DS_COL_3, DS_ROW_3 ); + Size = MAP_APPFONT( DS_COL_4-DS_COL_3, RSC_CD_PUSHBUTTON_HEIGHT ); + Text [ en-US ] = "Add..."; + }; + PushButton BTN_REMOVECERT + { + Pos = MAP_APPFONT( DS_COL_5, DS_ROW_3 ); + Size = MAP_APPFONT( DS_COL_6-DS_COL_5, RSC_CD_PUSHBUTTON_HEIGHT ); + Text [ en-US ] = "Remove"; + }; + FixedLine FL_BOTTOM_SEP + { + Pos = MAP_APPFONT( 0, DLGS_BOTTOM_FL_Y( DS_HEIGHT ) ); + Size = MAP_APPFONT( DS_WIDTH, RSC_CD_FIXEDLINE_HEIGHT ); + }; + OKButton BTN_OK + { + DefButton = TRUE; + Pos = MAP_APPFONT( DLGS_BOTTOM_OK_X( DS_WIDTH ), DLGS_BOTTOM_BTN_Y( DS_HEIGHT ) ); + Size = MAP_APPFONT( RSC_CD_PUSHBUTTON_WIDTH, RSC_CD_PUSHBUTTON_HEIGHT ); + }; + CancelButton BTN_CANCEL + { + Pos = MAP_APPFONT( DLGS_BOTTOM_CANCEL_X( DS_WIDTH ), DLGS_BOTTOM_BTN_Y( DS_HEIGHT ) ); + Size = MAP_APPFONT( RSC_CD_PUSHBUTTON_WIDTH, RSC_CD_PUSHBUTTON_HEIGHT ); + }; + HelpButton BTN_HELP + { + Pos = MAP_APPFONT( DLGS_BOTTOM_HELP_X( DS_WIDTH ), DLGS_BOTTOM_BTN_Y( DS_HEIGHT ) ); + Size = MAP_APPFONT( RSC_CD_PUSHBUTTON_WIDTH, RSC_CD_PUSHBUTTON_HEIGHT ); + }; + Image IMG_STATE_VALID_HC + { + ImageBitmap = Bitmap { File = "signet_11x16_h.png"; }; + MaskColor = STD_MASKCOLOR; + }; + Image IMG_STATE_BROKEN_HC + { + ImageBitmap = Bitmap { File = "caution_11x16_h.png"; }; + MaskColor = STD_MASKCOLOR; + }; + Image IMG_STATE_NOTVALIDATED_HC + { + ImageBitmap = Bitmap { File = "notcertificate_16_h.png"; }; + MaskColor = STD_MASKCOLOR; + }; +}; + + +ErrorBox RID_XMLSECDLG_OLD_ODF_FORMAT +{ + Buttons = WB_OK ; + DefButton = WB_DEF_OK ; + Message [ en-US ] = + "This document contains signatures in ODF 1.1 (OpenOffice.org 2.x) format. " + "Signing documents in %PRODUCTNAME %PRODUCTVERSION requires ODF 1.2 format version. " + "Thus no signatures can be added or removed to this document.\n\n" + "Save document in ODF 1.2 format and add all desired signatures again."; +}; + + +QueryBox MSG_XMLSECDLG_QUERY_REMOVEDOCSIGNBEFORESIGN +{ + Buttons = WB_YES_NO ; + DefButton = WB_DEF_NO ; + Message [ en-US ] = "Adding or removing a macro signature will remove all document signatures.\n" + "Do you really want to continue?"; +}; + + diff --git a/xmlsecurity/source/dialogs/helpids.hrc b/xmlsecurity/source/dialogs/helpids.hrc new file mode 100644 index 000000000000..8d7e082cea6b --- /dev/null +++ b/xmlsecurity/source/dialogs/helpids.hrc @@ -0,0 +1,70 @@ +/************************************************************************* + * + * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. + * + * Copyright 2008 by Sun Microsystems, Inc. + * + * OpenOffice.org - a multi-platform office productivity suite + * + * $RCSfile: helpids.hrc,v $ + * $Revision: 1.5 $ + * + * This file is part of OpenOffice.org. + * + * OpenOffice.org is free software: you can redistribute it and/or modify + * it under the terms of the GNU Lesser General Public License version 3 + * only, as published by the Free Software Foundation. + * + * OpenOffice.org is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU Lesser General Public License version 3 for more details + * (a copy is included in the LICENSE file that accompanied this code). + * + * You should have received a copy of the GNU Lesser General Public License + * version 3 along with OpenOffice.org. If not, see + * <http://www.openoffice.org/license.html> + * for a copy of the LGPLv3 License. + * + ************************************************************************/ + +#ifndef _XMLSEC_HELPIDS_HRC +#define _XMLSEC_HELPIDS_HRC + +// include --------------------------------------------------------------- + +#include <svtools/solar.hrc> + +// Help-Ids -------------------------------------------------------------- + +#define HID_XMLSEC_TP_MACROSEC (HID_XMLSECURITY_START + 0) +#define HID_XMLSEC_TP_SECLEVEL (HID_XMLSECURITY_START + 1) +#define HID_XMLSEC_TP_TRUSTSOURCES (HID_XMLSECURITY_START + 2) +#define HID_XMLSEC_DLG_CERTVIEWER (HID_XMLSECURITY_START + 3) +#define HID_XMLSEC_TP_GENERAL (HID_XMLSECURITY_START + 4) +#define HID_XMLSEC_TP_DETAILS (HID_XMLSECURITY_START + 5) +#define HID_XMLSEC_TP_CERTPATH (HID_XMLSECURITY_START + 6) +#define HID_XMLSEC_DLG_DIGSIG (HID_XMLSECURITY_START + 7) +#define HID_XMLSEC_TP_MACROWARN (HID_XMLSECURITY_START + 8) +#define HID_XMLSEC_DLG_CERTCHOOSER (HID_XMLSECURITY_START + 9) +#define HID_XMLSEC_CTRL_TRUSTSOURCES (HID_XMLSECURITY_START + 10) +#define HID_XMLSEC_CTRL_ELEMENTS (HID_XMLSECURITY_START + 11) +#define HID_XMLSEC_CTRL_VIEWSIGNATURES (HID_XMLSECURITY_START + 12) +#define HID_XMLSEC_CTRL_SIGNATURESDLG (HID_XMLSECURITY_START + 13) +#define HID_XMLSEC_CTRL_CHOOSESIGNATURES (HID_XMLSECURITY_START + 14) +#define HID_XMLSEC_TREE_SIGNATURESDLG (HID_XMLSECURITY_START + 15) + +// pb: please update ACT_XMLSECURITY_HID_END below, thx. + +// ----------------------------------------------------------------------- +// overflow check -------------------------------------------------------- +// ----------------------------------------------------------------------- + +#define ACT_XMLSECURITY_HID_END HID_XMLSEC_TREE_SIGNATURESDLG + +#if ACT_XMLSECURITY_HID_END > HID_XMLSECURITY_END +#error helpids overflow in #line, #file +#endif + +#endif // #ifndef _XMLSEC_HELPIDS_HRC + diff --git a/xmlsecurity/source/dialogs/macrosecurity.cxx b/xmlsecurity/source/dialogs/macrosecurity.cxx new file mode 100644 index 000000000000..f7fa2c08eca5 --- /dev/null +++ b/xmlsecurity/source/dialogs/macrosecurity.cxx @@ -0,0 +1,472 @@ +/************************************************************************* + * + * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. + * + * Copyright 2008 by Sun Microsystems, Inc. + * + * OpenOffice.org - a multi-platform office productivity suite + * + * $RCSfile: macrosecurity.cxx,v $ + * $Revision: 1.31 $ + * + * This file is part of OpenOffice.org. + * + * OpenOffice.org is free software: you can redistribute it and/or modify + * it under the terms of the GNU Lesser General Public License version 3 + * only, as published by the Free Software Foundation. + * + * OpenOffice.org is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU Lesser General Public License version 3 for more details + * (a copy is included in the LICENSE file that accompanied this code). + * + * You should have received a copy of the GNU Lesser General Public License + * version 3 along with OpenOffice.org. If not, see + * <http://www.openoffice.org/license.html> + * for a copy of the LGPLv3 License. + * + ************************************************************************/ + +// MARKER(update_precomp.py): autogen include statement, do not remove +#include "precompiled_xmlsecurity.hxx" + +#include <xmlsecurity/macrosecurity.hxx> +#include <xmlsecurity/certificatechooser.hxx> +#include <xmlsecurity/certificateviewer.hxx> +#include <xmlsecurity/biginteger.hxx> + +#include <osl/file.hxx> +#include <vcl/help.hxx> + + +#include <com/sun/star/xml/crypto/XSecurityEnvironment.hpp> +#include <com/sun/star/security/SerialNumberAdapter.hpp> +#include <comphelper/sequence.hxx> +#include <sfx2/filedlghelper.hxx> +#include <svtools/pickerhelper.hxx> +#include <comphelper/processfactory.hxx> +#include <com/sun/star/uno/Exception.hpp> +#include <com/sun/star/lang/XMultiServiceFactory.hpp> +#include <com/sun/star/ui/dialogs/XFolderPicker.hpp> +#include <com/sun/star/ui/dialogs/ExecutableDialogResults.hpp> +#include <tools/urlobj.hxx> + +#include <vcl/msgbox.hxx> + +#include "dialogs.hrc" +#include "resourcemanager.hxx" + +/* HACK: disable some warnings for MS-C */ +#ifdef _MSC_VER +#pragma warning (disable : 4355) // 4355: this used in initializer-list +#endif + +using namespace ::com::sun::star; + + +IMPL_LINK( MacroSecurity, OkBtnHdl, void*, EMPTYARG ) +{ + mpLevelTP->ClosePage(); + mpTrustSrcTP->ClosePage(); + + EndDialog( RET_OK ); + + return 0; +} + +MacroSecurity::MacroSecurity( Window* _pParent, const cssu::Reference< cssu::XComponentContext> &_rxCtx, const cssu::Reference< dcss::xml::crypto::XSecurityEnvironment >& _rxSecurityEnvironment ) + :TabDialog ( _pParent, XMLSEC_RES( RID_XMLSECTP_MACROSEC ) ) + ,maTabCtrl ( this, XMLSEC_RES( 1 ) ) + ,maOkBtn ( this, XMLSEC_RES( BTN_OK ) ) + ,maCancelBtn ( this, XMLSEC_RES( BTN_CANCEL ) ) + ,maHelpBtn ( this, XMLSEC_RES( BTN_HELP ) ) + ,maResetBtn ( this, XMLSEC_RES( BTN_RESET ) ) +{ + FreeResource(); + + mxCtx = _rxCtx; + mxSecurityEnvironment = _rxSecurityEnvironment; + + mpLevelTP = new MacroSecurityLevelTP( &maTabCtrl, this ); + mpTrustSrcTP = new MacroSecurityTrustedSourcesTP( &maTabCtrl, this ); + + maTabCtrl.SetTabPage( RID_XMLSECTP_SECLEVEL, mpLevelTP ); + maTabCtrl.SetTabPage( RID_XMLSECTP_TRUSTSOURCES, mpTrustSrcTP ); + maTabCtrl.SetCurPageId( RID_XMLSECTP_SECLEVEL ); + + maOkBtn.SetClickHdl( LINK( this, MacroSecurity, OkBtnHdl ) ); +} + +MacroSecurity::~MacroSecurity() +{ + delete maTabCtrl.GetTabPage( RID_XMLSECTP_TRUSTSOURCES ); + delete maTabCtrl.GetTabPage( RID_XMLSECTP_SECLEVEL ); +} + + +MacroSecurityTP::MacroSecurityTP( Window* _pParent, const ResId& _rResId, MacroSecurity* _pDlg ) + :TabPage ( _pParent, _rResId ) + ,mpDlg ( _pDlg ) +{ +} + +MacroSecurityLevelTP::MacroSecurityLevelTP( Window* _pParent, MacroSecurity* _pDlg ) + :MacroSecurityTP ( _pParent, XMLSEC_RES( RID_XMLSECTP_SECLEVEL ), _pDlg ) + ,maSecLevelFL ( this, XMLSEC_RES( FL_SECLEVEL ) ) + ,maSecReadonlyFI ( this, XMLSEC_RES( FI_SEC_READONLY )) + ,maVeryHighRB ( this, XMLSEC_RES( RB_VERYHIGH ) ) + ,maHighRB ( this, XMLSEC_RES( RB_HIGH ) ) + ,maMediumRB ( this, XMLSEC_RES( RB_MEDIUM ) ) + ,maLowRB ( this, XMLSEC_RES( RB_LOW ) ) +{ + FreeResource(); + + maLowRB.SetClickHdl( LINK( this, MacroSecurityLevelTP, RadioButtonHdl ) ); + maMediumRB.SetClickHdl( LINK( this, MacroSecurityLevelTP, RadioButtonHdl ) ); + maHighRB.SetClickHdl( LINK( this, MacroSecurityLevelTP, RadioButtonHdl ) ); + maVeryHighRB.SetClickHdl( LINK( this, MacroSecurityLevelTP, RadioButtonHdl ) ); + + mnCurLevel = (USHORT) mpDlg->maSecOptions.GetMacroSecurityLevel(); + sal_Bool bReadonly = mpDlg->maSecOptions.IsReadOnly( SvtSecurityOptions::E_MACRO_SECLEVEL ); + + RadioButton* pCheck = 0; + switch( mnCurLevel ) + { + case 3: pCheck = &maVeryHighRB; break; + case 2: pCheck = &maHighRB; break; + case 1: pCheck = &maMediumRB; break; + case 0: pCheck = &maLowRB; break; + } + if(pCheck) + pCheck->Check(); + else + { + DBG_ERROR("illegal macro security level"); + } + maSecReadonlyFI.Show(bReadonly); + if(bReadonly) + { + //move to the selected button + if( pCheck && pCheck != &maVeryHighRB) + { + long nDiff = pCheck->GetPosPixel().Y() - maVeryHighRB.GetPosPixel().Y(); + Point aPos(maSecReadonlyFI.GetPosPixel()); + aPos.Y() += nDiff; + maSecReadonlyFI.SetPosPixel(aPos); + } + maVeryHighRB.Enable(sal_False); + maHighRB.Enable(sal_False); + maMediumRB.Enable(sal_False); + maLowRB.Enable(sal_False); + } + +} + +IMPL_LINK( MacroSecurityLevelTP, RadioButtonHdl, RadioButton*, EMPTYARG ) +{ + USHORT nNewLevel = 0; + if( maVeryHighRB.IsChecked() ) + nNewLevel = 3; + else if( maHighRB.IsChecked() ) + nNewLevel = 2; + else if( maMediumRB.IsChecked() ) + nNewLevel = 1; + + if ( nNewLevel != mnCurLevel ) + { + mnCurLevel = nNewLevel; + mpDlg->EnableReset(); + } + + return 0; +} + +void MacroSecurityLevelTP::ClosePage( void ) +{ + mpDlg->maSecOptions.SetMacroSecurityLevel( mnCurLevel ); +} + +void MacroSecurityTrustedSourcesTP::ImplCheckButtons() +{ + bool bCertSelected = maTrustCertLB.FirstSelected() != NULL; + maViewCertPB.Enable( bCertSelected ); + maRemoveCertPB.Enable( bCertSelected && !mbAuthorsReadonly); + + bool bLocationSelected = maTrustFileLocLB.GetSelectEntryPos() != LISTBOX_ENTRY_NOTFOUND; + maRemoveLocPB.Enable( bLocationSelected && !mbURLsReadonly); +} + + +IMPL_LINK( MacroSecurityTrustedSourcesTP, ViewCertPBHdl, void*, EMPTYARG ) +{ + if( maTrustCertLB.FirstSelected() ) + { + USHORT nSelected = USHORT( sal_uIntPtr( maTrustCertLB.FirstSelected()->GetUserData() ) ); + + uno::Reference< dcss::security::XSerialNumberAdapter > xSerialNumberAdapter = + ::com::sun::star::security::SerialNumberAdapter::create(mpDlg->mxCtx); + + uno::Reference< dcss::security::XCertificate > xCert = mpDlg->mxSecurityEnvironment->getCertificate( maTrustedAuthors[nSelected][0], xSerialNumberAdapter->toSequence( maTrustedAuthors[nSelected][1] ) ); + + // If we don't get it, create it from signature data: + if ( !xCert.is() ) + xCert = mpDlg->mxSecurityEnvironment->createCertificateFromAscii( maTrustedAuthors[nSelected][2] ) ; + + DBG_ASSERT( xCert.is(), "*MacroSecurityTrustedSourcesTP::ViewCertPBHdl(): Certificate not found and can't be created!" ); + + if ( xCert.is() ) + { + CertificateViewer aViewer( this, mpDlg->mxSecurityEnvironment, xCert, FALSE ); + aViewer.Execute(); + } + } + return 0; +} + +IMPL_LINK( MacroSecurityTrustedSourcesTP, RemoveCertPBHdl, void*, EMPTYARG ) +{ + if( maTrustCertLB.FirstSelected() ) + { + USHORT nAuthor = USHORT( sal_uIntPtr( maTrustCertLB.FirstSelected()->GetUserData() ) ); + ::comphelper::removeElementAt( maTrustedAuthors, nAuthor ); + + FillCertLB(); + ImplCheckButtons(); + } + + return 0; +} + +IMPL_LINK( MacroSecurityTrustedSourcesTP, AddLocPBHdl, void*, EMPTYARG ) +{ + try + { + rtl::OUString aService( RTL_CONSTASCII_USTRINGPARAM( FOLDER_PICKER_SERVICE_NAME ) ); + uno::Reference < lang::XMultiServiceFactory > xFactory( ::comphelper::getProcessServiceFactory() ); + uno::Reference < ui::dialogs::XFolderPicker > xFolderPicker( xFactory->createInstance( aService ), uno::UNO_QUERY ); + + short nRet = xFolderPicker->execute(); + + if( ui::dialogs::ExecutableDialogResults::OK != nRet ) + return 0; + + rtl::OUString aPathStr = xFolderPicker->getDirectory(); + INetURLObject aNewObj( aPathStr ); + aNewObj.removeFinalSlash(); + + // then the new path also an URL else system path + ::rtl::OUString aSystemFileURL = ( aNewObj.GetProtocol() != INET_PROT_NOT_VALID ) ? + aPathStr : aNewObj.getFSysPath( INetURLObject::FSYS_DETECT ); + + String aNewPathStr(aSystemFileURL); + + if ( osl::FileBase::getSystemPathFromFileURL( aSystemFileURL, aSystemFileURL ) == osl::FileBase::E_None ) + aNewPathStr = aSystemFileURL; + + if( maTrustFileLocLB.GetEntryPos( aNewPathStr ) == LISTBOX_ENTRY_NOTFOUND ) + { + maTrustFileLocLB.InsertEntry( aNewPathStr ); + } + + ImplCheckButtons(); + } + catch( uno::Exception& ) + { + DBG_ERRORFILE( "MacroSecurityTrustedSourcesTP::AddLocPBHdl(): exception from folder picker" ); + } + + return 0; +} + +IMPL_LINK( MacroSecurityTrustedSourcesTP, RemoveLocPBHdl, void*, EMPTYARG ) +{ + USHORT nSel = maTrustFileLocLB.GetSelectEntryPos(); + if( nSel != LISTBOX_ENTRY_NOTFOUND ) + { + maTrustFileLocLB.RemoveEntry( nSel ); + // --> PB 2004-09-21 #i33584# + // after remove an entry, select another one if exists + USHORT nNewCount = maTrustFileLocLB.GetEntryCount(); + if ( nNewCount > 0 ) + { + if ( nSel >= nNewCount ) + nSel = nNewCount - 1; + maTrustFileLocLB.SelectEntryPos( nSel ); + } + // <-- + ImplCheckButtons(); + } + + return 0; +} + +IMPL_LINK( MacroSecurityTrustedSourcesTP, TrustCertLBSelectHdl, void*, EMPTYARG ) +{ + ImplCheckButtons(); + return 0; +} + +IMPL_LINK( MacroSecurityTrustedSourcesTP, TrustFileLocLBSelectHdl, void*, EMPTYARG ) +{ + ImplCheckButtons(); + return 0; +} + +void MacroSecurityTrustedSourcesTP::FillCertLB( void ) +{ + maTrustCertLB.Clear(); + + sal_uInt32 nEntries = maTrustedAuthors.getLength(); + + if ( nEntries && mpDlg->mxSecurityEnvironment.is() ) + { + for( sal_uInt32 nEntry = 0 ; nEntry < nEntries ; ++nEntry ) + { + cssu::Sequence< ::rtl::OUString >& rEntry = maTrustedAuthors[ nEntry ]; + uno::Reference< css::security::XCertificate > xCert; + + // create from RawData + xCert = mpDlg->mxSecurityEnvironment->createCertificateFromAscii( rEntry[ 2 ] ); + + SvLBoxEntry* pLBEntry = maTrustCertLB.InsertEntry( XmlSec::GetContentPart( xCert->getSubjectName() ) ); + maTrustCertLB.SetEntryText( XmlSec::GetContentPart( xCert->getIssuerName() ), pLBEntry, 1 ); + maTrustCertLB.SetEntryText( XmlSec::GetDateTimeString( xCert->getNotValidAfter() ), pLBEntry, 2 ); + pLBEntry->SetUserData( ( void* ) sal_Int32( nEntry ) ); // missuse user data as index + } + } +} + +MacroSecurityTrustedSourcesTP::MacroSecurityTrustedSourcesTP( Window* _pParent, MacroSecurity* _pDlg ) + :MacroSecurityTP ( _pParent, XMLSEC_RES( RID_XMLSECTP_TRUSTSOURCES ), _pDlg ) + ,maTrustCertFL ( this, XMLSEC_RES( FL_TRUSTCERT ) ) + ,maTrustCertROFI ( this, XMLSEC_RES( FI_TRUSTCERT_RO ) ) + ,maTrustCertLB ( this, XMLSEC_RES( LB_TRUSTCERT ) ) + ,maAddCertPB ( this, XMLSEC_RES( PB_ADD_TRUSTCERT ) ) + ,maViewCertPB ( this, XMLSEC_RES( PB_VIEW_TRUSTCERT ) ) + ,maRemoveCertPB ( this, XMLSEC_RES( PB_REMOVE_TRUSTCERT ) ) + ,maTrustFileLocFL ( this, XMLSEC_RES( FL_TRUSTFILELOC ) ) + ,maTrustFileROFI ( this, XMLSEC_RES( FI_TRUSTFILE_RO ) ) + ,maTrustFileLocFI ( this, XMLSEC_RES( FI_TRUSTFILELOC ) ) + ,maTrustFileLocLB ( this, XMLSEC_RES( LB_TRUSTFILELOC ) ) + ,maAddLocPB ( this, XMLSEC_RES( FL_ADD_TRUSTFILELOC ) ) + ,maRemoveLocPB ( this, XMLSEC_RES( FL_REMOVE_TRUSTFILELOC ) ) +{ + static long nTabs[] = { 3, 0, 35*CS_LB_WIDTH/100, 70*CS_LB_WIDTH/100 }; + maTrustCertLB.SetTabs( &nTabs[ 0 ] ); + maTrustCertLB.InsertHeaderEntry( String( XMLSEC_RES( STR_HEADERBAR ) ) ); + + FreeResource(); + + maTrustCertLB.SetSelectHdl( LINK( this, MacroSecurityTrustedSourcesTP, TrustCertLBSelectHdl ) ); + maAddCertPB.Hide(); // not used in the moment... + maViewCertPB.SetClickHdl( LINK( this, MacroSecurityTrustedSourcesTP, ViewCertPBHdl ) ); + maViewCertPB.Disable(); + maRemoveCertPB.SetClickHdl( LINK( this, MacroSecurityTrustedSourcesTP, RemoveCertPBHdl ) ); + maRemoveCertPB.Disable(); + + maTrustFileLocLB.SetSelectHdl( LINK( this, MacroSecurityTrustedSourcesTP, TrustFileLocLBSelectHdl ) ); + maAddLocPB.SetClickHdl( LINK( this, MacroSecurityTrustedSourcesTP, AddLocPBHdl ) ); + maRemoveLocPB.SetClickHdl( LINK( this, MacroSecurityTrustedSourcesTP, RemoveLocPBHdl ) ); + maRemoveLocPB.Disable(); + + maTrustedAuthors = mpDlg->maSecOptions.GetTrustedAuthors(); + mbAuthorsReadonly = mpDlg->maSecOptions.IsReadOnly( SvtSecurityOptions::E_MACRO_TRUSTEDAUTHORS ); + maTrustCertROFI.Show( mbAuthorsReadonly ); + mbAuthorsReadonly ? maTrustCertLB.DisableTable() : maTrustCertLB.EnableTable(); +// unused button +// maAddCertPB.Enable( !mbAuthorsReadonly ); + + FillCertLB(); + + cssu::Sequence< rtl::OUString > aSecureURLs = mpDlg->maSecOptions.GetSecureURLs(); + mbURLsReadonly = mpDlg->maSecOptions.IsReadOnly( SvtSecurityOptions::E_SECUREURLS ); + maTrustFileROFI.Show( mbURLsReadonly ); + maTrustFileLocLB.Enable( !mbURLsReadonly ); + maAddLocPB .Enable( !mbURLsReadonly ); + + sal_Int32 nEntryCnt = aSecureURLs.getLength(); + for( sal_Int32 i = 0 ; i < nEntryCnt ; ++i ) + { + ::rtl::OUString aSystemFileURL( aSecureURLs[ i ] ); + osl::FileBase::getSystemPathFromFileURL( aSystemFileURL, aSystemFileURL ); + maTrustFileLocLB.InsertEntry( aSystemFileURL ); + } +} + +void MacroSecurityTrustedSourcesTP::ActivatePage() +{ + mpDlg->EnableReset( false ); + FillCertLB(); +} + +void MacroSecurityTrustedSourcesTP::ClosePage( void ) +{ + USHORT nEntryCnt = maTrustFileLocLB.GetEntryCount(); + if( nEntryCnt ) + { + cssu::Sequence< rtl::OUString > aSecureURLs( nEntryCnt ); + for( USHORT i = 0 ; i < nEntryCnt ; ++i ) + { + ::rtl::OUString aURL( maTrustFileLocLB.GetEntry( i ) ); + osl::FileBase::getFileURLFromSystemPath( aURL, aURL ); + aSecureURLs[ i ] = aURL; + } + + mpDlg->maSecOptions.SetSecureURLs( aSecureURLs ); + } + // --> PB 2004-09-21 #i33584# + // don't forget to remove the old saved SecureURLs + else + mpDlg->maSecOptions.SetSecureURLs( cssu::Sequence< rtl::OUString >() ); + // <-- + + mpDlg->maSecOptions.SetTrustedAuthors( maTrustedAuthors ); +} +/*-- 26.02.2004 13:31:04--------------------------------------------------- + + -----------------------------------------------------------------------*/ +ReadOnlyImage::ReadOnlyImage(Window* pParent, const ResId rResId) : + FixedImage(pParent, rResId) +{ + sal_Bool bHighContrast = pParent->GetSettings().GetStyleSettings().GetHighContrastMode(); + SetImage( Image(XMLSEC_RES( bHighContrast ? RID_XMLSECTP_LOCK_HC : RID_XMLSECTP_LOCK ))); +} + +/*-- 26.02.2004 13:31:04--------------------------------------------------- + + -----------------------------------------------------------------------*/ +ReadOnlyImage::~ReadOnlyImage() +{ +} +/*-- 26.02.2004 13:31:04--------------------------------------------------- + + -----------------------------------------------------------------------*/ +void ReadOnlyImage::RequestHelp( const HelpEvent& rHEvt ) +{ + if( Help::IsBalloonHelpEnabled() || Help::IsQuickHelpEnabled() ) + { + Rectangle aLogicPix( LogicToPixel( Rectangle( Point(), GetOutputSize() ) ) ); + Rectangle aScreenRect( OutputToScreenPixel( aLogicPix.TopLeft() ), + OutputToScreenPixel( aLogicPix.BottomRight() ) ); + + String aStr(ReadOnlyImage::GetHelpTip()); + if ( Help::IsBalloonHelpEnabled() ) + Help::ShowBalloon( this, rHEvt.GetMousePosPixel(), aScreenRect, + aStr ); + else if ( Help::IsQuickHelpEnabled() ) + Help::ShowQuickHelp( this, aScreenRect, aStr ); + } + else + Window::RequestHelp( rHEvt ); +} + +/*-- 26.02.2004 14:20:21--------------------------------------------------- + + -----------------------------------------------------------------------*/ +const String& ReadOnlyImage::GetHelpTip() +{ + static String aStr(XMLSEC_RES( RID_XMLSECTP_READONLY_CONFIG_TIP)); + return aStr; +} + diff --git a/xmlsecurity/source/dialogs/macrosecurity.src b/xmlsecurity/source/dialogs/macrosecurity.src new file mode 100644 index 000000000000..7ab81e6d23be --- /dev/null +++ b/xmlsecurity/source/dialogs/macrosecurity.src @@ -0,0 +1,243 @@ +/************************************************************************* + * + * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. + * + * Copyright 2008 by Sun Microsystems, Inc. + * + * OpenOffice.org - a multi-platform office productivity suite + * + * $RCSfile: macrosecurity.src,v $ + * $Revision: 1.10 $ + * + * This file is part of OpenOffice.org. + * + * OpenOffice.org is free software: you can redistribute it and/or modify + * it under the terms of the GNU Lesser General Public License version 3 + * only, as published by the Free Software Foundation. + * + * OpenOffice.org is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU Lesser General Public License version 3 for more details + * (a copy is included in the LICENSE file that accompanied this code). + * + * You should have received a copy of the GNU Lesser General Public License + * version 3 along with OpenOffice.org. If not, see + * <http://www.openoffice.org/license.html> + * for a copy of the LGPLv3 License. + * + ************************************************************************/ + +#include "dialogs.hrc" +#include "helpids.hrc" + +TabDialog RID_XMLSECTP_MACROSEC +{ + HelpID = HID_XMLSEC_TP_MACROSEC; + Size = MAP_APPFONT( TD_WIDTH, TD_HEIGHT ); + OutputSize = TRUE; + Closeable = TRUE; + Moveable = TRUE; + SVLook = TRUE; + + Text [ en-US ] = "Macro Security"; + TabControl 1 + { + Pos = MAP_APPFONT( TD_SP_INNERBORDER_LEFT, TD_SP_INNERBORDER_TOP ); + Size = MAP_APPFONT( TP_WIDTH, TP_HEIGHT+RIDDER_HEIGHT ); + SVLook = TRUE ; + PageList = + { + PageItem + { + Identifier = RID_XMLSECTP_SECLEVEL; + Text [ en-US ] = "Security Level"; + }; + PageItem + { + Identifier = RID_XMLSECTP_TRUSTSOURCES; + Text [ en-US ] = "Trusted Sources"; + }; + }; + }; + OKButton BTN_OK + { + Pos = MAP_APPFONT( MS_COL_H, CV_ROW_A ); + Size = MAP_APPFONT( RSC_CD_PUSHBUTTON_WIDTH, RSC_CD_PUSHBUTTON_HEIGHT ); + DefButton = TRUE; + }; + CancelButton BTN_CANCEL + { + Pos = MAP_APPFONT( MS_COL_F, CV_ROW_A ); + Size = MAP_APPFONT( RSC_CD_PUSHBUTTON_WIDTH, RSC_CD_PUSHBUTTON_HEIGHT ); + }; + HelpButton BTN_HELP + { + Pos = MAP_APPFONT( MS_COL_D, CV_ROW_A ); + Size = MAP_APPFONT( RSC_CD_PUSHBUTTON_WIDTH, RSC_CD_PUSHBUTTON_HEIGHT ); + }; + PushButton BTN_RESET + { + Pos = MAP_APPFONT( MS_COL_B, CV_ROW_A ); + Size = MAP_APPFONT( RSC_CD_PUSHBUTTON_WIDTH, RSC_CD_PUSHBUTTON_HEIGHT ); + Text [ en-US ] = "Reset"; + }; +}; + +TabPage RID_XMLSECTP_SECLEVEL +{ + HelpId = HID_XMLSEC_TP_SECLEVEL; + Size = MAP_APPFONT( TP_WIDTH, TP_HEIGHT ); + OutputSize = TRUE; + Hide = TRUE; + SVLook = TRUE; + FixedLine FL_SECLEVEL + { + Pos = MAP_APPFONT( SL_COL_0, SL_ROW_0 ); + Size = MAP_APPFONT( SL_COL_3-SL_COL_0, RSC_CD_FIXEDLINE_HEIGHT ); + Hide = TRUE; + }; + FixedImage FI_SEC_READONLY + { + Pos = MAP_APPFONT( SL_COL_1 - 7, SL_ROW_0 + 4 ); + Size = MAP_APPFONT( 6, 6 ); + }; + RadioButton RB_VERYHIGH + { + Pos = MAP_APPFONT( SL_COL_1, SL_ROW_0 ); + Size = MAP_APPFONT( SL_COL_2-SL_COL_1, RSC_BIG_RADIOBUTTON ); + WordBreak = TRUE; + Text [ en-US ] = "~Very high.\nOnly macros from trusted file locations are allowed to run. All other macros, regardless whether signed or not, are disabled."; + }; + RadioButton RB_HIGH + { + Pos = MAP_APPFONT( SL_COL_1, SL_ROW_1 ); + Size = MAP_APPFONT( SL_COL_2-SL_COL_1, RSC_BIG_RADIOBUTTON ); + WordBreak = TRUE; + Text [ en-US ] = "H~igh.\nOnly signed macros from trusted sources are allowed to run. Unsigned macros are disabled."; + }; + RadioButton RB_MEDIUM + { + Pos = MAP_APPFONT( SL_COL_1, SL_ROW_2 ); + Size = MAP_APPFONT( SL_COL_2-SL_COL_1, RSC_BIG_RADIOBUTTON ); + WordBreak = TRUE; + Text [ en-US ] = "~Medium.\nConfirmation required before executing macros from untrusted sources."; + }; + RadioButton RB_LOW + { + Pos = MAP_APPFONT( SL_COL_1, SL_ROW_3 ); + Size = MAP_APPFONT( SL_COL_2-SL_COL_1, SL_ROW_4-SL_ROW_3 ); + WordBreak = TRUE; + Text [ en-US ] = "~Low (not recommended).\nAll macros will be executed without confirmation. Use this setting only if you are certain that all documents that will be opened are safe."; + }; +}; + +TabPage RID_XMLSECTP_TRUSTSOURCES +{ + HelpId = HID_XMLSEC_TP_TRUSTSOURCES; + Size = MAP_APPFONT( TP_WIDTH, TP_HEIGHT ); + OutputSize = TRUE; + Hide = TRUE; + SVLook = TRUE; + FixedLine FL_TRUSTCERT + { + Pos = MAP_APPFONT( TS_COL_0, TS_ROW_0 ); + Size = MAP_APPFONT( TS_COL_8-TS_COL_0, RSC_CD_FIXEDLINE_HEIGHT ); + Text [ en-US ] = "Trusted certificates"; + }; + FixedImage FI_TRUSTCERT_RO + { + Pos = MAP_APPFONT( TS_COL_1 - 7, TS_ROW_1 ); + Size = MAP_APPFONT( 6, 6 ); + }; + Control LB_TRUSTCERT + { + HelpId = HID_XMLSEC_CTRL_TRUSTSOURCES; + Pos = MAP_APPFONT( TS_COL_1, TS_ROW_1 ); + Size = MAP_APPFONT( TS_COL_7-TS_COL_1, RSC_CD_TABLISTBOX_HEIGHT ); + SVLook = TRUE; + Border = TRUE; + }; + String STR_HEADERBAR + { + Text [ en-US ] = "Issued to\tIssued by\tExpiration date"; + }; + PushButton PB_ADD_TRUSTCERT + { + Pos = MAP_APPFONT( TS_COL_2, TS_ROW_2 ); + Size = MAP_APPFONT( RSC_CD_PUSHBUTTON_WIDTH, RSC_CD_PUSHBUTTON_HEIGHT ); + Text [ en-US ] = "Add..."; + }; + PushButton PB_VIEW_TRUSTCERT + { + Pos = MAP_APPFONT( TS_COL_4, TS_ROW_2 ); + Size = MAP_APPFONT( RSC_CD_PUSHBUTTON_WIDTH, RSC_CD_PUSHBUTTON_HEIGHT ); + Text [ en-US ] = "View..."; + }; + PushButton PB_REMOVE_TRUSTCERT + { + Pos = MAP_APPFONT( TS_COL_6, TS_ROW_2 ); + Size = MAP_APPFONT( RSC_CD_PUSHBUTTON_WIDTH, RSC_CD_PUSHBUTTON_HEIGHT ); + Text [ en-US ] = "Remove"; + }; + FixedLine FL_TRUSTFILELOC + { + Pos = MAP_APPFONT( TS_COL_0, TS_ROW_3 ); + Size = MAP_APPFONT( TS_COL_8-TS_COL_0, RSC_CD_FIXEDLINE_HEIGHT ); + Text [ en-US ] = "Trusted file locations"; + }; + FixedText FI_TRUSTFILELOC + { + Pos = MAP_APPFONT( TS_COL_1, TS_ROW_4 ); + Size = MAP_APPFONT( TS_COL_7-TS_COL_1, 3*RSC_CD_FIXEDLINE_HEIGHT ); + WordBreak = TRUE; + Text [ en-US ] = "Document macros are always executed if they have been opened from one of the following locations."; + }; + FixedImage FI_TRUSTFILE_RO + { + Pos = MAP_APPFONT( TS_COL_1 - 7, TS_ROW_5 ); + Size = MAP_APPFONT( 6, 6 ); + }; + ListBox LB_TRUSTFILELOC + { + Pos = MAP_APPFONT( TS_COL_1, TS_ROW_5 ); + Size = MAP_APPFONT( TS_COL_7-TS_COL_1, TS_ROW_6-TS_ROW_5 ); + SVLook = TRUE; + Border = TRUE; + VScroll = TRUE; + Sort = TRUE; + }; + PushButton FL_ADD_TRUSTFILELOC + { + Pos = MAP_APPFONT( TS_COL_4, TS_ROW_7 ); + Size = MAP_APPFONT( RSC_CD_PUSHBUTTON_WIDTH, RSC_CD_PUSHBUTTON_HEIGHT ); + Text [ en-US ] = "Add..."; + }; + PushButton FL_REMOVE_TRUSTFILELOC + { + Pos = MAP_APPFONT( TS_COL_6, TS_ROW_7 ); + Size = MAP_APPFONT( RSC_CD_PUSHBUTTON_WIDTH, RSC_CD_PUSHBUTTON_HEIGHT ); + Text [ en-US ] = "Remove"; + }; +}; +String RID_XMLSECTP_READONLY_CONFIG_TIP +{ + Text [ en-US ] = "This setting is protected by the Administrator"; +}; +Image RID_XMLSECTP_LOCK +{ + ImageBitmap = Bitmap + { + File = "lock.bmp"; + }; + MaskColor = Color { Red=0xffff; Green=0x0000; Blue=0xffff; }; +}; +Image RID_XMLSECTP_LOCK_HC +{ + ImageBitmap = Bitmap + { + File = "lock_hc.bmp"; + }; + MaskColor = Color { Red=0xffff; Green=0x0000; Blue=0xffff; }; +}; + diff --git a/xmlsecurity/source/dialogs/makefile.mk b/xmlsecurity/source/dialogs/makefile.mk new file mode 100644 index 000000000000..0f214a0c89ef --- /dev/null +++ b/xmlsecurity/source/dialogs/makefile.mk @@ -0,0 +1,68 @@ +#************************************************************************* +# +# DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. +# +# Copyright 2008 by Sun Microsystems, Inc. +# +# OpenOffice.org - a multi-platform office productivity suite +# +# $RCSfile: makefile.mk,v $ +# +# $Revision: 1.8 $ +# +# This file is part of OpenOffice.org. +# +# OpenOffice.org is free software: you can redistribute it and/or modify +# it under the terms of the GNU Lesser General Public License version 3 +# only, as published by the Free Software Foundation. +# +# OpenOffice.org is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU Lesser General Public License version 3 for more details +# (a copy is included in the LICENSE file that accompanied this code). +# +# You should have received a copy of the GNU Lesser General Public License +# version 3 along with OpenOffice.org. If not, see +# <http://www.openoffice.org/license.html> +# for a copy of the LGPLv3 License. +# +#************************************************************************* + +PRJ=..$/.. + +PRJNAME=xmlsecurity +TARGET=dialogs +TARGETTYPE=GUI + + +ENABLE_EXCEPTIONS=TRUE + +# --- Settings ----------------------------------------------------- + +.INCLUDE : settings.mk +.INCLUDE : $(PRJ)$/util$/target.pmk + + +# --- Files -------------------------------------------------------- + +BMP_IN=$(PRJ)$/res + +SRS1NAME=dialogs +SRC1FILES = \ + digitalsignaturesdialog.src \ + certificatechooser.src \ + certificateviewer.src \ + macrosecurity.src + +SLOFILES= \ + $(SLO)$/digitalsignaturesdialog.obj \ + $(SLO)$/certificatechooser.obj \ + $(SLO)$/certificateviewer.obj \ + $(SLO)$/macrosecurity.obj \ + $(SLO)$/resourcemanager.obj + + +# --- Targets ------------------------------------------------------ + +.INCLUDE : target.mk diff --git a/xmlsecurity/source/dialogs/resourcemanager.cxx b/xmlsecurity/source/dialogs/resourcemanager.cxx new file mode 100644 index 000000000000..693d003b0d77 --- /dev/null +++ b/xmlsecurity/source/dialogs/resourcemanager.cxx @@ -0,0 +1,434 @@ +/************************************************************************* + * + * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. + * + * Copyright 2008 by Sun Microsystems, Inc. + * + * OpenOffice.org - a multi-platform office productivity suite + * + * $RCSfile: resourcemanager.cxx,v $ + * $Revision: 1.14 $ + * + * This file is part of OpenOffice.org. + * + * OpenOffice.org is free software: you can redistribute it and/or modify + * it under the terms of the GNU Lesser General Public License version 3 + * only, as published by the Free Software Foundation. + * + * OpenOffice.org is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU Lesser General Public License version 3 for more details + * (a copy is included in the LICENSE file that accompanied this code). + * + * You should have received a copy of the GNU Lesser General Public License + * version 3 along with OpenOffice.org. If not, see + * <http://www.openoffice.org/license.html> + * for a copy of the LGPLv3 License. + * + ************************************************************************/ + +// MARKER(update_precomp.py): autogen include statement, do not remove +#include "precompiled_xmlsecurity.hxx" + +#include "resourcemanager.hxx" + +#include <vcl/svapp.hxx> +#include <vcl/fixed.hxx> +#include <svtools/stdctrl.hxx> +#include <svtools/solar.hrc> +#include <svtools/syslocale.hxx> +#include <rtl/ustring.h> +#include <rtl/ustrbuf.h> +#include <vector> + +using ::rtl::OUString; +using namespace std; + +namespace XmlSec +{ + static ResMgr* pResMgr = 0; + static SvtSysLocale* pSysLocale = 0; + + ResMgr* GetResMgr( void ) + { + if( !pResMgr ) + { + ByteString aName( "xmlsec" ); +// pResMgr = ResMgr::CreateResMgr( aName.GetBuffer(), Application::GetSettings().GetUILanguage() ); +// LanguageType aLang( LANGUAGE_ENGLISH_US ); +// pResMgr = ResMgr::CreateResMgr( aName.GetBuffer(), aLang ); +// MT: Change to Locale + pResMgr = ResMgr::CreateResMgr( aName.GetBuffer() ); + } + + return pResMgr; + } + + const LocaleDataWrapper& GetLocaleData( void ) + { + if (!pSysLocale) + pSysLocale = new SvtSysLocale; + return pSysLocale->GetLocaleData(); + } + + DateTime GetDateTime( const ::com::sun::star::util::DateTime& _rDT ) + { + return DateTime( + Date( _rDT.Day, _rDT.Month, _rDT.Year ), + Time( _rDT.Hours, _rDT.Minutes, _rDT.Seconds, _rDT.HundredthSeconds ) ); + } + + String GetDateTimeString( const ::com::sun::star::util::DateTime& _rDT ) + { + // --> PB 2004-10-12 #i20172# String with date and time information + DateTime aDT( GetDateTime( _rDT ) ); + const LocaleDataWrapper& rLoDa = GetLocaleData(); + String sRet( rLoDa.getDate( aDT ) ); + sRet += ' '; + sRet += rLoDa.getTime( aDT ); + return sRet; + } + + String GetDateTimeString( const rtl::OUString& _rDate, const rtl::OUString& _rTime ) + { + String sDay( _rDate, 6, 2 ); + String sMonth( _rDate, 4, 2 ); + String sYear( _rDate, 0, 4 ); + + String sHour( _rTime, 0, 2 ); + String sMin( _rTime, 4, 2 ); + String sSec( _rTime, 6, 2 ); + + + Date aDate( (USHORT)sDay.ToInt32(), (USHORT) sMonth.ToInt32(), (USHORT)sYear.ToInt32() ); + Time aTime( sHour.ToInt32(), sMin.ToInt32(), sSec.ToInt32(), 0 ); + const LocaleDataWrapper& rLoDa = GetLocaleData(); + String aStr( rLoDa.getDate( aDate ) ); + aStr.AppendAscii( " " ); + aStr += rLoDa.getTime( aTime ); + return aStr; + } + + String GetDateString( const ::com::sun::star::util::DateTime& _rDT ) + { + return GetLocaleData().getDate( GetDateTime( _rDT ) ); + } + + /* + Creates two strings based on the distinguished name which are displayed in the + certificate details view. The first string contains only the values of the attribute + and valudes pairs, which are separated by commas. All escape characters ('"') are + removed. + The second string is for the details view at the bottom. It shows the attribute/value + pairs on different lines. All escape characters ('"') are removed. + */ + pair< OUString, OUString> GetDNForCertDetailsView( const OUString & rRawString) + { + vector< pair< OUString, OUString > > vecAttrValueOfDN = parseDN(rRawString); + ::rtl::OUStringBuffer s1, s2; + OUString sEqual(RTL_CONSTASCII_USTRINGPARAM(" = ")); + typedef vector< pair < OUString, OUString > >::const_iterator CIT; + for (CIT i = vecAttrValueOfDN.begin(); i < vecAttrValueOfDN.end(); i ++) + { + if (i != vecAttrValueOfDN.begin()) + { + s1.append(static_cast<sal_Unicode>(',')); + s2.append(static_cast<sal_Unicode>('\n')); + } + s1.append(i->second); + s2.append(i->first); + s2.append(sEqual); + s2.append(i->second); + } + return make_pair(s1.makeStringAndClear(), s2.makeStringAndClear()); + } + +/* + Whenever the attribute value contains special characters, such as '"' or ',' (without '') + then the value will be enclosed in double quotes by the respective Windows or NSS function + which we use to retrieve, for example, the subject name. If double quotes appear in the value then + they are escaped with a double quote. This function removes the escape characters. +*/ +#ifdef WNT +vector< pair< OUString, OUString> > parseDN(const OUString& rRawString) + { + vector< pair<OUString, OUString> > retVal; + bool bInEscape = false; + bool bInValue = false; + bool bInType = true; + sal_Int32 nTypeNameStart = 0; + OUString sType; + ::rtl::OUStringBuffer sbufValue; + sal_Int32 length = rRawString.getLength(); + + for (sal_Int32 i = 0; i < length; i++) + { + sal_Unicode c = rRawString[i]; + + if (c == '=') + { + if (! bInValue) + { + sType = rRawString.copy(nTypeNameStart, i - nTypeNameStart); + sType = sType.trim(); + bInType = false; + } + else + { + sbufValue.append(c); + } + } + else if (c == '"') + { + if (!bInEscape) + { + //If this is the quote is the first of the couple which enclose the + //whole value, because the value contains special characters + //then we just drop it. That is, this character must be followed by + //a character which is not '"'. + if ( i + 1 < length && rRawString[i+1] == '"') + bInEscape = true; + else + bInValue = !bInValue; //value is enclosed in " " + } + else + { + //This quote is escaped by a preceding quote and therefore is + //part of the value + sbufValue.append(c); + bInEscape = false; + } + } + else if (c == ',') + { + //The comma separate the attribute value pairs. + //If the comma is not part of a value (the value would then be enclosed in '"'), + //then we have reached the end of the value + if (!bInValue) + { + OSL_ASSERT(sType.getLength()); + retVal.push_back(make_pair(sType, sbufValue.makeStringAndClear())); + sType = OUString(); + //The next char is the start of the new type + nTypeNameStart = i + 1; + bInType = true; + } + else + { + //The whole string is enclosed because it contains special characters. + //The enclosing '"' are not part of certificate but will be added by + //the function (Windows or NSS) which retrieves DN + sbufValue.append(c); + } + } + else + { + if (!bInType) + sbufValue.append(c); + } + } + if (sbufValue.getLength()) + { + OSL_ASSERT(sType.getLength()); + retVal.push_back(make_pair(sType, sbufValue.makeStringAndClear())); + } + return retVal; + } +#else +vector< pair< OUString, OUString> > parseDN(const OUString& rRawString) + { + vector< pair<OUString, OUString> > retVal; + //bInEscape == true means that the preceding character is an escape character + bool bInEscape = false; + bool bInValue = false; + bool bInType = true; + sal_Int32 nTypeNameStart = 0; + OUString sType; + ::rtl::OUStringBuffer sbufValue; + sal_Int32 length = rRawString.getLength(); + + for (sal_Int32 i = 0; i < length; i++) + { + sal_Unicode c = rRawString[i]; + + if (c == '=') + { + if (! bInValue) + { + sType = rRawString.copy(nTypeNameStart, i - nTypeNameStart); + sType = sType.trim(); + bInType = false; + } + else + { + sbufValue.append(c); + } + } + else if (c == '\\') + { + if (!bInEscape) + { + bInEscape = true; + } + else + { // bInEscape is true + sbufValue.append(c); + bInEscape = false; + } + } + else if (c == '"') + { + //an unescaped '"' is either at the beginning or end of the value + if (!bInEscape) + { + if ( !bInValue) + bInValue = true; + else if (bInValue) + bInValue = false; + } + else + { + //This quote is escaped by a preceding quote and therefore is + //part of the value + sbufValue.append(c); + bInEscape = false; + } + } + else if (c == ',') + { + //The comma separate the attribute value pairs. + //If the comma is not part of a value (the value would then be enclosed in '"'), + //then we have reached the end of the value + if (!bInValue) + { + OSL_ASSERT(sType.getLength()); + retVal.push_back(make_pair(sType, sbufValue.makeStringAndClear())); + sType = OUString(); + //The next char is the start of the new type + nTypeNameStart = i + 1; + bInType = true; + } + else + { + //The whole string is enclosed because it contains special characters. + //The enclosing '"' are not part of certificate but will be added by + //the function (Windows or NSS) which retrieves DN + sbufValue.append(c); + } + } + else + { + if (!bInType) + { + sbufValue.append(c); + bInEscape = false; + } + } + } + if (sbufValue.getLength()) + { + OSL_ASSERT(sType.getLength()); + retVal.push_back(make_pair(sType, sbufValue.makeStringAndClear())); + } + return retVal; + } + +#endif + + String GetContentPart( const String& _rRawString ) + { + char const * aIDs[] = { "CN", "OU", "O", "E", NULL }; + OUString retVal; + int i = 0; + vector< pair< OUString, OUString > > vecAttrValueOfDN = parseDN(_rRawString); + while ( aIDs[i] ) + { + OUString sPartId = OUString::createFromAscii( aIDs[i++] ); + typedef vector< pair < OUString, OUString > >::const_iterator CIT; + for (CIT idn = vecAttrValueOfDN.begin(); idn != vecAttrValueOfDN.end(); idn++) + { + if (idn->first.equals(sPartId)) + { + retVal = idn->second; + break; + } + } + if (retVal.getLength()) + break; + } + return retVal; + } + + String GetHexString( const ::com::sun::star::uno::Sequence< sal_Int8 >& _rSeq, const char* _pSep, UINT16 _nLineBreak ) + { + const sal_Int8* pSerNumSeq = _rSeq.getConstArray(); + int nCnt = _rSeq.getLength(); + String aStr; + const char pHexDigs[ 17 ] = "0123456789ABCDEF"; + char pBuffer[ 3 ] = " "; + UINT8 nNum; + UINT16 nBreakStart = _nLineBreak? _nLineBreak : 1; + UINT16 nBreak = nBreakStart; + for( int i = 0 ; i < nCnt ; ++i ) + { + nNum = UINT8( pSerNumSeq[ i ] ); + + //MM : exchange the buffer[0] and buffer[1], which make it consistent with Mozilla and Windows + pBuffer[ 1 ] = pHexDigs[ nNum & 0x0F ]; + nNum >>= 4; + pBuffer[ 0 ] = pHexDigs[ nNum ]; + aStr.AppendAscii( pBuffer ); + + --nBreak; + if( nBreak ) + aStr.AppendAscii( _pSep ); + else + { + nBreak = nBreakStart; + aStr.AppendAscii( "\n" ); + } + } + + return aStr; + } + + long ShrinkToFitWidth( Control& _rCtrl, long _nOffs ) + { + long nWidth = _rCtrl.GetTextWidth( _rCtrl.GetText() ); + Size aSize( _rCtrl.GetSizePixel() ); + nWidth += _nOffs; + aSize.Width() = nWidth; + _rCtrl.SetSizePixel( aSize ); + return nWidth; + } + + void AlignAfterImage( const FixedImage& _rImage, Control& _rCtrl, long _nXOffset ) + { + Point aPos( _rImage.GetPosPixel() ); + Size aSize( _rImage.GetSizePixel() ); + long n = aPos.X(); + n += aSize.Width(); + n += _nXOffset; + aPos.X() = n; + n = aPos.Y(); + n += aSize.Height() / 2; // y-position is in the middle of the image + n -= _rCtrl.GetSizePixel().Height() / 2; // center Control + aPos.Y() = n; + _rCtrl.SetPosPixel( aPos ); + } + + void AlignAfterImage( const FixedImage& _rImage, FixedInfo& _rFI, long _nXOffset ) + { + AlignAfterImage( _rImage, static_cast< Control& >( _rFI ), _nXOffset ); + ShrinkToFitWidth( _rFI ); + } + + void AlignAndFitImageAndControl( FixedImage& _rImage, FixedInfo& _rFI, long _nXOffset ) + { + _rImage.SetSizePixel( _rImage.GetImage().GetSizePixel() ); + AlignAfterImage( _rImage, _rFI, _nXOffset ); + } +} + + diff --git a/xmlsecurity/source/dialogs/resourcemanager.hxx b/xmlsecurity/source/dialogs/resourcemanager.hxx new file mode 100644 index 000000000000..0525010f0abe --- /dev/null +++ b/xmlsecurity/source/dialogs/resourcemanager.hxx @@ -0,0 +1,72 @@ +/************************************************************************* + * + * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. + * + * Copyright 2008 by Sun Microsystems, Inc. + * + * OpenOffice.org - a multi-platform office productivity suite + * + * $RCSfile: resourcemanager.hxx,v $ + * $Revision: 1.8 $ + * + * This file is part of OpenOffice.org. + * + * OpenOffice.org is free software: you can redistribute it and/or modify + * it under the terms of the GNU Lesser General Public License version 3 + * only, as published by the Free Software Foundation. + * + * OpenOffice.org is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU Lesser General Public License version 3 for more details + * (a copy is included in the LICENSE file that accompanied this code). + * + * You should have received a copy of the GNU Lesser General Public License + * version 3 along with OpenOffice.org. If not, see + * <http://www.openoffice.org/license.html> + * for a copy of the LGPLv3 License. + * + ************************************************************************/ + +#ifndef _RESOURCEMANAGER_HXX +#define _RESOURCEMANAGER_HXX + +#include <tools/resmgr.hxx> +#include <tools/datetime.hxx> +#include <com/sun/star/util/DateTime.hpp> +#include <com/sun/star/uno/Sequence.hxx> + +#include <vector> + +class FixedImage; +class FixedInfo; +class Control; +class LocaleDataWrapper; + +namespace XmlSec +{ + ResMgr* GetResMgr( void ); + + const LocaleDataWrapper& GetLocaleData( void ); + DateTime GetDateTime( const ::com::sun::star::util::DateTime& _rDT ); + String GetDateTimeString( const ::com::sun::star::util::DateTime& _rDT ); + String GetDateTimeString( const rtl::OUString& _rDate, const rtl::OUString& _rTime ); + String GetDateString( const ::com::sun::star::util::DateTime& _rDT ); + + std::vector< std::pair< ::rtl::OUString, ::rtl::OUString> > + parseDN(const ::rtl::OUString& rRawString); + std::pair< ::rtl::OUString, ::rtl::OUString> GetDNForCertDetailsView( + const ::rtl::OUString & rRawString); + String GetContentPart( const String& _rRawString ); + + String GetHexString( const ::com::sun::star::uno::Sequence< sal_Int8 >& _rSeq, const char* _pSep = ":", UINT16 _nLineBreak = 0xFFFF ); + + long ShrinkToFitWidth( Control& _rCtrl, long _nOffs = 0 ); // return = new width + void AlignAfterImage( const FixedImage& _rImage, Control& _rCtrl, long _nXOffset = 0 ); + void AlignAfterImage( const FixedImage& _rImage, FixedInfo& _rFI, long _nXOffset = 0 ); + void AlignAndFitImageAndControl( FixedImage& _rImage, FixedInfo& _rFI, long _nXOffset = 0 ); +} + +#define XMLSEC_RES(id) ResId(id,*XmlSec::GetResMgr()) + +#endif diff --git a/xmlsecurity/source/dialogs/stbcontrl.cxx b/xmlsecurity/source/dialogs/stbcontrl.cxx new file mode 100644 index 000000000000..c0f2db15eff7 --- /dev/null +++ b/xmlsecurity/source/dialogs/stbcontrl.cxx @@ -0,0 +1,191 @@ +/************************************************************************* + * + * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. + * + * Copyright 2008 by Sun Microsystems, Inc. + * + * OpenOffice.org - a multi-platform office productivity suite + * + * $RCSfile: stbcontrl.cxx,v $ + * $Revision: 1.4 $ + * + * This file is part of OpenOffice.org. + * + * OpenOffice.org is free software: you can redistribute it and/or modify + * it under the terms of the GNU Lesser General Public License version 3 + * only, as published by the Free Software Foundation. + * + * OpenOffice.org is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU Lesser General Public License version 3 for more details + * (a copy is included in the LICENSE file that accompanied this code). + * + * You should have received a copy of the GNU Lesser General Public License + * version 3 along with OpenOffice.org. If not, see + * <http://www.openoffice.org/license.html> + * for a copy of the LGPLv3 License. + * + ************************************************************************/ + +// MARKER(update_precomp.py): autogen include statement, do not remove +#include "precompiled_xmlsecurity.hxx" + +// include --------------------------------------------------------------- +#include <tools/shl.hxx> +#ifndef _STATUS_HXX //autogen +#include <vcl/status.hxx> +#endif +#ifndef _MENU_HXX //autogen +#include <vcl/menu.hxx> +#endif +#include <vcl/image.hxx> +//#ifndef _SFXITEMPOOL_HXX +//#include <svtools/itempool.hxx> +//#endif +#include <sfx2/app.hxx> +#include <sfx2/module.hxx> +#include <sfx2/dispatch.hxx> +#include <sfx2/objsh.hxx> + +#include <svtools/eitem.hxx> + + +#include <xmlsecurity/stbcontrl.hxx> + +#define PAINT_OFFSET 5 + +//#include "sizeitem.hxx" +//#include "dialmgr.hxx" +//#include "dlgutil.hxx" +//#include "stbctrls.h" + +//#include "dialogs.hrc" + +/*#ifndef _UNOTOOLS_LOCALEDATAWRAPPER_HXX +#include <unotools/localedatawrapper.hxx> +#endif +#ifndef _UNOTOOLS_PROCESSFACTORY_HXX +#include <comphelper/processfactory.hxx> +#endif*/ + + + +SFX_IMPL_STATUSBAR_CONTROL( XmlSecStatusBarControl, SfxBoolItem ); + +/* +class FunctionPopup_Impl : public PopupMenu +{ +public: + FunctionPopup_Impl( USHORT nCheck ); + + USHORT GetSelected() const { return nSelected; } + +private: + USHORT nSelected; + + virtual void Select(); +}; + +// ----------------------------------------------------------------------- + +FunctionPopup_Impl::FunctionPopup_Impl( USHORT nCheck ) : + PopupMenu( ResId( RID_SVXMNU_PSZ_FUNC, DIALOG_MGR() ) ), + nSelected( 0 ) +{ + if (nCheck) + CheckItem( nCheck ); +} + +// ----------------------------------------------------------------------- + +void FunctionPopup_Impl::Select() +{ + nSelected = GetCurItemId(); +} +*/ + + + +struct XmlSecStatusBarControl::XmlSecStatusBarControl_Impl +{ + Point maPos; + Size maSize; + bool mbSigned; + Image maImage; +}; + + +XmlSecStatusBarControl::XmlSecStatusBarControl( USHORT _nId, StatusBar& _rStb, SfxBindings& _rBind ) + :SfxStatusBarControl( _nId, _rStb, _rBind ) + + ,mpImpl( new XmlSecStatusBarControl_Impl ) +{ + mpImpl->mbSigned = false; +// pImp->maImage = Image( ResId( RID_SVXBMP_POSITION, DIALOG_MGR() ) ); +} + +XmlSecStatusBarControl::~XmlSecStatusBarControl() +{ + delete mpImpl; +} + +void XmlSecStatusBarControl::StateChanged( USHORT nSID, SfxItemState eState, const SfxPoolItem* pState ) +{ + GetStatusBar().SetHelpText( GetId(), String() ); // necessary ? + GetStatusBar().SetHelpId( GetId(), nSID ); // necessary ? + + if( SFX_ITEM_AVAILABLE != eState ) + { + mpImpl->mbSigned = false; + } + else if( pState->ISA( SfxBoolItem ) ) + { + mpImpl->mbSigned = ( ( SfxBoolItem* ) pState )->GetValue(); + } + else + { + DBG_ERRORFILE( "+XmlSecStatusBarControl::StateChanged(): invalid item type" ); + mpImpl->mbSigned = false; + } + + if( GetStatusBar().AreItemsVisible() ) // necessary ? + GetStatusBar().SetItemData( GetId(), 0 ); + + GetStatusBar().SetItemText( GetId(), String() ); // necessary ? +} + +void XmlSecStatusBarControl::Command( const CommandEvent& rCEvt ) +{ + // can / has to be done when integrated in Office! +// if( rCEvt.GetCommand() == .... ) + if( false ) + { +// GetBindings().GetDispatcher()->Execute( SID_PSZ_FUNCTION, SFX_CALLMODE_RECORD, &aItem, 0L ); + } + else + SfxStatusBarControl::Command( rCEvt ); +} + +void XmlSecStatusBarControl::Paint( const UserDrawEvent& rUsrEvt ) +{ + OutputDevice* pDev = rUsrEvt.GetDevice(); + DBG_ASSERT( pDev, "-XmlSecStatusBarControl::Paint(): no Output Device... this will lead to nirvana..." ); + const Rectangle& rRect = rUsrEvt.GetRect(); + StatusBar& rBar = GetStatusBar(); + Point aItemPos = rBar.GetItemTextPos( GetId() ); + Color aOldLineColor = pDev->GetLineColor(); + Color aOldFillColor = pDev->GetFillColor(); + + // just 4 testing until we've got a bitmap + pDev->SetLineColor(); + pDev->SetFillColor( pDev->GetBackground().GetColor() ); + + String s( String::CreateFromAscii( mpImpl->mbSigned? "X" : "-" ) ); + pDev->DrawRect( rRect ); + pDev->DrawText( Point( rRect.Left() + rRect.GetWidth() / 2 - pDev->GetTextWidth( s ) / 2, aItemPos.Y() ), s ); + + pDev->SetLineColor( aOldLineColor ); + pDev->SetFillColor( aOldFillColor ); +} + diff --git a/xmlsecurity/source/dialogs/warnings.cxx b/xmlsecurity/source/dialogs/warnings.cxx new file mode 100644 index 000000000000..cbc5b90cec59 --- /dev/null +++ b/xmlsecurity/source/dialogs/warnings.cxx @@ -0,0 +1,148 @@ +/************************************************************************* + * + * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. + * + * Copyright 2008 by Sun Microsystems, Inc. + * + * OpenOffice.org - a multi-platform office productivity suite + * + * $RCSfile: warnings.cxx,v $ + * $Revision: 1.7 $ + * + * This file is part of OpenOffice.org. + * + * OpenOffice.org is free software: you can redistribute it and/or modify + * it under the terms of the GNU Lesser General Public License version 3 + * only, as published by the Free Software Foundation. + * + * OpenOffice.org is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU Lesser General Public License version 3 for more details + * (a copy is included in the LICENSE file that accompanied this code). + * + * You should have received a copy of the GNU Lesser General Public License + * version 3 along with OpenOffice.org. If not, see + * <http://www.openoffice.org/license.html> + * for a copy of the LGPLv3 License. + * + ************************************************************************/ + +// MARKER(update_precomp.py): autogen include statement, do not remove +#include "precompiled_xmlsecurity.hxx" + +#include <xmlsecurity/warnings.hxx> +#include <xmlsecurity/certificateviewer.hxx> +#include <com/sun/star/xml/crypto/XSecurityEnvironment.hpp> +#include <comphelper/sequence.hxx> + +// MM : added for password exception +#include <vcl/msgbox.hxx> +#include <com/sun/star/security/NoPasswordException.hpp> +using namespace ::com::sun::star::security; + + +#include "dialogs.hrc" +#include "resourcemanager.hxx" + +/* HACK: disable some warnings for MS-C */ +#ifdef _MSC_VER +#pragma warning (disable : 4355) // 4355: this used in initializer-list +#endif + +using namespace ::com::sun::star; +using namespace ::com::sun::star; + + +MacroWarning::MacroWarning( Window* _pParent, uno::Reference< dcss::xml::crypto::XSecurityEnvironment >& _rxSecurityEnvironment, cssu::Reference< dcss::security::XCertificate >& _rxCert ) + :ModalDialog ( _pParent, XMLSEC_RES( RID_XMLSECTP_MACROWARN ) ) + ,maDocNameFI ( this, ResId( FI_DOCNAME ) ) + ,maDescr1aFI ( this, ResId( FI_DESCR1A ) ) + ,maDescr1bFI ( this, ResId( FI_DESCR1B ) ) + ,maSignsFI ( this, ResId( FI_SIGNS ) ) + ,maViewSignsBtn ( this, ResId( PB_VIEWSIGNS ) ) + ,maDescr2FI ( this, ResId( FI_DESCR2 ) ) + ,maAlwaysTrustCB ( this, ResId( CB_ALWAYSTRUST ) ) + ,maBottomSepFL ( this, ResId( FL_BOTTOM_SEP ) ) + ,maEnableBtn ( this, ResId( PB_DISABLE ) ) + ,maDisableBtn ( this, ResId( PB_DISABLE ) ) + ,maHelpBtn ( this, ResId( BTN_HELP ) ) + ,mbSignedMode ( true ) +{ + FreeResource(); + + mxSecurityEnvironment = _rxSecurityEnvironment; + mxCert = _rxCert; + + // hide unused parts + maDescr1bFI.Hide(); + + maViewSignsBtn.SetClickHdl( LINK( this, MacroWarning, ViewSignsBtnHdl ) ); + maEnableBtn.SetClickHdl( LINK( this, MacroWarning, EnableBtnHdl ) ); +// maDisableBtn.SetClickHdl( LINK( this, MacroWarning, DisableBtnHdl ) ); + + if( mxCert.is() ) + maSignsFI.SetText( XmlSec::GetContentPart( mxCert->getSubjectName() ) ); + else + // nothing to view! + maViewSignsBtn.Disable(); +} + +MacroWarning::MacroWarning( Window* _pParent ) + :ModalDialog ( _pParent, XMLSEC_RES( RID_XMLSECTP_MACROWARN ) ) + ,maDocNameFI ( this, ResId( FI_DOCNAME ) ) + ,maDescr1aFI ( this, ResId( FI_DESCR1A ) ) + ,maDescr1bFI ( this, ResId( FI_DESCR1B ) ) + ,maSignsFI ( this, ResId( FI_SIGNS ) ) + ,maViewSignsBtn ( this, ResId( PB_VIEWSIGNS ) ) + ,maDescr2FI ( this, ResId( FI_DESCR2 ) ) + ,maAlwaysTrustCB ( this, ResId( CB_ALWAYSTRUST ) ) + ,maBottomSepFL ( this, ResId( FL_BOTTOM_SEP ) ) + ,maEnableBtn ( this, ResId( PB_DISABLE ) ) + ,maDisableBtn ( this, ResId( PB_DISABLE ) ) + ,maHelpBtn ( this, ResId( BTN_HELP ) ) + ,mbSignedMode ( false ) +{ + FreeResource(); + + // hide unused parts + maDescr1aFI.Hide(); + maSignsFI.Hide(); + maViewSignsBtn.Hide(); + maAlwaysTrustCB.Hide(); + maDescr2FI.Hide(); + + // move hint up to position of signer list + maDescr1bFI.SetPosPixel( maSignsFI.GetPosPixel() ); +} + +MacroWarning::~MacroWarning() +{ +} + +IMPL_LINK( MacroWarning, ViewSignsBtnHdl, void*, EMPTYARG ) +{ + DBG_ASSERT( mxCert.is(), "*MacroWarning::ViewSignsBtnHdl(): no certificate set!" ); + + CertificateViewer aViewer( this, mxSecurityEnvironment, mxCert ); + aViewer.Execute(); + + return 0; +} + +IMPL_LINK( MacroWarning, EnableBtnHdl, void*, EMPTYARG ) +{ + if( mbSignedMode && maAlwaysTrustCB.IsChecked() ) + { // insert path into trusted path list + + } + + EndDialog( RET_OK ); + return 0; +} + +/*IMPL_LINK( MacroWarning, DisableBtnHdl, void*, EMPTYARG ) +{ + return 0; +}*/ + diff --git a/xmlsecurity/source/dialogs/warnings.src b/xmlsecurity/source/dialogs/warnings.src new file mode 100644 index 000000000000..215c80c35790 --- /dev/null +++ b/xmlsecurity/source/dialogs/warnings.src @@ -0,0 +1,115 @@ +/************************************************************************* + * + * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. + * + * Copyright 2008 by Sun Microsystems, Inc. + * + * OpenOffice.org - a multi-platform office productivity suite + * + * $RCSfile: warnings.src,v $ + * $Revision: 1.6 $ + * + * This file is part of OpenOffice.org. + * + * OpenOffice.org is free software: you can redistribute it and/or modify + * it under the terms of the GNU Lesser General Public License version 3 + * only, as published by the Free Software Foundation. + * + * OpenOffice.org is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU Lesser General Public License version 3 for more details + * (a copy is included in the LICENSE file that accompanied this code). + * + * You should have received a copy of the GNU Lesser General Public License + * version 3 along with OpenOffice.org. If not, see + * <http://www.openoffice.org/license.html> + * for a copy of the LGPLv3 License. + * + ************************************************************************/ + +#include "dialogs.hrc" +#include "helpids.hrc" + +ModalDialog RID_XMLSECTP_MACROWARN +{ + HelpId = HID_XMLSEC_TP_MACROWARN; + Size = MAP_APPFONT( MW_WIDTH, MW_HEIGHT ); + OutputSize = TRUE; + Closeable = TRUE; + Moveable = TRUE; + SVLook = TRUE; + + Text [ en-US ] = "Security Warning"; + + FixedText FI_DOCNAME + { + Pos = MAP_APPFONT( MW_COL_1, MW_ROW_0 ); + Size = MAP_APPFONT( MW_COL_4-MW_COL_1, 3*RSC_CD_FIXEDTEXT_HEIGHT ); + Wordbreak = TRUE; + Text [ en-US ] = ""; + }; + FixedText FI_DESCR1A + { + Pos = MAP_APPFONT( MW_COL_1, MW_ROW_1 ); + Size = MAP_APPFONT( MW_COL_4-MW_COL_1, RSC_CD_FIXEDTEXT_HEIGHT ); + Wordbreak = TRUE; + Text [ en-US ] = "The document contains document macros signed by:"; + }; + FixedText FI_DESCR1B + { + Pos = MAP_APPFONT( MW_COL_1, MW_ROW_1 ); + Size = MAP_APPFONT( MW_COL_4-MW_COL_1, RSC_CD_FIXEDTEXT_HEIGHT ); + Wordbreak = TRUE; + Text [ en-US ] = "The document contains document macros."; + }; + FixedText FI_SIGNS + { + Pos = MAP_APPFONT( MW_COL_1, MW_ROW_2 ); + Size = MAP_APPFONT( MW_COL_4-MW_COL_2, MW_ROW_3-MW_ROW_2 ); + Wordbreak = TRUE; + Text [ en-US ] = ""; + }; + PushButton PB_VIEWSIGNS + { + Pos = MAP_APPFONT( MW_COL_3, MW_ROW_2 ); + Size = MAP_APPFONT( RSC_CD_PUSHBUTTON_WIDTH, RSC_CD_PUSHBUTTON_HEIGHT ); + Text [ en-US ] = "View Signatures..."; + }; + FixedText FI_DESCR2 + { + Pos = MAP_APPFONT( MW_COL_1, MW_ROW_3 ); + Size = MAP_APPFONT( MW_COL_4-MW_COL_1, RSC_CD_FIXEDTEXT_HEIGHT ); + Wordbreak = TRUE; + Text [ en-US ] = "Macros may contain viruses. Disabling macros for a document is always save. If you disable macros you may lose functionality provided by the document macros."; + }; + CheckBox CB_ALWAYSTRUST + { + Pos = MAP_APPFONT( MW_COL_1, MW_ROW_4 ); + Size = MAP_APPFONT( MW_COL_4-MW_COL_1, RSC_CD_CHECKBOX_HEIGHT ); + Text [ en-US ] = "Always trust macros from this source"; + }; + FixedLine FL_BOTTOM_SEP + { + Pos = MAP_APPFONT( 0, DLGS_BOTTOM_FL_Y( MW_HEIGHT ) ); + Size = MAP_APPFONT( MW_WIDTH, RSC_CD_FIXEDLINE_HEIGHT ); + }; + PushButton PB_ENABLE + { + Pos = MAP_APPFONT( DLGS_BOTTOM_OK_X( MW_WIDTH ), DLGS_BOTTOM_BTN_Y( MW_HEIGHT ) ); + Size = MAP_APPFONT( RSC_CD_PUSHBUTTON_WIDTH, RSC_CD_PUSHBUTTON_HEIGHT ); + Text [ en-US ] = "Enable Macros"; + }; + CancelButton PB_DISABLE + { + Pos = MAP_APPFONT( DLGS_BOTTOM_CANCEL_X( MW_WIDTH ), DLGS_BOTTOM_BTN_Y( MW_HEIGHT ) ); + Size = MAP_APPFONT( RSC_CD_PUSHBUTTON_WIDTH, RSC_CD_PUSHBUTTON_HEIGHT ); + Text [ en-US ] = "Disable Macros"; + }; + HelpButton BTN_HELP + { + Pos = MAP_APPFONT( DLGS_BOTTOM_HELP_X( MW_WIDTH ), DLGS_BOTTOM_BTN_Y( MW_HEIGHT ) ); + Size = MAP_APPFONT( RSC_CD_PUSHBUTTON_WIDTH, RSC_CD_PUSHBUTTON_HEIGHT ); + }; +}; + diff --git a/xmlsecurity/source/framework/buffernode.cxx b/xmlsecurity/source/framework/buffernode.cxx new file mode 100644 index 000000000000..1b8709a408b6 --- /dev/null +++ b/xmlsecurity/source/framework/buffernode.cxx @@ -0,0 +1,1282 @@ +/************************************************************************* + * + * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. + * + * Copyright 2008 by Sun Microsystems, Inc. + * + * OpenOffice.org - a multi-platform office productivity suite + * + * $RCSfile: buffernode.cxx,v $ + * $Revision: 1.6 $ + * + * This file is part of OpenOffice.org. + * + * OpenOffice.org is free software: you can redistribute it and/or modify + * it under the terms of the GNU Lesser General Public License version 3 + * only, as published by the Free Software Foundation. + * + * OpenOffice.org is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU Lesser General Public License version 3 for more details + * (a copy is included in the LICENSE file that accompanied this code). + * + * You should have received a copy of the GNU Lesser General Public License + * version 3 along with OpenOffice.org. If not, see + * <http://www.openoffice.org/license.html> + * for a copy of the LGPLv3 License. + * + ************************************************************************/ + +// MARKER(update_precomp.py): autogen include statement, do not remove +#include "precompiled_xmlsecurity.hxx" + +#include "elementmark.hxx" +#include "elementcollector.hxx" +#include "buffernode.hxx" +#include <com/sun/star/xml/crypto/sax/ConstOfSecurityId.hpp> + +namespace cssu = com::sun::star::uno; +namespace cssxw = com::sun::star::xml::wrapper; +namespace cssxc = com::sun::star::xml::crypto; + +BufferNode::BufferNode( const cssu::Reference< cssxw::XXMLElementWrapper >& xXMLElement ) + :m_pParent(NULL), + m_pBlocker(NULL), + m_bAllReceived(false), + m_xXMLElement(xXMLElement) +{ +} + +bool BufferNode::isECOfBeforeModifyIncluded(sal_Int32 nIgnoredSecurityId) const +/****** BufferNode/isECOfBeforeModifyIncluded ******************************** + * + * NAME + * isECOfBeforeModifyIncluded -- checks whether there is some + * ElementCollector on this BufferNode, that has BEFORE-MODIFY priority. + * + * SYNOPSIS + * bExist = isECOfBeforeModifyIncluded(nIgnoredSecurityId); + * + * FUNCTION + * checks each ElementCollector on this BufferNode, if all following + * conditions are satisfied, then returns true: + * 1. the ElementCollector's priority is BEFOREMODIFY; + * 2. the ElementCollector's securityId can't be ignored. + * otherwise, returns false. + * + * INPUTS + * nIgnoredSecurityId - the security Id to be ignored. If it equals + * to UNDEFINEDSECURITYID, then no security Id + * will be ignored. + * + * RESULT + * bExist - true if a match found, false otherwise + * + * HISTORY + * 05.01.2004 - implemented + * + * AUTHOR + * Michael Mi + * Email: michael.mi@sun.com + ******************************************************************************/ +{ + bool rc = false; + std::vector< const ElementCollector* >::const_iterator ii = m_vElementCollectors.begin(); + + for( ; ii != m_vElementCollectors.end() ; ++ii ) + { + ElementCollector* pElementCollector = (ElementCollector*)*ii; + + if ((nIgnoredSecurityId == cssxc::sax::ConstOfSecurityId::UNDEFINEDSECURITYID || + pElementCollector->getSecurityId() != nIgnoredSecurityId) && + (pElementCollector->getPriority() == cssxc::sax::ElementMarkPriority_BEFOREMODIFY)) + { + rc = true; + break; + } + } + + return rc; +} + +void BufferNode::setReceivedAll() +/****** BufferNode/setReceiveAll ********************************************* + * + * NAME + * setReceivedAll -- indicates that the element in this BufferNode has + * been compeletely bufferred. + * + * SYNOPSIS + * setReceivedAll(); + * + * FUNCTION + * sets the all-received flag and launches ElementCollector's notify + * process. + * + * INPUTS + * empty + * + * RESULT + * empty + * + * HISTORY + * 05.01.2004 - implemented + * + * AUTHOR + * Michael Mi + * Email: michael.mi@sun.com + ******************************************************************************/ +{ + m_bAllReceived = true; + elementCollectorNotify(); +} + +bool BufferNode::isAllReceived() const +{ + return m_bAllReceived; +} + +void BufferNode::addElementCollector(const ElementCollector* pElementCollector) +/****** BufferNode/addElementCollector *************************************** + * + * NAME + * addElementCollector -- adds a new ElementCollector to this BufferNode. + * + * SYNOPSIS + * addElementCollector(pElementCollector); + * + * FUNCTION + * see NAME + * + * INPUTS + * pElementCollector - the ElementCollector to be added + * + * RESULT + * empty + * + * HISTORY + * 05.01.2004 - implemented + * + * AUTHOR + * Michael Mi + * Email: michael.mi@sun.com + ******************************************************************************/ +{ + m_vElementCollectors.push_back( pElementCollector ); + ((ElementCollector*)pElementCollector)->setBufferNode(this); +} + +void BufferNode::removeElementCollector(const ElementCollector* pElementCollector) +/****** BufferNode/removeElementCollector ************************************ + * + * NAME + * removeElementCollector -- removes an ElementCollector from this + * BufferNode. + * + * SYNOPSIS + * removeElementCollector(pElementCollector); + * + * FUNCTION + * see NAME + * + * INPUTS + * pElementCollector - the ElementCollector to be removed + * + * RESULT + * empty + * + * HISTORY + * 05.01.2004 - implemented + * + * AUTHOR + * Michael Mi + * Email: michael.mi@sun.com + ******************************************************************************/ +{ + std::vector< const ElementCollector* >::iterator ii = m_vElementCollectors.begin(); + + for( ; ii != m_vElementCollectors.end() ; ++ii ) + { + if( *ii == pElementCollector ) + { + m_vElementCollectors.erase( ii ); + ((ElementCollector*)pElementCollector)->setBufferNode(NULL); + break; + } + } +} + +ElementMark* BufferNode::getBlocker() const +{ + return m_pBlocker; +} + +void BufferNode::setBlocker(const ElementMark* pBlocker) +/****** BufferNode/setBlocker ************************************************ + * + * NAME + * setBlocker -- adds a blocker to this BufferNode. + * + * SYNOPSIS + * setBlocker(pBlocker); + * + * FUNCTION + * see NAME + * + * INPUTS + * pBlocker - the new blocker to be attached + * + * RESULT + * empty + * + * NOTES + * Because there is only one blocker permited for a BufferNode, so the + * old blocker on this BufferNode, if there is one, will be overcasted. + * + * HISTORY + * 05.01.2004 - implemented + * + * AUTHOR + * Michael Mi + * Email: michael.mi@sun.com + ******************************************************************************/ +{ + OSL_ASSERT(!(m_pBlocker != NULL && pBlocker != NULL)); + + m_pBlocker = (ElementMark*)pBlocker; + if (m_pBlocker != NULL) + { + m_pBlocker->setBufferNode(this); + } +} + +rtl::OUString BufferNode::printChildren() const +/****** BufferNode/printChildren ********************************************* + * + * NAME + * printChildren -- prints children information into a string. + * + * SYNOPSIS + * result = printChildren(); + * + * FUNCTION + * see NAME + * + * INPUTS + * empty + * + * RESULT + * result - the information string + * + * HISTORY + * 05.01.2004 - implemented + * + * AUTHOR + * Michael Mi + * Email: michael.mi@sun.com + ******************************************************************************/ +{ + rtl::OUString rc; + std::vector< const ElementCollector* >::const_iterator ii = m_vElementCollectors.begin(); + + for( ; ii != m_vElementCollectors.end() ; ++ii ) + { + rc += rtl::OUString( RTL_CONSTASCII_USTRINGPARAM( "BufID=" )); + rc += rtl::OUString::valueOf((*ii)->getBufferId()); + + if (((ElementCollector*)(*ii))->getModify()) + { + rc += rtl::OUString( RTL_CONSTASCII_USTRINGPARAM( "[M]" )); + } + + rc += rtl::OUString( RTL_CONSTASCII_USTRINGPARAM( ",Pri=" )); + + switch (((ElementCollector*)(*ii))->getPriority()) + { + case cssxc::sax::ElementMarkPriority_BEFOREMODIFY: + rc += rtl::OUString( RTL_CONSTASCII_USTRINGPARAM( "BEFOREMODIFY" )); + break; + case cssxc::sax::ElementMarkPriority_AFTERMODIFY: + rc += rtl::OUString( RTL_CONSTASCII_USTRINGPARAM( "AFTERMODIFY" )); + break; + default: + rc += rtl::OUString( RTL_CONSTASCII_USTRINGPARAM( "UNKNOWN" )); + break; + } + + rc += rtl::OUString( RTL_CONSTASCII_USTRINGPARAM( "(" )); + /* + if (((ElementCollector*)(*ii))->isInternalNotificationSuppressed()) + { + rc += rtl::OUString( RTL_CONSTASCII_USTRINGPARAM( "*IN-Suppressed* " )); + } + */ + rc += rtl::OUString( RTL_CONSTASCII_USTRINGPARAM( "SecID=" )); + rc += rtl::OUString::valueOf(((ElementCollector*)(*ii))->getSecurityId()); + rc += rtl::OUString( RTL_CONSTASCII_USTRINGPARAM( ")" )); + rc += rtl::OUString( RTL_CONSTASCII_USTRINGPARAM( " " )); + } + + return rc; +} + +bool BufferNode::hasAnything() const +/****** BufferNode/hasAnything *********************************************** + * + * NAME + * hasAnything -- checks whether there is any ElementCollector or blocker + * on this BufferNode. + * + * SYNOPSIS + * bExist = hasAnything(); + * + * FUNCTION + * see NAME + * + * INPUTS + * empty + * + * RESULT + * bExist - true if there is, false otherwise. + * + * HISTORY + * 05.01.2004 - implemented + * + * AUTHOR + * Michael Mi + * Email: michael.mi@sun.com + ******************************************************************************/ +{ + return (m_pBlocker != NULL || m_vElementCollectors.size() > 0); +} + +bool BufferNode::hasChildren() const +/****** BufferNode/hasChildren *********************************************** + * + * NAME + * hasChildren -- checks whether this BufferNode has any child + * BufferNode. + * + * SYNOPSIS + * bExist = hasChildren(); + * + * FUNCTION + * see NAME + * + * INPUTS + * empty + * + * RESULT + * bExist - true if there is, false otherwise. + * + * HISTORY + * 05.01.2004 - implemented + * + * AUTHOR + * Michael Mi + * Email: michael.mi@sun.com + ******************************************************************************/ +{ + return (m_vChildren.size() > 0); +} + +std::vector< const BufferNode* >* BufferNode::getChildren() const +{ + return new std::vector< const BufferNode* >( m_vChildren ); +} + +const BufferNode* BufferNode::getFirstChild() const +/****** BufferNode/getFirstChild ********************************************* + * + * NAME + * getFirstChild -- retrieves the first child BufferNode. + * + * SYNOPSIS + * child = getFirstChild(); + * + * FUNCTION + * see NAME + * + * INPUTS + * empty + * + * RESULT + * child - the first child BufferNode, or NULL if there is no child + * BufferNode. + * + * HISTORY + * 05.01.2004 - implemented + * + * AUTHOR + * Michael Mi + * Email: michael.mi@sun.com + ******************************************************************************/ +{ + BufferNode* rc = NULL; + + if (m_vChildren.size() > 0) + { + rc = (BufferNode*)m_vChildren.front(); + } + + return (const BufferNode*)rc; +} + +void BufferNode::addChild(const BufferNode* pChild, sal_Int32 nPosition) +/****** BufferNode/addChild(pChild,nPosition) ******************************** + * + * NAME + * addChild -- inserts a child BufferNode at specific position. + * + * SYNOPSIS + * addChild(pChild, nPosition); + * + * FUNCTION + * see NAME + * + * INPUTS + * pChild - the child BufferNode to be added. + * nPosition - the position where the new child locates. + * + * RESULT + * empty + * + * NOTES + * If the nPosition is -1, then the new child BufferNode is appended + * at the end. + * + * HISTORY + * 05.01.2004 - implemented + * + * AUTHOR + * Michael Mi + * Email: michael.mi@sun.com + ******************************************************************************/ +{ + if (nPosition == -1) + { + m_vChildren.push_back( pChild ); + } + else + { + std::vector< const BufferNode* >::iterator ii = m_vChildren.begin(); + ii += nPosition; + m_vChildren.insert(ii, pChild); + } +} + +void BufferNode::addChild(const BufferNode* pChild) +/****** BufferNode/addChild() ************************************************ + * + * NAME + * addChild -- add a new child BufferNode. + * + * SYNOPSIS + * addChild(pChild); + * + * FUNCTION + * see NAME + * + * INPUTS + * pChild - the child BufferNode to be added. + * + * RESULT + * empty + * + * NOTES + * The new child BufferNode is appended at the end. + * + * HISTORY + * 05.01.2004 - implemented + * + * AUTHOR + * Michael Mi + * Email: michael.mi@sun.com + ******************************************************************************/ +{ + addChild(pChild, -1); +} + +void BufferNode::removeChild(const BufferNode* pChild) +/****** BufferNode/removeChild *********************************************** + * + * NAME + * removeChild -- removes a child BufferNode from the children list. + * + * SYNOPSIS + * removeChild(pChild); + * + * FUNCTION + * see NAME + * + * INPUTS + * pChild - the child BufferNode to be removed + * + * RESULT + * empty + * + * HISTORY + * 05.01.2004 - implemented + * + * AUTHOR + * Michael Mi + * Email: michael.mi@sun.com + ******************************************************************************/ +{ + std::vector< const BufferNode* >::iterator ii = m_vChildren.begin(); + + for( ; ii != m_vChildren.end() ; ++ii ) + { + if( *ii == pChild ) + { + m_vChildren.erase( ii ); + break; + } + } +} + +sal_Int32 BufferNode::indexOfChild(const BufferNode* pChild) const +/****** BufferNode/indexOfChild ********************************************** + * + * NAME + * indexOfChild -- gets the index of a child BufferNode. + * + * SYNOPSIS + * index = indexOfChild(pChild); + * + * FUNCTION + * see NAME + * + * INPUTS + * pChild - the child BufferNode whose index to be gotten + * + * RESULT + * index - the index of that child BufferNode. If that child BufferNode + * is not found, -1 is returned. + * + * HISTORY + * 05.01.2004 - implemented + * + * AUTHOR + * Michael Mi + * Email: michael.mi@sun.com + ******************************************************************************/ +{ + sal_Int32 nIndex = 0; + bool bFound = false; + + std::vector< const BufferNode * >::const_iterator ii = m_vChildren.begin(); + + for( ; ii != m_vChildren.end() ; ++ii ) + { + if( *ii == pChild ) + { + bFound = true; + break; + } + nIndex++; + } + + if (!bFound ) + { + nIndex = -1; + } + + return nIndex; +} + +const BufferNode* BufferNode::childAt(sal_Int32 nIndex) const +/****** BufferNode/childAt *************************************************** + * + * NAME + * childAt -- retrieves the child BufferNode at specific possition. + * + * SYNOPSIS + * child = childAt(nIndex); + * + * FUNCTION + * see NAME + * + * INPUTS + * nIndex - the index of the child BufferNode to be retrieved + * + * RESULT + * child - the child BufferNode at index position, or NULL if the index + * is out of the range of children. + * + * HISTORY + * 05.01.2004 - implemented + * + * AUTHOR + * Michael Mi + * Email: michael.mi@sun.com + ******************************************************************************/ +{ + BufferNode* rc = NULL; + + if (nIndex < ((sal_Int32)m_vChildren.size()) && nIndex >= 0) + { + rc = (BufferNode*)m_vChildren[nIndex]; + } + + return (const BufferNode*)rc; +} + +const BufferNode* BufferNode::getParent() const +{ + return m_pParent; +} + +void BufferNode::setParent(const BufferNode* pParent) +{ + m_pParent = (BufferNode*)pParent; +} + +const BufferNode* BufferNode::getNextSibling() const +/****** BufferNode/getNextSibling ******************************************** + * + * NAME + * getNextSibling -- retrieves the next sibling BufferNode. + * + * SYNOPSIS + * sibling = getNextSibling(); + * + * FUNCTION + * see NAME + * + * INPUTS + * empty + * + * RESULT + * sibling - the next sibling BufferNode, or NULL if there is none. + * + * HISTORY + * 05.01.2004 - implemented + * + * AUTHOR + * Michael Mi + * Email: michael.mi@sun.com + ******************************************************************************/ +{ + BufferNode* rc = NULL; + + if (m_pParent != NULL) + { + rc = (BufferNode*)m_pParent->getNextChild(this); + } + + return (const BufferNode*)rc; +} + +const BufferNode* BufferNode::isAncestor(const BufferNode* pDescendant) const +/****** BufferNode/isAncestor ************************************************ + * + * NAME + * isAncestor -- checks whether this BufferNode is an ancestor of another + * BufferNode. + * + * SYNOPSIS + * bIs = isAncestor(pDescendant); + * + * FUNCTION + * see NAME + * + * INPUTS + * pDescendant - the BufferNode to be checked as a descendant + * + * RESULT + * bIs - true if this BufferNode is an ancestor of the pDescendant, + * false otherwise. + * + * HISTORY + * 05.01.2004 - implemented + * + * AUTHOR + * Michael Mi + * Email: michael.mi@sun.com + ******************************************************************************/ +{ + BufferNode* rc = NULL; + + if (pDescendant != NULL) + { + std::vector< const BufferNode* >::const_iterator ii = m_vChildren.begin(); + + for( ; ii != m_vChildren.end() ; ++ii ) + { + BufferNode* pChild = (BufferNode*)*ii; + + if (pChild == pDescendant) + { + rc = pChild; + break; + } + + if (pChild->isAncestor(pDescendant) != NULL) + { + rc = pChild; + break; + } + } + } + + return (const BufferNode*)rc; +} + +bool BufferNode::isPrevious(const BufferNode* pFollowing) const +/****** BufferNode/isPrevious ************************************************ + * + * NAME + * isPrevious -- checks whether this BufferNode is ahead of another + * BufferNode in the tree order. + * + * SYNOPSIS + * bIs = isPrevious(pFollowing); + * + * FUNCTION + * see NAME + * + * INPUTS + * pFollowing - the BufferNode to be checked as a following + * + * RESULT + * bIs - true if this BufferNode is ahead in the tree order, false + * otherwise. + * + * HISTORY + * 05.01.2004 - implemented + * + * AUTHOR + * Michael Mi + * Email: michael.mi@sun.com + ******************************************************************************/ +{ + bool rc = false; + + BufferNode* pNextBufferNode = (BufferNode*)getNextNodeByTreeOrder(); + while (pNextBufferNode != NULL) + { + if (pNextBufferNode == pFollowing) + { + rc = true; + break; + } + + pNextBufferNode = (BufferNode*)(pNextBufferNode->getNextNodeByTreeOrder()); + } + + return rc; +} + +const BufferNode* BufferNode::getNextNodeByTreeOrder() const +/****** BufferNode/getNextNodeByTreeOrder ************************************ + * + * NAME + * getNextNodeByTreeOrder -- retrieves the next BufferNode in the tree + * order. + * + * SYNOPSIS + * next = getNextNodeByTreeOrder(); + * + * FUNCTION + * see NAME + * + * INPUTS + * empty + * + * RESULT + * next - the BufferNode following this BufferNode in the tree order, + * or NULL if there is none. + * + * NOTES + * The "next" node in tree order is defined as: + * 1. If a node has children, then the first child is; + * 2. otherwise, if it has a following sibling, then this sibling node is; + * 3. otherwise, if it has a parent node, the the parent's next sibling + * node is; + * 4. otherwise, no "next" node exists. + * + * HISTORY + * 05.01.2004 - implemented + * + * AUTHOR + * Michael Mi + * Email: michael.mi@sun.com + ******************************************************************************/ +{ + /* + * If this buffer node has m_vChildren, then return the first + * child. + */ + if (hasChildren()) + { + return getFirstChild(); + } + + /* + * Otherwise, it this buffer node has a following sibling, + * then return that sibling. + */ + BufferNode* pNextSibling = (BufferNode*)getNextSibling(); + if (pNextSibling != NULL) + { + return pNextSibling; + } + + /* + * Otherwise, it this buffer node has parent, then return + * its parent's following sibling. + */ + BufferNode* pNode = (BufferNode*)this; + BufferNode* pParent; + BufferNode* pNextSiblingParent = NULL; + + do + { + if (pNode == NULL) + { + break; + } + + pParent = (BufferNode*)pNode->getParent(); + if (pParent != NULL) + { + pNextSiblingParent = (BufferNode*)pParent->getNextSibling(); + } + pNode = pParent; + + }while (pNextSiblingParent == NULL); + + return pNextSiblingParent; +} + +cssu::Reference< cssxw::XXMLElementWrapper > BufferNode::getXMLElement() const +{ + return m_xXMLElement; +} + +void BufferNode::setXMLElement( const cssu::Reference< cssxw::XXMLElementWrapper >& xXMLElement ) +{ + m_xXMLElement = xXMLElement; +} + +void BufferNode::notifyBranch() +/****** BufferNode/notifyBranch ********************************************** + * + * NAME + * notifyBranch -- notifies each BufferNode in the branch of this + * BufferNode in the tree order. + * + * SYNOPSIS + * notifyBranch(); + * + * FUNCTION + * see NAME + * + * INPUTS + * empty + * + * RESULT + * empty + * + * HISTORY + * 05.01.2004 - implemented + * + * AUTHOR + * Michael Mi + * Email: michael.mi@sun.com + ******************************************************************************/ +{ + std::vector< const BufferNode* >::const_iterator ii = m_vChildren.begin(); + + for( ; ii != m_vChildren.end() ; ++ii ) + { + BufferNode* pBufferNode = (BufferNode*)*ii; + pBufferNode->elementCollectorNotify(); + pBufferNode->notifyBranch(); + } +} + +void BufferNode::notifyAncestor() +/****** BufferNode/notifyAncestor ******************************************** + * + * NAME + * notifyAncestor -- notifies each ancestor BufferNode through the parent + * link. + * + * SYNOPSIS + * notifyAncestor(); + * + * FUNCTION + * see NAME + * + * INPUTS + * empty + * + * RESULT + * empty + * + * HISTORY + * 05.01.2004 - implemented + * + * AUTHOR + * Michael Mi + * Email: michael.mi@sun.com + ******************************************************************************/ +{ + BufferNode* pParent = m_pParent; + while (pParent != NULL) + { + pParent->notifyAncestor(); + pParent = (BufferNode*)pParent->getParent(); + } +} + +void BufferNode::elementCollectorNotify() +/****** BufferNode/elementCollectorNotify ************************************ + * + * NAME + * elementCollectorNotify -- notifies this BufferNode. + * + * SYNOPSIS + * elementCollectorNotify(); + * + * FUNCTION + * Notifies this BufferNode if the notification is not suppressed. + * + * INPUTS + * empty + * + * RESULT + * child - the first child BufferNode, or NULL if there is no child + * BufferNode. + * + * HISTORY + * 05.01.2004 - implemented + * + * AUTHOR + * Michael Mi + * Email: michael.mi@sun.com + ******************************************************************************/ +{ + if (m_vElementCollectors.size()>0) + { + cssxc::sax::ElementMarkPriority nMaxPriority = cssxc::sax::ElementMarkPriority_MINIMUM; + cssxc::sax::ElementMarkPriority nPriority; + + /* + * get the max priority among ElementCollectors on this BufferNode + */ + std::vector< const ElementCollector* >::const_iterator ii = m_vElementCollectors.begin(); + for( ; ii != m_vElementCollectors.end() ; ++ii ) + { + ElementCollector* pElementCollector = (ElementCollector*)*ii; + nPriority = pElementCollector->getPriority(); + if (nPriority > nMaxPriority) + { + nMaxPriority = nPriority; + } + } + + std::vector< const ElementCollector* > vElementCollectors( m_vElementCollectors ); + ii = vElementCollectors.begin(); + + for( ; ii != vElementCollectors.end() ; ++ii ) + { + ElementCollector* pElementCollector = (ElementCollector*)*ii; + nPriority = pElementCollector->getPriority(); + bool bToModify = pElementCollector->getModify(); + + /* + * Only ElementCollector with the max priority can + * perform notify operation. + * Moreover, if any blocker exists in the subtree of + * this BufferNode, this ElementCollector can't do notify + * unless its priority is BEFOREMODIFY. + */ + if (nPriority == nMaxPriority && + (nPriority == cssxc::sax::ElementMarkPriority_BEFOREMODIFY || + !isBlockerInSubTreeIncluded(pElementCollector->getSecurityId()))) + { + /* + * If this ElementCollector will modify the bufferred element, then + * special attention must be paid. + * + * If there is any ElementCollector in the subtree or any ancestor + * ElementCollector with PRI_BEFPREMODIFY priority, this + * ElementCollector can't perform notify operation, otherwise, it + * will destroy the bufferred element, in turn, ElementCollectors + * mentioned above can't perform their mission. + */ + //if (!(nMaxPriority == cssxc::sax::ElementMarkPriority_PRI_MODIFY && + if (!(bToModify && + (isECInSubTreeIncluded(pElementCollector->getSecurityId()) || + isECOfBeforeModifyInAncestorIncluded(pElementCollector->getSecurityId())) + )) + { + pElementCollector->notifyListener(); + } + } + } + } +} + +bool BufferNode::isECInSubTreeIncluded(sal_Int32 nIgnoredSecurityId) const +/****** BufferNode/isECInSubTreeIncluded ************************************* + * + * NAME + * isECInSubTreeIncluded -- checks whether there is any ElementCollector + * in the branch of this BufferNode. + * + * SYNOPSIS + * bExist = isECInSubTreeIncluded(nIgnoredSecurityId); + * + * FUNCTION + * checks each BufferNode in the branch of this BufferNode, if there is + * an ElementCollector whose signatureId is not ignored, then return + * true, otherwise, false returned. + * + * INPUTS + * nIgnoredSecurityId - the security Id to be ignored. If it equals + * to UNDEFINEDSECURITYID, then no security Id + * will be ignored. + * + * RESULT + * bExist - true if a match found, false otherwise. + * + * HISTORY + * 05.01.2004 - implemented + * + * AUTHOR + * Michael Mi + * Email: michael.mi@sun.com + ******************************************************************************/ +{ + bool rc = false; + + std::vector< const ElementCollector* >::const_iterator jj = m_vElementCollectors.begin(); + + for( ; jj != m_vElementCollectors.end() ; ++jj ) + { + ElementCollector* pElementCollector = (ElementCollector*)*jj; + if (nIgnoredSecurityId == cssxc::sax::ConstOfSecurityId::UNDEFINEDSECURITYID || + pElementCollector->getSecurityId() != nIgnoredSecurityId) + { + rc = true; + break; + } + } + + if ( !rc ) + { + std::vector< const BufferNode* >::const_iterator ii = m_vChildren.begin(); + + for( ; ii != m_vChildren.end() ; ++ii ) + { + BufferNode* pBufferNode = (BufferNode*)*ii; + + if ( pBufferNode->isECInSubTreeIncluded(nIgnoredSecurityId)) + { + rc = true; + break; + } + } + } + + return rc; +} + +bool BufferNode::isECOfBeforeModifyInAncestorIncluded(sal_Int32 nIgnoredSecurityId) const +/****** BufferNode/isECOfBeforeModifyInAncestorIncluded ********************** + * + * NAME + * isECOfBeforeModifyInAncestorIncluded -- checks whether there is some + * ancestor BufferNode which has ElementCollector with PRI_BEFPREMODIFY + * priority. + * + * SYNOPSIS + * bExist = isECOfBeforeModifyInAncestorIncluded(nIgnoredSecurityId); + * + * FUNCTION + * checks each ancestor BufferNode through the parent link, if there is + * an ElementCollector with PRI_BEFPREMODIFY priority and its + * signatureId is not ignored, then return true, otherwise, false + * returned. + * + * INPUTS + * nIgnoredSecurityId - the security Id to be ignored. If it equals + * to UNDEFINEDSECURITYID, then no security Id + * will be ignored. + * + * RESULT + * bExist - true if a match found, false otherwise. + * + * HISTORY + * 05.01.2004 - implemented + * + * AUTHOR + * Michael Mi + * Email: michael.mi@sun.com + ******************************************************************************/ +{ + bool rc = false; + + BufferNode* pParentNode = m_pParent; + while (pParentNode != NULL) + { + if (pParentNode->isECOfBeforeModifyIncluded(nIgnoredSecurityId)) + { + rc = true; + break; + } + + pParentNode = (BufferNode*)pParentNode->getParent(); + } + + return rc; +} + +bool BufferNode::isBlockerInSubTreeIncluded(sal_Int32 nIgnoredSecurityId) const +/****** BufferNode/isBlockerInSubTreeIncluded ******************************** + * + * NAME + * isBlockerInSubTreeIncluded -- checks whether there is some BufferNode + * which has blocker on it + * + * SYNOPSIS + * bExist = isBlockerInSubTreeIncluded(nIgnoredSecurityId); + * + * FUNCTION + * checks each BufferNode in the branch of this BufferNode, if one has + * a blocker on it, and the blocker's securityId is not ignored, then + * returns true; otherwise, false returns. + * + * INPUTS + * nIgnoredSecurityId - the security Id to be ignored. If it equals + * to UNDEFINEDSECURITYID, then no security Id + * will be ignored. + * + * RESULT + * bExist - true if a match found, false otherwise. + * + * HISTORY + * 05.01.2004 - implemented + * + * AUTHOR + * Michael Mi + * Email: michael.mi@sun.com + ******************************************************************************/ +{ + bool rc = false; + + std::vector< const BufferNode* >::const_iterator ii = m_vChildren.begin(); + + for( ; ii != m_vChildren.end() ; ++ii ) + { + BufferNode* pBufferNode = (BufferNode*)*ii; + ElementMark* pBlocker = pBufferNode->getBlocker(); + + if (pBlocker != NULL && + (nIgnoredSecurityId == cssxc::sax::ConstOfSecurityId::UNDEFINEDSECURITYID || + pBlocker->getSecurityId() != nIgnoredSecurityId )) + { + rc = true; + break; + } + + if (rc || pBufferNode->isBlockerInSubTreeIncluded(nIgnoredSecurityId)) + { + rc = true; + break; + } + } + + return rc; +} + +const BufferNode* BufferNode::getNextChild(const BufferNode* pChild) const +/****** BufferNode/getNextChild ********************************************** + * + * NAME + * getNextChild -- get the next child BufferNode. + * + * SYNOPSIS + * nextChild = getNextChild(); + * + * FUNCTION + * see NAME + * + * INPUTS + * pChild - the child BufferNode whose next node is retrieved. + * + * RESULT + * nextChild - the next child BufferNode after the pChild, or NULL if + * there is none. + * + * HISTORY + * 05.01.2004 - implemented + * + * AUTHOR + * Michael Mi + * Email: michael.mi@sun.com + ******************************************************************************/ +{ + BufferNode* rc = NULL; + bool bChildFound = false; + + std::vector< const BufferNode* >::const_iterator ii = m_vChildren.begin(); + for( ; ii != m_vChildren.end() ; ++ii ) + { + if (bChildFound) + { + rc = (BufferNode*)*ii; + break; + } + + if( *ii == pChild ) + { + bChildFound = true; + } + } + + return (const BufferNode*)rc; +} + + +void BufferNode::freeAllChildren() +/****** BufferNode/freeAllChildren ******************************************* + * + * NAME + * freeAllChildren -- free all his child BufferNode. + * + * SYNOPSIS + * freeAllChildren(); + * + * FUNCTION + * see NAME + * + * INPUTS + * empty + * + * RESULT + * empty + * + * HISTORY + * 30.03.2004 - the correct the memory leak bug + * + * AUTHOR + * Michael Mi + * Email: michael.mi@sun.com + ******************************************************************************/ +{ + std::vector< const BufferNode* >::const_iterator ii = m_vChildren.begin(); + for( ; ii != m_vChildren.end() ; ++ii ) + { + BufferNode *pChild = (BufferNode *)(*ii); + pChild->freeAllChildren(); + delete pChild; + } + + m_vChildren.clear(); +} diff --git a/xmlsecurity/source/framework/buffernode.hxx b/xmlsecurity/source/framework/buffernode.hxx new file mode 100644 index 000000000000..ca903b7e740e --- /dev/null +++ b/xmlsecurity/source/framework/buffernode.hxx @@ -0,0 +1,140 @@ +/************************************************************************* + * + * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. + * + * Copyright 2008 by Sun Microsystems, Inc. + * + * OpenOffice.org - a multi-platform office productivity suite + * + * $RCSfile: buffernode.hxx,v $ + * $Revision: 1.3 $ + * + * This file is part of OpenOffice.org. + * + * OpenOffice.org is free software: you can redistribute it and/or modify + * it under the terms of the GNU Lesser General Public License version 3 + * only, as published by the Free Software Foundation. + * + * OpenOffice.org is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU Lesser General Public License version 3 for more details + * (a copy is included in the LICENSE file that accompanied this code). + * + * You should have received a copy of the GNU Lesser General Public License + * version 3 along with OpenOffice.org. If not, see + * <http://www.openoffice.org/license.html> + * for a copy of the LGPLv3 License. + * + ************************************************************************/ + +#ifndef _BUFFERNODE_HXX +#define _BUFFERNODE_HXX + +#include <com/sun/star/lang/XServiceInfo.hpp> +#include <com/sun/star/xml/wrapper/XXMLElementWrapper.hpp> + +#ifndef INCLUDED_VECTOR +#include <vector> +#define INCLUDED_VECTOR +#endif + +class ElementMark; +class ElementCollector; + +class BufferNode +/****** buffernode.hxx/CLASS BufferNode *************************************** + * + * NAME + * BufferNode -- Class to maintain the tree of bufferred elements + * + * FUNCTION + * One BufferNode object represents a bufferred element in the document + * wrapper component. + * All BufferNode objects construct a tree which has the same structure + * of all bufferred elements. That is to say, if one bufferred element is + * an ancestor of another bufferred element, then the corresponding + * BufferNode objects are also in ancestor/descendant relationship. + * This class is used to manipulate the tree of bufferred elements. + * + * HISTORY + * 05.01.2004 - implemented + * + * AUTHOR + * Michael Mi + * Email: michael.mi@sun.com + ******************************************************************************/ +{ +private: + /* the parent BufferNode */ + BufferNode* m_pParent; + + /* all child BufferNodes */ + std::vector< const BufferNode* > m_vChildren; + + /* all ElementCollector holding this BufferNode */ + std::vector< const ElementCollector* > m_vElementCollectors; + + /* + * the blocker holding this BufferNode, one BufferNode can have one + * blocker at most + */ + ElementMark* m_pBlocker; + + /* + * whether the element has completely bufferred by the document wrapper + * component + */ + bool m_bAllReceived; + + /* the XMLElementWrapper of the bufferred element */ + com::sun::star::uno::Reference< + com::sun::star::xml::wrapper::XXMLElementWrapper > m_xXMLElement; + +private: + bool isECInSubTreeIncluded(sal_Int32 nIgnoredSecurityId) const; + bool isECOfBeforeModifyInAncestorIncluded(sal_Int32 nIgnoredSecurityId) const; + bool isBlockerInSubTreeIncluded(sal_Int32 nIgnoredSecurityId) const; + const BufferNode* getNextChild(const BufferNode* pChild) const; + +public: + explicit BufferNode( + const com::sun::star::uno::Reference< + com::sun::star::xml::wrapper::XXMLElementWrapper >& xXMLElement); + virtual ~BufferNode() {}; + + bool isECOfBeforeModifyIncluded(sal_Int32 nIgnoredSecurityId) const; + void setReceivedAll(); + bool isAllReceived() const; + void addElementCollector(const ElementCollector* pElementCollector); + void removeElementCollector(const ElementCollector* pElementCollector); + ElementMark* getBlocker() const; + void setBlocker(const ElementMark* pBlocker); + rtl::OUString printChildren() const; + bool hasAnything() const; + bool hasChildren() const; + std::vector< const BufferNode* >* getChildren() const; + const BufferNode* getFirstChild() const; + void addChild(const BufferNode* pChild, sal_Int32 nPosition); + void addChild(const BufferNode* pChild); + void removeChild(const BufferNode* pChild); + sal_Int32 indexOfChild(const BufferNode* pChild) const; + const BufferNode* childAt(sal_Int32 nIndex) const; + const BufferNode* getParent() const; + void setParent(const BufferNode* pParent); + const BufferNode* getNextSibling() const; + const BufferNode* isAncestor(const BufferNode* pDescendant) const; + bool isPrevious(const BufferNode* pFollowing) const; + const BufferNode* getNextNodeByTreeOrder() const; + com::sun::star::uno::Reference< + com::sun::star::xml::wrapper::XXMLElementWrapper > getXMLElement() const; + void setXMLElement(const com::sun::star::uno::Reference< + com::sun::star::xml::wrapper::XXMLElementWrapper >& xXMLElement); + void notifyBranch(); + void notifyAncestor(); + void elementCollectorNotify(); + void freeAllChildren(); +}; + +#endif + diff --git a/xmlsecurity/source/framework/decryptorimpl.cxx b/xmlsecurity/source/framework/decryptorimpl.cxx new file mode 100644 index 000000000000..967eaa6f5e54 --- /dev/null +++ b/xmlsecurity/source/framework/decryptorimpl.cxx @@ -0,0 +1,248 @@ +/************************************************************************* + * + * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. + * + * Copyright 2008 by Sun Microsystems, Inc. + * + * OpenOffice.org - a multi-platform office productivity suite + * + * $RCSfile: decryptorimpl.cxx,v $ + * $Revision: 1.7 $ + * + * This file is part of OpenOffice.org. + * + * OpenOffice.org is free software: you can redistribute it and/or modify + * it under the terms of the GNU Lesser General Public License version 3 + * only, as published by the Free Software Foundation. + * + * OpenOffice.org is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU Lesser General Public License version 3 for more details + * (a copy is included in the LICENSE file that accompanied this code). + * + * You should have received a copy of the GNU Lesser General Public License + * version 3 along with OpenOffice.org. If not, see + * <http://www.openoffice.org/license.html> + * for a copy of the LGPLv3 License. + * + ************************************************************************/ + +// MARKER(update_precomp.py): autogen include statement, do not remove +#include "precompiled_xmlsecurity.hxx" + +#include "decryptorimpl.hxx" +#include <com/sun/star/xml/crypto/XXMLEncryptionTemplate.hpp> +#include <com/sun/star/xml/wrapper/XXMLElementWrapper.hpp> +#include <com/sun/star/lang/XMultiServiceFactory.hpp> + +namespace cssu = com::sun::star::uno; +namespace cssl = com::sun::star::lang; +namespace cssxc = com::sun::star::xml::crypto; +namespace cssxw = com::sun::star::xml::wrapper; + +#define SERVICE_NAME "com.sun.star.xml.crypto.sax.Decryptor" +#define IMPLEMENTATION_NAME "com.sun.star.xml.security.framework.DecryptorImpl" + +#define DECLARE_ASCII( SASCIIVALUE ) \ + rtl::OUString( RTL_CONSTASCII_USTRINGPARAM( SASCIIVALUE ) ) + +DecryptorImpl::DecryptorImpl( const cssu::Reference< cssl::XMultiServiceFactory >& rxMSF) +{ + mxMSF = rxMSF; +} + +DecryptorImpl::~DecryptorImpl() +{ +} + +bool DecryptorImpl::checkReady() const +/****** DecryptorImpl/checkReady ********************************************* + * + * NAME + * checkReady -- checks the conditions for the decryption. + * + * SYNOPSIS + * bReady = checkReady( ); + * + * FUNCTION + * checks whether all following conditions are satisfied: + * 1. the result listener is ready; + * 2. the EncryptionEngine is ready. + * + * INPUTS + * empty + * + * RESULT + * bReady - true if all conditions are satisfied, false otherwise + * + * HISTORY + * 05.01.2004 - implemented + * + * AUTHOR + * Michael Mi + * Email: michael.mi@sun.com + ******************************************************************************/ +{ + return (m_xResultListener.is() && EncryptionEngine::checkReady()); +} + +void DecryptorImpl::notifyResultListener() const + throw (cssu::Exception, cssu::RuntimeException) +/****** DecryptorImpl/notifyResultListener *********************************** + * + * NAME + * notifyResultListener -- notifies the listener about the decryption + * result. + * + * SYNOPSIS + * notifyResultListener( ); + * + * FUNCTION + * see NAME. + * + * INPUTS + * empty + * + * RESULT + * empty + * + * HISTORY + * 05.01.2004 - implemented + * + * AUTHOR + * Michael Mi + * Email: michael.mi@sun.com + ******************************************************************************/ +{ + cssu::Reference< cssxc::sax::XDecryptionResultListener > + xDecryptionResultListener ( m_xResultListener , cssu::UNO_QUERY ) ; + + xDecryptionResultListener->decrypted(m_nSecurityId,m_nStatus); +} + +void DecryptorImpl::startEngine( const cssu::Reference< + cssxc::XXMLEncryptionTemplate >& + xEncryptionTemplate) + throw (cssu::Exception, cssu::RuntimeException) +/****** DecryptorImpl/startEngine ******************************************** + * + * NAME + * startEngine -- decrypts the encryption. + * + * SYNOPSIS + * startEngine( xEncryptionTemplate ); + * + * FUNCTION + * decrypts the encryption element, then if succeeds, updates the link + * of old template element to the new encryption element in + * SAXEventKeeper. + * + * INPUTS + * xEncryptionTemplate - the encryption template to be decrypted. + * + * RESULT + * empty + * + * HISTORY + * 05.01.2004 - implemented + * + * AUTHOR + * Michael Mi + * Email: michael.mi@sun.com + ******************************************************************************/ +{ + cssu::Reference< cssxc::XXMLEncryptionTemplate > xResultTemplate; + try + { + xResultTemplate = m_xXMLEncryption->decrypt(xEncryptionTemplate, m_xXMLSecurityContext); + m_nStatus = xResultTemplate->getStatus(); + } + catch( cssu::Exception& ) + { + m_nStatus = cssxc::SecurityOperationStatus_RUNTIMEERROR_FAILED; + } + + if (m_nStatus == cssxc::SecurityOperationStatus_OPERATION_SUCCEEDED) + { + cssu::Reference< cssxw::XXMLElementWrapper > xDecryptedElement + = xResultTemplate->getTemplate(); + m_xSAXEventKeeper->setElement(m_nIdOfTemplateEC, xDecryptedElement); + } +} + +/* XDecryptionResultBroadcaster */ +void SAL_CALL DecryptorImpl::addDecryptionResultListener( const cssu::Reference< cssxc::sax::XDecryptionResultListener >& listener ) + throw (cssu::Exception, cssu::RuntimeException) +{ + m_xResultListener = listener; + tryToPerform(); +} + +void SAL_CALL DecryptorImpl::removeDecryptionResultListener( const cssu::Reference< cssxc::sax::XDecryptionResultListener >&) + throw (cssu::RuntimeException) +{ +} + +/* XInitialization */ +void SAL_CALL DecryptorImpl::initialize( const cssu::Sequence< cssu::Any >& aArguments ) + throw (cssu::Exception, cssu::RuntimeException) +{ + OSL_ASSERT(aArguments.getLength() == 5); + + rtl::OUString ouTempString; + + aArguments[0] >>= ouTempString; + m_nSecurityId = ouTempString.toInt32(); + aArguments[1] >>= m_xSAXEventKeeper; + aArguments[2] >>= ouTempString; + m_nIdOfTemplateEC = ouTempString.toInt32(); + aArguments[3] >>= m_xXMLSecurityContext; + aArguments[4] >>= m_xXMLEncryption; +} + +rtl::OUString DecryptorImpl_getImplementationName () + throw (cssu::RuntimeException) +{ + return rtl::OUString ( RTL_CONSTASCII_USTRINGPARAM ( IMPLEMENTATION_NAME ) ); +} + +sal_Bool SAL_CALL DecryptorImpl_supportsService( const rtl::OUString& ServiceName ) + throw (cssu::RuntimeException) +{ + return ServiceName.equalsAsciiL( RTL_CONSTASCII_STRINGPARAM ( SERVICE_NAME )); +} + +cssu::Sequence< rtl::OUString > SAL_CALL DecryptorImpl_getSupportedServiceNames( ) + throw (cssu::RuntimeException) +{ + cssu::Sequence < rtl::OUString > aRet(1); + rtl::OUString* pArray = aRet.getArray(); + pArray[0] = rtl::OUString ( RTL_CONSTASCII_USTRINGPARAM ( SERVICE_NAME ) ); + return aRet; +} +#undef SERVICE_NAME + +cssu::Reference< cssu::XInterface > SAL_CALL DecryptorImpl_createInstance( const cssu::Reference< cssl::XMultiServiceFactory >& rSMgr) + throw( cssu::Exception ) +{ + return (cppu::OWeakObject*) new DecryptorImpl(rSMgr); +} + +/* XServiceInfo */ +rtl::OUString SAL_CALL DecryptorImpl::getImplementationName( ) + throw (cssu::RuntimeException) +{ + return DecryptorImpl_getImplementationName(); +} +sal_Bool SAL_CALL DecryptorImpl::supportsService( const rtl::OUString& rServiceName ) + throw (cssu::RuntimeException) +{ + return DecryptorImpl_supportsService( rServiceName ); +} +cssu::Sequence< rtl::OUString > SAL_CALL DecryptorImpl::getSupportedServiceNames( ) + throw (cssu::RuntimeException) +{ + return DecryptorImpl_getSupportedServiceNames(); +} + diff --git a/xmlsecurity/source/framework/decryptorimpl.hxx b/xmlsecurity/source/framework/decryptorimpl.hxx new file mode 100644 index 000000000000..53f90698bb6c --- /dev/null +++ b/xmlsecurity/source/framework/decryptorimpl.hxx @@ -0,0 +1,139 @@ +/************************************************************************* + * + * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. + * + * Copyright 2008 by Sun Microsystems, Inc. + * + * OpenOffice.org - a multi-platform office productivity suite + * + * $RCSfile: decryptorimpl.hxx,v $ + * $Revision: 1.4 $ + * + * This file is part of OpenOffice.org. + * + * OpenOffice.org is free software: you can redistribute it and/or modify + * it under the terms of the GNU Lesser General Public License version 3 + * only, as published by the Free Software Foundation. + * + * OpenOffice.org is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU Lesser General Public License version 3 for more details + * (a copy is included in the LICENSE file that accompanied this code). + * + * You should have received a copy of the GNU Lesser General Public License + * version 3 along with OpenOffice.org. If not, see + * <http://www.openoffice.org/license.html> + * for a copy of the LGPLv3 License. + * + ************************************************************************/ + +#ifndef _DECRYPTORIMPL_HXX +#define _DECRYPTORIMPL_HXX + +#include <com/sun/star/xml/crypto/sax/XDecryptionResultBroadcaster.hpp> +#include <com/sun/star/xml/crypto/sax/XDecryptionResultListener.hpp> +#include <com/sun/star/xml/crypto/XXMLSecurityContext.hpp> +#include <com/sun/star/lang/XInitialization.hpp> +#include <com/sun/star/lang/XServiceInfo.hpp> +#include <cppuhelper/implbase3.hxx> + +#include "encryptionengine.hxx" + +class DecryptorImpl : public cppu::ImplInheritanceHelper3 +< + EncryptionEngine, + com::sun::star::xml::crypto::sax::XDecryptionResultBroadcaster, + com::sun::star::lang::XInitialization, + com::sun::star::lang::XServiceInfo +> +/****** DecryptorImpl.hxx/CLASS DecryptorImpl ********************************* + * + * NAME + * DecryptorImpl -- decrypts an encryption + * + * FUNCTION + * Collects all resources for decrypting an encryption, then decrypts the + * encryption by invoking a xmlsec-based encryption bridge component. + * + * HISTORY + * 05.01.2004 - Interface supported: XDecryptionResultBroadcaster, + * XInitialization, XServiceInfo + * + * AUTHOR + * Michael Mi + * Email: michael.mi@sun.com + ******************************************************************************/ +{ +private: + /* + * the Id of the encryption, which is used for the result listener to + * identify the encryption. + */ + sal_Int32 m_nEncryptionId; + + /* + * the decryption result, + * remembers whether the decryption succeeds. + */ + bool m_bDecryptionSucceed; + + com::sun::star::uno::Reference< + com::sun::star::xml::crypto::XXMLSecurityContext > m_xXMLSecurityContext; + + virtual void notifyResultListener() const + throw (com::sun::star::uno::Exception, com::sun::star::uno::RuntimeException); + virtual bool checkReady() const; + virtual void startEngine( const com::sun::star::uno::Reference< + com::sun::star::xml::crypto::XXMLEncryptionTemplate >& + xEncryptionTemplate) + throw (com::sun::star::uno::Exception, com::sun::star::uno::RuntimeException); + +public: + explicit DecryptorImpl( const com::sun::star::uno::Reference< + com::sun::star::lang::XMultiServiceFactory >& rxMSF); + virtual ~DecryptorImpl(); + + /* XDecryptionResultBroadcaster */ + virtual void SAL_CALL addDecryptionResultListener( + const com::sun::star::uno::Reference< + com::sun::star::xml::crypto::sax::XDecryptionResultListener >& + listener ) + throw (com::sun::star::uno::Exception, com::sun::star::uno::RuntimeException); + virtual void SAL_CALL removeDecryptionResultListener( + const com::sun::star::uno::Reference< + com::sun::star::xml::crypto::sax::XDecryptionResultListener >& + listener ) + throw (com::sun::star::uno::RuntimeException); + + /* XInitialization */ + virtual void SAL_CALL initialize( + const com::sun::star::uno::Sequence< com::sun::star::uno::Any >& aArguments ) + throw (com::sun::star::uno::Exception, com::sun::star::uno::RuntimeException); + + /* XServiceInfo */ + virtual rtl::OUString SAL_CALL getImplementationName( ) + throw (com::sun::star::uno::RuntimeException); + virtual sal_Bool SAL_CALL supportsService( const rtl::OUString& ServiceName ) + throw (com::sun::star::uno::RuntimeException); + virtual com::sun::star::uno::Sequence< rtl::OUString > SAL_CALL getSupportedServiceNames( ) + throw (com::sun::star::uno::RuntimeException); +}; + +rtl::OUString DecryptorImpl_getImplementationName() + throw ( com::sun::star::uno::RuntimeException ); + +sal_Bool SAL_CALL DecryptorImpl_supportsService( const rtl::OUString& ServiceName ) + throw ( com::sun::star::uno::RuntimeException ); + +com::sun::star::uno::Sequence< rtl::OUString > SAL_CALL DecryptorImpl_getSupportedServiceNames( ) + throw ( com::sun::star::uno::RuntimeException ); + +com::sun::star::uno::Reference< com::sun::star::uno::XInterface > +SAL_CALL DecryptorImpl_createInstance( + const com::sun::star::uno::Reference< com::sun::star::lang::XMultiServiceFactory >& + rSMgr) + throw ( com::sun::star::uno::Exception ); + +#endif + diff --git a/xmlsecurity/source/framework/elementcollector.cxx b/xmlsecurity/source/framework/elementcollector.cxx new file mode 100644 index 000000000000..4e2b1d4ecb40 --- /dev/null +++ b/xmlsecurity/source/framework/elementcollector.cxx @@ -0,0 +1,299 @@ +/************************************************************************* + * + * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. + * + * Copyright 2008 by Sun Microsystems, Inc. + * + * OpenOffice.org - a multi-platform office productivity suite + * + * $RCSfile: elementcollector.cxx,v $ + * $Revision: 1.6 $ + * + * This file is part of OpenOffice.org. + * + * OpenOffice.org is free software: you can redistribute it and/or modify + * it under the terms of the GNU Lesser General Public License version 3 + * only, as published by the Free Software Foundation. + * + * OpenOffice.org is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU Lesser General Public License version 3 for more details + * (a copy is included in the LICENSE file that accompanied this code). + * + * You should have received a copy of the GNU Lesser General Public License + * version 3 along with OpenOffice.org. If not, see + * <http://www.openoffice.org/license.html> + * for a copy of the LGPLv3 License. + * + ************************************************************************/ + +// MARKER(update_precomp.py): autogen include statement, do not remove +#include "precompiled_xmlsecurity.hxx" + +#include "elementmark.hxx" +#include "elementcollector.hxx" +#include "buffernode.hxx" +#include <com/sun/star/xml/crypto/sax/ConstOfSecurityId.hpp> + +namespace cssu = com::sun::star::uno; +namespace cssxc = com::sun::star::xml::crypto; + +ElementCollector::ElementCollector( + sal_Int32 nSecurityId, + sal_Int32 nBufferId, + cssxc::sax::ElementMarkPriority nPriority, + bool bToModify, + const com::sun::star::uno::Reference< + com::sun::star::xml::crypto::sax::XReferenceResolvedListener >& + xReferenceResolvedListener) + :ElementMark(nSecurityId, nBufferId), + m_nPriority(nPriority), + m_bToModify(bToModify), + m_bAbleToNotify(false), + m_bNotified(false), + m_xReferenceResolvedListener(xReferenceResolvedListener) +/****** ElementCollector/ElementCollector ************************************* + * + * NAME + * ElementCollector -- constructor method + * + * SYNOPSIS + * ElementCollector(nSecurityId, nBufferId, nPriority, bToModify + * xReferenceResolvedListener); + * + * FUNCTION + * construct an ElementCollector object. + * + * INPUTS + * nSecurityId - represents which security entity the buffer node is + * related with. Either a signature or an encryption is + * a security entity. + * nBufferId - the id of the element bufferred in the document + * wrapper component. The document wrapper component + * uses this id to search the particular bufferred + * element. + * nPriority - the priority value. ElementCollector with lower + * priority value can't notify until all ElementCollectors + * with higher priority value have notified. + * bToModify - A flag representing whether this ElementCollector + * notification will cause the modification of its working + * element. + * xReferenceResolvedListener + * - the listener that this ElementCollector notifies to. + * + * RESULT + * empty + * + * HISTORY + * 05.01.2004 - implemented + * + * AUTHOR + * Michael Mi + * Email: michael.mi@sun.com + ******************************************************************************/ +{ + m_type = cssxc::sax::ElementMarkType_ELEMENTCOLLECTOR; +} + +/* +bool ElementCollector::isInternalNotificationSuppressed() const +{ + return m_bInternalNotificationSuppressed; +} +*/ + +cssxc::sax::ElementMarkPriority ElementCollector::getPriority() const +{ + return m_nPriority; +} + +bool ElementCollector::getModify() const +{ + return m_bToModify; +} + +void ElementCollector::notifyListener() +/****** ElementCollector/notifyListener *************************************** + * + * NAME + * notifyListener -- enable the ability to notify the listener + * + * SYNOPSIS + * notifyListener(); + * + * FUNCTION + * enable the ability to notify the listener and try to notify then. + * + * INPUTS + * empty + * + * RESULT + * empty + * + * HISTORY + * 05.01.2004 - implemented + * + * AUTHOR + * Michael Mi + * Email: michael.mi@sun.com + ******************************************************************************/ +{ + m_bAbleToNotify = true; + doNotify(); +} + +bool ElementCollector::isAbleToNotify() const +{ + return m_bAbleToNotify; +} + +void ElementCollector::setReferenceResolvedListener( + const cssu::Reference< cssxc::sax::XReferenceResolvedListener >& xReferenceResolvedListener) +/****** ElementCollector/setReferenceResolvedListener ************************* + * + * NAME + * setReferenceResolvedListener -- configures a listener for the buffer + * node in this object + * + * SYNOPSIS + * setReferenceResolvedListener(xReferenceResolvedListener); + * + * FUNCTION + * configures a new listener and try to notify then. + * + * INPUTS + * xReferenceResolvedListener - the new listener + * + * RESULT + * empty + * + * HISTORY + * 05.01.2004 - implemented + * + * AUTHOR + * Michael Mi + * Email: michael.mi@sun.com + ******************************************************************************/ +{ + m_xReferenceResolvedListener = xReferenceResolvedListener; + doNotify(); +} + +void ElementCollector::setSecurityId(sal_Int32 nSecurityId) +/****** ElementCollector/setSecurityId **************************************** + * + * NAME + * setSecurityId -- configures the security Id of the buffer node + * + * SYNOPSIS + * setSecurityId(nSecurityId); + * + * FUNCTION + * configures the security Id and try to notify then + * + * INPUTS + * nSecurityId - the security Id + * + * RESULT + * empty + * + * HISTORY + * 05.01.2004 - implemented + * + * AUTHOR + * Michael Mi + * Email: michael.mi@sun.com + ******************************************************************************/ +{ + m_nSecurityId = nSecurityId; + doNotify(); +} + +void ElementCollector::doNotify() +/****** ElementCollector/doNotify ********************************************* + * + * NAME + * doNotify -- tries to notify the listener + * + * SYNOPSIS + * doNotify(); + * + * FUNCTION + * notifies the listener when all below conditions are satisfied: + * the listener has not been notified; + * the notify right is granted; + * the listener has already been configured; + * the security id has already been configure + * + * INPUTS + * empty + * + * RESULT + * empty + * + * HISTORY + * 05.01.2004 - implemented + * + * AUTHOR + * Michael Mi + * Email: michael.mi@sun.com + ******************************************************************************/ +{ + if (!m_bNotified && + m_bAbleToNotify && + m_xReferenceResolvedListener.is() && + m_nSecurityId != cssxc::sax::ConstOfSecurityId::UNDEFINEDSECURITYID) + { + m_bNotified = true; + m_xReferenceResolvedListener->referenceResolved(m_nBufferId); + } +} + +ElementCollector* ElementCollector::clone( + sal_Int32 nBufferId, + cssxc::sax::ElementMarkPriority nPriority ) const +/****** ElementCollector/clone ************************************************ + * + * NAME + * clone -- duplicates this ElementCollector object + * + * SYNOPSIS + * cloned = clone(nBufferId, nPriority); + * + * FUNCTION + * duplicates this ElementCollector object with new buffer Id, priority. + * + * INPUTS + * nBufferId - the buffer node's Id + * nPriority - the priority + * + * RESULT + * clone - a new ElementCollector + * + * HISTORY + * 05.01.2004 - implemented + * + * AUTHOR + * Michael Mi + * Email: michael.mi@sun.com + ******************************************************************************/ +{ + ElementCollector* pClonedOne + = new ElementCollector(m_nSecurityId, + nBufferId, nPriority, m_bToModify, + m_xReferenceResolvedListener); + + if (m_bAbleToNotify) + { + pClonedOne->notifyListener(); + } + + if (m_pBufferNode != NULL) + { + m_pBufferNode->addElementCollector(pClonedOne); + } + + return pClonedOne; +} + diff --git a/xmlsecurity/source/framework/elementcollector.hxx b/xmlsecurity/source/framework/elementcollector.hxx new file mode 100644 index 000000000000..f8332f32d4bd --- /dev/null +++ b/xmlsecurity/source/framework/elementcollector.hxx @@ -0,0 +1,111 @@ +/************************************************************************* + * + * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. + * + * Copyright 2008 by Sun Microsystems, Inc. + * + * OpenOffice.org - a multi-platform office productivity suite + * + * $RCSfile: elementcollector.hxx,v $ + * $Revision: 1.4 $ + * + * This file is part of OpenOffice.org. + * + * OpenOffice.org is free software: you can redistribute it and/or modify + * it under the terms of the GNU Lesser General Public License version 3 + * only, as published by the Free Software Foundation. + * + * OpenOffice.org is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU Lesser General Public License version 3 for more details + * (a copy is included in the LICENSE file that accompanied this code). + * + * You should have received a copy of the GNU Lesser General Public License + * version 3 along with OpenOffice.org. If not, see + * <http://www.openoffice.org/license.html> + * for a copy of the LGPLv3 License. + * + ************************************************************************/ + +#ifndef _ELEMENTCOLLECTOR_HXX +#define _ELEMENTCOLLECTOR_HXX + +#include "elementmark.hxx" +#include <com/sun/star/xml/crypto/sax/XReferenceResolvedListener.hpp> +#include <com/sun/star/xml/crypto/sax/ElementMarkPriority.hpp> + +class ElementCollector : public ElementMark +/****** elementcollector.hxx/CLASS ElementCollector *************************** + * + * NAME + * ElementCollector -- Class to manipulate an element collector + * + * FUNCTION + * This class is derived from the ElementMark class. Beyond the function + * of the ElementMark class, this class also maintains the priority, and + * manages the notify process + * + * HISTORY + * 05.01.2004 - implemented + * + * AUTHOR + * Michael Mi + * Email: michael.mi@sun.com + ******************************************************************************/ +{ +private: + /* + * the notify priority, is one of following values: + * AFTERMODIFY - this ElementCollector will notify after all + * internal modifications have finished. + * BEFOREMODIFY - this ElementCollector must notify before any + * internal modification happens. + */ + com::sun::star::xml::crypto::sax::ElementMarkPriority m_nPriority; + + /* + * the modify flag, representing whether which elementcollector will + * modify its data. + */ + bool m_bToModify; + + /* the notify enable flag, see notifyListener method */ + bool m_bAbleToNotify; + + /* whether the listener has been notified */ + bool m_bNotified; + + /* the listener to be notified */ + com::sun::star::uno::Reference< + com::sun::star::xml::crypto::sax::XReferenceResolvedListener > m_xReferenceResolvedListener; + +public: + ElementCollector( + sal_Int32 nSecurityId, + sal_Int32 nBufferId, + com::sun::star::xml::crypto::sax::ElementMarkPriority nPriority, + bool bToModify, + const com::sun::star::uno::Reference< + com::sun::star::xml::crypto::sax::XReferenceResolvedListener >& + xReferenceResolvedListener); + virtual ~ElementCollector() {}; + + //bool isInternalNotificationSuppressed() const; + com::sun::star::xml::crypto::sax::ElementMarkPriority getPriority() const; + bool getModify() const; + void notifyListener(); + bool isAbleToNotify() const; + void setReferenceResolvedListener( + const com::sun::star::uno::Reference< + com::sun::star::xml::crypto::sax::XReferenceResolvedListener >& + referenceResolvedListener); + void setSecurityId(sal_Int32 nSecurityId); + void doNotify(); + ElementCollector* clone( + sal_Int32 nId, + com::sun::star::xml::crypto::sax::ElementMarkPriority nPriority ) const; +}; + +#endif + diff --git a/xmlsecurity/source/framework/elementmark.cxx b/xmlsecurity/source/framework/elementmark.cxx new file mode 100644 index 000000000000..d69470bf3f60 --- /dev/null +++ b/xmlsecurity/source/framework/elementmark.cxx @@ -0,0 +1,108 @@ +/************************************************************************* + * + * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. + * + * Copyright 2008 by Sun Microsystems, Inc. + * + * OpenOffice.org - a multi-platform office productivity suite + * + * $RCSfile: elementmark.cxx,v $ + * $Revision: 1.6 $ + * + * This file is part of OpenOffice.org. + * + * OpenOffice.org is free software: you can redistribute it and/or modify + * it under the terms of the GNU Lesser General Public License version 3 + * only, as published by the Free Software Foundation. + * + * OpenOffice.org is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU Lesser General Public License version 3 for more details + * (a copy is included in the LICENSE file that accompanied this code). + * + * You should have received a copy of the GNU Lesser General Public License + * version 3 along with OpenOffice.org. If not, see + * <http://www.openoffice.org/license.html> + * for a copy of the LGPLv3 License. + * + ************************************************************************/ + +// MARKER(update_precomp.py): autogen include statement, do not remove +#include "precompiled_xmlsecurity.hxx" + +#include "elementmark.hxx" +#include "buffernode.hxx" + +namespace cssxc = com::sun::star::xml::crypto; + +ElementMark::ElementMark(sal_Int32 nSecurityId, sal_Int32 nBufferId) + :m_pBufferNode(NULL), + m_nSecurityId(nSecurityId), + m_nBufferId(nBufferId), + m_type(cssxc::sax::ElementMarkType_ELEMENTMARK) +/****** ElementMark/ElementMark *********************************************** + * + * NAME + * ElementMark -- constructor method + * + * SYNOPSIS + * ElementMark(nSecurityId, nBufferId); + * + * FUNCTION + * construct an ElementMark object. + * + * INPUTS + * nSecurityId - represents which security entity the buffer node is + * related with. Either a signature or an encryption is + * a security entity. + * nBufferId - the id of the element bufferred in the document + * wrapper component. The document wrapper component + * uses this id to search the particular bufferred + * element. + * + * RESULT + * empty + * + * HISTORY + * 05.01.2004 - implemented + * + * AUTHOR + * Michael Mi + * Email: michael.mi@sun.com + ******************************************************************************/ +{ +} + +BufferNode* ElementMark::getBufferNode() const +{ + return m_pBufferNode; +} + +void ElementMark::setBufferNode(const BufferNode* pBufferNode) +{ + m_pBufferNode = (BufferNode*)pBufferNode; +} + +sal_Int32 ElementMark::getSecurityId() const +{ + return m_nSecurityId; +} + +void ElementMark::setSecurityId(sal_Int32 nSecurityId) +{ + m_nSecurityId = nSecurityId; +} + +com::sun::star::xml::crypto::sax::ElementMarkType ElementMark::getType() const +{ + return m_type; +} + +sal_Int32 ElementMark::getBufferId() const +{ + return m_nBufferId; +} + + + diff --git a/xmlsecurity/source/framework/elementmark.hxx b/xmlsecurity/source/framework/elementmark.hxx new file mode 100644 index 000000000000..7aa516037724 --- /dev/null +++ b/xmlsecurity/source/framework/elementmark.hxx @@ -0,0 +1,88 @@ +/************************************************************************* + * + * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. + * + * Copyright 2008 by Sun Microsystems, Inc. + * + * OpenOffice.org - a multi-platform office productivity suite + * + * $RCSfile: elementmark.hxx,v $ + * $Revision: 1.3 $ + * + * This file is part of OpenOffice.org. + * + * OpenOffice.org is free software: you can redistribute it and/or modify + * it under the terms of the GNU Lesser General Public License version 3 + * only, as published by the Free Software Foundation. + * + * OpenOffice.org is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU Lesser General Public License version 3 for more details + * (a copy is included in the LICENSE file that accompanied this code). + * + * You should have received a copy of the GNU Lesser General Public License + * version 3 along with OpenOffice.org. If not, see + * <http://www.openoffice.org/license.html> + * for a copy of the LGPLv3 License. + * + ************************************************************************/ + +#ifndef _ELEMENTMARK_HXX +#define _ELEMENTMARK_HXX + +#include <com/sun/star/lang/XServiceInfo.hpp> +#include <com/sun/star/xml/crypto/sax/ElementMarkType.hpp> + +class BufferNode; + +class ElementMark +/****** elementmark.hxx/CLASS ElementMark ************************************* + * + * NAME + * ElementMark -- Class to manipulate an element mark + * + * FUNCTION + * This class maintains the security id, buffer id and its type for a + * buffer node. + * + * HISTORY + * 05.01.2004 - implemented + * + * AUTHOR + * Michael Mi + * Email: michael.mi@sun.com + ******************************************************************************/ +{ +protected: + /* the BufferNode maintained by this object */ + BufferNode* m_pBufferNode; + + /* the security Id */ + sal_Int32 m_nSecurityId; + + /* the buffer Id */ + sal_Int32 m_nBufferId; + + /* + * the type value, is one of following values: + * TYPEOFELEMENTMARK - the default value, represents an blocker if + * not changed + * TYPEOFELEMENTCOLLECTOR - represents an ElementCollector + */ + com::sun::star::xml::crypto::sax::ElementMarkType m_type; + +public: + ElementMark(sal_Int32 nSecurityId, sal_Int32 nBufferId); + virtual ~ElementMark() {}; + + BufferNode* getBufferNode() const; + void setBufferNode(const BufferNode* pBufferNode); + sal_Int32 getSecurityId() const; + void setSecurityId(sal_Int32 nSecurityId); + com::sun::star::xml::crypto::sax::ElementMarkType getType() const; + sal_Int32 getBufferId() const; +}; + +#endif + diff --git a/xmlsecurity/source/framework/encryptionengine.cxx b/xmlsecurity/source/framework/encryptionengine.cxx new file mode 100644 index 000000000000..4dbfe8cc3589 --- /dev/null +++ b/xmlsecurity/source/framework/encryptionengine.cxx @@ -0,0 +1,219 @@ +/************************************************************************* + * + * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. + * + * Copyright 2008 by Sun Microsystems, Inc. + * + * OpenOffice.org - a multi-platform office productivity suite + * + * $RCSfile: encryptionengine.cxx,v $ + * $Revision: 1.4 $ + * + * This file is part of OpenOffice.org. + * + * OpenOffice.org is free software: you can redistribute it and/or modify + * it under the terms of the GNU Lesser General Public License version 3 + * only, as published by the Free Software Foundation. + * + * OpenOffice.org is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU Lesser General Public License version 3 for more details + * (a copy is included in the LICENSE file that accompanied this code). + * + * You should have received a copy of the GNU Lesser General Public License + * version 3 along with OpenOffice.org. If not, see + * <http://www.openoffice.org/license.html> + * for a copy of the LGPLv3 License. + * + ************************************************************************/ + +// MARKER(update_precomp.py): autogen include statement, do not remove +#include "precompiled_xmlsecurity.hxx" + +#include "encryptionengine.hxx" +#include <com/sun/star/xml/crypto/XXMLEncryptionTemplate.hpp> +#include <com/sun/star/xml/wrapper/XXMLElementWrapper.hpp> +#include <com/sun/star/lang/XMultiServiceFactory.hpp> + +namespace cssu = com::sun::star::uno; +namespace cssl = com::sun::star::lang; +namespace cssxc = com::sun::star::xml::crypto; +namespace cssxw = com::sun::star::xml::wrapper; + +#define ENCRYPTION_TEMPLATE "com.sun.star.xml.crypto.XMLEncryptionTemplate" + +#define DECLARE_ASCII( SASCIIVALUE ) \ + rtl::OUString( RTL_CONSTASCII_USTRINGPARAM( SASCIIVALUE ) ) + +EncryptionEngine::EncryptionEngine( ) + :m_nIdOfBlocker(-1) +{ +} + +bool EncryptionEngine::checkReady() const +/****** EncryptionEngine/checkReady ****************************************** + * + * NAME + * checkReady -- checks the conditions for the main operation. + * + * SYNOPSIS + * bReady = checkReady( ); + * + * FUNCTION + * checks whether all following conditions are satisfied: + * 1. the main operation has't begun yet; + * 2. the key material is known; + * 3. the id of the template blocker is known; + * 4. both the key element and the encryption template + * are bufferred. + * + * INPUTS + * empty + * + * RESULT + * bReady - true if all conditions are satisfied, false otherwise + * + * HISTORY + * 05.01.2004 - implemented + * + * AUTHOR + * Michael Mi + * Email: michael.mi@sun.com + ******************************************************************************/ +{ + bool rc = true; + + sal_Int32 nKeyInc = 0; + if (m_nIdOfKeyEC != 0) + { + nKeyInc = 1; + } + + if (m_bMissionDone || + m_nIdOfKeyEC == -1 || + m_nIdOfBlocker == -1 || + 1+nKeyInc > m_nNumOfResolvedReferences ) + { + rc = false; + } + + return rc; +} + +void EncryptionEngine::tryToPerform( ) + throw (cssu::Exception, cssu::RuntimeException) +/****** EncryptionEngine/tryToPerform **************************************** + * + * NAME + * tryToPerform -- tries to perform the encryption/decryption operation. + * + * SYNOPSIS + * tryToPerform( ); + * + * FUNCTION + * if the situation is ready, perform following operations. + * 1. prepares a encryption template; + * 2. calls the encryption bridge component; + * 3. clears up all used resources; + * 4. notifies the result listener; + * 5. sets the "accomplishment" flag. + * + * INPUTS + * empty + * + * RESULT + * empty + * + * HISTORY + * 05.01.2004 - implemented + * + * AUTHOR + * Michael Mi + * Email: michael.mi@sun.com + ******************************************************************************/ +{ + if (checkReady()) + { + const rtl::OUString sEncryptionTemplate ( + RTL_CONSTASCII_USTRINGPARAM( ENCRYPTION_TEMPLATE ) ); + cssu::Reference < cssxc::XXMLEncryptionTemplate > xEncryptionTemplate( + mxMSF->createInstance( sEncryptionTemplate ), cssu::UNO_QUERY ); + + OSL_ASSERT( xEncryptionTemplate.is() ); + + cssu::Reference< cssxw::XXMLElementWrapper > xXMLElement + = m_xSAXEventKeeper->getElement( m_nIdOfTemplateEC ); + + xEncryptionTemplate->setTemplate(xXMLElement); + + startEngine( xEncryptionTemplate ); + + /* + * done + */ + clearUp( ); + + notifyResultListener(); + + m_bMissionDone = true; + } +} + +void EncryptionEngine::clearUp( ) const +/****** EncryptionEngine/clearup ********************************************* + * + * NAME + * clearUp -- clear up all resources used by this operation. + * + * SYNOPSIS + * clearUp( ); + * + * FUNCTION + * cleaning resources up includes: + * 1. releases the ElementCollector for the encryption template element; + * 2. releases the Blocker for the encryption template element; + * 3. releases the ElementCollector for the key element, if there is one. + * + * INPUTS + * empty + * + * RESULT + * empty + * + * HISTORY + * 05.01.2004 - implemented + * + * AUTHOR + * Michael Mi + * Email: michael.mi@sun.com + ******************************************************************************/ +{ + cssu::Reference < cssxc::sax::XReferenceResolvedBroadcaster > + xReferenceResolvedBroadcaster( m_xSAXEventKeeper, cssu::UNO_QUERY ); + + xReferenceResolvedBroadcaster->removeReferenceResolvedListener( + m_nIdOfTemplateEC, + (const cssu::Reference < cssxc::sax::XReferenceResolvedListener >)((SecurityEngine *)this)); + + m_xSAXEventKeeper->removeElementCollector(m_nIdOfTemplateEC); + + if (m_nIdOfBlocker != -1) + { + m_xSAXEventKeeper->removeBlocker(m_nIdOfBlocker); + } + + if (m_nIdOfKeyEC != 0 && m_nIdOfKeyEC != -1) + { + m_xSAXEventKeeper->removeElementCollector(m_nIdOfKeyEC); + } +} + +/* XBlockerMonitor */ +void SAL_CALL EncryptionEngine::setBlockerId( sal_Int32 id ) + throw (com::sun::star::uno::Exception, com::sun::star::uno::RuntimeException) +{ + m_nIdOfBlocker = id; + tryToPerform(); +} + diff --git a/xmlsecurity/source/framework/encryptionengine.hxx b/xmlsecurity/source/framework/encryptionengine.hxx new file mode 100644 index 000000000000..2e84f50aea69 --- /dev/null +++ b/xmlsecurity/source/framework/encryptionengine.hxx @@ -0,0 +1,106 @@ +/************************************************************************* + * + * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. + * + * Copyright 2008 by Sun Microsystems, Inc. + * + * OpenOffice.org - a multi-platform office productivity suite + * + * $RCSfile: encryptionengine.hxx,v $ + * $Revision: 1.4 $ + * + * This file is part of OpenOffice.org. + * + * OpenOffice.org is free software: you can redistribute it and/or modify + * it under the terms of the GNU Lesser General Public License version 3 + * only, as published by the Free Software Foundation. + * + * OpenOffice.org is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU Lesser General Public License version 3 for more details + * (a copy is included in the LICENSE file that accompanied this code). + * + * You should have received a copy of the GNU Lesser General Public License + * version 3 along with OpenOffice.org. If not, see + * <http://www.openoffice.org/license.html> + * for a copy of the LGPLv3 License. + * + ************************************************************************/ + +#ifndef _ENCRYPTIONENGINE_HXX +#define _ENCRYPTIONENGINE_HXX + +#include <com/sun/star/xml/crypto/sax/XReferenceResolvedListener.hpp> +#include <com/sun/star/xml/crypto/sax/XReferenceResolvedBroadcaster.hpp> +#include <com/sun/star/xml/crypto/sax/XBlockerMonitor.hpp> +#include <com/sun/star/xml/crypto/sax/XKeyCollector.hpp> +#include <com/sun/star/xml/crypto/sax/XMissionTaker.hpp> +#include <com/sun/star/xml/crypto/sax/XSAXEventKeeper.hpp> +#include <com/sun/star/xml/crypto/XXMLSecurityContext.hpp> +#include <com/sun/star/xml/crypto/XXMLEncryption.hpp> +#include <cppuhelper/implbase1.hxx> + +#include "securityengine.hxx" + +class EncryptionEngine : public cppu::ImplInheritanceHelper1 +< + SecurityEngine, + com::sun::star::xml::crypto::sax::XBlockerMonitor +> +/****** encryptionEngine.hxx/CLASS encryptionEngine *************************** + * + * NAME + * EncryptionEngine -- Base class of Encryptor and Decryptor + * + * FUNCTION + * Maintains common members and methods related with encryption. + * + * HISTORY + * 05.01.2004 - Interface supported: XBlockerMonitor + * + * AUTHOR + * Michael Mi + * Email: michael.mi@sun.com + ******************************************************************************/ +{ +protected: + /* + * the Encryption bridge component, which performs encrypt and decrypt + * operation based on xmlsec library. + */ + com::sun::star::uno::Reference< + com::sun::star::xml::crypto::XXMLEncryption > m_xXMLEncryption; + + /* + * the Id of template blocker. + */ + sal_Int32 m_nIdOfBlocker; + +protected: + EncryptionEngine( ); + virtual ~EncryptionEngine(){}; + + virtual void tryToPerform( ) + throw (com::sun::star::uno::Exception, com::sun::star::uno::RuntimeException); + virtual void clearUp( ) const; + virtual bool checkReady() const; + + /* + * starts the main function. This method will be implemented by any sub-class. + * For a Encryptor, it performs encryption operation; + * for a Decryptor, decryption operation is performed. + */ + virtual void startEngine( const com::sun::star::uno::Reference< + com::sun::star::xml::crypto::XXMLEncryptionTemplate >&) + throw (com::sun::star::uno::Exception, com::sun::star::uno::RuntimeException) + {}; + +public: + /* XBlockerMonitor */ + virtual void SAL_CALL setBlockerId( sal_Int32 id ) + throw (com::sun::star::uno::Exception, com::sun::star::uno::RuntimeException); +}; + +#endif + diff --git a/xmlsecurity/source/framework/encryptorimpl.cxx b/xmlsecurity/source/framework/encryptorimpl.cxx new file mode 100644 index 000000000000..80e4c5e854bb --- /dev/null +++ b/xmlsecurity/source/framework/encryptorimpl.cxx @@ -0,0 +1,284 @@ +/************************************************************************* + * + * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. + * + * Copyright 2008 by Sun Microsystems, Inc. + * + * OpenOffice.org - a multi-platform office productivity suite + * + * $RCSfile: encryptorimpl.cxx,v $ + * $Revision: 1.8 $ + * + * This file is part of OpenOffice.org. + * + * OpenOffice.org is free software: you can redistribute it and/or modify + * it under the terms of the GNU Lesser General Public License version 3 + * only, as published by the Free Software Foundation. + * + * OpenOffice.org is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU Lesser General Public License version 3 for more details + * (a copy is included in the LICENSE file that accompanied this code). + * + * You should have received a copy of the GNU Lesser General Public License + * version 3 along with OpenOffice.org. If not, see + * <http://www.openoffice.org/license.html> + * for a copy of the LGPLv3 License. + * + ************************************************************************/ + +// MARKER(update_precomp.py): autogen include statement, do not remove +#include "precompiled_xmlsecurity.hxx" + +#include "encryptorimpl.hxx" +#include <com/sun/star/xml/crypto/XXMLEncryptionTemplate.hpp> +#include <com/sun/star/xml/wrapper/XXMLElementWrapper.hpp> +#include <com/sun/star/lang/XMultiServiceFactory.hpp> + +namespace cssu = com::sun::star::uno; +namespace cssl = com::sun::star::lang; +namespace cssxc = com::sun::star::xml::crypto; +namespace cssxw = com::sun::star::xml::wrapper; + +#define SERVICE_NAME "com.sun.star.xml.crypto.sax.Encryptor" +#define IMPLEMENTATION_NAME "com.sun.star.xml.security.framework.EncryptorImpl" + +#define DECLARE_ASCII( SASCIIVALUE ) \ + rtl::OUString( RTL_CONSTASCII_USTRINGPARAM( SASCIIVALUE ) ) + +EncryptorImpl::EncryptorImpl( const cssu::Reference< cssl::XMultiServiceFactory >& rxMSF) +{ + m_nReferenceId = -1; + mxMSF = rxMSF; +} + +EncryptorImpl::~EncryptorImpl() +{ +} + +bool EncryptorImpl::checkReady() const +/****** EncryptorImpl/checkReady ********************************************* + * + * NAME + * checkReady -- checks the conditions for the encryption. + * + * SYNOPSIS + * bReady = checkReady( ); + * + * FUNCTION + * checks whether all following conditions are satisfied: + * 1. the result listener is ready; + * 2. the EncryptionEngine is ready. + * + * INPUTS + * empty + * + * RESULT + * bReady - true if all conditions are satisfied, false otherwise + * + * HISTORY + * 05.01.2004 - implemented + * + * AUTHOR + * Michael Mi + * Email: michael.mi@sun.com + ******************************************************************************/ +{ + sal_Int32 nKeyInc = 0; + if (m_nIdOfKeyEC != 0) + { + nKeyInc = 1; + } + + return (m_xResultListener.is() && + (m_nReferenceId != -1) && + (2+nKeyInc == m_nNumOfResolvedReferences) && + EncryptionEngine::checkReady()); +} + +void EncryptorImpl::notifyResultListener() const + throw (cssu::Exception, cssu::RuntimeException) +/****** DecryptorImpl/notifyResultListener *********************************** + * + * NAME + * notifyResultListener -- notifies the listener about the encryption + * result. + * + * SYNOPSIS + * notifyResultListener( ); + * + * FUNCTION + * see NAME. + * + * INPUTS + * empty + * + * RESULT + * empty + * + * HISTORY + * 05.01.2004 - implemented + * + * AUTHOR + * Michael Mi + * Email: michael.mi@sun.com + ******************************************************************************/ +{ + cssu::Reference< cssxc::sax::XEncryptionResultListener > + xEncryptionResultListener ( m_xResultListener , cssu::UNO_QUERY ) ; + + xEncryptionResultListener->encrypted( m_nSecurityId, m_nStatus ); +} + +void EncryptorImpl::startEngine( const cssu::Reference< + cssxc::XXMLEncryptionTemplate >& + xEncryptionTemplate) + throw (cssu::Exception, cssu::RuntimeException) +/****** EncryptorImpl/startEngine ******************************************** + * + * NAME + * startEngine -- generates the encryption. + * + * SYNOPSIS + * startEngine( xEncryptionTemplate ); + * + * FUNCTION + * generates the encryption element, then if succeeds, updates the link + * of old template element to the new encryption element in + * SAXEventKeeper. + * + * INPUTS + * xEncryptionTemplate - the encryption template to be encrypted. + * + * RESULT + * empty + * + * HISTORY + * 05.01.2004 - implemented + * + * AUTHOR + * Michael Mi + * Email: michael.mi@sun.com + ******************************************************************************/ +{ + cssu::Reference < cssxc::XXMLEncryptionTemplate > xResultTemplate; + + cssu::Reference< cssxw::XXMLElementWrapper > + xXMLElement = m_xSAXEventKeeper->getElement( m_nReferenceId ); + xEncryptionTemplate->setTarget(xXMLElement); + + try + { + xResultTemplate = m_xXMLEncryption->encrypt( + xEncryptionTemplate, m_xSecurityEnvironment); + m_nStatus = xResultTemplate->getStatus(); + } + catch( cssu::Exception& ) + { + m_nStatus = cssxc::SecurityOperationStatus_RUNTIMEERROR_FAILED; + } + + if (m_nStatus == cssxc::SecurityOperationStatus_OPERATION_SUCCEEDED) + { + cssu::Reference < cssxw::XXMLElementWrapper > xResultEncryption + = xResultTemplate->getTemplate(); + m_xSAXEventKeeper->setElement(m_nIdOfTemplateEC, xResultEncryption); + m_xSAXEventKeeper->setElement(m_nReferenceId, NULL); + } +} + +/* XReferenceCollector */ +void SAL_CALL EncryptorImpl::setReferenceCount(sal_Int32) + throw (cssu::Exception, cssu::RuntimeException) +{ + /* + * dummp method, because there is only one reference in + * encryption, different from signature. + * so the referenceNumber is always 1 + */ +} + +void SAL_CALL EncryptorImpl::setReferenceId( sal_Int32 id ) + throw (cssu::Exception, cssu::RuntimeException) +{ + m_nReferenceId = id; +} + +/* XEncryptionResultBroadcaster */ +void SAL_CALL EncryptorImpl::addEncryptionResultListener( const cssu::Reference< cssxc::sax::XEncryptionResultListener >& listener ) + throw (cssu::Exception, cssu::RuntimeException) +{ + m_xResultListener = listener; + tryToPerform(); +} + +void SAL_CALL EncryptorImpl::removeEncryptionResultListener( const cssu::Reference< cssxc::sax::XEncryptionResultListener >&) + throw (cssu::RuntimeException) +{ +} + +/* XInitialization */ +void SAL_CALL EncryptorImpl::initialize( const cssu::Sequence< cssu::Any >& aArguments ) + throw (cssu::Exception, cssu::RuntimeException) +{ + OSL_ASSERT(aArguments.getLength() == 5); + + rtl::OUString ouTempString; + + aArguments[0] >>= ouTempString; + m_nSecurityId = ouTempString.toInt32(); + aArguments[1] >>= m_xSAXEventKeeper; + aArguments[2] >>= ouTempString; + m_nIdOfTemplateEC = ouTempString.toInt32(); + aArguments[3] >>= m_xSecurityEnvironment; + aArguments[4] >>= m_xXMLEncryption; +} + + +rtl::OUString EncryptorImpl_getImplementationName () + throw (cssu::RuntimeException) +{ + return rtl::OUString ( RTL_CONSTASCII_USTRINGPARAM ( IMPLEMENTATION_NAME ) ); +} + +sal_Bool SAL_CALL EncryptorImpl_supportsService( const rtl::OUString& ServiceName ) + throw (cssu::RuntimeException) +{ + return ServiceName.equalsAsciiL( RTL_CONSTASCII_STRINGPARAM ( SERVICE_NAME )); +} + +cssu::Sequence< rtl::OUString > SAL_CALL EncryptorImpl_getSupportedServiceNames( ) + throw (cssu::RuntimeException) +{ + cssu::Sequence < rtl::OUString > aRet(1); + rtl::OUString* pArray = aRet.getArray(); + pArray[0] = rtl::OUString ( RTL_CONSTASCII_USTRINGPARAM ( SERVICE_NAME ) ); + return aRet; +} +#undef SERVICE_NAME + +cssu::Reference< cssu::XInterface > SAL_CALL EncryptorImpl_createInstance( + const cssu::Reference< cssl::XMultiServiceFactory >& rSMgr) + throw( cssu::Exception ) +{ + return (cppu::OWeakObject*) new EncryptorImpl(rSMgr); +} + +/* XServiceInfo */ +rtl::OUString SAL_CALL EncryptorImpl::getImplementationName( ) + throw (cssu::RuntimeException) +{ + return EncryptorImpl_getImplementationName(); +} +sal_Bool SAL_CALL EncryptorImpl::supportsService( const rtl::OUString& rServiceName ) + throw (cssu::RuntimeException) +{ + return EncryptorImpl_supportsService( rServiceName ); +} +cssu::Sequence< rtl::OUString > SAL_CALL EncryptorImpl::getSupportedServiceNames( ) + throw (cssu::RuntimeException) +{ + return EncryptorImpl_getSupportedServiceNames(); +} + diff --git a/xmlsecurity/source/framework/encryptorimpl.hxx b/xmlsecurity/source/framework/encryptorimpl.hxx new file mode 100644 index 000000000000..0902dfdd2018 --- /dev/null +++ b/xmlsecurity/source/framework/encryptorimpl.hxx @@ -0,0 +1,153 @@ +/************************************************************************* + * + * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. + * + * Copyright 2008 by Sun Microsystems, Inc. + * + * OpenOffice.org - a multi-platform office productivity suite + * + * $RCSfile: encryptorimpl.hxx,v $ + * $Revision: 1.4 $ + * + * This file is part of OpenOffice.org. + * + * OpenOffice.org is free software: you can redistribute it and/or modify + * it under the terms of the GNU Lesser General Public License version 3 + * only, as published by the Free Software Foundation. + * + * OpenOffice.org is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU Lesser General Public License version 3 for more details + * (a copy is included in the LICENSE file that accompanied this code). + * + * You should have received a copy of the GNU Lesser General Public License + * version 3 along with OpenOffice.org. If not, see + * <http://www.openoffice.org/license.html> + * for a copy of the LGPLv3 License. + * + ************************************************************************/ + +#ifndef _ENCRYPTORIMPL_HXX +#define _ENCRYPTORIMPL_HXX + +#include <com/sun/star/xml/crypto/sax/XEncryptionResultBroadcaster.hpp> +#include <com/sun/star/xml/crypto/sax/XEncryptionResultListener.hpp> +#ifndef _COM_SUN_STAR_XML_CRYPTO_SAX_XSIGNATURECOLLECTOR_HPP_ +#include <com/sun/star/xml/crypto/sax/XReferenceCollector.hpp> +#endif +#include <com/sun/star/xml/crypto/XSecurityEnvironment.hpp> +#include <com/sun/star/lang/XInitialization.hpp> +#include <com/sun/star/lang/XServiceInfo.hpp> +#include <cppuhelper/implbase4.hxx> + +#include "encryptionengine.hxx" + +class EncryptorImpl : public cppu::ImplInheritanceHelper4 +< + EncryptionEngine, + com::sun::star::xml::crypto::sax::XEncryptionResultBroadcaster, + com::sun::star::xml::crypto::sax::XReferenceCollector, + com::sun::star::lang::XInitialization, + com::sun::star::lang::XServiceInfo +> +/****** EncryptorImpl.hxx/CLASS EncryptorImpl ********************************* + * + * NAME + * EncryptorImpl -- generates an encryption + * + * FUNCTION + * Collects all resources for an encryption generation, then generates the + * encryption by invoking a xmlsec-based encryption bridge component. + * + * HISTORY + * 05.01.2004 - Interface supported: XInitialization, XServiceInfo + * + * AUTHOR + * Michael Mi + * Email: michael.mi@sun.com + ******************************************************************************/ +{ +private: + /* + * the Id of the encryption, which is used for the result listener to + * identify the encryption. + */ + sal_Int32 m_nEncryptionId; + + /* + * the Id of the element to be encrypted. + */ + sal_Int32 m_nReferenceId; + + /* + * the decryption result, + * remembers whether the encryption succeeds. + */ + bool m_bEncryptionSucceed; + + com::sun::star::uno::Reference< + com::sun::star::xml::crypto::XSecurityEnvironment > m_xSecurityEnvironment; + + virtual void notifyResultListener() const + throw (com::sun::star::uno::Exception, com::sun::star::uno::RuntimeException); + virtual bool checkReady() const; + virtual void startEngine( const com::sun::star::uno::Reference< + com::sun::star::xml::crypto::XXMLEncryptionTemplate >& + xEncryptionTemplate) + throw (com::sun::star::uno::Exception, com::sun::star::uno::RuntimeException); + +public: + explicit EncryptorImpl( const com::sun::star::uno::Reference< + com::sun::star::lang::XMultiServiceFactory >& rxMSF); + virtual ~EncryptorImpl(); + + /* XEncryptionResultBroadcaster */ + virtual void SAL_CALL addEncryptionResultListener( + const com::sun::star::uno::Reference< + com::sun::star::xml::crypto::sax::XEncryptionResultListener >& + listener ) + throw (com::sun::star::uno::Exception, com::sun::star::uno::RuntimeException); + virtual void SAL_CALL removeEncryptionResultListener( + const com::sun::star::uno::Reference< + com::sun::star::xml::crypto::sax::XEncryptionResultListener >& + listener ) + throw (com::sun::star::uno::RuntimeException); + + /* XReferenceCollector */ + virtual void SAL_CALL setReferenceCount( sal_Int32 count ) + throw (com::sun::star::uno::Exception, com::sun::star::uno::RuntimeException); + + virtual void SAL_CALL setReferenceId( sal_Int32 id ) + throw (com::sun::star::uno::Exception, com::sun::star::uno::RuntimeException); + + /* XInitialization */ + virtual void SAL_CALL initialize( + const com::sun::star::uno::Sequence< com::sun::star::uno::Any >& aArguments ) + throw (com::sun::star::uno::Exception, com::sun::star::uno::RuntimeException); + + /* XServiceInfo */ + virtual rtl::OUString SAL_CALL getImplementationName( ) + throw (com::sun::star::uno::RuntimeException); + virtual sal_Bool SAL_CALL supportsService( const rtl::OUString& ServiceName ) + throw (com::sun::star::uno::RuntimeException); + virtual com::sun::star::uno::Sequence< rtl::OUString > SAL_CALL getSupportedServiceNames( ) + throw (com::sun::star::uno::RuntimeException); +}; + +rtl::OUString EncryptorImpl_getImplementationName() + throw ( com::sun::star::uno::RuntimeException ); + +sal_Bool SAL_CALL EncryptorImpl_supportsService( const rtl::OUString& ServiceName ) + throw ( com::sun::star::uno::RuntimeException ); + +com::sun::star::uno::Sequence< rtl::OUString > SAL_CALL EncryptorImpl_getSupportedServiceNames( ) + throw ( com::sun::star::uno::RuntimeException ); + +com::sun::star::uno::Reference< com::sun::star::uno::XInterface > +SAL_CALL EncryptorImpl_createInstance( + const com::sun::star::uno::Reference< com::sun::star::lang::XMultiServiceFactory >& rSMgr) + throw ( com::sun::star::uno::Exception ); + +#endif + diff --git a/xmlsecurity/source/framework/makefile.mk b/xmlsecurity/source/framework/makefile.mk new file mode 100644 index 000000000000..40695739b7b1 --- /dev/null +++ b/xmlsecurity/source/framework/makefile.mk @@ -0,0 +1,65 @@ +#************************************************************************* +# +# DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. +# +# Copyright 2008 by Sun Microsystems, Inc. +# +# OpenOffice.org - a multi-platform office productivity suite +# +# $RCSfile: makefile.mk,v $ +# +# $Revision: 1.4 $ +# +# This file is part of OpenOffice.org. +# +# OpenOffice.org is free software: you can redistribute it and/or modify +# it under the terms of the GNU Lesser General Public License version 3 +# only, as published by the Free Software Foundation. +# +# OpenOffice.org is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU Lesser General Public License version 3 for more details +# (a copy is included in the LICENSE file that accompanied this code). +# +# You should have received a copy of the GNU Lesser General Public License +# version 3 along with OpenOffice.org. If not, see +# <http://www.openoffice.org/license.html> +# for a copy of the LGPLv3 License. +# +#************************************************************************* + +PRJ=..$/.. + +PRJNAME = xmlsecurity +TARGET = fw + +ENABLE_EXCEPTIONS = TRUE + +# --- Settings ----------------------------------------------------- + +.INCLUDE : settings.mk +.INCLUDE : $(PRJ)$/util$/target.pmk + + +# --- Files -------------------------------------------------------- +SLOFILES= \ + $(SLO)$/buffernode.obj \ + $(SLO)$/elementcollector.obj \ + $(SLO)$/elementmark.obj \ + $(SLO)$/securityengine.obj \ + $(SLO)$/signatureengine.obj \ + $(SLO)$/encryptionengine.obj \ + $(SLO)$/signaturecreatorimpl.obj \ + $(SLO)$/signatureverifierimpl.obj \ + $(SLO)$/encryptorimpl.obj \ + $(SLO)$/decryptorimpl.obj \ + $(SLO)$/saxeventkeeperimpl.obj \ + $(SLO)$/xmlencryptiontemplateimpl.obj \ + $(SLO)$/xmlsignaturetemplateimpl.obj \ + $(SLO)$/xsec_framework.obj + +# --- Targets ------------------------------------------------------ + +.INCLUDE : target.mk + diff --git a/xmlsecurity/source/framework/saxeventkeeperimpl.cxx b/xmlsecurity/source/framework/saxeventkeeperimpl.cxx new file mode 100644 index 000000000000..806b1bf3f880 --- /dev/null +++ b/xmlsecurity/source/framework/saxeventkeeperimpl.cxx @@ -0,0 +1,1466 @@ +/************************************************************************* + * + * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. + * + * Copyright 2008 by Sun Microsystems, Inc. + * + * OpenOffice.org - a multi-platform office productivity suite + * + * $RCSfile: saxeventkeeperimpl.cxx,v $ + * $Revision: 1.7 $ + * + * This file is part of OpenOffice.org. + * + * OpenOffice.org is free software: you can redistribute it and/or modify + * it under the terms of the GNU Lesser General Public License version 3 + * only, as published by the Free Software Foundation. + * + * OpenOffice.org is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU Lesser General Public License version 3 for more details + * (a copy is included in the LICENSE file that accompanied this code). + * + * You should have received a copy of the GNU Lesser General Public License + * version 3 along with OpenOffice.org. If not, see + * <http://www.openoffice.org/license.html> + * for a copy of the LGPLv3 License. + * + ************************************************************************/ + +// MARKER(update_precomp.py): autogen include statement, do not remove +#include "precompiled_xmlsecurity.hxx" + +#include "saxeventkeeperimpl.hxx" +#include <com/sun/star/lang/XMultiServiceFactory.hpp> +#include <com/sun/star/xml/sax/XDocumentHandler.hpp> +#include <com/sun/star/xml/crypto/sax/ConstOfSecurityId.hpp> + +namespace cssu = com::sun::star::uno; +namespace cssl = com::sun::star::lang; +namespace cssxc = com::sun::star::xml::crypto; +namespace cssxcsax = com::sun::star::xml::csax; +namespace cssxw = com::sun::star::xml::wrapper; +namespace cssxs = com::sun::star::xml::sax; + +#define SERVICE_NAME "com.sun.star.xml.crypto.sax.SAXEventKeeper" +#define IMPLEMENTATION_NAME "com.sun.star.xml.security.framework.SAXEventKeeperImpl" + +#define _USECOMPRESSEDDOCUMENTHANDLER + +SAXEventKeeperImpl::SAXEventKeeperImpl( ) + :m_pRootBufferNode(NULL), + m_pCurrentBufferNode(NULL), + m_nNextElementMarkId(1), + m_pNewBlocker(NULL), + m_pCurrentBlockingBufferNode(NULL), + m_bIsReleasing(false), + m_bIsForwarding(false) +{ + m_vElementMarkBuffers.reserve(2); + m_vNewElementCollectors.reserve(2); + m_vReleasedElementMarkBuffers.reserve(2); +} + +SAXEventKeeperImpl::~SAXEventKeeperImpl() +{ + /* + * delete the BufferNode tree + */ + if (m_pRootBufferNode != NULL) + { + m_pRootBufferNode->freeAllChildren(); + delete m_pRootBufferNode; + } + + m_pRootBufferNode = m_pCurrentBufferNode = m_pCurrentBlockingBufferNode = NULL; + + /* + * delete all unfreed ElementMarks + */ + m_vNewElementCollectors.clear(); + m_pNewBlocker = NULL; + + std::vector< const ElementMark* >::const_iterator ii = m_vElementMarkBuffers.begin(); + for( ; ii != m_vElementMarkBuffers.end(); ++ii ) + { + delete (*ii); + } + m_vElementMarkBuffers.clear(); +} + +void SAXEventKeeperImpl::setCurrentBufferNode(BufferNode* pBufferNode) +/****** SAXEventKeeperImpl/setCurrentBufferNode ****************************** + * + * NAME + * setCurrentBufferNode -- set a new active BufferNode. + * + * SYNOPSIS + * setCurrentBufferNode( pBufferNode ); + * + * FUNCTION + * connects this BufferNode into the BufferNode tree as a child of the + * current active BufferNode. Then makes this BufferNode as the current + * active BufferNode. + * If the previous active BufferNode points to the root + * BufferNode, which means that no buffering operation was proceeding, + * then notifies the status change listener that buffering operation + * will begin at once. + * + * INPUTS + * pBufferNode - a BufferNode which will be the new active BufferNode + * + * RESULT + * empty + * + * HISTORY + * 05.01.2004 - implemented + * + * AUTHOR + * Michael Mi + * Email: michael.mi@sun.com + ******************************************************************************/ +{ + if (pBufferNode != m_pCurrentBufferNode) + { + if ( m_pCurrentBufferNode == m_pRootBufferNode && + m_xSAXEventKeeperStatusChangeListener.is()) + { + m_xSAXEventKeeperStatusChangeListener->collectionStatusChanged(sal_True); + } + + if (pBufferNode->getParent() == NULL) + { + m_pCurrentBufferNode->addChild(pBufferNode); + pBufferNode->setParent(m_pCurrentBufferNode); + } + + m_pCurrentBufferNode = pBufferNode; + } +} + +BufferNode* SAXEventKeeperImpl::addNewElementMarkBuffers() +/****** SAXEventKeeperImpl/addNewElementMarkBuffers ************************** + * + * NAME + * addNewElementMarkBuffers -- add new ElementCollectors and new Blocker. + * + * SYNOPSIS + * pBufferNode = addNewElementMarkBuffers( ); + * + * FUNCTION + * if there are new ElementCollector or new Blocker to be added, then + * connect all of them with the current BufferNode. In case of the + * current BufferNode doesn't exist, creates one. + * Clears up the new ElementCollector list and the new Blocker pointer. + * + * INPUTS + * empty + * + * RESULT + * pBufferNode - the BufferNode that has been connected with both new + * ElementCollectors and new Blocker. + * + * HISTORY + * 05.01.2004 - implemented + * + * AUTHOR + * Michael Mi + * Email: michael.mi@sun.com + ******************************************************************************/ +{ + BufferNode* pBufferNode = NULL; + + if ( (m_vNewElementCollectors.size()>0) || + (m_pNewBlocker != NULL)) + { + /* + * When the current BufferNode is right pointing to the current + * working element in the XMLDocumentWrapper component, then + * no new BufferNode is needed to create. + * This situation can only happen in the "Forwarding" mode. + */ + if ( (m_pCurrentBufferNode != NULL) && + (m_xXMLDocument->isCurrent(m_pCurrentBufferNode->getXMLElement()))) + { + pBufferNode = m_pCurrentBufferNode; + } + else + { + pBufferNode = new BufferNode(m_xXMLDocument->getCurrentElement()); + } + + if (m_pNewBlocker != NULL) + { + pBufferNode->setBlocker(m_pNewBlocker); + + /* + * If no blocking before, then notify the status change listener that + * the SAXEventKeeper has entered "blocking" status, during which, no + * SAX events will be forwarded to the next document handler. + */ + if (m_pCurrentBlockingBufferNode == NULL) + { + m_pCurrentBlockingBufferNode = pBufferNode; + + if (m_xSAXEventKeeperStatusChangeListener.is()) + { + m_xSAXEventKeeperStatusChangeListener->blockingStatusChanged(sal_True); + } + } + + m_pNewBlocker = NULL; + } + + if (m_vNewElementCollectors.size()>0) + { + std::vector< const ElementCollector* >::const_iterator ii = m_vNewElementCollectors.begin(); + + for( ; ii != m_vNewElementCollectors.end(); ++ii ) + { + pBufferNode->addElementCollector(*ii); + } + + m_vNewElementCollectors.clear(); + } + } + + return pBufferNode; +} + +ElementMark* SAXEventKeeperImpl::findElementMarkBuffer(sal_Int32 nId) const +/****** SAXEventKeeperImpl/findElementMarkBuffer ***************************** + * + * NAME + * findElementMarkBuffer -- finds an ElementMark. + * + * SYNOPSIS + * pElementMark = findElementMarkBuffer( nId ); + * + * FUNCTION + * searches an ElementMark with the particular Id in the ElementMark + * list. + * + * INPUTS + * nId - the Id of the ElementMark to be searched. + * + * RESULT + * pElementMark - the ElementMark with the particular Id, or NULL when + * no such Id exists. + * + * HISTORY + * 05.01.2004 - implemented + * + * AUTHOR + * Michael Mi + * Email: michael.mi@sun.com + ******************************************************************************/ +{ + ElementMark* pElementMark = NULL; + + std::vector< const ElementMark* >::const_iterator ii = m_vElementMarkBuffers.begin(); + + for( ; ii != m_vElementMarkBuffers.end(); ++ii ) + { + if ( nId == (*ii)->getBufferId()) + { + pElementMark = (ElementMark*)*ii; + break; + } + } + + return pElementMark; +} + +void SAXEventKeeperImpl::removeElementMarkBuffer(sal_Int32 nId) +/****** SAXEventKeeperImpl/removeElementMarkBuffer *************************** + * + * NAME + * removeElementMarkBuffer -- removes an ElementMark + * + * SYNOPSIS + * removeElementMarkBuffer( nId ); + * + * FUNCTION + * removes an ElementMark with the particular Id in the ElementMark list. + * + * INPUTS + * nId - the Id of the ElementMark to be removed. + * + * RESULT + * empty + * + * HISTORY + * 05.01.2004 - implemented + * + * AUTHOR + * Michael Mi + * Email: michael.mi@sun.com + ******************************************************************************/ +{ + std::vector< const ElementMark* >::iterator ii = m_vElementMarkBuffers.begin(); + + for( ; ii != m_vElementMarkBuffers.end(); ++ii ) + { + if ( nId == (*ii)->getBufferId()) + { + /* + * checks whether this ElementMark still in the new ElementCollect array + */ + std::vector< const ElementCollector* >::iterator jj = m_vNewElementCollectors.begin(); + for( ; jj != m_vNewElementCollectors.end(); ++jj ) + { + if ((*ii) == (*jj)) + { + m_vNewElementCollectors.erase(jj); + break; + } + } + + /* + * checks whether this ElementMark is the new Blocker + */ + if ((*ii) == m_pNewBlocker) + { + m_pNewBlocker = NULL; + } + + /* + * destory the ElementMark + */ + delete (*ii); + + m_vElementMarkBuffers.erase( ii ); + break; + } + } +} + +rtl::OUString SAXEventKeeperImpl::printBufferNode( + BufferNode* pBufferNode, sal_Int32 nIndent) const +/****** SAXEventKeeperImpl/printBufferNode *********************************** + * + * NAME + * printBufferNode -- retrieves the information of a BufferNode and its + * branch. + * + * SYNOPSIS + * info = printBufferNode( pBufferNode, nIndent ); + * + * FUNCTION + * all retrieved information includes: + * 1. whether it is the current BufferNode; + * 2. whether it is the current blocking BufferNode; + * 3. the name of the parent element; + * 4. the name of this element; + * 5. all ElementCollectors working on this BufferNode; + * 6. the Blocker working on this BufferNode; + * 7. all child BufferNodes' information. + * + * INPUTS + * pBufferNode - the BufferNode from where information will be retrieved. + * nIndent - how many space characters prefixed before the output + * message. + * + * RESULT + * info - the information string + * + * HISTORY + * 05.01.2004 - implemented + * + * AUTHOR + * Michael Mi + * Email: michael.mi@sun.com + ******************************************************************************/ +{ + rtl::OUString rc; + + for ( int i=0; i<nIndent; ++i ) + { + rc += rtl::OUString( RTL_CONSTASCII_USTRINGPARAM( " " )); + } + + if (pBufferNode == m_pCurrentBufferNode) + { + rc += rtl::OUString( RTL_CONSTASCII_USTRINGPARAM( "[%]" )); + } + + if (pBufferNode == m_pCurrentBlockingBufferNode) + { + rc += rtl::OUString( RTL_CONSTASCII_USTRINGPARAM( "[B]" )); + } + + rc += rtl::OUString( RTL_CONSTASCII_USTRINGPARAM( " " )); + rc += m_xXMLDocument->getNodeName(pBufferNode->getXMLElement()); + + BufferNode* pParent = (BufferNode*)pBufferNode->getParent(); + if (pParent != NULL) + { + rc += rtl::OUString( RTL_CONSTASCII_USTRINGPARAM( "[" )); + rc += m_xXMLDocument->getNodeName(pParent->getXMLElement()); + rc += rtl::OUString( RTL_CONSTASCII_USTRINGPARAM( "]" )); + } + + rc += rtl::OUString( RTL_CONSTASCII_USTRINGPARAM( ":EC=" )); + rc += pBufferNode->printChildren(); + rc += rtl::OUString( RTL_CONSTASCII_USTRINGPARAM( " BR=" )); + + ElementMark * pBlocker = pBufferNode->getBlocker(); + if (pBlocker != NULL) + { + rc += rtl::OUString::valueOf( pBlocker->getBufferId() ); + rc += rtl::OUString( RTL_CONSTASCII_USTRINGPARAM( "(SecId=" )); + rc += rtl::OUString::valueOf( pBlocker->getSecurityId() ); + rc += rtl::OUString( RTL_CONSTASCII_USTRINGPARAM( ")" )); + rc += rtl::OUString( RTL_CONSTASCII_USTRINGPARAM( " " )); + } + rc += rtl::OUString( RTL_CONSTASCII_USTRINGPARAM( "\n" )); + + std::vector< const BufferNode* >* vChildren = pBufferNode->getChildren(); + std::vector< const BufferNode* >::const_iterator jj = vChildren->begin(); + for( ; jj != vChildren->end(); ++jj ) + { + rc += printBufferNode((BufferNode *)*jj, nIndent+4); + } + + delete vChildren; + + return rc; +} + +cssu::Sequence< cssu::Reference< cssxw::XXMLElementWrapper > > + SAXEventKeeperImpl::collectChildWorkingElement(BufferNode* pBufferNode) const +/****** SAXEventKeeperImpl/collectChildWorkingElement ************************ + * + * NAME + * collectChildWorkingElement -- collects a BufferNode's all child + * Elements. + * + * SYNOPSIS + * list = collectChildWorkingElement( pBufferNode ); + * + * FUNCTION + * see NAME. + * + * INPUTS + * pBufferNode - the BufferNode whose child Elements will be collected. + * + * RESULT + * list - the child Elements list. + * + * HISTORY + * 05.01.2004 - implemented + * + * AUTHOR + * Michael Mi + * Email: michael.mi@sun.com + ******************************************************************************/ +{ + std::vector< const BufferNode* >* vChildren = pBufferNode->getChildren(); + + cssu::Sequence < cssu::Reference< + cssxw::XXMLElementWrapper > > aChildrenCollection ( vChildren->size()); + + std::vector< const BufferNode* >::const_iterator ii = vChildren->begin(); + + sal_Int32 nIndex = 0; + for( ; ii != vChildren->end(); ++ii ) + { + aChildrenCollection[nIndex] = (*ii)->getXMLElement(); + nIndex++; + } + + delete vChildren; + + return aChildrenCollection; +} + +void SAXEventKeeperImpl::smashBufferNode( + BufferNode* pBufferNode, bool bClearRoot) const +/****** SAXEventKeeperImpl/smashBufferNode *********************************** + * + * NAME + * smashBufferNode -- removes a BufferNode along with its working + * element. + * + * SYNOPSIS + * smashBufferNode( pBufferNode, bClearRoot ); + * + * FUNCTION + * removes the BufferNode's working element from the DOM document, while + * reserves all ancestor paths for its child BufferNodes. + * when any of the BufferNode's ancestor element is useless, removes it + * too. + * removes the BufferNode from the BufferNode tree. + * + * INPUTS + * pBufferNode - the BufferNode to be removed + * bClearRoot - whether the root element also needs to be cleared up. + * + * RESULT + * empty + * + * NOTES + * when removeing a Blocker's BufferNode, the bClearRoot flag should be + * true. Because a Blocker can buffer many SAX events which are not used + * by any other ElementCollector or Blocker. + * When the bClearRoot is set to true, the root BufferNode will be first + * cleared, with a stop flag seting at the next Blocking BufferNode. This + * operation can delete all useless bufferred SAX events which are only + * needed by the Blocker to be deleted. + * + * HISTORY + * 05.01.2004 - implemented + * + * AUTHOR + * Michael Mi + * Email: michael.mi@sun.com + ******************************************************************************/ +{ + if (!pBufferNode->hasAnything()) + { + BufferNode* pParent = (BufferNode*)pBufferNode->getParent(); + + /* + * delete the XML data + */ + if (pParent == m_pRootBufferNode) + { + bool bIsNotBlocking = (m_pCurrentBlockingBufferNode == NULL); + bool bIsBlockInside = false; + bool bIsBlockingAfterward = false; + + /* + * If this is a blocker, then remove any out-element data + * which caused by blocking. The removal process will stop + * at the next blokcer to avoid removing any useful data. + */ + if (bClearRoot) + { + cssu::Sequence< cssu::Reference< cssxw::XXMLElementWrapper > > + aChildElements = collectChildWorkingElement(m_pRootBufferNode); + + /* + * the clearUselessData only clearup the content in the + * node, not the node itself. + */ + m_xXMLDocument->clearUselessData(m_pRootBufferNode->getXMLElement(), + aChildElements, + bIsNotBlocking?(NULL): + (m_pCurrentBlockingBufferNode->getXMLElement())); + + /* + * remove the node if it is empty, then if its parent is also + * empty, remove it, then if the next parent is also empty, + * remove it,..., until parent become null. + */ + m_xXMLDocument->collapse( m_pRootBufferNode->getXMLElement() ); + } + + /* + * if blocking, check the relationship between this BufferNode and + * the current blocking BufferNode. + */ + if ( !bIsNotBlocking ) + { + /* + * the current blocking BufferNode is a descendant of this BufferNode. + */ + bIsBlockInside = (NULL != pBufferNode->isAncestor(m_pCurrentBlockingBufferNode)); + + /* + * the current blocking BufferNode locates behind this BufferNode in tree + * order. + */ + bIsBlockingAfterward = pBufferNode->isPrevious(m_pCurrentBlockingBufferNode); + } + + /* + * this BufferNode's working element needs to be deleted only when + * 1. there is no blocking, or + * 2. the current blocking BufferNode is a descendant of this BufferNode, + * (then in the BufferNode's working element, the useless data before the blocking + * element should be deleted.) or + * 3. the current blocking BufferNode is locates behind this BufferNode in tree, + * (then the useless data between the blocking element and the working element + * should be deleted.). + * Otherwise, this working element should not be deleted. + */ + if ( bIsNotBlocking || bIsBlockInside || bIsBlockingAfterward ) + { + cssu::Sequence< cssu::Reference< cssxw::XXMLElementWrapper > > + aChildElements = collectChildWorkingElement(pBufferNode); + + /* + * the clearUselessData only clearup the content in the + * node, not the node itself. + */ + m_xXMLDocument->clearUselessData(pBufferNode->getXMLElement(), + aChildElements, + bIsBlockInside?(m_pCurrentBlockingBufferNode->getXMLElement()): + (NULL)); + + /* + * remove the node if it is empty, then if its parent is also + * empty, remove it, then if the next parent is also empty, + * remove it,..., until parent become null. + */ + m_xXMLDocument->collapse( pBufferNode->getXMLElement() ); + } + } + + sal_Int32 nIndex = pParent->indexOfChild(pBufferNode); + + std::vector< const BufferNode* >* vChildren = pBufferNode->getChildren(); + pParent->removeChild(pBufferNode); + pBufferNode->setParent(NULL); + + std::vector< const BufferNode * >::const_iterator ii = vChildren->begin(); + for( ; ii != vChildren->end(); ++ii ) + { + ((BufferNode *)(*ii))->setParent(pParent); + pParent->addChild(*ii, nIndex); + nIndex++; + } + + delete vChildren; + + /* + * delete the BufferNode + */ + delete pBufferNode; + } +} + +BufferNode* SAXEventKeeperImpl::findNextBlockingBufferNode( + BufferNode* pStartBufferNode) const +/****** SAXEventKeeperImpl/findNextBlockingBufferNode ************************ + * + * NAME + * findNextBlockingBufferNode -- finds the next blocking BufferNode + * behind the particular BufferNode. + * + * SYNOPSIS + * pBufferNode = findNextBlockingBufferNode( pStartBufferNode ); + * + * FUNCTION + * see NAME. + * + * INPUTS + * pStartBufferNode - the BufferNode from where to search the next + * blocking BufferNode. + * + * RESULT + * pBufferNode - the next blocking BufferNode, or NULL if no such + * BufferNode exists. + * + * HISTORY + * 05.01.2004 - implemented + * + * AUTHOR + * Michael Mi + * Email: michael.mi@sun.com + ******************************************************************************/ +{ + BufferNode* pNext = NULL; + + if (pStartBufferNode != NULL) + { + pNext = pStartBufferNode; + + while (NULL != (pNext = (BufferNode*)pNext->getNextNodeByTreeOrder())) + { + if (pNext->getBlocker() != NULL) + { + break; + } + } + } + + return pNext; +} + +void SAXEventKeeperImpl::diffuse(BufferNode* pBufferNode) const +/****** SAXEventKeeperImpl/diffuse ******************************************* + * + * NAME + * diffuse -- diffuse the notification. + * + * SYNOPSIS + * diffuse( pBufferNode ); + * + * FUNCTION + * diffuse the collecting completion notification from the specific + * BufferNode along its parent link, until an ancestor which is not + * completely received is met. + * + * INPUTS + * pBufferNode - the BufferNode from which the notification will be + * diffused. + * + * RESULT + * empty + * + * HISTORY + * 05.01.2004 - implemented + * + * AUTHOR + * Michael Mi + * Email: michael.mi@sun.com + ******************************************************************************/ +{ + BufferNode* pParent = pBufferNode; + + while(pParent->isAllReceived()) + { + pParent->elementCollectorNotify(); + pParent = (BufferNode*)pParent->getParent(); + } +} + +void SAXEventKeeperImpl::releaseElementMarkBuffer() +/****** SAXEventKeeperImpl/releaseElementMarkBuffer ************************** + * + * NAME + * releaseElementMarkBuffer -- releases useless ElementMarks + * + * SYNOPSIS + * releaseElementMarkBuffer( ); + * + * FUNCTION + * releases each ElementMark in the releasing list + * m_vReleasedElementMarkBuffers. + * The operation differs between an ElementCollector and a Blocker. + * + * INPUTS + * empty + * + * RESULT + * empty + * + * HISTORY + * 05.01.2004 - implemented + * + * AUTHOR + * Michael Mi + * Email: michael.mi@sun.com + ******************************************************************************/ +{ + m_bIsReleasing = true; + while (m_vReleasedElementMarkBuffers.size()>0) + { + std::vector< sal_Int32 >::iterator pId = m_vReleasedElementMarkBuffers.begin(); + sal_Int32 nId = *pId; + m_vReleasedElementMarkBuffers.erase( pId ); + + ElementMark* pElementMark = findElementMarkBuffer(nId); + + if (pElementMark != NULL) + { + if (cssxc::sax::ElementMarkType_ELEMENTCOLLECTOR + == pElementMark->getType()) + /* + * it is a EC + */ + { + ElementCollector* pElementCollector = (ElementCollector*)pElementMark; + + cssxc::sax::ElementMarkPriority nPriority = pElementCollector->getPriority(); + bool bToModify = pElementCollector->getModify(); + + /* + * Delete the EC from the buffer node. + */ + BufferNode* pBufferNode = pElementCollector->getBufferNode(); + pBufferNode->removeElementCollector(pElementCollector); + + if ( nPriority == cssxc::sax::ElementMarkPriority_BEFOREMODIFY) + { + pBufferNode->notifyBranch(); + } + + if (bToModify) + { + pBufferNode->notifyAncestor(); + } + + /* + * delete the ElementMark + */ + pElementCollector = NULL; + pElementMark = NULL; + removeElementMarkBuffer(nId); + + /* + * delete the BufferNode + */ + diffuse(pBufferNode); + smashBufferNode(pBufferNode, false); + } + else + /* + * it is a Blocker + */ + { + /* + * Delete the TH from the buffer node. + */ + BufferNode *pBufferNode = pElementMark->getBufferNode(); + pBufferNode->setBlocker(NULL); + + /* + * If there is a following handler and no blocking now, then + * forward this event + */ + if (m_pCurrentBlockingBufferNode == pBufferNode) + { + /* + * Before forwarding, the next blocking point needs to be + * found. + */ + m_pCurrentBlockingBufferNode = findNextBlockingBufferNode(pBufferNode); + + /* + * Forward the blocked events between these two STHs. + */ + if (m_xNextHandler.is()) + { + BufferNode* pTempCurrentBufferNode = m_pCurrentBufferNode; + BufferNode* pTempCurrentBlockingBufferNode = m_pCurrentBlockingBufferNode; + + m_pCurrentBufferNode = pBufferNode; + m_pCurrentBlockingBufferNode = NULL; + + m_bIsForwarding = true; + + m_xXMLDocument->generateSAXEvents( + m_xNextHandler, + this, + pBufferNode->getXMLElement(), + (pTempCurrentBlockingBufferNode == NULL)?NULL:(pTempCurrentBlockingBufferNode->getXMLElement())); + + m_bIsForwarding = false; + + m_pCurrentBufferNode = pTempCurrentBufferNode; + if (m_pCurrentBlockingBufferNode == NULL) + { + m_pCurrentBlockingBufferNode = pTempCurrentBlockingBufferNode; + } + } + + if (m_pCurrentBlockingBufferNode == NULL && + m_xSAXEventKeeperStatusChangeListener.is()) + { + m_xSAXEventKeeperStatusChangeListener->blockingStatusChanged(sal_False); + } + } + + /* + * delete the ElementMark + */ + pElementMark = NULL; + removeElementMarkBuffer(nId); + + /* + * delete the BufferNode + */ + diffuse(pBufferNode); + smashBufferNode(pBufferNode, true); + } + } + } + + m_bIsReleasing = false; + + if (!m_pRootBufferNode->hasAnything() && + !m_pRootBufferNode->hasChildren() && + m_xSAXEventKeeperStatusChangeListener.is()) + { + m_xSAXEventKeeperStatusChangeListener->bufferStatusChanged(sal_True); + } +} + +void SAXEventKeeperImpl::markElementMarkBuffer(sal_Int32 nId) +/****** SAXEventKeeperImpl/markElementMarkBuffer ***************************** + * + * NAME + * markElementMarkBuffer -- marks an ElementMark to be released + * + * SYNOPSIS + * markElementMarkBuffer( nId ); + * + * FUNCTION + * puts the ElementMark with the particular Id into the releasing list, + * checks whether the releasing process is runing, if not then launch + * this process. + * + * INPUTS + * nId - the Id of the ElementMark which will be released + * + * RESULT + * empty + * + * HISTORY + * 05.01.2004 - implemented + * + * AUTHOR + * Michael Mi + * Email: michael.mi@sun.com + ******************************************************************************/ +{ + m_vReleasedElementMarkBuffers.push_back( nId ); + if ( !m_bIsReleasing ) + { + releaseElementMarkBuffer(); + } +} + +sal_Int32 SAXEventKeeperImpl::createElementCollector( + sal_Int32 nSecurityId, + cssxc::sax::ElementMarkPriority nPriority, + bool bModifyElement, + const cssu::Reference< cssxc::sax::XReferenceResolvedListener >& xReferenceResolvedListener) +/****** SAXEventKeeperImpl/createElementCollector **************************** + * + * NAME + * createElementCollector -- creates a new ElementCollector on the + * incoming element. + * + * SYNOPSIS + * nId = createElementCollector( nSecurityId, nPriority, + * bModifyElement, + * xReferenceResolvedListener ); + * + * FUNCTION + * allocs a new Id, then create an ElementCollector with this Id value. + * Add the new created ElementCollector to the new ElementCollecotor list. + * + * INPUTS + * nSecurityId - the security Id of the new ElementCollector + * nPriority - the prirority of the new ElementCollector + * bModifyElement -whether this BufferNode will modify the content of + * the corresponding element it works on + * xReferenceResolvedListener - the listener for the new ElementCollector. + * + * RESULT + * nId - the Id of the new ElementCollector + * + * HISTORY + * 05.01.2004 - implemented + * + * AUTHOR + * Michael Mi + * Email: michael.mi@sun.com + ******************************************************************************/ +{ + sal_Int32 nId = m_nNextElementMarkId; + m_nNextElementMarkId ++; + + ElementCollector* pElementCollector + = new ElementCollector( + nSecurityId, + nId, + nPriority, + bModifyElement, + xReferenceResolvedListener); + + m_vElementMarkBuffers.push_back( pElementCollector ); + + /* + * All the new EC to initial EC array. + */ + m_vNewElementCollectors.push_back( pElementCollector ); + + return nId; +} + + +sal_Int32 SAXEventKeeperImpl::createBlocker(sal_Int32 nSecurityId) +/****** SAXEventKeeperImpl/createBlocker ************************************* + * + * NAME + * createBlocker -- creates a new Blocker on the incoming element. + * + * SYNOPSIS + * nId = createBlocker( nSecurityId ); + * + * FUNCTION + * see NAME. + * + * INPUTS + * nSecurityId - the security Id of the new Blocker + * + * RESULT + * nId - the Id of the new Blocker + * + * HISTORY + * 05.01.2004 - implemented + * + * AUTHOR + * Michael Mi + * Email: michael.mi@sun.com + ******************************************************************************/ +{ + sal_Int32 nId = m_nNextElementMarkId; + m_nNextElementMarkId ++; + + OSL_ASSERT(m_pNewBlocker == NULL); + + m_pNewBlocker = new ElementMark(nSecurityId, nId); + m_vElementMarkBuffers.push_back( m_pNewBlocker ); + + return nId; +} + +/* XSAXEventKeeper */ +sal_Int32 SAL_CALL SAXEventKeeperImpl::addElementCollector( ) + throw (cssu::RuntimeException) +{ + return createElementCollector( + cssxc::sax::ConstOfSecurityId::UNDEFINEDSECURITYID, + cssxc::sax::ElementMarkPriority_AFTERMODIFY, + false, + NULL); +} + +void SAL_CALL SAXEventKeeperImpl::removeElementCollector( sal_Int32 id ) + throw (cssu::RuntimeException) +{ + markElementMarkBuffer(id); +} + +sal_Int32 SAL_CALL SAXEventKeeperImpl::addBlocker( ) + throw (cssu::RuntimeException) +{ + return createBlocker(cssxc::sax::ConstOfSecurityId::UNDEFINEDSECURITYID); +} + +void SAL_CALL SAXEventKeeperImpl::removeBlocker( sal_Int32 id ) + throw (cssu::RuntimeException) +{ + markElementMarkBuffer(id); +} + +sal_Bool SAL_CALL SAXEventKeeperImpl::isBlocking( ) + throw (cssu::RuntimeException) +{ + return (m_pCurrentBlockingBufferNode != NULL); +} + +cssu::Reference< cssxw::XXMLElementWrapper > SAL_CALL + SAXEventKeeperImpl::getElement( sal_Int32 id ) + throw (cssu::RuntimeException) +{ + cssu::Reference< cssxw::XXMLElementWrapper > rc; + + ElementMark* pElementMark = findElementMarkBuffer(id); + if (pElementMark != NULL) + { + rc = pElementMark->getBufferNode()->getXMLElement(); + } + + return rc; +} + +void SAL_CALL SAXEventKeeperImpl::setElement( + sal_Int32 id, + const cssu::Reference< cssxw::XXMLElementWrapper >& aElement ) + throw (cssu::RuntimeException) +{ + if (aElement.is()) + { + m_xXMLDocument->rebuildIDLink(aElement); + + ElementMark* pElementMark = findElementMarkBuffer(id); + + if (pElementMark != NULL) + { + BufferNode* pBufferNode = pElementMark->getBufferNode(); + if (pBufferNode != NULL) + { + bool bIsCurrent = m_xXMLDocument->isCurrent(pBufferNode->getXMLElement()); + pBufferNode->setXMLElement(aElement); + + if (bIsCurrent) + { + m_xXMLDocument->setCurrentElement(aElement); + } + } + } + } + else + { + removeElementCollector( id ); + } +} + +cssu::Reference< cssxs::XDocumentHandler > SAL_CALL SAXEventKeeperImpl::setNextHandler( + const cssu::Reference< cssxs::XDocumentHandler >& xNewHandler ) + throw (cssu::RuntimeException) +{ + cssu::Reference< cssxs::XDocumentHandler > xOldHandler = m_xNextHandler; + + m_xNextHandler = xNewHandler; + return xOldHandler; +} + +rtl::OUString SAL_CALL SAXEventKeeperImpl::printBufferNodeTree() + throw (cssu::RuntimeException) +{ + rtl::OUString rc; + + rc += rtl::OUString( RTL_CONSTASCII_USTRINGPARAM( "ElementMarkBuffers: size = " )); + rc += rtl::OUString::valueOf((sal_Int32)m_vElementMarkBuffers.size()); + rc += rtl::OUString( RTL_CONSTASCII_USTRINGPARAM( "\nCurrentBufferNode: " )); + rc += m_xXMLDocument->getNodeName(m_pCurrentBufferNode->getXMLElement()); + rc += rtl::OUString( RTL_CONSTASCII_USTRINGPARAM( "\n" )); + rc += printBufferNode(m_pRootBufferNode, 0); + + return rc; +} + +cssu::Reference< cssxw::XXMLElementWrapper > SAL_CALL SAXEventKeeperImpl::getCurrentBlockingNode() + throw (cssu::RuntimeException) +{ + cssu::Reference< cssxw::XXMLElementWrapper > rc; + + if (m_pCurrentBlockingBufferNode != NULL) + { + rc = m_pCurrentBlockingBufferNode->getXMLElement(); + } + + return rc; +} + +/* XSecuritySAXEventKeeper */ +sal_Int32 SAL_CALL SAXEventKeeperImpl::addSecurityElementCollector( + cssxc::sax::ElementMarkPriority priority, + sal_Bool modifyElement ) + throw (cssu::RuntimeException) +{ + return createElementCollector( + cssxc::sax::ConstOfSecurityId::UNDEFINEDSECURITYID, + priority, + modifyElement, + NULL); +} + +sal_Int32 SAL_CALL SAXEventKeeperImpl::cloneElementCollector( + sal_Int32 referenceId, + cssxc::sax::ElementMarkPriority priority ) + throw (cssu::RuntimeException) +{ + sal_Int32 nId = -1; + + ElementCollector* pElementCollector = (ElementCollector*)findElementMarkBuffer(referenceId); + if (pElementCollector != NULL) + { + nId = m_nNextElementMarkId; + m_nNextElementMarkId ++; + + ElementCollector* pClonedOne + = pElementCollector->clone(nId, priority); + + /* + * add this EC into the security data buffer array. + */ + m_vElementMarkBuffers.push_back(pClonedOne); + + /* + * If the reference EC is still in initial EC array, add + * this cloned one into the initial EC array too. + */ + if (pElementCollector->getBufferNode() == NULL) + { + m_vNewElementCollectors.push_back(pClonedOne); + } + } + + return nId; +} + +void SAL_CALL SAXEventKeeperImpl::setSecurityId( sal_Int32 id, sal_Int32 securityId ) + throw (cssu::RuntimeException) +{ + ElementMark* pElementMark = findElementMarkBuffer(id); + if (pElementMark != NULL) + { + pElementMark->setSecurityId(securityId); + } +} + + +/* XReferenceResolvedBroadcaster */ +void SAL_CALL SAXEventKeeperImpl::addReferenceResolvedListener( + sal_Int32 referenceId, + const cssu::Reference< cssxc::sax::XReferenceResolvedListener >& listener ) + throw (cssu::RuntimeException) +{ + ElementCollector* pElementCollector = (ElementCollector*)findElementMarkBuffer(referenceId); + if (pElementCollector != NULL) + { + pElementCollector->setReferenceResolvedListener(listener); + } +} + +void SAL_CALL SAXEventKeeperImpl::removeReferenceResolvedListener( + sal_Int32 /*referenceId*/, + const cssu::Reference< cssxc::sax::XReferenceResolvedListener >&) + throw (cssu::RuntimeException) +{ +} + +/* XSAXEventKeeperStatusChangeBroadcaster */ +void SAL_CALL SAXEventKeeperImpl::addSAXEventKeeperStatusChangeListener( + const cssu::Reference< cssxc::sax::XSAXEventKeeperStatusChangeListener >& listener ) + throw (cssu::RuntimeException) +{ + m_xSAXEventKeeperStatusChangeListener = listener; +} + +void SAL_CALL SAXEventKeeperImpl::removeSAXEventKeeperStatusChangeListener( + const cssu::Reference< cssxc::sax::XSAXEventKeeperStatusChangeListener >&) + throw (cssu::RuntimeException) +{ +} + +/* XDocumentHandler */ +void SAL_CALL SAXEventKeeperImpl::startDocument( ) + throw (cssxs::SAXException, cssu::RuntimeException) +{ + if ( m_xNextHandler.is()) + { + m_xNextHandler->startDocument(); + } +} + +void SAL_CALL SAXEventKeeperImpl::endDocument( ) + throw (cssxs::SAXException, cssu::RuntimeException) +{ + if ( m_xNextHandler.is()) + { + m_xNextHandler->endDocument(); + } +} + +void SAL_CALL SAXEventKeeperImpl::startElement( + const rtl::OUString& aName, + const cssu::Reference< cssxs::XAttributeList >& xAttribs ) + throw (cssxs::SAXException, cssu::RuntimeException) +{ + /* + * If there is a following handler and no blocking now, then + * forward this event + */ + if ((m_pCurrentBlockingBufferNode == NULL) && + (m_xNextHandler.is()) && + (!m_bIsForwarding) && + (m_pNewBlocker == NULL)) + { + m_xNextHandler->startElement(aName, xAttribs); + } + + /* + * If not forwarding, buffer this startElement. + */ + if (!m_bIsForwarding) + { + #ifndef _USECOMPRESSEDDOCUMENTHANDLER + m_xDocumentHandler->startElement(aName, xAttribs); + #else + sal_Int32 nLength = xAttribs->getLength(); + cssu::Sequence< cssxcsax::XMLAttribute > aAttributes (nLength); + + for ( int i = 0; i<nLength; ++i ) + { + aAttributes[i].sName = xAttribs->getNameByIndex((short)i); + aAttributes[i].sValue =xAttribs->getValueByIndex((short)i); + } + + m_xCompressedDocumentHandler->_startElement(aName, aAttributes); + #endif + + } + + BufferNode* pBufferNode = addNewElementMarkBuffers(); + if (pBufferNode != NULL) + { + setCurrentBufferNode(pBufferNode); + } +} + +void SAL_CALL SAXEventKeeperImpl::endElement( const rtl::OUString& aName ) + throw (cssxs::SAXException, cssu::RuntimeException) +{ + sal_Bool bIsCurrent = m_xXMLDocument->isCurrent(m_pCurrentBufferNode->getXMLElement()); + + /* + * If there is a following handler and no blocking now, then + * forward this event + */ + if ((m_pCurrentBlockingBufferNode == NULL) && + (m_xNextHandler.is()) && + (!m_bIsForwarding)) + { + m_xNextHandler->endElement(aName); + } + + if ((m_pCurrentBlockingBufferNode != NULL) || + (m_pCurrentBufferNode != m_pRootBufferNode) || + (!m_xXMLDocument->isCurrentElementEmpty())) + { + if (!m_bIsForwarding) + { + #ifndef _USECOMPRESSEDDOCUMENTHANDLER + m_xDocumentHandler->endElement(aName); + #else + m_xCompressedDocumentHandler->_endElement(aName); + #endif + } + + /* + * If the current buffer node has not notified yet, and + * the current buffer node is waiting for the current element, + * then let it notify. + */ + if (bIsCurrent && (m_pCurrentBufferNode != m_pRootBufferNode)) + { + BufferNode* pOldCurrentBufferNode = m_pCurrentBufferNode; + m_pCurrentBufferNode = (BufferNode*)m_pCurrentBufferNode->getParent(); + + pOldCurrentBufferNode->setReceivedAll(); + + if ((m_pCurrentBufferNode == m_pRootBufferNode) && + m_xSAXEventKeeperStatusChangeListener.is()) + { + m_xSAXEventKeeperStatusChangeListener->collectionStatusChanged(sal_False); + } + } + } + else + { + if (!m_bIsForwarding) + { + m_xXMLDocument->removeCurrentElement(); + } + } +} + +void SAL_CALL SAXEventKeeperImpl::characters( const rtl::OUString& aChars ) + throw (cssxs::SAXException, cssu::RuntimeException) +{ + if (!m_bIsForwarding) + { + if ((m_pCurrentBlockingBufferNode == NULL) && m_xNextHandler.is()) + { + m_xNextHandler->characters(aChars); + } + + if ((m_pCurrentBlockingBufferNode != NULL) || + (m_pCurrentBufferNode != m_pRootBufferNode)) + { + #ifndef _USECOMPRESSEDDOCUMENTHANDLER + m_xDocumentHandler->characters(aChars); + #else + m_xCompressedDocumentHandler->_characters(aChars); + #endif + } + } +} + +void SAL_CALL SAXEventKeeperImpl::ignorableWhitespace( const rtl::OUString& aWhitespaces ) + throw (cssxs::SAXException, cssu::RuntimeException) +{ + characters( aWhitespaces ); +} + +void SAL_CALL SAXEventKeeperImpl::processingInstruction( + const rtl::OUString& aTarget, const rtl::OUString& aData ) + throw (cssxs::SAXException, cssu::RuntimeException) +{ + if (!m_bIsForwarding) + { + if ((m_pCurrentBlockingBufferNode == NULL) && m_xNextHandler.is()) + { + m_xNextHandler->processingInstruction(aTarget, aData); + } + + if ((m_pCurrentBlockingBufferNode != NULL) || + (m_pCurrentBufferNode != m_pRootBufferNode)) + { + #ifndef _USECOMPRESSEDDOCUMENTHANDLER + m_xDocumentHandler->processingInstruction(aTarget, aData); + #else + m_xCompressedDocumentHandler->_processingInstruction(aTarget, aData); + #endif + } + } +} + +void SAL_CALL SAXEventKeeperImpl::setDocumentLocator( const cssu::Reference< cssxs::XLocator >&) + throw (cssxs::SAXException, cssu::RuntimeException) +{ +} + +/* XInitialization */ +void SAL_CALL SAXEventKeeperImpl::initialize( const cssu::Sequence< cssu::Any >& aArguments ) + throw (cssu::Exception, cssu::RuntimeException) +{ + OSL_ASSERT(aArguments.getLength() == 1); + + aArguments[0] >>= m_xXMLDocument; + m_xDocumentHandler = cssu::Reference< cssxs::XDocumentHandler >( + m_xXMLDocument, cssu::UNO_QUERY ); + m_xCompressedDocumentHandler = cssu::Reference< cssxcsax::XCompressedDocumentHandler >( + m_xXMLDocument, cssu::UNO_QUERY ); + + m_pRootBufferNode = new BufferNode(m_xXMLDocument->getCurrentElement()); + m_pCurrentBufferNode = m_pRootBufferNode; +} + +rtl::OUString SAXEventKeeperImpl_getImplementationName () + throw (cssu::RuntimeException) +{ + return rtl::OUString ( RTL_CONSTASCII_USTRINGPARAM ( IMPLEMENTATION_NAME ) ); +} + +sal_Bool SAL_CALL SAXEventKeeperImpl_supportsService( const rtl::OUString& ServiceName ) + throw (cssu::RuntimeException) +{ + return ServiceName.equalsAsciiL( RTL_CONSTASCII_STRINGPARAM ( SERVICE_NAME )); +} + +cssu::Sequence< rtl::OUString > SAL_CALL SAXEventKeeperImpl_getSupportedServiceNames( ) + throw (cssu::RuntimeException) +{ + cssu::Sequence < rtl::OUString > aRet(1); + rtl::OUString* pArray = aRet.getArray(); + pArray[0] = rtl::OUString ( RTL_CONSTASCII_USTRINGPARAM ( SERVICE_NAME ) ); + return aRet; +} +#undef SERVICE_NAME + +cssu::Reference< cssu::XInterface > SAL_CALL SAXEventKeeperImpl_createInstance( + const cssu::Reference< cssl::XMultiServiceFactory > &) + throw( cssu::Exception ) +{ + return (cppu::OWeakObject*) new SAXEventKeeperImpl(); +} + +/* XServiceInfo */ +rtl::OUString SAL_CALL SAXEventKeeperImpl::getImplementationName( ) + throw (cssu::RuntimeException) +{ + return SAXEventKeeperImpl_getImplementationName(); +} +sal_Bool SAL_CALL SAXEventKeeperImpl::supportsService( const rtl::OUString& rServiceName ) + throw (cssu::RuntimeException) +{ + return SAXEventKeeperImpl_supportsService( rServiceName ); +} +cssu::Sequence< rtl::OUString > SAL_CALL SAXEventKeeperImpl::getSupportedServiceNames( ) + throw (cssu::RuntimeException) +{ + return SAXEventKeeperImpl_getSupportedServiceNames(); +} + diff --git a/xmlsecurity/source/framework/saxeventkeeperimpl.hxx b/xmlsecurity/source/framework/saxeventkeeperimpl.hxx new file mode 100644 index 000000000000..38a070a4f95a --- /dev/null +++ b/xmlsecurity/source/framework/saxeventkeeperimpl.hxx @@ -0,0 +1,372 @@ +/************************************************************************* + * + * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. + * + * Copyright 2008 by Sun Microsystems, Inc. + * + * OpenOffice.org - a multi-platform office productivity suite + * + * $RCSfile: saxeventkeeperimpl.hxx,v $ + * $Revision: 1.4 $ + * + * This file is part of OpenOffice.org. + * + * OpenOffice.org is free software: you can redistribute it and/or modify + * it under the terms of the GNU Lesser General Public License version 3 + * only, as published by the Free Software Foundation. + * + * OpenOffice.org is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU Lesser General Public License version 3 for more details + * (a copy is included in the LICENSE file that accompanied this code). + * + * You should have received a copy of the GNU Lesser General Public License + * version 3 along with OpenOffice.org. If not, see + * <http://www.openoffice.org/license.html> + * for a copy of the LGPLv3 License. + * + ************************************************************************/ + +#ifndef _SAXEVENTKEEPERIMPL_HXX +#define _SAXEVENTKEEPERIMPL_HXX + +#include <com/sun/star/xml/crypto/sax/XSecuritySAXEventKeeper.hpp> +#include <com/sun/star/xml/crypto/sax/XReferenceResolvedBroadcaster.hpp> +#include <com/sun/star/xml/crypto/sax/XSAXEventKeeperStatusChangeBroadcaster.hpp> +#include <com/sun/star/xml/crypto/sax/XSAXEventKeeperStatusChangeListener.hpp> +#include <com/sun/star/xml/csax/XCompressedDocumentHandler.hpp> +#include <com/sun/star/xml/wrapper/XXMLDocumentWrapper.hpp> +#include <com/sun/star/xml/sax/XDocumentHandler.hpp> +#include <com/sun/star/lang/XInitialization.hpp> +#include <com/sun/star/lang/XServiceInfo.hpp> +#include <cppuhelper/implbase6.hxx> + +#include "buffernode.hxx" +#include "elementmark.hxx" +#include "elementcollector.hxx" + +#ifndef INCLUDED_VECTOR +#include <vector> +#define INCLUDED_VECTOR +#endif + +class SAXEventKeeperImpl : public cppu::WeakImplHelper6 +< + com::sun::star::xml::crypto::sax::XSecuritySAXEventKeeper, + com::sun::star::xml::crypto::sax::XReferenceResolvedBroadcaster, + com::sun::star::xml::crypto::sax::XSAXEventKeeperStatusChangeBroadcaster, + com::sun::star::xml::sax::XDocumentHandler, + com::sun::star::lang::XInitialization, + com::sun::star::lang::XServiceInfo +> +/****** SAXEventKeeperImpl.hxx/CLASS SAXEventKeeperImpl *********************** + * + * NAME + * SAXEventKeeperImpl -- SAX events buffer controller + * + * FUNCTION + * Controls SAX events to be bufferred, and controls bufferred SAX events + * to be released. + * + * HISTORY + * 05.01.2004 - Interface supported: XSecuritySAXEventKeeper, + * XReferenceResolvedBroadcaster, + * XSAXEventKeeperStatusChangeBroadcaster, + * XDocumentHandler, XInitialization, XServiceInfo + * + * AUTHOR + * Michael Mi + * Email: michael.mi@sun.com + ******************************************************************************/ +{ +private: + /* + * the XMLDocumentWrapper component which maintains all bufferred SAX + * in DOM format. + */ + com::sun::star::uno::Reference< + com::sun::star::xml::wrapper::XXMLDocumentWrapper > + m_xXMLDocument; + + /* + * the document handler provided by the XMLDocumentWrapper component. + */ + com::sun::star::uno::Reference< + com::sun::star::xml::sax::XDocumentHandler > m_xDocumentHandler; + + /* + * the compressed document handler provided by the XMLDocumentWrapper + * component, the handler has more effient method definition that the + * normal document handler. + */ + com::sun::star::uno::Reference< + com::sun::star::xml::csax::XCompressedDocumentHandler > + m_xCompressedDocumentHandler; + + /* + * a listener which receives this SAXEventKeeper's status change + * notification. + * Based on the status changes, the listener can decide whether the + * SAXEventKeeper should chain on/chain off the SAX chain, or whether + * the SAXEventKeeper is useless any long. + */ + com::sun::star::uno::Reference< + com::sun::star::xml::crypto::sax::XSAXEventKeeperStatusChangeListener > + m_xSAXEventKeeperStatusChangeListener; + + /* + * the root node of the BufferNode tree. + * the BufferNode tree is used to keep track of all bufferred elements, + * it has the same structure with the document which maintains those + * elements physically. + */ + BufferNode* m_pRootBufferNode; + + /* + * the current active BufferNode. + * this is used to keep track the current location in the BufferNode tree, + * the next generated BufferNode will become a child BufferNode of it. + */ + BufferNode* m_pCurrentBufferNode; + + /* + * the next Id for a coming ElementMark. + * the variable is increased by 1 when an new ElementMark is generated, + * in this way, we can promise the Id of any ElementMark is unique. + */ + sal_Int32 m_nNextElementMarkId; + + /* + * maintains a collection of all ElementMarks. + */ + std::vector< const ElementMark* > m_vElementMarkBuffers; + + /* + * maintains a list of new ElementCollectors that will be created + * on the element represented by the next incoming startElement SAX + * event. + * The reason that such the m_vNewElementCollectors is necessary + * is: when an ElementCollector is asked to create, it can't be + * created completely at once, because the BufferNode it will be + * working on has not been created until the next startElement + * SAX event comes. + */ + std::vector< const ElementCollector* > m_vNewElementCollectors; + + /* + * maintains the new Blocker that will be created + * on the element represented by the next incoming startElement SAX + * event. + */ + ElementMark* m_pNewBlocker; + + /* + * the document handler to which all received SAX events will be + * forwarded. + */ + com::sun::star::uno::Reference< + com::sun::star::xml::sax::XDocumentHandler > m_xNextHandler; + + /* + * the current BufferNode which prevents the SAX events to be + * forwarded to the m_xNextHandler. + */ + BufferNode* m_pCurrentBlockingBufferNode; + + /* + * maintains a list of ElementMark that has been asked to release. + * Because during processing a request of releasing an ElementMark, + * another releasing ElementMark request can be invoked. To avoid + * reentering the same method, a such request only add that ElementMark + * into this ElementMark list, then all ElementMarks will be processed in + * order. + */ + std::vector< sal_Int32 > m_vReleasedElementMarkBuffers; + + /* + * a flag to indicate whether the ElementMark releasing process is runing. + * When a releasing request comes, the assigned ElementMark is added to + * the m_vReleasedElementMarkBuffers first, then this flag is checked. + * If the ElementMark releasing process is not running, then call that + * method. + */ + bool m_bIsReleasing; + + /* + * a flag to indicate whether it is the "Forwarding" mode now. + * A "Forwarding" mode means that all received SAX events are from the + * XMLDocumentWrapper component, instead of up-stream component in the + * SAX chain. + * The difference between "Forwarding" mode and normal mode is that: + * no SAX events need to be transferred to the XMLDocumentWrapper component + * again even if a buffer request happens. + */ + bool m_bIsForwarding; + + void setCurrentBufferNode(BufferNode* pBufferNode); + + BufferNode* addNewElementMarkBuffers(); + + ElementMark* findElementMarkBuffer(sal_Int32 nId) const; + + void removeElementMarkBuffer(sal_Int32 nId); + + rtl::OUString printBufferNode( + BufferNode* pBufferNode, sal_Int32 nIndent) const; + + com::sun::star::uno::Sequence< com::sun::star::uno::Reference< + com::sun::star::xml::wrapper::XXMLElementWrapper > > + collectChildWorkingElement(BufferNode* pBufferNode) const; + + void smashBufferNode( + BufferNode* pBufferNode, bool bClearRoot) const; + + BufferNode* findNextBlockingBufferNode( + BufferNode* pStartBufferNode) const; + + void diffuse(BufferNode* pBufferNode) const; + + void releaseElementMarkBuffer(); + + void markElementMarkBuffer(sal_Int32 nId); + + sal_Int32 createElementCollector( + sal_Int32 nSecurityId, + com::sun::star::xml::crypto::sax::ElementMarkPriority nPriority, + bool bModifyElement, + const com::sun::star::uno::Reference< + com::sun::star::xml::crypto::sax::XReferenceResolvedListener>& + xReferenceResolvedListener); + + sal_Int32 createBlocker(sal_Int32 nSecurityId); + +public: + SAXEventKeeperImpl(); + virtual ~SAXEventKeeperImpl(); + + /* XSAXEventKeeper */ + virtual sal_Int32 SAL_CALL addElementCollector( ) + throw (com::sun::star::uno::RuntimeException); + virtual void SAL_CALL removeElementCollector( sal_Int32 id ) + throw (com::sun::star::uno::RuntimeException); + virtual sal_Int32 SAL_CALL addBlocker( ) + throw (com::sun::star::uno::RuntimeException); + virtual void SAL_CALL removeBlocker( sal_Int32 id ) + throw (com::sun::star::uno::RuntimeException); + virtual sal_Bool SAL_CALL isBlocking( ) + throw (com::sun::star::uno::RuntimeException); + virtual com::sun::star::uno::Reference< + com::sun::star::xml::wrapper::XXMLElementWrapper > SAL_CALL + getElement( sal_Int32 id ) + throw (com::sun::star::uno::RuntimeException); + virtual void SAL_CALL setElement( + sal_Int32 id, + const com::sun::star::uno::Reference< + com::sun::star::xml::wrapper::XXMLElementWrapper >& + aElement ) + throw (com::sun::star::uno::RuntimeException); + virtual com::sun::star::uno::Reference< + com::sun::star::xml::sax::XDocumentHandler > SAL_CALL + setNextHandler( const com::sun::star::uno::Reference< + com::sun::star::xml::sax::XDocumentHandler >& xNewHandler ) + throw (com::sun::star::uno::RuntimeException); + virtual rtl::OUString SAL_CALL printBufferNodeTree() + throw (com::sun::star::uno::RuntimeException); + virtual com::sun::star::uno::Reference< + com::sun::star::xml::wrapper::XXMLElementWrapper > SAL_CALL + getCurrentBlockingNode() + throw (com::sun::star::uno::RuntimeException); + + /* XSecuritySAXEventKeeper */ + virtual sal_Int32 SAL_CALL addSecurityElementCollector( + com::sun::star::xml::crypto::sax::ElementMarkPriority priority, + sal_Bool modifyElement ) + throw (com::sun::star::uno::RuntimeException); + virtual sal_Int32 SAL_CALL cloneElementCollector( + sal_Int32 referenceId, + com::sun::star::xml::crypto::sax::ElementMarkPriority priority ) + throw (com::sun::star::uno::RuntimeException); + virtual void SAL_CALL setSecurityId( sal_Int32 id, sal_Int32 securityId ) + throw (com::sun::star::uno::RuntimeException); + + /* XReferenceResolvedBroadcaster */ + virtual void SAL_CALL addReferenceResolvedListener( + sal_Int32 referenceId, + const com::sun::star::uno::Reference< + com::sun::star::xml::crypto::sax::XReferenceResolvedListener >& + listener ) + throw (com::sun::star::uno::RuntimeException); + virtual void SAL_CALL removeReferenceResolvedListener( + sal_Int32 referenceId, + const com::sun::star::uno::Reference< + com::sun::star::xml::crypto::sax::XReferenceResolvedListener >& + listener ) + throw (com::sun::star::uno::RuntimeException); + + /* XSAXEventKeeperStatusChangeBroadcaster */ + virtual void SAL_CALL addSAXEventKeeperStatusChangeListener( + const com::sun::star::uno::Reference< + com::sun::star::xml::crypto::sax::XSAXEventKeeperStatusChangeListener >& + listener ) + throw (com::sun::star::uno::RuntimeException); + virtual void SAL_CALL removeSAXEventKeeperStatusChangeListener( + const com::sun::star::uno::Reference< + com::sun::star::xml::crypto::sax::XSAXEventKeeperStatusChangeListener >& + listener ) + throw (com::sun::star::uno::RuntimeException); + + /* XDocumentHandler */ + virtual void SAL_CALL startDocument( ) + throw (com::sun::star::xml::sax::SAXException, com::sun::star::uno::RuntimeException); + virtual void SAL_CALL endDocument( ) + throw (com::sun::star::xml::sax::SAXException, com::sun::star::uno::RuntimeException); + virtual void SAL_CALL startElement( + const rtl::OUString& aName, + const com::sun::star::uno::Reference< com::sun::star::xml::sax::XAttributeList >& + xAttribs ) + throw (com::sun::star::xml::sax::SAXException, com::sun::star::uno::RuntimeException); + virtual void SAL_CALL endElement( const rtl::OUString& aName ) + throw (com::sun::star::xml::sax::SAXException, com::sun::star::uno::RuntimeException); + virtual void SAL_CALL characters( const rtl::OUString& aChars ) + throw (com::sun::star::xml::sax::SAXException, com::sun::star::uno::RuntimeException); + virtual void SAL_CALL ignorableWhitespace( const rtl::OUString& aWhitespaces ) + throw (com::sun::star::xml::sax::SAXException, com::sun::star::uno::RuntimeException); + virtual void SAL_CALL processingInstruction( + const rtl::OUString& aTarget, const rtl::OUString& aData ) + throw (com::sun::star::xml::sax::SAXException, com::sun::star::uno::RuntimeException); + virtual void SAL_CALL setDocumentLocator( + const com::sun::star::uno::Reference< com::sun::star::xml::sax::XLocator >& xLocator ) + throw (com::sun::star::xml::sax::SAXException, com::sun::star::uno::RuntimeException); + + /* XInitialization */ + virtual void SAL_CALL initialize( + const com::sun::star::uno::Sequence< com::sun::star::uno::Any >& aArguments ) + throw (com::sun::star::uno::Exception, com::sun::star::uno::RuntimeException); + + /* XServiceInfo */ + virtual rtl::OUString SAL_CALL getImplementationName( ) + throw (com::sun::star::uno::RuntimeException); + virtual sal_Bool SAL_CALL supportsService( const rtl::OUString& ServiceName ) + throw (com::sun::star::uno::RuntimeException); + virtual com::sun::star::uno::Sequence< rtl::OUString > SAL_CALL getSupportedServiceNames( ) + throw (com::sun::star::uno::RuntimeException); +}; + +rtl::OUString SAXEventKeeperImpl_getImplementationName() + throw ( com::sun::star::uno::RuntimeException ); + +sal_Bool SAL_CALL SAXEventKeeperImpl_supportsService( const rtl::OUString& ServiceName ) + throw ( com::sun::star::uno::RuntimeException ); + +com::sun::star::uno::Sequence< rtl::OUString > SAL_CALL SAXEventKeeperImpl_getSupportedServiceNames( ) + throw ( com::sun::star::uno::RuntimeException ); + +com::sun::star::uno::Reference< com::sun::star::uno::XInterface > +SAL_CALL SAXEventKeeperImpl_createInstance( const com::sun::star::uno::Reference< com::sun::star::lang::XMultiServiceFactory > & rSMgr) + throw ( com::sun::star::uno::Exception ); + +#endif + + + diff --git a/xmlsecurity/source/framework/securityengine.cxx b/xmlsecurity/source/framework/securityengine.cxx new file mode 100644 index 000000000000..eb205bbd7d71 --- /dev/null +++ b/xmlsecurity/source/framework/securityengine.cxx @@ -0,0 +1,91 @@ +/************************************************************************* + * + * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. + * + * Copyright 2008 by Sun Microsystems, Inc. + * + * OpenOffice.org - a multi-platform office productivity suite + * + * $RCSfile: securityengine.cxx,v $ + * $Revision: 1.7 $ + * + * This file is part of OpenOffice.org. + * + * OpenOffice.org is free software: you can redistribute it and/or modify + * it under the terms of the GNU Lesser General Public License version 3 + * only, as published by the Free Software Foundation. + * + * OpenOffice.org is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU Lesser General Public License version 3 for more details + * (a copy is included in the LICENSE file that accompanied this code). + * + * You should have received a copy of the GNU Lesser General Public License + * version 3 along with OpenOffice.org. If not, see + * <http://www.openoffice.org/license.html> + * for a copy of the LGPLv3 License. + * + ************************************************************************/ + +// MARKER(update_precomp.py): autogen include statement, do not remove +#include "precompiled_xmlsecurity.hxx" + +#include "securityengine.hxx" +#include <com/sun/star/lang/XMultiServiceFactory.hpp> + +namespace cssu = com::sun::star::uno; +namespace cssl = com::sun::star::lang; +namespace cssxc = com::sun::star::xml::crypto; +namespace cssxw = com::sun::star::xml::wrapper; + +#define DECLARE_ASCII( SASCIIVALUE ) \ + rtl::OUString( RTL_CONSTASCII_USTRINGPARAM( SASCIIVALUE ) ) + +SecurityEngine::SecurityEngine( const cssu::Reference< cssl::XMultiServiceFactory >& rxMSF ) + :mxMSF( rxMSF ), + m_nIdOfTemplateEC(-1), + m_nNumOfResolvedReferences(0), + m_nIdOfKeyEC(-1), + m_bMissionDone(false), + m_nSecurityId(-1), + m_nStatus(::com::sun::star::xml::crypto::SecurityOperationStatus_UNKNOWN) +{ +} + +/* XReferenceResolvedListener */ +void SAL_CALL SecurityEngine::referenceResolved( sal_Int32 /*referenceId*/) + throw (com::sun::star::uno::Exception, com::sun::star::uno::RuntimeException) +{ + m_nNumOfResolvedReferences++; + tryToPerform(); +} + +/* XKeyCollector */ +void SAL_CALL SecurityEngine::setKeyId( sal_Int32 id ) + throw (com::sun::star::uno::Exception, com::sun::star::uno::RuntimeException) +{ + m_nIdOfKeyEC = id; + tryToPerform(); +} + +/* XMissionTaker */ +sal_Bool SAL_CALL SecurityEngine::endMission( ) + throw (com::sun::star::uno::RuntimeException) +{ + sal_Bool rc = m_bMissionDone; + + if (!rc) + { + clearUp( ); + + notifyResultListener(); + m_bMissionDone = true; + } + + m_xResultListener = NULL; + m_xSAXEventKeeper = NULL; + + return rc; +} + diff --git a/xmlsecurity/source/framework/securityengine.hxx b/xmlsecurity/source/framework/securityengine.hxx new file mode 100644 index 000000000000..0e25576d2b40 --- /dev/null +++ b/xmlsecurity/source/framework/securityengine.hxx @@ -0,0 +1,175 @@ +/************************************************************************* + * + * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. + * + * Copyright 2008 by Sun Microsystems, Inc. + * + * OpenOffice.org - a multi-platform office productivity suite + * + * $RCSfile: securityengine.hxx,v $ + * $Revision: 1.5 $ + * + * This file is part of OpenOffice.org. + * + * OpenOffice.org is free software: you can redistribute it and/or modify + * it under the terms of the GNU Lesser General Public License version 3 + * only, as published by the Free Software Foundation. + * + * OpenOffice.org is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU Lesser General Public License version 3 for more details + * (a copy is included in the LICENSE file that accompanied this code). + * + * You should have received a copy of the GNU Lesser General Public License + * version 3 along with OpenOffice.org. If not, see + * <http://www.openoffice.org/license.html> + * for a copy of the LGPLv3 License. + * + ************************************************************************/ + +#ifndef _SECURITYENGINE_HXX +#define _SECURITYENGINE_HXX + +#include <com/sun/star/xml/crypto/sax/XReferenceResolvedListener.hpp> +#include <com/sun/star/xml/crypto/sax/XReferenceResolvedBroadcaster.hpp> +#include <com/sun/star/xml/crypto/sax/XKeyCollector.hpp> +#include <com/sun/star/xml/crypto/sax/XMissionTaker.hpp> +#include <com/sun/star/xml/crypto/sax/XSAXEventKeeper.hpp> +#include <com/sun/star/xml/crypto/XXMLSignature.hpp> + +#include <cppuhelper/implbase3.hxx> + +class SecurityEngine : public cppu::WeakImplHelper3 +< + com::sun::star::xml::crypto::sax::XReferenceResolvedListener, + com::sun::star::xml::crypto::sax::XKeyCollector, + com::sun::star::xml::crypto::sax::XMissionTaker +> +/****** securityengine.hxx/CLASS SecurityEngine ******************************* + * + * NAME + * SecurityEngine -- Base class of SignatureEngine and EncryptionEngine + * + * FUNCTION + * Maintains common members and methods related with security engine + * operation. + * + * HISTORY + * 05.01.2004 - Interface supported: XReferenceResolvedListener, + * XKeyCollector, and XMissionTaker + * + * AUTHOR + * Michael Mi + * Email: michael.mi@sun.com + ******************************************************************************/ +{ +protected: + com::sun::star::uno::Reference< + com::sun::star::lang::XMultiServiceFactory > mxMSF; + + /* + * A SAXEventKeeper internally maintians all resources that a security + * operation needs. The m_xSAXEventKeeper member is used to release + * those resources when the security operation finishes. + */ + com::sun::star::uno::Reference< + com::sun::star::xml::crypto::sax::XSAXEventKeeper > m_xSAXEventKeeper; + + /* + * the id of ElementCollector of the template element. + * For a signature, the template element is the Signature element, + * for a encryption, the EncryptedData/EncryptedKey element is. + */ + sal_Int32 m_nIdOfTemplateEC; + + /* + * remembers how many referenced elements have been bufferred completely, + * including the key element, template element, and referenced element of + * signature. + */ + sal_Int32 m_nNumOfResolvedReferences; + + /* + * the id of ElementCollector of the key element. + * If a Signature element or EncryptedData/EncryptedKey element has + * an internal key sub-element, then this member should be -1 + */ + sal_Int32 m_nIdOfKeyEC; + + /* + * remembers whether the current opertion has finished. + */ + bool m_bMissionDone; + + /* + * the Id of the security entity, a signature or encryption, which is used for + * the result listener to identify the entity. + */ + sal_Int32 m_nSecurityId; + + /* + * the status of the operation + */ + //bool m_bOperationSucceed; + com::sun::star::xml::crypto::SecurityOperationStatus m_nStatus; + + /* + * the result listener, which will receives the security operation result. + */ + com::sun::star::uno::Reference< + com::sun::star::uno::XInterface > + m_xResultListener; + +protected: + explicit SecurityEngine( const com::sun::star::uno::Reference< + com::sun::star::lang::XMultiServiceFactory >& rxMSF = NULL ); + virtual ~SecurityEngine() {}; + + /* + * perform the security operation. + * Any derived class will implement this method respectively. + */ + virtual void tryToPerform( ) + throw (com::sun::star::uno::Exception, com::sun::star::uno::RuntimeException){}; + + /* + * clear up all resources used by this operation. + * This method is called after the operation finishes, or a End-Your-Mission + * message is received. + * Any derived class will implement this method respectively. + */ + virtual void clearUp( ) const {}; + + /* + * notifies any possible result listener. + * When verify a signature or conduct a decryption, the operation result will + * be transferred to a listener by this method. + * Any derived class will implement this method respectively. + */ + virtual void notifyResultListener() const + throw (com::sun::star::uno::Exception, com::sun::star::uno::RuntimeException) + {}; + + /* + * checks whether everything is ready. + * Any derived class will implement this method respectively. + */ + virtual bool checkReady() const { return true; }; + +public: + /* XReferenceResolvedListener */ + virtual void SAL_CALL referenceResolved( sal_Int32 referenceId ) + throw (com::sun::star::uno::Exception, com::sun::star::uno::RuntimeException); + + /* XKeyCollector */ + virtual void SAL_CALL setKeyId( sal_Int32 id ) + throw (com::sun::star::uno::Exception, com::sun::star::uno::RuntimeException); + + /* XMissionTaker */ + virtual sal_Bool SAL_CALL endMission( ) + throw (com::sun::star::uno::RuntimeException); +}; + +#endif + diff --git a/xmlsecurity/source/framework/signaturecreatorimpl.cxx b/xmlsecurity/source/framework/signaturecreatorimpl.cxx new file mode 100644 index 000000000000..049cc03575d8 --- /dev/null +++ b/xmlsecurity/source/framework/signaturecreatorimpl.cxx @@ -0,0 +1,300 @@ +/************************************************************************* + * + * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. + * + * Copyright 2008 by Sun Microsystems, Inc. + * + * OpenOffice.org - a multi-platform office productivity suite + * + * $RCSfile: signaturecreatorimpl.cxx,v $ + * $Revision: 1.8 $ + * + * This file is part of OpenOffice.org. + * + * OpenOffice.org is free software: you can redistribute it and/or modify + * it under the terms of the GNU Lesser General Public License version 3 + * only, as published by the Free Software Foundation. + * + * OpenOffice.org is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU Lesser General Public License version 3 for more details + * (a copy is included in the LICENSE file that accompanied this code). + * + * You should have received a copy of the GNU Lesser General Public License + * version 3 along with OpenOffice.org. If not, see + * <http://www.openoffice.org/license.html> + * for a copy of the LGPLv3 License. + * + ************************************************************************/ + +// MARKER(update_precomp.py): autogen include statement, do not remove +#include "precompiled_xmlsecurity.hxx" + +#include "signaturecreatorimpl.hxx" +#include <com/sun/star/xml/crypto/XXMLSignatureTemplate.hpp> +#include <com/sun/star/xml/wrapper/XXMLElementWrapper.hpp> +#include <com/sun/star/lang/XMultiServiceFactory.hpp> + +namespace cssu = com::sun::star::uno; +namespace cssl = com::sun::star::lang; +namespace cssxc = com::sun::star::xml::crypto; +namespace cssxw = com::sun::star::xml::wrapper; + +#define SERVICE_NAME "com.sun.star.xml.crypto.sax.SignatureCreator" +#define IMPLEMENTATION_NAME "com.sun.star.xml.security.framework.SignatureCreatorImpl" + +#define DECLARE_ASCII( SASCIIVALUE ) \ + rtl::OUString( RTL_CONSTASCII_USTRINGPARAM( SASCIIVALUE ) ) + +SignatureCreatorImpl::SignatureCreatorImpl( const cssu::Reference< cssl::XMultiServiceFactory >& rxMSF ) + :m_nIdOfBlocker(-1) +{ + mxMSF = rxMSF; +} + +SignatureCreatorImpl::~SignatureCreatorImpl( ) +{ +} + +bool SignatureCreatorImpl::checkReady() const +/****** SignatureCreatorImpl/checkReady ************************************** + * + * NAME + * checkReady -- checks the conditions for the signature generation. + * + * SYNOPSIS + * bReady = checkReady( ); + * + * FUNCTION + * checks whether all following conditions are satisfied: + * 1. the result listener is ready; + * 2. the id of the template blocker is known; + * 3. the SignatureEngine is ready. + * + * INPUTS + * empty + * + * RESULT + * bReady - true if all conditions are satisfied, false otherwise + * + * HISTORY + * 05.01.2004 - implemented + * + * AUTHOR + * Michael Mi + * Email: michael.mi@sun.com + ******************************************************************************/ +{ + return (m_xResultListener.is() && + (m_nIdOfBlocker != -1) && + SignatureEngine::checkReady()); +} + +void SignatureCreatorImpl::notifyResultListener() const + throw (cssu::Exception, cssu::RuntimeException) +/****** SignatureCreatorImpl/notifyResultListener ***************************** + * + * NAME + * notifyResultListener -- notifies the listener about the signature + * creation result. + * + * SYNOPSIS + * notifyResultListener( ); + * + * FUNCTION + * see NAME. + * + * INPUTS + * empty + * + * RESULT + * empty + * + * HISTORY + * 05.01.2004 - implemented + * + * AUTHOR + * Michael Mi + * Email: michael.mi@sun.com + ******************************************************************************/ +{ + cssu::Reference< cssxc::sax::XSignatureCreationResultListener > + xSignatureCreationResultListener ( m_xResultListener , cssu::UNO_QUERY ) ; + + xSignatureCreationResultListener->signatureCreated( m_nSecurityId, m_nStatus ); +} + +void SignatureCreatorImpl::startEngine( const cssu::Reference< + cssxc::XXMLSignatureTemplate >& + xSignatureTemplate) + throw (cssu::Exception, cssu::RuntimeException) +/****** SignatureCreatorImpl/startEngine ************************************* + * + * NAME + * startEngine -- generates the signature. + * + * SYNOPSIS + * startEngine( xSignatureTemplate ); + * + * FUNCTION + * generates the signature element, then if succeeds, updates the link + * of old template element to the new signature element in + * SAXEventKeeper. + * + * INPUTS + * xSignatureTemplate - the signature template (along with all referenced + * elements) to be signed. + * + * RESULT + * empty + * + * HISTORY + * 05.01.2004 - implemented + * + * AUTHOR + * Michael Mi + * Email: michael.mi@sun.com + ******************************************************************************/ +{ + cssu::Reference< cssxc::XXMLSignatureTemplate > xResultTemplate; + try + { + xResultTemplate = m_xXMLSignature->generate(xSignatureTemplate, m_xSecurityEnvironment); + m_nStatus = xResultTemplate->getStatus(); + } + catch( cssu::Exception& ) + { + m_nStatus = cssxc::SecurityOperationStatus_RUNTIMEERROR_FAILED; + } + + if (m_nStatus == cssxc::SecurityOperationStatus_OPERATION_SUCCEEDED) + { + cssu::Reference < cssxw::XXMLElementWrapper > xResultSignature = xResultTemplate->getTemplate(); + m_xSAXEventKeeper->setElement(m_nIdOfTemplateEC, xResultSignature); + } +} + +void SignatureCreatorImpl::clearUp() const +/****** SignatureCreatorImpl/clearUp ***************************************** + * + * NAME + * clearUp -- clear up all resources used by the signature generation. + * + * SYNOPSIS + * clearUp( ); + * + * FUNCTION + * cleaning resources up includes: + * 1. SignatureEngine's clearing up; + * 2. releases the Blocker for the signature template element. + * + * INPUTS + * empty + * + * RESULT + * empty + * + * HISTORY + * 05.01.2004 - implemented + * + * AUTHOR + * Michael Mi + * Email: michael.mi@sun.com + ******************************************************************************/ +{ + SignatureEngine::clearUp(); + + if (m_nIdOfBlocker != -1) + { + m_xSAXEventKeeper->removeBlocker(m_nIdOfBlocker); + } +} + +/* XBlockerMonitor */ +void SAL_CALL SignatureCreatorImpl::setBlockerId( sal_Int32 id ) + throw (cssu::Exception, cssu::RuntimeException) +{ + m_nIdOfBlocker = id; + tryToPerform(); +} + +/* XSignatureCreationResultBroadcaster */ +void SAL_CALL SignatureCreatorImpl::addSignatureCreationResultListener( + const cssu::Reference< cssxc::sax::XSignatureCreationResultListener >& listener ) + throw (cssu::Exception, cssu::RuntimeException) +{ + m_xResultListener = listener; + tryToPerform(); +} + +void SAL_CALL SignatureCreatorImpl::removeSignatureCreationResultListener( + const cssu::Reference< cssxc::sax::XSignatureCreationResultListener >&) + throw (cssu::RuntimeException) +{ +} + +/* XInitialization */ +void SAL_CALL SignatureCreatorImpl::initialize( const cssu::Sequence< cssu::Any >& aArguments ) + throw (cssu::Exception, cssu::RuntimeException) +{ + OSL_ASSERT(aArguments.getLength() == 5); + + rtl::OUString ouTempString; + + aArguments[0] >>= ouTempString; + m_nSecurityId = ouTempString.toInt32(); + aArguments[1] >>= m_xSAXEventKeeper; + aArguments[2] >>= ouTempString; + m_nIdOfTemplateEC = ouTempString.toInt32(); + aArguments[3] >>= m_xSecurityEnvironment; + aArguments[4] >>= m_xXMLSignature; +} + + +rtl::OUString SignatureCreatorImpl_getImplementationName () + throw (cssu::RuntimeException) +{ + return rtl::OUString ( RTL_CONSTASCII_USTRINGPARAM ( IMPLEMENTATION_NAME ) ); +} + +sal_Bool SAL_CALL SignatureCreatorImpl_supportsService( const rtl::OUString& ServiceName ) + throw (cssu::RuntimeException) +{ + return ServiceName.equalsAsciiL( RTL_CONSTASCII_STRINGPARAM ( SERVICE_NAME )); +} + +cssu::Sequence< rtl::OUString > SAL_CALL SignatureCreatorImpl_getSupportedServiceNames( ) + throw (cssu::RuntimeException) +{ + cssu::Sequence < rtl::OUString > aRet(1); + rtl::OUString* pArray = aRet.getArray(); + pArray[0] = rtl::OUString ( RTL_CONSTASCII_USTRINGPARAM ( SERVICE_NAME ) ); + return aRet; +} +#undef SERVICE_NAME + +cssu::Reference< cssu::XInterface > SAL_CALL SignatureCreatorImpl_createInstance( + const cssu::Reference< cssl::XMultiServiceFactory >& rSMgr) + throw( cssu::Exception ) +{ + return (cppu::OWeakObject*) new SignatureCreatorImpl( rSMgr ); +} + +/* XServiceInfo */ +rtl::OUString SAL_CALL SignatureCreatorImpl::getImplementationName( ) + throw (cssu::RuntimeException) +{ + return SignatureCreatorImpl_getImplementationName(); +} +sal_Bool SAL_CALL SignatureCreatorImpl::supportsService( const rtl::OUString& rServiceName ) + throw (cssu::RuntimeException) +{ + return SignatureCreatorImpl_supportsService( rServiceName ); +} +cssu::Sequence< rtl::OUString > SAL_CALL SignatureCreatorImpl::getSupportedServiceNames( ) + throw (cssu::RuntimeException) +{ + return SignatureCreatorImpl_getSupportedServiceNames(); +} + diff --git a/xmlsecurity/source/framework/signaturecreatorimpl.hxx b/xmlsecurity/source/framework/signaturecreatorimpl.hxx new file mode 100644 index 000000000000..2582b7506ec1 --- /dev/null +++ b/xmlsecurity/source/framework/signaturecreatorimpl.hxx @@ -0,0 +1,150 @@ +/************************************************************************* + * + * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. + * + * Copyright 2008 by Sun Microsystems, Inc. + * + * OpenOffice.org - a multi-platform office productivity suite + * + * $RCSfile: signaturecreatorimpl.hxx,v $ + * $Revision: 1.4 $ + * + * This file is part of OpenOffice.org. + * + * OpenOffice.org is free software: you can redistribute it and/or modify + * it under the terms of the GNU Lesser General Public License version 3 + * only, as published by the Free Software Foundation. + * + * OpenOffice.org is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU Lesser General Public License version 3 for more details + * (a copy is included in the LICENSE file that accompanied this code). + * + * You should have received a copy of the GNU Lesser General Public License + * version 3 along with OpenOffice.org. If not, see + * <http://www.openoffice.org/license.html> + * for a copy of the LGPLv3 License. + * + ************************************************************************/ + +#ifndef _SIGNATURECREATORIMPL_HXX +#define _SIGNATURECREATORIMPL_HXX + +#include <com/sun/star/xml/crypto/sax/XBlockerMonitor.hpp> +#include <com/sun/star/xml/crypto/sax/XSignatureCreationResultListener.hpp> +#include <com/sun/star/xml/crypto/sax/XSignatureCreationResultBroadcaster.hpp> +#include <com/sun/star/xml/crypto/XSecurityEnvironment.hpp> +#include <com/sun/star/lang/XInitialization.hpp> +#include <com/sun/star/lang/XServiceInfo.hpp> +#include <cppuhelper/implbase4.hxx> + +#include "signatureengine.hxx" + +class SignatureCreatorImpl : public cppu::ImplInheritanceHelper4 +< + SignatureEngine, + com::sun::star::xml::crypto::sax::XBlockerMonitor, + com::sun::star::xml::crypto::sax::XSignatureCreationResultBroadcaster, + com::sun::star::lang::XInitialization, + com::sun::star::lang::XServiceInfo +> +/****** SignatureCreatorImpl.hxx/CLASS SignatureCreatorImpl ******************* + * + * NAME + * SignatureCreatorImpl -- generates a signature + * + * FUNCTION + * Collects all resources for a signature generation, then generates the + * signature by invoking a xmlsec-based signature bridge component. + * + * HISTORY + * 05.01.2004 - Interface supported: XBlockerMonitor, + * XInitialization, XServiceInfo + * + * AUTHOR + * Michael Mi + * Email: michael.mi@sun.com + ******************************************************************************/ +{ +private: + /* + * the Id of the signature, which is used for the result listener to + * identify the signature. + */ + sal_Int32 m_nSignatureId; + + /* + * the Id of template blocker. + */ + sal_Int32 m_nIdOfBlocker; + + /* + * the signature creation result + */ + bool m_bCreationSucceed; + + com::sun::star::uno::Reference< + com::sun::star::xml::crypto::XSecurityEnvironment > m_xSecurityEnvironment; + + virtual void notifyResultListener() const + throw (com::sun::star::uno::Exception, com::sun::star::uno::RuntimeException); + virtual void clearUp( ) const; + virtual bool checkReady() const; + virtual void startEngine( const com::sun::star::uno::Reference< + com::sun::star::xml::crypto::XXMLSignatureTemplate >& + xSignatureTemplate) + throw (com::sun::star::uno::Exception, com::sun::star::uno::RuntimeException); + +public: + explicit SignatureCreatorImpl( const com::sun::star::uno::Reference< + com::sun::star::lang::XMultiServiceFactory >& rxMSF); + virtual ~SignatureCreatorImpl(); + + /* XBlockerMonitor */ + virtual void SAL_CALL setBlockerId( sal_Int32 id ) + throw (com::sun::star::uno::Exception, com::sun::star::uno::RuntimeException); + + /* XSignatureCreationResultBroadcaster */ + void SAL_CALL addSignatureCreationResultListener( + const com::sun::star::uno::Reference< + com::sun::star::xml::crypto::sax::XSignatureCreationResultListener >& listener ) + throw (com::sun::star::uno::Exception, com::sun::star::uno::RuntimeException); + + void SAL_CALL removeSignatureCreationResultListener( + const com::sun::star::uno::Reference< + com::sun::star::xml::crypto::sax::XSignatureCreationResultListener >& listener ) + throw (com::sun::star::uno::RuntimeException); + + /* XInitialization */ + virtual void SAL_CALL initialize( + const com::sun::star::uno::Sequence< com::sun::star::uno::Any >& aArguments ) + throw (com::sun::star::uno::Exception, com::sun::star::uno::RuntimeException); + + /* XServiceInfo */ + virtual rtl::OUString SAL_CALL getImplementationName( ) + throw (com::sun::star::uno::RuntimeException); + virtual sal_Bool SAL_CALL supportsService( const rtl::OUString& ServiceName ) + throw (com::sun::star::uno::RuntimeException); + virtual com::sun::star::uno::Sequence< rtl::OUString > SAL_CALL getSupportedServiceNames( ) + throw (com::sun::star::uno::RuntimeException); +}; + +rtl::OUString SignatureCreatorImpl_getImplementationName() + throw ( com::sun::star::uno::RuntimeException ); + +sal_Bool SAL_CALL SignatureCreatorImpl_supportsService( const rtl::OUString& ServiceName ) + throw ( com::sun::star::uno::RuntimeException ); + +com::sun::star::uno::Sequence< rtl::OUString > SAL_CALL SignatureCreatorImpl_getSupportedServiceNames( ) + throw ( com::sun::star::uno::RuntimeException ); + +com::sun::star::uno::Reference< com::sun::star::uno::XInterface > +SAL_CALL SignatureCreatorImpl_createInstance( + const com::sun::star::uno::Reference< com::sun::star::lang::XMultiServiceFactory > & rSMgr) + throw ( com::sun::star::uno::Exception ); + +#endif + + + diff --git a/xmlsecurity/source/framework/signatureengine.cxx b/xmlsecurity/source/framework/signatureengine.cxx new file mode 100644 index 000000000000..160fcd8c30ca --- /dev/null +++ b/xmlsecurity/source/framework/signatureengine.cxx @@ -0,0 +1,271 @@ +/************************************************************************* + * + * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. + * + * Copyright 2008 by Sun Microsystems, Inc. + * + * OpenOffice.org - a multi-platform office productivity suite + * + * $RCSfile: signatureengine.cxx,v $ + * $Revision: 1.4 $ + * + * This file is part of OpenOffice.org. + * + * OpenOffice.org is free software: you can redistribute it and/or modify + * it under the terms of the GNU Lesser General Public License version 3 + * only, as published by the Free Software Foundation. + * + * OpenOffice.org is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU Lesser General Public License version 3 for more details + * (a copy is included in the LICENSE file that accompanied this code). + * + * You should have received a copy of the GNU Lesser General Public License + * version 3 along with OpenOffice.org. If not, see + * <http://www.openoffice.org/license.html> + * for a copy of the LGPLv3 License. + * + ************************************************************************/ + +// MARKER(update_precomp.py): autogen include statement, do not remove +#include "precompiled_xmlsecurity.hxx" + +#include "signatureengine.hxx" +#include <com/sun/star/xml/crypto/XXMLSignatureTemplate.hpp> +#include <com/sun/star/xml/wrapper/XXMLElementWrapper.hpp> +#include <com/sun/star/lang/XMultiServiceFactory.hpp> + +namespace cssu = com::sun::star::uno; +namespace cssl = com::sun::star::lang; +namespace cssxc = com::sun::star::xml::crypto; +namespace cssxw = com::sun::star::xml::wrapper; + +#define SIGNATURE_TEMPLATE "com.sun.star.xml.crypto.XMLSignatureTemplate" + +#define DECLARE_ASCII( SASCIIVALUE ) \ + rtl::OUString( RTL_CONSTASCII_USTRINGPARAM( SASCIIVALUE ) ) + +SignatureEngine::SignatureEngine( ) + :m_nTotalReferenceNumber(-1) +{ +} + +bool SignatureEngine::checkReady() const +/****** SignatureEngine/checkReady ******************************************* + * + * NAME + * checkReady -- checks the conditions for the main operation. + * + * SYNOPSIS + * bReady = checkReady( ); + * + * FUNCTION + * checks whether all following conditions are satisfied: + * 1. the main operation has't begun yet; + * 2. the key material is known; + * 3. the amount of reference is known; + * 4. all of referenced elements, the key element and the signature + * template are bufferred. + * + * INPUTS + * empty + * + * RESULT + * bReady - true if all conditions are satisfied, false otherwise + * + * HISTORY + * 05.01.2004 - implemented + * + * AUTHOR + * Michael Mi + * Email: michael.mi@sun.com + ******************************************************************************/ +{ + bool rc = true; + + sal_Int32 nKeyInc = 0; + if (m_nIdOfKeyEC != 0) + { + nKeyInc = 1; + } + + if (m_bMissionDone || + m_nIdOfKeyEC == -1 || + m_nTotalReferenceNumber == -1 || + m_nTotalReferenceNumber+1+nKeyInc > m_nNumOfResolvedReferences) + { + rc = false; + } + + return rc; +} + +void SignatureEngine::tryToPerform( ) + throw (cssu::Exception, cssu::RuntimeException) +/****** SignatureEngine/tryToPerform ***************************************** + * + * NAME + * tryToPerform -- tries to perform the signature operation. + * + * SYNOPSIS + * tryToPerform( ); + * + * FUNCTION + * if the situation is ready, perform following operations. + * 1. prepares a signature template; + * 2. calls the signature bridge component; + * 3. clears up all used resources; + * 4. notifies the result listener; + * 5. sets the "accomplishment" flag. + * + * INPUTS + * empty + * + * RESULT + * empty + * + * HISTORY + * 05.01.2004 - implemented + * + * AUTHOR + * Michael Mi + * Email: michael.mi@sun.com + ******************************************************************************/ +{ + if (checkReady()) + { + const rtl::OUString ouSignatureTemplate ( + RTL_CONSTASCII_USTRINGPARAM( SIGNATURE_TEMPLATE ) ); + cssu::Reference < cssxc::XXMLSignatureTemplate > + xSignatureTemplate( mxMSF->createInstance( ouSignatureTemplate ), cssu::UNO_QUERY ); + + OSL_ASSERT( xSignatureTemplate.is() ); + + cssu::Reference< cssxw::XXMLElementWrapper > + xXMLElement = m_xSAXEventKeeper->getElement( m_nIdOfTemplateEC ); + + xSignatureTemplate->setTemplate(xXMLElement); + + std::vector< sal_Int32 >::const_iterator ii = m_vReferenceIds.begin(); + + for( ; ii != m_vReferenceIds.end() ; ++ii ) + { + xXMLElement = m_xSAXEventKeeper->getElement( *ii ); + xSignatureTemplate->setTarget(xXMLElement); + } + + /* + * set the Uri binding + */ + xSignatureTemplate->setBinding( this ); + + startEngine( xSignatureTemplate ); + + /* + * done + */ + clearUp( ); + + notifyResultListener(); + + m_bMissionDone = true; + } +} + +void SignatureEngine::clearUp( ) const +/****** SignatureEngine/clearUp ********************************************** + * + * NAME + * clearUp -- clear up all resources used by this operation. + * + * SYNOPSIS + * clearUp( ); + * + * FUNCTION + * cleaning resources up includes: + * 1. releases the ElementCollector for the signature template element; + * 2. releases ElementCollectors for referenced elements; + * 3. releases the ElementCollector for the key element, if there is one. + * + * INPUTS + * empty + * + * RESULT + * empty + * + * HISTORY + * 05.01.2004 - implemented + * + * AUTHOR + * Michael Mi + * Email: michael.mi@sun.com + ******************************************************************************/ +{ + cssu::Reference < cssxc::sax::XReferenceResolvedBroadcaster > + xReferenceResolvedBroadcaster( m_xSAXEventKeeper, cssu::UNO_QUERY ); + xReferenceResolvedBroadcaster->removeReferenceResolvedListener( + m_nIdOfTemplateEC, + (const cssu::Reference < cssxc::sax::XReferenceResolvedListener >)((SecurityEngine *)this)); + + m_xSAXEventKeeper->removeElementCollector(m_nIdOfTemplateEC); + + std::vector< sal_Int32 >::const_iterator ii = m_vReferenceIds.begin(); + + for( ; ii != m_vReferenceIds.end() ; ++ii ) + { + xReferenceResolvedBroadcaster->removeReferenceResolvedListener( + *ii, + (const cssu::Reference < cssxc::sax::XReferenceResolvedListener >)((SecurityEngine *)this)); + m_xSAXEventKeeper->removeElementCollector(*ii); + } + + if (m_nIdOfKeyEC != 0 && m_nIdOfKeyEC != -1) + { + m_xSAXEventKeeper->removeElementCollector(m_nIdOfKeyEC); + } +} + +/* XReferenceCollector */ +void SAL_CALL SignatureEngine::setReferenceCount( sal_Int32 count ) + throw (cssu::Exception, cssu::RuntimeException) +{ + m_nTotalReferenceNumber = count; + tryToPerform(); +} + +void SAL_CALL SignatureEngine::setReferenceId( sal_Int32 id ) + throw (cssu::Exception, cssu::RuntimeException) +{ + m_vReferenceIds.push_back( id ); +} + +/* XUriBinding */ +void SAL_CALL SignatureEngine::setUriBinding( + const rtl::OUString& uri, + const cssu::Reference< com::sun::star::io::XInputStream >& aInputStream ) + throw (cssu::Exception, cssu::RuntimeException) +{ + m_vUris.push_back(uri); + m_vXInputStreams.push_back(aInputStream); +} + +cssu::Reference< com::sun::star::io::XInputStream > SAL_CALL SignatureEngine::getUriBinding( const rtl::OUString& uri ) + throw (cssu::Exception, cssu::RuntimeException) +{ + cssu::Reference< com::sun::star::io::XInputStream > xInputStream; + + int size = m_vUris.size(); + + for( int i=0; i<size; ++i) + { + if (m_vUris[i] == uri) + { + xInputStream = m_vXInputStreams[i]; + break; + } + } + + return xInputStream; +} + diff --git a/xmlsecurity/source/framework/signatureengine.hxx b/xmlsecurity/source/framework/signatureengine.hxx new file mode 100644 index 000000000000..c28c6c0d36e3 --- /dev/null +++ b/xmlsecurity/source/framework/signatureengine.hxx @@ -0,0 +1,147 @@ +/************************************************************************* + * + * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. + * + * Copyright 2008 by Sun Microsystems, Inc. + * + * OpenOffice.org - a multi-platform office productivity suite + * + * $RCSfile: signatureengine.hxx,v $ + * $Revision: 1.4 $ + * + * This file is part of OpenOffice.org. + * + * OpenOffice.org is free software: you can redistribute it and/or modify + * it under the terms of the GNU Lesser General Public License version 3 + * only, as published by the Free Software Foundation. + * + * OpenOffice.org is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU Lesser General Public License version 3 for more details + * (a copy is included in the LICENSE file that accompanied this code). + * + * You should have received a copy of the GNU Lesser General Public License + * version 3 along with OpenOffice.org. If not, see + * <http://www.openoffice.org/license.html> + * for a copy of the LGPLv3 License. + * + ************************************************************************/ + +#ifndef _SIGNATUREENGINE_HXX +#define _SIGNATUREENGINE_HXX + +#include <com/sun/star/xml/crypto/sax/XReferenceResolvedListener.hpp> +#include <com/sun/star/xml/crypto/sax/XReferenceResolvedBroadcaster.hpp> +#ifndef _COM_SUN_STAR_XML_CRYPTO_SAX_XSIGNATURECOLLECTOR_HPP_ +#include <com/sun/star/xml/crypto/sax/XReferenceCollector.hpp> +#endif +#include <com/sun/star/xml/crypto/sax/XKeyCollector.hpp> +#include <com/sun/star/xml/crypto/sax/XMissionTaker.hpp> +#include <com/sun/star/xml/crypto/sax/XSAXEventKeeper.hpp> +#include <com/sun/star/xml/crypto/XXMLSecurityContext.hpp> +#include <com/sun/star/xml/crypto/XXMLSignature.hpp> +#include <com/sun/star/xml/crypto/XUriBinding.hpp> +#include <com/sun/star/io/XInputStream.hpp> + +#include <cppuhelper/implbase2.hxx> + +#include "securityengine.hxx" + +#ifndef INCLUDED_VECTOR +#include <vector> +#define INCLUDED_VECTOR +#endif + +class SignatureEngine : public cppu::ImplInheritanceHelper2 +< + SecurityEngine, + com::sun::star::xml::crypto::sax::XReferenceCollector, + com::sun::star::xml::crypto::XUriBinding +> +/****** signatureengine.hxx/CLASS SignatureEngine ***************************** + * + * NAME + * SignatureEngine -- Base class of SignatureCreator and SignatureVerifier + * + * FUNCTION + * Maintains common members and methods related with signature operation. + * + * HISTORY + * 05.01.2004 - Interface supported: XReferenceCollector + * + * AUTHOR + * Michael Mi + * Email: michael.mi@sun.com + ******************************************************************************/ +{ +protected: + + /* + * the Signature bridge component, which performs signature generation + * and verification based on xmlsec library. + */ + com::sun::star::uno::Reference< + com::sun::star::xml::crypto::XXMLSignature > m_xXMLSignature; + + /* + * a collection of ElementCollector's ids. Each ElementCollector + * represents one element signed by this signature. + */ + std::vector< sal_Int32 > m_vReferenceIds; + + /* + * remembers how many references this signature has. + */ + sal_Int32 m_nTotalReferenceNumber; + + /* + * a collection of Uri binding. + * + * the m_vUris is used to hold the Uri strings, and the m_vXInputStreams is used + * to hold corresponding binded XInputStream interface. + */ + std::vector< rtl::OUString > m_vUris; + std::vector< com::sun::star::uno::Reference< + com::sun::star::io::XInputStream > > m_vXInputStreams; + +protected: + SignatureEngine( ); + virtual ~SignatureEngine() {}; + + virtual void tryToPerform( ) + throw (com::sun::star::uno::Exception, com::sun::star::uno::RuntimeException); + virtual void clearUp( ) const; + virtual bool checkReady() const; + + /* + * starts the main function. This method will be implemented by any sub-class. + * For a SignatureCreator, it performs signing operation; + * for a SignatureVerifier, verification operation is performed. + */ + virtual void startEngine( const com::sun::star::uno::Reference< + com::sun::star::xml::crypto::XXMLSignatureTemplate >&) + throw (com::sun::star::uno::Exception, com::sun::star::uno::RuntimeException) + {}; + +public: + /* XReferenceCollector */ + virtual void SAL_CALL setReferenceCount( sal_Int32 count ) + throw (com::sun::star::uno::Exception, com::sun::star::uno::RuntimeException); + + virtual void SAL_CALL setReferenceId( sal_Int32 id ) + throw (com::sun::star::uno::Exception, com::sun::star::uno::RuntimeException); + + /* XUriBinding */ + virtual void SAL_CALL setUriBinding( + const rtl::OUString& uri, + const com::sun::star::uno::Reference< + com::sun::star::io::XInputStream >& aInputStream ) + throw (com::sun::star::uno::Exception, com::sun::star::uno::RuntimeException); + virtual com::sun::star::uno::Reference< com::sun::star::io::XInputStream > + SAL_CALL getUriBinding( const rtl::OUString& uri ) + throw (com::sun::star::uno::Exception, com::sun::star::uno::RuntimeException); +}; + +#endif + diff --git a/xmlsecurity/source/framework/signatureverifierimpl.cxx b/xmlsecurity/source/framework/signatureverifierimpl.cxx new file mode 100644 index 000000000000..359139818eb0 --- /dev/null +++ b/xmlsecurity/source/framework/signatureverifierimpl.cxx @@ -0,0 +1,245 @@ +/************************************************************************* + * + * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. + * + * Copyright 2008 by Sun Microsystems, Inc. + * + * OpenOffice.org - a multi-platform office productivity suite + * + * $RCSfile: signatureverifierimpl.cxx,v $ + * $Revision: 1.7 $ + * + * This file is part of OpenOffice.org. + * + * OpenOffice.org is free software: you can redistribute it and/or modify + * it under the terms of the GNU Lesser General Public License version 3 + * only, as published by the Free Software Foundation. + * + * OpenOffice.org is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU Lesser General Public License version 3 for more details + * (a copy is included in the LICENSE file that accompanied this code). + * + * You should have received a copy of the GNU Lesser General Public License + * version 3 along with OpenOffice.org. If not, see + * <http://www.openoffice.org/license.html> + * for a copy of the LGPLv3 License. + * + ************************************************************************/ + +// MARKER(update_precomp.py): autogen include statement, do not remove +#include "precompiled_xmlsecurity.hxx" + +#include "signatureverifierimpl.hxx" +#include <com/sun/star/xml/crypto/XXMLSignatureTemplate.hpp> +#include <com/sun/star/xml/wrapper/XXMLElementWrapper.hpp> +#include <com/sun/star/lang/XMultiServiceFactory.hpp> + +namespace cssu = com::sun::star::uno; +namespace cssl = com::sun::star::lang; +namespace cssxc = com::sun::star::xml::crypto; +namespace cssxw = com::sun::star::xml::wrapper; + +#define SERVICE_NAME "com.sun.star.xml.crypto.sax.SignatureVerifier" +#define IMPLEMENTATION_NAME "com.sun.star.xml.security.framework.SignatureVerifierImpl" + +#define DECLARE_ASCII( SASCIIVALUE ) \ + rtl::OUString( RTL_CONSTASCII_USTRINGPARAM( SASCIIVALUE ) ) + +SignatureVerifierImpl::SignatureVerifierImpl( const cssu::Reference< cssl::XMultiServiceFactory >& rxMSF) +{ + mxMSF = rxMSF; +} + +SignatureVerifierImpl::~SignatureVerifierImpl() +{ +} + +bool SignatureVerifierImpl::checkReady() const +/****** SignatureVerifierImpl/checkReady ************************************* + * + * NAME + * checkReady -- checks the conditions for the signature verification. + * + * SYNOPSIS + * bReady = checkReady( ); + * + * FUNCTION + * checks whether all following conditions are satisfied: + * 1. the result listener is ready; + * 2. the SignatureEngine is ready. + * + * INPUTS + * empty + * + * RESULT + * bReady - true if all conditions are satisfied, false otherwise + * + * HISTORY + * 05.01.2004 - implemented + * + * AUTHOR + * Michael Mi + * Email: michael.mi@sun.com + ******************************************************************************/ +{ + return (m_xResultListener.is() && SignatureEngine::checkReady()); +} + +void SignatureVerifierImpl::notifyResultListener() const + throw (cssu::Exception, cssu::RuntimeException) +/****** SignatureVerifierImpl/notifyResultListener *************************** + * + * NAME + * notifyResultListener -- notifies the listener about the verify result. + * + * SYNOPSIS + * notifyResultListener( ); + * + * FUNCTION + * see NAME. + * + * INPUTS + * empty + * + * RESULT + * empty + * + * HISTORY + * 05.01.2004 - implemented + * + * AUTHOR + * Michael Mi + * Email: michael.mi@sun.com + ******************************************************************************/ +{ + cssu::Reference< cssxc::sax::XSignatureVerifyResultListener > + xSignatureVerifyResultListener ( m_xResultListener , cssu::UNO_QUERY ) ; + + xSignatureVerifyResultListener->signatureVerified( m_nSecurityId, m_nStatus ); +} + +void SignatureVerifierImpl::startEngine( const cssu::Reference< + cssxc::XXMLSignatureTemplate >& + xSignatureTemplate) + throw (cssu::Exception, cssu::RuntimeException) +/****** SignatureVerifierImpl/startEngine ************************************ + * + * NAME + * startEngine -- verifies the signature. + * + * SYNOPSIS + * startEngine( xSignatureTemplate ); + * + * FUNCTION + * see NAME. + * + * INPUTS + * xSignatureTemplate - the signature template (along with all referenced + * elements) to be verified. + * + * RESULT + * empty + * + * HISTORY + * 05.01.2004 - implemented + * + * AUTHOR + * Michael Mi + * Email: michael.mi@sun.com + ******************************************************************************/ +{ + cssu::Reference< cssxc::XXMLSignatureTemplate > xResultTemplate; + try + { + xResultTemplate = m_xXMLSignature->validate(xSignatureTemplate, m_xXMLSecurityContext); + m_nStatus = xResultTemplate->getStatus(); + } + catch( cssu::Exception& ) + { + m_nStatus = cssxc::SecurityOperationStatus_RUNTIMEERROR_FAILED; + } +} + +/* XSignatureVerifyResultBroadcaster */ +void SAL_CALL SignatureVerifierImpl::addSignatureVerifyResultListener( + const cssu::Reference< cssxc::sax::XSignatureVerifyResultListener >& listener ) + throw (cssu::Exception, cssu::RuntimeException) +{ + m_xResultListener = listener; + tryToPerform(); +} + +void SAL_CALL SignatureVerifierImpl::removeSignatureVerifyResultListener( + const cssu::Reference< cssxc::sax::XSignatureVerifyResultListener >&) + throw (cssu::RuntimeException) +{ +} + +/* XInitialization */ +void SAL_CALL SignatureVerifierImpl::initialize( + const cssu::Sequence< cssu::Any >& aArguments ) + throw (cssu::Exception, cssu::RuntimeException) +{ + OSL_ASSERT(aArguments.getLength() == 5); + + rtl::OUString ouTempString; + + aArguments[0] >>= ouTempString; + m_nSecurityId = ouTempString.toInt32(); + aArguments[1] >>= m_xSAXEventKeeper; + aArguments[2] >>= ouTempString; + m_nIdOfTemplateEC = ouTempString.toInt32(); + aArguments[3] >>= m_xXMLSecurityContext; + aArguments[4] >>= m_xXMLSignature; +} + + +rtl::OUString SignatureVerifierImpl_getImplementationName () + throw (cssu::RuntimeException) +{ + return rtl::OUString( + RTL_CONSTASCII_USTRINGPARAM ( IMPLEMENTATION_NAME ) ); +} + +sal_Bool SAL_CALL SignatureVerifierImpl_supportsService( const rtl::OUString& ServiceName ) + throw (cssu::RuntimeException) +{ + return ServiceName.equalsAsciiL( RTL_CONSTASCII_STRINGPARAM ( SERVICE_NAME )); +} + +cssu::Sequence< rtl::OUString > SAL_CALL SignatureVerifierImpl_getSupportedServiceNames( ) + throw (cssu::RuntimeException) +{ + cssu::Sequence < rtl::OUString > aRet(1); + rtl::OUString* pArray = aRet.getArray(); + pArray[0] = rtl::OUString ( RTL_CONSTASCII_USTRINGPARAM ( SERVICE_NAME ) ); + return aRet; +} +#undef SERVICE_NAME + +cssu::Reference< cssu::XInterface > SAL_CALL SignatureVerifierImpl_createInstance( + const cssu::Reference< cssl::XMultiServiceFactory >& rSMgr) + throw( cssu::Exception ) +{ + return (cppu::OWeakObject*) new SignatureVerifierImpl(rSMgr); +} + +/* XServiceInfo */ +rtl::OUString SAL_CALL SignatureVerifierImpl::getImplementationName( ) + throw (cssu::RuntimeException) +{ + return SignatureVerifierImpl_getImplementationName(); +} +sal_Bool SAL_CALL SignatureVerifierImpl::supportsService( const rtl::OUString& rServiceName ) + throw (cssu::RuntimeException) +{ + return SignatureVerifierImpl_supportsService( rServiceName ); +} +cssu::Sequence< rtl::OUString > SAL_CALL SignatureVerifierImpl::getSupportedServiceNames( ) + throw (cssu::RuntimeException) +{ + return SignatureVerifierImpl_getSupportedServiceNames(); +} + diff --git a/xmlsecurity/source/framework/signatureverifierimpl.hxx b/xmlsecurity/source/framework/signatureverifierimpl.hxx new file mode 100644 index 000000000000..232a18738680 --- /dev/null +++ b/xmlsecurity/source/framework/signatureverifierimpl.hxx @@ -0,0 +1,138 @@ +/************************************************************************* + * + * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. + * + * Copyright 2008 by Sun Microsystems, Inc. + * + * OpenOffice.org - a multi-platform office productivity suite + * + * $RCSfile: signatureverifierimpl.hxx,v $ + * $Revision: 1.4 $ + * + * This file is part of OpenOffice.org. + * + * OpenOffice.org is free software: you can redistribute it and/or modify + * it under the terms of the GNU Lesser General Public License version 3 + * only, as published by the Free Software Foundation. + * + * OpenOffice.org is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU Lesser General Public License version 3 for more details + * (a copy is included in the LICENSE file that accompanied this code). + * + * You should have received a copy of the GNU Lesser General Public License + * version 3 along with OpenOffice.org. If not, see + * <http://www.openoffice.org/license.html> + * for a copy of the LGPLv3 License. + * + ************************************************************************/ + +#ifndef _SIGNATUREVERIFIERIMPL_HXX +#define _SIGNATUREVERIFIERIMPL_HXX + +#include <com/sun/star/xml/crypto/sax/XSignatureVerifyResultListener.hpp> +#include <com/sun/star/xml/crypto/sax/XSignatureVerifyResultBroadcaster.hpp> +#include <com/sun/star/xml/crypto/XXMLSecurityContext.hpp> +#include <com/sun/star/lang/XInitialization.hpp> +#include <com/sun/star/lang/XServiceInfo.hpp> +#include <cppuhelper/implbase3.hxx> + +#include "signatureengine.hxx" + +class SignatureVerifierImpl : public cppu::ImplInheritanceHelper3 +< + SignatureEngine, + com::sun::star::xml::crypto::sax::XSignatureVerifyResultBroadcaster, + com::sun::star::lang::XInitialization, + com::sun::star::lang::XServiceInfo +> +/****** SignatureVerifier.hxx/CLASS SignatureVerifierImpl ********************* + * + * NAME + * SignatureVerifierImpl -- verifies a signature + * + * FUNCTION + * Collects all resources for a signature verification, then verifies the + * signature by invoking a xmlsec-based signature bridge component. + * + * HISTORY + * 05.01.2004 - Interface supported: XSignatureVerifyResultBroadcaster, + * XInitialization, XServiceInfo + * + * AUTHOR + * Michael Mi + * Email: michael.mi@sun.com + ******************************************************************************/ +{ +private: + /* + * the Id of the signature, which is used for the result listener to + * identify the signature. + */ + sal_Int32 m_nSignatureId; + + /* + * the verify result + */ + bool m_bVerifySucceed; + + com::sun::star::uno::Reference< + com::sun::star::xml::crypto::XXMLSecurityContext > m_xXMLSecurityContext; + + virtual void notifyResultListener() const + throw (com::sun::star::uno::Exception, com::sun::star::uno::RuntimeException); + virtual bool checkReady() const; + virtual void startEngine( const com::sun::star::uno::Reference< + com::sun::star::xml::crypto::XXMLSignatureTemplate >& + xSignatureTemplate) + throw (com::sun::star::uno::Exception, com::sun::star::uno::RuntimeException); + +public: + explicit SignatureVerifierImpl( const com::sun::star::uno::Reference< + com::sun::star::lang::XMultiServiceFactory >& rxMSF); + virtual ~SignatureVerifierImpl(); + + /* XSignatureVerifyResultBroadcaster */ + virtual void SAL_CALL addSignatureVerifyResultListener( + const com::sun::star::uno::Reference< + com::sun::star::xml::crypto::sax::XSignatureVerifyResultListener >& + listener ) + throw (com::sun::star::uno::Exception, com::sun::star::uno::RuntimeException); + virtual void SAL_CALL removeSignatureVerifyResultListener( + const com::sun::star::uno::Reference< + com::sun::star::xml::crypto::sax::XSignatureVerifyResultListener >& + listener ) + throw (com::sun::star::uno::RuntimeException); + + /* XInitialization */ + virtual void SAL_CALL initialize( + const com::sun::star::uno::Sequence< com::sun::star::uno::Any >& aArguments ) + throw (com::sun::star::uno::Exception, com::sun::star::uno::RuntimeException); + + /* XServiceInfo */ + virtual rtl::OUString SAL_CALL getImplementationName( ) + throw (com::sun::star::uno::RuntimeException); + virtual sal_Bool SAL_CALL supportsService( const rtl::OUString& ServiceName ) + throw (com::sun::star::uno::RuntimeException); + virtual com::sun::star::uno::Sequence< rtl::OUString > SAL_CALL getSupportedServiceNames( ) + throw (com::sun::star::uno::RuntimeException); +}; + +rtl::OUString SignatureVerifierImpl_getImplementationName() + throw ( com::sun::star::uno::RuntimeException ); + +sal_Bool SAL_CALL SignatureVerifierImpl_supportsService( const rtl::OUString& ServiceName ) + throw ( com::sun::star::uno::RuntimeException ); + +com::sun::star::uno::Sequence< rtl::OUString > SAL_CALL SignatureVerifierImpl_getSupportedServiceNames( ) + throw ( com::sun::star::uno::RuntimeException ); + +com::sun::star::uno::Reference< com::sun::star::uno::XInterface > +SAL_CALL SignatureVerifierImpl_createInstance( + const com::sun::star::uno::Reference< com::sun::star::lang::XMultiServiceFactory > & rSMgr) + throw ( com::sun::star::uno::Exception ); + +#endif + + diff --git a/xmlsecurity/source/framework/xmlencryptiontemplateimpl.cxx b/xmlsecurity/source/framework/xmlencryptiontemplateimpl.cxx new file mode 100644 index 000000000000..40727e0aa6b4 --- /dev/null +++ b/xmlsecurity/source/framework/xmlencryptiontemplateimpl.cxx @@ -0,0 +1,145 @@ +/************************************************************************* + * + * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. + * + * Copyright 2008 by Sun Microsystems, Inc. + * + * OpenOffice.org - a multi-platform office productivity suite + * + * $RCSfile: xmlencryptiontemplateimpl.cxx,v $ + * $Revision: 1.7 $ + * + * This file is part of OpenOffice.org. + * + * OpenOffice.org is free software: you can redistribute it and/or modify + * it under the terms of the GNU Lesser General Public License version 3 + * only, as published by the Free Software Foundation. + * + * OpenOffice.org is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU Lesser General Public License version 3 for more details + * (a copy is included in the LICENSE file that accompanied this code). + * + * You should have received a copy of the GNU Lesser General Public License + * version 3 along with OpenOffice.org. If not, see + * <http://www.openoffice.org/license.html> + * for a copy of the LGPLv3 License. + * + ************************************************************************/ + +// MARKER(update_precomp.py): autogen include statement, do not remove +#include "precompiled_xmlsecurity.hxx" +#include <sal/config.h> +#include <rtl/uuid.h> +#include "xmlencryptiontemplateimpl.hxx" + +using namespace ::com::sun::star::uno ; +using ::com::sun::star::lang::XMultiServiceFactory ; +using ::com::sun::star::lang::XSingleServiceFactory ; +using ::rtl::OUString ; + +using ::com::sun::star::xml::wrapper::XXMLElementWrapper ; +using ::com::sun::star::xml::crypto::XXMLEncryptionTemplate ; + +XMLEncryptionTemplateImpl :: XMLEncryptionTemplateImpl( const Reference< XMultiServiceFactory >& aFactory ) + : m_xTemplate( NULL ), + m_xTarget( NULL ), + m_xServiceManager( aFactory ), + m_nStatus ( ::com::sun::star::xml::crypto::SecurityOperationStatus_UNKNOWN ) { +} + +XMLEncryptionTemplateImpl :: ~XMLEncryptionTemplateImpl() { +} + +/* XXMLEncryptionTemplate */ +void SAL_CALL XMLEncryptionTemplateImpl :: setTemplate( const Reference< XXMLElementWrapper >& aTemplate ) + throw (com::sun::star::uno::RuntimeException, com::sun::star::lang::IllegalArgumentException) +{ + m_xTemplate = aTemplate ; +} + +/* XXMLEncryptionTemplate */ +Reference< XXMLElementWrapper > SAL_CALL XMLEncryptionTemplateImpl :: getTemplate() +throw (com::sun::star::uno::RuntimeException) +{ + return m_xTemplate ; +} + +/* XXMLEncryptionTemplate */ +void SAL_CALL XMLEncryptionTemplateImpl :: setTarget( const Reference< XXMLElementWrapper >& aTarget ) + throw( com::sun::star::lang::IllegalArgumentException ) { + m_xTarget = aTarget ; +} + +/* XXMLEncryptionTemplate */ +Reference< XXMLElementWrapper > SAL_CALL XMLEncryptionTemplateImpl :: getTarget() +throw (com::sun::star::uno::RuntimeException) +{ + return m_xTarget ; +} + +void SAL_CALL XMLEncryptionTemplateImpl::setStatus( + ::com::sun::star::xml::crypto::SecurityOperationStatus status ) + throw (::com::sun::star::lang::IllegalArgumentException, ::com::sun::star::uno::RuntimeException) +{ + m_nStatus = status; +} + +::com::sun::star::xml::crypto::SecurityOperationStatus SAL_CALL XMLEncryptionTemplateImpl::getStatus( ) + throw (::com::sun::star::uno::RuntimeException) +{ + return m_nStatus; +} + +/* XInitialization */ +void SAL_CALL XMLEncryptionTemplateImpl :: initialize( const Sequence< Any >& /*aArguments*/ ) + throw( Exception, RuntimeException ) { + // TBD +} ; + +/* XServiceInfo */ +OUString SAL_CALL XMLEncryptionTemplateImpl :: getImplementationName() throw( RuntimeException ) { + return impl_getImplementationName() ; +} + +/* XServiceInfo */ +sal_Bool SAL_CALL XMLEncryptionTemplateImpl :: supportsService( const OUString& serviceName) throw( RuntimeException ) { + Sequence< OUString > seqServiceNames = getSupportedServiceNames() ; + const OUString* pArray = seqServiceNames.getConstArray() ; + for( sal_Int32 i = 0 ; i < seqServiceNames.getLength() ; i ++ ) { + if( *( pArray + i ) == serviceName ) + return sal_True ; + } + return sal_False ; +} + +/* XServiceInfo */ +Sequence< OUString > SAL_CALL XMLEncryptionTemplateImpl :: getSupportedServiceNames() throw( RuntimeException ) { + return impl_getSupportedServiceNames() ; +} + +//Helper for XServiceInfo +Sequence< OUString > XMLEncryptionTemplateImpl :: impl_getSupportedServiceNames() { + ::osl::Guard< ::osl::Mutex > aGuard( ::osl::Mutex::getGlobalMutex() ) ; + Sequence< OUString > seqServiceNames( 1 ) ; + seqServiceNames.getArray()[0] = OUString::createFromAscii( "com.sun.star.xml.crypto.XMLEncryptionTemplate" ) ; + return seqServiceNames ; +} + +OUString XMLEncryptionTemplateImpl :: impl_getImplementationName() throw( RuntimeException ) { + return OUString::createFromAscii( "com.sun.star.xml.security.framework.XMLEncryptionTemplateImpl" ) ; +} + +//Helper for registry +Reference< XInterface > SAL_CALL XMLEncryptionTemplateImpl :: impl_createInstance( const Reference< XMultiServiceFactory >& aServiceManager ) throw( RuntimeException ) { + return Reference< XInterface >( *new XMLEncryptionTemplateImpl( aServiceManager ) ) ; +} + +Reference< XSingleServiceFactory > XMLEncryptionTemplateImpl :: impl_createFactory( const Reference< XMultiServiceFactory >& aServiceManager ) { + //Reference< XSingleServiceFactory > xFactory ; + //xFactory = ::cppu::createSingleFactory( aServiceManager , impl_getImplementationName , impl_createInstance , impl_getSupportedServiceNames ) ; + //return xFactory ; + return ::cppu::createSingleFactory( aServiceManager , impl_getImplementationName() , impl_createInstance , impl_getSupportedServiceNames() ) ; +} + diff --git a/xmlsecurity/source/framework/xmlencryptiontemplateimpl.hxx b/xmlsecurity/source/framework/xmlencryptiontemplateimpl.hxx new file mode 100644 index 000000000000..1155e7108856 --- /dev/null +++ b/xmlsecurity/source/framework/xmlencryptiontemplateimpl.hxx @@ -0,0 +1,116 @@ +/************************************************************************* + * + * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. + * + * Copyright 2008 by Sun Microsystems, Inc. + * + * OpenOffice.org - a multi-platform office productivity suite + * + * $RCSfile: xmlencryptiontemplateimpl.hxx,v $ + * $Revision: 1.4 $ + * + * This file is part of OpenOffice.org. + * + * OpenOffice.org is free software: you can redistribute it and/or modify + * it under the terms of the GNU Lesser General Public License version 3 + * only, as published by the Free Software Foundation. + * + * OpenOffice.org is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU Lesser General Public License version 3 for more details + * (a copy is included in the LICENSE file that accompanied this code). + * + * You should have received a copy of the GNU Lesser General Public License + * version 3 along with OpenOffice.org. If not, see + * <http://www.openoffice.org/license.html> + * for a copy of the LGPLv3 License. + * + ************************************************************************/ + +#ifndef _XMLENCRYPTIONTEMPLATEIMPL_HXX_ +#define _XMLENCRYPTIONTEMPLATEIMPL_HXX_ + +#include <sal/config.h> +#include <rtl/ustring.hxx> +#include <cppuhelper/factory.hxx> +#include <cppuhelper/implbase3.hxx> +#include <com/sun/star/uno/Exception.hpp> + +#ifndef _COM_SUN_STAR_UNO_REFERENCE_HPP_ +#include <com/sun/star/uno/Reference.hxx> +#endif +#include <com/sun/star/lang/XSingleServiceFactory.hpp> + +#ifndef _COM_SUN_STAR_LANG_XSECVICEINFO_HPP_ +#include <com/sun/star/lang/XServiceInfo.hpp> +#endif +#include <com/sun/star/lang/XInitialization.hpp> +#include <com/sun/star/lang/XUnoTunnel.hpp> +#include <com/sun/star/xml/crypto/XXMLEncryptionTemplate.hpp> +#include <com/sun/star/xml/wrapper/XXMLElementWrapper.hpp> + +class XMLEncryptionTemplateImpl : public ::cppu::WeakImplHelper3< + ::com::sun::star::xml::crypto::XXMLEncryptionTemplate , + ::com::sun::star::lang::XInitialization , + ::com::sun::star::lang::XServiceInfo > +{ + private : + ::com::sun::star::uno::Reference< ::com::sun::star::xml::wrapper::XXMLElementWrapper > m_xTemplate ; + ::com::sun::star::uno::Reference< ::com::sun::star::xml::wrapper::XXMLElementWrapper > m_xTarget ; + ::com::sun::star::uno::Reference< ::com::sun::star::lang::XMultiServiceFactory > m_xServiceManager ; + ::com::sun::star::xml::crypto::SecurityOperationStatus m_nStatus; + + public : + XMLEncryptionTemplateImpl( const ::com::sun::star::uno::Reference< ::com::sun::star::lang::XMultiServiceFactory >& aFactory ) ; + virtual ~XMLEncryptionTemplateImpl() ; + + //Methods from XXMLEncryptionTemplate + virtual void SAL_CALL setTemplate( + const ::com::sun::star::uno::Reference< ::com::sun::star::xml::wrapper::XXMLElementWrapper >& aXmlElement + ) + throw (com::sun::star::uno::RuntimeException, com::sun::star::lang::IllegalArgumentException); + + virtual ::com::sun::star::uno::Reference< ::com::sun::star::xml::wrapper::XXMLElementWrapper > SAL_CALL getTemplate( + ) throw (com::sun::star::uno::RuntimeException); + + virtual void SAL_CALL setTarget( + const ::com::sun::star::uno::Reference< ::com::sun::star::xml::wrapper::XXMLElementWrapper >& aXmlElement + ) throw( com::sun::star::lang::IllegalArgumentException); + + virtual ::com::sun::star::uno::Reference< ::com::sun::star::xml::wrapper::XXMLElementWrapper > SAL_CALL getTarget( + ) throw (com::sun::star::uno::RuntimeException) ; + + virtual void SAL_CALL setStatus( + ::com::sun::star::xml::crypto::SecurityOperationStatus status ) + throw (::com::sun::star::lang::IllegalArgumentException, ::com::sun::star::uno::RuntimeException); + virtual ::com::sun::star::xml::crypto::SecurityOperationStatus + SAL_CALL getStatus( ) + throw (::com::sun::star::uno::RuntimeException); + + //Methods from XInitialization + virtual void SAL_CALL initialize( + const ::com::sun::star::uno::Sequence< ::com::sun::star::uno::Any >& aArguments + ) throw( ::com::sun::star::uno::Exception , ::com::sun::star::uno::RuntimeException ) ; + + //Methods from XServiceInfo + virtual ::rtl::OUString SAL_CALL getImplementationName() throw( ::com::sun::star::uno::RuntimeException ) ; + + virtual sal_Bool SAL_CALL supportsService( + const ::rtl::OUString& ServiceName + ) throw( ::com::sun::star::uno::RuntimeException ) ; + + virtual ::com::sun::star::uno::Sequence< ::rtl::OUString > SAL_CALL getSupportedServiceNames() throw( ::com::sun::star::uno::RuntimeException ) ; + + //Helper for XServiceInfo + static ::com::sun::star::uno::Sequence< ::rtl::OUString > impl_getSupportedServiceNames() ; + + static ::rtl::OUString impl_getImplementationName() throw( ::com::sun::star::uno::RuntimeException ) ; + + //Helper for registry + static ::com::sun::star::uno::Reference< ::com::sun::star::uno::XInterface > SAL_CALL impl_createInstance( const ::com::sun::star::uno::Reference< ::com::sun::star::lang::XMultiServiceFactory >& aServiceManager ) throw( ::com::sun::star::uno::RuntimeException ) ; + + static ::com::sun::star::uno::Reference< ::com::sun::star::lang::XSingleServiceFactory > impl_createFactory( const ::com::sun::star::uno::Reference< ::com::sun::star::lang::XMultiServiceFactory >& aServiceManager ) ; +} ; + +#endif // _XMLENCRYPTIONTEMPLATE_XMLSECIMPL_HXX_ diff --git a/xmlsecurity/source/framework/xmlsignaturetemplateimpl.cxx b/xmlsecurity/source/framework/xmlsignaturetemplateimpl.cxx new file mode 100644 index 000000000000..6cbb14360c6b --- /dev/null +++ b/xmlsecurity/source/framework/xmlsignaturetemplateimpl.cxx @@ -0,0 +1,170 @@ +/************************************************************************* + * + * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. + * + * Copyright 2008 by Sun Microsystems, Inc. + * + * OpenOffice.org - a multi-platform office productivity suite + * + * $RCSfile: xmlsignaturetemplateimpl.cxx,v $ + * $Revision: 1.7 $ + * + * This file is part of OpenOffice.org. + * + * OpenOffice.org is free software: you can redistribute it and/or modify + * it under the terms of the GNU Lesser General Public License version 3 + * only, as published by the Free Software Foundation. + * + * OpenOffice.org is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU Lesser General Public License version 3 for more details + * (a copy is included in the LICENSE file that accompanied this code). + * + * You should have received a copy of the GNU Lesser General Public License + * version 3 along with OpenOffice.org. If not, see + * <http://www.openoffice.org/license.html> + * for a copy of the LGPLv3 License. + * + ************************************************************************/ + +// MARKER(update_precomp.py): autogen include statement, do not remove +#include "precompiled_xmlsecurity.hxx" +#include <sal/config.h> +#include <rtl/ustring.hxx> +#include <rtl/uuid.h> +#include "xmlsignaturetemplateimpl.hxx" + +using namespace ::com::sun::star::uno ; +using ::com::sun::star::lang::XMultiServiceFactory ; +using ::com::sun::star::lang::XSingleServiceFactory ; +using ::rtl::OUString ; + +using ::com::sun::star::xml::wrapper::XXMLElementWrapper ; +using ::com::sun::star::xml::crypto::XXMLSignatureTemplate ; + +XMLSignatureTemplateImpl :: XMLSignatureTemplateImpl( const Reference< XMultiServiceFactory >& aFactory ) + :m_xTemplate( NULL ), + m_xServiceManager( aFactory ), + m_nStatus ( ::com::sun::star::xml::crypto::SecurityOperationStatus_UNKNOWN ) +{ +} + +XMLSignatureTemplateImpl :: ~XMLSignatureTemplateImpl() { +} + +/* XXMLSignatureTemplate */ +void SAL_CALL XMLSignatureTemplateImpl :: setTemplate( const Reference< XXMLElementWrapper >& aTemplate ) + throw( com::sun::star::uno::RuntimeException, com::sun::star::lang::IllegalArgumentException) +{ + m_xTemplate = aTemplate ; +} + +/* XXMLSignatureTemplate */ +Reference< XXMLElementWrapper > SAL_CALL XMLSignatureTemplateImpl :: getTemplate() + throw (com::sun::star::uno::RuntimeException) +{ + return m_xTemplate ; +} + +void SAL_CALL XMLSignatureTemplateImpl :: setTarget( const ::com::sun::star::uno::Reference< ::com::sun::star::xml::wrapper::XXMLElementWrapper >& aXmlElement ) + throw( com::sun::star::uno::RuntimeException, com::sun::star::lang::IllegalArgumentException) +{ + targets.push_back( aXmlElement ); +} + +::com::sun::star::uno::Sequence< ::com::sun::star::uno::Reference< ::com::sun::star::xml::wrapper::XXMLElementWrapper > > SAL_CALL XMLSignatureTemplateImpl :: getTargets() + throw (com::sun::star::uno::RuntimeException) +{ + sal_Int32 length = targets.size(); + ::com::sun::star::uno::Sequence< + ::com::sun::star::uno::Reference< ::com::sun::star::xml::wrapper::XXMLElementWrapper > + > aTargets (length); + + sal_Int32 i; + + for (i=0; i<length; i++) + { + aTargets[i] = targets[i]; + } + + return aTargets; +} + +void SAL_CALL XMLSignatureTemplateImpl::setBinding( + const ::com::sun::star::uno::Reference< + ::com::sun::star::xml::crypto::XUriBinding >& aUriBinding ) + throw (::com::sun::star::lang::IllegalArgumentException, ::com::sun::star::uno::RuntimeException) +{ + m_xUriBinding = aUriBinding; +} + +::com::sun::star::uno::Reference< ::com::sun::star::xml::crypto::XUriBinding > SAL_CALL XMLSignatureTemplateImpl::getBinding() + throw (::com::sun::star::uno::RuntimeException) +{ + return m_xUriBinding; +} + +void SAL_CALL XMLSignatureTemplateImpl::setStatus( + ::com::sun::star::xml::crypto::SecurityOperationStatus status ) + throw (::com::sun::star::lang::IllegalArgumentException, ::com::sun::star::uno::RuntimeException) +{ + m_nStatus = status; +} + +::com::sun::star::xml::crypto::SecurityOperationStatus SAL_CALL XMLSignatureTemplateImpl::getStatus( ) + throw (::com::sun::star::uno::RuntimeException) +{ + return m_nStatus; +} + +/* XInitialization */ +void SAL_CALL XMLSignatureTemplateImpl :: initialize( const Sequence< Any >& /*aArguments*/ ) throw( Exception, RuntimeException ) { + // TBD +} ; + +/* XServiceInfo */ +OUString SAL_CALL XMLSignatureTemplateImpl :: getImplementationName() throw( RuntimeException ) { + return impl_getImplementationName() ; +} + +/* XServiceInfo */ +sal_Bool SAL_CALL XMLSignatureTemplateImpl :: supportsService( const OUString& serviceName) throw( RuntimeException ) { + Sequence< OUString > seqServiceNames = getSupportedServiceNames() ; + const OUString* pArray = seqServiceNames.getConstArray() ; + for( sal_Int32 i = 0 ; i < seqServiceNames.getLength() ; i ++ ) { + if( *( pArray + i ) == serviceName ) + return sal_True ; + } + return sal_False ; +} + +/* XServiceInfo */ +Sequence< OUString > SAL_CALL XMLSignatureTemplateImpl :: getSupportedServiceNames() throw( RuntimeException ) { + return impl_getSupportedServiceNames() ; +} + +//Helper for XServiceInfo +Sequence< OUString > XMLSignatureTemplateImpl :: impl_getSupportedServiceNames() { + ::osl::Guard< ::osl::Mutex > aGuard( ::osl::Mutex::getGlobalMutex() ) ; + Sequence< OUString > seqServiceNames( 1 ) ; + seqServiceNames.getArray()[0] = OUString::createFromAscii( "com.sun.star.xml.crypto.XMLSignatureTemplate" ) ; + return seqServiceNames ; +} + +OUString XMLSignatureTemplateImpl :: impl_getImplementationName() throw( RuntimeException ) { + return OUString::createFromAscii( "com.sun.star.xml.security.framework.XMLSignatureTemplateImpl" ) ; +} + +//Helper for registry +Reference< XInterface > SAL_CALL XMLSignatureTemplateImpl :: impl_createInstance( const Reference< XMultiServiceFactory >& aServiceManager ) throw( RuntimeException ) { + return Reference< XInterface >( *new XMLSignatureTemplateImpl( aServiceManager ) ) ; +} + +Reference< XSingleServiceFactory > XMLSignatureTemplateImpl :: impl_createFactory( const Reference< XMultiServiceFactory >& aServiceManager ) { + //Reference< XSingleServiceFactory > xFactory ; + //xFactory = ::cppu::createSingleFactory( aServiceManager , impl_getImplementationName , impl_createInstance , impl_getSupportedServiceNames ) ; + //return xFactory ; + return ::cppu::createSingleFactory( aServiceManager , impl_getImplementationName() , impl_createInstance , impl_getSupportedServiceNames() ) ; +} + diff --git a/xmlsecurity/source/framework/xmlsignaturetemplateimpl.hxx b/xmlsecurity/source/framework/xmlsignaturetemplateimpl.hxx new file mode 100644 index 000000000000..3e01068626e9 --- /dev/null +++ b/xmlsecurity/source/framework/xmlsignaturetemplateimpl.hxx @@ -0,0 +1,128 @@ +/************************************************************************* + * + * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. + * + * Copyright 2008 by Sun Microsystems, Inc. + * + * OpenOffice.org - a multi-platform office productivity suite + * + * $RCSfile: xmlsignaturetemplateimpl.hxx,v $ + * $Revision: 1.4 $ + * + * This file is part of OpenOffice.org. + * + * OpenOffice.org is free software: you can redistribute it and/or modify + * it under the terms of the GNU Lesser General Public License version 3 + * only, as published by the Free Software Foundation. + * + * OpenOffice.org is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU Lesser General Public License version 3 for more details + * (a copy is included in the LICENSE file that accompanied this code). + * + * You should have received a copy of the GNU Lesser General Public License + * version 3 along with OpenOffice.org. If not, see + * <http://www.openoffice.org/license.html> + * for a copy of the LGPLv3 License. + * + ************************************************************************/ + +#ifndef _XMLSIGNATURETEMPLATEIMPL_HXX_ +#define _XMLSIGNATURETEMPLATEIMPL_HXX_ + +#include <sal/config.h> +#include <rtl/ustring.hxx> +#include <cppuhelper/factory.hxx> +#include <cppuhelper/implbase3.hxx> +#include <com/sun/star/uno/Exception.hpp> + +#ifndef _COM_SUN_STAR_UNO_REFERENCE_HPP_ +#include <com/sun/star/uno/Reference.hxx> +#endif +#include <com/sun/star/lang/XSingleServiceFactory.hpp> + +#ifndef _COM_SUN_STAR_LANG_XSECVICEINFO_HPP_ +#include <com/sun/star/lang/XServiceInfo.hpp> +#endif +#include <com/sun/star/lang/XInitialization.hpp> +#include <com/sun/star/xml/crypto/XXMLSignatureTemplate.hpp> +#include <com/sun/star/xml/wrapper/XXMLElementWrapper.hpp> + +#ifndef __SGI_STL_VECTOR +#include <vector> +#endif + +class XMLSignatureTemplateImpl : public ::cppu::WeakImplHelper3< + ::com::sun::star::xml::crypto::XXMLSignatureTemplate , + ::com::sun::star::lang::XInitialization , + ::com::sun::star::lang::XServiceInfo > +{ + private : + ::com::sun::star::uno::Reference< ::com::sun::star::xml::wrapper::XXMLElementWrapper > m_xTemplate ; + ::com::sun::star::uno::Reference< ::com::sun::star::lang::XMultiServiceFactory > m_xServiceManager ; + std::vector< ::com::sun::star::uno::Reference< ::com::sun::star::xml::wrapper::XXMLElementWrapper > > targets; + ::com::sun::star::uno::Reference< ::com::sun::star::xml::crypto::XUriBinding > m_xUriBinding; + ::com::sun::star::xml::crypto::SecurityOperationStatus m_nStatus; + + public : + XMLSignatureTemplateImpl( const ::com::sun::star::uno::Reference< ::com::sun::star::lang::XMultiServiceFactory >& aFactory ) ; + virtual ~XMLSignatureTemplateImpl() ; + + //Methods from XXMLSignatureTemplate + virtual void SAL_CALL setTemplate( + const ::com::sun::star::uno::Reference< ::com::sun::star::xml::wrapper::XXMLElementWrapper >& aXmlElement + ) throw( com::sun::star::uno::RuntimeException, com::sun::star::lang::IllegalArgumentException); + + virtual ::com::sun::star::uno::Reference< ::com::sun::star::xml::wrapper::XXMLElementWrapper > SAL_CALL getTemplate( + ) throw (com::sun::star::uno::RuntimeException); + + virtual void SAL_CALL setTarget( + const ::com::sun::star::uno::Reference< ::com::sun::star::xml::wrapper::XXMLElementWrapper >& aXmlElement + ) throw( com::sun::star::uno::RuntimeException, com::sun::star::lang::IllegalArgumentException); + + virtual ::com::sun::star::uno::Sequence< ::com::sun::star::uno::Reference< ::com::sun::star::xml::wrapper::XXMLElementWrapper > > SAL_CALL getTargets( + ) throw (com::sun::star::uno::RuntimeException); + + virtual void SAL_CALL setBinding( + const ::com::sun::star::uno::Reference< + ::com::sun::star::xml::crypto::XUriBinding >& aUriBinding ) + throw (::com::sun::star::lang::IllegalArgumentException, ::com::sun::star::uno::RuntimeException); + virtual ::com::sun::star::uno::Reference< + ::com::sun::star::xml::crypto::XUriBinding > + SAL_CALL getBinding( ) + throw (::com::sun::star::uno::RuntimeException); + + virtual void SAL_CALL setStatus( + ::com::sun::star::xml::crypto::SecurityOperationStatus status ) + throw (::com::sun::star::lang::IllegalArgumentException, ::com::sun::star::uno::RuntimeException); + virtual ::com::sun::star::xml::crypto::SecurityOperationStatus + SAL_CALL getStatus( ) + throw (::com::sun::star::uno::RuntimeException); + + //Methods from XInitialization + virtual void SAL_CALL initialize( + const ::com::sun::star::uno::Sequence< ::com::sun::star::uno::Any >& aArguments + ) throw( ::com::sun::star::uno::Exception , ::com::sun::star::uno::RuntimeException ) ; + + //Methods from XServiceInfo + virtual ::rtl::OUString SAL_CALL getImplementationName() throw( ::com::sun::star::uno::RuntimeException ) ; + + virtual sal_Bool SAL_CALL supportsService( + const ::rtl::OUString& ServiceName + ) throw( ::com::sun::star::uno::RuntimeException ) ; + + virtual ::com::sun::star::uno::Sequence< ::rtl::OUString > SAL_CALL getSupportedServiceNames() throw( ::com::sun::star::uno::RuntimeException ) ; + + //Helper for XServiceInfo + static ::com::sun::star::uno::Sequence< ::rtl::OUString > impl_getSupportedServiceNames() ; + + static ::rtl::OUString impl_getImplementationName() throw( ::com::sun::star::uno::RuntimeException ) ; + + //Helper for registry + static ::com::sun::star::uno::Reference< ::com::sun::star::uno::XInterface > SAL_CALL impl_createInstance( const ::com::sun::star::uno::Reference< ::com::sun::star::lang::XMultiServiceFactory >& aServiceManager ) throw( ::com::sun::star::uno::RuntimeException ) ; + + static ::com::sun::star::uno::Reference< ::com::sun::star::lang::XSingleServiceFactory > impl_createFactory( const ::com::sun::star::uno::Reference< ::com::sun::star::lang::XMultiServiceFactory >& aServiceManager ) ; +} ; + +#endif // _XMLSIGNATURETEMPLATE_XMLSECIMPL_HXX_ diff --git a/xmlsecurity/source/framework/xsec_framework.cxx b/xmlsecurity/source/framework/xsec_framework.cxx new file mode 100644 index 000000000000..7ec12208f172 --- /dev/null +++ b/xmlsecurity/source/framework/xsec_framework.cxx @@ -0,0 +1,253 @@ +/************************************************************************* + * + * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. + * + * Copyright 2008 by Sun Microsystems, Inc. + * + * OpenOffice.org - a multi-platform office productivity suite + * + * $RCSfile: xsec_framework.cxx,v $ + * $Revision: 1.5 $ + * + * This file is part of OpenOffice.org. + * + * OpenOffice.org is free software: you can redistribute it and/or modify + * it under the terms of the GNU Lesser General Public License version 3 + * only, as published by the Free Software Foundation. + * + * OpenOffice.org is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU Lesser General Public License version 3 for more details + * (a copy is included in the LICENSE file that accompanied this code). + * + * You should have received a copy of the GNU Lesser General Public License + * version 3 along with OpenOffice.org. If not, see + * <http://www.openoffice.org/license.html> + * for a copy of the LGPLv3 License. + * + ************************************************************************/ + +// MARKER(update_precomp.py): autogen include statement, do not remove +#include "precompiled_xmlsecurity.hxx" + +#include <stdio.h> + +#include <osl/mutex.hxx> +#include <osl/thread.h> +#include <cppuhelper/factory.hxx> +#include <com/sun/star/lang/XSingleServiceFactory.hpp> + +#include <decryptorimpl.hxx> +#include <encryptorimpl.hxx> +#include <signaturecreatorimpl.hxx> +#include <signatureverifierimpl.hxx> +#include <saxeventkeeperimpl.hxx> +#include <xmlencryptiontemplateimpl.hxx> +#include <xmlsignaturetemplateimpl.hxx> + +using namespace ::rtl; +using namespace ::cppu; +using namespace ::com::sun::star::uno; +using namespace ::com::sun::star::lang; +using namespace ::com::sun::star::registry; + +extern "C" +{ +//================================================================================================== +void SAL_CALL component_getImplementationEnvironment( + const sal_Char ** ppEnvTypeName, uno_Environment **) +{ + *ppEnvTypeName = CPPU_CURRENT_LANGUAGE_BINDING_NAME; +} + +//================================================================================================== +sal_Bool SAL_CALL component_writeInfo( + void * /*pServiceManager*/, void * pRegistryKey ) +{ + if (pRegistryKey) + { + try + { + //Decryptor + sal_Int32 nPos = 0; + Reference< XRegistryKey > xNewKey( + reinterpret_cast< XRegistryKey * >( pRegistryKey )->createKey( DecryptorImpl_getImplementationName() ) ); + xNewKey = xNewKey->createKey( OUString::createFromAscii( "/UNO/SERVICES" ) ); + + const Sequence< OUString > & rSNL = DecryptorImpl_getSupportedServiceNames(); + const OUString * pArray = rSNL.getConstArray(); + for ( nPos = rSNL.getLength(); nPos--; ) + xNewKey->createKey( pArray[nPos] ); + + //Encryptor + xNewKey = reinterpret_cast< XRegistryKey * >( pRegistryKey )->createKey( EncryptorImpl_getImplementationName() ); + xNewKey = xNewKey->createKey( OUString::createFromAscii( "/UNO/SERVICES" ) ); + const Sequence< OUString > & rSNL2 = EncryptorImpl_getSupportedServiceNames(); + pArray = rSNL2.getConstArray(); + for ( nPos = rSNL2.getLength(); nPos--; ) + xNewKey->createKey( pArray[nPos] ); + + //SignatureCreator + xNewKey = reinterpret_cast< XRegistryKey * >( pRegistryKey )->createKey( SignatureCreatorImpl_getImplementationName() ); + xNewKey = xNewKey->createKey( OUString::createFromAscii( "/UNO/SERVICES" ) ); + const Sequence< OUString > & rSNL3 = SignatureCreatorImpl_getSupportedServiceNames(); + pArray = rSNL3.getConstArray(); + for ( nPos = rSNL3.getLength(); nPos--; ) + xNewKey->createKey( pArray[nPos] ); + + //SignatureVerifier + xNewKey = reinterpret_cast< XRegistryKey * >( pRegistryKey )->createKey( SignatureVerifierImpl_getImplementationName() ); + xNewKey = xNewKey->createKey( OUString::createFromAscii( "/UNO/SERVICES" ) ); + const Sequence< OUString > & rSNL4 = SignatureVerifierImpl_getSupportedServiceNames(); + pArray = rSNL4.getConstArray(); + for ( nPos = rSNL4.getLength(); nPos--; ) + xNewKey->createKey( pArray[nPos] ); + + //SAXEventKeeper + xNewKey = reinterpret_cast< XRegistryKey * >( pRegistryKey )->createKey( SAXEventKeeperImpl_getImplementationName() ); + xNewKey = xNewKey->createKey( OUString::createFromAscii( "/UNO/SERVICES" ) ); + const Sequence< OUString > & rSNL5 = SAXEventKeeperImpl_getSupportedServiceNames(); + pArray = rSNL5.getConstArray(); + for ( nPos = rSNL5.getLength(); nPos--; ) + xNewKey->createKey( pArray[nPos] ); + + //XMLSignatureTemplateImpl + xNewKey = reinterpret_cast< XRegistryKey * >( pRegistryKey )->createKey( XMLSignatureTemplateImpl::impl_getImplementationName() ); + xNewKey = xNewKey->createKey( OUString::createFromAscii( "/UNO/SERVICES" ) ); + const Sequence< OUString > & rSNL6 = XMLSignatureTemplateImpl::impl_getSupportedServiceNames(); + pArray = rSNL6.getConstArray(); + for ( nPos = rSNL6.getLength(); nPos--; ) + xNewKey->createKey( pArray[nPos] ); + + // XMLEncryptionTemplateImpl + xNewKey = reinterpret_cast< XRegistryKey * >( pRegistryKey )->createKey( XMLEncryptionTemplateImpl::impl_getImplementationName() ); + xNewKey = xNewKey->createKey( OUString::createFromAscii( "/UNO/SERVICES" ) ); + const Sequence< OUString > & rSNL7 = XMLEncryptionTemplateImpl::impl_getSupportedServiceNames(); + pArray = rSNL7.getConstArray(); + for ( nPos = rSNL7.getLength(); nPos--; ) + xNewKey->createKey( pArray[nPos] ); + + return sal_True; + } + catch (InvalidRegistryException &) + { + OSL_ENSURE( sal_False, "### InvalidRegistryException!" ); + } + } + return sal_False; +} + +//================================================================================================== +void * SAL_CALL component_getFactory( + const sal_Char * pImplName, void * pServiceManager, void * /*pRegistryKey*/ ) +{ + void * pRet = 0; + + //Decryptor + OUString implName = OUString::createFromAscii( pImplName ); + if ( pServiceManager && implName.equals(DecryptorImpl_getImplementationName()) ) + { + Reference< XSingleServiceFactory > xFactory( createSingleFactory( + reinterpret_cast< XMultiServiceFactory * >( pServiceManager ), + OUString::createFromAscii( pImplName ), + DecryptorImpl_createInstance, DecryptorImpl_getSupportedServiceNames() ) ); + + if (xFactory.is()) + { + xFactory->acquire(); + pRet = xFactory.get(); + } + } + + //Encryptor + if ( pServiceManager && implName.equals(EncryptorImpl_getImplementationName()) ) + { + Reference< XSingleServiceFactory > xFactory( createSingleFactory( + reinterpret_cast< XMultiServiceFactory * >( pServiceManager ), + OUString::createFromAscii( pImplName ), + EncryptorImpl_createInstance, EncryptorImpl_getSupportedServiceNames() ) ); + + if (xFactory.is()) + { + xFactory->acquire(); + pRet = xFactory.get(); + } + } + + //SignatureCreator + if ( pServiceManager && implName.equals(SignatureCreatorImpl_getImplementationName()) ) + { + Reference< XSingleServiceFactory > xFactory( createSingleFactory( + reinterpret_cast< XMultiServiceFactory * >( pServiceManager ), + OUString::createFromAscii( pImplName ), + SignatureCreatorImpl_createInstance, SignatureCreatorImpl_getSupportedServiceNames() ) ); + + if (xFactory.is()) + { + xFactory->acquire(); + pRet = xFactory.get(); + } + } + + //SignatureVerifier + if ( pServiceManager && implName.equals(SignatureVerifierImpl_getImplementationName()) ) + { + Reference< XSingleServiceFactory > xFactory( createSingleFactory( + reinterpret_cast< XMultiServiceFactory * >( pServiceManager ), + OUString::createFromAscii( pImplName ), + SignatureVerifierImpl_createInstance, SignatureVerifierImpl_getSupportedServiceNames() ) ); + + if (xFactory.is()) + { + xFactory->acquire(); + pRet = xFactory.get(); + } + } + + //SAXEventKeeper + if ( pServiceManager && implName.equals(SAXEventKeeperImpl_getImplementationName()) ) + { + Reference< XSingleServiceFactory > xFactory( createSingleFactory( + reinterpret_cast< XMultiServiceFactory * >( pServiceManager ), + OUString::createFromAscii( pImplName ), + SAXEventKeeperImpl_createInstance, SAXEventKeeperImpl_getSupportedServiceNames() ) ); + + if (xFactory.is()) + { + xFactory->acquire(); + pRet = xFactory.get(); + } + } + + //XMLSignatureTemplate + if ( pServiceManager && implName.equals( XMLSignatureTemplateImpl::impl_getImplementationName()) ) + { + Reference< XSingleServiceFactory > xFactory = XMLSignatureTemplateImpl::impl_createFactory( + reinterpret_cast< XMultiServiceFactory* >( pServiceManager ) ) ; + + if (xFactory.is()) + { + xFactory->acquire(); + pRet = xFactory.get(); + } + } + + //XMLEncryptionTemplate + if ( pServiceManager && implName.equals( XMLEncryptionTemplateImpl::impl_getImplementationName()) ) + { + Reference< XSingleServiceFactory > xFactory = XMLEncryptionTemplateImpl::impl_createFactory( + reinterpret_cast< XMultiServiceFactory* >( pServiceManager ) ) ; + + if (xFactory.is()) + { + xFactory->acquire(); + pRet = xFactory.get(); + } + } + + return pRet; +} +} + + diff --git a/xmlsecurity/source/helper/documentsignaturehelper.cxx b/xmlsecurity/source/helper/documentsignaturehelper.cxx new file mode 100644 index 000000000000..ca2cfe941f4d --- /dev/null +++ b/xmlsecurity/source/helper/documentsignaturehelper.cxx @@ -0,0 +1,465 @@ +/*************************************************************************
+ *
+ * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
+ *
+ * Copyright 2008 by Sun Microsystems, Inc.
+ *
+ * OpenOffice.org - a multi-platform office productivity suite
+ *
+ * $RCSfile: documentsignaturehelper.cxx,v $
+ * $Revision: 1.11 $
+ *
+ * This file is part of OpenOffice.org.
+ *
+ * OpenOffice.org is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU Lesser General Public License version 3
+ * only, as published by the Free Software Foundation.
+ *
+ * OpenOffice.org is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU Lesser General Public License version 3 for more details
+ * (a copy is included in the LICENSE file that accompanied this code).
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * version 3 along with OpenOffice.org. If not, see
+ * <http://www.openoffice.org/license.html>
+ * for a copy of the LGPLv3 License.
+ *
+ ************************************************************************/
+
+// MARKER(update_precomp.py): autogen include statement, do not remove
+#include "precompiled_xmlsecurity.hxx"
+
+#include <xmlsecurity/documentsignaturehelper.hxx>
+
+#include <com/sun/star/container/XNameAccess.hpp>
+#include <com/sun/star/lang/XComponent.hpp>
+#include <com/sun/star/lang/DisposedException.hpp>
+#include <com/sun/star/embed/XStorage.hpp>
+#include <com/sun/star/embed/ElementModes.hpp>
+#include "com/sun/star/beans/XPropertySet.hpp"
+
+#include "comphelper/documentconstants.hxx"
+#include <tools/debug.hxx>
+#include "rtl/uri.hxx"
+
+using namespace ::com::sun::star::uno;
+//using namespace ::com::sun::star;
+namespace css = ::com::sun::star;
+using rtl::OUString;
+
+
+namespace
+{
+::rtl::OUString getElement(::rtl::OUString const & version, ::sal_Int32 * index)
+{
+ while (*index < version.getLength() && version[*index] == '0') {
+ ++*index;
+ }
+ return version.getToken(0, '.', *index);
+}
+
+
+
+// Return 1 if version1 is greater then version 2, 0 if they are equal
+//and -1 if version1 is less version 2
+int compareVersions(
+ ::rtl::OUString const & version1, ::rtl::OUString const & version2)
+{
+ for (::sal_Int32 i1 = 0, i2 = 0; i1 >= 0 || i2 >= 0;) {
+ ::rtl::OUString e1(getElement(version1, &i1));
+ ::rtl::OUString e2(getElement(version2, &i2));
+ if (e1.getLength() < e2.getLength()) {
+ return -1;
+ } else if (e1.getLength() > e2.getLength()) {
+ return 1;
+ } else if (e1 < e2) {
+ return -1;
+ } else if (e1 > e2) {
+ return 1;
+ }
+ }
+ return 0;
+}
+}
+//If the OOo 3.0 mode is used then we exclude
+//'mimetype' and all content of 'META-INF'.
+//If the argument 'bSigning' is true then the element list is created for a signing
+//operation in which case we use the latest signing algorithm. That is all elements
+//we find in the zip storage are added to the list. We do not support the old signatures
+//which did not contain all files.
+//If 'bSigning' is false, then we validate. If the user enabled validating according to OOo 3.0
+//then mimetype and all content of META-INF must be excluded.
+void ImplFillElementList(
+ std::vector< rtl::OUString >& rList, const Reference < css::embed::XStorage >& rxStore,
+ const ::rtl::OUString rRootStorageName, const bool bRecursive,
+ const DocumentSignatureAlgorithm mode)
+{
+ ::rtl::OUString aMetaInfName( RTL_CONSTASCII_USTRINGPARAM( "META-INF" ) );
+ ::rtl::OUString sMimeTypeName (RTL_CONSTASCII_USTRINGPARAM("mimetype"));
+ ::rtl::OUString aSep( RTL_CONSTASCII_USTRINGPARAM( "/" ) );
+
+ Reference < css::container::XNameAccess > xElements( rxStore, UNO_QUERY );
+ Sequence< ::rtl::OUString > aElements = xElements->getElementNames();
+ sal_Int32 nElements = aElements.getLength();
+ const ::rtl::OUString* pNames = aElements.getConstArray();
+
+ for ( sal_Int32 n = 0; n < nElements; n++ )
+ {
+ if (mode != OOo3_2Document
+ && (pNames[n] == aMetaInfName
+ || pNames[n] == sMimeTypeName))
+ {
+ continue;
+ }
+ else
+ {
+ ::rtl::OUString sEncName = ::rtl::Uri::encode(
+ pNames[n], rtl_UriCharClassRelSegment,
+ rtl_UriEncodeStrict, RTL_TEXTENCODING_UTF8);
+ if (sEncName.getLength() == 0 && pNames[n].getLength() != 0)
+ throw css::uno::Exception(::rtl::OUString(
+ RTL_CONSTASCII_USTRINGPARAM("Failed to encode element name of XStorage")), 0);
+
+ if ( rxStore->isStreamElement( pNames[n] ) )
+ {
+ //Exclude documentsignatures.xml!
+ if (pNames[n].equals(
+ DocumentSignatureHelper::GetDocumentContentSignatureDefaultStreamName()))
+ continue;
+ ::rtl::OUString aFullName( rRootStorageName + sEncName );
+ rList.push_back(aFullName);
+ }
+ else if ( bRecursive && rxStore->isStorageElement( pNames[n] ) )
+ {
+ Reference < css::embed::XStorage > xSubStore = rxStore->openStorageElement( pNames[n], css::embed::ElementModes::READ );
+ rtl::OUString aFullRootName( rRootStorageName + sEncName + aSep );
+ ImplFillElementList(rList, xSubStore, aFullRootName, bRecursive, mode);
+ }
+ }
+ }
+}
+
+
+bool DocumentSignatureHelper::isODFPre_1_2(const ::rtl::OUString & sVersion)
+{
+ //The property version exists only if the document is at least version 1.2
+ //That is, if the document has version 1.1 and sVersion is empty.
+ //The constant is defined in comphelper/documentconstants.hxx
+ if (compareVersions(sVersion, ODFVER_012_TEXT) == -1)
+ return true;
+ return false;
+}
+
+bool DocumentSignatureHelper::isOOo3_2_Signature(const SignatureInformation & sigInfo)
+{
+ ::rtl::OUString sManifestURI(RTL_CONSTASCII_USTRINGPARAM("META-INF/manifest.xml"));
+ bool bOOo3_2 = false;
+ typedef ::std::vector< SignatureReferenceInformation >::const_iterator CIT;
+ for (CIT i = sigInfo.vSignatureReferenceInfors.begin();
+ i < sigInfo.vSignatureReferenceInfors.end(); i++)
+ {
+ if (i->ouURI.equals(sManifestURI))
+ {
+ bOOo3_2 = true;
+ break;
+ }
+ }
+ return bOOo3_2;
+}
+
+DocumentSignatureAlgorithm
+DocumentSignatureHelper::getDocumentAlgorithm(
+ const ::rtl::OUString & sODFVersion, const SignatureInformation & sigInfo)
+{
+ OSL_ASSERT(sODFVersion.getLength());
+ DocumentSignatureAlgorithm mode = OOo3_2Document;
+ if (!isOOo3_2_Signature(sigInfo))
+ {
+ if (isODFPre_1_2(sODFVersion))
+ mode = OOo2Document;
+ else
+ mode = OOo3_0Document;
+ }
+ return mode;
+}
+
+//The function creates a list of files which are to be signed or for which
+//the signature is to be validated. The strings are UTF8 encoded URIs which
+//contain '/' as path separators.
+//
+//The algorithm how document signatures are created and validated has
+//changed over time. The change affects only which files within the document
+//are changed. Document signatures created by OOo 2.x only used particular files. Since
+//OOo 3.0 everything except "mimetype" and "META-INF" are signed. As of OOo 3.2 everything
+//except META-INF/documentsignatures.xml is signed.
+//Signatures are validated according to the algorithm which was then used for validation.
+//That is, when validating a signature which was created by OOo 3.0, then mimetype and
+//META-INF are not used.
+//
+//When a signature is created then we always use the latest algorithm. That is, we use
+//that of OOo 3.2
+std::vector< rtl::OUString >
+DocumentSignatureHelper::CreateElementList(
+ const Reference < css::embed::XStorage >& rxStore,
+ const ::rtl::OUString /*rRootStorageName*/, DocumentSignatureMode eMode,
+ const DocumentSignatureAlgorithm mode)
+{
+ std::vector< rtl::OUString > aElements;
+ ::rtl::OUString aSep( RTL_CONSTASCII_USTRINGPARAM( "/" ) );
+
+ switch ( eMode )
+ {
+ case SignatureModeDocumentContent:
+ {
+ if (mode == OOo2Document) //that is, ODF 1.0, 1.1
+ {
+ // 1) Main content
+ ImplFillElementList(aElements, rxStore, ::rtl::OUString(), false, mode);
+
+ // 2) Pictures...
+ rtl::OUString aSubStorageName( rtl::OUString::createFromAscii( "Pictures" ) );
+ try
+ {
+ Reference < css::embed::XStorage > xSubStore = rxStore->openStorageElement( aSubStorageName, css::embed::ElementModes::READ );
+ ImplFillElementList(aElements, xSubStore, aSubStorageName+aSep, true, mode);
+ }
+ catch(css::io::IOException& )
+ {
+ ; // Doesn't have to exist...
+ }
+ // 3) OLE....
+ aSubStorageName = rtl::OUString::createFromAscii( "ObjectReplacements" );
+ try
+ {
+ Reference < css::embed::XStorage > xSubStore = rxStore->openStorageElement( aSubStorageName, css::embed::ElementModes::READ );
+ ImplFillElementList(aElements, xSubStore, aSubStorageName+aSep, true, mode);
+ xSubStore.clear();
+
+ // Object folders...
+ rtl::OUString aMatchStr( rtl::OUString::createFromAscii( "Object " ) );
+ Reference < css::container::XNameAccess > xElements( rxStore, UNO_QUERY );
+ Sequence< ::rtl::OUString > aElementNames = xElements->getElementNames();
+ sal_Int32 nElements = aElementNames.getLength();
+ const ::rtl::OUString* pNames = aElementNames.getConstArray();
+ for ( sal_Int32 n = 0; n < nElements; n++ )
+ {
+ if ( ( pNames[n].match( aMatchStr ) ) && rxStore->isStorageElement( pNames[n] ) )
+ {
+ Reference < css::embed::XStorage > xTmpSubStore = rxStore->openStorageElement( pNames[n], css::embed::ElementModes::READ );
+ ImplFillElementList(aElements, xTmpSubStore, pNames[n]+aSep, true, mode);
+ }
+ }
+ }
+ catch( com::sun::star::io::IOException& )
+ {
+ ; // Doesn't have to exist...
+ }
+ }
+ else
+ {
+ // Everything except META-INF
+ ImplFillElementList(aElements, rxStore, ::rtl::OUString(), true, mode);
+ }
+ }
+ break;
+ case SignatureModeMacros:
+ {
+ // 1) Macros
+ rtl::OUString aSubStorageName( rtl::OUString::createFromAscii( "Basic" ) );
+ try
+ {
+ Reference < css::embed::XStorage > xSubStore = rxStore->openStorageElement( aSubStorageName, css::embed::ElementModes::READ );
+ ImplFillElementList(aElements, xSubStore, aSubStorageName+aSep, true, mode);
+ }
+ catch( com::sun::star::io::IOException& )
+ {
+ ; // Doesn't have to exist...
+ }
+
+ // 2) Dialogs
+ aSubStorageName = rtl::OUString::createFromAscii( "Dialogs") ;
+ try
+ {
+ Reference < css::embed::XStorage > xSubStore = rxStore->openStorageElement( aSubStorageName, css::embed::ElementModes::READ );
+ ImplFillElementList(aElements, xSubStore, aSubStorageName+aSep, true, mode);
+ }
+ catch( com::sun::star::io::IOException& )
+ {
+ ; // Doesn't have to exist...
+ }
+ // 3) Scripts
+ aSubStorageName = rtl::OUString::createFromAscii( "Scripts") ;
+ try
+ {
+ Reference < css::embed::XStorage > xSubStore = rxStore->openStorageElement( aSubStorageName, css::embed::ElementModes::READ );
+ ImplFillElementList(aElements, xSubStore, aSubStorageName+aSep, true, mode);
+ }
+ catch( css::io::IOException& )
+ {
+ ; // Doesn't have to exist...
+ }
+ }
+ break;
+ case SignatureModePackage:
+ {
+ // Everything except META-INF
+ ImplFillElementList(aElements, rxStore, ::rtl::OUString(), true, mode);
+ }
+ break;
+ }
+
+ return aElements;
+}
+
+SignatureStreamHelper DocumentSignatureHelper::OpenSignatureStream(
+ const Reference < css::embed::XStorage >& rxStore, sal_Int32 nOpenMode, DocumentSignatureMode eDocSigMode )
+{
+ sal_Int32 nSubStorageOpenMode = css::embed::ElementModes::READ;
+ if ( nOpenMode & css::embed::ElementModes::WRITE )
+ nSubStorageOpenMode = css::embed::ElementModes::WRITE;
+
+ SignatureStreamHelper aHelper;
+
+ try
+ {
+ ::rtl::OUString aSIGStoreName( RTL_CONSTASCII_USTRINGPARAM( "META-INF" ) );
+ aHelper.xSignatureStorage = rxStore->openStorageElement( aSIGStoreName, nSubStorageOpenMode );
+ if ( aHelper.xSignatureStorage.is() )
+ {
+ ::rtl::OUString aSIGStreamName;
+ if ( eDocSigMode == SignatureModeDocumentContent )
+ aSIGStreamName = DocumentSignatureHelper::GetDocumentContentSignatureDefaultStreamName();
+ else if ( eDocSigMode == SignatureModeMacros )
+ aSIGStreamName = DocumentSignatureHelper::GetScriptingContentSignatureDefaultStreamName();
+ else
+ aSIGStreamName = DocumentSignatureHelper::GetPackageSignatureDefaultStreamName();
+
+ aHelper.xSignatureStream = aHelper.xSignatureStorage->openStreamElement( aSIGStreamName, nOpenMode );
+ }
+ }
+ catch(css::io::IOException& )
+ {
+ // Doesn't have to exist...
+ DBG_ASSERT( nOpenMode == css::embed::ElementModes::READ, "Error creating signature stream..." );
+ }
+
+ return aHelper;
+}
+
+//sElementList contains all files which are expected to be signed. Only those files must me signed,
+//no more, no less.
+//The DocumentSignatureAlgorithm indicates if the document was created with OOo 2.x. Then
+//the uri s in the Reference elements in the signature, were not properly encoded.
+// For example: <Reference URI="ObjectReplacements/Object 1">
+bool DocumentSignatureHelper::checkIfAllFilesAreSigned(
+ const ::std::vector< ::rtl::OUString > & sElementList,
+ const SignatureInformation & sigInfo,
+ const DocumentSignatureAlgorithm alg)
+{
+ // Can only be valid if ALL streams are signed, which means real stream count == signed stream count
+ unsigned int nRealCount = 0;
+ for ( int i = sigInfo.vSignatureReferenceInfors.size(); i; )
+ {
+ const SignatureReferenceInformation& rInf = sigInfo.vSignatureReferenceInfors[--i];
+ // There is also an extra entry of type TYPE_SAMEDOCUMENT_REFERENCE because of signature date.
+ if ( ( rInf.nType == TYPE_BINARYSTREAM_REFERENCE ) || ( rInf.nType == TYPE_XMLSTREAM_REFERENCE ) )
+ {
+ ::rtl::OUString sReferenceURI = rInf.ouURI;
+ if (alg == OOo2Document)
+ {
+ //Comparing URIs is a difficult. Therefore we kind of normalize
+ //it before comparing. We assume that our URI do not have a leading "./"
+ //and fragments at the end (...#...)
+ sReferenceURI = ::rtl::Uri::encode(
+ sReferenceURI, rtl_UriCharClassPchar,
+ rtl_UriEncodeCheckEscapes, RTL_TEXTENCODING_UTF8);
+ }
+
+ //find the file in the element list
+ typedef ::std::vector< ::rtl::OUString >::const_iterator CIT;
+ for (CIT aIter = sElementList.begin(); aIter < sElementList.end(); aIter++)
+ {
+ ::rtl::OUString sElementListURI = *aIter;
+ if (alg == OOo2Document)
+ {
+ sElementListURI =
+ ::rtl::Uri::encode(
+ sElementListURI, rtl_UriCharClassPchar,
+ rtl_UriEncodeCheckEscapes, RTL_TEXTENCODING_UTF8);
+ }
+ if (sElementListURI.equals(sReferenceURI))
+ {
+ nRealCount++;
+ break;
+ }
+ }
+ }
+ }
+ return sElementList.size() == nRealCount;
+}
+
+/*Compares the Uri which are obtained from CreateElementList with + the path obtained from the manifest.xml. + Returns true if both strings are equal. +*/ +bool DocumentSignatureHelper::equalsReferenceUriManifestPath( + const OUString & rUri, const OUString & rPath) +{ + bool retVal = false; + //split up the uri and path into segments. Both are separated by '/'
+ std::vector<OUString> vUriSegments;
+ sal_Int32 nIndex = 0;
+ do
+ {
+ OUString aToken = rUri.getToken( 0, '/', nIndex );
+ vUriSegments.push_back(aToken);
+ }
+ while (nIndex >= 0);
+
+ std::vector<OUString> vPathSegments;
+ nIndex = 0;
+ do
+ {
+ OUString aToken = rPath.getToken( 0, '/', nIndex );
+ vPathSegments.push_back(aToken);
+ }
+ while (nIndex >= 0);
+
+ //Now compare each segment of the uri with its counterpart from the path
+ if (vUriSegments.size() == vPathSegments.size())
+ {
+ retVal = true;
+ typedef std::vector<OUString>::const_iterator CIT;
+ for (CIT i = vUriSegments.begin(), j = vPathSegments.begin();
+ i != vUriSegments.end(); i++, j++)
+ {
+ //Decode the uri segment, so that %20 becomes ' ', etc.
+ OUString sDecUri = ::rtl::Uri::decode(
+ *i, rtl_UriDecodeWithCharset, RTL_TEXTENCODING_UTF8);
+ if (!sDecUri.equals(*j))
+ {
+ retVal = false;
+ break;
+ }
+ }
+ }
+ + return retVal; +} +
+::rtl::OUString DocumentSignatureHelper::GetDocumentContentSignatureDefaultStreamName()
+{
+ return ::rtl::OUString( RTL_CONSTASCII_USTRINGPARAM( "documentsignatures.xml" ) );
+}
+
+::rtl::OUString DocumentSignatureHelper::GetScriptingContentSignatureDefaultStreamName()
+{
+ return ::rtl::OUString( RTL_CONSTASCII_USTRINGPARAM( "macrosignatures.xml" ) );
+}
+
+::rtl::OUString DocumentSignatureHelper::GetPackageSignatureDefaultStreamName()
+{
+ return ::rtl::OUString( RTL_CONSTASCII_USTRINGPARAM( "packagesignatures.xml" ) );
+}
diff --git a/xmlsecurity/source/helper/makefile.mk b/xmlsecurity/source/helper/makefile.mk new file mode 100644 index 000000000000..adc85e92f197 --- /dev/null +++ b/xmlsecurity/source/helper/makefile.mk @@ -0,0 +1,58 @@ +#************************************************************************* +# +# DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. +# +# Copyright 2008 by Sun Microsystems, Inc. +# +# OpenOffice.org - a multi-platform office productivity suite +# +# $RCSfile: makefile.mk,v $ +# +# $Revision: 1.5 $ +# +# This file is part of OpenOffice.org. +# +# OpenOffice.org is free software: you can redistribute it and/or modify +# it under the terms of the GNU Lesser General Public License version 3 +# only, as published by the Free Software Foundation. +# +# OpenOffice.org is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU Lesser General Public License version 3 for more details +# (a copy is included in the LICENSE file that accompanied this code). +# +# You should have received a copy of the GNU Lesser General Public License +# version 3 along with OpenOffice.org. If not, see +# <http://www.openoffice.org/license.html> +# for a copy of the LGPLv3 License. +# +#************************************************************************* + +PRJ=..$/.. + +PRJNAME=xmlsecurity +TARGET=helper + +ENABLE_EXCEPTIONS=TRUE + +# --- Settings ----------------------------------------------------- + +.INCLUDE : settings.mk +.INCLUDE : $(PRJ)$/util$/target.pmk + +# --- Files -------------------------------------------------------- + +SLOFILES= \ + $(SLO)$/documentsignaturehelper.obj \ + $(SLO)$/xmlsignaturehelper.obj \ + $(SLO)$/xmlsignaturehelper2.obj \ + $(SLO)$/xsecctl.obj \ + $(SLO)$/xsecparser.obj \ + $(SLO)$/xsecsign.obj \ + $(SLO)$/xsecverify.obj + + +# --- Targets ------------------------------------------------------ + +.INCLUDE : target.mk diff --git a/xmlsecurity/source/helper/xmlsignaturehelper.cxx b/xmlsecurity/source/helper/xmlsignaturehelper.cxx new file mode 100644 index 000000000000..a5890544be00 --- /dev/null +++ b/xmlsecurity/source/helper/xmlsignaturehelper.cxx @@ -0,0 +1,470 @@ +/************************************************************************* + * + * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. + * + * Copyright 2008 by Sun Microsystems, Inc. + * + * OpenOffice.org - a multi-platform office productivity suite + * + * $RCSfile: xmlsignaturehelper.cxx,v $ + * $Revision: 1.29 $ + * + * This file is part of OpenOffice.org. + * + * OpenOffice.org is free software: you can redistribute it and/or modify + * it under the terms of the GNU Lesser General Public License version 3 + * only, as published by the Free Software Foundation. + * + * OpenOffice.org is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU Lesser General Public License version 3 for more details + * (a copy is included in the LICENSE file that accompanied this code). + * + * You should have received a copy of the GNU Lesser General Public License + * version 3 along with OpenOffice.org. If not, see + * <http://www.openoffice.org/license.html> + * for a copy of the LGPLv3 License. + * + ************************************************************************/ + +// MARKER(update_precomp.py): autogen include statement, do not remove +#include "precompiled_xmlsecurity.hxx" + +#include <xmlsecurity/xmlsignaturehelper.hxx> +#include <xmlsecurity/documentsignaturehelper.hxx> +#include <xsecctl.hxx> + +#include <xmlsignaturehelper2.hxx> + +#include <tools/stream.hxx> +#include <tools/debug.hxx> + +#include <xmloff/attrlist.hxx> + +#include <com/sun/star/io/XOutputStream.hpp> +#include <com/sun/star/io/XInputStream.hpp> +#include <com/sun/star/io/XActiveDataSource.hpp> +#include <com/sun/star/lang/XComponent.hpp> +#include <com/sun/star/security/SerialNumberAdapter.hpp> +#include <com/sun/star/beans/XPropertySet.hpp> + +#include <tools/date.hxx> +#include <tools/time.hxx> + +//MM : search for the default profile +//#include <unotools/streamhelper.hxx> +//MM : end + +/* SEInitializer component */ +#define SEINITIALIZER_COMPONENT "com.sun.star.xml.crypto.SEInitializer" + +#define TAG_DOCUMENTSIGNATURES "document-signatures" +#define NS_DOCUMENTSIGNATURES "http://openoffice.org/2004/documentsignatures" +#define NS_DOCUMENTSIGNATURES_ODF_1_2 "urn:oasis:names:tc:opendocument:xmlns:digitalsignature:1.0" + +using namespace ::com::sun::star; +using namespace ::com::sun::star::uno; + +XMLSignatureHelper::XMLSignatureHelper( const uno::Reference< uno::XComponentContext >& rxCtx) + : mxCtx(rxCtx), mbODFPre1_2(false) +{ + mpXSecController = new XSecController(rxCtx); + mxSecurityController = mpXSecController; + mbError = false; +} + +XMLSignatureHelper::~XMLSignatureHelper() +{ + if ( mxSEInitializer.is() && mxSecurityContext.is() ) + mxSEInitializer->freeSecurityContext( mxSecurityContext ); +} + +bool XMLSignatureHelper::Init( const rtl::OUString& rTokenPath ) +{ + DBG_ASSERT( !mxSEInitializer.is(), "XMLSignatureHelper::Init - mxSEInitializer already set!" ); + DBG_ASSERT( !mxSecurityContext.is(), "XMLSignatureHelper::Init - mxSecurityContext already set!" ); + + ImplCreateSEInitializer(); + + if ( mxSEInitializer.is() ) + mxSecurityContext = mxSEInitializer->createSecurityContext( rTokenPath ); + + return mxSecurityContext.is(); +} + +void XMLSignatureHelper::ImplCreateSEInitializer() +{ + rtl::OUString sSEInitializer(rtl::OUString::createFromAscii( SEINITIALIZER_COMPONENT )); + uno::Reference< lang::XMultiComponentFactory > xMCF( mxCtx->getServiceManager() ); + mxSEInitializer = uno::Reference< com::sun::star::xml::crypto::XSEInitializer > ( + xMCF->createInstanceWithContext( sSEInitializer, mxCtx ), uno::UNO_QUERY ); +} + +void XMLSignatureHelper::SetUriBinding( com::sun::star::uno::Reference< com::sun::star::xml::crypto::XUriBinding >& rxUriBinding ) +{ + mxUriBinding = rxUriBinding; +} + +com::sun::star::uno::Reference< com::sun::star::xml::crypto::XUriBinding > XMLSignatureHelper::GetUriBinding() const +{ + return mxUriBinding; +} + +void XMLSignatureHelper::SetStorage( + const Reference < css::embed::XStorage >& rxStorage, + ::rtl::OUString sODFVersion) +{ + DBG_ASSERT( !mxUriBinding.is(), "SetStorage - UriBinding already set!" ); + mxUriBinding = new UriBindingHelper( rxStorage ); + DBG_ASSERT(rxStorage.is(), "SetStorage - empty storage!"); + mbODFPre1_2 = DocumentSignatureHelper::isODFPre_1_2(sODFVersion); +} + + +void XMLSignatureHelper::SetStartVerifySignatureHdl( const Link& rLink ) +{ + maStartVerifySignatureHdl = rLink; +} + + +void XMLSignatureHelper::StartMission() +{ + if ( !mxUriBinding.is() ) + mxUriBinding = new UriBindingHelper(); + + mpXSecController->startMission( mxUriBinding, mxSecurityContext ); +} + +void XMLSignatureHelper::EndMission() +{ + mpXSecController->endMission(); +} + +sal_Int32 XMLSignatureHelper::GetNewSecurityId() +{ + return mpXSecController->getNewSecurityId(); +} + +void XMLSignatureHelper::SetX509Certificate( + sal_Int32 nSecurityId, + const rtl::OUString& ouX509IssuerName, + const rtl::OUString& ouX509SerialNumber, + const rtl::OUString& ouX509Cert) +{ + mpXSecController->setX509Certificate( + nSecurityId, + ouX509IssuerName, + ouX509SerialNumber, + ouX509Cert); +} + +void XMLSignatureHelper::SetX509Certificate( + sal_Int32 nSecurityId, + sal_Int32 nSecurityEnvironmentIndex, + const rtl::OUString& ouX509IssuerName, + const rtl::OUString& ouX509SerialNumber, + const rtl::OUString& ouX509Cert) +{ + mpXSecController->setX509Certificate( + nSecurityId, + nSecurityEnvironmentIndex, + ouX509IssuerName, + ouX509SerialNumber, + ouX509Cert); +} + +void XMLSignatureHelper::SetDateTime( sal_Int32 nSecurityId, const Date& rDate, const Time& rTime ) +{ + /* + rtl::OUString aDate = String::CreateFromInt32( rDate.GetDate() ); + rtl::OUString aTime = String::CreateFromInt32( rTime.GetTime() ); + mpXSecController->setDateTime( nSecurityId, aDate, aTime ); + */ + ::com::sun::star::util::DateTime stDateTime; + stDateTime.HundredthSeconds = (::sal_uInt16)rTime.Get100Sec(); + stDateTime.Seconds = (::sal_uInt16)rTime.GetSec(); + stDateTime.Minutes = (::sal_uInt16)rTime.GetMin(); + stDateTime.Hours = (::sal_uInt16)rTime.GetHour(); + stDateTime.Day = (::sal_uInt16)rDate.GetDay(); + stDateTime.Month = (::sal_uInt16)rDate.GetMonth(); + stDateTime.Year = (::sal_uInt16)rDate.GetYear(); + mpXSecController->setDate( nSecurityId, stDateTime ); +} + +void XMLSignatureHelper::AddForSigning( sal_Int32 nSecurityId, const rtl::OUString& uri, const rtl::OUString& objectURL, sal_Bool bBinary ) +{ + mpXSecController->signAStream( nSecurityId, uri, objectURL, bBinary ); +} + + +uno::Reference<xml::sax::XDocumentHandler> XMLSignatureHelper::CreateDocumentHandlerWithHeader( + const com::sun::star::uno::Reference< com::sun::star::io::XOutputStream >& xOutputStream ) +{ + /* + * get SAX writer component + */ + uno::Reference< lang::XMultiComponentFactory > xMCF( mxCtx->getServiceManager() ); + uno::Reference< io::XActiveDataSource > xSaxWriter( + xMCF->createInstanceWithContext(rtl::OUString::createFromAscii( + "com.sun.star.xml.sax.Writer"), mxCtx ), uno::UNO_QUERY ); + + DBG_ASSERT( xSaxWriter.is(), "can't instantiate XML writer" ); + + /* + * connect XML writer to output stream + */ + xSaxWriter->setOutputStream( xOutputStream ); + + /* + * prepare document handler + */ + uno::Reference<xml::sax::XDocumentHandler> + xDocHandler( xSaxWriter,uno::UNO_QUERY); + + /* + * write the xml context for signatures + */ + rtl::OUString tag_AllSignatures(RTL_CONSTASCII_USTRINGPARAM(TAG_DOCUMENTSIGNATURES)); + + SvXMLAttributeList *pAttributeList = new SvXMLAttributeList(); + rtl::OUString sNamespace; + if (mbODFPre1_2) + sNamespace = rtl::OUString(RTL_CONSTASCII_USTRINGPARAM(NS_DOCUMENTSIGNATURES)); + else + sNamespace = rtl::OUString(RTL_CONSTASCII_USTRINGPARAM(NS_DOCUMENTSIGNATURES_ODF_1_2)); + + pAttributeList->AddAttribute( + rtl::OUString(RTL_CONSTASCII_USTRINGPARAM(ATTR_XMLNS)), + sNamespace); + + xDocHandler->startDocument(); + xDocHandler->startElement( + tag_AllSignatures, + uno::Reference< com::sun::star::xml::sax::XAttributeList > (pAttributeList)); + + return xDocHandler; +} + +void XMLSignatureHelper::CloseDocumentHandler( const uno::Reference<xml::sax::XDocumentHandler>& xDocumentHandler ) +{ + rtl::OUString tag_AllSignatures(RTL_CONSTASCII_USTRINGPARAM(TAG_DOCUMENTSIGNATURES)); + xDocumentHandler->endElement( tag_AllSignatures ); + xDocumentHandler->endDocument(); +} + +void XMLSignatureHelper::ExportSignature( + const uno::Reference< xml::sax::XDocumentHandler >& xDocumentHandler, + const SignatureInformation& signatureInfo ) +{ + mpXSecController->exportSignature(xDocumentHandler, signatureInfo); +} + +bool XMLSignatureHelper::CreateAndWriteSignature( const uno::Reference< xml::sax::XDocumentHandler >& xDocumentHandler ) +{ + mbError = false; + + /* + * create a signature listener + */ +/* + ImplXMLSignatureListener* pSignatureListener = new ImplXMLSignatureListener( + LINK( this, XMLSignatureHelper, SignatureCreationResultListener ), + LINK( this, XMLSignatureHelper, SignatureVerifyResultListener ), + LINK( this, XMLSignatureHelper, StartVerifySignatureElement ) ); +*/ + /* + * configure the signature creation listener + */ + //mpXSecController->setSignatureCreationResultListener( pSignatureListener ); + + /* + * write signatures + */ + if ( !mpXSecController->WriteSignature( xDocumentHandler ) ) + { + mbError = true; + } + + /* + * clear up the signature creation listener + */ + //mpXSecController->setSignatureCreationResultListener( NULL ); + + return !mbError; +} + +bool XMLSignatureHelper::CreateAndWriteSignature( const com::sun::star::uno::Reference< com::sun::star::io::XOutputStream >& xOutputStream ) +{ + uno::Reference<xml::sax::XDocumentHandler> xDocHandler + = CreateDocumentHandlerWithHeader(xOutputStream); + + bool rc = CreateAndWriteSignature( xDocHandler ); + + CloseDocumentHandler(xDocHandler); + + return rc; +} + +bool XMLSignatureHelper::ReadAndVerifySignature( const com::sun::star::uno::Reference< com::sun::star::io::XInputStream >& xInputStream ) +{ + mbError = false; + + DBG_ASSERT(xInputStream.is(), "input stream missing"); + + /* + * prepare ParserInputSrouce + */ + xml::sax::InputSource aParserInput; + // aParserInput.sSystemId = ouName; + aParserInput.aInputStream = xInputStream; + + /* + * get SAX parser component + */ + uno::Reference< lang::XMultiComponentFactory > xMCF( mxCtx->getServiceManager() ); + uno::Reference< xml::sax::XParser > xParser( + xMCF->createInstanceWithContext( + rtl::OUString::createFromAscii("com.sun.star.xml.sax.Parser"), mxCtx ), + uno::UNO_QUERY ); + + DBG_ASSERT( xParser.is(), "Can't create parser" ); + + /* + * create a signature reader + */ + uno::Reference< xml::sax::XDocumentHandler > xHandler + = mpXSecController->createSignatureReader( ); + + /* + * create a signature listener + */ + ImplXMLSignatureListener* pSignatureListener = new ImplXMLSignatureListener( + LINK( this, XMLSignatureHelper, SignatureCreationResultListener ), + LINK( this, XMLSignatureHelper, SignatureVerifyResultListener ), + LINK( this, XMLSignatureHelper, StartVerifySignatureElement ) ); + + /* + * configure the signature verify listener + */ + //mpXSecController->setSignatureVerifyResultListener( pSignatureListener ); + + /* + * setup the connection: + * Parser -> SignatureListener -> SignatureReader + */ + pSignatureListener->setNextHandler(xHandler); + xParser->setDocumentHandler( pSignatureListener ); + + /* + * parser the stream + */ + try + { + xParser->parseStream( aParserInput ); + } + catch( xml::sax::SAXParseException& ) + { + mbError = true; + } + catch( xml::sax::SAXException& ) + { + mbError = true; + } + catch( com::sun::star::io::IOException& ) + { + mbError = true; + } + catch( uno::Exception& ) + { + mbError = true; + } + + /* + * clear up the connection + */ + pSignatureListener->setNextHandler( NULL ); + + /* + * clear up the signature verify listener + */ + //mpXSecController->setSignatureVerifyResultListener( NULL ); + + /* + * release the signature reader + */ + mpXSecController->releaseSignatureReader( ); + + return !mbError; +} + +SignatureInformation XMLSignatureHelper::GetSignatureInformation( sal_Int32 nSecurityId ) const +{ + return mpXSecController->getSignatureInformation( nSecurityId ); +} + +SignatureInformations XMLSignatureHelper::GetSignatureInformations() const +{ + return mpXSecController->getSignatureInformations(); +} + +uno::Reference< ::com::sun::star::xml::crypto::XSecurityEnvironment > XMLSignatureHelper::GetSecurityEnvironment() +{ + return (mxSecurityContext.is()?(mxSecurityContext->getSecurityEnvironment()): uno::Reference< ::com::sun::star::xml::crypto::XSecurityEnvironment >()); +} + +uno::Reference< ::com::sun::star::xml::crypto::XSecurityEnvironment > XMLSignatureHelper::GetSecurityEnvironmentByIndex(sal_Int32 nId) +{ + return (mxSecurityContext.is()?(mxSecurityContext->getSecurityEnvironmentByIndex(nId)): uno::Reference< ::com::sun::star::xml::crypto::XSecurityEnvironment >()); +} + +sal_Int32 XMLSignatureHelper::GetSecurityEnvironmentNumber() +{ + return (mxSecurityContext.is()?(mxSecurityContext->getSecurityEnvironmentNumber()): 0); +} + + +/* +void XMLSignatureHelper::createSecurityContext( rtl::OUString tokenPath ) +{ + if ( !mxSEInitializer.is() ) + ImplCreateSEInitializer(); + + mxSecurityContext = mxSEInitializer->createSecurityContext(tokenPath); +} + +void XMLSignatureHelper::freeSecurityContext() +{ + if ( !mxSEInitializer.is() ) + ImplCreateSEInitializer(); + + mxSEInitializer->freeSecurityContext( mxSecurityContext ); +} +*/ + +IMPL_LINK( XMLSignatureHelper, SignatureCreationResultListener, XMLSignatureCreationResult*, pResult ) +{ + maCreationResults.insert( maCreationResults.begin() + maCreationResults.size(), *pResult ); + if ( pResult->nSignatureCreationResult != com::sun::star::xml::crypto::SecurityOperationStatus_OPERATION_SUCCEEDED ) + mbError = true; + return 0; +} + +IMPL_LINK( XMLSignatureHelper, SignatureVerifyResultListener, XMLSignatureVerifyResult*, pResult ) +{ + maVerifyResults.insert( maVerifyResults.begin() + maVerifyResults.size(), *pResult ); + if ( pResult->nSignatureVerifyResult != com::sun::star::xml::crypto::SecurityOperationStatus_OPERATION_SUCCEEDED ) + mbError = true; + return 0; +} + +IMPL_LINK( XMLSignatureHelper, StartVerifySignatureElement, const uno::Reference< com::sun::star::xml::sax::XAttributeList >*, pAttrs ) +{ + if ( !maStartVerifySignatureHdl.IsSet() || maStartVerifySignatureHdl.Call( (void*)pAttrs ) ) + { + sal_Int32 nSignatureId = mpXSecController->getNewSecurityId(); + mpXSecController->addSignature( nSignatureId ); + } + + return 0; +} diff --git a/xmlsecurity/source/helper/xmlsignaturehelper2.cxx b/xmlsecurity/source/helper/xmlsignaturehelper2.cxx new file mode 100644 index 000000000000..9baa6d7061c4 --- /dev/null +++ b/xmlsecurity/source/helper/xmlsignaturehelper2.cxx @@ -0,0 +1,235 @@ +/************************************************************************* + * + * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. + * + * Copyright 2008 by Sun Microsystems, Inc. + * + * OpenOffice.org - a multi-platform office productivity suite + * + * $RCSfile: xmlsignaturehelper2.cxx,v $ + * $Revision: 1.10 $ + * + * This file is part of OpenOffice.org. + * + * OpenOffice.org is free software: you can redistribute it and/or modify + * it under the terms of the GNU Lesser General Public License version 3 + * only, as published by the Free Software Foundation. + * + * OpenOffice.org is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU Lesser General Public License version 3 for more details + * (a copy is included in the LICENSE file that accompanied this code). + * + * You should have received a copy of the GNU Lesser General Public License + * version 3 along with OpenOffice.org. If not, see + * <http://www.openoffice.org/license.html> + * for a copy of the LGPLv3 License. + * + ************************************************************************/ + +// MARKER(update_precomp.py): autogen include statement, do not remove +#include "precompiled_xmlsecurity.hxx" + +#include <xmlsecurity/xmlsignaturehelper.hxx> +#include <xmlsignaturehelper2.hxx> + +#include <unotools/streamhelper.hxx> + +#include <com/sun/star/embed/XStorage.hpp> +#include <com/sun/star/embed/XStorageRawAccess.hpp> +#include <com/sun/star/embed/ElementModes.hpp> +#include <com/sun/star/beans/XPropertySet.hpp> +#include "rtl/uri.hxx" + +using namespace com::sun::star; + +ImplXMLSignatureListener::ImplXMLSignatureListener( const Link& rCreationResultListenerListener, const Link rVerifyResultListenerListener, const Link rStartSignatureElement ) +{ + maCreationResultListenerListener = rCreationResultListenerListener; + maVerifyResultListenerListener = rVerifyResultListenerListener; + maStartVerifySignatureElementListener = rStartSignatureElement; + +} +ImplXMLSignatureListener::~ImplXMLSignatureListener() +{ +} + +void ImplXMLSignatureListener::setNextHandler( + uno::Reference< xml::sax::XDocumentHandler > xNextHandler) +{ + m_xNextHandler = xNextHandler; +} + +void SAL_CALL ImplXMLSignatureListener::signatureCreated( sal_Int32 securityId, com::sun::star::xml::crypto::SecurityOperationStatus nResult ) + throw (com::sun::star::uno::RuntimeException) +{ + XMLSignatureCreationResult aResult( securityId, nResult ); + maCreationResultListenerListener.Call( &aResult ); +} + +void SAL_CALL ImplXMLSignatureListener::signatureVerified( sal_Int32 securityId, com::sun::star::xml::crypto::SecurityOperationStatus nResult ) + throw (com::sun::star::uno::RuntimeException) +{ + XMLSignatureVerifyResult aResult( securityId, nResult ); + maVerifyResultListenerListener.Call( &aResult ); +} + +// --------------------------------------------------------------------------------- +// XDocumentHandler +// --------------------------------------------------------------------------------- +void SAL_CALL ImplXMLSignatureListener::startDocument( ) + throw (com::sun::star::xml::sax::SAXException, com::sun::star::uno::RuntimeException) +{ + if (m_xNextHandler.is()) + { + m_xNextHandler->startDocument(); + } +} + +void SAL_CALL ImplXMLSignatureListener::endDocument( ) + throw (com::sun::star::xml::sax::SAXException, com::sun::star::uno::RuntimeException) +{ + if (m_xNextHandler.is()) + { + m_xNextHandler->endDocument(); + } +} + +void SAL_CALL ImplXMLSignatureListener::startElement( const rtl::OUString& aName, const com::sun::star::uno::Reference< com::sun::star::xml::sax::XAttributeList >& xAttribs ) + throw (com::sun::star::xml::sax::SAXException, com::sun::star::uno::RuntimeException) +{ + if ( aName == rtl::OUString(RTL_CONSTASCII_USTRINGPARAM("Signature")) ) + { + maStartVerifySignatureElementListener.Call( (void*)&xAttribs ); + } + + if (m_xNextHandler.is()) + { + m_xNextHandler->startElement( aName, xAttribs ); + } +} + +void SAL_CALL ImplXMLSignatureListener::endElement( const rtl::OUString& aName ) + throw (com::sun::star::xml::sax::SAXException, com::sun::star::uno::RuntimeException) +{ + if (m_xNextHandler.is()) + { + m_xNextHandler->endElement( aName ); + } +} + +void SAL_CALL ImplXMLSignatureListener::characters( const rtl::OUString& aChars ) + throw (com::sun::star::xml::sax::SAXException, com::sun::star::uno::RuntimeException) +{ + if (m_xNextHandler.is()) + { + m_xNextHandler->characters( aChars ); + } +} + +void SAL_CALL ImplXMLSignatureListener::ignorableWhitespace( const rtl::OUString& aWhitespaces ) + throw (com::sun::star::xml::sax::SAXException, com::sun::star::uno::RuntimeException) +{ + if (m_xNextHandler.is()) + { + m_xNextHandler->ignorableWhitespace( aWhitespaces ); + } +} + +void SAL_CALL ImplXMLSignatureListener::processingInstruction( const rtl::OUString& aTarget, const rtl::OUString& aData ) + throw (com::sun::star::xml::sax::SAXException, com::sun::star::uno::RuntimeException) +{ + if (m_xNextHandler.is()) + { + m_xNextHandler->processingInstruction( aTarget, aData ); + } +} + +void SAL_CALL ImplXMLSignatureListener::setDocumentLocator( const com::sun::star::uno::Reference< com::sun::star::xml::sax::XLocator >& xLocator ) + throw (com::sun::star::xml::sax::SAXException, com::sun::star::uno::RuntimeException) +{ + if (m_xNextHandler.is()) + { + m_xNextHandler->setDocumentLocator( xLocator ); + } +} + +// --------------------------------------------------------------------------------- +// XUriBinding +// --------------------------------------------------------------------------------- + +UriBindingHelper::UriBindingHelper() +{ +} + +UriBindingHelper::UriBindingHelper( const com::sun::star::uno::Reference < com::sun::star::embed::XStorage >& rxStorage ) +{ + mxStorage = rxStorage; +} + + +void SAL_CALL UriBindingHelper::setUriBinding( const rtl::OUString& /*uri*/, const uno::Reference< io::XInputStream >&) + throw (uno::Exception, uno::RuntimeException) +{ +} + +uno::Reference< io::XInputStream > SAL_CALL UriBindingHelper::getUriBinding( const rtl::OUString& uri ) + throw (uno::Exception, uno::RuntimeException) +{ + uno::Reference< io::XInputStream > xInputStream; + if ( mxStorage.is() ) + { + xInputStream = OpenInputStream( mxStorage, uri ); + } + else + { + SvFileStream* pStream = new SvFileStream( uri, STREAM_READ ); + pStream->Seek( STREAM_SEEK_TO_END ); + ULONG nBytes = pStream->Tell(); + pStream->Seek( STREAM_SEEK_TO_BEGIN ); + SvLockBytesRef xLockBytes = new SvLockBytes( pStream, TRUE ); + xInputStream = new utl::OInputStreamHelper( xLockBytes, nBytes ); + } + return xInputStream; +} + +uno::Reference < io::XInputStream > UriBindingHelper::OpenInputStream( const uno::Reference < embed::XStorage >& rxStore, const rtl::OUString& rURI ) +{ + OSL_ASSERT(rURI.getLength()); + uno::Reference < io::XInputStream > xInStream; + + sal_Int32 nSepPos = rURI.indexOf( '/' ); + if ( nSepPos == -1 ) + { + // Cloning because of I can't keep all storage references open + // MBA with think about a better API... + const ::rtl::OUString sName = ::rtl::Uri::decode( + rURI, rtl_UriDecodeStrict, rtl_UriCharClassRelSegment); + if (sName.getLength() == 0 && rURI.getLength() != 0) + throw uno::Exception(::rtl::OUString(RTL_CONSTASCII_USTRINGPARAM( + "Could not decode URI for stream element.")), 0); + + uno::Reference< io::XStream > xStream; + xStream = rxStore->cloneStreamElement( sName ); + if ( !xStream.is() ) + throw uno::RuntimeException(); + xInStream = xStream->getInputStream(); + } + else + { + const rtl::OUString aStoreName = ::rtl::Uri::decode( + rURI.copy( 0, nSepPos ), rtl_UriDecodeStrict, rtl_UriCharClassRelSegment); + if (aStoreName.getLength() == 0 && rURI.getLength() != 0) + throw uno::Exception( + ::rtl::OUString(RTL_CONSTASCII_USTRINGPARAM( + "Could not decode URI for stream element.")), 0); + + rtl::OUString aElement = rURI.copy( nSepPos+1 ); + uno::Reference < embed::XStorage > xSubStore = rxStore->openStorageElement( aStoreName, embed::ElementModes::READ ); + xInStream = OpenInputStream( xSubStore, aElement ); + } + return xInStream; +} + + diff --git a/xmlsecurity/source/helper/xmlsignaturehelper2.hxx b/xmlsecurity/source/helper/xmlsignaturehelper2.hxx new file mode 100644 index 000000000000..d386b1dbbf7a --- /dev/null +++ b/xmlsecurity/source/helper/xmlsignaturehelper2.hxx @@ -0,0 +1,137 @@ +/************************************************************************* + * + * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. + * + * Copyright 2008 by Sun Microsystems, Inc. + * + * OpenOffice.org - a multi-platform office productivity suite + * + * $RCSfile: xmlsignaturehelper2.hxx,v $ + * $Revision: 1.6 $ + * + * This file is part of OpenOffice.org. + * + * OpenOffice.org is free software: you can redistribute it and/or modify + * it under the terms of the GNU Lesser General Public License version 3 + * only, as published by the Free Software Foundation. + * + * OpenOffice.org is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU Lesser General Public License version 3 for more details + * (a copy is included in the LICENSE file that accompanied this code). + * + * You should have received a copy of the GNU Lesser General Public License + * version 3 along with OpenOffice.org. If not, see + * <http://www.openoffice.org/license.html> + * for a copy of the LGPLv3 License. + * + ************************************************************************/ + +#include <tools/link.hxx> +#include <rtl/ustring.hxx> + +#include <cppuhelper/implbase1.hxx> +#include <cppuhelper/implbase3.hxx> + +#include <com/sun/star/xml/sax/XDocumentHandler.hpp> +#include <com/sun/star/xml/crypto/sax/XSignatureCreationResultListener.hpp> +#include <com/sun/star/xml/crypto/sax/XSignatureVerifyResultListener.hpp> + +namespace com { +namespace sun { +namespace star { +namespace io { + class XStream; + class XOutputStream; + class XInputStream; } +namespace embed { + class XStorage; } +}}} + + +// MT: Not needed any more, remove later... + +class ImplXMLSignatureListener : public cppu::WeakImplHelper3 +< + com::sun::star::xml::crypto::sax::XSignatureCreationResultListener, + com::sun::star::xml::crypto::sax::XSignatureVerifyResultListener, + com::sun::star::xml::sax::XDocumentHandler +> +{ +private: + Link maCreationResultListenerListener; + Link maVerifyResultListenerListener; + Link maStartVerifySignatureElementListener; + + com::sun::star::uno::Reference< + com::sun::star::xml::sax::XDocumentHandler > m_xNextHandler; + +public: + ImplXMLSignatureListener( const Link& rCreationResultListenerListener, const Link rVerifyResultListenerListener, const Link rStartVerifySignatureElement ); + ~ImplXMLSignatureListener(); + + void setNextHandler(com::sun::star::uno::Reference< + com::sun::star::xml::sax::XDocumentHandler > xNextHandler); + + // com::sun::star::xml::crypto::sax::XSignatureCreationResultListener + virtual void SAL_CALL signatureCreated( sal_Int32 securityId, com::sun::star::xml::crypto::SecurityOperationStatus creationResult ) + throw (com::sun::star::uno::RuntimeException); + + // com::sun::star::xml::crypto::sax::XSignatureVerifyResultListener + virtual void SAL_CALL signatureVerified( sal_Int32 securityId, com::sun::star::xml::crypto::SecurityOperationStatus verifyResult ) + throw (com::sun::star::uno::RuntimeException); + + // com::sun::star::xml::sax::XDocumentHandler + virtual void SAL_CALL startElement( const rtl::OUString& aName, const com::sun::star::uno::Reference< com::sun::star::xml::sax::XAttributeList >& xAttribs ) + throw (com::sun::star::xml::sax::SAXException, com::sun::star::uno::RuntimeException); + + virtual void SAL_CALL startDocument( ) + throw (com::sun::star::xml::sax::SAXException, com::sun::star::uno::RuntimeException); + + virtual void SAL_CALL endDocument( ) + throw (com::sun::star::xml::sax::SAXException, com::sun::star::uno::RuntimeException); + + virtual void SAL_CALL endElement( const rtl::OUString& aName ) + throw (com::sun::star::xml::sax::SAXException, com::sun::star::uno::RuntimeException); + + virtual void SAL_CALL characters( const rtl::OUString& aChars ) + throw (com::sun::star::xml::sax::SAXException, com::sun::star::uno::RuntimeException); + + virtual void SAL_CALL ignorableWhitespace( const rtl::OUString& aWhitespaces ) + throw (com::sun::star::xml::sax::SAXException, com::sun::star::uno::RuntimeException); + + virtual void SAL_CALL processingInstruction( const rtl::OUString& aTarget, const rtl::OUString& aData ) + throw (com::sun::star::xml::sax::SAXException, com::sun::star::uno::RuntimeException); + + virtual void SAL_CALL setDocumentLocator( const com::sun::star::uno::Reference< com::sun::star::xml::sax::XLocator >& xLocator ) + throw (com::sun::star::xml::sax::SAXException, com::sun::star::uno::RuntimeException); +}; + + +// --------------------------------------------------------------------------------- +// XUriBinding +// --------------------------------------------------------------------------------- + +class UriBindingHelper : public cppu::WeakImplHelper1 +< + com::sun::star::xml::crypto::XUriBinding +> +{ +private: + com::sun::star::uno::Reference < com::sun::star::embed::XStorage > mxStorage; + + +public: + UriBindingHelper(); + UriBindingHelper( const com::sun::star::uno::Reference < com::sun::star::embed::XStorage >& rxStorage ); + + void SAL_CALL setUriBinding( const rtl::OUString& uri, const com::sun::star::uno::Reference< com::sun::star::io::XInputStream >& aInputStream ) + throw (com::sun::star::uno::Exception, ::com::sun::star::uno::RuntimeException); + + com::sun::star::uno::Reference< com::sun::star::io::XInputStream > SAL_CALL getUriBinding( const rtl::OUString& uri ) + throw (com::sun::star::uno::Exception, ::com::sun::star::uno::RuntimeException); + + static com::sun::star::uno::Reference < com::sun::star::io::XInputStream > OpenInputStream( const com::sun::star::uno::Reference < com::sun::star::embed::XStorage >& rxStore, const rtl::OUString& rURI ); +}; + diff --git a/xmlsecurity/source/helper/xsecctl.cxx b/xmlsecurity/source/helper/xsecctl.cxx new file mode 100644 index 000000000000..159227d43fcc --- /dev/null +++ b/xmlsecurity/source/helper/xsecctl.cxx @@ -0,0 +1,1501 @@ +/************************************************************************* + * + * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. + * + * Copyright 2008 by Sun Microsystems, Inc. + * + * OpenOffice.org - a multi-platform office productivity suite + * + * $RCSfile: xsecctl.cxx,v $ + * $Revision: 1.12 $ + * + * This file is part of OpenOffice.org. + * + * OpenOffice.org is free software: you can redistribute it and/or modify + * it under the terms of the GNU Lesser General Public License version 3 + * only, as published by the Free Software Foundation. + * + * OpenOffice.org is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU Lesser General Public License version 3 for more details + * (a copy is included in the LICENSE file that accompanied this code). + * + * You should have received a copy of the GNU Lesser General Public License + * version 3 along with OpenOffice.org. If not, see + * <http://www.openoffice.org/license.html> + * for a copy of the LGPLv3 License. + * + ************************************************************************/ + +// MARKER(update_precomp.py): autogen include statement, do not remove +#include "precompiled_xmlsecurity.hxx" + +#include <xsecctl.hxx> +#include <tools/debug.hxx> + +#include <com/sun/star/xml/crypto/sax/ElementMarkPriority.hpp> +#include <com/sun/star/xml/crypto/sax/XReferenceResolvedBroadcaster.hpp> +#include <com/sun/star/xml/crypto/sax/XMissionTaker.hpp> +#include <com/sun/star/xml/crypto/sax/XReferenceCollector.hpp> +#include <com/sun/star/xml/crypto/sax/XSAXEventKeeperStatusChangeBroadcaster.hpp> +#include <com/sun/star/xml/crypto/SecurityOperationStatus.hpp> + +#include <xmloff/attrlist.hxx> +#include <rtl/math.hxx> +#include <tools/string.hxx> + +namespace cssu = com::sun::star::uno; +namespace cssl = com::sun::star::lang; +namespace cssxc = com::sun::star::xml::crypto; +namespace cssxs = com::sun::star::xml::sax; +namespace cssxw = com::sun::star::xml::wrapper; +namespace cssb = com::sun::star::beans; + +const sal_Int8 XML_MAXDIGITSCOUNT_TIME = 11; +const sal_Int8 XML_MAXDIGITSCOUNT_DATETIME = 6; + +/* bridge component names */ +#define XMLSIGNATURE_COMPONENT "com.sun.star.xml.crypto.XMLSignature" +#define XMLDOCUMENTWRAPPER_COMPONENT "com.sun.star.xml.wrapper.XMLDocumentWrapper" + +/* xml security framework components */ +#define SAXEVENTKEEPER_COMPONENT "com.sun.star.xml.crypto.sax.SAXEventKeeper" + +/* string for package protocol */ +#define PACKAGEPROTOCOL "vnd.sun.star.Package:" + +XSecController::XSecController( const cssu::Reference<cssu::XComponentContext>& rxCtx ) + :mxCtx(rxCtx), + m_nNextSecurityId(1), + m_bIsSAXEventKeeperConnected(false), + m_nStatusOfSecurityComponents(UNINITIALIZED), + m_bIsSAXEventKeeperSticky(false), + m_pErrorMessage(NULL), + m_pXSecParser(NULL) +{ +} + +XSecController::~XSecController() +{ +} + + +/* + * private methods + */ +/** convert string to number with optional min and max values */ +sal_Bool XSecController::convertNumber( sal_Int32& rValue, + const rtl::OUString& rString, + sal_Int32 /*nMin*/, sal_Int32 /*nMax*/ ) +{ + sal_Bool bNeg = sal_False; + rValue = 0; + + sal_Int32 nPos = 0L; + sal_Int32 nLen = rString.getLength(); + + // skip white space + while( nPos < nLen && sal_Unicode(' ') == rString[nPos] ) + nPos++; + + if( nPos < nLen && sal_Unicode('-') == rString[nPos] ) + { + bNeg = sal_True; + nPos++; + } + + // get number + while( nPos < nLen && + sal_Unicode('0') <= rString[nPos] && + sal_Unicode('9') >= rString[nPos] ) + { + // TODO: check overflow! + rValue *= 10; + rValue += (rString[nPos] - sal_Unicode('0')); + nPos++; + } + + if( bNeg ) + rValue *= -1; + + return nPos == nLen; +} + +/** convert util::DateTime to ISO Date String */ +void XSecController::convertDateTime( ::rtl::OUStringBuffer& rBuffer, + const com::sun::star::util::DateTime& rDateTime ) +{ + String aString( String::CreateFromInt32( rDateTime.Year ) ); + aString += '-'; + if( rDateTime.Month < 10 ) + aString += '0'; + aString += String::CreateFromInt32( rDateTime.Month ); + aString += '-'; + if( rDateTime.Day < 10 ) + aString += '0'; + aString += String::CreateFromInt32( rDateTime.Day ); + + if( rDateTime.Seconds != 0 || + rDateTime.Minutes != 0 || + rDateTime.Hours != 0 ) + { + aString += 'T'; + if( rDateTime.Hours < 10 ) + aString += '0'; + aString += String::CreateFromInt32( rDateTime.Hours ); + aString += ':'; + if( rDateTime.Minutes < 10 ) + aString += '0'; + aString += String::CreateFromInt32( rDateTime.Minutes ); + aString += ':'; + if( rDateTime.Seconds < 10 ) + aString += '0'; + aString += String::CreateFromInt32( rDateTime.Seconds ); + if ( rDateTime.HundredthSeconds > 0) + { + aString += ','; + if (rDateTime.HundredthSeconds < 10) + aString += '0'; + aString += String::CreateFromInt32( rDateTime.HundredthSeconds ); + } + } + + rBuffer.append( aString ); +} + +/** convert ISO Date String to util::DateTime */ +sal_Bool XSecController::convertDateTime( com::sun::star::util::DateTime& rDateTime, + const ::rtl::OUString& rString ) +{ + sal_Bool bSuccess = sal_True; + + rtl::OUString aDateStr, aTimeStr, sHundredth; + sal_Int32 nPos = rString.indexOf( (sal_Unicode) 'T' ); + sal_Int32 nPos2 = rString.indexOf( (sal_Unicode) ',' ); + if ( nPos >= 0 ) + { + aDateStr = rString.copy( 0, nPos ); + if ( nPos2 >= 0 ) + { + aTimeStr = rString.copy( nPos + 1, nPos2 - nPos - 1 ); + + //Get the fraction of a second with the accuracy of one hundreds second. + //The fraction part of the date could have different accuracies. To calculate + //the count of a hundredth units one could form a fractional number by appending + //the value of the time string to 0. Then multiply it by 100 and use only the whole number. + //For example: 5:27:46,1 -> 0,1 * 100 = 10 + //5:27:46,01 -> 0,01 * 100 = 1 + //5:27:46,001 -> 0,001 * 100 = 0 + //Due to the inaccuracy of floating point numbers the result may not be the same on different + //platforms. We had the case where we had a value of 24 hundredth of second, which converted to + //23 on Linux and 24 on Solaris and Windows. + + //we only support a hundredth second + //make ,1 -> 10 ,01 -> 1 ,001 -> only use first two diggits + sHundredth = rString.copy(nPos2 + 1); + sal_Int32 len = sHundredth.getLength(); + if (len == 1) + sHundredth += rtl::OUString(RTL_CONSTASCII_USTRINGPARAM("0")); + if (len > 2) + sHundredth = sHundredth.copy(0, 2); + } + else + { + aTimeStr = rString.copy(nPos + 1); + sHundredth = rtl::OUString(RTL_CONSTASCII_USTRINGPARAM("0")); + } + } + else + aDateStr = rString; // no separator: only date part + + sal_Int32 nYear = 1899; + sal_Int32 nMonth = 12; + sal_Int32 nDay = 30; + sal_Int32 nHour = 0; + sal_Int32 nMin = 0; + sal_Int32 nSec = 0; + + const sal_Unicode* pStr = aDateStr.getStr(); + sal_Int32 nDateTokens = 1; + while ( *pStr ) + { + if ( *pStr == '-' ) + nDateTokens++; + pStr++; + } + if ( nDateTokens > 3 || aDateStr.getLength() == 0 ) + bSuccess = sal_False; + else + { + sal_Int32 n = 0; + if ( !convertNumber( nYear, aDateStr.getToken( 0, '-', n ), 0, 9999 ) ) + bSuccess = sal_False; + if ( nDateTokens >= 2 ) + if ( !convertNumber( nMonth, aDateStr.getToken( 0, '-', n ), 0, 12 ) ) + bSuccess = sal_False; + if ( nDateTokens >= 3 ) + if ( !convertNumber( nDay, aDateStr.getToken( 0, '-', n ), 0, 31 ) ) + bSuccess = sal_False; + } + + if ( aTimeStr.getLength() > 0 ) // time is optional + { + pStr = aTimeStr.getStr(); + sal_Int32 nTimeTokens = 1; + while ( *pStr ) + { + if ( *pStr == ':' ) + nTimeTokens++; + pStr++; + } + if ( nTimeTokens > 3 ) + bSuccess = sal_False; + else + { + sal_Int32 n = 0; + if ( !convertNumber( nHour, aTimeStr.getToken( 0, ':', n ), 0, 23 ) ) + bSuccess = sal_False; + if ( nTimeTokens >= 2 ) + if ( !convertNumber( nMin, aTimeStr.getToken( 0, ':', n ), 0, 59 ) ) + bSuccess = sal_False; + if ( nTimeTokens >= 3 ) + if ( !convertNumber( nSec, aTimeStr.getToken( 0, ':', n ), 0, 59 ) ) + bSuccess = sal_False; + } + } + + if (bSuccess) + { + rDateTime.Year = (sal_uInt16)nYear; + rDateTime.Month = (sal_uInt16)nMonth; + rDateTime.Day = (sal_uInt16)nDay; + rDateTime.Hours = (sal_uInt16)nHour; + rDateTime.Minutes = (sal_uInt16)nMin; + rDateTime.Seconds = (sal_uInt16)nSec; + // rDateTime.HundredthSeconds = sDoubleStr.toDouble() * 100; + rDateTime.HundredthSeconds = static_cast<sal_uInt16>(sHundredth.toInt32()); + } + return bSuccess; +} + +int XSecController::findSignatureInfor( sal_Int32 nSecurityId) const +/****** XSecController/findSignatureInfor ************************************* + * + * NAME + * findSignatureInfor -- find SignatureInformation struct for a particular + * signature + * + * SYNOPSIS + * index = findSignatureInfor( nSecurityId ); + * + * FUNCTION + * see NAME. + * + * INPUTS + * nSecurityId - the signature's id + * + * RESULT + * index - the index of the signature, or -1 when no such signature + * existing + * + * HISTORY + * 08.05.2004 - implemented + * + * AUTHOR + * Michael Mi + * Email: michael.mi@sun.com + ******************************************************************************/ +{ + int i; + int size = m_vInternalSignatureInformations.size(); + + for (i=0; i<size; ++i) + { + if (m_vInternalSignatureInformations[i].signatureInfor.nSecurityId == nSecurityId) + { + return i; + } + } + + return -1; +} + +void XSecController::createXSecComponent( ) +/****** XSecController/createXSecComponent ************************************ + * + * NAME + * bResult = createXSecComponent -- creates xml security components + * + * SYNOPSIS + * createXSecComponent( ); + * + * FUNCTION + * Creates xml security components, including: + * 1. an xml signature bridge component ( Java based or C based) + * 2. an XMLDocumentWrapper component ( Java based or C based) + * 3. a SAXEventKeeper component + * + * INPUTS + * empty + * + * RESULT + * empty + * + * HISTORY + * 05.01.2004 - implemented + * + * AUTHOR + * Michael Mi + * Email: michael.mi@sun.com + ******************************************************************************/ +{ + rtl::OUString sSAXEventKeeper(rtl::OUString::createFromAscii( SAXEVENTKEEPER_COMPONENT )); + rtl::OUString sXMLSignature(rtl::OUString::createFromAscii( XMLSIGNATURE_COMPONENT )); + rtl::OUString sXMLDocument(rtl::OUString::createFromAscii( XMLDOCUMENTWRAPPER_COMPONENT )); + + /* + * marks all security components are not available. + */ + m_nStatusOfSecurityComponents = FAILTOINITIALIZED; + m_xXMLSignature = NULL; + m_xXMLDocumentWrapper = NULL; + m_xSAXEventKeeper = NULL; + + cssu::Reference< cssl::XMultiComponentFactory > xMCF( mxCtx->getServiceManager() ); + + m_xXMLSignature = cssu::Reference< cssxc::XXMLSignature >( + xMCF->createInstanceWithContext( sXMLSignature, mxCtx ), + cssu::UNO_QUERY ); + + bool bSuccess = (0!=m_xXMLSignature.is()); + if ( bSuccess ) + /* + * XMLSignature created successfully. + */ + { + m_xXMLDocumentWrapper = cssu::Reference< cssxw::XXMLDocumentWrapper >( + xMCF->createInstanceWithContext( sXMLDocument, mxCtx ), + cssu::UNO_QUERY ); + } + + bSuccess &= (0!=m_xXMLDocumentWrapper.is()); + if ( bSuccess ) + /* + * XMLDocumentWrapper created successfully. + */ + { + m_xSAXEventKeeper = cssu::Reference< cssxc::sax::XSecuritySAXEventKeeper >( + xMCF->createInstanceWithContext( sSAXEventKeeper, mxCtx ), + cssu::UNO_QUERY ); + } + + bSuccess &= (0!=m_xSAXEventKeeper.is()); + + if (bSuccess) + /* + * SAXEventKeeper created successfully. + */ + { + cssu::Reference< cssl::XInitialization > xInitialization(m_xSAXEventKeeper, cssu::UNO_QUERY); + + cssu::Sequence <cssu::Any> arg(1); + arg[0] = cssu::makeAny(m_xXMLDocumentWrapper); + xInitialization->initialize(arg); + + cssu::Reference<cssxc::sax::XSAXEventKeeperStatusChangeBroadcaster> + xSAXEventKeeperStatusChangeBroadcaster(m_xSAXEventKeeper, cssu::UNO_QUERY); + cssu::Reference< cssxc::sax::XSAXEventKeeperStatusChangeListener > + xStatusChangeListener = this; + + xSAXEventKeeperStatusChangeBroadcaster + ->addSAXEventKeeperStatusChangeListener( xStatusChangeListener ); + + m_nStatusOfSecurityComponents = INITIALIZED; + } +} + +bool XSecController::chainOn( bool bRetrievingLastEvent ) +/****** XSecController/chainOn ************************************************ + * + * NAME + * chainOn -- tyies to connect the SAXEventKeeper with the SAX chain. + * + * SYNOPSIS + * bJustChainingOn = chainOn( bRetrievingLastEvent ); + * + * FUNCTION + * First, checks whether the SAXEventKeeper is on the SAX chain. If not, + * creates xml security components, and chains the SAXEventKeeper into + * the SAX chain. + * Before being chained in, the SAXEventKeeper needs to receive all + * missed key SAX events, which can promise the DOM tree bufferred by the + * SAXEventKeeper has the same structure with the original document. + * + * INPUTS + * bRetrievingLastEvent - whether to retrieve the last key SAX event from + * the ElementStackKeeper. + * + * RESULT + * bJustChainingOn - whether the SAXEventKeeper is just chained into the + * SAX chain. + * + * NOTES + * Sometimes, the last key SAX event can't be transferred to the + * SAXEventKeeper together. + * For instance, at the time an referenced element is detected, the + * startElement event has already been reserved by the ElementStackKeeper. + * Meanwhile, an ElementCollector needs to be created before the + * SAXEventKeeper receives that startElement event. + * So for the SAXEventKeeper, it needs to receive all missed key SAX + * events except that startElement event, then adds a new + * ElementCollector, then receives that startElement event. + * + * HISTORY + * 05.01.2004 - implemented + * + * AUTHOR + * Michael Mi + * Email: michael.mi@sun.com + ******************************************************************************/ +{ + bool rc = false; + + if (!m_bIsSAXEventKeeperSticky && !m_bIsSAXEventKeeperConnected) + { + if ( m_nStatusOfSecurityComponents == UNINITIALIZED ) + { + createXSecComponent(); + } + + if ( m_nStatusOfSecurityComponents == INITIALIZED ) + /* + * if all security components are ready, chains on the SAXEventKeeper + */ + { + /* + * disconnect the SAXEventKeeper with its current output handler, + * to make sure no SAX event is forwarded during the connecting + * phase. + */ + m_xSAXEventKeeper->setNextHandler( NULL ); + + cssu::Reference< cssxs::XDocumentHandler > xSEKHandler(m_xSAXEventKeeper, cssu::UNO_QUERY); + + /* + * connects the previous document handler on the SAX chain + */ + if ( m_xPreviousNodeOnSAXChain.is() ) + { + if ( m_bIsPreviousNodeInitializable ) + { + cssu::Reference< cssl::XInitialization > xInitialization + (m_xPreviousNodeOnSAXChain, cssu::UNO_QUERY); + + cssu::Sequence<cssu::Any> aArgs( 1 ); + aArgs[0] <<= xSEKHandler; + xInitialization->initialize(aArgs); + } + else + { + cssu::Reference< cssxs::XParser > xParser + (m_xPreviousNodeOnSAXChain, cssu::UNO_QUERY); + xParser->setDocumentHandler( xSEKHandler ); + } + } + + /* + * get missed key SAX events + */ + if (m_xElementStackKeeper.is()) + { + m_xElementStackKeeper->retrieve(xSEKHandler, bRetrievingLastEvent); + + /* + * now the ElementStackKeeper can stop its work, because the + * SAXEventKeeper is on the SAX chain, no SAX events will be + * missed. + */ + m_xElementStackKeeper->stop(); + } + + /* + * connects the next document handler on the SAX chain + */ + m_xSAXEventKeeper->setNextHandler( m_xNextNodeOnSAXChain ); + + m_bIsSAXEventKeeperConnected = true; + + rc = true; + } + } + + return rc; +} + +void XSecController::chainOff() +/****** XSecController/chainOff *********************************************** + * + * NAME + * chainOff -- disconnects the SAXEventKeeper from the SAX chain. + * + * SYNOPSIS + * chainOff( ); + * + * FUNCTION + * See NAME. + * + * INPUTS + * empty + * + * RESULT + * empty + * + * HISTORY + * 05.01.2004 - implemented + * + * AUTHOR + * Michael Mi + * Email: michael.mi@sun.com + ******************************************************************************/ +{ + if (!m_bIsSAXEventKeeperSticky ) + { + if (m_bIsSAXEventKeeperConnected) + { + m_xSAXEventKeeper->setNextHandler( NULL ); + + if ( m_xPreviousNodeOnSAXChain.is() ) + { + if ( m_bIsPreviousNodeInitializable ) + { + cssu::Reference< cssl::XInitialization > xInitialization + (m_xPreviousNodeOnSAXChain, cssu::UNO_QUERY); + + cssu::Sequence<cssu::Any> aArgs( 1 ); + aArgs[0] <<= m_xNextNodeOnSAXChain; + xInitialization->initialize(aArgs); + } + else + { + cssu::Reference< cssxs::XParser > xParser(m_xPreviousNodeOnSAXChain, cssu::UNO_QUERY); + xParser->setDocumentHandler( m_xNextNodeOnSAXChain ); + } + } + + if (m_xElementStackKeeper.is()) + { + /* + * start the ElementStackKeeper to reserve any possible + * missed key SAX events + */ + m_xElementStackKeeper->start(); + } + + m_bIsSAXEventKeeperConnected = false; + } + } +} + +void XSecController::checkChainingStatus() +/****** XSecController/checkChainingStatus ************************************ + * + * NAME + * checkChainingStatus -- connects or disconnects the SAXEventKeeper + * according to the current situation. + * + * SYNOPSIS + * checkChainingStatus( ); + * + * FUNCTION + * The SAXEventKeeper is chained into the SAX chain, when: + * 1. some element is being collected, or + * 2. the SAX event stream is blocking. + * Otherwise, chain off the SAXEventKeeper. + * + * INPUTS + * empty + * + * RESULT + * empty + * + * HISTORY + * 05.01.2004 - implemented + * + * AUTHOR + * Michael Mi + * Email: michael.mi@sun.com + ******************************************************************************/ +{ + if ( m_bIsCollectingElement || m_bIsBlocking ) + { + chainOn(true); + } + else + { + chainOff(); + } +} + +void XSecController::initializeSAXChain() +/****** XSecController/initializeSAXChain ************************************* + * + * NAME + * initializeSAXChain -- initializes the SAX chain according to the + * current setting. + * + * SYNOPSIS + * initializeSAXChain( ); + * + * FUNCTION + * Initializes the SAX chain, if the SAXEventKeeper is asked to be always + * on the SAX chain, chains it on. Otherwise, starts the + * ElementStackKeeper to reserve key SAX events. + * + * INPUTS + * empty + * + * RESULT + * empty + * + * HISTORY + * 05.01.2004 - implemented + * + * AUTHOR + * Michael Mi + * Email: michael.mi@sun.com + ******************************************************************************/ +{ + m_bIsSAXEventKeeperConnected = false; + m_bIsCollectingElement = false; + m_bIsBlocking = false; + + if (m_xElementStackKeeper.is()) + { + /* + * starts the ElementStackKeeper + */ + m_xElementStackKeeper->start(); + } + + chainOff(); +} + +cssu::Reference< com::sun::star::io::XInputStream > + XSecController::getObjectInputStream( const rtl::OUString& objectURL ) +/****** XSecController/getObjectInputStream ************************************ + * + * NAME + * getObjectInputStream -- get a XInputStream interface from a SvStorage + * + * SYNOPSIS + * xInputStream = getObjectInputStream( objectURL ); + * + * FUNCTION + * See NAME. + * + * INPUTS + * objectURL - the object uri + * + * RESULT + * xInputStream - the XInputStream interface + * + * HISTORY + * 15.04.2004 - implemented + * + * AUTHOR + * Michael Mi + * Email: michael.mi@sun.com + ******************************************************************************/ +{ + cssu::Reference< com::sun::star::io::XInputStream > xObjectInputStream; + + DBG_ASSERT( m_xUriBinding.is(), "Need XUriBinding!" ); + + xObjectInputStream = m_xUriBinding->getUriBinding(objectURL); + + return xObjectInputStream; +} + +#if 0 +sal_Int32 XSecController::getFastPropertyIndex(sal_Int32 nHandle) const +/****** XSecController/getFastPropertyIndex *********************************** + * + * NAME + * getFastPropertyIndex -- gets the index of a particular fast property + * + * SYNOPSIS + * nIndex = getFastPropertyIndex( nHandle ); + * + * FUNCTION + * See NAME. + * + * INPUTS + * nHandle - the key for the fast property + * + * RESULT + * nIndex - the index of the fast property, or -1 + * if the key is not found. + * + * HISTORY + * 05.01.2004 - implemented + * + * AUTHOR + * Michael Mi + * Email: michael.mi@sun.com + ******************************************************************************/ +{ + std::vector< sal_Int32 >::const_iterator ii = m_vFastPropertyIndexs.begin(); + sal_Int32 nIndex = 0; + + bool bFound = false; + + for( ; ii != m_vFastPropertyIndexs.end(); ++ii,++nIndex ) + { + if ( nHandle == (*ii)) + { + bFound = true; + break; + } + } + + if (!bFound) + { + nIndex = -1; + } + + return nIndex; +} +#endif + +/* + * public methods + */ + +sal_Int32 XSecController::getNewSecurityId( ) +{ + sal_Int32 nId = m_nNextSecurityId; + m_nNextSecurityId++; + return nId; +} + +void XSecController::startMission( + const cssu::Reference< cssxc::XUriBinding >& xUriBinding, + const cssu::Reference< cssxc::XXMLSecurityContext >& xSecurityContext ) +/****** XSecController/startMission ******************************************* + * + * NAME + * startMission -- starts a new security mission. + * + * SYNOPSIS + * startMission( xUriBinding, xSecurityContect ); + * + * FUNCTION + * get ready for a new mission. + * + * INPUTS + * xUriBinding - the Uri binding that provide maps between uris and + * XInputStreams + * xSecurityContext - the security context component which can provide + * cryptoken + * + * RESULT + * empty + * + * HISTORY + * 05.01.2004 - implemented + * + * AUTHOR + * Michael Mi + * Email: michael.mi@sun.com + ******************************************************************************/ +{ + m_xUriBinding = xUriBinding; + + m_nStatusOfSecurityComponents = UNINITIALIZED; + m_xSecurityContext = xSecurityContext; + m_pErrorMessage = NULL; + + m_vInternalSignatureInformations.clear(); + + m_bVerifyCurrentSignature = false; +} + +void XSecController::setSAXChainConnector( + const cssu::Reference< cssl::XInitialization >& xInitialization, + const cssu::Reference< cssxs::XDocumentHandler >& xDocumentHandler, + const cssu::Reference< cssxc::sax::XElementStackKeeper >& xElementStackKeeper) +/****** XSecController/setSAXChainConnector *********************************** + * + * NAME + * setSAXChainConnector -- configures the components which will + * collaborate with the SAXEventKeeper on the SAX chain. + * + * SYNOPSIS + * setSAXChainConnector( xInitialization, + * xDocumentHandler, + * xElementStackKeeper ); + * + * FUNCTION + * See NAME. + * + * INPUTS + * xInitialization - the previous node on the SAX chain + * xDocumentHandler - the next node on the SAX chain + * xElementStackKeeper - the ElementStackKeeper component which reserves + * missed key SAX events for the SAXEventKeeper + * + * RESULT + * empty + * + * HISTORY + * 05.01.2004 - implemented + * + * AUTHOR + * Michael Mi + * Email: michael.mi@sun.com + ******************************************************************************/ +{ + m_bIsPreviousNodeInitializable = true; + m_xPreviousNodeOnSAXChain = xInitialization; + m_xNextNodeOnSAXChain = xDocumentHandler; + m_xElementStackKeeper = xElementStackKeeper; + + initializeSAXChain( ); +} + +void XSecController::setSAXChainConnector( + const cssu::Reference< cssxs::XParser >& xParser, + const cssu::Reference< cssxs::XDocumentHandler >& xDocumentHandler, + const cssu::Reference< cssxc::sax::XElementStackKeeper >& xElementStackKeeper) +/****** XSecController/setSAXChainConnector *********************************** + * + * NAME + * setSAXChainConnector -- configures the components which will + * collaborate with the SAXEventKeeper on the SAX chain. + * + * SYNOPSIS + * setSAXChainConnector( xParser, xDocumentHandler, xElementStackKeeper ); + * + * FUNCTION + * See NAME. + * + * INPUTS + * xParser - the previous node on the SAX chain + * xDocumentHandler - the next node on the SAX chain + * xElementStackKeeper -the ElementStackKeeper component which reserves + * missed key SAX events for the SAXEventKeeper + * + * RESULT + * empty + * + * HISTORY + * 05.01.2004 - implemented + * + * AUTHOR + * Michael Mi + * Email: michael.mi@sun.com + ******************************************************************************/ +{ + m_bIsPreviousNodeInitializable = false; + m_xPreviousNodeOnSAXChain = xParser; + m_xNextNodeOnSAXChain = xDocumentHandler; + m_xElementStackKeeper = xElementStackKeeper; + + initializeSAXChain( ); +} + +void XSecController::clearSAXChainConnector() +/****** XSecController/clearSAXChainConnector ********************************* + * + * NAME + * clearSAXChainConnector -- resets the collaborating components. + * + * SYNOPSIS + * clearSAXChainConnector( ); + * + * FUNCTION + * See NAME. + * + * INPUTS + * empty + * + * RESULT + * empty + * + * HISTORY + * 05.01.2004 - implemented + * + * AUTHOR + * Michael Mi + * Email: michael.mi@sun.com + ******************************************************************************/ +{ + /* + * before reseting, if the ElementStackKeeper has kept something, then + * those kept key SAX events must be transferred to the SAXEventKeeper + * first. This is to promise the next node to the SAXEventKeeper on the + * SAX chain always receives a complete document. + */ + if (m_xElementStackKeeper.is() && m_xSAXEventKeeper.is()) + { + cssu::Reference< cssxs::XDocumentHandler > xSEKHandler(m_xSAXEventKeeper, cssu::UNO_QUERY); + m_xElementStackKeeper->retrieve(xSEKHandler, sal_True); + } + + chainOff(); + + m_xPreviousNodeOnSAXChain = NULL; + m_xNextNodeOnSAXChain = NULL; + m_xElementStackKeeper = NULL; +} + +void XSecController::endMission() +/****** XSecController/endMission ********************************************* + * + * NAME + * endMission -- forces to end all missions + * + * SYNOPSIS + * endMission( ); + * + * FUNCTION + * Deletes all signature information and forces all missions to an end. + * + * INPUTS + * empty + * + * RESULT + * empty + * + * HISTORY + * 05.01.2004 - implemented + * + * AUTHOR + * Michael Mi + * Email: michael.mi@sun.com + ******************************************************************************/ +{ + sal_Int32 size = m_vInternalSignatureInformations.size(); + + for (int i=0; i<size; ++i) + { + if ( m_nStatusOfSecurityComponents == INITIALIZED ) + /* + * ResolvedListener only exist when the security components are created. + */ + { + cssu::Reference< cssxc::sax::XMissionTaker > xMissionTaker + ( m_vInternalSignatureInformations[i].xReferenceResolvedListener, cssu::UNO_QUERY ); + + /* + * askes the SignatureCreator/SignatureVerifier to release + * all resouces it uses. + */ + xMissionTaker->endMission(); + } + } + + m_xUriBinding = NULL; + m_xSecurityContext = NULL; + + /* + * free the status change listener reference to this object + */ + if (m_xSAXEventKeeper.is()) + { + cssu::Reference<cssxc::sax::XSAXEventKeeperStatusChangeBroadcaster> + xSAXEventKeeperStatusChangeBroadcaster(m_xSAXEventKeeper, cssu::UNO_QUERY); + xSAXEventKeeperStatusChangeBroadcaster + ->addSAXEventKeeperStatusChangeListener( NULL ); + } +} + +const char* XSecController::getErrorMessage() +/****** XSecController/getErrorMessage **************************************** + * + * NAME + * getErrorMessage -- get the last error message + * + * SYNOPSIS + * pErrorMessage = getErrorMessage( ); + * + * FUNCTION + * see NAME. + * + * INPUTS + * empty + * + * RESULT + * empty + * + * HISTORY + * 22.04.2004 - implemented + * + * AUTHOR + * Michael Mi + * Email: michael.mi@sun.com + ******************************************************************************/ +{ + return m_pErrorMessage; +} + +void XSecController::exportSignature( + const cssu::Reference<cssxs::XDocumentHandler>& xDocumentHandler, + const SignatureInformation& signatureInfo ) +/****** XSecController/exportSignature **************************************** + * + * NAME + * exportSignature -- export a signature structure to an XDocumentHandler + * + * SYNOPSIS + * exportSignature( xDocumentHandler, signatureInfo); + * + * FUNCTION + * see NAME. + * + * INPUTS + * xDocumentHandler - the document handler to receive the signature + * signatureInfo - signature to be exported + * + * RESULT + * empty + * + * HISTORY + * 26.05.2004 - implemented + * + * AUTHOR + * Michael Mi + * Email: michael.mi@sun.com + ******************************************************************************/ +{ + /* + * defines all element tags in Signature element. + */ + rtl::OUString tag_Signature(RTL_CONSTASCII_USTRINGPARAM(TAG_SIGNATURE)); + rtl::OUString tag_SignedInfo(RTL_CONSTASCII_USTRINGPARAM(TAG_SIGNEDINFO)); + rtl::OUString tag_CanonicalizationMethod(RTL_CONSTASCII_USTRINGPARAM(TAG_CANONICALIZATIONMETHOD)); + rtl::OUString tag_SignatureMethod(RTL_CONSTASCII_USTRINGPARAM(TAG_SIGNATUREMETHOD)); + rtl::OUString tag_Reference(RTL_CONSTASCII_USTRINGPARAM(TAG_REFERENCE)); + rtl::OUString tag_Transforms(RTL_CONSTASCII_USTRINGPARAM(TAG_TRANSFORMS)); + rtl::OUString tag_Transform(RTL_CONSTASCII_USTRINGPARAM(TAG_TRANSFORM)); + rtl::OUString tag_DigestMethod(RTL_CONSTASCII_USTRINGPARAM(TAG_DIGESTMETHOD)); + rtl::OUString tag_DigestValue(RTL_CONSTASCII_USTRINGPARAM(TAG_DIGESTVALUE)); + rtl::OUString tag_SignatureValue(RTL_CONSTASCII_USTRINGPARAM(TAG_SIGNATUREVALUE)); + rtl::OUString tag_KeyInfo(RTL_CONSTASCII_USTRINGPARAM(TAG_KEYINFO)); + rtl::OUString tag_X509Data(RTL_CONSTASCII_USTRINGPARAM(TAG_X509DATA)); + rtl::OUString tag_X509IssuerSerial(RTL_CONSTASCII_USTRINGPARAM(TAG_X509ISSUERSERIAL)); + rtl::OUString tag_X509IssuerName(RTL_CONSTASCII_USTRINGPARAM(TAG_X509ISSUERNAME)); + rtl::OUString tag_X509SerialNumber(RTL_CONSTASCII_USTRINGPARAM(TAG_X509SERIALNUMBER)); + rtl::OUString tag_X509Certificate(RTL_CONSTASCII_USTRINGPARAM(TAG_X509CERTIFICATE)); + + rtl::OUString tag_Object(RTL_CONSTASCII_USTRINGPARAM(TAG_OBJECT)); + rtl::OUString tag_SignatureProperties(RTL_CONSTASCII_USTRINGPARAM(TAG_SIGNATUREPROPERTIES)); + rtl::OUString tag_SignatureProperty(RTL_CONSTASCII_USTRINGPARAM(TAG_SIGNATUREPROPERTY)); + rtl::OUString tag_Date(RTL_CONSTASCII_USTRINGPARAM(TAG_DATE)); +#if 0 + rtl::OUString tag_Timestamp(RTL_CONSTASCII_USTRINGPARAM(TAG_TIMESTAMP)); + rtl::OUString tag_Date(RTL_CONSTASCII_USTRINGPARAM(TAG_DATE)); + rtl::OUString tag_Time(RTL_CONSTASCII_USTRINGPARAM(TAG_TIME)); +#endif + + const SignatureReferenceInformations& vReferenceInfors = signatureInfo.vSignatureReferenceInfors; + SvXMLAttributeList *pAttributeList; + + /* + * Write Signature element + */ + pAttributeList = new SvXMLAttributeList(); + pAttributeList->AddAttribute( + rtl::OUString(RTL_CONSTASCII_USTRINGPARAM(ATTR_XMLNS)), + rtl::OUString(RTL_CONSTASCII_USTRINGPARAM(NS_XMLDSIG))); + + if (signatureInfo.ouSignatureId.getLength()>0) + { + pAttributeList->AddAttribute( + rtl::OUString(RTL_CONSTASCII_USTRINGPARAM(ATTR_ID)), + rtl::OUString(signatureInfo.ouSignatureId)); + } + + xDocumentHandler->startElement( tag_Signature, cssu::Reference< cssxs::XAttributeList > (pAttributeList)); + { + /* Write SignedInfo element */ + xDocumentHandler->startElement( + tag_SignedInfo, + cssu::Reference< cssxs::XAttributeList > (new SvXMLAttributeList())); + { + /* Write CanonicalizationMethod element */ + pAttributeList = new SvXMLAttributeList(); + pAttributeList->AddAttribute( + rtl::OUString(RTL_CONSTASCII_USTRINGPARAM(ATTR_ALGORITHM)), + rtl::OUString(RTL_CONSTASCII_USTRINGPARAM(ALGO_C14N))); + xDocumentHandler->startElement( tag_CanonicalizationMethod, cssu::Reference< cssxs::XAttributeList > (pAttributeList) ); + xDocumentHandler->endElement( tag_CanonicalizationMethod ); + + /* Write SignatureMethod element */ + pAttributeList = new SvXMLAttributeList(); + pAttributeList->AddAttribute( + rtl::OUString(RTL_CONSTASCII_USTRINGPARAM(ATTR_ALGORITHM)), + rtl::OUString(RTL_CONSTASCII_USTRINGPARAM(ALGO_RSASHA1))); + xDocumentHandler->startElement( tag_SignatureMethod, cssu::Reference< cssxs::XAttributeList > (pAttributeList) ); + xDocumentHandler->endElement( tag_SignatureMethod ); + + /* Write Reference element */ + int j; + int refNum = vReferenceInfors.size(); + + for(j=0; j<refNum; ++j) + { + const SignatureReferenceInformation& refInfor = vReferenceInfors[j]; + + pAttributeList = new SvXMLAttributeList(); + if ( refInfor.nType != TYPE_SAMEDOCUMENT_REFERENCE ) + /* + * stream reference + */ + { + pAttributeList->AddAttribute( + rtl::OUString(RTL_CONSTASCII_USTRINGPARAM(ATTR_URI)), + refInfor.ouURI); + } + else + /* + * same-document reference + */ + { + pAttributeList->AddAttribute( + rtl::OUString(RTL_CONSTASCII_USTRINGPARAM(ATTR_URI)), + rtl::OUString(RTL_CONSTASCII_USTRINGPARAM(CHAR_FRAGMENT))+refInfor.ouURI); + } + + xDocumentHandler->startElement( tag_Reference, cssu::Reference< cssxs::XAttributeList > (pAttributeList) ); + { + /* Write Transforms element */ + if (refInfor.nType == TYPE_XMLSTREAM_REFERENCE) + /* + * xml stream, so c14n transform is needed + */ + { + xDocumentHandler->startElement( + tag_Transforms, + cssu::Reference< cssxs::XAttributeList > (new SvXMLAttributeList())); + { + pAttributeList = new SvXMLAttributeList(); + pAttributeList->AddAttribute( + rtl::OUString(RTL_CONSTASCII_USTRINGPARAM(ATTR_ALGORITHM)), + rtl::OUString(RTL_CONSTASCII_USTRINGPARAM(ALGO_C14N))); + xDocumentHandler->startElement( + tag_Transform, + cssu::Reference< cssxs::XAttributeList > (pAttributeList) ); + xDocumentHandler->endElement( tag_Transform ); + } + xDocumentHandler->endElement( tag_Transforms ); + } + + /* Write DigestMethod element */ + pAttributeList = new SvXMLAttributeList(); + pAttributeList->AddAttribute( + rtl::OUString(RTL_CONSTASCII_USTRINGPARAM(ATTR_ALGORITHM)), + rtl::OUString(RTL_CONSTASCII_USTRINGPARAM(ALGO_XMLDSIGSHA1))); + xDocumentHandler->startElement( + tag_DigestMethod, + cssu::Reference< cssxs::XAttributeList > (pAttributeList) ); + xDocumentHandler->endElement( tag_DigestMethod ); + + /* Write DigestValue element */ + xDocumentHandler->startElement( + tag_DigestValue, + cssu::Reference< cssxs::XAttributeList > (new SvXMLAttributeList())); + xDocumentHandler->characters( refInfor.ouDigestValue ); + xDocumentHandler->endElement( tag_DigestValue ); + } + xDocumentHandler->endElement( tag_Reference ); + } + } + xDocumentHandler->endElement( tag_SignedInfo ); + + /* Write SignatureValue element */ + xDocumentHandler->startElement( + tag_SignatureValue, + cssu::Reference< cssxs::XAttributeList > (new SvXMLAttributeList())); + xDocumentHandler->characters( signatureInfo.ouSignatureValue ); + xDocumentHandler->endElement( tag_SignatureValue ); + + /* Write KeyInfo element */ + xDocumentHandler->startElement( + tag_KeyInfo, + cssu::Reference< cssxs::XAttributeList > (new SvXMLAttributeList())); + { + /* Write X509Data element */ + xDocumentHandler->startElement( + tag_X509Data, + cssu::Reference< cssxs::XAttributeList > (new SvXMLAttributeList())); + { + /* Write X509IssuerSerial element */ + xDocumentHandler->startElement( + tag_X509IssuerSerial, + cssu::Reference< cssxs::XAttributeList > (new SvXMLAttributeList())); + { + /* Write X509IssuerName element */ + xDocumentHandler->startElement( + tag_X509IssuerName, + cssu::Reference< cssxs::XAttributeList > (new SvXMLAttributeList())); + xDocumentHandler->characters( signatureInfo.ouX509IssuerName ); + xDocumentHandler->endElement( tag_X509IssuerName ); + + /* Write X509SerialNumber element */ + xDocumentHandler->startElement( + tag_X509SerialNumber, + cssu::Reference< cssxs::XAttributeList > (new SvXMLAttributeList())); + xDocumentHandler->characters( signatureInfo.ouX509SerialNumber ); + xDocumentHandler->endElement( tag_X509SerialNumber ); + } + xDocumentHandler->endElement( tag_X509IssuerSerial ); + + /* Write X509Certificate element */ + if (signatureInfo.ouX509Certificate.getLength()>0) + { + xDocumentHandler->startElement( + tag_X509Certificate, + cssu::Reference< cssxs::XAttributeList > (new SvXMLAttributeList())); + xDocumentHandler->characters( signatureInfo.ouX509Certificate ); + xDocumentHandler->endElement( tag_X509Certificate ); + } + } + xDocumentHandler->endElement( tag_X509Data ); + } + xDocumentHandler->endElement( tag_KeyInfo ); + + /* Write Object element */ + xDocumentHandler->startElement( + tag_Object, + cssu::Reference< cssxs::XAttributeList > (new SvXMLAttributeList())); + { + /* Write SignatureProperties element */ + xDocumentHandler->startElement( + tag_SignatureProperties, + cssu::Reference< cssxs::XAttributeList > (new SvXMLAttributeList())); + { + /* Write SignatureProperty element */ + pAttributeList = new SvXMLAttributeList(); + pAttributeList->AddAttribute( + rtl::OUString(RTL_CONSTASCII_USTRINGPARAM(ATTR_ID)), + signatureInfo.ouPropertyId); + pAttributeList->AddAttribute( + rtl::OUString(RTL_CONSTASCII_USTRINGPARAM(ATTR_TARGET)), + rtl::OUString(RTL_CONSTASCII_USTRINGPARAM(CHAR_FRAGMENT))+signatureInfo.ouSignatureId); + xDocumentHandler->startElement( + tag_SignatureProperty, + cssu::Reference< cssxs::XAttributeList > (pAttributeList)); + { + /* Write timestamp element */ + + pAttributeList = new SvXMLAttributeList(); + pAttributeList->AddAttribute( + rtl::OUString(RTL_CONSTASCII_USTRINGPARAM(ATTR_XMLNS)) + +rtl::OUString(RTL_CONSTASCII_USTRINGPARAM(":")) + +rtl::OUString(RTL_CONSTASCII_USTRINGPARAM(NSTAG_DC)), + rtl::OUString(RTL_CONSTASCII_USTRINGPARAM(NS_DC))); + + xDocumentHandler->startElement( + rtl::OUString(RTL_CONSTASCII_USTRINGPARAM(NSTAG_DC)) + +rtl::OUString(RTL_CONSTASCII_USTRINGPARAM(":")) + +tag_Date, + cssu::Reference< cssxs::XAttributeList > (pAttributeList)); + + ::rtl::OUStringBuffer buffer; + //If the xml signature was already contained in the document, + //then we use the original date and time string, rather then the + //converted one. When the original string is converted to the DateTime + //structure then information may be lost because it only holds a fractional + //of a second with a accuracy of one hundredth of second. If the string contains + //milli seconds (document was signed by an application other than OOo) + //and the converted time is written back, then the string looks different + //and the signature is broken. + if (signatureInfo.ouDateTime.getLength() > 0) + buffer = signatureInfo.ouDateTime; + else + convertDateTime( buffer, signatureInfo.stDateTime ); + xDocumentHandler->characters( buffer.makeStringAndClear() ); + + xDocumentHandler->endElement( + rtl::OUString(RTL_CONSTASCII_USTRINGPARAM(NSTAG_DC)) + +rtl::OUString(RTL_CONSTASCII_USTRINGPARAM(":")) + +tag_Date); + } + xDocumentHandler->endElement( tag_SignatureProperty ); + } + xDocumentHandler->endElement( tag_SignatureProperties ); + } + xDocumentHandler->endElement( tag_Object ); + } + xDocumentHandler->endElement( tag_Signature ); +} + +SignatureInformation XSecController::getSignatureInformation( sal_Int32 nSecurityId ) const +{ + SignatureInformation aInf( 0 ); + int nIndex = findSignatureInfor(nSecurityId); + DBG_ASSERT( nIndex != -1, "getSignatureInformation - SecurityId is invalid!" ); + if ( nIndex != -1) + { + aInf = m_vInternalSignatureInformations[nIndex].signatureInfor; + } + return aInf; +} + +SignatureInformations XSecController::getSignatureInformations() const +{ + SignatureInformations vInfors; + int sigNum = m_vInternalSignatureInformations.size(); + + for (int i=0; i<sigNum; ++i) + { + SignatureInformation si = m_vInternalSignatureInformations[i].signatureInfor; + vInfors.push_back(si); + } + + return vInfors; +} + +/* + * XSecurityController + * + * no methods + */ + +/* + * XFastPropertySet + */ +/* +void SAL_CALL XSecController::setFastPropertyValue( + sal_Int32 nHandle, + const cssu::Any& aValue ) + throw ( cssb::UnknownPropertyException, + cssb::PropertyVetoException, + cssl::IllegalArgumentException, + cssl::WrappedTargetException, + cssu::RuntimeException) +{ + sal_Int32 nIndex = getFastPropertyIndex(nHandle); + if (nIndex == -1) + { + m_vFastPropertyIndexs.push_back( nHandle ); + m_vFastPropertyValues.push_back( aValue ); + } + else + { + m_vFastPropertyValues[nIndex] = aValue; + } +} + +cssu::Any SAL_CALL XSecController::getFastPropertyValue( + sal_Int32 nHandle ) + throw ( + cssb::UnknownPropertyException, + cssl::WrappedTargetException, + cssu::RuntimeException) +{ + cssu::Any aValue; + + sal_Int32 nIndex = getFastPropertyIndex(nHandle); + if (nIndex != -1) + { + aValue = m_vFastPropertyValues[nIndex]; + } + + return aValue; +} +*/ + +/* + * XSAXEventKeeperStatusChangeListener + */ + +void SAL_CALL XSecController::blockingStatusChanged( sal_Bool isBlocking ) + throw (cssu::RuntimeException) +{ + /* + showMessageBox( rtl::OUString::createFromAscii((isBlocking? + "Blocking Status => TRUE": + "Blocking Status => FALSE")), + rtl::OUString::createFromAscii("SAXEventKeeper Status")); + */ + + this->m_bIsBlocking = isBlocking; + checkChainingStatus(); +} + +void SAL_CALL XSecController::collectionStatusChanged( + sal_Bool isInsideCollectedElement ) + throw (cssu::RuntimeException) +{ + /* + showMessageBox( rtl::OUString::createFromAscii((isInsideCollectedElement? + "Collection Status => TRUE": + "Collection Status => FALSE")), + rtl::OUString::createFromAscii("SAXEventKeeper Status")); + */ + + this->m_bIsCollectingElement = isInsideCollectedElement; + checkChainingStatus(); +} + +void SAL_CALL XSecController::bufferStatusChanged( sal_Bool /*isBufferEmpty*/) + throw (cssu::RuntimeException) +{ + /* + showMessageBox( rtl::OUString::createFromAscii((isBufferEmpty? + "Buffer Empty => TRUE": + "Buffer Empty => FALSE")), + rtl::OUString::createFromAscii("SAXEventKeeper Status")); + */ +} + +/* + * XSignatureCreationResultListener + */ +void SAL_CALL XSecController::signatureCreated( sal_Int32 securityId, com::sun::star::xml::crypto::SecurityOperationStatus nResult ) + throw (com::sun::star::uno::RuntimeException) +{ + int index = findSignatureInfor(securityId); + DBG_ASSERT( index != -1, "Signature Not Found!" ); + + SignatureInformation& signatureInfor = m_vInternalSignatureInformations[index].signatureInfor; + + /* + if (nResult == cssxc::sax::SignatureCreationResult_CREATIONSUCCEED) + { + signatureInfor.nStatus = STATUS_CREATION_SUCCEED; + } + else + { + signatureInfor.nStatus = STATUS_CREATION_FAIL; + } + */ + signatureInfor.nStatus = nResult; +} + +/* + * XSignatureVerifyResultListener + */ +void SAL_CALL XSecController::signatureVerified( sal_Int32 securityId, com::sun::star::xml::crypto::SecurityOperationStatus nResult ) + throw (com::sun::star::uno::RuntimeException) +{ + int index = findSignatureInfor(securityId); + DBG_ASSERT( index != -1, "Signature Not Found!" ); + + SignatureInformation& signatureInfor = m_vInternalSignatureInformations[index].signatureInfor; + + /* + if (nResult == cssxc::sax::SignatureVerifyResult_VERIFYSUCCEED) + { + signatureInfor.nStatus = STATUS_VERIFY_SUCCEED; + } + else + { + signatureInfor.nStatus = STATUS_VERIFY_FAIL; + } + */ + signatureInfor.nStatus = nResult; +} diff --git a/xmlsecurity/source/helper/xsecctl.hxx b/xmlsecurity/source/helper/xsecctl.hxx new file mode 100644 index 000000000000..344d41bc01ad --- /dev/null +++ b/xmlsecurity/source/helper/xsecctl.hxx @@ -0,0 +1,580 @@ +/************************************************************************* + * + * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. + * + * Copyright 2008 by Sun Microsystems, Inc. + * + * OpenOffice.org - a multi-platform office productivity suite + * + * $RCSfile: xsecctl.hxx,v $ + * $Revision: 1.12 $ + * + * This file is part of OpenOffice.org. + * + * OpenOffice.org is free software: you can redistribute it and/or modify + * it under the terms of the GNU Lesser General Public License version 3 + * only, as published by the Free Software Foundation. + * + * OpenOffice.org is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU Lesser General Public License version 3 for more details + * (a copy is included in the LICENSE file that accompanied this code). + * + * You should have received a copy of the GNU Lesser General Public License + * version 3 along with OpenOffice.org. If not, see + * <http://www.openoffice.org/license.html> + * for a copy of the LGPLv3 License. + * + ************************************************************************/ + +#ifndef _XSEC_CTL_HXX +#define _XSEC_CTL_HXX + +#include <xmlsecurity/sigstruct.hxx> + +#include <com/sun/star/uno/XComponentContext.hpp> +#include <com/sun/star/xml/sax/XParser.hpp> +#include <com/sun/star/lang/XInitialization.hpp> +#include <com/sun/star/xml/sax/XDocumentHandler.hpp> +#include <com/sun/star/xml/sax/XAttributeList.hpp> +#include <com/sun/star/xml/crypto/XXMLSignature.hpp> +#include <com/sun/star/xml/crypto/XSEInitializer.hpp> +#include <com/sun/star/xml/crypto/sax/XSecurityController.hpp> +#include <com/sun/star/xml/crypto/sax/XElementStackKeeper.hpp> +#include <com/sun/star/xml/crypto/sax/XSecuritySAXEventKeeper.hpp> +#include <com/sun/star/xml/crypto/sax/XReferenceResolvedListener.hpp> +#include <com/sun/star/xml/crypto/sax/XSAXEventKeeperStatusChangeListener.hpp> +#include <com/sun/star/xml/crypto/sax/XSignatureCreationResultListener.hpp> +#include <com/sun/star/xml/crypto/sax/XSignatureVerifyResultListener.hpp> +#include <com/sun/star/xml/wrapper/XXMLDocumentWrapper.hpp> +#include <com/sun/star/beans/XFastPropertySet.hpp> +#include <com/sun/star/io/XOutputStream.hpp> +#include <com/sun/star/io/XInputStream.hpp> + +#include <rtl/ustrbuf.hxx> + +#include <cppuhelper/implbase4.hxx> + +#ifndef INCLUDED_VECTOR +#include <vector> +#define INCLUDED_VECTOR +#endif + +/* + * all error information + */ +#define ERROR_CANNOTCREATEXMLSECURITYCOMPONENT "Can't create XML security components." +#define ERROR_SAXEXCEPTIONDURINGCREATION "A SAX exception is throwed during signature creation." +#define ERROR_IOEXCEPTIONDURINGCREATION "An IO exception is throwed during signature creation." +#define ERROR_EXCEPTIONDURINGCREATION "An exception is throwed during signature creation." + +/* + * all stringS in signature element + */ +#define TAG_SIGNATURE "Signature" +#define TAG_SIGNEDINFO "SignedInfo" +#define TAG_CANONICALIZATIONMETHOD "CanonicalizationMethod" +#define TAG_SIGNATUREMETHOD "SignatureMethod" +#define TAG_REFERENCE "Reference" +#define TAG_TRANSFORMS "Transforms" +#define TAG_TRANSFORM "Transform" +#define TAG_DIGESTMETHOD "DigestMethod" +#define TAG_DIGESTVALUE "DigestValue" +#define TAG_SIGNATUREVALUE "SignatureValue" +#define TAG_KEYINFO "KeyInfo" +#define TAG_X509DATA "X509Data" +#define TAG_X509ISSUERSERIAL "X509IssuerSerial" +#define TAG_X509ISSUERNAME "X509IssuerName" +#define TAG_X509SERIALNUMBER "X509SerialNumber" +#define TAG_X509CERTIFICATE "X509Certificate" +#define TAG_OBJECT "Object" +#define TAG_SIGNATUREPROPERTIES "SignatureProperties" +#define TAG_SIGNATUREPROPERTY "SignatureProperty" +#define TAG_TIMESTAMP "timestamp" +#define TAG_DATE "date" +//#define TAG_TIME "time" + +#define ATTR_XMLNS "xmlns" +#define ATTR_ALGORITHM "Algorithm" +#define ATTR_URI "URI" +#define ATTR_ID "Id" +#define ATTR_TARGET "Target" + +#define NSTAG_DC "dc" + +#define NS_XMLDSIG "http://www.w3.org/2000/09/xmldsig#" +//#define NS_DATETIME "http://www.ietf.org/rfcXXXX.txt" +#define NS_DC "http://purl.org/dc/elements/1.1/" + +#define ALGO_C14N "http://www.w3.org/TR/2001/REC-xml-c14n-20010315" +#define ALGO_RSASHA1 "http://www.w3.org/2000/09/xmldsig#rsa-sha1" +#define ALGO_XMLDSIGSHA1 "http://www.w3.org/2000/09/xmldsig#sha1" + +#define CHAR_FRAGMENT "#" +#define CHAR_BLANK " " + + +/* + * status of security related components + */ +#define UNINITIALIZED 0 +#define INITIALIZED 1 +#define FAILTOINITIALIZED 2 + +#define RTL_ASCII_USTRINGPARAM( asciiStr ) asciiStr, strlen( asciiStr ), RTL_TEXTENCODING_ASCII_US + +// forward declaration +class XSecParser; + +class InternalSignatureInformation +{ +public: + SignatureInformation signatureInfor; + + com::sun::star::uno::Reference< + com::sun::star::xml::crypto::sax::XReferenceResolvedListener > + xReferenceResolvedListener; + + ::std::vector< sal_Int32 > vKeeperIds; + + InternalSignatureInformation( + sal_Int32 nId, + com::sun::star::uno::Reference< com::sun::star::xml::crypto::sax::XReferenceResolvedListener > + xListener) + :signatureInfor(nId) + { + xReferenceResolvedListener = xListener; + } + + void addReference( sal_Int32 type, rtl::OUString uri, sal_Int32 keeperId ) + { + signatureInfor.vSignatureReferenceInfors.push_back( + SignatureReferenceInformation(type, uri)); + vKeeperIds.push_back( keeperId ); + } +}; + +typedef ::std::vector< InternalSignatureInformation > InternalSignatureInformations; + +class XSecController : public cppu::WeakImplHelper4 +< + com::sun::star::xml::crypto::sax::XSecurityController, + //com::sun::star::beans::XFastPropertySet, + com::sun::star::xml::crypto::sax::XSAXEventKeeperStatusChangeListener, + com::sun::star::xml::crypto::sax::XSignatureCreationResultListener, + com::sun::star::xml::crypto::sax::XSignatureVerifyResultListener +> +/****** XSecController.hxx/CLASS XSecController ******************************* + * + * NAME + * XSecController -- the xml security framework controller + * + * FUNCTION + * Controlls the whole xml security framework to create signatures or to + * verify signatures. + * + * HISTORY + * 05.01.2004 - Interface supported: XSecurityController, + * XFastPropertySet, XSAXEventKeeperStatusChangeListener, + * XSignatureCreationResultListener, + * XSignatureVerifyResultListener + * + * NOTES + * The XFastPropertySet interface is used to transfer common values to + * classes in other module, for instance, the signature id for all + * sessions is transferred to xmloff module through this interface. + * + * AUTHOR + * Michael Mi + * Email: michael.mi@sun.com + ******************************************************************************/ +{ + friend class XSecParser; + +private: + com::sun::star::uno::Reference< com::sun::star::uno::XComponentContext> mxCtx; + + /* + * used to buffer SAX events + */ + com::sun::star::uno::Reference< + com::sun::star::xml::wrapper::XXMLDocumentWrapper > m_xXMLDocumentWrapper; + + /* + * the SAX events keeper + */ + com::sun::star::uno::Reference< + com::sun::star::xml::crypto::sax::XSecuritySAXEventKeeper > m_xSAXEventKeeper; + + /* + * the bridge component which creates/verifies signature + */ + com::sun::star::uno::Reference< + com::sun::star::xml::crypto::XXMLSignature > m_xXMLSignature; + + /* + * the Security Context + */ + com::sun::star::uno::Reference< + com::sun::star::xml::crypto::XXMLSecurityContext > m_xSecurityContext; + +#if 0 + /* + * the signature creation result listener + */ + com::sun::star::uno::Reference< + com::sun::star::xml::crypto::sax::XSignatureCreationResultListener > m_xSignatureCreationResultListener; + /* + * the signature verify result listener + */ + com::sun::star::uno::Reference< + com::sun::star::xml::crypto::sax::XSignatureVerifyResultListener > m_xSignatureVerifyResultListener; +#endif + + /* + * the security id incrementer, in order to make any security id unique + * to the SAXEventKeeper. + * Because each XSecController has its own SAXEventKeeper, so this variable + * is not necessary to be static. + */ + sal_Int32 m_nNextSecurityId; + + /* + * Signature information + */ + InternalSignatureInformations m_vInternalSignatureInformations; + + /* + * the previous node on the SAX chain. + * The reason that use a Reference<XInterface> type variable + * is that the previous components are different when exporting + * and importing, and there is no other common interface they + * can provided. + */ + com::sun::star::uno::Reference< + com::sun::star::uno::XInterface > m_xPreviousNodeOnSAXChain; + /* + * whether the preivous node can provide an XInitiazlize interface, + * use this variable in order to typecast the XInterface to the + * correct interface type. + */ + bool m_bIsPreviousNodeInitializable; + + /* + * the next node on the SAX chain. + * it can always provide an XDocumentHandler interface. + */ + com::sun::star::uno::Reference< + com::sun::star::xml::sax::XDocumentHandler > m_xNextNodeOnSAXChain; + + /* + * the ElementStackKeeper is used to reserve the key SAX events. + * when the SAXEventKeeper is chained on the SAX chain, it need + * first get all missed key SAX events in order to make sure the + * DOM tree it buffering has the same structure with the original + * document. + * + * For a given section of a SAX event stream, the key SAX events + * are the minimal SAX event subset of that section, which, + * combining with SAX events outside of this section, has the same + * structure with the original document. + * + * For example, sees the following dom fragment: + * <A> + * <B/> + * <C> + * <D> + * <E/> + * </D> + * </C> + * </A> + * + * If we consider the SAX event section from startElement(<A>) to + * startElement(<D>), then the key SAX events are: + * + * startElement(<A>), startElement(<C>), startElement(<D>) + * + * The startElement(<B>) and endElement(<B>) is ignored, because + * they are unimportant for the tree structure in this section. + * + * If we consider the SAX event section from startElement(<D>) to + * endElement(<A>), the key SAX events are: + * + * startElement(<D>), endElement(<D>), endElement(<C>), + * endElement(<A>). + */ + com::sun::star::uno::Reference< + com::sun::star::xml::crypto::sax::XElementStackKeeper > m_xElementStackKeeper; + + /* + * a flag representing whether the SAXEventKeeper is now on the + * SAX chain. + */ + bool m_bIsSAXEventKeeperConnected; + + /* + * a flag representing whether it is collecting some element, + * which means that the SAXEventKeeper can't be chained off the + * SAX chain. + */ + bool m_bIsCollectingElement; + + /* + * a flag representing whether the SAX event stream is blocking, + * which also means that the SAXEventKeeper can't be chained off + * the SAX chain. + */ + bool m_bIsBlocking; + + /* + * a flag representing the current status of security related + * components. + */ + sal_Int32 m_nStatusOfSecurityComponents; + + /* + * a flag representing whether the SAXEventKeeper need to be + * on the SAX chain all the time. + * This flag is used to the situation when creating signature. + */ + bool m_bIsSAXEventKeeperSticky; + + /* + * fast property vector + */ + std::vector< sal_Int32 > m_vFastPropertyIndexs; + std::vector< com::sun::star::uno::Any > m_vFastPropertyValues; + + /* + * error message pointer + */ + const char *m_pErrorMessage; + + /* + * the XSecParser which is used to parse the signature stream + */ + XSecParser *m_pXSecParser; + + /* + * the caller assigned signature id for the next signature in the + * signature stream + */ + sal_Int32 m_nReservedSignatureId; + + /* + * representing whether to verify the current signature + */ + bool m_bVerifyCurrentSignature; +public: + /* + * An xUriBinding is provided to map Uris to XInputStream interfaces. + */ + com::sun::star::uno::Reference< + com::sun::star::xml::crypto::XUriBinding > m_xUriBinding; + +private: + + /* + * Common methods + */ + sal_Bool convertNumber( sal_Int32& rValue, const rtl::OUString& rString, sal_Int32 nMin, sal_Int32 nMax ); + void convertDateTime( ::rtl::OUStringBuffer& rBuffer, const com::sun::star::util::DateTime& rDateTime ); + sal_Bool convertDateTime( com::sun::star::util::DateTime& rDateTime, const ::rtl::OUString& rString ); + + void createXSecComponent( ); + int findSignatureInfor( sal_Int32 nSecurityId ) const; + bool chainOn( bool bRetrievingLastEvent ); + void chainOff(); + void checkChainingStatus(); + void initializeSAXChain(); + + com::sun::star::uno::Reference< + com::sun::star::io::XInputStream > getObjectInputStream( const rtl::OUString& objectURL ); + + //sal_Int32 getFastPropertyIndex(sal_Int32 nHandle) const; + + /* + * For signature generation + */ + rtl::OUString createId(); + com::sun::star::uno::Reference< + com::sun::star::xml::crypto::sax::XReferenceResolvedListener > prepareSignatureToWrite( + InternalSignatureInformation& signatureInfo ); + + /* + * For signature verification + */ + void addSignature(); + void addReference( const rtl::OUString& ouUri); + void addStreamReference( + const rtl::OUString& ouUri, + bool isBinary ); + void setReferenceCount() const; + + void setX509IssuerName( rtl::OUString& ouX509IssuerName ); + void setX509SerialNumber( rtl::OUString& ouX509SerialNumber ); + void setX509Certificate( rtl::OUString& ouX509Certificate ); + void setSignatureValue( rtl::OUString& ouSignatureValue ); + void setDigestValue( rtl::OUString& ouDigestValue ); + + void setDate( rtl::OUString& ouDate ); + + void setId( rtl::OUString& ouId ); + void setPropertyId( rtl::OUString& ouPropertyId ); + + com::sun::star::uno::Reference< + com::sun::star::xml::crypto::sax::XReferenceResolvedListener > prepareSignatureToRead( + sal_Int32 nSecurityId ); + +public: + XSecController(const com::sun::star::uno::Reference<com::sun::star::uno::XComponentContext>& rxCtx); + ~XSecController(); + + sal_Int32 getNewSecurityId( ); + + void startMission( const com::sun::star::uno::Reference< + com::sun::star::xml::crypto::XUriBinding >& xUriBinding, + const com::sun::star::uno::Reference< + com::sun::star::xml::crypto::XXMLSecurityContext >& xSecurityContext ); + + void setSAXChainConnector( + const com::sun::star::uno::Reference< + com::sun::star::lang::XInitialization >& xInitialization, + const com::sun::star::uno::Reference< + com::sun::star::xml::sax::XDocumentHandler >& xDocumentHandler, + const com::sun::star::uno::Reference< + com::sun::star::xml::crypto::sax::XElementStackKeeper >& xElementStackKeeper); + + void setSAXChainConnector( + const com::sun::star::uno::Reference< + com::sun::star::xml::sax::XParser >& xParser, + const com::sun::star::uno::Reference< + com::sun::star::xml::sax::XDocumentHandler >& xDocumentHandler, + const com::sun::star::uno::Reference< + com::sun::star::xml::crypto::sax::XElementStackKeeper >& xElementStackKeeper); + + void clearSAXChainConnector(); + void endMission(); + const char* getErrorMessage(); + + SignatureInformation getSignatureInformation( sal_Int32 nSecurityId ) const; + SignatureInformations getSignatureInformations() const; + + void exportSignature( + const com::sun::star::uno::Reference< + com::sun::star::xml::sax::XDocumentHandler >& xDocumentHandler, + const SignatureInformation& signatureInfo ); + + + /* + * For signature generation + */ + void collectToSign( sal_Int32 securityId, const rtl::OUString& referenceId ); + void signAStream( sal_Int32 securityId, const rtl::OUString& uri, const rtl::OUString& objectURL, sal_Bool isBinary); + + + /** sets data that describes the certificate. + + It is absolutely necessary that the parameter ouX509IssuerName is set. It contains + the base64 encoded certificate, which is DER encoded. The XMLSec needs it to find + the private key. Although issuer name and certificate should be sufficient to identify + the certificate the implementation in XMLSec is broken, both for Windows and mozilla. + The reason is that they use functions to find the certificate which take as parameter + the DER encoded ASN.1 issuer name. The issuer name is a DName, where most attributes + are of type DirectoryName, which is a choice of 5 string types. This information is + not contained in the issuer string and while it is converted to the ASN.1 name the + conversion function must assume a particular type, which is often wrong. For example, + the Windows function CertStrToName will use a T.61 string if the string does not contain + special characters. So if the certificate uses simple characters but encodes the + issuer attributes in Utf8, then CertStrToName will use T.61. The resulting DER encoded + ASN.1 name now contains different bytes which indicate the string type. The functions + for finding the certificate apparently use memcmp - hence they fail to find the + certificate. + */ + void setX509Certificate( + sal_Int32 nSecurityId, + const rtl::OUString& ouX509IssuerName, + const rtl::OUString& ouX509SerialNumber, + const rtl::OUString& ouX509Cert); + // see the other setX509Certifcate function + void setX509Certificate( + sal_Int32 nSecurityId, + const sal_Int32 nSecurityEnvironmentIndex, + const rtl::OUString& ouX509IssuerName, + const rtl::OUString& ouX509SerialNumber, + const rtl::OUString& ouX509Cert); + + void setDate( + sal_Int32 nSecurityId, + const ::com::sun::star::util::DateTime& rDateTime ); + + + bool WriteSignature( + const com::sun::star::uno::Reference< + com::sun::star::xml::sax::XDocumentHandler >& xDocumentHandler ); + + /* + * For signature verification + */ + void collectToVerify( const rtl::OUString& referenceId ); + void addSignature( sal_Int32 nSignatureId ); + com::sun::star::uno::Reference< com::sun::star::xml::sax::XDocumentHandler > createSignatureReader(); + void releaseSignatureReader(); + +public: + /* Interface methods */ + + /* + * XSecurityController + * + * no method in XSecurityController interface + */ + + /* + * XFastPropertySet + */ + /* + virtual void SAL_CALL setFastPropertyValue( + sal_Int32 nHandle, + const com::sun::star::uno::Any& aValue ) + throw ( + com::sun::star::beans::UnknownPropertyException, + com::sun::star::beans::PropertyVetoException, + com::sun::star::lang::IllegalArgumentException, + com::sun::star::lang::WrappedTargetException, + com::sun::star::uno::RuntimeException); + virtual com::sun::star::uno::Any SAL_CALL getFastPropertyValue( + sal_Int32 nHandle ) + throw ( + com::sun::star::beans::UnknownPropertyException, + com::sun::star::lang::WrappedTargetException, + com::sun::star::uno::RuntimeException); + */ + + /* + * XSAXEventKeeperStatusChangeListener + */ + virtual void SAL_CALL blockingStatusChanged( sal_Bool isBlocking ) + throw (com::sun::star::uno::RuntimeException); + virtual void SAL_CALL collectionStatusChanged( + sal_Bool isInsideCollectedElement ) + throw (com::sun::star::uno::RuntimeException); + virtual void SAL_CALL bufferStatusChanged( sal_Bool isBufferEmpty ) + throw (com::sun::star::uno::RuntimeException); + + /* + * XSignatureCreationResultListener + */ + virtual void SAL_CALL signatureCreated( sal_Int32 securityId, com::sun::star::xml::crypto::SecurityOperationStatus nResult ) + throw (com::sun::star::uno::RuntimeException); + + /* + * XSignatureVerifyResultListener + */ + virtual void SAL_CALL signatureVerified( sal_Int32 securityId, com::sun::star::xml::crypto::SecurityOperationStatus nResult ) + throw (com::sun::star::uno::RuntimeException); +}; + +#endif + diff --git a/xmlsecurity/source/helper/xsecparser.cxx b/xmlsecurity/source/helper/xsecparser.cxx new file mode 100644 index 000000000000..c780164ce9c5 --- /dev/null +++ b/xmlsecurity/source/helper/xsecparser.cxx @@ -0,0 +1,380 @@ +/************************************************************************* + * + * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. + * + * Copyright 2008 by Sun Microsystems, Inc. + * + * OpenOffice.org - a multi-platform office productivity suite + * + * $RCSfile: xsecparser.cxx,v $ + * $Revision: 1.8 $ + * + * This file is part of OpenOffice.org. + * + * OpenOffice.org is free software: you can redistribute it and/or modify + * it under the terms of the GNU Lesser General Public License version 3 + * only, as published by the Free Software Foundation. + * + * OpenOffice.org is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU Lesser General Public License version 3 for more details + * (a copy is included in the LICENSE file that accompanied this code). + * + * You should have received a copy of the GNU Lesser General Public License + * version 3 along with OpenOffice.org. If not, see + * <http://www.openoffice.org/license.html> + * for a copy of the LGPLv3 License. + * + ************************************************************************/ + +// MARKER(update_precomp.py): autogen include statement, do not remove +#include "precompiled_xmlsecurity.hxx" + +#include "xsecparser.hxx" +#include <tools/debug.hxx> +#include "cppuhelper/exc_hlp.hxx" + +#include <string.h> + +namespace cssu = com::sun::star::uno; +namespace cssxs = com::sun::star::xml::sax; + +#define RTL_ASCII_USTRINGPARAM( asciiStr ) asciiStr, strlen( asciiStr ), RTL_TEXTENCODING_ASCII_US + +XSecParser::XSecParser( + XSecController* pXSecController, + const cssu::Reference< cssxs::XDocumentHandler >& xNextHandler ) + : m_pXSecController(pXSecController), + m_xNextHandler(xNextHandler), + m_bReferenceUnresolved(false) +{ +} + +rtl::OUString XSecParser::getIdAttr(const cssu::Reference< cssxs::XAttributeList >& xAttribs ) +{ + rtl::OUString ouIdAttr = xAttribs->getValueByName( + rtl::OUString(RTL_ASCII_USTRINGPARAM("id"))); + + if (ouIdAttr == NULL) + { + ouIdAttr = xAttribs->getValueByName( + rtl::OUString(RTL_ASCII_USTRINGPARAM("Id"))); + } + + return ouIdAttr; +} + +/* + * XDocumentHandler + */ +void SAL_CALL XSecParser::startDocument( ) + throw (cssxs::SAXException, cssu::RuntimeException) +{ + m_bInX509IssuerName = false; + m_bInX509SerialNumber = false; + m_bInX509Certificate = false; + m_bInSignatureValue = false; + m_bInDigestValue = false; + m_bInDate = false; + //m_bInTime = false; + + if (m_xNextHandler.is()) + { + m_xNextHandler->startDocument(); + } +} + +void SAL_CALL XSecParser::endDocument( ) + throw (cssxs::SAXException, cssu::RuntimeException) +{ + if (m_xNextHandler.is()) + { + m_xNextHandler->endDocument(); + } +} + +void SAL_CALL XSecParser::startElement( + const rtl::OUString& aName, + const cssu::Reference< cssxs::XAttributeList >& xAttribs ) + throw (cssxs::SAXException, cssu::RuntimeException) +{ + try + { + rtl::OUString ouIdAttr = getIdAttr(xAttribs); + if (ouIdAttr != NULL) + { + m_pXSecController->collectToVerify( ouIdAttr ); + } + + if ( aName == rtl::OUString(RTL_ASCII_USTRINGPARAM(TAG_SIGNATURE)) ) + { + m_pXSecController->addSignature(); + if (ouIdAttr != NULL) + { + m_pXSecController->setId( ouIdAttr ); + } + } + else if ( aName == rtl::OUString(RTL_ASCII_USTRINGPARAM(TAG_REFERENCE)) ) + { + rtl::OUString ouUri = xAttribs->getValueByName(rtl::OUString(RTL_ASCII_USTRINGPARAM(ATTR_URI))); + DBG_ASSERT( ouUri != NULL, "URI == NULL" ); + + if (0 == ouUri.compareTo(rtl::OUString(RTL_ASCII_USTRINGPARAM(CHAR_FRAGMENT)),1)) + { + /* + * remove the first character '#' from the attribute value + */ + m_pXSecController->addReference( ouUri.copy(1) ); + } + else + { + /* + * remember the uri + */ + m_currentReferenceURI = ouUri; + m_bReferenceUnresolved = true; + } + } + else if (aName == rtl::OUString(RTL_ASCII_USTRINGPARAM(TAG_TRANSFORM))) + { + if ( m_bReferenceUnresolved ) + { + rtl::OUString ouAlgorithm = xAttribs->getValueByName(rtl::OUString(RTL_ASCII_USTRINGPARAM(ATTR_ALGORITHM))); + + if (ouAlgorithm != NULL && ouAlgorithm == rtl::OUString(RTL_ASCII_USTRINGPARAM(ALGO_C14N))) + /* + * a xml stream + */ + { + m_pXSecController->addStreamReference( m_currentReferenceURI, sal_False); + m_bReferenceUnresolved = false; + } + } + } + else if (aName == rtl::OUString(RTL_ASCII_USTRINGPARAM(TAG_X509ISSUERNAME))) + { + m_ouX509IssuerName = rtl::OUString::createFromAscii(""); + m_bInX509IssuerName = true; + } + else if (aName == rtl::OUString(RTL_ASCII_USTRINGPARAM(TAG_X509SERIALNUMBER))) + { + m_ouX509SerialNumber = rtl::OUString::createFromAscii(""); + m_bInX509SerialNumber = true; + } + else if (aName == rtl::OUString(RTL_ASCII_USTRINGPARAM(TAG_X509CERTIFICATE))) + { + m_ouX509Certificate = rtl::OUString::createFromAscii(""); + m_bInX509Certificate = true; + } + else if (aName == rtl::OUString(RTL_ASCII_USTRINGPARAM(TAG_SIGNATUREVALUE))) + { + m_ouSignatureValue = rtl::OUString::createFromAscii(""); + m_bInSignatureValue = true; + } + else if (aName == rtl::OUString(RTL_ASCII_USTRINGPARAM(TAG_DIGESTVALUE))) + { + m_ouDigestValue = rtl::OUString::createFromAscii(""); + m_bInDigestValue = true; + } + else if ( aName == rtl::OUString(RTL_ASCII_USTRINGPARAM(TAG_SIGNATUREPROPERTY)) ) + { + if (ouIdAttr != NULL) + { + m_pXSecController->setPropertyId( ouIdAttr ); + } + } + else if (aName == rtl::OUString(RTL_CONSTASCII_USTRINGPARAM(NSTAG_DC)) + +rtl::OUString(RTL_CONSTASCII_USTRINGPARAM(":")) + +rtl::OUString(RTL_CONSTASCII_USTRINGPARAM(TAG_DATE))) + { + m_ouDate = rtl::OUString::createFromAscii(""); + m_bInDate = true; + } + /* + else if (aName == rtl::OUString(RTL_ASCII_USTRINGPARAM(TAG_TIME))) + { + m_ouTime = rtl::OUString::createFromAscii(""); + m_bInTime = true; + } + */ + + if (m_xNextHandler.is()) + { + m_xNextHandler->startElement(aName, xAttribs); + } + } + catch (cssu::Exception& ) + {//getCaughtException MUST be the first line in the catch block + cssu::Any exc = cppu::getCaughtException(); + throw cssxs::SAXException( + rtl::OUString(RTL_CONSTASCII_USTRINGPARAM( + "xmlsecurity: Exception in XSecParser::startElement")), + 0, exc); + } + catch (...) + { + throw cssxs::SAXException( + rtl::OUString(RTL_CONSTASCII_USTRINGPARAM("xmlsecurity: unexpected exception in XSecParser::startElement")), 0, + cssu::Any()); + } +} + +void SAL_CALL XSecParser::endElement( const rtl::OUString& aName ) + throw (cssxs::SAXException, cssu::RuntimeException) +{ + try + { + if (aName == rtl::OUString(RTL_ASCII_USTRINGPARAM(TAG_DIGESTVALUE))) + { + m_bInDigestValue = false; + } + else if ( aName == rtl::OUString(RTL_ASCII_USTRINGPARAM(TAG_REFERENCE)) ) + { + if ( m_bReferenceUnresolved ) + /* + * it must be a octet stream + */ + { + m_pXSecController->addStreamReference( m_currentReferenceURI, sal_True); + m_bReferenceUnresolved = false; + } + + m_pXSecController->setDigestValue( m_ouDigestValue ); + } + else if ( aName == rtl::OUString(RTL_ASCII_USTRINGPARAM(TAG_SIGNEDINFO)) ) + { + m_pXSecController->setReferenceCount(); + } + else if ( aName == rtl::OUString(RTL_ASCII_USTRINGPARAM(TAG_SIGNATUREVALUE)) ) + { + m_pXSecController->setSignatureValue( m_ouSignatureValue ); + m_bInSignatureValue = false; + } + else if (aName == rtl::OUString(RTL_ASCII_USTRINGPARAM(TAG_X509ISSUERNAME))) + { + m_pXSecController->setX509IssuerName( m_ouX509IssuerName ); + m_bInX509IssuerName = false; + } + else if (aName == rtl::OUString(RTL_ASCII_USTRINGPARAM(TAG_X509SERIALNUMBER))) + { + m_pXSecController->setX509SerialNumber( m_ouX509SerialNumber ); + m_bInX509SerialNumber = false; + } + else if (aName == rtl::OUString(RTL_ASCII_USTRINGPARAM(TAG_X509CERTIFICATE))) + { + m_pXSecController->setX509Certificate( m_ouX509Certificate ); + m_bInX509Certificate = false; + } + else if (aName == rtl::OUString(RTL_CONSTASCII_USTRINGPARAM(NSTAG_DC)) + +rtl::OUString(RTL_CONSTASCII_USTRINGPARAM(":")) + +rtl::OUString(RTL_CONSTASCII_USTRINGPARAM(TAG_DATE))) + { + m_pXSecController->setDate( m_ouDate ); + m_bInDate = false; + } + /* + else if ( aName == rtl::OUString(RTL_ASCII_USTRINGPARAM(TAG_TIME)) ) + { + m_pXSecController->setTime( m_ouTime ); + m_bInTime = false; + } + */ + + if (m_xNextHandler.is()) + { + m_xNextHandler->endElement(aName); + } + } + catch (cssu::Exception& ) + {//getCaughtException MUST be the first line in the catch block + cssu::Any exc = cppu::getCaughtException(); + throw cssxs::SAXException( + rtl::OUString(RTL_CONSTASCII_USTRINGPARAM( + "xmlsecurity: Exception in XSecParser::endElement")), + 0, exc); + } + catch (...) + { + throw cssxs::SAXException( + rtl::OUString(RTL_CONSTASCII_USTRINGPARAM("xmlsecurity: unexpected exception in XSecParser::endElement")), 0, + cssu::Any()); + } +} + +void SAL_CALL XSecParser::characters( const rtl::OUString& aChars ) + throw (cssxs::SAXException, cssu::RuntimeException) +{ + if (m_bInX509IssuerName) + { + m_ouX509IssuerName += aChars; + } + else if (m_bInX509SerialNumber) + { + m_ouX509SerialNumber += aChars; + } + else if (m_bInX509Certificate) + { + m_ouX509Certificate += aChars; + } + else if (m_bInSignatureValue) + { + m_ouSignatureValue += aChars; + } + else if (m_bInDigestValue) + { + m_ouDigestValue += aChars; + } + else if (m_bInDate) + { + m_ouDate += aChars; + } + /* + else if (m_bInTime) + { + m_ouTime += aChars; + } + */ + + if (m_xNextHandler.is()) + { + m_xNextHandler->characters(aChars); + } +} + +void SAL_CALL XSecParser::ignorableWhitespace( const rtl::OUString& aWhitespaces ) + throw (cssxs::SAXException, cssu::RuntimeException) +{ + if (m_xNextHandler.is()) + { + m_xNextHandler->ignorableWhitespace( aWhitespaces ); + } +} + +void SAL_CALL XSecParser::processingInstruction( const rtl::OUString& aTarget, const rtl::OUString& aData ) + throw (cssxs::SAXException, cssu::RuntimeException) +{ + if (m_xNextHandler.is()) + { + m_xNextHandler->processingInstruction(aTarget, aData); + } +} + +void SAL_CALL XSecParser::setDocumentLocator( const cssu::Reference< cssxs::XLocator >& xLocator ) + throw (cssxs::SAXException, cssu::RuntimeException) +{ + if (m_xNextHandler.is()) + { + m_xNextHandler->setDocumentLocator( xLocator ); + } +} + +/* + * XInitialization + */ +void SAL_CALL XSecParser::initialize( + const cssu::Sequence< cssu::Any >& aArguments ) + throw(cssu::Exception, cssu::RuntimeException) +{ + aArguments[0] >>= m_xNextHandler; +} diff --git a/xmlsecurity/source/helper/xsecparser.hxx b/xmlsecurity/source/helper/xsecparser.hxx new file mode 100644 index 000000000000..5d3b5e415dbc --- /dev/null +++ b/xmlsecurity/source/helper/xsecparser.hxx @@ -0,0 +1,168 @@ +/************************************************************************* + * + * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. + * + * Copyright 2008 by Sun Microsystems, Inc. + * + * OpenOffice.org - a multi-platform office productivity suite + * + * $RCSfile: xsecparser.hxx,v $ + * $Revision: 1.4 $ + * + * This file is part of OpenOffice.org. + * + * OpenOffice.org is free software: you can redistribute it and/or modify + * it under the terms of the GNU Lesser General Public License version 3 + * only, as published by the Free Software Foundation. + * + * OpenOffice.org is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU Lesser General Public License version 3 for more details + * (a copy is included in the LICENSE file that accompanied this code). + * + * You should have received a copy of the GNU Lesser General Public License + * version 3 along with OpenOffice.org. If not, see + * <http://www.openoffice.org/license.html> + * for a copy of the LGPLv3 License. + * + ************************************************************************/ + +#ifndef _XSEC_CTL_PARSER_HXX +#define _XSEC_CTL_PARSER_HXX + +#include <xsecctl.hxx> + +#include <com/sun/star/xml/sax/XParser.hpp> +#include <com/sun/star/lang/XInitialization.hpp> +#include <com/sun/star/xml/sax/XDocumentHandler.hpp> +#include <com/sun/star/xml/sax/XAttributeList.hpp> + +#include <cppuhelper/implbase2.hxx> + +class XSecParser: public cppu::WeakImplHelper2 +< + com::sun::star::xml::sax::XDocumentHandler, + com::sun::star::lang::XInitialization +> +/****** XSecController.hxx/CLASS XSecParser *********************************** + * + * NAME + * XSecParser -- a SAX parser that can detect security elements + * + * FUNCTION + * The XSecParser object is connected on the SAX chain and detects + * security elements in the SAX event stream, then notifies + * the XSecController. + * + * HISTORY + * 05.01.2004 - Interface supported: XDocumentHandler, XInitialization + * + * NOTES + * This class is used when importing a document. + * + * AUTHOR + * Michael Mi + * Email: michael.mi@sun.com + ******************************************************************************/ +{ + friend class XSecController; +private: + /* + * the following members are used to reserve the signature information, + * including X509IssuerName, X509SerialNumber, and X509Certificate,etc. + */ + rtl::OUString m_ouX509IssuerName; + rtl::OUString m_ouX509SerialNumber; + rtl::OUString m_ouX509Certificate; + rtl::OUString m_ouDigestValue; + rtl::OUString m_ouSignatureValue; + rtl::OUString m_ouDate; + //rtl::OUString m_ouTime; + + /* + * whether inside a particular element + */ + bool m_bInX509IssuerName; + bool m_bInX509SerialNumber; + bool m_bInX509Certificate; + bool m_bInDigestValue; + bool m_bInSignatureValue; + bool m_bInDate; + //bool m_bInTime; + + /* + * the XSecController collaborating with XSecParser + */ + XSecController* m_pXSecController; + + /* + * the next XDocumentHandler on the SAX chain + */ + com::sun::star::uno::Reference< + com::sun::star::xml::sax::XDocumentHandler > m_xNextHandler; + + /* + * this string is used to remember the current handled reference's URI, + * + * because it can be decided whether a stream reference is xml based or binary based + * only after the Transforms element is read in, so we have to reserve the reference's + * URI when the startElement event is met. + */ + rtl::OUString m_currentReferenceURI; + bool m_bReferenceUnresolved; + +private: + rtl::OUString getIdAttr(const com::sun::star::uno::Reference< + com::sun::star::xml::sax::XAttributeList >& xAttribs ); + +public: + XSecParser( XSecController* pXSecController, + const com::sun::star::uno::Reference< + com::sun::star::xml::sax::XDocumentHandler >& xNextHandler ); + ~XSecParser(){}; + + /* + * XDocumentHandler + */ + virtual void SAL_CALL startDocument( ) + throw (com::sun::star::xml::sax::SAXException, com::sun::star::uno::RuntimeException); + + virtual void SAL_CALL endDocument( ) + throw (com::sun::star::xml::sax::SAXException, com::sun::star::uno::RuntimeException); + + virtual void SAL_CALL startElement( + const rtl::OUString& aName, + const com::sun::star::uno::Reference< + com::sun::star::xml::sax::XAttributeList >& xAttribs ) + throw (com::sun::star::xml::sax::SAXException, com::sun::star::uno::RuntimeException); + + virtual void SAL_CALL endElement( const rtl::OUString& aName ) + throw (com::sun::star::xml::sax::SAXException, com::sun::star::uno::RuntimeException); + + virtual void SAL_CALL characters( const rtl::OUString& aChars ) + throw (com::sun::star::xml::sax::SAXException, com::sun::star::uno::RuntimeException); + + virtual void SAL_CALL ignorableWhitespace( const rtl::OUString& aWhitespaces ) + throw (com::sun::star::xml::sax::SAXException, com::sun::star::uno::RuntimeException); + + virtual void SAL_CALL processingInstruction( + const rtl::OUString& aTarget, + const rtl::OUString& aData ) + throw (com::sun::star::xml::sax::SAXException, com::sun::star::uno::RuntimeException); + + virtual void SAL_CALL setDocumentLocator( + const com::sun::star::uno::Reference< + com::sun::star::xml::sax::XLocator >& xLocator ) + throw (com::sun::star::xml::sax::SAXException, com::sun::star::uno::RuntimeException); + + /* + * XInitialization + */ + virtual void SAL_CALL initialize( + const com::sun::star::uno::Sequence< com::sun::star::uno::Any >& aArguments ) + throw(com::sun::star::uno::Exception, com::sun::star::uno::RuntimeException); +}; + +#endif + diff --git a/xmlsecurity/source/helper/xsecsign.cxx b/xmlsecurity/source/helper/xsecsign.cxx new file mode 100644 index 000000000000..2c2883cedda1 --- /dev/null +++ b/xmlsecurity/source/helper/xsecsign.cxx @@ -0,0 +1,377 @@ +/************************************************************************* + * + * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. + * + * Copyright 2008 by Sun Microsystems, Inc. + * + * OpenOffice.org - a multi-platform office productivity suite + * + * $RCSfile: xsecsign.cxx,v $ + * $Revision: 1.12 $ + * + * This file is part of OpenOffice.org. + * + * OpenOffice.org is free software: you can redistribute it and/or modify + * it under the terms of the GNU Lesser General Public License version 3 + * only, as published by the Free Software Foundation. + * + * OpenOffice.org is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU Lesser General Public License version 3 for more details + * (a copy is included in the LICENSE file that accompanied this code). + * + * You should have received a copy of the GNU Lesser General Public License + * version 3 along with OpenOffice.org. If not, see + * <http://www.openoffice.org/license.html> + * for a copy of the LGPLv3 License. + * + ************************************************************************/ + +// MARKER(update_precomp.py): autogen include statement, do not remove +#include "precompiled_xmlsecurity.hxx" + +#include <xsecctl.hxx> +#include <tools/debug.hxx> + +#include <com/sun/star/xml/crypto/sax/XKeyCollector.hpp> +#include <com/sun/star/xml/crypto/sax/ElementMarkPriority.hpp> +#include <com/sun/star/xml/crypto/sax/XReferenceResolvedBroadcaster.hpp> +#include <com/sun/star/xml/crypto/sax/XBlockerMonitor.hpp> +#include <com/sun/star/xml/crypto/sax/XReferenceCollector.hpp> +#include <com/sun/star/xml/crypto/sax/XSignatureCreationResultBroadcaster.hpp> +#include <com/sun/star/io/XActiveDataSource.hpp> +#include <rtl/uuid.h> + +#include <stdio.h> + +namespace cssu = com::sun::star::uno; +namespace cssl = com::sun::star::lang; +namespace cssxc = com::sun::star::xml::crypto; +namespace cssxs = com::sun::star::xml::sax; + +/* xml security framework components */ +#define SIGNATURECREATOR_COMPONENT "com.sun.star.xml.crypto.sax.SignatureCreator" + +/* protected: for signature generation */ +rtl::OUString XSecController::createId() +{ + cssu::Sequence< sal_Int8 > aSeq( 16 ); + rtl_createUuid ((sal_uInt8 *)aSeq.getArray(), 0, sal_True); + + char str[68]="ID_"; + int length = 3; + for (int i=0; i<16; ++i) + { + length += sprintf(str+length, "%04x", (unsigned char)aSeq[i]); + } + + return rtl::OUString::createFromAscii(str); +} + +cssu::Reference< cssxc::sax::XReferenceResolvedListener > XSecController::prepareSignatureToWrite( + InternalSignatureInformation& internalSignatureInfor ) +{ + sal_Int32 nSecurityId = internalSignatureInfor.signatureInfor.nSecurityId; + SignatureReferenceInformations& vReferenceInfors = internalSignatureInfor.signatureInfor.vSignatureReferenceInfors; + + sal_Int32 nIdOfSignatureElementCollector; + cssu::Reference< cssxc::sax::XReferenceResolvedListener > xReferenceResolvedListener; + + nIdOfSignatureElementCollector = + m_xSAXEventKeeper->addSecurityElementCollector( cssxc::sax::ElementMarkPriority_AFTERMODIFY, sal_True ); + + m_xSAXEventKeeper->setSecurityId(nIdOfSignatureElementCollector, nSecurityId); + + /* + * create a SignatureCreator + */ + cssu::Reference< cssl::XMultiComponentFactory > xMCF( mxCtx->getServiceManager() ); + xReferenceResolvedListener = cssu::Reference< cssxc::sax::XReferenceResolvedListener >( + xMCF->createInstanceWithContext( + rtl::OUString::createFromAscii(SIGNATURECREATOR_COMPONENT), mxCtx), + cssu::UNO_QUERY); + + cssu::Reference<cssl::XInitialization> xInitialization(xReferenceResolvedListener, cssu::UNO_QUERY); + + cssu::Sequence<cssu::Any> args(5); + args[0] = cssu::makeAny(rtl::OUString::valueOf(nSecurityId)); + args[1] = cssu::makeAny(m_xSAXEventKeeper); + args[2] = cssu::makeAny(rtl::OUString::valueOf(nIdOfSignatureElementCollector)); + + //i39448 : for nss, the internal module is used for signing, which needs to be improved later + sal_Int32 nEnvIndex = internalSignatureInfor.signatureInfor.nSecurityEnvironmentIndex; + if( nEnvIndex < 0 || nEnvIndex >= m_xSecurityContext->getSecurityEnvironmentNumber()) + {// set defaultEnv + args[3] = cssu::makeAny(m_xSecurityContext->getSecurityEnvironment()); + } + else + { + args[3] = cssu::makeAny(m_xSecurityContext->getSecurityEnvironmentByIndex(nEnvIndex)); + } + + args[4] = cssu::makeAny(m_xXMLSignature); + xInitialization->initialize(args); + + sal_Int32 nBlockerId = m_xSAXEventKeeper->addBlocker(); + m_xSAXEventKeeper->setSecurityId(nBlockerId, nSecurityId); + + cssu::Reference<cssxc::sax::XBlockerMonitor> xBlockerMonitor(xReferenceResolvedListener, cssu::UNO_QUERY); + xBlockerMonitor->setBlockerId(nBlockerId); + + cssu::Reference< cssxc::sax::XSignatureCreationResultBroadcaster > + xSignatureCreationResultBroadcaster(xReferenceResolvedListener, cssu::UNO_QUERY); + + xSignatureCreationResultBroadcaster->addSignatureCreationResultListener( this ); + + cssu::Reference<cssxc::sax::XReferenceResolvedBroadcaster> + xReferenceResolvedBroadcaster + (m_xSAXEventKeeper, + cssu::UNO_QUERY); + + xReferenceResolvedBroadcaster->addReferenceResolvedListener( + nIdOfSignatureElementCollector, + xReferenceResolvedListener); + + cssu::Reference<cssxc::sax::XReferenceCollector> xReferenceCollector + (xReferenceResolvedListener, cssu::UNO_QUERY); + + int i; + int size = vReferenceInfors.size(); + sal_Int32 nReferenceCount = 0; + + for(i=0; i<size; ++i) + { + sal_Int32 keeperId = internalSignatureInfor.vKeeperIds[i]; + + if ( keeperId != -1) + { + m_xSAXEventKeeper->setSecurityId(keeperId, nSecurityId); + xReferenceResolvedBroadcaster->addReferenceResolvedListener( keeperId, xReferenceResolvedListener); + xReferenceCollector->setReferenceId( keeperId ); + nReferenceCount++; + } + } + + xReferenceCollector->setReferenceCount( nReferenceCount ); + + /* + * adds all URI binding + */ + cssu::Reference<cssxc::XUriBinding> xUriBinding + (xReferenceResolvedListener, cssu::UNO_QUERY); + + for(i=0; i<size; ++i) + { + const SignatureReferenceInformation& refInfor = vReferenceInfors[i]; + + cssu::Reference< com::sun::star::io::XInputStream > xInputStream + = getObjectInputStream( refInfor.ouURI ); + + if (xInputStream.is()) + { + xUriBinding->setUriBinding(refInfor.ouURI,xInputStream); + } + } + + cssu::Reference<cssxc::sax::XKeyCollector> keyCollector (xReferenceResolvedListener, cssu::UNO_QUERY); + keyCollector->setKeyId(0); + + internalSignatureInfor.signatureInfor.ouSignatureId = createId(); + internalSignatureInfor.signatureInfor.ouPropertyId = createId(); + internalSignatureInfor.addReference(TYPE_SAMEDOCUMENT_REFERENCE, internalSignatureInfor.signatureInfor.ouPropertyId, -1 ); + size++; + + /* + * replace both digestValues and signatueValue to " " + */ + for(i=0; i<size; ++i) + { + SignatureReferenceInformation& refInfor = vReferenceInfors[i]; + refInfor.ouDigestValue = rtl::OUString(RTL_CONSTASCII_USTRINGPARAM(CHAR_BLANK)); + } + + internalSignatureInfor.signatureInfor.ouSignatureValue = rtl::OUString(RTL_CONSTASCII_USTRINGPARAM(CHAR_BLANK)); + + return xReferenceResolvedListener; +} + +/* public: for signature generation */ +void XSecController::collectToSign( sal_Int32 securityId, const rtl::OUString& referenceId ) +{ + /* DBG_ASSERT( m_xSAXEventKeeper.is(), "the SAXEventKeeper is NULL" ); */ + + chainOn(true); + + if ( m_nStatusOfSecurityComponents == INITIALIZED ) + /* + * if all security components are ready, add a signature. + */ + { + sal_Int32 nKeeperId = m_xSAXEventKeeper->addSecurityElementCollector( + cssxc::sax::ElementMarkPriority_AFTERMODIFY, sal_False); + + int index = findSignatureInfor( securityId ); + + if ( index == -1 ) + { + InternalSignatureInformation isi(securityId, NULL); + isi.addReference(TYPE_SAMEDOCUMENT_REFERENCE, referenceId, nKeeperId ); + m_vInternalSignatureInformations.push_back( isi ); + } + else + { + m_vInternalSignatureInformations[index].addReference(TYPE_SAMEDOCUMENT_REFERENCE, referenceId, nKeeperId ); + } + } +} + +void XSecController::signAStream( sal_Int32 securityId, const rtl::OUString& uri, const rtl::OUString& /*objectURL*/, sal_Bool isBinary) +{ + sal_Int32 type = ((isBinary==sal_True)?TYPE_BINARYSTREAM_REFERENCE:TYPE_XMLSTREAM_REFERENCE); + + int index = findSignatureInfor( securityId ); + + if (index == -1) + { + InternalSignatureInformation isi(securityId, NULL); + isi.addReference(type, uri, -1); + m_vInternalSignatureInformations.push_back( isi ); + } + else + { + m_vInternalSignatureInformations[index].addReference(type, uri, -1); + } +} + +void XSecController::setX509Certificate( + sal_Int32 nSecurityId, + const rtl::OUString& ouX509IssuerName, + const rtl::OUString& ouX509SerialNumber, + const rtl::OUString& ouX509Cert) +{ + setX509Certificate(nSecurityId, -1, ouX509IssuerName, ouX509SerialNumber, ouX509Cert); +} + +void XSecController::setX509Certificate( + sal_Int32 nSecurityId, + const sal_Int32 nSecurityEnvironmentIndex, + const rtl::OUString& ouX509IssuerName, + const rtl::OUString& ouX509SerialNumber, + const rtl::OUString& ouX509Cert) +{ + int index = findSignatureInfor( nSecurityId ); + + if ( index == -1 ) + { + InternalSignatureInformation isi(nSecurityId, NULL); + isi.signatureInfor.nSecurityEnvironmentIndex = nSecurityEnvironmentIndex; + isi.signatureInfor.ouX509IssuerName = ouX509IssuerName; + isi.signatureInfor.ouX509SerialNumber = ouX509SerialNumber; + isi.signatureInfor.ouX509Certificate = ouX509Cert; + m_vInternalSignatureInformations.push_back( isi ); + } + else + { + SignatureInformation &si + = m_vInternalSignatureInformations[index].signatureInfor; + si.ouX509IssuerName = ouX509IssuerName; + si.ouX509SerialNumber = ouX509SerialNumber; + si.ouX509Certificate = ouX509Cert; + si.nSecurityEnvironmentIndex = nSecurityEnvironmentIndex; + } +} + +void XSecController::setDate( + sal_Int32 nSecurityId, + const ::com::sun::star::util::DateTime& rDateTime ) +{ + int index = findSignatureInfor( nSecurityId ); + + if ( index == -1 ) + { + InternalSignatureInformation isi(nSecurityId, NULL); + isi.signatureInfor.stDateTime = rDateTime; + m_vInternalSignatureInformations.push_back( isi ); + } + else + { + SignatureInformation &si + = m_vInternalSignatureInformations[index].signatureInfor; + si.stDateTime = rDateTime; + } +} + +bool XSecController::WriteSignature( + const cssu::Reference<cssxs::XDocumentHandler>& xDocumentHandler ) +{ + bool rc = false; + + DBG_ASSERT( xDocumentHandler.is(), "I really need a document handler!" ); + + /* + * chain the SAXEventKeeper to the SAX chain + */ + chainOn(true); + + if ( m_nStatusOfSecurityComponents == INITIALIZED ) + /* + * if all security components are ready, add the signature + * stream. + */ + { + m_bIsSAXEventKeeperSticky = true; + m_xSAXEventKeeper->setNextHandler(xDocumentHandler); + + try + { + /* + * export the signature template + */ + cssu::Reference<cssxs::XDocumentHandler> xSEKHandler( m_xSAXEventKeeper,cssu::UNO_QUERY); + + int i; + int sigNum = m_vInternalSignatureInformations.size(); + + for (i=0; i<sigNum; ++i) + { + InternalSignatureInformation &isi = m_vInternalSignatureInformations[i]; + + /* + * prepare the signature creator + */ + isi.xReferenceResolvedListener + = prepareSignatureToWrite( isi ); + + exportSignature( xSEKHandler, isi.signatureInfor ); + } + + m_bIsSAXEventKeeperSticky = false; + chainOff(); + + rc = true; + } + catch( cssxs::SAXException& ) + { + m_pErrorMessage = ERROR_SAXEXCEPTIONDURINGCREATION; + } + catch( com::sun::star::io::IOException& ) + { + m_pErrorMessage = ERROR_IOEXCEPTIONDURINGCREATION; + } + catch( cssu::Exception& ) + { + m_pErrorMessage = ERROR_EXCEPTIONDURINGCREATION; + } + + m_xSAXEventKeeper->setNextHandler( NULL ); + m_bIsSAXEventKeeperSticky = false; + } + else + { + m_pErrorMessage = ERROR_CANNOTCREATEXMLSECURITYCOMPONENT; + } + + return rc; +} + diff --git a/xmlsecurity/source/helper/xsecverify.cxx b/xmlsecurity/source/helper/xsecverify.cxx new file mode 100644 index 000000000000..27c7305d3730 --- /dev/null +++ b/xmlsecurity/source/helper/xsecverify.cxx @@ -0,0 +1,334 @@ +/************************************************************************* + * + * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. + * + * Copyright 2008 by Sun Microsystems, Inc. + * + * OpenOffice.org - a multi-platform office productivity suite + * + * $RCSfile: xsecverify.cxx,v $ + * $Revision: 1.10 $ + * + * This file is part of OpenOffice.org. + * + * OpenOffice.org is free software: you can redistribute it and/or modify + * it under the terms of the GNU Lesser General Public License version 3 + * only, as published by the Free Software Foundation. + * + * OpenOffice.org is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU Lesser General Public License version 3 for more details + * (a copy is included in the LICENSE file that accompanied this code). + * + * You should have received a copy of the GNU Lesser General Public License + * version 3 along with OpenOffice.org. If not, see + * <http://www.openoffice.org/license.html> + * for a copy of the LGPLv3 License. + * + ************************************************************************/ + +// MARKER(update_precomp.py): autogen include statement, do not remove +#include "precompiled_xmlsecurity.hxx" + +#include <xsecctl.hxx> +#include "xsecparser.hxx" +#include <tools/debug.hxx> + +#include <com/sun/star/xml/crypto/sax/XKeyCollector.hpp> +#include <com/sun/star/xml/crypto/sax/ElementMarkPriority.hpp> +#include <com/sun/star/xml/crypto/sax/XReferenceResolvedBroadcaster.hpp> +#include <com/sun/star/xml/crypto/sax/XReferenceCollector.hpp> +#include <com/sun/star/xml/crypto/sax/XSignatureVerifyResultBroadcaster.hpp> +#include <com/sun/star/xml/sax/SAXParseException.hpp> + +namespace cssu = com::sun::star::uno; +namespace cssl = com::sun::star::lang; +namespace cssxc = com::sun::star::xml::crypto; +namespace cssxs = com::sun::star::xml::sax; + +/* xml security framework components */ +#define SIGNATUREVERIFIER_COMPONENT "com.sun.star.xml.crypto.sax.SignatureVerifier" + +/* protected: for signature verify */ +cssu::Reference< cssxc::sax::XReferenceResolvedListener > XSecController::prepareSignatureToRead( + sal_Int32 nSecurityId) +{ + if ( m_nStatusOfSecurityComponents != INITIALIZED ) + { + return NULL; + } + + sal_Int32 nIdOfSignatureElementCollector; + cssu::Reference< cssxc::sax::XReferenceResolvedListener > xReferenceResolvedListener; + + nIdOfSignatureElementCollector = + m_xSAXEventKeeper->addSecurityElementCollector( cssxc::sax::ElementMarkPriority_BEFOREMODIFY, sal_False); + + m_xSAXEventKeeper->setSecurityId(nIdOfSignatureElementCollector, nSecurityId); + + /* + * create a SignatureVerifier + */ + cssu::Reference< cssl::XMultiComponentFactory > xMCF( mxCtx->getServiceManager() ); + xReferenceResolvedListener = cssu::Reference< cssxc::sax::XReferenceResolvedListener >( + xMCF->createInstanceWithContext( + rtl::OUString::createFromAscii( SIGNATUREVERIFIER_COMPONENT ), mxCtx), + cssu::UNO_QUERY); + + cssu::Reference<cssl::XInitialization> xInitialization(xReferenceResolvedListener, cssu::UNO_QUERY); + + cssu::Sequence<cssu::Any> args(5); + args[0] = cssu::makeAny(rtl::OUString::valueOf(nSecurityId)); + args[1] = cssu::makeAny(m_xSAXEventKeeper); + args[2] = cssu::makeAny(rtl::OUString::valueOf(nIdOfSignatureElementCollector)); + args[3] = cssu::makeAny(m_xSecurityContext); + args[4] = cssu::makeAny(m_xXMLSignature); + xInitialization->initialize(args); + + cssu::Reference< cssxc::sax::XSignatureVerifyResultBroadcaster > + signatureVerifyResultBroadcaster(xReferenceResolvedListener, cssu::UNO_QUERY); + + signatureVerifyResultBroadcaster->addSignatureVerifyResultListener( this ); + + cssu::Reference<cssxc::sax::XReferenceResolvedBroadcaster> xReferenceResolvedBroadcaster + (m_xSAXEventKeeper, + cssu::UNO_QUERY); + + xReferenceResolvedBroadcaster->addReferenceResolvedListener( + nIdOfSignatureElementCollector, + xReferenceResolvedListener); + + cssu::Reference<cssxc::sax::XKeyCollector> keyCollector (xReferenceResolvedListener, cssu::UNO_QUERY); + keyCollector->setKeyId(0); + + return xReferenceResolvedListener; +} + +void XSecController::addSignature() +{ + cssu::Reference< cssxc::sax::XReferenceResolvedListener > xReferenceResolvedListener = NULL; + sal_Int32 nSignatureId = 0; + + + if (m_bVerifyCurrentSignature) + { + chainOn(true); + xReferenceResolvedListener = prepareSignatureToRead( m_nReservedSignatureId ); + m_bVerifyCurrentSignature = false; + nSignatureId = m_nReservedSignatureId; + } + + InternalSignatureInformation isi( nSignatureId, xReferenceResolvedListener ); + m_vInternalSignatureInformations.push_back( isi ); +} + +void XSecController::addReference( const rtl::OUString& ouUri) +{ + InternalSignatureInformation &isi = m_vInternalSignatureInformations[m_vInternalSignatureInformations.size()-1]; + isi.addReference(TYPE_SAMEDOCUMENT_REFERENCE,ouUri, -1 ); +} + +void XSecController::addStreamReference( + const rtl::OUString& ouUri, + bool isBinary ) +{ + sal_Int32 type = (isBinary?TYPE_BINARYSTREAM_REFERENCE:TYPE_XMLSTREAM_REFERENCE); + + InternalSignatureInformation &isi = m_vInternalSignatureInformations[m_vInternalSignatureInformations.size()-1]; + + if ( isi.xReferenceResolvedListener.is() ) + { + /* + * get the input stream + */ + cssu::Reference< com::sun::star::io::XInputStream > xObjectInputStream + = getObjectInputStream( ouUri ); + + if ( xObjectInputStream.is() ) + { + cssu::Reference<cssxc::XUriBinding> xUriBinding + (isi.xReferenceResolvedListener, cssu::UNO_QUERY); + xUriBinding->setUriBinding(ouUri, xObjectInputStream); + } + } + + isi.addReference(type, ouUri, -1); +} + +void XSecController::setReferenceCount() const +{ + const InternalSignatureInformation &isi = m_vInternalSignatureInformations[m_vInternalSignatureInformations.size()-1]; + + if ( isi.xReferenceResolvedListener.is() ) + { + const SignatureReferenceInformations &refInfors = isi.signatureInfor.vSignatureReferenceInfors; + + int refNum = refInfors.size(); + sal_Int32 referenceCount = 0; + + for(int i=0 ; i<refNum; ++i) + { + if (refInfors[i].nType == TYPE_SAMEDOCUMENT_REFERENCE ) + /* + * same-document reference + */ + { + referenceCount++; + } + } + + cssu::Reference<cssxc::sax::XReferenceCollector> xReferenceCollector + (isi.xReferenceResolvedListener, cssu::UNO_QUERY); + xReferenceCollector->setReferenceCount( referenceCount ); + } +} + +void XSecController::setX509IssuerName( rtl::OUString& ouX509IssuerName ) +{ + InternalSignatureInformation &isi = m_vInternalSignatureInformations[m_vInternalSignatureInformations.size()-1]; + isi.signatureInfor.ouX509IssuerName = ouX509IssuerName; +} + +void XSecController::setX509SerialNumber( rtl::OUString& ouX509SerialNumber ) +{ + InternalSignatureInformation &isi = m_vInternalSignatureInformations[m_vInternalSignatureInformations.size()-1]; + isi.signatureInfor.ouX509SerialNumber = ouX509SerialNumber; +} + +void XSecController::setX509Certificate( rtl::OUString& ouX509Certificate ) +{ + InternalSignatureInformation &isi = m_vInternalSignatureInformations[m_vInternalSignatureInformations.size()-1]; + isi.signatureInfor.ouX509Certificate = ouX509Certificate; +} + +void XSecController::setSignatureValue( rtl::OUString& ouSignatureValue ) +{ + InternalSignatureInformation &isi = m_vInternalSignatureInformations[m_vInternalSignatureInformations.size()-1]; + isi.signatureInfor.ouSignatureValue = ouSignatureValue; +} + +void XSecController::setDigestValue( rtl::OUString& ouDigestValue ) +{ + SignatureInformation &si = m_vInternalSignatureInformations[m_vInternalSignatureInformations.size()-1].signatureInfor; + SignatureReferenceInformation &reference = si.vSignatureReferenceInfors[si.vSignatureReferenceInfors.size()-1]; + reference.ouDigestValue = ouDigestValue; +} + +void XSecController::setDate( rtl::OUString& ouDate ) +{ + InternalSignatureInformation &isi = m_vInternalSignatureInformations[m_vInternalSignatureInformations.size()-1]; + convertDateTime( isi.signatureInfor.stDateTime, ouDate ); + isi.signatureInfor.ouDateTime = ouDate; +} + +/* +void XSecController::setTime( rtl::OUString& ouTime ) +{ + InternalSignatureInformation &isi = m_vInternalSignatureInformations[m_vInternalSignatureInformations.size()-1]; + isi.signatureInfor.ouTime = ouTime; +} +*/ + +void XSecController::setId( rtl::OUString& ouId ) +{ + InternalSignatureInformation &isi = m_vInternalSignatureInformations[m_vInternalSignatureInformations.size()-1]; + isi.signatureInfor.ouSignatureId = ouId; +} + +void XSecController::setPropertyId( rtl::OUString& ouPropertyId ) +{ + InternalSignatureInformation &isi = m_vInternalSignatureInformations[m_vInternalSignatureInformations.size()-1]; + isi.signatureInfor.ouPropertyId = ouPropertyId; +} + +/* public: for signature verify */ +void XSecController::collectToVerify( const rtl::OUString& referenceId ) +{ + /* DBG_ASSERT( m_xSAXEventKeeper.is(), "the SAXEventKeeper is NULL" ); */ + + if ( m_nStatusOfSecurityComponents == INITIALIZED ) + /* + * if all security components are ready, verify the signature. + */ + { + bool bJustChainingOn = false; + cssu::Reference< cssxs::XDocumentHandler > xHandler = NULL; + + int i,j; + int sigNum = m_vInternalSignatureInformations.size(); + + for (i=0; i<sigNum; ++i) + { + InternalSignatureInformation& isi = m_vInternalSignatureInformations[i]; + SignatureReferenceInformations& vReferenceInfors = isi.signatureInfor.vSignatureReferenceInfors; + int refNum = vReferenceInfors.size(); + + for (j=0; j<refNum; ++j) + { + SignatureReferenceInformation &refInfor = vReferenceInfors[j]; + + if (refInfor.ouURI == referenceId) + { + if (chainOn(false)) + { + bJustChainingOn = true; + xHandler = m_xSAXEventKeeper->setNextHandler(NULL); + } + + sal_Int32 nKeeperId = m_xSAXEventKeeper->addSecurityElementCollector( + cssxc::sax::ElementMarkPriority_BEFOREMODIFY, sal_False ); + + cssu::Reference<cssxc::sax::XReferenceResolvedBroadcaster> xReferenceResolvedBroadcaster + (m_xSAXEventKeeper, + cssu::UNO_QUERY ); + + cssu::Reference<cssxc::sax::XReferenceCollector> xReferenceCollector + ( isi.xReferenceResolvedListener, cssu::UNO_QUERY ); + + m_xSAXEventKeeper->setSecurityId(nKeeperId, isi.signatureInfor.nSecurityId); + xReferenceResolvedBroadcaster->addReferenceResolvedListener( nKeeperId, isi.xReferenceResolvedListener); + xReferenceCollector->setReferenceId( nKeeperId ); + + isi.vKeeperIds[j] = nKeeperId; + break; + } + } + } + + if ( bJustChainingOn ) + { + cssu::Reference< cssxs::XDocumentHandler > xSEKHandler(m_xSAXEventKeeper, cssu::UNO_QUERY); + if (m_xElementStackKeeper.is()) + { + m_xElementStackKeeper->retrieve(xSEKHandler, sal_True); + } + m_xSAXEventKeeper->setNextHandler(xHandler); + } + } +} + +void XSecController::addSignature( sal_Int32 nSignatureId ) +{ + DBG_ASSERT( m_pXSecParser != NULL, "No XSecParser initialized" ); + + m_nReservedSignatureId = nSignatureId; + m_bVerifyCurrentSignature = true; +} + +cssu::Reference< cssxs::XDocumentHandler > XSecController::createSignatureReader() +{ + m_pXSecParser = new XSecParser( this, NULL ); + cssu::Reference< cssl::XInitialization > xInitialization = m_pXSecParser; + + setSAXChainConnector(xInitialization, NULL, NULL); + + return m_pXSecParser; +} + +void XSecController::releaseSignatureReader() +{ + clearSAXChainConnector( ); + m_pXSecParser = NULL; +} + diff --git a/xmlsecurity/source/xmlsec/biginteger.cxx b/xmlsecurity/source/xmlsec/biginteger.cxx new file mode 100644 index 000000000000..35545bbe0d3c --- /dev/null +++ b/xmlsecurity/source/xmlsec/biginteger.cxx @@ -0,0 +1,129 @@ +/************************************************************************* + * + * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. + * + * Copyright 2008 by Sun Microsystems, Inc. + * + * OpenOffice.org - a multi-platform office productivity suite + * + * $RCSfile: biginteger.cxx,v $ + * $Revision: 1.8 $ + * + * This file is part of OpenOffice.org. + * + * OpenOffice.org is free software: you can redistribute it and/or modify + * it under the terms of the GNU Lesser General Public License version 3 + * only, as published by the Free Software Foundation. + * + * OpenOffice.org is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU Lesser General Public License version 3 for more details + * (a copy is included in the LICENSE file that accompanied this code). + * + * You should have received a copy of the GNU Lesser General Public License + * version 3 along with OpenOffice.org. If not, see + * <http://www.openoffice.org/license.html> + * for a copy of the LGPLv3 License. + * + ************************************************************************/ + +// MARKER(update_precomp.py): autogen include statement, do not remove +#include "precompiled_xmlsecurity.hxx" + +#include <xmlsecurity/biginteger.hxx> + +#include <sal/types.h> +//For reasons that escape me, this is what xmlsec does when size_t is not 4 +#if SAL_TYPES_SIZEOFPOINTER != 4 +# define XMLSEC_NO_SIZE_T +#endif +#include <xmlsec/xmlsec.h> +#include <xmlsec/bn.h> +#include <com/sun/star/uno/Sequence.hxx> + +using namespace ::com::sun::star::uno ; +using ::rtl::OUString ; + +Sequence< sal_Int8 > numericStringToBigInteger ( OUString numeral ) +{ + if( numeral.getStr() != NULL ) + { + xmlChar* chNumeral ; + const xmlSecByte* bnInteger ; + xmlSecSize length ; + xmlSecBn bn ; + + rtl::OString onumeral = rtl::OUStringToOString( numeral , RTL_TEXTENCODING_ASCII_US ) ; + + chNumeral = xmlStrndup( ( const xmlChar* )onumeral.getStr(), ( int )onumeral.getLength() ) ; + + if( xmlSecBnInitialize( &bn, 0 ) < 0 ) { + xmlFree( chNumeral ) ; + return Sequence< sal_Int8 >(); + } + + if( xmlSecBnFromDecString( &bn, chNumeral ) < 0 ) { + xmlFree( chNumeral ) ; + xmlSecBnFinalize( &bn ) ; + return Sequence< sal_Int8 >(); + } + + xmlFree( chNumeral ) ; + + length = xmlSecBnGetSize( &bn ) ; + if( length <= 0 ) { + xmlSecBnFinalize( &bn ) ; + return Sequence< sal_Int8 >(); + } + + bnInteger = xmlSecBnGetData( &bn ) ; + if( bnInteger == NULL ) { + xmlSecBnFinalize( &bn ) ; + return Sequence< sal_Int8 >(); + } + + Sequence< sal_Int8 > integer( length ) ; + for( unsigned int i = 0 ; i < length ; i ++ ) + { + integer[i] = *( bnInteger + i ) ; + } + + xmlSecBnFinalize( &bn ) ; + return integer ; + } + + return Sequence< sal_Int8 >(); +} + +OUString bigIntegerToNumericString ( Sequence< sal_Int8 > integer ) +{ + OUString aRet ; + + if( integer.getLength() ) { + xmlSecBn bn ; + xmlChar* chNumeral ; + + if( xmlSecBnInitialize( &bn, 0 ) < 0 ) + return aRet ; + + if( xmlSecBnSetData( &bn, ( const unsigned char* )&integer[0], integer.getLength() ) < 0 ) { + xmlSecBnFinalize( &bn ) ; + return aRet ; + } + + chNumeral = xmlSecBnToDecString( &bn ) ; + if( chNumeral == NULL ) { + xmlSecBnFinalize( &bn ) ; + return aRet ; + } + + aRet = OUString::createFromAscii( ( const char* )chNumeral ) ; + + xmlSecBnFinalize( &bn ) ; + xmlFree( chNumeral ) ; + } + + return aRet ; +} + diff --git a/xmlsecurity/source/xmlsec/certificateextension_xmlsecimpl.cxx b/xmlsecurity/source/xmlsec/certificateextension_xmlsecimpl.cxx new file mode 100644 index 000000000000..18e33fdaec5b --- /dev/null +++ b/xmlsecurity/source/xmlsec/certificateextension_xmlsecimpl.cxx @@ -0,0 +1,100 @@ +/************************************************************************* + * + * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. + * + * Copyright 2008 by Sun Microsystems, Inc. + * + * OpenOffice.org - a multi-platform office productivity suite + * + * $RCSfile: certificateextension_xmlsecimpl.cxx,v $ + * $Revision: 1.6 $ + * + * This file is part of OpenOffice.org. + * + * OpenOffice.org is free software: you can redistribute it and/or modify + * it under the terms of the GNU Lesser General Public License version 3 + * only, as published by the Free Software Foundation. + * + * OpenOffice.org is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU Lesser General Public License version 3 for more details + * (a copy is included in the LICENSE file that accompanied this code). + * + * You should have received a copy of the GNU Lesser General Public License + * version 3 along with OpenOffice.org. If not, see + * <http://www.openoffice.org/license.html> + * for a copy of the LGPLv3 License. + * + ************************************************************************/ + +// MARKER(update_precomp.py): autogen include statement, do not remove +#include "precompiled_xmlsecurity.hxx" +#include <sal/config.h> +#include <rtl/uuid.h> + +#ifndef _certificateextension_nssimpl_hxx_ +#include "certificateextension_xmlsecimpl.hxx" +#endif + +using namespace ::com::sun::star::uno ; +using ::rtl::OUString ; + +using ::com::sun::star::security::XCertificateExtension ; + +CertificateExtension_XmlSecImpl :: CertificateExtension_XmlSecImpl() : + m_critical( sal_False ) , + m_xExtnId() , + m_xExtnValue() +{ +} + +CertificateExtension_XmlSecImpl :: ~CertificateExtension_XmlSecImpl() { +} + + +//Methods from XCertificateExtension +sal_Bool SAL_CALL CertificateExtension_XmlSecImpl :: isCritical() throw( ::com::sun::star::uno::RuntimeException ) { + return m_critical ; +} + +::com::sun::star::uno::Sequence< sal_Int8 > SAL_CALL CertificateExtension_XmlSecImpl :: getExtensionId() throw( ::com::sun::star::uno::RuntimeException ) { + return m_xExtnId ; +} + +::com::sun::star::uno::Sequence< sal_Int8 > SAL_CALL CertificateExtension_XmlSecImpl :: getExtensionValue() throw( ::com::sun::star::uno::RuntimeException ) { + return m_xExtnValue ; +} + +//Helper method +void CertificateExtension_XmlSecImpl :: setCertExtn( ::com::sun::star::uno::Sequence< sal_Int8 > extnId, ::com::sun::star::uno::Sequence< sal_Int8 > extnValue, sal_Bool critical ) { + m_critical = critical ; + m_xExtnId = extnId ; + m_xExtnValue = extnValue ; +} + +void CertificateExtension_XmlSecImpl :: setCertExtn( unsigned char* value, unsigned int vlen, unsigned char* id, unsigned int idlen, sal_Bool critical ) { + unsigned int i ; + if( value != NULL && vlen != 0 ) { + Sequence< sal_Int8 > extnv( vlen ) ; + for( i = 0; i < vlen ; i ++ ) + extnv[i] = *( value + i ) ; + + m_xExtnValue = extnv ; + } else { + m_xExtnValue = Sequence<sal_Int8>(); + } + + if( id != NULL && idlen != 0 ) { + Sequence< sal_Int8 > extnId( idlen ) ; + for( i = 0; i < idlen ; i ++ ) + extnId[i] = *( id + i ) ; + + m_xExtnId = extnId ; + } else { + m_xExtnId = Sequence<sal_Int8>(); + } + + m_critical = critical ; +} + diff --git a/xmlsecurity/source/xmlsec/certificateextension_xmlsecimpl.hxx b/xmlsecurity/source/xmlsec/certificateextension_xmlsecimpl.hxx new file mode 100644 index 000000000000..3866a5c15efd --- /dev/null +++ b/xmlsecurity/source/xmlsec/certificateextension_xmlsecimpl.hxx @@ -0,0 +1,68 @@ +/************************************************************************* + * + * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. + * + * Copyright 2008 by Sun Microsystems, Inc. + * + * OpenOffice.org - a multi-platform office productivity suite + * + * $RCSfile: certificateextension_xmlsecimpl.hxx,v $ + * $Revision: 1.4 $ + * + * This file is part of OpenOffice.org. + * + * OpenOffice.org is free software: you can redistribute it and/or modify + * it under the terms of the GNU Lesser General Public License version 3 + * only, as published by the Free Software Foundation. + * + * OpenOffice.org is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU Lesser General Public License version 3 for more details + * (a copy is included in the LICENSE file that accompanied this code). + * + * You should have received a copy of the GNU Lesser General Public License + * version 3 along with OpenOffice.org. If not, see + * <http://www.openoffice.org/license.html> + * for a copy of the LGPLv3 License. + * + ************************************************************************/ + +#ifndef _CERTIFICATEEXTENSION_XMLSECIMPL_HXX_ +#define _CERTIFICATEEXTENSION_XMLSECIMPL_HXX_ + +#include <sal/config.h> +#include <rtl/ustring.hxx> +#include <cppuhelper/factory.hxx> +#include <cppuhelper/implbase1.hxx> +#include <com/sun/star/uno/Exception.hpp> +#include "com/sun/star/uno/SecurityException.hpp" +#include <com/sun/star/security/XCertificateExtension.hpp> + +class CertificateExtension_XmlSecImpl : public ::cppu::WeakImplHelper1< + ::com::sun::star::security::XCertificateExtension > +{ + private : + sal_Bool m_critical ; + ::com::sun::star::uno::Sequence< sal_Int8 > m_xExtnId ; + ::com::sun::star::uno::Sequence< sal_Int8 > m_xExtnValue ; + + public : + CertificateExtension_XmlSecImpl() ; + virtual ~CertificateExtension_XmlSecImpl() ; + + //Methods from XCertificateExtension + virtual sal_Bool SAL_CALL isCritical() throw( ::com::sun::star::uno::RuntimeException ) ; + + virtual ::com::sun::star::uno::Sequence< sal_Int8 > SAL_CALL getExtensionId() throw( ::com::sun::star::uno::RuntimeException ) ; + + virtual ::com::sun::star::uno::Sequence< sal_Int8 > SAL_CALL getExtensionValue() throw( ::com::sun::star::uno::RuntimeException ) ; + + //Helper method + void setCertExtn( ::com::sun::star::uno::Sequence< sal_Int8 > extnId, ::com::sun::star::uno::Sequence< sal_Int8 > extnValue, sal_Bool critical ) ; + + void setCertExtn( unsigned char* value, unsigned int vlen, unsigned char* id, unsigned int idlen, sal_Bool critical ) ; +} ; + +#endif // _CERTIFICATEEXTENSION_XMLSECIMPL_HXX_ + diff --git a/xmlsecurity/source/xmlsec/certvalidity.cxx b/xmlsecurity/source/xmlsec/certvalidity.cxx new file mode 100644 index 000000000000..275899b3ad1e --- /dev/null +++ b/xmlsecurity/source/xmlsec/certvalidity.cxx @@ -0,0 +1,101 @@ +/************************************************************************* + * + * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. + * + * Copyright 2008 by Sun Microsystems, Inc. + * + * OpenOffice.org - a multi-platform office productivity suite + * + * $RCSfile: certvalidity.cxx,v $ + * $Revision: 1.7 $ + * + * This file is part of OpenOffice.org. + * + * OpenOffice.org is free software: you can redistribute it and/or modify + * it under the terms of the GNU Lesser General Public License version 3 + * only, as published by the Free Software Foundation. + * + * OpenOffice.org is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU Lesser General Public License version 3 for more details + * (a copy is included in the LICENSE file that accompanied this code). + * + * You should have received a copy of the GNU Lesser General Public License + * version 3 along with OpenOffice.org. If not, see + * <http://www.openoffice.org/license.html> + * for a copy of the LGPLv3 License. + * + ************************************************************************/ + +// MARKER(update_precomp.py): autogen include statement, do not remove +#include "precompiled_xmlsecurity.hxx" + +#include <xmlsecurity/certvalidity.hxx> +#include <com/sun/star/security/CertificateValidity.hpp> + +using ::rtl::OUString ; +using namespace ::com::sun::star::security ; + +#define VALID_STR "valid certificate" +#define INVALID_STR "invalid certificate" +#define UNTRUSTED_STR "untrusted certificate" +#define TIME_INVALID_STR "expired certificate" +#define NOT_NESTED_TIME_STR "invalid time nesting" +#define REVOKED_STR "revoked certificate" +#define UNKNOWN_REVOKATION_STR "unknown certificate revocation status" +#define SIGNATURE_INVALID_STR "invalid certificate signature" +#define EXTENSION_INVALID_STR "invalid certificate extension" +#define EXTENSION_UNKNOWN_STR "unknown critical certificate extension" +#define ISSUER_UNKNOWN_STR "unknown certificate issuer" +#define ISSUER_UNTRUSTED_STR "untrusted certificate issuer" +#define ISSUER_INVALID_STR "invalid certificate issuer" +#define ROOT_UNKNOWN_STR "unknown root certificate" +#define ROOT_UNTRUSTED_STR "untrusted root certificate" +#define ROOT_INVALID_STR "invalid root certificate" +#define CHAIN_INCOMPLETE_STR "invalid certification path" + +rtl::OUString certificateValidityToOUString( ::sal_Int32 certValidity ) { + OUString aValidity ; + + if( (certValidity & CertificateValidity::VALID) == CertificateValidity::VALID ) { + aValidity = OUString::createFromAscii( ( const char* )VALID_STR ) ; + } else if( ( certValidity & CertificateValidity::INVALID ) == CertificateValidity::INVALID ) { + aValidity = OUString::createFromAscii( ( const char* )INVALID_STR ) ; + } else if( ( certValidity & CertificateValidity::UNTRUSTED ) == CertificateValidity::UNTRUSTED ) { + aValidity = OUString::createFromAscii( ( const char* )UNTRUSTED_STR ) ; + } else if( ( certValidity & CertificateValidity::TIME_INVALID ) == CertificateValidity::TIME_INVALID ) { + aValidity = OUString::createFromAscii( ( const char* )TIME_INVALID_STR ) ; + } else if( ( certValidity & CertificateValidity::NOT_TIME_NESTED ) == CertificateValidity::NOT_TIME_NESTED ) { + aValidity = OUString::createFromAscii( ( const char* )NOT_NESTED_TIME_STR ) ; + } else if( ( certValidity & CertificateValidity::REVOKED ) == CertificateValidity::REVOKED ) { + aValidity = OUString::createFromAscii( ( const char* )REVOKED_STR ) ; + } else if( ( certValidity & CertificateValidity::UNKNOWN_REVOKATION ) == CertificateValidity::UNKNOWN_REVOKATION ) { + aValidity = OUString::createFromAscii( ( const char* )UNKNOWN_REVOKATION_STR ) ; + } else if( ( certValidity & CertificateValidity::SIGNATURE_INVALID ) == CertificateValidity::SIGNATURE_INVALID ) { + aValidity = OUString::createFromAscii( ( const char* )SIGNATURE_INVALID_STR ) ; + } else if( ( certValidity & CertificateValidity::EXTENSION_INVALID ) == CertificateValidity::EXTENSION_INVALID ) { + aValidity = OUString::createFromAscii( ( const char* )EXTENSION_INVALID_STR ) ; + } else if( ( certValidity & CertificateValidity::EXTENSION_UNKNOWN ) == CertificateValidity::EXTENSION_UNKNOWN ) { + aValidity = OUString::createFromAscii( ( const char* )EXTENSION_UNKNOWN_STR ) ; + } else if( ( certValidity & CertificateValidity::ISSUER_UNKNOWN ) == CertificateValidity::ISSUER_UNKNOWN ) { + aValidity = OUString::createFromAscii( ( const char* )ISSUER_UNKNOWN_STR ) ; + } else if( ( certValidity & CertificateValidity::ISSUER_UNTRUSTED ) == CertificateValidity::ISSUER_UNTRUSTED ) { + aValidity = OUString::createFromAscii( ( const char* )ISSUER_UNTRUSTED_STR ) ; + } else if( ( certValidity & CertificateValidity::ISSUER_INVALID ) == CertificateValidity::ISSUER_INVALID ) { + aValidity = OUString::createFromAscii( ( const char* )ISSUER_INVALID_STR ) ; + } else if( ( certValidity & CertificateValidity::ROOT_UNKNOWN ) == CertificateValidity::ROOT_UNKNOWN ) { + aValidity = OUString::createFromAscii( ( const char* )ROOT_UNKNOWN_STR ) ; + } else if( ( certValidity & CertificateValidity::ROOT_UNTRUSTED ) == CertificateValidity::ROOT_UNTRUSTED ) { + aValidity = OUString::createFromAscii( ( const char* )ROOT_UNTRUSTED_STR ) ; + } else if( ( certValidity & CertificateValidity::ROOT_INVALID ) == CertificateValidity::ROOT_INVALID ) { + aValidity = OUString::createFromAscii( ( const char* )ROOT_INVALID_STR ) ; + } else if( ( certValidity & CertificateValidity::CHAIN_INCOMPLETE ) == CertificateValidity::CHAIN_INCOMPLETE ) { + aValidity = OUString::createFromAscii( ( const char* )CHAIN_INCOMPLETE_STR ) ; + } else { + aValidity = OUString::createFromAscii( ( const char* )INVALID_STR ) ; + } + + return aValidity ; +} + diff --git a/xmlsecurity/source/xmlsec/errorcallback.cxx b/xmlsecurity/source/xmlsec/errorcallback.cxx new file mode 100644 index 000000000000..7a1795ee35e9 --- /dev/null +++ b/xmlsecurity/source/xmlsec/errorcallback.cxx @@ -0,0 +1,214 @@ +/************************************************************************* + * + * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. + * + * Copyright 2008 by Sun Microsystems, Inc. + * + * OpenOffice.org - a multi-platform office productivity suite + * + * $RCSfile: errorcallback.cxx,v $ + * $Revision: 1.10 $ + * + * This file is part of OpenOffice.org. + * + * OpenOffice.org is free software: you can redistribute it and/or modify + * it under the terms of the GNU Lesser General Public License version 3 + * only, as published by the Free Software Foundation. + * + * OpenOffice.org is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU Lesser General Public License version 3 for more details + * (a copy is included in the LICENSE file that accompanied this code). + * + * You should have received a copy of the GNU Lesser General Public License + * version 3 along with OpenOffice.org. If not, see + * <http://www.openoffice.org/license.html> + * for a copy of the LGPLv3 License. + * + ************************************************************************/ + +// MARKER(update_precomp.py): autogen include statement, do not remove +#include "precompiled_xmlsecurity.hxx" + +/* + * Implementation of the I/O interfaces based on stream and URI binding + */ +#include "errorcallback.hxx" + +#include <sal/types.h> +//For reasons that escape me, this is what xmlsec does when size_t is not 4 +#if SAL_TYPES_SIZEOFPOINTER != 4 +# define XMLSEC_NO_SIZE_T +#endif +#include "xmlsec/xmlsec.h" +#include "xmlsec/errors.h" + +using namespace ::com::sun::star::xml::crypto; + +// ::com::sun::star::uno::Reference< XXMLSecurityTemplate > g_xErrorRecorder; +// bool g_bErrorRecorded; + +// SecurityOperationStatus getOperationStatus(int reason) +// { +// switch (reason) +// { +// case XMLSEC_ERRORS_R_XMLSEC_FAILED: +// return SecurityOperationStatus_ENGINE_FAILED; +// case XMLSEC_ERRORS_R_MALLOC_FAILED: +// return SecurityOperationStatus_MALLOC_FAILED; +// case XMLSEC_ERRORS_R_STRDUP_FAILED: +// return SecurityOperationStatus_STRDUP_FAILED; +// case XMLSEC_ERRORS_R_CRYPTO_FAILED: +// return SecurityOperationStatus_CRYPTO_FAILED; +// case XMLSEC_ERRORS_R_XML_FAILED: +// return SecurityOperationStatus_XML_FAILED; +// case XMLSEC_ERRORS_R_XSLT_FAILED: +// return SecurityOperationStatus_XSLT_FAILED; +// case XMLSEC_ERRORS_R_IO_FAILED: +// return SecurityOperationStatus_IO_FAILED; +// case XMLSEC_ERRORS_R_DISABLED: +// return SecurityOperationStatus_DISABLED; +// case XMLSEC_ERRORS_R_NOT_IMPLEMENTED: +// return SecurityOperationStatus_NOT_IMPLEMENTED; +// case XMLSEC_ERRORS_R_INVALID_SIZE: +// return SecurityOperationStatus_INVALID_SIZE; +// case XMLSEC_ERRORS_R_INVALID_DATA: +// return SecurityOperationStatus_INVALID_DATA; +// case XMLSEC_ERRORS_R_INVALID_RESULT: +// return SecurityOperationStatus_INVALID_RESULT; +// case XMLSEC_ERRORS_R_INVALID_TYPE: +// return SecurityOperationStatus_INVALID_TYPE; +// case XMLSEC_ERRORS_R_INVALID_OPERATION: +// return SecurityOperationStatus_INVALID_OPERATION; +// case XMLSEC_ERRORS_R_INVALID_STATUS: +// return SecurityOperationStatus_INVALID_STATUS; +// case XMLSEC_ERRORS_R_INVALID_FORMAT: +// return SecurityOperationStatus_INVALID_FORMAT; +// case XMLSEC_ERRORS_R_DATA_NOT_MATCH: +// return SecurityOperationStatus_DATA_NOT_MATCH; +// case XMLSEC_ERRORS_R_INVALID_NODE: +// return SecurityOperationStatus_INVALID_NODE; +// case XMLSEC_ERRORS_R_INVALID_NODE_CONTENT: +// return SecurityOperationStatus_INVALID_NODE_CONTENT; +// case XMLSEC_ERRORS_R_INVALID_NODE_ATTRIBUTE: +// return SecurityOperationStatus_INVALID_NODE_ATTRIBUTE; +// case XMLSEC_ERRORS_R_MISSING_NODE_ATTRIBUTE: +// return SecurityOperationStatus_MISSING_NODE_ATTRIBUTE; +// case XMLSEC_ERRORS_R_NODE_ALREADY_PRESENT: +// return SecurityOperationStatus_NODE_ALREADY_PRESENT; +// case XMLSEC_ERRORS_R_UNEXPECTED_NODE: +// return SecurityOperationStatus_UNEXPECTED_NODE; +// case XMLSEC_ERRORS_R_NODE_NOT_FOUND: +// return SecurityOperationStatus_NODE_NOT_FOUND; +// case XMLSEC_ERRORS_R_INVALID_TRANSFORM: +// return SecurityOperationStatus_INVALID_TRANSFORM; +// case XMLSEC_ERRORS_R_INVALID_TRANSFORM_KEY: +// return SecurityOperationStatus_INVALID_TRANSFORM_KEY; +// case XMLSEC_ERRORS_R_INVALID_URI_TYPE: +// return SecurityOperationStatus_INVALID_URI_TYPE; +// case XMLSEC_ERRORS_R_TRANSFORM_SAME_DOCUMENT_REQUIRED: +// return SecurityOperationStatus_TRANSFORM_SAME_DOCUMENT_REQUIRED; +// case XMLSEC_ERRORS_R_TRANSFORM_DISABLED: +// return SecurityOperationStatus_TRANSFORM_DISABLED; +// case XMLSEC_ERRORS_R_INVALID_KEY_DATA: +// return SecurityOperationStatus_INVALID_KEY_DATA; +// case XMLSEC_ERRORS_R_KEY_DATA_NOT_FOUND: +// return SecurityOperationStatus_KEY_DATA_NOT_FOUND; +// case XMLSEC_ERRORS_R_KEY_DATA_ALREADY_EXIST: +// return SecurityOperationStatus_KEY_DATA_ALREADY_EXIST; +// case XMLSEC_ERRORS_R_INVALID_KEY_DATA_SIZE: +// return SecurityOperationStatus_INVALID_KEY_DATA_SIZE; +// case XMLSEC_ERRORS_R_KEY_NOT_FOUND: +// return SecurityOperationStatus_KEY_NOT_FOUND; +// case XMLSEC_ERRORS_R_KEYDATA_DISABLED: +// return SecurityOperationStatus_KEYDATA_DISABLED; +// case XMLSEC_ERRORS_R_MAX_RETRIEVALS_LEVEL: +// return SecurityOperationStatus_MAX_RETRIEVALS_LEVEL; +// case XMLSEC_ERRORS_R_MAX_RETRIEVAL_TYPE_MISMATCH: +// return SecurityOperationStatus_MAX_RETRIEVAL_TYPE_MISMATCH; +// case XMLSEC_ERRORS_R_MAX_ENCKEY_LEVEL: +// return SecurityOperationStatus_MAX_ENCKEY_LEVEL; +// case XMLSEC_ERRORS_R_CERT_VERIFY_FAILED: +// return SecurityOperationStatus_CERT_VERIFY_FAILED; +// case XMLSEC_ERRORS_R_CERT_NOT_FOUND: +// return SecurityOperationStatus_CERT_NOT_FOUND; +// case XMLSEC_ERRORS_R_CERT_REVOKED: +// return SecurityOperationStatus_CERT_REVOKED; +// case XMLSEC_ERRORS_R_CERT_ISSUER_FAILED: +// return SecurityOperationStatus_CERT_ISSUER_FAILED; +// case XMLSEC_ERRORS_R_CERT_NOT_YET_VALID: +// return SecurityOperationStatus_CERT_NOT_YET_VALID; +// case XMLSEC_ERRORS_R_CERT_HAS_EXPIRED: +// return SecurityOperationStatus_CERT_HAS_EXPIRED; +// case XMLSEC_ERRORS_R_DSIG_NO_REFERENCES: +// return SecurityOperationStatus_DSIG_NO_REFERENCES; +// case XMLSEC_ERRORS_R_DSIG_INVALID_REFERENCE: +// return SecurityOperationStatus_DSIG_INVALID_REFERENCE; +// case XMLSEC_ERRORS_R_ASSERTION: +// return SecurityOperationStatus_ASSERTION; +// default: +// return SecurityOperationStatus_RUNTIMEERROR_FAILED; +// } +// } + + +extern "C" +void errorCallback(const char * /*file*/, + int /*line*/, + const char * /*func*/, + const char * /*errorObject*/, + const char * /*errorSubject*/, + int /*reason*/, + const char * /*msg*/) +{ +#if OSL_DEBUG_LEVEL > 1 +// const char * afunc = func ? func : ""; +// const char * errObj = errorObject ? errorObject : ""; +// const char * errSub = errorSubject ? errorSubject : ""; +// const char * amsg = msg ? msg : ""; +// fprintf(stdout, "xmlsec error: %s, %s, %s, %i %s \n", afunc, errObj, errSub, reason, amsg); +#endif + //ToDo write log message +// if (g_xErrorRecorder.is() && !g_bErrorRecorded) +// { +// g_xErrorRecorder->setStatus(getOperationStatus(reason)); + +// if ( reason != XMLSEC_ERRORS_R_ASSERTION && reason!=XMLSEC_ERRORS_R_XMLSEC_FAILED) +// { +// g_bErrorRecorded = true; +// } +// } +} + +// void setErrorRecorder(const ::com::sun::star::uno::Reference< ::com::sun::star::xml::crypto::XXMLSecurityTemplate >& xTemplate) +// { +// g_xErrorRecorder = xTemplate; +// g_xErrorRecorder->setStatus(SecurityOperationStatus_OPERATION_SUCCEEDED); +// g_bErrorRecorded = false; +// xmlSecErrorsSetCallback(errorCallback); +// } + +//void setErrorRecorder(const ::com::sun::star::uno::Reference< ::com::sun::star::xml::crypto::XXMLSignatureTemplate >& xTemplate) + +void setErrorRecorder() +{ +// ::com::sun::star::uno::Reference< ::com::sun::star::xml::crypto::XXMLSecurityTemplate > +// xSecurityTemplate(xTemplate, ::com::sun::star::uno::UNO_QUERY); +// setErrorRecorder( xSecurityTemplate ); + xmlSecErrorsSetCallback(errorCallback); +} + +// void setErrorRecorder(const ::com::sun::star::uno::Reference< ::com::sun::star::xml::crypto::XXMLEncryptionTemplate >& xTemplate) +// { +// ::com::sun::star::uno::Reference< ::com::sun::star::xml::crypto::XXMLSecurityTemplate > +// xSecurityTemplate(xTemplate, ::com::sun::star::uno::UNO_QUERY); +// setErrorRecorder( xSecurityTemplate ); +// } + +void clearErrorRecorder() +{ + xmlSecErrorsSetCallback(NULL); +// g_xErrorRecorder = NULL; +} + diff --git a/xmlsecurity/source/xmlsec/errorcallback.hxx b/xmlsecurity/source/xmlsec/errorcallback.hxx new file mode 100644 index 000000000000..e443528bd933 --- /dev/null +++ b/xmlsecurity/source/xmlsec/errorcallback.hxx @@ -0,0 +1,47 @@ +/************************************************************************* + * + * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. + * + * Copyright 2008 by Sun Microsystems, Inc. + * + * OpenOffice.org - a multi-platform office productivity suite + * + * $RCSfile: errorcallback.hxx,v $ + * $Revision: 1.5 $ + * + * This file is part of OpenOffice.org. + * + * OpenOffice.org is free software: you can redistribute it and/or modify + * it under the terms of the GNU Lesser General Public License version 3 + * only, as published by the Free Software Foundation. + * + * OpenOffice.org is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU Lesser General Public License version 3 for more details + * (a copy is included in the LICENSE file that accompanied this code). + * + * You should have received a copy of the GNU Lesser General Public License + * version 3 along with OpenOffice.org. If not, see + * <http://www.openoffice.org/license.html> + * for a copy of the LGPLv3 License. + * + ************************************************************************/ + +#ifndef _ERRORCALLBACK_XMLSECIMPL_HXX_ +#define _ERRORCALLBACK_XMLSECIMPL_HXX_ + +#ifndef _COM_SUN_STAR_UNO_REFERENCE_HPP_ +#include <com/sun/star/uno/Reference.hxx> +#endif +#include <com/sun/star/xml/crypto/XXMLSignatureTemplate.hpp> +#include <com/sun/star/xml/crypto/XXMLEncryptionTemplate.hpp> + +// Only used for logging +void setErrorRecorder(); +//ToDo +//void setErrorRecorder(const ::com::sun::star::uno::Reference< ::com::sun::star::xml::crypto::XXMLEncryptionTemplate >& xTemplate); +void clearErrorRecorder(); + +#endif + diff --git a/xmlsecurity/source/xmlsec/makefile.mk b/xmlsecurity/source/xmlsec/makefile.mk new file mode 100644 index 000000000000..233b5c370620 --- /dev/null +++ b/xmlsecurity/source/xmlsec/makefile.mk @@ -0,0 +1,73 @@ +#************************************************************************* +# +# DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. +# +# Copyright 2008 by Sun Microsystems, Inc. +# +# OpenOffice.org - a multi-platform office productivity suite +# +# $RCSfile: makefile.mk,v $ +# +# $Revision: 1.12 $ +# +# This file is part of OpenOffice.org. +# +# OpenOffice.org is free software: you can redistribute it and/or modify +# it under the terms of the GNU Lesser General Public License version 3 +# only, as published by the Free Software Foundation. +# +# OpenOffice.org is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU Lesser General Public License version 3 for more details +# (a copy is included in the LICENSE file that accompanied this code). +# +# You should have received a copy of the GNU Lesser General Public License +# version 3 along with OpenOffice.org. If not, see +# <http://www.openoffice.org/license.html> +# for a copy of the LGPLv3 License. +# +#************************************************************************* + +PRJ=..$/.. + +PRJNAME = xmlsecurity +TARGET = xs_comm + +ENABLE_EXCEPTIONS = TRUE + +# --- Settings ----------------------------------------------------- + +.INCLUDE : settings.mk +.INCLUDE : $(PRJ)$/util$/target.pmk + +.IF "$(SYSTEM_LIBXML)" == "YES" +CFLAGS+=-DSYSTEM_LIBXML $(LIBXML_CFLAGS) +.ENDIF + +.IF "$(WITH_MOZILLA)" == "NO" +@all: + @echo "No mozilla -> no nss -> no libxmlsec -> no xmlsecurity.." +.ENDIF + +.IF "$(CRYPTO_ENGINE)" == "mscrypto" +CDEFS += -DXMLSEC_CRYPTO_MSCRYPTO -DXMLSEC_NO_XSLT +.ELSE +CDEFS += -DXMLSEC_CRYPTO_NSS -DXMLSEC_NO_XSLT +.ENDIF + +# --- Files -------------------------------------------------------- +SLOFILES = \ + $(SLO)$/biginteger.obj \ + $(SLO)$/certvalidity.obj \ + $(SLO)$/saxhelper.obj \ + $(SLO)$/xmldocumentwrapper_xmlsecimpl.obj \ + $(SLO)$/xmlelementwrapper_xmlsecimpl.obj \ + $(SLO)$/certificateextension_xmlsecimpl.obj \ + $(SLO)$/xmlstreamio.obj \ + $(SLO)$/errorcallback.obj \ + $(SLO)$/xsec_xmlsec.obj + +# --- Targets ------------------------------------------------------ + +.INCLUDE : target.mk diff --git a/xmlsecurity/source/xmlsec/mscrypt/makefile.mk b/xmlsecurity/source/xmlsec/mscrypt/makefile.mk new file mode 100644 index 000000000000..100ade634e13 --- /dev/null +++ b/xmlsecurity/source/xmlsec/mscrypt/makefile.mk @@ -0,0 +1,75 @@ +#************************************************************************* +# +# DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. +# +# Copyright 2008 by Sun Microsystems, Inc. +# +# OpenOffice.org - a multi-platform office productivity suite +# +# $RCSfile: makefile.mk,v $ +# +# $Revision: 1.5 $ +# +# This file is part of OpenOffice.org. +# +# OpenOffice.org is free software: you can redistribute it and/or modify +# it under the terms of the GNU Lesser General Public License version 3 +# only, as published by the Free Software Foundation. +# +# OpenOffice.org is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU Lesser General Public License version 3 for more details +# (a copy is included in the LICENSE file that accompanied this code). +# +# You should have received a copy of the GNU Lesser General Public License +# version 3 along with OpenOffice.org. If not, see +# <http://www.openoffice.org/license.html> +# for a copy of the LGPLv3 License. +# +#************************************************************************* + +PRJ=..$/..$/.. + +PRJNAME = xmlsecurity +TARGET = xs_mscrypt + +ENABLE_EXCEPTIONS = TRUE + +# --- Settings ----------------------------------------------------- + +.INCLUDE : settings.mk +.INCLUDE : $(PRJ)$/util$/target.pmk + +.IF "$(CRYPTO_ENGINE)" != "mscrypto" +LIBTARGET=NO +.ENDIF + +.IF "$(CRYPTO_ENGINE)" == "mscrypto" + +.IF "$(WITH_MOZILLA)" == "NO" +@all: + @echo "No mozilla -> no nss -> no libxmlsec -> no xmlsecurity/nss" +.ENDIF + +CDEFS += -DXMLSEC_CRYPTO_MSCRYPTO -DXMLSEC_NO_XSLT + +# --- Files -------------------------------------------------------- +INCLOCAL = \ + .. + +SLOFILES = \ + $(SLO)$/securityenvironment_mscryptimpl.obj \ + $(SLO)$/xmlencryption_mscryptimpl.obj \ + $(SLO)$/xmlsecuritycontext_mscryptimpl.obj \ + $(SLO)$/xmlsignature_mscryptimpl.obj \ + $(SLO)$/x509certificate_mscryptimpl.obj \ + $(SLO)$/seinitializer_mscryptimpl.obj \ + $(SLO)$/xsec_mscrypt.obj + +.ENDIF + +# --- Targets ------------------------------------------------------ + +.INCLUDE : target.mk + diff --git a/xmlsecurity/source/xmlsec/mscrypt/oid.hxx b/xmlsecurity/source/xmlsec/mscrypt/oid.hxx new file mode 100644 index 000000000000..f2466e1c5803 --- /dev/null +++ b/xmlsecurity/source/xmlsec/mscrypt/oid.hxx @@ -0,0 +1,161 @@ +/************************************************************************* + * + * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. + * + * Copyright 2008 by Sun Microsystems, Inc. + * + * OpenOffice.org - a multi-platform office productivity suite + * + * $RCSfile: oid.hxx,v $ + * $Revision: 1.3 $ + * + * This file is part of OpenOffice.org. + * + * OpenOffice.org is free software: you can redistribute it and/or modify + * it under the terms of the GNU Lesser General Public License version 3 + * only, as published by the Free Software Foundation. + * + * OpenOffice.org is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU Lesser General Public License version 3 for more details + * (a copy is included in the LICENSE file that accompanied this code). + * + * You should have received a copy of the GNU Lesser General Public License + * version 3 along with OpenOffice.org. If not, see + * <http://www.openoffice.org/license.html> + * for a copy of the LGPLv3 License. + * + ************************************************************************/ + +#ifndef _OID_HXX_ +#define _OID_HXX_ + +typedef struct OIDItemStr OIDItem; + +struct OIDItemStr { + char *oid; + char *desc; +}; + +OIDItem OIDs[] = { + {"1.2.840.113549", "RSA Data Security Inc."}, + {"1.2.840.113549.1", "PKCS"}, + {"1.2.840.113549.2", "RSA digest algorithm"}, + {"1.2.840.113549.3", "RSA cipher algorithm"}, + {"1.2.840.113549.1.1", "PKCS #1"}, + {"1.2.840.113549.1.2", "Unknown"}, + {"1.2.840.113549.1.3", "Unknown"}, + {"1.2.840.113549.1.4", "Unknown"}, + {"1.2.840.113549.1.5", "PKCS #5"}, + {"1.2.840.113549.1.6", "Unknown"}, + {"1.2.840.113549.1.7", "PKCS #7"}, + {"1.2.840.113549.1.8", "Unknown"}, + {"1.2.840.113549.1.9", "PKCS #9"}, + {"1.2.840.113549.1.10", "Unknown"}, + {"1.2.840.113549.1.12", "PKCS #12"}, + {"1.2.840.113549.1.1.2", "PKCS #1 MD2 With RSA Encryption"}, + {"1.2.840.113549.1.1.3", "PKCS #1 MD4 With RSA Encryption"}, + {"1.2.840.113549.1.1.4", "PKCS #1 MD5 With RSA Encryption"}, + {"1.2.840.113549.1.1.1", "PKCS #1 RSA Encryption"}, + {"1.2.840.113549.1.1.2", "PKCS #1 MD2 With RSA Encryption"}, + {"1.2.840.113549.1.1.3", "PKCS #1 MD4 With RSA Encryption"}, + {"1.2.840.113549.1.1.4", "PKCS #1 MD5 With RSA Encryption"}, + {"1.2.840.113549.1.1.5", "PKCS #1 SHA-1 With RSA Encryption"}, + {"1.2.840.113549.1.1.5", "PKCS #1 SHA-1 With RSA Encryption"}, + {"1.2.840.113549.1.3.1", "Unknown"}, + {"1.2.840.113549.1.7.1", "PKCS #7 Data"}, + {"1.2.840.113549.1.7.2", "PKCS #7 Signed Data"}, + {"1.2.840.113549.1.7.3", "PKCS #7 Enveloped Data"}, + {"1.2.840.113549.1.7.4", "PKCS #7 Signed and Enveloped Data"}, + {"1.2.840.113549.1.7.5", "PKCS #7 Digested Data"}, + {"1.2.840.113549.1.7.5", "PKCS #7 Digested Data"}, + {"1.2.840.113549.1.7.6", "PKCS #7 Encrypted Data"}, + {"1.2.840.113549.1.9.1", "PKCS #9 Email Address"}, + {"1.2.840.113549.1.9.2", "PKCS #9 Unstructured Name"}, + {"1.2.840.113549.1.9.3", "PKCS #9 Content Type"}, + {"1.2.840.113549.1.9.4", "PKCS #9 Message Digest"}, + {"1.2.840.113549.1.9.5", "PKCS #9 Signing Time"}, + {"1.2.840.113549.1.9.6", "PKCS #9 Counter Signature"}, + {"1.2.840.113549.1.9.7", "PKCS #9 Challenge Password"}, + {"1.2.840.113549.1.9.8", "PKCS #9 Unstructured Address"}, + {"1.2.840.113549.1.9.9", "PKCS #9 Extended Certificate Attributes"}, + {"1.2.840.113549.1.9.15", "PKCS #9 S/MIME Capabilities"}, + {"1.2.840.113549.1.9.15.1", "Unknown"}, + {"1.2.840.113549.3.2", "RC2-CBC"}, + {"1.2.840.113549.3.4", "RC4"}, + {"1.2.840.113549.3.7", "DES-EDE3-CBC"}, + {"1.2.840.113549.3.9", "RC5-CBCPad"}, + {"1.2.840.10046", "ANSI X9.42"}, + {"1.2.840.10046.2.1", "Diffie-Hellman Public Key Algorithm"}, + {"1.2.840.10040", "ANSI X9.57"}, + {"1.2.840.10040.4.1", "ANSI X9.57 DSA Signature"}, + {"1.2.840.10040.4.3", "ANSI X9.57 Algorithm DSA Signature with SHA-1 Digest"}, + {"2.5", "Directory"}, + {"2.5.8", "X.500-defined algorithms"}, + {"2.5.8.1", "X.500-defined encryption algorithms"}, + {"2.5.8.2", "Unknown"}, + {"2.5.8.3", "Unknown"}, + {"2.5.8.1.1", "RSA Encryption Algorithm"}, + {"1.3.14", "Open Systems Implementors Workshop"}, + {"1.3.14.3.2", "OIW SECSIG Algorithm"}, + {"1.3.14.3.2.2", "Unknown"}, + {"1.3.14.3.2.3", "Unknown"}, + {"1.3.14.3.2.4", "Unknown"}, + {"1.3.14.3.2.6", "DES-ECB"}, + {"1.3.14.3.2.7", "DES-CBC"}, + {"1.3.14.3.2.8", "DES-OFB"}, + {"1.3.14.3.2.9", "DES-CFB"}, + {"1.3.14.3.2.10", "DES-MAC"}, + {"1.3.14.3.2.11", "Unknown"}, + {"1.3.14.3.2.12", "Unknown"}, + {"1.3.14.3.2.13", "Unknown"}, + {"1.3.14.3.2.14", "Unknown"}, + {"1.3.14.3.2.15", "ISO SHA with RSA Signature"}, + {"1.3.14.3.2.16", "Unknown"}, + {"1.3.14.3.2.17", "DES-EDE"}, + {"1.3.14.3.2.18", "Unknown"}, + {"1.3.14.3.2.19", "Unknown"}, + {"1.3.14.3.2.20", "Unknown"}, + {"1.3.14.3.2.21", "Unknown"}, + {"1.3.14.3.2.22", "Unknown"}, + {"1.3.14.3.2.23", "Unknown"}, + {"1.3.14.3.2.24", "Unknown"}, + {"1.3.14.3.2.25", "Unknown"}, + {"1.3.14.3.2.26", "SHA-1"}, + {"1.3.14.3.2.27", "Forgezza DSA Signature with SHA-1 Digest"}, + {"1.3.14.3.2.28", "Unknown"}, + {"1.3.14.3.2.29", "Unknown"}, + {"1.3.14.7.2", "Unknown"}, + {"1.3.14.7.2.1", "Unknown"}, + {"1.3.14.7.2.2", "Unknown"}, + {"1.3.14.7.2.3", "Unknown"}, + {"1.3.14.7.2.2.1", "Unknown"}, + {"1.3.14.7.2.3.1", "Unknown"}, + {"2.16.840.1.101.2.1", "US DOD Infosec"}, + {"2.16.840.1.101.2.1.1.1", "Unknown"}, + {"2.16.840.1.101.2.1.1.2", "MISSI DSS Algorithm (Old)"}, + {"2.16.840.1.101.2.1.1.3", "Unknown"}, + {"2.16.840.1.101.2.1.1.4", "Skipjack CBC64"}, + {"2.16.840.1.101.2.1.1.5", "Unknown"}, + {"2.16.840.1.101.2.1.1.6", "Unknown"}, + {"2.16.840.1.101.2.1.1.7", "Unknown"}, + {"2.16.840.1.101.2.1.1.8", "Unknown"}, + {"2.16.840.1.101.2.1.1.9", "Unknown"}, + {"2.16.840.1.101.2.1.1.10", "MISSI KEA Algorithm"}, + {"2.16.840.1.101.2.1.1.11", "Unknown"}, + {"2.16.840.1.101.2.1.1.12", "MISSI KEA and DSS Algorithm (Old)"}, + {"2.16.840.1.101.2.1.1.13", "Unknown"}, + {"2.16.840.1.101.2.1.1.14", "Unknown"}, + {"2.16.840.1.101.2.1.1.15", "Unknown"}, + {"2.16.840.1.101.2.1.1.16", "Unknown"}, + {"2.16.840.1.101.2.1.1.17", "Unknown"}, + {"2.16.840.1.101.2.1.1.18", "Unknown"}, + {"2.16.840.1.101.2.1.1.19", "MISSI DSS Algorithm"}, + {"2.16.840.1.101.2.1.1.20", "MISSI KEA and DSS Algorithm"}, + {"2.16.840.1.101.2.1.1.21", "Unknown"} +}; + +int nOID = 115; + +#endif diff --git a/xmlsecurity/source/xmlsec/mscrypt/securityenvironment_mscryptimpl.cxx b/xmlsecurity/source/xmlsec/mscrypt/securityenvironment_mscryptimpl.cxx new file mode 100644 index 000000000000..1b35d2b968bc --- /dev/null +++ b/xmlsecurity/source/xmlsec/mscrypt/securityenvironment_mscryptimpl.cxx @@ -0,0 +1,1285 @@ +/************************************************************************* + * + * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. + * + * Copyright 2008 by Sun Microsystems, Inc. + * + * OpenOffice.org - a multi-platform office productivity suite + * + * $RCSfile: securityenvironment_mscryptimpl.cxx,v $ + * $Revision: 1.18 $ + * + * This file is part of OpenOffice.org. + * + * OpenOffice.org is free software: you can redistribute it and/or modify + * it under the terms of the GNU Lesser General Public License version 3 + * only, as published by the Free Software Foundation. + * + * OpenOffice.org is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU Lesser General Public License version 3 for more details + * (a copy is included in the LICENSE file that accompanied this code). + * + * You should have received a copy of the GNU Lesser General Public License + * version 3 along with OpenOffice.org. If not, see + * <http://www.openoffice.org/license.html> + * for a copy of the LGPLv3 License. + * + ************************************************************************/ + +// MARKER(update_precomp.py): autogen include statement, do not remove +#include "precompiled_xmlsecurity.hxx" + +#ifdef _MSC_VER +#pragma warning(push,1) +#endif +#include "Windows.h" +#include "WinCrypt.h" +#ifdef _MSC_VER +#pragma warning(pop) +#endif +#include <sal/config.h> +#include "securityenvironment_mscryptimpl.hxx" + +#ifndef _X509CERTIFICATE_NSSIMPL_HXX_ +#include "x509certificate_mscryptimpl.hxx" +#endif +#include <rtl/uuid.h> + +#include <xmlsec/xmlsec.h> +#include <xmlsec/keysmngr.h> +#include <xmlsec/crypto.h> +#include <xmlsec/base64.h> + +#include <xmlsecurity/biginteger.hxx> + +#include "xmlsec/keysmngr.h" +#include "xmlsec/mscrypto/akmngr.h" + +//CP : added by CP +#include <rtl/locale.h> +#include <osl/nlsupport.h> +#include <osl/process.h> + +//CP : end + +using namespace ::com::sun::star::uno ; +using namespace ::com::sun::star::lang ; +using ::com::sun::star::lang::XMultiServiceFactory ; +using ::com::sun::star::lang::XSingleServiceFactory ; +using ::rtl::OUString ; + +using ::com::sun::star::xml::crypto::XSecurityEnvironment ; +using ::com::sun::star::security::XCertificate ; + +extern X509Certificate_MSCryptImpl* MswcryCertContextToXCert( PCCERT_CONTEXT cert ) ; + +SecurityEnvironment_MSCryptImpl :: SecurityEnvironment_MSCryptImpl( const Reference< XMultiServiceFactory >& aFactory ) : m_hProv( NULL ) , m_pszContainer( NULL ) , m_hKeyStore( NULL ), m_hCertStore( NULL ), m_tSymKeyList() , m_tPubKeyList() , m_tPriKeyList(), m_xServiceManager( aFactory ), m_bEnableDefault( sal_False ) { + +} + +SecurityEnvironment_MSCryptImpl :: ~SecurityEnvironment_MSCryptImpl() { + + if( m_hProv != NULL ) { + CryptReleaseContext( m_hProv, 0 ) ; + m_hProv = NULL ; + } + + if( m_pszContainer != NULL ) { + //TODO: Don't know whether or not it should be released now. + m_pszContainer = NULL ; + } + + if( m_hCertStore != NULL ) { + CertCloseStore( m_hCertStore, CERT_CLOSE_STORE_FORCE_FLAG ) ; + m_hCertStore = NULL ; + } + + if( m_hKeyStore != NULL ) { + CertCloseStore( m_hKeyStore, CERT_CLOSE_STORE_FORCE_FLAG ) ; + m_hKeyStore = NULL ; + } + + if( !m_tSymKeyList.empty() ) { + std::list< HCRYPTKEY >::iterator symKeyIt ; + + for( symKeyIt = m_tSymKeyList.begin() ; symKeyIt != m_tSymKeyList.end() ; symKeyIt ++ ) + CryptDestroyKey( *symKeyIt ) ; + } + + if( !m_tPubKeyList.empty() ) { + std::list< HCRYPTKEY >::iterator pubKeyIt ; + + for( pubKeyIt = m_tPubKeyList.begin() ; pubKeyIt != m_tPubKeyList.end() ; pubKeyIt ++ ) + CryptDestroyKey( *pubKeyIt ) ; + } + + if( !m_tPriKeyList.empty() ) { + std::list< HCRYPTKEY >::iterator priKeyIt ; + + for( priKeyIt = m_tPriKeyList.begin() ; priKeyIt != m_tPriKeyList.end() ; priKeyIt ++ ) + CryptDestroyKey( *priKeyIt ) ; + } + +} + +/* XInitialization */ +void SAL_CALL SecurityEnvironment_MSCryptImpl :: initialize( const Sequence< Any >& /*aArguments*/ ) throw( Exception, RuntimeException ) { + //TODO +} ; + +/* XServiceInfo */ +OUString SAL_CALL SecurityEnvironment_MSCryptImpl :: getImplementationName() throw( RuntimeException ) { + return impl_getImplementationName() ; +} + +/* XServiceInfo */ +sal_Bool SAL_CALL SecurityEnvironment_MSCryptImpl :: supportsService( const OUString& serviceName) throw( RuntimeException ) { + Sequence< OUString > seqServiceNames = getSupportedServiceNames() ; + const OUString* pArray = seqServiceNames.getConstArray() ; + for( sal_Int32 i = 0 ; i < seqServiceNames.getLength() ; i ++ ) { + if( *( pArray + i ) == serviceName ) + return sal_True ; + } + return sal_False ; +} + +/* XServiceInfo */ +Sequence< OUString > SAL_CALL SecurityEnvironment_MSCryptImpl :: getSupportedServiceNames() throw( RuntimeException ) { + return impl_getSupportedServiceNames() ; +} + +//Helper for XServiceInfo +Sequence< OUString > SecurityEnvironment_MSCryptImpl :: impl_getSupportedServiceNames() { + ::osl::Guard< ::osl::Mutex > aGuard( ::osl::Mutex::getGlobalMutex() ) ; + Sequence< OUString > seqServiceNames( 1 ) ; + seqServiceNames.getArray()[0] = OUString::createFromAscii( "com.sun.star.xml.crypto.SecurityEnvironment" ) ; + return seqServiceNames ; +} + +OUString SecurityEnvironment_MSCryptImpl :: impl_getImplementationName() throw( RuntimeException ) { + return OUString::createFromAscii( "com.sun.star.xml.security.bridge.xmlsec.SecurityEnvironment_MSCryptImpl" ) ; +} + +//Helper for registry +Reference< XInterface > SAL_CALL SecurityEnvironment_MSCryptImpl :: impl_createInstance( const Reference< XMultiServiceFactory >& aServiceManager ) throw( RuntimeException ) { + return Reference< XInterface >( *new SecurityEnvironment_MSCryptImpl( aServiceManager ) ) ; +} + +Reference< XSingleServiceFactory > SecurityEnvironment_MSCryptImpl :: impl_createFactory( const Reference< XMultiServiceFactory >& aServiceManager ) { + return ::cppu::createSingleFactory( aServiceManager , impl_getImplementationName() , impl_createInstance , impl_getSupportedServiceNames() ) ; +} + +/* XUnoTunnel */ +sal_Int64 SAL_CALL SecurityEnvironment_MSCryptImpl :: getSomething( const Sequence< sal_Int8 >& aIdentifier ) + throw( RuntimeException ) +{ + if( aIdentifier.getLength() == 16 && 0 == rtl_compareMemory( getUnoTunnelId().getConstArray(), aIdentifier.getConstArray(), 16 ) ) { + return ( sal_Int64 )this ; + } + return 0 ; +} + +/* XUnoTunnel extension */ +const Sequence< sal_Int8>& SecurityEnvironment_MSCryptImpl :: getUnoTunnelId() { + static Sequence< sal_Int8 >* pSeq = 0 ; + if( !pSeq ) { + ::osl::Guard< ::osl::Mutex > aGuard( ::osl::Mutex::getGlobalMutex() ) ; + if( !pSeq ) { + static Sequence< sal_Int8> aSeq( 16 ) ; + rtl_createUuid( ( sal_uInt8* )aSeq.getArray() , 0 , sal_True ) ; + pSeq = &aSeq ; + } + } + return *pSeq ; +} + +/* XUnoTunnel extension */ +SecurityEnvironment_MSCryptImpl* SecurityEnvironment_MSCryptImpl :: getImplementation( const Reference< XInterface > xObj ) { + Reference< XUnoTunnel > xUT( xObj , UNO_QUERY ) ; + if( xUT.is() ) { + return ( SecurityEnvironment_MSCryptImpl* )xUT->getSomething( getUnoTunnelId() ) ; + } else + return NULL ; +} + +/* Native methods */ +HCRYPTPROV SecurityEnvironment_MSCryptImpl :: getCryptoProvider() throw( ::com::sun::star::uno::Exception , ::com::sun::star::uno::RuntimeException ) { + return m_hProv ; +} + +void SecurityEnvironment_MSCryptImpl :: setCryptoProvider( HCRYPTPROV aProv ) throw( ::com::sun::star::uno::Exception , ::com::sun::star::uno::RuntimeException ) { + if( m_hProv != NULL ) { + CryptReleaseContext( m_hProv, 0 ) ; + m_hProv = NULL ; + } + + if( aProv != NULL ) { + /*- Replaced by direct adopt for WINNT support ---- + if( !CryptContextAddRef( aProv, NULL, NULL ) ) + throw Exception() ; + else + m_hProv = aProv ; + ----*/ + m_hProv = aProv ; + } +} + +LPCTSTR SecurityEnvironment_MSCryptImpl :: getKeyContainer() throw( ::com::sun::star::uno::Exception , ::com::sun::star::uno::RuntimeException ) { + return m_pszContainer ; +} + +void SecurityEnvironment_MSCryptImpl :: setKeyContainer( LPCTSTR aKeyContainer ) throw( ::com::sun::star::uno::Exception , ::com::sun::star::uno::RuntimeException ) { + //TODO: Don't know whether or not it should be copied. + m_pszContainer = aKeyContainer ; +} + + +HCERTSTORE SecurityEnvironment_MSCryptImpl :: getCryptoSlot() throw( Exception , RuntimeException ) { + return m_hKeyStore ; +} + +void SecurityEnvironment_MSCryptImpl :: setCryptoSlot( HCERTSTORE aSlot) throw( Exception , RuntimeException ) { + if( m_hKeyStore != NULL ) { + CertCloseStore( m_hKeyStore, CERT_CLOSE_STORE_FORCE_FLAG ) ; + m_hKeyStore = NULL ; + } + + if( aSlot != NULL ) { + m_hKeyStore = CertDuplicateStore( aSlot ) ; + } +} + +HCERTSTORE SecurityEnvironment_MSCryptImpl :: getCertDb() throw( Exception , RuntimeException ) { + return m_hCertStore ; +} + +void SecurityEnvironment_MSCryptImpl :: setCertDb( HCERTSTORE aCertDb ) throw( Exception , RuntimeException ) { + if( m_hCertStore != NULL ) { + CertCloseStore( m_hCertStore, CERT_CLOSE_STORE_FORCE_FLAG ) ; + m_hCertStore = NULL ; + } + + if( aCertDb != NULL ) { + m_hCertStore = CertDuplicateStore( aCertDb ) ; + } +} + +void SecurityEnvironment_MSCryptImpl :: adoptSymKey( HCRYPTKEY aSymKey ) throw( Exception , RuntimeException ) { + HCRYPTKEY symkey ; + std::list< HCRYPTKEY >::iterator keyIt ; + + if( aSymKey != NULL ) { + //First try to find the key in the list + for( keyIt = m_tSymKeyList.begin() ; keyIt != m_tSymKeyList.end() ; keyIt ++ ) { + if( *keyIt == aSymKey ) + return ; + } + + //If we do not find the key in the list, add a new node + /*- Replaced with directly adopt for WINNT 4.0 support ---- + if( !CryptDuplicateKey( aSymKey, NULL, 0, &symkey ) ) + throw RuntimeException() ; + ----*/ + symkey = aSymKey ; + + try { + m_tSymKeyList.push_back( symkey ) ; + } catch ( Exception& ) { + CryptDestroyKey( symkey ) ; + } + } +} + +void SecurityEnvironment_MSCryptImpl :: rejectSymKey( HCRYPTKEY aSymKey ) throw( Exception , RuntimeException ) { + HCRYPTKEY symkey ; + std::list< HCRYPTKEY >::iterator keyIt ; + + if( aSymKey != NULL ) { + for( keyIt = m_tSymKeyList.begin() ; keyIt != m_tSymKeyList.end() ; keyIt ++ ) { + if( *keyIt == aSymKey ) { + symkey = *keyIt ; + CryptDestroyKey( symkey ) ; + m_tSymKeyList.erase( keyIt ) ; + break ; + } + } + } +} + +HCRYPTKEY SecurityEnvironment_MSCryptImpl :: getSymKey( unsigned int position ) throw( Exception , RuntimeException ) { + HCRYPTKEY symkey ; + std::list< HCRYPTKEY >::iterator keyIt ; + unsigned int pos ; + + symkey = NULL ; + for( pos = 0, keyIt = m_tSymKeyList.begin() ; pos < position && keyIt != m_tSymKeyList.end() ; pos ++ , keyIt ++ ) ; + + if( pos == position && keyIt != m_tSymKeyList.end() ) + symkey = *keyIt ; + + return symkey ; +} + +void SecurityEnvironment_MSCryptImpl :: adoptPubKey( HCRYPTKEY aPubKey ) throw( Exception , RuntimeException ) { + HCRYPTKEY pubkey ; + std::list< HCRYPTKEY >::iterator keyIt ; + + if( aPubKey != NULL ) { + //First try to find the key in the list + for( keyIt = m_tPubKeyList.begin() ; keyIt != m_tPubKeyList.end() ; keyIt ++ ) { + if( *keyIt == aPubKey ) + return ; + } + + //If we do not find the key in the list, add a new node + /*- Replaced with directly adopt for WINNT 4.0 support ---- + if( !CryptDuplicateKey( aPubKey, NULL, 0, &pubkey ) ) + throw RuntimeException() ; + ----*/ + pubkey = aPubKey ; + + try { + m_tPubKeyList.push_back( pubkey ) ; + } catch ( Exception& ) { + CryptDestroyKey( pubkey ) ; + } + } +} + +void SecurityEnvironment_MSCryptImpl :: rejectPubKey( HCRYPTKEY aPubKey ) throw( Exception , RuntimeException ) { + HCRYPTKEY pubkey ; + std::list< HCRYPTKEY >::iterator keyIt ; + + if( aPubKey != NULL ) { + for( keyIt = m_tPubKeyList.begin() ; keyIt != m_tPubKeyList.end() ; keyIt ++ ) { + if( *keyIt == aPubKey ) { + pubkey = *keyIt ; + CryptDestroyKey( pubkey ) ; + m_tPubKeyList.erase( keyIt ) ; + break ; + } + } + } +} + +HCRYPTKEY SecurityEnvironment_MSCryptImpl :: getPubKey( unsigned int position ) throw( Exception , RuntimeException ) { + HCRYPTKEY pubkey ; + std::list< HCRYPTKEY >::iterator keyIt ; + unsigned int pos ; + + pubkey = NULL ; + for( pos = 0, keyIt = m_tPubKeyList.begin() ; pos < position && keyIt != m_tPubKeyList.end() ; pos ++ , keyIt ++ ) ; + + if( pos == position && keyIt != m_tPubKeyList.end() ) + pubkey = *keyIt ; + + return pubkey ; +} + +void SecurityEnvironment_MSCryptImpl :: adoptPriKey( HCRYPTKEY aPriKey ) throw( Exception , RuntimeException ) { + HCRYPTKEY prikey ; + std::list< HCRYPTKEY >::iterator keyIt ; + + if( aPriKey != NULL ) { + //First try to find the key in the list + for( keyIt = m_tPriKeyList.begin() ; keyIt != m_tPriKeyList.end() ; keyIt ++ ) { + if( *keyIt == aPriKey ) + return ; + } + + //If we do not find the key in the list, add a new node + /*- Replaced with directly adopt for WINNT 4.0 support ---- + if( !CryptDuplicateKey( aPriKey, NULL, 0, &prikey ) ) + throw RuntimeException() ; + ----*/ + prikey = aPriKey ; + + try { + m_tPriKeyList.push_back( prikey ) ; + } catch ( Exception& ) { + CryptDestroyKey( prikey ) ; + } + } +} + +void SecurityEnvironment_MSCryptImpl :: rejectPriKey( HCRYPTKEY aPriKey ) throw( Exception , RuntimeException ) { + HCRYPTKEY prikey ; + std::list< HCRYPTKEY >::iterator keyIt ; + + if( aPriKey != NULL ) { + for( keyIt = m_tPriKeyList.begin() ; keyIt != m_tPriKeyList.end() ; keyIt ++ ) { + if( *keyIt == aPriKey ) { + prikey = *keyIt ; + CryptDestroyKey( prikey ) ; + m_tPriKeyList.erase( keyIt ) ; + break ; + } + } + } +} + +HCRYPTKEY SecurityEnvironment_MSCryptImpl :: getPriKey( unsigned int position ) throw( Exception , RuntimeException ) { + HCRYPTKEY prikey ; + std::list< HCRYPTKEY >::iterator keyIt ; + unsigned int pos ; + + prikey = NULL ; + for( pos = 0, keyIt = m_tPriKeyList.begin() ; pos < position && keyIt != m_tPriKeyList.end() ; pos ++ , keyIt ++ ) ; + + if( pos == position && keyIt != m_tPriKeyList.end() ) + prikey = *keyIt ; + + return prikey ; +} + +//Methods from XSecurityEnvironment +Sequence< Reference < XCertificate > > SecurityEnvironment_MSCryptImpl :: getPersonalCertificates() throw( SecurityException , RuntimeException ) +{ + sal_Int32 length ; + X509Certificate_MSCryptImpl* xcert ; + std::list< X509Certificate_MSCryptImpl* > certsList ; + PCCERT_CONTEXT pCertContext = NULL; + + //firstly, we try to find private keys in given key store. + if( m_hKeyStore != NULL ) { + pCertContext = CertEnumCertificatesInStore( m_hKeyStore, pCertContext ); + while (pCertContext) + { + xcert = MswcryCertContextToXCert( pCertContext ) ; + if( xcert != NULL ) + certsList.push_back( xcert ) ; + pCertContext = CertEnumCertificatesInStore( m_hKeyStore, pCertContext ); + } + } + + //secondly, we try to find certificate from registered private keys. + if( !m_tPriKeyList.empty() ) { + //TODO: Don't know whether or not it is necessary ans possible. + } + + //Thirdly, we try to find certificate from system default key store. + if( m_bEnableDefault ) { + HCERTSTORE hSystemKeyStore ; + DWORD dwKeySpec; + HCRYPTPROV hCryptProv; + + /* + hSystemKeyStore = CertOpenStore( + CERT_STORE_PROV_SYSTEM , + 0 , + NULL , + CERT_SYSTEM_STORE_CURRENT_USER | CERT_STORE_READONLY_FLAG | CERT_STORE_OPEN_EXISTING_FLAG , + L"MY" + ) ; + */ + hSystemKeyStore = CertOpenSystemStore( 0, "MY" ) ; + if( hSystemKeyStore != NULL ) { + pCertContext = CertEnumCertificatesInStore( hSystemKeyStore, pCertContext ); + while (pCertContext) + { + // Add By CP for checking whether the certificate is a personal certificate or not. + if(!(CryptAcquireCertificatePrivateKey(pCertContext, + CRYPT_ACQUIRE_COMPARE_KEY_FLAG, + NULL, + &hCryptProv, + &dwKeySpec, + NULL))) + { + // Not Privatekey found. SKIP this one; By CP + pCertContext = CertEnumCertificatesInStore( hSystemKeyStore, pCertContext ); + continue; + } + // then TODO : Check the personal cert is valid or not. + + // end CP + xcert = MswcryCertContextToXCert( pCertContext ) ; + if( xcert != NULL ) + certsList.push_back( xcert ) ; + pCertContext = CertEnumCertificatesInStore( hSystemKeyStore, pCertContext ); + } + } + + CertCloseStore( hSystemKeyStore, CERT_CLOSE_STORE_CHECK_FLAG ) ; + } + + length = certsList.size() ; + if( length != 0 ) { + int i ; + std::list< X509Certificate_MSCryptImpl* >::iterator xcertIt ; + Sequence< Reference< XCertificate > > certSeq( length ) ; + + for( i = 0, xcertIt = certsList.begin(); xcertIt != certsList.end(); xcertIt ++, i++ ) { + certSeq[i] = *xcertIt ; + } + + return certSeq ; + } + + return Sequence< Reference< XCertificate > >() ; +} + + +Reference< XCertificate > SecurityEnvironment_MSCryptImpl :: getCertificate( const OUString& issuerName, const Sequence< sal_Int8 >& serialNumber ) throw( SecurityException , RuntimeException ) { + unsigned int i ; +// sal_Int8 found = 0 ; + LPSTR pszName ; + X509Certificate_MSCryptImpl *xcert = NULL ; + PCCERT_CONTEXT pCertContext = NULL ; + HCERTSTORE hCertStore = NULL ; + CRYPT_INTEGER_BLOB cryptSerialNumber ; + CERT_INFO certInfo ; + + // By CP , for correct encoding + sal_uInt16 encoding ; + rtl_Locale *pLocale = NULL ; + osl_getProcessLocale( &pLocale ) ; + encoding = osl_getTextEncodingFromLocale( pLocale ) ; + // CP end + + //Create cert info from issue and serial + rtl::OString oissuer = rtl::OUStringToOString( issuerName , encoding ) ; + pszName = ( char* )oissuer.getStr() ; + + if( ! ( CertStrToName( + X509_ASN_ENCODING | PKCS_7_ASN_ENCODING , + pszName , + CERT_X500_NAME_STR | CERT_NAME_STR_REVERSE_FLAG | CERT_NAME_STR_ENABLE_UTF8_UNICODE_FLAG, + NULL , + NULL , + &certInfo.Issuer.cbData, NULL ) ) + ) { + return NULL ; + } + + certInfo.Issuer.pbData = ( BYTE* )malloc( certInfo.Issuer.cbData ); + if(!certInfo.Issuer.pbData) + throw RuntimeException() ; + + if( ! ( CertStrToName( + X509_ASN_ENCODING | PKCS_7_ASN_ENCODING , + pszName , + CERT_X500_NAME_STR | CERT_NAME_STR_REVERSE_FLAG | CERT_NAME_STR_ENABLE_UTF8_UNICODE_FLAG, + NULL , + ( BYTE* )certInfo.Issuer.pbData , + &certInfo.Issuer.cbData, NULL ) ) + ) { + free( certInfo.Issuer.pbData ) ; + return NULL ; + } + + //Get the SerialNumber + cryptSerialNumber.cbData = serialNumber.getLength() ; + cryptSerialNumber.pbData = ( BYTE* )malloc( cryptSerialNumber.cbData); + if (!cryptSerialNumber.pbData) + { + free( certInfo.Issuer.pbData ) ; + throw RuntimeException() ; + } + for( i = 0; i < cryptSerialNumber.cbData; i ++ ) + cryptSerialNumber.pbData[i] = serialNumber[ cryptSerialNumber.cbData - i - 1 ] ; + + certInfo.SerialNumber.cbData = cryptSerialNumber.cbData ; + certInfo.SerialNumber.pbData = cryptSerialNumber.pbData ; + + // Get the Cert from all store. + for( i = 0 ; i < 6 ; i ++ ) + { + switch(i) + { + case 0: + if(m_hKeyStore == NULL) continue ; + hCertStore = m_hKeyStore ; + break; + case 1: + if(m_hCertStore == NULL) continue ; + hCertStore = m_hCertStore ; + break; + case 2: + hCertStore = CertOpenSystemStore( 0, "MY" ) ; + if(hCertStore == NULL || !m_bEnableDefault) continue ; + break; + case 3: + hCertStore = CertOpenSystemStore( 0, "Root" ) ; + if(hCertStore == NULL || !m_bEnableDefault) continue ; + break; + case 4: + hCertStore = CertOpenSystemStore( 0, "Trust" ) ; + if(hCertStore == NULL || !m_bEnableDefault) continue ; + break; + case 5: + hCertStore = CertOpenSystemStore( 0, "CA" ) ; + if(hCertStore == NULL || !m_bEnableDefault) continue ; + break; + default: + i=6; + continue; + } + +/******************************************************************************* + * This code reserved for remind us there are another way to find one cert by + * IssuerName&serialnumber. You can use the code to replaced the function + * CertFindCertificateInStore IF and ONLY IF you must find one special cert in + * certStore but can not be found by CertFindCertificateInStore , then , you + * should also change the same part in libxmlsec/.../src/mscrypto/x509vfy.c#875. + * By Chandler Peng(chandler.peng@sun.com) + *****/ +/******************************************************************************* + pCertContext = NULL ; + found = 0; + do{ + // 1. enum the certs has same string in the issuer string. + pCertContext = CertEnumCertificatesInStore( hCertStore , pCertContext ) ; + if( pCertContext != NULL ) + { + // 2. check the cert's issuer name . + char* issuer = NULL ; + DWORD cbIssuer = 0 ; + + cbIssuer = CertNameToStr( + X509_ASN_ENCODING | PKCS_7_ASN_ENCODING , + &( pCertContext->pCertInfo->Issuer ), + CERT_X500_NAME_STR | CERT_NAME_STR_REVERSE_FLAG , + NULL, 0 + ) ; + + if( cbIssuer == 0 ) continue ; // discard this cert; + + issuer = (char *)malloc( cbIssuer ) ; + if( issuer == NULL ) // discard this cert; + { + free( cryptSerialNumber.pbData) ; + free( certInfo.Issuer.pbData ) ; + CertFreeCertificateContext( pCertContext ) ; + if(i != 0 && i != 1) CertCloseStore( hCertStore, CERT_CLOSE_STORE_CHECK_FLAG ) ; + throw RuntimeException() ; + } + + cbIssuer = CertNameToStr( + X509_ASN_ENCODING | PKCS_7_ASN_ENCODING , + &( pCertContext->pCertInfo->Issuer ), + CERT_X500_NAME_STR | CERT_NAME_STR_REVERSE_FLAG , + issuer, cbIssuer + ) ; + + if( cbIssuer <= 0 ) + { + free( issuer ) ; + continue ;// discard this cert; + } + + if(strncmp(pszName , issuer , cbIssuer) != 0) + { + free( issuer ) ; + continue ;// discard this cert; + } + free( issuer ) ; + + // 3. check the serial number. + if( memcmp( cryptSerialNumber.pbData , pCertContext->pCertInfo->SerialNumber.pbData , cryptSerialNumber.cbData ) != 0 ) + { + continue ;// discard this cert; + } + + // 4. confirm and break; + found = 1; + break ; + } + + }while(pCertContext); + + if(i != 0 && i != 1) CertCloseStore( hCertStore, CERT_CLOSE_STORE_CHECK_FLAG ) ; + if( found != 0 ) break; // Found the certificate. +********************************************************************************/ + + pCertContext = CertFindCertificateInStore( + hCertStore, + X509_ASN_ENCODING | PKCS_7_ASN_ENCODING, + 0, + CERT_FIND_SUBJECT_CERT, + &certInfo, + NULL + ) ; + + if(i != 0 && i != 1) CertCloseStore( hCertStore, CERT_CLOSE_STORE_CHECK_FLAG ) ; + if( pCertContext != NULL ) break ; // Found the certificate. + + } + + if( cryptSerialNumber.pbData ) free( cryptSerialNumber.pbData ) ; + if( certInfo.Issuer.pbData ) free( certInfo.Issuer.pbData ) ; + + if( pCertContext != NULL ) { + xcert = MswcryCertContextToXCert( pCertContext ) ; + if( pCertContext ) CertFreeCertificateContext( pCertContext ) ; + } else { + xcert = NULL ; + } + + return xcert ; +} + +Reference< XCertificate > SecurityEnvironment_MSCryptImpl :: getCertificate( const OUString& issuerName, const OUString& serialNumber ) throw( SecurityException , RuntimeException ) { + Sequence< sal_Int8 > serial = numericStringToBigInteger( serialNumber ) ; + return getCertificate( issuerName, serial ) ; +} + +Sequence< Reference < XCertificate > > SecurityEnvironment_MSCryptImpl :: buildCertificatePath( const Reference< XCertificate >& begin ) throw( SecurityException , RuntimeException ) { + PCCERT_CHAIN_CONTEXT pChainContext ; + PCCERT_CONTEXT pCertContext ; + const X509Certificate_MSCryptImpl* xcert ; + + CERT_ENHKEY_USAGE enhKeyUsage ; + CERT_USAGE_MATCH certUsage ; + CERT_CHAIN_PARA chainPara ; + + enhKeyUsage.cUsageIdentifier = 0 ; + enhKeyUsage.rgpszUsageIdentifier = NULL ; + certUsage.dwType = USAGE_MATCH_TYPE_AND ; + certUsage.Usage = enhKeyUsage ; + chainPara.cbSize = sizeof( CERT_CHAIN_PARA ) ; + chainPara.RequestedUsage = certUsage ; + + Reference< XUnoTunnel > xCertTunnel( begin, UNO_QUERY ) ; + if( !xCertTunnel.is() ) { + throw RuntimeException() ; + } + + xcert = ( X509Certificate_MSCryptImpl* )xCertTunnel->getSomething( X509Certificate_MSCryptImpl::getUnoTunnelId() ) ; + if( xcert == NULL ) { + throw RuntimeException() ; + } + + pCertContext = xcert->getMswcryCert() ; + + pChainContext = NULL ; + + BOOL bChain = FALSE; + if( pCertContext != NULL ) + { + HCERTSTORE hAdditionalStore = NULL; + HCERTSTORE hCollectionStore = NULL; + if (m_hCertStore && m_hKeyStore) + { + //Merge m_hCertStore and m_hKeyStore into one store. + hCollectionStore = CertOpenStore( + CERT_STORE_PROV_COLLECTION , + 0 , + NULL , + 0 , + NULL + ) ; + if (hCollectionStore != NULL) + { + CertAddStoreToCollection ( + hCollectionStore , + m_hCertStore , + CERT_PHYSICAL_STORE_ADD_ENABLE_FLAG , + 0) ; + CertAddStoreToCollection ( + hCollectionStore , + m_hCertStore , + CERT_PHYSICAL_STORE_ADD_ENABLE_FLAG , + 0) ; + hAdditionalStore = hCollectionStore; + } + + } + + //if the merge of both stores failed then we add only m_hCertStore + if (hAdditionalStore == NULL && m_hCertStore) + hAdditionalStore = m_hCertStore; + else if (hAdditionalStore == NULL && m_hKeyStore) + hAdditionalStore = m_hKeyStore; + else + hAdditionalStore = NULL; + + //CertGetCertificateChain searches by default in MY, CA, ROOT and TRUST + bChain = CertGetCertificateChain( + NULL , + pCertContext , + NULL , //use current system time + hAdditionalStore, + &chainPara , + CERT_CHAIN_REVOCATION_CHECK_CHAIN | CERT_CHAIN_TIMESTAMP_TIME , + NULL , + &pChainContext); + if (!bChain) + pChainContext = NULL; + + //Close the additional store + CertCloseStore(hCollectionStore, CERT_CLOSE_STORE_CHECK_FLAG); + } + + if(bChain && pChainContext != NULL && pChainContext->cChain > 0 ) + { + PCCERT_CONTEXT pCertInChain ; + PCERT_SIMPLE_CHAIN pCertChain ; + X509Certificate_MSCryptImpl* pCert ; + + pCertChain = pChainContext->rgpChain[0] ; + if( pCertChain->cElement ) { + Sequence< Reference< XCertificate > > xCertChain( pCertChain->cElement ) ; + + for( unsigned int i = 0 ; i < pCertChain->cElement ; i ++ ) { + if( pCertChain->rgpElement[i] ) + pCertInChain = pCertChain->rgpElement[i]->pCertContext ; + else + pCertInChain = NULL ; + + if( pCertInChain != NULL ) { + pCert = MswcryCertContextToXCert( pCertInChain ) ; + if( pCert != NULL ) + xCertChain[i] = pCert ; + } + } + + CertFreeCertificateChain( pChainContext ) ; + pChainContext = NULL ; + + return xCertChain ; + } + } + if (pChainContext) + CertFreeCertificateChain(pChainContext); + + return NULL ; +} + +Reference< XCertificate > SecurityEnvironment_MSCryptImpl :: createCertificateFromRaw( const Sequence< sal_Int8 >& rawCertificate ) throw( SecurityException , RuntimeException ) { + X509Certificate_MSCryptImpl* xcert ; + + if( rawCertificate.getLength() > 0 ) { + xcert = new X509Certificate_MSCryptImpl() ; + if( xcert == NULL ) + throw RuntimeException() ; + + xcert->setRawCert( rawCertificate ) ; + } else { + xcert = NULL ; + } + + return xcert ; +} + +Reference< XCertificate > SecurityEnvironment_MSCryptImpl :: createCertificateFromAscii( const OUString& asciiCertificate ) throw( SecurityException , RuntimeException ) { + xmlChar* chCert ; + xmlSecSize certSize ; + + rtl::OString oscert = rtl::OUStringToOString( asciiCertificate , RTL_TEXTENCODING_ASCII_US ) ; + + chCert = xmlStrndup( ( const xmlChar* )oscert.getStr(), ( int )oscert.getLength() ) ; + + certSize = xmlSecBase64Decode( chCert, ( xmlSecByte* )chCert, xmlStrlen( chCert ) ) ; + + Sequence< sal_Int8 > rawCert( certSize ) ; + for( unsigned int i = 0 ; i < certSize ; i ++ ) + rawCert[i] = *( chCert + i ) ; + + xmlFree( chCert ) ; + + return createCertificateFromRaw( rawCert ) ; +} + + +HCERTSTORE getCertStoreForIntermediatCerts( + const Sequence< Reference< ::com::sun::star::security::XCertificate > >& seqCerts) +{ + HCERTSTORE store = NULL; + store = CertOpenStore( + CERT_STORE_PROV_MEMORY, 0, NULL, 0, NULL); + if (store == NULL) + return NULL; + + for (int i = 0; i < seqCerts.getLength(); i++) + { + Sequence<sal_Int8> data = seqCerts[i]->getEncoded(); + PCCERT_CONTEXT cert = CertCreateCertificateContext( + X509_ASN_ENCODING, ( const BYTE* )&data[0], data.getLength()); + //Adding the certificate creates a copy and not just increases the ref count + //Therefore we free later the certificate that we now add + CertAddCertificateContextToStore(store, cert, CERT_STORE_ADD_ALWAYS, NULL); + CertFreeCertificateContext(cert); + } + return store; +} +sal_Int32 SecurityEnvironment_MSCryptImpl :: verifyCertificate( + const Reference< ::com::sun::star::security::XCertificate >& aCert, + const Sequence< Reference< ::com::sun::star::security::XCertificate > >& seqCerts) + throw( ::com::sun::star::uno::SecurityException, ::com::sun::star::uno::RuntimeException ) +{ + sal_Int32 validity = 0; + PCCERT_CHAIN_CONTEXT pChainContext = NULL; + PCCERT_CONTEXT pCertContext = NULL; + const X509Certificate_MSCryptImpl* xcert = NULL; + DWORD chainStatus ; + + CERT_ENHKEY_USAGE enhKeyUsage ; + CERT_USAGE_MATCH certUsage ; + CERT_CHAIN_PARA chainPara ; + + Reference< XUnoTunnel > xCertTunnel( aCert, UNO_QUERY ) ; + if( !xCertTunnel.is() ) { + throw RuntimeException() ; + } + + xcert = ( X509Certificate_MSCryptImpl* )xCertTunnel->getSomething( X509Certificate_MSCryptImpl::getUnoTunnelId() ) ; + if( xcert == NULL ) { + throw RuntimeException() ; + } + + pCertContext = xcert->getMswcryCert() ; + + //Prepare parameter for CertGetCertificateChain + enhKeyUsage.cUsageIdentifier = 0 ; + enhKeyUsage.rgpszUsageIdentifier = NULL ; + certUsage.dwType = USAGE_MATCH_TYPE_AND ; + certUsage.Usage = enhKeyUsage ; + chainPara.cbSize = sizeof( CERT_CHAIN_PARA ) ; + chainPara.RequestedUsage = certUsage ; + + + HCERTSTORE hCollectionStore = NULL; + HCERTSTORE hIntermediateCertsStore = NULL; + BOOL bChain = FALSE; + if( pCertContext != NULL ) + { + hIntermediateCertsStore = + getCertStoreForIntermediatCerts(seqCerts); + + //Merge m_hCertStore and m_hKeyStore and the store of the intermediate + //certificates into one store. + hCollectionStore = CertOpenStore( + CERT_STORE_PROV_COLLECTION , + 0 , + NULL , + 0 , + NULL + ) ; + if (hCollectionStore != NULL) + { + CertAddStoreToCollection ( + hCollectionStore , + m_hCertStore , + CERT_PHYSICAL_STORE_ADD_ENABLE_FLAG , + 0) ; + CertAddStoreToCollection ( + hCollectionStore , + m_hCertStore , + CERT_PHYSICAL_STORE_ADD_ENABLE_FLAG , + 0) ; + CertAddStoreToCollection ( + hCollectionStore, + hIntermediateCertsStore, + CERT_PHYSICAL_STORE_ADD_ENABLE_FLAG, + 0); + + } + + //CertGetCertificateChain searches by default in MY, CA, ROOT and TRUST + bChain = CertGetCertificateChain( + NULL , + pCertContext , + NULL , //use current system time + hCollectionStore, + &chainPara , + CERT_CHAIN_REVOCATION_CHECK_CHAIN | CERT_CHAIN_TIMESTAMP_TIME , + NULL , + &pChainContext); + + if (!bChain) + pChainContext = NULL; + + } + + if(bChain && pChainContext != NULL ) + { + chainStatus = pChainContext->TrustStatus.dwErrorStatus ; + + // JL & TKR: Until we have a test suite to test all error types we just say that the cert is + // valid or invalid with no further separation. + // Error CERT_TRUST_IS_OFFLINE_REVOCATION and CERT_TRUST_REVOCATION_STATUS_UNKNOWN are treated separate + // because they are ignored ( Bad! ) in the currently situation + + if( chainStatus == CERT_TRUST_NO_ERROR ) + { + validity = ::com::sun::star::security::CertificateValidity::VALID ; + } + + if ( ( chainStatus & CERT_TRUST_IS_OFFLINE_REVOCATION ) == CERT_TRUST_IS_OFFLINE_REVOCATION ) { + validity |= ::com::sun::star::security::CertificateValidity::UNKNOWN_REVOKATION ; + } + + if ( ( chainStatus & CERT_TRUST_REVOCATION_STATUS_UNKNOWN ) == CERT_TRUST_REVOCATION_STATUS_UNKNOWN ) { + validity |= ::com::sun::star::security::CertificateValidity::UNKNOWN_REVOKATION ; + } + + if (chainStatus & CERT_TRUST_IS_NOT_VALID_FOR_USAGE + || chainStatus & CERT_TRUST_IS_CYCLIC + || chainStatus & CERT_TRUST_INVALID_POLICY_CONSTRAINTS + || chainStatus & CERT_TRUST_INVALID_BASIC_CONSTRAINTS + || chainStatus & CERT_TRUST_INVALID_NAME_CONSTRAINTS + || chainStatus & CERT_TRUST_HAS_NOT_SUPPORTED_NAME_CONSTRAINT + || chainStatus & CERT_TRUST_HAS_NOT_DEFINED_NAME_CONSTRAINT + || chainStatus & CERT_TRUST_HAS_NOT_PERMITTED_NAME_CONSTRAINT + || chainStatus & CERT_TRUST_HAS_EXCLUDED_NAME_CONSTRAINT + || chainStatus & CERT_TRUST_NO_ISSUANCE_CHAIN_POLICY + || chainStatus & CERT_TRUST_CTL_IS_NOT_TIME_VALID + || chainStatus & CERT_TRUST_CTL_IS_NOT_SIGNATURE_VALID + || chainStatus & CERT_TRUST_CTL_IS_NOT_VALID_FOR_USAGE + || chainStatus & CERT_TRUST_IS_NOT_TIME_VALID + || chainStatus & CERT_TRUST_IS_NOT_TIME_NESTED + || chainStatus & CERT_TRUST_IS_REVOKED + || chainStatus & CERT_TRUST_IS_NOT_SIGNATURE_VALID + || chainStatus & CERT_TRUST_IS_UNTRUSTED_ROOT + || chainStatus & CERT_TRUST_INVALID_EXTENSION + || chainStatus & CERT_TRUST_IS_PARTIAL_CHAIN ) + { + validity = ::com::sun::star::security::CertificateValidity::INVALID; + } +/* + + if( ( chainStatus & CERT_TRUST_IS_NOT_TIME_VALID ) == CERT_TRUST_IS_NOT_TIME_VALID ) { + validity |= ::com::sun::star::security::CertificateValidity::TIME_INVALID ; + } + + if( ( chainStatus & CERT_TRUST_IS_NOT_TIME_NESTED ) == CERT_TRUST_IS_NOT_TIME_NESTED ) { + validity |= ::com::sun::star::security::CertificateValidity::NOT_TIME_NESTED; + } + + if( ( chainStatus & CERT_TRUST_IS_REVOKED ) == CERT_TRUST_IS_REVOKED ) { + validity |= ::com::sun::star::security::CertificateValidity::REVOKED ; + } + + //JL My interpretation is that CERT_TRUST_IS_OFFLINE_REVOCATION does not mean that the certificate was revoked. + //Instead the CRL cannot be retrieved from the net, or an available CRL is stale (too old). + //This error may also occurs if the certificate does not contain the CDP (Certificate Distribution Point)extension + if( ( chainStatus & CERT_TRUST_IS_OFFLINE_REVOCATION ) == CERT_TRUST_IS_OFFLINE_REVOCATION ) { + validity |= ::com::sun::star::security::CertificateValidity::UNKNOWN_REVOKATION ; + } + + if( ( chainStatus & CERT_TRUST_IS_NOT_SIGNATURE_VALID ) == CERT_TRUST_IS_NOT_SIGNATURE_VALID ) { + validity |= ::com::sun::star::security::CertificateValidity::SIGNATURE_INVALID ; + } + + if( ( chainStatus & CERT_TRUST_IS_UNTRUSTED_ROOT ) == CERT_TRUST_IS_UNTRUSTED_ROOT ) { + validity |= ::com::sun::star::security::CertificateValidity::ROOT_UNTRUSTED ; + } + + if( ( chainStatus & CERT_TRUST_REVOCATION_STATUS_UNKNOWN ) == CERT_TRUST_REVOCATION_STATUS_UNKNOWN ) { + validity |= ::com::sun::star::security::CertificateValidity::UNKNOWN_REVOKATION ; + } + + if( ( chainStatus & CERT_TRUST_INVALID_EXTENSION ) == CERT_TRUST_INVALID_EXTENSION ) { + validity |= ::com::sun::star::security::CertificateValidity::EXTENSION_INVALID ; + } + + if( ( chainStatus & CERT_TRUST_IS_PARTIAL_CHAIN ) == CERT_TRUST_IS_PARTIAL_CHAIN ) { + validity |= ::com::sun::star::security::CertificateValidity::CHAIN_INCOMPLETE ; + } + //todo + if (chainStatus & CERT_TRUST_IS_NOT_VALID_FOR_USAGE + || chainStatus & CERT_TRUST_IS_CYCLIC + || chainStatus & CERT_TRUST_INVALID_POLICY_CONSTRAINTS + || chainStatus & CERT_TRUST_INVALID_BASIC_CONSTRAINTS + || chainStatus & CERT_TRUST_INVALID_NAME_CONSTRAINTS + || chainStatus & CERT_TRUST_HAS_NOT_SUPPORTED_NAME_CONSTRAINT + || chainStatus & CERT_TRUST_HAS_NOT_DEFINED_NAME_CONSTRAINT + || chainStatus & CERT_TRUST_HAS_NOT_PERMITTED_NAME_CONSTRAINT + || chainStatus & CERT_TRUST_HAS_EXCLUDED_NAME_CONSTRAINT + || chainStatus & CERT_TRUST_NO_ISSUANCE_CHAIN_POLICY + || chainStatus & CERT_TRUST_CTL_IS_NOT_TIME_VALID + || chainStatus & CERT_TRUST_CTL_IS_NOT_SIGNATURE_VALID + || chainStatus & CERT_TRUST_CTL_IS_NOT_VALID_FOR_USAGE) + { + validity = ::com::sun::star::security::CertificateValidity::INVALID; + } +*/ + } else { + validity = ::com::sun::star::security::CertificateValidity::INVALID ; + } + + if (pChainContext) + CertFreeCertificateChain(pChainContext); + + //Close the additional store, do not destroy the contained certs + CertCloseStore(hCollectionStore, CERT_CLOSE_STORE_CHECK_FLAG); + //Close the temporary store containing the intermediate certificates and make + //sure all certificates are deleted. + CertCloseStore(hIntermediateCertsStore, CERT_CLOSE_STORE_CHECK_FLAG); + + return validity ; +} + +sal_Int32 SecurityEnvironment_MSCryptImpl :: getCertificateCharacters( const ::com::sun::star::uno::Reference< ::com::sun::star::security::XCertificate >& aCert ) throw( ::com::sun::star::uno::SecurityException, ::com::sun::star::uno::RuntimeException ) { + sal_Int32 characters ; + PCCERT_CONTEXT pCertContext ; + const X509Certificate_MSCryptImpl* xcert ; + + Reference< XUnoTunnel > xCertTunnel( aCert, UNO_QUERY ) ; + if( !xCertTunnel.is() ) { + throw RuntimeException() ; + } + + xcert = ( X509Certificate_MSCryptImpl* )xCertTunnel->getSomething( X509Certificate_MSCryptImpl::getUnoTunnelId() ) ; + if( xcert == NULL ) { + throw RuntimeException() ; + } + + pCertContext = xcert->getMswcryCert() ; + + characters = 0x00000000 ; + + //Firstly, make sentence whether or not the cert is self-signed. + if( CertCompareCertificateName( X509_ASN_ENCODING | PKCS_7_ASN_ENCODING, &(pCertContext->pCertInfo->Subject), &(pCertContext->pCertInfo->Issuer) ) ) { + characters |= ::com::sun::star::security::CertificateCharacters::SELF_SIGNED ; + } else { + characters &= ~ ::com::sun::star::security::CertificateCharacters::SELF_SIGNED ; + } + + //Secondly, make sentence whether or not the cert has a private key. + { + BOOL fCallerFreeProv ; + DWORD dwKeySpec ; + HCRYPTPROV hProv ; + if( CryptAcquireCertificatePrivateKey( pCertContext , + 0 , + NULL , + &( hProv ) , + &( dwKeySpec ) , + &( fCallerFreeProv ) ) + ) { + characters |= ::com::sun::star::security::CertificateCharacters::HAS_PRIVATE_KEY ; + + if( hProv != NULL && fCallerFreeProv ) + CryptReleaseContext( hProv, 0 ) ; + } else { + characters &= ~ ::com::sun::star::security::CertificateCharacters::HAS_PRIVATE_KEY ; + } + } + return characters ; +} + +void SecurityEnvironment_MSCryptImpl :: enableDefaultCrypt( sal_Bool enable ) throw( Exception, RuntimeException ) { + m_bEnableDefault = enable ; +} + +sal_Bool SecurityEnvironment_MSCryptImpl :: defaultEnabled() throw( Exception, RuntimeException ) { + return m_bEnableDefault ; +} + +X509Certificate_MSCryptImpl* MswcryCertContextToXCert( PCCERT_CONTEXT cert ) +{ + X509Certificate_MSCryptImpl* xcert ; + + if( cert != NULL ) { + xcert = new X509Certificate_MSCryptImpl() ; + if( xcert != NULL ) { + xcert->setMswcryCert( cert ) ; + } + } else { + xcert = NULL ; + } + + return xcert ; +} + +::rtl::OUString SecurityEnvironment_MSCryptImpl::getSecurityEnvironmentInformation() throw( ::com::sun::star::uno::RuntimeException ) +{ + return rtl::OUString::createFromAscii("Microsoft Crypto API"); +} + +/* Native methods */ +xmlSecKeysMngrPtr SecurityEnvironment_MSCryptImpl :: createKeysManager() throw( Exception, RuntimeException ) { + + unsigned int i ; + HCRYPTKEY symKey ; + HCRYPTKEY pubKey ; + HCRYPTKEY priKey ; + xmlSecKeysMngrPtr pKeysMngr = NULL ; + + /*- + * The following lines is based on the of xmlsec-mscrypto crypto engine + */ + pKeysMngr = xmlSecMSCryptoAppliedKeysMngrCreate( m_hKeyStore , m_hCertStore ) ; + if( pKeysMngr == NULL ) + throw RuntimeException() ; + + /*- + * Adopt symmetric key into keys manager + */ + for( i = 0 ; ( symKey = getSymKey( i ) ) != NULL ; i ++ ) { + if( xmlSecMSCryptoAppliedKeysMngrSymKeyLoad( pKeysMngr, symKey ) < 0 ) { + throw RuntimeException() ; + } + } + + /*- + * Adopt asymmetric public key into keys manager + */ + for( i = 0 ; ( pubKey = getPubKey( i ) ) != NULL ; i ++ ) { + if( xmlSecMSCryptoAppliedKeysMngrPubKeyLoad( pKeysMngr, pubKey ) < 0 ) { + throw RuntimeException() ; + } + } + + /*- + * Adopt asymmetric private key into keys manager + */ + for( i = 0 ; ( priKey = getPriKey( i ) ) != NULL ; i ++ ) { + if( xmlSecMSCryptoAppliedKeysMngrPriKeyLoad( pKeysMngr, priKey ) < 0 ) { + throw RuntimeException() ; + } + } + + /*- + * Adopt system default certificate store. + */ + if( defaultEnabled() ) { + HCERTSTORE hSystemStore ; + + //Add system key store into the keys manager. + hSystemStore = CertOpenSystemStore( 0, "MY" ) ; + if( hSystemStore != NULL ) { + if( xmlSecMSCryptoAppliedKeysMngrAdoptKeyStore( pKeysMngr, hSystemStore ) < 0 ) { + CertCloseStore( hSystemStore, CERT_CLOSE_STORE_CHECK_FLAG ) ; + throw RuntimeException() ; + } + } + + //Add system root store into the keys manager. + hSystemStore = CertOpenSystemStore( 0, "Root" ) ; + if( hSystemStore != NULL ) { + if( xmlSecMSCryptoAppliedKeysMngrAdoptTrustedStore( pKeysMngr, hSystemStore ) < 0 ) { + CertCloseStore( hSystemStore, CERT_CLOSE_STORE_CHECK_FLAG ) ; + throw RuntimeException() ; + } + } + + //Add system trusted store into the keys manager. + hSystemStore = CertOpenSystemStore( 0, "Trust" ) ; + if( hSystemStore != NULL ) { + if( xmlSecMSCryptoAppliedKeysMngrAdoptUntrustedStore( pKeysMngr, hSystemStore ) < 0 ) { + CertCloseStore( hSystemStore, CERT_CLOSE_STORE_CHECK_FLAG ) ; + throw RuntimeException() ; + } + } + + //Add system CA store into the keys manager. + hSystemStore = CertOpenSystemStore( 0, "CA" ) ; + if( hSystemStore != NULL ) { + if( xmlSecMSCryptoAppliedKeysMngrAdoptUntrustedStore( pKeysMngr, hSystemStore ) < 0 ) { + CertCloseStore( hSystemStore, CERT_CLOSE_STORE_CHECK_FLAG ) ; + throw RuntimeException() ; + } + } + } + + return pKeysMngr ; +} +void SecurityEnvironment_MSCryptImpl :: destroyKeysManager(xmlSecKeysMngrPtr pKeysMngr) throw( Exception, RuntimeException ) { + if( pKeysMngr != NULL ) { + xmlSecKeysMngrDestroy( pKeysMngr ) ; + } +} diff --git a/xmlsecurity/source/xmlsec/mscrypt/securityenvironment_mscryptimpl.hxx b/xmlsecurity/source/xmlsec/mscrypt/securityenvironment_mscryptimpl.hxx new file mode 100644 index 000000000000..f1441184602f --- /dev/null +++ b/xmlsecurity/source/xmlsec/mscrypt/securityenvironment_mscryptimpl.hxx @@ -0,0 +1,198 @@ +/************************************************************************* + * + * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. + * + * Copyright 2008 by Sun Microsystems, Inc. + * + * OpenOffice.org - a multi-platform office productivity suite + * + * $RCSfile: securityenvironment_mscryptimpl.hxx,v $ + * $Revision: 1.9 $ + * + * This file is part of OpenOffice.org. + * + * OpenOffice.org is free software: you can redistribute it and/or modify + * it under the terms of the GNU Lesser General Public License version 3 + * only, as published by the Free Software Foundation. + * + * OpenOffice.org is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU Lesser General Public License version 3 for more details + * (a copy is included in the LICENSE file that accompanied this code). + * + * You should have received a copy of the GNU Lesser General Public License + * version 3 along with OpenOffice.org. If not, see + * <http://www.openoffice.org/license.html> + * for a copy of the LGPLv3 License. + * + ************************************************************************/ + +#ifndef _XSECURITYENVIRONMENT_MSCRYPTIMPL_HXX_ +#define _XSECURITYENVIRONMENT_MSCRYPTIMPL_HXX_ + +#ifdef _MSC_VER +#pragma warning(push,1) +#endif +#include <windows.h> +#include <wincrypt.h> +#ifdef _MSC_VER +#pragma warning(pop) +#endif +#include <sal/config.h> +#include <rtl/ustring.hxx> +#include <cppuhelper/factory.hxx> +#include <cppuhelper/implbase4.hxx> +#include <com/sun/star/uno/Exception.hpp> + +#ifndef _COM_SUN_STAR_UNO_REFERENCE_HPP_ +#include <com/sun/star/uno/Reference.hxx> +#endif +#include <com/sun/star/lang/XSingleServiceFactory.hpp> + +#ifndef _COM_SUN_STAR_LANG_XSECVICEINFO_HPP_ +#include <com/sun/star/lang/XServiceInfo.hpp> +#endif +#include <com/sun/star/lang/XInitialization.hpp> +#include <com/sun/star/xml/crypto/XSecurityEnvironment.hpp> +#include <com/sun/star/security/XCertificate.hpp> +#include <com/sun/star/security/CertificateCharacters.hpp> +#include <com/sun/star/security/CertificateValidity.hpp> +#include <com/sun/star/lang/XUnoTunnel.hpp> + +#include <list> +#include "xmlsec/xmlsec.h" + +class SecurityEnvironment_MSCryptImpl : public ::cppu::WeakImplHelper4< + ::com::sun::star::xml::crypto::XSecurityEnvironment , + ::com::sun::star::lang::XInitialization , + ::com::sun::star::lang::XServiceInfo , + ::com::sun::star::lang::XUnoTunnel > +{ + private : + //cyrpto provider and key container + HCRYPTPROV m_hProv ; + LPCTSTR m_pszContainer ; + + //Key store + HCERTSTORE m_hKeyStore ; + + //Certiticate store + HCERTSTORE m_hCertStore ; + + //Enable default system cryptography setting + sal_Bool m_bEnableDefault ; + + //External keys + std::list< HCRYPTKEY > m_tSymKeyList ; + std::list< HCRYPTKEY > m_tPubKeyList ; + std::list< HCRYPTKEY > m_tPriKeyList ; + + //Service manager + ::com::sun::star::uno::Reference< ::com::sun::star::lang::XMultiServiceFactory > m_xServiceManager ; + + public : + SecurityEnvironment_MSCryptImpl( const ::com::sun::star::uno::Reference< ::com::sun::star::lang::XMultiServiceFactory >& aFactory ) ; + virtual ~SecurityEnvironment_MSCryptImpl() ; + + //Methods from XSecurityEnvironment + virtual ::com::sun::star::uno::Sequence< ::com::sun::star::uno::Reference< ::com::sun::star::security::XCertificate > > SAL_CALL getPersonalCertificates() throw( ::com::sun::star::uno::SecurityException , ::com::sun::star::uno::RuntimeException ) ; + + virtual ::com::sun::star::uno::Reference< ::com::sun::star::security::XCertificate > SAL_CALL getCertificate( const ::rtl::OUString& issuerName, const ::com::sun::star::uno::Sequence< sal_Int8 >& serialNumber ) throw( ::com::sun::star::uno::SecurityException , ::com::sun::star::uno::RuntimeException ) ; + + virtual ::com::sun::star::uno::Reference< ::com::sun::star::security::XCertificate > SAL_CALL getCertificate( const ::rtl::OUString& issuerName, const ::rtl::OUString& serialNumber ) throw( ::com::sun::star::uno::SecurityException , ::com::sun::star::uno::RuntimeException ) ; + + virtual ::com::sun::star::uno::Sequence< ::com::sun::star::uno::Reference< ::com::sun::star::security::XCertificate > > SAL_CALL buildCertificatePath( const ::com::sun::star::uno::Reference< ::com::sun::star::security::XCertificate >& beginCert ) throw( ::com::sun::star::uno::SecurityException , ::com::sun::star::uno::RuntimeException ) ; + + virtual ::com::sun::star::uno::Reference< ::com::sun::star::security::XCertificate > SAL_CALL createCertificateFromRaw( const ::com::sun::star::uno::Sequence< sal_Int8 >& rawCertificate ) throw( ::com::sun::star::uno::SecurityException , ::com::sun::star::uno::RuntimeException ) ; + + virtual ::com::sun::star::uno::Reference< ::com::sun::star::security::XCertificate > SAL_CALL createCertificateFromAscii( const ::rtl::OUString& asciiCertificate ) throw( ::com::sun::star::uno::SecurityException , ::com::sun::star::uno::RuntimeException ) ; + + virtual ::sal_Int32 SAL_CALL verifyCertificate( + const ::com::sun::star::uno::Reference< ::com::sun::star::security::XCertificate >& xCert, + const ::com::sun::star::uno::Sequence< ::com::sun::star::uno::Reference< + ::com::sun::star::security::XCertificate > >& intermediateCertificates) + throw (::com::sun::star::uno::SecurityException, ::com::sun::star::uno::RuntimeException) ; + virtual ::sal_Int32 SAL_CALL getCertificateCharacters( const ::com::sun::star::uno::Reference< ::com::sun::star::security::XCertificate >& xCert ) throw (::com::sun::star::uno::SecurityException, ::com::sun::star::uno::RuntimeException) ; + + virtual ::rtl::OUString SAL_CALL getSecurityEnvironmentInformation( ) throw (::com::sun::star::uno::RuntimeException); + + + //Methods from XInitialization + virtual void SAL_CALL initialize( + const ::com::sun::star::uno::Sequence< ::com::sun::star::uno::Any >& aArguments + ) throw( ::com::sun::star::uno::Exception , ::com::sun::star::uno::RuntimeException ) ; + + //Methods from XServiceInfo + virtual ::rtl::OUString SAL_CALL getImplementationName() throw( ::com::sun::star::uno::RuntimeException ) ; + + virtual sal_Bool SAL_CALL supportsService( + const ::rtl::OUString& ServiceName + ) throw( ::com::sun::star::uno::RuntimeException ) ; + + virtual ::com::sun::star::uno::Sequence< ::rtl::OUString > SAL_CALL getSupportedServiceNames() throw( ::com::sun::star::uno::RuntimeException ) ; + + //Helper for XServiceInfo + static ::com::sun::star::uno::Sequence< ::rtl::OUString > impl_getSupportedServiceNames() ; + + static ::rtl::OUString impl_getImplementationName() throw( ::com::sun::star::uno::RuntimeException ) ; + + //Helper for registry + static ::com::sun::star::uno::Reference< ::com::sun::star::uno::XInterface > SAL_CALL impl_createInstance( const ::com::sun::star::uno::Reference< ::com::sun::star::lang::XMultiServiceFactory >& aServiceManager ) throw( ::com::sun::star::uno::RuntimeException ) ; + + static ::com::sun::star::uno::Reference< ::com::sun::star::lang::XSingleServiceFactory > impl_createFactory( const ::com::sun::star::uno::Reference< ::com::sun::star::lang::XMultiServiceFactory >& aServiceManager ) ; + + //Methods from XUnoTunnel + virtual sal_Int64 SAL_CALL getSomething( const ::com::sun::star::uno::Sequence< sal_Int8 >& aIdentifier ) + throw (::com::sun::star::uno::RuntimeException); + + static const ::com::sun::star::uno::Sequence< sal_Int8 >& getUnoTunnelId() ; + static SecurityEnvironment_MSCryptImpl* getImplementation( const ::com::sun::star::uno::Reference< ::com::sun::star::uno::XInterface > xObj ) ; + + //Native mehtods + virtual HCRYPTPROV getCryptoProvider() throw( ::com::sun::star::uno::Exception , ::com::sun::star::uno::RuntimeException ) ; + + virtual void setCryptoProvider( HCRYPTPROV aProv ) throw( ::com::sun::star::uno::Exception , ::com::sun::star::uno::RuntimeException ) ; + + virtual LPCTSTR getKeyContainer() throw( ::com::sun::star::uno::Exception , ::com::sun::star::uno::RuntimeException ) ; + + virtual void setKeyContainer( LPCTSTR aKeyContainer ) throw( ::com::sun::star::uno::Exception , ::com::sun::star::uno::RuntimeException ) ; + + virtual HCERTSTORE getCryptoSlot() throw( ::com::sun::star::uno::Exception , ::com::sun::star::uno::RuntimeException ) ; + + virtual void setCryptoSlot( HCERTSTORE aKeyStore ) throw( ::com::sun::star::uno::Exception , ::com::sun::star::uno::RuntimeException ) ; + + virtual HCERTSTORE getCertDb() throw( ::com::sun::star::uno::Exception , ::com::sun::star::uno::RuntimeException ) ; + + virtual void setCertDb( HCERTSTORE aCertDb ) throw( ::com::sun::star::uno::Exception , ::com::sun::star::uno::RuntimeException ) ; + + virtual void adoptSymKey( HCRYPTKEY aSymKey ) throw( ::com::sun::star::uno::Exception , ::com::sun::star::uno::RuntimeException ) ; + + virtual void rejectSymKey( HCRYPTKEY aSymKey ) throw( ::com::sun::star::uno::Exception , ::com::sun::star::uno::RuntimeException ) ; + + virtual HCRYPTKEY getSymKey( unsigned int position ) throw( ::com::sun::star::uno::Exception , ::com::sun::star::uno::RuntimeException ) ; + + virtual void adoptPubKey( HCRYPTKEY aPubKey ) throw( ::com::sun::star::uno::Exception , ::com::sun::star::uno::RuntimeException ) ; + + virtual void rejectPubKey( HCRYPTKEY aPubKey ) throw( ::com::sun::star::uno::Exception , ::com::sun::star::uno::RuntimeException ) ; + + virtual HCRYPTKEY getPubKey( unsigned int position ) throw( ::com::sun::star::uno::Exception , ::com::sun::star::uno::RuntimeException ) ; + + virtual void adoptPriKey( HCRYPTKEY aPriKey ) throw( ::com::sun::star::uno::Exception , ::com::sun::star::uno::RuntimeException ) ; + + virtual void rejectPriKey( HCRYPTKEY aPriKey ) throw( ::com::sun::star::uno::Exception , ::com::sun::star::uno::RuntimeException ) ; + + virtual HCRYPTKEY getPriKey( unsigned int position ) throw( ::com::sun::star::uno::Exception , ::com::sun::star::uno::RuntimeException ) ; + + virtual void enableDefaultCrypt( sal_Bool enable ) throw( ::com::sun::star::uno::Exception , ::com::sun::star::uno::RuntimeException ) ; + + virtual sal_Bool defaultEnabled() throw( ::com::sun::star::uno::Exception , ::com::sun::star::uno::RuntimeException ) ; + + //Native mehtods + virtual xmlSecKeysMngrPtr createKeysManager() throw( ::com::sun::star::uno::Exception , ::com::sun::star::uno::RuntimeException ) ; + + virtual void destroyKeysManager(xmlSecKeysMngrPtr pKeysMngr) throw( ::com::sun::star::uno::Exception , ::com::sun::star::uno::RuntimeException ) ; +} ; + +#endif // _XSECURITYENVIRONMENT_MSCRYPTIMPL_HXX_ + diff --git a/xmlsecurity/source/xmlsec/mscrypt/seinitializer_mscryptimpl.cxx b/xmlsecurity/source/xmlsec/mscrypt/seinitializer_mscryptimpl.cxx new file mode 100644 index 000000000000..25c091d90b4b --- /dev/null +++ b/xmlsecurity/source/xmlsec/mscrypt/seinitializer_mscryptimpl.cxx @@ -0,0 +1,241 @@ +/************************************************************************* + * + * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. + * + * Copyright 2008 by Sun Microsystems, Inc. + * + * OpenOffice.org - a multi-platform office productivity suite + * + * $RCSfile: seinitializer_mscryptimpl.cxx,v $ + * $Revision: 1.6 $ + * + * This file is part of OpenOffice.org. + * + * OpenOffice.org is free software: you can redistribute it and/or modify + * it under the terms of the GNU Lesser General Public License version 3 + * only, as published by the Free Software Foundation. + * + * OpenOffice.org is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU Lesser General Public License version 3 for more details + * (a copy is included in the LICENSE file that accompanied this code). + * + * You should have received a copy of the GNU Lesser General Public License + * version 3 along with OpenOffice.org. If not, see + * <http://www.openoffice.org/license.html> + * for a copy of the LGPLv3 License. + * + ************************************************************************/ + +// MARKER(update_precomp.py): autogen include statement, do not remove +#include "precompiled_xmlsecurity.hxx" + +#include "seinitializer_mscryptimpl.hxx" + +#include "securityenvironment_mscryptimpl.hxx" + +#include "xmlsec/strings.h" +#include "xmlsec/mscrypto/app.h" + +namespace cssu = com::sun::star::uno; +namespace cssl = com::sun::star::lang; +namespace cssxc = com::sun::star::xml::crypto; + +#define SERVICE_NAME "com.sun.star.xml.crypto.SEInitializer" +#define IMPLEMENTATION_NAME "com.sun.star.xml.security.bridge.xmlsec.SEInitializer_MSCryptImpl" +#define SECURITY_ENVIRONMENT "com.sun.star.xml.crypto.SecurityEnvironment" +#define SECURITY_CONTEXT "com.sun.star.xml.crypto.XMLSecurityContext" + +SEInitializer_MSCryptImpl::SEInitializer_MSCryptImpl( + const com::sun::star::uno::Reference< com::sun::star::lang::XMultiServiceFactory > &rxMSF) + :mxMSF( rxMSF ) +{ +} + +SEInitializer_MSCryptImpl::~SEInitializer_MSCryptImpl() +{ +} + +/* XSEInitializer */ +cssu::Reference< cssxc::XXMLSecurityContext > SAL_CALL + SEInitializer_MSCryptImpl::createSecurityContext( + const rtl::OUString& sCertDB ) + throw (cssu::RuntimeException) +{ + const char* n_pCertStore ; + HCERTSTORE n_hStoreHandle ; + + //Initialize the crypto engine + if( sCertDB.getLength() > 0 ) + { + rtl::OString sCertDir(sCertDB, sCertDB.getLength(), RTL_TEXTENCODING_ASCII_US); + n_pCertStore = sCertDir.getStr(); + n_hStoreHandle = CertOpenSystemStore( NULL, n_pCertStore ) ; + if( n_hStoreHandle == NULL ) + { + return NULL; + } + } + else + { + n_pCertStore = NULL ; + n_hStoreHandle = NULL ; + } + + xmlSecMSCryptoAppInit( n_pCertStore ) ; + + try { + /* Build Security Environment */ + const rtl::OUString sSecyrutyEnvironment ( RTL_CONSTASCII_USTRINGPARAM( SECURITY_ENVIRONMENT ) ); + cssu::Reference< cssxc::XSecurityEnvironment > xSecEnv( mxMSF->createInstance ( sSecyrutyEnvironment ), cssu::UNO_QUERY ); + if( !xSecEnv.is() ) + { + if( n_hStoreHandle != NULL ) + { + CertCloseStore( n_hStoreHandle, CERT_CLOSE_STORE_FORCE_FLAG ) ; + } + + xmlSecMSCryptoAppShutdown() ; + return NULL; + } + + /* Setup key slot and certDb */ + cssu::Reference< cssl::XUnoTunnel > xEnvTunnel( xSecEnv , cssu::UNO_QUERY ) ; + if( !xEnvTunnel.is() ) + { + if( n_hStoreHandle != NULL ) + { + CertCloseStore( n_hStoreHandle, CERT_CLOSE_STORE_FORCE_FLAG ) ; + } + + xmlSecMSCryptoAppShutdown() ; + return NULL; + } + + SecurityEnvironment_MSCryptImpl* pSecEnv = ( SecurityEnvironment_MSCryptImpl* )xEnvTunnel->getSomething( SecurityEnvironment_MSCryptImpl::getUnoTunnelId() ) ; + if( pSecEnv == NULL ) + { + if( n_hStoreHandle != NULL ) + { + CertCloseStore( n_hStoreHandle, CERT_CLOSE_STORE_FORCE_FLAG ) ; + } + + xmlSecMSCryptoAppShutdown() ; + return NULL; + } + + if( n_hStoreHandle != NULL ) + { + pSecEnv->setCryptoSlot( n_hStoreHandle ) ; + pSecEnv->setCertDb( n_hStoreHandle ) ; + } + else + { + pSecEnv->enableDefaultCrypt( sal_True ) ; + } + + /* Build XML Security Context */ + const rtl::OUString sSecyrutyContext ( RTL_CONSTASCII_USTRINGPARAM( SECURITY_CONTEXT ) ); + cssu::Reference< cssxc::XXMLSecurityContext > xSecCtx( mxMSF->createInstance ( sSecyrutyContext ), cssu::UNO_QUERY ); + if( !xSecCtx.is() ) + { + if( n_hStoreHandle != NULL ) + { + CertCloseStore( n_hStoreHandle, CERT_CLOSE_STORE_FORCE_FLAG ) ; + } + + xmlSecMSCryptoAppShutdown() ; + return NULL; + } + + xSecCtx->setDefaultSecurityEnvironmentIndex(xSecCtx->addSecurityEnvironment( xSecEnv )) ; + return xSecCtx; + } + catch( cssu::Exception& ) + { + if( n_hStoreHandle != NULL ) + { + CertCloseStore( n_hStoreHandle, CERT_CLOSE_STORE_FORCE_FLAG ) ; + } + + xmlSecMSCryptoAppShutdown() ; + return NULL; + } +} + +void SAL_CALL SEInitializer_MSCryptImpl::freeSecurityContext( const cssu::Reference< cssxc::XXMLSecurityContext >&) + throw (cssu::RuntimeException) +{ + /* + cssu::Reference< cssxc::XSecurityEnvironment > xSecEnv + = securityContext->getSecurityEnvironment(); + + if( xSecEnv.is() ) + { + cssu::Reference< cssl::XUnoTunnel > xEnvTunnel( xSecEnv , cssu::UNO_QUERY ) ; + if( xEnvTunnel.is() ) + { + SecurityEnvironment_MSCryptImpl* pSecEnv = ( SecurityEnvironment_MSCryptImpl* )xEnvTunnel->getSomething( SecurityEnvironment_MSCryptImpl::getUnoTunnelId() ) ; + HCERTSTORE n_hStoreHandle = pSecEnv->getCryptoSlot(); + + if( n_hStoreHandle != NULL ) + { + CertCloseStore( n_hStoreHandle, CERT_CLOSE_STORE_FORCE_FLAG ) ; + pSecEnv->setCryptoSlot( NULL ) ; + pSecEnv->setCertDb( NULL ) ; + } + + xmlSecMSCryptoAppShutdown() ; + } + } + */ + + xmlSecMSCryptoAppShutdown() ; +} + +rtl::OUString SEInitializer_MSCryptImpl_getImplementationName () + throw (cssu::RuntimeException) +{ + return rtl::OUString ( RTL_CONSTASCII_USTRINGPARAM ( IMPLEMENTATION_NAME ) ); +} + +sal_Bool SAL_CALL SEInitializer_MSCryptImpl_supportsService( const rtl::OUString& ServiceName ) + throw (cssu::RuntimeException) +{ + return ServiceName.equalsAsciiL( RTL_CONSTASCII_STRINGPARAM ( SERVICE_NAME )); +} + +cssu::Sequence< rtl::OUString > SAL_CALL SEInitializer_MSCryptImpl_getSupportedServiceNames( ) + throw (cssu::RuntimeException) +{ + cssu::Sequence < rtl::OUString > aRet(1); + rtl::OUString* pArray = aRet.getArray(); + pArray[0] = rtl::OUString ( RTL_CONSTASCII_USTRINGPARAM ( SERVICE_NAME ) ); + return aRet; +} +#undef SERVICE_NAME + +cssu::Reference< cssu::XInterface > SAL_CALL SEInitializer_MSCryptImpl_createInstance( const cssu::Reference< cssl::XMultiServiceFactory > & rSMgr) + throw( cssu::Exception ) +{ + return (cppu::OWeakObject*) new SEInitializer_MSCryptImpl(rSMgr); +} + +/* XServiceInfo */ +rtl::OUString SAL_CALL SEInitializer_MSCryptImpl::getImplementationName( ) + throw (cssu::RuntimeException) +{ + return SEInitializer_MSCryptImpl_getImplementationName(); +} +sal_Bool SAL_CALL SEInitializer_MSCryptImpl::supportsService( const rtl::OUString& rServiceName ) + throw (cssu::RuntimeException) +{ + return SEInitializer_MSCryptImpl_supportsService( rServiceName ); +} +cssu::Sequence< rtl::OUString > SAL_CALL SEInitializer_MSCryptImpl::getSupportedServiceNames( ) + throw (cssu::RuntimeException) +{ + return SEInitializer_MSCryptImpl_getSupportedServiceNames(); +} + diff --git a/xmlsecurity/source/xmlsec/mscrypt/seinitializer_mscryptimpl.hxx b/xmlsecurity/source/xmlsec/mscrypt/seinitializer_mscryptimpl.hxx new file mode 100644 index 000000000000..e67b8db1f3ef --- /dev/null +++ b/xmlsecurity/source/xmlsec/mscrypt/seinitializer_mscryptimpl.hxx @@ -0,0 +1,111 @@ +/************************************************************************* + * + * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. + * + * Copyright 2008 by Sun Microsystems, Inc. + * + * OpenOffice.org - a multi-platform office productivity suite + * + * $RCSfile: seinitializer_mscryptimpl.hxx,v $ + * $Revision: 1.3 $ + * + * This file is part of OpenOffice.org. + * + * OpenOffice.org is free software: you can redistribute it and/or modify + * it under the terms of the GNU Lesser General Public License version 3 + * only, as published by the Free Software Foundation. + * + * OpenOffice.org is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU Lesser General Public License version 3 for more details + * (a copy is included in the LICENSE file that accompanied this code). + * + * You should have received a copy of the GNU Lesser General Public License + * version 3 along with OpenOffice.org. If not, see + * <http://www.openoffice.org/license.html> + * for a copy of the LGPLv3 License. + * + ************************************************************************/ + +#ifndef _SEINITIALIZERIMPL_HXX +#define _SEINITIALIZERIMPL_HXX + +#include <com/sun/star/xml/crypto/XXMLSecurityContext.hpp> +#ifndef _COM_SUN_STAR_XML_CRYPTO_SEINITIALIZER_HPP_ +#include <com/sun/star/xml/crypto/XSEInitializer.hpp> +#endif +#include <com/sun/star/lang/XUnoTunnel.hpp> +#include <com/sun/star/lang/XServiceInfo.hpp> +#include <com/sun/star/lang/XMultiServiceFactory.hpp> +#include <cppuhelper/implbase2.hxx> + +#include <libxml/tree.h> + +class SEInitializer_MSCryptImpl : public cppu::WeakImplHelper2 +< + com::sun::star::xml::crypto::XSEInitializer, + com::sun::star::lang::XServiceInfo +> +/****** SEInitializer_MSCryptImpl.hxx/CLASS SEInitializer_MSCryptImpl *********** + * + * NAME + * SEInitializer_MSCryptImpl -- Class to initialize a Security Context + * instance + * + * FUNCTION + * Use this class to initialize a XmlSec based Security Context + * instance. After this instance is used up, use this class to free this + * instance. + * + * HISTORY + * 05.01.2004 - Interface supported: XSEInitializer, XSEInitializer + * + * AUTHOR + * Michael Mi + * Email: michael.mi@sun.com + ******************************************************************************/ +{ +private: + com::sun::star::uno::Reference< com::sun::star::lang::XMultiServiceFactory > mxMSF; + +public: + SEInitializer_MSCryptImpl(const com::sun::star::uno::Reference< com::sun::star::lang::XMultiServiceFactory > &rxMSF); + virtual ~SEInitializer_MSCryptImpl(); + + /* XSEInitializer */ + virtual com::sun::star::uno::Reference< + com::sun::star::xml::crypto::XXMLSecurityContext > + SAL_CALL createSecurityContext( const rtl::OUString& certDB ) + throw (com::sun::star::uno::RuntimeException); + + virtual void SAL_CALL freeSecurityContext( const com::sun::star::uno::Reference< + com::sun::star::xml::crypto::XXMLSecurityContext >& securityContext ) + throw (com::sun::star::uno::RuntimeException); + + /* XServiceInfo */ + virtual rtl::OUString SAL_CALL getImplementationName( ) + throw (com::sun::star::uno::RuntimeException); + + virtual sal_Bool SAL_CALL supportsService( const rtl::OUString& ServiceName ) + throw (com::sun::star::uno::RuntimeException); + + virtual com::sun::star::uno::Sequence< rtl::OUString > SAL_CALL getSupportedServiceNames( ) + throw (com::sun::star::uno::RuntimeException); +}; + +rtl::OUString SEInitializer_MSCryptImpl_getImplementationName() + throw ( com::sun::star::uno::RuntimeException ); + +sal_Bool SAL_CALL SEInitializer_MSCryptImpl_supportsService( const rtl::OUString& ServiceName ) + throw ( com::sun::star::uno::RuntimeException ); + +com::sun::star::uno::Sequence< rtl::OUString > SAL_CALL SEInitializer_MSCryptImpl_getSupportedServiceNames( ) + throw ( com::sun::star::uno::RuntimeException ); + +com::sun::star::uno::Reference< com::sun::star::uno::XInterface > +SAL_CALL SEInitializer_MSCryptImpl_createInstance( const com::sun::star::uno::Reference< com::sun::star::lang::XMultiServiceFactory > & rSMgr) + throw ( com::sun::star::uno::Exception ); + +#endif + diff --git a/xmlsecurity/source/xmlsec/mscrypt/x509certificate_mscryptimpl.cxx b/xmlsecurity/source/xmlsec/mscrypt/x509certificate_mscryptimpl.cxx new file mode 100644 index 000000000000..e01fe5109190 --- /dev/null +++ b/xmlsecurity/source/xmlsec/mscrypt/x509certificate_mscryptimpl.cxx @@ -0,0 +1,664 @@ +/************************************************************************* + * + * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. + * + * Copyright 2008 by Sun Microsystems, Inc. + * + * OpenOffice.org - a multi-platform office productivity suite + * + * $RCSfile: x509certificate_mscryptimpl.cxx,v $ + * $Revision: 1.12 $ + * + * This file is part of OpenOffice.org. + * + * OpenOffice.org is free software: you can redistribute it and/or modify + * it under the terms of the GNU Lesser General Public License version 3 + * only, as published by the Free Software Foundation. + * + * OpenOffice.org is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU Lesser General Public License version 3 for more details + * (a copy is included in the LICENSE file that accompanied this code). + * + * You should have received a copy of the GNU Lesser General Public License + * version 3 along with OpenOffice.org. If not, see + * <http://www.openoffice.org/license.html> + * for a copy of the LGPLv3 License. + * + ************************************************************************/ + +// MARKER(update_precomp.py): autogen include statement, do not remove +#include "precompiled_xmlsecurity.hxx" +#include <sal/config.h> +#include <rtl/uuid.h> +#include "x509certificate_mscryptimpl.hxx" +#include "certificateextension_xmlsecimpl.hxx" + +//MM : added by MM +#include "oid.hxx" +//MM : end + +//CP : added by CP +#include <rtl/locale.h> +#include <osl/nlsupport.h> +#include <osl/process.h> +#include <utility> + +//CP : end + +using namespace ::com::sun::star::uno ; +using namespace ::com::sun::star::security ; +using ::rtl::OUString ; + +using ::com::sun::star::security::XCertificate ; +using ::com::sun::star::util::DateTime ; + +#define OUSTR(x) ::rtl::OUString( RTL_CONSTASCII_USTRINGPARAM(x) ) + +/*Resturns the index withing rRawString where sTypeName starts and where it ends. + The starting index is pair.first. The ending index in pair.second points + one char after the last character of the type. + sTypeName can be + "S" or "CN" (without ""). Do not use spaces at the beginning of the type name. + If the type name is not found then pair.first and pair.second are -1. +*/ +std::pair< sal_Int32, sal_Int32 > +findTypeInDN(const OUString& rRawString, const OUString& sTypeName) +{ + std::pair< sal_Int32, sal_Int32 > retVal; + bool bInEscape = false; + bool bInValue = false; + bool bFound = false; + sal_Int32 nTypeNameStart = 0; + sal_Int32 length = rRawString.getLength(); + + for (sal_Int32 i = 0; i < length; i++) + { + sal_Unicode c = rRawString[i]; + + if (c == '=') + { + if (! bInValue) + { + OUString sType = rRawString.copy(nTypeNameStart, i - nTypeNameStart); + sType = sType.trim(); + if (sType.equalsIgnoreAsciiCase(sTypeName)) + { + bFound = true; + break; + } + } + } + else if (c == '"') + { + if (!bInEscape) + { + //If this is the quote is the first of the couple which enclose the + //whole value, because the value contains special characters + //then we just drop it. That is, this character must be followed by + //a character which is not '"'. + if ( i + 1 < length && rRawString[i+1] == '"') + bInEscape = true; + else + bInValue = !bInValue; //value is enclosed in " " + } + else + { + //This quote is escaped by a preceding quote and therefore is + //part of the value + bInEscape = false; + } + } + else if (c == ',') + { + //The comma separate the attribute value pairs. + //If the comma is not part of a value (the value would then be enclosed in '"'), + //then we have reached the end of the value + if (!bInValue) + { + //The next char is the start of the new type + nTypeNameStart = i + 1; + } + } + } + + //Found the Type Name, but there can still be spaces after the last comma + //and the beginning of the type. + if (bFound) + { + while (true) + { + sal_Unicode c = rRawString[nTypeNameStart]; + if (c != ' ' && c != '\t') + //found + break; + nTypeNameStart ++; + } + // search end (one after last letter) + sal_Int32 nTypeNameEnd = nTypeNameStart; + nTypeNameEnd++; + while (true) + { + sal_Unicode c = rRawString[nTypeNameEnd]; + if (c == ' ' || c == '\t' || c == '=') + break; + nTypeNameEnd++; + } + retVal = std::make_pair(nTypeNameStart, nTypeNameEnd); + } + else + { + retVal = std::make_pair(-1, -1); + } + return retVal; +} + + +/* + MS Crypto uses the 'S' tag (equal to the 'ST' tag in NSS), but the NSS can't recognise + it, so the 'S' tag should be changed to 'ST' tag. However I am not sure if this is necessary + anymore, because we provide always the signers certificate when signing. So libmlsec can find + the private key based on the provided certificate (X509Certificate element) and does not need + the issuer name (X509IssuerName element). The issuer name in the xml signature has also no + effect for the signature nor the certificate validation. + In many RFCs, for example 4519, on speaks of 'ST'. However, the certificate does not contain + strings for type names. Instead it uses OIDs. + */ + +OUString replaceTagSWithTagST(OUString oldDN) +{ + std::pair<sal_Int32, sal_Int32 > pairIndex = findTypeInDN(oldDN, OUSTR("S")); + + if (pairIndex.first != -1) + { + OUString newDN = oldDN.copy(0, pairIndex.first); + newDN += OUSTR("ST"); + newDN += oldDN.copy(pairIndex.second); + return newDN; + } + return oldDN; +} +/* end */ + +X509Certificate_MSCryptImpl :: X509Certificate_MSCryptImpl() : + m_pCertContext( NULL ) +{ +} + +X509Certificate_MSCryptImpl :: ~X509Certificate_MSCryptImpl() { + if( m_pCertContext != NULL ) { + CertFreeCertificateContext( m_pCertContext ) ; + } +} + +//Methods from XCertificate +sal_Int16 SAL_CALL X509Certificate_MSCryptImpl :: getVersion() throw ( ::com::sun::star::uno::RuntimeException) { + if( m_pCertContext != NULL && m_pCertContext->pCertInfo != NULL ) { + return ( char )m_pCertContext->pCertInfo->dwVersion ; + } else { + return -1 ; + } +} + +::com::sun::star::uno::Sequence< sal_Int8 > SAL_CALL X509Certificate_MSCryptImpl :: getSerialNumber() throw ( ::com::sun::star::uno::RuntimeException) { + if( m_pCertContext != NULL && m_pCertContext->pCertInfo != NULL ) { + Sequence< sal_Int8 > serial( m_pCertContext->pCertInfo->SerialNumber.cbData ) ; + for( unsigned int i = 0 ; i < m_pCertContext->pCertInfo->SerialNumber.cbData ; i ++ ) + serial[i] = *( m_pCertContext->pCertInfo->SerialNumber.pbData + m_pCertContext->pCertInfo->SerialNumber.cbData - i - 1 ) ; + + return serial ; + } else { + return NULL ; + } +} + +::rtl::OUString SAL_CALL X509Certificate_MSCryptImpl :: getIssuerName() throw ( ::com::sun::star::uno::RuntimeException) { + if( m_pCertContext != NULL && m_pCertContext->pCertInfo != NULL ) { + char* issuer ; + DWORD cbIssuer ; + + cbIssuer = CertNameToStr( + X509_ASN_ENCODING | PKCS_7_ASN_ENCODING , + &( m_pCertContext->pCertInfo->Issuer ), + CERT_X500_NAME_STR | CERT_NAME_STR_REVERSE_FLAG , + NULL, 0 + ) ; + + // Here the cbIssuer count the last 0x00 , take care. + if( cbIssuer != 0 ) { + issuer = new char[ cbIssuer ] ; + if( issuer == NULL ) + throw RuntimeException() ; + + cbIssuer = CertNameToStr( + X509_ASN_ENCODING | PKCS_7_ASN_ENCODING , + &( m_pCertContext->pCertInfo->Issuer ), + CERT_X500_NAME_STR | CERT_NAME_STR_REVERSE_FLAG , + issuer, cbIssuer + ) ; + + if( cbIssuer <= 0 ) { + delete [] issuer ; + throw RuntimeException() ; + } + + // By CP , for correct encoding + sal_uInt16 encoding ; + rtl_Locale *pLocale = NULL ; + osl_getProcessLocale( &pLocale ) ; + encoding = osl_getTextEncodingFromLocale( pLocale ) ; + // CP end + + if(issuer[cbIssuer-1] == 0) cbIssuer--; //delimit the last 0x00; + OUString xIssuer(issuer , cbIssuer ,encoding ) ; //By CP + delete [] issuer ; + + return replaceTagSWithTagST(xIssuer); + } else { + return OUString() ; + } + } else { + return OUString() ; + } +} + +::rtl::OUString SAL_CALL X509Certificate_MSCryptImpl :: getSubjectName() throw ( ::com::sun::star::uno::RuntimeException) { + if( m_pCertContext != NULL && m_pCertContext->pCertInfo != NULL ) { + char* subject ; + DWORD cbSubject ; + + cbSubject = CertNameToStr( + X509_ASN_ENCODING | PKCS_7_ASN_ENCODING , + &( m_pCertContext->pCertInfo->Subject ), + CERT_X500_NAME_STR | CERT_NAME_STR_REVERSE_FLAG , + NULL, 0 + ) ; + + if( cbSubject != 0 ) { + subject = new char[ cbSubject ] ; + if( subject == NULL ) + throw RuntimeException() ; + + cbSubject = CertNameToStr( + X509_ASN_ENCODING | PKCS_7_ASN_ENCODING , + &( m_pCertContext->pCertInfo->Subject ), + CERT_X500_NAME_STR | CERT_NAME_STR_REVERSE_FLAG , + subject, cbSubject + ) ; + + if( cbSubject <= 0 ) { + delete [] subject ; + throw RuntimeException() ; + } + + // By CP , for correct encoding + sal_uInt16 encoding ; + rtl_Locale *pLocale = NULL ; + osl_getProcessLocale( &pLocale ) ; + encoding = osl_getTextEncodingFromLocale( pLocale ) ; + // CP end + + if(subject[cbSubject-1] == 0) cbSubject--; //delimit the last 0x00; + OUString xSubject(subject , cbSubject ,encoding ) ; //By CP + delete [] subject ; + + return replaceTagSWithTagST(xSubject); + } else { + return OUString() ; + } + } else { + return OUString() ; + } +} + +::com::sun::star::util::DateTime SAL_CALL X509Certificate_MSCryptImpl :: getNotValidBefore() throw ( ::com::sun::star::uno::RuntimeException ) { + if( m_pCertContext != NULL && m_pCertContext->pCertInfo != NULL ) { + SYSTEMTIME explTime ; + DateTime dateTime ; + FILETIME localFileTime; + + if (FileTimeToLocalFileTime(&( m_pCertContext->pCertInfo->NotBefore ), &localFileTime)) + { + if( FileTimeToSystemTime( &localFileTime, &explTime ) ) { + //Convert the time to readable local time + dateTime.HundredthSeconds = explTime.wMilliseconds / 100 ; + dateTime.Seconds = explTime.wSecond ; + dateTime.Minutes = explTime.wMinute ; + dateTime.Hours = explTime.wHour ; + dateTime.Day = explTime.wDay ; + dateTime.Month = explTime.wMonth ; + dateTime.Year = explTime.wYear ; + } + } + + return dateTime ; + } else { + return DateTime() ; + } +} + +::com::sun::star::util::DateTime SAL_CALL X509Certificate_MSCryptImpl :: getNotValidAfter() throw ( ::com::sun::star::uno::RuntimeException) { + if( m_pCertContext != NULL && m_pCertContext->pCertInfo != NULL ) { + SYSTEMTIME explTime ; + DateTime dateTime ; + FILETIME localFileTime; + + if (FileTimeToLocalFileTime(&( m_pCertContext->pCertInfo->NotAfter ), &localFileTime)) + { + if( FileTimeToSystemTime( &localFileTime, &explTime ) ) { + //Convert the time to readable local time + dateTime.HundredthSeconds = explTime.wMilliseconds / 100 ; + dateTime.Seconds = explTime.wSecond ; + dateTime.Minutes = explTime.wMinute ; + dateTime.Hours = explTime.wHour ; + dateTime.Day = explTime.wDay ; + dateTime.Month = explTime.wMonth ; + dateTime.Year = explTime.wYear ; + } + } + + return dateTime ; + } else { + return DateTime() ; + } +} + +::com::sun::star::uno::Sequence< sal_Int8 > SAL_CALL X509Certificate_MSCryptImpl :: getIssuerUniqueID() throw ( ::com::sun::star::uno::RuntimeException) { + if( m_pCertContext != NULL && m_pCertContext->pCertInfo != NULL ) { + Sequence< sal_Int8 > issuerUid( m_pCertContext->pCertInfo->IssuerUniqueId.cbData ) ; + for( unsigned int i = 0 ; i < m_pCertContext->pCertInfo->IssuerUniqueId.cbData; i ++ ) + issuerUid[i] = *( m_pCertContext->pCertInfo->IssuerUniqueId.pbData + i ) ; + + return issuerUid ; + } else { + return NULL ; + } +} + +::com::sun::star::uno::Sequence< sal_Int8 > SAL_CALL X509Certificate_MSCryptImpl :: getSubjectUniqueID() throw ( ::com::sun::star::uno::RuntimeException ) { + if( m_pCertContext != NULL && m_pCertContext->pCertInfo != NULL ) { + Sequence< sal_Int8 > subjectUid( m_pCertContext->pCertInfo->SubjectUniqueId.cbData ) ; + for( unsigned int i = 0 ; i < m_pCertContext->pCertInfo->SubjectUniqueId.cbData; i ++ ) + subjectUid[i] = *( m_pCertContext->pCertInfo->SubjectUniqueId.pbData + i ) ; + + return subjectUid ; + } else { + return NULL ; + } +} + +::com::sun::star::uno::Sequence< ::com::sun::star::uno::Reference< ::com::sun::star::security::XCertificateExtension > > SAL_CALL X509Certificate_MSCryptImpl :: getExtensions() throw ( ::com::sun::star::uno::RuntimeException ) { + if( m_pCertContext != NULL && m_pCertContext->pCertInfo != NULL && m_pCertContext->pCertInfo->cExtension != 0 ) { + CertificateExtension_XmlSecImpl* xExtn ; + CERT_EXTENSION* pExtn ; + Sequence< Reference< XCertificateExtension > > xExtns( m_pCertContext->pCertInfo->cExtension ) ; + + for( unsigned int i = 0; i < m_pCertContext->pCertInfo->cExtension; i++ ) { + pExtn = &(m_pCertContext->pCertInfo->rgExtension[i]) ; + + xExtn = new CertificateExtension_XmlSecImpl() ; + if( xExtn == NULL ) + throw RuntimeException() ; + + xExtn->setCertExtn( pExtn->Value.pbData, pExtn->Value.cbData, ( unsigned char* )pExtn->pszObjId, strlen( pExtn->pszObjId ), sal::static_int_cast<sal_Bool>(pExtn->fCritical) ) ; + + xExtns[i] = xExtn ; + } + + return xExtns ; + } else { + return NULL ; + } +} + +::com::sun::star::uno::Reference< ::com::sun::star::security::XCertificateExtension > SAL_CALL X509Certificate_MSCryptImpl :: findCertificateExtension( const ::com::sun::star::uno::Sequence< sal_Int8 >& /*oid*/ ) throw (::com::sun::star::uno::RuntimeException) { + if( m_pCertContext != NULL && m_pCertContext->pCertInfo != NULL && m_pCertContext->pCertInfo->cExtension != 0 ) { + CertificateExtension_XmlSecImpl* xExtn ; + CERT_EXTENSION* pExtn ; + Sequence< Reference< XCertificateExtension > > xExtns( m_pCertContext->pCertInfo->cExtension ) ; + + xExtn = NULL ; + for( unsigned int i = 0; i < m_pCertContext->pCertInfo->cExtension; i++ ) { + pExtn = &( m_pCertContext->pCertInfo->rgExtension[i] ) ; + + //TODO: Compare the oid + if( 0 ) { + xExtn = new CertificateExtension_XmlSecImpl() ; + if( xExtn == NULL ) + throw RuntimeException() ; + + xExtn->setCertExtn( pExtn->Value.pbData, pExtn->Value.cbData, ( unsigned char* )pExtn->pszObjId, strlen( pExtn->pszObjId ), sal::static_int_cast<sal_Bool>(pExtn->fCritical) ) ; + } + } + + return xExtn ; + } else { + return NULL ; + } +} + + +::com::sun::star::uno::Sequence< sal_Int8 > SAL_CALL X509Certificate_MSCryptImpl :: getEncoded() throw ( ::com::sun::star::uno::RuntimeException) { + if( m_pCertContext != NULL && m_pCertContext->cbCertEncoded > 0 ) { + Sequence< sal_Int8 > rawCert( m_pCertContext->cbCertEncoded ) ; + + for( unsigned int i = 0 ; i < m_pCertContext->cbCertEncoded ; i ++ ) + rawCert[i] = *( m_pCertContext->pbCertEncoded + i ) ; + + return rawCert ; + } else { + return NULL ; + } +} + +//Helper methods +void X509Certificate_MSCryptImpl :: setMswcryCert( const CERT_CONTEXT* cert ) { + if( m_pCertContext != NULL ) { + CertFreeCertificateContext( m_pCertContext ) ; + m_pCertContext = NULL ; + } + + if( cert != NULL ) { + m_pCertContext = CertDuplicateCertificateContext( cert ) ; + } +} + +const CERT_CONTEXT* X509Certificate_MSCryptImpl :: getMswcryCert() const { + if( m_pCertContext != NULL ) { + return m_pCertContext ; + } else { + return NULL ; + } +} + +void X509Certificate_MSCryptImpl :: setRawCert( Sequence< sal_Int8 > rawCert ) throw ( ::com::sun::star::uno::RuntimeException) { + if( m_pCertContext != NULL ) { + CertFreeCertificateContext( m_pCertContext ) ; + m_pCertContext = NULL ; + } + + if( rawCert.getLength() != 0 ) { + m_pCertContext = CertCreateCertificateContext( X509_ASN_ENCODING, ( const BYTE* )&rawCert[0], rawCert.getLength() ) ; + } +} + +/* XUnoTunnel */ +sal_Int64 SAL_CALL X509Certificate_MSCryptImpl :: getSomething( const Sequence< sal_Int8 >& aIdentifier ) throw( RuntimeException ) { + if( aIdentifier.getLength() == 16 && 0 == rtl_compareMemory( getUnoTunnelId().getConstArray(), aIdentifier.getConstArray(), 16 ) ) { + return ( sal_Int64 )this ; + } + return 0 ; +} + +/* XUnoTunnel extension */ +const Sequence< sal_Int8>& X509Certificate_MSCryptImpl :: getUnoTunnelId() { + static Sequence< sal_Int8 >* pSeq = 0 ; + if( !pSeq ) { + ::osl::Guard< ::osl::Mutex > aGuard( ::osl::Mutex::getGlobalMutex() ) ; + if( !pSeq ) { + static Sequence< sal_Int8> aSeq( 16 ) ; + rtl_createUuid( ( sal_uInt8* )aSeq.getArray() , 0 , sal_True ) ; + pSeq = &aSeq ; + } + } + return *pSeq ; +} + +/* XUnoTunnel extension */ +X509Certificate_MSCryptImpl* X509Certificate_MSCryptImpl :: getImplementation( const Reference< XInterface > xObj ) { + Reference< XUnoTunnel > xUT( xObj , UNO_QUERY ) ; + if( xUT.is() ) { + return ( X509Certificate_MSCryptImpl* )xUT->getSomething( getUnoTunnelId() ) ; + } else + return NULL ; +} + +// MM : added by MM +::rtl::OUString findOIDDescription(char *oid) +{ + OUString ouOID = OUString::createFromAscii( oid ); + for (int i=0; i<nOID; i++) + { + OUString item = OUString::createFromAscii( OIDs[i].oid ); + if (ouOID == item) + { + return OUString::createFromAscii( OIDs[i].desc ); + } + } + + return OUString() ; +} + +::com::sun::star::uno::Sequence< sal_Int8 > getThumbprint(const CERT_CONTEXT* pCertContext, DWORD dwPropId) +{ + if( pCertContext != NULL ) + { + DWORD cbData = 20; + unsigned char fingerprint[20]; + if (CertGetCertificateContextProperty(pCertContext, dwPropId, (void*)fingerprint, &cbData)) + { + Sequence< sal_Int8 > thumbprint( cbData ) ; + for( unsigned int i = 0 ; i < cbData ; i ++ ) + { + thumbprint[i] = fingerprint[i]; + } + + return thumbprint; + } + else + { + DWORD e = GetLastError(); + cbData = e; + } + } + + return NULL; +} + +::rtl::OUString SAL_CALL X509Certificate_MSCryptImpl::getSubjectPublicKeyAlgorithm() + throw ( ::com::sun::star::uno::RuntimeException) +{ + if( m_pCertContext != NULL && m_pCertContext->pCertInfo != NULL ) + { + CRYPT_ALGORITHM_IDENTIFIER algorithm = m_pCertContext->pCertInfo->SubjectPublicKeyInfo.Algorithm; + return findOIDDescription( algorithm.pszObjId ) ; + } + else + { + return OUString() ; + } +} + +::com::sun::star::uno::Sequence< sal_Int8 > SAL_CALL X509Certificate_MSCryptImpl::getSubjectPublicKeyValue() + throw ( ::com::sun::star::uno::RuntimeException) +{ + if( m_pCertContext != NULL && m_pCertContext->pCertInfo != NULL ) + { + CRYPT_BIT_BLOB publicKey = m_pCertContext->pCertInfo->SubjectPublicKeyInfo.PublicKey; + + Sequence< sal_Int8 > key( publicKey.cbData ) ; + for( unsigned int i = 0 ; i < publicKey.cbData ; i++ ) + { + key[i] = *(publicKey.pbData + i) ; + } + + return key; + } + else + { + return NULL ; + } +} + +::rtl::OUString SAL_CALL X509Certificate_MSCryptImpl::getSignatureAlgorithm() + throw ( ::com::sun::star::uno::RuntimeException) +{ + if( m_pCertContext != NULL && m_pCertContext->pCertInfo != NULL ) + { + CRYPT_ALGORITHM_IDENTIFIER algorithm = m_pCertContext->pCertInfo->SignatureAlgorithm; + return findOIDDescription( algorithm.pszObjId ) ; + } + else + { + return OUString() ; + } +} + +::com::sun::star::uno::Sequence< sal_Int8 > SAL_CALL X509Certificate_MSCryptImpl::getSHA1Thumbprint() + throw ( ::com::sun::star::uno::RuntimeException) +{ + return getThumbprint(m_pCertContext, CERT_SHA1_HASH_PROP_ID); +} + +::com::sun::star::uno::Sequence< sal_Int8 > SAL_CALL X509Certificate_MSCryptImpl::getMD5Thumbprint() + throw ( ::com::sun::star::uno::RuntimeException) +{ + return getThumbprint(m_pCertContext, CERT_MD5_HASH_PROP_ID); +} + +sal_Int32 SAL_CALL X509Certificate_MSCryptImpl::getCertificateUsage( ) + throw ( ::com::sun::star::uno::RuntimeException) +{ + sal_Int32 usage = + CERT_DATA_ENCIPHERMENT_KEY_USAGE | + CERT_DIGITAL_SIGNATURE_KEY_USAGE | + CERT_KEY_AGREEMENT_KEY_USAGE | + CERT_KEY_CERT_SIGN_KEY_USAGE | + CERT_KEY_ENCIPHERMENT_KEY_USAGE | + CERT_NON_REPUDIATION_KEY_USAGE | + CERT_OFFLINE_CRL_SIGN_KEY_USAGE; + + if( m_pCertContext != NULL && m_pCertContext->pCertInfo != NULL && m_pCertContext->pCertInfo->cExtension != 0 ) + { + CERT_EXTENSION* pExtn = CertFindExtension( + szOID_KEY_USAGE, + m_pCertContext->pCertInfo->cExtension, + m_pCertContext->pCertInfo->rgExtension); + + if (pExtn != NULL) + { + CERT_KEY_USAGE_RESTRICTION_INFO keyUsage; + DWORD length = sizeof(CERT_KEY_USAGE_RESTRICTION_INFO); + + bool rc = CryptDecodeObject( + X509_ASN_ENCODING, + X509_KEY_USAGE, + pExtn->Value.pbData, + pExtn->Value.cbData, + CRYPT_DECODE_NOCOPY_FLAG, + (void *)&keyUsage, + &length); + + if (rc && keyUsage.RestrictedKeyUsage.cbData!=0) + { + usage = (sal_Int32)keyUsage.RestrictedKeyUsage.pbData; + } + } + } + + return usage; +} + +// MM : end + diff --git a/xmlsecurity/source/xmlsec/mscrypt/x509certificate_mscryptimpl.hxx b/xmlsecurity/source/xmlsec/mscrypt/x509certificate_mscryptimpl.hxx new file mode 100644 index 000000000000..d70a38a67fc8 --- /dev/null +++ b/xmlsecurity/source/xmlsec/mscrypt/x509certificate_mscryptimpl.hxx @@ -0,0 +1,117 @@ +/************************************************************************* + * + * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. + * + * Copyright 2008 by Sun Microsystems, Inc. + * + * OpenOffice.org - a multi-platform office productivity suite + * + * $RCSfile: x509certificate_mscryptimpl.hxx,v $ + * $Revision: 1.8 $ + * + * This file is part of OpenOffice.org. + * + * OpenOffice.org is free software: you can redistribute it and/or modify + * it under the terms of the GNU Lesser General Public License version 3 + * only, as published by the Free Software Foundation. + * + * OpenOffice.org is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU Lesser General Public License version 3 for more details + * (a copy is included in the LICENSE file that accompanied this code). + * + * You should have received a copy of the GNU Lesser General Public License + * version 3 along with OpenOffice.org. If not, see + * <http://www.openoffice.org/license.html> + * for a copy of the LGPLv3 License. + * + ************************************************************************/ + +#ifndef _X509CERTIFICATE_MSCRYPTIMPL_HXX_ +#define _X509CERTIFICATE_MSCRYPTIMPL_HXX_ + +#ifdef _MSC_VER +#pragma warning(push,1) +#endif +#include "Windows.h" +#include "WinCrypt.h" +#ifdef _MSC_VER +#pragma warning(pop) +#endif +#include <sal/config.h> +#include <rtl/ustring.hxx> +#include <cppuhelper/factory.hxx> +#include <cppuhelper/implbase2.hxx> +#include <com/sun/star/uno/Exception.hpp> +#include <com/sun/star/lang/XUnoTunnel.hpp> +#include <com/sun/star/uno/SecurityException.hpp> +#include <com/sun/star/security/XCertificate.hpp> + +class X509Certificate_MSCryptImpl : public ::cppu::WeakImplHelper2< + ::com::sun::star::security::XCertificate , + ::com::sun::star::lang::XUnoTunnel > +{ + private : + const CERT_CONTEXT* m_pCertContext ; + + public : + X509Certificate_MSCryptImpl() ; + virtual ~X509Certificate_MSCryptImpl() ; + + //Methods from XCertificate + virtual sal_Int16 SAL_CALL getVersion() throw ( ::com::sun::star::uno::RuntimeException) ; + + virtual ::com::sun::star::uno::Sequence< sal_Int8 > SAL_CALL getSerialNumber() throw ( ::com::sun::star::uno::RuntimeException) ; + + virtual ::rtl::OUString SAL_CALL getIssuerName() throw ( ::com::sun::star::uno::RuntimeException) ; + + virtual ::rtl::OUString SAL_CALL getSubjectName() throw ( ::com::sun::star::uno::RuntimeException) ; + + virtual ::com::sun::star::util::DateTime SAL_CALL getNotValidBefore() throw ( ::com::sun::star::uno::RuntimeException) ; + + virtual ::com::sun::star::util::DateTime SAL_CALL getNotValidAfter() throw ( ::com::sun::star::uno::RuntimeException) ; + + virtual ::com::sun::star::uno::Sequence< sal_Int8 > SAL_CALL getIssuerUniqueID() throw ( ::com::sun::star::uno::RuntimeException) ; + + virtual ::com::sun::star::uno::Sequence< sal_Int8 > SAL_CALL getSubjectUniqueID() throw ( ::com::sun::star::uno::RuntimeException) ; + + virtual ::com::sun::star::uno::Sequence< ::com::sun::star::uno::Reference< ::com::sun::star::security::XCertificateExtension > > SAL_CALL getExtensions() throw ( ::com::sun::star::uno::RuntimeException) ; + + virtual ::com::sun::star::uno::Reference< ::com::sun::star::security::XCertificateExtension > SAL_CALL findCertificateExtension( const ::com::sun::star::uno::Sequence< sal_Int8 >& oid ) throw (::com::sun::star::uno::RuntimeException) ; + + virtual ::com::sun::star::uno::Sequence< sal_Int8 > SAL_CALL getEncoded() throw ( ::com::sun::star::uno::RuntimeException) ; + + // MM : added by MM + virtual ::rtl::OUString SAL_CALL getSubjectPublicKeyAlgorithm() + throw ( ::com::sun::star::uno::RuntimeException) ; + + virtual ::com::sun::star::uno::Sequence< sal_Int8 > SAL_CALL getSubjectPublicKeyValue() + throw ( ::com::sun::star::uno::RuntimeException) ; + + virtual ::rtl::OUString SAL_CALL getSignatureAlgorithm() + throw ( ::com::sun::star::uno::RuntimeException) ; + + virtual ::com::sun::star::uno::Sequence< sal_Int8 > SAL_CALL getSHA1Thumbprint() + throw ( ::com::sun::star::uno::RuntimeException) ; + + virtual ::com::sun::star::uno::Sequence< sal_Int8 > SAL_CALL getMD5Thumbprint() + throw ( ::com::sun::star::uno::RuntimeException) ; + + virtual sal_Int32 SAL_CALL getCertificateUsage( ) throw ( ::com::sun::star::uno::RuntimeException) ; + // MM : end + + //Methods from XUnoTunnel + virtual sal_Int64 SAL_CALL getSomething( const ::com::sun::star::uno::Sequence< sal_Int8 >& aIdentifier ) throw (com::sun::star::uno::RuntimeException); + + static const ::com::sun::star::uno::Sequence< sal_Int8 >& getUnoTunnelId() ; + static X509Certificate_MSCryptImpl* getImplementation( const ::com::sun::star::uno::Reference< ::com::sun::star::uno::XInterface > xObj ) ; + + //Helper methods + void setMswcryCert( const CERT_CONTEXT* cert ) ; + const CERT_CONTEXT* getMswcryCert() const ; + void setRawCert( ::com::sun::star::uno::Sequence< sal_Int8 > rawCert ) throw ( ::com::sun::star::uno::RuntimeException) ; +} ; + +#endif // _X509CERTIFICATE_MSCRYPTIMPL_HXX_ + diff --git a/xmlsecurity/source/xmlsec/mscrypt/xmlencryption_mscryptimpl.cxx b/xmlsecurity/source/xmlsec/mscrypt/xmlencryption_mscryptimpl.cxx new file mode 100644 index 000000000000..dd54cbaf0f80 --- /dev/null +++ b/xmlsecurity/source/xmlsec/mscrypt/xmlencryption_mscryptimpl.cxx @@ -0,0 +1,393 @@ +/************************************************************************* + * + * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. + * + * Copyright 2008 by Sun Microsystems, Inc. + * + * OpenOffice.org - a multi-platform office productivity suite + * + * $RCSfile: xmlencryption_mscryptimpl.cxx,v $ + * $Revision: 1.9 $ + * + * This file is part of OpenOffice.org. + * + * OpenOffice.org is free software: you can redistribute it and/or modify + * it under the terms of the GNU Lesser General Public License version 3 + * only, as published by the Free Software Foundation. + * + * OpenOffice.org is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU Lesser General Public License version 3 for more details + * (a copy is included in the LICENSE file that accompanied this code). + * + * You should have received a copy of the GNU Lesser General Public License + * version 3 along with OpenOffice.org. If not, see + * <http://www.openoffice.org/license.html> + * for a copy of the LGPLv3 License. + * + ************************************************************************/ + +// MARKER(update_precomp.py): autogen include statement, do not remove +#include "precompiled_xmlsecurity.hxx" + +#include <sal/config.h> +#include <rtl/uuid.h> +#include "xmlencryption_mscryptimpl.hxx" + +#ifndef _XMLDOCUMENTWRAPPER_XMLSECIMPL_HXX_ +#include "xmldocumentwrapper_xmlsecimpl.hxx" +#endif + +#ifndef _XMLELEMENTWRAPPER_XMLSECIMPL_HXX_ +#include "xmlelementwrapper_xmlsecimpl.hxx" +#endif + +#ifndef _SECURITYENVIRONMENT_MSCRYPTIMPL_HXX_ +#include "securityenvironment_mscryptimpl.hxx" +#endif +#include "errorcallback.hxx" + +#include "xmlsec/xmlsec.h" +#include "xmlsec/xmltree.h" +#include "xmlsec/xmlenc.h" +#include "xmlsec/crypto.h" + +#ifdef UNX +#define stricmp strcasecmp +#endif + +using namespace ::com::sun::star::uno ; +using namespace ::com::sun::star::lang ; +using ::com::sun::star::lang::XMultiServiceFactory ; +using ::com::sun::star::lang::XSingleServiceFactory ; +using ::rtl::OUString ; + +using ::com::sun::star::xml::wrapper::XXMLElementWrapper ; +using ::com::sun::star::xml::wrapper::XXMLDocumentWrapper ; +using ::com::sun::star::xml::crypto::XSecurityEnvironment ; +using ::com::sun::star::xml::crypto::XXMLEncryption ; +using ::com::sun::star::xml::crypto::XXMLEncryptionTemplate ; +using ::com::sun::star::xml::crypto::XXMLSecurityContext ; +using ::com::sun::star::xml::crypto::XMLEncryptionException ; + +XMLEncryption_MSCryptImpl :: XMLEncryption_MSCryptImpl( const Reference< XMultiServiceFactory >& aFactory ) : m_xServiceManager( aFactory ) { +} + +XMLEncryption_MSCryptImpl :: ~XMLEncryption_MSCryptImpl() { +} + +/* XXMLEncryption */ +Reference< XXMLEncryptionTemplate > +SAL_CALL XMLEncryption_MSCryptImpl :: encrypt( + const Reference< XXMLEncryptionTemplate >& aTemplate , + const Reference< XSecurityEnvironment >& aEnvironment +) throw( com::sun::star::xml::crypto::XMLEncryptionException, + com::sun::star::uno::SecurityException ) +{ + xmlSecKeysMngrPtr pMngr = NULL ; + xmlSecEncCtxPtr pEncCtx = NULL ; + xmlNodePtr pEncryptedData = NULL ; + xmlNodePtr pContent = NULL ; + + if( !aTemplate.is() ) + throw RuntimeException() ; + + if( !aEnvironment.is() ) + throw RuntimeException() ; + + //Get Keys Manager + Reference< XUnoTunnel > xSecTunnel( aEnvironment , UNO_QUERY ) ; + if( !xSecTunnel.is() ) { + throw RuntimeException() ; + } + + SecurityEnvironment_MSCryptImpl* pSecEnv = ( SecurityEnvironment_MSCryptImpl* )xSecTunnel->getSomething( SecurityEnvironment_MSCryptImpl::getUnoTunnelId() ) ; + if( pSecEnv == NULL ) + throw RuntimeException() ; + + //Get the encryption template + Reference< XXMLElementWrapper > xTemplate = aTemplate->getTemplate() ; + if( !xTemplate.is() ) { + throw RuntimeException() ; + } + + Reference< XUnoTunnel > xTplTunnel( xTemplate , UNO_QUERY ) ; + if( !xTplTunnel.is() ) { + throw RuntimeException() ; + } + + XMLElementWrapper_XmlSecImpl* pTemplate = ( XMLElementWrapper_XmlSecImpl* )xTplTunnel->getSomething( XMLElementWrapper_XmlSecImpl::getUnoTunnelImplementationId() ) ; + if( pTemplate == NULL ) { + throw RuntimeException() ; + } + + pEncryptedData = pTemplate->getNativeElement() ; + + //Find the element to be encrypted. + //This element is wrapped in the CipherValue sub-element. + xmlNodePtr pCipherData = pEncryptedData->children; + while (pCipherData != NULL && stricmp((const char *)(pCipherData->name), "CipherData")) + { + pCipherData = pCipherData->next; + } + + if( pCipherData == NULL ) { + throw XMLEncryptionException() ; + } + + xmlNodePtr pCipherValue = pCipherData->children; + while (pCipherValue != NULL && stricmp((const char *)(pCipherValue->name), "CipherValue")) + { + pCipherValue = pCipherValue->next; + } + + if( pCipherValue == NULL ) { + throw XMLEncryptionException() ; + } + + pContent = pCipherValue->children; + + if( pContent == NULL ) { + throw XMLEncryptionException() ; + } + + xmlUnlinkNode(pContent); + xmlAddNextSibling(pEncryptedData, pContent); + + //remember the position of the element to be signed + sal_Bool isParentRef = sal_True; + xmlNodePtr pParent = pEncryptedData->parent; + xmlNodePtr referenceNode; + + if (pEncryptedData == pParent->children) + { + referenceNode = pParent; + } + else + { + referenceNode = pEncryptedData->prev; + isParentRef = sal_False; + } + + setErrorRecorder( ); + + pMngr = pSecEnv->createKeysManager() ; //i39448 + if( !pMngr ) { + throw RuntimeException() ; + } + + //Create Encryption context + pEncCtx = xmlSecEncCtxCreate( pMngr ) ; + if( pEncCtx == NULL ) + { + pSecEnv->destroyKeysManager( pMngr ) ; //i39448 + //throw XMLEncryptionException() ; + clearErrorRecorder(); + return aTemplate; + } + + //Encrypt the template + if( xmlSecEncCtxXmlEncrypt( pEncCtx , pEncryptedData , pContent ) < 0 ) { + aTemplate->setStatus(::com::sun::star::xml::crypto::SecurityOperationStatus_UNKNOWN); + xmlSecEncCtxDestroy( pEncCtx ) ; + pSecEnv->destroyKeysManager( pMngr ) ; //i39448 + clearErrorRecorder(); + return aTemplate; + } + aTemplate->setStatus(::com::sun::star::xml::crypto::SecurityOperationStatus_OPERATION_SUCCEEDED); + xmlSecEncCtxDestroy( pEncCtx ) ; + pSecEnv->destroyKeysManager( pMngr ) ; //i39448 + + //get the new EncryptedData element + if (isParentRef) + { + pTemplate->setNativeElement(referenceNode->children) ; + } + else + { + pTemplate->setNativeElement(referenceNode->next); + } + + clearErrorRecorder(); + return aTemplate ; +} + +/* XXMLEncryption */ +Reference< XXMLEncryptionTemplate > SAL_CALL +XMLEncryption_MSCryptImpl :: decrypt( + const Reference< XXMLEncryptionTemplate >& aTemplate , + const Reference< XXMLSecurityContext >& aSecurityCtx +) throw( com::sun::star::xml::crypto::XMLEncryptionException , + com::sun::star::uno::SecurityException) { + xmlSecKeysMngrPtr pMngr = NULL ; + xmlSecEncCtxPtr pEncCtx = NULL ; + xmlNodePtr pEncryptedData = NULL ; + + if( !aTemplate.is() ) + throw RuntimeException() ; + + if( !aSecurityCtx.is() ) + throw RuntimeException() ; + + //Get Keys Manager + Reference< XSecurityEnvironment > xSecEnv + = aSecurityCtx->getSecurityEnvironmentByIndex( + aSecurityCtx->getDefaultSecurityEnvironmentIndex()); + Reference< XUnoTunnel > xSecTunnel( xSecEnv , UNO_QUERY ) ; + if( !xSecTunnel.is() ) { + throw RuntimeException() ; + } + + SecurityEnvironment_MSCryptImpl* pSecEnv = ( SecurityEnvironment_MSCryptImpl* )xSecTunnel->getSomething( SecurityEnvironment_MSCryptImpl::getUnoTunnelId() ) ; + if( pSecEnv == NULL ) + throw RuntimeException() ; + + //Get the encryption template + Reference< XXMLElementWrapper > xTemplate = aTemplate->getTemplate() ; + if( !xTemplate.is() ) { + throw RuntimeException() ; + } + + Reference< XUnoTunnel > xTplTunnel( xTemplate , UNO_QUERY ) ; + if( !xTplTunnel.is() ) { + throw RuntimeException() ; + } + + XMLElementWrapper_XmlSecImpl* pTemplate = ( XMLElementWrapper_XmlSecImpl* )xTplTunnel->getSomething( XMLElementWrapper_XmlSecImpl::getUnoTunnelImplementationId() ) ; + if( pTemplate == NULL ) { + throw RuntimeException() ; + } + + pEncryptedData = pTemplate->getNativeElement() ; + + //remember the position of the element to be signed + sal_Bool isParentRef = sal_True; + xmlNodePtr pParent = pEncryptedData->parent; + xmlNodePtr referenceNode; + + if (pEncryptedData == pParent->children) + { + referenceNode = pParent; + } + else + { + referenceNode = pEncryptedData->prev; + isParentRef = sal_False; + } + + setErrorRecorder( ); + + pMngr = pSecEnv->createKeysManager() ; //i39448 + if( !pMngr ) { + throw RuntimeException() ; + } + + //Create Encryption context + pEncCtx = xmlSecEncCtxCreate( pMngr ) ; + if( pEncCtx == NULL ) + { + pSecEnv->destroyKeysManager( pMngr ) ; //i39448 + //throw XMLEncryptionException() ; + clearErrorRecorder(); + return aTemplate; + } + + //Decrypt the template + if( xmlSecEncCtxDecrypt( pEncCtx , pEncryptedData ) < 0 || pEncCtx->result == NULL ) { + aTemplate->setStatus(::com::sun::star::xml::crypto::SecurityOperationStatus_UNKNOWN); + xmlSecEncCtxDestroy( pEncCtx ) ; + pSecEnv->destroyKeysManager( pMngr ) ; //i39448 + + //throw XMLEncryptionException() ; + clearErrorRecorder(); + return aTemplate; + } + aTemplate->setStatus(::com::sun::star::xml::crypto::SecurityOperationStatus_OPERATION_SUCCEEDED); + /*---------------------------------------- + if( pEncCtx->resultReplaced != 0 ) { + pContent = pEncryptedData ; + + Reference< XUnoTunnel > xTunnel( ret , UNO_QUERY ) ; + if( !xTunnel.is() ) { + xmlSecEncCtxDestroy( pEncCtx ) ; + throw RuntimeException() ; + } + XMLElementWrapper_XmlSecImpl* pNode = ( XMLElementWrapper_XmlSecImpl* )xTunnel->getSomething( XMLElementWrapper_XmlSecImpl::getUnoTunnelImplementationId() ) ; + if( pNode == NULL ) { + xmlSecEncCtxDestroy( pEncCtx ) ; + throw RuntimeException() ; + } + + pNode->setNativeElement( pContent ) ; + } else { + xmlSecEncCtxDestroy( pEncCtx ) ; + throw RuntimeException() ; + } + ----------------------------------------*/ + + //Destroy the encryption context + xmlSecEncCtxDestroy( pEncCtx ) ; + pSecEnv->destroyKeysManager( pMngr ) ; //i39448 + + //get the decrypted element + XMLElementWrapper_XmlSecImpl * ret = new XMLElementWrapper_XmlSecImpl(isParentRef? + (referenceNode->children):(referenceNode->next)); + + //return ret; + aTemplate->setTemplate(ret); + + clearErrorRecorder(); + return aTemplate; +} + +/* XInitialization */ +void SAL_CALL XMLEncryption_MSCryptImpl :: initialize( const Sequence< Any >& /*aArguments*/ ) throw( Exception, RuntimeException ) { + // TBD +} ; + +/* XServiceInfo */ +OUString SAL_CALL XMLEncryption_MSCryptImpl :: getImplementationName() throw( RuntimeException ) { + return impl_getImplementationName() ; +} + +/* XServiceInfo */ +sal_Bool SAL_CALL XMLEncryption_MSCryptImpl :: supportsService( const OUString& serviceName) throw( RuntimeException ) { + Sequence< OUString > seqServiceNames = getSupportedServiceNames() ; + const OUString* pArray = seqServiceNames.getConstArray() ; + for( sal_Int32 i = 0 ; i < seqServiceNames.getLength() ; i ++ ) { + if( *( pArray + i ) == serviceName ) + return sal_True ; + } + return sal_False ; +} + +/* XServiceInfo */ +Sequence< OUString > SAL_CALL XMLEncryption_MSCryptImpl :: getSupportedServiceNames() throw( RuntimeException ) { + return impl_getSupportedServiceNames() ; +} + +//Helper for XServiceInfo +Sequence< OUString > XMLEncryption_MSCryptImpl :: impl_getSupportedServiceNames() { + ::osl::Guard< ::osl::Mutex > aGuard( ::osl::Mutex::getGlobalMutex() ) ; + Sequence< OUString > seqServiceNames( 1 ) ; + seqServiceNames.getArray()[0] = OUString::createFromAscii( "com.sun.star.xml.crypto.XMLEncryption" ) ; + return seqServiceNames ; +} + +OUString XMLEncryption_MSCryptImpl :: impl_getImplementationName() throw( RuntimeException ) { + return OUString::createFromAscii( "com.sun.star.xml.security.bridge.xmlsec.XMLEncryption_MSCryptImpl" ) ; +} + +//Helper for registry +Reference< XInterface > SAL_CALL XMLEncryption_MSCryptImpl :: impl_createInstance( const Reference< XMultiServiceFactory >& aServiceManager ) throw( RuntimeException ) { + return Reference< XInterface >( *new XMLEncryption_MSCryptImpl( aServiceManager ) ) ; +} + +Reference< XSingleServiceFactory > XMLEncryption_MSCryptImpl :: impl_createFactory( const Reference< XMultiServiceFactory >& aServiceManager ) { + //Reference< XSingleServiceFactory > xFactory ; + //xFactory = ::cppu::createSingleFactory( aServiceManager , impl_getImplementationName , impl_createInstance , impl_getSupportedServiceNames ) ; + //return xFactory ; + return ::cppu::createSingleFactory( aServiceManager , impl_getImplementationName() , impl_createInstance , impl_getSupportedServiceNames() ) ; +} + diff --git a/xmlsecurity/source/xmlsec/mscrypt/xmlencryption_mscryptimpl.hxx b/xmlsecurity/source/xmlsec/mscrypt/xmlencryption_mscryptimpl.hxx new file mode 100644 index 000000000000..1f8cfebcc35b --- /dev/null +++ b/xmlsecurity/source/xmlsec/mscrypt/xmlencryption_mscryptimpl.hxx @@ -0,0 +1,105 @@ +/************************************************************************* + * + * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. + * + * Copyright 2008 by Sun Microsystems, Inc. + * + * OpenOffice.org - a multi-platform office productivity suite + * + * $RCSfile: xmlencryption_mscryptimpl.hxx,v $ + * $Revision: 1.5 $ + * + * This file is part of OpenOffice.org. + * + * OpenOffice.org is free software: you can redistribute it and/or modify + * it under the terms of the GNU Lesser General Public License version 3 + * only, as published by the Free Software Foundation. + * + * OpenOffice.org is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU Lesser General Public License version 3 for more details + * (a copy is included in the LICENSE file that accompanied this code). + * + * You should have received a copy of the GNU Lesser General Public License + * version 3 along with OpenOffice.org. If not, see + * <http://www.openoffice.org/license.html> + * for a copy of the LGPLv3 License. + * + ************************************************************************/ + +#ifndef _XMLENCRYPTION_MSCRYPTIMPL_HXX_ +#define _XMLENCRYPTION_MSCRYPTIMPL_HXX_ + +#include <sal/config.h> +#include <rtl/ustring.hxx> +#include <cppuhelper/factory.hxx> +#include <cppuhelper/implbase3.hxx> +#include <com/sun/star/uno/Exception.hpp> + +#ifndef _COM_SUN_STAR_UNO_REFERENCE_HPP_ +#include <com/sun/star/uno/Reference.hxx> +#endif +#include <com/sun/star/lang/XSingleServiceFactory.hpp> + +#ifndef _COM_SUN_STAR_LANG_XSECVICEINFO_HPP_ +#include <com/sun/star/lang/XServiceInfo.hpp> +#endif +#include <com/sun/star/lang/XInitialization.hpp> +#include <com/sun/star/xml/crypto/XXMLEncryption.hpp> +#include <com/sun/star/xml/crypto/XXMLEncryptionTemplate.hpp> +#include <com/sun/star/xml/crypto/XXMLSecurityContext.hpp> + +class XMLEncryption_MSCryptImpl : public ::cppu::WeakImplHelper3< + ::com::sun::star::xml::crypto::XXMLEncryption , + ::com::sun::star::lang::XInitialization , + ::com::sun::star::lang::XServiceInfo > +{ + private : + ::com::sun::star::uno::Reference< ::com::sun::star::lang::XMultiServiceFactory > m_xServiceManager ; + + public : + XMLEncryption_MSCryptImpl( const ::com::sun::star::uno::Reference< ::com::sun::star::lang::XMultiServiceFactory >& aFactory ) ; + virtual ~XMLEncryption_MSCryptImpl() ; + + //Methods from XXMLEncryption + virtual ::com::sun::star::uno::Reference< ::com::sun::star::xml::crypto::XXMLEncryptionTemplate > SAL_CALL encrypt( + const ::com::sun::star::uno::Reference< ::com::sun::star::xml::crypto::XXMLEncryptionTemplate >& aTemplate , + const ::com::sun::star::uno::Reference< ::com::sun::star::xml::crypto::XSecurityEnvironment >& aEnvironment) + // ) throw( ::com::sun::star::uno::Exception , ::com::sun::star::uno::RuntimeException ) ; + throw ( com::sun::star::xml::crypto::XMLEncryptionException , + com::sun::star::uno::SecurityException); + + virtual ::com::sun::star::uno::Reference< ::com::sun::star::xml::crypto::XXMLEncryptionTemplate > SAL_CALL decrypt( + const ::com::sun::star::uno::Reference< ::com::sun::star::xml::crypto::XXMLEncryptionTemplate >& aTemplate , + const ::com::sun::star::uno::Reference< ::com::sun::star::xml::crypto::XXMLSecurityContext >& aContext + ) throw( com::sun::star::xml::crypto::XMLEncryptionException , + com::sun::star::uno::SecurityException) ; + + //Methods from XInitialization + virtual void SAL_CALL initialize( + const ::com::sun::star::uno::Sequence< ::com::sun::star::uno::Any >& aArguments + ) throw( ::com::sun::star::uno::Exception , ::com::sun::star::uno::RuntimeException ) ; + + //Methods from XServiceInfo + virtual ::rtl::OUString SAL_CALL getImplementationName() throw( ::com::sun::star::uno::RuntimeException ) ; + + virtual sal_Bool SAL_CALL supportsService( + const ::rtl::OUString& ServiceName + ) throw( ::com::sun::star::uno::RuntimeException ) ; + + virtual ::com::sun::star::uno::Sequence< ::rtl::OUString > SAL_CALL getSupportedServiceNames() throw( ::com::sun::star::uno::RuntimeException ) ; + + //Helper for XServiceInfo + static ::com::sun::star::uno::Sequence< ::rtl::OUString > impl_getSupportedServiceNames() ; + + static ::rtl::OUString impl_getImplementationName() throw( ::com::sun::star::uno::RuntimeException ) ; + + //Helper for registry + static ::com::sun::star::uno::Reference< ::com::sun::star::uno::XInterface > SAL_CALL impl_createInstance( const ::com::sun::star::uno::Reference< ::com::sun::star::lang::XMultiServiceFactory >& aServiceManager ) throw( ::com::sun::star::uno::RuntimeException ) ; + + static ::com::sun::star::uno::Reference< ::com::sun::star::lang::XSingleServiceFactory > impl_createFactory( const ::com::sun::star::uno::Reference< ::com::sun::star::lang::XMultiServiceFactory >& aServiceManager ) ; +} ; + +#endif // _XMLENCRYPTION_MSCRYPTIMPL_HXX_ + diff --git a/xmlsecurity/source/xmlsec/mscrypt/xmlsecuritycontext_mscryptimpl.cxx b/xmlsecurity/source/xmlsec/mscrypt/xmlsecuritycontext_mscryptimpl.cxx new file mode 100644 index 000000000000..49ebb03f154e --- /dev/null +++ b/xmlsecurity/source/xmlsec/mscrypt/xmlsecuritycontext_mscryptimpl.cxx @@ -0,0 +1,348 @@ +/************************************************************************* + * + * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. + * + * Copyright 2008 by Sun Microsystems, Inc. + * + * OpenOffice.org - a multi-platform office productivity suite + * + * $RCSfile: xmlsecuritycontext_mscryptimpl.cxx,v $ + * $Revision: 1.6 $ + * + * This file is part of OpenOffice.org. + * + * OpenOffice.org is free software: you can redistribute it and/or modify + * it under the terms of the GNU Lesser General Public License version 3 + * only, as published by the Free Software Foundation. + * + * OpenOffice.org is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU Lesser General Public License version 3 for more details + * (a copy is included in the LICENSE file that accompanied this code). + * + * You should have received a copy of the GNU Lesser General Public License + * version 3 along with OpenOffice.org. If not, see + * <http://www.openoffice.org/license.html> + * for a copy of the LGPLv3 License. + * + ************************************************************************/ + +// MARKER(update_precomp.py): autogen include statement, do not remove +#include "precompiled_xmlsecurity.hxx" +#include <sal/config.h> +#include <rtl/uuid.h> +#include "securityenvironment_mscryptimpl.hxx" + +#ifndef _XMLSECURITYCONTEXT_MSCRYPTIMPL_HXX_ +#include "xmlsecuritycontext_mscryptimpl.hxx" +#endif +#include "xmlstreamio.hxx" + +#include "xmlsec/xmlsec.h" +#include "xmlsec/keysmngr.h" +#include "xmlsec/crypto.h" +#include "xmlsec/mscrypto/akmngr.h" + +using namespace ::com::sun::star::uno ; +using namespace ::com::sun::star::lang ; +using ::com::sun::star::lang::XMultiServiceFactory ; +using ::com::sun::star::lang::XSingleServiceFactory ; +using ::rtl::OUString ; + +using ::com::sun::star::xml::crypto::XSecurityEnvironment ; +using ::com::sun::star::xml::crypto::XXMLSecurityContext ; + +XMLSecurityContext_MSCryptImpl :: XMLSecurityContext_MSCryptImpl( const Reference< XMultiServiceFactory >& aFactory ) + ://m_pKeysMngr( NULL ) , + m_xServiceManager( aFactory ), + m_xSecurityEnvironment( NULL ) +{ + //Init xmlsec library + if( xmlSecInit() < 0 ) { + throw RuntimeException() ; + } + + //Init xmlsec crypto engine library + if( xmlSecCryptoInit() < 0 ) { + xmlSecShutdown() ; + throw RuntimeException() ; + } + + //Enable external stream handlers + if( xmlEnableStreamInputCallbacks() < 0 ) { + xmlSecCryptoShutdown() ; + xmlSecShutdown() ; + throw RuntimeException() ; + } +} + +XMLSecurityContext_MSCryptImpl :: ~XMLSecurityContext_MSCryptImpl() { + xmlDisableStreamInputCallbacks() ; + xmlSecCryptoShutdown() ; + xmlSecShutdown() ; +} + +//i39448 : new methods +sal_Int32 SAL_CALL XMLSecurityContext_MSCryptImpl::addSecurityEnvironment( + const ::com::sun::star::uno::Reference< ::com::sun::star::xml::crypto::XSecurityEnvironment >& aSecurityEnvironment) + throw (::com::sun::star::security::SecurityInfrastructureException, ::com::sun::star::uno::RuntimeException) +{ + if( !aSecurityEnvironment.is() ) + { + throw RuntimeException() ; + } + + m_xSecurityEnvironment = aSecurityEnvironment; + + return 0; +} + + +sal_Int32 SAL_CALL XMLSecurityContext_MSCryptImpl::getSecurityEnvironmentNumber( ) + throw (::com::sun::star::uno::RuntimeException) +{ + return 1; +} + +::com::sun::star::uno::Reference< ::com::sun::star::xml::crypto::XSecurityEnvironment > SAL_CALL + XMLSecurityContext_MSCryptImpl::getSecurityEnvironmentByIndex( sal_Int32 index ) + throw (::com::sun::star::uno::RuntimeException) +{ + if (index == 0) + { + return m_xSecurityEnvironment; + } + else + throw RuntimeException() ; +} + +::com::sun::star::uno::Reference< ::com::sun::star::xml::crypto::XSecurityEnvironment > SAL_CALL + XMLSecurityContext_MSCryptImpl::getSecurityEnvironment( ) + throw (::com::sun::star::uno::RuntimeException) +{ + return m_xSecurityEnvironment; +} + +sal_Int32 SAL_CALL XMLSecurityContext_MSCryptImpl::getDefaultSecurityEnvironmentIndex( ) + throw (::com::sun::star::uno::RuntimeException) +{ + return 0; +} + +void SAL_CALL XMLSecurityContext_MSCryptImpl::setDefaultSecurityEnvironmentIndex( sal_Int32 /*nDefaultEnvIndex*/ ) + throw (::com::sun::star::uno::RuntimeException) +{ + //dummy +} + +#if 0 +/* XXMLSecurityContext */ +void SAL_CALL XMLSecurityContext_MSCryptImpl :: setSecurityEnvironment( const Reference< XSecurityEnvironment >& aSecurityEnvironment ) throw( com::sun::star::security::SecurityInfrastructureException ) { + HCERTSTORE hkeyStore ; + HCERTSTORE hCertStore ; + HCRYPTKEY symKey ; + HCRYPTKEY pubKey ; + HCRYPTKEY priKey ; + unsigned int i ; + + if( !aSecurityEnvironment.is() ) + throw RuntimeException() ; + + m_xSecurityEnvironment = aSecurityEnvironment ; + + //Clear key manager + if( m_pKeysMngr != NULL ) { + xmlSecKeysMngrDestroy( m_pKeysMngr ) ; + m_pKeysMngr = NULL ; + } + + //Create key manager + Reference< XUnoTunnel > xEnvTunnel( m_xSecurityEnvironment , UNO_QUERY ) ; + if( !xEnvTunnel.is() ) { + throw RuntimeException() ; + } + + SecurityEnvironment_MSCryptImpl* pSecEnv = ( SecurityEnvironment_MSCryptImpl* )xEnvTunnel->getSomething( SecurityEnvironment_MSCryptImpl::getUnoTunnelId() ) ; + if( pSecEnv == NULL ) + throw RuntimeException() ; + + hkeyStore = pSecEnv->getCryptoSlot() ; + hCertStore = pSecEnv->getCertDb() ; + + /*- + * The following lines is based on the of xmlsec-mscrypto crypto engine + */ + m_pKeysMngr = xmlSecMSCryptoAppliedKeysMngrCreate( hkeyStore , hCertStore ) ; + if( m_pKeysMngr == NULL ) + throw RuntimeException() ; + + /*- + * Adopt symmetric key into keys manager + */ + for( i = 0 ; ( symKey = pSecEnv->getSymKey( i ) ) != NULL ; i ++ ) { + if( xmlSecMSCryptoAppliedKeysMngrSymKeyLoad( m_pKeysMngr, symKey ) < 0 ) { + throw RuntimeException() ; + } + } + + /*- + * Adopt asymmetric public key into keys manager + */ + for( i = 0 ; ( pubKey = pSecEnv->getPubKey( i ) ) != NULL ; i ++ ) { + if( xmlSecMSCryptoAppliedKeysMngrPubKeyLoad( m_pKeysMngr, pubKey ) < 0 ) { + throw RuntimeException() ; + } + } + + /*- + * Adopt asymmetric private key into keys manager + */ + for( i = 0 ; ( priKey = pSecEnv->getPriKey( i ) ) != NULL ; i ++ ) { + if( xmlSecMSCryptoAppliedKeysMngrPriKeyLoad( m_pKeysMngr, priKey ) < 0 ) { + throw RuntimeException() ; + } + } + + /*- + * Adopt system default certificate store. + */ + if( pSecEnv->defaultEnabled() ) { + HCERTSTORE hSystemStore ; + + //Add system key store into the keys manager. + hSystemStore = CertOpenSystemStore( 0, "MY" ) ; + if( hSystemStore != NULL ) { + if( xmlSecMSCryptoAppliedKeysMngrAdoptKeyStore( m_pKeysMngr, hSystemStore ) < 0 ) { + CertCloseStore( hSystemStore, CERT_CLOSE_STORE_CHECK_FLAG ) ; + throw RuntimeException() ; + } + } + + //Add system root store into the keys manager. + hSystemStore = CertOpenSystemStore( 0, "Root" ) ; + if( hSystemStore != NULL ) { + if( xmlSecMSCryptoAppliedKeysMngrAdoptTrustedStore( m_pKeysMngr, hSystemStore ) < 0 ) { + CertCloseStore( hSystemStore, CERT_CLOSE_STORE_CHECK_FLAG ) ; + throw RuntimeException() ; + } + } + + //Add system trusted store into the keys manager. + hSystemStore = CertOpenSystemStore( 0, "Trust" ) ; + if( hSystemStore != NULL ) { + if( xmlSecMSCryptoAppliedKeysMngrAdoptUntrustedStore( m_pKeysMngr, hSystemStore ) < 0 ) { + CertCloseStore( hSystemStore, CERT_CLOSE_STORE_CHECK_FLAG ) ; + throw RuntimeException() ; + } + } + + //Add system CA store into the keys manager. + hSystemStore = CertOpenSystemStore( 0, "CA" ) ; + if( hSystemStore != NULL ) { + if( xmlSecMSCryptoAppliedKeysMngrAdoptUntrustedStore( m_pKeysMngr, hSystemStore ) < 0 ) { + CertCloseStore( hSystemStore, CERT_CLOSE_STORE_CHECK_FLAG ) ; + throw RuntimeException() ; + } + } + } +} + +/* XXMLSecurityContext */ +Reference< XSecurityEnvironment > SAL_CALL XMLSecurityContext_MSCryptImpl :: getSecurityEnvironment() + throw (RuntimeException) +{ + return m_xSecurityEnvironment ; +} +#endif + +/* XInitialization */ +void SAL_CALL XMLSecurityContext_MSCryptImpl :: initialize( const Sequence< Any >& /*aArguments*/ ) throw( Exception, RuntimeException ) { + // TBD +} ; + +/* XServiceInfo */ +OUString SAL_CALL XMLSecurityContext_MSCryptImpl :: getImplementationName() throw( RuntimeException ) { + return impl_getImplementationName() ; +} + +/* XServiceInfo */ +sal_Bool SAL_CALL XMLSecurityContext_MSCryptImpl :: supportsService( const OUString& serviceName) throw( RuntimeException ) { + Sequence< OUString > seqServiceNames = getSupportedServiceNames() ; + const OUString* pArray = seqServiceNames.getConstArray() ; + for( sal_Int32 i = 0 ; i < seqServiceNames.getLength() ; i ++ ) { + if( *( pArray + i ) == serviceName ) + return sal_True ; + } + return sal_False ; +} + +/* XServiceInfo */ +Sequence< OUString > SAL_CALL XMLSecurityContext_MSCryptImpl :: getSupportedServiceNames() throw( RuntimeException ) { + return impl_getSupportedServiceNames() ; +} + +//Helper for XServiceInfo +Sequence< OUString > XMLSecurityContext_MSCryptImpl :: impl_getSupportedServiceNames() { + ::osl::Guard< ::osl::Mutex > aGuard( ::osl::Mutex::getGlobalMutex() ) ; + Sequence< OUString > seqServiceNames( 1 ) ; + seqServiceNames.getArray()[0] = OUString::createFromAscii( "com.sun.star.xml.crypto.XMLSecurityContext" ) ; + return seqServiceNames ; +} + +OUString XMLSecurityContext_MSCryptImpl :: impl_getImplementationName() throw( RuntimeException ) { + return OUString::createFromAscii( "com.sun.star.xml.security.bridge.xmlsec.XMLSecurityContext_MSCryptImpl" ) ; +} + +//Helper for registry +Reference< XInterface > SAL_CALL XMLSecurityContext_MSCryptImpl :: impl_createInstance( const Reference< XMultiServiceFactory >& aServiceManager ) throw( RuntimeException ) { + return Reference< XInterface >( *new XMLSecurityContext_MSCryptImpl( aServiceManager ) ) ; +} + +Reference< XSingleServiceFactory > XMLSecurityContext_MSCryptImpl :: impl_createFactory( const Reference< XMultiServiceFactory >& aServiceManager ) { + //Reference< XSingleServiceFactory > xFactory ; + //xFactory = ::cppu::createSingleFactory( aServiceManager , impl_getImplementationName , impl_createInstance , impl_getSupportedServiceNames ) ; + //return xFactory ; + return ::cppu::createSingleFactory( aServiceManager , impl_getImplementationName() , impl_createInstance , impl_getSupportedServiceNames() ) ; +} + +#if 0 +/* XUnoTunnel */ +sal_Int64 SAL_CALL XMLSecurityContext_MSCryptImpl :: getSomething( const Sequence< sal_Int8 >& aIdentifier ) +throw (RuntimeException) +{ + if( aIdentifier.getLength() == 16 && 0 == rtl_compareMemory( getUnoTunnelId().getConstArray(), aIdentifier.getConstArray(), 16 ) ) { + return ( sal_Int64 )this ; + } + return 0 ; +} + +/* XUnoTunnel extension */ +const Sequence< sal_Int8>& XMLSecurityContext_MSCryptImpl :: getUnoTunnelId() { + static Sequence< sal_Int8 >* pSeq = 0 ; + if( !pSeq ) { + ::osl::Guard< ::osl::Mutex > aGuard( ::osl::Mutex::getGlobalMutex() ) ; + if( !pSeq ) { + static Sequence< sal_Int8> aSeq( 16 ) ; + rtl_createUuid( ( sal_uInt8* )aSeq.getArray() , 0 , sal_True ) ; + pSeq = &aSeq ; + } + } + return *pSeq ; +} + +/* XUnoTunnel extension */ +XMLSecurityContext_MSCryptImpl* XMLSecurityContext_MSCryptImpl :: getImplementation( const Reference< XInterface > xObj ) { + Reference< XUnoTunnel > xUT( xObj , UNO_QUERY ) ; + if( xUT.is() ) { + return ( XMLSecurityContext_MSCryptImpl* )xUT->getSomething( getUnoTunnelId() ) ; + } else + return NULL ; +} + +/* Native methods */ +xmlSecKeysMngrPtr XMLSecurityContext_MSCryptImpl :: keysManager() throw( Exception, RuntimeException ) { + return m_pKeysMngr ; +} +#endif + diff --git a/xmlsecurity/source/xmlsec/mscrypt/xmlsecuritycontext_mscryptimpl.hxx b/xmlsecurity/source/xmlsec/mscrypt/xmlsecuritycontext_mscryptimpl.hxx new file mode 100644 index 000000000000..efcfd1333fc9 --- /dev/null +++ b/xmlsecurity/source/xmlsec/mscrypt/xmlsecuritycontext_mscryptimpl.hxx @@ -0,0 +1,140 @@ +/************************************************************************* + * + * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. + * + * Copyright 2008 by Sun Microsystems, Inc. + * + * OpenOffice.org - a multi-platform office productivity suite + * + * $RCSfile: xmlsecuritycontext_mscryptimpl.hxx,v $ + * $Revision: 1.4 $ + * + * This file is part of OpenOffice.org. + * + * OpenOffice.org is free software: you can redistribute it and/or modify + * it under the terms of the GNU Lesser General Public License version 3 + * only, as published by the Free Software Foundation. + * + * OpenOffice.org is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU Lesser General Public License version 3 for more details + * (a copy is included in the LICENSE file that accompanied this code). + * + * You should have received a copy of the GNU Lesser General Public License + * version 3 along with OpenOffice.org. If not, see + * <http://www.openoffice.org/license.html> + * for a copy of the LGPLv3 License. + * + ************************************************************************/ + +#ifndef _XMLSIGNATURECONTEXT_MSCRYPTIMPL_HXX_ +#define _XMLSIGNATURECONTEXT_MSCRYPTIMPL_HXX_ + +#include <sal/config.h> +#include <rtl/ustring.hxx> +#include <cppuhelper/factory.hxx> +#include <cppuhelper/implbase3.hxx> +#include <com/sun/star/uno/Exception.hpp> + +#ifndef _COM_SUN_STAR_UNO_REFERENCE_HPP_ +#include <com/sun/star/uno/Reference.hxx> +#endif +#include <com/sun/star/lang/XSingleServiceFactory.hpp> + +#ifndef _COM_SUN_STAR_LANG_XSECVICEINFO_HPP_ +#include <com/sun/star/lang/XServiceInfo.hpp> +#endif +#include <com/sun/star/lang/XInitialization.hpp> +#include <com/sun/star/lang/XUnoTunnel.hpp> +#include <com/sun/star/xml/crypto/XSecurityEnvironment.hpp> +#include <com/sun/star/xml/crypto/XXMLSecurityContext.hpp> + +//#include "xmlsec/xmlsec.h" + +class XMLSecurityContext_MSCryptImpl : public ::cppu::WeakImplHelper3< + ::com::sun::star::xml::crypto::XXMLSecurityContext , + ::com::sun::star::lang::XInitialization , + ::com::sun::star::lang::XServiceInfo > +{ + private : + //xmlSecKeysMngrPtr m_pKeysMngr ; + ::com::sun::star::uno::Reference< ::com::sun::star::xml::crypto::XSecurityEnvironment > m_xSecurityEnvironment ; + ::com::sun::star::uno::Reference< ::com::sun::star::lang::XMultiServiceFactory > m_xServiceManager ; + + public : + XMLSecurityContext_MSCryptImpl( const ::com::sun::star::uno::Reference< ::com::sun::star::lang::XMultiServiceFactory >& aFactory ) ; + virtual ~XMLSecurityContext_MSCryptImpl() ; + + //Methods from XXMLSecurityContext + virtual sal_Int32 SAL_CALL addSecurityEnvironment( + const ::com::sun::star::uno::Reference< ::com::sun::star::xml::crypto::XSecurityEnvironment >& aSecurityEnvironment + ) throw (::com::sun::star::security::SecurityInfrastructureException, ::com::sun::star::uno::RuntimeException); + + virtual ::sal_Int32 SAL_CALL getSecurityEnvironmentNumber( ) + throw (::com::sun::star::uno::RuntimeException); + + virtual ::com::sun::star::uno::Reference< + ::com::sun::star::xml::crypto::XSecurityEnvironment > SAL_CALL + getSecurityEnvironmentByIndex( ::sal_Int32 index ) + throw (::com::sun::star::uno::RuntimeException); + + virtual ::com::sun::star::uno::Reference< + ::com::sun::star::xml::crypto::XSecurityEnvironment > SAL_CALL + getSecurityEnvironment( ) + throw (::com::sun::star::uno::RuntimeException); + + virtual ::sal_Int32 SAL_CALL getDefaultSecurityEnvironmentIndex( ) + throw (::com::sun::star::uno::RuntimeException); + + virtual void SAL_CALL setDefaultSecurityEnvironmentIndex( sal_Int32 nDefaultEnvIndex ) + throw (::com::sun::star::uno::RuntimeException); + +#if 0 + virtual void SAL_CALL setSecurityEnvironment( + const ::com::sun::star::uno::Reference< ::com::sun::star::xml::crypto::XSecurityEnvironment >& aSecurityEnvironment + ) throw( com::sun::star::security::SecurityInfrastructureException) ; + + virtual ::com::sun::star::uno::Reference< ::com::sun::star::xml::crypto::XSecurityEnvironment > SAL_CALL getSecurityEnvironment() + throw(::com::sun::star::uno::RuntimeException); +#endif + + //Methods from XInitialization + virtual void SAL_CALL initialize( + const ::com::sun::star::uno::Sequence< ::com::sun::star::uno::Any >& aArguments + ) throw( ::com::sun::star::uno::Exception , ::com::sun::star::uno::RuntimeException ) ; + + //Methods from XServiceInfo + virtual ::rtl::OUString SAL_CALL getImplementationName() throw( ::com::sun::star::uno::RuntimeException ) ; + + virtual sal_Bool SAL_CALL supportsService( + const ::rtl::OUString& ServiceName + ) throw( ::com::sun::star::uno::RuntimeException ) ; + + virtual ::com::sun::star::uno::Sequence< ::rtl::OUString > SAL_CALL getSupportedServiceNames() throw( ::com::sun::star::uno::RuntimeException ) ; + + //Helper for XServiceInfo + static ::com::sun::star::uno::Sequence< ::rtl::OUString > impl_getSupportedServiceNames() ; + + static ::rtl::OUString impl_getImplementationName() throw( ::com::sun::star::uno::RuntimeException ) ; + + //Helper for registry + static ::com::sun::star::uno::Reference< ::com::sun::star::uno::XInterface > SAL_CALL impl_createInstance( const ::com::sun::star::uno::Reference< ::com::sun::star::lang::XMultiServiceFactory >& aServiceManager ) throw( ::com::sun::star::uno::RuntimeException ) ; + + static ::com::sun::star::uno::Reference< ::com::sun::star::lang::XSingleServiceFactory > impl_createFactory( const ::com::sun::star::uno::Reference< ::com::sun::star::lang::XMultiServiceFactory >& aServiceManager ) ; + +#if 0 + //Methods from XUnoTunnel + virtual sal_Int64 SAL_CALL getSomething( const ::com::sun::star::uno::Sequence< sal_Int8 >& aIdentifier ) + throw (com::sun::star::uno::RuntimeException); + + static const ::com::sun::star::uno::Sequence< sal_Int8 >& getUnoTunnelId() ; + static XMLSecurityContext_MSCryptImpl* getImplementation( const ::com::sun::star::uno::Reference< ::com::sun::star::uno::XInterface > xObj ) ; +#endif + + //Native mehtods + //virtual xmlSecKeysMngrPtr keysManager() throw( ::com::sun::star::uno::Exception , ::com::sun::star::uno::RuntimeException ) ; +} ; + +#endif // _XMLSIGNATURECONTEXT_MSCRYPTIMPL_HXX_ + diff --git a/xmlsecurity/source/xmlsec/mscrypt/xmlsignature_mscryptimpl.cxx b/xmlsecurity/source/xmlsec/mscrypt/xmlsignature_mscryptimpl.cxx new file mode 100644 index 000000000000..11325d794404 --- /dev/null +++ b/xmlsecurity/source/xmlsec/mscrypt/xmlsignature_mscryptimpl.cxx @@ -0,0 +1,337 @@ +/************************************************************************* + * + * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. + * + * Copyright 2008 by Sun Microsystems, Inc. + * + * OpenOffice.org - a multi-platform office productivity suite + * + * $RCSfile: xmlsignature_mscryptimpl.cxx,v $ + * $Revision: 1.9 $ + * + * This file is part of OpenOffice.org. + * + * OpenOffice.org is free software: you can redistribute it and/or modify + * it under the terms of the GNU Lesser General Public License version 3 + * only, as published by the Free Software Foundation. + * + * OpenOffice.org is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU Lesser General Public License version 3 for more details + * (a copy is included in the LICENSE file that accompanied this code). + * + * You should have received a copy of the GNU Lesser General Public License + * version 3 along with OpenOffice.org. If not, see + * <http://www.openoffice.org/license.html> + * for a copy of the LGPLv3 License. + * + ************************************************************************/ + +// MARKER(update_precomp.py): autogen include statement, do not remove +#include "precompiled_xmlsecurity.hxx" +#include <sal/config.h> +#include <rtl/uuid.h> + +#include "com/sun/star/xml/crypto/SecurityOperationStatus.hdl" +#include "xmlsignature_mscryptimpl.hxx" + +#ifndef _XMLDOCUMENTWRAPPER_XMLSECIMPL_HXX_ +#include "xmldocumentwrapper_xmlsecimpl.hxx" +#endif + +#ifndef _XMLELEMENTWRAPPER_XMLSECIMPL_HXX_ +#include "xmlelementwrapper_xmlsecimpl.hxx" +#endif + +#ifndef _SECURITYENVIRONMENT_MSCRYPTIMPL_HXX_ +#include "securityenvironment_mscryptimpl.hxx" +#endif +#include "xmlstreamio.hxx" +#include "errorcallback.hxx" + +#include "xmlsec/xmlsec.h" +#include "xmlsec/xmldsig.h" +#include "xmlsec/crypto.h" + +using namespace ::com::sun::star::uno ; +using namespace ::com::sun::star::lang ; +using ::com::sun::star::lang::XMultiServiceFactory ; +using ::com::sun::star::lang::XSingleServiceFactory ; +using ::rtl::OUString ; + +using ::com::sun::star::xml::wrapper::XXMLElementWrapper ; +using ::com::sun::star::xml::wrapper::XXMLDocumentWrapper ; +using ::com::sun::star::xml::crypto::XSecurityEnvironment ; +using ::com::sun::star::xml::crypto::XXMLSignature ; +using ::com::sun::star::xml::crypto::XXMLSignatureTemplate ; +using ::com::sun::star::xml::crypto::XXMLSecurityContext ; +using ::com::sun::star::xml::crypto::XUriBinding ; +using ::com::sun::star::xml::crypto::XMLSignatureException ; + + +XMLSignature_MSCryptImpl :: XMLSignature_MSCryptImpl( const Reference< XMultiServiceFactory >& aFactory ) : m_xServiceManager( aFactory ) { +} + +XMLSignature_MSCryptImpl :: ~XMLSignature_MSCryptImpl() { +} + +/* XXMLSignature */ +Reference< XXMLSignatureTemplate > +SAL_CALL XMLSignature_MSCryptImpl :: generate( + const Reference< XXMLSignatureTemplate >& aTemplate , + const Reference< XSecurityEnvironment >& aEnvironment +) throw( com::sun::star::xml::crypto::XMLSignatureException, + com::sun::star::uno::SecurityException ) +{ + xmlSecKeysMngrPtr pMngr = NULL ; + xmlSecDSigCtxPtr pDsigCtx = NULL ; + xmlNodePtr pNode = NULL ; + + if( !aTemplate.is() ) + throw RuntimeException() ; + + if( !aEnvironment.is() ) + throw RuntimeException() ; + + //Get Keys Manager + Reference< XUnoTunnel > xSecTunnel( aEnvironment , UNO_QUERY ) ; + if( !xSecTunnel.is() ) { + throw RuntimeException() ; + } + + SecurityEnvironment_MSCryptImpl* pSecEnv = ( SecurityEnvironment_MSCryptImpl* )xSecTunnel->getSomething( SecurityEnvironment_MSCryptImpl::getUnoTunnelId() ) ; + if( pSecEnv == NULL ) + throw RuntimeException() ; + + //Get the xml node + Reference< XXMLElementWrapper > xElement = aTemplate->getTemplate() ; + if( !xElement.is() ) { + throw RuntimeException() ; + } + + Reference< XUnoTunnel > xNodTunnel( xElement , UNO_QUERY ) ; + if( !xNodTunnel.is() ) { + throw RuntimeException() ; + } + + XMLElementWrapper_XmlSecImpl* pElement = ( XMLElementWrapper_XmlSecImpl* )xNodTunnel->getSomething( XMLElementWrapper_XmlSecImpl::getUnoTunnelImplementationId() ) ; + if( pElement == NULL ) { + throw RuntimeException() ; + } + + pNode = pElement->getNativeElement() ; + + //Get the stream/URI binding + Reference< XUriBinding > xUriBinding = aTemplate->getBinding() ; + if( xUriBinding.is() ) { + //Register the stream input callbacks into libxml2 + if( xmlRegisterStreamInputCallbacks( xUriBinding ) < 0 ) + throw RuntimeException() ; + } + + setErrorRecorder( ); + + pMngr = pSecEnv->createKeysManager() ; //i39448 + if( !pMngr ) { + throw RuntimeException() ; + } + + //Create Signature context + pDsigCtx = xmlSecDSigCtxCreate( pMngr ) ; + if( pDsigCtx == NULL ) + { + //throw XMLSignatureException() ; + pSecEnv->destroyKeysManager( pMngr ) ; //i39448 + clearErrorRecorder(); + return aTemplate; + } + + //Sign the template + if( xmlSecDSigCtxSign( pDsigCtx , pNode ) == 0 ) + { + if (pDsigCtx->status == xmlSecDSigStatusSucceeded) + aTemplate->setStatus(com::sun::star::xml::crypto::SecurityOperationStatus_OPERATION_SUCCEEDED); + else + aTemplate->setStatus(com::sun::star::xml::crypto::SecurityOperationStatus_UNKNOWN); + } + else + { + aTemplate->setStatus(com::sun::star::xml::crypto::SecurityOperationStatus_UNKNOWN); + } + + + xmlSecDSigCtxDestroy( pDsigCtx ) ; + pSecEnv->destroyKeysManager( pMngr ) ; //i39448 + + //Unregistered the stream/URI binding + if( xUriBinding.is() ) + xmlUnregisterStreamInputCallbacks() ; + + clearErrorRecorder(); + return aTemplate ; +} + +/* XXMLSignature */ +Reference< XXMLSignatureTemplate > +SAL_CALL XMLSignature_MSCryptImpl :: validate( + const Reference< XXMLSignatureTemplate >& aTemplate , + const Reference< XXMLSecurityContext >& aSecurityCtx +) throw( com::sun::star::uno::RuntimeException, + com::sun::star::uno::SecurityException, + com::sun::star::xml::crypto::XMLSignatureException ) { + xmlSecKeysMngrPtr pMngr = NULL ; + xmlSecDSigCtxPtr pDsigCtx = NULL ; + xmlNodePtr pNode = NULL ; + //sal_Bool valid ; + + if( !aTemplate.is() ) + throw RuntimeException() ; + + if( !aSecurityCtx.is() ) + throw RuntimeException() ; + + //Get Keys Manager + Reference< XSecurityEnvironment > xSecEnv + = aSecurityCtx->getSecurityEnvironmentByIndex( + aSecurityCtx->getDefaultSecurityEnvironmentIndex()); + Reference< XUnoTunnel > xSecTunnel( xSecEnv , UNO_QUERY ) ; + if( !xSecTunnel.is() ) { + throw RuntimeException() ; + } + + SecurityEnvironment_MSCryptImpl* pSecEnv = ( SecurityEnvironment_MSCryptImpl* )xSecTunnel->getSomething( SecurityEnvironment_MSCryptImpl::getUnoTunnelId() ) ; + if( pSecEnv == NULL ) + throw RuntimeException() ; + + //Get the xml node + Reference< XXMLElementWrapper > xElement = aTemplate->getTemplate() ; + if( !xElement.is() ) + throw RuntimeException() ; + + Reference< XUnoTunnel > xNodTunnel( xElement , UNO_QUERY ) ; + if( !xNodTunnel.is() ) { + throw RuntimeException() ; + } + + XMLElementWrapper_XmlSecImpl* pElement = ( XMLElementWrapper_XmlSecImpl* )xNodTunnel->getSomething( XMLElementWrapper_XmlSecImpl::getUnoTunnelImplementationId() ) ; + if( pElement == NULL ) + throw RuntimeException() ; + + pNode = pElement->getNativeElement() ; + + //Get the stream/URI binding + Reference< XUriBinding > xUriBinding = aTemplate->getBinding() ; + if( xUriBinding.is() ) { + //Register the stream input callbacks into libxml2 + if( xmlRegisterStreamInputCallbacks( xUriBinding ) < 0 ) + throw RuntimeException() ; + } + + //added for test: save the result + /* + { + FILE *dstFile = fopen( "c:\\1.txt", "w" ) ; + xmlDocDump( dstFile, pNode->doc) ; + fclose( dstFile ) ; + } + */ + + setErrorRecorder( ); + + pMngr = pSecEnv->createKeysManager() ; //i39448 + if( !pMngr ) { + throw RuntimeException() ; + } + + //Create Signature context + pDsigCtx = xmlSecDSigCtxCreate( pMngr ) ; + if( pDsigCtx == NULL ) + { + pSecEnv->destroyKeysManager( pMngr ) ; //i39448 + //throw XMLSignatureException() ; + clearErrorRecorder(); + return aTemplate; + } + + //Verify signature + //The documentation says that the signature is only valid if the return value is 0 (that is, not < 0) + //AND pDsigCtx->status == xmlSecDSigStatusSucceeded. That is, we must not make any assumptions, if + //the return value is < 0. Then we must regard the signature as INVALID. We cannot use the + //error recorder feature to get the ONE error that made the verification fail, because there is no + //documentation/specification as to how to interpret the number of recorded errors and what is the initial + //error. + if( xmlSecDSigCtxVerify( pDsigCtx , pNode ) == 0 ) + { + if (pDsigCtx->status == xmlSecDSigStatusSucceeded) + aTemplate->setStatus(com::sun::star::xml::crypto::SecurityOperationStatus_OPERATION_SUCCEEDED); + else + aTemplate->setStatus(com::sun::star::xml::crypto::SecurityOperationStatus_UNKNOWN); + } + else + { + aTemplate->setStatus(com::sun::star::xml::crypto::SecurityOperationStatus_UNKNOWN); + } + + xmlSecDSigCtxDestroy( pDsigCtx ) ; + pSecEnv->destroyKeysManager( pMngr ) ; //i39448 + + //Unregistered the stream/URI binding + if( xUriBinding.is() ) + xmlUnregisterStreamInputCallbacks() ; + + + clearErrorRecorder(); + return aTemplate; +} + +/* XInitialization */ +void SAL_CALL XMLSignature_MSCryptImpl :: initialize( const Sequence< Any >& /*aArguments*/ ) throw( Exception, RuntimeException ) { + // TBD +} ; + +/* XServiceInfo */ +OUString SAL_CALL XMLSignature_MSCryptImpl :: getImplementationName() throw( RuntimeException ) { + return impl_getImplementationName() ; +} + +/* XServiceInfo */ +sal_Bool SAL_CALL XMLSignature_MSCryptImpl :: supportsService( const OUString& serviceName) throw( RuntimeException ) { + Sequence< OUString > seqServiceNames = getSupportedServiceNames() ; + const OUString* pArray = seqServiceNames.getConstArray() ; + for( sal_Int32 i = 0 ; i < seqServiceNames.getLength() ; i ++ ) { + if( *( pArray + i ) == serviceName ) + return sal_True ; + } + return sal_False ; +} + +/* XServiceInfo */ +Sequence< OUString > SAL_CALL XMLSignature_MSCryptImpl :: getSupportedServiceNames() throw( RuntimeException ) { + return impl_getSupportedServiceNames() ; +} + +//Helper for XServiceInfo +Sequence< OUString > XMLSignature_MSCryptImpl :: impl_getSupportedServiceNames() { + ::osl::Guard< ::osl::Mutex > aGuard( ::osl::Mutex::getGlobalMutex() ) ; + Sequence< OUString > seqServiceNames( 1 ) ; + seqServiceNames.getArray()[0] = OUString::createFromAscii( "com.sun.star.xml.crypto.XMLSignature" ) ; + return seqServiceNames ; +} + +OUString XMLSignature_MSCryptImpl :: impl_getImplementationName() throw( RuntimeException ) { + return OUString::createFromAscii( "com.sun.star.xml.security.bridge.xmlsec.XMLSignature_MSCryptImpl" ) ; +} + +//Helper for registry +Reference< XInterface > SAL_CALL XMLSignature_MSCryptImpl :: impl_createInstance( const Reference< XMultiServiceFactory >& aServiceManager ) throw( RuntimeException ) { + return Reference< XInterface >( *new XMLSignature_MSCryptImpl( aServiceManager ) ) ; +} + +Reference< XSingleServiceFactory > XMLSignature_MSCryptImpl :: impl_createFactory( const Reference< XMultiServiceFactory >& aServiceManager ) { + //Reference< XSingleServiceFactory > xFactory ; + //xFactory = ::cppu::createSingleFactory( aServiceManager , impl_getImplementationName , impl_createInstance , impl_getSupportedServiceNames ) ; + //return xFactory ; + return ::cppu::createSingleFactory( aServiceManager , impl_getImplementationName() , impl_createInstance , impl_getSupportedServiceNames() ) ; +} + diff --git a/xmlsecurity/source/xmlsec/mscrypt/xmlsignature_mscryptimpl.hxx b/xmlsecurity/source/xmlsec/mscrypt/xmlsignature_mscryptimpl.hxx new file mode 100644 index 000000000000..2102b4cc73fc --- /dev/null +++ b/xmlsecurity/source/xmlsec/mscrypt/xmlsignature_mscryptimpl.hxx @@ -0,0 +1,105 @@ +/************************************************************************* + * + * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. + * + * Copyright 2008 by Sun Microsystems, Inc. + * + * OpenOffice.org - a multi-platform office productivity suite + * + * $RCSfile: xmlsignature_mscryptimpl.hxx,v $ + * $Revision: 1.5 $ + * + * This file is part of OpenOffice.org. + * + * OpenOffice.org is free software: you can redistribute it and/or modify + * it under the terms of the GNU Lesser General Public License version 3 + * only, as published by the Free Software Foundation. + * + * OpenOffice.org is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU Lesser General Public License version 3 for more details + * (a copy is included in the LICENSE file that accompanied this code). + * + * You should have received a copy of the GNU Lesser General Public License + * version 3 along with OpenOffice.org. If not, see + * <http://www.openoffice.org/license.html> + * for a copy of the LGPLv3 License. + * + ************************************************************************/ + +#ifndef _XMLSIGNATURE_MSCRYPTIMPL_HXX_ +#define _XMLSIGNATURE_MSCRYPTIMPL_HXX_ + +#include <sal/config.h> +#include <rtl/ustring.hxx> +#include <cppuhelper/factory.hxx> +#include <cppuhelper/implbase3.hxx> +#include <com/sun/star/uno/Exception.hpp> + +#ifndef _COM_SUN_STAR_UNO_REFERENCE_HPP_ +#include <com/sun/star/uno/Reference.hxx> +#endif +#include <com/sun/star/lang/XSingleServiceFactory.hpp> + +#ifndef _COM_SUN_STAR_LANG_XSECVICEINFO_HPP_ +#include <com/sun/star/lang/XServiceInfo.hpp> +#endif +#include <com/sun/star/lang/XInitialization.hpp> +#include <com/sun/star/xml/crypto/XXMLSignature.hpp> +#include <com/sun/star/xml/crypto/XXMLSignatureTemplate.hpp> +#include <com/sun/star/xml/crypto/XXMLSecurityContext.hpp> + +class XMLSignature_MSCryptImpl : public ::cppu::WeakImplHelper3< + ::com::sun::star::xml::crypto::XXMLSignature , + ::com::sun::star::lang::XInitialization , + ::com::sun::star::lang::XServiceInfo > +{ + private : + ::com::sun::star::uno::Reference< ::com::sun::star::lang::XMultiServiceFactory > m_xServiceManager ; + + public : + XMLSignature_MSCryptImpl( const ::com::sun::star::uno::Reference< ::com::sun::star::lang::XMultiServiceFactory >& aFactory ) ; + virtual ~XMLSignature_MSCryptImpl() ; + + //Methods from XXMLSignature + virtual ::com::sun::star::uno::Reference< ::com::sun::star::xml::crypto::XXMLSignatureTemplate > SAL_CALL generate( + const ::com::sun::star::uno::Reference< ::com::sun::star::xml::crypto::XXMLSignatureTemplate >& aTemplate , + const ::com::sun::star::uno::Reference< ::com::sun::star::xml::crypto::XSecurityEnvironment >& aEnvironment + ) throw( com::sun::star::xml::crypto::XMLSignatureException, + com::sun::star::uno::SecurityException) ; + + virtual ::com::sun::star::uno::Reference< ::com::sun::star::xml::crypto::XXMLSignatureTemplate > SAL_CALL validate( + const ::com::sun::star::uno::Reference< ::com::sun::star::xml::crypto::XXMLSignatureTemplate >& aTemplate , + const ::com::sun::star::uno::Reference< ::com::sun::star::xml::crypto::XXMLSecurityContext >& aContext + ) throw( com::sun::star::uno::RuntimeException, + com::sun::star::uno::SecurityException, + com::sun::star::xml::crypto::XMLSignatureException); + + //Methods from XInitialization + virtual void SAL_CALL initialize( + const ::com::sun::star::uno::Sequence< ::com::sun::star::uno::Any >& aArguments + ) throw( ::com::sun::star::uno::Exception , ::com::sun::star::uno::RuntimeException ) ; + + //Methods from XServiceInfo + virtual ::rtl::OUString SAL_CALL getImplementationName() throw( ::com::sun::star::uno::RuntimeException ) ; + + virtual sal_Bool SAL_CALL supportsService( + const ::rtl::OUString& ServiceName + ) throw( ::com::sun::star::uno::RuntimeException ) ; + + virtual ::com::sun::star::uno::Sequence< ::rtl::OUString > SAL_CALL getSupportedServiceNames() throw( ::com::sun::star::uno::RuntimeException ) ; + + //Helper for XServiceInfo + static ::com::sun::star::uno::Sequence< ::rtl::OUString > impl_getSupportedServiceNames() ; + + static ::rtl::OUString impl_getImplementationName() throw( ::com::sun::star::uno::RuntimeException ) ; + + //Helper for registry + static ::com::sun::star::uno::Reference< ::com::sun::star::uno::XInterface > SAL_CALL impl_createInstance( const ::com::sun::star::uno::Reference< ::com::sun::star::lang::XMultiServiceFactory >& aServiceManager ) throw( ::com::sun::star::uno::RuntimeException ) ; + + static ::com::sun::star::uno::Reference< ::com::sun::star::lang::XSingleServiceFactory > impl_createFactory( const ::com::sun::star::uno::Reference< ::com::sun::star::lang::XMultiServiceFactory >& aServiceManager ) ; +} ; + +#endif // _XMLSIGNATURE_MSCRYPTIMPL_HXX_ + diff --git a/xmlsecurity/source/xmlsec/mscrypt/xsec_mscrypt.cxx b/xmlsecurity/source/xmlsec/mscrypt/xsec_mscrypt.cxx new file mode 100644 index 000000000000..7cb2c281e7f1 --- /dev/null +++ b/xmlsecurity/source/xmlsec/mscrypt/xsec_mscrypt.cxx @@ -0,0 +1,167 @@ +/************************************************************************* + * + * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. + * + * Copyright 2008 by Sun Microsystems, Inc. + * + * OpenOffice.org - a multi-platform office productivity suite + * + * $RCSfile: xsec_mscrypt.cxx,v $ + * $Revision: 1.5 $ + * + * This file is part of OpenOffice.org. + * + * OpenOffice.org is free software: you can redistribute it and/or modify + * it under the terms of the GNU Lesser General Public License version 3 + * only, as published by the Free Software Foundation. + * + * OpenOffice.org is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU Lesser General Public License version 3 for more details + * (a copy is included in the LICENSE file that accompanied this code). + * + * You should have received a copy of the GNU Lesser General Public License + * version 3 along with OpenOffice.org. If not, see + * <http://www.openoffice.org/license.html> + * for a copy of the LGPLv3 License. + * + ************************************************************************/ + +// MARKER(update_precomp.py): autogen include statement, do not remove +#include "precompiled_xmlsecurity.hxx" + +#include <sal/config.h> +#include <stdio.h> + +#include <osl/mutex.hxx> +#include <osl/thread.h> +#include <cppuhelper/factory.hxx> +#include <com/sun/star/lang/XSingleServiceFactory.hpp> + +#include "seinitializer_mscryptimpl.hxx" +#include "xmlsignature_mscryptimpl.hxx" +#include "xmlencryption_mscryptimpl.hxx" +#include "xmlsecuritycontext_mscryptimpl.hxx" +#include "securityenvironment_mscryptimpl.hxx" + +using namespace ::rtl; +using namespace ::cppu; +using namespace ::com::sun::star::uno; +using namespace ::com::sun::star::lang; +using namespace ::com::sun::star::registry; + +extern "C" +{ + +sal_Bool SAL_CALL mscrypt_component_writeInfo( void* /*pServiceManager*/ , void* pRegistryKey ) +{ + sal_Bool result = sal_False; + sal_Int32 i ; + OUString sKeyName ; + Reference< XRegistryKey > xNewKey ; + Sequence< OUString > seqServices ; + Reference< XRegistryKey > xKey( reinterpret_cast< XRegistryKey* >( pRegistryKey ) ) ; + + if( xKey.is() ) { + // try { + // XMLSignature_MSCryptImpl + sKeyName = OUString( RTL_CONSTASCII_USTRINGPARAM( "/" ) ) ; + sKeyName += XMLSignature_MSCryptImpl::impl_getImplementationName() ; + sKeyName += OUString::createFromAscii( "/UNO/SERVICES" ) ; + + xNewKey = xKey->createKey( sKeyName ) ; + if( xNewKey.is() ) { + seqServices = XMLSignature_MSCryptImpl::impl_getSupportedServiceNames() ; + for( i = seqServices.getLength() ; i -- ; ) + xNewKey->createKey( seqServices.getConstArray()[i] ) ; + } + + // XMLEncryption_MSCryptImpl + sKeyName = OUString( RTL_CONSTASCII_USTRINGPARAM( "/" ) ) ; + sKeyName += XMLEncryption_MSCryptImpl::impl_getImplementationName() ; + sKeyName += OUString::createFromAscii( "/UNO/SERVICES" ) ; + + xNewKey = xKey->createKey( sKeyName ) ; + if( xNewKey.is() ) { + seqServices = XMLEncryption_MSCryptImpl::impl_getSupportedServiceNames() ; + for( i = seqServices.getLength() ; i -- ; ) + xNewKey->createKey( seqServices.getConstArray()[i] ) ; + } + + // XMLSecurityContext_MSCryptImpl + sKeyName = OUString( RTL_CONSTASCII_USTRINGPARAM( "/" ) ) ; + sKeyName += XMLSecurityContext_MSCryptImpl::impl_getImplementationName() ; + sKeyName += OUString::createFromAscii( "/UNO/SERVICES" ) ; + + xNewKey = xKey->createKey( sKeyName ) ; + if( xNewKey.is() ) { + seqServices = XMLSecurityContext_MSCryptImpl::impl_getSupportedServiceNames() ; + for( i = seqServices.getLength() ; i -- ; ) + xNewKey->createKey( seqServices.getConstArray()[i] ) ; + } + + // SecurityEnvironment_MSCryptImpl + sKeyName = OUString( RTL_CONSTASCII_USTRINGPARAM( "/" ) ) ; + sKeyName += SecurityEnvironment_MSCryptImpl::impl_getImplementationName() ; + sKeyName += OUString::createFromAscii( "/UNO/SERVICES" ) ; + + xNewKey = xKey->createKey( sKeyName ) ; + if( xNewKey.is() ) { + seqServices = SecurityEnvironment_MSCryptImpl::impl_getSupportedServiceNames() ; + for( i = seqServices.getLength() ; i -- ; ) + xNewKey->createKey( seqServices.getConstArray()[i] ) ; + } + + // SEInitializer_MSCryptImpl + sKeyName = OUString( RTL_CONSTASCII_USTRINGPARAM( "/" ) ) ; + sKeyName += SEInitializer_MSCryptImpl_getImplementationName() ; + sKeyName += OUString::createFromAscii( "/UNO/SERVICES" ) ; + + xNewKey = xKey->createKey( sKeyName ) ; + if( xNewKey.is() ) { + seqServices = SEInitializer_MSCryptImpl_getSupportedServiceNames() ; + for( i = seqServices.getLength() ; i -- ; ) + xNewKey->createKey( seqServices.getConstArray()[i] ) ; + } + + return sal_True; + //} catch( InvalidRegistryException & ) { + // //we should not ignore exceptions + // return sal_False ; + //} + } + return result; +} + +void* SAL_CALL mscrypt_component_getFactory( const sal_Char* pImplName , void* pServiceManager , void* /*pRegistryKey*/ ) +{ + void* pRet = 0; + Reference< XSingleServiceFactory > xFactory ; + + if( pImplName != NULL && pServiceManager != NULL ) { + if( XMLSignature_MSCryptImpl::impl_getImplementationName().equals( OUString::createFromAscii( pImplName ) ) ) { + xFactory = XMLSignature_MSCryptImpl::impl_createFactory( reinterpret_cast< XMultiServiceFactory* >( pServiceManager ) ) ; + } else if( XMLSecurityContext_MSCryptImpl::impl_getImplementationName().equals( OUString::createFromAscii( pImplName ) ) ) { + xFactory = XMLSecurityContext_MSCryptImpl::impl_createFactory( reinterpret_cast< XMultiServiceFactory* >( pServiceManager ) ) ; + } else if( SecurityEnvironment_MSCryptImpl::impl_getImplementationName().equals( OUString::createFromAscii( pImplName ) ) ) { + xFactory = SecurityEnvironment_MSCryptImpl::impl_createFactory( reinterpret_cast< XMultiServiceFactory* >( pServiceManager ) ) ; + } else if( XMLEncryption_MSCryptImpl::impl_getImplementationName().equals( OUString::createFromAscii( pImplName ) ) ) { + xFactory = XMLEncryption_MSCryptImpl::impl_createFactory( reinterpret_cast< XMultiServiceFactory* >( pServiceManager ) ) ; + } else if( SEInitializer_MSCryptImpl_getImplementationName().equals( OUString::createFromAscii( pImplName ) ) ) { + xFactory = Reference< XSingleServiceFactory >( createSingleFactory( + reinterpret_cast< XMultiServiceFactory * >( pServiceManager ), + OUString::createFromAscii( pImplName ), + SEInitializer_MSCryptImpl_createInstance, SEInitializer_MSCryptImpl_getSupportedServiceNames() ) ); + } + } + + if( xFactory.is() ) { + xFactory->acquire() ; + pRet = xFactory.get() ; + } + + return pRet ; +} + +} diff --git a/xmlsecurity/source/xmlsec/nss/makefile.mk b/xmlsecurity/source/xmlsec/nss/makefile.mk new file mode 100644 index 000000000000..94fdfd96e76c --- /dev/null +++ b/xmlsecurity/source/xmlsec/nss/makefile.mk @@ -0,0 +1,142 @@ +#************************************************************************* +# +# DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. +# +# Copyright 2008 by Sun Microsystems, Inc. +# +# OpenOffice.org - a multi-platform office productivity suite +# +# $RCSfile: makefile.mk,v $ +# +# $Revision: 1.9 $ +# +# This file is part of OpenOffice.org. +# +# OpenOffice.org is free software: you can redistribute it and/or modify +# it under the terms of the GNU Lesser General Public License version 3 +# only, as published by the Free Software Foundation. +# +# OpenOffice.org is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU Lesser General Public License version 3 for more details +# (a copy is included in the LICENSE file that accompanied this code). +# +# You should have received a copy of the GNU Lesser General Public License +# version 3 along with OpenOffice.org. If not, see +# <http://www.openoffice.org/license.html> +# for a copy of the LGPLv3 License. +# +#************************************************************************* + +PRJ=..$/..$/.. + +PRJNAME = xmlsecurity +TARGET = xs_nss + +ENABLE_EXCEPTIONS = TRUE + +# --- Settings ----------------------------------------------------- + +.INCLUDE : settings.mk +.INCLUDE : $(PRJ)$/util$/target.pmk + +.IF "$(SYSTEM_LIBXML)" == "YES" +CFLAGS+=-DSYSTEM_LIBXML $(LIBXML_CFLAGS) +.ENDIF + +.IF "$(CRYPTO_ENGINE)" != "nss" +LIBTARGET=NO +.ENDIF + +.IF "$(CRYPTO_ENGINE)" == "nss" + +.IF "$(WITH_MOZILLA)" == "NO" +@all: + @echo "No mozilla -> no nss -> no libxmlsec -> no xmlsecurity/nss" +.ENDIF + +.IF "$(SYSTEM_MOZILLA)" != "YES" +MOZ_INC = $(SOLARVERSION)$/$(INPATH)$/inc$(UPDMINOREXT)$/mozilla +NSS_INC = $(MOZ_INC)$/nss +NSPR_INC = $(MOZ_INC)$/nspr +.ELSE +# MOZ_INC already defined from environment +NSS_INC = $(MOZ_NSS_CFLAGS) +NSPR_INC = $(MOZ_INC)$/nspr +.ENDIF + +.IF "$(GUI)"=="UNX" +.IF "$(COMNAME)"=="sunpro5" +CFLAGS += -features=tmplife +#This flag is needed to build mozilla 1.7 code +.ENDIF # "$(COMNAME)"=="sunpro5" +.ENDIF + +.IF "$(GUI)" == "WNT" +.IF "$(DBG_LEVEL)" == "0" +INCPRE += \ +-I$(MOZ_INC)$/profile \ +-I$(MOZ_INC)$/string \ +-I$(MOZ_INC)$/embed_base +CFLAGS += -GR- -W3 -Gy -MD -UDEBUG +.ELSE +INCPRE += \ +-I$(MOZ_INC)$/profile \ +-I$(MOZ_INC)$/string \ +-I$(MOZ_INC)$/embed_base +CFLAGS += -Zi -GR- -W3 -Gy -MDd -UNDEBUG +.ENDIF +.ENDIF +.IF "$(GUI)" == "UNX" +INCPOST += \ +$(MOZ_INC)$/profile \ +-I$(MOZ_INC)$/string \ +-I$(MOZ_INC)$/embed_base +#.IF "$(OS)" == "LINUX" +#CFLAGS += -fPIC -g +#CFLAGSCXX += \ +# -fno-rtti -Wall -Wconversion -Wpointer-arith \ +# -Wbad-function-cast -Wcast-align -Woverloaded-virtual -Wsynth \ +# -Wno-long-long -pthread +#CDEFS += -DTRACING +#.ELIF "$(OS)" == "NETBSD" +#CFLAGS += -fPIC +#CFLAGSCXX += \ +# -fno-rtti -Wall -Wconversion -Wpointer-arith \ +# -Wbad-function-cast -Wcast-align -Woverloaded-virtual -Wsynth \ +# -Wno-long-long +#CDEFS += -DTRACING +#.ENDIF +.ENDIF + +CDEFS += -DXMLSEC_CRYPTO_NSS -DXMLSEC_NO_XSLT + +# --- Files -------------------------------------------------------- + +SOLARINC += \ + -I$(MOZ_INC) \ +-I$(NSPR_INC) \ +-I$(PRJ)$/source$/xmlsec + +.IF "$(SYSTEM_MOZILLA)" == "YES" +SOLARINC += -DSYSTEM_MOZILLA $(NSS_INC) +.ELSE +SOLARINC += -I$(NSS_INC) +.ENDIF + +SLOFILES = \ + $(SLO)$/securityenvironment_nssimpl.obj \ + $(SLO)$/xmlencryption_nssimpl.obj \ + $(SLO)$/xmlsecuritycontext_nssimpl.obj \ + $(SLO)$/xmlsignature_nssimpl.obj \ + $(SLO)$/x509certificate_nssimpl.obj \ + $(SLO)$/seinitializer_nssimpl.obj \ + $(SLO)$/xsec_nss.obj + + +.ENDIF + +# --- Targets ------------------------------------------------------ + +.INCLUDE : target.mk diff --git a/xmlsecurity/source/xmlsec/nss/nssrenam.h b/xmlsecurity/source/xmlsec/nss/nssrenam.h new file mode 100644 index 000000000000..1742e1492d35 --- /dev/null +++ b/xmlsecurity/source/xmlsec/nss/nssrenam.h @@ -0,0 +1,49 @@ +/* + * The contents of this file are subject to the Mozilla Public + * License Version 1.1 (the "License"); you may not use this file + * except in compliance with the License. You may obtain a copy of + * the License at http://www.mozilla.org/MPL/ + * + * Software distributed under the License is distributed on an "AS + * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or + * implied. See the License for the specific language governing + * rights and limitations under the License. + * + * The Original Code is the Netscape security libraries. + * + * The Initial Developer of the Original Code is Netscape + * Communications Corporation. Portions created by Netscape are + * Copyright (C) 2001 Netscape Communications Corporation. All + * Rights Reserved. + * + * Contributor(s): + * + * Alternatively, the contents of this file may be used under the + * terms of the GNU General Public License Version 2 or later (the + * "GPL"), in which case the provisions of the GPL are applicable + * instead of those above. If you wish to allow use of your + * version of this file only under the terms of the GPL and not to + * allow others to use your version of this file under the MPL, + * indicate your decision by deleting the provisions above and + * replace them with the notice and other provisions required by + * the GPL. If you do not delete the provisions above, a recipient + * may use your version of this file under either the MPL or the + * GPL. + */ + +#ifndef __nssrenam_h_ +#define __nssrenam_h_ + +#define CERT_NewTempCertificate __CERT_NewTempCertificate +#define PK11_CreateContextByRawKey __PK11_CreateContextByRawKey +#define PK11_GetKeyData __PK11_GetKeyData +#define nss_InitLock __nss_InitLock +#define CERT_ClosePermCertDB __CERT_ClosePermCertDB +#define CERT_DecodeDERCertificate __CERT_DecodeDERCertificate +#define CERT_TraversePermCertsForNickname __CERT_TraversePermCertsForNickname +#define CERT_TraversePermCertsForSubject __CERT_TraversePermCertsForSubject +#define PBE_CreateContext __PBE_CreateContext +#define PBE_DestroyContext __PBE_DestroyContext +#define PBE_GenerateBits __PBE_GenerateBits + +#endif /* __nssrenam_h_ */ diff --git a/xmlsecurity/source/xmlsec/nss/securityenvironment_nssimpl.cxx b/xmlsecurity/source/xmlsec/nss/securityenvironment_nssimpl.cxx new file mode 100644 index 000000000000..90779823eca3 --- /dev/null +++ b/xmlsecurity/source/xmlsec/nss/securityenvironment_nssimpl.cxx @@ -0,0 +1,1110 @@ +/************************************************************************* + * + * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. + * + * Copyright 2008 by Sun Microsystems, Inc. + * + * OpenOffice.org - a multi-platform office productivity suite + * + * $RCSfile: securityenvironment_nssimpl.cxx,v $ + * $Revision: 1.23 $ + * + * This file is part of OpenOffice.org. + * + * OpenOffice.org is free software: you can redistribute it and/or modify + * it under the terms of the GNU Lesser General Public License version 3 + * only, as published by the Free Software Foundation. + * + * OpenOffice.org is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU Lesser General Public License version 3 for more details + * (a copy is included in the LICENSE file that accompanied this code). + * + * You should have received a copy of the GNU Lesser General Public License + * version 3 along with OpenOffice.org. If not, see + * <http://www.openoffice.org/license.html> + * for a copy of the LGPLv3 License. + * + ************************************************************************/ + + +// MARKER(update_precomp.py): autogen include statement, do not remove +#include "precompiled_xmlsecurity.hxx" + +//todo before commit: nssrenam.h is not delivered!!! +#include "nssrenam.h" +#include "cert.h" +#include "secerr.h" + +#include <sal/config.h> +#include "securityenvironment_nssimpl.hxx" +#include "x509certificate_nssimpl.hxx" +#include <rtl/uuid.h> + + +#include <sal/types.h> +//For reasons that escape me, this is what xmlsec does when size_t is not 4 +#if SAL_TYPES_SIZEOFPOINTER != 4 +# define XMLSEC_NO_SIZE_T +#endif +#include <xmlsec/xmlsec.h> +#include <xmlsec/keysmngr.h> +#include <xmlsec/crypto.h> +#include <xmlsec/base64.h> +#include <xmlsec/strings.h> + +#include <tools/string.hxx> +#include <rtl/ustrbuf.hxx> +#include <comphelper/processfactory.hxx> +#include <cppuhelper/servicefactory.hxx> +#include <comphelper/docpasswordrequest.hxx> +#include <xmlsecurity/biginteger.hxx> +#include <rtl/logfile.h> +#include <com/sun/star/task/XInteractionHandler.hpp> +#include <vector> +#include "boost/scoped_array.hpp" + +// MM : added for password exception +#include <com/sun/star/security/NoPasswordException.hpp> +namespace csss = ::com::sun::star::security; +using namespace ::com::sun::star::security; +using namespace com::sun::star; +using namespace ::com::sun::star::uno ; +using namespace ::com::sun::star::lang ; +using ::com::sun::star::lang::XMultiServiceFactory ; +using ::com::sun::star::lang::XSingleServiceFactory ; +using ::rtl::OUString ; + +using ::com::sun::star::xml::crypto::XSecurityEnvironment ; +using ::com::sun::star::security::XCertificate ; + +extern X509Certificate_NssImpl* NssCertToXCert( CERTCertificate* cert ) ; +extern X509Certificate_NssImpl* NssPrivKeyToXCert( SECKEYPrivateKey* ) ; + + +char* GetPasswordFunction( PK11SlotInfo* pSlot, PRBool bRetry, void* /*arg*/ ) +{ + uno::Reference< lang::XMultiServiceFactory > xMSF( ::comphelper::getProcessServiceFactory() ); + if ( xMSF.is() ) + { + uno::Reference < task::XInteractionHandler > xInteractionHandler( + xMSF->createInstance( rtl::OUString::createFromAscii("com.sun.star.task.InteractionHandler") ), uno::UNO_QUERY ); + + if ( xInteractionHandler.is() ) + { + task::PasswordRequestMode eMode = bRetry ? task::PasswordRequestMode_PASSWORD_REENTER : task::PasswordRequestMode_PASSWORD_ENTER; + ::comphelper::DocPasswordRequest* pPasswordRequest = new ::comphelper::DocPasswordRequest( + ::comphelper::DocPasswordRequestType_STANDARD, eMode, ::rtl::OUString::createFromAscii(PK11_GetTokenName(pSlot)) ); + + uno::Reference< task::XInteractionRequest > xRequest( pPasswordRequest ); + xInteractionHandler->handle( xRequest ); + + if ( pPasswordRequest->isPassword() ) + { + ByteString aPassword = ByteString( String( pPasswordRequest->getPassword() ), gsl_getSystemTextEncoding() ); + USHORT nLen = aPassword.Len(); + char* pPassword = (char*) PORT_Alloc( nLen+1 ) ; + pPassword[nLen] = 0; + memcpy( pPassword, aPassword.GetBuffer(), nLen ); + return pPassword; + } + } + } + return NULL; +} + +SecurityEnvironment_NssImpl :: SecurityEnvironment_NssImpl( const Reference< XMultiServiceFactory >& ) : +m_pHandler( NULL ) , m_tSymKeyList() , m_tPubKeyList() , m_tPriKeyList() { + + PK11_SetPasswordFunc( GetPasswordFunction ) ; +} + +SecurityEnvironment_NssImpl :: ~SecurityEnvironment_NssImpl() { + + PK11_SetPasswordFunc( NULL ) ; + + for (CIT_SLOTS i = m_Slots.begin(); i != m_Slots.end(); i++) + { + PK11_FreeSlot(*i); + } + + if( !m_tSymKeyList.empty() ) { + std::list< PK11SymKey* >::iterator symKeyIt ; + + for( symKeyIt = m_tSymKeyList.begin() ; symKeyIt != m_tSymKeyList.end() ; symKeyIt ++ ) + PK11_FreeSymKey( *symKeyIt ) ; + } + + if( !m_tPubKeyList.empty() ) { + std::list< SECKEYPublicKey* >::iterator pubKeyIt ; + + for( pubKeyIt = m_tPubKeyList.begin() ; pubKeyIt != m_tPubKeyList.end() ; pubKeyIt ++ ) + SECKEY_DestroyPublicKey( *pubKeyIt ) ; + } + + if( !m_tPriKeyList.empty() ) { + std::list< SECKEYPrivateKey* >::iterator priKeyIt ; + + for( priKeyIt = m_tPriKeyList.begin() ; priKeyIt != m_tPriKeyList.end() ; priKeyIt ++ ) + SECKEY_DestroyPrivateKey( *priKeyIt ) ; + } +} + +/* XInitialization */ +void SAL_CALL SecurityEnvironment_NssImpl :: initialize( const Sequence< Any >& ) throw( Exception, RuntimeException ) { + // TBD +} ; + +/* XServiceInfo */ +OUString SAL_CALL SecurityEnvironment_NssImpl :: getImplementationName() throw( RuntimeException ) { + return impl_getImplementationName() ; +} + +/* XServiceInfo */ +sal_Bool SAL_CALL SecurityEnvironment_NssImpl :: supportsService( const OUString& serviceName) throw( RuntimeException ) { + Sequence< OUString > seqServiceNames = getSupportedServiceNames() ; + const OUString* pArray = seqServiceNames.getConstArray() ; + for( sal_Int32 i = 0 ; i < seqServiceNames.getLength() ; i ++ ) { + if( *( pArray + i ) == serviceName ) + return sal_True ; + } + return sal_False ; +} + +/* XServiceInfo */ +Sequence< OUString > SAL_CALL SecurityEnvironment_NssImpl :: getSupportedServiceNames() throw( RuntimeException ) { + return impl_getSupportedServiceNames() ; +} + +//Helper for XServiceInfo +Sequence< OUString > SecurityEnvironment_NssImpl :: impl_getSupportedServiceNames() { + ::osl::Guard< ::osl::Mutex > aGuard( ::osl::Mutex::getGlobalMutex() ) ; + Sequence< OUString > seqServiceNames( 1 ) ; + seqServiceNames.getArray()[0] = OUString::createFromAscii( "com.sun.star.xml.crypto.SecurityEnvironment" ) ; + return seqServiceNames ; +} + +OUString SecurityEnvironment_NssImpl :: impl_getImplementationName() throw( RuntimeException ) { + return OUString::createFromAscii( "com.sun.star.xml.security.bridge.xmlsec.SecurityEnvironment_NssImpl" ) ; +} + +//Helper for registry +Reference< XInterface > SAL_CALL SecurityEnvironment_NssImpl :: impl_createInstance( const Reference< XMultiServiceFactory >& aServiceManager ) throw( RuntimeException ) { + return Reference< XInterface >( *new SecurityEnvironment_NssImpl( aServiceManager ) ) ; +} + +Reference< XSingleServiceFactory > SecurityEnvironment_NssImpl :: impl_createFactory( const Reference< XMultiServiceFactory >& aServiceManager ) { + //Reference< XSingleServiceFactory > xFactory ; + //xFactory = ::cppu::createSingleFactory( aServiceManager , impl_getImplementationName , impl_createInstance , impl_getSupportedServiceNames ) ; + //return xFactory ; + return ::cppu::createSingleFactory( aServiceManager , impl_getImplementationName() , impl_createInstance , impl_getSupportedServiceNames() ) ; +} + +/* XUnoTunnel */ +sal_Int64 SAL_CALL SecurityEnvironment_NssImpl :: getSomething( const Sequence< sal_Int8 >& aIdentifier ) + throw( RuntimeException ) +{ + if( aIdentifier.getLength() == 16 && 0 == rtl_compareMemory( getUnoTunnelId().getConstArray(), aIdentifier.getConstArray(), 16 ) ) { + return sal::static_int_cast<sal_Int64>(reinterpret_cast<sal_uIntPtr>(this)); + } + return 0 ; +} + +/* XUnoTunnel extension */ +const Sequence< sal_Int8>& SecurityEnvironment_NssImpl :: getUnoTunnelId() { + static Sequence< sal_Int8 >* pSeq = 0 ; + if( !pSeq ) { + ::osl::Guard< ::osl::Mutex > aGuard( ::osl::Mutex::getGlobalMutex() ) ; + if( !pSeq ) { + static Sequence< sal_Int8> aSeq( 16 ) ; + rtl_createUuid( ( sal_uInt8* )aSeq.getArray() , 0 , sal_True ) ; + pSeq = &aSeq ; + } + } + return *pSeq ; +} + +/* XUnoTunnel extension */ +SecurityEnvironment_NssImpl* SecurityEnvironment_NssImpl :: getImplementation( const Reference< XInterface > xObj ) { + Reference< XUnoTunnel > xUT( xObj , UNO_QUERY ) ; + if( xUT.is() ) { + return reinterpret_cast<SecurityEnvironment_NssImpl*>( + sal::static_int_cast<sal_uIntPtr>(xUT->getSomething( getUnoTunnelId() ))) ; + } else + return NULL ; +} + + +::rtl::OUString SecurityEnvironment_NssImpl::getSecurityEnvironmentInformation() throw( ::com::sun::star::uno::RuntimeException ) +{ + rtl::OUString result; + ::rtl::OUStringBuffer buff; + for (CIT_SLOTS is = m_Slots.begin(); is != m_Slots.end(); is++) + { + buff.append(rtl::OUString::createFromAscii(PK11_GetTokenName(*is))); + buff.appendAscii("\n"); + } + return buff.makeStringAndClear(); +} + +void SecurityEnvironment_NssImpl::addCryptoSlot( PK11SlotInfo* aSlot) throw( Exception , RuntimeException ) +{ + PK11_ReferenceSlot(aSlot); + m_Slots.push_back(aSlot); +} + +CERTCertDBHandle* SecurityEnvironment_NssImpl :: getCertDb() throw( Exception , RuntimeException ) { + return m_pHandler ; +} + +//Could we have multiple cert dbs? +void SecurityEnvironment_NssImpl :: setCertDb( CERTCertDBHandle* aCertDb ) throw( Exception , RuntimeException ) { + m_pHandler = aCertDb ; +} + +void SecurityEnvironment_NssImpl :: adoptSymKey( PK11SymKey* aSymKey ) throw( Exception , RuntimeException ) { + PK11SymKey* symkey ; + std::list< PK11SymKey* >::iterator keyIt ; + + if( aSymKey != NULL ) { + //First try to find the key in the list + for( keyIt = m_tSymKeyList.begin() ; keyIt != m_tSymKeyList.end() ; keyIt ++ ) { + if( *keyIt == aSymKey ) + return ; + } + + //If we do not find the key in the list, add a new node + symkey = PK11_ReferenceSymKey( aSymKey ) ; + if( symkey == NULL ) + throw RuntimeException() ; + + try { + m_tSymKeyList.push_back( symkey ) ; + } catch ( Exception& ) { + PK11_FreeSymKey( symkey ) ; + } + } +} + +void SecurityEnvironment_NssImpl :: rejectSymKey( PK11SymKey* aSymKey ) throw( Exception , RuntimeException ) { + PK11SymKey* symkey ; + std::list< PK11SymKey* >::iterator keyIt ; + + if( aSymKey != NULL ) { + for( keyIt = m_tSymKeyList.begin() ; keyIt != m_tSymKeyList.end() ; keyIt ++ ) { + if( *keyIt == aSymKey ) { + symkey = *keyIt ; + PK11_FreeSymKey( symkey ) ; + m_tSymKeyList.erase( keyIt ) ; + break ; + } + } + } +} + +PK11SymKey* SecurityEnvironment_NssImpl :: getSymKey( unsigned int position ) throw( Exception , RuntimeException ) { + PK11SymKey* symkey ; + std::list< PK11SymKey* >::iterator keyIt ; + unsigned int pos ; + + symkey = NULL ; + for( pos = 0, keyIt = m_tSymKeyList.begin() ; pos < position && keyIt != m_tSymKeyList.end() ; pos ++ , keyIt ++ ) ; + + if( pos == position && keyIt != m_tSymKeyList.end() ) + symkey = *keyIt ; + + return symkey ; +} + +void SecurityEnvironment_NssImpl :: adoptPubKey( SECKEYPublicKey* aPubKey ) throw( Exception , RuntimeException ) { + SECKEYPublicKey* pubkey ; + std::list< SECKEYPublicKey* >::iterator keyIt ; + + if( aPubKey != NULL ) { + //First try to find the key in the list + for( keyIt = m_tPubKeyList.begin() ; keyIt != m_tPubKeyList.end() ; keyIt ++ ) { + if( *keyIt == aPubKey ) + return ; + } + + //If we do not find the key in the list, add a new node + pubkey = SECKEY_CopyPublicKey( aPubKey ) ; + if( pubkey == NULL ) + throw RuntimeException() ; + + try { + m_tPubKeyList.push_back( pubkey ) ; + } catch ( Exception& ) { + SECKEY_DestroyPublicKey( pubkey ) ; + } + } +} + +void SecurityEnvironment_NssImpl :: rejectPubKey( SECKEYPublicKey* aPubKey ) throw( Exception , RuntimeException ) { + SECKEYPublicKey* pubkey ; + std::list< SECKEYPublicKey* >::iterator keyIt ; + + if( aPubKey != NULL ) { + for( keyIt = m_tPubKeyList.begin() ; keyIt != m_tPubKeyList.end() ; keyIt ++ ) { + if( *keyIt == aPubKey ) { + pubkey = *keyIt ; + SECKEY_DestroyPublicKey( pubkey ) ; + m_tPubKeyList.erase( keyIt ) ; + break ; + } + } + } +} + +SECKEYPublicKey* SecurityEnvironment_NssImpl :: getPubKey( unsigned int position ) throw( Exception , RuntimeException ) { + SECKEYPublicKey* pubkey ; + std::list< SECKEYPublicKey* >::iterator keyIt ; + unsigned int pos ; + + pubkey = NULL ; + for( pos = 0, keyIt = m_tPubKeyList.begin() ; pos < position && keyIt != m_tPubKeyList.end() ; pos ++ , keyIt ++ ) ; + + if( pos == position && keyIt != m_tPubKeyList.end() ) + pubkey = *keyIt ; + + return pubkey ; +} + +void SecurityEnvironment_NssImpl :: adoptPriKey( SECKEYPrivateKey* aPriKey ) throw( Exception , RuntimeException ) { + SECKEYPrivateKey* prikey ; + std::list< SECKEYPrivateKey* >::iterator keyIt ; + + if( aPriKey != NULL ) { + //First try to find the key in the list + for( keyIt = m_tPriKeyList.begin() ; keyIt != m_tPriKeyList.end() ; keyIt ++ ) { + if( *keyIt == aPriKey ) + return ; + } + + //If we do not find the key in the list, add a new node + prikey = SECKEY_CopyPrivateKey( aPriKey ) ; + if( prikey == NULL ) + throw RuntimeException() ; + + try { + m_tPriKeyList.push_back( prikey ) ; + } catch ( Exception& ) { + SECKEY_DestroyPrivateKey( prikey ) ; + } + } +} + +void SecurityEnvironment_NssImpl :: rejectPriKey( SECKEYPrivateKey* aPriKey ) throw( Exception , RuntimeException ) { + SECKEYPrivateKey* prikey ; + std::list< SECKEYPrivateKey* >::iterator keyIt ; + + if( aPriKey != NULL ) { + for( keyIt = m_tPriKeyList.begin() ; keyIt != m_tPriKeyList.end() ; keyIt ++ ) { + if( *keyIt == aPriKey ) { + prikey = *keyIt ; + SECKEY_DestroyPrivateKey( prikey ) ; + m_tPriKeyList.erase( keyIt ) ; + break ; + } + } + } +} + +SECKEYPrivateKey* SecurityEnvironment_NssImpl :: getPriKey( unsigned int position ) throw( ::com::sun::star::uno::Exception , ::com::sun::star::uno::RuntimeException ) { + SECKEYPrivateKey* prikey ; + std::list< SECKEYPrivateKey* >::iterator keyIt ; + unsigned int pos ; + + prikey = NULL ; + for( pos = 0, keyIt = m_tPriKeyList.begin() ; pos < position && keyIt != m_tPriKeyList.end() ; pos ++ , keyIt ++ ) ; + + if( pos == position && keyIt != m_tPriKeyList.end() ) + prikey = *keyIt ; + + return prikey ; +} + +void SecurityEnvironment_NssImpl::updateSlots() +{ + //In case new tokens are present then we can obtain the corresponding slot + PK11SlotList * soltList = NULL; + PK11SlotListElement * soltEle = NULL; + PK11SlotInfo * pSlot = NULL; + PK11SymKey * pSymKey = NULL; + + osl::MutexGuard guard(m_mutex); + + m_Slots.clear(); + m_tSymKeyList.clear(); + + soltList = PK11_GetAllTokens( CKM_INVALID_MECHANISM, PR_FALSE, PR_FALSE, NULL ) ; + if( soltList != NULL ) + { + for( soltEle = soltList->head ; soltEle != NULL; soltEle = soltEle->next ) + { + pSlot = soltEle->slot ; + + if(pSlot != NULL) + { + RTL_LOGFILE_TRACE2( "XMLSEC: Found a slot: SlotName=%s, TokenName=%s", PK11_GetSlotName(pSlot), PK11_GetTokenName(pSlot) ); + +//The following code which is commented out checks if a slot, that is a smart card for example, is +// able to generate a symmetric key of type CKM_DES3_CBC. If this fails then this token +// will not be used. This key is possibly used for the encryption service. However, all +// interfaces and services used for public key signature and encryption are not published +// and the encryption is not used in OOo. Therefore it does not do any harm to remove +// this code, hence allowing smart cards which cannot generate this type of key. +// +// By doing this, the encryption may fail if a smart card is being used which does not +// support this key generation. +// + pSymKey = PK11_KeyGen( pSlot , CKM_DES3_CBC, NULL, 128, NULL ) ; +// if( pSymKey == NULL ) +// { +// PK11_FreeSlot( pSlot ) ; +// RTL_LOGFILE_TRACE( "XMLSEC: Error - pSymKey is NULL" ); +// continue; +// } + addCryptoSlot(pSlot); + PK11_FreeSlot( pSlot ) ; + pSlot = NULL; + + if (pSymKey != NULL) + { + adoptSymKey( pSymKey ) ; + PK11_FreeSymKey( pSymKey ) ; + pSymKey = NULL; + } + + }// end of if(pSlot != NULL) + }// end of for + }// end of if( soltList != NULL ) + +} + + +Sequence< Reference < XCertificate > > +SecurityEnvironment_NssImpl::getPersonalCertificates() throw( SecurityException , RuntimeException ) +{ + sal_Int32 length ; + X509Certificate_NssImpl* xcert ; + std::list< X509Certificate_NssImpl* > certsList ; + + updateSlots(); + //firstly, we try to find private keys in slot + for (CIT_SLOTS is = m_Slots.begin(); is != m_Slots.end(); is++) + { + PK11SlotInfo *slot = *is; + SECKEYPrivateKeyList* priKeyList ; + SECKEYPrivateKeyListNode* curPri ; + + if( PK11_NeedLogin(slot ) ) { + SECStatus nRet = PK11_Authenticate(slot, PR_TRUE, NULL); + //PK11_Authenticate may fail in case the a slot has not been initialized. + //this is the case if the user has a new profile, so that they have never + //added a personal certificate. + if( nRet != SECSuccess && PORT_GetError() != SEC_ERROR_IO) { + throw NoPasswordException(); + } + } + + priKeyList = PK11_ListPrivateKeysInSlot(slot) ; + if( priKeyList != NULL ) { + for( curPri = PRIVKEY_LIST_HEAD( priKeyList ); + !PRIVKEY_LIST_END( curPri, priKeyList ) && curPri != NULL ; + curPri = PRIVKEY_LIST_NEXT( curPri ) ) { + xcert = NssPrivKeyToXCert( curPri->key ) ; + if( xcert != NULL ) + certsList.push_back( xcert ) ; + } + } + + SECKEY_DestroyPrivateKeyList( priKeyList ) ; + } + + //secondly, we try to find certificate from registered private keys. + if( !m_tPriKeyList.empty() ) { + std::list< SECKEYPrivateKey* >::iterator priKeyIt ; + + for( priKeyIt = m_tPriKeyList.begin() ; priKeyIt != m_tPriKeyList.end() ; priKeyIt ++ ) { + xcert = NssPrivKeyToXCert( *priKeyIt ) ; + if( xcert != NULL ) + certsList.push_back( xcert ) ; + } + } + + length = certsList.size() ; + if( length != 0 ) { + int i ; + std::list< X509Certificate_NssImpl* >::iterator xcertIt ; + Sequence< Reference< XCertificate > > certSeq( length ) ; + + for( i = 0, xcertIt = certsList.begin(); xcertIt != certsList.end(); xcertIt ++, i++ ) { + certSeq[i] = *xcertIt ; + } + + return certSeq ; + } + + return Sequence< Reference < XCertificate > > (); +} + +Reference< XCertificate > SecurityEnvironment_NssImpl :: getCertificate( const OUString& issuerName, const Sequence< sal_Int8 >& serialNumber ) throw( SecurityException , RuntimeException ) +{ + X509Certificate_NssImpl* xcert = NULL; + + if( m_pHandler != NULL ) { + CERTIssuerAndSN issuerAndSN ; + CERTCertificate* cert ; + CERTName* nmIssuer ; + char* chIssuer ; + SECItem* derIssuer ; + PRArenaPool* arena ; + + arena = PORT_NewArena( DER_DEFAULT_CHUNKSIZE ) ; + if( arena == NULL ) + throw RuntimeException() ; + + /* + * mmi : because MS Crypto use the 'S' tag (equal to the 'ST' tag in NSS), but the NSS can't recognise + * it, so the 'S' tag should be changed to 'ST' tag + * + * PS : it can work, but inside libxmlsec, the 'S' tag is till used to find cert in NSS engine, so it + * is not useful at all. (comment out now) + */ + + /* + sal_Int32 nIndex = 0; + OUString newIssuerName; + do + { + OUString aToken = issuerName.getToken( 0, ',', nIndex ).trim(); + if (aToken.compareToAscii("S=",2) == 0) + { + newIssuerName+=OUString::createFromAscii("ST="); + newIssuerName+=aToken.copy(2); + } + else + { + newIssuerName+=aToken; + } + + if (nIndex >= 0) + { + newIssuerName+=OUString::createFromAscii(","); + } + } while ( nIndex >= 0 ); + */ + + /* end */ + + //Create cert info from issue and serial + rtl::OString ostr = rtl::OUStringToOString( issuerName , RTL_TEXTENCODING_UTF8 ) ; + chIssuer = PL_strndup( ( char* )ostr.getStr(), ( int )ostr.getLength() ) ; + nmIssuer = CERT_AsciiToName( chIssuer ) ; + if( nmIssuer == NULL ) { + PL_strfree( chIssuer ) ; + PORT_FreeArena( arena, PR_FALSE ) ; + + /* + * i40394 + * + * mmi : no need to throw exception + * just return "no found" + */ + //throw RuntimeException() ; + return NULL; + } + + derIssuer = SEC_ASN1EncodeItem( arena, NULL, ( void* )nmIssuer, SEC_ASN1_GET( CERT_NameTemplate ) ) ; + if( derIssuer == NULL ) { + PL_strfree( chIssuer ) ; + CERT_DestroyName( nmIssuer ) ; + PORT_FreeArena( arena, PR_FALSE ) ; + throw RuntimeException() ; + } + + memset( &issuerAndSN, 0, sizeof( issuerAndSN ) ) ; + + issuerAndSN.derIssuer.data = derIssuer->data ; + issuerAndSN.derIssuer.len = derIssuer->len ; + + issuerAndSN.serialNumber.data = ( unsigned char* )&serialNumber[0] ; + issuerAndSN.serialNumber.len = serialNumber.getLength() ; + + cert = CERT_FindCertByIssuerAndSN( m_pHandler, &issuerAndSN ) ; + if( cert != NULL ) { + xcert = NssCertToXCert( cert ) ; + } else { + xcert = NULL ; + } + + PL_strfree( chIssuer ) ; + CERT_DestroyName( nmIssuer ) ; + //SECITEM_FreeItem( derIssuer, PR_FALSE ) ; + CERT_DestroyCertificate( cert ) ; + PORT_FreeArena( arena, PR_FALSE ) ; + } else { + xcert = NULL ; + } + + return xcert ; +} + +Reference< XCertificate > SecurityEnvironment_NssImpl :: getCertificate( const OUString& issuerName, const OUString& serialNumber ) throw( SecurityException , RuntimeException ) { + Sequence< sal_Int8 > serial = numericStringToBigInteger( serialNumber ) ; + return getCertificate( issuerName, serial ) ; +} + +Sequence< Reference < XCertificate > > SecurityEnvironment_NssImpl :: buildCertificatePath( const Reference< XCertificate >& begin ) throw( SecurityException , RuntimeException ) { + const X509Certificate_NssImpl* xcert ; + const CERTCertificate* cert ; + CERTCertList* certChain ; + + Reference< XUnoTunnel > xCertTunnel( begin, UNO_QUERY ) ; + if( !xCertTunnel.is() ) { + throw RuntimeException() ; + } + + xcert = reinterpret_cast<X509Certificate_NssImpl*>( + sal::static_int_cast<sal_uIntPtr>(xCertTunnel->getSomething( X509Certificate_NssImpl::getUnoTunnelId() ))) ; + if( xcert == NULL ) { + throw RuntimeException() ; + } + + cert = xcert->getNssCert() ; + if( cert != NULL ) { + int64 timeboundary ; + + //Get the system clock time + timeboundary = PR_Now() ; + + certChain = CERT_GetCertChainFromCert( ( CERTCertificate* )cert, timeboundary, certUsageAnyCA ) ; + } else { + certChain = NULL ; + } + + if( certChain != NULL ) { + X509Certificate_NssImpl* pCert ; + CERTCertListNode* node ; + int len ; + + for( len = 0, node = CERT_LIST_HEAD( certChain ); !CERT_LIST_END( node, certChain ); node = CERT_LIST_NEXT( node ), len ++ ) ; + Sequence< Reference< XCertificate > > xCertChain( len ) ; + + for( len = 0, node = CERT_LIST_HEAD( certChain ); !CERT_LIST_END( node, certChain ); node = CERT_LIST_NEXT( node ), len ++ ) { + pCert = new X509Certificate_NssImpl() ; + if( pCert == NULL ) { + CERT_DestroyCertList( certChain ) ; + throw RuntimeException() ; + } + + pCert->setCert( node->cert ) ; + + xCertChain[len] = pCert ; + } + + CERT_DestroyCertList( certChain ) ; + + return xCertChain ; + } + + return Sequence< Reference < XCertificate > >(); +} + +Reference< XCertificate > SecurityEnvironment_NssImpl :: createCertificateFromRaw( const Sequence< sal_Int8 >& rawCertificate ) throw( SecurityException , RuntimeException ) { + X509Certificate_NssImpl* xcert ; + + if( rawCertificate.getLength() > 0 ) { + xcert = new X509Certificate_NssImpl() ; + if( xcert == NULL ) + throw RuntimeException() ; + + xcert->setRawCert( rawCertificate ) ; + } else { + xcert = NULL ; + } + + return xcert ; +} + +Reference< XCertificate > SecurityEnvironment_NssImpl :: createCertificateFromAscii( const OUString& asciiCertificate ) throw( SecurityException , RuntimeException ) { + xmlChar* chCert ; + xmlSecSize certSize ; + + rtl::OString oscert = rtl::OUStringToOString( asciiCertificate , RTL_TEXTENCODING_ASCII_US ) ; + + chCert = xmlStrndup( ( const xmlChar* )oscert.getStr(), ( int )oscert.getLength() ) ; + + certSize = xmlSecBase64Decode( chCert, ( xmlSecByte* )chCert, xmlStrlen( chCert ) ) ; + + Sequence< sal_Int8 > rawCert( certSize ) ; + for( unsigned int i = 0 ; i < certSize ; i ++ ) + rawCert[i] = *( chCert + i ) ; + + xmlFree( chCert ) ; + + return createCertificateFromRaw( rawCert ) ; +} + +sal_Int32 SecurityEnvironment_NssImpl :: +verifyCertificate( const Reference< csss::XCertificate >& aCert, + const Sequence< Reference< csss::XCertificate > >& intermediateCerts ) + throw( ::com::sun::star::uno::SecurityException, ::com::sun::star::uno::RuntimeException ) +{ + sal_Int32 validity = 0; + const X509Certificate_NssImpl* xcert ; + const CERTCertificate* cert ; + ::std::vector<CERTCertificate*> vecTmpNSSCertificates; + Reference< XUnoTunnel > xCertTunnel( aCert, UNO_QUERY ) ; + if( !xCertTunnel.is() ) { + throw RuntimeException() ; + } + + OSL_TRACE("[xmlsecurity] Start verification of certificate: %s", + OUStringToOString( + aCert->getIssuerName(), osl_getThreadTextEncoding()).getStr()); + + + xcert = reinterpret_cast<X509Certificate_NssImpl*>( + sal::static_int_cast<sal_uIntPtr>(xCertTunnel->getSomething( X509Certificate_NssImpl::getUnoTunnelId() ))) ; + if( xcert == NULL ) { + throw RuntimeException() ; + } + + cert = xcert->getNssCert() ; + if( cert != NULL ) + { + + //prepare the intermediate certificates + CERTCertDBHandle * certDb = m_pHandler != NULL ? m_pHandler : CERT_GetDefaultCertDB(); + for (sal_Int32 i = 0; i < intermediateCerts.getLength(); i++) + { + Sequence<sal_Int8> der = intermediateCerts[i]->getEncoded(); + SECItem item; + item.type = siBuffer; + item.data = (unsigned char*)der.getArray(); + item.len = der.getLength(); + + CERTCertificate* certTmp = CERT_NewTempCertificate(certDb, &item, + NULL /* nickname */, + PR_FALSE /* isPerm */, + PR_TRUE /* copyDER */); + if (!certTmp) + { + OSL_TRACE("[xmlsecurity] Failed to add a temporary certificate: %s", + OUStringToOString(intermediateCerts[i]->getIssuerName(), + osl_getThreadTextEncoding()).getStr()); + + } + else + { + OSL_TRACE("[xmlsecurity] Added temporary certificate: %s", + certTmp->subjectName ? certTmp->subjectName : ""); + vecTmpNSSCertificates.push_back(certTmp); + } + } + + + int64 timeboundary ; + SECStatus status ; + + //Get the system clock time + timeboundary = PR_Now() ; + SECCertificateUsage usage = 0; + + // create log + + CERTVerifyLog realLog; + CERTVerifyLog *log; + + log = &realLog; + + + log->count = 0; + log->head = NULL; + log->tail = NULL; + log->arena = PORT_NewArena( DER_DEFAULT_CHUNKSIZE ); + + //CERTVerifyLog *log; + //PRArenaPool *arena; + + //arena = PORT_NewArena( DER_DEFAULT_CHUNKSIZE ); + //log = PORT_ArenaZNew( arena, CERTVerifyLog ); + //log->arena = arena; + validity = csss::CertificateValidity::INVALID; + + if( m_pHandler != NULL ) + { + //JL: We must not pass a particular usage in the requiredUsages argument (the 4th) because, + //then ONLY these are verified. For example, we pass + //certificateUsageSSLClient | certificateUsageSSLServer. Then checking a certificate which + // is a valid certificateUsageEmailSigner but no certificateUsageSSLClient | certificateUsageSSLServer + //will result in CertificateValidity::INVALID. + //Only if the argument "requiredUsages" has a value (other than zero) + //then the function will return SECFailure in case + //the certificate is not suitable for the provided usage. That is, in the previous + //example the function returns SECFailure. + status = CERT_VerifyCertificate( + m_pHandler, ( CERTCertificate* )cert, PR_TRUE, + (SECCertificateUsage)0, timeboundary , NULL, log, &usage); + } + else + { + status = CERT_VerifyCertificate( + CERT_GetDefaultCertDB(), ( CERTCertificate* )cert, + PR_TRUE, (SECCertificateUsage)0, timeboundary ,NULL, log, &usage); + } + + if( status == SECSuccess ) + { + // JL & TKR : certificateUsageUserCertImport, + // certificateUsageVerifyCA and certificateUsageAnyCA dont check the chain + + //When an intermediate or root certificate is checked then we expect the usage + //certificateUsageSSLCA. This, however, will be only set when in the trust settings dialog + //the button "This certificate can identify websites" is checked. If for example only + //"This certificate can identify mail users" is set then the end certificate can + //be validated and the returned usage will conain certificateUsageEmailRecipient. + //But checking directly the root or intermediate certificate will fail. In the + //certificate path view the end certificate will be shown as valid but the others + //will be displayed as invalid. + + if (usage & certificateUsageEmailSigner + || usage & certificateUsageEmailRecipient + || usage & certificateUsageSSLCA + || usage & certificateUsageSSLServer + || usage & certificateUsageSSLClient + // || usage & certificateUsageUserCertImport + // || usage & certificateUsageVerifyCA + || usage & certificateUsageStatusResponder ) + // || usage & certificateUsageAnyCA ) + validity = csss::CertificateValidity::VALID; + else + validity = csss::CertificateValidity::INVALID; + + } + // always check what kind of error occured, even SECStatus says Success + //JL: When we call CERT_VerifyCertificate whit the parameter requiredUsages == 0 then all + //possible usages are checked. Then there are certainly usages for which the certificate + //is not intended. For these usages there will be NO flag set in the argument returnedUsages + // (the last arg) and there will be error codes set in the log. Therefore we cannot + //set the CertificateValidity to INVALID because there is a log entry. +// CERTVerifyLogNode *logNode = 0; + +// logNode = log->head; +// while ( logNode != NULL ) +// { +// sal_Int32 errorCode = 0; +// errorCode = logNode->error; + +// switch ( errorCode ) +// { +// // JL & TKR: Any error are treated as invalid because we cannot say that we get all occurred errors from NSS +// /* +// case ( SEC_ERROR_REVOKED_CERTIFICATE ): +// validity |= csss::CertificateValidity::REVOKED; +// break; +// case ( SEC_ERROR_EXPIRED_CERTIFICATE ): +// validity |= csss::CertificateValidity::TIME_INVALID; +// break; +// case ( SEC_ERROR_CERT_USAGES_INVALID): +// validity |= csss::CertificateValidity::INVALID; +// break; +// case ( SEC_ERROR_UNTRUSTED_ISSUER ): +// case ( SEC_ERROR_UNTRUSTED_CERT ): +// validity |= csss::CertificateValidity::UNTRUSTED; +// break; +// */ +// default: +// validity |= csss::CertificateValidity::INVALID; +// break; +// } +// logNode = logNode->next; +// } + } + else + { + + validity = ::com::sun::star::security::CertificateValidity::INVALID ; + } + + //Destroying the temporary certificates + std::vector<CERTCertificate*>::const_iterator cert_i; + for (cert_i = vecTmpNSSCertificates.begin(); cert_i != vecTmpNSSCertificates.end(); cert_i++) + { + OSL_TRACE("[xmlsecurity] Destroying temporary certificate"); + CERT_DestroyCertificate(*cert_i); + } +#if OSL_DEBUG_LEVEL > 1 + if (validity == ::com::sun::star::security::CertificateValidity::VALID) + OSL_TRACE("[xmlsecurity] Certificate is valid."); + else + OSL_TRACE("[xmlsecurity] Certificate is invalid."); +#endif + return validity ; +} + +sal_Int32 SecurityEnvironment_NssImpl::getCertificateCharacters( + const ::com::sun::star::uno::Reference< ::com::sun::star::security::XCertificate >& aCert ) throw( ::com::sun::star::uno::SecurityException, ::com::sun::star::uno::RuntimeException ) { + sal_Int32 characters ; + const X509Certificate_NssImpl* xcert ; + const CERTCertificate* cert ; + + Reference< XUnoTunnel > xCertTunnel( aCert, UNO_QUERY ) ; + if( !xCertTunnel.is() ) { + throw RuntimeException() ; + } + + xcert = reinterpret_cast<X509Certificate_NssImpl*>( + sal::static_int_cast<sal_uIntPtr>(xCertTunnel->getSomething( X509Certificate_NssImpl::getUnoTunnelId() ))) ; + if( xcert == NULL ) { + throw RuntimeException() ; + } + + cert = xcert->getNssCert() ; + + characters = 0x00000000 ; + + //Firstly, find out whether or not the cert is self-signed. + if( SECITEM_CompareItem( &(cert->derIssuer), &(cert->derSubject) ) == SECEqual ) { + characters |= ::com::sun::star::security::CertificateCharacters::SELF_SIGNED ; + } else { + characters &= ~ ::com::sun::star::security::CertificateCharacters::SELF_SIGNED ; + } + + //Secondly, find out whether or not the cert has a private key. + + /* + * i40394 + * + * mmi : need to check whether the cert's slot is valid first + */ + SECKEYPrivateKey* priKey = NULL; + + if (cert->slot != NULL) + { + priKey = PK11_FindPrivateKeyFromCert( cert->slot, ( CERTCertificate* )cert, NULL ) ; + } + if(priKey == NULL) + { + for (CIT_SLOTS is = m_Slots.begin(); is != m_Slots.end(); is++) + { + priKey = PK11_FindPrivateKeyFromCert(*is, (CERTCertificate*)cert, NULL); + if (priKey) + break; + } + } + if( priKey != NULL ) { + characters |= ::com::sun::star::security::CertificateCharacters::HAS_PRIVATE_KEY ; + + SECKEY_DestroyPrivateKey( priKey ) ; + } else { + characters &= ~ ::com::sun::star::security::CertificateCharacters::HAS_PRIVATE_KEY ; + } + + return characters ; +} + +X509Certificate_NssImpl* NssCertToXCert( CERTCertificate* cert ) +{ + X509Certificate_NssImpl* xcert ; + + if( cert != NULL ) { + xcert = new X509Certificate_NssImpl() ; + if( xcert == NULL ) { + xcert = NULL ; + } else { + xcert->setCert( cert ) ; + } + } else { + xcert = NULL ; + } + + return xcert ; +} + +X509Certificate_NssImpl* NssPrivKeyToXCert( SECKEYPrivateKey* priKey ) +{ + CERTCertificate* cert ; + X509Certificate_NssImpl* xcert ; + + if( priKey != NULL ) { + cert = PK11_GetCertFromPrivateKey( priKey ) ; + + if( cert != NULL ) { + xcert = NssCertToXCert( cert ) ; + } else { + xcert = NULL ; + } + + CERT_DestroyCertificate( cert ) ; + } else { + xcert = NULL ; + } + + return xcert ; +} + + +/* Native methods */ +xmlSecKeysMngrPtr SecurityEnvironment_NssImpl::createKeysManager() throw( Exception, RuntimeException ) { + + unsigned int i ; + CERTCertDBHandle* handler = NULL ; + PK11SymKey* symKey = NULL ; + SECKEYPublicKey* pubKey = NULL ; + SECKEYPrivateKey* priKey = NULL ; + xmlSecKeysMngrPtr pKeysMngr = NULL ; + + handler = this->getCertDb() ; + + /*- + * The following lines is based on the private version of xmlSec-NSS + * crypto engine + */ + int cSlots = m_Slots.size(); + boost::scoped_array<PK11SlotInfo*> sarSlots(new PK11SlotInfo*[cSlots]); + PK11SlotInfo** slots = sarSlots.get(); + int count = 0; + for (CIT_SLOTS islots = m_Slots.begin();islots != m_Slots.end(); islots++, count++) + slots[count] = *islots; + + pKeysMngr = xmlSecNssAppliedKeysMngrCreate(slots, cSlots, handler ) ; + if( pKeysMngr == NULL ) + throw RuntimeException() ; + + /*- + * Adopt symmetric key into keys manager + */ + for( i = 0 ; ( symKey = this->getSymKey( i ) ) != NULL ; i ++ ) { + if( xmlSecNssAppliedKeysMngrSymKeyLoad( pKeysMngr, symKey ) < 0 ) { + throw RuntimeException() ; + } + } + + /*- + * Adopt asymmetric public key into keys manager + */ + for( i = 0 ; ( pubKey = this->getPubKey( i ) ) != NULL ; i ++ ) { + if( xmlSecNssAppliedKeysMngrPubKeyLoad( pKeysMngr, pubKey ) < 0 ) { + throw RuntimeException() ; + } + } + + /*- + * Adopt asymmetric private key into keys manager + */ + for( i = 0 ; ( priKey = this->getPriKey( i ) ) != NULL ; i ++ ) { + if( xmlSecNssAppliedKeysMngrPriKeyLoad( pKeysMngr, priKey ) < 0 ) { + throw RuntimeException() ; + } + } + return pKeysMngr ; +} +void SecurityEnvironment_NssImpl::destroyKeysManager(xmlSecKeysMngrPtr pKeysMngr) throw( Exception, RuntimeException ) { + if( pKeysMngr != NULL ) { + xmlSecKeysMngrDestroy( pKeysMngr ) ; + } +} diff --git a/xmlsecurity/source/xmlsec/nss/securityenvironment_nssimpl.hxx b/xmlsecurity/source/xmlsec/nss/securityenvironment_nssimpl.hxx new file mode 100644 index 000000000000..d6586794bea5 --- /dev/null +++ b/xmlsecurity/source/xmlsec/nss/securityenvironment_nssimpl.hxx @@ -0,0 +1,186 @@ +/************************************************************************* + * + * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. + * + * Copyright 2008 by Sun Microsystems, Inc. + * + * OpenOffice.org - a multi-platform office productivity suite + * + * $RCSfile: securityenvironment_nssimpl.hxx,v $ + * $Revision: 1.9 $ + * + * This file is part of OpenOffice.org. + * + * OpenOffice.org is free software: you can redistribute it and/or modify + * it under the terms of the GNU Lesser General Public License version 3 + * only, as published by the Free Software Foundation. + * + * OpenOffice.org is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU Lesser General Public License version 3 for more details + * (a copy is included in the LICENSE file that accompanied this code). + * + * You should have received a copy of the GNU Lesser General Public License + * version 3 along with OpenOffice.org. If not, see + * <http://www.openoffice.org/license.html> + * for a copy of the LGPLv3 License. + * + ************************************************************************/ + +#ifndef _XSECURITYENVIRONMENT_NSSIMPL_HXX_ +#define _XSECURITYENVIRONMENT_NSSIMPL_HXX_ + +#include <sal/config.h> +#include <rtl/ustring.hxx> +#include <cppuhelper/factory.hxx> +#include <cppuhelper/implbase4.hxx> +#include <com/sun/star/uno/Exception.hpp> + +#ifndef _COM_SUN_STAR_UNO_REFERENCE_HPP_ +#include <com/sun/star/uno/Reference.hxx> +#endif +#include <com/sun/star/lang/XSingleServiceFactory.hpp> + +#ifndef _COM_SUN_STAR_LANG_XSECVICEINFO_HPP_ +#include <com/sun/star/lang/XServiceInfo.hpp> +#endif +#include <com/sun/star/lang/XInitialization.hpp> +#include <com/sun/star/xml/crypto/XSecurityEnvironment.hpp> +#include <com/sun/star/security/XCertificate.hpp> +#include <com/sun/star/security/CertificateCharacters.hpp> +#include <com/sun/star/security/CertificateValidity.hpp> +#include <com/sun/star/lang/XUnoTunnel.hpp> + +#include "osl/mutex.hxx" + +#include "pk11func.h" +#include "keyhi.h" +#include "certdb.h" +#include "list" + +#include <sal/types.h> +//For reasons that escape me, this is what xmlsec does when size_t is not 4 +#if SAL_TYPES_SIZEOFPOINTER != 4 +# define XMLSEC_NO_SIZE_T +#endif +#include "xmlsec/xmlsec.h" + +class SecurityEnvironment_NssImpl : public ::cppu::WeakImplHelper4< + ::com::sun::star::xml::crypto::XSecurityEnvironment , + ::com::sun::star::lang::XInitialization , + ::com::sun::star::lang::XServiceInfo , + ::com::sun::star::lang::XUnoTunnel > +{ +private : + + std::list< PK11SlotInfo* > m_Slots; + typedef std::list< PK11SlotInfo* >::const_iterator CIT_SLOTS; + + osl::Mutex m_mutex; + + CERTCertDBHandle* m_pHandler ; + std::list< PK11SymKey* > m_tSymKeyList ; + std::list< SECKEYPublicKey* > m_tPubKeyList ; + std::list< SECKEYPrivateKey* > m_tPriKeyList ; + ::com::sun::star::uno::Reference< ::com::sun::star::lang::XMultiServiceFactory > m_xServiceManager ; + + public : + SecurityEnvironment_NssImpl( const ::com::sun::star::uno::Reference< ::com::sun::star::lang::XMultiServiceFactory >& aFactory ) ; + virtual ~SecurityEnvironment_NssImpl() ; + + //Methods from XSecurityEnvironment + + //Methods from XInitialization + virtual void SAL_CALL initialize( + const ::com::sun::star::uno::Sequence< ::com::sun::star::uno::Any >& aArguments + ) throw( ::com::sun::star::uno::Exception , ::com::sun::star::uno::RuntimeException ) ; + + //Methods from XServiceInfo + virtual ::rtl::OUString SAL_CALL getImplementationName() throw( ::com::sun::star::uno::RuntimeException ) ; + + virtual sal_Bool SAL_CALL supportsService( + const ::rtl::OUString& ServiceName + ) throw( ::com::sun::star::uno::RuntimeException ) ; + + virtual ::com::sun::star::uno::Sequence< ::rtl::OUString > SAL_CALL getSupportedServiceNames() throw( ::com::sun::star::uno::RuntimeException ) ; + + //Helper for XServiceInfo + static ::com::sun::star::uno::Sequence< ::rtl::OUString > impl_getSupportedServiceNames() ; + + static ::rtl::OUString impl_getImplementationName() throw( ::com::sun::star::uno::RuntimeException ) ; + + //Helper for registry + static ::com::sun::star::uno::Reference< ::com::sun::star::uno::XInterface > SAL_CALL impl_createInstance( const ::com::sun::star::uno::Reference< ::com::sun::star::lang::XMultiServiceFactory >& aServiceManager ) throw( ::com::sun::star::uno::RuntimeException ) ; + + static ::com::sun::star::uno::Reference< ::com::sun::star::lang::XSingleServiceFactory > impl_createFactory( const ::com::sun::star::uno::Reference< ::com::sun::star::lang::XMultiServiceFactory >& aServiceManager ) ; + + virtual ::sal_Int32 SAL_CALL verifyCertificate( + const ::com::sun::star::uno::Reference< + ::com::sun::star::security::XCertificate >& xCert, + const ::com::sun::star::uno::Sequence< + ::com::sun::star::uno::Reference< ::com::sun::star::security::XCertificate > > & + intermediateCerts) + throw (::com::sun::star::uno::SecurityException, ::com::sun::star::uno::RuntimeException) ; + + virtual ::sal_Int32 SAL_CALL getCertificateCharacters( const ::com::sun::star::uno::Reference< ::com::sun::star::security::XCertificate >& xCert ) throw (::com::sun::star::uno::SecurityException, ::com::sun::star::uno::RuntimeException) ; + + virtual ::rtl::OUString SAL_CALL getSecurityEnvironmentInformation( ) throw (::com::sun::star::uno::RuntimeException); + + //Methods from XUnoTunnel + virtual sal_Int64 SAL_CALL getSomething( const ::com::sun::star::uno::Sequence< sal_Int8 >& aIdentifier ) + throw (::com::sun::star::uno::RuntimeException); + + static const ::com::sun::star::uno::Sequence< sal_Int8 >& getUnoTunnelId() ; + static SecurityEnvironment_NssImpl* getImplementation( const ::com::sun::star::uno::Reference< ::com::sun::star::uno::XInterface > xObj ) ; + + //Native mehtods + virtual CERTCertDBHandle* getCertDb() throw( ::com::sun::star::uno::Exception , ::com::sun::star::uno::RuntimeException ) ; + + virtual void setCertDb( CERTCertDBHandle* aCertDb ) throw( ::com::sun::star::uno::Exception , ::com::sun::star::uno::RuntimeException ) ; + + virtual void adoptSymKey( PK11SymKey* aSymKey ) throw( ::com::sun::star::uno::Exception , ::com::sun::star::uno::RuntimeException ) ; + + virtual void rejectSymKey( PK11SymKey* aSymKey ) throw( ::com::sun::star::uno::Exception , ::com::sun::star::uno::RuntimeException ) ; + + virtual PK11SymKey* getSymKey( unsigned int position ) throw( ::com::sun::star::uno::Exception , ::com::sun::star::uno::RuntimeException ) ; + + virtual void adoptPubKey( SECKEYPublicKey* aPubKey ) throw( ::com::sun::star::uno::Exception , ::com::sun::star::uno::RuntimeException ) ; + + virtual void rejectPubKey( SECKEYPublicKey* aPubKey ) throw( ::com::sun::star::uno::Exception , ::com::sun::star::uno::RuntimeException ) ; + + virtual SECKEYPublicKey* getPubKey( unsigned int position ) throw( ::com::sun::star::uno::Exception , ::com::sun::star::uno::RuntimeException ) ; + + virtual void adoptPriKey( SECKEYPrivateKey* aPriKey ) throw( ::com::sun::star::uno::Exception , ::com::sun::star::uno::RuntimeException ) ; + + virtual void rejectPriKey( SECKEYPrivateKey* aPriKey ) throw( ::com::sun::star::uno::Exception , ::com::sun::star::uno::RuntimeException ) ; + + virtual SECKEYPrivateKey* getPriKey( unsigned int position ) throw( ::com::sun::star::uno::Exception , ::com::sun::star::uno::RuntimeException ) ; + + virtual ::com::sun::star::uno::Sequence< ::com::sun::star::uno::Reference< ::com::sun::star::security::XCertificate > > SAL_CALL getPersonalCertificates() throw( ::com::sun::star::uno::SecurityException , ::com::sun::star::uno::RuntimeException ) ; + + virtual ::com::sun::star::uno::Reference< ::com::sun::star::security::XCertificate > SAL_CALL getCertificate( const ::rtl::OUString& issuerName, const ::com::sun::star::uno::Sequence< sal_Int8 >& serialNumber ) throw( ::com::sun::star::uno::SecurityException , ::com::sun::star::uno::RuntimeException ) ; + + virtual ::com::sun::star::uno::Reference< ::com::sun::star::security::XCertificate > SAL_CALL getCertificate( const ::rtl::OUString& issuerName, const ::rtl::OUString& serialNumber ) throw( ::com::sun::star::uno::SecurityException , ::com::sun::star::uno::RuntimeException ) ; + + virtual ::com::sun::star::uno::Sequence< ::com::sun::star::uno::Reference< ::com::sun::star::security::XCertificate > > SAL_CALL buildCertificatePath( const ::com::sun::star::uno::Reference< ::com::sun::star::security::XCertificate >& beginCert ) throw( ::com::sun::star::uno::SecurityException , ::com::sun::star::uno::RuntimeException ) ; + + virtual ::com::sun::star::uno::Reference< ::com::sun::star::security::XCertificate > SAL_CALL createCertificateFromRaw( const ::com::sun::star::uno::Sequence< sal_Int8 >& rawCertificate ) throw( ::com::sun::star::uno::SecurityException , ::com::sun::star::uno::RuntimeException ) ; + + virtual ::com::sun::star::uno::Reference< ::com::sun::star::security::XCertificate > SAL_CALL createCertificateFromAscii( const ::rtl::OUString& asciiCertificate ) throw( ::com::sun::star::uno::SecurityException , ::com::sun::star::uno::RuntimeException ) ; + + + //Native mehtods + virtual xmlSecKeysMngrPtr createKeysManager() throw( ::com::sun::star::uno::Exception , ::com::sun::star::uno::RuntimeException ) ; + virtual void destroyKeysManager(xmlSecKeysMngrPtr pKeysMngr) throw( ::com::sun::star::uno::Exception , ::com::sun::star::uno::RuntimeException ) ; + +private: + void updateSlots(); + + virtual void addCryptoSlot( PK11SlotInfo* aSlot ) throw( ::com::sun::star::uno::Exception , ::com::sun::star::uno::RuntimeException ) ; + + +} ; + +#endif // _XSECURITYENVIRONMENT_NSSIMPL_HXX_ + diff --git a/xmlsecurity/source/xmlsec/nss/seinitializer_nssimpl.cxx b/xmlsecurity/source/xmlsec/nss/seinitializer_nssimpl.cxx new file mode 100644 index 000000000000..3255a2d5bf58 --- /dev/null +++ b/xmlsecurity/source/xmlsec/nss/seinitializer_nssimpl.cxx @@ -0,0 +1,529 @@ +/************************************************************************* + * + * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. + * + * Copyright 2008 by Sun Microsystems, Inc. + * + * OpenOffice.org - a multi-platform office productivity suite + * + * $RCSfile: seinitializer_nssimpl.cxx,v $ + * $Revision: 1.22 $ + * + * This file is part of OpenOffice.org. + * + * OpenOffice.org is free software: you can redistribute it and/or modify + * it under the terms of the GNU Lesser General Public License version 3 + * only, as published by the Free Software Foundation. + * + * OpenOffice.org is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU Lesser General Public License version 3 for more details + * (a copy is included in the LICENSE file that accompanied this code). + * + * You should have received a copy of the GNU Lesser General Public License + * version 3 along with OpenOffice.org. If not, see + * <http://www.openoffice.org/license.html> + * for a copy of the LGPLv3 License. + * + ************************************************************************/ + +// MARKER(update_precomp.py): autogen include statement, do not remove +#include "precompiled_xmlsecurity.hxx" + +/* + * Turn off DEBUG Assertions + */ +#ifdef _DEBUG + #define _DEBUG_WAS_DEFINED _DEBUG + #undef _DEBUG +#else + #undef _DEBUG_WAS_DEFINED +#endif + +/* + * and turn off the additional virtual methods which are part of some interfaces when compiled + * with debug + */ +#ifdef DEBUG + #define DEBUG_WAS_DEFINED DEBUG + #undef DEBUG +#else + #undef DEBUG_WAS_DEFINED +#endif + + +#include <sal/types.h> +#include "rtl/instance.hxx" +#include "rtl/bootstrap.hxx" +#include "rtl/string.hxx" +#include "rtl/strbuf.hxx" +#include "osl/file.hxx" +#include "osl/thread.h" +#include <tools/debug.hxx> +#include <rtl/logfile.hxx> + +#include "seinitializer_nssimpl.hxx" + +#include "securityenvironment_nssimpl.hxx" +#include <com/sun/star/mozilla/XMozillaBootstrap.hpp> + +#include "nspr.h" +#include "cert.h" +#include "nss.h" +#include "secmod.h" +#include "nssckbi.h" + + +namespace cssu = com::sun::star::uno; +namespace cssl = com::sun::star::lang; +namespace cssxc = com::sun::star::xml::crypto; + +using namespace com::sun::star; +using ::rtl::OUString; +using ::rtl::OString; + +#define SERVICE_NAME "com.sun.star.xml.crypto.SEInitializer" +#define IMPLEMENTATION_NAME "com.sun.star.xml.security.bridge.xmlsec.SEInitializer_NssImpl" +#define SECURITY_ENVIRONMENT "com.sun.star.xml.crypto.SecurityEnvironment" +#define SECURITY_CONTEXT "com.sun.star.xml.crypto.XMLSecurityContext" + + +#define ROOT_CERTS "Root Certs for OpenOffice.org" + + +extern "C" void nsscrypto_finalize(); + + +namespace +{ + +bool nsscrypto_initialize( const char * sProfile, bool & out_nss_init); + +struct InitNSSInitialize +{ + //path to the database folder + const OString m_sProfile; + InitNSSInitialize(const OString & sProfile): m_sProfile(sProfile) {}; + bool * operator()() + { + static bool bInitialized = false; + bool bNSSInit = false; + bInitialized = nsscrypto_initialize(m_sProfile.getStr(), bNSSInit); + if (bNSSInit) + atexit(nsscrypto_finalize ); + return & bInitialized; + + } +}; + +bool * initNSS(const OString & sProfile) +{ + return rtl_Instance< bool, InitNSSInitialize, + ::osl::MutexGuard, ::osl::GetGlobalMutex >::create( + InitNSSInitialize(sProfile), ::osl::GetGlobalMutex()); +} + +void deleteRootsModule() +{ + SECMODModule *RootsModule = 0; + SECMODModuleList *list = SECMOD_GetDefaultModuleList(); + SECMODListLock *lock = SECMOD_GetDefaultModuleListLock(); + SECMOD_GetReadLock(lock); + + while (!RootsModule && list) + { + SECMODModule *module = list->module; + + for (int i=0; i < module->slotCount; i++) + { + PK11SlotInfo *slot = module->slots[i]; + if (PK11_IsPresent(slot)) + { + if (PK11_HasRootCerts(slot)) + { + OSL_TRACE("[xmlsecurity] The root certifificates module \"%s" + "\" is already loaded: \n%s", + module->commonName, module->dllName); + + RootsModule = SECMOD_ReferenceModule(module); + break; + } + } + } + list = list->next; + } + SECMOD_ReleaseReadLock(lock); + + if (RootsModule) + { + PRInt32 modType; + if (SECSuccess == SECMOD_DeleteModule(RootsModule->commonName, &modType)) + { + OSL_TRACE("[xmlsecurity] Deleted module \"%s\".", RootsModule->commonName); + } + else + { + OSL_TRACE("[xmlsecurity] Failed to delete \"%s\" : \n%s", + RootsModule->commonName, RootsModule->dllName); + } + SECMOD_DestroyModule(RootsModule); + RootsModule = 0; + } +} + +//Older versions of Firefox (FF), for example FF2, and Thunderbird (TB) 2 write +//the roots certificate module (libnssckbi.so), which they use, into the +//profile. This module will then already be loaded during NSS_Init (and the +//other init functions). This fails in two cases. First, FF3 was used to create +//the profile, or possibly used that profile before, and second the profile was +//used on a different platform. +// +//Then one needs to add the roots module oneself. This should be done with +//SECMOD_LoadUserModule rather then SECMOD_AddNewModule. The latter would write +//the location of the roots module to the profile, which makes FF2 and TB2 use +//it instead of there own module. +// +//When using SYSTEM_MOZILLA then the libnss3.so lib is typically found in +///usr/lib. This folder may, however, NOT contain the roots certificate +//module. That is, just providing the library name in SECMOD_LoadUserModule or +//SECMOD_AddNewModule will FAIL to load the mozilla unless the LD_LIBRARY_PATH +//contains an FF or TB installation. +//ATTENTION: DO NOT call this function directly instead use initNSS +//return true - whole initialization was successful +//param out_nss_init = true: at least the NSS initialization (NSS_InitReadWrite +//was successful and therefor NSS_Shutdown should be called when terminating. +bool nsscrypto_initialize( const char* token, bool & out_nss_init ) +{ + bool return_value = true; + + OSL_TRACE("[xmlsecurity] Using profile: %s", token); + + PR_Init( PR_USER_THREAD, PR_PRIORITY_NORMAL, 1 ) ; + + if( NSS_InitReadWrite( token ) != SECSuccess ) + { + char * error = NULL; + + PR_GetErrorText(error); + if (error) + printf("%s",error); + return false ; + } + out_nss_init = true; + +#if defined SYSTEM_MOZILLA + if (!SECMOD_HasRootCerts()) + { +#endif + deleteRootsModule(); + +#if defined SYSTEM_MOZILLA + OUString rootModule(RTL_CONSTASCII_USTRINGPARAM("libnssckbi"SAL_DLLEXTENSION)); +#else + OUString rootModule(RTL_CONSTASCII_USTRINGPARAM("${OOO_BASE_DIR}/program/libnssckbi"SAL_DLLEXTENSION)); +#endif + ::rtl::Bootstrap::expandMacros(rootModule); + + OUString rootModulePath; + if (::osl::File::E_None == ::osl::File::getSystemPathFromFileURL(rootModule, rootModulePath)) + { + ::rtl::OString ospath = ::rtl::OUStringToOString(rootModulePath, osl_getThreadTextEncoding()); + ::rtl::OStringBuffer pkcs11moduleSpec; + pkcs11moduleSpec.append("name=\""); + pkcs11moduleSpec.append(ROOT_CERTS); + pkcs11moduleSpec.append("\" library=\""); + pkcs11moduleSpec.append(ospath.getStr()); + pkcs11moduleSpec.append("\""); + + SECMODModule * RootsModule = + SECMOD_LoadUserModule( + const_cast<char*>(pkcs11moduleSpec.makeStringAndClear().getStr()), + 0, // no parent + PR_FALSE); // do not recurse + + if (RootsModule) + { + + bool found = RootsModule->loaded; + + SECMOD_DestroyModule(RootsModule); + RootsModule = 0; + if (found) + OSL_TRACE("[xmlsecurity] Added new root certificate module " + "\""ROOT_CERTS"\" contained in \n%s", ospath.getStr()); + else + { + OSL_TRACE("[xmlsecurity] FAILED to load the new root certificate module " + "\""ROOT_CERTS"\" contained in \n%s", ospath.getStr()); + return_value = false; + } + } + else + { + OSL_TRACE("[xmlsecurity] FAILED to add new root certifice module: " + "\""ROOT_CERTS"\" contained in \n%s", ospath.getStr()); + return_value = false; + + } + } + else + { + OSL_TRACE("[xmlsecurity] Adding new root certificate module failed."); + return_value = false; + } +#if SYSTEM_MOZILLA + } +#endif + + return return_value; +} + + +// must be extern "C" because we pass the function pointer to atexit +extern "C" void nsscrypto_finalize() +{ + SECMODModule *RootsModule = SECMOD_FindModule(ROOT_CERTS); + + if (RootsModule) + { + + if (SECSuccess == SECMOD_UnloadUserModule(RootsModule)) + { + OSL_TRACE("[xmlsecurity] Unloaded module \""ROOT_CERTS"\"."); + } + else + { + OSL_TRACE("[xmlsecurity] Failed unloadeding module \""ROOT_CERTS"\"."); + } + SECMOD_DestroyModule(RootsModule); + } + else + { + OSL_TRACE("[xmlsecurity] Unloading module \""ROOT_CERTS + "\" failed because it was not found."); + } + PK11_LogoutAll(); + NSS_Shutdown(); +} + + +bool getMozillaCurrentProfile( + const com::sun::star::uno::Reference< com::sun::star::lang::XMultiServiceFactory > &rxMSF, + rtl::OUString& profilePath) +{ + /* + * first, try to get the profile from "MOZILLA_CERTIFICATE_FOLDER" + */ + char * env = getenv("MOZILLA_CERTIFICATE_FOLDER"); + if (env) + { + profilePath = rtl::OUString::createFromAscii( env ); + RTL_LOGFILE_PRODUCT_TRACE1( "XMLSEC: Using env MOZILLA_CERTIFICATE_FOLDER: %s", rtl::OUStringToOString( profilePath, RTL_TEXTENCODING_ASCII_US ).getStr() ); + return true; + } + else + { + RTL_LOGFILE_TRACE( "getMozillaCurrentProfile: Using MozillaBootstrap..." ); + mozilla::MozillaProductType productTypes[4] = { + mozilla::MozillaProductType_Thunderbird, + mozilla::MozillaProductType_Mozilla, + mozilla::MozillaProductType_Firefox, + mozilla::MozillaProductType_Default }; + int nProduct = 4; + + uno::Reference<uno::XInterface> xInstance = rxMSF->createInstance( + ::rtl::OUString( RTL_CONSTASCII_USTRINGPARAM("com.sun.star.mozilla.MozillaBootstrap")) ); + OSL_ENSURE( xInstance.is(), "failed to create instance" ); + + uno::Reference<mozilla::XMozillaBootstrap> xMozillaBootstrap + = uno::Reference<mozilla::XMozillaBootstrap>(xInstance,uno::UNO_QUERY); + OSL_ENSURE( xMozillaBootstrap.is(), "failed to create instance" ); + + if (xMozillaBootstrap.is()) + { + for (int i=0; i<nProduct; i++) + { + ::rtl::OUString profile = xMozillaBootstrap->getDefaultProfile(productTypes[i]); + + RTL_LOGFILE_TRACE2( "getMozillaCurrentProfile: getDefaultProfile [%i] returns %s", i, rtl::OUStringToOString( profile, RTL_TEXTENCODING_ASCII_US ).getStr() ); + + if (profile != NULL && profile.getLength()>0) + { + profilePath = xMozillaBootstrap->getProfilePath(productTypes[i],profile); + RTL_LOGFILE_PRODUCT_TRACE1( "XMLSEC: Using Mozilla Profile: %s", rtl::OUStringToOString( profilePath, RTL_TEXTENCODING_ASCII_US ).getStr() ); + return true; + } + } + } + + RTL_LOGFILE_PRODUCT_TRACE( "XMLSEC: No Mozilla Profile found!" ); + return false; + } +} + +} // namespace + +SEInitializer_NssImpl::SEInitializer_NssImpl( + const com::sun::star::uno::Reference< com::sun::star::lang::XMultiServiceFactory > &rxMSF) + :mxMSF( rxMSF ) +{ +} + +SEInitializer_NssImpl::~SEInitializer_NssImpl() +{ +} + +/* XSEInitializer */ +cssu::Reference< cssxc::XXMLSecurityContext > SAL_CALL + SEInitializer_NssImpl::createSecurityContext( + const rtl::OUString& sCertDB ) + throw (cssu::RuntimeException) +{ + CERTCertDBHandle *pCertHandle = NULL ; + + rtl::OString sCertDir; + if( sCertDB.getLength() ) + { + sCertDir = rtl::OString(sCertDB, sCertDB.getLength(), RTL_TEXTENCODING_ASCII_US); + } + else + { + static rtl::OString* pDefaultCertDir = NULL; + if ( !pDefaultCertDir ) + { + pDefaultCertDir = new rtl::OString; + rtl::OUString ouCertDir; + + + + if ( getMozillaCurrentProfile(mxMSF, ouCertDir) ) + *pDefaultCertDir = rtl::OString(ouCertDir, ouCertDir.getLength(), RTL_TEXTENCODING_ASCII_US); + } + sCertDir = *pDefaultCertDir; + + } + + if( !sCertDir.getLength() ) + { + RTL_LOGFILE_TRACE( "XMLSEC: Error - No certificate directory!" ); + // return NULL; + } + + + /* Initialize NSPR and NSS */ + /* Replaced with new methods by AF. ---- + //PR_Init( PR_SYSTEM_THREAD, PR_PRIORITY_NORMAL, 1 ) ; + PR_Init( PR_USER_THREAD, PR_PRIORITY_NORMAL, 1 ) ; + + if (NSS_Init(sCertDir.getStr()) != SECSuccess ) + { + PK11_LogoutAll(); + return NULL; + } + ----*/ + if( ! *initNSS( sCertDir.getStr() ) ) + { + RTL_LOGFILE_TRACE( "XMLSEC: Error - nsscrypto_initialize() failed." ); + if ( NSS_NoDB_Init(NULL) != SECSuccess ) + { + RTL_LOGFILE_TRACE( "XMLSEC: NSS_NoDB_Init also failed, NSS Security not available!" ); + return NULL; + } + else + { + RTL_LOGFILE_TRACE( "XMLSEC: NSS_NoDB_Init works, enough for verifying signatures..." ); + } + } + + pCertHandle = CERT_GetDefaultCertDB() ; + + try + { + /* Build XML Security Context */ + const rtl::OUString sSecyrutyContext ( RTL_CONSTASCII_USTRINGPARAM( SECURITY_CONTEXT ) ); + cssu::Reference< cssxc::XXMLSecurityContext > xSecCtx( mxMSF->createInstance ( sSecyrutyContext ), cssu::UNO_QUERY ); + if( !xSecCtx.is() ) + return NULL; + + const rtl::OUString sSecyrutyEnvironment ( RTL_CONSTASCII_USTRINGPARAM( SECURITY_ENVIRONMENT ) ); + cssu::Reference< cssxc::XSecurityEnvironment > xSecEnv( mxMSF->createInstance ( sSecyrutyEnvironment ), cssu::UNO_QUERY ); + cssu::Reference< cssl::XUnoTunnel > xEnvTunnel( xSecEnv , cssu::UNO_QUERY ) ; + if( !xEnvTunnel.is() ) + return NULL; + SecurityEnvironment_NssImpl* pSecEnv = reinterpret_cast<SecurityEnvironment_NssImpl*>( + sal::static_int_cast<sal_uIntPtr>( + xEnvTunnel->getSomething(SecurityEnvironment_NssImpl::getUnoTunnelId() ))) ; + pSecEnv->setCertDb(pCertHandle); + + sal_Int32 n = xSecCtx->addSecurityEnvironment(xSecEnv); + //originally the SecurityEnvironment with the internal slot was set as default + xSecCtx->setDefaultSecurityEnvironmentIndex( n ); + return xSecCtx; + } + catch( cssu::Exception& ) + { + //PK11_LogoutAll(); + //NSS_Shutdown(); + return NULL; + } +} + +void SAL_CALL SEInitializer_NssImpl::freeSecurityContext( const cssu::Reference< cssxc::XXMLSecurityContext >& ) + throw (cssu::RuntimeException) +{ + /* + * because the security context will free all its content when it + * is destructed, so here no free process for the security context + * is needed. + */ + //PK11_LogoutAll(); + //NSS_Shutdown(); +} + +rtl::OUString SEInitializer_NssImpl_getImplementationName () + throw (cssu::RuntimeException) +{ + + return rtl::OUString ( RTL_CONSTASCII_USTRINGPARAM ( IMPLEMENTATION_NAME ) ); +} + +sal_Bool SAL_CALL SEInitializer_NssImpl_supportsService( const rtl::OUString& ServiceName ) + throw (cssu::RuntimeException) +{ + return ServiceName.equalsAsciiL( RTL_CONSTASCII_STRINGPARAM ( SERVICE_NAME )); +} + +cssu::Sequence< rtl::OUString > SAL_CALL SEInitializer_NssImpl_getSupportedServiceNames( ) + throw (cssu::RuntimeException) +{ + cssu::Sequence < rtl::OUString > aRet(1); + rtl::OUString* pArray = aRet.getArray(); + pArray[0] = rtl::OUString ( RTL_CONSTASCII_USTRINGPARAM ( SERVICE_NAME ) ); + return aRet; +} +#undef SERVICE_NAME + +cssu::Reference< cssu::XInterface > SAL_CALL SEInitializer_NssImpl_createInstance( const cssu::Reference< cssl::XMultiServiceFactory > & rSMgr) + throw( cssu::Exception ) +{ + return (cppu::OWeakObject*) new SEInitializer_NssImpl(rSMgr); +} + +/* XServiceInfo */ +rtl::OUString SAL_CALL SEInitializer_NssImpl::getImplementationName( ) + throw (cssu::RuntimeException) +{ + return SEInitializer_NssImpl_getImplementationName(); +} +sal_Bool SAL_CALL SEInitializer_NssImpl::supportsService( const rtl::OUString& rServiceName ) + throw (cssu::RuntimeException) +{ + return SEInitializer_NssImpl_supportsService( rServiceName ); +} +cssu::Sequence< rtl::OUString > SAL_CALL SEInitializer_NssImpl::getSupportedServiceNames( ) + throw (cssu::RuntimeException) +{ + return SEInitializer_NssImpl_getSupportedServiceNames(); +} + diff --git a/xmlsecurity/source/xmlsec/nss/seinitializer_nssimpl.hxx b/xmlsecurity/source/xmlsec/nss/seinitializer_nssimpl.hxx new file mode 100644 index 000000000000..7796a27a4146 --- /dev/null +++ b/xmlsecurity/source/xmlsec/nss/seinitializer_nssimpl.hxx @@ -0,0 +1,111 @@ +/************************************************************************* + * + * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. + * + * Copyright 2008 by Sun Microsystems, Inc. + * + * OpenOffice.org - a multi-platform office productivity suite + * + * $RCSfile: seinitializer_nssimpl.hxx,v $ + * $Revision: 1.3 $ + * + * This file is part of OpenOffice.org. + * + * OpenOffice.org is free software: you can redistribute it and/or modify + * it under the terms of the GNU Lesser General Public License version 3 + * only, as published by the Free Software Foundation. + * + * OpenOffice.org is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU Lesser General Public License version 3 for more details + * (a copy is included in the LICENSE file that accompanied this code). + * + * You should have received a copy of the GNU Lesser General Public License + * version 3 along with OpenOffice.org. If not, see + * <http://www.openoffice.org/license.html> + * for a copy of the LGPLv3 License. + * + ************************************************************************/ + +#ifndef _SEINITIALIZERIMPL_HXX +#define _SEINITIALIZERIMPL_HXX + +#include <com/sun/star/xml/crypto/XXMLSecurityContext.hpp> +#ifndef _COM_SUN_STAR_XML_CRYPTO_SEINITIALIZER_HPP_ +#include <com/sun/star/xml/crypto/XSEInitializer.hpp> +#endif +#include <com/sun/star/lang/XUnoTunnel.hpp> +#include <com/sun/star/lang/XServiceInfo.hpp> +#include <com/sun/star/lang/XMultiServiceFactory.hpp> +#include <cppuhelper/implbase2.hxx> + +#include <libxml/tree.h> + +class SEInitializer_NssImpl : public cppu::WeakImplHelper2 +< + com::sun::star::xml::crypto::XSEInitializer, + com::sun::star::lang::XServiceInfo +> +/****** SEInitializer_NssImpl.hxx/CLASS SEInitializer_NssImpl *********** + * + * NAME + * SEInitializer_NssImpl -- Class to initialize a Security Context + * instance + * + * FUNCTION + * Use this class to initialize a XmlSec based Security Context + * instance. After this instance is used up, use this class to free this + * instance. + * + * HISTORY + * 05.01.2004 - Interface supported: XSEInitializer, XSEInitializer + * + * AUTHOR + * Michael Mi + * Email: michael.mi@sun.com + ******************************************************************************/ +{ +private: + com::sun::star::uno::Reference< com::sun::star::lang::XMultiServiceFactory > mxMSF; + +public: + SEInitializer_NssImpl(const com::sun::star::uno::Reference< com::sun::star::lang::XMultiServiceFactory > &rxMSF); + virtual ~SEInitializer_NssImpl(); + + /* XSEInitializer */ + virtual com::sun::star::uno::Reference< + com::sun::star::xml::crypto::XXMLSecurityContext > + SAL_CALL createSecurityContext( const rtl::OUString& certDB ) + throw (com::sun::star::uno::RuntimeException); + + virtual void SAL_CALL freeSecurityContext( const com::sun::star::uno::Reference< + com::sun::star::xml::crypto::XXMLSecurityContext >& securityContext ) + throw (com::sun::star::uno::RuntimeException); + + /* XServiceInfo */ + virtual rtl::OUString SAL_CALL getImplementationName( ) + throw (com::sun::star::uno::RuntimeException); + + virtual sal_Bool SAL_CALL supportsService( const rtl::OUString& ServiceName ) + throw (com::sun::star::uno::RuntimeException); + + virtual com::sun::star::uno::Sequence< rtl::OUString > SAL_CALL getSupportedServiceNames( ) + throw (com::sun::star::uno::RuntimeException); +}; + +rtl::OUString SEInitializer_NssImpl_getImplementationName() + throw ( com::sun::star::uno::RuntimeException ); + +sal_Bool SAL_CALL SEInitializer_NssImpl_supportsService( const rtl::OUString& ServiceName ) + throw ( com::sun::star::uno::RuntimeException ); + +com::sun::star::uno::Sequence< rtl::OUString > SAL_CALL SEInitializer_NssImpl_getSupportedServiceNames( ) + throw ( com::sun::star::uno::RuntimeException ); + +com::sun::star::uno::Reference< com::sun::star::uno::XInterface > +SAL_CALL SEInitializer_NssImpl_createInstance( const com::sun::star::uno::Reference< com::sun::star::lang::XMultiServiceFactory > & rSMgr) + throw ( com::sun::star::uno::Exception ); + +#endif + diff --git a/xmlsecurity/source/xmlsec/nss/x509certificate_nssimpl.cxx b/xmlsecurity/source/xmlsec/nss/x509certificate_nssimpl.cxx new file mode 100644 index 000000000000..d6b5e189330e --- /dev/null +++ b/xmlsecurity/source/xmlsec/nss/x509certificate_nssimpl.cxx @@ -0,0 +1,474 @@ +/************************************************************************* + * + * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. + * + * Copyright 2008 by Sun Microsystems, Inc. + * + * OpenOffice.org - a multi-platform office productivity suite + * + * $RCSfile: x509certificate_nssimpl.cxx,v $ + * $Revision: 1.11 $ + * + * This file is part of OpenOffice.org. + * + * OpenOffice.org is free software: you can redistribute it and/or modify + * it under the terms of the GNU Lesser General Public License version 3 + * only, as published by the Free Software Foundation. + * + * OpenOffice.org is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU Lesser General Public License version 3 for more details + * (a copy is included in the LICENSE file that accompanied this code). + * + * You should have received a copy of the GNU Lesser General Public License + * version 3 along with OpenOffice.org. If not, see + * <http://www.openoffice.org/license.html> + * for a copy of the LGPLv3 License. + * + ************************************************************************/ + +// MARKER(update_precomp.py): autogen include statement, do not remove +#include "precompiled_xmlsecurity.hxx" + + + +#include "nssrenam.h" +#include "nspr.h" +#include "nss.h" +#include "secder.h" + +//MM : added by MM +#include "hasht.h" +#include "secoid.h" +#include "pk11func.h" +//MM : end + + + +#include <sal/config.h> +#include <rtl/uuid.h> +#include "x509certificate_nssimpl.hxx" + +#ifndef _CERTIFICATEEXTENSION_NSSIMPL_HXX_ +#include "certificateextension_xmlsecimpl.hxx" +#endif + + +using namespace ::com::sun::star::uno ; +using namespace ::com::sun::star::security ; +using ::rtl::OUString ; + +using ::com::sun::star::security::XCertificate ; +using ::com::sun::star::util::DateTime ; + +X509Certificate_NssImpl :: X509Certificate_NssImpl() : + m_pCert( NULL ) +{ +} + +X509Certificate_NssImpl :: ~X509Certificate_NssImpl() { + if( m_pCert != NULL ) { + CERT_DestroyCertificate( m_pCert ) ; + } +} + +//Methods from XCertificate +sal_Int16 SAL_CALL X509Certificate_NssImpl :: getVersion() throw ( ::com::sun::star::uno::RuntimeException) { + if( m_pCert != NULL ) { + if( m_pCert->version.len > 0 ) { + return ( char )*( m_pCert->version.data ) ; + } else + return 0 ; + } else { + return -1 ; + } +} + +::com::sun::star::uno::Sequence< sal_Int8 > SAL_CALL X509Certificate_NssImpl :: getSerialNumber() throw ( ::com::sun::star::uno::RuntimeException) { + if( m_pCert != NULL && m_pCert->serialNumber.len > 0 ) { + Sequence< sal_Int8 > serial( m_pCert->serialNumber.len ) ; + for( unsigned int i = 0 ; i < m_pCert->serialNumber.len ; i ++ ) + serial[i] = *( m_pCert->serialNumber.data + i ) ; + + return serial ; + } else { + return ::com::sun::star::uno::Sequence< sal_Int8 >(); + } +} + +::rtl::OUString SAL_CALL X509Certificate_NssImpl :: getIssuerName() throw ( ::com::sun::star::uno::RuntimeException) { + if( m_pCert != NULL ) { + return OUString(m_pCert->issuerName , PL_strlen(m_pCert->issuerName) , RTL_TEXTENCODING_UTF8) ; + } else { + return OUString() ; + } +} + +::rtl::OUString SAL_CALL X509Certificate_NssImpl :: getSubjectName() throw ( ::com::sun::star::uno::RuntimeException) { + if( m_pCert != NULL ) { + return OUString(m_pCert->subjectName , PL_strlen(m_pCert->subjectName) , RTL_TEXTENCODING_UTF8); + } else { + return OUString() ; + } +} + +::com::sun::star::util::DateTime SAL_CALL X509Certificate_NssImpl :: getNotValidBefore() throw ( ::com::sun::star::uno::RuntimeException) { + if( m_pCert != NULL ) { + SECStatus rv ; + PRTime notBefore ; + PRExplodedTime explTime ; + DateTime dateTime ; + + rv = DER_DecodeTimeChoice( ¬Before, &m_pCert->validity.notBefore ) ; + if( rv ) { + return DateTime() ; + } + + //Convert the time to readable local time + PR_ExplodeTime( notBefore, PR_LocalTimeParameters, &explTime ) ; + + dateTime.HundredthSeconds = explTime.tm_usec / 1000 ; + dateTime.Seconds = explTime.tm_sec ; + dateTime.Minutes = explTime.tm_min ; + dateTime.Hours = explTime.tm_hour ; + dateTime.Day = explTime.tm_mday ; + dateTime.Month = explTime.tm_month+1 ; + dateTime.Year = explTime.tm_year ; + + return dateTime ; + } else { + return DateTime() ; + } +} + +::com::sun::star::util::DateTime SAL_CALL X509Certificate_NssImpl :: getNotValidAfter() throw ( ::com::sun::star::uno::RuntimeException) { + if( m_pCert != NULL ) { + SECStatus rv ; + PRTime notAfter ; + PRExplodedTime explTime ; + DateTime dateTime ; + + rv = DER_DecodeTimeChoice( ¬After, &m_pCert->validity.notAfter ) ; + if( rv ) { + return DateTime() ; + } + + //Convert the time to readable local time + PR_ExplodeTime( notAfter, PR_LocalTimeParameters, &explTime ) ; + + dateTime.HundredthSeconds = explTime.tm_usec / 1000 ; + dateTime.Seconds = explTime.tm_sec ; + dateTime.Minutes = explTime.tm_min ; + dateTime.Hours = explTime.tm_hour ; + dateTime.Day = explTime.tm_mday ; + dateTime.Month = explTime.tm_month+1 ; + dateTime.Year = explTime.tm_year ; + + return dateTime ; + } else { + return DateTime() ; + } +} + +::com::sun::star::uno::Sequence< sal_Int8 > SAL_CALL X509Certificate_NssImpl :: getIssuerUniqueID() throw ( ::com::sun::star::uno::RuntimeException) { + if( m_pCert != NULL && m_pCert->issuerID.len > 0 ) { + Sequence< sal_Int8 > issuerUid( m_pCert->issuerID.len ) ; + for( unsigned int i = 0 ; i < m_pCert->issuerID.len ; i ++ ) + issuerUid[i] = *( m_pCert->issuerID.data + i ) ; + + return issuerUid ; + } else { + return ::com::sun::star::uno::Sequence< sal_Int8 >(); + } +} + +::com::sun::star::uno::Sequence< sal_Int8 > SAL_CALL X509Certificate_NssImpl :: getSubjectUniqueID() throw ( ::com::sun::star::uno::RuntimeException) { + if( m_pCert != NULL && m_pCert->subjectID.len > 0 ) { + Sequence< sal_Int8 > subjectUid( m_pCert->subjectID.len ) ; + for( unsigned int i = 0 ; i < m_pCert->subjectID.len ; i ++ ) + subjectUid[i] = *( m_pCert->subjectID.data + i ) ; + + return subjectUid ; + } else { + return ::com::sun::star::uno::Sequence< sal_Int8 >(); + } +} + +::com::sun::star::uno::Sequence< ::com::sun::star::uno::Reference< ::com::sun::star::security::XCertificateExtension > > SAL_CALL X509Certificate_NssImpl :: getExtensions() throw ( ::com::sun::star::uno::RuntimeException) { + if( m_pCert != NULL && m_pCert->extensions != NULL ) { + CERTCertExtension** extns ; + CertificateExtension_XmlSecImpl* pExtn ; + sal_Bool crit ; + int len ; + + for( len = 0, extns = m_pCert->extensions; *extns != NULL; len ++, extns ++ ) ; + Sequence< Reference< XCertificateExtension > > xExtns( len ) ; + + for( extns = m_pCert->extensions, len = 0; *extns != NULL; extns ++, len ++ ) { + pExtn = new CertificateExtension_XmlSecImpl() ; + if( (*extns)->critical.data == NULL ) + crit = sal_False ; + else + crit = ( (*extns)->critical.data[0] == 0xFF ) ? sal_True : sal_False ; + pExtn->setCertExtn( (*extns)->value.data, (*extns)->value.len, (*extns)->id.data, (*extns)->id.len, crit ) ; + + xExtns[len] = pExtn ; + } + + return xExtns ; + } else { + return ::com::sun::star::uno::Sequence< ::com::sun::star::uno::Reference< ::com::sun::star::security::XCertificateExtension > > (); + } +} + +::com::sun::star::uno::Reference< ::com::sun::star::security::XCertificateExtension > SAL_CALL X509Certificate_NssImpl :: findCertificateExtension( const ::com::sun::star::uno::Sequence< sal_Int8 >& oid ) throw (::com::sun::star::uno::RuntimeException) { + if( m_pCert != NULL && m_pCert->extensions != NULL ) { + CertificateExtension_XmlSecImpl* pExtn ; + CERTCertExtension** extns ; + SECItem idItem ; + sal_Bool crit ; + + idItem.data = ( unsigned char* )&oid[0] ; + idItem.len = oid.getLength() ; + + pExtn = NULL ; + for( extns = m_pCert->extensions; *extns != NULL; extns ++ ) { + if( SECITEM_CompareItem( &idItem, &(*extns)->id ) == SECEqual ) { + pExtn = new CertificateExtension_XmlSecImpl() ; + if( (*extns)->critical.data == NULL ) + crit = sal_False ; + else + crit = ( (*extns)->critical.data[0] == 0xFF ) ? sal_True : sal_False ; + pExtn->setCertExtn( (*extns)->value.data, (*extns)->value.len, (*extns)->id.data, (*extns)->id.len, crit ) ; + } + } + + return pExtn ; + } else { + return NULL ; + } +} + + +::com::sun::star::uno::Sequence< sal_Int8 > SAL_CALL X509Certificate_NssImpl :: getEncoded() throw ( ::com::sun::star::uno::RuntimeException) { + if( m_pCert != NULL && m_pCert->derCert.len > 0 ) { + Sequence< sal_Int8 > rawCert( m_pCert->derCert.len ) ; + + for( unsigned int i = 0 ; i < m_pCert->derCert.len ; i ++ ) + rawCert[i] = *( m_pCert->derCert.data + i ) ; + + return rawCert ; + } else { + return ::com::sun::star::uno::Sequence< sal_Int8 >(); + } +} + +//Helper methods +void X509Certificate_NssImpl :: setCert( CERTCertificate* cert ) { + if( m_pCert != NULL ) { + CERT_DestroyCertificate( m_pCert ) ; + m_pCert = NULL ; + } + + if( cert != NULL ) { + m_pCert = CERT_DupCertificate( cert ) ; + } +} + +const CERTCertificate* X509Certificate_NssImpl :: getNssCert() const { + if( m_pCert != NULL ) { + return m_pCert ; + } else { + return NULL ; + } +} + +void X509Certificate_NssImpl :: setRawCert( Sequence< sal_Int8 > rawCert ) throw ( ::com::sun::star::uno::RuntimeException) { + CERTCertificate* cert ; + SECItem certItem ; + + certItem.data = ( unsigned char* )&rawCert[0] ; + certItem.len = rawCert.getLength() ; + + cert = CERT_DecodeDERCertificate( &certItem, PR_TRUE, NULL ) ; + if( cert == NULL ) + throw RuntimeException() ; + + if( m_pCert != NULL ) { + CERT_DestroyCertificate( m_pCert ) ; + m_pCert = NULL ; + } + + m_pCert = cert ; +} + +/* XUnoTunnel */ +sal_Int64 SAL_CALL X509Certificate_NssImpl :: getSomething( const Sequence< sal_Int8 >& aIdentifier ) throw( RuntimeException ) { + if( aIdentifier.getLength() == 16 && 0 == rtl_compareMemory( getUnoTunnelId().getConstArray(), aIdentifier.getConstArray(), 16 ) ) { + return sal::static_int_cast<sal_Int64>(reinterpret_cast<sal_uIntPtr>(this)); + } + return 0 ; +} + +/* XUnoTunnel extension */ +const Sequence< sal_Int8>& X509Certificate_NssImpl :: getUnoTunnelId() { + static Sequence< sal_Int8 >* pSeq = 0 ; + if( !pSeq ) { + ::osl::Guard< ::osl::Mutex > aGuard( ::osl::Mutex::getGlobalMutex() ) ; + if( !pSeq ) { + static Sequence< sal_Int8> aSeq( 16 ) ; + rtl_createUuid( ( sal_uInt8* )aSeq.getArray() , 0 , sal_True ) ; + pSeq = &aSeq ; + } + } + return *pSeq ; +} + +/* XUnoTunnel extension */ +X509Certificate_NssImpl* X509Certificate_NssImpl :: getImplementation( const Reference< XInterface > xObj ) { + Reference< XUnoTunnel > xUT( xObj , UNO_QUERY ) ; + if( xUT.is() ) { + return reinterpret_cast<X509Certificate_NssImpl*>( + sal::static_int_cast<sal_uIntPtr>(xUT->getSomething( getUnoTunnelId() ))); + } else + return NULL ; +} + +// MM : added by MM +::rtl::OUString getAlgorithmDescription(SECAlgorithmID *aid) +{ + SECOidTag tag; + tag = SECOID_GetAlgorithmTag(aid); + + const char *pDesc = SECOID_FindOIDTagDescription(tag); + + return rtl::OUString::createFromAscii( pDesc ) ; +} + +::com::sun::star::uno::Sequence< sal_Int8 > getThumbprint(CERTCertificate *pCert, SECOidTag id) +{ + if( pCert != NULL ) + { + unsigned char fingerprint[20]; + //char *fpStr = NULL; + SECItem fpItem; + int length = ((id == SEC_OID_MD5)?MD5_LENGTH:SHA1_LENGTH); + + memset(fingerprint, 0, sizeof fingerprint); + PK11_HashBuf(id, fingerprint, pCert->derCert.data, pCert->derCert.len); + fpItem.data = fingerprint; + fpItem.len = length; + //fpStr = CERT_Hexify(&fpItem, 1); + + Sequence< sal_Int8 > thumbprint( length ) ; + for( int i = 0 ; i < length ; i ++ ) + { + thumbprint[i] = fingerprint[i]; + } + + //PORT_Free(fpStr); + return thumbprint; + } + else + { + return ::com::sun::star::uno::Sequence< sal_Int8 >(); + } +} + +::rtl::OUString SAL_CALL X509Certificate_NssImpl::getSubjectPublicKeyAlgorithm() + throw ( ::com::sun::star::uno::RuntimeException) +{ + if( m_pCert != NULL ) + { + return getAlgorithmDescription(&(m_pCert->subjectPublicKeyInfo.algorithm)); + } + else + { + return OUString() ; + } +} + +::com::sun::star::uno::Sequence< sal_Int8 > SAL_CALL X509Certificate_NssImpl::getSubjectPublicKeyValue() + throw ( ::com::sun::star::uno::RuntimeException) +{ + if( m_pCert != NULL ) + { + SECItem spk = m_pCert->subjectPublicKeyInfo.subjectPublicKey; + DER_ConvertBitString(&spk); + + if ( spk.len>0) + { + Sequence< sal_Int8 > key( spk.len ) ; + for( unsigned int i = 0 ; i < spk.len ; i ++ ) + { + key[i] = *( spk.data + i ) ; + } + + return key ; + } + } + + return ::com::sun::star::uno::Sequence< sal_Int8 >(); +} + +::rtl::OUString SAL_CALL X509Certificate_NssImpl::getSignatureAlgorithm() + throw ( ::com::sun::star::uno::RuntimeException) +{ + if( m_pCert != NULL ) + { + return getAlgorithmDescription(&(m_pCert->signature)); + } + else + { + return OUString() ; + } +} + +::com::sun::star::uno::Sequence< sal_Int8 > SAL_CALL X509Certificate_NssImpl::getSHA1Thumbprint() + throw ( ::com::sun::star::uno::RuntimeException) +{ + return getThumbprint(m_pCert, SEC_OID_SHA1); +} + +::com::sun::star::uno::Sequence< sal_Int8 > SAL_CALL X509Certificate_NssImpl::getMD5Thumbprint() + throw ( ::com::sun::star::uno::RuntimeException) +{ + return getThumbprint(m_pCert, SEC_OID_MD5); +} + +sal_Int32 SAL_CALL X509Certificate_NssImpl::getCertificateUsage( ) + throw ( ::com::sun::star::uno::RuntimeException) +{ + SECStatus rv; + SECItem tmpitem; + sal_Int32 usage; + + rv = CERT_FindKeyUsageExtension(m_pCert, &tmpitem); + if ( rv == SECSuccess ) + { + usage = tmpitem.data[0]; + PORT_Free(tmpitem.data); + tmpitem.data = NULL; + } + else + { + usage = KU_ALL; + } + + /* + * to make the nss implementation compatible with MSCrypto, + * the following usage is ignored + * + * + if ( CERT_GovtApprovedBitSet(m_pCert) ) + { + usage |= KU_NS_GOVT_APPROVED; + } + */ + + return usage; +} + +// MM : end + diff --git a/xmlsecurity/source/xmlsec/nss/x509certificate_nssimpl.hxx b/xmlsecurity/source/xmlsec/nss/x509certificate_nssimpl.hxx new file mode 100644 index 000000000000..bb16bcc7fb6e --- /dev/null +++ b/xmlsecurity/source/xmlsec/nss/x509certificate_nssimpl.hxx @@ -0,0 +1,111 @@ +/************************************************************************* + * + * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. + * + * Copyright 2008 by Sun Microsystems, Inc. + * + * OpenOffice.org - a multi-platform office productivity suite + * + * $RCSfile: x509certificate_nssimpl.hxx,v $ + * $Revision: 1.7 $ + * + * This file is part of OpenOffice.org. + * + * OpenOffice.org is free software: you can redistribute it and/or modify + * it under the terms of the GNU Lesser General Public License version 3 + * only, as published by the Free Software Foundation. + * + * OpenOffice.org is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU Lesser General Public License version 3 for more details + * (a copy is included in the LICENSE file that accompanied this code). + * + * You should have received a copy of the GNU Lesser General Public License + * version 3 along with OpenOffice.org. If not, see + * <http://www.openoffice.org/license.html> + * for a copy of the LGPLv3 License. + * + ************************************************************************/ + +#ifndef _X509CERTIFICATE_NSSIMPL_HXX_ +#define _X509CERTIFICATE_NSSIMPL_HXX_ + +#include <sal/config.h> +#include <rtl/ustring.hxx> +#include <cppuhelper/factory.hxx> +#include <cppuhelper/implbase2.hxx> +#include <com/sun/star/uno/Exception.hpp> +#include <com/sun/star/lang/XUnoTunnel.hpp> +#include "com/sun/star/uno/SecurityException.hpp" +#include <com/sun/star/security/XCertificate.hpp> + +#include "cert.h" + +class X509Certificate_NssImpl : public ::cppu::WeakImplHelper2< + ::com::sun::star::security::XCertificate , + ::com::sun::star::lang::XUnoTunnel > +{ + private : + CERTCertificate* m_pCert ; + + public : + X509Certificate_NssImpl() ; + virtual ~X509Certificate_NssImpl() ; + + //Methods from XCertificate + virtual sal_Int16 SAL_CALL getVersion( ) throw ( ::com::sun::star::uno::RuntimeException) ; + + virtual ::com::sun::star::uno::Sequence< sal_Int8 > SAL_CALL getSerialNumber( ) throw ( ::com::sun::star::uno::RuntimeException) ; + + virtual ::rtl::OUString SAL_CALL getIssuerName( ) throw ( ::com::sun::star::uno::RuntimeException) ; + + virtual ::rtl::OUString SAL_CALL getSubjectName( ) throw ( ::com::sun::star::uno::RuntimeException) ; + + virtual ::com::sun::star::util::DateTime SAL_CALL getNotValidBefore( ) throw ( ::com::sun::star::uno::RuntimeException) ; + + virtual ::com::sun::star::util::DateTime SAL_CALL getNotValidAfter( ) throw ( ::com::sun::star::uno::RuntimeException) ; + + virtual ::com::sun::star::uno::Sequence< sal_Int8 > SAL_CALL getIssuerUniqueID( ) throw ( ::com::sun::star::uno::RuntimeException) ; + + virtual ::com::sun::star::uno::Sequence< sal_Int8 > SAL_CALL getSubjectUniqueID( ) throw ( ::com::sun::star::uno::RuntimeException) ; + + virtual ::com::sun::star::uno::Sequence< ::com::sun::star::uno::Reference< ::com::sun::star::security::XCertificateExtension > > SAL_CALL getExtensions( ) throw ( ::com::sun::star::uno::RuntimeException) ; + + virtual ::com::sun::star::uno::Reference< ::com::sun::star::security::XCertificateExtension > SAL_CALL findCertificateExtension( const ::com::sun::star::uno::Sequence< sal_Int8 >& oid ) throw (::com::sun::star::uno::RuntimeException) ; + + virtual ::com::sun::star::uno::Sequence< sal_Int8 > SAL_CALL getEncoded( ) throw ( ::com::sun::star::uno::RuntimeException) ; + + // MM : added by MM + virtual ::rtl::OUString SAL_CALL getSubjectPublicKeyAlgorithm() + throw ( ::com::sun::star::uno::RuntimeException) ; + + virtual ::com::sun::star::uno::Sequence< sal_Int8 > SAL_CALL getSubjectPublicKeyValue() + throw ( ::com::sun::star::uno::RuntimeException) ; + + virtual ::rtl::OUString SAL_CALL getSignatureAlgorithm() + throw ( ::com::sun::star::uno::RuntimeException) ; + + virtual ::com::sun::star::uno::Sequence< sal_Int8 > SAL_CALL getSHA1Thumbprint() + throw ( ::com::sun::star::uno::RuntimeException) ; + + virtual ::com::sun::star::uno::Sequence< sal_Int8 > SAL_CALL getMD5Thumbprint() + throw ( ::com::sun::star::uno::RuntimeException) ; + + virtual sal_Int32 SAL_CALL getCertificateUsage( ) throw ( ::com::sun::star::uno::RuntimeException) ; + // MM : end + + //Methods from XUnoTunnel + virtual sal_Int64 SAL_CALL getSomething( const ::com::sun::star::uno::Sequence< sal_Int8 >& aIdentifier ) throw (com::sun::star::uno::RuntimeException); + + static const ::com::sun::star::uno::Sequence< sal_Int8 >& getUnoTunnelId() ; + static X509Certificate_NssImpl* getImplementation( const ::com::sun::star::uno::Reference< ::com::sun::star::uno::XInterface > xObj ) ; + + //Helper methods + void setCert( CERTCertificate* cert ) ; + const CERTCertificate* getNssCert() const ; + void setRawCert( ::com::sun::star::uno::Sequence< sal_Int8 > rawCert ) throw ( ::com::sun::star::uno::RuntimeException) ; +} ; + +#endif // _X509CERTIFICATE_NSSIMPL_HXX_ + diff --git a/xmlsecurity/source/xmlsec/nss/xmlencryption_nssimpl.cxx b/xmlsecurity/source/xmlsec/nss/xmlencryption_nssimpl.cxx new file mode 100644 index 000000000000..c84dd4d9cbc5 --- /dev/null +++ b/xmlsecurity/source/xmlsec/nss/xmlencryption_nssimpl.cxx @@ -0,0 +1,429 @@ +/************************************************************************* + * + * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. + * + * Copyright 2008 by Sun Microsystems, Inc. + * + * OpenOffice.org - a multi-platform office productivity suite + * + * $RCSfile: xmlencryption_nssimpl.cxx,v $ + * $Revision: 1.10 $ + * + * This file is part of OpenOffice.org. + * + * OpenOffice.org is free software: you can redistribute it and/or modify + * it under the terms of the GNU Lesser General Public License version 3 + * only, as published by the Free Software Foundation. + * + * OpenOffice.org is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU Lesser General Public License version 3 for more details + * (a copy is included in the LICENSE file that accompanied this code). + * + * You should have received a copy of the GNU Lesser General Public License + * version 3 along with OpenOffice.org. If not, see + * <http://www.openoffice.org/license.html> + * for a copy of the LGPLv3 License. + * + ************************************************************************/ + +// MARKER(update_precomp.py): autogen include statement, do not remove +#include "precompiled_xmlsecurity.hxx" +#include <sal/config.h> +#include <rtl/uuid.h> +#include "xmlencryption_nssimpl.hxx" + +#ifndef _XMLDOCUMENTWRAPPER_XMLSECIMPL_HXX_ +#include "xmldocumentwrapper_xmlsecimpl.hxx" +#endif + +#ifndef _XMLELEMENTWRAPPER_XMLSECIMPL_HXX_ +#include "xmlelementwrapper_xmlsecimpl.hxx" +#endif + +#ifndef _SECURITYENVIRONMENT_NSSIMPL_HXX_ +#include "securityenvironment_nssimpl.hxx" +#endif +#include "errorcallback.hxx" + +#include <sal/types.h> +//For reasons that escape me, this is what xmlsec does when size_t is not 4 +#if SAL_TYPES_SIZEOFPOINTER != 4 +# define XMLSEC_NO_SIZE_T +#endif +#include "xmlsec/xmlsec.h" +#include "xmlsec/xmltree.h" +#include "xmlsec/xmlenc.h" +#include "xmlsec/crypto.h" + +#ifdef UNX +#define stricmp strcasecmp +#endif + +using namespace ::com::sun::star::uno ; +using namespace ::com::sun::star::lang ; +using ::com::sun::star::lang::XMultiServiceFactory ; +using ::com::sun::star::lang::XSingleServiceFactory ; +using ::rtl::OUString ; + +using ::com::sun::star::xml::wrapper::XXMLElementWrapper ; +using ::com::sun::star::xml::wrapper::XXMLDocumentWrapper ; +using ::com::sun::star::xml::crypto::XSecurityEnvironment ; +using ::com::sun::star::xml::crypto::XXMLEncryption ; +using ::com::sun::star::xml::crypto::XXMLEncryptionTemplate ; +using ::com::sun::star::xml::crypto::XXMLSecurityContext ; +using ::com::sun::star::xml::crypto::XSecurityEnvironment ; +using ::com::sun::star::xml::crypto::XMLEncryptionException ; + +XMLEncryption_NssImpl :: XMLEncryption_NssImpl( const Reference< XMultiServiceFactory >& aFactory ) : m_xServiceManager( aFactory ) { +} + +XMLEncryption_NssImpl :: ~XMLEncryption_NssImpl() { +} + +/* XXMLEncryption */ +Reference< XXMLEncryptionTemplate > +SAL_CALL XMLEncryption_NssImpl :: encrypt( + const Reference< XXMLEncryptionTemplate >& aTemplate , + const Reference< XSecurityEnvironment >& aEnvironment +) throw( com::sun::star::xml::crypto::XMLEncryptionException, + com::sun::star::uno::SecurityException ) +{ + xmlSecKeysMngrPtr pMngr = NULL ; + xmlSecEncCtxPtr pEncCtx = NULL ; + xmlNodePtr pEncryptedData = NULL ; + xmlNodePtr pContent = NULL ; + + if( !aTemplate.is() ) + throw RuntimeException() ; + + if( !aEnvironment.is() ) + throw RuntimeException() ; + + //Get Keys Manager + Reference< XUnoTunnel > xSecTunnel( aEnvironment , UNO_QUERY ) ; + if( !xSecTunnel.is() ) { + throw RuntimeException() ; + } + +#if 0 + XMLSecurityContext_NssImpl* pSecCtxt = ( XMLSecurityContext_NssImpl* )xSecTunnel->getSomething( XMLSecurityContext_NssImpl::getUnoTunnelId() ) ; + if( pSecCtxt == NULL ) + throw RuntimeException() ; +#endif + + SecurityEnvironment_NssImpl* pSecEnv = + reinterpret_cast<SecurityEnvironment_NssImpl*>( + sal::static_int_cast<sal_uIntPtr>(xSecTunnel->getSomething( SecurityEnvironment_NssImpl::getUnoTunnelId() ))) ; + if( pSecEnv == NULL ) + throw RuntimeException() ; + + //Get the encryption template + Reference< XXMLElementWrapper > xTemplate = aTemplate->getTemplate() ; + if( !xTemplate.is() ) { + throw RuntimeException() ; + } + + Reference< XUnoTunnel > xTplTunnel( xTemplate , UNO_QUERY ) ; + if( !xTplTunnel.is() ) { + throw RuntimeException() ; + } + + XMLElementWrapper_XmlSecImpl* pTemplate = + reinterpret_cast<XMLElementWrapper_XmlSecImpl*>( + sal::static_int_cast<sal_uIntPtr>( + xTplTunnel->getSomething( XMLElementWrapper_XmlSecImpl::getUnoTunnelImplementationId() ))); + if( pTemplate == NULL ) { + throw RuntimeException() ; + } + + //MM : Get the element to be encrypted + Reference< XXMLElementWrapper > xTarget = aTemplate->getTarget() ; + if( !xTarget.is() ) { + throw XMLEncryptionException() ; + } + + Reference< XUnoTunnel > xTgtTunnel( xTarget , UNO_QUERY ) ; + if( !xTgtTunnel.is() ) { + throw XMLEncryptionException() ; + } + + XMLElementWrapper_XmlSecImpl* pTarget = + reinterpret_cast<XMLElementWrapper_XmlSecImpl*>( + sal::static_int_cast<sal_uIntPtr>( + xTgtTunnel->getSomething( XMLElementWrapper_XmlSecImpl::getUnoTunnelImplementationId() ))); + if( pTarget == NULL ) { + throw RuntimeException() ; + } + + pContent = pTarget->getNativeElement() ; + //MM : end + + if( pContent == NULL ) { + throw XMLEncryptionException() ; + } + + /* MM : remove the following 2 lines + xmlUnlinkNode(pContent); + xmlAddNextSibling(pEncryptedData, pContent); + */ + + //remember the position of the element to be signed + sal_Bool isParentRef = sal_True; + xmlNodePtr pParent = pEncryptedData->parent; + xmlNodePtr referenceNode; + + if (pEncryptedData == pParent->children) + { + referenceNode = pParent; + } + else + { + referenceNode = pEncryptedData->prev; + isParentRef = sal_False; + } + + setErrorRecorder( ); + + pMngr = pSecEnv->createKeysManager() ; //i39448 + if( !pMngr ) { + throw RuntimeException() ; + } + + //Create Encryption context + pEncCtx = xmlSecEncCtxCreate( pMngr ) ; + if( pEncCtx == NULL ) + { + pSecEnv->destroyKeysManager( pMngr ) ; //i39448 + //throw XMLEncryptionException() ; + clearErrorRecorder(); + return aTemplate; + } + + pEncryptedData = pTemplate->getNativeElement() ; + + //Find the element to be encrypted. + /* MM : remove the old method to get the target element + //This element is wrapped in the CipherValue sub-element. + xmlNodePtr pCipherData = pEncryptedData->children; + while (pCipherData != NULL && stricmp((const char *)(pCipherData->name), "CipherData")) + { + pCipherData = pCipherData->next; + } + + if( pCipherData == NULL ) { + xmlSecEncCtxDestroy( pEncCtx ) ; + throw XMLEncryptionException() ; + } + + xmlNodePtr pCipherValue = pCipherData->children; + while (pCipherValue != NULL && stricmp((const char *)(pCipherValue->name), "CipherValue")) + { + pCipherValue = pCipherValue->next; + } + + if( pCipherValue == NULL ) { + xmlSecEncCtxDestroy( pEncCtx ) ; + throw XMLEncryptionException() ; + } + + pContent = pCipherValue->children; + */ + + //Encrypt the template + if( xmlSecEncCtxXmlEncrypt( pEncCtx , pEncryptedData , pContent ) < 0 ) + { + xmlSecEncCtxDestroy( pEncCtx ) ; + pSecEnv->destroyKeysManager( pMngr ) ; //i39448 + + //throw XMLEncryptionException() ; + clearErrorRecorder(); + return aTemplate; + } + + xmlSecEncCtxDestroy( pEncCtx ) ; + pSecEnv->destroyKeysManager( pMngr ) ; //i39448 + + //get the new EncryptedData element + if (isParentRef) + { + pTemplate->setNativeElement(referenceNode->children) ; + } + else + { + pTemplate->setNativeElement(referenceNode->next); + } + + return aTemplate ; +} + +/* XXMLEncryption */ +Reference< XXMLEncryptionTemplate > +SAL_CALL XMLEncryption_NssImpl :: decrypt( + const Reference< XXMLEncryptionTemplate >& aTemplate , + const Reference< XXMLSecurityContext >& aSecurityCtx +) throw( com::sun::star::xml::crypto::XMLEncryptionException , + com::sun::star::uno::SecurityException) { + xmlSecKeysMngrPtr pMngr = NULL ; + xmlSecEncCtxPtr pEncCtx = NULL ; + xmlNodePtr pEncryptedData = NULL ; + + if( !aTemplate.is() ) + throw RuntimeException() ; + + if( !aSecurityCtx.is() ) + throw RuntimeException() ; + + //Get the encryption template + Reference< XXMLElementWrapper > xTemplate = aTemplate->getTemplate() ; + if( !xTemplate.is() ) { + throw RuntimeException() ; + } + + Reference< XUnoTunnel > xTplTunnel( xTemplate , UNO_QUERY ) ; + if( !xTplTunnel.is() ) { + throw RuntimeException() ; + } + + XMLElementWrapper_XmlSecImpl* pTemplate = + reinterpret_cast<XMLElementWrapper_XmlSecImpl*>( + sal::static_int_cast<sal_uIntPtr>( + xTplTunnel->getSomething( XMLElementWrapper_XmlSecImpl::getUnoTunnelImplementationId() ))); + if( pTemplate == NULL ) { + throw RuntimeException() ; + } + + pEncryptedData = pTemplate->getNativeElement() ; + + //remember the position of the element to be signed + sal_Bool isParentRef = sal_True; + xmlNodePtr pParent = pEncryptedData->parent; + xmlNodePtr referenceNode; + + if (pEncryptedData == pParent->children) + { + referenceNode = pParent; + } + else + { + referenceNode = pEncryptedData->prev; + isParentRef = sal_False; + } + + setErrorRecorder( ); + + sal_Int32 nSecurityEnvironment = aSecurityCtx->getSecurityEnvironmentNumber(); + sal_Int32 i; + + for (i=0; i<nSecurityEnvironment; ++i) + { + Reference< XSecurityEnvironment > aEnvironment = aSecurityCtx->getSecurityEnvironmentByIndex(i); + + //Get Keys Manager + Reference< XUnoTunnel > xSecTunnel( aEnvironment , UNO_QUERY ) ; + if( !aEnvironment.is() ) { + throw RuntimeException() ; + } + + SecurityEnvironment_NssImpl* pSecEnv = + reinterpret_cast<SecurityEnvironment_NssImpl*>( + sal::static_int_cast<sal_uIntPtr>( + xSecTunnel->getSomething( SecurityEnvironment_NssImpl::getUnoTunnelId() ))); + if( pSecEnv == NULL ) + throw RuntimeException() ; + + pMngr = pSecEnv->createKeysManager() ; //i39448 + if( !pMngr ) { + throw RuntimeException() ; + } + + //Create Encryption context + pEncCtx = xmlSecEncCtxCreate( pMngr ) ; + if( pEncCtx == NULL ) + { + pSecEnv->destroyKeysManager( pMngr ) ; //i39448 + //throw XMLEncryptionException() ; + clearErrorRecorder(); + return aTemplate; + } + + //Decrypt the template + if(!( xmlSecEncCtxDecrypt( pEncCtx , pEncryptedData ) < 0 || pEncCtx->result == NULL )) + { + //The decryption succeeds + + //Destroy the encryption context + xmlSecEncCtxDestroy( pEncCtx ) ; + pSecEnv->destroyKeysManager( pMngr ) ; //i39448 + + //get the decrypted element + XMLElementWrapper_XmlSecImpl * ret = new XMLElementWrapper_XmlSecImpl(isParentRef? + (referenceNode->children):(referenceNode->next)); + + //return ret; + aTemplate->setTemplate(ret); + break; + } + else + { + //The decryption fails, continue with the next security environment + xmlSecEncCtxDestroy( pEncCtx ) ; + pSecEnv->destroyKeysManager( pMngr ) ; //i39448 + } + } + + clearErrorRecorder(); + return aTemplate; +} + +/* XInitialization */ +void SAL_CALL XMLEncryption_NssImpl :: initialize( const Sequence< Any >& /*aArguments*/ ) throw( Exception, RuntimeException ) { + // TBD +} ; + +/* XServiceInfo */ +OUString SAL_CALL XMLEncryption_NssImpl :: getImplementationName() throw( RuntimeException ) { + return impl_getImplementationName() ; +} + +/* XServiceInfo */ +sal_Bool SAL_CALL XMLEncryption_NssImpl :: supportsService( const OUString& serviceName) throw( RuntimeException ) { + Sequence< OUString > seqServiceNames = getSupportedServiceNames() ; + const OUString* pArray = seqServiceNames.getConstArray() ; + for( sal_Int32 i = 0 ; i < seqServiceNames.getLength() ; i ++ ) { + if( *( pArray + i ) == serviceName ) + return sal_True ; + } + return sal_False ; +} + +/* XServiceInfo */ +Sequence< OUString > SAL_CALL XMLEncryption_NssImpl :: getSupportedServiceNames() throw( RuntimeException ) { + return impl_getSupportedServiceNames() ; +} + +//Helper for XServiceInfo +Sequence< OUString > XMLEncryption_NssImpl :: impl_getSupportedServiceNames() { + ::osl::Guard< ::osl::Mutex > aGuard( ::osl::Mutex::getGlobalMutex() ) ; + Sequence< OUString > seqServiceNames( 1 ) ; + seqServiceNames.getArray()[0] = OUString::createFromAscii( "com.sun.star.xml.crypto.XMLEncryption" ) ; + return seqServiceNames ; +} + +OUString XMLEncryption_NssImpl :: impl_getImplementationName() throw( RuntimeException ) { + return OUString::createFromAscii( "com.sun.star.xml.security.bridge.xmlsec.XMLEncryption_NssImpl" ) ; +} + +//Helper for registry +Reference< XInterface > SAL_CALL XMLEncryption_NssImpl :: impl_createInstance( const Reference< XMultiServiceFactory >& aServiceManager ) throw( RuntimeException ) { + return Reference< XInterface >( *new XMLEncryption_NssImpl( aServiceManager ) ) ; +} + +Reference< XSingleServiceFactory > XMLEncryption_NssImpl :: impl_createFactory( const Reference< XMultiServiceFactory >& aServiceManager ) { + //Reference< XSingleServiceFactory > xFactory ; + //xFactory = ::cppu::createSingleFactory( aServiceManager , impl_getImplementationName , impl_createInstance , impl_getSupportedServiceNames ) ; + //return xFactory ; + return ::cppu::createSingleFactory( aServiceManager , impl_getImplementationName() , impl_createInstance , impl_getSupportedServiceNames() ) ; +} + diff --git a/xmlsecurity/source/xmlsec/nss/xmlencryption_nssimpl.hxx b/xmlsecurity/source/xmlsec/nss/xmlencryption_nssimpl.hxx new file mode 100644 index 000000000000..f400f2bd421e --- /dev/null +++ b/xmlsecurity/source/xmlsec/nss/xmlencryption_nssimpl.hxx @@ -0,0 +1,105 @@ +/************************************************************************* + * + * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. + * + * Copyright 2008 by Sun Microsystems, Inc. + * + * OpenOffice.org - a multi-platform office productivity suite + * + * $RCSfile: xmlencryption_nssimpl.hxx,v $ + * $Revision: 1.5 $ + * + * This file is part of OpenOffice.org. + * + * OpenOffice.org is free software: you can redistribute it and/or modify + * it under the terms of the GNU Lesser General Public License version 3 + * only, as published by the Free Software Foundation. + * + * OpenOffice.org is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU Lesser General Public License version 3 for more details + * (a copy is included in the LICENSE file that accompanied this code). + * + * You should have received a copy of the GNU Lesser General Public License + * version 3 along with OpenOffice.org. If not, see + * <http://www.openoffice.org/license.html> + * for a copy of the LGPLv3 License. + * + ************************************************************************/ + +#ifndef _XMLENCRYPTION_NSSIMPL_HXX_ +#define _XMLENCRYPTION_NSSIMPL_HXX_ + +#include <sal/config.h> +#include <rtl/ustring.hxx> +#include <cppuhelper/factory.hxx> +#include <cppuhelper/implbase3.hxx> +#include <com/sun/star/uno/Exception.hpp> + +#ifndef _COM_SUN_STAR_UNO_REFERENCE_HPP_ +#include <com/sun/star/uno/Reference.hxx> +#endif +#include <com/sun/star/lang/XSingleServiceFactory.hpp> + +#ifndef _COM_SUN_STAR_LANG_XSECVICEINFO_HPP_ +#include <com/sun/star/lang/XServiceInfo.hpp> +#endif +#include <com/sun/star/lang/XInitialization.hpp> +#include <com/sun/star/xml/crypto/XXMLEncryption.hpp> +#include <com/sun/star/xml/crypto/XXMLEncryptionTemplate.hpp> +#include <com/sun/star/xml/crypto/XXMLSecurityContext.hpp> + +class XMLEncryption_NssImpl : public ::cppu::WeakImplHelper3< + ::com::sun::star::xml::crypto::XXMLEncryption , + ::com::sun::star::lang::XInitialization , + ::com::sun::star::lang::XServiceInfo > +{ + private : + ::com::sun::star::uno::Reference< ::com::sun::star::lang::XMultiServiceFactory > m_xServiceManager ; + + public : + XMLEncryption_NssImpl( const ::com::sun::star::uno::Reference< ::com::sun::star::lang::XMultiServiceFactory >& aFactory ) ; + virtual ~XMLEncryption_NssImpl() ; + + //Methods from XXMLEncryption + virtual ::com::sun::star::uno::Reference< ::com::sun::star::xml::crypto::XXMLEncryptionTemplate > SAL_CALL encrypt( + const ::com::sun::star::uno::Reference< ::com::sun::star::xml::crypto::XXMLEncryptionTemplate >& aTemplate , + const ::com::sun::star::uno::Reference< ::com::sun::star::xml::crypto::XSecurityEnvironment >& aEnvironment) + // ) throw( ::com::sun::star::uno::Exception , ::com::sun::star::uno::RuntimeException ) ; + throw ( com::sun::star::xml::crypto::XMLEncryptionException , + com::sun::star::uno::SecurityException); + + virtual ::com::sun::star::uno::Reference< ::com::sun::star::xml::crypto::XXMLEncryptionTemplate > SAL_CALL decrypt( + const ::com::sun::star::uno::Reference< ::com::sun::star::xml::crypto::XXMLEncryptionTemplate >& aTemplate , + const ::com::sun::star::uno::Reference< ::com::sun::star::xml::crypto::XXMLSecurityContext >& aContext + ) throw( com::sun::star::xml::crypto::XMLEncryptionException , + com::sun::star::uno::SecurityException) ; + + //Methods from XInitialization + virtual void SAL_CALL initialize( + const ::com::sun::star::uno::Sequence< ::com::sun::star::uno::Any >& aArguments + ) throw( ::com::sun::star::uno::Exception , ::com::sun::star::uno::RuntimeException ) ; + + //Methods from XServiceInfo + virtual ::rtl::OUString SAL_CALL getImplementationName() throw( ::com::sun::star::uno::RuntimeException ) ; + + virtual sal_Bool SAL_CALL supportsService( + const ::rtl::OUString& ServiceName + ) throw( ::com::sun::star::uno::RuntimeException ) ; + + virtual ::com::sun::star::uno::Sequence< ::rtl::OUString > SAL_CALL getSupportedServiceNames() throw( ::com::sun::star::uno::RuntimeException ) ; + + //Helper for XServiceInfo + static ::com::sun::star::uno::Sequence< ::rtl::OUString > impl_getSupportedServiceNames() ; + + static ::rtl::OUString impl_getImplementationName() throw( ::com::sun::star::uno::RuntimeException ) ; + + //Helper for registry + static ::com::sun::star::uno::Reference< ::com::sun::star::uno::XInterface > SAL_CALL impl_createInstance( const ::com::sun::star::uno::Reference< ::com::sun::star::lang::XMultiServiceFactory >& aServiceManager ) throw( ::com::sun::star::uno::RuntimeException ) ; + + static ::com::sun::star::uno::Reference< ::com::sun::star::lang::XSingleServiceFactory > impl_createFactory( const ::com::sun::star::uno::Reference< ::com::sun::star::lang::XMultiServiceFactory >& aServiceManager ) ; +} ; + +#endif // _XMLENCRYPTION_NSSIMPL_HXX_ + diff --git a/xmlsecurity/source/xmlsec/nss/xmlsecuritycontext_nssimpl.cxx b/xmlsecurity/source/xmlsec/nss/xmlsecuritycontext_nssimpl.cxx new file mode 100644 index 000000000000..2c504c6b6c33 --- /dev/null +++ b/xmlsecurity/source/xmlsec/nss/xmlsecuritycontext_nssimpl.cxx @@ -0,0 +1,328 @@ +/************************************************************************* + * + * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. + * + * Copyright 2008 by Sun Microsystems, Inc. + * + * OpenOffice.org - a multi-platform office productivity suite + * + * $RCSfile: xmlsecuritycontext_nssimpl.cxx,v $ + * $Revision: 1.8 $ + * + * This file is part of OpenOffice.org. + * + * OpenOffice.org is free software: you can redistribute it and/or modify + * it under the terms of the GNU Lesser General Public License version 3 + * only, as published by the Free Software Foundation. + * + * OpenOffice.org is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU Lesser General Public License version 3 for more details + * (a copy is included in the LICENSE file that accompanied this code). + * + * You should have received a copy of the GNU Lesser General Public License + * version 3 along with OpenOffice.org. If not, see + * <http://www.openoffice.org/license.html> + * for a copy of the LGPLv3 License. + * + ************************************************************************/ + +// MARKER(update_precomp.py): autogen include statement, do not remove +#include "precompiled_xmlsecurity.hxx" +#include <sal/config.h> +#include <rtl/uuid.h> +#include "securityenvironment_nssimpl.hxx" + +#ifndef _XMLSECURITYCONTEXT_NSSIMPL_HXX_ +#include "xmlsecuritycontext_nssimpl.hxx" +#endif +#include "xmlstreamio.hxx" + +#include <sal/types.h> +//For reasons that escape me, this is what xmlsec does when size_t is not 4 +#if SAL_TYPES_SIZEOFPOINTER != 4 +# define XMLSEC_NO_SIZE_T +#endif +#include "xmlsec/xmlsec.h" +#include "xmlsec/keysmngr.h" +#include "xmlsec/crypto.h" + +using namespace ::com::sun::star::uno ; +using namespace ::com::sun::star::lang ; +using ::com::sun::star::lang::XMultiServiceFactory ; +using ::com::sun::star::lang::XSingleServiceFactory ; +using ::rtl::OUString ; + +using ::com::sun::star::xml::crypto::XSecurityEnvironment ; +using ::com::sun::star::xml::crypto::XXMLSecurityContext ; + +XMLSecurityContext_NssImpl :: XMLSecurityContext_NssImpl( const Reference< XMultiServiceFactory >& aFactory ) + ://i39448 : m_pKeysMngr( NULL ) , + m_xServiceManager( aFactory ) , + m_nDefaultEnvIndex(-1) + //m_xSecurityEnvironment( NULL ) +{ + //Init xmlsec library + if( xmlSecInit() < 0 ) { + throw RuntimeException() ; + } + + //Init xmlsec crypto engine library + if( xmlSecCryptoInit() < 0 ) { + xmlSecShutdown() ; + throw RuntimeException() ; + } + + //Enable external stream handlers + if( xmlEnableStreamInputCallbacks() < 0 ) { + xmlSecCryptoShutdown() ; + xmlSecShutdown() ; + throw RuntimeException() ; + } +} + +XMLSecurityContext_NssImpl :: ~XMLSecurityContext_NssImpl() { +#if 0 //i39448 + if( m_pKeysMngr != NULL ) { + xmlSecKeysMngrDestroy( m_pKeysMngr ) ; + } +#endif + + xmlDisableStreamInputCallbacks() ; + xmlSecCryptoShutdown() ; + xmlSecShutdown() ; +} + +//i39448 : new methods +sal_Int32 SAL_CALL XMLSecurityContext_NssImpl::addSecurityEnvironment( + const ::com::sun::star::uno::Reference< ::com::sun::star::xml::crypto::XSecurityEnvironment >& aSecurityEnvironment) + throw (::com::sun::star::security::SecurityInfrastructureException, ::com::sun::star::uno::RuntimeException) +{ + if( !aSecurityEnvironment.is() ) + { + throw RuntimeException() ; + } + + m_vSecurityEnvironments.push_back( aSecurityEnvironment ); + + return m_vSecurityEnvironments.size() - 1 ; +} + + +sal_Int32 SAL_CALL XMLSecurityContext_NssImpl::getSecurityEnvironmentNumber( ) + throw (::com::sun::star::uno::RuntimeException) +{ + return m_vSecurityEnvironments.size(); +} + +::com::sun::star::uno::Reference< ::com::sun::star::xml::crypto::XSecurityEnvironment > SAL_CALL + XMLSecurityContext_NssImpl::getSecurityEnvironmentByIndex( sal_Int32 index ) + throw (::com::sun::star::uno::RuntimeException) +{ + ::com::sun::star::uno::Reference< ::com::sun::star::xml::crypto::XSecurityEnvironment > xSecurityEnvironment; + + if (index >= 0 && index < ( sal_Int32 )m_vSecurityEnvironments.size()) + { + xSecurityEnvironment = m_vSecurityEnvironments[index]; + } + else + throw RuntimeException() ; + + return xSecurityEnvironment; +} + +::com::sun::star::uno::Reference< ::com::sun::star::xml::crypto::XSecurityEnvironment > SAL_CALL + XMLSecurityContext_NssImpl::getSecurityEnvironment( ) + throw (::com::sun::star::uno::RuntimeException) +{ + if (m_nDefaultEnvIndex >= 0 && m_nDefaultEnvIndex < ( sal_Int32 )m_vSecurityEnvironments.size()) + return getSecurityEnvironmentByIndex(m_nDefaultEnvIndex); + else + throw RuntimeException() ; +} + +sal_Int32 SAL_CALL XMLSecurityContext_NssImpl::getDefaultSecurityEnvironmentIndex( ) + throw (::com::sun::star::uno::RuntimeException) +{ + return m_nDefaultEnvIndex ; +} + +void SAL_CALL XMLSecurityContext_NssImpl::setDefaultSecurityEnvironmentIndex( sal_Int32 nDefaultEnvIndex ) + throw (::com::sun::star::uno::RuntimeException) +{ + m_nDefaultEnvIndex = nDefaultEnvIndex; +} + +#if 0 //i39448 : old methods should be deleted +/* XXMLSecurityContext */ +void SAL_CALL XMLSecurityContext_NssImpl :: setSecurityEnvironment( const Reference< XSecurityEnvironment >& aSecurityEnvironment ) throw( com::sun::star::security::SecurityInfrastructureException ) { + PK11SlotInfo* slot ; + CERTCertDBHandle* handler ; + //xmlSecKeyPtr key ; + //xmlSecKeyDataPtr keyData ; + PK11SymKey* symKey ; + SECKEYPublicKey* pubKey ; + SECKEYPrivateKey* priKey ; + unsigned int i ; + + if( !aSecurityEnvironment.is() ) + throw RuntimeException() ; + + m_xSecurityEnvironment = aSecurityEnvironment ; + + //Clear key manager + if( m_pKeysMngr != NULL ) { + xmlSecKeysMngrDestroy( m_pKeysMngr ) ; + m_pKeysMngr = NULL ; + } + + //Create key manager + Reference< XUnoTunnel > xEnvTunnel( m_xSecurityEnvironment , UNO_QUERY ) ; + if( !xEnvTunnel.is() ) { + throw RuntimeException() ;^1 + } + + SecurityEnvironment_NssImpl* pSecEnv = ( SecurityEnvironment_NssImpl* )xEnvTunnel->getSomething( SecurityEnvironment_NssImpl::getUnoTunnelId() ) ; + if( pSecEnv == NULL ) + throw RuntimeException() ; + + //todo +// slot = pSecEnv->getCryptoSlot() ; + handler = pSecEnv->getCertDb() ; + + /*- + * The following lines is based on the private version of xmlSec-NSS + * crypto engine + */ + m_pKeysMngr = xmlSecNssAppliedKeysMngrCreate( slot , handler ) ; + if( m_pKeysMngr == NULL ) + throw RuntimeException() ; + + /*- + * Adopt symmetric key into keys manager + */ + for( i = 0 ; ( symKey = pSecEnv->getSymKey( i ) ) != NULL ; i ++ ) { + if( xmlSecNssAppliedKeysMngrSymKeyLoad( m_pKeysMngr, symKey ) < 0 ) { + throw RuntimeException() ; + } + } + + /*- + * Adopt asymmetric public key into keys manager + */ + for( i = 0 ; ( pubKey = pSecEnv->getPubKey( i ) ) != NULL ; i ++ ) { + if( xmlSecNssAppliedKeysMngrPubKeyLoad( m_pKeysMngr, pubKey ) < 0 ) { + throw RuntimeException() ; + } + } + + /*- + * Adopt asymmetric private key into keys manager + */ + for( i = 0 ; ( priKey = pSecEnv->getPriKey( i ) ) != NULL ; i ++ ) { + if( xmlSecNssAppliedKeysMngrPriKeyLoad( m_pKeysMngr, priKey ) < 0 ) { + throw RuntimeException() ; + } + } +} + +/* XXMLSecurityContext */ +Reference< XSecurityEnvironment > SAL_CALL XMLSecurityContext_NssImpl :: getSecurityEnvironment() + throw (RuntimeException) +{ + return m_xSecurityEnvironment ; +} +#endif + + +/* XInitialization */ +void SAL_CALL XMLSecurityContext_NssImpl :: initialize( const Sequence< Any >& /*aArguments*/ ) throw( Exception, RuntimeException ) { + // TBD +} ; + +/* XServiceInfo */ +OUString SAL_CALL XMLSecurityContext_NssImpl :: getImplementationName() throw( RuntimeException ) { + return impl_getImplementationName() ; +} + +/* XServiceInfo */ +sal_Bool SAL_CALL XMLSecurityContext_NssImpl :: supportsService( const OUString& serviceName) throw( RuntimeException ) { + Sequence< OUString > seqServiceNames = getSupportedServiceNames() ; + const OUString* pArray = seqServiceNames.getConstArray() ; + for( sal_Int32 i = 0 ; i < seqServiceNames.getLength() ; i ++ ) { + if( *( pArray + i ) == serviceName ) + return sal_True ; + } + return sal_False ; +} + +/* XServiceInfo */ +Sequence< OUString > SAL_CALL XMLSecurityContext_NssImpl :: getSupportedServiceNames() throw( RuntimeException ) { + return impl_getSupportedServiceNames() ; +} + +//Helper for XServiceInfo +Sequence< OUString > XMLSecurityContext_NssImpl :: impl_getSupportedServiceNames() { + ::osl::Guard< ::osl::Mutex > aGuard( ::osl::Mutex::getGlobalMutex() ) ; + Sequence< OUString > seqServiceNames( 1 ) ; + seqServiceNames.getArray()[0] = OUString::createFromAscii( "com.sun.star.xml.crypto.XMLSecurityContext" ) ; + return seqServiceNames ; +} + +OUString XMLSecurityContext_NssImpl :: impl_getImplementationName() throw( RuntimeException ) { + return OUString::createFromAscii( "com.sun.star.xml.security.bridge.xmlsec.XMLSecurityContext_NssImpl" ) ; +} + +//Helper for registry +Reference< XInterface > SAL_CALL XMLSecurityContext_NssImpl :: impl_createInstance( const Reference< XMultiServiceFactory >& aServiceManager ) throw( RuntimeException ) { + return Reference< XInterface >( *new XMLSecurityContext_NssImpl( aServiceManager ) ) ; +} + +Reference< XSingleServiceFactory > XMLSecurityContext_NssImpl :: impl_createFactory( const Reference< XMultiServiceFactory >& aServiceManager ) { + //Reference< XSingleServiceFactory > xFactory ; + //xFactory = ::cppu::createSingleFactory( aServiceManager , impl_getImplementationName , impl_createInstance , impl_getSupportedServiceNames ) ; + //return xFactory ; + return ::cppu::createSingleFactory( aServiceManager , impl_getImplementationName() , impl_createInstance , impl_getSupportedServiceNames() ) ; +} + +#if 0 //not useful any longer +/* XUnoTunnel */ +sal_Int64 SAL_CALL XMLSecurityContext_NssImpl :: getSomething( const Sequence< sal_Int8 >& aIdentifier ) +throw (RuntimeException) +{ + if( aIdentifier.getLength() == 16 && 0 == rtl_compareMemory( getUnoTunnelId().getConstArray(), aIdentifier.getConstArray(), 16 ) ) { + return ( sal_Int64 )this ; + } + return 0 ; +} + +/* XUnoTunnel extension */ +const Sequence< sal_Int8>& XMLSecurityContext_NssImpl :: getUnoTunnelId() { + static Sequence< sal_Int8 >* pSeq = 0 ; + if( !pSeq ) { + ::osl::Guard< ::osl::Mutex > aGuard( ::osl::Mutex::getGlobalMutex() ) ; + if( !pSeq ) { + static Sequence< sal_Int8> aSeq( 16 ) ; + rtl_createUuid( ( sal_uInt8* )aSeq.getArray() , 0 , sal_True ) ; + pSeq = &aSeq ; + } + } + return *pSeq ; +} + +/* XUnoTunnel extension */ +XMLSecurityContext_NssImpl* XMLSecurityContext_NssImpl :: getImplementation( const Reference< XInterface > xObj ) { + Reference< XUnoTunnel > xUT( xObj , UNO_QUERY ) ; + if( xUT.is() ) { + return ( XMLSecurityContext_NssImpl* )xUT->getSomething( getUnoTunnelId() ) ; + } else + return NULL ; +} + +/* Native methods */ +xmlSecKeysMngrPtr XMLSecurityContext_NssImpl :: keysManager() throw( Exception, RuntimeException ) { + return m_pKeysMngr ; +} + +#endif diff --git a/xmlsecurity/source/xmlsec/nss/xmlsecuritycontext_nssimpl.hxx b/xmlsecurity/source/xmlsec/nss/xmlsecuritycontext_nssimpl.hxx new file mode 100644 index 000000000000..fb8694c3c49b --- /dev/null +++ b/xmlsecurity/source/xmlsec/nss/xmlsecuritycontext_nssimpl.hxx @@ -0,0 +1,142 @@ +/************************************************************************* + * + * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. + * + * Copyright 2008 by Sun Microsystems, Inc. + * + * OpenOffice.org - a multi-platform office productivity suite + * + * $RCSfile: xmlsecuritycontext_nssimpl.hxx,v $ + * $Revision: 1.4 $ + * + * This file is part of OpenOffice.org. + * + * OpenOffice.org is free software: you can redistribute it and/or modify + * it under the terms of the GNU Lesser General Public License version 3 + * only, as published by the Free Software Foundation. + * + * OpenOffice.org is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU Lesser General Public License version 3 for more details + * (a copy is included in the LICENSE file that accompanied this code). + * + * You should have received a copy of the GNU Lesser General Public License + * version 3 along with OpenOffice.org. If not, see + * <http://www.openoffice.org/license.html> + * for a copy of the LGPLv3 License. + * + ************************************************************************/ + +#ifndef _XMLSIGNATURECONTEXT_NSSIMPL_HXX_ +#define _XMLSIGNATURECONTEXT_NSSIMPL_HXX_ + +#include <sal/config.h> +#include <rtl/ustring.hxx> +#include <cppuhelper/factory.hxx> +#include <cppuhelper/implbase3.hxx> +#include <com/sun/star/uno/Exception.hpp> + +#ifndef _COM_SUN_STAR_UNO_REFERENCE_HPP_ +#include <com/sun/star/uno/Reference.hxx> +#endif +#include <com/sun/star/lang/XSingleServiceFactory.hpp> + +#ifndef _COM_SUN_STAR_LANG_XSECVICEINFO_HPP_ +#include <com/sun/star/lang/XServiceInfo.hpp> +#endif +#include <com/sun/star/lang/XInitialization.hpp> +#include <com/sun/star/lang/XUnoTunnel.hpp> +#include <com/sun/star/xml/crypto/XSecurityEnvironment.hpp> +#include <com/sun/star/xml/crypto/XXMLSecurityContext.hpp> + +#ifndef INCLUDED_VECTOR +#include <vector> +#define INCLUDED_VECTOR +#endif + +class XMLSecurityContext_NssImpl : public ::cppu::WeakImplHelper3< + ::com::sun::star::xml::crypto::XXMLSecurityContext , + ::com::sun::star::lang::XInitialization , + ::com::sun::star::lang::XServiceInfo > +{ + private : + //xmlSecKeysMngrPtr m_pKeysMngr ; + //::com::sun::star::uno::Reference< ::com::sun::star::xml::crypto::XSecurityEnvironment > m_xSecurityEnvironment ; + std::vector< ::com::sun::star::uno::Reference< ::com::sun::star::xml::crypto::XSecurityEnvironment > > m_vSecurityEnvironments; + + ::com::sun::star::uno::Reference< ::com::sun::star::lang::XMultiServiceFactory > m_xServiceManager ; + + sal_Int32 m_nDefaultEnvIndex; + + public : + XMLSecurityContext_NssImpl( const ::com::sun::star::uno::Reference< ::com::sun::star::lang::XMultiServiceFactory >& aFactory ) ; + virtual ~XMLSecurityContext_NssImpl() ; + + //Methods from XXMLSecurityContext + virtual sal_Int32 SAL_CALL addSecurityEnvironment( + const ::com::sun::star::uno::Reference< ::com::sun::star::xml::crypto::XSecurityEnvironment >& aSecurityEnvironment + ) throw (::com::sun::star::security::SecurityInfrastructureException, ::com::sun::star::uno::RuntimeException); + + virtual ::sal_Int32 SAL_CALL getSecurityEnvironmentNumber( ) + throw (::com::sun::star::uno::RuntimeException); + + virtual ::com::sun::star::uno::Reference< + ::com::sun::star::xml::crypto::XSecurityEnvironment > SAL_CALL + getSecurityEnvironmentByIndex( ::sal_Int32 index ) + throw (::com::sun::star::uno::RuntimeException); + + virtual ::com::sun::star::uno::Reference< + ::com::sun::star::xml::crypto::XSecurityEnvironment > SAL_CALL + getSecurityEnvironment( ) + throw (::com::sun::star::uno::RuntimeException); + + virtual ::sal_Int32 SAL_CALL getDefaultSecurityEnvironmentIndex( ) + throw (::com::sun::star::uno::RuntimeException); + + virtual void SAL_CALL setDefaultSecurityEnvironmentIndex( sal_Int32 nDefaultEnvIndex ) + throw (::com::sun::star::uno::RuntimeException); + + //Methods from XInitialization + virtual void SAL_CALL initialize( + const ::com::sun::star::uno::Sequence< ::com::sun::star::uno::Any >& aArguments + ) throw( ::com::sun::star::uno::Exception , ::com::sun::star::uno::RuntimeException ) ; + + //Methods from XServiceInfo + virtual ::rtl::OUString SAL_CALL getImplementationName() throw( ::com::sun::star::uno::RuntimeException ) ; + + virtual sal_Bool SAL_CALL supportsService( + const ::rtl::OUString& ServiceName + ) throw( ::com::sun::star::uno::RuntimeException ) ; + + virtual ::com::sun::star::uno::Sequence< ::rtl::OUString > SAL_CALL getSupportedServiceNames() throw( ::com::sun::star::uno::RuntimeException ) ; + + //Helper for XServiceInfo + static ::com::sun::star::uno::Sequence< ::rtl::OUString > impl_getSupportedServiceNames() ; + + static ::rtl::OUString impl_getImplementationName() throw( ::com::sun::star::uno::RuntimeException ) ; + + //Helper for registry + static ::com::sun::star::uno::Reference< ::com::sun::star::uno::XInterface > SAL_CALL impl_createInstance( const ::com::sun::star::uno::Reference< ::com::sun::star::lang::XMultiServiceFactory >& aServiceManager ) throw( ::com::sun::star::uno::RuntimeException ) ; + + static ::com::sun::star::uno::Reference< ::com::sun::star::lang::XSingleServiceFactory > impl_createFactory( const ::com::sun::star::uno::Reference< ::com::sun::star::lang::XMultiServiceFactory >& aServiceManager ) ; + + /* + * Because of the issue of multi-securityenvironment, so the keyManager method is not useful any longer. + * + + //Methods from XUnoTunnel + virtual sal_Int64 SAL_CALL getSomething( const ::com::sun::star::uno::Sequence< sal_Int8 >& aIdentifier ) + throw (com::sun::star::uno::RuntimeException); + + static const ::com::sun::star::uno::Sequence< sal_Int8 >& getUnoTunnelId() ; + static XMLSecurityContext_NssImpl* getImplementation( const ::com::sun::star::uno::Reference< ::com::sun::star::uno::XInterface > xObj ) ; + + //Native mehtods + virtual xmlSecKeysMngrPtr keysManager() throw( ::com::sun::star::uno::Exception , ::com::sun::star::uno::RuntimeException ) ; + + */ +} ; + +#endif // _XMLSIGNATURECONTEXT_NSSIMPL_HXX_ + diff --git a/xmlsecurity/source/xmlsec/nss/xmlsignature_nssimpl.cxx b/xmlsecurity/source/xmlsec/nss/xmlsignature_nssimpl.cxx new file mode 100644 index 000000000000..4199052f1f91 --- /dev/null +++ b/xmlsecurity/source/xmlsec/nss/xmlsignature_nssimpl.cxx @@ -0,0 +1,357 @@ +/************************************************************************* + * + * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. + * + * Copyright 2008 by Sun Microsystems, Inc. + * + * OpenOffice.org - a multi-platform office productivity suite + * + * $RCSfile: xmlsignature_nssimpl.cxx,v $ + * $Revision: 1.10 $ + * + * This file is part of OpenOffice.org. + * + * OpenOffice.org is free software: you can redistribute it and/or modify + * it under the terms of the GNU Lesser General Public License version 3 + * only, as published by the Free Software Foundation. + * + * OpenOffice.org is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU Lesser General Public License version 3 for more details + * (a copy is included in the LICENSE file that accompanied this code). + * + * You should have received a copy of the GNU Lesser General Public License + * version 3 along with OpenOffice.org. If not, see + * <http://www.openoffice.org/license.html> + * for a copy of the LGPLv3 License. + * + ************************************************************************/ + +// MARKER(update_precomp.py): autogen include statement, do not remove +#include "precompiled_xmlsecurity.hxx" +#include <sal/config.h> +#include <rtl/uuid.h> +#include "xmlsignature_nssimpl.hxx" + +#ifndef _XMLDOCUMENTWRAPPER_XMLSECIMPL_HXX_ +#include "xmldocumentwrapper_xmlsecimpl.hxx" +#endif + +#ifndef _XMLELEMENTWRAPPER_XMLSECIMPL_HXX_ +#include "xmlelementwrapper_xmlsecimpl.hxx" +#endif + +#ifndef _SECURITYENVIRONMENT_NSSIMPL_HXX_ +#include "securityenvironment_nssimpl.hxx" +#endif + +#ifndef _XMLSECURITYCONTEXT_NSSIMPL_HXX_ +#include "xmlsecuritycontext_nssimpl.hxx" +#endif +#include "xmlstreamio.hxx" +#include "errorcallback.hxx" + +#include <sal/types.h> +//For reasons that escape me, this is what xmlsec does when size_t is not 4 +#if SAL_TYPES_SIZEOFPOINTER != 4 +# define XMLSEC_NO_SIZE_T +#endif +#include "xmlsec/xmlsec.h" +#include "xmlsec/xmldsig.h" +#include "xmlsec/crypto.h" + +using namespace ::com::sun::star::uno ; +using namespace ::com::sun::star::lang ; +using ::com::sun::star::lang::XMultiServiceFactory ; +using ::com::sun::star::lang::XSingleServiceFactory ; +using ::rtl::OUString ; + +using ::com::sun::star::xml::wrapper::XXMLElementWrapper ; +using ::com::sun::star::xml::wrapper::XXMLDocumentWrapper ; +using ::com::sun::star::xml::crypto::XSecurityEnvironment ; +using ::com::sun::star::xml::crypto::XXMLSignature ; +using ::com::sun::star::xml::crypto::XXMLSignatureTemplate ; +using ::com::sun::star::xml::crypto::XSecurityEnvironment ; +using ::com::sun::star::xml::crypto::XXMLSecurityContext ; +using ::com::sun::star::xml::crypto::XUriBinding ; +using ::com::sun::star::xml::crypto::XMLSignatureException ; + +XMLSignature_NssImpl :: XMLSignature_NssImpl( const Reference< XMultiServiceFactory >& aFactory ) : m_xServiceManager( aFactory ) { +} + +XMLSignature_NssImpl :: ~XMLSignature_NssImpl() { +} + +/* XXMLSignature */ +Reference< XXMLSignatureTemplate > +SAL_CALL XMLSignature_NssImpl :: generate( + const Reference< XXMLSignatureTemplate >& aTemplate , + const Reference< XSecurityEnvironment >& aEnvironment +) throw( com::sun::star::xml::crypto::XMLSignatureException, + com::sun::star::uno::SecurityException ) +{ + xmlSecKeysMngrPtr pMngr = NULL ; + xmlSecDSigCtxPtr pDsigCtx = NULL ; + xmlNodePtr pNode = NULL ; + + if( !aTemplate.is() ) + throw RuntimeException() ; + + if( !aEnvironment.is() ) + throw RuntimeException() ; + + //Get the xml node + Reference< XXMLElementWrapper > xElement = aTemplate->getTemplate() ; + if( !xElement.is() ) { + throw RuntimeException() ; + } + + Reference< XUnoTunnel > xNodTunnel( xElement , UNO_QUERY ) ; + if( !xNodTunnel.is() ) { + throw RuntimeException() ; + } + + XMLElementWrapper_XmlSecImpl* pElement = + reinterpret_cast<XMLElementWrapper_XmlSecImpl*>( + sal::static_int_cast<sal_uIntPtr>( + xNodTunnel->getSomething( XMLElementWrapper_XmlSecImpl::getUnoTunnelImplementationId() ))); + if( pElement == NULL ) { + throw RuntimeException() ; + } + + pNode = pElement->getNativeElement() ; + + //Get the stream/URI binding + Reference< XUriBinding > xUriBinding = aTemplate->getBinding() ; + if( xUriBinding.is() ) { + //Register the stream input callbacks into libxml2 + if( xmlRegisterStreamInputCallbacks( xUriBinding ) < 0 ) + throw RuntimeException() ; + } + + //Get Keys Manager + Reference< XUnoTunnel > xSecTunnel( aEnvironment , UNO_QUERY ) ; + if( !xSecTunnel.is() ) { + throw RuntimeException() ; + } + +#if 0 //i39448 : the key manager should be retrieved from SecurityEnvironment, instead of SecurityContext + XMLSecurityContext_NssImpl* pSecCtxt = ( XMLSecurityContext_NssImpl* )xSecTunnel->getSomething( XMLSecurityContext_NssImpl::getUnoTunnelId() ) ; + if( pSecCtxt == NULL ) + throw RuntimeException() ; +#endif + + SecurityEnvironment_NssImpl* pSecEnv = + reinterpret_cast<SecurityEnvironment_NssImpl*>( + sal::static_int_cast<sal_uIntPtr>( + xSecTunnel->getSomething( SecurityEnvironment_NssImpl::getUnoTunnelId() ))); + if( pSecEnv == NULL ) + throw RuntimeException() ; + + setErrorRecorder(); + + pMngr = pSecEnv->createKeysManager() ; //i39448 + if( !pMngr ) { + throw RuntimeException() ; + } + + //Create Signature context + pDsigCtx = xmlSecDSigCtxCreate( pMngr ) ; + if( pDsigCtx == NULL ) + { + pSecEnv->destroyKeysManager( pMngr ) ; //i39448 + //throw XMLSignatureException() ; + clearErrorRecorder(); + return aTemplate; + } + + //Sign the template + if( xmlSecDSigCtxSign( pDsigCtx , pNode ) == 0 ) + { + if (pDsigCtx->status == xmlSecDSigStatusSucceeded) + aTemplate->setStatus(com::sun::star::xml::crypto::SecurityOperationStatus_OPERATION_SUCCEEDED); + else + aTemplate->setStatus(com::sun::star::xml::crypto::SecurityOperationStatus_UNKNOWN); + } + else + { + aTemplate->setStatus(com::sun::star::xml::crypto::SecurityOperationStatus_UNKNOWN); + } + + + xmlSecDSigCtxDestroy( pDsigCtx ) ; + pSecEnv->destroyKeysManager( pMngr ) ; //i39448 + + //Unregistered the stream/URI binding + if( xUriBinding.is() ) + xmlUnregisterStreamInputCallbacks() ; + + clearErrorRecorder(); + return aTemplate ; +} + +/* XXMLSignature */ +Reference< XXMLSignatureTemplate > +SAL_CALL XMLSignature_NssImpl :: validate( + const Reference< XXMLSignatureTemplate >& aTemplate , + const Reference< XXMLSecurityContext >& aSecurityCtx +) throw( com::sun::star::uno::RuntimeException, + com::sun::star::uno::SecurityException, + com::sun::star::xml::crypto::XMLSignatureException ) { + xmlSecKeysMngrPtr pMngr = NULL ; + xmlSecDSigCtxPtr pDsigCtx = NULL ; + xmlNodePtr pNode = NULL ; + //sal_Bool valid ; + + if( !aTemplate.is() ) + throw RuntimeException() ; + + if( !aSecurityCtx.is() ) + throw RuntimeException() ; + + //Get the xml node + Reference< XXMLElementWrapper > xElement = aTemplate->getTemplate() ; + if( !xElement.is() ) + throw RuntimeException() ; + + Reference< XUnoTunnel > xNodTunnel( xElement , UNO_QUERY ) ; + if( !xNodTunnel.is() ) { + throw RuntimeException() ; + } + + XMLElementWrapper_XmlSecImpl* pElement = + reinterpret_cast<XMLElementWrapper_XmlSecImpl*>( + sal::static_int_cast<sal_uIntPtr>( + xNodTunnel->getSomething( XMLElementWrapper_XmlSecImpl::getUnoTunnelImplementationId() ))); + if( pElement == NULL ) + throw RuntimeException() ; + + pNode = pElement->getNativeElement() ; + + //Get the stream/URI binding + Reference< XUriBinding > xUriBinding = aTemplate->getBinding() ; + if( xUriBinding.is() ) { + //Register the stream input callbacks into libxml2 + if( xmlRegisterStreamInputCallbacks( xUriBinding ) < 0 ) + throw RuntimeException() ; + } + + setErrorRecorder(); + + sal_Int32 nSecurityEnvironment = aSecurityCtx->getSecurityEnvironmentNumber(); + sal_Int32 i; + + for (i=0; i<nSecurityEnvironment; ++i) + { + Reference< XSecurityEnvironment > aEnvironment = aSecurityCtx->getSecurityEnvironmentByIndex(i); + + //Get Keys Manager + Reference< XUnoTunnel > xSecTunnel( aEnvironment , UNO_QUERY ) ; + if( !xSecTunnel.is() ) { + throw RuntimeException() ; + } + + SecurityEnvironment_NssImpl* pSecEnv = + reinterpret_cast<SecurityEnvironment_NssImpl*>( + sal::static_int_cast<sal_uIntPtr>( + xSecTunnel->getSomething( SecurityEnvironment_NssImpl::getUnoTunnelId() ))); + if( pSecEnv == NULL ) + throw RuntimeException() ; + + pMngr = pSecEnv->createKeysManager() ; //i39448 + if( !pMngr ) { + throw RuntimeException() ; + } + + //Create Signature context + pDsigCtx = xmlSecDSigCtxCreate( pMngr ) ; + if( pDsigCtx == NULL ) + { + pSecEnv->destroyKeysManager( pMngr ) ; //i39448 + //throw XMLSignatureException() ; + clearErrorRecorder(); + return aTemplate; + } + + //Verify signature + int rs = xmlSecDSigCtxVerify( pDsigCtx , pNode ); + + + if (rs == 0 && + pDsigCtx->status == xmlSecDSigStatusSucceeded) + { + aTemplate->setStatus(com::sun::star::xml::crypto::SecurityOperationStatus_OPERATION_SUCCEEDED); + xmlSecDSigCtxDestroy( pDsigCtx ) ; + pSecEnv->destroyKeysManager( pMngr ); + break; + } + else + { + aTemplate->setStatus(com::sun::star::xml::crypto::SecurityOperationStatus_UNKNOWN); + } + xmlSecDSigCtxDestroy( pDsigCtx ) ; + pSecEnv->destroyKeysManager( pMngr ); + } + + + + //Unregistered the stream/URI binding + if( xUriBinding.is() ) + xmlUnregisterStreamInputCallbacks() ; + + //return valid ; + clearErrorRecorder(); + return aTemplate; +} + +/* XInitialization */ +void SAL_CALL XMLSignature_NssImpl :: initialize( const Sequence< Any >& /*aArguments*/ ) throw( Exception, RuntimeException ) { + // TBD +} ; + +/* XServiceInfo */ +OUString SAL_CALL XMLSignature_NssImpl :: getImplementationName() throw( RuntimeException ) { + return impl_getImplementationName() ; +} + +/* XServiceInfo */ +sal_Bool SAL_CALL XMLSignature_NssImpl :: supportsService( const OUString& serviceName) throw( RuntimeException ) { + Sequence< OUString > seqServiceNames = getSupportedServiceNames() ; + const OUString* pArray = seqServiceNames.getConstArray() ; + for( sal_Int32 i = 0 ; i < seqServiceNames.getLength() ; i ++ ) { + if( *( pArray + i ) == serviceName ) + return sal_True ; + } + return sal_False ; +} + +/* XServiceInfo */ +Sequence< OUString > SAL_CALL XMLSignature_NssImpl :: getSupportedServiceNames() throw( RuntimeException ) { + return impl_getSupportedServiceNames() ; +} + +//Helper for XServiceInfo +Sequence< OUString > XMLSignature_NssImpl :: impl_getSupportedServiceNames() { + ::osl::Guard< ::osl::Mutex > aGuard( ::osl::Mutex::getGlobalMutex() ) ; + Sequence< OUString > seqServiceNames( 1 ) ; + seqServiceNames.getArray()[0] = OUString::createFromAscii( "com.sun.star.xml.crypto.XMLSignature" ) ; + return seqServiceNames ; +} + +OUString XMLSignature_NssImpl :: impl_getImplementationName() throw( RuntimeException ) { + return OUString::createFromAscii( "com.sun.star.xml.security.bridge.xmlsec.XMLSignature_NssImpl" ) ; +} + +//Helper for registry +Reference< XInterface > SAL_CALL XMLSignature_NssImpl :: impl_createInstance( const Reference< XMultiServiceFactory >& aServiceManager ) throw( RuntimeException ) { + return Reference< XInterface >( *new XMLSignature_NssImpl( aServiceManager ) ) ; +} + +Reference< XSingleServiceFactory > XMLSignature_NssImpl :: impl_createFactory( const Reference< XMultiServiceFactory >& aServiceManager ) { + //Reference< XSingleServiceFactory > xFactory ; + //xFactory = ::cppu::createSingleFactory( aServiceManager , impl_getImplementationName , impl_createInstance , impl_getSupportedServiceNames ) ; + //return xFactory ; + return ::cppu::createSingleFactory( aServiceManager , impl_getImplementationName() , impl_createInstance , impl_getSupportedServiceNames() ) ; +} + diff --git a/xmlsecurity/source/xmlsec/nss/xmlsignature_nssimpl.hxx b/xmlsecurity/source/xmlsec/nss/xmlsignature_nssimpl.hxx new file mode 100644 index 000000000000..9a95d480d59b --- /dev/null +++ b/xmlsecurity/source/xmlsec/nss/xmlsignature_nssimpl.hxx @@ -0,0 +1,105 @@ +/************************************************************************* + * + * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. + * + * Copyright 2008 by Sun Microsystems, Inc. + * + * OpenOffice.org - a multi-platform office productivity suite + * + * $RCSfile: xmlsignature_nssimpl.hxx,v $ + * $Revision: 1.5 $ + * + * This file is part of OpenOffice.org. + * + * OpenOffice.org is free software: you can redistribute it and/or modify + * it under the terms of the GNU Lesser General Public License version 3 + * only, as published by the Free Software Foundation. + * + * OpenOffice.org is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU Lesser General Public License version 3 for more details + * (a copy is included in the LICENSE file that accompanied this code). + * + * You should have received a copy of the GNU Lesser General Public License + * version 3 along with OpenOffice.org. If not, see + * <http://www.openoffice.org/license.html> + * for a copy of the LGPLv3 License. + * + ************************************************************************/ + +#ifndef _XMLSIGNATURE_NSSIMPL_HXX_ +#define _XMLSIGNATURE_NSSIMPL_HXX_ + +#include <sal/config.h> +#include <rtl/ustring.hxx> +#include <cppuhelper/factory.hxx> +#include <cppuhelper/implbase3.hxx> +#include <com/sun/star/uno/Exception.hpp> + +#ifndef _COM_SUN_STAR_UNO_REFERENCE_HPP_ +#include <com/sun/star/uno/Reference.hxx> +#endif +#include <com/sun/star/lang/XSingleServiceFactory.hpp> + +#ifndef _COM_SUN_STAR_LANG_XSECVICEINFO_HPP_ +#include <com/sun/star/lang/XServiceInfo.hpp> +#endif +#include <com/sun/star/lang/XInitialization.hpp> +#include <com/sun/star/xml/crypto/XXMLSignature.hpp> +#include <com/sun/star/xml/crypto/XXMLSignatureTemplate.hpp> +#include <com/sun/star/xml/crypto/XXMLSecurityContext.hpp> + +class XMLSignature_NssImpl : public ::cppu::WeakImplHelper3< + ::com::sun::star::xml::crypto::XXMLSignature , + ::com::sun::star::lang::XInitialization , + ::com::sun::star::lang::XServiceInfo > +{ + private : + ::com::sun::star::uno::Reference< ::com::sun::star::lang::XMultiServiceFactory > m_xServiceManager ; + + public : + XMLSignature_NssImpl( const ::com::sun::star::uno::Reference< ::com::sun::star::lang::XMultiServiceFactory >& aFactory ) ; + virtual ~XMLSignature_NssImpl() ; + + //Methods from XXMLSignature + virtual ::com::sun::star::uno::Reference< ::com::sun::star::xml::crypto::XXMLSignatureTemplate > SAL_CALL generate( + const ::com::sun::star::uno::Reference< ::com::sun::star::xml::crypto::XXMLSignatureTemplate >& aTemplate , + const ::com::sun::star::uno::Reference< ::com::sun::star::xml::crypto::XSecurityEnvironment >& aEnvironment + ) throw( com::sun::star::xml::crypto::XMLSignatureException, + com::sun::star::uno::SecurityException) ; + + virtual ::com::sun::star::uno::Reference< ::com::sun::star::xml::crypto::XXMLSignatureTemplate > SAL_CALL validate( + const ::com::sun::star::uno::Reference< ::com::sun::star::xml::crypto::XXMLSignatureTemplate >& aTemplate , + const ::com::sun::star::uno::Reference< ::com::sun::star::xml::crypto::XXMLSecurityContext >& aContext + ) throw( com::sun::star::uno::RuntimeException, + com::sun::star::uno::SecurityException, + com::sun::star::xml::crypto::XMLSignatureException); + + //Methods from XInitialization + virtual void SAL_CALL initialize( + const ::com::sun::star::uno::Sequence< ::com::sun::star::uno::Any >& aArguments + ) throw( ::com::sun::star::uno::Exception , ::com::sun::star::uno::RuntimeException ) ; + + //Methods from XServiceInfo + virtual ::rtl::OUString SAL_CALL getImplementationName() throw( ::com::sun::star::uno::RuntimeException ) ; + + virtual sal_Bool SAL_CALL supportsService( + const ::rtl::OUString& ServiceName + ) throw( ::com::sun::star::uno::RuntimeException ) ; + + virtual ::com::sun::star::uno::Sequence< ::rtl::OUString > SAL_CALL getSupportedServiceNames() throw( ::com::sun::star::uno::RuntimeException ) ; + + //Helper for XServiceInfo + static ::com::sun::star::uno::Sequence< ::rtl::OUString > impl_getSupportedServiceNames() ; + + static ::rtl::OUString impl_getImplementationName() throw( ::com::sun::star::uno::RuntimeException ) ; + + //Helper for registry + static ::com::sun::star::uno::Reference< ::com::sun::star::uno::XInterface > SAL_CALL impl_createInstance( const ::com::sun::star::uno::Reference< ::com::sun::star::lang::XMultiServiceFactory >& aServiceManager ) throw( ::com::sun::star::uno::RuntimeException ) ; + + static ::com::sun::star::uno::Reference< ::com::sun::star::lang::XSingleServiceFactory > impl_createFactory( const ::com::sun::star::uno::Reference< ::com::sun::star::lang::XMultiServiceFactory >& aServiceManager ) ; +} ; + +#endif // _XMLSIGNATURE_NSSIMPL_HXX_ + diff --git a/xmlsecurity/source/xmlsec/nss/xsec_nss.cxx b/xmlsecurity/source/xmlsec/nss/xsec_nss.cxx new file mode 100644 index 000000000000..e21e7d4b1d49 --- /dev/null +++ b/xmlsecurity/source/xmlsec/nss/xsec_nss.cxx @@ -0,0 +1,168 @@ +/************************************************************************* + * + * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. + * + * Copyright 2008 by Sun Microsystems, Inc. + * + * OpenOffice.org - a multi-platform office productivity suite + * + * $RCSfile: xsec_nss.cxx,v $ + * $Revision: 1.5 $ + * + * This file is part of OpenOffice.org. + * + * OpenOffice.org is free software: you can redistribute it and/or modify + * it under the terms of the GNU Lesser General Public License version 3 + * only, as published by the Free Software Foundation. + * + * OpenOffice.org is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU Lesser General Public License version 3 for more details + * (a copy is included in the LICENSE file that accompanied this code). + * + * You should have received a copy of the GNU Lesser General Public License + * version 3 along with OpenOffice.org. If not, see + * <http://www.openoffice.org/license.html> + * for a copy of the LGPLv3 License. + * + ************************************************************************/ + +// MARKER(update_precomp.py): autogen include statement, do not remove +#include "precompiled_xmlsecurity.hxx" + +#include <sal/config.h> +#include <stdio.h> + +#include <osl/mutex.hxx> +#include <osl/thread.h> +#include <cppuhelper/factory.hxx> +#include <com/sun/star/lang/XSingleServiceFactory.hpp> + +#include "seinitializer_nssimpl.hxx" +#include "xmlsignature_nssimpl.hxx" +#include "xmlencryption_nssimpl.hxx" +#include "xmlsecuritycontext_nssimpl.hxx" +#include "securityenvironment_nssimpl.hxx" + +using namespace ::rtl; +using namespace ::cppu; +using namespace ::com::sun::star::uno; +using namespace ::com::sun::star::lang; +using namespace ::com::sun::star::registry; + +extern "C" +{ + +sal_Bool SAL_CALL nss_component_writeInfo( void* /*pServiceManager*/ , void* pRegistryKey ) +{ + sal_Bool result = sal_False; + sal_Int32 i ; + OUString sKeyName ; + Reference< XRegistryKey > xNewKey ; + Sequence< OUString > seqServices ; + Reference< XRegistryKey > xKey( reinterpret_cast< XRegistryKey* >( pRegistryKey ) ) ; + + if( xKey.is() ) { + // try { + // XMLSignature_NssImpl + sKeyName = OUString( RTL_CONSTASCII_USTRINGPARAM( "/" ) ) ; + sKeyName += XMLSignature_NssImpl::impl_getImplementationName() ; + sKeyName += OUString::createFromAscii( "/UNO/SERVICES" ) ; + + xNewKey = xKey->createKey( sKeyName ) ; + if( xNewKey.is() ) { + seqServices = XMLSignature_NssImpl::impl_getSupportedServiceNames() ; + for( i = seqServices.getLength() ; i -- ; ) + xNewKey->createKey( seqServices.getConstArray()[i] ) ; + } + + // XMLEncryption_NssImpl + sKeyName = OUString( RTL_CONSTASCII_USTRINGPARAM( "/" ) ) ; + sKeyName += XMLEncryption_NssImpl::impl_getImplementationName() ; + sKeyName += OUString::createFromAscii( "/UNO/SERVICES" ) ; + + xNewKey = xKey->createKey( sKeyName ) ; + if( xNewKey.is() ) { + seqServices = XMLEncryption_NssImpl::impl_getSupportedServiceNames() ; + for( i = seqServices.getLength() ; i -- ; ) + xNewKey->createKey( seqServices.getConstArray()[i] ) ; + } + + // XMLSecurityContext_NssImpl + sKeyName = OUString( RTL_CONSTASCII_USTRINGPARAM( "/" ) ) ; + sKeyName += XMLSecurityContext_NssImpl::impl_getImplementationName() ; + sKeyName += OUString::createFromAscii( "/UNO/SERVICES" ) ; + + xNewKey = xKey->createKey( sKeyName ) ; + if( xNewKey.is() ) { + seqServices = XMLSecurityContext_NssImpl::impl_getSupportedServiceNames() ; + for( i = seqServices.getLength() ; i -- ; ) + xNewKey->createKey( seqServices.getConstArray()[i] ) ; + } + + // SecurityEnvironment_NssImpl + sKeyName = OUString( RTL_CONSTASCII_USTRINGPARAM( "/" ) ) ; + sKeyName += SecurityEnvironment_NssImpl::impl_getImplementationName() ; + sKeyName += OUString::createFromAscii( "/UNO/SERVICES" ) ; + + xNewKey = xKey->createKey( sKeyName ) ; + if( xNewKey.is() ) { + seqServices = SecurityEnvironment_NssImpl::impl_getSupportedServiceNames() ; + for( i = seqServices.getLength() ; i -- ; ) + xNewKey->createKey( seqServices.getConstArray()[i] ) ; + } + + // SEInitializer_NssImpl + sKeyName = OUString( RTL_CONSTASCII_USTRINGPARAM( "/" ) ) ; + sKeyName += SEInitializer_NssImpl_getImplementationName() ; + sKeyName += OUString::createFromAscii( "/UNO/SERVICES" ) ; + + xNewKey = xKey->createKey( sKeyName ) ; + if( xNewKey.is() ) { + seqServices = SEInitializer_NssImpl_getSupportedServiceNames() ; + for( i = seqServices.getLength() ; i -- ; ) + xNewKey->createKey( seqServices.getConstArray()[i] ) ; + } + + return sal_True; + //} catch( InvalidRegistryException & ) { + // //we should not ignore exceptions + // return sal_False ; + //} + } + return result; +} + +void* SAL_CALL nss_component_getFactory( const sal_Char* pImplName , void* pServiceManager , void* /*pRegistryKey*/ ) +{ + void* pRet = 0; + Reference< XSingleServiceFactory > xFactory ; + + if( pImplName != NULL && pServiceManager != NULL ) { + if( XMLSignature_NssImpl::impl_getImplementationName().equals( OUString::createFromAscii( pImplName ) ) ) { + xFactory = XMLSignature_NssImpl::impl_createFactory( reinterpret_cast< XMultiServiceFactory* >( pServiceManager ) ) ; + } else if( XMLSecurityContext_NssImpl::impl_getImplementationName().equals( OUString::createFromAscii( pImplName ) ) ) { + xFactory = XMLSecurityContext_NssImpl::impl_createFactory( reinterpret_cast< XMultiServiceFactory* >( pServiceManager ) ) ; + } else if( SecurityEnvironment_NssImpl::impl_getImplementationName().equals( OUString::createFromAscii( pImplName ) ) ) { + xFactory = SecurityEnvironment_NssImpl::impl_createFactory( reinterpret_cast< XMultiServiceFactory* >( pServiceManager ) ) ; + } else if( XMLEncryption_NssImpl::impl_getImplementationName().equals( OUString::createFromAscii( pImplName ) ) ) { + xFactory = XMLEncryption_NssImpl::impl_createFactory( reinterpret_cast< XMultiServiceFactory* >( pServiceManager ) ) ; + } else if( SEInitializer_NssImpl_getImplementationName().equals( OUString::createFromAscii( pImplName ) ) ) { + xFactory = Reference< XSingleServiceFactory >( createSingleFactory( + reinterpret_cast< XMultiServiceFactory * >( pServiceManager ), + OUString::createFromAscii( pImplName ), + SEInitializer_NssImpl_createInstance, SEInitializer_NssImpl_getSupportedServiceNames() ) ); + } + } + + if( xFactory.is() ) { + xFactory->acquire() ; + pRet = xFactory.get() ; + } + + return pRet ; +} + +} + diff --git a/xmlsecurity/source/xmlsec/saxhelper.cxx b/xmlsecurity/source/xmlsec/saxhelper.cxx new file mode 100644 index 000000000000..61a40d504c83 --- /dev/null +++ b/xmlsecurity/source/xmlsec/saxhelper.cxx @@ -0,0 +1,453 @@ +/************************************************************************* + * + * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. + * + * Copyright 2008 by Sun Microsystems, Inc. + * + * OpenOffice.org - a multi-platform office productivity suite + * + * $RCSfile: saxhelper.cxx,v $ + * $Revision: 1.7 $ + * + * This file is part of OpenOffice.org. + * + * OpenOffice.org is free software: you can redistribute it and/or modify + * it under the terms of the GNU Lesser General Public License version 3 + * only, as published by the Free Software Foundation. + * + * OpenOffice.org is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU Lesser General Public License version 3 for more details + * (a copy is included in the LICENSE file that accompanied this code). + * + * You should have received a copy of the GNU Lesser General Public License + * version 3 along with OpenOffice.org. If not, see + * <http://www.openoffice.org/license.html> + * for a copy of the LGPLv3 License. + * + ************************************************************************/ + +// MARKER(update_precomp.py): autogen include statement, do not remove +#include "precompiled_xmlsecurity.hxx" + +#include <rtl/ustring.hxx> + +#include "saxhelper.hxx" +#include "libxml/parserInternals.h" + +#ifndef XMLSEC_NO_XSLT +#include "libxslt/xslt.h" +#endif + +namespace cssu = com::sun::star::uno; +namespace cssxs = com::sun::star::xml::sax; +namespace cssxcsax = com::sun::star::xml::csax; + +/** + * The return value is NULL terminated. The application has the responsibilty to + * deallocte the return value. + */ +xmlChar* ous_to_xmlstr( const rtl::OUString& oustr ) +{ + rtl::OString ostr = rtl::OUStringToOString( oustr , RTL_TEXTENCODING_UTF8 ) ; + return xmlStrndup( ( xmlChar* )ostr.getStr(), ( int )ostr.getLength() ) ; +} + +/** + * The return value is NULL terminated. The application has the responsibilty to + * deallocte the return value. + */ +xmlChar* ous_to_nxmlstr( const rtl::OUString& oustr, int& length ) +{ + rtl::OString ostr = rtl::OUStringToOString( oustr , RTL_TEXTENCODING_UTF8 ) ; + length = ostr.getLength(); + + return xmlStrndup( ( xmlChar* )ostr.getStr(), length ) ; +} + +/** + * The input parameter isn't necessaryly NULL terminated. + */ +rtl::OUString xmlchar_to_ous( const xmlChar* pChar, int length ) +{ + if( pChar != NULL ) + { + return rtl::OUString( ( sal_Char* )pChar , length , RTL_TEXTENCODING_UTF8 ) ; + } + else + { + return rtl::OUString() ; + } +} + +/** + * The input parameter is NULL terminated + */ +rtl::OUString xmlstr_to_ous( const xmlChar* pStr ) +{ + if( pStr != NULL ) + { + return xmlchar_to_ous( pStr , xmlStrlen( pStr ) ) ; + } + else + { + return rtl::OUString() ; + } +} + +/** + * The return value and the referenced value must be NULL terminated. + * The application has the responsibilty to deallocte the return value. + */ +const xmlChar** attrlist_to_nxmlstr( const cssu::Sequence< cssxcsax::XMLAttribute >& aAttributes ) +{ + xmlChar* attname = NULL ; + xmlChar* attvalue = NULL ; + const xmlChar** attrs = NULL ; + rtl::OUString oustr ; + + sal_Int32 nLength = aAttributes.getLength();; + + if( nLength != 0 ) + { + attrs = ( const xmlChar** )xmlMalloc( ( nLength * 2 + 2 ) * sizeof( xmlChar* ) ) ; + } + else + { + return NULL ; + } + + for( int i = 0 , j = 0 ; j < nLength ; ++j ) + { + attname = ous_to_xmlstr( aAttributes[j].sName ) ; + attvalue = ous_to_xmlstr( aAttributes[j].sValue ) ; + + if( attname != NULL && attvalue != NULL ) + { + attrs[i++] = attname ; + attrs[i++] = attvalue ; + attrs[i] = NULL ; + attrs[i+1] = NULL ; + } + else + { + if( attname != NULL ) + xmlFree( attname ) ; + if( attvalue != NULL ) + xmlFree( attvalue ) ; + } + } + + return attrs ; +} + +/** + * Constructor + * + * In this constructor, a libxml sax parser context is initialized. a libxml + * default sax handler is initialized with the context. + */ +SAXHelper::SAXHelper( ) + : m_pParserCtxt( NULL ), + m_pSaxHandler( NULL ) +{ + xmlInitParser() ; + LIBXML_TEST_VERSION ; + + /* + * compile error: + * xmlLoadExtDtdDefaultValue = XML_DETECT_IDS | XML_COMPLETE_ATTRS ; + */ + xmlSubstituteEntitiesDefault( 1 ) ; + +#ifndef XMLSEC_NO_XSLT + xmlIndentTreeOutput = 1 ; +#endif /* XMLSEC_NO_XSLT */ + + m_pParserCtxt = xmlNewParserCtxt() ; + + /* + * i41748 + * + * mmi : re-initialize the SAX handler to version 1 + */ + + xmlSAXVersion(m_pParserCtxt->sax, 1); + + /* end */ + + if( m_pParserCtxt->inputTab[0] != NULL ) + { + m_pParserCtxt->inputTab[0] = NULL ; + } + + if( m_pParserCtxt == NULL ) + { +#ifndef XMLSEC_NO_XSLT + xsltCleanupGlobals() ; +#endif +// see issue i74334, we cannot call xmlCleanupParser when libxml is still used +// in other parts of the office. +// xmlCleanupParser() ; + throw cssu::RuntimeException() ; + } + else if( m_pParserCtxt->sax == NULL ) + { + xmlFreeParserCtxt( m_pParserCtxt ) ; + +#ifndef XMLSEC_NO_XSLT + xsltCleanupGlobals() ; +#endif +// see issue i74334, we cannot call xmlCleanupParser when libxml is still used +// in other parts of the office. +// xmlCleanupParser() ; + m_pParserCtxt = NULL ; + throw cssu::RuntimeException() ; + } + else + { + m_pSaxHandler = m_pParserCtxt->sax ; + + //Adjust the context + m_pParserCtxt->recovery = 1 ; + } +} + +/** + * Destructor + * + * In this destructor, a libxml sax parser context is desturcted. The XML tree + * in the context is not deallocated because the tree is bind with a document + * model by the setTargetDocument method, which delegate the target document to + * destruct the xml tree. + */ +SAXHelper::~SAXHelper() { + if( m_pParserCtxt != NULL ) + { + /* + * In the situation that no object refer the Document, this destructor + * must deallocate the Document memory + */ + if( m_pSaxHandler == m_pParserCtxt->sax ) + { + m_pSaxHandler = NULL ; + } + + xmlFreeParserCtxt( m_pParserCtxt ) ; + m_pParserCtxt = NULL ; + } + + if( m_pSaxHandler != NULL ) + { + xmlFree( m_pSaxHandler ) ; + m_pSaxHandler = NULL ; + } +// see issue i74334, we cannot call xmlCleanupParser when libxml is still used +// in other parts of the office. +// xmlCleanupParser() ; +} + +xmlNodePtr SAXHelper::getCurrentNode() +{ + return m_pParserCtxt->node; +} + +void SAXHelper::setCurrentNode(const xmlNodePtr pNode) +{ + /* + * This is really a black trick. + * When the current node is replaced, the nodeTab + * stack's top has to been replaced with the same + * node, in order to make compatibility. + */ + m_pParserCtxt->nodeTab[m_pParserCtxt->nodeNr - 1] + = m_pParserCtxt->node + = pNode; +} + +xmlDocPtr SAXHelper::getDocument() +{ + return m_pParserCtxt->myDoc; +} + +/** + * XDocumentHandler -- start an xml document + */ +void SAXHelper::startDocument( void ) + throw( cssxs::SAXException , cssu::RuntimeException ) +{ + /* + * Adjust inputTab + */ + xmlParserInputPtr pInput = xmlNewInputStream( m_pParserCtxt ) ; + + if( m_pParserCtxt->inputTab != NULL && m_pParserCtxt->inputMax != 0 ) + { + m_pParserCtxt->inputTab[0] = pInput ; + m_pParserCtxt->input = pInput ; + } + + m_pSaxHandler->startDocument( m_pParserCtxt ) ; + + if( m_pParserCtxt == NULL || m_pParserCtxt->myDoc == NULL ) + { + throw cssu::RuntimeException() ; + } +} + +/** + * XDocumentHandler -- end an xml document + */ +void SAXHelper::endDocument( void ) + throw( cssxs::SAXException , cssu::RuntimeException ) +{ + m_pSaxHandler->endDocument( m_pParserCtxt ) ; +} + +/** + * XDocumentHandler -- start an xml element + */ +void SAXHelper::startElement( + const rtl::OUString& aName, + const cssu::Sequence< cssxcsax::XMLAttribute >& aAttributes ) + throw( cssxs::SAXException , cssu::RuntimeException ) +{ + const xmlChar* fullName = NULL ; + const xmlChar** attrs = NULL ; + + fullName = ous_to_xmlstr( aName ) ; + attrs = attrlist_to_nxmlstr( aAttributes ) ; + + if( fullName != NULL || attrs != NULL ) + { + m_pSaxHandler->startElement( m_pParserCtxt , fullName , attrs ) ; + } + + if( fullName != NULL ) + { + xmlFree( ( xmlChar* )fullName ) ; + fullName = NULL ; + } + + if( attrs != NULL ) + { + for( int i = 0 ; attrs[i] != NULL ; ++i ) + { + xmlFree( ( xmlChar* )attrs[i] ) ; + attrs[i] = NULL ; + } + + xmlFree( ( void* ) attrs ) ; + attrs = NULL ; + } +} + +/** + * XDocumentHandler -- end an xml element + */ +void SAXHelper::endElement( const rtl::OUString& aName ) + throw( cssxs::SAXException , cssu::RuntimeException ) +{ + xmlChar* fullname = NULL ; + + fullname = ous_to_xmlstr( aName ) ; + m_pSaxHandler->endElement( m_pParserCtxt , fullname ) ; + + if( fullname != NULL ) + { + xmlFree( ( xmlChar* )fullname ) ; + fullname = NULL ; + } +} + +/** + * XDocumentHandler -- an xml element or cdata characters + */ +void SAXHelper::characters( const rtl::OUString& aChars ) + throw( cssxs::SAXException , cssu::RuntimeException ) +{ + const xmlChar* chars = NULL ; + int length = 0 ; + + chars = ous_to_nxmlstr( aChars, length ) ; + m_pSaxHandler->characters( m_pParserCtxt , chars , length ) ; + + if( chars != NULL ) + { + xmlFree( ( xmlChar* )chars ) ; + } +} + +/** + * XDocumentHandler -- ignorable xml white space + */ +void SAXHelper::ignorableWhitespace( const rtl::OUString& aWhitespaces ) + throw( cssxs::SAXException , cssu::RuntimeException ) +{ + const xmlChar* chars = NULL ; + int length = 0 ; + + chars = ous_to_nxmlstr( aWhitespaces, length ) ; + m_pSaxHandler->ignorableWhitespace( m_pParserCtxt , chars , length ) ; + + if( chars != NULL ) + { + xmlFree( ( xmlChar* )chars ) ; + } +} + +/** + * XDocumentHandler -- preaorocessing instruction + */ +void SAXHelper::processingInstruction( + const rtl::OUString& aTarget, + const rtl::OUString& aData ) + throw( cssxs::SAXException , cssu::RuntimeException ) +{ + xmlChar* target = NULL ; + xmlChar* data = NULL ; + + target = ous_to_xmlstr( aTarget ) ; + data = ous_to_xmlstr( aData ) ; + + m_pSaxHandler->processingInstruction( m_pParserCtxt , target , data ) ; + + if( target != NULL ) + { + xmlFree( ( xmlChar* )target ) ; + target = NULL ; + } + + if( data != NULL ) + { + xmlFree( ( xmlChar* )data ) ; + data = NULL ; + } +} + +/** + * XDocumentHandler -- set document locator + * In this case, locator is useless. + */ +void SAXHelper::setDocumentLocator( + const cssu::Reference< cssxs::XLocator > &) + throw( cssxs::SAXException , cssu::RuntimeException ) +{ + //--Pseudo code if necessary + //--m_pSaxLocator is a member defined as xmlSAXHabdlerPtr + //--m_pSaxLocatorHdl is a member defined as Sax_Locator + + //if( m_pSaxLocator != NULL ) { + // //Deallocate the memory + //} + //if( m_pSaxLocatorHdl != NULL ) { + // //Deallocate the memory + //} + + //m_pSaxLocatorHdl = new Sax_Locator( xLocator ) ; + //m_pSaxLocator = { m_pSaxLocatorHdl->getPublicId , m_pSaxLocatorHdl->getSystemId , m_pSaxLocatorHdl->getLineNumber , m_pSaxLocatorHdl->getColumnNumber } ; + + //m_pSaxHandler->setDocumentLocator( m_pParserCtxt , m_pSaxLocator ) ; +} + diff --git a/xmlsecurity/source/xmlsec/saxhelper.hxx b/xmlsecurity/source/xmlsec/saxhelper.hxx new file mode 100644 index 000000000000..4d8f2d7a167c --- /dev/null +++ b/xmlsecurity/source/xmlsec/saxhelper.hxx @@ -0,0 +1,91 @@ +/************************************************************************* + * + * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. + * + * Copyright 2008 by Sun Microsystems, Inc. + * + * OpenOffice.org - a multi-platform office productivity suite + * + * $RCSfile: saxhelper.hxx,v $ + * $Revision: 1.4 $ + * + * This file is part of OpenOffice.org. + * + * OpenOffice.org is free software: you can redistribute it and/or modify + * it under the terms of the GNU Lesser General Public License version 3 + * only, as published by the Free Software Foundation. + * + * OpenOffice.org is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU Lesser General Public License version 3 for more details + * (a copy is included in the LICENSE file that accompanied this code). + * + * You should have received a copy of the GNU Lesser General Public License + * version 3 along with OpenOffice.org. If not, see + * <http://www.openoffice.org/license.html> + * for a copy of the LGPLv3 License. + * + ************************************************************************/ + +#ifndef _SAXHELPER_HXX +#define _SAXHELPER_HXX + +#include "libxml/tree.h" + +#include <com/sun/star/xml/sax/SAXException.hpp> +#include <com/sun/star/xml/sax/XAttributeList.hpp> +#include <com/sun/star/xml/sax/XLocator.hpp> +#include <com/sun/star/lang/XServiceInfo.hpp> +#include <com/sun/star/xml/csax/XMLAttribute.hpp> + +/** This class represents a SAX handler which simply forwards to + the corresponding libxml API and translates parameter if necessary. +*/ +class SAXHelper +{ + private : + xmlParserCtxtPtr m_pParserCtxt ; + xmlSAXHandlerPtr m_pSaxHandler ; + + public: + SAXHelper( ) ; + virtual ~SAXHelper() ; + + xmlNodePtr getCurrentNode(); + void setCurrentNode(const xmlNodePtr pNode); + xmlDocPtr getDocument(); + + void startDocument( void ) + throw( ::com::sun::star::xml::sax::SAXException , ::com::sun::star::uno::RuntimeException ) ; + + void endDocument( void ) + throw( ::com::sun::star::xml::sax::SAXException , ::com::sun::star::uno::RuntimeException ) ; + + void startElement( + const ::rtl::OUString& aName , + const com::sun::star::uno::Sequence< + com::sun::star::xml::csax::XMLAttribute >& aAttributes ) + throw( ::com::sun::star::xml::sax::SAXException , ::com::sun::star::uno::RuntimeException ) ; + + void endElement( const ::rtl::OUString& aName ) + throw( ::com::sun::star::xml::sax::SAXException , ::com::sun::star::uno::RuntimeException ) ; + + void characters( const ::rtl::OUString& aChars ) + throw( ::com::sun::star::xml::sax::SAXException , ::com::sun::star::uno::RuntimeException ) ; + + void ignorableWhitespace( const ::rtl::OUString& aWhitespaces ) + throw( ::com::sun::star::xml::sax::SAXException , ::com::sun::star::uno::RuntimeException ) ; + + void processingInstruction( + const ::rtl::OUString& aTarget , + const ::rtl::OUString& aData ) + throw( ::com::sun::star::xml::sax::SAXException , ::com::sun::star::uno::RuntimeException ) ; + + void setDocumentLocator( const ::com::sun::star::uno::Reference< + ::com::sun::star::xml::sax::XLocator > & xLocator ) + throw( ::com::sun::star::xml::sax::SAXException , ::com::sun::star::uno::RuntimeException ) ; +} ; + +#endif + diff --git a/xmlsecurity/source/xmlsec/xmldocumentwrapper_xmlsecimpl.cxx b/xmlsecurity/source/xmlsec/xmldocumentwrapper_xmlsecimpl.cxx new file mode 100644 index 000000000000..6994c102f64f --- /dev/null +++ b/xmlsecurity/source/xmlsec/xmldocumentwrapper_xmlsecimpl.cxx @@ -0,0 +1,1156 @@ +/************************************************************************* + * + * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. + * + * Copyright 2008 by Sun Microsystems, Inc. + * + * OpenOffice.org - a multi-platform office productivity suite + * + * $RCSfile: xmldocumentwrapper_xmlsecimpl.cxx,v $ + * $Revision: 1.6 $ + * + * This file is part of OpenOffice.org. + * + * OpenOffice.org is free software: you can redistribute it and/or modify + * it under the terms of the GNU Lesser General Public License version 3 + * only, as published by the Free Software Foundation. + * + * OpenOffice.org is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU Lesser General Public License version 3 for more details + * (a copy is included in the LICENSE file that accompanied this code). + * + * You should have received a copy of the GNU Lesser General Public License + * version 3 along with OpenOffice.org. If not, see + * <http://www.openoffice.org/license.html> + * for a copy of the LGPLv3 License. + * + ************************************************************************/ + +// MARKER(update_precomp.py): autogen include statement, do not remove +#include "precompiled_xmlsecurity.hxx" + +#include "xmldocumentwrapper_xmlsecimpl.hxx" +#include <com/sun/star/lang/XMultiServiceFactory.hpp> + +#include <xmloff/attrlist.hxx> +#include "xmlelementwrapper_xmlsecimpl.hxx" + +//#include <malloc.h> +#include <stdio.h> +#include <stdlib.h> +#include <string.h> + +/* + * Deleted by AF +#include <memory.h> + */ + +#include <sys/types.h> +#include <sys/stat.h> + +#ifndef INCLUDED_VECTOR +#include <vector> +#define INCLUDED_VECTOR +#endif + +#ifdef UNX +#define stricmp strcasecmp +#endif + +namespace cssu = com::sun::star::uno; +namespace cssl = com::sun::star::lang; +namespace cssxc = com::sun::star::xml::crypto; +namespace cssxcsax = com::sun::star::xml::csax; +namespace cssxs = com::sun::star::xml::sax; +namespace cssxw = com::sun::star::xml::wrapper; + +#define SERVICE_NAME "com.sun.star.xml.wrapper.XMLDocumentWrapper" +#define IMPLEMENTATION_NAME "com.sun.star.xml.security.bridge.xmlsec.XMLDocumentWrapper_XmlSecImpl" + +#define STRXMLNS "xmlns" + +#define RTL_ASCII_USTRINGPARAM( asciiStr ) asciiStr, strlen( asciiStr ), RTL_TEXTENCODING_ASCII_US +#define RTL_UTF8_USTRINGPARAM( asciiStr ) asciiStr, strlen( asciiStr ), RTL_TEXTENCODING_UTF8 + +/* used by the recursiveDelete method */ +#define NODE_REMOVED 0 +#define NODE_NOTREMOVED 1 +#define NODE_STOPED 2 + +XMLDocumentWrapper_XmlSecImpl::XMLDocumentWrapper_XmlSecImpl( ) +{ + saxHelper.startDocument(); + m_pDocument = saxHelper.getDocument(); + + /* + * creates the virtual root element + */ + saxHelper.startElement(rtl::OUString(RTL_UTF8_USTRINGPARAM( "root" )), cssu::Sequence<cssxcsax::XMLAttribute>()); + + m_pRootElement = saxHelper.getCurrentNode(); + m_pCurrentElement = m_pRootElement; +} + +XMLDocumentWrapper_XmlSecImpl::~XMLDocumentWrapper_XmlSecImpl() +{ + saxHelper.endDocument(); + xmlFreeDoc(m_pDocument); +} + +void XMLDocumentWrapper_XmlSecImpl::getNextSAXEvent() +/****** XMLDocumentWrapper_XmlSecImpl/getNextSAXEvent ************************* + * + * NAME + * getNextSAXEvent -- Prepares the next SAX event to be manipulate + * + * SYNOPSIS + * getNextSAXEvent(); + * + * FUNCTION + * When converting the document into SAX events, this method is used to + * decide the next SAX event to be generated. + * Two member variables are checked to make the decision, the + * m_pCurrentElement and the m_nCurrentPosition. + * The m_pCurrentElement represents the node which have been covered, and + * the m_nCurrentPosition represents the event which have been sent. + * For example, suppose that the m_pCurrentElement + * points to element A, and the m_nCurrentPosition equals to + * NODEPOSITION_STARTELEMENT, then the next SAX event should be the + * endElement for element A if A has no child, or startElement for the + * first child element of element A otherwise. + * The m_nCurrentPosition can be one of following values: + * NODEPOSITION_STARTELEMENT for startElement; + * NODEPOSITION_ENDELEMENT for endElement; + * NODEPOSITION_NORMAL for other SAX events; + * + * INPUTS + * empty + * + * RESULT + * empty + * + * HISTORY + * 05.01.2004 - implemented + * + * AUTHOR + * Michael Mi + * Email: michael.mi@sun.com + ******************************************************************************/ +{ + OSL_ASSERT( m_pCurrentElement != NULL ); + + /* + * Get the next event through tree order. + * + * if the current event is a startElement, then the next + * event depends on whether or not the current node has + * children. + */ + if (m_nCurrentPosition == NODEPOSITION_STARTELEMENT) + { + /* + * If the current node has children, then its first child + * should be next current node, and the next event will be + * startElement or charaters(PI) based on that child's node + * type. Otherwise, the endElement of current node is the + * next event. + */ + if (m_pCurrentElement->children != NULL) + { + m_pCurrentElement = m_pCurrentElement->children; + m_nCurrentPosition + = (m_pCurrentElement->type == XML_ELEMENT_NODE)? + NODEPOSITION_STARTELEMENT:NODEPOSITION_NORMAL; + } + else + { + m_nCurrentPosition = NODEPOSITION_ENDELEMENT; + } + } + /* + * if the current event is a not startElement, then the next + * event depends on whether or not the current node has + * following sibling. + */ + else if (m_nCurrentPosition == NODEPOSITION_ENDELEMENT || m_nCurrentPosition == NODEPOSITION_NORMAL) + { + xmlNodePtr pNextSibling = m_pCurrentElement->next; + + /* + * If the current node has following sibling, that sibling + * should be next current node, and the next event will be + * startElement or charaters(PI) based on that sibling's node + * type. Otherwise, the endElement of current node's parent + * becomes the next event. + */ + if (pNextSibling != NULL) + { + m_pCurrentElement = pNextSibling; + m_nCurrentPosition + = (m_pCurrentElement->type == XML_ELEMENT_NODE)? + NODEPOSITION_STARTELEMENT:NODEPOSITION_NORMAL; + } + else + { + m_pCurrentElement = m_pCurrentElement->parent; + m_nCurrentPosition = NODEPOSITION_ENDELEMENT; + } + } +} + +void XMLDocumentWrapper_XmlSecImpl::sendStartElement( + const cssu::Reference< cssxs::XDocumentHandler >& xHandler, + const cssu::Reference< cssxs::XDocumentHandler >& xHandler2, + const xmlNodePtr pNode) const + throw (cssxs::SAXException) +/****** XMLDocumentWrapper_XmlSecImpl/sendStartElement ************************ + * + * NAME + * sendStartElement -- Constructs a startElement SAX event + * + * SYNOPSIS + * sendStartElement(xHandler, xHandler2, pNode); + * + * FUNCTION + * Used when converting the document into SAX event stream. + * This method constructs a startElement SAX event for a particular + * element, then calls the startElement methods of the XDocumentHandlers. + * + * INPUTS + * xHandler - the first XDocumentHandler interface to receive the + * startElement SAX event. It can be NULL. + * xHandler2 - the second XDocumentHandler interface to receive the + * startElement SAX event. It can't be NULL. + * pNode - the node on which the startElement should be generated. + * This node must be a element type. + * + * RESULT + * empty + * + * HISTORY + * 05.01.2004 - implemented + * + * AUTHOR + * Michael Mi + * Email: michael.mi@sun.com + ******************************************************************************/ +{ + SvXMLAttributeList* pAttributeList = new SvXMLAttributeList(); + cssu::Reference < cssxs::XAttributeList > xAttrList = cssu::Reference< cssxs::XAttributeList > (pAttributeList); + + xmlNsPtr pNsDef = pNode->nsDef; + + while (pNsDef != NULL) + { + const xmlChar* pNsPrefix = pNsDef->prefix; + const xmlChar* pNsHref = pNsDef->href; + + if (pNsDef->prefix == NULL) + { + pAttributeList->AddAttribute( + rtl::OUString(RTL_UTF8_USTRINGPARAM( STRXMLNS )), + rtl::OUString(RTL_UTF8_USTRINGPARAM( (sal_Char*)pNsHref ))); + } + else + { + pAttributeList->AddAttribute( + rtl::OUString(RTL_UTF8_USTRINGPARAM( STRXMLNS )) + +rtl::OUString(RTL_UTF8_USTRINGPARAM( ":" )) + +rtl::OUString(RTL_UTF8_USTRINGPARAM( (sal_Char*)pNsPrefix )), + rtl::OUString(RTL_UTF8_USTRINGPARAM( (sal_Char*)pNsHref ))); + } + + pNsDef = pNsDef->next; + } + + xmlAttrPtr pAttr = pNode->properties; + + while (pAttr != NULL) + { + const xmlChar* pAttrName = pAttr->name; + xmlNsPtr pAttrNs = pAttr->ns; + + rtl::OUString ouAttrName; + if (pAttrNs == NULL) + { + ouAttrName = rtl::OUString(RTL_UTF8_USTRINGPARAM( (sal_Char*)pAttrName )); + } + else + { + ouAttrName = rtl::OUString(RTL_UTF8_USTRINGPARAM( (sal_Char*)pAttrNs->prefix)) + +rtl::OUString(RTL_UTF8_USTRINGPARAM( (sal_Char*)":" )) + +rtl::OUString(RTL_UTF8_USTRINGPARAM( (sal_Char*)pAttrName )); + } + + pAttributeList->AddAttribute( + ouAttrName, + rtl::OUString(RTL_UTF8_USTRINGPARAM( (sal_Char*)(pAttr->children->content)))); + pAttr = pAttr->next; + } + + rtl::OString sNodeName = getNodeQName(pNode); + + if (xHandler.is()) + { + xHandler->startElement( + rtl::OUString(RTL_UTF8_USTRINGPARAM ( ((sal_Char*)(sNodeName.getStr())) )), + xAttrList); + } + + xHandler2->startElement( + rtl::OUString(RTL_UTF8_USTRINGPARAM ( ((sal_Char*)(sNodeName.getStr())) )), + xAttrList); +} + +void XMLDocumentWrapper_XmlSecImpl::sendEndElement( + const cssu::Reference< cssxs::XDocumentHandler >& xHandler, + const cssu::Reference< cssxs::XDocumentHandler >& xHandler2, + const xmlNodePtr pNode) const + throw (cssxs::SAXException) +/****** XMLDocumentWrapper_XmlSecImpl/sendEndElement ************************** + * + * NAME + * sendEndElement -- Constructs a endElement SAX event + * + * SYNOPSIS + * sendEndElement(xHandler, xHandler2, pNode); + * + * FUNCTION + * Used when converting the document into SAX event stream. + * This method constructs a endElement SAX event for a particular + * element, then calls the endElement methods of the XDocumentHandlers. + * + * INPUTS + * xHandler - the first XDocumentHandler interface to receive the + * endElement SAX event. It can be NULL. + * xHandler2 - the second XDocumentHandler interface to receive the + * endElement SAX event. It can't be NULL. + * pNode - the node on which the endElement should be generated. + * This node must be a element type. + * + * RESULT + * empty + * + * HISTORY + * 05.01.2004 - implemented + * + * AUTHOR + * Michael Mi + * Email: michael.mi@sun.com + ******************************************************************************/ +{ + rtl::OString sNodeName = getNodeQName(pNode); + + if (xHandler.is()) + { + xHandler->endElement(rtl::OUString(RTL_UTF8_USTRINGPARAM ( ((sal_Char*)(sNodeName.getStr())) ))); + } + + xHandler2->endElement(rtl::OUString(RTL_UTF8_USTRINGPARAM ( ((sal_Char*)(sNodeName.getStr())) ))); +} + +void XMLDocumentWrapper_XmlSecImpl::sendNode( + const cssu::Reference< cssxs::XDocumentHandler >& xHandler, + const cssu::Reference< cssxs::XDocumentHandler >& xHandler2, + const xmlNodePtr pNode) const + throw (cssxs::SAXException) +/****** XMLDocumentWrapper_XmlSecImpl/sendNode ******************************** + * + * NAME + * sendNode -- Constructs a characters SAX event or a + * processingInstruction SAX event + * + * SYNOPSIS + * sendNode(xHandler, xHandler2, pNode); + * + * FUNCTION + * Used when converting the document into SAX event stream. + * This method constructs a characters SAX event or a + * processingInstructionfor SAX event based on the type of a particular + * element, then calls the corresponding methods of the XDocumentHandlers. + * + * INPUTS + * xHandler - the first XDocumentHandler interface to receive the + * SAX event. It can be NULL. + * xHandler2 - the second XDocumentHandler interface to receive the + * SAX event. It can't be NULL. + * pNode - the node on which the endElement should be generated. + * If it is a text node, then a characters SAX event is + * generated; if it is a PI node, then a + * processingInstructionfor SAX event is generated. + * + * RESULT + * empty + * + * HISTORY + * 05.01.2004 - implemented + * + * AUTHOR + * Michael Mi + * Email: michael.mi@sun.com + ******************************************************************************/ +{ + xmlElementType type = pNode->type; + + if (type == XML_TEXT_NODE) + { + if (xHandler.is()) + { + xHandler->characters(rtl::OUString(RTL_UTF8_USTRINGPARAM ( ((sal_Char*)(pNode->content)) ))); + } + + xHandler2->characters(rtl::OUString(RTL_UTF8_USTRINGPARAM ( ((sal_Char*)(pNode->content)) ))); + } + else if (type == XML_PI_NODE) + { + if (xHandler.is()) + { + xHandler->processingInstruction( + rtl::OUString(RTL_UTF8_USTRINGPARAM ( ((sal_Char*)(pNode->name)) )), + rtl::OUString(RTL_UTF8_USTRINGPARAM ( ((sal_Char*)(pNode->content)) ))); + } + + xHandler2->processingInstruction( + rtl::OUString(RTL_UTF8_USTRINGPARAM ( ((sal_Char*)(pNode->name)) )), + rtl::OUString(RTL_UTF8_USTRINGPARAM ( ((sal_Char*)(pNode->content)) ))); + } +} + +rtl::OString XMLDocumentWrapper_XmlSecImpl::getNodeQName(const xmlNodePtr pNode) const +/****** XMLDocumentWrapper_XmlSecImpl/getNodeQName **************************** + * + * NAME + * getNodeQName -- Retrives the qualified name of a node + * + * SYNOPSIS + * name = getNodeQName(pNode); + * + * FUNCTION + * see NAME + * + * INPUTS + * pNode - the node whose name will be retrived + * + * RESULT + * name - the node's qualified name + * + * HISTORY + * 05.01.2004 - implemented + * + * AUTHOR + * Michael Mi + * Email: michael.mi@sun.com + ******************************************************************************/ +{ + rtl::OString sNodeName((const sal_Char*)pNode->name); + if (pNode->ns != NULL) + { + xmlNsPtr pNs = pNode->ns; + + if (pNs->prefix != NULL) + { + rtl::OString sPrefix((const sal_Char*)pNs->prefix); + sNodeName = sPrefix+rtl::OString(":")+sNodeName; + } + } + + return sNodeName; +} + +xmlNodePtr XMLDocumentWrapper_XmlSecImpl::checkElement( const cssu::Reference< cssxw::XXMLElementWrapper >& xXMLElement) const +/****** XMLDocumentWrapper_XmlSecImpl/checkElement **************************** + * + * NAME + * checkElement -- Retrives the node wrapped by an XXMLElementWrapper + * interface + * + * SYNOPSIS + * node = checkElement(xXMLElement); + * + * FUNCTION + * see NAME + * + * INPUTS + * xXMLElement - the XXMLElementWrapper interface wraping a node + * + * RESULT + * node - the node wrapped in the XXMLElementWrapper interface + * + * HISTORY + * 05.01.2004 - implemented + * + * AUTHOR + * Michael Mi + * Email: michael.mi@sun.com + ******************************************************************************/ +{ + xmlNodePtr rc = NULL; + + if (xXMLElement.is()) + { + cssu::Reference< cssl::XUnoTunnel > xNodTunnel( xXMLElement, cssu::UNO_QUERY ) ; + if( !xNodTunnel.is() ) + { + throw cssu::RuntimeException() ; + } + + XMLElementWrapper_XmlSecImpl* pElement + = reinterpret_cast<XMLElementWrapper_XmlSecImpl*>( + sal::static_int_cast<sal_uIntPtr>( + xNodTunnel->getSomething( + XMLElementWrapper_XmlSecImpl::getUnoTunnelImplementationId() ))) ; + + if( pElement == NULL ) { + throw cssu::RuntimeException() ; + } + + rc = pElement->getNativeElement(); + } + + return rc; +} + +sal_Int32 XMLDocumentWrapper_XmlSecImpl::recursiveDelete( + const xmlNodePtr pNode) +/****** XMLDocumentWrapper_XmlSecImpl/recursiveDelete ************************* + * + * NAME + * recursiveDelete -- Deletes a paticular node with its branch. + * + * SYNOPSIS + * result = recursiveDelete(pNode); + * + * FUNCTION + * Deletes a paticular node with its branch, while reserving the nodes + * (and their brance) listed in the m_aReservedNodes. + * The deletion process is preformed in the tree order, that is, a node + * is deleted after its previous sibling node is deleted, a parent node + * is deleted after its branch is deleted. + * During the deletion process when the m_pStopAtNode is reached, the + * progress is interrupted at once. + * + * INPUTS + * pNode - the node to be deleted + * + * RESULT + * result - the result of the deletion process, can be one of following + * values: + * NODE_STOPED - the process is interrupted by meeting the + * m_pStopAtNode + * NODE_NOTREMOVED - the pNode is not completely removed + * because there is its descendant in the + * m_aReservedNodes list + * NODE_REMOVED - the pNode and its branch are completely + * removed + * + * NOTES + * The node in the m_aReservedNodes list must be in the tree order, otherwise + * the result is unpredictable. + * + * HISTORY + * 05.01.2004 - implemented + * + * AUTHOR + * Michael Mi + * Email: michael.mi@sun.com + ******************************************************************************/ +{ + if (pNode == m_pStopAtNode) + { + return NODE_STOPED; + } + + if (pNode != m_pCurrentReservedNode) + { + xmlNodePtr pChild = pNode->children; + + xmlNodePtr pNextSibling; + bool bIsRemoved = true; + sal_Int32 nResult; + + while( pChild != NULL ) + { + pNextSibling = pChild->next; + nResult = recursiveDelete(pChild); + + switch (nResult) + { + case NODE_STOPED: + return NODE_STOPED; + case NODE_NOTREMOVED: + bIsRemoved = false; + break; + case NODE_REMOVED: + removeNode(pChild); + break; + default: + throw cssu::RuntimeException(); + } + + pChild = pNextSibling; + } + + if (pNode == m_pCurrentElement) + { + bIsRemoved = false; + } + + return bIsRemoved?NODE_REMOVED:NODE_NOTREMOVED; + } + else + { + getNextReservedNode(); + return NODE_NOTREMOVED; + } +} + +void XMLDocumentWrapper_XmlSecImpl::getNextReservedNode() +/****** XMLDocumentWrapper_XmlSecImpl/getNextReservedNode ********************* + * + * NAME + * getNextReservedNode -- Highlights the next reserved node in the + * reserved node list + * + * SYNOPSIS + * getNextReservedNode(); + * + * FUNCTION + * The m_aReservedNodes array holds a node list, while the + * m_pCurrentReservedNode points to the one currently highlighted. + * This method is used to highlight the next node in the node list. + * This method is called at the time when the current highlighted node + * has been already processed, and the next node should be ready. + * + * INPUTS + * empty + * + * RESULT + * empty + * + * HISTORY + * 05.01.2004 - implemented + * + * AUTHOR + * Michael Mi + * Email: michael.mi@sun.com + ******************************************************************************/ +{ + if (m_nReservedNodeIndex < m_aReservedNodes.getLength()) + { + m_pCurrentReservedNode = checkElement( m_aReservedNodes[m_nReservedNodeIndex] ); + m_nReservedNodeIndex ++; + } + else + { + m_pCurrentReservedNode = NULL; + } +} + +void XMLDocumentWrapper_XmlSecImpl::removeNode(const xmlNodePtr pNode) const +/****** XMLDocumentWrapper_XmlSecImpl/removeNode ****************************** + * + * NAME + * removeNode -- Deletes a node with its branch unconditionaly + * + * SYNOPSIS + * removeNode( pNode ); + * + * FUNCTION + * Delete the node along with its branch from the document. + * + * INPUTS + * pNode - the node to be deleted + * + * RESULT + * empty + * + * HISTORY + * 05.01.2004 - implemented + * + * AUTHOR + * Michael Mi + * Email: michael.mi@sun.com + ******************************************************************************/ +{ + /* you can't remove the current node */ + OSL_ASSERT( m_pCurrentElement != pNode ); + + xmlAttrPtr pAttr = pNode->properties; + + while (pAttr != NULL) + { + if (!stricmp((sal_Char*)pAttr->name,"id")) + { + xmlRemoveID(m_pDocument, pAttr); + } + + pAttr = pAttr->next; + } + + xmlUnlinkNode(pNode); + xmlFreeNode(pNode); +} + +void XMLDocumentWrapper_XmlSecImpl::buildIDAttr(xmlNodePtr pNode) const +/****** XMLDocumentWrapper_XmlSecImpl/buildIDAttr ***************************** + * + * NAME + * buildIDAttr -- build the ID attribute of a node + * + * SYNOPSIS + * buildIDAttr( pNode ); + * + * FUNCTION + * see NAME + * + * INPUTS + * pNode - the node whose id attribute will be built + * + * RESULT + * empty + * + * HISTORY + * 14.06.2004 - implemented + * + * AUTHOR + * Michael Mi + * Email: michael.mi@sun.com + ******************************************************************************/ +{ + xmlAttrPtr idAttr = xmlHasProp( pNode, (const unsigned char *)"id" ); + if (idAttr == NULL) + { + idAttr = xmlHasProp( pNode, (const unsigned char *)"Id" ); + } + + if (idAttr != NULL) + { + xmlChar* idValue = xmlNodeListGetString( m_pDocument, idAttr->children, 1 ) ; + xmlAddID( NULL, m_pDocument, idValue, idAttr ); + } +} + +void XMLDocumentWrapper_XmlSecImpl::rebuildIDLink(xmlNodePtr pNode) const +/****** XMLDocumentWrapper_XmlSecImpl/rebuildIDLink *************************** + * + * NAME + * rebuildIDLink -- rebuild the ID link for the branch + * + * SYNOPSIS + * rebuildIDLink( pNode ); + * + * FUNCTION + * see NAME + * + * INPUTS + * pNode - the node, from which the branch will be rebuilt + * + * RESULT + * empty + * + * HISTORY + * 14.06.2004 - implemented + * + * AUTHOR + * Michael Mi + * Email: michael.mi@sun.com + ******************************************************************************/ +{ + if (pNode != NULL && pNode->type == XML_ELEMENT_NODE) + { + buildIDAttr( pNode ); + + xmlNodePtr child = pNode->children; + while (child != NULL) + { + rebuildIDLink(child); + child = child->next; + } + } +} + +/* XXMLDocumentWrapper */ +cssu::Reference< cssxw::XXMLElementWrapper > SAL_CALL XMLDocumentWrapper_XmlSecImpl::getCurrentElement( ) + throw (cssu::RuntimeException) +{ + XMLElementWrapper_XmlSecImpl* pElement = new XMLElementWrapper_XmlSecImpl(m_pCurrentElement); + return (cssu::Reference< cssxw::XXMLElementWrapper >)pElement; +} + +void SAL_CALL XMLDocumentWrapper_XmlSecImpl::setCurrentElement( const cssu::Reference< cssxw::XXMLElementWrapper >& element ) + throw (cssu::RuntimeException) +{ + m_pCurrentElement = checkElement( element ); + saxHelper.setCurrentNode( m_pCurrentElement ); +} + +void SAL_CALL XMLDocumentWrapper_XmlSecImpl::removeCurrentElement( ) + throw (cssu::RuntimeException) +{ + OSL_ASSERT( m_pCurrentElement != NULL ); + + xmlNodePtr pOldCurrentElement = m_pCurrentElement; + + /* + * pop the top node in the parser context's + * nodeTab stack, then the parent of that node will + * automatically become the new stack top, and + * the current node as well. + */ + saxHelper.endElement( + rtl::OUString( + RTL_UTF8_USTRINGPARAM ( + (sal_Char*)(pOldCurrentElement->name) + ))); + m_pCurrentElement = saxHelper.getCurrentNode(); + + /* + * remove the node + */ + removeNode(pOldCurrentElement); +} + +sal_Bool SAL_CALL XMLDocumentWrapper_XmlSecImpl::isCurrent( const cssu::Reference< cssxw::XXMLElementWrapper >& node ) + throw (cssu::RuntimeException) +{ + xmlNodePtr pNode = checkElement(node); + return (pNode == m_pCurrentElement); +} + +sal_Bool SAL_CALL XMLDocumentWrapper_XmlSecImpl::isCurrentElementEmpty( ) + throw (cssu::RuntimeException) +{ + sal_Bool rc = sal_False; + + if (m_pCurrentElement->children == NULL) + { + rc = sal_True; + } + + return rc; +} + +rtl::OUString SAL_CALL XMLDocumentWrapper_XmlSecImpl::getNodeName( const cssu::Reference< cssxw::XXMLElementWrapper >& node ) + throw (cssu::RuntimeException) +{ + xmlNodePtr pNode = checkElement(node); + return rtl::OUString(RTL_UTF8_USTRINGPARAM ( (sal_Char*)pNode->name )); +} + +void SAL_CALL XMLDocumentWrapper_XmlSecImpl::clearUselessData( + const cssu::Reference< cssxw::XXMLElementWrapper >& node, + const cssu::Sequence< cssu::Reference< cssxw::XXMLElementWrapper > >& reservedDescendants, + const cssu::Reference< cssxw::XXMLElementWrapper >& stopAtNode ) + throw (cssu::RuntimeException) +{ + xmlNodePtr pTargetNode = checkElement(node); + + m_pStopAtNode = checkElement(stopAtNode); + m_aReservedNodes = reservedDescendants; + m_nReservedNodeIndex = 0; + + getNextReservedNode(); + + recursiveDelete(pTargetNode); +} + +void SAL_CALL XMLDocumentWrapper_XmlSecImpl::collapse( const cssu::Reference< cssxw::XXMLElementWrapper >& node ) + throw (cssu::RuntimeException) +{ + xmlNodePtr pTargetNode = checkElement(node); + xmlNodePtr pParent; + + while (pTargetNode != NULL) + { + if (pTargetNode->children != NULL || pTargetNode == m_pCurrentElement) + { + break; + } + + pParent = pTargetNode->parent; + removeNode(pTargetNode); + pTargetNode = pParent; + } +} + +void SAL_CALL XMLDocumentWrapper_XmlSecImpl::getTree( const cssu::Reference< cssxs::XDocumentHandler >& handler ) + throw (cssxs::SAXException, cssu::RuntimeException) +{ + if (m_pRootElement != NULL) + { + xmlNodePtr pTempCurrentElement = m_pCurrentElement; + sal_Int32 nTempCurrentPosition = m_nCurrentPosition; + + m_pCurrentElement = m_pRootElement; + + m_nCurrentPosition = NODEPOSITION_STARTELEMENT; + cssu::Reference< cssxs::XDocumentHandler > xHandler = handler; + + while(true) + { + switch (m_nCurrentPosition) + { + case NODEPOSITION_STARTELEMENT: + sendStartElement(NULL, xHandler, m_pCurrentElement); + break; + case NODEPOSITION_ENDELEMENT: + sendEndElement(NULL, xHandler, m_pCurrentElement); + break; + case NODEPOSITION_NORMAL: + sendNode(NULL, xHandler, m_pCurrentElement); + break; + } + + if ( (m_pCurrentElement == m_pRootElement) && (m_nCurrentPosition == NODEPOSITION_ENDELEMENT )) + { + break; + } + + getNextSAXEvent(); + } + + m_pCurrentElement = pTempCurrentElement; + m_nCurrentPosition = nTempCurrentPosition; + } +} + +void SAL_CALL XMLDocumentWrapper_XmlSecImpl::generateSAXEvents( + const cssu::Reference< cssxs::XDocumentHandler >& handler, + const cssu::Reference< cssxs::XDocumentHandler >& xEventKeeperHandler, + const cssu::Reference< cssxw::XXMLElementWrapper >& startNode, + const cssu::Reference< cssxw::XXMLElementWrapper >& endNode ) + throw (cssxs::SAXException, cssu::RuntimeException) +{ + /* + * The first SAX event is the startElement of the startNode + * element. + */ + bool bHasCurrentElementChild = (m_pCurrentElement->children != NULL); + + xmlNodePtr pTempCurrentElement = m_pCurrentElement; + + m_pCurrentElement = checkElement(startNode); + + if (m_pCurrentElement->type == XML_ELEMENT_NODE) + { + m_nCurrentPosition = NODEPOSITION_STARTELEMENT; + } + else + { + m_nCurrentPosition = NODEPOSITION_NORMAL; + } + + xmlNodePtr pEndNode = checkElement(endNode); + + cssu::Reference < cssxc::sax::XSAXEventKeeper > xSAXEventKeeper( xEventKeeperHandler, cssu::UNO_QUERY ); + + cssu::Reference< cssxs::XDocumentHandler > xHandler = handler; + + while(true) + { + switch (m_nCurrentPosition) + { + case NODEPOSITION_STARTELEMENT: + sendStartElement(xHandler, xEventKeeperHandler, m_pCurrentElement); + break; + case NODEPOSITION_ENDELEMENT: + sendEndElement(xHandler, xEventKeeperHandler, m_pCurrentElement); + break; + case NODEPOSITION_NORMAL: + sendNode(xHandler, xEventKeeperHandler, m_pCurrentElement); + break; + default: + throw cssu::RuntimeException(); + } + + if (xSAXEventKeeper->isBlocking()) + { + xHandler = NULL; + } + + if (pEndNode == NULL && + ((bHasCurrentElementChild && m_pCurrentElement == xmlGetLastChild(pTempCurrentElement) && m_nCurrentPosition != NODEPOSITION_STARTELEMENT) || + (!bHasCurrentElementChild && m_pCurrentElement == pTempCurrentElement && m_nCurrentPosition == NODEPOSITION_STARTELEMENT))) + { + break; + } + + getNextSAXEvent(); + + /* + * If there is an end point specified, then check whether + * the current node equals to the end point. If so, stop + * generating. + */ + if (pEndNode != NULL && m_pCurrentElement == pEndNode) + { + break; + } + } + + m_pCurrentElement = pTempCurrentElement; +} + +void SAL_CALL XMLDocumentWrapper_XmlSecImpl::rebuildIDLink( + const com::sun::star::uno::Reference< com::sun::star::xml::wrapper::XXMLElementWrapper >& node ) + throw (com::sun::star::uno::RuntimeException) +{ + xmlNodePtr pNode = checkElement( node ); + rebuildIDLink(pNode); +} + + +/* cssxs::XDocumentHandler */ +void SAL_CALL XMLDocumentWrapper_XmlSecImpl::startDocument( ) + throw (cssxs::SAXException, cssu::RuntimeException) +{ +} + +void SAL_CALL XMLDocumentWrapper_XmlSecImpl::endDocument( ) + throw (cssxs::SAXException, cssu::RuntimeException) +{ +} + +void SAL_CALL XMLDocumentWrapper_XmlSecImpl::startElement( const rtl::OUString& aName, const cssu::Reference< cssxs::XAttributeList >& xAttribs ) + throw (cssxs::SAXException, cssu::RuntimeException) +{ + sal_Int32 nLength = xAttribs->getLength(); + cssu::Sequence< cssxcsax::XMLAttribute > aAttributes (nLength); + + for (int i = 0; i < nLength; ++i) + { + aAttributes[i].sName = xAttribs->getNameByIndex((short)i); + aAttributes[i].sValue =xAttribs->getValueByIndex((short)i); + } + + _startElement(aName, aAttributes); +} + +void SAL_CALL XMLDocumentWrapper_XmlSecImpl::endElement( const rtl::OUString& aName ) + throw (cssxs::SAXException, cssu::RuntimeException) +{ + saxHelper.endElement(aName); + m_pCurrentElement = saxHelper.getCurrentNode(); +} + +void SAL_CALL XMLDocumentWrapper_XmlSecImpl::characters( const rtl::OUString& aChars ) + throw (cssxs::SAXException, cssu::RuntimeException) +{ + saxHelper.characters(aChars); +} + +void SAL_CALL XMLDocumentWrapper_XmlSecImpl::ignorableWhitespace( const rtl::OUString& aWhitespaces ) + throw (cssxs::SAXException, cssu::RuntimeException) +{ + saxHelper.ignorableWhitespace(aWhitespaces); +} + +void SAL_CALL XMLDocumentWrapper_XmlSecImpl::processingInstruction( const rtl::OUString& aTarget, const rtl::OUString& aData ) + throw (cssxs::SAXException, cssu::RuntimeException) +{ + saxHelper.processingInstruction(aTarget, aData); +} + +void SAL_CALL XMLDocumentWrapper_XmlSecImpl::setDocumentLocator( const cssu::Reference< cssxs::XLocator >& xLocator ) + throw (cssxs::SAXException, cssu::RuntimeException) +{ + saxHelper.setDocumentLocator(xLocator); +} + +/* XCompressedDocumentHandler */ +void SAL_CALL XMLDocumentWrapper_XmlSecImpl::_startDocument( ) + throw (cssxs::SAXException, cssu::RuntimeException) +{ +} + +void SAL_CALL XMLDocumentWrapper_XmlSecImpl::_endDocument( ) + throw (cssxs::SAXException, cssu::RuntimeException) +{ +} + +void SAL_CALL XMLDocumentWrapper_XmlSecImpl::_startElement( const rtl::OUString& aName, const cssu::Sequence< cssxcsax::XMLAttribute >& aAttributes ) + throw (cssxs::SAXException, cssu::RuntimeException) +{ + saxHelper.startElement(aName, aAttributes); + m_pCurrentElement = saxHelper.getCurrentNode(); + + buildIDAttr( m_pCurrentElement ); +} + +void SAL_CALL XMLDocumentWrapper_XmlSecImpl::_endElement( const rtl::OUString& aName ) + throw (cssxs::SAXException, cssu::RuntimeException) +{ + endElement( aName ); +} + +void SAL_CALL XMLDocumentWrapper_XmlSecImpl::_characters( const rtl::OUString& aChars ) + throw (cssxs::SAXException, cssu::RuntimeException) +{ + characters( aChars ); +} + +void SAL_CALL XMLDocumentWrapper_XmlSecImpl::_ignorableWhitespace( const rtl::OUString& aWhitespaces ) + throw (cssxs::SAXException, cssu::RuntimeException) +{ + ignorableWhitespace( aWhitespaces ); +} + +void SAL_CALL XMLDocumentWrapper_XmlSecImpl::_processingInstruction( const rtl::OUString& aTarget, const rtl::OUString& aData ) + throw (cssxs::SAXException, cssu::RuntimeException) +{ + processingInstruction( aTarget, aData ); +} + +void SAL_CALL XMLDocumentWrapper_XmlSecImpl::_setDocumentLocator( sal_Int32 /*columnNumber*/, sal_Int32 /*lineNumber*/, const rtl::OUString& /*publicId*/, const rtl::OUString& /*systemId*/ ) + throw (cssxs::SAXException, cssu::RuntimeException) +{ +} + +rtl::OUString XMLDocumentWrapper_XmlSecImpl_getImplementationName () + throw (cssu::RuntimeException) +{ + return rtl::OUString ( RTL_ASCII_USTRINGPARAM ( IMPLEMENTATION_NAME ) ); +} + +sal_Bool SAL_CALL XMLDocumentWrapper_XmlSecImpl_supportsService( const rtl::OUString& ServiceName ) + throw (cssu::RuntimeException) +{ + return ServiceName.equalsAsciiL( RTL_CONSTASCII_STRINGPARAM ( SERVICE_NAME )); +} + +cssu::Sequence< rtl::OUString > SAL_CALL XMLDocumentWrapper_XmlSecImpl_getSupportedServiceNames( ) + throw (cssu::RuntimeException) +{ + cssu::Sequence < rtl::OUString > aRet(1); + rtl::OUString* pArray = aRet.getArray(); + pArray[0] = rtl::OUString ( RTL_ASCII_USTRINGPARAM ( SERVICE_NAME ) ); + return aRet; +} +#undef SERVICE_NAME + +cssu::Reference< cssu::XInterface > SAL_CALL XMLDocumentWrapper_XmlSecImpl_createInstance( + const cssu::Reference< cssl::XMultiServiceFactory > &) + throw( cssu::Exception ) +{ + return (cppu::OWeakObject*) new XMLDocumentWrapper_XmlSecImpl( ); +} + +/* XServiceInfo */ +rtl::OUString SAL_CALL XMLDocumentWrapper_XmlSecImpl::getImplementationName( ) + throw (cssu::RuntimeException) +{ + return XMLDocumentWrapper_XmlSecImpl_getImplementationName(); +} +sal_Bool SAL_CALL XMLDocumentWrapper_XmlSecImpl::supportsService( const rtl::OUString& rServiceName ) + throw (cssu::RuntimeException) +{ + return XMLDocumentWrapper_XmlSecImpl_supportsService( rServiceName ); +} +cssu::Sequence< rtl::OUString > SAL_CALL XMLDocumentWrapper_XmlSecImpl::getSupportedServiceNames( ) + throw (cssu::RuntimeException) +{ + return XMLDocumentWrapper_XmlSecImpl_getSupportedServiceNames(); +} + diff --git a/xmlsecurity/source/xmlsec/xmldocumentwrapper_xmlsecimpl.hxx b/xmlsecurity/source/xmlsec/xmldocumentwrapper_xmlsecimpl.hxx new file mode 100644 index 000000000000..4f6dbe3a53e6 --- /dev/null +++ b/xmlsecurity/source/xmlsec/xmldocumentwrapper_xmlsecimpl.hxx @@ -0,0 +1,287 @@ +/************************************************************************* + * + * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. + * + * Copyright 2008 by Sun Microsystems, Inc. + * + * OpenOffice.org - a multi-platform office productivity suite + * + * $RCSfile: xmldocumentwrapper_xmlsecimpl.hxx,v $ + * $Revision: 1.3 $ + * + * This file is part of OpenOffice.org. + * + * OpenOffice.org is free software: you can redistribute it and/or modify + * it under the terms of the GNU Lesser General Public License version 3 + * only, as published by the Free Software Foundation. + * + * OpenOffice.org is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU Lesser General Public License version 3 for more details + * (a copy is included in the LICENSE file that accompanied this code). + * + * You should have received a copy of the GNU Lesser General Public License + * version 3 along with OpenOffice.org. If not, see + * <http://www.openoffice.org/license.html> + * for a copy of the LGPLv3 License. + * + ************************************************************************/ + +#ifndef _XMLDOCUMENTWRAPPER_XMLSECIMPL_HXX +#define _XMLDOCUMENTWRAPPER_XMLSECIMPL_HXX + +#include <com/sun/star/xml/wrapper/XXMLDocumentWrapper.hpp> +#include <com/sun/star/xml/csax/XCompressedDocumentHandler.hpp> +#include <com/sun/star/xml/crypto/sax/XSAXEventKeeper.hpp> +#include <com/sun/star/lang/XServiceInfo.hpp> +#include <cppuhelper/implbase4.hxx> + +#include "saxhelper.hxx" +//#include "libxml/parserInternals.h" +//#include "libxslt/xslt.h" + +#define NODEPOSITION_NORMAL 1 +#define NODEPOSITION_STARTELEMENT 2 +#define NODEPOSITION_ENDELEMENT 3 + +#include <libxml/tree.h> + +class XMLDocumentWrapper_XmlSecImpl : public cppu::WeakImplHelper4 +< + com::sun::star::xml::wrapper::XXMLDocumentWrapper, + com::sun::star::xml::sax::XDocumentHandler, + com::sun::star::xml::csax::XCompressedDocumentHandler, + com::sun::star::lang::XServiceInfo +> +/****** XMLDocumentWrapper_XmlSecImpl.hxx/CLASS XMLDocumentWrapper_XmlSecImpl * + * + * NAME + * XMLDocumentWrapper_XmlSecImpl -- Class to manipulate a libxml2 + * document + * + * FUNCTION + * Converts SAX events into a libxml2 document, converts the document back + * into SAX event stream, and manipulate nodes in the document. + * + * HISTORY + * 05.01.2004 - Interface supported: XXMLDocumentWrapper, + * XDocumentHandler, XCompressedDocumentHandler, + * XServiceInfo + * + * AUTHOR + * Michael Mi + * Email: michael.mi@sun.com + ******************************************************************************/ +{ +private: + /* the sax helper */ + SAXHelper saxHelper; + + /* the document used to convert SAX events to */ + xmlDocPtr m_pDocument; + + /* the root element */ + xmlNodePtr m_pRootElement; + + /* + * the current active element. The next incoming SAX event will be + * appended to this element + */ + xmlNodePtr m_pCurrentElement; + + /* + * This variable is used when converting the document or part of it into + * SAX events. See getNextSAXEvent method. + */ + sal_Int32 m_nCurrentPosition; + + /* + * used for recursive deletion. See recursiveDelete method + */ + xmlNodePtr m_pStopAtNode; + xmlNodePtr m_pCurrentReservedNode; + com::sun::star::uno::Sequence< com::sun::star::uno::Reference< + com::sun::star::xml::wrapper::XXMLElementWrapper > > m_aReservedNodes; + sal_Int32 m_nReservedNodeIndex; + +private: + void getNextSAXEvent(); + + void sendStartElement( + const com::sun::star::uno::Reference< com::sun::star::xml::sax::XDocumentHandler >& xHandler, + const com::sun::star::uno::Reference< com::sun::star::xml::sax::XDocumentHandler >& xHandler2, + const xmlNodePtr pNode) const + throw (com::sun::star::xml::sax::SAXException); + + void sendEndElement( + const com::sun::star::uno::Reference< com::sun::star::xml::sax::XDocumentHandler >& xHandler, + const com::sun::star::uno::Reference< com::sun::star::xml::sax::XDocumentHandler >& xHandler2, + const xmlNodePtr pNode) const + throw (com::sun::star::xml::sax::SAXException); + + void sendNode( + const com::sun::star::uno::Reference< com::sun::star::xml::sax::XDocumentHandler >& xHandler, + const com::sun::star::uno::Reference< com::sun::star::xml::sax::XDocumentHandler >& xHandler2, + const xmlNodePtr pNode) const + throw (com::sun::star::xml::sax::SAXException); + + rtl::OString getNodeQName(const xmlNodePtr pNode) const; + + sal_Int32 recursiveDelete( const xmlNodePtr pNode); + + void getNextReservedNode(); + + void removeNode( const xmlNodePtr pNode) const; + + xmlNodePtr checkElement( + const com::sun::star::uno::Reference< + com::sun::star::xml::wrapper::XXMLElementWrapper >& xXMLElement) const; + + void buildIDAttr( xmlNodePtr pNode ) const; + void rebuildIDLink( xmlNodePtr pNode ) const; + +public: + XMLDocumentWrapper_XmlSecImpl(); + virtual ~XMLDocumentWrapper_XmlSecImpl(); + + /* com::sun::star::xml::wrapper::XXMLDocumentWrapper */ + virtual com::sun::star::uno::Reference< + com::sun::star::xml::wrapper::XXMLElementWrapper > SAL_CALL getCurrentElement( ) + throw (com::sun::star::uno::RuntimeException); + + virtual void SAL_CALL setCurrentElement( const com::sun::star::uno::Reference< + com::sun::star::xml::wrapper::XXMLElementWrapper >& element ) + throw (com::sun::star::uno::RuntimeException); + + virtual void SAL_CALL removeCurrentElement( ) + throw (com::sun::star::uno::RuntimeException); + + virtual sal_Bool SAL_CALL isCurrent( const com::sun::star::uno::Reference< + com::sun::star::xml::wrapper::XXMLElementWrapper >& node ) + throw (com::sun::star::uno::RuntimeException); + + virtual sal_Bool SAL_CALL isCurrentElementEmpty( ) + throw (com::sun::star::uno::RuntimeException); + + virtual rtl::OUString SAL_CALL getNodeName( const com::sun::star::uno::Reference< + com::sun::star::xml::wrapper::XXMLElementWrapper >& node ) + throw (com::sun::star::uno::RuntimeException); + + virtual void SAL_CALL clearUselessData( + const com::sun::star::uno::Reference< + com::sun::star::xml::wrapper::XXMLElementWrapper >& node, + const com::sun::star::uno::Sequence< com::sun::star::uno::Reference< + com::sun::star::xml::wrapper::XXMLElementWrapper > >& reservedDescendants, + const com::sun::star::uno::Reference< + com::sun::star::xml::wrapper::XXMLElementWrapper >& stopAtNode ) + throw (com::sun::star::uno::RuntimeException); + + virtual void SAL_CALL collapse( const com::sun::star::uno::Reference< + com::sun::star::xml::wrapper::XXMLElementWrapper >& node ) + throw (com::sun::star::uno::RuntimeException); + + virtual void SAL_CALL generateSAXEvents( + const com::sun::star::uno::Reference< com::sun::star::xml::sax::XDocumentHandler >& handler, + const com::sun::star::uno::Reference< com::sun::star::xml::sax::XDocumentHandler >& xEventKeeperHandler, + const com::sun::star::uno::Reference< + com::sun::star::xml::wrapper::XXMLElementWrapper >& startNode, + const com::sun::star::uno::Reference< + com::sun::star::xml::wrapper::XXMLElementWrapper >& endNode ) + throw (com::sun::star::xml::sax::SAXException, com::sun::star::uno::RuntimeException); + + virtual void SAL_CALL getTree( + const com::sun::star::uno::Reference< com::sun::star::xml::sax::XDocumentHandler >& handler ) + throw (com::sun::star::xml::sax::SAXException, com::sun::star::uno::RuntimeException); + + virtual void SAL_CALL rebuildIDLink( + const com::sun::star::uno::Reference< com::sun::star::xml::wrapper::XXMLElementWrapper >& node ) + throw (com::sun::star::uno::RuntimeException); + + /* com::sun::star::xml::sax::XDocumentHandler */ + virtual void SAL_CALL startDocument( ) + throw (com::sun::star::xml::sax::SAXException, com::sun::star::uno::RuntimeException); + + virtual void SAL_CALL endDocument( ) + throw (com::sun::star::xml::sax::SAXException, com::sun::star::uno::RuntimeException); + + virtual void SAL_CALL startElement( + const rtl::OUString& aName, + const com::sun::star::uno::Reference< com::sun::star::xml::sax::XAttributeList >& xAttribs ) + throw (com::sun::star::xml::sax::SAXException, com::sun::star::uno::RuntimeException); + + virtual void SAL_CALL endElement( const rtl::OUString& aName ) + throw (com::sun::star::xml::sax::SAXException, com::sun::star::uno::RuntimeException); + + virtual void SAL_CALL characters( const rtl::OUString& aChars ) + throw (com::sun::star::xml::sax::SAXException, com::sun::star::uno::RuntimeException); + + virtual void SAL_CALL ignorableWhitespace( const rtl::OUString& aWhitespaces ) + throw (com::sun::star::xml::sax::SAXException, com::sun::star::uno::RuntimeException); + + virtual void SAL_CALL processingInstruction( const rtl::OUString& aTarget, const rtl::OUString& aData ) + throw (com::sun::star::xml::sax::SAXException, com::sun::star::uno::RuntimeException); + + virtual void SAL_CALL setDocumentLocator( const com::sun::star::uno::Reference< com::sun::star::xml::sax::XLocator >& xLocator ) + throw (com::sun::star::xml::sax::SAXException, com::sun::star::uno::RuntimeException); + + /* com::sun::star::xml::csax::XCompressedDocumentHandler */ + virtual void SAL_CALL _startDocument( ) + throw (com::sun::star::xml::sax::SAXException, com::sun::star::uno::RuntimeException); + + virtual void SAL_CALL _endDocument( ) + throw (com::sun::star::xml::sax::SAXException, com::sun::star::uno::RuntimeException); + + virtual void SAL_CALL _startElement( + const rtl::OUString& aName, + const com::sun::star::uno::Sequence< + com::sun::star::xml::csax::XMLAttribute >& aAttributes ) + throw (com::sun::star::xml::sax::SAXException, com::sun::star::uno::RuntimeException); + + virtual void SAL_CALL _endElement( const rtl::OUString& aName ) + throw (com::sun::star::xml::sax::SAXException, com::sun::star::uno::RuntimeException); + + virtual void SAL_CALL _characters( const rtl::OUString& aChars ) + throw (com::sun::star::xml::sax::SAXException, com::sun::star::uno::RuntimeException); + + virtual void SAL_CALL _ignorableWhitespace( const rtl::OUString& aWhitespaces ) + throw (com::sun::star::xml::sax::SAXException, com::sun::star::uno::RuntimeException); + + virtual void SAL_CALL _processingInstruction( const rtl::OUString& aTarget, const rtl::OUString& aData ) + throw (com::sun::star::xml::sax::SAXException, com::sun::star::uno::RuntimeException); + + virtual void SAL_CALL _setDocumentLocator( + sal_Int32 columnNumber, + sal_Int32 lineNumber, + const rtl::OUString& publicId, + const rtl::OUString& systemId ) + throw (com::sun::star::xml::sax::SAXException, com::sun::star::uno::RuntimeException); + + /* com::sun::star::lang::XServiceInfo */ + virtual rtl::OUString SAL_CALL getImplementationName( ) + throw (com::sun::star::uno::RuntimeException); + + virtual sal_Bool SAL_CALL supportsService( const rtl::OUString& ServiceName ) + throw (com::sun::star::uno::RuntimeException); + + virtual com::sun::star::uno::Sequence< rtl::OUString > SAL_CALL getSupportedServiceNames( ) + throw (com::sun::star::uno::RuntimeException); +}; + +rtl::OUString XMLDocumentWrapper_XmlSecImpl_getImplementationName() + throw ( com::sun::star::uno::RuntimeException ); + +sal_Bool SAL_CALL XMLDocumentWrapper_XmlSecImpl_supportsService( const rtl::OUString& ServiceName ) + throw ( com::sun::star::uno::RuntimeException ); + +com::sun::star::uno::Sequence< rtl::OUString > SAL_CALL + XMLDocumentWrapper_XmlSecImpl_getSupportedServiceNames( ) + throw ( com::sun::star::uno::RuntimeException ); + +com::sun::star::uno::Reference< com::sun::star::uno::XInterface > +SAL_CALL XMLDocumentWrapper_XmlSecImpl_createInstance( + const com::sun::star::uno::Reference< com::sun::star::lang::XMultiServiceFactory > & rSMgr) + throw ( com::sun::star::uno::Exception ); + +#endif + diff --git a/xmlsecurity/source/xmlsec/xmlelementwrapper_xmlsecimpl.cxx b/xmlsecurity/source/xmlsec/xmlelementwrapper_xmlsecimpl.cxx new file mode 100644 index 000000000000..1158aa359661 --- /dev/null +++ b/xmlsecurity/source/xmlsec/xmlelementwrapper_xmlsecimpl.cxx @@ -0,0 +1,190 @@ +/************************************************************************* + * + * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. + * + * Copyright 2008 by Sun Microsystems, Inc. + * + * OpenOffice.org - a multi-platform office productivity suite + * + * $RCSfile: xmlelementwrapper_xmlsecimpl.cxx,v $ + * $Revision: 1.5 $ + * + * This file is part of OpenOffice.org. + * + * OpenOffice.org is free software: you can redistribute it and/or modify + * it under the terms of the GNU Lesser General Public License version 3 + * only, as published by the Free Software Foundation. + * + * OpenOffice.org is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU Lesser General Public License version 3 for more details + * (a copy is included in the LICENSE file that accompanied this code). + * + * You should have received a copy of the GNU Lesser General Public License + * version 3 along with OpenOffice.org. If not, see + * <http://www.openoffice.org/license.html> + * for a copy of the LGPLv3 License. + * + ************************************************************************/ + +// MARKER(update_precomp.py): autogen include statement, do not remove +#include "precompiled_xmlsecurity.hxx" + +#include "xmlelementwrapper_xmlsecimpl.hxx" +#include <cppuhelper/typeprovider.hxx> + +namespace cssu = com::sun::star::uno; +namespace cssl = com::sun::star::lang; + +#define SERVICE_NAME "com.sun.star.xml.wrapper.XMLElementWrapper" +#define IMPLEMENTATION_NAME "com.sun.star.xml.security.bridge.xmlsec.XMLElementWrapper_XmlSecImpl" + +XMLElementWrapper_XmlSecImpl::XMLElementWrapper_XmlSecImpl(const xmlNodePtr pNode) + : m_pElement( pNode ) +{ +} + +/* XXMLElementWrapper */ + + +/* XUnoTunnel */ +cssu::Sequence< sal_Int8 > XMLElementWrapper_XmlSecImpl::getUnoTunnelImplementationId( void ) + throw (cssu::RuntimeException) +{ + static ::cppu::OImplementationId* pId = 0; + if (! pId) + { + ::osl::MutexGuard aGuard( ::osl::Mutex::getGlobalMutex() ); + if (! pId) + { + static ::cppu::OImplementationId aId; + pId = &aId; + } + } + return pId->getImplementationId(); +} + +sal_Int64 SAL_CALL XMLElementWrapper_XmlSecImpl::getSomething( const cssu::Sequence< sal_Int8 >& aIdentifier ) + throw (cssu::RuntimeException) +{ + if (aIdentifier.getLength() == 16 && + 0 == rtl_compareMemory( + getUnoTunnelImplementationId().getConstArray(), + aIdentifier.getConstArray(), + 16 )) + { + return reinterpret_cast < sal_Int64 > ( this ); + } + else + { + return 0; + } +} + + +rtl::OUString XMLElementWrapper_XmlSecImpl_getImplementationName () + throw (cssu::RuntimeException) +{ + return rtl::OUString ( RTL_CONSTASCII_USTRINGPARAM ( IMPLEMENTATION_NAME ) ); +} + +sal_Bool SAL_CALL XMLElementWrapper_XmlSecImpl_supportsService( const rtl::OUString& ServiceName ) + throw (cssu::RuntimeException) +{ + return ServiceName.equalsAsciiL( RTL_CONSTASCII_STRINGPARAM ( SERVICE_NAME )); +} + +cssu::Sequence< rtl::OUString > SAL_CALL XMLElementWrapper_XmlSecImpl_getSupportedServiceNames( ) + throw (cssu::RuntimeException) +{ + cssu::Sequence < rtl::OUString > aRet(1); + rtl::OUString* pArray = aRet.getArray(); + pArray[0] = rtl::OUString ( RTL_CONSTASCII_USTRINGPARAM ( SERVICE_NAME ) ); + return aRet; +} +#undef SERVICE_NAME + +cssu::Reference< cssu::XInterface > SAL_CALL + XMLElementWrapper_XmlSecImpl_createInstance( + const cssu::Reference< cssl::XMultiServiceFactory > &) + throw( cssu::Exception ) +{ + return (cppu::OWeakObject*) new XMLElementWrapper_XmlSecImpl(NULL); +} + +/* XServiceInfo */ +rtl::OUString SAL_CALL XMLElementWrapper_XmlSecImpl::getImplementationName( ) + throw (cssu::RuntimeException) +{ + return XMLElementWrapper_XmlSecImpl_getImplementationName(); +} +sal_Bool SAL_CALL XMLElementWrapper_XmlSecImpl::supportsService( const rtl::OUString& rServiceName ) + throw (cssu::RuntimeException) +{ + return XMLElementWrapper_XmlSecImpl_supportsService( rServiceName ); +} +cssu::Sequence< rtl::OUString > SAL_CALL XMLElementWrapper_XmlSecImpl::getSupportedServiceNames( ) + throw (cssu::RuntimeException) +{ + return XMLElementWrapper_XmlSecImpl_getSupportedServiceNames(); +} + +xmlNodePtr XMLElementWrapper_XmlSecImpl::getNativeElement( ) const +/****** XMLElementWrapper_XmlSecImpl/getNativeElement ************************* + * + * NAME + * getNativeElement -- Retrieves the libxml2 node wrapped by this object + * + * SYNOPSIS + * pNode = getNativeElement(); + * + * FUNCTION + * see NAME + * + * INPUTS + * empty + * + * RESULT + * pNode - the libxml2 node wrapped by this object + * + * HISTORY + * 05.01.2004 - implemented + * + * AUTHOR + * Michael Mi + * Email: michael.mi@sun.com + ******************************************************************************/ +{ + return m_pElement; +} + +void XMLElementWrapper_XmlSecImpl::setNativeElement(const xmlNodePtr pNode) +/****** XMLElementWrapper_XmlSecImpl/setNativeElement ************************* + * + * NAME + * setNativeElement -- Configures the libxml2 node wrapped by this object + * + * SYNOPSIS + * setNativeElement( pNode ); + * + * FUNCTION + * see NAME + * + * INPUTS + * pNode - the new libxml2 node to be wrapped by this object + * + * RESULT + * empty + * + * HISTORY + * 05.01.2004 - implemented + * + * AUTHOR + * Michael Mi + * Email: michael.mi@sun.com + ******************************************************************************/ +{ + m_pElement = pNode; +} + diff --git a/xmlsecurity/source/xmlsec/xmlelementwrapper_xmlsecimpl.hxx b/xmlsecurity/source/xmlsec/xmlelementwrapper_xmlsecimpl.hxx new file mode 100644 index 000000000000..7ffac25bf16f --- /dev/null +++ b/xmlsecurity/source/xmlsec/xmlelementwrapper_xmlsecimpl.hxx @@ -0,0 +1,111 @@ +/************************************************************************* + * + * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. + * + * Copyright 2008 by Sun Microsystems, Inc. + * + * OpenOffice.org - a multi-platform office productivity suite + * + * $RCSfile: xmlelementwrapper_xmlsecimpl.hxx,v $ + * $Revision: 1.3 $ + * + * This file is part of OpenOffice.org. + * + * OpenOffice.org is free software: you can redistribute it and/or modify + * it under the terms of the GNU Lesser General Public License version 3 + * only, as published by the Free Software Foundation. + * + * OpenOffice.org is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU Lesser General Public License version 3 for more details + * (a copy is included in the LICENSE file that accompanied this code). + * + * You should have received a copy of the GNU Lesser General Public License + * version 3 along with OpenOffice.org. If not, see + * <http://www.openoffice.org/license.html> + * for a copy of the LGPLv3 License. + * + ************************************************************************/ + +#ifndef _XMLELEMENTWRAPPER_XMLSECIMPL_HXX +#define _XMLELEMENTWRAPPER_XMLSECIMPL_HXX + +#include <com/sun/star/xml/wrapper/XXMLElementWrapper.hpp> +#include <com/sun/star/lang/XUnoTunnel.hpp> +#include <com/sun/star/lang/XInitialization.hpp> +#include <com/sun/star/lang/XServiceInfo.hpp> +#include <cppuhelper/implbase3.hxx> + +#include <libxml/tree.h> + +class XMLElementWrapper_XmlSecImpl : public cppu::WeakImplHelper3 +< + com::sun::star::xml::wrapper::XXMLElementWrapper, + com::sun::star::lang::XUnoTunnel, + com::sun::star::lang::XServiceInfo +> +/****** XMLElementWrapper_XmlSecImpl.hxx/CLASS XMLElementWrapper_XmlSecImpl *** + * + * NAME + * XMLElementWrapper_XmlSecImpl -- Class to wrap a libxml2 node + * + * FUNCTION + * Used as a wrapper class to transfer a libxml2 node structure + * between different UNO components. + * + * HISTORY + * 05.01.2004 - Interface supported: XXMLElementWrapper, XUnoTunnel + * XServiceInfo + * + * AUTHOR + * Michael Mi + * Email: michael.mi@sun.com + ******************************************************************************/ +{ +private: + /* the libxml2 node wrapped by this object */ + xmlNodePtr m_pElement; + +public: + explicit XMLElementWrapper_XmlSecImpl(const xmlNodePtr pNode); + virtual ~XMLElementWrapper_XmlSecImpl() {}; + + /* XXMLElementWrapper */ + + /* com::sun::star::lang::XUnoTunnel */ + virtual sal_Int64 SAL_CALL getSomething( const com::sun::star::uno::Sequence< sal_Int8 >& aIdentifier ) + throw (com::sun::star::uno::RuntimeException); + static com::sun::star::uno::Sequence < sal_Int8 > getUnoTunnelImplementationId( void ) + throw(com::sun::star::uno::RuntimeException); + + /* com::sun::star::lang::XServiceInfo */ + virtual rtl::OUString SAL_CALL getImplementationName( ) + throw (com::sun::star::uno::RuntimeException); + virtual sal_Bool SAL_CALL supportsService( const rtl::OUString& ServiceName ) + throw (com::sun::star::uno::RuntimeException); + virtual com::sun::star::uno::Sequence< rtl::OUString > SAL_CALL getSupportedServiceNames( ) + throw (com::sun::star::uno::RuntimeException); + +public: + xmlNodePtr getNativeElement( ) const; + void setNativeElement(const xmlNodePtr pNode); +}; + +rtl::OUString XMLElementWrapper_XmlSecImpl_getImplementationName() + throw ( com::sun::star::uno::RuntimeException ); + +sal_Bool SAL_CALL XMLElementWrapper_XmlSecImpl_supportsService( const rtl::OUString& ServiceName ) + throw ( com::sun::star::uno::RuntimeException ); + +com::sun::star::uno::Sequence< rtl::OUString > SAL_CALL XMLElementWrapper_XmlSecImpl_getSupportedServiceNames( ) + throw ( com::sun::star::uno::RuntimeException ); + +com::sun::star::uno::Reference< com::sun::star::uno::XInterface > +SAL_CALL XMLElementWrapper_XmlSecImpl_createInstance( + const com::sun::star::uno::Reference< + com::sun::star::lang::XMultiServiceFactory > & rSMgr) + throw ( com::sun::star::uno::Exception ); + +#endif + diff --git a/xmlsecurity/source/xmlsec/xmlstreamio.cxx b/xmlsecurity/source/xmlsec/xmlstreamio.cxx new file mode 100644 index 000000000000..05c5159c335b --- /dev/null +++ b/xmlsecurity/source/xmlsec/xmlstreamio.cxx @@ -0,0 +1,247 @@ +/************************************************************************* + * + * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. + * + * Copyright 2008 by Sun Microsystems, Inc. + * + * OpenOffice.org - a multi-platform office productivity suite + * + * $RCSfile: xmlstreamio.cxx,v $ + * $Revision: 1.7 $ + * + * This file is part of OpenOffice.org. + * + * OpenOffice.org is free software: you can redistribute it and/or modify + * it under the terms of the GNU Lesser General Public License version 3 + * only, as published by the Free Software Foundation. + * + * OpenOffice.org is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU Lesser General Public License version 3 for more details + * (a copy is included in the LICENSE file that accompanied this code). + * + * You should have received a copy of the GNU Lesser General Public License + * version 3 along with OpenOffice.org. If not, see + * <http://www.openoffice.org/license.html> + * for a copy of the LGPLv3 License. + * + ************************************************************************/ + +// MARKER(update_precomp.py): autogen include statement, do not remove +#include "precompiled_xmlsecurity.hxx" + +/* + * Implementation of the I/O interfaces based on stream and URI binding + */ +#include "xmlstreamio.hxx" +#include <rtl/ustring.hxx> +#include "rtl/uri.hxx" + +#include <libxml/uri.h> +#include <sal/types.h> +//For reasons that escape me, this is what xmlsec does when size_t is not 4 +#if SAL_TYPES_SIZEOFPOINTER != 4 +# define XMLSEC_NO_SIZE_T +#endif +#include <xmlsec/io.h> + +#define XMLSTREAMIO_INITIALIZED 0x01 +#define XMLSTREAMIO_REGISTERED 0x02 + +/* Global variables */ +/*- + * Enable stream I/O or not. + */ +static char enableXmlStreamIO = 0x00 ; + +::com::sun::star::uno::Reference< ::com::sun::star::xml::crypto::XUriBinding > m_xUriBinding ; + +extern "C" +int xmlStreamMatch( const char* uri ) +{ + ::com::sun::star::uno::Reference< com::sun::star::io::XInputStream > xInputStream ; + + if( ( enableXmlStreamIO & XMLSTREAMIO_INITIALIZED ) && + ( enableXmlStreamIO & XMLSTREAMIO_REGISTERED ) ) { + if( uri == NULL || !m_xUriBinding.is() ) + return 0 ; + //XMLSec first unescapes the uri and calls this function. For example, we pass the Uri + //ObjectReplacements/Object%201 then XMLSec passes ObjectReplacements/Object 1 + //first. If this failed it would try this + //again with the original escaped string. However, it does not get this far, because there + //is another callback registered by libxml which claims to be able to handle this uri. + ::rtl::OUString sUri = + ::rtl::Uri::encode( ::rtl::OUString::createFromAscii( uri ), + rtl_UriCharClassUric, rtl_UriEncodeKeepEscapes, RTL_TEXTENCODING_UTF8); + xInputStream = m_xUriBinding->getUriBinding( sUri ) ; + if (!xInputStream.is()) + { + //Try the the passed in uri directly. + //For old documents prior OOo 3.0. We did not use URIs then. + xInputStream = m_xUriBinding->getUriBinding( + ::rtl::OUString::createFromAscii(uri)); + } + } + if (xInputStream.is()) + return 1; + else + return 0 ; +} + +extern "C" +void* xmlStreamOpen( const char* uri ) +{ + ::com::sun::star::uno::Reference< com::sun::star::io::XInputStream > xInputStream ; + ::com::sun::star::io::XInputStream* pInputStream ; + + if( ( enableXmlStreamIO & XMLSTREAMIO_INITIALIZED ) && + ( enableXmlStreamIO & XMLSTREAMIO_REGISTERED ) ) { + if( uri == NULL || !m_xUriBinding.is() ) + return NULL ; + + //see xmlStreamMatch + ::rtl::OUString sUri = + ::rtl::Uri::encode( ::rtl::OUString::createFromAscii( uri ), + rtl_UriCharClassUric, rtl_UriEncodeKeepEscapes, RTL_TEXTENCODING_UTF8); + xInputStream = m_xUriBinding->getUriBinding( sUri ) ; + if (!xInputStream.is()) + { + //For old documents. + //try the the passed in uri directly. + xInputStream = m_xUriBinding->getUriBinding( + ::rtl::OUString::createFromAscii(uri)); + } + + if( xInputStream.is() ) { + pInputStream = xInputStream.get() ; + pInputStream->acquire() ; + return ( void* )pInputStream ; + } + } + + return NULL ; +} + +extern "C" +int xmlStreamRead( void* context, char* buffer, int len ) +{ + int numbers ; + ::com::sun::star::uno::Reference< com::sun::star::io::XInputStream > xInputStream ; + ::com::sun::star::uno::Sequence< sal_Int8 > outSeqs( len ) ; + + numbers = 0 ; + if( ( enableXmlStreamIO & XMLSTREAMIO_INITIALIZED ) && + ( enableXmlStreamIO & XMLSTREAMIO_REGISTERED ) ) { + if( context != NULL ) { + xInputStream = ( com::sun::star::io::XInputStream* )context ; + if( !xInputStream.is() ) + return 0 ; + + numbers = xInputStream->readBytes( outSeqs, len ) ; + const sal_Int8* readBytes = ( const sal_Int8* )outSeqs.getArray() ; + for( int i = 0 ; i < numbers ; i ++ ) + *( buffer + i ) = *( readBytes + i ) ; + } + } + + return numbers ; +} + +extern "C" +int xmlStreamClose( void * context ) +{ + ::com::sun::star::io::XInputStream* pInputStream ; + + if( ( enableXmlStreamIO & XMLSTREAMIO_INITIALIZED ) && + ( enableXmlStreamIO & XMLSTREAMIO_REGISTERED ) ) { + if( context != NULL ) { + pInputStream = ( ::com::sun::star::io::XInputStream* )context ; + pInputStream->release() ; + } + } + + return 0 ; +} + +int xmlEnableStreamInputCallbacks() +{ + int cbs = 0 ; + + if( !( enableXmlStreamIO & XMLSTREAMIO_INITIALIZED ) ) { + //Register the callbacks into libxml2 + //cbs = xmlRegisterInputCallbacks( + // xmlStreamMatch, + // xmlStreamOpen, + // xmlStreamRead, + // xmlStreamClose ) ; + //if( cbs < 0 ) { + // return -1 ; + //} + + //Register the callbacks into xmlSec + //In order to make the xmlsec io finding the callbacks firstly, + //I put the callbacks at the very begining. + + //Cleanup the older callbacks. + //Notes: all none default callbacks will lose. + xmlSecIOCleanupCallbacks() ; + + //Register my classbacks. + cbs = xmlSecIORegisterCallbacks( + xmlStreamMatch, + xmlStreamOpen, + xmlStreamRead, + xmlStreamClose ) ; + if( cbs < 0 ) { + return -1 ; + } + + //Register the default callbacks. + //Notes: the error will cause xmlsec working problems. + cbs = xmlSecIORegisterDefaultCallbacks() ; + if( cbs < 0 ) { + return -1 ; + } + + enableXmlStreamIO |= XMLSTREAMIO_INITIALIZED ; + } + + return 0 ; +} + +int xmlRegisterStreamInputCallbacks( + ::com::sun::star::uno::Reference< ::com::sun::star::xml::crypto::XUriBinding >& aUriBinding +) { + if( !( enableXmlStreamIO & XMLSTREAMIO_INITIALIZED ) ) { + if( xmlEnableStreamInputCallbacks() < 0 ) + return -1 ; + } + + if( !( enableXmlStreamIO & XMLSTREAMIO_REGISTERED ) ) { + enableXmlStreamIO |= XMLSTREAMIO_REGISTERED ; + } + + m_xUriBinding = aUriBinding ; + + return 0 ; +} + +int xmlUnregisterStreamInputCallbacks( void ) +{ + if( ( enableXmlStreamIO & XMLSTREAMIO_REGISTERED ) ) { + //Clear the uir-stream binding + m_xUriBinding.clear() ; + + //disable the registered flag + enableXmlStreamIO &= ~XMLSTREAMIO_REGISTERED ; + } + + return 0 ; +} + +void xmlDisableStreamInputCallbacks() { + xmlUnregisterStreamInputCallbacks() ; + enableXmlStreamIO &= ~XMLSTREAMIO_INITIALIZED ; +} + diff --git a/xmlsecurity/source/xmlsec/xmlstreamio.hxx b/xmlsecurity/source/xmlsec/xmlstreamio.hxx new file mode 100644 index 000000000000..52a20d83c857 --- /dev/null +++ b/xmlsecurity/source/xmlsec/xmlstreamio.hxx @@ -0,0 +1,49 @@ +/************************************************************************* + * + * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. + * + * Copyright 2008 by Sun Microsystems, Inc. + * + * OpenOffice.org - a multi-platform office productivity suite + * + * $RCSfile: xmlstreamio.hxx,v $ + * $Revision: 1.3 $ + * + * This file is part of OpenOffice.org. + * + * OpenOffice.org is free software: you can redistribute it and/or modify + * it under the terms of the GNU Lesser General Public License version 3 + * only, as published by the Free Software Foundation. + * + * OpenOffice.org is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU Lesser General Public License version 3 for more details + * (a copy is included in the LICENSE file that accompanied this code). + * + * You should have received a copy of the GNU Lesser General Public License + * version 3 along with OpenOffice.org. If not, see + * <http://www.openoffice.org/license.html> + * for a copy of the LGPLv3 License. + * + ************************************************************************/ + +#ifndef _XMLSTREAMIO_XMLSECIMPL_HXX_ +#define _XMLSTREAMIO_XMLSECIMPL_HXX_ + +#ifndef _COM_SUN_STAR_UNO_REFERENCE_HPP_ +#include <com/sun/star/uno/Reference.hxx> +#endif +#include <com/sun/star/xml/crypto/XUriBinding.hpp> + +int xmlEnableStreamInputCallbacks( void ) ; +void xmlDisableStreamInputCallbacks( void ) ; + +int xmlRegisterStreamInputCallbacks( + ::com::sun::star::uno::Reference< ::com::sun::star::xml::crypto::XUriBinding >& aUriBinding +) ; + +int xmlUnregisterStreamInputCallbacks( void ) ; + +#endif //_XMLSTREAMIO_XMLSECIMPL_HXX_ + diff --git a/xmlsecurity/source/xmlsec/xsec_xmlsec.cxx b/xmlsecurity/source/xmlsec/xsec_xmlsec.cxx new file mode 100644 index 000000000000..067c3d37ef0c --- /dev/null +++ b/xmlsecurity/source/xmlsec/xsec_xmlsec.cxx @@ -0,0 +1,234 @@ +/************************************************************************* + * + * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. + * + * Copyright 2008 by Sun Microsystems, Inc. + * + * OpenOffice.org - a multi-platform office productivity suite + * + * $RCSfile: xsec_xmlsec.cxx,v $ + * $Revision: 1.6 $ + * + * This file is part of OpenOffice.org. + * + * OpenOffice.org is free software: you can redistribute it and/or modify + * it under the terms of the GNU Lesser General Public License version 3 + * only, as published by the Free Software Foundation. + * + * OpenOffice.org is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU Lesser General Public License version 3 for more details + * (a copy is included in the LICENSE file that accompanied this code). + * + * You should have received a copy of the GNU Lesser General Public License + * version 3 along with OpenOffice.org. If not, see + * <http://www.openoffice.org/license.html> + * for a copy of the LGPLv3 License. + * + ************************************************************************/ + +// MARKER(update_precomp.py): autogen include statement, do not remove +#include "precompiled_xmlsecurity.hxx" + +#include <sal/config.h> +#include <stdio.h> + +#include <osl/mutex.hxx> +#include <osl/thread.h> +#include <cppuhelper/factory.hxx> +#include <cppuhelper/implbase1.hxx> +#include <com/sun/star/lang/XSingleServiceFactory.hpp> +#include <com/sun/star/security/XSerialNumberAdapter.hpp> + +#include "xmlelementwrapper_xmlsecimpl.hxx" +#include "xmldocumentwrapper_xmlsecimpl.hxx" +#include "xmlsecurity/biginteger.hxx" + +using namespace ::rtl; +using namespace ::cppu; +using namespace ::com::sun::star::uno; +using namespace ::com::sun::star::lang; +using namespace ::com::sun::star::registry; + +namespace +{ +class SerialNumberAdapterImpl : public WeakImplHelper1< + ::com::sun::star::security::XSerialNumberAdapter > +{ + virtual OUString SAL_CALL toString( const Sequence< sal_Int8 >& rSerialNumber ) + throw (RuntimeException) + { + return bigIntegerToNumericString(rSerialNumber); + } + virtual Sequence< sal_Int8 > SAL_CALL toSequence( const OUString& rSerialNumber ) + throw (RuntimeException) + { + return numericStringToBigInteger(rSerialNumber); + } +}; + +OUString SerialNumberAdapterImpl_getImplementationName() + throw (RuntimeException) +{ + return OUString(RTL_CONSTASCII_USTRINGPARAM( + "com.sun.star.security.SerialNumberAdapter")); +} + +Sequence< OUString > SerialNumberAdapterImpl_getSupportedServiceNames() + throw (RuntimeException) +{ + Sequence < OUString > aRet(1); + OUString* pArray = aRet.getArray(); + pArray[0] = OUString(RTL_CONSTASCII_USTRINGPARAM( + "com.sun.star.security.SerialNumberAdapter" ) ); + return aRet; +} + +Reference< XInterface > SerialNumberAdapterImpl_createInstance( + const Reference< XComponentContext > &) throw( Exception ) +{ + return Reference< XInterface >( *new SerialNumberAdapterImpl() ); +} + +} + +extern "C" +{ + +#if defined( XMLSEC_CRYPTO_NSS ) +extern sal_Bool nss_component_writeInfo( void*, void* ); +extern void* nss_component_getFactory( const sal_Char*, void*, void* ); +#endif + +#if defined( XMLSEC_CRYPTO_MSCRYPTO ) +extern sal_Bool mscrypt_component_writeInfo( void*, void* ); +extern void* mscrypt_component_getFactory( const sal_Char*, void*, void* ); +#endif + +void SAL_CALL component_getImplementationEnvironment( + const sal_Char ** ppEnvTypeName, uno_Environment **) +{ + *ppEnvTypeName = CPPU_CURRENT_LANGUAGE_BINDING_NAME; +} + + +sal_Bool SAL_CALL component_writeInfo( void* pServiceManager , void* pRegistryKey ) +{ + sal_Bool result = sal_False; + sal_Int32 i ; + OUString sKeyName ; + Reference< XRegistryKey > xNewKey ; + Sequence< OUString > seqServices ; + Reference< XRegistryKey > xKey( reinterpret_cast< XRegistryKey* >( pRegistryKey ) ) ; + + if( xKey.is() ) { + // try { + // XMLElementWrapper_XmlSecImpl + sKeyName = OUString( RTL_CONSTASCII_USTRINGPARAM( "/" ) ) ; + sKeyName += XMLElementWrapper_XmlSecImpl_getImplementationName() ; + sKeyName += OUString::createFromAscii( "/UNO/SERVICES" ) ; + + xNewKey = xKey->createKey( sKeyName ) ; + if( xNewKey.is() ) { + seqServices = XMLElementWrapper_XmlSecImpl_getSupportedServiceNames() ; + for( i = seqServices.getLength() ; i -- ; ) + xNewKey->createKey( seqServices.getConstArray()[i] ) ; + } + + // XMLDocumentWrapper_XmlSecImpl + sKeyName = OUString( RTL_CONSTASCII_USTRINGPARAM( "/" ) ) ; + sKeyName += XMLDocumentWrapper_XmlSecImpl_getImplementationName() ; + sKeyName += OUString::createFromAscii( "/UNO/SERVICES" ) ; + + xNewKey = xKey->createKey( sKeyName ) ; + if( xNewKey.is() ) { + seqServices = XMLDocumentWrapper_XmlSecImpl_getSupportedServiceNames() ; + for( i = seqServices.getLength() ; i -- ; ) + xNewKey->createKey( seqServices.getConstArray()[i] ) ; + } + + // SerialNumberAdapterImpl + sKeyName = OUString( RTL_CONSTASCII_USTRINGPARAM( "/" ) ) ; + sKeyName += SerialNumberAdapterImpl_getImplementationName() ; + sKeyName += OUString::createFromAscii( "/UNO/SERVICES" ) ; + + xNewKey = xKey->createKey( sKeyName ) ; + if( xNewKey.is() ) { + seqServices = SerialNumberAdapterImpl_getSupportedServiceNames() ; + for( i = seqServices.getLength() ; i -- ; ) + xNewKey->createKey( seqServices.getConstArray()[i] ) ; + } + +#if defined( XMLSEC_CRYPTO_NSS ) + result = nss_component_writeInfo( pServiceManager, pRegistryKey ) ; + if( !result ) + return sal_False ; +#endif + +#if defined( XMLSEC_CRYPTO_MSCRYPTO ) + result = mscrypt_component_writeInfo( pServiceManager, pRegistryKey ) ; + if( !result ) + return sal_False ; +#endif + + //} catch( InvalidRegistryException & ) { + // //we should not ignore exceptions + // return sal_False ; + //} + } + + return result; +} + +void* SAL_CALL component_getFactory( const sal_Char* pImplName , void* pServiceManager , void* pRegistryKey ) +{ + void* pRet = 0; + Reference< XInterface > xFactory ; + + if( pImplName != NULL && pServiceManager != NULL ) { + if( XMLElementWrapper_XmlSecImpl_getImplementationName().equals( OUString::createFromAscii( pImplName ) ) ) + { + xFactory = Reference< XSingleServiceFactory >( createSingleFactory( + reinterpret_cast< XMultiServiceFactory * >( pServiceManager ), + OUString::createFromAscii( pImplName ), + XMLElementWrapper_XmlSecImpl_createInstance, XMLElementWrapper_XmlSecImpl_getSupportedServiceNames() ) ); + } + else if( XMLDocumentWrapper_XmlSecImpl_getImplementationName().equals( OUString::createFromAscii( pImplName ) ) ) + { + xFactory = Reference< XSingleServiceFactory >( createSingleFactory( + reinterpret_cast< XMultiServiceFactory * >( pServiceManager ), + OUString::createFromAscii( pImplName ), + XMLDocumentWrapper_XmlSecImpl_createInstance, XMLDocumentWrapper_XmlSecImpl_getSupportedServiceNames() ) ); + } + else if( SerialNumberAdapterImpl_getImplementationName().equals( OUString::createFromAscii( pImplName ) ) ) + { + xFactory = ::cppu::createSingleComponentFactory( + SerialNumberAdapterImpl_createInstance, + OUString::createFromAscii( pImplName ), + SerialNumberAdapterImpl_getSupportedServiceNames() ); + } + } + + if( xFactory.is() ) { + xFactory->acquire() ; + pRet = xFactory.get() ; + } else { +#if defined( XMLSEC_CRYPTO_NSS ) + pRet = nss_component_getFactory( pImplName, pServiceManager, pRegistryKey ) ; + if( pRet != NULL ) + return pRet ; +#endif + +#if defined( XMLSEC_CRYPTO_MSCRYPTO ) + pRet = mscrypt_component_getFactory( pImplName, pServiceManager, pRegistryKey ) ; + if( pRet != NULL ) + return pRet ; +#endif + } + + return pRet ; +} + +} + |