/************************************************************************* * * $RCSfile: certmngr.cxx,v $ * * $Revision: 1.3 $ * * last change: $Author: mmi $ $Date: 2004-07-19 11:37:11 $ * * The Contents of this file are made available subject to the terms of * either of the following licenses * * - GNU Lesser General Public License Version 2.1 * - Sun Industry Standards Source License Version 1.1 * * Sun Microsystems Inc., October, 2000 * * GNU Lesser General Public License Version 2.1 * ============================================= * Copyright 2000 by Sun Microsystems, Inc. * 901 San Antonio Road, Palo Alto, CA 94303, USA * * This library is free software; you can redistribute it and/or * modify it under the terms of the GNU Lesser General Public * License version 2.1, as published by the Free Software Foundation. * * This library is distributed in the hope that it will be useful, * but WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU * Lesser General Public License for more details. * * You should have received a copy of the GNU Lesser General Public * License along with this library; if not, write to the Free Software * Foundation, Inc., 59 Temple Place, Suite 330, Boston, * MA 02111-1307 USA * * * Sun Industry Standards Source License Version 1.1 * ================================================= * The contents of this file are subject to the Sun Industry Standards * Source License Version 1.1 (the "License"); You may not use this file * except in compliance with the License. You may obtain a copy of the * License at http://www.openoffice.org/license.html. * * Software provided under this License is provided on an "AS IS" basis, * WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESSED OR IMPLIED, INCLUDING, * WITHOUT LIMITATION, WARRANTIES THAT THE SOFTWARE IS FREE OF DEFECTS, * MERCHANTABLE, FIT FOR A PARTICULAR PURPOSE, OR NON-INFRINGING. * See the License for the specific provisions governing your rights and * obligations concerning the Software. * * The Initial Developer of the Original Code is: Sun Microsystems, Inc. * * Copyright: 2000 by Sun Microsystems, Inc. * * All Rights Reserved. * * Contributor(s): _______________________________________ * * ************************************************************************/ #include #include "helper.hxx" #include "libxml/tree.h" #include "libxml/parser.h" #ifndef XMLSEC_NO_XSLT #include "libxslt/xslt.h" #endif #include "securityenvironment_nssimpl.hxx" #include "nspr.h" #include "prtypes.h" #include "pk11func.h" #include "cert.h" #include "cryptohi.h" #include "certdb.h" #include "nss.h" #include "xmlsec/strings.h" #include "xmlsec/xmltree.h" #include using namespace ::rtl ; using namespace ::cppu ; using namespace ::com::sun::star::uno ; using namespace ::com::sun::star::io ; using namespace ::com::sun::star::ucb ; using namespace ::com::sun::star::beans ; using namespace ::com::sun::star::document ; using namespace ::com::sun::star::lang ; using namespace ::com::sun::star::security ; using namespace ::com::sun::star::xml::wrapper ; using namespace ::com::sun::star::xml::crypto ; extern OUString bigIntegerToNumericString( Sequence< sal_Int8 > serial ) ; int SAL_CALL main( int argc, char **argv ) { CERTCertDBHandle* certHandle ; PK11SlotInfo* slot = NULL ; if( argc != 3 ) { fprintf( stderr, "Usage: %s < CertDir > \n\n" , argv[0] ) ; return 1 ; } for( ; getchar() != 'q' ; ) { //Initialize NSPR and NSS PR_Init( PR_SYSTEM_THREAD, PR_PRIORITY_NORMAL, 1 ) ; PK11_SetPasswordFunc( PriPK11PasswordFunc ) ; if( NSS_Init( argv[1] ) != SECSuccess ) { fprintf( stderr , "### cannot intialize NSS!\n" ) ; goto done ; } certHandle = CERT_GetDefaultCertDB() ; slot = PK11_GetInternalKeySlot() ; try { Reference< XMultiComponentFactory > xManager = NULL ; Reference< XComponentContext > xContext = NULL ; xManager = serviceManager( xContext , OUString::createFromAscii( "local" ), OUString::createFromAscii( argv[2] ) ) ; OSL_ENSURE( xManager.is() , "ServicesManager - " "Cannot get service manager" ) ; //Create security environment //Build Security Environment Reference< XInterface > xsecenv = xManager->createInstanceWithContext( OUString::createFromAscii("com.sun.star.xml.security.bridge.xmlsec.SecurityEnvironment_NssImpl"), xContext ) ; OSL_ENSURE( xsecenv.is() , "Signer - " "Cannot get service instance of \"xsec.SecurityEnvironment\"" ) ; Reference< XSecurityEnvironment > xSecEnv( xsecenv , UNO_QUERY ) ; OSL_ENSURE( xSecEnv.is() , "Signer - " "Cannot get interface of \"XSecurityEnvironment\" from service \"xsec.SecurityEnvironment\"" ) ; //Setup key slot and certDb Reference< XUnoTunnel > xEnvTunnel( xsecenv , UNO_QUERY ) ; OSL_ENSURE( xEnvTunnel.is() , "Signer - " "Cannot get interface of \"XUnoTunnel\" from service \"xsec.SecurityEnvironment\"" ) ; SecurityEnvironment_NssImpl* pSecEnv = ( SecurityEnvironment_NssImpl* )xEnvTunnel->getSomething( SecurityEnvironment_NssImpl::getUnoTunnelId() ) ; OSL_ENSURE( pSecEnv != NULL , "Signer - " "Cannot get implementation of \"xsec.SecurityEnvironment\"" ) ; pSecEnv->setCryptoSlot( slot ) ; pSecEnv->setCertDb( certHandle ) ; //Get personal certificate Sequence < Reference< XCertificate > > xPersonalCerts = pSecEnv->getPersonalCertificates() ; Sequence < Reference< XCertificate > > xCertPath ; for( int i = 0; i < xPersonalCerts.getLength(); i ++ ) { //Print the certificate infomation. fprintf( stdout, "\nPersonal Certificate Info\n" ) ; fprintf( stdout, "\tCertificate Issuer[%s]\n", OUStringToOString( xPersonalCerts[i]->getIssuerName(), RTL_TEXTENCODING_ASCII_US ).getStr() ) ; fprintf( stdout, "\tCertificate Serial Number[%s]\n", OUStringToOString( bigIntegerToNumericString( xPersonalCerts[i]->getSerialNumber() ), RTL_TEXTENCODING_ASCII_US ).getStr() ) ; fprintf( stdout, "\tCertificate Subject[%s]\n", OUStringToOString( xPersonalCerts[i]->getSubjectName(), RTL_TEXTENCODING_ASCII_US ).getStr() ) ; //build the certificate path xCertPath = pSecEnv->buildCertificatePath( xPersonalCerts[i] ) ; //Print the certificate path. fprintf( stdout, "\tCertificate Path\n" ) ; for( int j = 0; j < xCertPath.getLength(); j ++ ) { fprintf( stdout, "\t\tCertificate Authority Subject[%s]\n", OUStringToOString( xCertPath[j]->getSubjectName(), RTL_TEXTENCODING_ASCII_US ).getStr() ) ; } //Get the certificate Sequence < sal_Int8 > serial = xPersonalCerts[i]->getSerialNumber() ; Reference< XCertificate > xcert = pSecEnv->getCertificate( xPersonalCerts[i]->getIssuerName(), xPersonalCerts[i]->getSerialNumber() ) ; if( !xcert.is() ) { fprintf( stdout, "The personal certificate is not in the certificate database\n" ) ; } //Get the certificate characters sal_Int32 chars = pSecEnv->getCertificateCharacters( xPersonalCerts[i] ) ; fprintf( stdout, "The certificate characters are %d\n", chars ) ; //Get the certificate status sal_Int32 validity = pSecEnv->verifyCertificate( xPersonalCerts[i] ) ; fprintf( stdout, "The certificate validities are %d\n", validity ) ; } } catch( Exception& e ) { fprintf( stderr , "Error Message: %s\n" , OUStringToOString( e.Message , RTL_TEXTENCODING_ASCII_US ).getStr() ) ; goto done ; } done: if( slot != NULL ) PK11_FreeSlot( slot ) ; PK11_LogoutAll() ; NSS_Shutdown() ; } return 0; }