Branch data Line data Source code
1 : : /* -*- Mode: C++; tab-width: 4; indent-tabs-mode: nil; c-basic-offset: 4 -*- */
2 : : /*
3 : : * This file is part of the LibreOffice project.
4 : : *
5 : : * This Source Code Form is subject to the terms of the Mozilla Public
6 : : * License, v. 2.0. If a copy of the MPL was not distributed with this
7 : : * file, You can obtain one at http://mozilla.org/MPL/2.0/.
8 : : *
9 : : * This file incorporates work covered by the following license notice:
10 : : *
11 : : * Licensed to the Apache Software Foundation (ASF) under one or more
12 : : * contributor license agreements. See the NOTICE file distributed
13 : : * with this work for additional information regarding copyright
14 : : * ownership. The ASF licenses this file to you under the Apache
15 : : * License, Version 2.0 (the "License"); you may not use this file
16 : : * except in compliance with the License. You may obtain a copy of
17 : : * the License at http://www.apache.org/licenses/LICENSE-2.0 .
18 : : */
19 : :
20 : : #ifndef _XMLSECURITY_XMLSIGNATUREHELPER_HXX
21 : : #define _XMLSECURITY_XMLSIGNATUREHELPER_HXX
22 : :
23 : : #ifndef _STLP_VECTOR
24 : : #include <vector>
25 : : #endif
26 : :
27 : : #include <tools/link.hxx>
28 : :
29 : : #include <rtl/ustring.hxx>
30 : :
31 : : #include <xmlsecurity/sigstruct.hxx>
32 : :
33 : : #include <com/sun/star/uno/XComponentContext.hpp>
34 : : #include <com/sun/star/xml/sax/XDocumentHandler.hpp>
35 : : #include <com/sun/star/xml/crypto/XUriBinding.hpp>
36 : : #include <com/sun/star/xml/crypto/XSEInitializer.hpp>
37 : : #include <com/sun/star/xml/crypto/sax/XSecurityController.hpp>
38 : : #include <com/sun/star/xml/crypto/sax/XSignatureCreationResultListener.hpp>
39 : : #include <com/sun/star/xml/crypto/sax/XSignatureVerifyResultListener.hpp>
40 : :
41 : : class XSecController;
42 : : class Date;
43 : : class Time;
44 : :
45 : : namespace com {
46 : : namespace sun {
47 : : namespace star {
48 : : namespace io {
49 : : class XOutputStream;
50 : : class XInputStream; }
51 : : namespace embed {
52 : : class XStorage; }
53 : : }}}
54 : :
55 : : struct XMLSignatureCreationResult
56 : : {
57 : : sal_Int32 nSecurityId;
58 : : com::sun::star::xml::crypto::SecurityOperationStatus nSignatureCreationResult;
59 : :
60 : 0 : XMLSignatureCreationResult( sal_Int32 nId, com::sun::star::xml::crypto::SecurityOperationStatus nResult )
61 : : {
62 : 0 : nSecurityId = nId;
63 : 0 : nSignatureCreationResult = nResult;
64 : 0 : }
65 : : };
66 : :
67 : : struct XMLSignatureVerifyResult
68 : : {
69 : : sal_Int32 nSecurityId;
70 : : com::sun::star::xml::crypto::SecurityOperationStatus nSignatureVerifyResult;
71 : :
72 : 0 : XMLSignatureVerifyResult( sal_Int32 nId, com::sun::star::xml::crypto::SecurityOperationStatus nResult )
73 : : {
74 : 0 : nSecurityId = nId;
75 : 0 : nSignatureVerifyResult = nResult;
76 : 0 : }
77 : : };
78 : :
79 : : typedef ::std::vector<XMLSignatureCreationResult> XMLSignatureCreationResults;
80 : : typedef ::std::vector<XMLSignatureVerifyResult> XMLSignatureVerifyResults;
81 : :
82 : :
83 : :
84 : : /**********************************************************
85 : : XMLSignatureHelper
86 : :
87 : : Helper class for the XML Security framework
88 : :
89 : : Functions:
90 : : 1. help to create a security context;
91 : : 2. help to listen signature creation result;
92 : : 3. help to listen signature verify result;
93 : : 4. help to indicate which signature to verify.
94 : :
95 : : **********************************************************/
96 : :
97 : : class XMLSignatureHelper
98 : : {
99 : : private:
100 : : ::com::sun::star::uno::Reference< com::sun::star::uno::XComponentContext > mxCtx;
101 : : ::com::sun::star::uno::Reference< com::sun::star::xml::crypto::sax::XSecurityController > mxSecurityController;
102 : : ::com::sun::star::uno::Reference< com::sun::star::xml::crypto::XUriBinding > mxUriBinding;
103 : :
104 : : ::com::sun::star::uno::Reference< com::sun::star::xml::crypto::XSEInitializer > mxSEInitializer;
105 : : ::com::sun::star::uno::Reference< com::sun::star::xml::crypto::XXMLSecurityContext > mxSecurityContext;
106 : :
107 : : XMLSignatureCreationResults maCreationResults;
108 : : XMLSignatureVerifyResults maVerifyResults;
109 : : XSecController* mpXSecController;
110 : : bool mbError;
111 : : bool mbODFPre1_2;
112 : : Link maStartVerifySignatureHdl;
113 : :
114 : : private:
115 : : void ImplCreateSEInitializer();
116 : : DECL_LINK( SignatureCreationResultListener, XMLSignatureCreationResult*);
117 : : DECL_LINK( SignatureVerifyResultListener, XMLSignatureVerifyResult* );
118 : : DECL_LINK( StartVerifySignatureElement, const com::sun::star::uno::Reference< com::sun::star::xml::sax::XAttributeList >* );
119 : :
120 : : // Not allowed:
121 : : XMLSignatureHelper(const XMLSignatureHelper&);
122 : :
123 : : public:
124 : : XMLSignatureHelper(const com::sun::star::uno::Reference< com::sun::star::uno::XComponentContext >& mrCtx );
125 : : ~XMLSignatureHelper();
126 : :
127 : : // Initialize the security context with default crypto token.
128 : : // Returns true for success.
129 : : bool Init();
130 : :
131 : : // Set the storage which should be used by the default UriBinding
132 : : // Must be set before StatrtMission().
133 : : //sODFVersion indicates the ODF version
134 : : void SetStorage( const com::sun::star::uno::Reference < com::sun::star::embed::XStorage >& rxStorage, ::rtl::OUString sODFVersion );
135 : :
136 : : // Argument for the Link is a uno::Reference< xml::sax::XAttributeList >*
137 : : // Return 1 to verify, 0 to skip.
138 : : // Default handler will verify all.
139 : : void SetStartVerifySignatureHdl( const Link& rLink );
140 : :
141 : : // Get the security environment
142 : : ::com::sun::star::uno::Reference< ::com::sun::star::xml::crypto::XSecurityEnvironment > GetSecurityEnvironment();
143 : :
144 : : // After signing/veryfieng, get information about signatures
145 : : SignatureInformation GetSignatureInformation( sal_Int32 nSecurityId ) const;
146 : : SignatureInformations GetSignatureInformations() const;
147 : :
148 : : // See XSecController for documentation
149 : : void StartMission();
150 : : void EndMission();
151 : : sal_Int32 GetNewSecurityId();
152 : : /** sets data that describes the certificate.
153 : :
154 : : It is absolutely necessary that the parameter ouX509IssuerName is set. It contains
155 : : the base64 encoded certificate, which is DER encoded. The XMLSec needs it to find
156 : : the private key. Although issuer name and certificate should be sufficient to identify
157 : : the certificate the implementation in XMLSec is broken, both for Windows and mozilla.
158 : : The reason is that they use functions to find the certificate which take as parameter
159 : : the DER encoded ASN.1 issuer name. The issuer name is a DName, where most attributes
160 : : are of type DirectoryName, which is a choice of 5 string types. This information is
161 : : not contained in the issuer string and while it is converted to the ASN.1 name the
162 : : conversion function must assume a particular type, which is often wrong. For example,
163 : : the Windows function CertStrToName will use a T.61 string if the string does not contain
164 : : special characters. So if the certificate uses simple characters but encodes the
165 : : issuer attributes in Utf8, then CertStrToName will use T.61. The resulting DER encoded
166 : : ASN.1 name now contains different bytes which indicate the string type. The functions
167 : : for finding the certificate apparently use memcmp - hence they fail to find the
168 : : certificate.
169 : : */
170 : : void SetX509Certificate(sal_Int32 nSecurityId, const rtl::OUString& ouX509IssuerName,
171 : : const rtl::OUString& ouX509SerialNumber, const rtl::OUString& ouX509Cert);
172 : :
173 : : void SetDateTime( sal_Int32 nSecurityId, const Date& rDate, const Time& rTime );
174 : :
175 : : void AddForSigning( sal_Int32 securityId, const rtl::OUString& uri, const rtl::OUString& objectURL, sal_Bool bBinary );
176 : : bool CreateAndWriteSignature( const com::sun::star::uno::Reference< com::sun::star::xml::sax::XDocumentHandler >& xDocumentHandler );
177 : : bool ReadAndVerifySignature( const com::sun::star::uno::Reference< com::sun::star::io::XInputStream >& xInputStream );
178 : :
179 : : // MT: ??? I think only for adding/removing, not for new signatures...
180 : : // MM: Yes, but if you want to insert a new signature into an existing signature file, those function
181 : : // will be very usefull, see Mission 3 in the new "multisigdemo" program :-)
182 : : ::com::sun::star::uno::Reference< ::com::sun::star::xml::sax::XDocumentHandler> CreateDocumentHandlerWithHeader( const com::sun::star::uno::Reference< com::sun::star::io::XOutputStream >& xOutputStream );
183 : : void CloseDocumentHandler( const ::com::sun::star::uno::Reference< com::sun::star::xml::sax::XDocumentHandler>& xDocumentHandler );
184 : : void ExportSignature( const com::sun::star::uno::Reference< com::sun::star::xml::sax::XDocumentHandler >& xDocumentHandler, const SignatureInformation& signatureInfo );
185 : : };
186 : :
187 : : #endif // _XMLSECURITY_XMLSIGNATUREHELPER_HXX
188 : :
189 : : /* vim:set shiftwidth=4 softtabstop=4 expandtab: */
|
