Branch data Line data Source code
1 : : /* -*- Mode: C++; tab-width: 4; indent-tabs-mode: nil; c-basic-offset: 4 -*- */
2 : : /*
3 : : * This file is part of the LibreOffice project.
4 : : *
5 : : * This Source Code Form is subject to the terms of the Mozilla Public
6 : : * License, v. 2.0. If a copy of the MPL was not distributed with this
7 : : * file, You can obtain one at http://mozilla.org/MPL/2.0/.
8 : : *
9 : : * This file incorporates work covered by the following license notice:
10 : : *
11 : : * Licensed to the Apache Software Foundation (ASF) under one or more
12 : : * contributor license agreements. See the NOTICE file distributed
13 : : * with this work for additional information regarding copyright
14 : : * ownership. The ASF licenses this file to you under the Apache
15 : : * License, Version 2.0 (the "License"); you may not use this file
16 : : * except in compliance with the License. You may obtain a copy of
17 : : * the License at http://www.apache.org/licenses/LICENSE-2.0 .
18 : : */
19 : :
20 : : #include <documentdigitalsignatures.hxx>
21 : : #include <xmlsecurity/digitalsignaturesdialog.hxx>
22 : : #include <xmlsecurity/certificatechooser.hxx>
23 : : #include <xmlsecurity/certificateviewer.hxx>
24 : : #include <xmlsecurity/macrosecurity.hxx>
25 : : #include <xmlsecurity/biginteger.hxx>
26 : : #include <xmlsecurity/global.hrc>
27 : :
28 : : #include <sax/tools/converter.hxx>
29 : :
30 : : #include <../dialogs/resourcemanager.hxx>
31 : : #include <com/sun/star/embed/XStorage.hpp>
32 : : #include <com/sun/star/embed/XTransactedObject.hpp>
33 : : #include <com/sun/star/embed/ElementModes.hpp>
34 : : #include <com/sun/star/ucb/XContent.hpp>
35 : : #include <com/sun/star/ucb/XContentIdentifierFactory.hpp>
36 : : #include <com/sun/star/ucb/XCommandEnvironment.hpp>
37 : : #include <com/sun/star/ucb/XCommandProcessor.hpp>
38 : : #include <com/sun/star/ucb/Command.hpp>
39 : : #include <tools/urlobj.hxx>
40 : : #include <vcl/msgbox.hxx>
41 : : #include <unotools/securityoptions.hxx>
42 : : #include <com/sun/star/security/CertificateValidity.hpp>
43 : : #include <com/sun/star/security/SerialNumberAdapter.hpp>
44 : : #include <unotools/ucbhelper.hxx>
45 : : #include <comphelper/componentcontext.hxx>
46 : : #include "comphelper/documentconstants.hxx"
47 : :
48 : : #include "com/sun/star/lang/IllegalArgumentException.hpp"
49 : :
50 : : #include <stdio.h>
51 : :
52 : :
53 : : using namespace ::com::sun::star;
54 : : using namespace ::com::sun::star::uno;
55 : : namespace css = ::com::sun::star;
56 : :
57 : : #define OUSTR(x) ::rtl::OUString( RTL_CONSTASCII_USTRINGPARAM(x) )
58 : :
59 : 108 : DocumentDigitalSignatures::DocumentDigitalSignatures( const Reference< XComponentContext >& rxCtx ):
60 : : mxCtx(rxCtx),
61 : : m_sODFVersion(ODFVER_012_TEXT),
62 : : m_nArgumentsCount(0),
63 [ + - ]: 108 : m_bHasDocumentSignature(false)
64 : : {
65 : 108 : }
66 : :
67 : 108 : void DocumentDigitalSignatures::initialize( const Sequence< Any >& aArguments)
68 : : throw (css::uno::Exception, css::uno::RuntimeException)
69 : : {
70 [ + - ][ - + ]: 108 : if (aArguments.getLength() == 0 || aArguments.getLength() > 2)
[ - + ]
71 : : throw css::lang::IllegalArgumentException(
72 : : OUSTR("DocumentDigitalSignatures::initialize requires one or two arguments"),
73 [ # # ][ # # ]: 0 : Reference<XInterface>(static_cast<XInitialization*>(this), UNO_QUERY), 0);
[ # # ]
74 : :
75 : 108 : m_nArgumentsCount = aArguments.getLength();
76 : :
77 [ - + ]: 108 : if (!(aArguments[0] >>= m_sODFVersion))
78 : : throw css::lang::IllegalArgumentException(
79 : : OUSTR("DocumentDigitalSignatures::initialize: the first arguments must be a string"),
80 [ # # ][ # # ]: 0 : Reference<XInterface>(static_cast<XInitialization*>(this), UNO_QUERY), 0);
[ # # ]
81 : :
82 [ - + # # ]: 108 : if (aArguments.getLength() == 2
[ - + ]
83 : 0 : && !(aArguments[1] >>= m_bHasDocumentSignature))
84 : : throw css::lang::IllegalArgumentException(
85 : : OUSTR("DocumentDigitalSignatures::initialize: the second arguments must be a bool"),
86 [ # # ][ # # ]: 0 : Reference<XInterface>(static_cast<XInitialization*>(this), UNO_QUERY), 1);
[ # # ]
87 : :
88 : : //the Version is supported as of ODF1.2, so for and 1.1 document or older we will receive the
89 : : //an empty string. In this case we set it to ODFVER_010_TEXT. Then we can later check easily
90 : : //if initialize was called. Only then m_sODFVersion.getLength() is greater than 0
91 [ + + ]: 108 : if (m_sODFVersion.isEmpty())
92 : 20 : m_sODFVersion = ODFVER_010_TEXT;
93 : 108 : }
94 : :
95 : 0 : sal_Bool DocumentDigitalSignatures::signDocumentContent(
96 : : const Reference< css::embed::XStorage >& rxStorage,
97 : : const Reference< css::io::XStream >& xSignStream)
98 : : throw (RuntimeException)
99 : : {
100 : : OSL_ENSURE(!m_sODFVersion.isEmpty(), "DocumentDigitalSignatures: ODF Version not set, assuming minimum 1.2");
101 : 0 : return ImplViewSignatures( rxStorage, xSignStream, SignatureModeDocumentContent, false );
102 : : }
103 : :
104 : : Sequence< css::security::DocumentSignatureInformation >
105 : 108 : DocumentDigitalSignatures::verifyDocumentContentSignatures(
106 : : const Reference< css::embed::XStorage >& rxStorage,
107 : : const Reference< css::io::XInputStream >& xSignInStream ) throw (RuntimeException)
108 : : {
109 : : OSL_ENSURE(!m_sODFVersion.isEmpty(),"DocumentDigitalSignatures: ODF Version not set, assuming minimum 1.2");
110 : 108 : return ImplVerifySignatures( rxStorage, xSignInStream, SignatureModeDocumentContent );
111 : : }
112 : :
113 : 0 : void DocumentDigitalSignatures::showDocumentContentSignatures(
114 : : const Reference< css::embed::XStorage >& rxStorage,
115 : : const Reference< css::io::XInputStream >& xSignInStream ) throw (RuntimeException)
116 : : {
117 : : OSL_ENSURE(!m_sODFVersion.isEmpty(),"DocumentDigitalSignatures: ODF Version not set, assuming minimum 1.2");
118 : 0 : ImplViewSignatures( rxStorage, xSignInStream, SignatureModeDocumentContent, true );
119 : 0 : }
120 : :
121 : 0 : ::rtl::OUString DocumentDigitalSignatures::getDocumentContentSignatureDefaultStreamName()
122 : : throw (css::uno::RuntimeException)
123 : : {
124 : 0 : return DocumentSignatureHelper::GetDocumentContentSignatureDefaultStreamName();
125 : : }
126 : :
127 : 0 : sal_Bool DocumentDigitalSignatures::signScriptingContent(
128 : : const Reference< css::embed::XStorage >& rxStorage,
129 : : const Reference< css::io::XStream >& xSignStream ) throw (RuntimeException)
130 : : {
131 : : OSL_ENSURE(!m_sODFVersion.isEmpty(),"DocumentDigitalSignatures: ODF Version not set, assuming minimum 1.2");
132 : : OSL_ENSURE(m_nArgumentsCount == 2, "DocumentDigitalSignatures: Service was not initialized properly");
133 : 0 : return ImplViewSignatures( rxStorage, xSignStream, SignatureModeMacros, false );
134 : : }
135 : :
136 : : Sequence< css::security::DocumentSignatureInformation >
137 : 0 : DocumentDigitalSignatures::verifyScriptingContentSignatures(
138 : : const Reference< css::embed::XStorage >& rxStorage,
139 : : const Reference< css::io::XInputStream >& xSignInStream ) throw (RuntimeException)
140 : : {
141 : : OSL_ENSURE(!m_sODFVersion.isEmpty(),"DocumentDigitalSignatures: ODF Version not set, assuming minimum 1.2");
142 : 0 : return ImplVerifySignatures( rxStorage, xSignInStream, SignatureModeMacros );
143 : : }
144 : :
145 : 0 : void DocumentDigitalSignatures::showScriptingContentSignatures(
146 : : const Reference< css::embed::XStorage >& rxStorage,
147 : : const Reference< css::io::XInputStream >& xSignInStream ) throw (RuntimeException)
148 : : {
149 : : OSL_ENSURE(!m_sODFVersion.isEmpty(),"DocumentDigitalSignatures: ODF Version not set, assuming minimum 1.2");
150 : 0 : ImplViewSignatures( rxStorage, xSignInStream, SignatureModeMacros, true );
151 : 0 : }
152 : :
153 : 0 : ::rtl::OUString DocumentDigitalSignatures::getScriptingContentSignatureDefaultStreamName()
154 : : throw (css::uno::RuntimeException)
155 : : {
156 : 0 : return DocumentSignatureHelper::GetScriptingContentSignatureDefaultStreamName();
157 : : }
158 : :
159 : :
160 : 0 : sal_Bool DocumentDigitalSignatures::signPackage(
161 : : const Reference< css::embed::XStorage >& rxStorage,
162 : : const Reference< css::io::XStream >& xSignStream ) throw (RuntimeException)
163 : : {
164 : : OSL_ENSURE(!m_sODFVersion.isEmpty(),"DocumentDigitalSignatures: ODF Version not set, assuming minimum 1.2");
165 : 0 : return ImplViewSignatures( rxStorage, xSignStream, SignatureModePackage, false );
166 : : }
167 : :
168 : : Sequence< css::security::DocumentSignatureInformation >
169 : 0 : DocumentDigitalSignatures::verifyPackageSignatures(
170 : : const Reference< css::embed::XStorage >& rxStorage,
171 : : const Reference< css::io::XInputStream >& xSignInStream ) throw (RuntimeException)
172 : : {
173 : : OSL_ENSURE(!m_sODFVersion.isEmpty(),"DocumentDigitalSignatures: ODF Version not set, assuming minimum 1.2");
174 : 0 : return ImplVerifySignatures( rxStorage, xSignInStream, SignatureModePackage );
175 : : }
176 : :
177 : 0 : void DocumentDigitalSignatures::showPackageSignatures(
178 : : const Reference< css::embed::XStorage >& rxStorage,
179 : : const Reference< css::io::XInputStream >& xSignInStream ) throw (RuntimeException)
180 : : {
181 : : OSL_ENSURE(!m_sODFVersion.isEmpty(),"DocumentDigitalSignatures: ODF Version not set, assuming minimum 1.2");
182 : 0 : ImplViewSignatures( rxStorage, xSignInStream, SignatureModePackage, true );
183 : 0 : }
184 : :
185 : 0 : ::rtl::OUString DocumentDigitalSignatures::getPackageSignatureDefaultStreamName( )
186 : : throw (::com::sun::star::uno::RuntimeException)
187 : : {
188 : 0 : return DocumentSignatureHelper::GetPackageSignatureDefaultStreamName();
189 : : }
190 : :
191 : :
192 : 0 : sal_Bool DocumentDigitalSignatures::ImplViewSignatures(
193 : : const Reference< css::embed::XStorage >& rxStorage,
194 : : const Reference< css::io::XInputStream >& xSignStream,
195 : : DocumentSignatureMode eMode, bool bReadOnly ) throw (RuntimeException)
196 : : {
197 : 0 : Reference< io::XStream > xStream;
198 [ # # ]: 0 : if ( xSignStream.is() )
199 [ # # ][ # # ]: 0 : xStream = Reference< io::XStream >( xSignStream, UNO_QUERY );
200 [ # # ]: 0 : return ImplViewSignatures( rxStorage, xStream, eMode, bReadOnly );
201 : : }
202 : :
203 : 0 : sal_Bool DocumentDigitalSignatures::ImplViewSignatures(
204 : : const Reference< css::embed::XStorage >& rxStorage, const Reference< css::io::XStream >& xSignStream,
205 : : DocumentSignatureMode eMode, bool bReadOnly ) throw (RuntimeException)
206 : : {
207 : 0 : sal_Bool bChanges = sal_False;
208 : : DigitalSignaturesDialog aSignaturesDialog(
209 [ # # ]: 0 : NULL, mxCtx, eMode, bReadOnly, m_sODFVersion, m_bHasDocumentSignature);
210 [ # # ]: 0 : bool bInit = aSignaturesDialog.Init();
211 : : DBG_ASSERT( bInit, "Error initializing security context!" );
212 [ # # ]: 0 : if ( bInit )
213 : : {
214 [ # # ]: 0 : aSignaturesDialog.SetStorage( rxStorage );
215 [ # # ]: 0 : aSignaturesDialog.SetSignatureStream( xSignStream );
216 [ # # ][ # # ]: 0 : if ( aSignaturesDialog.Execute() )
217 : : {
218 [ # # ]: 0 : if ( aSignaturesDialog.SignaturesChanged() )
219 : : {
220 : 0 : bChanges = sal_True;
221 : : // If we have a storage and no stream, we are responsible for commit
222 [ # # ][ # # ]: 0 : if ( rxStorage.is() && !xSignStream.is() )
[ # # ]
223 : : {
224 [ # # ]: 0 : uno::Reference< embed::XTransactedObject > xTrans( rxStorage, uno::UNO_QUERY );
225 [ # # ][ # # ]: 0 : xTrans->commit();
226 : : }
227 : : }
228 : : }
229 : : }
230 : : else
231 : : {
232 [ # # ][ # # ]: 0 : WarningBox aBox( NULL, XMLSEC_RES( RID_XMLSECWB_NO_MOZILLA_PROFILE ) );
233 [ # # ][ # # ]: 0 : aBox.Execute();
234 : : }
235 : :
236 [ # # ]: 0 : return bChanges;
237 : : }
238 : :
239 : : Sequence< css::security::DocumentSignatureInformation >
240 : 108 : DocumentDigitalSignatures::ImplVerifySignatures(
241 : : const Reference< css::embed::XStorage >& rxStorage,
242 : : const Reference< css::io::XInputStream >& xSignStream, DocumentSignatureMode eMode ) throw (RuntimeException)
243 : : {
244 [ - + ]: 108 : if (!rxStorage.is())
245 : : {
246 : : DBG_ASSERT(0, "Error, no XStorage provided");
247 [ # # ]: 0 : return Sequence<css::security::DocumentSignatureInformation>();
248 : : }
249 : : // First check for the InputStream, to avoid unnecessary initialization of the security environemnt...
250 [ + - ]: 108 : SignatureStreamHelper aStreamHelper;
251 : 108 : Reference< io::XInputStream > xInputStream = xSignStream;
252 : :
253 [ + - ]: 108 : if ( !xInputStream.is() )
254 : : {
255 [ + - ][ + - ]: 108 : aStreamHelper = DocumentSignatureHelper::OpenSignatureStream( rxStorage, embed::ElementModes::READ, eMode );
[ + - ]
256 [ - + ]: 108 : if ( aStreamHelper.xSignatureStream.is() )
257 [ # # ][ # # ]: 0 : xInputStream = Reference< io::XInputStream >( aStreamHelper.xSignatureStream, UNO_QUERY );
258 : : }
259 : :
260 [ + - ]: 108 : if ( !xInputStream.is() )
261 [ + - ]: 108 : return Sequence< ::com::sun::star::security::DocumentSignatureInformation >(0);
262 : :
263 : :
264 [ # # ]: 0 : XMLSignatureHelper aSignatureHelper( mxCtx );
265 : :
266 [ # # ]: 0 : bool bInit = aSignatureHelper.Init();
267 : :
268 : : DBG_ASSERT( bInit, "Error initializing security context!" );
269 : :
270 [ # # ]: 0 : if ( !bInit )
271 [ # # ]: 0 : return Sequence< ::com::sun::star::security::DocumentSignatureInformation >(0);
272 : :
273 [ # # ]: 0 : aSignatureHelper.SetStorage(rxStorage, m_sODFVersion);
274 : :
275 [ # # ]: 0 : aSignatureHelper.StartMission();
276 : :
277 [ # # ]: 0 : aSignatureHelper.ReadAndVerifySignature( xInputStream );
278 : :
279 [ # # ]: 0 : aSignatureHelper.EndMission();
280 : :
281 [ # # ]: 0 : Reference< ::com::sun::star::xml::crypto::XSecurityEnvironment > xSecEnv = aSignatureHelper.GetSecurityEnvironment();
282 : :
283 [ # # ]: 0 : SignatureInformations aSignInfos = aSignatureHelper.GetSignatureInformations();
284 : 0 : int nInfos = aSignInfos.size();
285 [ # # ]: 0 : Sequence< css::security::DocumentSignatureInformation > aInfos(nInfos);
286 [ # # ]: 0 : css::security::DocumentSignatureInformation* arInfos = aInfos.getArray();
287 : :
288 [ # # ]: 0 : if ( nInfos )
289 : : {
290 : : Reference<security::XSerialNumberAdapter> xSerialNumberAdapter =
291 [ # # ]: 0 : ::com::sun::star::security::SerialNumberAdapter::create(mxCtx);
292 : :
293 [ # # ]: 0 : for( int n = 0; n < nInfos; ++n )
294 : : {
295 : : DocumentSignatureAlgorithm mode = DocumentSignatureHelper::getDocumentAlgorithm(
296 [ # # ]: 0 : m_sODFVersion, aSignInfos[n]);
297 : : const std::vector< rtl::OUString > aElementsToBeVerified =
298 : : DocumentSignatureHelper::CreateElementList(
299 [ # # ]: 0 : rxStorage, ::rtl::OUString(), eMode, mode);
300 : :
301 : 0 : const SignatureInformation& rInfo = aSignInfos[n];
302 : 0 : css::security::DocumentSignatureInformation& rSigInfo = arInfos[n];
303 : :
304 [ # # ]: 0 : if (!rInfo.ouX509Certificate.isEmpty())
305 [ # # ][ # # ]: 0 : rSigInfo.Signer = xSecEnv->createCertificateFromAscii( rInfo.ouX509Certificate ) ;
[ # # ]
306 [ # # ]: 0 : if (!rSigInfo.Signer.is())
307 [ # # ][ # # ]: 0 : rSigInfo.Signer = xSecEnv->getCertificate( rInfo.ouX509IssuerName, xSerialNumberAdapter->toSequence( rInfo.ouX509SerialNumber ) );
[ # # ][ # # ]
[ # # ][ # # ]
308 : :
309 : : // Time support again (#i38744#)
310 : 0 : Date aDate( rInfo.stDateTime.Day, rInfo.stDateTime.Month, rInfo.stDateTime.Year );
311 : : Time aTime( rInfo.stDateTime.Hours, rInfo.stDateTime.Minutes,
312 [ # # ]: 0 : rInfo.stDateTime.Seconds, rInfo.stDateTime.HundredthSeconds );
313 : 0 : rSigInfo.SignatureDate = aDate.GetDate();
314 : 0 : rSigInfo.SignatureTime = aTime.GetTime();
315 : :
316 : : // Verify certificate
317 : : //We have patched our version of libxmlsec, so that it does not verify the certificates. This has two
318 : : //reasons. First we want two separate status for signature and certificate. Second libxmlsec calls
319 : : //CERT_VerifyCertificate (solaris, linux) falsly, so that it always regards the certificate as valid.
320 : : //On Window the checking of the certificate path is buggy. It does name matching (issuer, subject name)
321 : : //to find the parent certificate. It does not take into account that there can be several certificates
322 : : //with the same subject name.
323 [ # # ]: 0 : if (rSigInfo.Signer.is())
324 : : {
325 : : try {
326 [ # # ]: 0 : rSigInfo.CertificateStatus = xSecEnv->verifyCertificate(rSigInfo.Signer,
327 [ # # ][ # # ]: 0 : Sequence<Reference<css::security::XCertificate> >());
[ # # ][ # # ]
328 [ # # ]: 0 : } catch (SecurityException& ) {
329 : : OSL_FAIL("Verification of certificate failed");
330 : 0 : rSigInfo.CertificateStatus = css::security::CertificateValidity::INVALID;
331 : : }
332 : : }
333 : : else
334 : : {
335 : : //We should always be aible to get the certificates because it is contained in the document,
336 : : //unless the document is damaged so that signature xml file could not be parsed.
337 : 0 : rSigInfo.CertificateStatus = css::security::CertificateValidity::INVALID;
338 : : }
339 : :
340 : 0 : rSigInfo.SignatureIsValid = ( rInfo.nStatus == ::com::sun::star::xml::crypto::SecurityOperationStatus_OPERATION_SUCCEEDED );
341 : :
342 : :
343 [ # # ]: 0 : if ( rSigInfo.SignatureIsValid )
344 : : {
345 : : rSigInfo.SignatureIsValid =
346 : : DocumentSignatureHelper::checkIfAllFilesAreSigned(
347 [ # # ]: 0 : aElementsToBeVerified, rInfo, mode);
348 : : }
349 [ # # ]: 0 : if (eMode == SignatureModeDocumentContent)
350 : : rSigInfo.PartialDocumentSignature =
351 [ # # ]: 0 : ! DocumentSignatureHelper::isOOo3_2_Signature(aSignInfos[n]);
352 : :
353 : 0 : }
354 : : }
355 [ # # ][ # # ]: 108 : return aInfos;
[ # # ][ + - ]
356 : :
357 : : }
358 : :
359 : 0 : void DocumentDigitalSignatures::manageTrustedSources( ) throw (RuntimeException)
360 : : {
361 : : // MT: i45295
362 : : // SecEnv is only needed to display certificate information from trusted sources.
363 : : // Macro Security also has some options where no security environment is needed, so raise dialog anyway.
364 : : // Later I should change the code so the Dialog creates the SecEnv on demand...
365 : :
366 : 0 : Reference< dcss::xml::crypto::XSecurityEnvironment > xSecEnv;
367 : :
368 [ # # ]: 0 : XMLSignatureHelper aSignatureHelper( mxCtx );
369 [ # # ][ # # ]: 0 : if ( aSignatureHelper.Init() )
370 [ # # ][ # # ]: 0 : xSecEnv = aSignatureHelper.GetSecurityEnvironment();
371 : :
372 [ # # ]: 0 : MacroSecurity aDlg( NULL, mxCtx, xSecEnv );
373 [ # # ][ # # ]: 0 : aDlg.Execute();
[ # # ]
374 : 0 : }
375 : :
376 : 0 : void DocumentDigitalSignatures::showCertificate(
377 : : const Reference< css::security::XCertificate >& _Certificate ) throw (RuntimeException)
378 : : {
379 [ # # ]: 0 : XMLSignatureHelper aSignatureHelper( mxCtx );
380 : :
381 [ # # ]: 0 : bool bInit = aSignatureHelper.Init();
382 : :
383 : : DBG_ASSERT( bInit, "Error initializing security context!" );
384 : :
385 [ # # ]: 0 : if ( bInit )
386 : : {
387 [ # # ][ # # ]: 0 : CertificateViewer aViewer( NULL, aSignatureHelper.GetSecurityEnvironment(), _Certificate, sal_False );
388 [ # # ][ # # ]: 0 : aViewer.Execute();
389 [ # # ]: 0 : }
390 : :
391 : 0 : }
392 : :
393 : 0 : ::sal_Bool DocumentDigitalSignatures::isAuthorTrusted(
394 : : const Reference< css::security::XCertificate >& Author ) throw (RuntimeException)
395 : : {
396 : 0 : sal_Bool bFound = sal_False;
397 : :
398 : : Reference<security::XSerialNumberAdapter> xSerialNumberAdapter =
399 [ # # ]: 0 : ::com::sun::star::security::SerialNumberAdapter::create(mxCtx);
400 : :
401 [ # # ][ # # ]: 0 : ::rtl::OUString sSerialNum = xSerialNumberAdapter->toString( Author->getSerialNumber() );
[ # # ][ # # ]
[ # # ]
402 : :
403 [ # # ][ # # ]: 0 : Sequence< SvtSecurityOptions::Certificate > aTrustedAuthors = SvtSecurityOptions().GetTrustedAuthors();
[ # # ]
404 : 0 : const SvtSecurityOptions::Certificate* pAuthors = aTrustedAuthors.getConstArray();
405 : 0 : const SvtSecurityOptions::Certificate* pAuthorsEnd = pAuthors + aTrustedAuthors.getLength();
406 [ # # ]: 0 : for ( ; pAuthors != pAuthorsEnd; ++pAuthors )
407 : : {
408 [ # # ]: 0 : SvtSecurityOptions::Certificate aAuthor = *pAuthors;
409 [ # # ][ # # ]: 0 : if ( ( aAuthor[0] == Author->getIssuerName() ) && ( aAuthor[1] == sSerialNum ) )
[ # # ][ # # ]
[ # # ][ # # ]
[ # # ]
[ # # # # ]
410 : : {
411 : 0 : bFound = sal_True;
412 : : break;
413 : : }
414 [ # # ][ # # ]: 0 : }
415 : :
416 [ # # ]: 0 : return bFound;
417 : : }
418 : :
419 : 0 : Reference< css::security::XCertificate > DocumentDigitalSignatures::chooseCertificate() throw (RuntimeException)
420 : : {
421 : 0 : Reference< dcss::xml::crypto::XSecurityEnvironment > xSecEnv;
422 : :
423 [ # # ]: 0 : XMLSignatureHelper aSignatureHelper( mxCtx );
424 [ # # ][ # # ]: 0 : if ( aSignatureHelper.Init() )
425 [ # # ][ # # ]: 0 : xSecEnv = aSignatureHelper.GetSecurityEnvironment();
426 : :
427 [ # # ][ # # ]: 0 : CertificateChooser aChooser( NULL, mxCtx, xSecEnv, aSignatureHelper.GetSignatureInformations());
428 : :
429 [ # # ][ # # ]: 0 : if (aChooser.Execute() != RET_OK)
430 [ # # ]: 0 : return Reference< css::security::XCertificate >(0);
431 : :
432 [ # # ]: 0 : Reference< css::security::XCertificate > xCert = aChooser.GetSelectedCertificate();
433 : :
434 [ # # ]: 0 : if ( !xCert.is() )
435 [ # # ]: 0 : return Reference< css::security::XCertificate >(0);
436 : :
437 [ # # ][ # # ]: 0 : return xCert;
438 : : }
439 : :
440 : :
441 : 0 : ::sal_Bool DocumentDigitalSignatures::isLocationTrusted( const ::rtl::OUString& Location ) throw (RuntimeException)
442 : : {
443 : 0 : sal_Bool bFound = sal_False;
444 [ # # ]: 0 : INetURLObject aLocObj( Location );
445 [ # # ]: 0 : INetURLObject aLocObjLowCase( Location.toAsciiLowerCase() ); // will be used for case insensitive comparing
446 : :
447 [ # # ][ # # ]: 0 : Sequence< ::rtl::OUString > aSecURLs = SvtSecurityOptions().GetSecureURLs();
[ # # ]
448 : 0 : const ::rtl::OUString* pSecURLs = aSecURLs.getConstArray();
449 : 0 : const ::rtl::OUString* pSecURLsEnd = pSecURLs + aSecURLs.getLength();
450 [ # # ][ # # ]: 0 : for ( ; pSecURLs != pSecURLsEnd && !bFound; ++pSecURLs )
[ # # ]
451 [ # # ]: 0 : bFound = ::utl::UCBContentHelper::IsSubPath( *pSecURLs, Location );
452 : :
453 [ # # ][ # # ]: 0 : return bFound;
[ # # ]
454 : : }
455 : :
456 : 0 : void DocumentDigitalSignatures::addAuthorToTrustedSources(
457 : : const Reference< css::security::XCertificate >& Author ) throw (RuntimeException)
458 : : {
459 [ # # ]: 0 : SvtSecurityOptions aSecOpts;
460 : :
461 : : Reference<security::XSerialNumberAdapter> xSerialNumberAdapter =
462 [ # # ]: 0 : ::com::sun::star::security::SerialNumberAdapter::create(mxCtx);
463 : :
464 [ # # ]: 0 : SvtSecurityOptions::Certificate aNewCert( 3 );
465 [ # # ][ # # ]: 0 : aNewCert[ 0 ] = Author->getIssuerName();
[ # # ]
466 [ # # ][ # # ]: 0 : aNewCert[ 1 ] = xSerialNumberAdapter->toString( Author->getSerialNumber() );
[ # # ][ # # ]
[ # # ][ # # ]
467 : :
468 : 0 : rtl::OUStringBuffer aStrBuffer;
469 [ # # ][ # # ]: 0 : ::sax::Converter::encodeBase64(aStrBuffer, Author->getEncoded());
[ # # ][ # # ]
470 [ # # ][ # # ]: 0 : aNewCert[ 2 ] = aStrBuffer.makeStringAndClear();
471 : :
472 : :
473 [ # # ]: 0 : Sequence< SvtSecurityOptions::Certificate > aTrustedAuthors = aSecOpts.GetTrustedAuthors();
474 : 0 : sal_Int32 nCnt = aTrustedAuthors.getLength();
475 [ # # ]: 0 : aTrustedAuthors.realloc( nCnt + 1 );
476 [ # # ][ # # ]: 0 : aTrustedAuthors[ nCnt ] = aNewCert;
477 : :
478 [ # # ][ # # ]: 0 : aSecOpts.SetTrustedAuthors( aTrustedAuthors );
[ # # ][ # # ]
479 : 0 : }
480 : :
481 : 0 : void DocumentDigitalSignatures::addLocationToTrustedSources( const ::rtl::OUString& Location ) throw (RuntimeException)
482 : : {
483 [ # # ]: 0 : SvtSecurityOptions aSecOpt;
484 : :
485 [ # # ]: 0 : Sequence< ::rtl::OUString > aSecURLs = aSecOpt.GetSecureURLs();
486 : 0 : sal_Int32 nCnt = aSecURLs.getLength();
487 [ # # ]: 0 : aSecURLs.realloc( nCnt + 1 );
488 [ # # ]: 0 : aSecURLs[ nCnt ] = Location;
489 : :
490 [ # # ][ # # ]: 0 : aSecOpt.SetSecureURLs( aSecURLs );
[ # # ]
491 : 0 : }
492 : :
493 : 23 : rtl::OUString DocumentDigitalSignatures::GetImplementationName() throw (RuntimeException)
494 : : {
495 : 23 : return rtl::OUString ( RTL_CONSTASCII_USTRINGPARAM ( "com.sun.star.security.DocumentDigitalSignatures" ) );
496 : : }
497 : :
498 : 23 : Sequence< rtl::OUString > DocumentDigitalSignatures::GetSupportedServiceNames() throw (cssu::RuntimeException)
499 : : {
500 : 23 : Sequence < rtl::OUString > aRet(1);
501 [ + - ]: 23 : rtl::OUString* pArray = aRet.getArray();
502 [ + - ]: 23 : pArray[0] = rtl::OUString( RTL_CONSTASCII_USTRINGPARAM ( "com.sun.star.security.DocumentDigitalSignatures" ) );
503 : 23 : return aRet;
504 : : }
505 : :
506 : :
507 : 108 : Reference< XInterface > DocumentDigitalSignatures_CreateInstance(
508 : : const Reference< XComponentContext >& rCtx) throw ( Exception )
509 : : {
510 [ + - ]: 108 : return (cppu::OWeakObject*) new DocumentDigitalSignatures( rCtx );
511 : : }
512 : :
513 : : /* vim:set shiftwidth=4 softtabstop=4 expandtab: */
|
