1 /************************************************************** 2 * 3 * Licensed to the Apache Software Foundation (ASF) under one 4 * or more contributor license agreements. See the NOTICE file 5 * distributed with this work for additional information 6 * regarding copyright ownership. The ASF licenses this file 7 * to you under the Apache License, Version 2.0 (the 8 * "License"); you may not use this file except in compliance 9 * with the License. You may obtain a copy of the License at 10 * 11 * http://www.apache.org/licenses/LICENSE-2.0 12 * 13 * Unless required by applicable law or agreed to in writing, 14 * software distributed under the License is distributed on an 15 * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY 16 * KIND, either express or implied. See the License for the 17 * specific language governing permissions and limitations 18 * under the License. 19 * 20 *************************************************************/ 21 22 23 24 // MARKER(update_precomp.py): autogen include statement, do not remove 25 #include "precompiled_xmlsecurity.hxx" 26 27 #include <stdio.h> 28 #include "helper.hxx" 29 30 #include "libxml/tree.h" 31 #include "libxml/parser.h" 32 #ifndef XMLSEC_NO_XSLT 33 #include "libxslt/xslt.h" 34 #endif 35 36 #include "securityenvironment_nssimpl.hxx" 37 #include "xmlelementwrapper_xmlsecimpl.hxx" 38 39 #include "nspr.h" 40 #include "prtypes.h" 41 42 #include "pk11func.h" 43 #include "cert.h" 44 #include "cryptohi.h" 45 #include "certdb.h" 46 #include "nss.h" 47 48 #include "xmlsec/strings.h" 49 #include "xmlsec/xmltree.h" 50 51 #include <rtl/ustring.hxx> 52 #include <cppuhelper/servicefactory.hxx> 53 54 #include <com/sun/star/lang/XComponent.hpp> 55 #include <com/sun/star/beans/PropertyValue.hpp> 56 #include <com/sun/star/xml/wrapper/XXMLElementWrapper.hpp> 57 #include <com/sun/star/xml/wrapper/XXMLDocumentWrapper.hpp> 58 #include <com/sun/star/xml/crypto/XXMLSignature.hpp> 59 #include <com/sun/star/xml/crypto/XXMLSignatureTemplate.hpp> 60 #include <com/sun/star/xml/crypto/XXMLSecurityContext.hpp> 61 #include <com/sun/star/xml/crypto/XSecurityEnvironment.hpp> 62 63 using namespace ::rtl ; 64 using namespace ::cppu ; 65 using namespace ::com::sun::star::uno ; 66 using namespace ::com::sun::star::io ; 67 using namespace ::com::sun::star::ucb ; 68 using namespace ::com::sun::star::beans ; 69 using namespace ::com::sun::star::document ; 70 using namespace ::com::sun::star::lang ; 71 using namespace ::com::sun::star::registry ; 72 using namespace ::com::sun::star::xml::wrapper ; 73 using namespace ::com::sun::star::xml::crypto ; 74 75 76 int SAL_CALL main( int argc, char **argv ) 77 { 78 CERTCertDBHandle* certHandle = NULL ; 79 PK11SlotInfo* slot = NULL ; 80 xmlDocPtr doc = NULL ; 81 xmlNodePtr tplNode ; 82 xmlNodePtr tarNode ; 83 xmlAttrPtr idAttr ; 84 xmlChar* idValue ; 85 xmlAttrPtr uriAttr ; 86 xmlChar* uriValue ; 87 OUString* uri = NULL ; 88 Reference< XUriBinding > xUriBinding ; 89 90 if( argc != 4 ) { 91 fprintf( stderr, "Usage: %s < CertDir > <file_url> <rdb file>\n" , argv[0] ) ; 92 return 1 ; 93 } 94 95 //Init libxml and libxslt libraries 96 xmlInitParser(); 97 LIBXML_TEST_VERSION 98 xmlLoadExtDtdDefaultValue = XML_DETECT_IDS | XML_COMPLETE_ATTRS; 99 xmlSubstituteEntitiesDefault(1); 100 101 #ifndef XMLSEC_NO_XSLT 102 xmlIndentTreeOutput = 1; 103 #endif // XMLSEC_NO_XSLT 104 105 106 //Initialize NSPR and NSS 107 PR_Init( PR_SYSTEM_THREAD, PR_PRIORITY_NORMAL, 1 ) ; 108 PK11_SetPasswordFunc( PriPK11PasswordFunc ) ; 109 if( NSS_Init( argv[1] ) != SECSuccess ) { 110 fprintf( stderr , "### cannot intialize NSS!\n" ) ; 111 return 1 ; 112 } 113 114 certHandle = CERT_GetDefaultCertDB() ; 115 slot = PK11_GetInternalKeySlot() ; 116 117 //Load XML document 118 doc = xmlParseFile( argv[2] ) ; 119 if( doc == NULL || xmlDocGetRootElement( doc ) == NULL ) { 120 fprintf( stderr , "### Cannot load template xml document!\n" ) ; 121 goto done ; 122 } 123 124 //Find the signature template 125 tplNode = xmlSecFindNode( xmlDocGetRootElement( doc ), xmlSecNodeSignature, xmlSecDSigNs ) ; 126 if( tplNode == NULL ) { 127 fprintf( stderr , "### Cannot find the signature template!\n" ) ; 128 goto done ; 129 } 130 131 //Find the element with ID attribute 132 tarNode = xmlSecFindNode( xmlDocGetRootElement( doc ), ( xmlChar* )"document", ( xmlChar* )"http://openoffice.org/2000/office" ) ; 133 if( tarNode == NULL ) { 134 tarNode = xmlSecFindNode( xmlDocGetRootElement( doc ), ( xmlChar* )"document", NULL ) ; 135 } 136 137 //Find the "id" attrbute in the element 138 if( tarNode != NULL ) { 139 if( ( idAttr = xmlHasProp( tarNode, ( xmlChar* )"id" ) ) != NULL ) { 140 //NULL 141 } else if( ( idAttr = xmlHasProp( tarNode, ( xmlChar* )"Id" ) ) != NULL ) { 142 //NULL 143 } else { 144 idAttr = NULL ; 145 } 146 } 147 148 //Add ID to DOM 149 if( idAttr != NULL ) { 150 idValue = xmlNodeListGetString( tarNode->doc, idAttr->children, 1 ) ; 151 if( idValue == NULL ) { 152 fprintf( stderr , "### the ID value is NULL!\n" ) ; 153 goto done ; 154 } 155 156 if( xmlAddID( NULL, doc, idValue, idAttr ) == NULL ) { 157 fprintf( stderr , "### Can not add the ID value!\n" ) ; 158 goto done ; 159 } 160 } 161 162 //Reference handler 163 //Find the signature reference 164 tarNode = xmlSecFindNode( tplNode, xmlSecNodeReference, xmlSecDSigNs ) ; 165 if( tarNode == NULL ) { 166 fprintf( stderr , "### Cannot find the signature reference!\n" ) ; 167 goto done ; 168 } 169 170 //Find the "URI" attrbute in the reference 171 uriAttr = xmlHasProp( tarNode, ( xmlChar* )"URI" ) ; 172 if( tarNode == NULL ) { 173 fprintf( stderr , "### Cannot find URI of the reference!\n" ) ; 174 goto done ; 175 } 176 177 //Get the "URI" attrbute value 178 uriValue = xmlNodeListGetString( tarNode->doc, uriAttr->children, 1 ) ; 179 if( uriValue == NULL ) { 180 fprintf( stderr , "### the URI value is NULL!\n" ) ; 181 goto done ; 182 } 183 184 if( strchr( ( const char* )uriValue, '/' ) != NULL && strchr( ( const char* )uriValue, '#' ) == NULL ) { 185 fprintf( stdout , "### Find a stream URI [%s]\n", uriValue ) ; 186 // uri = new ::rtl::OUString( ( const sal_Unicode* )uriValue ) ; 187 uri = new ::rtl::OUString( ( const sal_Char* )uriValue, xmlStrlen( uriValue ), RTL_TEXTENCODING_ASCII_US ) ; 188 } 189 190 if( uri != NULL ) { 191 fprintf( stdout , "### Find the URI [%s]\n", OUStringToOString( *uri , RTL_TEXTENCODING_ASCII_US ).getStr() ) ; 192 Reference< XInputStream > xStream = createStreamFromFile( *uri ) ; 193 if( !xStream.is() ) { 194 fprintf( stderr , "### Can not get the URI stream!\n" ) ; 195 goto done ; 196 } 197 198 xUriBinding = new OUriBinding( *uri, xStream ) ; 199 } 200 201 202 try { 203 Reference< XMultiComponentFactory > xManager = NULL ; 204 Reference< XComponentContext > xContext = NULL ; 205 206 xManager = serviceManager( xContext , OUString::createFromAscii( "local" ), OUString::createFromAscii( argv[3] ) ) ; 207 208 //Create signature template 209 Reference< XInterface > element = 210 xManager->createInstanceWithContext( OUString::createFromAscii( "com.sun.star.xml.security.bridge.xmlsec.XMLElementWrapper_XmlSecImpl" ) , xContext ) ; 211 OSL_ENSURE( element.is() , 212 "Verifier - " 213 "Cannot get service instance of \"xsec.XMLElementWrapper\"" ) ; 214 215 Reference< XXMLElementWrapper > xElement( element , UNO_QUERY ) ; 216 OSL_ENSURE( xElement.is() , 217 "Verifier - " 218 "Cannot get interface of \"XXMLElementWrapper\" from service \"xsec.XMLElementWrapper\"" ) ; 219 220 Reference< XUnoTunnel > xEleTunnel( xElement , UNO_QUERY ) ; 221 OSL_ENSURE( xEleTunnel.is() , 222 "Verifier - " 223 "Cannot get interface of \"XUnoTunnel\" from service \"xsec.XMLElement\"" ) ; 224 225 XMLElementWrapper_XmlSecImpl* pElement = ( XMLElementWrapper_XmlSecImpl* )xEleTunnel->getSomething( XMLElementWrapper_XmlSecImpl::getUnoTunnelImplementationId() ) ; 226 OSL_ENSURE( pElement != NULL , 227 "Verifier - " 228 "Cannot get implementation of \"xsec.XMLElementWrapper\"" ) ; 229 230 //Set signature template 231 pElement->setNativeElement( tplNode ) ; 232 233 //Build XML Signature template 234 Reference< XInterface > signtpl = 235 xManager->createInstanceWithContext( OUString::createFromAscii("com.sun.star.xml.crypto.XMLSignatureTemplate"), xContext ) ; 236 OSL_ENSURE( signtpl.is() , 237 "Verifier - " 238 "Cannot get service instance of \"xsec.XMLSignatureTemplate\"" ) ; 239 240 Reference< XXMLSignatureTemplate > xTemplate( signtpl , UNO_QUERY ) ; 241 OSL_ENSURE( xTemplate.is() , 242 "Verifier - " 243 "Cannot get interface of \"XXMLSignatureTemplate\" from service \"xsec.XMLSignatureTemplate\"" ) ; 244 245 //Import the signature template 246 xTemplate->setTemplate( xElement ) ; 247 248 //Import the URI/Stream binding 249 if( xUriBinding.is() ) 250 xTemplate->setBinding( xUriBinding ) ; 251 252 //Create security environment 253 //Build Security Environment 254 Reference< XInterface > xsecenv = 255 xManager->createInstanceWithContext( OUString::createFromAscii("com.sun.star.xml.security.bridge.xmlsec.SecurityEnvironment_NssImpl"), xContext ) ; 256 OSL_ENSURE( xsecenv.is() , 257 "Verifier - " 258 "Cannot get service instance of \"xsec.SecurityEnvironment\"" ) ; 259 260 Reference< XSecurityEnvironment > xSecEnv( xsecenv , UNO_QUERY ) ; 261 OSL_ENSURE( xSecEnv.is() , 262 "Verifier - " 263 "Cannot get interface of \"XSecurityEnvironment\" from service \"xsec.SecurityEnvironment\"" ) ; 264 265 //Setup key slot and certDb 266 Reference< XUnoTunnel > xEnvTunnel( xsecenv , UNO_QUERY ) ; 267 OSL_ENSURE( xElement.is() , 268 "Verifier - " 269 "Cannot get interface of \"XUnoTunnel\" from service \"xsec.SecurityEnvironment\"" ) ; 270 271 SecurityEnvironment_NssImpl* pSecEnv = ( SecurityEnvironment_NssImpl* )xEnvTunnel->getSomething( SecurityEnvironment_NssImpl::getUnoTunnelId() ) ; 272 OSL_ENSURE( pSecEnv != NULL , 273 "Verifier - " 274 "Cannot get implementation of \"xsec.SecurityEnvironment\"" ) ; 275 276 pSecEnv->setCryptoSlot( slot ) ; 277 pSecEnv->setCertDb( certHandle ) ; 278 279 //Build XML Security Context 280 Reference< XInterface > xmlsecctx = 281 xManager->createInstanceWithContext( OUString::createFromAscii("com.sun.star.xml.security.bridge.xmlsec.XMLSecurityContext_NssImpl"), xContext ) ; 282 OSL_ENSURE( xsecenv.is() , 283 "Verifier - " 284 "Cannot get service instance of \"xsec.XMLSecurityContext\"" ) ; 285 286 Reference< XXMLSecurityContext > xSecCtx( xmlsecctx , UNO_QUERY ) ; 287 OSL_ENSURE( xSecCtx.is() , 288 "Verifier - " 289 "Cannot get interface of \"XXMLSecurityContext\" from service \"xsec.XMLSecurityContext\"" ) ; 290 291 xSecCtx->setSecurityEnvironment( xSecEnv ) ; 292 293 //Generate XML signature 294 Reference< XInterface > xmlsigner = 295 xManager->createInstanceWithContext( OUString::createFromAscii("com.sun.star.xml.security.bridge.xmlsec.XMLSignature_NssImpl"), xContext ) ; 296 OSL_ENSURE( xmlsigner.is() , 297 "Verifier - " 298 "Cannot get service instance of \"xsec.XMLSignature\"" ) ; 299 300 Reference< XXMLSignature > xSigner( xmlsigner , UNO_QUERY ) ; 301 OSL_ENSURE( xSigner.is() , 302 "Verifier - " 303 "Cannot get interface of \"XXMLSignature\" from service \"xsec.XMLSignature\"" ) ; 304 305 306 //perform validation 307 sal_Bool valid = xSigner->validate( xTemplate , xSecCtx ) ; 308 if( !valid ) { 309 printf( "Signature is INVALID!\n" ) ; 310 } else { 311 printf( "Signature is VALID!\n" ) ; 312 } 313 } catch( Exception& e ) { 314 fprintf( stderr , "Error Message: %s\n" , OUStringToOString( e.Message , RTL_TEXTENCODING_ASCII_US ).getStr() ) ; 315 goto done ; 316 } 317 318 done : 319 if( doc != NULL ) 320 xmlFreeDoc( doc ) ; 321 322 if( slot != NULL ) 323 PK11_FreeSlot( slot ) ; 324 325 PK11_LogoutAll() ; 326 NSS_Shutdown() ; 327 328 /* Shutdown libxslt/libxml */ 329 #ifndef XMLSEC_NO_XSLT 330 xsltCleanupGlobals(); 331 #endif /* XMLSEC_NO_XSLT */ 332 xmlCleanupParser(); 333 334 return 0 ; 335 } 336 337