1 /**************************************************************
2  *
3  * Licensed to the Apache Software Foundation (ASF) under one
4  * or more contributor license agreements.  See the NOTICE file
5  * distributed with this work for additional information
6  * regarding copyright ownership.  The ASF licenses this file
7  * to you under the Apache License, Version 2.0 (the
8  * "License"); you may not use this file except in compliance
9  * with the License.  You may obtain a copy of the License at
10  *
11  *   http://www.apache.org/licenses/LICENSE-2.0
12  *
13  * Unless required by applicable law or agreed to in writing,
14  * software distributed under the License is distributed on an
15  * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
16  * KIND, either express or implied.  See the License for the
17  * specific language governing permissions and limitations
18  * under the License.
19  *
20  *************************************************************/
21 
22 
23 
24 // MARKER(update_precomp.py): autogen include statement, do not remove
25 #include "precompiled_xmlsecurity.hxx"
26 
27 #include <stdio.h>
28 #include "helper.hxx"
29 
30 #include "libxml/tree.h"
31 #include "libxml/parser.h"
32 #ifndef XMLSEC_NO_XSLT
33 #include "libxslt/xslt.h"
34 #endif
35 
36 #include "securityenvironment_nssimpl.hxx"
37 
38 #include <xmlsecurity/biginteger.hxx>
39 
40 
41 #include "nspr.h"
42 #include "prtypes.h"
43 
44 #include "pk11func.h"
45 #include "cert.h"
46 #include "cryptohi.h"
47 #include "certdb.h"
48 #include "nss.h"
49 
50 #include "xmlsec/strings.h"
51 #include "xmlsec/xmltree.h"
52 
53 #include <rtl/ustring.hxx>
54 
55 using namespace ::rtl ;
56 using namespace ::cppu ;
57 using namespace ::com::sun::star::uno ;
58 using namespace ::com::sun::star::io ;
59 using namespace ::com::sun::star::ucb ;
60 using namespace ::com::sun::star::beans ;
61 using namespace ::com::sun::star::document ;
62 using namespace ::com::sun::star::lang ;
63 using namespace ::com::sun::star::security ;
64 using namespace ::com::sun::star::xml::wrapper ;
65 using namespace ::com::sun::star::xml::crypto ;
66 
67 int SAL_CALL main( int argc, char **argv )
68 {
69 	CERTCertDBHandle*	certHandle ;
70 	PK11SlotInfo*		slot ;
71 
72 	if( argc != 3 ) {
73 		fprintf( stderr, "Usage: %s < CertDir > <rdb file>\n\n" , argv[0] ) ;
74 		return 1 ;
75 	}
76 
77 	for( ; getchar() != 'q' ; ) {
78 		slot = NULL ;
79 
80 	//Initialize NSPR and NSS
81 	PR_Init( PR_SYSTEM_THREAD, PR_PRIORITY_NORMAL, 1 ) ;
82 	PK11_SetPasswordFunc( PriPK11PasswordFunc ) ;
83 	if( NSS_Init( argv[1] ) != SECSuccess ) {
84 		fprintf( stderr , "### cannot intialize NSS!\n" ) ;
85 		goto done ;
86 	}
87 
88 	certHandle = CERT_GetDefaultCertDB() ;
89 	slot = PK11_GetInternalKeySlot() ;
90 
91 	if( PK11_NeedLogin( slot ) ) {
92 		SECStatus nRet = PK11_Authenticate( slot, PR_TRUE, NULL );
93 		if( nRet != SECSuccess ) {
94 			fprintf( stderr , "### cannot authehticate the crypto token!\n" ) ;
95 			goto done ;
96 		}
97 	}
98 
99 
100 	try {
101 		Reference< XMultiComponentFactory > xManager = NULL ;
102 		Reference< XComponentContext > xContext = NULL ;
103 
104 		xManager = serviceManager( xContext , OUString::createFromAscii( "local" ), OUString::createFromAscii( argv[2] ) ) ;
105 		OSL_ENSURE( xManager.is() ,
106 			"ServicesManager - "
107 			"Cannot get service manager" ) ;
108 
109 		//Create security environment
110 		//Build Security Environment
111 		Reference< XInterface > xsecenv =
112 			xManager->createInstanceWithContext( OUString::createFromAscii("com.sun.star.xml.security.bridge.xmlsec.SecurityEnvironment_NssImpl"), xContext ) ;
113 		OSL_ENSURE( xsecenv.is() ,
114 			"Signer - "
115 			"Cannot get service instance of \"xsec.SecurityEnvironment\"" ) ;
116 
117 		Reference< XSecurityEnvironment > xSecEnv( xsecenv , UNO_QUERY ) ;
118 		OSL_ENSURE( xSecEnv.is() ,
119 			"Signer - "
120 			"Cannot get interface of \"XSecurityEnvironment\" from service \"xsec.SecurityEnvironment\"" ) ;
121 
122 		//Setup key slot and certDb
123 		Reference< XUnoTunnel > xEnvTunnel( xsecenv , UNO_QUERY ) ;
124 		OSL_ENSURE( xEnvTunnel.is() ,
125 			"Signer - "
126 			"Cannot get interface of \"XUnoTunnel\" from service \"xsec.SecurityEnvironment\"" ) ;
127 
128 		SecurityEnvironment_NssImpl* pSecEnv = ( SecurityEnvironment_NssImpl* )xEnvTunnel->getSomething( SecurityEnvironment_NssImpl::getUnoTunnelId() ) ;
129 		OSL_ENSURE( pSecEnv != NULL ,
130 			"Signer - "
131 			"Cannot get implementation of \"xsec.SecurityEnvironment\"" ) ;
132 
133 		pSecEnv->setCryptoSlot( slot ) ;
134 		pSecEnv->setCertDb( certHandle ) ;
135 
136 		//Get personal certificate
137 		Sequence < Reference< XCertificate > > xPersonalCerts = pSecEnv->getPersonalCertificates() ;
138 		Sequence < Reference< XCertificate > > xCertPath ;
139 		for( int i = 0; i < xPersonalCerts.getLength(); i ++ ) {
140 			//Print the certificate infomation.
141 			fprintf( stdout, "\nPersonal Certificate Info\n" ) ;
142 			fprintf( stdout, "\tCertificate Issuer[%s]\n", OUStringToOString( xPersonalCerts[i]->getIssuerName(), RTL_TEXTENCODING_ASCII_US ).getStr() ) ;
143 			fprintf( stdout, "\tCertificate Serial Number[%s]\n", OUStringToOString( bigIntegerToNumericString( xPersonalCerts[i]->getSerialNumber() ), RTL_TEXTENCODING_ASCII_US ).getStr() ) ;
144 			fprintf( stdout, "\tCertificate Subject[%s]\n", OUStringToOString( xPersonalCerts[i]->getSubjectName(), RTL_TEXTENCODING_ASCII_US ).getStr() ) ;
145 
146 			//build the certificate path
147 			xCertPath = pSecEnv->buildCertificatePath( xPersonalCerts[i] ) ;
148 			//Print the certificate path.
149 			fprintf( stdout, "\tCertificate Path\n" ) ;
150 			for( int j = 0; j < xCertPath.getLength(); j ++ ) {
151 				fprintf( stdout, "\t\tCertificate Authority Subject[%s]\n", OUStringToOString( xCertPath[j]->getSubjectName(), RTL_TEXTENCODING_ASCII_US ).getStr() ) ;
152 			}
153 
154 			//Get the certificate
155 			Sequence < sal_Int8 > serial = xPersonalCerts[i]->getSerialNumber() ;
156 			Reference< XCertificate > xcert = pSecEnv->getCertificate( xPersonalCerts[i]->getIssuerName(), xPersonalCerts[i]->getSerialNumber() ) ;
157 			if( !xcert.is() ) {
158 				fprintf( stdout, "The personal certificate is not in the certificate database\n" ) ;
159 			}
160 
161 			//Get the certificate characters
162 			sal_Int32 chars = pSecEnv->getCertificateCharacters( xPersonalCerts[i] ) ;
163 			fprintf( stdout, "The certificate characters are %d\n", chars ) ;
164 
165 			//Get the certificate status
166 			sal_Int32 validity = pSecEnv->verifyCertificate( xPersonalCerts[i] ) ;
167 			fprintf( stdout, "The certificate validities are %d\n", validity ) ;
168 		}
169 	} catch( Exception& e ) {
170 		fprintf( stderr , "Error Message: %s\n" , OUStringToOString( e.Message , RTL_TEXTENCODING_ASCII_US ).getStr() ) ;
171 		goto done ;
172 	}
173 
174 done:
175 	if( slot != NULL )
176 		PK11_FreeSlot( slot ) ;
177 
178 	PK11_LogoutAll() ;
179 	NSS_Shutdown() ;
180 
181 	}
182 
183 	return 0;
184 }
185 
186