1 /************************************************************************* 2 * 3 * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. 4 * 5 * Copyright 2000, 2010 Oracle and/or its affiliates. 6 * 7 * OpenOffice.org - a multi-platform office productivity suite 8 * 9 * This file is part of OpenOffice.org. 10 * 11 * OpenOffice.org is free software: you can redistribute it and/or modify 12 * it under the terms of the GNU Lesser General Public License version 3 13 * only, as published by the Free Software Foundation. 14 * 15 * OpenOffice.org is distributed in the hope that it will be useful, 16 * but WITHOUT ANY WARRANTY; without even the implied warranty of 17 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 18 * GNU Lesser General Public License version 3 for more details 19 * (a copy is included in the LICENSE file that accompanied this code). 20 * 21 * You should have received a copy of the GNU Lesser General Public License 22 * version 3 along with OpenOffice.org. If not, see 23 * <http://www.openoffice.org/license.html> 24 * for a copy of the LGPLv3 License. 25 * 26 ************************************************************************/ 27 28 // MARKER(update_precomp.py): autogen include statement, do not remove 29 #include "precompiled_xmlsecurity.hxx" 30 31 #include <stdio.h> 32 #include "helper.hxx" 33 34 #include "libxml/tree.h" 35 #include "libxml/parser.h" 36 #ifndef XMLSEC_NO_XSLT 37 #include "libxslt/xslt.h" 38 #endif 39 40 #include "securityenvironment_nssimpl.hxx" 41 42 #include <xmlsecurity/biginteger.hxx> 43 44 45 #include "nspr.h" 46 #include "prtypes.h" 47 48 #include "pk11func.h" 49 #include "cert.h" 50 #include "cryptohi.h" 51 #include "certdb.h" 52 #include "nss.h" 53 54 #include "xmlsec/strings.h" 55 #include "xmlsec/xmltree.h" 56 57 #include <rtl/ustring.hxx> 58 59 using namespace ::rtl ; 60 using namespace ::cppu ; 61 using namespace ::com::sun::star::uno ; 62 using namespace ::com::sun::star::io ; 63 using namespace ::com::sun::star::ucb ; 64 using namespace ::com::sun::star::beans ; 65 using namespace ::com::sun::star::document ; 66 using namespace ::com::sun::star::lang ; 67 using namespace ::com::sun::star::security ; 68 using namespace ::com::sun::star::xml::wrapper ; 69 using namespace ::com::sun::star::xml::crypto ; 70 71 int SAL_CALL main( int argc, char **argv ) 72 { 73 CERTCertDBHandle* certHandle ; 74 PK11SlotInfo* slot ; 75 76 if( argc != 3 ) { 77 fprintf( stderr, "Usage: %s < CertDir > <rdb file>\n\n" , argv[0] ) ; 78 return 1 ; 79 } 80 81 for( ; getchar() != 'q' ; ) { 82 slot = NULL ; 83 84 //Initialize NSPR and NSS 85 PR_Init( PR_SYSTEM_THREAD, PR_PRIORITY_NORMAL, 1 ) ; 86 PK11_SetPasswordFunc( PriPK11PasswordFunc ) ; 87 if( NSS_Init( argv[1] ) != SECSuccess ) { 88 fprintf( stderr , "### cannot intialize NSS!\n" ) ; 89 goto done ; 90 } 91 92 certHandle = CERT_GetDefaultCertDB() ; 93 slot = PK11_GetInternalKeySlot() ; 94 95 if( PK11_NeedLogin( slot ) ) { 96 SECStatus nRet = PK11_Authenticate( slot, PR_TRUE, NULL ); 97 if( nRet != SECSuccess ) { 98 fprintf( stderr , "### cannot authehticate the crypto token!\n" ) ; 99 goto done ; 100 } 101 } 102 103 104 try { 105 Reference< XMultiComponentFactory > xManager = NULL ; 106 Reference< XComponentContext > xContext = NULL ; 107 108 xManager = serviceManager( xContext , OUString::createFromAscii( "local" ), OUString::createFromAscii( argv[2] ) ) ; 109 OSL_ENSURE( xManager.is() , 110 "ServicesManager - " 111 "Cannot get service manager" ) ; 112 113 //Create security environment 114 //Build Security Environment 115 Reference< XInterface > xsecenv = 116 xManager->createInstanceWithContext( OUString::createFromAscii("com.sun.star.xml.security.bridge.xmlsec.SecurityEnvironment_NssImpl"), xContext ) ; 117 OSL_ENSURE( xsecenv.is() , 118 "Signer - " 119 "Cannot get service instance of \"xsec.SecurityEnvironment\"" ) ; 120 121 Reference< XSecurityEnvironment > xSecEnv( xsecenv , UNO_QUERY ) ; 122 OSL_ENSURE( xSecEnv.is() , 123 "Signer - " 124 "Cannot get interface of \"XSecurityEnvironment\" from service \"xsec.SecurityEnvironment\"" ) ; 125 126 //Setup key slot and certDb 127 Reference< XUnoTunnel > xEnvTunnel( xsecenv , UNO_QUERY ) ; 128 OSL_ENSURE( xEnvTunnel.is() , 129 "Signer - " 130 "Cannot get interface of \"XUnoTunnel\" from service \"xsec.SecurityEnvironment\"" ) ; 131 132 SecurityEnvironment_NssImpl* pSecEnv = ( SecurityEnvironment_NssImpl* )xEnvTunnel->getSomething( SecurityEnvironment_NssImpl::getUnoTunnelId() ) ; 133 OSL_ENSURE( pSecEnv != NULL , 134 "Signer - " 135 "Cannot get implementation of \"xsec.SecurityEnvironment\"" ) ; 136 137 pSecEnv->setCryptoSlot( slot ) ; 138 pSecEnv->setCertDb( certHandle ) ; 139 140 //Get personal certificate 141 Sequence < Reference< XCertificate > > xPersonalCerts = pSecEnv->getPersonalCertificates() ; 142 Sequence < Reference< XCertificate > > xCertPath ; 143 for( int i = 0; i < xPersonalCerts.getLength(); i ++ ) { 144 //Print the certificate infomation. 145 fprintf( stdout, "\nPersonal Certificate Info\n" ) ; 146 fprintf( stdout, "\tCertificate Issuer[%s]\n", OUStringToOString( xPersonalCerts[i]->getIssuerName(), RTL_TEXTENCODING_ASCII_US ).getStr() ) ; 147 fprintf( stdout, "\tCertificate Serial Number[%s]\n", OUStringToOString( bigIntegerToNumericString( xPersonalCerts[i]->getSerialNumber() ), RTL_TEXTENCODING_ASCII_US ).getStr() ) ; 148 fprintf( stdout, "\tCertificate Subject[%s]\n", OUStringToOString( xPersonalCerts[i]->getSubjectName(), RTL_TEXTENCODING_ASCII_US ).getStr() ) ; 149 150 //build the certificate path 151 xCertPath = pSecEnv->buildCertificatePath( xPersonalCerts[i] ) ; 152 //Print the certificate path. 153 fprintf( stdout, "\tCertificate Path\n" ) ; 154 for( int j = 0; j < xCertPath.getLength(); j ++ ) { 155 fprintf( stdout, "\t\tCertificate Authority Subject[%s]\n", OUStringToOString( xCertPath[j]->getSubjectName(), RTL_TEXTENCODING_ASCII_US ).getStr() ) ; 156 } 157 158 //Get the certificate 159 Sequence < sal_Int8 > serial = xPersonalCerts[i]->getSerialNumber() ; 160 Reference< XCertificate > xcert = pSecEnv->getCertificate( xPersonalCerts[i]->getIssuerName(), xPersonalCerts[i]->getSerialNumber() ) ; 161 if( !xcert.is() ) { 162 fprintf( stdout, "The personal certificate is not in the certificate database\n" ) ; 163 } 164 165 //Get the certificate characters 166 sal_Int32 chars = pSecEnv->getCertificateCharacters( xPersonalCerts[i] ) ; 167 fprintf( stdout, "The certificate characters are %d\n", chars ) ; 168 169 //Get the certificate status 170 sal_Int32 validity = pSecEnv->verifyCertificate( xPersonalCerts[i] ) ; 171 fprintf( stdout, "The certificate validities are %d\n", validity ) ; 172 } 173 } catch( Exception& e ) { 174 fprintf( stderr , "Error Message: %s\n" , OUStringToOString( e.Message , RTL_TEXTENCODING_ASCII_US ).getStr() ) ; 175 goto done ; 176 } 177 178 done: 179 if( slot != NULL ) 180 PK11_FreeSlot( slot ) ; 181 182 PK11_LogoutAll() ; 183 NSS_Shutdown() ; 184 185 } 186 187 return 0; 188 } 189 190