1 /**************************************************************
2  *
3  * Licensed to the Apache Software Foundation (ASF) under one
4  * or more contributor license agreements.  See the NOTICE file
5  * distributed with this work for additional information
6  * regarding copyright ownership.  The ASF licenses this file
7  * to you under the Apache License, Version 2.0 (the
8  * "License"); you may not use this file except in compliance
9  * with the License.  You may obtain a copy of the License at
10  *
11  *   http://www.apache.org/licenses/LICENSE-2.0
12  *
13  * Unless required by applicable law or agreed to in writing,
14  * software distributed under the License is distributed on an
15  * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
16  * KIND, either express or implied.  See the License for the
17  * specific language governing permissions and limitations
18  * under the License.
19  *
20  *************************************************************/
21 
22 
23 
24 // MARKER(update_precomp.py): autogen include statement, do not remove
25 #include "precompiled_xmlsecurity.hxx"
26 
27 #include <stdio.h>
28 #include "helper.hxx"
29 
30 #include "libxml/tree.h"
31 #include "libxml/parser.h"
32 #ifndef XMLSEC_NO_XSLT
33 #include "libxslt/xslt.h"
34 #endif
35 
36 #include "securityenvironment_nssimpl.hxx"
37 #include "xmlelementwrapper_xmlsecimpl.hxx"
38 
39 #include "nspr.h"
40 #include "prtypes.h"
41 
42 #include "pk11func.h"
43 #include "cert.h"
44 #include "cryptohi.h"
45 #include "certdb.h"
46 #include "nss.h"
47 
48 #include "xmlsec/strings.h"
49 #include "xmlsec/xmltree.h"
50 
51 #include <rtl/ustring.hxx>
52 #include <cppuhelper/servicefactory.hxx>
53 
54 #include <com/sun/star/lang/XComponent.hpp>
55 #include <com/sun/star/beans/PropertyValue.hpp>
56 #include <com/sun/star/xml/wrapper/XXMLElementWrapper.hpp>
57 #include <com/sun/star/xml/wrapper/XXMLDocumentWrapper.hpp>
58 #include <com/sun/star/xml/crypto/XXMLSignature.hpp>
59 #include <com/sun/star/xml/crypto/XXMLSignatureTemplate.hpp>
60 #include <com/sun/star/xml/crypto/XXMLSecurityContext.hpp>
61 #include <com/sun/star/xml/crypto/XSecurityEnvironment.hpp>
62 
63 using namespace ::rtl ;
64 using namespace ::cppu ;
65 using namespace ::com::sun::star::uno ;
66 using namespace ::com::sun::star::io ;
67 using namespace ::com::sun::star::ucb ;
68 using namespace ::com::sun::star::beans ;
69 using namespace ::com::sun::star::document ;
70 using namespace ::com::sun::star::lang ;
71 using namespace ::com::sun::star::registry ;
72 using namespace ::com::sun::star::xml::wrapper ;
73 using namespace ::com::sun::star::xml::crypto ;
74 
75 
76 int SAL_CALL main( int argc, char **argv )
77 {
78 	CERTCertDBHandle*	certHandle = NULL ;
79 	PK11SlotInfo*		slot = NULL ;
80 	xmlDocPtr			doc = NULL ;
81 	xmlNodePtr			tplNode ;
82 	xmlNodePtr			tarNode ;
83 	xmlAttrPtr			idAttr ;
84 	xmlChar*			idValue ;
85 	xmlAttrPtr			uriAttr ;
86 	xmlChar*			uriValue ;
87 	OUString*			uri = NULL ;
88 	Reference< XUriBinding >	xUriBinding ;
89 
90 	if( argc != 4 ) {
91 		fprintf( stderr, "Usage: %s < CertDir > <file_url> <rdb file>\n" , argv[0] ) ;
92 		return 1 ;
93 	}
94 
95 	//Init libxml and libxslt libraries
96 	xmlInitParser();
97 	LIBXML_TEST_VERSION
98 	xmlLoadExtDtdDefaultValue = XML_DETECT_IDS | XML_COMPLETE_ATTRS;
99 	xmlSubstituteEntitiesDefault(1);
100 
101 	#ifndef XMLSEC_NO_XSLT
102 	xmlIndentTreeOutput = 1;
103 	#endif // XMLSEC_NO_XSLT
104 
105 
106 	//Initialize NSPR and NSS
107 	PR_Init( PR_SYSTEM_THREAD, PR_PRIORITY_NORMAL, 1 ) ;
108 	PK11_SetPasswordFunc( PriPK11PasswordFunc ) ;
109 	if( NSS_Init( argv[1] ) != SECSuccess ) {
110 		fprintf( stderr , "### cannot intialize NSS!\n" ) ;
111 		return 1 ;
112 	}
113 
114 	certHandle = CERT_GetDefaultCertDB() ;
115 	slot = PK11_GetInternalKeySlot() ;
116 
117 	//Load XML document
118 	doc = xmlParseFile( argv[2] ) ;
119 	if( doc == NULL || xmlDocGetRootElement( doc ) == NULL ) {
120 		fprintf( stderr , "### Cannot load template xml document!\n" ) ;
121 		goto done ;
122 	}
123 
124 	//Find the signature template
125 	tplNode = xmlSecFindNode( xmlDocGetRootElement( doc ), xmlSecNodeSignature, xmlSecDSigNs ) ;
126 	if( tplNode == NULL ) {
127 		fprintf( stderr , "### Cannot find the signature template!\n" ) ;
128 		goto done ;
129 	}
130 
131 	//Find the element with ID attribute
132 	tarNode = xmlSecFindNode( xmlDocGetRootElement( doc ), ( xmlChar* )"document", ( xmlChar* )"http://openoffice.org/2000/office" ) ;
133 	if( tarNode == NULL ) {
134 		tarNode = xmlSecFindNode( xmlDocGetRootElement( doc ), ( xmlChar* )"document", NULL ) ;
135 	}
136 
137 	//Find the "id" attrbute in the element
138 	if( tarNode != NULL ) {
139 		if( ( idAttr = xmlHasProp( tarNode, ( xmlChar* )"id" ) ) != NULL ) {
140 			//NULL
141 		} else if( ( idAttr = xmlHasProp( tarNode, ( xmlChar* )"Id" ) ) != NULL ) {
142 			//NULL
143 		} else {
144 			idAttr = NULL ;
145 		}
146 	}
147 
148 	//Add ID to DOM
149 	if( idAttr != NULL ) {
150 		idValue = xmlNodeListGetString( tarNode->doc, idAttr->children, 1 ) ;
151 		if( idValue == NULL ) {
152 			fprintf( stderr , "### the ID value is NULL!\n" ) ;
153 			goto done ;
154 		}
155 
156 		if( xmlAddID( NULL, doc, idValue, idAttr ) == NULL ) {
157 			fprintf( stderr , "### Can not add the ID value!\n" ) ;
158 			goto done ;
159 		}
160 	}
161 
162 	//Reference handler
163 	//Find the signature reference
164 	tarNode = xmlSecFindNode( tplNode, xmlSecNodeReference, xmlSecDSigNs ) ;
165 	if( tarNode == NULL ) {
166 		fprintf( stderr , "### Cannot find the signature reference!\n" ) ;
167 		goto done ;
168 	}
169 
170 	//Find the "URI" attrbute in the reference
171 	uriAttr = xmlHasProp( tarNode, ( xmlChar* )"URI" ) ;
172 	if( tarNode == NULL ) {
173 		fprintf( stderr , "### Cannot find URI of the reference!\n" ) ;
174 		goto done ;
175 	}
176 
177 	//Get the "URI" attrbute value
178 	uriValue = xmlNodeListGetString( tarNode->doc, uriAttr->children, 1 ) ;
179 	if( uriValue == NULL ) {
180 		fprintf( stderr , "### the URI value is NULL!\n" ) ;
181 		goto done ;
182 	}
183 
184 	if( strchr( ( const char* )uriValue, '/' ) != NULL && strchr( ( const char* )uriValue, '#' ) == NULL ) {
185 		fprintf( stdout , "### Find a stream URI [%s]\n", uriValue ) ;
186 	//	uri = new ::rtl::OUString( ( const sal_Unicode* )uriValue ) ;
187 		uri = new ::rtl::OUString( ( const sal_Char* )uriValue, xmlStrlen( uriValue ), RTL_TEXTENCODING_ASCII_US ) ;
188 	}
189 
190 	if( uri != NULL ) {
191 		fprintf( stdout , "### Find the URI [%s]\n", OUStringToOString( *uri , RTL_TEXTENCODING_ASCII_US ).getStr() ) ;
192 		Reference< XInputStream > xStream = createStreamFromFile( *uri ) ;
193 		if( !xStream.is() ) {
194 			fprintf( stderr , "### Can not get the URI stream!\n" ) ;
195 			goto done ;
196 		}
197 
198 		xUriBinding = new OUriBinding( *uri, xStream ) ;
199 	}
200 
201 
202 	try {
203 		Reference< XMultiComponentFactory > xManager = NULL ;
204 		Reference< XComponentContext > xContext = NULL ;
205 
206 		xManager = serviceManager( xContext , OUString::createFromAscii( "local" ),  OUString::createFromAscii( argv[3] ) ) ;
207 
208 		//Create signature template
209 		Reference< XInterface > element =
210 			xManager->createInstanceWithContext( OUString::createFromAscii( "com.sun.star.xml.security.bridge.xmlsec.XMLElementWrapper_XmlSecImpl" ) , xContext ) ;
211 		OSL_ENSURE( element.is() ,
212 			"Verifier - "
213 			"Cannot get service instance of \"xsec.XMLElementWrapper\"" ) ;
214 
215 		Reference< XXMLElementWrapper > xElement( element , UNO_QUERY ) ;
216 		OSL_ENSURE( xElement.is() ,
217 			"Verifier - "
218 			"Cannot get interface of \"XXMLElementWrapper\" from service \"xsec.XMLElementWrapper\"" ) ;
219 
220 		Reference< XUnoTunnel > xEleTunnel( xElement , UNO_QUERY ) ;
221 		OSL_ENSURE( xEleTunnel.is() ,
222 			"Verifier - "
223 			"Cannot get interface of \"XUnoTunnel\" from service \"xsec.XMLElement\"" ) ;
224 
225 		XMLElementWrapper_XmlSecImpl* pElement = ( XMLElementWrapper_XmlSecImpl* )xEleTunnel->getSomething( XMLElementWrapper_XmlSecImpl::getUnoTunnelImplementationId() ) ;
226 		OSL_ENSURE( pElement != NULL ,
227 			"Verifier - "
228 			"Cannot get implementation of \"xsec.XMLElementWrapper\"" ) ;
229 
230 		//Set signature template
231 		pElement->setNativeElement( tplNode ) ;
232 
233 		//Build XML Signature template
234 		Reference< XInterface > signtpl =
235 			xManager->createInstanceWithContext( OUString::createFromAscii("com.sun.star.xml.crypto.XMLSignatureTemplate"), xContext ) ;
236 		OSL_ENSURE( signtpl.is() ,
237 			"Verifier - "
238 			"Cannot get service instance of \"xsec.XMLSignatureTemplate\"" ) ;
239 
240 		Reference< XXMLSignatureTemplate > xTemplate( signtpl , UNO_QUERY ) ;
241 		OSL_ENSURE( xTemplate.is() ,
242 			"Verifier - "
243 			"Cannot get interface of \"XXMLSignatureTemplate\" from service \"xsec.XMLSignatureTemplate\"" ) ;
244 
245 		//Import the signature template
246 		xTemplate->setTemplate( xElement ) ;
247 
248 		//Import the URI/Stream binding
249 		if( xUriBinding.is() )
250 			xTemplate->setBinding( xUriBinding ) ;
251 
252 		//Create security environment
253 		//Build Security Environment
254 		Reference< XInterface > xsecenv =
255 			xManager->createInstanceWithContext( OUString::createFromAscii("com.sun.star.xml.security.bridge.xmlsec.SecurityEnvironment_NssImpl"), xContext ) ;
256 		OSL_ENSURE( xsecenv.is() ,
257 			"Verifier - "
258 			"Cannot get service instance of \"xsec.SecurityEnvironment\"" ) ;
259 
260 		Reference< XSecurityEnvironment > xSecEnv( xsecenv , UNO_QUERY ) ;
261 		OSL_ENSURE( xSecEnv.is() ,
262 			"Verifier - "
263 			"Cannot get interface of \"XSecurityEnvironment\" from service \"xsec.SecurityEnvironment\"" ) ;
264 
265 		//Setup key slot and certDb
266 		Reference< XUnoTunnel > xEnvTunnel( xsecenv , UNO_QUERY ) ;
267 		OSL_ENSURE( xElement.is() ,
268 			"Verifier - "
269 			"Cannot get interface of \"XUnoTunnel\" from service \"xsec.SecurityEnvironment\"" ) ;
270 
271 		SecurityEnvironment_NssImpl* pSecEnv = ( SecurityEnvironment_NssImpl* )xEnvTunnel->getSomething( SecurityEnvironment_NssImpl::getUnoTunnelId() ) ;
272 		OSL_ENSURE( pSecEnv != NULL ,
273 			"Verifier - "
274 			"Cannot get implementation of \"xsec.SecurityEnvironment\"" ) ;
275 
276 		pSecEnv->setCryptoSlot( slot ) ;
277 		pSecEnv->setCertDb( certHandle ) ;
278 
279 		//Build XML Security Context
280 		Reference< XInterface > xmlsecctx =
281 			xManager->createInstanceWithContext( OUString::createFromAscii("com.sun.star.xml.security.bridge.xmlsec.XMLSecurityContext_NssImpl"), xContext ) ;
282 		OSL_ENSURE( xsecenv.is() ,
283 			"Verifier - "
284 			"Cannot get service instance of \"xsec.XMLSecurityContext\"" ) ;
285 
286 		Reference< XXMLSecurityContext > xSecCtx( xmlsecctx , UNO_QUERY ) ;
287 		OSL_ENSURE( xSecCtx.is() ,
288 			"Verifier - "
289 			"Cannot get interface of \"XXMLSecurityContext\" from service \"xsec.XMLSecurityContext\"" ) ;
290 
291 		xSecCtx->setSecurityEnvironment( xSecEnv ) ;
292 
293 		//Generate XML signature
294 		Reference< XInterface > xmlsigner =
295 			xManager->createInstanceWithContext( OUString::createFromAscii("com.sun.star.xml.security.bridge.xmlsec.XMLSignature_NssImpl"), xContext ) ;
296 		OSL_ENSURE( xmlsigner.is() ,
297 			"Verifier - "
298 			"Cannot get service instance of \"xsec.XMLSignature\"" ) ;
299 
300 		Reference< XXMLSignature > xSigner( xmlsigner , UNO_QUERY ) ;
301 		OSL_ENSURE( xSigner.is() ,
302 			"Verifier - "
303 			"Cannot get interface of \"XXMLSignature\" from service \"xsec.XMLSignature\"" ) ;
304 
305 
306 		//perform validation
307 		sal_Bool valid = xSigner->validate( xTemplate , xSecCtx ) ;
308 		if( !valid ) {
309 			printf( "Signature is INVALID!\n" ) ;
310 		} else {
311 			printf( "Signature is VALID!\n" ) ;
312 		}
313 	} catch( Exception& e ) {
314 		fprintf( stderr , "Error Message: %s\n" , OUStringToOString( e.Message , RTL_TEXTENCODING_ASCII_US ).getStr() ) ;
315 		goto done ;
316 	}
317 
318 done :
319 	if( doc != NULL )
320 		xmlFreeDoc( doc ) ;
321 
322 	if( slot != NULL )
323 		PK11_FreeSlot( slot ) ;
324 
325 	PK11_LogoutAll() ;
326 	NSS_Shutdown() ;
327 
328 	/* Shutdown libxslt/libxml */
329 	#ifndef XMLSEC_NO_XSLT
330 	xsltCleanupGlobals();
331 	#endif /* XMLSEC_NO_XSLT */
332 	xmlCleanupParser();
333 
334 	return 0 ;
335 }
336 
337