1*06b3ce53SAndrew Rist /************************************************************** 2cdf0e10cSrcweir * 3*06b3ce53SAndrew Rist * Licensed to the Apache Software Foundation (ASF) under one 4*06b3ce53SAndrew Rist * or more contributor license agreements. See the NOTICE file 5*06b3ce53SAndrew Rist * distributed with this work for additional information 6*06b3ce53SAndrew Rist * regarding copyright ownership. The ASF licenses this file 7*06b3ce53SAndrew Rist * to you under the Apache License, Version 2.0 (the 8*06b3ce53SAndrew Rist * "License"); you may not use this file except in compliance 9*06b3ce53SAndrew Rist * with the License. You may obtain a copy of the License at 10*06b3ce53SAndrew Rist * 11*06b3ce53SAndrew Rist * http://www.apache.org/licenses/LICENSE-2.0 12*06b3ce53SAndrew Rist * 13*06b3ce53SAndrew Rist * Unless required by applicable law or agreed to in writing, 14*06b3ce53SAndrew Rist * software distributed under the License is distributed on an 15*06b3ce53SAndrew Rist * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY 16*06b3ce53SAndrew Rist * KIND, either express or implied. See the License for the 17*06b3ce53SAndrew Rist * specific language governing permissions and limitations 18*06b3ce53SAndrew Rist * under the License. 19*06b3ce53SAndrew Rist * 20*06b3ce53SAndrew Rist *************************************************************/ 21*06b3ce53SAndrew Rist 22*06b3ce53SAndrew Rist 23cdf0e10cSrcweir 24cdf0e10cSrcweir // MARKER(update_precomp.py): autogen include statement, do not remove 25cdf0e10cSrcweir #include "precompiled_xmlsecurity.hxx" 26cdf0e10cSrcweir 27cdf0e10cSrcweir #include <xsecctl.hxx> 28cdf0e10cSrcweir #include "xsecparser.hxx" 29cdf0e10cSrcweir #include <tools/debug.hxx> 30cdf0e10cSrcweir 31cdf0e10cSrcweir #include <com/sun/star/xml/crypto/sax/XKeyCollector.hpp> 32cdf0e10cSrcweir #include <com/sun/star/xml/crypto/sax/ElementMarkPriority.hpp> 33cdf0e10cSrcweir #include <com/sun/star/xml/crypto/sax/XReferenceResolvedBroadcaster.hpp> 34cdf0e10cSrcweir #include <com/sun/star/xml/crypto/sax/XReferenceCollector.hpp> 35cdf0e10cSrcweir #include <com/sun/star/xml/crypto/sax/XSignatureVerifyResultBroadcaster.hpp> 36cdf0e10cSrcweir #include <com/sun/star/xml/sax/SAXParseException.hpp> 37cdf0e10cSrcweir 38cdf0e10cSrcweir namespace cssu = com::sun::star::uno; 39cdf0e10cSrcweir namespace cssl = com::sun::star::lang; 40cdf0e10cSrcweir namespace cssxc = com::sun::star::xml::crypto; 41cdf0e10cSrcweir namespace cssxs = com::sun::star::xml::sax; 42cdf0e10cSrcweir 43cdf0e10cSrcweir /* xml security framework components */ 44cdf0e10cSrcweir #define SIGNATUREVERIFIER_COMPONENT "com.sun.star.xml.crypto.sax.SignatureVerifier" 45cdf0e10cSrcweir 46cdf0e10cSrcweir /* protected: for signature verify */ 47cdf0e10cSrcweir cssu::Reference< cssxc::sax::XReferenceResolvedListener > XSecController::prepareSignatureToRead( 48cdf0e10cSrcweir sal_Int32 nSecurityId) 49cdf0e10cSrcweir { 50cdf0e10cSrcweir if ( m_nStatusOfSecurityComponents != INITIALIZED ) 51cdf0e10cSrcweir { 52cdf0e10cSrcweir return NULL; 53cdf0e10cSrcweir } 54cdf0e10cSrcweir 55cdf0e10cSrcweir sal_Int32 nIdOfSignatureElementCollector; 56cdf0e10cSrcweir cssu::Reference< cssxc::sax::XReferenceResolvedListener > xReferenceResolvedListener; 57cdf0e10cSrcweir 58cdf0e10cSrcweir nIdOfSignatureElementCollector = 59cdf0e10cSrcweir m_xSAXEventKeeper->addSecurityElementCollector( cssxc::sax::ElementMarkPriority_BEFOREMODIFY, sal_False); 60cdf0e10cSrcweir 61cdf0e10cSrcweir m_xSAXEventKeeper->setSecurityId(nIdOfSignatureElementCollector, nSecurityId); 62cdf0e10cSrcweir 63cdf0e10cSrcweir /* 64cdf0e10cSrcweir * create a SignatureVerifier 65cdf0e10cSrcweir */ 66cdf0e10cSrcweir cssu::Reference< cssl::XMultiComponentFactory > xMCF( mxCtx->getServiceManager() ); 67cdf0e10cSrcweir xReferenceResolvedListener = cssu::Reference< cssxc::sax::XReferenceResolvedListener >( 68cdf0e10cSrcweir xMCF->createInstanceWithContext( 69cdf0e10cSrcweir rtl::OUString::createFromAscii( SIGNATUREVERIFIER_COMPONENT ), mxCtx), 70cdf0e10cSrcweir cssu::UNO_QUERY); 71cdf0e10cSrcweir 72cdf0e10cSrcweir cssu::Reference<cssl::XInitialization> xInitialization(xReferenceResolvedListener, cssu::UNO_QUERY); 73cdf0e10cSrcweir 74cdf0e10cSrcweir cssu::Sequence<cssu::Any> args(5); 75cdf0e10cSrcweir args[0] = cssu::makeAny(rtl::OUString::valueOf(nSecurityId)); 76cdf0e10cSrcweir args[1] = cssu::makeAny(m_xSAXEventKeeper); 77cdf0e10cSrcweir args[2] = cssu::makeAny(rtl::OUString::valueOf(nIdOfSignatureElementCollector)); 78cdf0e10cSrcweir args[3] = cssu::makeAny(m_xSecurityContext); 79cdf0e10cSrcweir args[4] = cssu::makeAny(m_xXMLSignature); 80cdf0e10cSrcweir xInitialization->initialize(args); 81cdf0e10cSrcweir 82cdf0e10cSrcweir cssu::Reference< cssxc::sax::XSignatureVerifyResultBroadcaster > 83cdf0e10cSrcweir signatureVerifyResultBroadcaster(xReferenceResolvedListener, cssu::UNO_QUERY); 84cdf0e10cSrcweir 85cdf0e10cSrcweir signatureVerifyResultBroadcaster->addSignatureVerifyResultListener( this ); 86cdf0e10cSrcweir 87cdf0e10cSrcweir cssu::Reference<cssxc::sax::XReferenceResolvedBroadcaster> xReferenceResolvedBroadcaster 88cdf0e10cSrcweir (m_xSAXEventKeeper, 89cdf0e10cSrcweir cssu::UNO_QUERY); 90cdf0e10cSrcweir 91cdf0e10cSrcweir xReferenceResolvedBroadcaster->addReferenceResolvedListener( 92cdf0e10cSrcweir nIdOfSignatureElementCollector, 93cdf0e10cSrcweir xReferenceResolvedListener); 94cdf0e10cSrcweir 95cdf0e10cSrcweir cssu::Reference<cssxc::sax::XKeyCollector> keyCollector (xReferenceResolvedListener, cssu::UNO_QUERY); 96cdf0e10cSrcweir keyCollector->setKeyId(0); 97cdf0e10cSrcweir 98cdf0e10cSrcweir return xReferenceResolvedListener; 99cdf0e10cSrcweir } 100cdf0e10cSrcweir 101cdf0e10cSrcweir void XSecController::addSignature() 102cdf0e10cSrcweir { 103cdf0e10cSrcweir cssu::Reference< cssxc::sax::XReferenceResolvedListener > xReferenceResolvedListener = NULL; 104cdf0e10cSrcweir sal_Int32 nSignatureId = 0; 105cdf0e10cSrcweir 106cdf0e10cSrcweir 107cdf0e10cSrcweir if (m_bVerifyCurrentSignature) 108cdf0e10cSrcweir { 109cdf0e10cSrcweir chainOn(true); 110cdf0e10cSrcweir xReferenceResolvedListener = prepareSignatureToRead( m_nReservedSignatureId ); 111cdf0e10cSrcweir m_bVerifyCurrentSignature = false; 112cdf0e10cSrcweir nSignatureId = m_nReservedSignatureId; 113cdf0e10cSrcweir } 114cdf0e10cSrcweir 115cdf0e10cSrcweir InternalSignatureInformation isi( nSignatureId, xReferenceResolvedListener ); 116cdf0e10cSrcweir m_vInternalSignatureInformations.push_back( isi ); 117cdf0e10cSrcweir } 118cdf0e10cSrcweir 119cdf0e10cSrcweir void XSecController::addReference( const rtl::OUString& ouUri) 120cdf0e10cSrcweir { 121cdf0e10cSrcweir InternalSignatureInformation &isi = m_vInternalSignatureInformations[m_vInternalSignatureInformations.size()-1]; 122cdf0e10cSrcweir isi.addReference(TYPE_SAMEDOCUMENT_REFERENCE,ouUri, -1 ); 123cdf0e10cSrcweir } 124cdf0e10cSrcweir 125cdf0e10cSrcweir void XSecController::addStreamReference( 126cdf0e10cSrcweir const rtl::OUString& ouUri, 127cdf0e10cSrcweir bool isBinary ) 128cdf0e10cSrcweir { 129cdf0e10cSrcweir sal_Int32 type = (isBinary?TYPE_BINARYSTREAM_REFERENCE:TYPE_XMLSTREAM_REFERENCE); 130cdf0e10cSrcweir 131cdf0e10cSrcweir InternalSignatureInformation &isi = m_vInternalSignatureInformations[m_vInternalSignatureInformations.size()-1]; 132cdf0e10cSrcweir 133cdf0e10cSrcweir if ( isi.xReferenceResolvedListener.is() ) 134cdf0e10cSrcweir { 135cdf0e10cSrcweir /* 136cdf0e10cSrcweir * get the input stream 137cdf0e10cSrcweir */ 138cdf0e10cSrcweir cssu::Reference< com::sun::star::io::XInputStream > xObjectInputStream 139cdf0e10cSrcweir = getObjectInputStream( ouUri ); 140cdf0e10cSrcweir 141cdf0e10cSrcweir if ( xObjectInputStream.is() ) 142cdf0e10cSrcweir { 143cdf0e10cSrcweir cssu::Reference<cssxc::XUriBinding> xUriBinding 144cdf0e10cSrcweir (isi.xReferenceResolvedListener, cssu::UNO_QUERY); 145cdf0e10cSrcweir xUriBinding->setUriBinding(ouUri, xObjectInputStream); 146cdf0e10cSrcweir } 147cdf0e10cSrcweir } 148cdf0e10cSrcweir 149cdf0e10cSrcweir isi.addReference(type, ouUri, -1); 150cdf0e10cSrcweir } 151cdf0e10cSrcweir 152cdf0e10cSrcweir void XSecController::setReferenceCount() const 153cdf0e10cSrcweir { 154cdf0e10cSrcweir const InternalSignatureInformation &isi = m_vInternalSignatureInformations[m_vInternalSignatureInformations.size()-1]; 155cdf0e10cSrcweir 156cdf0e10cSrcweir if ( isi.xReferenceResolvedListener.is() ) 157cdf0e10cSrcweir { 158cdf0e10cSrcweir const SignatureReferenceInformations &refInfors = isi.signatureInfor.vSignatureReferenceInfors; 159cdf0e10cSrcweir 160cdf0e10cSrcweir int refNum = refInfors.size(); 161cdf0e10cSrcweir sal_Int32 referenceCount = 0; 162cdf0e10cSrcweir 163cdf0e10cSrcweir for(int i=0 ; i<refNum; ++i) 164cdf0e10cSrcweir { 165cdf0e10cSrcweir if (refInfors[i].nType == TYPE_SAMEDOCUMENT_REFERENCE ) 166cdf0e10cSrcweir /* 167cdf0e10cSrcweir * same-document reference 168cdf0e10cSrcweir */ 169cdf0e10cSrcweir { 170cdf0e10cSrcweir referenceCount++; 171cdf0e10cSrcweir } 172cdf0e10cSrcweir } 173cdf0e10cSrcweir 174cdf0e10cSrcweir cssu::Reference<cssxc::sax::XReferenceCollector> xReferenceCollector 175cdf0e10cSrcweir (isi.xReferenceResolvedListener, cssu::UNO_QUERY); 176cdf0e10cSrcweir xReferenceCollector->setReferenceCount( referenceCount ); 177cdf0e10cSrcweir } 178cdf0e10cSrcweir } 179cdf0e10cSrcweir 180cdf0e10cSrcweir void XSecController::setX509IssuerName( rtl::OUString& ouX509IssuerName ) 181cdf0e10cSrcweir { 182cdf0e10cSrcweir InternalSignatureInformation &isi = m_vInternalSignatureInformations[m_vInternalSignatureInformations.size()-1]; 183cdf0e10cSrcweir isi.signatureInfor.ouX509IssuerName = ouX509IssuerName; 184cdf0e10cSrcweir } 185cdf0e10cSrcweir 186cdf0e10cSrcweir void XSecController::setX509SerialNumber( rtl::OUString& ouX509SerialNumber ) 187cdf0e10cSrcweir { 188cdf0e10cSrcweir InternalSignatureInformation &isi = m_vInternalSignatureInformations[m_vInternalSignatureInformations.size()-1]; 189cdf0e10cSrcweir isi.signatureInfor.ouX509SerialNumber = ouX509SerialNumber; 190cdf0e10cSrcweir } 191cdf0e10cSrcweir 192cdf0e10cSrcweir void XSecController::setX509Certificate( rtl::OUString& ouX509Certificate ) 193cdf0e10cSrcweir { 194cdf0e10cSrcweir InternalSignatureInformation &isi = m_vInternalSignatureInformations[m_vInternalSignatureInformations.size()-1]; 195cdf0e10cSrcweir isi.signatureInfor.ouX509Certificate = ouX509Certificate; 196cdf0e10cSrcweir } 197cdf0e10cSrcweir 198cdf0e10cSrcweir void XSecController::setSignatureValue( rtl::OUString& ouSignatureValue ) 199cdf0e10cSrcweir { 200cdf0e10cSrcweir InternalSignatureInformation &isi = m_vInternalSignatureInformations[m_vInternalSignatureInformations.size()-1]; 201cdf0e10cSrcweir isi.signatureInfor.ouSignatureValue = ouSignatureValue; 202cdf0e10cSrcweir } 203cdf0e10cSrcweir 204cdf0e10cSrcweir void XSecController::setDigestValue( rtl::OUString& ouDigestValue ) 205cdf0e10cSrcweir { 206cdf0e10cSrcweir SignatureInformation &si = m_vInternalSignatureInformations[m_vInternalSignatureInformations.size()-1].signatureInfor; 207cdf0e10cSrcweir SignatureReferenceInformation &reference = si.vSignatureReferenceInfors[si.vSignatureReferenceInfors.size()-1]; 208cdf0e10cSrcweir reference.ouDigestValue = ouDigestValue; 209cdf0e10cSrcweir } 210cdf0e10cSrcweir 211cdf0e10cSrcweir void XSecController::setDate( rtl::OUString& ouDate ) 212cdf0e10cSrcweir { 213cdf0e10cSrcweir InternalSignatureInformation &isi = m_vInternalSignatureInformations[m_vInternalSignatureInformations.size()-1]; 214cdf0e10cSrcweir convertDateTime( isi.signatureInfor.stDateTime, ouDate ); 215cdf0e10cSrcweir isi.signatureInfor.ouDateTime = ouDate; 216cdf0e10cSrcweir } 217cdf0e10cSrcweir 218cdf0e10cSrcweir /* 219cdf0e10cSrcweir void XSecController::setTime( rtl::OUString& ouTime ) 220cdf0e10cSrcweir { 221cdf0e10cSrcweir InternalSignatureInformation &isi = m_vInternalSignatureInformations[m_vInternalSignatureInformations.size()-1]; 222cdf0e10cSrcweir isi.signatureInfor.ouTime = ouTime; 223cdf0e10cSrcweir } 224cdf0e10cSrcweir */ 225cdf0e10cSrcweir 226cdf0e10cSrcweir void XSecController::setId( rtl::OUString& ouId ) 227cdf0e10cSrcweir { 228cdf0e10cSrcweir InternalSignatureInformation &isi = m_vInternalSignatureInformations[m_vInternalSignatureInformations.size()-1]; 229cdf0e10cSrcweir isi.signatureInfor.ouSignatureId = ouId; 230cdf0e10cSrcweir } 231cdf0e10cSrcweir 232cdf0e10cSrcweir void XSecController::setPropertyId( rtl::OUString& ouPropertyId ) 233cdf0e10cSrcweir { 234cdf0e10cSrcweir InternalSignatureInformation &isi = m_vInternalSignatureInformations[m_vInternalSignatureInformations.size()-1]; 235cdf0e10cSrcweir isi.signatureInfor.ouPropertyId = ouPropertyId; 236cdf0e10cSrcweir } 237cdf0e10cSrcweir 238cdf0e10cSrcweir /* public: for signature verify */ 239cdf0e10cSrcweir void XSecController::collectToVerify( const rtl::OUString& referenceId ) 240cdf0e10cSrcweir { 241cdf0e10cSrcweir /* DBG_ASSERT( m_xSAXEventKeeper.is(), "the SAXEventKeeper is NULL" ); */ 242cdf0e10cSrcweir 243cdf0e10cSrcweir if ( m_nStatusOfSecurityComponents == INITIALIZED ) 244cdf0e10cSrcweir /* 245cdf0e10cSrcweir * if all security components are ready, verify the signature. 246cdf0e10cSrcweir */ 247cdf0e10cSrcweir { 248cdf0e10cSrcweir bool bJustChainingOn = false; 249cdf0e10cSrcweir cssu::Reference< cssxs::XDocumentHandler > xHandler = NULL; 250cdf0e10cSrcweir 251cdf0e10cSrcweir int i,j; 252cdf0e10cSrcweir int sigNum = m_vInternalSignatureInformations.size(); 253cdf0e10cSrcweir 254cdf0e10cSrcweir for (i=0; i<sigNum; ++i) 255cdf0e10cSrcweir { 256cdf0e10cSrcweir InternalSignatureInformation& isi = m_vInternalSignatureInformations[i]; 257cdf0e10cSrcweir SignatureReferenceInformations& vReferenceInfors = isi.signatureInfor.vSignatureReferenceInfors; 258cdf0e10cSrcweir int refNum = vReferenceInfors.size(); 259cdf0e10cSrcweir 260cdf0e10cSrcweir for (j=0; j<refNum; ++j) 261cdf0e10cSrcweir { 262cdf0e10cSrcweir SignatureReferenceInformation &refInfor = vReferenceInfors[j]; 263cdf0e10cSrcweir 264cdf0e10cSrcweir if (refInfor.ouURI == referenceId) 265cdf0e10cSrcweir { 266cdf0e10cSrcweir if (chainOn(false)) 267cdf0e10cSrcweir { 268cdf0e10cSrcweir bJustChainingOn = true; 269cdf0e10cSrcweir xHandler = m_xSAXEventKeeper->setNextHandler(NULL); 270cdf0e10cSrcweir } 271cdf0e10cSrcweir 272cdf0e10cSrcweir sal_Int32 nKeeperId = m_xSAXEventKeeper->addSecurityElementCollector( 273cdf0e10cSrcweir cssxc::sax::ElementMarkPriority_BEFOREMODIFY, sal_False ); 274cdf0e10cSrcweir 275cdf0e10cSrcweir cssu::Reference<cssxc::sax::XReferenceResolvedBroadcaster> xReferenceResolvedBroadcaster 276cdf0e10cSrcweir (m_xSAXEventKeeper, 277cdf0e10cSrcweir cssu::UNO_QUERY ); 278cdf0e10cSrcweir 279cdf0e10cSrcweir cssu::Reference<cssxc::sax::XReferenceCollector> xReferenceCollector 280cdf0e10cSrcweir ( isi.xReferenceResolvedListener, cssu::UNO_QUERY ); 281cdf0e10cSrcweir 282cdf0e10cSrcweir m_xSAXEventKeeper->setSecurityId(nKeeperId, isi.signatureInfor.nSecurityId); 283cdf0e10cSrcweir xReferenceResolvedBroadcaster->addReferenceResolvedListener( nKeeperId, isi.xReferenceResolvedListener); 284cdf0e10cSrcweir xReferenceCollector->setReferenceId( nKeeperId ); 285cdf0e10cSrcweir 286cdf0e10cSrcweir isi.vKeeperIds[j] = nKeeperId; 287cdf0e10cSrcweir break; 288cdf0e10cSrcweir } 289cdf0e10cSrcweir } 290cdf0e10cSrcweir } 291cdf0e10cSrcweir 292cdf0e10cSrcweir if ( bJustChainingOn ) 293cdf0e10cSrcweir { 294cdf0e10cSrcweir cssu::Reference< cssxs::XDocumentHandler > xSEKHandler(m_xSAXEventKeeper, cssu::UNO_QUERY); 295cdf0e10cSrcweir if (m_xElementStackKeeper.is()) 296cdf0e10cSrcweir { 297cdf0e10cSrcweir m_xElementStackKeeper->retrieve(xSEKHandler, sal_True); 298cdf0e10cSrcweir } 299cdf0e10cSrcweir m_xSAXEventKeeper->setNextHandler(xHandler); 300cdf0e10cSrcweir } 301cdf0e10cSrcweir } 302cdf0e10cSrcweir } 303cdf0e10cSrcweir 304cdf0e10cSrcweir void XSecController::addSignature( sal_Int32 nSignatureId ) 305cdf0e10cSrcweir { 306cdf0e10cSrcweir DBG_ASSERT( m_pXSecParser != NULL, "No XSecParser initialized" ); 307cdf0e10cSrcweir 308cdf0e10cSrcweir m_nReservedSignatureId = nSignatureId; 309cdf0e10cSrcweir m_bVerifyCurrentSignature = true; 310cdf0e10cSrcweir } 311cdf0e10cSrcweir 312cdf0e10cSrcweir cssu::Reference< cssxs::XDocumentHandler > XSecController::createSignatureReader() 313cdf0e10cSrcweir { 314cdf0e10cSrcweir m_pXSecParser = new XSecParser( this, NULL ); 315cdf0e10cSrcweir cssu::Reference< cssl::XInitialization > xInitialization = m_pXSecParser; 316cdf0e10cSrcweir 317cdf0e10cSrcweir setSAXChainConnector(xInitialization, NULL, NULL); 318cdf0e10cSrcweir 319cdf0e10cSrcweir return m_pXSecParser; 320cdf0e10cSrcweir } 321cdf0e10cSrcweir 322cdf0e10cSrcweir void XSecController::releaseSignatureReader() 323cdf0e10cSrcweir { 324cdf0e10cSrcweir clearSAXChainConnector( ); 325cdf0e10cSrcweir m_pXSecParser = NULL; 326cdf0e10cSrcweir } 327cdf0e10cSrcweir 328