1*06b3ce53SAndrew Rist /**************************************************************
2cdf0e10cSrcweir *
3*06b3ce53SAndrew Rist * Licensed to the Apache Software Foundation (ASF) under one
4*06b3ce53SAndrew Rist * or more contributor license agreements. See the NOTICE file
5*06b3ce53SAndrew Rist * distributed with this work for additional information
6*06b3ce53SAndrew Rist * regarding copyright ownership. The ASF licenses this file
7*06b3ce53SAndrew Rist * to you under the Apache License, Version 2.0 (the
8*06b3ce53SAndrew Rist * "License"); you may not use this file except in compliance
9*06b3ce53SAndrew Rist * with the License. You may obtain a copy of the License at
10*06b3ce53SAndrew Rist *
11*06b3ce53SAndrew Rist * http://www.apache.org/licenses/LICENSE-2.0
12*06b3ce53SAndrew Rist *
13*06b3ce53SAndrew Rist * Unless required by applicable law or agreed to in writing,
14*06b3ce53SAndrew Rist * software distributed under the License is distributed on an
15*06b3ce53SAndrew Rist * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
16*06b3ce53SAndrew Rist * KIND, either express or implied. See the License for the
17*06b3ce53SAndrew Rist * specific language governing permissions and limitations
18*06b3ce53SAndrew Rist * under the License.
19*06b3ce53SAndrew Rist *
20*06b3ce53SAndrew Rist *************************************************************/
21*06b3ce53SAndrew Rist
22*06b3ce53SAndrew Rist
23cdf0e10cSrcweir
24cdf0e10cSrcweir // MARKER(update_precomp.py): autogen include statement, do not remove
25cdf0e10cSrcweir #include "precompiled_xmlsecurity.hxx"
26cdf0e10cSrcweir #include <sal/config.h>
27cdf0e10cSrcweir #include <rtl/uuid.h>
28cdf0e10cSrcweir #include "securityenvironment_nssimpl.hxx"
29cdf0e10cSrcweir
30cdf0e10cSrcweir #ifndef _XMLSECURITYCONTEXT_NSSIMPL_HXX_
31cdf0e10cSrcweir #include "xmlsecuritycontext_nssimpl.hxx"
32cdf0e10cSrcweir #endif
33cdf0e10cSrcweir #include "xmlstreamio.hxx"
34cdf0e10cSrcweir
35cdf0e10cSrcweir #include <sal/types.h>
36cdf0e10cSrcweir //For reasons that escape me, this is what xmlsec does when size_t is not 4
37cdf0e10cSrcweir #if SAL_TYPES_SIZEOFPOINTER != 4
38cdf0e10cSrcweir # define XMLSEC_NO_SIZE_T
39cdf0e10cSrcweir #endif
40cdf0e10cSrcweir #include "xmlsec/xmlsec.h"
41cdf0e10cSrcweir #include "xmlsec/keysmngr.h"
42cdf0e10cSrcweir #include "xmlsec/crypto.h"
43cdf0e10cSrcweir
44cdf0e10cSrcweir using namespace ::com::sun::star::uno ;
45cdf0e10cSrcweir using namespace ::com::sun::star::lang ;
46cdf0e10cSrcweir using ::com::sun::star::lang::XMultiServiceFactory ;
47cdf0e10cSrcweir using ::com::sun::star::lang::XSingleServiceFactory ;
48cdf0e10cSrcweir using ::rtl::OUString ;
49cdf0e10cSrcweir
50cdf0e10cSrcweir using ::com::sun::star::xml::crypto::XSecurityEnvironment ;
51cdf0e10cSrcweir using ::com::sun::star::xml::crypto::XXMLSecurityContext ;
52cdf0e10cSrcweir
XMLSecurityContext_NssImpl(const Reference<XMultiServiceFactory> & aFactory)53cdf0e10cSrcweir XMLSecurityContext_NssImpl :: XMLSecurityContext_NssImpl( const Reference< XMultiServiceFactory >& aFactory )
54cdf0e10cSrcweir ://i39448 : m_pKeysMngr( NULL ) ,
55cdf0e10cSrcweir m_xServiceManager( aFactory ) ,
56cdf0e10cSrcweir m_nDefaultEnvIndex(-1)
57cdf0e10cSrcweir //m_xSecurityEnvironment( NULL )
58cdf0e10cSrcweir {
59cdf0e10cSrcweir //Init xmlsec library
60cdf0e10cSrcweir if( xmlSecInit() < 0 ) {
61cdf0e10cSrcweir throw RuntimeException() ;
62cdf0e10cSrcweir }
63cdf0e10cSrcweir
64cdf0e10cSrcweir //Init xmlsec crypto engine library
65cdf0e10cSrcweir if( xmlSecCryptoInit() < 0 ) {
66cdf0e10cSrcweir xmlSecShutdown() ;
67cdf0e10cSrcweir throw RuntimeException() ;
68cdf0e10cSrcweir }
69cdf0e10cSrcweir
70cdf0e10cSrcweir //Enable external stream handlers
71cdf0e10cSrcweir if( xmlEnableStreamInputCallbacks() < 0 ) {
72cdf0e10cSrcweir xmlSecCryptoShutdown() ;
73cdf0e10cSrcweir xmlSecShutdown() ;
74cdf0e10cSrcweir throw RuntimeException() ;
75cdf0e10cSrcweir }
76cdf0e10cSrcweir }
77cdf0e10cSrcweir
~XMLSecurityContext_NssImpl()78cdf0e10cSrcweir XMLSecurityContext_NssImpl :: ~XMLSecurityContext_NssImpl() {
79cdf0e10cSrcweir #if 0 //i39448
80cdf0e10cSrcweir if( m_pKeysMngr != NULL ) {
81cdf0e10cSrcweir xmlSecKeysMngrDestroy( m_pKeysMngr ) ;
82cdf0e10cSrcweir }
83cdf0e10cSrcweir #endif
84cdf0e10cSrcweir
85cdf0e10cSrcweir xmlDisableStreamInputCallbacks() ;
86cdf0e10cSrcweir xmlSecCryptoShutdown() ;
87cdf0e10cSrcweir xmlSecShutdown() ;
88cdf0e10cSrcweir }
89cdf0e10cSrcweir
90cdf0e10cSrcweir //i39448 : new methods
addSecurityEnvironment(const::com::sun::star::uno::Reference<::com::sun::star::xml::crypto::XSecurityEnvironment> & aSecurityEnvironment)91cdf0e10cSrcweir sal_Int32 SAL_CALL XMLSecurityContext_NssImpl::addSecurityEnvironment(
92cdf0e10cSrcweir const ::com::sun::star::uno::Reference< ::com::sun::star::xml::crypto::XSecurityEnvironment >& aSecurityEnvironment)
93cdf0e10cSrcweir throw (::com::sun::star::security::SecurityInfrastructureException, ::com::sun::star::uno::RuntimeException)
94cdf0e10cSrcweir {
95cdf0e10cSrcweir if( !aSecurityEnvironment.is() )
96cdf0e10cSrcweir {
97cdf0e10cSrcweir throw RuntimeException() ;
98cdf0e10cSrcweir }
99cdf0e10cSrcweir
100cdf0e10cSrcweir m_vSecurityEnvironments.push_back( aSecurityEnvironment );
101cdf0e10cSrcweir
102cdf0e10cSrcweir return m_vSecurityEnvironments.size() - 1 ;
103cdf0e10cSrcweir }
104cdf0e10cSrcweir
105cdf0e10cSrcweir
getSecurityEnvironmentNumber()106cdf0e10cSrcweir sal_Int32 SAL_CALL XMLSecurityContext_NssImpl::getSecurityEnvironmentNumber( )
107cdf0e10cSrcweir throw (::com::sun::star::uno::RuntimeException)
108cdf0e10cSrcweir {
109cdf0e10cSrcweir return m_vSecurityEnvironments.size();
110cdf0e10cSrcweir }
111cdf0e10cSrcweir
112cdf0e10cSrcweir ::com::sun::star::uno::Reference< ::com::sun::star::xml::crypto::XSecurityEnvironment > SAL_CALL
getSecurityEnvironmentByIndex(sal_Int32 index)113cdf0e10cSrcweir XMLSecurityContext_NssImpl::getSecurityEnvironmentByIndex( sal_Int32 index )
114cdf0e10cSrcweir throw (::com::sun::star::uno::RuntimeException)
115cdf0e10cSrcweir {
116cdf0e10cSrcweir ::com::sun::star::uno::Reference< ::com::sun::star::xml::crypto::XSecurityEnvironment > xSecurityEnvironment;
117cdf0e10cSrcweir
118cdf0e10cSrcweir if (index >= 0 && index < ( sal_Int32 )m_vSecurityEnvironments.size())
119cdf0e10cSrcweir {
120cdf0e10cSrcweir xSecurityEnvironment = m_vSecurityEnvironments[index];
121cdf0e10cSrcweir }
122cdf0e10cSrcweir else
123cdf0e10cSrcweir throw RuntimeException() ;
124cdf0e10cSrcweir
125cdf0e10cSrcweir return xSecurityEnvironment;
126cdf0e10cSrcweir }
127cdf0e10cSrcweir
128cdf0e10cSrcweir ::com::sun::star::uno::Reference< ::com::sun::star::xml::crypto::XSecurityEnvironment > SAL_CALL
getSecurityEnvironment()129cdf0e10cSrcweir XMLSecurityContext_NssImpl::getSecurityEnvironment( )
130cdf0e10cSrcweir throw (::com::sun::star::uno::RuntimeException)
131cdf0e10cSrcweir {
132cdf0e10cSrcweir if (m_nDefaultEnvIndex >= 0 && m_nDefaultEnvIndex < ( sal_Int32 )m_vSecurityEnvironments.size())
133cdf0e10cSrcweir return getSecurityEnvironmentByIndex(m_nDefaultEnvIndex);
134cdf0e10cSrcweir else
135cdf0e10cSrcweir throw RuntimeException() ;
136cdf0e10cSrcweir }
137cdf0e10cSrcweir
getDefaultSecurityEnvironmentIndex()138cdf0e10cSrcweir sal_Int32 SAL_CALL XMLSecurityContext_NssImpl::getDefaultSecurityEnvironmentIndex( )
139cdf0e10cSrcweir throw (::com::sun::star::uno::RuntimeException)
140cdf0e10cSrcweir {
141cdf0e10cSrcweir return m_nDefaultEnvIndex ;
142cdf0e10cSrcweir }
143cdf0e10cSrcweir
setDefaultSecurityEnvironmentIndex(sal_Int32 nDefaultEnvIndex)144cdf0e10cSrcweir void SAL_CALL XMLSecurityContext_NssImpl::setDefaultSecurityEnvironmentIndex( sal_Int32 nDefaultEnvIndex )
145cdf0e10cSrcweir throw (::com::sun::star::uno::RuntimeException)
146cdf0e10cSrcweir {
147cdf0e10cSrcweir m_nDefaultEnvIndex = nDefaultEnvIndex;
148cdf0e10cSrcweir }
149cdf0e10cSrcweir
150cdf0e10cSrcweir #if 0 //i39448 : old methods should be deleted
151cdf0e10cSrcweir /* XXMLSecurityContext */
152cdf0e10cSrcweir void SAL_CALL XMLSecurityContext_NssImpl :: setSecurityEnvironment( const Reference< XSecurityEnvironment >& aSecurityEnvironment ) throw( com::sun::star::security::SecurityInfrastructureException ) {
153cdf0e10cSrcweir PK11SlotInfo* slot ;
154cdf0e10cSrcweir CERTCertDBHandle* handler ;
155cdf0e10cSrcweir //xmlSecKeyPtr key ;
156cdf0e10cSrcweir //xmlSecKeyDataPtr keyData ;
157cdf0e10cSrcweir PK11SymKey* symKey ;
158cdf0e10cSrcweir SECKEYPublicKey* pubKey ;
159cdf0e10cSrcweir SECKEYPrivateKey* priKey ;
160cdf0e10cSrcweir unsigned int i ;
161cdf0e10cSrcweir
162cdf0e10cSrcweir if( !aSecurityEnvironment.is() )
163cdf0e10cSrcweir throw RuntimeException() ;
164cdf0e10cSrcweir
165cdf0e10cSrcweir m_xSecurityEnvironment = aSecurityEnvironment ;
166cdf0e10cSrcweir
167cdf0e10cSrcweir //Clear key manager
168cdf0e10cSrcweir if( m_pKeysMngr != NULL ) {
169cdf0e10cSrcweir xmlSecKeysMngrDestroy( m_pKeysMngr ) ;
170cdf0e10cSrcweir m_pKeysMngr = NULL ;
171cdf0e10cSrcweir }
172cdf0e10cSrcweir
173cdf0e10cSrcweir //Create key manager
174cdf0e10cSrcweir Reference< XUnoTunnel > xEnvTunnel( m_xSecurityEnvironment , UNO_QUERY ) ;
175cdf0e10cSrcweir if( !xEnvTunnel.is() ) {
176cdf0e10cSrcweir throw RuntimeException() ;^1
177cdf0e10cSrcweir }
178cdf0e10cSrcweir
179cdf0e10cSrcweir SecurityEnvironment_NssImpl* pSecEnv = ( SecurityEnvironment_NssImpl* )xEnvTunnel->getSomething( SecurityEnvironment_NssImpl::getUnoTunnelId() ) ;
180cdf0e10cSrcweir if( pSecEnv == NULL )
181cdf0e10cSrcweir throw RuntimeException() ;
182cdf0e10cSrcweir
183cdf0e10cSrcweir //todo
184cdf0e10cSrcweir // slot = pSecEnv->getCryptoSlot() ;
185cdf0e10cSrcweir handler = pSecEnv->getCertDb() ;
186cdf0e10cSrcweir
187cdf0e10cSrcweir /*-
188cdf0e10cSrcweir * The following lines is based on the private version of xmlSec-NSS
189cdf0e10cSrcweir * crypto engine
190cdf0e10cSrcweir */
191cdf0e10cSrcweir m_pKeysMngr = xmlSecNssAppliedKeysMngrCreate( slot , handler ) ;
192cdf0e10cSrcweir if( m_pKeysMngr == NULL )
193cdf0e10cSrcweir throw RuntimeException() ;
194cdf0e10cSrcweir
195cdf0e10cSrcweir /*-
196cdf0e10cSrcweir * Adopt symmetric key into keys manager
197cdf0e10cSrcweir */
198cdf0e10cSrcweir for( i = 0 ; ( symKey = pSecEnv->getSymKey( i ) ) != NULL ; i ++ ) {
199cdf0e10cSrcweir if( xmlSecNssAppliedKeysMngrSymKeyLoad( m_pKeysMngr, symKey ) < 0 ) {
200cdf0e10cSrcweir throw RuntimeException() ;
201cdf0e10cSrcweir }
202cdf0e10cSrcweir }
203cdf0e10cSrcweir
204cdf0e10cSrcweir /*-
205cdf0e10cSrcweir * Adopt asymmetric public key into keys manager
206cdf0e10cSrcweir */
207cdf0e10cSrcweir for( i = 0 ; ( pubKey = pSecEnv->getPubKey( i ) ) != NULL ; i ++ ) {
208cdf0e10cSrcweir if( xmlSecNssAppliedKeysMngrPubKeyLoad( m_pKeysMngr, pubKey ) < 0 ) {
209cdf0e10cSrcweir throw RuntimeException() ;
210cdf0e10cSrcweir }
211cdf0e10cSrcweir }
212cdf0e10cSrcweir
213cdf0e10cSrcweir /*-
214cdf0e10cSrcweir * Adopt asymmetric private key into keys manager
215cdf0e10cSrcweir */
216cdf0e10cSrcweir for( i = 0 ; ( priKey = pSecEnv->getPriKey( i ) ) != NULL ; i ++ ) {
217cdf0e10cSrcweir if( xmlSecNssAppliedKeysMngrPriKeyLoad( m_pKeysMngr, priKey ) < 0 ) {
218cdf0e10cSrcweir throw RuntimeException() ;
219cdf0e10cSrcweir }
220cdf0e10cSrcweir }
221cdf0e10cSrcweir }
222cdf0e10cSrcweir
223cdf0e10cSrcweir /* XXMLSecurityContext */
224cdf0e10cSrcweir Reference< XSecurityEnvironment > SAL_CALL XMLSecurityContext_NssImpl :: getSecurityEnvironment()
225cdf0e10cSrcweir throw (RuntimeException)
226cdf0e10cSrcweir {
227cdf0e10cSrcweir return m_xSecurityEnvironment ;
228cdf0e10cSrcweir }
229cdf0e10cSrcweir #endif
230cdf0e10cSrcweir
231cdf0e10cSrcweir
232cdf0e10cSrcweir /* XInitialization */
initialize(const Sequence<Any> &)233cdf0e10cSrcweir void SAL_CALL XMLSecurityContext_NssImpl :: initialize( const Sequence< Any >& /*aArguments*/ ) throw( Exception, RuntimeException ) {
234cdf0e10cSrcweir // TBD
235cdf0e10cSrcweir } ;
236cdf0e10cSrcweir
237cdf0e10cSrcweir /* XServiceInfo */
getImplementationName()238cdf0e10cSrcweir OUString SAL_CALL XMLSecurityContext_NssImpl :: getImplementationName() throw( RuntimeException ) {
239cdf0e10cSrcweir return impl_getImplementationName() ;
240cdf0e10cSrcweir }
241cdf0e10cSrcweir
242cdf0e10cSrcweir /* XServiceInfo */
supportsService(const OUString & serviceName)243cdf0e10cSrcweir sal_Bool SAL_CALL XMLSecurityContext_NssImpl :: supportsService( const OUString& serviceName) throw( RuntimeException ) {
244cdf0e10cSrcweir Sequence< OUString > seqServiceNames = getSupportedServiceNames() ;
245cdf0e10cSrcweir const OUString* pArray = seqServiceNames.getConstArray() ;
246cdf0e10cSrcweir for( sal_Int32 i = 0 ; i < seqServiceNames.getLength() ; i ++ ) {
247cdf0e10cSrcweir if( *( pArray + i ) == serviceName )
248cdf0e10cSrcweir return sal_True ;
249cdf0e10cSrcweir }
250cdf0e10cSrcweir return sal_False ;
251cdf0e10cSrcweir }
252cdf0e10cSrcweir
253cdf0e10cSrcweir /* XServiceInfo */
getSupportedServiceNames()254cdf0e10cSrcweir Sequence< OUString > SAL_CALL XMLSecurityContext_NssImpl :: getSupportedServiceNames() throw( RuntimeException ) {
255cdf0e10cSrcweir return impl_getSupportedServiceNames() ;
256cdf0e10cSrcweir }
257cdf0e10cSrcweir
258cdf0e10cSrcweir //Helper for XServiceInfo
impl_getSupportedServiceNames()259cdf0e10cSrcweir Sequence< OUString > XMLSecurityContext_NssImpl :: impl_getSupportedServiceNames() {
260cdf0e10cSrcweir ::osl::Guard< ::osl::Mutex > aGuard( ::osl::Mutex::getGlobalMutex() ) ;
261cdf0e10cSrcweir Sequence< OUString > seqServiceNames( 1 ) ;
262cdf0e10cSrcweir seqServiceNames.getArray()[0] = OUString::createFromAscii( "com.sun.star.xml.crypto.XMLSecurityContext" ) ;
263cdf0e10cSrcweir return seqServiceNames ;
264cdf0e10cSrcweir }
265cdf0e10cSrcweir
impl_getImplementationName()266cdf0e10cSrcweir OUString XMLSecurityContext_NssImpl :: impl_getImplementationName() throw( RuntimeException ) {
267cdf0e10cSrcweir return OUString::createFromAscii( "com.sun.star.xml.security.bridge.xmlsec.XMLSecurityContext_NssImpl" ) ;
268cdf0e10cSrcweir }
269cdf0e10cSrcweir
270cdf0e10cSrcweir //Helper for registry
impl_createInstance(const Reference<XMultiServiceFactory> & aServiceManager)271cdf0e10cSrcweir Reference< XInterface > SAL_CALL XMLSecurityContext_NssImpl :: impl_createInstance( const Reference< XMultiServiceFactory >& aServiceManager ) throw( RuntimeException ) {
272cdf0e10cSrcweir return Reference< XInterface >( *new XMLSecurityContext_NssImpl( aServiceManager ) ) ;
273cdf0e10cSrcweir }
274cdf0e10cSrcweir
impl_createFactory(const Reference<XMultiServiceFactory> & aServiceManager)275cdf0e10cSrcweir Reference< XSingleServiceFactory > XMLSecurityContext_NssImpl :: impl_createFactory( const Reference< XMultiServiceFactory >& aServiceManager ) {
276cdf0e10cSrcweir //Reference< XSingleServiceFactory > xFactory ;
277cdf0e10cSrcweir //xFactory = ::cppu::createSingleFactory( aServiceManager , impl_getImplementationName , impl_createInstance , impl_getSupportedServiceNames ) ;
278cdf0e10cSrcweir //return xFactory ;
279cdf0e10cSrcweir return ::cppu::createSingleFactory( aServiceManager , impl_getImplementationName() , impl_createInstance , impl_getSupportedServiceNames() ) ;
280cdf0e10cSrcweir }
281cdf0e10cSrcweir
282cdf0e10cSrcweir #if 0 //not useful any longer
283cdf0e10cSrcweir /* XUnoTunnel */
284cdf0e10cSrcweir sal_Int64 SAL_CALL XMLSecurityContext_NssImpl :: getSomething( const Sequence< sal_Int8 >& aIdentifier )
285cdf0e10cSrcweir throw (RuntimeException)
286cdf0e10cSrcweir {
287cdf0e10cSrcweir if( aIdentifier.getLength() == 16 && 0 == rtl_compareMemory( getUnoTunnelId().getConstArray(), aIdentifier.getConstArray(), 16 ) ) {
288cdf0e10cSrcweir return ( sal_Int64 )this ;
289cdf0e10cSrcweir }
290cdf0e10cSrcweir return 0 ;
291cdf0e10cSrcweir }
292cdf0e10cSrcweir
293cdf0e10cSrcweir /* XUnoTunnel extension */
294cdf0e10cSrcweir const Sequence< sal_Int8>& XMLSecurityContext_NssImpl :: getUnoTunnelId() {
295cdf0e10cSrcweir static Sequence< sal_Int8 >* pSeq = 0 ;
296cdf0e10cSrcweir if( !pSeq ) {
297cdf0e10cSrcweir ::osl::Guard< ::osl::Mutex > aGuard( ::osl::Mutex::getGlobalMutex() ) ;
298cdf0e10cSrcweir if( !pSeq ) {
299cdf0e10cSrcweir static Sequence< sal_Int8> aSeq( 16 ) ;
300cdf0e10cSrcweir rtl_createUuid( ( sal_uInt8* )aSeq.getArray() , 0 , sal_True ) ;
301cdf0e10cSrcweir pSeq = &aSeq ;
302cdf0e10cSrcweir }
303cdf0e10cSrcweir }
304cdf0e10cSrcweir return *pSeq ;
305cdf0e10cSrcweir }
306cdf0e10cSrcweir
307cdf0e10cSrcweir /* XUnoTunnel extension */
308cdf0e10cSrcweir XMLSecurityContext_NssImpl* XMLSecurityContext_NssImpl :: getImplementation( const Reference< XInterface > xObj ) {
309cdf0e10cSrcweir Reference< XUnoTunnel > xUT( xObj , UNO_QUERY ) ;
310cdf0e10cSrcweir if( xUT.is() ) {
311cdf0e10cSrcweir return ( XMLSecurityContext_NssImpl* )xUT->getSomething( getUnoTunnelId() ) ;
312cdf0e10cSrcweir } else
313cdf0e10cSrcweir return NULL ;
314cdf0e10cSrcweir }
315cdf0e10cSrcweir
316cdf0e10cSrcweir /* Native methods */
317cdf0e10cSrcweir xmlSecKeysMngrPtr XMLSecurityContext_NssImpl :: keysManager() throw( Exception, RuntimeException ) {
318cdf0e10cSrcweir return m_pKeysMngr ;
319cdf0e10cSrcweir }
320cdf0e10cSrcweir
321cdf0e10cSrcweir #endif
322