1*cdf0e10cSrcweir /************************************************************************* 2*cdf0e10cSrcweir * 3*cdf0e10cSrcweir * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. 4*cdf0e10cSrcweir * 5*cdf0e10cSrcweir * Copyright 2000, 2010 Oracle and/or its affiliates. 6*cdf0e10cSrcweir * 7*cdf0e10cSrcweir * OpenOffice.org - a multi-platform office productivity suite 8*cdf0e10cSrcweir * 9*cdf0e10cSrcweir * This file is part of OpenOffice.org. 10*cdf0e10cSrcweir * 11*cdf0e10cSrcweir * OpenOffice.org is free software: you can redistribute it and/or modify 12*cdf0e10cSrcweir * it under the terms of the GNU Lesser General Public License version 3 13*cdf0e10cSrcweir * only, as published by the Free Software Foundation. 14*cdf0e10cSrcweir * 15*cdf0e10cSrcweir * OpenOffice.org is distributed in the hope that it will be useful, 16*cdf0e10cSrcweir * but WITHOUT ANY WARRANTY; without even the implied warranty of 17*cdf0e10cSrcweir * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 18*cdf0e10cSrcweir * GNU Lesser General Public License version 3 for more details 19*cdf0e10cSrcweir * (a copy is included in the LICENSE file that accompanied this code). 20*cdf0e10cSrcweir * 21*cdf0e10cSrcweir * You should have received a copy of the GNU Lesser General Public License 22*cdf0e10cSrcweir * version 3 along with OpenOffice.org. If not, see 23*cdf0e10cSrcweir * <http://www.openoffice.org/license.html> 24*cdf0e10cSrcweir * for a copy of the LGPLv3 License. 25*cdf0e10cSrcweir * 26*cdf0e10cSrcweir ************************************************************************/ 27*cdf0e10cSrcweir 28*cdf0e10cSrcweir // MARKER(update_precomp.py): autogen include statement, do not remove 29*cdf0e10cSrcweir #include "precompiled_xmlsecurity.hxx" 30*cdf0e10cSrcweir 31*cdf0e10cSrcweir #include <stdio.h> 32*cdf0e10cSrcweir #include "helper.hxx" 33*cdf0e10cSrcweir 34*cdf0e10cSrcweir #include "libxml/tree.h" 35*cdf0e10cSrcweir #include "libxml/parser.h" 36*cdf0e10cSrcweir #ifndef XMLSEC_NO_XSLT 37*cdf0e10cSrcweir #include "libxslt/xslt.h" 38*cdf0e10cSrcweir #endif 39*cdf0e10cSrcweir 40*cdf0e10cSrcweir #include "securityenvironment_nssimpl.hxx" 41*cdf0e10cSrcweir 42*cdf0e10cSrcweir #include <xmlsecurity/biginteger.hxx> 43*cdf0e10cSrcweir 44*cdf0e10cSrcweir 45*cdf0e10cSrcweir #include "nspr.h" 46*cdf0e10cSrcweir #include "prtypes.h" 47*cdf0e10cSrcweir 48*cdf0e10cSrcweir #include "pk11func.h" 49*cdf0e10cSrcweir #include "cert.h" 50*cdf0e10cSrcweir #include "cryptohi.h" 51*cdf0e10cSrcweir #include "certdb.h" 52*cdf0e10cSrcweir #include "nss.h" 53*cdf0e10cSrcweir 54*cdf0e10cSrcweir #include "xmlsec/strings.h" 55*cdf0e10cSrcweir #include "xmlsec/xmltree.h" 56*cdf0e10cSrcweir 57*cdf0e10cSrcweir #include <rtl/ustring.hxx> 58*cdf0e10cSrcweir 59*cdf0e10cSrcweir using namespace ::rtl ; 60*cdf0e10cSrcweir using namespace ::cppu ; 61*cdf0e10cSrcweir using namespace ::com::sun::star::uno ; 62*cdf0e10cSrcweir using namespace ::com::sun::star::io ; 63*cdf0e10cSrcweir using namespace ::com::sun::star::ucb ; 64*cdf0e10cSrcweir using namespace ::com::sun::star::beans ; 65*cdf0e10cSrcweir using namespace ::com::sun::star::document ; 66*cdf0e10cSrcweir using namespace ::com::sun::star::lang ; 67*cdf0e10cSrcweir using namespace ::com::sun::star::security ; 68*cdf0e10cSrcweir using namespace ::com::sun::star::xml::wrapper ; 69*cdf0e10cSrcweir using namespace ::com::sun::star::xml::crypto ; 70*cdf0e10cSrcweir 71*cdf0e10cSrcweir int SAL_CALL main( int argc, char **argv ) 72*cdf0e10cSrcweir { 73*cdf0e10cSrcweir CERTCertDBHandle* certHandle ; 74*cdf0e10cSrcweir PK11SlotInfo* slot ; 75*cdf0e10cSrcweir 76*cdf0e10cSrcweir if( argc != 3 ) { 77*cdf0e10cSrcweir fprintf( stderr, "Usage: %s < CertDir > <rdb file>\n\n" , argv[0] ) ; 78*cdf0e10cSrcweir return 1 ; 79*cdf0e10cSrcweir } 80*cdf0e10cSrcweir 81*cdf0e10cSrcweir for( ; getchar() != 'q' ; ) { 82*cdf0e10cSrcweir slot = NULL ; 83*cdf0e10cSrcweir 84*cdf0e10cSrcweir //Initialize NSPR and NSS 85*cdf0e10cSrcweir PR_Init( PR_SYSTEM_THREAD, PR_PRIORITY_NORMAL, 1 ) ; 86*cdf0e10cSrcweir PK11_SetPasswordFunc( PriPK11PasswordFunc ) ; 87*cdf0e10cSrcweir if( NSS_Init( argv[1] ) != SECSuccess ) { 88*cdf0e10cSrcweir fprintf( stderr , "### cannot intialize NSS!\n" ) ; 89*cdf0e10cSrcweir goto done ; 90*cdf0e10cSrcweir } 91*cdf0e10cSrcweir 92*cdf0e10cSrcweir certHandle = CERT_GetDefaultCertDB() ; 93*cdf0e10cSrcweir slot = PK11_GetInternalKeySlot() ; 94*cdf0e10cSrcweir 95*cdf0e10cSrcweir if( PK11_NeedLogin( slot ) ) { 96*cdf0e10cSrcweir SECStatus nRet = PK11_Authenticate( slot, PR_TRUE, NULL ); 97*cdf0e10cSrcweir if( nRet != SECSuccess ) { 98*cdf0e10cSrcweir fprintf( stderr , "### cannot authehticate the crypto token!\n" ) ; 99*cdf0e10cSrcweir goto done ; 100*cdf0e10cSrcweir } 101*cdf0e10cSrcweir } 102*cdf0e10cSrcweir 103*cdf0e10cSrcweir 104*cdf0e10cSrcweir try { 105*cdf0e10cSrcweir Reference< XMultiComponentFactory > xManager = NULL ; 106*cdf0e10cSrcweir Reference< XComponentContext > xContext = NULL ; 107*cdf0e10cSrcweir 108*cdf0e10cSrcweir xManager = serviceManager( xContext , OUString::createFromAscii( "local" ), OUString::createFromAscii( argv[2] ) ) ; 109*cdf0e10cSrcweir OSL_ENSURE( xManager.is() , 110*cdf0e10cSrcweir "ServicesManager - " 111*cdf0e10cSrcweir "Cannot get service manager" ) ; 112*cdf0e10cSrcweir 113*cdf0e10cSrcweir //Create security environment 114*cdf0e10cSrcweir //Build Security Environment 115*cdf0e10cSrcweir Reference< XInterface > xsecenv = 116*cdf0e10cSrcweir xManager->createInstanceWithContext( OUString::createFromAscii("com.sun.star.xml.security.bridge.xmlsec.SecurityEnvironment_NssImpl"), xContext ) ; 117*cdf0e10cSrcweir OSL_ENSURE( xsecenv.is() , 118*cdf0e10cSrcweir "Signer - " 119*cdf0e10cSrcweir "Cannot get service instance of \"xsec.SecurityEnvironment\"" ) ; 120*cdf0e10cSrcweir 121*cdf0e10cSrcweir Reference< XSecurityEnvironment > xSecEnv( xsecenv , UNO_QUERY ) ; 122*cdf0e10cSrcweir OSL_ENSURE( xSecEnv.is() , 123*cdf0e10cSrcweir "Signer - " 124*cdf0e10cSrcweir "Cannot get interface of \"XSecurityEnvironment\" from service \"xsec.SecurityEnvironment\"" ) ; 125*cdf0e10cSrcweir 126*cdf0e10cSrcweir //Setup key slot and certDb 127*cdf0e10cSrcweir Reference< XUnoTunnel > xEnvTunnel( xsecenv , UNO_QUERY ) ; 128*cdf0e10cSrcweir OSL_ENSURE( xEnvTunnel.is() , 129*cdf0e10cSrcweir "Signer - " 130*cdf0e10cSrcweir "Cannot get interface of \"XUnoTunnel\" from service \"xsec.SecurityEnvironment\"" ) ; 131*cdf0e10cSrcweir 132*cdf0e10cSrcweir SecurityEnvironment_NssImpl* pSecEnv = ( SecurityEnvironment_NssImpl* )xEnvTunnel->getSomething( SecurityEnvironment_NssImpl::getUnoTunnelId() ) ; 133*cdf0e10cSrcweir OSL_ENSURE( pSecEnv != NULL , 134*cdf0e10cSrcweir "Signer - " 135*cdf0e10cSrcweir "Cannot get implementation of \"xsec.SecurityEnvironment\"" ) ; 136*cdf0e10cSrcweir 137*cdf0e10cSrcweir pSecEnv->setCryptoSlot( slot ) ; 138*cdf0e10cSrcweir pSecEnv->setCertDb( certHandle ) ; 139*cdf0e10cSrcweir 140*cdf0e10cSrcweir //Get personal certificate 141*cdf0e10cSrcweir Sequence < Reference< XCertificate > > xPersonalCerts = pSecEnv->getPersonalCertificates() ; 142*cdf0e10cSrcweir Sequence < Reference< XCertificate > > xCertPath ; 143*cdf0e10cSrcweir for( int i = 0; i < xPersonalCerts.getLength(); i ++ ) { 144*cdf0e10cSrcweir //Print the certificate infomation. 145*cdf0e10cSrcweir fprintf( stdout, "\nPersonal Certificate Info\n" ) ; 146*cdf0e10cSrcweir fprintf( stdout, "\tCertificate Issuer[%s]\n", OUStringToOString( xPersonalCerts[i]->getIssuerName(), RTL_TEXTENCODING_ASCII_US ).getStr() ) ; 147*cdf0e10cSrcweir fprintf( stdout, "\tCertificate Serial Number[%s]\n", OUStringToOString( bigIntegerToNumericString( xPersonalCerts[i]->getSerialNumber() ), RTL_TEXTENCODING_ASCII_US ).getStr() ) ; 148*cdf0e10cSrcweir fprintf( stdout, "\tCertificate Subject[%s]\n", OUStringToOString( xPersonalCerts[i]->getSubjectName(), RTL_TEXTENCODING_ASCII_US ).getStr() ) ; 149*cdf0e10cSrcweir 150*cdf0e10cSrcweir //build the certificate path 151*cdf0e10cSrcweir xCertPath = pSecEnv->buildCertificatePath( xPersonalCerts[i] ) ; 152*cdf0e10cSrcweir //Print the certificate path. 153*cdf0e10cSrcweir fprintf( stdout, "\tCertificate Path\n" ) ; 154*cdf0e10cSrcweir for( int j = 0; j < xCertPath.getLength(); j ++ ) { 155*cdf0e10cSrcweir fprintf( stdout, "\t\tCertificate Authority Subject[%s]\n", OUStringToOString( xCertPath[j]->getSubjectName(), RTL_TEXTENCODING_ASCII_US ).getStr() ) ; 156*cdf0e10cSrcweir } 157*cdf0e10cSrcweir 158*cdf0e10cSrcweir //Get the certificate 159*cdf0e10cSrcweir Sequence < sal_Int8 > serial = xPersonalCerts[i]->getSerialNumber() ; 160*cdf0e10cSrcweir Reference< XCertificate > xcert = pSecEnv->getCertificate( xPersonalCerts[i]->getIssuerName(), xPersonalCerts[i]->getSerialNumber() ) ; 161*cdf0e10cSrcweir if( !xcert.is() ) { 162*cdf0e10cSrcweir fprintf( stdout, "The personal certificate is not in the certificate database\n" ) ; 163*cdf0e10cSrcweir } 164*cdf0e10cSrcweir 165*cdf0e10cSrcweir //Get the certificate characters 166*cdf0e10cSrcweir sal_Int32 chars = pSecEnv->getCertificateCharacters( xPersonalCerts[i] ) ; 167*cdf0e10cSrcweir fprintf( stdout, "The certificate characters are %d\n", chars ) ; 168*cdf0e10cSrcweir 169*cdf0e10cSrcweir //Get the certificate status 170*cdf0e10cSrcweir sal_Int32 validity = pSecEnv->verifyCertificate( xPersonalCerts[i] ) ; 171*cdf0e10cSrcweir fprintf( stdout, "The certificate validities are %d\n", validity ) ; 172*cdf0e10cSrcweir } 173*cdf0e10cSrcweir } catch( Exception& e ) { 174*cdf0e10cSrcweir fprintf( stderr , "Error Message: %s\n" , OUStringToOString( e.Message , RTL_TEXTENCODING_ASCII_US ).getStr() ) ; 175*cdf0e10cSrcweir goto done ; 176*cdf0e10cSrcweir } 177*cdf0e10cSrcweir 178*cdf0e10cSrcweir done: 179*cdf0e10cSrcweir if( slot != NULL ) 180*cdf0e10cSrcweir PK11_FreeSlot( slot ) ; 181*cdf0e10cSrcweir 182*cdf0e10cSrcweir PK11_LogoutAll() ; 183*cdf0e10cSrcweir NSS_Shutdown() ; 184*cdf0e10cSrcweir 185*cdf0e10cSrcweir } 186*cdf0e10cSrcweir 187*cdf0e10cSrcweir return 0; 188*cdf0e10cSrcweir } 189*cdf0e10cSrcweir 190