1 /*************************************************************************
2  *
3  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
4  *
5  * Copyright 2000, 2010 Oracle and/or its affiliates.
6  *
7  * OpenOffice.org - a multi-platform office productivity suite
8  *
9  * This file is part of OpenOffice.org.
10  *
11  * OpenOffice.org is free software: you can redistribute it and/or modify
12  * it under the terms of the GNU Lesser General Public License version 3
13  * only, as published by the Free Software Foundation.
14  *
15  * OpenOffice.org is distributed in the hope that it will be useful,
16  * but WITHOUT ANY WARRANTY; without even the implied warranty of
17  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
18  * GNU Lesser General Public License version 3 for more details
19  * (a copy is included in the LICENSE file that accompanied this code).
20  *
21  * You should have received a copy of the GNU Lesser General Public License
22  * version 3 along with OpenOffice.org.  If not, see
23  * <http://www.openoffice.org/license.html>
24  * for a copy of the LGPLv3 License.
25  *
26  ************************************************************************/
27 
28 // MARKER(update_precomp.py): autogen include statement, do not remove
29 #include "precompiled_xmlsecurity.hxx"
30 
31 #include <stdio.h>
32 #include "helper.hxx"
33 
34 #include "libxml/tree.h"
35 #include "libxml/parser.h"
36 #ifndef XMLSEC_NO_XSLT
37 #include "libxslt/xslt.h"
38 #endif
39 
40 #include "securityenvironment_nssimpl.hxx"
41 
42 #include <xmlsecurity/biginteger.hxx>
43 
44 
45 #include "nspr.h"
46 #include "prtypes.h"
47 
48 #include "pk11func.h"
49 #include "cert.h"
50 #include "cryptohi.h"
51 #include "certdb.h"
52 #include "nss.h"
53 
54 #include "xmlsec/strings.h"
55 #include "xmlsec/xmltree.h"
56 
57 #include <rtl/ustring.hxx>
58 
59 using namespace ::rtl ;
60 using namespace ::cppu ;
61 using namespace ::com::sun::star::uno ;
62 using namespace ::com::sun::star::io ;
63 using namespace ::com::sun::star::ucb ;
64 using namespace ::com::sun::star::beans ;
65 using namespace ::com::sun::star::document ;
66 using namespace ::com::sun::star::lang ;
67 using namespace ::com::sun::star::security ;
68 using namespace ::com::sun::star::xml::wrapper ;
69 using namespace ::com::sun::star::xml::crypto ;
70 
71 int SAL_CALL main( int argc, char **argv )
72 {
73 	CERTCertDBHandle*	certHandle ;
74 	PK11SlotInfo*		slot ;
75 
76 	if( argc != 3 ) {
77 		fprintf( stderr, "Usage: %s < CertDir > <rdb file>\n\n" , argv[0] ) ;
78 		return 1 ;
79 	}
80 
81 	for( ; getchar() != 'q' ; ) {
82 		slot = NULL ;
83 
84 	//Initialize NSPR and NSS
85 	PR_Init( PR_SYSTEM_THREAD, PR_PRIORITY_NORMAL, 1 ) ;
86 	PK11_SetPasswordFunc( PriPK11PasswordFunc ) ;
87 	if( NSS_Init( argv[1] ) != SECSuccess ) {
88 		fprintf( stderr , "### cannot intialize NSS!\n" ) ;
89 		goto done ;
90 	}
91 
92 	certHandle = CERT_GetDefaultCertDB() ;
93 	slot = PK11_GetInternalKeySlot() ;
94 
95 	if( PK11_NeedLogin( slot ) ) {
96 		SECStatus nRet = PK11_Authenticate( slot, PR_TRUE, NULL );
97 		if( nRet != SECSuccess ) {
98 			fprintf( stderr , "### cannot authehticate the crypto token!\n" ) ;
99 			goto done ;
100 		}
101 	}
102 
103 
104 	try {
105 		Reference< XMultiComponentFactory > xManager = NULL ;
106 		Reference< XComponentContext > xContext = NULL ;
107 
108 		xManager = serviceManager( xContext , OUString::createFromAscii( "local" ), OUString::createFromAscii( argv[2] ) ) ;
109 		OSL_ENSURE( xManager.is() ,
110 			"ServicesManager - "
111 			"Cannot get service manager" ) ;
112 
113 		//Create security environment
114 		//Build Security Environment
115 		Reference< XInterface > xsecenv =
116 			xManager->createInstanceWithContext( OUString::createFromAscii("com.sun.star.xml.security.bridge.xmlsec.SecurityEnvironment_NssImpl"), xContext ) ;
117 		OSL_ENSURE( xsecenv.is() ,
118 			"Signer - "
119 			"Cannot get service instance of \"xsec.SecurityEnvironment\"" ) ;
120 
121 		Reference< XSecurityEnvironment > xSecEnv( xsecenv , UNO_QUERY ) ;
122 		OSL_ENSURE( xSecEnv.is() ,
123 			"Signer - "
124 			"Cannot get interface of \"XSecurityEnvironment\" from service \"xsec.SecurityEnvironment\"" ) ;
125 
126 		//Setup key slot and certDb
127 		Reference< XUnoTunnel > xEnvTunnel( xsecenv , UNO_QUERY ) ;
128 		OSL_ENSURE( xEnvTunnel.is() ,
129 			"Signer - "
130 			"Cannot get interface of \"XUnoTunnel\" from service \"xsec.SecurityEnvironment\"" ) ;
131 
132 		SecurityEnvironment_NssImpl* pSecEnv = ( SecurityEnvironment_NssImpl* )xEnvTunnel->getSomething( SecurityEnvironment_NssImpl::getUnoTunnelId() ) ;
133 		OSL_ENSURE( pSecEnv != NULL ,
134 			"Signer - "
135 			"Cannot get implementation of \"xsec.SecurityEnvironment\"" ) ;
136 
137 		pSecEnv->setCryptoSlot( slot ) ;
138 		pSecEnv->setCertDb( certHandle ) ;
139 
140 		//Get personal certificate
141 		Sequence < Reference< XCertificate > > xPersonalCerts = pSecEnv->getPersonalCertificates() ;
142 		Sequence < Reference< XCertificate > > xCertPath ;
143 		for( int i = 0; i < xPersonalCerts.getLength(); i ++ ) {
144 			//Print the certificate infomation.
145 			fprintf( stdout, "\nPersonal Certificate Info\n" ) ;
146 			fprintf( stdout, "\tCertificate Issuer[%s]\n", OUStringToOString( xPersonalCerts[i]->getIssuerName(), RTL_TEXTENCODING_ASCII_US ).getStr() ) ;
147 			fprintf( stdout, "\tCertificate Serial Number[%s]\n", OUStringToOString( bigIntegerToNumericString( xPersonalCerts[i]->getSerialNumber() ), RTL_TEXTENCODING_ASCII_US ).getStr() ) ;
148 			fprintf( stdout, "\tCertificate Subject[%s]\n", OUStringToOString( xPersonalCerts[i]->getSubjectName(), RTL_TEXTENCODING_ASCII_US ).getStr() ) ;
149 
150 			//build the certificate path
151 			xCertPath = pSecEnv->buildCertificatePath( xPersonalCerts[i] ) ;
152 			//Print the certificate path.
153 			fprintf( stdout, "\tCertificate Path\n" ) ;
154 			for( int j = 0; j < xCertPath.getLength(); j ++ ) {
155 				fprintf( stdout, "\t\tCertificate Authority Subject[%s]\n", OUStringToOString( xCertPath[j]->getSubjectName(), RTL_TEXTENCODING_ASCII_US ).getStr() ) ;
156 			}
157 
158 			//Get the certificate
159 			Sequence < sal_Int8 > serial = xPersonalCerts[i]->getSerialNumber() ;
160 			Reference< XCertificate > xcert = pSecEnv->getCertificate( xPersonalCerts[i]->getIssuerName(), xPersonalCerts[i]->getSerialNumber() ) ;
161 			if( !xcert.is() ) {
162 				fprintf( stdout, "The personal certificate is not in the certificate database\n" ) ;
163 			}
164 
165 			//Get the certificate characters
166 			sal_Int32 chars = pSecEnv->getCertificateCharacters( xPersonalCerts[i] ) ;
167 			fprintf( stdout, "The certificate characters are %d\n", chars ) ;
168 
169 			//Get the certificate status
170 			sal_Int32 validity = pSecEnv->verifyCertificate( xPersonalCerts[i] ) ;
171 			fprintf( stdout, "The certificate validities are %d\n", validity ) ;
172 		}
173 	} catch( Exception& e ) {
174 		fprintf( stderr , "Error Message: %s\n" , OUStringToOString( e.Message , RTL_TEXTENCODING_ASCII_US ).getStr() ) ;
175 		goto done ;
176 	}
177 
178 done:
179 	if( slot != NULL )
180 		PK11_FreeSlot( slot ) ;
181 
182 	PK11_LogoutAll() ;
183 	NSS_Shutdown() ;
184 
185 	}
186 
187 	return 0;
188 }
189 
190