1 /**************************************************************
2 *
3 * Licensed to the Apache Software Foundation (ASF) under one
4 * or more contributor license agreements. See the NOTICE file
5 * distributed with this work for additional information
6 * regarding copyright ownership. The ASF licenses this file
7 * to you under the Apache License, Version 2.0 (the
8 * "License"); you may not use this file except in compliance
9 * with the License. You may obtain a copy of the License at
10 *
11 * http://www.apache.org/licenses/LICENSE-2.0
12 *
13 * Unless required by applicable law or agreed to in writing,
14 * software distributed under the License is distributed on an
15 * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
16 * KIND, either express or implied. See the License for the
17 * specific language governing permissions and limitations
18 * under the License.
19 *
20 *************************************************************/
21
22
23
24 // MARKER(update_precomp.py): autogen include statement, do not remove
25 #include "precompiled_xmlsecurity.hxx"
26
27 #include <stdio.h>
28 #include "helper.hxx"
29
30 #include "libxml/tree.h"
31 #include "libxml/parser.h"
32 #ifndef XMLSEC_NO_XSLT
33 #include "libxslt/xslt.h"
34 #endif
35
36 #include "securityenvironment_nssimpl.hxx"
37 #include "xmlelementwrapper_xmlsecimpl.hxx"
38
39 #include "nspr.h"
40 #include "prtypes.h"
41
42 #include "pk11func.h"
43 #include "cert.h"
44 #include "cryptohi.h"
45 #include "certdb.h"
46 #include "nss.h"
47
48 #include "xmlsec/strings.h"
49 #include "xmlsec/xmltree.h"
50
51 #include <rtl/ustring.hxx>
52 #include <cppuhelper/servicefactory.hxx>
53
54 #include <com/sun/star/lang/XComponent.hpp>
55 #include <com/sun/star/beans/PropertyValue.hpp>
56 #include <com/sun/star/xml/wrapper/XXMLElementWrapper.hpp>
57 #include <com/sun/star/xml/wrapper/XXMLDocumentWrapper.hpp>
58 #include <com/sun/star/xml/crypto/XXMLSignature.hpp>
59 #include <com/sun/star/xml/crypto/XXMLSignatureTemplate.hpp>
60 #include <com/sun/star/xml/crypto/XXMLSecurityContext.hpp>
61 #include <com/sun/star/xml/crypto/XSecurityEnvironment.hpp>
62
63 using namespace ::rtl ;
64 using namespace ::cppu ;
65 using namespace ::com::sun::star::uno ;
66 using namespace ::com::sun::star::io ;
67 using namespace ::com::sun::star::ucb ;
68 using namespace ::com::sun::star::beans ;
69 using namespace ::com::sun::star::document ;
70 using namespace ::com::sun::star::lang ;
71 using namespace ::com::sun::star::registry ;
72 using namespace ::com::sun::star::xml::wrapper ;
73 using namespace ::com::sun::star::xml::crypto ;
74
75
main(int argc,char ** argv)76 int SAL_CALL main( int argc, char **argv )
77 {
78 CERTCertDBHandle* certHandle = NULL ;
79 PK11SlotInfo* slot = NULL ;
80 xmlDocPtr doc = NULL ;
81 xmlNodePtr tplNode ;
82 xmlNodePtr tarNode ;
83 xmlAttrPtr idAttr ;
84 xmlChar* idValue ;
85 xmlAttrPtr uriAttr ;
86 xmlChar* uriValue ;
87 OUString* uri = NULL ;
88 Reference< XUriBinding > xUriBinding ;
89
90 if( argc != 4 ) {
91 fprintf( stderr, "Usage: %s < CertDir > <file_url> <rdb file>\n" , argv[0] ) ;
92 return 1 ;
93 }
94
95 //Init libxml and libxslt libraries
96 xmlInitParser();
97 LIBXML_TEST_VERSION
98 xmlLoadExtDtdDefaultValue = XML_DETECT_IDS | XML_COMPLETE_ATTRS;
99 xmlSubstituteEntitiesDefault(1);
100
101 #ifndef XMLSEC_NO_XSLT
102 xmlIndentTreeOutput = 1;
103 #endif // XMLSEC_NO_XSLT
104
105
106 //Initialize NSPR and NSS
107 PR_Init( PR_SYSTEM_THREAD, PR_PRIORITY_NORMAL, 1 ) ;
108 PK11_SetPasswordFunc( PriPK11PasswordFunc ) ;
109 if( NSS_Init( argv[1] ) != SECSuccess ) {
110 fprintf( stderr , "### cannot intialize NSS!\n" ) ;
111 return 1 ;
112 }
113
114 certHandle = CERT_GetDefaultCertDB() ;
115 slot = PK11_GetInternalKeySlot() ;
116
117 //Load XML document
118 doc = xmlParseFile( argv[2] ) ;
119 if( doc == NULL || xmlDocGetRootElement( doc ) == NULL ) {
120 fprintf( stderr , "### Cannot load template xml document!\n" ) ;
121 goto done ;
122 }
123
124 //Find the signature template
125 tplNode = xmlSecFindNode( xmlDocGetRootElement( doc ), xmlSecNodeSignature, xmlSecDSigNs ) ;
126 if( tplNode == NULL ) {
127 fprintf( stderr , "### Cannot find the signature template!\n" ) ;
128 goto done ;
129 }
130
131 //Find the element with ID attribute
132 tarNode = xmlSecFindNode( xmlDocGetRootElement( doc ), ( xmlChar* )"document", ( xmlChar* )"http://openoffice.org/2000/office" ) ;
133 if( tarNode == NULL ) {
134 tarNode = xmlSecFindNode( xmlDocGetRootElement( doc ), ( xmlChar* )"document", NULL ) ;
135 }
136
137 //Find the "id" attrbute in the element
138 if( tarNode != NULL ) {
139 if( ( idAttr = xmlHasProp( tarNode, ( xmlChar* )"id" ) ) != NULL ) {
140 //NULL
141 } else if( ( idAttr = xmlHasProp( tarNode, ( xmlChar* )"Id" ) ) != NULL ) {
142 //NULL
143 } else {
144 idAttr = NULL ;
145 }
146 }
147
148 //Add ID to DOM
149 if( idAttr != NULL ) {
150 idValue = xmlNodeListGetString( tarNode->doc, idAttr->children, 1 ) ;
151 if( idValue == NULL ) {
152 fprintf( stderr , "### the ID value is NULL!\n" ) ;
153 goto done ;
154 }
155
156 if( xmlAddID( NULL, doc, idValue, idAttr ) == NULL ) {
157 fprintf( stderr , "### Can not add the ID value!\n" ) ;
158 goto done ;
159 }
160 }
161
162 //Reference handler
163 //Find the signature reference
164 tarNode = xmlSecFindNode( tplNode, xmlSecNodeReference, xmlSecDSigNs ) ;
165 if( tarNode == NULL ) {
166 fprintf( stderr , "### Cannot find the signature reference!\n" ) ;
167 goto done ;
168 }
169
170 //Find the "URI" attrbute in the reference
171 uriAttr = xmlHasProp( tarNode, ( xmlChar* )"URI" ) ;
172 if( tarNode == NULL ) {
173 fprintf( stderr , "### Cannot find URI of the reference!\n" ) ;
174 goto done ;
175 }
176
177 //Get the "URI" attrbute value
178 uriValue = xmlNodeListGetString( tarNode->doc, uriAttr->children, 1 ) ;
179 if( uriValue == NULL ) {
180 fprintf( stderr , "### the URI value is NULL!\n" ) ;
181 goto done ;
182 }
183
184 if( strchr( ( const char* )uriValue, '/' ) != NULL && strchr( ( const char* )uriValue, '#' ) == NULL ) {
185 fprintf( stdout , "### Find a stream URI [%s]\n", uriValue ) ;
186 // uri = new ::rtl::OUString( ( const sal_Unicode* )uriValue ) ;
187 uri = new ::rtl::OUString( ( const sal_Char* )uriValue, xmlStrlen( uriValue ), RTL_TEXTENCODING_ASCII_US ) ;
188 }
189
190 if( uri != NULL ) {
191 fprintf( stdout , "### Find the URI [%s]\n", OUStringToOString( *uri , RTL_TEXTENCODING_ASCII_US ).getStr() ) ;
192 Reference< XInputStream > xStream = createStreamFromFile( *uri ) ;
193 if( !xStream.is() ) {
194 fprintf( stderr , "### Can not get the URI stream!\n" ) ;
195 goto done ;
196 }
197
198 xUriBinding = new OUriBinding( *uri, xStream ) ;
199 }
200
201
202 try {
203 Reference< XMultiComponentFactory > xManager = NULL ;
204 Reference< XComponentContext > xContext = NULL ;
205
206 xManager = serviceManager( xContext , OUString::createFromAscii( "local" ), OUString::createFromAscii( argv[3] ) ) ;
207
208 //Create signature template
209 Reference< XInterface > element =
210 xManager->createInstanceWithContext( OUString::createFromAscii( "com.sun.star.xml.security.bridge.xmlsec.XMLElementWrapper_XmlSecImpl" ) , xContext ) ;
211 OSL_ENSURE( element.is() ,
212 "Verifier - "
213 "Cannot get service instance of \"xsec.XMLElementWrapper\"" ) ;
214
215 Reference< XXMLElementWrapper > xElement( element , UNO_QUERY ) ;
216 OSL_ENSURE( xElement.is() ,
217 "Verifier - "
218 "Cannot get interface of \"XXMLElementWrapper\" from service \"xsec.XMLElementWrapper\"" ) ;
219
220 Reference< XUnoTunnel > xEleTunnel( xElement , UNO_QUERY ) ;
221 OSL_ENSURE( xEleTunnel.is() ,
222 "Verifier - "
223 "Cannot get interface of \"XUnoTunnel\" from service \"xsec.XMLElement\"" ) ;
224
225 XMLElementWrapper_XmlSecImpl* pElement = ( XMLElementWrapper_XmlSecImpl* )xEleTunnel->getSomething( XMLElementWrapper_XmlSecImpl::getUnoTunnelImplementationId() ) ;
226 OSL_ENSURE( pElement != NULL ,
227 "Verifier - "
228 "Cannot get implementation of \"xsec.XMLElementWrapper\"" ) ;
229
230 //Set signature template
231 pElement->setNativeElement( tplNode ) ;
232
233 //Build XML Signature template
234 Reference< XInterface > signtpl =
235 xManager->createInstanceWithContext( OUString::createFromAscii("com.sun.star.xml.crypto.XMLSignatureTemplate"), xContext ) ;
236 OSL_ENSURE( signtpl.is() ,
237 "Verifier - "
238 "Cannot get service instance of \"xsec.XMLSignatureTemplate\"" ) ;
239
240 Reference< XXMLSignatureTemplate > xTemplate( signtpl , UNO_QUERY ) ;
241 OSL_ENSURE( xTemplate.is() ,
242 "Verifier - "
243 "Cannot get interface of \"XXMLSignatureTemplate\" from service \"xsec.XMLSignatureTemplate\"" ) ;
244
245 //Import the signature template
246 xTemplate->setTemplate( xElement ) ;
247
248 //Import the URI/Stream binding
249 if( xUriBinding.is() )
250 xTemplate->setBinding( xUriBinding ) ;
251
252 //Create security environment
253 //Build Security Environment
254 Reference< XInterface > xsecenv =
255 xManager->createInstanceWithContext( OUString::createFromAscii("com.sun.star.xml.security.bridge.xmlsec.SecurityEnvironment_NssImpl"), xContext ) ;
256 OSL_ENSURE( xsecenv.is() ,
257 "Verifier - "
258 "Cannot get service instance of \"xsec.SecurityEnvironment\"" ) ;
259
260 Reference< XSecurityEnvironment > xSecEnv( xsecenv , UNO_QUERY ) ;
261 OSL_ENSURE( xSecEnv.is() ,
262 "Verifier - "
263 "Cannot get interface of \"XSecurityEnvironment\" from service \"xsec.SecurityEnvironment\"" ) ;
264
265 //Setup key slot and certDb
266 Reference< XUnoTunnel > xEnvTunnel( xsecenv , UNO_QUERY ) ;
267 OSL_ENSURE( xElement.is() ,
268 "Verifier - "
269 "Cannot get interface of \"XUnoTunnel\" from service \"xsec.SecurityEnvironment\"" ) ;
270
271 SecurityEnvironment_NssImpl* pSecEnv = ( SecurityEnvironment_NssImpl* )xEnvTunnel->getSomething( SecurityEnvironment_NssImpl::getUnoTunnelId() ) ;
272 OSL_ENSURE( pSecEnv != NULL ,
273 "Verifier - "
274 "Cannot get implementation of \"xsec.SecurityEnvironment\"" ) ;
275
276 pSecEnv->setCryptoSlot( slot ) ;
277 pSecEnv->setCertDb( certHandle ) ;
278
279 //Build XML Security Context
280 Reference< XInterface > xmlsecctx =
281 xManager->createInstanceWithContext( OUString::createFromAscii("com.sun.star.xml.security.bridge.xmlsec.XMLSecurityContext_NssImpl"), xContext ) ;
282 OSL_ENSURE( xsecenv.is() ,
283 "Verifier - "
284 "Cannot get service instance of \"xsec.XMLSecurityContext\"" ) ;
285
286 Reference< XXMLSecurityContext > xSecCtx( xmlsecctx , UNO_QUERY ) ;
287 OSL_ENSURE( xSecCtx.is() ,
288 "Verifier - "
289 "Cannot get interface of \"XXMLSecurityContext\" from service \"xsec.XMLSecurityContext\"" ) ;
290
291 xSecCtx->setSecurityEnvironment( xSecEnv ) ;
292
293 //Generate XML signature
294 Reference< XInterface > xmlsigner =
295 xManager->createInstanceWithContext( OUString::createFromAscii("com.sun.star.xml.security.bridge.xmlsec.XMLSignature_NssImpl"), xContext ) ;
296 OSL_ENSURE( xmlsigner.is() ,
297 "Verifier - "
298 "Cannot get service instance of \"xsec.XMLSignature\"" ) ;
299
300 Reference< XXMLSignature > xSigner( xmlsigner , UNO_QUERY ) ;
301 OSL_ENSURE( xSigner.is() ,
302 "Verifier - "
303 "Cannot get interface of \"XXMLSignature\" from service \"xsec.XMLSignature\"" ) ;
304
305
306 //perform validation
307 sal_Bool valid = xSigner->validate( xTemplate , xSecCtx ) ;
308 if( !valid ) {
309 printf( "Signature is INVALID!\n" ) ;
310 } else {
311 printf( "Signature is VALID!\n" ) ;
312 }
313 } catch( Exception& e ) {
314 fprintf( stderr , "Error Message: %s\n" , OUStringToOString( e.Message , RTL_TEXTENCODING_ASCII_US ).getStr() ) ;
315 goto done ;
316 }
317
318 done :
319 if( doc != NULL )
320 xmlFreeDoc( doc ) ;
321
322 if( slot != NULL )
323 PK11_FreeSlot( slot ) ;
324
325 PK11_LogoutAll() ;
326 NSS_Shutdown() ;
327
328 /* Shutdown libxslt/libxml */
329 #ifndef XMLSEC_NO_XSLT
330 xsltCleanupGlobals();
331 #endif /* XMLSEC_NO_XSLT */
332 xmlCleanupParser();
333
334 return 0 ;
335 }
336
337