1 /**************************************************************
2  *
3  * Licensed to the Apache Software Foundation (ASF) under one
4  * or more contributor license agreements.  See the NOTICE file
5  * distributed with this work for additional information
6  * regarding copyright ownership.  The ASF licenses this file
7  * to you under the Apache License, Version 2.0 (the
8  * "License"); you may not use this file except in compliance
9  * with the License.  You may obtain a copy of the License at
10  *
11  *   http://www.apache.org/licenses/LICENSE-2.0
12  *
13  * Unless required by applicable law or agreed to in writing,
14  * software distributed under the License is distributed on an
15  * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
16  * KIND, either express or implied.  See the License for the
17  * specific language governing permissions and limitations
18  * under the License.
19  *
20  *************************************************************/
21 
22 
23 
24 // MARKER(update_precomp.py): autogen include statement, do not remove
25 #include "precompiled_xmlsecurity.hxx"
26 #include <sal/config.h>
27 #include <rtl/uuid.h>
28 #include "securityenvironment_mscryptimpl.hxx"
29 
30 #ifndef _XMLSECURITYCONTEXT_MSCRYPTIMPL_HXX_
31 #include "xmlsecuritycontext_mscryptimpl.hxx"
32 #endif
33 #include "xmlstreamio.hxx"
34 
35 #include "xmlsec/xmlsec.h"
36 #include "xmlsec/keysmngr.h"
37 #include "xmlsec/crypto.h"
38 #include "xmlsec/mscrypto/akmngr.h"
39 
40 using namespace ::com::sun::star::uno ;
41 using namespace ::com::sun::star::lang ;
42 using ::com::sun::star::lang::XMultiServiceFactory ;
43 using ::com::sun::star::lang::XSingleServiceFactory ;
44 using ::rtl::OUString ;
45 
46 using ::com::sun::star::xml::crypto::XSecurityEnvironment ;
47 using ::com::sun::star::xml::crypto::XXMLSecurityContext ;
48 
XMLSecurityContext_MSCryptImpl(const Reference<XMultiServiceFactory> & aFactory)49 XMLSecurityContext_MSCryptImpl :: XMLSecurityContext_MSCryptImpl( const Reference< XMultiServiceFactory >& aFactory )
50 	://m_pKeysMngr( NULL ) ,
51 	 m_xServiceManager( aFactory ),
52 	 m_xSecurityEnvironment( NULL )
53 {
54 	//Init xmlsec library
55 	if( xmlSecInit() < 0 ) {
56 		throw RuntimeException() ;
57 	}
58 
59 	//Init xmlsec crypto engine library
60 	if( xmlSecCryptoInit() < 0 ) {
61 		xmlSecShutdown() ;
62 		throw RuntimeException() ;
63 	}
64 
65 	//Enable external stream handlers
66 	if( xmlEnableStreamInputCallbacks() < 0 ) {
67 		xmlSecCryptoShutdown() ;
68 		xmlSecShutdown() ;
69 		throw RuntimeException() ;
70 	}
71 }
72 
~XMLSecurityContext_MSCryptImpl()73 XMLSecurityContext_MSCryptImpl :: ~XMLSecurityContext_MSCryptImpl() {
74 	xmlDisableStreamInputCallbacks() ;
75 	xmlSecCryptoShutdown() ;
76 	xmlSecShutdown() ;
77 }
78 
79 //i39448 : new methods
addSecurityEnvironment(const::com::sun::star::uno::Reference<::com::sun::star::xml::crypto::XSecurityEnvironment> & aSecurityEnvironment)80 sal_Int32 SAL_CALL XMLSecurityContext_MSCryptImpl::addSecurityEnvironment(
81 	const ::com::sun::star::uno::Reference< ::com::sun::star::xml::crypto::XSecurityEnvironment >& aSecurityEnvironment)
82 	throw (::com::sun::star::security::SecurityInfrastructureException, ::com::sun::star::uno::RuntimeException)
83 {
84 	if( !aSecurityEnvironment.is() )
85 	{
86 		throw RuntimeException() ;
87 	}
88 
89 	m_xSecurityEnvironment = aSecurityEnvironment;
90 
91 	return 0;
92 }
93 
94 
getSecurityEnvironmentNumber()95 sal_Int32 SAL_CALL XMLSecurityContext_MSCryptImpl::getSecurityEnvironmentNumber(  )
96 	throw (::com::sun::star::uno::RuntimeException)
97 {
98 	return 1;
99 }
100 
101 ::com::sun::star::uno::Reference< ::com::sun::star::xml::crypto::XSecurityEnvironment > SAL_CALL
getSecurityEnvironmentByIndex(sal_Int32 index)102 	XMLSecurityContext_MSCryptImpl::getSecurityEnvironmentByIndex( sal_Int32 index )
103 	throw (::com::sun::star::uno::RuntimeException)
104 {
105 	if (index == 0)
106 	{
107 		return m_xSecurityEnvironment;
108 	}
109 	else
110 		throw RuntimeException() ;
111 }
112 
113 ::com::sun::star::uno::Reference< ::com::sun::star::xml::crypto::XSecurityEnvironment > SAL_CALL
getSecurityEnvironment()114 	XMLSecurityContext_MSCryptImpl::getSecurityEnvironment(  )
115 	throw (::com::sun::star::uno::RuntimeException)
116 {
117 	return m_xSecurityEnvironment;
118 }
119 
getDefaultSecurityEnvironmentIndex()120 sal_Int32 SAL_CALL XMLSecurityContext_MSCryptImpl::getDefaultSecurityEnvironmentIndex(  )
121 	throw (::com::sun::star::uno::RuntimeException)
122 {
123 	return 0;
124 }
125 
setDefaultSecurityEnvironmentIndex(sal_Int32)126 void SAL_CALL XMLSecurityContext_MSCryptImpl::setDefaultSecurityEnvironmentIndex( sal_Int32 /*nDefaultEnvIndex*/ )
127 	throw (::com::sun::star::uno::RuntimeException)
128 {
129 	//dummy
130 }
131 
132 #if 0
133 /* XXMLSecurityContext */
134 void SAL_CALL XMLSecurityContext_MSCryptImpl :: setSecurityEnvironment( const Reference< XSecurityEnvironment >& aSecurityEnvironment ) throw( com::sun::star::security::SecurityInfrastructureException ) {
135 	HCERTSTORE hkeyStore ;
136 	HCERTSTORE hCertStore ;
137 	HCRYPTKEY symKey ;
138 	HCRYPTKEY pubKey ;
139 	HCRYPTKEY priKey ;
140 	unsigned int i ;
141 
142 	if( !aSecurityEnvironment.is() )
143 		throw RuntimeException() ;
144 
145 	m_xSecurityEnvironment = aSecurityEnvironment ;
146 
147 	//Clear key manager
148 	if( m_pKeysMngr != NULL ) {
149 		xmlSecKeysMngrDestroy( m_pKeysMngr ) ;
150 		m_pKeysMngr = NULL ;
151 	}
152 
153 	//Create key manager
154 	Reference< XUnoTunnel > xEnvTunnel( m_xSecurityEnvironment , UNO_QUERY ) ;
155 	if( !xEnvTunnel.is() ) {
156 		throw RuntimeException() ;
157 	}
158 
159 	SecurityEnvironment_MSCryptImpl* pSecEnv = ( SecurityEnvironment_MSCryptImpl* )xEnvTunnel->getSomething( SecurityEnvironment_MSCryptImpl::getUnoTunnelId() ) ;
160 	if( pSecEnv == NULL )
161 		throw RuntimeException() ;
162 
163 	hkeyStore = pSecEnv->getCryptoSlot() ;
164 	hCertStore = pSecEnv->getCertDb() ;
165 
166 	/*-
167 	 * The following lines is based on the of xmlsec-mscrypto crypto engine
168 	 */
169 	m_pKeysMngr = xmlSecMSCryptoAppliedKeysMngrCreate( hkeyStore , hCertStore ) ;
170 	if( m_pKeysMngr == NULL )
171 		throw RuntimeException() ;
172 
173 	/*-
174 	 * Adopt symmetric key into keys manager
175 	 */
176 	for( i = 0 ; ( symKey = pSecEnv->getSymKey( i ) ) != NULL ; i ++ ) {
177 		if( xmlSecMSCryptoAppliedKeysMngrSymKeyLoad( m_pKeysMngr, symKey ) < 0 ) {
178 			throw RuntimeException() ;
179 		}
180 	}
181 
182 	/*-
183 	 * Adopt asymmetric public key into keys manager
184 	 */
185 	for( i = 0 ; ( pubKey = pSecEnv->getPubKey( i ) ) != NULL ; i ++ ) {
186 		if( xmlSecMSCryptoAppliedKeysMngrPubKeyLoad( m_pKeysMngr, pubKey ) < 0 ) {
187 			throw RuntimeException() ;
188 		}
189 	}
190 
191 	/*-
192 	 * Adopt asymmetric private key into keys manager
193 	 */
194 	for( i = 0 ; ( priKey = pSecEnv->getPriKey( i ) ) != NULL ; i ++ ) {
195 		if( xmlSecMSCryptoAppliedKeysMngrPriKeyLoad( m_pKeysMngr, priKey ) < 0 ) {
196 			throw RuntimeException() ;
197 		}
198 	}
199 
200 	/*-
201 	 * Adopt system default certificate store.
202 	 */
203 	if( pSecEnv->defaultEnabled() ) {
204 		HCERTSTORE hSystemStore ;
205 
206 		//Add system key store into the keys manager.
207 		hSystemStore = CertOpenSystemStore( 0, "MY" ) ;
208 		if( hSystemStore != NULL ) {
209 			if( xmlSecMSCryptoAppliedKeysMngrAdoptKeyStore( m_pKeysMngr, hSystemStore ) < 0 ) {
210 				CertCloseStore( hSystemStore, CERT_CLOSE_STORE_CHECK_FLAG ) ;
211 				throw RuntimeException() ;
212 			}
213 		}
214 
215 		//Add system root store into the keys manager.
216 		hSystemStore = CertOpenSystemStore( 0, "Root" ) ;
217 		if( hSystemStore != NULL ) {
218 			if( xmlSecMSCryptoAppliedKeysMngrAdoptTrustedStore( m_pKeysMngr, hSystemStore ) < 0 ) {
219 				CertCloseStore( hSystemStore, CERT_CLOSE_STORE_CHECK_FLAG ) ;
220 				throw RuntimeException() ;
221 			}
222 		}
223 
224 		//Add system trusted store into the keys manager.
225 		hSystemStore = CertOpenSystemStore( 0, "Trust" ) ;
226 		if( hSystemStore != NULL ) {
227 			if( xmlSecMSCryptoAppliedKeysMngrAdoptUntrustedStore( m_pKeysMngr, hSystemStore ) < 0 ) {
228 				CertCloseStore( hSystemStore, CERT_CLOSE_STORE_CHECK_FLAG ) ;
229 				throw RuntimeException() ;
230 			}
231 		}
232 
233 		//Add system CA store into the keys manager.
234 		hSystemStore = CertOpenSystemStore( 0, "CA" ) ;
235 		if( hSystemStore != NULL ) {
236 			if( xmlSecMSCryptoAppliedKeysMngrAdoptUntrustedStore( m_pKeysMngr, hSystemStore ) < 0 ) {
237 				CertCloseStore( hSystemStore, CERT_CLOSE_STORE_CHECK_FLAG ) ;
238 				throw RuntimeException() ;
239 			}
240 		}
241 	}
242 }
243 
244 /* XXMLSecurityContext */
245 Reference< XSecurityEnvironment > SAL_CALL XMLSecurityContext_MSCryptImpl :: getSecurityEnvironment()
246 	throw (RuntimeException)
247 {
248 	return	m_xSecurityEnvironment ;
249 }
250 #endif
251 
252 /* XInitialization */
initialize(const Sequence<Any> &)253 void SAL_CALL XMLSecurityContext_MSCryptImpl :: initialize( const Sequence< Any >& /*aArguments*/ ) throw( Exception, RuntimeException ) {
254 	// TBD
255 } ;
256 
257 /* XServiceInfo */
getImplementationName()258 OUString SAL_CALL XMLSecurityContext_MSCryptImpl :: getImplementationName() throw( RuntimeException ) {
259 	return impl_getImplementationName() ;
260 }
261 
262 /* XServiceInfo */
supportsService(const OUString & serviceName)263 sal_Bool SAL_CALL XMLSecurityContext_MSCryptImpl :: supportsService( const OUString& serviceName) throw( RuntimeException ) {
264 	Sequence< OUString > seqServiceNames = getSupportedServiceNames() ;
265 	const OUString* pArray = seqServiceNames.getConstArray() ;
266 	for( sal_Int32 i = 0 ; i < seqServiceNames.getLength() ; i ++ ) {
267 		if( *( pArray + i ) == serviceName )
268 			return sal_True ;
269 	}
270 	return sal_False ;
271 }
272 
273 /* XServiceInfo */
getSupportedServiceNames()274 Sequence< OUString > SAL_CALL XMLSecurityContext_MSCryptImpl :: getSupportedServiceNames() throw( RuntimeException ) {
275 	return impl_getSupportedServiceNames() ;
276 }
277 
278 //Helper for XServiceInfo
impl_getSupportedServiceNames()279 Sequence< OUString > XMLSecurityContext_MSCryptImpl :: impl_getSupportedServiceNames() {
280 	::osl::Guard< ::osl::Mutex > aGuard( ::osl::Mutex::getGlobalMutex() ) ;
281 	Sequence< OUString > seqServiceNames( 1 ) ;
282 	seqServiceNames.getArray()[0] = OUString::createFromAscii( "com.sun.star.xml.crypto.XMLSecurityContext" ) ;
283 	return seqServiceNames ;
284 }
285 
impl_getImplementationName()286 OUString XMLSecurityContext_MSCryptImpl :: impl_getImplementationName() throw( RuntimeException ) {
287 	return OUString::createFromAscii( "com.sun.star.xml.security.bridge.xmlsec.XMLSecurityContext_MSCryptImpl" ) ;
288 }
289 
290 //Helper for registry
impl_createInstance(const Reference<XMultiServiceFactory> & aServiceManager)291 Reference< XInterface > SAL_CALL XMLSecurityContext_MSCryptImpl :: impl_createInstance( const Reference< XMultiServiceFactory >& aServiceManager ) throw( RuntimeException ) {
292 	return Reference< XInterface >( *new XMLSecurityContext_MSCryptImpl( aServiceManager ) ) ;
293 }
294 
impl_createFactory(const Reference<XMultiServiceFactory> & aServiceManager)295 Reference< XSingleServiceFactory > XMLSecurityContext_MSCryptImpl :: impl_createFactory( const Reference< XMultiServiceFactory >& aServiceManager ) {
296 	//Reference< XSingleServiceFactory > xFactory ;
297 	//xFactory = ::cppu::createSingleFactory( aServiceManager , impl_getImplementationName , impl_createInstance , impl_getSupportedServiceNames ) ;
298 	//return xFactory ;
299 	return ::cppu::createSingleFactory( aServiceManager , impl_getImplementationName() , impl_createInstance , impl_getSupportedServiceNames() ) ;
300 }
301 
302 #if 0
303 /* XUnoTunnel */
304 sal_Int64 SAL_CALL XMLSecurityContext_MSCryptImpl :: getSomething( const Sequence< sal_Int8 >& aIdentifier )
305 throw (RuntimeException)
306 {
307 	if( aIdentifier.getLength() == 16 && 0 == rtl_compareMemory( getUnoTunnelId().getConstArray(), aIdentifier.getConstArray(), 16 ) ) {
308 		return ( sal_Int64 )this ;
309 	}
310 	return 0 ;
311 }
312 
313 /* XUnoTunnel extension */
314 const Sequence< sal_Int8>& XMLSecurityContext_MSCryptImpl :: getUnoTunnelId() {
315 	static Sequence< sal_Int8 >* pSeq = 0 ;
316 	if( !pSeq ) {
317 		::osl::Guard< ::osl::Mutex > aGuard( ::osl::Mutex::getGlobalMutex() ) ;
318 		if( !pSeq ) {
319 			static Sequence< sal_Int8> aSeq( 16 ) ;
320 			rtl_createUuid( ( sal_uInt8* )aSeq.getArray() , 0 , sal_True ) ;
321 			pSeq = &aSeq ;
322 		}
323 	}
324 	return *pSeq ;
325 }
326 
327 /* XUnoTunnel extension */
328 XMLSecurityContext_MSCryptImpl* XMLSecurityContext_MSCryptImpl :: getImplementation( const Reference< XInterface > xObj ) {
329 	Reference< XUnoTunnel > xUT( xObj , UNO_QUERY ) ;
330 	if( xUT.is() ) {
331 		return ( XMLSecurityContext_MSCryptImpl* )xUT->getSomething( getUnoTunnelId() ) ;
332 	} else
333 		return NULL ;
334 }
335 
336 /* Native methods */
337 xmlSecKeysMngrPtr XMLSecurityContext_MSCryptImpl :: keysManager() throw( Exception, RuntimeException ) {
338 	return m_pKeysMngr ;
339 }
340 #endif
341 
342