1*06b3ce53SAndrew Rist /************************************************************** 2cdf0e10cSrcweir * 3*06b3ce53SAndrew Rist * Licensed to the Apache Software Foundation (ASF) under one 4*06b3ce53SAndrew Rist * or more contributor license agreements. See the NOTICE file 5*06b3ce53SAndrew Rist * distributed with this work for additional information 6*06b3ce53SAndrew Rist * regarding copyright ownership. The ASF licenses this file 7*06b3ce53SAndrew Rist * to you under the Apache License, Version 2.0 (the 8*06b3ce53SAndrew Rist * "License"); you may not use this file except in compliance 9*06b3ce53SAndrew Rist * with the License. You may obtain a copy of the License at 10cdf0e10cSrcweir * 11*06b3ce53SAndrew Rist * http://www.apache.org/licenses/LICENSE-2.0 12cdf0e10cSrcweir * 13*06b3ce53SAndrew Rist * Unless required by applicable law or agreed to in writing, 14*06b3ce53SAndrew Rist * software distributed under the License is distributed on an 15*06b3ce53SAndrew Rist * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY 16*06b3ce53SAndrew Rist * KIND, either express or implied. See the License for the 17*06b3ce53SAndrew Rist * specific language governing permissions and limitations 18*06b3ce53SAndrew Rist * under the License. 19cdf0e10cSrcweir * 20*06b3ce53SAndrew Rist *************************************************************/ 21*06b3ce53SAndrew Rist 22*06b3ce53SAndrew Rist 23cdf0e10cSrcweir 24cdf0e10cSrcweir // MARKER(update_precomp.py): autogen include statement, do not remove 25cdf0e10cSrcweir #include "precompiled_xmlsecurity.hxx" 26cdf0e10cSrcweir #include <sal/config.h> 27cdf0e10cSrcweir #include <rtl/uuid.h> 28cdf0e10cSrcweir #include "securityenvironment_nssimpl.hxx" 29cdf0e10cSrcweir 30cdf0e10cSrcweir #ifndef _XMLSECURITYCONTEXT_NSSIMPL_HXX_ 31cdf0e10cSrcweir #include "xmlsecuritycontext_nssimpl.hxx" 32cdf0e10cSrcweir #endif 33cdf0e10cSrcweir #include "xmlstreamio.hxx" 34cdf0e10cSrcweir 35cdf0e10cSrcweir #include <sal/types.h> 36cdf0e10cSrcweir //For reasons that escape me, this is what xmlsec does when size_t is not 4 37cdf0e10cSrcweir #if SAL_TYPES_SIZEOFPOINTER != 4 38cdf0e10cSrcweir # define XMLSEC_NO_SIZE_T 39cdf0e10cSrcweir #endif 40cdf0e10cSrcweir #include "xmlsec/xmlsec.h" 41cdf0e10cSrcweir #include "xmlsec/keysmngr.h" 42cdf0e10cSrcweir #include "xmlsec/crypto.h" 43cdf0e10cSrcweir 44cdf0e10cSrcweir using namespace ::com::sun::star::uno ; 45cdf0e10cSrcweir using namespace ::com::sun::star::lang ; 46cdf0e10cSrcweir using ::com::sun::star::lang::XMultiServiceFactory ; 47cdf0e10cSrcweir using ::com::sun::star::lang::XSingleServiceFactory ; 48cdf0e10cSrcweir using ::rtl::OUString ; 49cdf0e10cSrcweir 50cdf0e10cSrcweir using ::com::sun::star::xml::crypto::XSecurityEnvironment ; 51cdf0e10cSrcweir using ::com::sun::star::xml::crypto::XXMLSecurityContext ; 52cdf0e10cSrcweir 53cdf0e10cSrcweir XMLSecurityContext_NssImpl :: XMLSecurityContext_NssImpl( const Reference< XMultiServiceFactory >& aFactory ) 54cdf0e10cSrcweir ://i39448 : m_pKeysMngr( NULL ) , 55cdf0e10cSrcweir m_xServiceManager( aFactory ) , 56cdf0e10cSrcweir m_nDefaultEnvIndex(-1) 57cdf0e10cSrcweir //m_xSecurityEnvironment( NULL ) 58cdf0e10cSrcweir { 59cdf0e10cSrcweir //Init xmlsec library 60cdf0e10cSrcweir if( xmlSecInit() < 0 ) { 61cdf0e10cSrcweir throw RuntimeException() ; 62cdf0e10cSrcweir } 63cdf0e10cSrcweir 64cdf0e10cSrcweir //Init xmlsec crypto engine library 65cdf0e10cSrcweir if( xmlSecCryptoInit() < 0 ) { 66cdf0e10cSrcweir xmlSecShutdown() ; 67cdf0e10cSrcweir throw RuntimeException() ; 68cdf0e10cSrcweir } 69cdf0e10cSrcweir 70cdf0e10cSrcweir //Enable external stream handlers 71cdf0e10cSrcweir if( xmlEnableStreamInputCallbacks() < 0 ) { 72cdf0e10cSrcweir xmlSecCryptoShutdown() ; 73cdf0e10cSrcweir xmlSecShutdown() ; 74cdf0e10cSrcweir throw RuntimeException() ; 75cdf0e10cSrcweir } 76cdf0e10cSrcweir } 77cdf0e10cSrcweir 78cdf0e10cSrcweir XMLSecurityContext_NssImpl :: ~XMLSecurityContext_NssImpl() { 79cdf0e10cSrcweir #if 0 //i39448 80cdf0e10cSrcweir if( m_pKeysMngr != NULL ) { 81cdf0e10cSrcweir xmlSecKeysMngrDestroy( m_pKeysMngr ) ; 82cdf0e10cSrcweir } 83cdf0e10cSrcweir #endif 84cdf0e10cSrcweir 85cdf0e10cSrcweir xmlDisableStreamInputCallbacks() ; 86cdf0e10cSrcweir xmlSecCryptoShutdown() ; 87cdf0e10cSrcweir xmlSecShutdown() ; 88cdf0e10cSrcweir } 89cdf0e10cSrcweir 90cdf0e10cSrcweir //i39448 : new methods 91cdf0e10cSrcweir sal_Int32 SAL_CALL XMLSecurityContext_NssImpl::addSecurityEnvironment( 92cdf0e10cSrcweir const ::com::sun::star::uno::Reference< ::com::sun::star::xml::crypto::XSecurityEnvironment >& aSecurityEnvironment) 93cdf0e10cSrcweir throw (::com::sun::star::security::SecurityInfrastructureException, ::com::sun::star::uno::RuntimeException) 94cdf0e10cSrcweir { 95cdf0e10cSrcweir if( !aSecurityEnvironment.is() ) 96cdf0e10cSrcweir { 97cdf0e10cSrcweir throw RuntimeException() ; 98cdf0e10cSrcweir } 99cdf0e10cSrcweir 100cdf0e10cSrcweir m_vSecurityEnvironments.push_back( aSecurityEnvironment ); 101cdf0e10cSrcweir 102cdf0e10cSrcweir return m_vSecurityEnvironments.size() - 1 ; 103cdf0e10cSrcweir } 104cdf0e10cSrcweir 105cdf0e10cSrcweir 106cdf0e10cSrcweir sal_Int32 SAL_CALL XMLSecurityContext_NssImpl::getSecurityEnvironmentNumber( ) 107cdf0e10cSrcweir throw (::com::sun::star::uno::RuntimeException) 108cdf0e10cSrcweir { 109cdf0e10cSrcweir return m_vSecurityEnvironments.size(); 110cdf0e10cSrcweir } 111cdf0e10cSrcweir 112cdf0e10cSrcweir ::com::sun::star::uno::Reference< ::com::sun::star::xml::crypto::XSecurityEnvironment > SAL_CALL 113cdf0e10cSrcweir XMLSecurityContext_NssImpl::getSecurityEnvironmentByIndex( sal_Int32 index ) 114cdf0e10cSrcweir throw (::com::sun::star::uno::RuntimeException) 115cdf0e10cSrcweir { 116cdf0e10cSrcweir ::com::sun::star::uno::Reference< ::com::sun::star::xml::crypto::XSecurityEnvironment > xSecurityEnvironment; 117cdf0e10cSrcweir 118cdf0e10cSrcweir if (index >= 0 && index < ( sal_Int32 )m_vSecurityEnvironments.size()) 119cdf0e10cSrcweir { 120cdf0e10cSrcweir xSecurityEnvironment = m_vSecurityEnvironments[index]; 121cdf0e10cSrcweir } 122cdf0e10cSrcweir else 123cdf0e10cSrcweir throw RuntimeException() ; 124cdf0e10cSrcweir 125cdf0e10cSrcweir return xSecurityEnvironment; 126cdf0e10cSrcweir } 127cdf0e10cSrcweir 128cdf0e10cSrcweir ::com::sun::star::uno::Reference< ::com::sun::star::xml::crypto::XSecurityEnvironment > SAL_CALL 129cdf0e10cSrcweir XMLSecurityContext_NssImpl::getSecurityEnvironment( ) 130cdf0e10cSrcweir throw (::com::sun::star::uno::RuntimeException) 131cdf0e10cSrcweir { 132cdf0e10cSrcweir if (m_nDefaultEnvIndex >= 0 && m_nDefaultEnvIndex < ( sal_Int32 )m_vSecurityEnvironments.size()) 133cdf0e10cSrcweir return getSecurityEnvironmentByIndex(m_nDefaultEnvIndex); 134cdf0e10cSrcweir else 135cdf0e10cSrcweir throw RuntimeException() ; 136cdf0e10cSrcweir } 137cdf0e10cSrcweir 138cdf0e10cSrcweir sal_Int32 SAL_CALL XMLSecurityContext_NssImpl::getDefaultSecurityEnvironmentIndex( ) 139cdf0e10cSrcweir throw (::com::sun::star::uno::RuntimeException) 140cdf0e10cSrcweir { 141cdf0e10cSrcweir return m_nDefaultEnvIndex ; 142cdf0e10cSrcweir } 143cdf0e10cSrcweir 144cdf0e10cSrcweir void SAL_CALL XMLSecurityContext_NssImpl::setDefaultSecurityEnvironmentIndex( sal_Int32 nDefaultEnvIndex ) 145cdf0e10cSrcweir throw (::com::sun::star::uno::RuntimeException) 146cdf0e10cSrcweir { 147cdf0e10cSrcweir m_nDefaultEnvIndex = nDefaultEnvIndex; 148cdf0e10cSrcweir } 149cdf0e10cSrcweir 150cdf0e10cSrcweir #if 0 //i39448 : old methods should be deleted 151cdf0e10cSrcweir /* XXMLSecurityContext */ 152cdf0e10cSrcweir void SAL_CALL XMLSecurityContext_NssImpl :: setSecurityEnvironment( const Reference< XSecurityEnvironment >& aSecurityEnvironment ) throw( com::sun::star::security::SecurityInfrastructureException ) { 153cdf0e10cSrcweir PK11SlotInfo* slot ; 154cdf0e10cSrcweir CERTCertDBHandle* handler ; 155cdf0e10cSrcweir //xmlSecKeyPtr key ; 156cdf0e10cSrcweir //xmlSecKeyDataPtr keyData ; 157cdf0e10cSrcweir PK11SymKey* symKey ; 158cdf0e10cSrcweir SECKEYPublicKey* pubKey ; 159cdf0e10cSrcweir SECKEYPrivateKey* priKey ; 160cdf0e10cSrcweir unsigned int i ; 161cdf0e10cSrcweir 162cdf0e10cSrcweir if( !aSecurityEnvironment.is() ) 163cdf0e10cSrcweir throw RuntimeException() ; 164cdf0e10cSrcweir 165cdf0e10cSrcweir m_xSecurityEnvironment = aSecurityEnvironment ; 166cdf0e10cSrcweir 167cdf0e10cSrcweir //Clear key manager 168cdf0e10cSrcweir if( m_pKeysMngr != NULL ) { 169cdf0e10cSrcweir xmlSecKeysMngrDestroy( m_pKeysMngr ) ; 170cdf0e10cSrcweir m_pKeysMngr = NULL ; 171cdf0e10cSrcweir } 172cdf0e10cSrcweir 173cdf0e10cSrcweir //Create key manager 174cdf0e10cSrcweir Reference< XUnoTunnel > xEnvTunnel( m_xSecurityEnvironment , UNO_QUERY ) ; 175cdf0e10cSrcweir if( !xEnvTunnel.is() ) { 176cdf0e10cSrcweir throw RuntimeException() ;^1 177cdf0e10cSrcweir } 178cdf0e10cSrcweir 179cdf0e10cSrcweir SecurityEnvironment_NssImpl* pSecEnv = ( SecurityEnvironment_NssImpl* )xEnvTunnel->getSomething( SecurityEnvironment_NssImpl::getUnoTunnelId() ) ; 180cdf0e10cSrcweir if( pSecEnv == NULL ) 181cdf0e10cSrcweir throw RuntimeException() ; 182cdf0e10cSrcweir 183cdf0e10cSrcweir //todo 184cdf0e10cSrcweir // slot = pSecEnv->getCryptoSlot() ; 185cdf0e10cSrcweir handler = pSecEnv->getCertDb() ; 186cdf0e10cSrcweir 187cdf0e10cSrcweir /*- 188cdf0e10cSrcweir * The following lines is based on the private version of xmlSec-NSS 189cdf0e10cSrcweir * crypto engine 190cdf0e10cSrcweir */ 191cdf0e10cSrcweir m_pKeysMngr = xmlSecNssAppliedKeysMngrCreate( slot , handler ) ; 192cdf0e10cSrcweir if( m_pKeysMngr == NULL ) 193cdf0e10cSrcweir throw RuntimeException() ; 194cdf0e10cSrcweir 195cdf0e10cSrcweir /*- 196cdf0e10cSrcweir * Adopt symmetric key into keys manager 197cdf0e10cSrcweir */ 198cdf0e10cSrcweir for( i = 0 ; ( symKey = pSecEnv->getSymKey( i ) ) != NULL ; i ++ ) { 199cdf0e10cSrcweir if( xmlSecNssAppliedKeysMngrSymKeyLoad( m_pKeysMngr, symKey ) < 0 ) { 200cdf0e10cSrcweir throw RuntimeException() ; 201cdf0e10cSrcweir } 202cdf0e10cSrcweir } 203cdf0e10cSrcweir 204cdf0e10cSrcweir /*- 205cdf0e10cSrcweir * Adopt asymmetric public key into keys manager 206cdf0e10cSrcweir */ 207cdf0e10cSrcweir for( i = 0 ; ( pubKey = pSecEnv->getPubKey( i ) ) != NULL ; i ++ ) { 208cdf0e10cSrcweir if( xmlSecNssAppliedKeysMngrPubKeyLoad( m_pKeysMngr, pubKey ) < 0 ) { 209cdf0e10cSrcweir throw RuntimeException() ; 210cdf0e10cSrcweir } 211cdf0e10cSrcweir } 212cdf0e10cSrcweir 213cdf0e10cSrcweir /*- 214cdf0e10cSrcweir * Adopt asymmetric private key into keys manager 215cdf0e10cSrcweir */ 216cdf0e10cSrcweir for( i = 0 ; ( priKey = pSecEnv->getPriKey( i ) ) != NULL ; i ++ ) { 217cdf0e10cSrcweir if( xmlSecNssAppliedKeysMngrPriKeyLoad( m_pKeysMngr, priKey ) < 0 ) { 218cdf0e10cSrcweir throw RuntimeException() ; 219cdf0e10cSrcweir } 220cdf0e10cSrcweir } 221cdf0e10cSrcweir } 222cdf0e10cSrcweir 223cdf0e10cSrcweir /* XXMLSecurityContext */ 224cdf0e10cSrcweir Reference< XSecurityEnvironment > SAL_CALL XMLSecurityContext_NssImpl :: getSecurityEnvironment() 225cdf0e10cSrcweir throw (RuntimeException) 226cdf0e10cSrcweir { 227cdf0e10cSrcweir return m_xSecurityEnvironment ; 228cdf0e10cSrcweir } 229cdf0e10cSrcweir #endif 230cdf0e10cSrcweir 231cdf0e10cSrcweir 232cdf0e10cSrcweir /* XInitialization */ 233cdf0e10cSrcweir void SAL_CALL XMLSecurityContext_NssImpl :: initialize( const Sequence< Any >& /*aArguments*/ ) throw( Exception, RuntimeException ) { 234cdf0e10cSrcweir // TBD 235cdf0e10cSrcweir } ; 236cdf0e10cSrcweir 237cdf0e10cSrcweir /* XServiceInfo */ 238cdf0e10cSrcweir OUString SAL_CALL XMLSecurityContext_NssImpl :: getImplementationName() throw( RuntimeException ) { 239cdf0e10cSrcweir return impl_getImplementationName() ; 240cdf0e10cSrcweir } 241cdf0e10cSrcweir 242cdf0e10cSrcweir /* XServiceInfo */ 243cdf0e10cSrcweir sal_Bool SAL_CALL XMLSecurityContext_NssImpl :: supportsService( const OUString& serviceName) throw( RuntimeException ) { 244cdf0e10cSrcweir Sequence< OUString > seqServiceNames = getSupportedServiceNames() ; 245cdf0e10cSrcweir const OUString* pArray = seqServiceNames.getConstArray() ; 246cdf0e10cSrcweir for( sal_Int32 i = 0 ; i < seqServiceNames.getLength() ; i ++ ) { 247cdf0e10cSrcweir if( *( pArray + i ) == serviceName ) 248cdf0e10cSrcweir return sal_True ; 249cdf0e10cSrcweir } 250cdf0e10cSrcweir return sal_False ; 251cdf0e10cSrcweir } 252cdf0e10cSrcweir 253cdf0e10cSrcweir /* XServiceInfo */ 254cdf0e10cSrcweir Sequence< OUString > SAL_CALL XMLSecurityContext_NssImpl :: getSupportedServiceNames() throw( RuntimeException ) { 255cdf0e10cSrcweir return impl_getSupportedServiceNames() ; 256cdf0e10cSrcweir } 257cdf0e10cSrcweir 258cdf0e10cSrcweir //Helper for XServiceInfo 259cdf0e10cSrcweir Sequence< OUString > XMLSecurityContext_NssImpl :: impl_getSupportedServiceNames() { 260cdf0e10cSrcweir ::osl::Guard< ::osl::Mutex > aGuard( ::osl::Mutex::getGlobalMutex() ) ; 261cdf0e10cSrcweir Sequence< OUString > seqServiceNames( 1 ) ; 262cdf0e10cSrcweir seqServiceNames.getArray()[0] = OUString::createFromAscii( "com.sun.star.xml.crypto.XMLSecurityContext" ) ; 263cdf0e10cSrcweir return seqServiceNames ; 264cdf0e10cSrcweir } 265cdf0e10cSrcweir 266cdf0e10cSrcweir OUString XMLSecurityContext_NssImpl :: impl_getImplementationName() throw( RuntimeException ) { 267cdf0e10cSrcweir return OUString::createFromAscii( "com.sun.star.xml.security.bridge.xmlsec.XMLSecurityContext_NssImpl" ) ; 268cdf0e10cSrcweir } 269cdf0e10cSrcweir 270cdf0e10cSrcweir //Helper for registry 271cdf0e10cSrcweir Reference< XInterface > SAL_CALL XMLSecurityContext_NssImpl :: impl_createInstance( const Reference< XMultiServiceFactory >& aServiceManager ) throw( RuntimeException ) { 272cdf0e10cSrcweir return Reference< XInterface >( *new XMLSecurityContext_NssImpl( aServiceManager ) ) ; 273cdf0e10cSrcweir } 274cdf0e10cSrcweir 275cdf0e10cSrcweir Reference< XSingleServiceFactory > XMLSecurityContext_NssImpl :: impl_createFactory( const Reference< XMultiServiceFactory >& aServiceManager ) { 276cdf0e10cSrcweir //Reference< XSingleServiceFactory > xFactory ; 277cdf0e10cSrcweir //xFactory = ::cppu::createSingleFactory( aServiceManager , impl_getImplementationName , impl_createInstance , impl_getSupportedServiceNames ) ; 278cdf0e10cSrcweir //return xFactory ; 279cdf0e10cSrcweir return ::cppu::createSingleFactory( aServiceManager , impl_getImplementationName() , impl_createInstance , impl_getSupportedServiceNames() ) ; 280cdf0e10cSrcweir } 281cdf0e10cSrcweir 282cdf0e10cSrcweir #if 0 //not useful any longer 283cdf0e10cSrcweir /* XUnoTunnel */ 284cdf0e10cSrcweir sal_Int64 SAL_CALL XMLSecurityContext_NssImpl :: getSomething( const Sequence< sal_Int8 >& aIdentifier ) 285cdf0e10cSrcweir throw (RuntimeException) 286cdf0e10cSrcweir { 287cdf0e10cSrcweir if( aIdentifier.getLength() == 16 && 0 == rtl_compareMemory( getUnoTunnelId().getConstArray(), aIdentifier.getConstArray(), 16 ) ) { 288cdf0e10cSrcweir return ( sal_Int64 )this ; 289cdf0e10cSrcweir } 290cdf0e10cSrcweir return 0 ; 291cdf0e10cSrcweir } 292cdf0e10cSrcweir 293cdf0e10cSrcweir /* XUnoTunnel extension */ 294cdf0e10cSrcweir const Sequence< sal_Int8>& XMLSecurityContext_NssImpl :: getUnoTunnelId() { 295cdf0e10cSrcweir static Sequence< sal_Int8 >* pSeq = 0 ; 296cdf0e10cSrcweir if( !pSeq ) { 297cdf0e10cSrcweir ::osl::Guard< ::osl::Mutex > aGuard( ::osl::Mutex::getGlobalMutex() ) ; 298cdf0e10cSrcweir if( !pSeq ) { 299cdf0e10cSrcweir static Sequence< sal_Int8> aSeq( 16 ) ; 300cdf0e10cSrcweir rtl_createUuid( ( sal_uInt8* )aSeq.getArray() , 0 , sal_True ) ; 301cdf0e10cSrcweir pSeq = &aSeq ; 302cdf0e10cSrcweir } 303cdf0e10cSrcweir } 304cdf0e10cSrcweir return *pSeq ; 305cdf0e10cSrcweir } 306cdf0e10cSrcweir 307cdf0e10cSrcweir /* XUnoTunnel extension */ 308cdf0e10cSrcweir XMLSecurityContext_NssImpl* XMLSecurityContext_NssImpl :: getImplementation( const Reference< XInterface > xObj ) { 309cdf0e10cSrcweir Reference< XUnoTunnel > xUT( xObj , UNO_QUERY ) ; 310cdf0e10cSrcweir if( xUT.is() ) { 311cdf0e10cSrcweir return ( XMLSecurityContext_NssImpl* )xUT->getSomething( getUnoTunnelId() ) ; 312cdf0e10cSrcweir } else 313cdf0e10cSrcweir return NULL ; 314cdf0e10cSrcweir } 315cdf0e10cSrcweir 316cdf0e10cSrcweir /* Native methods */ 317cdf0e10cSrcweir xmlSecKeysMngrPtr XMLSecurityContext_NssImpl :: keysManager() throw( Exception, RuntimeException ) { 318cdf0e10cSrcweir return m_pKeysMngr ; 319cdf0e10cSrcweir } 320cdf0e10cSrcweir 321cdf0e10cSrcweir #endif 322