1*06b3ce53SAndrew Rist /************************************************************** 2cdf0e10cSrcweir * 3*06b3ce53SAndrew Rist * Licensed to the Apache Software Foundation (ASF) under one 4*06b3ce53SAndrew Rist * or more contributor license agreements. See the NOTICE file 5*06b3ce53SAndrew Rist * distributed with this work for additional information 6*06b3ce53SAndrew Rist * regarding copyright ownership. The ASF licenses this file 7*06b3ce53SAndrew Rist * to you under the Apache License, Version 2.0 (the 8*06b3ce53SAndrew Rist * "License"); you may not use this file except in compliance 9*06b3ce53SAndrew Rist * with the License. You may obtain a copy of the License at 10cdf0e10cSrcweir * 11*06b3ce53SAndrew Rist * http://www.apache.org/licenses/LICENSE-2.0 12cdf0e10cSrcweir * 13*06b3ce53SAndrew Rist * Unless required by applicable law or agreed to in writing, 14*06b3ce53SAndrew Rist * software distributed under the License is distributed on an 15*06b3ce53SAndrew Rist * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY 16*06b3ce53SAndrew Rist * KIND, either express or implied. See the License for the 17*06b3ce53SAndrew Rist * specific language governing permissions and limitations 18*06b3ce53SAndrew Rist * under the License. 19cdf0e10cSrcweir * 20*06b3ce53SAndrew Rist *************************************************************/ 21*06b3ce53SAndrew Rist 22*06b3ce53SAndrew Rist 23cdf0e10cSrcweir 24cdf0e10cSrcweir // MARKER(update_precomp.py): autogen include statement, do not remove 25cdf0e10cSrcweir #include "precompiled_xmlsecurity.hxx" 26cdf0e10cSrcweir 27cdf0e10cSrcweir #include "xsecparser.hxx" 28cdf0e10cSrcweir #include <tools/debug.hxx> 29cdf0e10cSrcweir #include "cppuhelper/exc_hlp.hxx" 30cdf0e10cSrcweir 31cdf0e10cSrcweir #include <string.h> 32cdf0e10cSrcweir 33cdf0e10cSrcweir namespace cssu = com::sun::star::uno; 34cdf0e10cSrcweir namespace cssxs = com::sun::star::xml::sax; 35cdf0e10cSrcweir 36cdf0e10cSrcweir #define RTL_ASCII_USTRINGPARAM( asciiStr ) asciiStr, strlen( asciiStr ), RTL_TEXTENCODING_ASCII_US 37cdf0e10cSrcweir 38cdf0e10cSrcweir XSecParser::XSecParser( 39cdf0e10cSrcweir XSecController* pXSecController, 40cdf0e10cSrcweir const cssu::Reference< cssxs::XDocumentHandler >& xNextHandler ) 41cdf0e10cSrcweir : m_pXSecController(pXSecController), 42cdf0e10cSrcweir m_xNextHandler(xNextHandler), 43cdf0e10cSrcweir m_bReferenceUnresolved(false) 44cdf0e10cSrcweir { 45cdf0e10cSrcweir } 46cdf0e10cSrcweir 47cdf0e10cSrcweir rtl::OUString XSecParser::getIdAttr(const cssu::Reference< cssxs::XAttributeList >& xAttribs ) 48cdf0e10cSrcweir { 49cdf0e10cSrcweir rtl::OUString ouIdAttr = xAttribs->getValueByName( 50cdf0e10cSrcweir rtl::OUString(RTL_ASCII_USTRINGPARAM("id"))); 51cdf0e10cSrcweir 52cdf0e10cSrcweir if (ouIdAttr == NULL) 53cdf0e10cSrcweir { 54cdf0e10cSrcweir ouIdAttr = xAttribs->getValueByName( 55cdf0e10cSrcweir rtl::OUString(RTL_ASCII_USTRINGPARAM("Id"))); 56cdf0e10cSrcweir } 57cdf0e10cSrcweir 58cdf0e10cSrcweir return ouIdAttr; 59cdf0e10cSrcweir } 60cdf0e10cSrcweir 61cdf0e10cSrcweir /* 62cdf0e10cSrcweir * XDocumentHandler 63cdf0e10cSrcweir */ 64cdf0e10cSrcweir void SAL_CALL XSecParser::startDocument( ) 65cdf0e10cSrcweir throw (cssxs::SAXException, cssu::RuntimeException) 66cdf0e10cSrcweir { 67cdf0e10cSrcweir m_bInX509IssuerName = false; 68cdf0e10cSrcweir m_bInX509SerialNumber = false; 69cdf0e10cSrcweir m_bInX509Certificate = false; 70cdf0e10cSrcweir m_bInSignatureValue = false; 71cdf0e10cSrcweir m_bInDigestValue = false; 72cdf0e10cSrcweir m_bInDate = false; 73cdf0e10cSrcweir //m_bInTime = false; 74cdf0e10cSrcweir 75cdf0e10cSrcweir if (m_xNextHandler.is()) 76cdf0e10cSrcweir { 77cdf0e10cSrcweir m_xNextHandler->startDocument(); 78cdf0e10cSrcweir } 79cdf0e10cSrcweir } 80cdf0e10cSrcweir 81cdf0e10cSrcweir void SAL_CALL XSecParser::endDocument( ) 82cdf0e10cSrcweir throw (cssxs::SAXException, cssu::RuntimeException) 83cdf0e10cSrcweir { 84cdf0e10cSrcweir if (m_xNextHandler.is()) 85cdf0e10cSrcweir { 86cdf0e10cSrcweir m_xNextHandler->endDocument(); 87cdf0e10cSrcweir } 88cdf0e10cSrcweir } 89cdf0e10cSrcweir 90cdf0e10cSrcweir void SAL_CALL XSecParser::startElement( 91cdf0e10cSrcweir const rtl::OUString& aName, 92cdf0e10cSrcweir const cssu::Reference< cssxs::XAttributeList >& xAttribs ) 93cdf0e10cSrcweir throw (cssxs::SAXException, cssu::RuntimeException) 94cdf0e10cSrcweir { 95cdf0e10cSrcweir try 96cdf0e10cSrcweir { 97cdf0e10cSrcweir rtl::OUString ouIdAttr = getIdAttr(xAttribs); 98cdf0e10cSrcweir if (ouIdAttr != NULL) 99cdf0e10cSrcweir { 100cdf0e10cSrcweir m_pXSecController->collectToVerify( ouIdAttr ); 101cdf0e10cSrcweir } 102cdf0e10cSrcweir 103cdf0e10cSrcweir if ( aName == rtl::OUString(RTL_ASCII_USTRINGPARAM(TAG_SIGNATURE)) ) 104cdf0e10cSrcweir { 105cdf0e10cSrcweir m_pXSecController->addSignature(); 106cdf0e10cSrcweir if (ouIdAttr != NULL) 107cdf0e10cSrcweir { 108cdf0e10cSrcweir m_pXSecController->setId( ouIdAttr ); 109cdf0e10cSrcweir } 110cdf0e10cSrcweir } 111cdf0e10cSrcweir else if ( aName == rtl::OUString(RTL_ASCII_USTRINGPARAM(TAG_REFERENCE)) ) 112cdf0e10cSrcweir { 113cdf0e10cSrcweir rtl::OUString ouUri = xAttribs->getValueByName(rtl::OUString(RTL_ASCII_USTRINGPARAM(ATTR_URI))); 114cdf0e10cSrcweir DBG_ASSERT( ouUri != NULL, "URI == NULL" ); 115cdf0e10cSrcweir 116cdf0e10cSrcweir if (0 == ouUri.compareTo(rtl::OUString(RTL_ASCII_USTRINGPARAM(CHAR_FRAGMENT)),1)) 117cdf0e10cSrcweir { 118cdf0e10cSrcweir /* 119cdf0e10cSrcweir * remove the first character '#' from the attribute value 120cdf0e10cSrcweir */ 121cdf0e10cSrcweir m_pXSecController->addReference( ouUri.copy(1) ); 122cdf0e10cSrcweir } 123cdf0e10cSrcweir else 124cdf0e10cSrcweir { 125cdf0e10cSrcweir /* 126cdf0e10cSrcweir * remember the uri 127cdf0e10cSrcweir */ 128cdf0e10cSrcweir m_currentReferenceURI = ouUri; 129cdf0e10cSrcweir m_bReferenceUnresolved = true; 130cdf0e10cSrcweir } 131cdf0e10cSrcweir } 132cdf0e10cSrcweir else if (aName == rtl::OUString(RTL_ASCII_USTRINGPARAM(TAG_TRANSFORM))) 133cdf0e10cSrcweir { 134cdf0e10cSrcweir if ( m_bReferenceUnresolved ) 135cdf0e10cSrcweir { 136cdf0e10cSrcweir rtl::OUString ouAlgorithm = xAttribs->getValueByName(rtl::OUString(RTL_ASCII_USTRINGPARAM(ATTR_ALGORITHM))); 137cdf0e10cSrcweir 138cdf0e10cSrcweir if (ouAlgorithm != NULL && ouAlgorithm == rtl::OUString(RTL_ASCII_USTRINGPARAM(ALGO_C14N))) 139cdf0e10cSrcweir /* 140cdf0e10cSrcweir * a xml stream 141cdf0e10cSrcweir */ 142cdf0e10cSrcweir { 143cdf0e10cSrcweir m_pXSecController->addStreamReference( m_currentReferenceURI, sal_False); 144cdf0e10cSrcweir m_bReferenceUnresolved = false; 145cdf0e10cSrcweir } 146cdf0e10cSrcweir } 147cdf0e10cSrcweir } 148cdf0e10cSrcweir else if (aName == rtl::OUString(RTL_ASCII_USTRINGPARAM(TAG_X509ISSUERNAME))) 149cdf0e10cSrcweir { 150cdf0e10cSrcweir m_ouX509IssuerName = rtl::OUString::createFromAscii(""); 151cdf0e10cSrcweir m_bInX509IssuerName = true; 152cdf0e10cSrcweir } 153cdf0e10cSrcweir else if (aName == rtl::OUString(RTL_ASCII_USTRINGPARAM(TAG_X509SERIALNUMBER))) 154cdf0e10cSrcweir { 155cdf0e10cSrcweir m_ouX509SerialNumber = rtl::OUString::createFromAscii(""); 156cdf0e10cSrcweir m_bInX509SerialNumber = true; 157cdf0e10cSrcweir } 158cdf0e10cSrcweir else if (aName == rtl::OUString(RTL_ASCII_USTRINGPARAM(TAG_X509CERTIFICATE))) 159cdf0e10cSrcweir { 160cdf0e10cSrcweir m_ouX509Certificate = rtl::OUString::createFromAscii(""); 161cdf0e10cSrcweir m_bInX509Certificate = true; 162cdf0e10cSrcweir } 163cdf0e10cSrcweir else if (aName == rtl::OUString(RTL_ASCII_USTRINGPARAM(TAG_SIGNATUREVALUE))) 164cdf0e10cSrcweir { 165cdf0e10cSrcweir m_ouSignatureValue = rtl::OUString::createFromAscii(""); 166cdf0e10cSrcweir m_bInSignatureValue = true; 167cdf0e10cSrcweir } 168cdf0e10cSrcweir else if (aName == rtl::OUString(RTL_ASCII_USTRINGPARAM(TAG_DIGESTVALUE))) 169cdf0e10cSrcweir { 170cdf0e10cSrcweir m_ouDigestValue = rtl::OUString::createFromAscii(""); 171cdf0e10cSrcweir m_bInDigestValue = true; 172cdf0e10cSrcweir } 173cdf0e10cSrcweir else if ( aName == rtl::OUString(RTL_ASCII_USTRINGPARAM(TAG_SIGNATUREPROPERTY)) ) 174cdf0e10cSrcweir { 175cdf0e10cSrcweir if (ouIdAttr != NULL) 176cdf0e10cSrcweir { 177cdf0e10cSrcweir m_pXSecController->setPropertyId( ouIdAttr ); 178cdf0e10cSrcweir } 179cdf0e10cSrcweir } 180cdf0e10cSrcweir else if (aName == rtl::OUString(RTL_CONSTASCII_USTRINGPARAM(NSTAG_DC)) 181cdf0e10cSrcweir +rtl::OUString(RTL_CONSTASCII_USTRINGPARAM(":")) 182cdf0e10cSrcweir +rtl::OUString(RTL_CONSTASCII_USTRINGPARAM(TAG_DATE))) 183cdf0e10cSrcweir { 184cdf0e10cSrcweir m_ouDate = rtl::OUString::createFromAscii(""); 185cdf0e10cSrcweir m_bInDate = true; 186cdf0e10cSrcweir } 187cdf0e10cSrcweir /* 188cdf0e10cSrcweir else if (aName == rtl::OUString(RTL_ASCII_USTRINGPARAM(TAG_TIME))) 189cdf0e10cSrcweir { 190cdf0e10cSrcweir m_ouTime = rtl::OUString::createFromAscii(""); 191cdf0e10cSrcweir m_bInTime = true; 192cdf0e10cSrcweir } 193cdf0e10cSrcweir */ 194cdf0e10cSrcweir 195cdf0e10cSrcweir if (m_xNextHandler.is()) 196cdf0e10cSrcweir { 197cdf0e10cSrcweir m_xNextHandler->startElement(aName, xAttribs); 198cdf0e10cSrcweir } 199cdf0e10cSrcweir } 200cdf0e10cSrcweir catch (cssu::Exception& ) 201cdf0e10cSrcweir {//getCaughtException MUST be the first line in the catch block 202cdf0e10cSrcweir cssu::Any exc = cppu::getCaughtException(); 203cdf0e10cSrcweir throw cssxs::SAXException( 204cdf0e10cSrcweir rtl::OUString(RTL_CONSTASCII_USTRINGPARAM( 205cdf0e10cSrcweir "xmlsecurity: Exception in XSecParser::startElement")), 206cdf0e10cSrcweir 0, exc); 207cdf0e10cSrcweir } 208cdf0e10cSrcweir catch (...) 209cdf0e10cSrcweir { 210cdf0e10cSrcweir throw cssxs::SAXException( 211cdf0e10cSrcweir rtl::OUString(RTL_CONSTASCII_USTRINGPARAM("xmlsecurity: unexpected exception in XSecParser::startElement")), 0, 212cdf0e10cSrcweir cssu::Any()); 213cdf0e10cSrcweir } 214cdf0e10cSrcweir } 215cdf0e10cSrcweir 216cdf0e10cSrcweir void SAL_CALL XSecParser::endElement( const rtl::OUString& aName ) 217cdf0e10cSrcweir throw (cssxs::SAXException, cssu::RuntimeException) 218cdf0e10cSrcweir { 219cdf0e10cSrcweir try 220cdf0e10cSrcweir { 221cdf0e10cSrcweir if (aName == rtl::OUString(RTL_ASCII_USTRINGPARAM(TAG_DIGESTVALUE))) 222cdf0e10cSrcweir { 223cdf0e10cSrcweir m_bInDigestValue = false; 224cdf0e10cSrcweir } 225cdf0e10cSrcweir else if ( aName == rtl::OUString(RTL_ASCII_USTRINGPARAM(TAG_REFERENCE)) ) 226cdf0e10cSrcweir { 227cdf0e10cSrcweir if ( m_bReferenceUnresolved ) 228cdf0e10cSrcweir /* 229cdf0e10cSrcweir * it must be a octet stream 230cdf0e10cSrcweir */ 231cdf0e10cSrcweir { 232cdf0e10cSrcweir m_pXSecController->addStreamReference( m_currentReferenceURI, sal_True); 233cdf0e10cSrcweir m_bReferenceUnresolved = false; 234cdf0e10cSrcweir } 235cdf0e10cSrcweir 236cdf0e10cSrcweir m_pXSecController->setDigestValue( m_ouDigestValue ); 237cdf0e10cSrcweir } 238cdf0e10cSrcweir else if ( aName == rtl::OUString(RTL_ASCII_USTRINGPARAM(TAG_SIGNEDINFO)) ) 239cdf0e10cSrcweir { 240cdf0e10cSrcweir m_pXSecController->setReferenceCount(); 241cdf0e10cSrcweir } 242cdf0e10cSrcweir else if ( aName == rtl::OUString(RTL_ASCII_USTRINGPARAM(TAG_SIGNATUREVALUE)) ) 243cdf0e10cSrcweir { 244cdf0e10cSrcweir m_pXSecController->setSignatureValue( m_ouSignatureValue ); 245cdf0e10cSrcweir m_bInSignatureValue = false; 246cdf0e10cSrcweir } 247cdf0e10cSrcweir else if (aName == rtl::OUString(RTL_ASCII_USTRINGPARAM(TAG_X509ISSUERNAME))) 248cdf0e10cSrcweir { 249cdf0e10cSrcweir m_pXSecController->setX509IssuerName( m_ouX509IssuerName ); 250cdf0e10cSrcweir m_bInX509IssuerName = false; 251cdf0e10cSrcweir } 252cdf0e10cSrcweir else if (aName == rtl::OUString(RTL_ASCII_USTRINGPARAM(TAG_X509SERIALNUMBER))) 253cdf0e10cSrcweir { 254cdf0e10cSrcweir m_pXSecController->setX509SerialNumber( m_ouX509SerialNumber ); 255cdf0e10cSrcweir m_bInX509SerialNumber = false; 256cdf0e10cSrcweir } 257cdf0e10cSrcweir else if (aName == rtl::OUString(RTL_ASCII_USTRINGPARAM(TAG_X509CERTIFICATE))) 258cdf0e10cSrcweir { 259cdf0e10cSrcweir m_pXSecController->setX509Certificate( m_ouX509Certificate ); 260cdf0e10cSrcweir m_bInX509Certificate = false; 261cdf0e10cSrcweir } 262cdf0e10cSrcweir else if (aName == rtl::OUString(RTL_CONSTASCII_USTRINGPARAM(NSTAG_DC)) 263cdf0e10cSrcweir +rtl::OUString(RTL_CONSTASCII_USTRINGPARAM(":")) 264cdf0e10cSrcweir +rtl::OUString(RTL_CONSTASCII_USTRINGPARAM(TAG_DATE))) 265cdf0e10cSrcweir { 266cdf0e10cSrcweir m_pXSecController->setDate( m_ouDate ); 267cdf0e10cSrcweir m_bInDate = false; 268cdf0e10cSrcweir } 269cdf0e10cSrcweir /* 270cdf0e10cSrcweir else if ( aName == rtl::OUString(RTL_ASCII_USTRINGPARAM(TAG_TIME)) ) 271cdf0e10cSrcweir { 272cdf0e10cSrcweir m_pXSecController->setTime( m_ouTime ); 273cdf0e10cSrcweir m_bInTime = false; 274cdf0e10cSrcweir } 275cdf0e10cSrcweir */ 276cdf0e10cSrcweir 277cdf0e10cSrcweir if (m_xNextHandler.is()) 278cdf0e10cSrcweir { 279cdf0e10cSrcweir m_xNextHandler->endElement(aName); 280cdf0e10cSrcweir } 281cdf0e10cSrcweir } 282cdf0e10cSrcweir catch (cssu::Exception& ) 283cdf0e10cSrcweir {//getCaughtException MUST be the first line in the catch block 284cdf0e10cSrcweir cssu::Any exc = cppu::getCaughtException(); 285cdf0e10cSrcweir throw cssxs::SAXException( 286cdf0e10cSrcweir rtl::OUString(RTL_CONSTASCII_USTRINGPARAM( 287cdf0e10cSrcweir "xmlsecurity: Exception in XSecParser::endElement")), 288cdf0e10cSrcweir 0, exc); 289cdf0e10cSrcweir } 290cdf0e10cSrcweir catch (...) 291cdf0e10cSrcweir { 292cdf0e10cSrcweir throw cssxs::SAXException( 293cdf0e10cSrcweir rtl::OUString(RTL_CONSTASCII_USTRINGPARAM("xmlsecurity: unexpected exception in XSecParser::endElement")), 0, 294cdf0e10cSrcweir cssu::Any()); 295cdf0e10cSrcweir } 296cdf0e10cSrcweir } 297cdf0e10cSrcweir 298cdf0e10cSrcweir void SAL_CALL XSecParser::characters( const rtl::OUString& aChars ) 299cdf0e10cSrcweir throw (cssxs::SAXException, cssu::RuntimeException) 300cdf0e10cSrcweir { 301cdf0e10cSrcweir if (m_bInX509IssuerName) 302cdf0e10cSrcweir { 303cdf0e10cSrcweir m_ouX509IssuerName += aChars; 304cdf0e10cSrcweir } 305cdf0e10cSrcweir else if (m_bInX509SerialNumber) 306cdf0e10cSrcweir { 307cdf0e10cSrcweir m_ouX509SerialNumber += aChars; 308cdf0e10cSrcweir } 309cdf0e10cSrcweir else if (m_bInX509Certificate) 310cdf0e10cSrcweir { 311cdf0e10cSrcweir m_ouX509Certificate += aChars; 312cdf0e10cSrcweir } 313cdf0e10cSrcweir else if (m_bInSignatureValue) 314cdf0e10cSrcweir { 315cdf0e10cSrcweir m_ouSignatureValue += aChars; 316cdf0e10cSrcweir } 317cdf0e10cSrcweir else if (m_bInDigestValue) 318cdf0e10cSrcweir { 319cdf0e10cSrcweir m_ouDigestValue += aChars; 320cdf0e10cSrcweir } 321cdf0e10cSrcweir else if (m_bInDate) 322cdf0e10cSrcweir { 323cdf0e10cSrcweir m_ouDate += aChars; 324cdf0e10cSrcweir } 325cdf0e10cSrcweir /* 326cdf0e10cSrcweir else if (m_bInTime) 327cdf0e10cSrcweir { 328cdf0e10cSrcweir m_ouTime += aChars; 329cdf0e10cSrcweir } 330cdf0e10cSrcweir */ 331cdf0e10cSrcweir 332cdf0e10cSrcweir if (m_xNextHandler.is()) 333cdf0e10cSrcweir { 334cdf0e10cSrcweir m_xNextHandler->characters(aChars); 335cdf0e10cSrcweir } 336cdf0e10cSrcweir } 337cdf0e10cSrcweir 338cdf0e10cSrcweir void SAL_CALL XSecParser::ignorableWhitespace( const rtl::OUString& aWhitespaces ) 339cdf0e10cSrcweir throw (cssxs::SAXException, cssu::RuntimeException) 340cdf0e10cSrcweir { 341cdf0e10cSrcweir if (m_xNextHandler.is()) 342cdf0e10cSrcweir { 343cdf0e10cSrcweir m_xNextHandler->ignorableWhitespace( aWhitespaces ); 344cdf0e10cSrcweir } 345cdf0e10cSrcweir } 346cdf0e10cSrcweir 347cdf0e10cSrcweir void SAL_CALL XSecParser::processingInstruction( const rtl::OUString& aTarget, const rtl::OUString& aData ) 348cdf0e10cSrcweir throw (cssxs::SAXException, cssu::RuntimeException) 349cdf0e10cSrcweir { 350cdf0e10cSrcweir if (m_xNextHandler.is()) 351cdf0e10cSrcweir { 352cdf0e10cSrcweir m_xNextHandler->processingInstruction(aTarget, aData); 353cdf0e10cSrcweir } 354cdf0e10cSrcweir } 355cdf0e10cSrcweir 356cdf0e10cSrcweir void SAL_CALL XSecParser::setDocumentLocator( const cssu::Reference< cssxs::XLocator >& xLocator ) 357cdf0e10cSrcweir throw (cssxs::SAXException, cssu::RuntimeException) 358cdf0e10cSrcweir { 359cdf0e10cSrcweir if (m_xNextHandler.is()) 360cdf0e10cSrcweir { 361cdf0e10cSrcweir m_xNextHandler->setDocumentLocator( xLocator ); 362cdf0e10cSrcweir } 363cdf0e10cSrcweir } 364cdf0e10cSrcweir 365cdf0e10cSrcweir /* 366cdf0e10cSrcweir * XInitialization 367cdf0e10cSrcweir */ 368cdf0e10cSrcweir void SAL_CALL XSecParser::initialize( 369cdf0e10cSrcweir const cssu::Sequence< cssu::Any >& aArguments ) 370cdf0e10cSrcweir throw(cssu::Exception, cssu::RuntimeException) 371cdf0e10cSrcweir { 372cdf0e10cSrcweir aArguments[0] >>= m_xNextHandler; 373cdf0e10cSrcweir } 374