xref: /trunk/main/xmlsecurity/tools/standalone/csfit/certmngr.cxx (revision cdf0e10c4e3984b49a9502b011690b615761d4a3) 
1 /*************************************************************************
2  *
3  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
4  *
5  * Copyright 2000, 2010 Oracle and/or its affiliates.
6  *
7  * OpenOffice.org - a multi-platform office productivity suite
8  *
9  * This file is part of OpenOffice.org.
10  *
11  * OpenOffice.org is free software: you can redistribute it and/or modify
12  * it under the terms of the GNU Lesser General Public License version 3
13  * only, as published by the Free Software Foundation.
14  *
15  * OpenOffice.org is distributed in the hope that it will be useful,
16  * but WITHOUT ANY WARRANTY; without even the implied warranty of
17  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
18  * GNU Lesser General Public License version 3 for more details
19  * (a copy is included in the LICENSE file that accompanied this code).
20  *
21  * You should have received a copy of the GNU Lesser General Public License
22  * version 3 along with OpenOffice.org.  If not, see
23  * <http://www.openoffice.org/license.html>
24  * for a copy of the LGPLv3 License.
25  *
26  ************************************************************************/
27 
28 // MARKER(update_precomp.py): autogen include statement, do not remove
29 #include "precompiled_xmlsecurity.hxx"
30 
31 #include <stdio.h>
32 #include "helper.hxx"
33 
34 #include "libxml/tree.h"
35 #include "libxml/parser.h"
36 #ifndef XMLSEC_NO_XSLT
37 #include "libxslt/xslt.h"
38 #endif
39 
40 #include "securityenvironment_nssimpl.hxx"
41 
42 #include <xmlsecurity/biginteger.hxx>
43 
44 
45 #include "nspr.h"
46 #include "prtypes.h"
47 
48 #include "pk11func.h"
49 #include "cert.h"
50 #include "cryptohi.h"
51 #include "certdb.h"
52 #include "nss.h"
53 
54 #include "xmlsec/strings.h"
55 #include "xmlsec/xmltree.h"
56 
57 #include <rtl/ustring.hxx>
58 
59 using namespace ::rtl ;
60 using namespace ::cppu ;
61 using namespace ::com::sun::star::uno ;
62 using namespace ::com::sun::star::io ;
63 using namespace ::com::sun::star::ucb ;
64 using namespace ::com::sun::star::beans ;
65 using namespace ::com::sun::star::document ;
66 using namespace ::com::sun::star::lang ;
67 using namespace ::com::sun::star::security ;
68 using namespace ::com::sun::star::xml::wrapper ;
69 using namespace ::com::sun::star::xml::crypto ;
70 
71 int SAL_CALL main( int argc, char **argv )
72 {
73     CERTCertDBHandle*   certHandle ;
74     PK11SlotInfo*       slot ;
75 
76     if( argc != 3 ) {
77         fprintf( stderr, "Usage: %s < CertDir > <rdb file>\n\n" , argv[0] ) ;
78         return 1 ;
79     }
80 
81     for( ; getchar() != 'q' ; ) {
82         slot = NULL ;
83 
84     //Initialize NSPR and NSS
85     PR_Init( PR_SYSTEM_THREAD, PR_PRIORITY_NORMAL, 1 ) ;
86     PK11_SetPasswordFunc( PriPK11PasswordFunc ) ;
87     if( NSS_Init( argv[1] ) != SECSuccess ) {
88         fprintf( stderr , "### cannot intialize NSS!\n" ) ;
89         goto done ;
90     }
91 
92     certHandle = CERT_GetDefaultCertDB() ;
93     slot = PK11_GetInternalKeySlot() ;
94 
95     if( PK11_NeedLogin( slot ) ) {
96         SECStatus nRet = PK11_Authenticate( slot, PR_TRUE, NULL );
97         if( nRet != SECSuccess ) {
98             fprintf( stderr , "### cannot authehticate the crypto token!\n" ) ;
99             goto done ;
100         }
101     }
102 
103 
104     try {
105         Reference< XMultiComponentFactory > xManager = NULL ;
106         Reference< XComponentContext > xContext = NULL ;
107 
108         xManager = serviceManager( xContext , OUString::createFromAscii( "local" ), OUString::createFromAscii( argv[2] ) ) ;
109         OSL_ENSURE( xManager.is() ,
110             "ServicesManager - "
111             "Cannot get service manager" ) ;
112 
113         //Create security environment
114         //Build Security Environment
115         Reference< XInterface > xsecenv =
116             xManager->createInstanceWithContext( OUString::createFromAscii("com.sun.star.xml.security.bridge.xmlsec.SecurityEnvironment_NssImpl"), xContext ) ;
117         OSL_ENSURE( xsecenv.is() ,
118             "Signer - "
119             "Cannot get service instance of \"xsec.SecurityEnvironment\"" ) ;
120 
121         Reference< XSecurityEnvironment > xSecEnv( xsecenv , UNO_QUERY ) ;
122         OSL_ENSURE( xSecEnv.is() ,
123             "Signer - "
124             "Cannot get interface of \"XSecurityEnvironment\" from service \"xsec.SecurityEnvironment\"" ) ;
125 
126         //Setup key slot and certDb
127         Reference< XUnoTunnel > xEnvTunnel( xsecenv , UNO_QUERY ) ;
128         OSL_ENSURE( xEnvTunnel.is() ,
129             "Signer - "
130             "Cannot get interface of \"XUnoTunnel\" from service \"xsec.SecurityEnvironment\"" ) ;
131 
132         SecurityEnvironment_NssImpl* pSecEnv = ( SecurityEnvironment_NssImpl* )xEnvTunnel->getSomething( SecurityEnvironment_NssImpl::getUnoTunnelId() ) ;
133         OSL_ENSURE( pSecEnv != NULL ,
134             "Signer - "
135             "Cannot get implementation of \"xsec.SecurityEnvironment\"" ) ;
136 
137         pSecEnv->setCryptoSlot( slot ) ;
138         pSecEnv->setCertDb( certHandle ) ;
139 
140         //Get personal certificate
141         Sequence < Reference< XCertificate > > xPersonalCerts = pSecEnv->getPersonalCertificates() ;
142         Sequence < Reference< XCertificate > > xCertPath ;
143         for( int i = 0; i < xPersonalCerts.getLength(); i ++ ) {
144             //Print the certificate infomation.
145             fprintf( stdout, "\nPersonal Certificate Info\n" ) ;
146             fprintf( stdout, "\tCertificate Issuer[%s]\n", OUStringToOString( xPersonalCerts[i]->getIssuerName(), RTL_TEXTENCODING_ASCII_US ).getStr() ) ;
147             fprintf( stdout, "\tCertificate Serial Number[%s]\n", OUStringToOString( bigIntegerToNumericString( xPersonalCerts[i]->getSerialNumber() ), RTL_TEXTENCODING_ASCII_US ).getStr() ) ;
148             fprintf( stdout, "\tCertificate Subject[%s]\n", OUStringToOString( xPersonalCerts[i]->getSubjectName(), RTL_TEXTENCODING_ASCII_US ).getStr() ) ;
149 
150             //build the certificate path
151             xCertPath = pSecEnv->buildCertificatePath( xPersonalCerts[i] ) ;
152             //Print the certificate path.
153             fprintf( stdout, "\tCertificate Path\n" ) ;
154             for( int j = 0; j < xCertPath.getLength(); j ++ ) {
155                 fprintf( stdout, "\t\tCertificate Authority Subject[%s]\n", OUStringToOString( xCertPath[j]->getSubjectName(), RTL_TEXTENCODING_ASCII_US ).getStr() ) ;
156             }
157 
158             //Get the certificate
159             Sequence < sal_Int8 > serial = xPersonalCerts[i]->getSerialNumber() ;
160             Reference< XCertificate > xcert = pSecEnv->getCertificate( xPersonalCerts[i]->getIssuerName(), xPersonalCerts[i]->getSerialNumber() ) ;
161             if( !xcert.is() ) {
162                 fprintf( stdout, "The personal certificate is not in the certificate database\n" ) ;
163             }
164 
165             //Get the certificate characters
166             sal_Int32 chars = pSecEnv->getCertificateCharacters( xPersonalCerts[i] ) ;
167             fprintf( stdout, "The certificate characters are %d\n", chars ) ;
168 
169             //Get the certificate status
170             sal_Int32 validity = pSecEnv->verifyCertificate( xPersonalCerts[i] ) ;
171             fprintf( stdout, "The certificate validities are %d\n", validity ) ;
172         }
173     } catch( Exception& e ) {
174         fprintf( stderr , "Error Message: %s\n" , OUStringToOString( e.Message , RTL_TEXTENCODING_ASCII_US ).getStr() ) ;
175         goto done ;
176     }
177 
178 done:
179     if( slot != NULL )
180         PK11_FreeSlot( slot ) ;
181 
182     PK11_LogoutAll() ;
183     NSS_Shutdown() ;
184 
185     }
186 
187     return 0;
188 }
189 
190