xmlsecurity/tools/standalone/csfit/certmngr.cxx

   1 /*************************************************************************
   2  *
   3  * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
   4  *
   5  * Copyright 2000, 2010 Oracle and/or its affiliates.
   6  *
   7  * OpenOffice.org - a multi-platform office productivity suite
   8  *
   9  * This file is part of OpenOffice.org.
  10  *
  11  * OpenOffice.org is free software: you can redistribute it and/or modify
  12  * it under the terms of the GNU Lesser General Public License version 3
  13  * only, as published by the Free Software Foundation.
  14  *
  15  * OpenOffice.org is distributed in the hope that it will be useful,
  16  * but WITHOUT ANY WARRANTY; without even the implied warranty of
  17  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
  18  * GNU Lesser General Public License version 3 for more details
  19  * (a copy is included in the LICENSE file that accompanied this code).
  20  *
  21  * You should have received a copy of the GNU Lesser General Public License
  22  * version 3 along with OpenOffice.org.  If not, see
  23  * <http://www.openoffice.org/license.html>
  24  * for a copy of the LGPLv3 License.
  25  *
  26  ************************************************************************/
  27
  28 // MARKER(update_precomp.py): autogen include statement, do not remove
  29 #include "precompiled_xmlsecurity.hxx"
  30
  31 #include <stdio.h>
  32 #include "helper.hxx"
  33
  34 #include "libxml/tree.h"
  35 #include "libxml/parser.h"
  36 #ifndef XMLSEC_NO_XSLT
  37 #include "libxslt/xslt.h"
  38 #endif
  39
  40 #include "securityenvironment_nssimpl.hxx"
  41
  42 #include <xmlsecurity/biginteger.hxx>
  43
  44
  45 #include "nspr.h"
  46 #include "prtypes.h"
  47
  48 #include "pk11func.h"
  49 #include "cert.h"
  50 #include "cryptohi.h"
  51 #include "certdb.h"
  52 #include "nss.h"
  53
  54 #include "xmlsec/strings.h"
  55 #include "xmlsec/xmltree.h"
  56
  57 #include <rtl/ustring.hxx>
  58
  59 using namespace ::rtl ;
  60 using namespace ::cppu ;
  61 using namespace ::com::sun::star::uno ;
  62 using namespace ::com::sun::star::io ;
  63 using namespace ::com::sun::star::ucb ;
  64 using namespace ::com::sun::star::beans ;
  65 using namespace ::com::sun::star::document ;
  66 using namespace ::com::sun::star::lang ;
  67 using namespace ::com::sun::star::security ;
  68 using namespace ::com::sun::star::xml::wrapper ;
  69 using namespace ::com::sun::star::xml::crypto ;
  70
  71 int SAL_CALL main( int argc, char **argv )
  72 {
  73     CERTCertDBHandle*   certHandle ;
  74     PK11SlotInfo*       slot ;
  75
  76     if( argc != 3 ) {
  77         fprintf( stderr, "Usage: %s < CertDir > <rdb file>\n\n" , argv[0] ) ;
  78         return 1 ;
  79     }
  80
  81     for( ; getchar() != 'q' ; ) {
  82         slot = NULL ;
  83
  84     //Initialize NSPR and NSS
  85     PR_Init( PR_SYSTEM_THREAD, PR_PRIORITY_NORMAL, 1 ) ;
  86     PK11_SetPasswordFunc( PriPK11PasswordFunc ) ;
  87     if( NSS_Init( argv[1] ) != SECSuccess ) {
  88         fprintf( stderr , "### cannot intialize NSS!\n" ) ;
  89         goto done ;
  90     }
  91
  92     certHandle = CERT_GetDefaultCertDB() ;
  93     slot = PK11_GetInternalKeySlot() ;
  94
  95     if( PK11_NeedLogin( slot ) ) {
  96         SECStatus nRet = PK11_Authenticate( slot, PR_TRUE, NULL );
  97         if( nRet != SECSuccess ) {
  98             fprintf( stderr , "### cannot authehticate the crypto token!\n" ) ;
  99             goto done ;
 100         }
 101     }
 102
 103
 104     try {
 105         Reference< XMultiComponentFactory > xManager = NULL ;
 106         Reference< XComponentContext > xContext = NULL ;
 107
 108         xManager = serviceManager( xContext , OUString::createFromAscii( "local" ), OUString::createFromAscii( argv[2] ) ) ;
 109         OSL_ENSURE( xManager.is() ,
 110             "ServicesManager - "
 111             "Cannot get service manager" ) ;
 112
 113         //Create security environment
 114         //Build Security Environment
 115         Reference< XInterface > xsecenv =
 116             xManager->createInstanceWithContext( OUString::createFromAscii("com.sun.star.xml.security.bridge.xmlsec.SecurityEnvironment_NssImpl"), xContext ) ;
 117         OSL_ENSURE( xsecenv.is() ,
 118             "Signer - "
 119             "Cannot get service instance of \"xsec.SecurityEnvironment\"" ) ;
 120
 121         Reference< XSecurityEnvironment > xSecEnv( xsecenv , UNO_QUERY ) ;
 122         OSL_ENSURE( xSecEnv.is() ,
 123             "Signer - "
 124             "Cannot get interface of \"XSecurityEnvironment\" from service \"xsec.SecurityEnvironment\"" ) ;
 125
 126         //Setup key slot and certDb
 127         Reference< XUnoTunnel > xEnvTunnel( xsecenv , UNO_QUERY ) ;
 128         OSL_ENSURE( xEnvTunnel.is() ,
 129             "Signer - "
 130             "Cannot get interface of \"XUnoTunnel\" from service \"xsec.SecurityEnvironment\"" ) ;
 131
 132         SecurityEnvironment_NssImpl* pSecEnv = ( SecurityEnvironment_NssImpl* )xEnvTunnel->getSomething( SecurityEnvironment_NssImpl::getUnoTunnelId() ) ;
 133         OSL_ENSURE( pSecEnv != NULL ,
 134             "Signer - "
 135             "Cannot get implementation of \"xsec.SecurityEnvironment\"" ) ;
 136
 137         pSecEnv->setCryptoSlot( slot ) ;
 138         pSecEnv->setCertDb( certHandle ) ;
 139
 140         //Get personal certificate
 141         Sequence < Reference< XCertificate > > xPersonalCerts = pSecEnv->getPersonalCertificates() ;
 142         Sequence < Reference< XCertificate > > xCertPath ;
 143         for( int i = 0; i < xPersonalCerts.getLength(); i ++ ) {
 144             //Print the certificate infomation.
 145             fprintf( stdout, "\nPersonal Certificate Info\n" ) ;
 146             fprintf( stdout, "\tCertificate Issuer[%s]\n", OUStringToOString( xPersonalCerts[i]->getIssuerName(), RTL_TEXTENCODING_ASCII_US ).getStr() ) ;
 147             fprintf( stdout, "\tCertificate Serial Number[%s]\n", OUStringToOString( bigIntegerToNumericString( xPersonalCerts[i]->getSerialNumber() ), RTL_TEXTENCODING_ASCII_US ).getStr() ) ;
 148             fprintf( stdout, "\tCertificate Subject[%s]\n", OUStringToOString( xPersonalCerts[i]->getSubjectName(), RTL_TEXTENCODING_ASCII_US ).getStr() ) ;
 149
 150             //build the certificate path
 151             xCertPath = pSecEnv->buildCertificatePath( xPersonalCerts[i] ) ;
 152             //Print the certificate path.
 153             fprintf( stdout, "\tCertificate Path\n" ) ;
 154             for( int j = 0; j < xCertPath.getLength(); j ++ ) {
 155                 fprintf( stdout, "\t\tCertificate Authority Subject[%s]\n", OUStringToOString( xCertPath[j]->getSubjectName(), RTL_TEXTENCODING_ASCII_US ).getStr() ) ;
 156             }
 157
 158             //Get the certificate
 159             Sequence < sal_Int8 > serial = xPersonalCerts[i]->getSerialNumber() ;
 160             Reference< XCertificate > xcert = pSecEnv->getCertificate( xPersonalCerts[i]->getIssuerName(), xPersonalCerts[i]->getSerialNumber() ) ;
 161             if( !xcert.is() ) {
 162                 fprintf( stdout, "The personal certificate is not in the certificate database\n" ) ;
 163             }
 164
 165             //Get the certificate characters
 166             sal_Int32 chars = pSecEnv->getCertificateCharacters( xPersonalCerts[i] ) ;
 167             fprintf( stdout, "The certificate characters are %d\n", chars ) ;
 168
 169             //Get the certificate status
 170             sal_Int32 validity = pSecEnv->verifyCertificate( xPersonalCerts[i] ) ;
 171             fprintf( stdout, "The certificate validities are %d\n", validity ) ;
 172         }
 173     } catch( Exception& e ) {
 174         fprintf( stderr , "Error Message: %s\n" , OUStringToOString( e.Message , RTL_TEXTENCODING_ASCII_US ).getStr() ) ;
 175         goto done ;
 176     }
 177
 178 done:
 179     if( slot != NULL )
 180         PK11_FreeSlot( slot ) ;
 181
 182     PK11_LogoutAll() ;
 183     NSS_Shutdown() ;
 184
 185     }
 186
 187     return 0;
 188 }
 189