search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
Version 6.4.0.0.beta1, tag libreoffice-6.4.0.0.beta1
[LibreOffice.git] / xmlsecurity / source / gpg / xmlsignature_gpgimpl.cxx
blob62c188eff2445815df4a920eb30a6c27cc5f3e34
1 /* -*- Mode: C++; tab-width: 4; indent-tabs-mode: nil; c-basic-offset: 4 -*- */
2 /*
3 * This file is part of the LibreOffice project.
4 *
5 * This Source Code Form is subject to the terms of the Mozilla Public
6 * License, v. 2.0. If a copy of the MPL was not distributed with this
7 * file, You can obtain one at http://mozilla.org/MPL/2.0/.
8 *
9 * This file incorporates work covered by the following license notice:
10 *
11 * Licensed to the Apache Software Foundation (ASF) under one or more
12 * contributor license agreements. See the NOTICE file distributed
13 * with this work for additional information regarding copyright
14 * ownership. The ASF licenses this file to you under the Apache
15 * License, Version 2.0 (the "License"); you may not use this file
16 * except in compliance with the License. You may obtain a copy of
17 * the License at http://www.apache.org/licenses/LICENSE-2.0 .
18 */
19
20 #include <sal/config.h>
21 #include <sal/log.hxx>
22 #include <cppuhelper/supportsservice.hxx>
23 #include <gpg/xmlsignature_gpgimpl.hxx>
24
25 #if defined _MSC_VER && defined __clang__
26 #pragma clang diagnostic push
27 #pragma clang diagnostic ignored "-Wundef"
28 #endif
29 #include <gpgme.h>
30 #if defined _MSC_VER && defined __clang__
31 #pragma clang diagnostic pop
32 #endif
33 #include <context.h>
34 #include <key.h>
35 #include <data.h>
36 #include <signingresult.h>
37 #include <importresult.h>
38
39 #include <xmlelementwrapper_xmlsecimpl.hxx>
40 #include <xmlsec/xmlstreamio.hxx>
41 #include <xmlsec/errorcallback.hxx>
42
43 #include "SecurityEnvironment.hxx"
44 #include <xmlsec-wrapper.h>
45
46 using namespace css::uno;
47 using namespace css::lang;
48 using namespace css::xml::wrapper;
49 using namespace css::xml::crypto;
50
51 XMLSignature_GpgImpl::XMLSignature_GpgImpl() {
52 }
53
54 XMLSignature_GpgImpl::~XMLSignature_GpgImpl() {
55 }
56
57 /* XXMLSignature */
58 Reference< XXMLSignatureTemplate >
59 SAL_CALL XMLSignature_GpgImpl::generate(
60 const Reference< XXMLSignatureTemplate >& aTemplate ,
61 const Reference< XSecurityEnvironment >& aEnvironment
62 )
63 {
64 xmlSecDSigCtxPtr pDsigCtx = nullptr ;
65 xmlNodePtr pNode = nullptr ;
66
67 if( !aTemplate.is() )
68 throw RuntimeException() ;
69
70 if( !aEnvironment.is() )
71 throw RuntimeException() ;
72
73 //Get the xml node
74 Reference< XXMLElementWrapper > xElement = aTemplate->getTemplate() ;
75 if( !xElement.is() ) {
76 throw RuntimeException() ;
77 }
78
79 XMLElementWrapper_XmlSecImpl* pElement =
80 dynamic_cast<XMLElementWrapper_XmlSecImpl*>(xElement.get());
81 if( pElement == nullptr ) {
82 throw RuntimeException() ;
83 }
84
85 pNode = pElement->getNativeElement() ;
86
87 //Get the stream/URI binding
88 Reference< XUriBinding > xUriBinding = aTemplate->getBinding() ;
89 if( xUriBinding.is() ) {
90 //Register the stream input callbacks into libxml2
91 if( xmlRegisterStreamInputCallbacks( xUriBinding ) < 0 )
92 throw RuntimeException() ;
93 }
94
95 //Get Keys Manager
96 SecurityEnvironmentGpg* pSecEnv =
97 dynamic_cast<SecurityEnvironmentGpg*>(aEnvironment.get());
98 if( pSecEnv == nullptr )
99 throw RuntimeException() ;
100
101 setErrorRecorder();
102
103 //Create Signature context
104 pDsigCtx = xmlSecDSigCtxCreate( nullptr ) ;
105 if( pDsigCtx == nullptr )
106 {
107 clearErrorRecorder();
108 return aTemplate;
109 }
110
111 // set intended operation to sign - several asserts inside libxmlsec
112 // wanting that for digest / transforms
113 pDsigCtx->operation = xmlSecTransformOperationSign;
114
115 // we default to SHA512 for all digests - nss crypto does not have it...
116 //pDsigCtx->defDigestMethodId = xmlSecTransformSha512Id;
117
118 // Calculate digest for all references
119 xmlNodePtr cur = xmlSecGetNextElementNode(pNode->children);
120 if( cur != nullptr )
121 cur = xmlSecGetNextElementNode(cur->children);
122 while( cur != nullptr )
123 {
124 // some of those children I suppose should be reference elements
125 if( xmlSecCheckNodeName(cur, xmlSecNodeReference, xmlSecDSigNs) )
126 {
127 xmlSecDSigReferenceCtxPtr pDsigRefCtx =
128 xmlSecDSigReferenceCtxCreate(pDsigCtx,
129 xmlSecDSigReferenceOriginSignedInfo);
130 if(pDsigRefCtx == nullptr)
131 throw RuntimeException();
132
133 // add this one to the list
134 if( xmlSecPtrListAdd(&(pDsigCtx->signedInfoReferences),
135 pDsigRefCtx) < 0 )
136 {
137 // TODO resource handling
138 xmlSecDSigReferenceCtxDestroy(pDsigRefCtx);
139 throw RuntimeException();
140 }
141
142 if( xmlSecDSigReferenceCtxProcessNode(pDsigRefCtx, cur) < 0 )
143 throw RuntimeException();
144
145 // final check - all good?
146 if(pDsigRefCtx->status != xmlSecDSigStatusSucceeded)
147 {
148 pDsigCtx->status = xmlSecDSigStatusInvalid;
149 return aTemplate; // TODO - harder error?
150 }
151 }
152
153 cur = xmlSecGetNextElementNode(cur->next);
154 }
155
156 // get me a digestible buffer from the signature template!
157 // -------------------------------------------------------
158
159 // run the transformations over SignedInfo element (first child of
160 // pNode)
161 xmlSecNodeSetPtr nodeset = nullptr;
162 cur = xmlSecGetNextElementNode(pNode->children);
163 // TODO assert that...
164 nodeset = xmlSecNodeSetGetChildren(pNode->doc, cur, 1, 0);
165 if(nodeset == nullptr)
166 throw RuntimeException("The GpgME library failed to initialize for the OpenPGP protocol.");
167
168 if( xmlSecTransformCtxXmlExecute(&(pDsigCtx->transformCtx), nodeset) < 0 )
169 throw RuntimeException("The GpgME library failed to initialize for the OpenPGP protocol.");
170
171 // now extract the keyid from PGPData
172 // walk xml tree to PGPData node - go to children, first is
173 // SignedInfo, 2nd is signaturevalue, 3rd is KeyInfo
174 // 1st child is PGPData, 1st grandchild is PGPKeyID
175 cur = xmlSecGetNextElementNode(pNode->children);
176 // TODO error handling
177 cur = xmlSecGetNextElementNode(cur->next);
178 cur = xmlSecGetNextElementNode(cur->next);
179 cur = xmlSecGetNextElementNode(cur->children);
180 // check that this is now PGPData
181 if(!xmlSecCheckNodeName(cur, xmlSecNodePGPData, xmlSecDSigNs))
182 throw RuntimeException("The GpgME library failed to initialize for the OpenPGP protocol.");
183 // check that this is now PGPKeyID
184 cur = xmlSecGetNextElementNode(cur->children);
185 static const xmlChar xmlSecNodePGPKeyID[] = "PGPKeyID";
186 if(!xmlSecCheckNodeName(cur, xmlSecNodePGPKeyID, xmlSecDSigNs))
187 throw RuntimeException("The GpgME library failed to initialize for the OpenPGP protocol.");
188
189 GpgME::Context& rCtx=pSecEnv->getGpgContext();
190 rCtx.setKeyListMode(GPGME_KEYLIST_MODE_LOCAL);
191 GpgME::Error err;
192 xmlChar* pKey=xmlNodeGetContent(cur);
193 if(xmlSecBase64Decode(pKey, reinterpret_cast<xmlSecByte*>(pKey), xmlStrlen(pKey)) < 0)
194 throw RuntimeException("The GpgME library failed to initialize for the OpenPGP protocol.");
195 if( rCtx.addSigningKey(
196 rCtx.key(
197 reinterpret_cast<char*>(pKey), err, true)) )
198 throw RuntimeException("The GpgME library failed to initialize for the OpenPGP protocol.");
199
200 xmlFree(pKey);
201
202 // good, ctx is setup now, let's sign the lot
203 GpgME::Data data_in(
204 reinterpret_cast<char*>(xmlSecBufferGetData(pDsigCtx->transformCtx.result)),
205 xmlSecBufferGetSize(pDsigCtx->transformCtx.result), false);
206 GpgME::Data data_out;
207
208 SAL_INFO("xmlsecurity.xmlsec.gpg", "Generating signature for: " << xmlSecBufferGetData(pDsigCtx->transformCtx.result));
209
210 // we base64-encode anyway
211 rCtx.setArmor(false);
212 GpgME::SigningResult sign_res=rCtx.sign(data_in, data_out,
213 GpgME::Detached);
214 off_t result = data_out.seek(0,SEEK_SET);
215 (void) result;
216 assert(result == 0);
217 int len=0, curr=0; char buf;
218 while( (curr=data_out.read(&buf, 1)) )
219 len += curr;
220
221 if(sign_res.error() || !len)
222 throw RuntimeException("The GpgME library failed to initialize for the OpenPGP protocol.");
223
224 // write signed data to xml
225 xmlChar* signature = static_cast<xmlChar*>(xmlMalloc(len + 1));
226 if(signature == nullptr)
227 throw RuntimeException("The GpgME library failed to initialize for the OpenPGP protocol.");
228 result = data_out.seek(0,SEEK_SET);
229 assert(result == 0);
230 if( data_out.read(signature, len) != len )
231 throw RuntimeException("The GpgME library failed to initialize for the OpenPGP protocol.");
232
233 // conversion to base64
234 xmlChar* signatureEncoded=nullptr;
235 if( !(signatureEncoded=xmlSecBase64Encode(reinterpret_cast<xmlSecByte*>(signature), len, 79)) )
236 throw RuntimeException("The GpgME library failed to initialize for the OpenPGP protocol.");
237 xmlFree(signature);
238
239 // walk xml tree to sign value node - go to children, first is
240 // SignedInfo, 2nd is signaturevalue
241 cur = xmlSecGetNextElementNode(pNode->children);
242 cur = xmlSecGetNextElementNode(cur->next);
243
244 // TODO some assert would be good...
245 xmlNodeSetContentLen(cur, signatureEncoded, xmlStrlen(signatureEncoded));
246 xmlFree(signatureEncoded);
247
248 aTemplate->setStatus(SecurityOperationStatus_OPERATION_SUCCEEDED);
249
250 // done
251 xmlSecDSigCtxDestroy( pDsigCtx ) ;
252
253 //Unregistered the stream/URI binding
254 if( xUriBinding.is() )
255 xmlUnregisterStreamInputCallbacks() ;
256
257 clearErrorRecorder();
258 return aTemplate ;
259 }
260
261 /* XXMLSignature */
262 Reference< XXMLSignatureTemplate >
263 SAL_CALL XMLSignature_GpgImpl::validate(
264 const Reference< XXMLSignatureTemplate >& aTemplate ,
265 const Reference< XXMLSecurityContext >& aSecurityCtx
266 ) {
267 xmlSecDSigCtxPtr pDsigCtx = nullptr ;
268 xmlNodePtr pNode = nullptr ;
269
270 if( !aTemplate.is() )
271 throw RuntimeException() ;
272
273 if( !aSecurityCtx.is() )
274 throw RuntimeException() ;
275
276 //Get the xml node
277 Reference< XXMLElementWrapper > xElement = aTemplate->getTemplate() ;
278 if( !xElement.is() )
279 throw RuntimeException() ;
280
281 XMLElementWrapper_XmlSecImpl* pElement =
282 dynamic_cast<XMLElementWrapper_XmlSecImpl*>(xElement.get());
283 if( pElement == nullptr )
284 throw RuntimeException() ;
285
286 pNode = pElement->getNativeElement() ;
287
288 //Get the stream/URI binding
289 Reference< XUriBinding > xUriBinding = aTemplate->getBinding() ;
290 if( xUriBinding.is() ) {
291 //Register the stream input callbacks into libxml2
292 if( xmlRegisterStreamInputCallbacks( xUriBinding ) < 0 )
293 throw RuntimeException() ;
294 }
295
296 setErrorRecorder();
297
298 sal_Int32 nSecurityEnvironment = aSecurityCtx->getSecurityEnvironmentNumber();
299 sal_Int32 i;
300
301 for (i=0; i<nSecurityEnvironment; ++i)
302 {
303 Reference< XSecurityEnvironment > aEnvironment = aSecurityCtx->getSecurityEnvironmentByIndex(i);
304
305 SecurityEnvironmentGpg* pSecEnv =
306 dynamic_cast<SecurityEnvironmentGpg*>(aEnvironment.get());
307 if( pSecEnv == nullptr )
308 throw RuntimeException() ;
309
310 // TODO figure out key from pSecEnv!
311 // unclear how/where that is transported in nss impl...
312
313 //Create Signature context
314 pDsigCtx = xmlSecDSigCtxCreate( nullptr ) ;
315 if( pDsigCtx == nullptr )
316 {
317 clearErrorRecorder();
318 return aTemplate;
319 }
320
321 // set intended operation to verify - several asserts inside libxmlsec
322 // wanting that for digest / transforms
323 pDsigCtx->operation = xmlSecTransformOperationVerify;
324
325 // reset status - to be set later
326 pDsigCtx->status = xmlSecDSigStatusUnknown;
327
328 // get me a digestible buffer from the SignatureInfo node!
329 // -------------------------------------------------------
330
331 // run the transformations - first child node is required to
332 // be SignatureInfo
333 xmlSecNodeSetPtr nodeset = nullptr;
334 xmlNodePtr cur = xmlSecGetNextElementNode(pNode->children);
335 // TODO assert that...
336 nodeset = xmlSecNodeSetGetChildren(pNode->doc, cur, 1, 0);
337 if(nodeset == nullptr)
338 throw RuntimeException("The GpgME library failed to initialize for the OpenPGP protocol.");
339
340 // TODO assert we really have the SignatureInfo here?
341 if( xmlSecTransformCtxXmlExecute(&(pDsigCtx->transformCtx), nodeset) < 0 )
342 throw RuntimeException("The GpgME library failed to initialize for the OpenPGP protocol.");
343
344 // Validate the template via gpgme
345 GpgME::Context& rCtx=pSecEnv->getGpgContext();
346
347 GpgME::Data data_text(
348 reinterpret_cast<char*>(xmlSecBufferGetData(pDsigCtx->transformCtx.result)),
349 xmlSecBufferGetSize(pDsigCtx->transformCtx.result), false);
350
351 SAL_INFO("xmlsecurity.xmlsec.gpg", "Validating SignatureInfo: " << xmlSecBufferGetData(pDsigCtx->transformCtx.result));
352
353 // walk xml tree to sign value node - go to children, first is
354 // SignedInfo, 2nd is signaturevalue
355 cur = xmlSecGetNextElementNode(pNode->children);
356 cur = xmlSecGetNextElementNode(cur->next);
357
358 if(!xmlSecCheckNodeName(cur, xmlSecNodeSignatureValue, xmlSecDSigNs))
359 throw RuntimeException("The GpgME library failed to initialize for the OpenPGP protocol.");
360 xmlChar* pSignatureValue=xmlNodeGetContent(cur);
361 int nSigSize = xmlSecBase64Decode(pSignatureValue, reinterpret_cast<xmlSecByte*>(pSignatureValue), xmlStrlen(pSignatureValue));
362 if( nSigSize < 0)
363 throw RuntimeException("The GpgME library failed to initialize for the OpenPGP protocol.");
364
365 GpgME::Data data_signature(
366 reinterpret_cast<char*>(pSignatureValue),
367 nSigSize, false);
368
369 GpgME::VerificationResult verify_res=rCtx.verifyDetachedSignature(
370 data_signature, data_text);
371
372 // TODO: needs some more error handling, needs checking _all_ signatures
373 if( verify_res.isNull() || verify_res.numSignatures() == 0
374 // there is at least 1 signature and it is anything else than fully valid
375 || ( (verify_res.numSignatures() > 0)
376 && verify_res.signature(0).status().encodedError() > 0 ) )
377 {
378 // let's try again, but this time import the public key
379 // payload (avoiding that in a first cut for being a bit
380 // speedier. also prevents all too easy poisoning/sha1
381 // fingerprint collision attacks)
382
383 // walk xml tree to PGPData node - go to children, first is
384 // SignedInfo, 2nd is signaturevalue, 3rd is KeyInfo
385 // 1st child is PGPData, 1st or 2nd grandchild is PGPKeyPacket
386 cur = xmlSecGetNextElementNode(pNode->children);
387 // TODO error handling
388 cur = xmlSecGetNextElementNode(cur->next);
389 cur = xmlSecGetNextElementNode(cur->next);
390 cur = xmlSecGetNextElementNode(cur->children);
391 // check that this is now PGPData
392 if(!xmlSecCheckNodeName(cur, xmlSecNodePGPData, xmlSecDSigNs))
393 throw RuntimeException("The GpgME library failed to initialize for the OpenPGP protocol.");
394 // check that this is now PGPKeyPacket
395 cur = xmlSecGetNextElementNode(cur->children);
396 static const xmlChar xmlSecNodePGPKeyPacket[] = "PGPKeyPacket";
397 if(!xmlSecCheckNodeName(cur, xmlSecNodePGPKeyPacket, xmlSecDSigNs))
398 {
399 // not this one, maybe the next?
400 cur = xmlSecGetNextElementNode(cur->next);
401 if(!xmlSecCheckNodeName(cur, xmlSecNodePGPKeyPacket, xmlSecDSigNs))
402 {
403 // ok, giving up
404 clearErrorRecorder();
405 xmlFree(pSignatureValue);
406
407 return aTemplate;
408 }
409 }
410
411 // got a key packet, import & re-validate
412 xmlChar* pKeyPacket=xmlNodeGetContent(cur);
413 int nKeyLen = xmlSecBase64Decode(pKeyPacket, reinterpret_cast<xmlSecByte*>(pKeyPacket), xmlStrlen(pKeyPacket));
414 if( nKeyLen < 0)
415 throw RuntimeException("The GpgME library failed to initialize for the OpenPGP protocol.");
416
417 GpgME::Data data_key(
418 reinterpret_cast<char*>(pKeyPacket),
419 nKeyLen, false);
420
421 GpgME::ImportResult import_res=rCtx.importKeys(data_key);
422 xmlFree(pKeyPacket);
423
424 // and re-run (rewind text and signature streams to position 0)
425 (void)data_text.seek(0,SEEK_SET);
426 (void)data_signature.seek(0,SEEK_SET);
427 verify_res=rCtx.verifyDetachedSignature(data_signature, data_text);
428
429 // TODO: needs some more error handling, needs checking _all_ signatures
430 if( verify_res.isNull() || verify_res.numSignatures() == 0
431 // there is at least 1 signature and it is anything else than valid
432 || ( (verify_res.numSignatures() > 0)
433 && verify_res.signature(0).status().encodedError() > 0 ) )
434 {
435 clearErrorRecorder();
436 xmlFree(pSignatureValue);
437
438 return aTemplate;
439 }
440 }
441
442 xmlFree(pSignatureValue);
443
444 // now verify digest for all references
445 cur = xmlSecGetNextElementNode(pNode->children);
446 if( cur != nullptr )
447 cur = xmlSecGetNextElementNode(cur->children);
448 while( cur != nullptr )
449 {
450 // some of those children I suppose should be reference elements
451 if( xmlSecCheckNodeName(cur, xmlSecNodeReference, xmlSecDSigNs) )
452 {
453 xmlSecDSigReferenceCtxPtr pDsigRefCtx =
454 xmlSecDSigReferenceCtxCreate(pDsigCtx,
455 xmlSecDSigReferenceOriginSignedInfo);
456 if(pDsigRefCtx == nullptr)
457 throw RuntimeException();
458
459 // add this one to the list
460 if( xmlSecPtrListAdd(&(pDsigCtx->signedInfoReferences),
461 pDsigRefCtx) < 0 )
462 {
463 // TODO resource handling
464 xmlSecDSigReferenceCtxDestroy(pDsigRefCtx);
465 throw RuntimeException();
466 }
467
468 if( xmlSecDSigReferenceCtxProcessNode(pDsigRefCtx, cur) < 0 )
469 throw RuntimeException();
470
471 // final check - all good?
472 if(pDsigRefCtx->status != xmlSecDSigStatusSucceeded)
473 {
474 pDsigCtx->status = xmlSecDSigStatusInvalid;
475 return aTemplate; // TODO - harder error?
476 }
477 }
478
479 cur = xmlSecGetNextElementNode(cur->next);
480 }
481
482 // TODO - also verify manifest (only relevant for ooxml)?
483 aTemplate->setStatus(SecurityOperationStatus_OPERATION_SUCCEEDED);
484
485 // done
486 xmlSecDSigCtxDestroy( pDsigCtx ) ;
487 }
488
489 //Unregistered the stream/URI binding
490 if( xUriBinding.is() )
491 xmlUnregisterStreamInputCallbacks() ;
492
493 clearErrorRecorder();
494 return aTemplate ;
495 }
496
497 /* XServiceInfo */
498 OUString SAL_CALL XMLSignature_GpgImpl::getImplementationName() {
499 return impl_getImplementationName() ;
500 }
501
502 /* XServiceInfo */
503 sal_Bool SAL_CALL XMLSignature_GpgImpl::supportsService( const OUString& serviceName) {
504 return cppu::supportsService(this, serviceName);
505 }
506
507 /* XServiceInfo */
508 Sequence< OUString > SAL_CALL XMLSignature_GpgImpl::getSupportedServiceNames() {
509 return impl_getSupportedServiceNames() ;
510 }
511
512 //Helper for XServiceInfo
513 Sequence< OUString > XMLSignature_GpgImpl::impl_getSupportedServiceNames() {
514 Sequence<OUString> seqServiceNames { "com.sun.star.xml.crypto.XMLSignature" };
515 return seqServiceNames ;
516 }
517
518 OUString XMLSignature_GpgImpl::impl_getImplementationName() {
519 return "com.sun.star.xml.security.bridge.xmlsec.XMLSignature_GpgImpl" ;
520 }
521
522 //Helper for registry
523 Reference< XInterface > XMLSignature_GpgImpl::impl_createInstance( const Reference< XMultiServiceFactory >& ) {
524 return Reference< XInterface >( *new XMLSignature_GpgImpl ) ;
525 }
526
527 /* vim:set shiftwidth=4 softtabstop=4 expandtab: */
FREE OFFICE SUITE