include/svl/sigstruct.hxx

   1 /* -*- Mode: C++; tab-width: 4; indent-tabs-mode: nil; c-basic-offset: 4 -*- */
   2 /*
   3  * This file is part of the LibreOffice project.
   4  *
   5  * This Source Code Form is subject to the terms of the Mozilla Public
   6  * License, v. 2.0. If a copy of the MPL was not distributed with this
   7  * file, You can obtain one at http://mozilla.org/MPL/2.0/.
   8  *
   9  * This file incorporates work covered by the following license notice:
  10  *
  11  *   Licensed to the Apache Software Foundation (ASF) under one or more
  12  *   contributor license agreements. See the NOTICE file distributed
  13  *   with this work for additional information regarding copyright
  14  *   ownership. The ASF licenses this file to you under the Apache
  15  *   License, Version 2.0 (the "License"); you may not use this file
  16  *   except in compliance with the License. You may obtain a copy of
  17  *   the License at http://www.apache.org/licenses/LICENSE-2.0 .
  18  */
  19
  20 #ifndef INCLUDED_XMLSECURITY_INC_SIGSTRUCT_HXX
  21 #define INCLUDED_XMLSECURITY_INC_SIGSTRUCT_HXX
  22
  23 #include <rtl/ustring.hxx>
  24 #include <com/sun/star/util/DateTime.hpp>
  25 #include <com/sun/star/xml/crypto/SecurityOperationStatus.hpp>
  26 #include <com/sun/star/xml/crypto/DigestID.hpp>
  27 #include <com/sun/star/uno/Sequence.hxx>
  28
  29 #include <set>
  30 #include <vector>
  31
  32 namespace com::sun::star::graphic { class XGraphic; }
  33
  34 /*
  35  * type of reference
  36  */
  37 enum class SignatureReferenceType
  38 {
  39     SAMEDOCUMENT = 1,
  40     BINARYSTREAM = 2,
  41     XMLSTREAM = 3
  42 };
  43
  44 struct SignatureReferenceInformation
  45 {
  46     SignatureReferenceType  nType;
  47     OUString   ouURI;
  48     // For ODF: XAdES digests (SHA256) or the old SHA1, from css::xml::crypto::DigestID
  49     sal_Int32  nDigestID;
  50     OUString   ouDigestValue;
  51     /// Type of the reference: a URI (newer idSignedProperties references) or empty.
  52     OUString ouType;
  53
  54     SignatureReferenceInformation() :
  55         nType(SignatureReferenceType::SAMEDOCUMENT),
  56         ouURI(""),
  57         nDigestID(css::xml::crypto::DigestID::SHA1),
  58         ouDigestValue("")
  59     {
  60     }
  61
  62     SignatureReferenceInformation( SignatureReferenceType type, sal_Int32 digestID, const OUString& uri, const OUString& rType ) :
  63         SignatureReferenceInformation()
  64     {
  65         nType = type;
  66         nDigestID = digestID;
  67         ouURI = uri;
  68         ouType = rType;
  69     }
  70 };
  71
  72 typedef ::std::vector< SignatureReferenceInformation > SignatureReferenceInformations;
  73
  74 namespace svl::crypto
  75 {
  76 /// Specifies the algorithm used for signature generation and validation.
  77 enum class SignatureMethodAlgorithm
  78 {
  79     RSA,
  80     ECDSA
  81 };
  82 }
  83
  84
  85 struct SignatureInformation
  86 {
  87     sal_Int32 nSecurityId;
  88     css::xml::crypto::SecurityOperationStatus nStatus;
  89     SignatureReferenceInformations  vSignatureReferenceInfors;
  90     struct X509CertInfo
  91     {
  92         OUString X509IssuerName;
  93         OUString X509SerialNumber;
  94         OUString X509Certificate;
  95         /// OOXML certificate SHA-256 digest, empty for ODF except when doing XAdES signature.
  96         OUString CertDigest;
  97         /// The certificate owner (aka subject).
  98         OUString X509Subject;
  99     };
 100     typedef std::vector<X509CertInfo> X509Data;
 101     // note: at parse time, it's unkown which one is the signing certificate;
 102     // ImplVerifySignatures() figures it out and puts it at the back
 103     std::vector<X509Data> X509Datas;
 104
 105     X509CertInfo const* GetSigningCertificate() const
 106     {
 107         if (X509Datas.empty())
 108         {
 109             return nullptr;
 110         }
 111         assert(!X509Datas.back().empty());
 112         return & X509Datas.back().back();
 113     }
 114
 115     OUString ouGpgKeyID;
 116     OUString ouGpgCertificate;
 117     OUString ouGpgOwner;
 118
 119     OUString ouSignatureValue;
 120     css::util::DateTime stDateTime;
 121
 122     // XAdES EncapsulatedX509Certificate values
 123     std::set<OUString> maEncapsulatedX509Certificates;
 124
 125     OUString ouSignatureId;
 126     // signature may contain multiple time stamps - check they're consistent
 127     bool hasInconsistentSigningTime = false;
 128     //We also keep the date and time as string. This is done when this
 129     //structure is created as a result of a XML signature being read.
 130     //When then a signature is added or another removed, then the original
 131     //XML signatures are written again (unless they have been removed).
 132     //If the date time string is converted into the DateTime structure
 133     //then information can be lost because it only holds a fractional
 134     //of a second with an accuracy of one hundredth of second.
 135     //If the string contains
 136     //milliseconds (because the document was created by an application other than OOo)
 137     //and the converted time is written back, then the string looks different
 138     //and the signature is broken.
 139     OUString ouDateTime;
 140     /// The Id attribute of the <SignatureProperty> element that contains the <dc:date>.
 141     OUString ouDateTimePropertyId;
 142     /// Characters of the <dc:description> element inside the signature.
 143     OUString ouDescription;
 144     /// The Id attribute of the <SignatureProperty> element that contains the <dc:description>.
 145     OUString ouDescriptionPropertyId;
 146     /// Valid and invalid signature line images
 147     css::uno::Reference<css::graphic::XGraphic> aValidSignatureImage;
 148     css::uno::Reference<css::graphic::XGraphic> aInvalidSignatureImage;
 149     /// Signature Line Id, used to map signatures to their respective signature line images.
 150     OUString ouSignatureLineId;
 151     /// A full OOXML signature for unchanged roundtrip, empty for ODF.
 152     css::uno::Sequence<sal_Int8> aSignatureBytes;
 153     /// For PDF: digest format, from css::xml::crypto::DigestID
 154     sal_Int32 nDigestID;
 155     /// For PDF: has id-aa-signingCertificateV2 as a signed attribute.
 156     bool bHasSigningCertificate;
 157     /// For PDF: the byte range doesn't cover the whole document.
 158     bool bPartialDocumentSignature;
 159
 160     svl::crypto::SignatureMethodAlgorithm eAlgorithmID;
 161
 162     SignatureInformation( sal_Int32 nId )
 163     {
 164         nSecurityId = nId;
 165         nStatus = css::xml::crypto::SecurityOperationStatus_UNKNOWN;
 166         nDigestID = 0;
 167         bHasSigningCertificate = false;
 168         bPartialDocumentSignature = false;
 169         eAlgorithmID = svl::crypto::SignatureMethodAlgorithm::RSA;
 170     }
 171 };
 172
 173 typedef ::std::vector< SignatureInformation > SignatureInformations;
 174
 175 #endif
 176
 177 /* vim:set shiftwidth=4 softtabstop=4 expandtab: */