search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
nss: upgrade to release 3.73
[LibreOffice.git] / xmlsecurity / source / dialogs / certificatechooser.cxx
blob1483b9bda0f8d160dcc2e5a6781d4bcafd120b2b
1 /* -*- Mode: C++; tab-width: 4; indent-tabs-mode: nil; c-basic-offset: 4 -*- */
2 /*
3 * This file is part of the LibreOffice project.
4 *
5 * This Source Code Form is subject to the terms of the Mozilla Public
6 * License, v. 2.0. If a copy of the MPL was not distributed with this
7 * file, You can obtain one at http://mozilla.org/MPL/2.0/.
8 *
9 * This file incorporates work covered by the following license notice:
10 *
11 * Licensed to the Apache Software Foundation (ASF) under one or more
12 * contributor license agreements. See the NOTICE file distributed
13 * with this work for additional information regarding copyright
14 * ownership. The ASF licenses this file to you under the Apache
15 * License, Version 2.0 (the "License"); you may not use this file
16 * except in compliance with the License. You may obtain a copy of
17 * the License at http://www.apache.org/licenses/LICENSE-2.0 .
18 */
19
20 #include <config_gpgme.h>
21 #include <certificatechooser.hxx>
22 #include <certificateviewer.hxx>
23 #include <com/sun/star/xml/crypto/XSecurityEnvironment.hpp>
24 #include <com/sun/star/xml/crypto/XXMLSecurityContext.hpp>
25 #include <comphelper/sequence.hxx>
26 #include <comphelper/xmlsechelper.hxx>
27
28 #include <com/sun/star/security/NoPasswordException.hpp>
29 #include <com/sun/star/security/CertificateCharacters.hpp>
30
31 #include <unotools/datetime.hxx>
32 #include <unotools/useroptions.hxx>
33
34 #include <resourcemanager.hxx>
35 #include <strings.hrc>
36
37 using namespace comphelper;
38 using namespace css;
39
40 CertificateChooser::CertificateChooser(weld::Window* _pParent,
41 std::vector< css::uno::Reference< css::xml::crypto::XXMLSecurityContext > > const & rxSecurityContexts,
42 UserAction eAction)
43 : GenericDialogController(_pParent, "xmlsec/ui/selectcertificatedialog.ui", "SelectCertificateDialog")
44 , mvUserData()
45 , meAction(eAction)
46 , m_xFTSign(m_xBuilder->weld_label("sign"))
47 , m_xFTEncrypt(m_xBuilder->weld_label("encrypt"))
48 , m_xCertLB(m_xBuilder->weld_tree_view("signatures"))
49 , m_xViewBtn(m_xBuilder->weld_button("viewcert"))
50 , m_xOKBtn(m_xBuilder->weld_button("ok"))
51 , m_xFTDescription(m_xBuilder->weld_label("description-label"))
52 , m_xDescriptionED(m_xBuilder->weld_entry("description"))
53 {
54 auto nControlWidth = m_xCertLB->get_approximate_digit_width() * 105;
55 m_xCertLB->set_size_request(nControlWidth, m_xCertLB->get_height_rows(12));
56
57 std::vector<int> aWidths;
58 aWidths.push_back(30*nControlWidth/100);
59 aWidths.push_back(30*nControlWidth/100);
60 aWidths.push_back(10*nControlWidth/100);
61 aWidths.push_back(20*nControlWidth/100);
62 m_xCertLB->set_column_fixed_widths(aWidths);
63 m_xCertLB->connect_changed( LINK( this, CertificateChooser, CertificateHighlightHdl ) );
64 m_xCertLB->connect_row_activated( LINK( this, CertificateChooser, CertificateSelectHdl ) );
65 m_xViewBtn->connect_clicked( LINK( this, CertificateChooser, ViewButtonHdl ) );
66
67 mxSecurityContexts = rxSecurityContexts;
68 mbInitialized = false;
69
70 // disable buttons
71 CertificateHighlightHdl(*m_xCertLB);
72 }
73
74 CertificateChooser::~CertificateChooser()
75 {
76 }
77
78 short CertificateChooser::run()
79 {
80 // #i48432#
81 // We can't check for personal certificates before raising this dialog,
82 // because the mozilla implementation throws a NoPassword exception,
83 // if the user pressed cancel, and also if the database does not exist!
84 // But in the later case, the is no password query, and the user is confused
85 // that nothing happens when pressing "Add..." in the SignatureDialog.
86
87 // PostUserEvent( LINK( this, CertificateChooser, Initialize ) );
88
89 // PostUserLink behavior is too slow, so do it directly before Execute().
90 // Problem: This Dialog should be visible right now, and the parent should not be accessible.
91 // Show, Update, DisableInput...
92
93 m_xDialog->show();
94 ImplInitialize();
95 return GenericDialogController::run();
96 }
97
98 void CertificateChooser::HandleOneUsageBit(OUString& string, int& bits, int bit, const char *pResId)
99 {
100 if (bits & bit)
101 {
102 if (!string.isEmpty())
103 string += ", ";
104 string += XsResId(pResId);
105 bits &= ~bit;
106 }
107 }
108
109 OUString CertificateChooser::UsageInClearText(int bits)
110 {
111 OUString result;
112
113 HandleOneUsageBit(result, bits, 0x80, STR_DIGITAL_SIGNATURE);
114 HandleOneUsageBit(result, bits, 0x40, STR_NON_REPUDIATION);
115 HandleOneUsageBit(result, bits, 0x20, STR_KEY_ENCIPHERMENT);
116 HandleOneUsageBit(result, bits, 0x10, STR_DATA_ENCIPHERMENT);
117 HandleOneUsageBit(result, bits, 0x08, STR_KEY_AGREEMENT);
118 HandleOneUsageBit(result, bits, 0x04, STR_KEY_CERT_SIGN);
119 HandleOneUsageBit(result, bits, 0x02, STR_CRL_SIGN);
120 HandleOneUsageBit(result, bits, 0x01, STR_ENCIPHER_ONLY);
121
122 // Check for mystery leftover bits
123 if (bits != 0)
124 {
125 if (!result.isEmpty())
126 result += ", ";
127 result += "0x" + OUString::number(bits, 16);
128 }
129
130 return result;
131 }
132
133 void CertificateChooser::ImplInitialize()
134 {
135 if ( mbInitialized )
136 return;
137
138 SvtUserOptions aUserOpts;
139
140 switch (meAction)
141 {
142 case UserAction::Sign:
143 m_xFTSign->show();
144 m_xOKBtn->set_label(XsResId(STR_SIGN));
145 msPreferredKey = aUserOpts.GetSigningKey();
146 break;
147
148 case UserAction::SelectSign:
149 m_xFTSign->show();
150 m_xOKBtn->set_label(XsResId(STR_SELECTSIGN));
151 msPreferredKey = aUserOpts.GetSigningKey();
152 break;
153
154 case UserAction::Encrypt:
155 m_xFTEncrypt->show();
156 m_xFTDescription->hide();
157 m_xDescriptionED->hide();
158 m_xCertLB->set_selection_mode(SelectionMode::Multiple);
159 m_xOKBtn->set_label(XsResId(STR_ENCRYPT));
160 msPreferredKey = aUserOpts.GetEncryptionKey();
161 break;
162
163 }
164
165 for (auto &secContext : mxSecurityContexts)
166 {
167 if (!secContext.is())
168 continue;
169 auto secEnvironment = secContext->getSecurityEnvironment();
170 if (!secEnvironment.is())
171 continue;
172
173 uno::Sequence< uno::Reference< security::XCertificate > > xCerts;
174 try
175 {
176 if ( meAction == UserAction::Sign || meAction == UserAction::SelectSign)
177 xCerts = secEnvironment->getPersonalCertificates();
178 else
179 xCerts = secEnvironment->getAllCertificates();
180 }
181 catch (security::NoPasswordException&)
182 {
183 }
184
185 for( sal_Int32 nCert = xCerts.getLength(); nCert; )
186 {
187 uno::Reference< security::XCertificate > xCert = xCerts[ --nCert ];
188 // Check if we have a private key for this...
189 tools::Long nCertificateCharacters = secEnvironment->getCertificateCharacters(xCert);
190
191 if (!(nCertificateCharacters & security::CertificateCharacters::HAS_PRIVATE_KEY))
192 {
193 ::comphelper::removeElementAt( xCerts, nCert );
194 }
195 }
196
197
198 // fill list of certificates; the first entry will be selected
199 for ( const auto& xCert : std::as_const(xCerts) )
200 {
201 std::shared_ptr<UserData> userData = std::make_shared<UserData>();
202 userData->xCertificate = xCert;
203 userData->xSecurityContext = secContext;
204 userData->xSecurityEnvironment = secEnvironment;
205 mvUserData.push_back(userData);
206
207 OUString sIssuer = xmlsec::GetContentPart( xCert->getIssuerName(), xCert->getCertificateKind());
208
209 m_xCertLB->append();
210 int nRow = m_xCertLB->n_children() - 1;
211 m_xCertLB->set_text(nRow, xmlsec::GetContentPart(xCert->getSubjectName(), xCert->getCertificateKind()), 0);
212 m_xCertLB->set_text(nRow, sIssuer, 1);
213 m_xCertLB->set_text(nRow, xmlsec::GetCertificateKind(xCert->getCertificateKind()), 2);
214 m_xCertLB->set_text(nRow, utl::GetDateString(xCert->getNotValidAfter()), 3);
215 m_xCertLB->set_text(nRow, UsageInClearText(xCert->getCertificateUsage()), 4);
216 OUString sId(OUString::number(reinterpret_cast<sal_Int64>(userData.get())));
217 m_xCertLB->set_id(nRow, sId);
218
219 #if HAVE_FEATURE_GPGME
220 // only GPG has preferred keys
221 if ( !sIssuer.isEmpty() && !msPreferredKey.isEmpty() ) {
222 if ( sIssuer == msPreferredKey )
223 {
224 if ( meAction == UserAction::Sign || meAction == UserAction::SelectSign )
225 m_xCertLB->select(nRow);
226 else if ( meAction == UserAction::Encrypt &&
227 aUserOpts.GetEncryptToSelf() )
228 mxEncryptToSelf = xCert;
229 }
230 }
231 #endif
232 }
233 }
234
235 // enable/disable buttons
236 CertificateHighlightHdl(*m_xCertLB);
237 mbInitialized = true;
238 }
239
240 uno::Sequence<uno::Reference< css::security::XCertificate > > CertificateChooser::GetSelectedCertificates()
241 {
242 std::vector< uno::Reference< css::security::XCertificate > > aRet;
243 if (meAction == UserAction::Encrypt)
244 {
245 // for encryption, multiselection is enabled
246 m_xCertLB->selected_foreach([this, &aRet](weld::TreeIter& rEntry){
247 UserData* userData = reinterpret_cast<UserData*>(m_xCertLB->get_id(rEntry).toInt64());
248 aRet.push_back( userData->xCertificate );
249 return false;
250 });
251 }
252 else
253 {
254 uno::Reference< css::security::XCertificate > xCert;
255 int nSel = m_xCertLB->get_selected_index();
256 if (nSel != -1)
257 {
258 UserData* userData = reinterpret_cast<UserData*>(m_xCertLB->get_id(nSel).toInt64());
259 xCert = userData->xCertificate;
260 }
261 aRet.push_back( xCert );
262 }
263
264 #if HAVE_FEATURE_GPGME
265 if ( mxEncryptToSelf.is())
266 aRet.push_back( mxEncryptToSelf );
267 #endif
268
269 return comphelper::containerToSequence(aRet);
270 }
271
272 uno::Reference<xml::crypto::XXMLSecurityContext> CertificateChooser::GetSelectedSecurityContext() const
273 {
274 int nSel = m_xCertLB->get_selected_index();
275 if (nSel == -1)
276 return uno::Reference<xml::crypto::XXMLSecurityContext>();
277
278 UserData* userData = reinterpret_cast<UserData*>(m_xCertLB->get_id(nSel).toInt64());
279 uno::Reference<xml::crypto::XXMLSecurityContext> xCert = userData->xSecurityContext;
280 return xCert;
281 }
282
283 OUString CertificateChooser::GetDescription() const
284 {
285 return m_xDescriptionED->get_text();
286 }
287
288 OUString CertificateChooser::GetUsageText()
289 {
290 uno::Sequence< uno::Reference<css::security::XCertificate> > xCerts =
291 GetSelectedCertificates();
292 return (xCerts.hasElements() && xCerts[0].is()) ?
293 UsageInClearText(xCerts[0]->getCertificateUsage()) : OUString();
294 }
295
296 IMPL_LINK_NOARG(CertificateChooser, CertificateHighlightHdl, weld::TreeView&, void)
297 {
298 bool bEnable = m_xCertLB->get_selected_index() != -1;
299 m_xViewBtn->set_sensitive(bEnable);
300 m_xOKBtn->set_sensitive(bEnable);
301 m_xDescriptionED->set_sensitive(bEnable);
302 }
303
304 IMPL_LINK_NOARG(CertificateChooser, CertificateSelectHdl, weld::TreeView&, bool)
305 {
306 m_xDialog->response(RET_OK);
307 return true;
308 }
309
310 IMPL_LINK_NOARG(CertificateChooser, ViewButtonHdl, weld::Button&, void)
311 {
312 ImplShowCertificateDetails();
313 }
314
315 void CertificateChooser::ImplShowCertificateDetails()
316 {
317 int nSel = m_xCertLB->get_selected_index();
318 if (nSel == -1)
319 return;
320
321 UserData* userData = reinterpret_cast<UserData*>(m_xCertLB->get_id(nSel).toInt64());
322
323 if (!userData->xSecurityEnvironment.is() || !userData->xCertificate.is())
324 return;
325
326 CertificateViewer aViewer(m_xDialog.get(), userData->xSecurityEnvironment, userData->xCertificate, true, this);
327 aViewer.run();
328 }
329
330 /* vim:set shiftwidth=4 softtabstop=4 expandtab: */
FREE OFFICE SUITE