search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
Bump version to 6.0-36
[LibreOffice.git] / xmlsecurity / source / gpg / xmlsignature_gpgimpl.cxx
blob57d9b9321c6165baa8a3be9745ccf3c0e43b4336
1 /* -*- Mode: C++; tab-width: 4; indent-tabs-mode: nil; c-basic-offset: 4 -*- */
2 /*
3 * This file is part of the LibreOffice project.
4 *
5 * This Source Code Form is subject to the terms of the Mozilla Public
6 * License, v. 2.0. If a copy of the MPL was not distributed with this
7 * file, You can obtain one at http://mozilla.org/MPL/2.0/.
8 *
9 * This file incorporates work covered by the following license notice:
10 *
11 * Licensed to the Apache Software Foundation (ASF) under one or more
12 * contributor license agreements. See the NOTICE file distributed
13 * with this work for additional information regarding copyright
14 * ownership. The ASF licenses this file to you under the Apache
15 * License, Version 2.0 (the "License"); you may not use this file
16 * except in compliance with the License. You may obtain a copy of
17 * the License at http://www.apache.org/licenses/LICENSE-2.0 .
18 */
19
20 #include <config_gpgme.h>
21
22 #include <sal/config.h>
23 #include <rtl/uuid.h>
24 #include <cppuhelper/supportsservice.hxx>
25 #include <gpg/xmlsignature_gpgimpl.hxx>
26
27 #include <gpgme.h>
28 #include <context.h>
29 #include <key.h>
30 #include <data.h>
31 #include <signingresult.h>
32 #include <importresult.h>
33
34 #include <xmlsec/xmldocumentwrapper_xmlsecimpl.hxx>
35 #include <xmlsec/xmlelementwrapper_xmlsecimpl.hxx>
36 #include <xmlsec/xmlstreamio.hxx>
37 #include <xmlsec/errorcallback.hxx>
38
39 #include "SecurityEnvironment.hxx"
40 #include <xmlsec-wrapper.h>
41
42 using namespace css::uno;
43 using namespace css::lang;
44 using namespace css::xml::wrapper;
45 using namespace css::xml::crypto;
46
47 XMLSignature_GpgImpl::XMLSignature_GpgImpl() {
48 }
49
50 XMLSignature_GpgImpl::~XMLSignature_GpgImpl() {
51 }
52
53 /* XXMLSignature */
54 Reference< XXMLSignatureTemplate >
55 SAL_CALL XMLSignature_GpgImpl::generate(
56 const Reference< XXMLSignatureTemplate >& aTemplate ,
57 const Reference< XSecurityEnvironment >& aEnvironment
58 )
59 {
60 xmlSecDSigCtxPtr pDsigCtx = nullptr ;
61 xmlNodePtr pNode = nullptr ;
62
63 if( !aTemplate.is() )
64 throw RuntimeException() ;
65
66 if( !aEnvironment.is() )
67 throw RuntimeException() ;
68
69 //Get the xml node
70 Reference< XXMLElementWrapper > xElement = aTemplate->getTemplate() ;
71 if( !xElement.is() ) {
72 throw RuntimeException() ;
73 }
74
75 XMLElementWrapper_XmlSecImpl* pElement =
76 dynamic_cast<XMLElementWrapper_XmlSecImpl*>(xElement.get());
77 if( pElement == nullptr ) {
78 throw RuntimeException() ;
79 }
80
81 pNode = pElement->getNativeElement() ;
82
83 //Get the stream/URI binding
84 Reference< XUriBinding > xUriBinding = aTemplate->getBinding() ;
85 if( xUriBinding.is() ) {
86 //Register the stream input callbacks into libxml2
87 if( xmlRegisterStreamInputCallbacks( xUriBinding ) < 0 )
88 throw RuntimeException() ;
89 }
90
91 //Get Keys Manager
92 SecurityEnvironmentGpg* pSecEnv =
93 dynamic_cast<SecurityEnvironmentGpg*>(aEnvironment.get());
94 if( pSecEnv == nullptr )
95 throw RuntimeException() ;
96
97 setErrorRecorder();
98
99 //Create Signature context
100 pDsigCtx = xmlSecDSigCtxCreate( nullptr ) ;
101 if( pDsigCtx == nullptr )
102 {
103 clearErrorRecorder();
104 return aTemplate;
105 }
106
107 // set intended operation to sign - several asserts inside libxmlsec
108 // wanting that for digest / transforms
109 pDsigCtx->operation = xmlSecTransformOperationSign;
110
111 // we default to SHA512 for all digests - nss crypto does not have it...
112 //pDsigCtx->defDigestMethodId = xmlSecTransformSha512Id;
113
114 // Calculate digest for all references
115 xmlNodePtr cur = xmlSecGetNextElementNode(pNode->children);
116 if( cur != nullptr )
117 cur = xmlSecGetNextElementNode(cur->children);
118 while( cur != nullptr )
119 {
120 // some of those children I suppose should be reference elements
121 if( xmlSecCheckNodeName(cur, xmlSecNodeReference, xmlSecDSigNs) )
122 {
123 xmlSecDSigReferenceCtxPtr pDsigRefCtx =
124 xmlSecDSigReferenceCtxCreate(pDsigCtx,
125 xmlSecDSigReferenceOriginSignedInfo);
126 if(pDsigRefCtx == nullptr)
127 throw RuntimeException();
128
129 // add this one to the list
130 if( xmlSecPtrListAdd(&(pDsigCtx->signedInfoReferences),
131 pDsigRefCtx) < 0 )
132 {
133 // TODO resource handling
134 xmlSecDSigReferenceCtxDestroy(pDsigRefCtx);
135 throw RuntimeException();
136 }
137
138 if( xmlSecDSigReferenceCtxProcessNode(pDsigRefCtx, cur) < 0 )
139 throw RuntimeException();
140
141 // final check - all good?
142 if(pDsigRefCtx->status != xmlSecDSigStatusSucceeded)
143 {
144 pDsigCtx->status = xmlSecDSigStatusInvalid;
145 return aTemplate; // TODO - harder error?
146 }
147 }
148
149 cur = xmlSecGetNextElementNode(cur->next);
150 }
151
152 // get me a digestible buffer from the signature template!
153 // -------------------------------------------------------
154
155 // run the transformations over SignedInfo element (first child of
156 // pNode)
157 xmlSecNodeSetPtr nodeset = nullptr;
158 cur = xmlSecGetNextElementNode(pNode->children);
159 // TODO assert that...
160 nodeset = xmlSecNodeSetGetChildren(pNode->doc, cur, 1, 0);
161 if(nodeset == nullptr)
162 throw RuntimeException("The GpgME library failed to initialize for the OpenPGP protocol.");
163
164 if( xmlSecTransformCtxXmlExecute(&(pDsigCtx->transformCtx), nodeset) < 0 )
165 throw RuntimeException("The GpgME library failed to initialize for the OpenPGP protocol.");
166
167 // now extract the keyid from PGPData
168 // walk xml tree to PGPData node - go to children, first is
169 // SignedInfo, 2nd is signaturevalue, 3rd is KeyInfo
170 // 1st child is PGPData, 1st grandchild is PGPKeyID
171 cur = xmlSecGetNextElementNode(pNode->children);
172 // TODO error handling
173 cur = xmlSecGetNextElementNode(cur->next);
174 cur = xmlSecGetNextElementNode(cur->next);
175 cur = xmlSecGetNextElementNode(cur->children);
176 // check that this is now PGPData
177 if(!xmlSecCheckNodeName(cur, xmlSecNodePGPData, xmlSecDSigNs))
178 throw RuntimeException("The GpgME library failed to initialize for the OpenPGP protocol.");
179 // check that this is now PGPKeyID
180 cur = xmlSecGetNextElementNode(cur->children);
181 static const xmlChar xmlSecNodePGPKeyID[] = "PGPKeyID";
182 if(!xmlSecCheckNodeName(cur, xmlSecNodePGPKeyID, xmlSecDSigNs))
183 throw RuntimeException("The GpgME library failed to initialize for the OpenPGP protocol.");
184
185 GpgME::Context& rCtx=pSecEnv->getGpgContext();
186 rCtx.setKeyListMode(GPGME_KEYLIST_MODE_LOCAL);
187 GpgME::Error err;
188 xmlChar* pKey=xmlNodeGetContent(cur);
189 if(xmlSecBase64Decode(pKey, reinterpret_cast<xmlSecByte*>(pKey), xmlStrlen(pKey)) < 0)
190 throw RuntimeException("The GpgME library failed to initialize for the OpenPGP protocol.");
191 if( rCtx.addSigningKey(
192 rCtx.key(
193 reinterpret_cast<char*>(pKey), err, true)) )
194 throw RuntimeException("The GpgME library failed to initialize for the OpenPGP protocol.");
195
196 xmlFree(pKey);
197
198 // good, ctx is setup now, let's sign the lot
199 GpgME::Data data_in(
200 reinterpret_cast<char*>(xmlSecBufferGetData(pDsigCtx->transformCtx.result)),
201 xmlSecBufferGetSize(pDsigCtx->transformCtx.result), false);
202 GpgME::Data data_out;
203
204 SAL_INFO("xmlsecurity.xmlsec.gpg", "Generating signature for: " << xmlSecBufferGetData(pDsigCtx->transformCtx.result));
205
206 // we base64-encode anyway
207 rCtx.setArmor(false);
208 GpgME::SigningResult sign_res=rCtx.sign(data_in, data_out,
209 GpgME::Detached);
210 off_t result = data_out.seek(0,SEEK_SET);
211 (void) result;
212 assert(result == 0);
213 int len=0, curr=0; char buf;
214 while( (curr=data_out.read(&buf, 1)) )
215 len += curr;
216
217 if(sign_res.error() || !len)
218 throw RuntimeException("The GpgME library failed to initialize for the OpenPGP protocol.");
219
220 // write signed data to xml
221 xmlChar* signature = static_cast<xmlChar*>(xmlMalloc(len + 1));
222 if(signature == nullptr)
223 throw RuntimeException("The GpgME library failed to initialize for the OpenPGP protocol.");
224 result = data_out.seek(0,SEEK_SET);
225 assert(result == 0);
226 if( data_out.read(signature, len) != len )
227 throw RuntimeException("The GpgME library failed to initialize for the OpenPGP protocol.");
228
229 // conversion to base64
230 xmlChar* signatureEncoded=nullptr;
231 if( !(signatureEncoded=xmlSecBase64Encode(reinterpret_cast<xmlSecByte*>(signature), len, 79)) )
232 throw RuntimeException("The GpgME library failed to initialize for the OpenPGP protocol.");
233 xmlFree(signature);
234
235 // walk xml tree to sign value node - go to children, first is
236 // SignedInfo, 2nd is signaturevalue
237 cur = xmlSecGetNextElementNode(pNode->children);
238 cur = xmlSecGetNextElementNode(cur->next);
239
240 // TODO some assert would be good...
241 xmlNodeSetContentLen(cur, signatureEncoded, xmlStrlen(signatureEncoded));
242 xmlFree(signatureEncoded);
243
244 aTemplate->setStatus(SecurityOperationStatus_OPERATION_SUCCEEDED);
245
246 // done
247 xmlSecDSigCtxDestroy( pDsigCtx ) ;
248
249 //Unregistered the stream/URI binding
250 if( xUriBinding.is() )
251 xmlUnregisterStreamInputCallbacks() ;
252
253 clearErrorRecorder();
254 return aTemplate ;
255 }
256
257 /* XXMLSignature */
258 Reference< XXMLSignatureTemplate >
259 SAL_CALL XMLSignature_GpgImpl::validate(
260 const Reference< XXMLSignatureTemplate >& aTemplate ,
261 const Reference< XXMLSecurityContext >& aSecurityCtx
262 ) {
263 xmlSecDSigCtxPtr pDsigCtx = nullptr ;
264 xmlNodePtr pNode = nullptr ;
265
266 if( !aTemplate.is() )
267 throw RuntimeException() ;
268
269 if( !aSecurityCtx.is() )
270 throw RuntimeException() ;
271
272 //Get the xml node
273 Reference< XXMLElementWrapper > xElement = aTemplate->getTemplate() ;
274 if( !xElement.is() )
275 throw RuntimeException() ;
276
277 XMLElementWrapper_XmlSecImpl* pElement =
278 dynamic_cast<XMLElementWrapper_XmlSecImpl*>(xElement.get());
279 if( pElement == nullptr )
280 throw RuntimeException() ;
281
282 pNode = pElement->getNativeElement() ;
283
284 //Get the stream/URI binding
285 Reference< XUriBinding > xUriBinding = aTemplate->getBinding() ;
286 if( xUriBinding.is() ) {
287 //Register the stream input callbacks into libxml2
288 if( xmlRegisterStreamInputCallbacks( xUriBinding ) < 0 )
289 throw RuntimeException() ;
290 }
291
292 setErrorRecorder();
293
294 sal_Int32 nSecurityEnvironment = aSecurityCtx->getSecurityEnvironmentNumber();
295 sal_Int32 i;
296
297 for (i=0; i<nSecurityEnvironment; ++i)
298 {
299 Reference< XSecurityEnvironment > aEnvironment = aSecurityCtx->getSecurityEnvironmentByIndex(i);
300
301 SecurityEnvironmentGpg* pSecEnv =
302 dynamic_cast<SecurityEnvironmentGpg*>(aEnvironment.get());
303 if( pSecEnv == nullptr )
304 throw RuntimeException() ;
305
306 // TODO figure out key from pSecEnv!
307 // unclear how/where that is transported in nss impl...
308
309 //Create Signature context
310 pDsigCtx = xmlSecDSigCtxCreate( nullptr ) ;
311 if( pDsigCtx == nullptr )
312 {
313 clearErrorRecorder();
314 return aTemplate;
315 }
316
317 // set intended operation to verify - several asserts inside libxmlsec
318 // wanting that for digest / transforms
319 pDsigCtx->operation = xmlSecTransformOperationVerify;
320
321 // reset status - to be set later
322 pDsigCtx->status = xmlSecDSigStatusUnknown;
323
324 // get me a digestible buffer from the SignatureInfo node!
325 // -------------------------------------------------------
326
327 // run the transformations - first child node is required to
328 // be SignatureInfo
329 xmlSecNodeSetPtr nodeset = nullptr;
330 xmlNodePtr cur = xmlSecGetNextElementNode(pNode->children);
331 // TODO assert that...
332 nodeset = xmlSecNodeSetGetChildren(pNode->doc, cur, 1, 0);
333 if(nodeset == nullptr)
334 throw RuntimeException("The GpgME library failed to initialize for the OpenPGP protocol.");
335
336 // TODO assert we really have the SignatureInfo here?
337 if( xmlSecTransformCtxXmlExecute(&(pDsigCtx->transformCtx), nodeset) < 0 )
338 throw RuntimeException("The GpgME library failed to initialize for the OpenPGP protocol.");
339
340 // Validate the template via gpgme
341 GpgME::Context& rCtx=pSecEnv->getGpgContext();
342
343 GpgME::Data data_text(
344 reinterpret_cast<char*>(xmlSecBufferGetData(pDsigCtx->transformCtx.result)),
345 xmlSecBufferGetSize(pDsigCtx->transformCtx.result), false);
346
347 SAL_INFO("xmlsecurity.xmlsec.gpg", "Validating SignatureInfo: " << xmlSecBufferGetData(pDsigCtx->transformCtx.result));
348
349 // walk xml tree to sign value node - go to children, first is
350 // SignedInfo, 2nd is signaturevalue
351 cur = xmlSecGetNextElementNode(pNode->children);
352 cur = xmlSecGetNextElementNode(cur->next);
353
354 if(!xmlSecCheckNodeName(cur, xmlSecNodeSignatureValue, xmlSecDSigNs))
355 throw RuntimeException("The GpgME library failed to initialize for the OpenPGP protocol.");
356 xmlChar* pSignatureValue=xmlNodeGetContent(cur);
357 int nSigSize = xmlSecBase64Decode(pSignatureValue, reinterpret_cast<xmlSecByte*>(pSignatureValue), xmlStrlen(pSignatureValue));
358 if( nSigSize < 0)
359 throw RuntimeException("The GpgME library failed to initialize for the OpenPGP protocol.");
360
361 GpgME::Data data_signature(
362 reinterpret_cast<char*>(pSignatureValue),
363 nSigSize, false);
364
365 GpgME::VerificationResult verify_res=rCtx.verifyDetachedSignature(
366 data_signature, data_text);
367
368 // TODO: needs some more error handling, needs checking _all_ signatures
369 if( verify_res.isNull() || verify_res.numSignatures() == 0
370 // there is at least 1 signature and it is anything else than fully valid
371 || ( (verify_res.numSignatures() > 0)
372 && verify_res.signature(0).status().encodedError() > 0 ) )
373 {
374 // let's try again, but this time import the public key
375 // payload (avoiding that in a first cut for being a bit
376 // speedier. also prevents all too easy poisoning/sha1
377 // fingerprint collision attacks)
378
379 // walk xml tree to PGPData node - go to children, first is
380 // SignedInfo, 2nd is signaturevalue, 3rd is KeyInfo
381 // 1st child is PGPData, 1st or 2nd grandchild is PGPKeyPacket
382 cur = xmlSecGetNextElementNode(pNode->children);
383 // TODO error handling
384 cur = xmlSecGetNextElementNode(cur->next);
385 cur = xmlSecGetNextElementNode(cur->next);
386 cur = xmlSecGetNextElementNode(cur->children);
387 // check that this is now PGPData
388 if(!xmlSecCheckNodeName(cur, xmlSecNodePGPData, xmlSecDSigNs))
389 throw RuntimeException("The GpgME library failed to initialize for the OpenPGP protocol.");
390 // check that this is now PGPKeyPacket
391 cur = xmlSecGetNextElementNode(cur->children);
392 static const xmlChar xmlSecNodePGPKeyPacket[] = "PGPKeyPacket";
393 if(!xmlSecCheckNodeName(cur, xmlSecNodePGPKeyPacket, xmlSecDSigNs))
394 {
395 // not this one, maybe the next?
396 cur = xmlSecGetNextElementNode(cur->next);
397 if(!xmlSecCheckNodeName(cur, xmlSecNodePGPKeyPacket, xmlSecDSigNs))
398 {
399 // ok, giving up
400 clearErrorRecorder();
401 xmlFree(pSignatureValue);
402
403 return aTemplate;
404 }
405 }
406
407 // got a key packet, import & re-validate
408 xmlChar* pKeyPacket=xmlNodeGetContent(cur);
409 int nKeyLen = xmlSecBase64Decode(pKeyPacket, reinterpret_cast<xmlSecByte*>(pKeyPacket), xmlStrlen(pKeyPacket));
410 if( nKeyLen < 0)
411 throw RuntimeException("The GpgME library failed to initialize for the OpenPGP protocol.");
412
413 GpgME::Data data_key(
414 reinterpret_cast<char*>(pKeyPacket),
415 nKeyLen, false);
416
417 GpgME::ImportResult import_res=rCtx.importKeys(data_key);
418 xmlFree(pKeyPacket);
419
420 // and re-run (rewind text and signature streams to position 0)
421 data_text.seek(0,SEEK_SET);
422 data_signature.seek(0,SEEK_SET);
423 verify_res=rCtx.verifyDetachedSignature(data_signature, data_text);
424
425 // TODO: needs some more error handling, needs checking _all_ signatures
426 if( verify_res.isNull() || verify_res.numSignatures() == 0
427 // there is at least 1 signature and it is anything else than valid
428 || ( (verify_res.numSignatures() > 0)
429 && verify_res.signature(0).status().encodedError() > 0 ) )
430 {
431 clearErrorRecorder();
432 xmlFree(pSignatureValue);
433
434 return aTemplate;
435 }
436 }
437
438 xmlFree(pSignatureValue);
439
440 // now verify digest for all references
441 cur = xmlSecGetNextElementNode(pNode->children);
442 if( cur != nullptr )
443 cur = xmlSecGetNextElementNode(cur->children);
444 while( cur != nullptr )
445 {
446 // some of those children I suppose should be reference elements
447 if( xmlSecCheckNodeName(cur, xmlSecNodeReference, xmlSecDSigNs) )
448 {
449 xmlSecDSigReferenceCtxPtr pDsigRefCtx =
450 xmlSecDSigReferenceCtxCreate(pDsigCtx,
451 xmlSecDSigReferenceOriginSignedInfo);
452 if(pDsigRefCtx == nullptr)
453 throw RuntimeException();
454
455 // add this one to the list
456 if( xmlSecPtrListAdd(&(pDsigCtx->signedInfoReferences),
457 pDsigRefCtx) < 0 )
458 {
459 // TODO resource handling
460 xmlSecDSigReferenceCtxDestroy(pDsigRefCtx);
461 throw RuntimeException();
462 }
463
464 if( xmlSecDSigReferenceCtxProcessNode(pDsigRefCtx, cur) < 0 )
465 throw RuntimeException();
466
467 // final check - all good?
468 if(pDsigRefCtx->status != xmlSecDSigStatusSucceeded)
469 {
470 pDsigCtx->status = xmlSecDSigStatusInvalid;
471 return aTemplate; // TODO - harder error?
472 }
473 }
474
475 cur = xmlSecGetNextElementNode(cur->next);
476 }
477
478 // TODO - also verify manifest (only relevant for ooxml)?
479 aTemplate->setStatus(SecurityOperationStatus_OPERATION_SUCCEEDED);
480
481 // done
482 xmlSecDSigCtxDestroy( pDsigCtx ) ;
483 }
484
485 //Unregistered the stream/URI binding
486 if( xUriBinding.is() )
487 xmlUnregisterStreamInputCallbacks() ;
488
489 clearErrorRecorder();
490 return aTemplate ;
491 }
492
493 /* XServiceInfo */
494 OUString SAL_CALL XMLSignature_GpgImpl::getImplementationName() {
495 return impl_getImplementationName() ;
496 }
497
498 /* XServiceInfo */
499 sal_Bool SAL_CALL XMLSignature_GpgImpl::supportsService( const OUString& serviceName) {
500 return cppu::supportsService(this, serviceName);
501 }
502
503 /* XServiceInfo */
504 Sequence< OUString > SAL_CALL XMLSignature_GpgImpl::getSupportedServiceNames() {
505 return impl_getSupportedServiceNames() ;
506 }
507
508 //Helper for XServiceInfo
509 Sequence< OUString > XMLSignature_GpgImpl::impl_getSupportedServiceNames() {
510 ::osl::Guard< ::osl::Mutex > aGuard( ::osl::Mutex::getGlobalMutex() ) ;
511 Sequence<OUString> seqServiceNames { "com.sun.star.xml.crypto.XMLSignature" };
512 return seqServiceNames ;
513 }
514
515 OUString XMLSignature_GpgImpl::impl_getImplementationName() {
516 return OUString("com.sun.star.xml.security.bridge.xmlsec.XMLSignature_GpgImpl") ;
517 }
518
519 //Helper for registry
520 Reference< XInterface > SAL_CALL XMLSignature_GpgImpl::impl_createInstance( const Reference< XMultiServiceFactory >& ) {
521 return Reference< XInterface >( *new XMLSignature_GpgImpl ) ;
522 }
523
524 Reference< XSingleServiceFactory > XMLSignature_GpgImpl::impl_createFactory( const Reference< XMultiServiceFactory >& aServiceManager ) {
525 return ::cppu::createSingleFactory( aServiceManager , impl_getImplementationName() , impl_createInstance , impl_getSupportedServiceNames() ) ;
526 }
527
528 /* vim:set shiftwidth=4 softtabstop=4 expandtab: */
FREE OFFICE SUITE