search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
Bump version to 6.0-36
[LibreOffice.git] / xmlsecurity / source / helper / xsecctl.cxx
blob8cbe75fbef44e5d4c147b2087e533f544225536d
1 /* -*- Mode: C++; tab-width: 4; indent-tabs-mode: nil; c-basic-offset: 4; fill-column: 100 -*- */
2 /*
3 * This file is part of the LibreOffice project.
4 *
5 * This Source Code Form is subject to the terms of the Mozilla Public
6 * License, v. 2.0. If a copy of the MPL was not distributed with this
7 * file, You can obtain one at http://mozilla.org/MPL/2.0/.
8 *
9 * This file incorporates work covered by the following license notice:
10 *
11 * Licensed to the Apache Software Foundation (ASF) under one or more
12 * contributor license agreements. See the NOTICE file distributed
13 * with this work for additional information regarding copyright
14 * ownership. The ASF licenses this file to you under the Apache
15 * License, Version 2.0 (the "License"); you may not use this file
16 * except in compliance with the License. You may obtain a copy of
17 * the License at http://www.apache.org/licenses/LICENSE-2.0 .
18 */
19
20 #include <config_gpgme.h>
21
22 #include <xsecctl.hxx>
23 #include <documentsignaturehelper.hxx>
24 #include <framework/saxeventkeeperimpl.hxx>
25 #include <xmlsec/xmldocumentwrapper_xmlsecimpl.hxx>
26 #if HAVE_FEATURE_GPGME
27 # include <gpg/xmlsignature_gpgimpl.hxx>
28 #endif
29
30 #include <com/sun/star/xml/crypto/sax/ElementMarkPriority.hpp>
31 #include <com/sun/star/xml/crypto/sax/XReferenceResolvedBroadcaster.hpp>
32 #include <com/sun/star/xml/crypto/sax/XMissionTaker.hpp>
33 #include <com/sun/star/xml/crypto/sax/XReferenceCollector.hpp>
34 #include <com/sun/star/xml/crypto/sax/XSAXEventKeeperStatusChangeBroadcaster.hpp>
35 #include <com/sun/star/xml/crypto/SecurityOperationStatus.hpp>
36 #ifdef ANDROID
37 #include <com/sun/star/xml/crypto/XXMLSignature.hpp>
38 #endif
39 #include <com/sun/star/embed/XHierarchicalStorageAccess.hpp>
40 #include <com/sun/star/embed/ElementModes.hpp>
41 #include <com/sun/star/beans/StringPair.hpp>
42
43 #include <xmloff/attrlist.hxx>
44 #include <rtl/math.hxx>
45 #include <rtl/ref.hxx>
46 #include <unotools/datetime.hxx>
47 #include <comphelper/ofopxmlhelper.hxx>
48 #include <sax/tools/converter.hxx>
49 #include "ooxmlsecexporter.hxx"
50 #include <xmlsignaturehelper2.hxx>
51
52 namespace cssu = com::sun::star::uno;
53 namespace cssl = com::sun::star::lang;
54 namespace cssxc = com::sun::star::xml::crypto;
55 namespace cssxs = com::sun::star::xml::sax;
56 using namespace com::sun::star;
57
58 namespace
59 {
60 OUString getDigestURI(sal_Int32 nID)
61 {
62 switch( nID )
63 {
64 case cssxc::DigestID::SHA1:
65 return OUString(ALGO_XMLDSIGSHA1);
66 case cssxc::DigestID::SHA256:
67 return OUString(ALGO_XMLDSIGSHA256);
68 case cssxc::DigestID::SHA512:
69 return OUString(ALGO_XMLDSIGSHA512);
70 default:
71 return OUString(ALGO_XMLDSIGSHA1);
72 }
73 }
74 OUString getSignatureURI(sal_Int32 nID)
75 {
76 switch( nID )
77 {
78 case cssxc::DigestID::SHA1:
79 return OUString(ALGO_RSASHA1);
80 case cssxc::DigestID::SHA256:
81 return OUString(ALGO_RSASHA256);
82 case cssxc::DigestID::SHA512:
83 return OUString(ALGO_RSASHA512);
84 default:
85 return OUString(ALGO_RSASHA1);
86 }
87 }
88 }
89
90 XSecController::XSecController( const cssu::Reference<cssu::XComponentContext>& rxCtx )
91 : mxCtx(rxCtx)
92 , m_nNextSecurityId(1)
93 , m_bIsPreviousNodeInitializable(false)
94 , m_bIsSAXEventKeeperConnected(false)
95 , m_bIsCollectingElement(false)
96 , m_bIsBlocking(false)
97 , m_eStatusOfSecurityComponents(InitializationState::UNINITIALIZED)
98 , m_bIsSAXEventKeeperSticky(false)
99 , m_nReservedSignatureId(0)
100 , m_bVerifyCurrentSignature(false)
101 {
102 }
103
104 XSecController::~XSecController()
105 {
106 }
107
108
109 /*
110 * private methods
111 */
112 int XSecController::findSignatureInfor( sal_Int32 nSecurityId) const
113 /****** XSecController/findSignatureInfor *************************************
114 *
115 * NAME
116 * findSignatureInfor -- find SignatureInformation struct for a particular
117 * signature
118 *
119 * SYNOPSIS
120 * index = findSignatureInfor( nSecurityId );
121 *
122 * INPUTS
123 * nSecurityId - the signature's id
124 *
125 * RESULT
126 * index - the index of the signature, or -1 when no such signature
127 * existing
128 ******************************************************************************/
129 {
130 int i;
131 int size = m_vInternalSignatureInformations.size();
132
133 for (i=0; i<size; ++i)
134 {
135 if (m_vInternalSignatureInformations[i].signatureInfor.nSecurityId == nSecurityId)
136 {
137 return i;
138 }
139 }
140
141 return -1;
142 }
143
144 void XSecController::createXSecComponent( )
145 /****** XSecController/createXSecComponent ************************************
146 *
147 * NAME
148 * bResult = createXSecComponent -- creates xml security components
149 *
150 * FUNCTION
151 * Creates xml security components, including:
152 * 1. an xml signature bridge component
153 * 2. an XMLDocumentWrapper component
154 * 3. a SAXEventKeeper component
155 ******************************************************************************/
156 {
157 /*
158 * marks all security components are not available.
159 */
160 m_eStatusOfSecurityComponents = InitializationState::FAILTOINITIALIZED;
161 m_xXMLSignature = nullptr;
162 m_xXMLDocumentWrapper = nullptr;
163 m_xSAXEventKeeper = nullptr;
164
165 cssu::Reference< cssl::XMultiComponentFactory > xMCF( mxCtx->getServiceManager() );
166
167 #if HAVE_FEATURE_GPGME
168 uno::Reference< lang::XServiceInfo > xServiceInfo( m_xSecurityContext, cssu::UNO_QUERY );
169 if (xServiceInfo->getImplementationName() == "com.sun.star.xml.security.gpg.XMLSecurityContext_GpgImpl")
170 m_xXMLSignature.set(new XMLSignature_GpgImpl());
171 else // xmlsec or mscrypt
172 #endif
173 m_xXMLSignature.set(xMCF->createInstanceWithContext("com.sun.star.xml.crypto.XMLSignature", mxCtx), cssu::UNO_QUERY);
174
175 bool bSuccess = m_xXMLSignature.is();
176 if ( bSuccess )
177 /*
178 * XMLSignature created successfully.
179 */
180 m_xXMLDocumentWrapper = new XMLDocumentWrapper_XmlSecImpl();
181
182 bSuccess &= m_xXMLDocumentWrapper.is();
183 if ( bSuccess )
184 m_xSAXEventKeeper = new SAXEventKeeperImpl();
185
186 bSuccess &= m_xSAXEventKeeper.is();
187
188 if (bSuccess)
189 /*
190 * SAXEventKeeper created successfully.
191 */
192 {
193 cssu::Sequence <cssu::Any> arg(1);
194 arg[0] <<= uno::Reference<xml::wrapper::XXMLDocumentWrapper>(m_xXMLDocumentWrapper.get());
195 m_xSAXEventKeeper->initialize(arg);
196
197 cssu::Reference< cssxc::sax::XSAXEventKeeperStatusChangeListener >
198 xStatusChangeListener = this;
199
200 m_xSAXEventKeeper->addSAXEventKeeperStatusChangeListener( xStatusChangeListener );
201
202 m_eStatusOfSecurityComponents = InitializationState::INITIALIZED;
203 }
204 }
205
206 bool XSecController::chainOn()
207 /****** XSecController/chainOn ************************************************
208 *
209 * NAME
210 * chainOn -- tries to connect the SAXEventKeeper with the SAX chain.
211 *
212 * SYNOPSIS
213 * bJustChainingOn = chainOn();
214 *
215 * FUNCTION
216 * First, checks whether the SAXEventKeeper is on the SAX chain. If not,
217 * creates xml security components, and chains the SAXEventKeeper into
218 * the SAX chain.
219 * Before being chained in, the SAXEventKeeper needs to receive all
220 * missed key SAX events, which can promise the DOM tree bufferred by the
221 * SAXEventKeeper has the same structure with the original document.
222 *
223 * RESULT
224 * bJustChainingOn - whether the SAXEventKeeper is just chained into the
225 * SAX chain.
226 *
227 * NOTES
228 * Sometimes, the last key SAX event can't be transferred to the
229 * SAXEventKeeper together.
230 * For instance, at the time an referenced element is detected, the
231 * startElement event has already been reserved by the ElementStackKeeper.
232 * Meanwhile, an ElementCollector needs to be created before the
233 * SAXEventKeeper receives that startElement event.
234 * So for the SAXEventKeeper, it needs to receive all missed key SAX
235 * events except that startElement event, then adds a new
236 * ElementCollector, then receives that startElement event.
237 ******************************************************************************/
238 {
239 bool rc = false;
240
241 if (!m_bIsSAXEventKeeperSticky && !m_bIsSAXEventKeeperConnected)
242 {
243 if ( m_eStatusOfSecurityComponents == InitializationState::UNINITIALIZED )
244 {
245 createXSecComponent();
246 }
247
248 if ( m_eStatusOfSecurityComponents == InitializationState::INITIALIZED )
249 /*
250 * if all security components are ready, chains on the SAXEventKeeper
251 */
252 {
253 /*
254 * disconnect the SAXEventKeeper with its current output handler,
255 * to make sure no SAX event is forwarded during the connecting
256 * phase.
257 */
258 m_xSAXEventKeeper->setNextHandler( nullptr );
259
260 cssu::Reference< cssxs::XDocumentHandler > xSEKHandler(static_cast<cppu::OWeakObject*>(m_xSAXEventKeeper.get()), cssu::UNO_QUERY);
261
262 /*
263 * connects the previous document handler on the SAX chain
264 */
265 if ( m_xPreviousNodeOnSAXChain.is() )
266 {
267 if ( m_bIsPreviousNodeInitializable )
268 {
269 cssu::Reference< cssl::XInitialization > xInitialization
270 (m_xPreviousNodeOnSAXChain, cssu::UNO_QUERY);
271
272 cssu::Sequence<cssu::Any> aArgs( 1 );
273 aArgs[0] <<= xSEKHandler;
274 xInitialization->initialize(aArgs);
275 }
276 else
277 {
278 cssu::Reference< cssxs::XParser > xParser
279 (m_xPreviousNodeOnSAXChain, cssu::UNO_QUERY);
280 xParser->setDocumentHandler( xSEKHandler );
281 }
282 }
283
284 /*
285 * connects the next document handler on the SAX chain
286 */
287 m_xSAXEventKeeper->setNextHandler(uno::Reference<xml::sax::XDocumentHandler>());
288
289 m_bIsSAXEventKeeperConnected = true;
290
291 rc = true;
292 }
293 }
294
295 return rc;
296 }
297
298 void XSecController::chainOff()
299 /****** XSecController/chainOff ***********************************************
300 *
301 * NAME
302 * chainOff -- disconnects the SAXEventKeeper from the SAX chain.
303 ******************************************************************************/
304 {
305 if (!m_bIsSAXEventKeeperSticky )
306 {
307 if (m_bIsSAXEventKeeperConnected)
308 {
309 m_xSAXEventKeeper->setNextHandler( nullptr );
310
311 if ( m_xPreviousNodeOnSAXChain.is() )
312 {
313 if ( m_bIsPreviousNodeInitializable )
314 {
315 cssu::Reference< cssl::XInitialization > xInitialization
316 (m_xPreviousNodeOnSAXChain, cssu::UNO_QUERY);
317
318 cssu::Sequence<cssu::Any> aArgs( 1 );
319 aArgs[0] <<= uno::Reference<xml::sax::XDocumentHandler>();
320 xInitialization->initialize(aArgs);
321 }
322 else
323 {
324 cssu::Reference< cssxs::XParser > xParser(m_xPreviousNodeOnSAXChain, cssu::UNO_QUERY);
325 xParser->setDocumentHandler(uno::Reference<xml::sax::XDocumentHandler>());
326 }
327 }
328
329 m_bIsSAXEventKeeperConnected = false;
330 }
331 }
332 }
333
334 void XSecController::checkChainingStatus()
335 /****** XSecController/checkChainingStatus ************************************
336 *
337 * NAME
338 * checkChainingStatus -- connects or disconnects the SAXEventKeeper
339 * according to the current situation.
340 *
341 * SYNOPSIS
342 * checkChainingStatus( );
343 *
344 * FUNCTION
345 * The SAXEventKeeper is chained into the SAX chain, when:
346 * 1. some element is being collected, or
347 * 2. the SAX event stream is blocking.
348 * Otherwise, chain off the SAXEventKeeper.
349 ******************************************************************************/
350 {
351 if ( m_bIsCollectingElement || m_bIsBlocking )
352 {
353 chainOn();
354 }
355 else
356 {
357 chainOff();
358 }
359 }
360
361 void XSecController::initializeSAXChain()
362 /****** XSecController/initializeSAXChain *************************************
363 *
364 * NAME
365 * initializeSAXChain -- initializes the SAX chain according to the
366 * current setting.
367 *
368 * FUNCTION
369 * Initializes the SAX chain, if the SAXEventKeeper is asked to be always
370 * on the SAX chain, chains it on. Otherwise, starts the
371 * ElementStackKeeper to reserve key SAX events.
372 ******************************************************************************/
373 {
374 m_bIsSAXEventKeeperConnected = false;
375 m_bIsCollectingElement = false;
376 m_bIsBlocking = false;
377
378 chainOff();
379 }
380
381 cssu::Reference< css::io::XInputStream >
382 XSecController::getObjectInputStream( const OUString& objectURL )
383 /****** XSecController/getObjectInputStream ************************************
384 *
385 * NAME
386 * getObjectInputStream -- get a XInputStream interface from a SotStorage
387 *
388 * SYNOPSIS
389 * xInputStream = getObjectInputStream( objectURL );
390 *
391 * INPUTS
392 * objectURL - the object uri
393 *
394 * RESULT
395 * xInputStream - the XInputStream interface
396 ******************************************************************************/
397 {
398 cssu::Reference< css::io::XInputStream > xObjectInputStream;
399
400 SAL_WARN_IF( !m_xUriBinding.is(), "xmlsecurity.helper", "Need XUriBinding!" );
401
402 xObjectInputStream = m_xUriBinding->getUriBinding(objectURL);
403
404 return xObjectInputStream;
405 }
406
407 /*
408 * public methods
409 */
410
411 sal_Int32 XSecController::getNewSecurityId( )
412 {
413 sal_Int32 nId = m_nNextSecurityId;
414 m_nNextSecurityId++;
415 return nId;
416 }
417
418 void XSecController::startMission(const rtl::Reference<UriBindingHelper>& xUriBinding, const cssu::Reference< cssxc::XXMLSecurityContext >& xSecurityContext )
419 /****** XSecController/startMission *******************************************
420 *
421 * NAME
422 * startMission -- starts a new security mission.
423 *
424 * FUNCTION
425 * get ready for a new mission.
426 *
427 * INPUTS
428 * xUriBinding - the Uri binding that provide maps between uris and
429 * XInputStreams
430 * xSecurityContext - the security context component which can provide
431 * cryptoken
432 ******************************************************************************/
433 {
434 m_xUriBinding = xUriBinding;
435
436 m_eStatusOfSecurityComponents = InitializationState::UNINITIALIZED;
437 m_xSecurityContext = xSecurityContext;
438
439 m_vInternalSignatureInformations.clear();
440
441 m_bVerifyCurrentSignature = false;
442 }
443
444 void XSecController::setSAXChainConnector(const cssu::Reference< cssl::XInitialization >& xInitialization)
445 /****** XSecController/setSAXChainConnector ***********************************
446 *
447 * NAME
448 * setSAXChainConnector -- configures the components which will
449 * collaborate with the SAXEventKeeper on the SAX chain.
450 *
451 * SYNOPSIS
452 * setSAXChainConnector(xInitialization);
453 *
454 * INPUTS
455 * xInitialization - the previous node on the SAX chain
456 ******************************************************************************/
457 {
458 m_bIsPreviousNodeInitializable = true;
459 m_xPreviousNodeOnSAXChain = xInitialization;
460
461 initializeSAXChain( );
462 }
463
464 void XSecController::clearSAXChainConnector()
465 /****** XSecController/clearSAXChainConnector *********************************
466 *
467 * NAME
468 * clearSAXChainConnector -- resets the collaborating components.
469 ******************************************************************************/
470 {
471 chainOff();
472
473 m_xPreviousNodeOnSAXChain = nullptr;
474 }
475
476 void XSecController::endMission()
477 /****** XSecController/endMission *********************************************
478 *
479 * NAME
480 * endMission -- forces to end all missions
481 *
482 * FUNCTION
483 * Deletes all signature information and forces all missions to an end.
484 ******************************************************************************/
485 {
486 sal_Int32 size = m_vInternalSignatureInformations.size();
487
488 for (int i=0; i<size; ++i)
489 {
490 if ( m_eStatusOfSecurityComponents == InitializationState::INITIALIZED )
491 /*
492 * ResolvedListener only exist when the security components are created.
493 */
494 {
495 cssu::Reference< cssxc::sax::XMissionTaker > xMissionTaker
496 ( m_vInternalSignatureInformations[i].xReferenceResolvedListener, cssu::UNO_QUERY );
497
498 /*
499 * asks the SignatureCreator/SignatureVerifier to release
500 * all resources it uses.
501 */
502 xMissionTaker->endMission();
503 }
504 }
505
506 m_xUriBinding = nullptr;
507 m_xSecurityContext = nullptr;
508
509 /*
510 * free the status change listener reference to this object
511 */
512 if (m_xSAXEventKeeper.is())
513 m_xSAXEventKeeper->addSAXEventKeeperStatusChangeListener( nullptr );
514 }
515
516 namespace
517 {
518 void writeUnsignedProperties(
519 const css::uno::Reference<css::xml::sax::XDocumentHandler>& xDocumentHandler,
520 const SignatureInformation& signatureInfo)
521 {
522 {
523 rtl::Reference<SvXMLAttributeList> pAttributeList(new SvXMLAttributeList());
524 pAttributeList->AddAttribute("Id", "idUnsignedProperties");
525 xDocumentHandler->startElement("xd:UnsignedProperties", uno::Reference<xml::sax::XAttributeList>(pAttributeList.get()));
526 }
527
528 {
529 xDocumentHandler->startElement("xd:UnsignedSignatureProperties", uno::Reference<xml::sax::XAttributeList>(new SvXMLAttributeList()));
530
531 {
532 xDocumentHandler->startElement("xd:CertificateValues", uno::Reference<xml::sax::XAttributeList>(new SvXMLAttributeList()));
533
534 {
535 for (const auto& i: signatureInfo.maEncapsulatedX509Certificates)
536 {
537 xDocumentHandler->startElement("xd:EncapsulatedX509Certificate", uno::Reference<xml::sax::XAttributeList>(new SvXMLAttributeList()));
538 xDocumentHandler->characters(i);
539 xDocumentHandler->endElement("xd:EncapsulatedX509Certificate");
540 }
541 }
542
543 xDocumentHandler->endElement("xd:CertificateValues");
544 }
545
546 xDocumentHandler->endElement("xd:UnsignedSignatureProperties");
547 }
548
549 xDocumentHandler->endElement("xd:UnsignedProperties");
550 }
551
552 }
553
554 void XSecController::exportSignature(
555 const cssu::Reference<cssxs::XDocumentHandler>& xDocumentHandler,
556 const SignatureInformation& signatureInfo,
557 bool bXAdESCompliantIfODF )
558 /****** XSecController/exportSignature ****************************************
559 *
560 * NAME
561 * exportSignature -- export a signature structure to an XDocumentHandler
562 *
563 * SYNOPSIS
564 * exportSignature( xDocumentHandler, signatureInfo);
565 *
566 * INPUTS
567 * xDocumentHandler - the document handler to receive the signature
568 * signatureInfo - signature to be exported
569 ******************************************************************************/
570 {
571 const SignatureReferenceInformations& vReferenceInfors = signatureInfo.vSignatureReferenceInfors;
572 SvXMLAttributeList *pAttributeList;
573
574 /*
575 * Write Signature element
576 */
577 pAttributeList = new SvXMLAttributeList();
578 pAttributeList->AddAttribute(
579 "xmlns",
580 NS_XMLDSIG);
581
582 if (!signatureInfo.ouSignatureId.isEmpty())
583 {
584 pAttributeList->AddAttribute(
585 "Id",
586 signatureInfo.ouSignatureId);
587 }
588
589 xDocumentHandler->startElement( "Signature", cssu::Reference< cssxs::XAttributeList > (pAttributeList));
590 {
591 /* Write SignedInfo element */
592 xDocumentHandler->startElement(
593 "SignedInfo",
594 cssu::Reference< cssxs::XAttributeList > (new SvXMLAttributeList()));
595 {
596 /* Write CanonicalizationMethod element */
597 pAttributeList = new SvXMLAttributeList();
598 pAttributeList->AddAttribute(
599 "Algorithm",
600 ALGO_C14N);
601 xDocumentHandler->startElement( "CanonicalizationMethod", cssu::Reference< cssxs::XAttributeList > (pAttributeList) );
602 xDocumentHandler->endElement( "CanonicalizationMethod" );
603
604 /* Write SignatureMethod element */
605 pAttributeList = new SvXMLAttributeList();
606
607 // TODO: actually roundtrip this value from parsing documentsignatures.xml - entirely
608 // broken to assume this would in any way relate to the 1st reference's digest algo
609
610 // Assume that all Reference elements use the same DigestMethod:Algorithm, and that the
611 // SignatureMethod:Algorithm should be the corresponding one.
612 pAttributeList->AddAttribute(
613 "Algorithm",
614 getSignatureURI(vReferenceInfors[0].nDigestID));
615 xDocumentHandler->startElement( "SignatureMethod", cssu::Reference< cssxs::XAttributeList > (pAttributeList) );
616 xDocumentHandler->endElement( "SignatureMethod" );
617
618 /* Write Reference element */
619 int j;
620 int refNum = vReferenceInfors.size();
621
622 for(j=0; j<refNum; ++j)
623 {
624 const SignatureReferenceInformation& refInfor = vReferenceInfors[j];
625
626 pAttributeList = new SvXMLAttributeList();
627 if ( refInfor.nType != SignatureReferenceType::SAMEDOCUMENT )
628 /*
629 * stream reference
630 */
631 {
632 pAttributeList->AddAttribute(
633 "URI",
634 refInfor.ouURI);
635 }
636 else
637 /*
638 * same-document reference
639 */
640 {
641 pAttributeList->AddAttribute(
642 "URI",
643 "#" + refInfor.ouURI);
644 }
645
646 xDocumentHandler->startElement( "Reference", cssu::Reference< cssxs::XAttributeList > (pAttributeList) );
647 {
648 /* Write Transforms element */
649 if (refInfor.nType == SignatureReferenceType::XMLSTREAM)
650 /*
651 * xml stream, so c14n transform is needed
652 */
653 {
654 xDocumentHandler->startElement(
655 "Transforms",
656 cssu::Reference< cssxs::XAttributeList > (new SvXMLAttributeList()));
657 {
658 pAttributeList = new SvXMLAttributeList();
659 pAttributeList->AddAttribute(
660 "Algorithm",
661 ALGO_C14N);
662 xDocumentHandler->startElement(
663 "Transform",
664 cssu::Reference< cssxs::XAttributeList > (pAttributeList) );
665 xDocumentHandler->endElement( "Transform" );
666 }
667 xDocumentHandler->endElement( "Transforms" );
668 }
669
670 /* Write DigestMethod element */
671 pAttributeList = new SvXMLAttributeList();
672 pAttributeList->AddAttribute(
673 "Algorithm",
674 getDigestURI(refInfor.nDigestID));
675 xDocumentHandler->startElement(
676 "DigestMethod",
677 cssu::Reference< cssxs::XAttributeList > (pAttributeList) );
678 xDocumentHandler->endElement( "DigestMethod" );
679
680 /* Write DigestValue element */
681 xDocumentHandler->startElement(
682 "DigestValue",
683 cssu::Reference< cssxs::XAttributeList > (new SvXMLAttributeList()));
684 xDocumentHandler->characters( refInfor.ouDigestValue );
685 xDocumentHandler->endElement( "DigestValue" );
686 }
687 xDocumentHandler->endElement( "Reference" );
688 }
689 }
690 xDocumentHandler->endElement( "SignedInfo" );
691
692 /* Write SignatureValue element */
693 xDocumentHandler->startElement(
694 "SignatureValue",
695 cssu::Reference< cssxs::XAttributeList > (new SvXMLAttributeList()));
696 xDocumentHandler->characters( signatureInfo.ouSignatureValue );
697 xDocumentHandler->endElement( "SignatureValue" );
698
699 /* Write KeyInfo element */
700 xDocumentHandler->startElement(
701 "KeyInfo",
702 cssu::Reference< cssxs::XAttributeList > (new SvXMLAttributeList()));
703 {
704 // GPG or X509 key?
705 if (!signatureInfo.ouGpgCertificate.isEmpty())
706 {
707 pAttributeList = new SvXMLAttributeList();
708 pAttributeList->AddAttribute("xmlns:loext", NS_LOEXT);
709 /* Write PGPData element */
710 xDocumentHandler->startElement(
711 "PGPData",
712 cssu::Reference< cssxs::XAttributeList > (pAttributeList));
713 {
714 /* Write keyid element */
715 xDocumentHandler->startElement(
716 "PGPKeyID",
717 cssu::Reference< cssxs::XAttributeList > (new SvXMLAttributeList()));
718 xDocumentHandler->characters( signatureInfo.ouCertDigest );
719 xDocumentHandler->endElement( "PGPKeyID" );
720
721 /* Write PGPKeyPacket element */
722 if (!signatureInfo.ouGpgCertificate.isEmpty())
723 {
724 xDocumentHandler->startElement(
725 "PGPKeyPacket",
726 cssu::Reference< cssxs::XAttributeList > (new SvXMLAttributeList()));
727 xDocumentHandler->characters( signatureInfo.ouGpgCertificate );
728 xDocumentHandler->endElement( "PGPKeyPacket" );
729 }
730
731 /* Write PGPOwner element */
732 xDocumentHandler->startElement(
733 "loext:PGPOwner",
734 cssu::Reference< cssxs::XAttributeList >(new SvXMLAttributeList()));
735 xDocumentHandler->characters( signatureInfo.ouGpgOwner );
736 xDocumentHandler->endElement( "loext:PGPOwner" );
737 }
738 xDocumentHandler->endElement( "PGPData" );
739 }
740 else
741 {
742 /* Write X509Data element */
743 xDocumentHandler->startElement(
744 "X509Data",
745 cssu::Reference< cssxs::XAttributeList > (new SvXMLAttributeList()));
746 {
747 /* Write X509IssuerSerial element */
748 xDocumentHandler->startElement(
749 "X509IssuerSerial",
750 cssu::Reference< cssxs::XAttributeList > (new SvXMLAttributeList()));
751 {
752 /* Write X509IssuerName element */
753 xDocumentHandler->startElement(
754 "X509IssuerName",
755 cssu::Reference< cssxs::XAttributeList > (new SvXMLAttributeList()));
756 xDocumentHandler->characters( signatureInfo.ouX509IssuerName );
757 xDocumentHandler->endElement( "X509IssuerName" );
758
759 /* Write X509SerialNumber element */
760 xDocumentHandler->startElement(
761 "X509SerialNumber",
762 cssu::Reference< cssxs::XAttributeList > (new SvXMLAttributeList()));
763 xDocumentHandler->characters( signatureInfo.ouX509SerialNumber );
764 xDocumentHandler->endElement( "X509SerialNumber" );
765 }
766 xDocumentHandler->endElement( "X509IssuerSerial" );
767
768 /* Write X509Certificate element */
769 if (!signatureInfo.ouX509Certificate.isEmpty())
770 {
771 xDocumentHandler->startElement(
772 "X509Certificate",
773 cssu::Reference< cssxs::XAttributeList > (new SvXMLAttributeList()));
774 xDocumentHandler->characters( signatureInfo.ouX509Certificate );
775 xDocumentHandler->endElement( "X509Certificate" );
776 }
777 }
778 xDocumentHandler->endElement( "X509Data" );
779 }
780 }
781 xDocumentHandler->endElement( "KeyInfo" );
782
783 OUString sDate;
784
785 /* Write Object element */
786 xDocumentHandler->startElement(
787 "Object",
788 cssu::Reference< cssxs::XAttributeList > (new SvXMLAttributeList()));
789 {
790 /* Write SignatureProperties element */
791 xDocumentHandler->startElement(
792 "SignatureProperties",
793 cssu::Reference< cssxs::XAttributeList > (new SvXMLAttributeList()));
794 {
795 /* Write SignatureProperty element */
796 pAttributeList = new SvXMLAttributeList();
797 pAttributeList->AddAttribute(
798 "Id",
799 signatureInfo.ouPropertyId);
800 pAttributeList->AddAttribute(
801 "Target",
802 "#" + signatureInfo.ouSignatureId);
803 xDocumentHandler->startElement(
804 "SignatureProperty",
805 cssu::Reference< cssxs::XAttributeList > (pAttributeList));
806 {
807 /* Write timestamp element */
808
809 pAttributeList = new SvXMLAttributeList();
810 pAttributeList->AddAttribute(
811 "xmlns:dc",
812 NS_DC);
813
814 xDocumentHandler->startElement(
815 "dc:date",
816 cssu::Reference< cssxs::XAttributeList > (pAttributeList));
817
818 OUStringBuffer buffer;
819 //If the xml signature was already contained in the document,
820 //then we use the original date and time string, rather then the
821 //converted one. This avoids writing a different string due to
822 //e.g. rounding issues and thus breaking the signature.
823 if (!signatureInfo.ouDateTime.isEmpty())
824 buffer = signatureInfo.ouDateTime;
825 else
826 {
827 buffer = utl::toISO8601(signatureInfo.stDateTime);
828 // xsd:dateTime must use period as separator for fractional seconds, while
829 // utl::toISO8601 uses comma (as allowed, and even recommended, by ISO8601).
830 buffer.replace(',', '.');
831 }
832 sDate = buffer.makeStringAndClear();
833 xDocumentHandler->characters( sDate );
834
835 xDocumentHandler->endElement(
836 "dc:date");
837 }
838 xDocumentHandler->endElement( "SignatureProperty" );
839
840 if (!signatureInfo.ouSignatureLineId.isEmpty())
841 {
842 pAttributeList = new SvXMLAttributeList();
843 pAttributeList->AddAttribute(
844 "xmlns:loext",
845 "urn:org:documentfoundation:names:experimental:office:xmlns:loext:1.0");
846 pAttributeList->AddAttribute("Target", "#" + signatureInfo.ouSignatureId);
847
848 xDocumentHandler->startElement(
849 "SignatureProperty",
850 cssu::Reference<cssxs::XAttributeList>(pAttributeList));
851 {
852 // Write SignatureLineId element
853 xDocumentHandler->startElement(
854 "loext:SignatureLineId",
855 cssu::Reference<cssxs::XAttributeList>(new SvXMLAttributeList()));
856 xDocumentHandler->characters(signatureInfo.ouSignatureLineId);
857 xDocumentHandler->endElement("loext:SignatureLineId");
858 }
859 xDocumentHandler->endElement("SignatureProperty");
860 }
861 }
862
863 // Write signature description.
864 if (!signatureInfo.ouDescription.isEmpty())
865 {
866 // SignatureProperty element.
867 pAttributeList = new SvXMLAttributeList();
868 pAttributeList->AddAttribute("Id", signatureInfo.ouDescriptionPropertyId);
869 pAttributeList->AddAttribute("Target", "#" + signatureInfo.ouSignatureId);
870 xDocumentHandler->startElement("SignatureProperty", uno::Reference<xml::sax::XAttributeList>(pAttributeList));
871
872 {
873 // Description element.
874 pAttributeList = new SvXMLAttributeList();
875 pAttributeList->AddAttribute("xmlns:dc", NS_DC);
876
877 xDocumentHandler->startElement("dc:description", uno::Reference<xml::sax::XAttributeList>(pAttributeList));
878 xDocumentHandler->characters(signatureInfo.ouDescription);
879 xDocumentHandler->endElement("dc:description");
880 }
881
882 xDocumentHandler->endElement("SignatureProperty");
883 }
884
885 xDocumentHandler->endElement( "SignatureProperties" );
886 }
887 xDocumentHandler->endElement( "Object" );
888
889 // In XAdES, write another Object element for the QualifyingProperties
890 if (bXAdESCompliantIfODF)
891 {
892 pAttributeList = new SvXMLAttributeList();
893 pAttributeList->AddAttribute("xmlns:xd", NS_XD);
894 xDocumentHandler->startElement(
895 "Object",
896 cssu::Reference< cssxs::XAttributeList > (pAttributeList));
897 {
898 pAttributeList = new SvXMLAttributeList();
899 pAttributeList->AddAttribute("Target", "#" + signatureInfo.ouSignatureId);
900 xDocumentHandler->startElement(
901 "xd:QualifyingProperties",
902 cssu::Reference< cssxs::XAttributeList > (pAttributeList));
903 DocumentSignatureHelper::writeSignedProperties(xDocumentHandler, signatureInfo, sDate);
904 writeUnsignedProperties(xDocumentHandler, signatureInfo);
905 xDocumentHandler->endElement( "xd:QualifyingProperties" );
906 }
907 xDocumentHandler->endElement( "Object" );
908 }
909 }
910 xDocumentHandler->endElement( "Signature" );
911 }
912
913 void XSecController::exportOOXMLSignature(const uno::Reference<embed::XStorage>& xRootStorage, const uno::Reference<xml::sax::XDocumentHandler>& xDocumentHandler, const SignatureInformation& rInformation)
914 {
915 OOXMLSecExporter aExporter(mxCtx, xRootStorage, xDocumentHandler, rInformation);
916 aExporter.writeSignature();
917 }
918
919 SignatureInformation XSecController::getSignatureInformation( sal_Int32 nSecurityId ) const
920 {
921 SignatureInformation aInf( 0 );
922 int nIndex = findSignatureInfor(nSecurityId);
923 SAL_WARN_IF( nIndex == -1, "xmlsecurity.helper", "getSignatureInformation - SecurityId is invalid!" );
924 if ( nIndex != -1)
925 {
926 aInf = m_vInternalSignatureInformations[nIndex].signatureInfor;
927 }
928 return aInf;
929 }
930
931 SignatureInformations XSecController::getSignatureInformations() const
932 {
933 SignatureInformations vInfors;
934 int sigNum = m_vInternalSignatureInformations.size();
935
936 for (int i=0; i<sigNum; ++i)
937 {
938 SignatureInformation si = m_vInternalSignatureInformations[i].signatureInfor;
939 vInfors.push_back(si);
940 }
941
942 return vInfors;
943 }
944
945 /*
946 * XSAXEventKeeperStatusChangeListener
947 */
948
949 void SAL_CALL XSecController::blockingStatusChanged( sal_Bool isBlocking )
950 {
951 m_bIsBlocking = isBlocking;
952 checkChainingStatus();
953 }
954
955 void SAL_CALL XSecController::collectionStatusChanged(
956 sal_Bool isInsideCollectedElement )
957 {
958 m_bIsCollectingElement = isInsideCollectedElement;
959 checkChainingStatus();
960 }
961
962 void SAL_CALL XSecController::bufferStatusChanged( sal_Bool /*isBufferEmpty*/)
963 {
964
965 }
966
967 /*
968 * XSignatureCreationResultListener
969 */
970 void SAL_CALL XSecController::signatureCreated( sal_Int32 securityId, css::xml::crypto::SecurityOperationStatus nResult )
971 {
972 int index = findSignatureInfor(securityId);
973 assert(index != -1 && "Signature Not Found!");
974 SignatureInformation& signatureInfor = m_vInternalSignatureInformations.at(index).signatureInfor;
975 signatureInfor.nStatus = nResult;
976 }
977
978 /*
979 * XSignatureVerifyResultListener
980 */
981 void SAL_CALL XSecController::signatureVerified( sal_Int32 securityId, css::xml::crypto::SecurityOperationStatus nResult )
982 {
983 int index = findSignatureInfor(securityId);
984 assert(index != -1 && "Signature Not Found!");
985 SignatureInformation& signatureInfor = m_vInternalSignatureInformations.at(index).signatureInfor;
986 signatureInfor.nStatus = nResult;
987 }
988
989 /* vim:set shiftwidth=4 softtabstop=4 expandtab: */
FREE OFFICE SUITE