search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
bump product version to 7.6.3.2-android
[LibreOffice.git] / xmlsecurity / source / gpg / xmlsignature_gpgimpl.cxx
blob22488144f7c7579da803324ed17ae7b2af2e5677
1 /* -*- Mode: C++; tab-width: 4; indent-tabs-mode: nil; c-basic-offset: 4 -*- */
2 /*
3 * This file is part of the LibreOffice project.
4 *
5 * This Source Code Form is subject to the terms of the Mozilla Public
6 * License, v. 2.0. If a copy of the MPL was not distributed with this
7 * file, You can obtain one at http://mozilla.org/MPL/2.0/.
8 *
9 * This file incorporates work covered by the following license notice:
10 *
11 * Licensed to the Apache Software Foundation (ASF) under one or more
12 * contributor license agreements. See the NOTICE file distributed
13 * with this work for additional information regarding copyright
14 * ownership. The ASF licenses this file to you under the Apache
15 * License, Version 2.0 (the "License"); you may not use this file
16 * except in compliance with the License. You may obtain a copy of
17 * the License at http://www.apache.org/licenses/LICENSE-2.0 .
18 */
19
20 #include <sal/config.h>
21 #include <sal/log.hxx>
22 #include <xmlsec-wrapper.h>
23 #include <comphelper/servicehelper.hxx>
24 #include <cppuhelper/supportsservice.hxx>
25 #include <gpg/xmlsignature_gpgimpl.hxx>
26
27 #if defined _MSC_VER && defined __clang__
28 #pragma clang diagnostic push
29 #pragma clang diagnostic ignored "-Wundef"
30 #endif
31 #include <gpgme.h>
32 #if defined _MSC_VER && defined __clang__
33 #pragma clang diagnostic pop
34 #endif
35 #include <context.h>
36 #include <key.h>
37 #include <data.h>
38 #include <signingresult.h>
39 #include <importresult.h>
40
41 #include <xmlelementwrapper_xmlsecimpl.hxx>
42 #include <xmlsec/xmlstreamio.hxx>
43 #include <xmlsec/errorcallback.hxx>
44
45 #include "SecurityEnvironment.hxx"
46
47 using namespace css::uno;
48 using namespace css::lang;
49 using namespace css::xml::wrapper;
50 using namespace css::xml::crypto;
51
52 XMLSignature_GpgImpl::XMLSignature_GpgImpl() {
53 }
54
55 XMLSignature_GpgImpl::~XMLSignature_GpgImpl() {
56 }
57
58 /* XXMLSignature */
59 Reference< XXMLSignatureTemplate >
60 SAL_CALL XMLSignature_GpgImpl::generate(
61 const Reference< XXMLSignatureTemplate >& aTemplate ,
62 const Reference< XSecurityEnvironment >& aEnvironment
63 )
64 {
65 xmlSecDSigCtxPtr pDsigCtx = nullptr ;
66 xmlNodePtr pNode = nullptr ;
67
68 if( !aTemplate.is() )
69 throw RuntimeException() ;
70
71 if( !aEnvironment.is() )
72 throw RuntimeException() ;
73
74 //Get the xml node
75 Reference< XXMLElementWrapper > xElement = aTemplate->getTemplate() ;
76 if( !xElement.is() ) {
77 throw RuntimeException() ;
78 }
79
80 XMLElementWrapper_XmlSecImpl* pElement =
81 dynamic_cast<XMLElementWrapper_XmlSecImpl*>(xElement.get());
82 if( pElement == nullptr ) {
83 throw RuntimeException() ;
84 }
85
86 pNode = pElement->getNativeElement() ;
87
88 //Get the stream/URI binding
89 Reference< XUriBinding > xUriBinding = aTemplate->getBinding() ;
90 if( xUriBinding.is() ) {
91 //Register the stream input callbacks into libxml2
92 if( xmlRegisterStreamInputCallbacks( xUriBinding ) < 0 )
93 throw RuntimeException() ;
94 }
95
96 //Get Keys Manager
97 SecurityEnvironmentGpg* pSecEnv =
98 dynamic_cast<SecurityEnvironmentGpg*>(aEnvironment.get());
99 if( pSecEnv == nullptr )
100 throw RuntimeException() ;
101
102 setErrorRecorder();
103
104 //Create Signature context
105 pDsigCtx = xmlSecDSigCtxCreate( nullptr ) ;
106 if( pDsigCtx == nullptr )
107 {
108 clearErrorRecorder();
109 return aTemplate;
110 }
111
112 // set intended operation to sign - several asserts inside libxmlsec
113 // wanting that for digest / transforms
114 pDsigCtx->operation = xmlSecTransformOperationSign;
115
116 // we default to SHA512 for all digests - nss crypto does not have it...
117 //pDsigCtx->defDigestMethodId = xmlSecTransformSha512Id;
118
119 // Calculate digest for all references
120 xmlNodePtr cur = xmlSecGetNextElementNode(pNode->children);
121 if( cur != nullptr )
122 cur = xmlSecGetNextElementNode(cur->children);
123 while( cur != nullptr )
124 {
125 // some of those children I suppose should be reference elements
126 if( xmlSecCheckNodeName(cur, xmlSecNodeReference, xmlSecDSigNs) )
127 {
128 xmlSecDSigReferenceCtxPtr pDsigRefCtx =
129 xmlSecDSigReferenceCtxCreate(pDsigCtx,
130 xmlSecDSigReferenceOriginSignedInfo);
131 if(pDsigRefCtx == nullptr)
132 throw RuntimeException();
133
134 // add this one to the list
135 if( xmlSecPtrListAdd(&(pDsigCtx->signedInfoReferences),
136 pDsigRefCtx) < 0 )
137 {
138 // TODO resource handling
139 xmlSecDSigReferenceCtxDestroy(pDsigRefCtx);
140 throw RuntimeException();
141 }
142
143 if( xmlSecDSigReferenceCtxProcessNode(pDsigRefCtx, cur) < 0 )
144 throw RuntimeException();
145
146 // final check - all good?
147 if(pDsigRefCtx->status != xmlSecDSigStatusSucceeded)
148 {
149 pDsigCtx->status = xmlSecDSigStatusInvalid;
150 return aTemplate; // TODO - harder error?
151 }
152 }
153
154 cur = xmlSecGetNextElementNode(cur->next);
155 }
156
157 // get me a digestible buffer from the signature template!
158 // -------------------------------------------------------
159
160 // run the transformations over SignedInfo element (first child of
161 // pNode)
162 xmlSecNodeSetPtr nodeset = nullptr;
163 cur = xmlSecGetNextElementNode(pNode->children);
164 // TODO assert that...
165 nodeset = xmlSecNodeSetGetChildren(pNode->doc, cur, 1, 0);
166 if(nodeset == nullptr)
167 throw RuntimeException("The GpgME library failed to initialize for the OpenPGP protocol.");
168
169 if( xmlSecTransformCtxXmlExecute(&(pDsigCtx->transformCtx), nodeset) < 0 )
170 throw RuntimeException("The GpgME library failed to initialize for the OpenPGP protocol.");
171
172 // now extract the keyid from PGPData
173 // walk xml tree to PGPData node - go to children, first is
174 // SignedInfo, 2nd is signaturevalue, 3rd is KeyInfo
175 // 1st child is PGPData, 1st grandchild is PGPKeyID
176 cur = xmlSecGetNextElementNode(pNode->children);
177 // TODO error handling
178 cur = xmlSecGetNextElementNode(cur->next);
179 cur = xmlSecGetNextElementNode(cur->next);
180 cur = xmlSecGetNextElementNode(cur->children);
181 // check that this is now PGPData
182 if(!xmlSecCheckNodeName(cur, xmlSecNodePGPData, xmlSecDSigNs))
183 throw RuntimeException("The GpgME library failed to initialize for the OpenPGP protocol.");
184 // check that this is now PGPKeyID
185 cur = xmlSecGetNextElementNode(cur->children);
186 static const xmlChar xmlSecNodePGPKeyID[] = "PGPKeyID";
187 if(!xmlSecCheckNodeName(cur, xmlSecNodePGPKeyID, xmlSecDSigNs))
188 throw RuntimeException("The GpgME library failed to initialize for the OpenPGP protocol.");
189
190 GpgME::Context& rCtx=pSecEnv->getGpgContext();
191 rCtx.setKeyListMode(GPGME_KEYLIST_MODE_LOCAL);
192 GpgME::Error err;
193 xmlChar* pKey=xmlNodeGetContent(cur);
194 xmlSecSize nWritten;
195 int nRet = xmlSecBase64Decode_ex(pKey, reinterpret_cast<xmlSecByte*>(pKey), xmlStrlen(pKey), &nWritten);
196 if(nRet < 0)
197 throw RuntimeException("The GpgME library failed to initialize for the OpenPGP protocol.");
198 if( rCtx.addSigningKey(
199 rCtx.key(
200 reinterpret_cast<char*>(pKey), err, true)) )
201 throw RuntimeException("The GpgME library failed to initialize for the OpenPGP protocol.");
202
203 xmlFree(pKey);
204
205 // good, ctx is setup now, let's sign the lot
206 GpgME::Data data_in(
207 reinterpret_cast<char*>(xmlSecBufferGetData(pDsigCtx->transformCtx.result)),
208 xmlSecBufferGetSize(pDsigCtx->transformCtx.result), false);
209 GpgME::Data data_out;
210
211 SAL_INFO("xmlsecurity.xmlsec.gpg", "Generating signature for: " << xmlSecBufferGetData(pDsigCtx->transformCtx.result));
212
213 // we base64-encode anyway
214 rCtx.setArmor(false);
215 GpgME::SigningResult sign_res=rCtx.sign(data_in, data_out,
216 GpgME::Detached);
217 off_t result = data_out.seek(0,SEEK_SET);
218 (void) result;
219 assert(result == 0);
220 int len=0, curr=0; char buf;
221 while( (curr=data_out.read(&buf, 1)) )
222 len += curr;
223
224 if(sign_res.error() || !len)
225 throw RuntimeException("The GpgME library failed to initialize for the OpenPGP protocol.");
226
227 // write signed data to xml
228 xmlChar* signature = static_cast<xmlChar*>(xmlMalloc(len + 1));
229 if(signature == nullptr)
230 throw RuntimeException("The GpgME library failed to initialize for the OpenPGP protocol.");
231 result = data_out.seek(0,SEEK_SET);
232 assert(result == 0);
233 if( data_out.read(signature, len) != len )
234 throw RuntimeException("The GpgME library failed to initialize for the OpenPGP protocol.");
235
236 // conversion to base64
237 xmlChar* signatureEncoded=nullptr;
238 if( !(signatureEncoded=xmlSecBase64Encode(reinterpret_cast<xmlSecByte*>(signature), len, 79)) )
239 throw RuntimeException("The GpgME library failed to initialize for the OpenPGP protocol.");
240 xmlFree(signature);
241
242 // walk xml tree to sign value node - go to children, first is
243 // SignedInfo, 2nd is signaturevalue
244 cur = xmlSecGetNextElementNode(pNode->children);
245 cur = xmlSecGetNextElementNode(cur->next);
246
247 // TODO some assert would be good...
248 xmlNodeSetContentLen(cur, signatureEncoded, xmlStrlen(signatureEncoded));
249 xmlFree(signatureEncoded);
250
251 aTemplate->setStatus(SecurityOperationStatus_OPERATION_SUCCEEDED);
252
253 // done
254 xmlSecDSigCtxDestroy( pDsigCtx ) ;
255
256 //Unregistered the stream/URI binding
257 if( xUriBinding.is() )
258 xmlUnregisterStreamInputCallbacks() ;
259
260 clearErrorRecorder();
261 return aTemplate ;
262 }
263
264 /* XXMLSignature */
265 Reference< XXMLSignatureTemplate >
266 SAL_CALL XMLSignature_GpgImpl::validate(
267 const Reference< XXMLSignatureTemplate >& aTemplate ,
268 const Reference< XXMLSecurityContext >& aSecurityCtx
269 ) {
270 xmlSecDSigCtxPtr pDsigCtx = nullptr ;
271 xmlNodePtr pNode = nullptr ;
272
273 if( !aTemplate.is() )
274 throw RuntimeException() ;
275
276 if( !aSecurityCtx.is() )
277 throw RuntimeException() ;
278
279 //Get the xml node
280 Reference< XXMLElementWrapper > xElement = aTemplate->getTemplate() ;
281 if( !xElement.is() )
282 throw RuntimeException() ;
283
284 XMLElementWrapper_XmlSecImpl* pElement =
285 dynamic_cast<XMLElementWrapper_XmlSecImpl*>(xElement.get());
286 if( pElement == nullptr )
287 throw RuntimeException() ;
288
289 pNode = pElement->getNativeElement() ;
290
291 //Get the stream/URI binding
292 Reference< XUriBinding > xUriBinding = aTemplate->getBinding() ;
293 if( xUriBinding.is() ) {
294 //Register the stream input callbacks into libxml2
295 if( xmlRegisterStreamInputCallbacks( xUriBinding ) < 0 )
296 throw RuntimeException() ;
297 }
298
299 setErrorRecorder();
300
301 sal_Int32 nSecurityEnvironment = aSecurityCtx->getSecurityEnvironmentNumber();
302 sal_Int32 i;
303
304 for (i=0; i<nSecurityEnvironment; ++i)
305 {
306 Reference< XSecurityEnvironment > aEnvironment = aSecurityCtx->getSecurityEnvironmentByIndex(i);
307
308 SecurityEnvironmentGpg* pSecEnv =
309 dynamic_cast<SecurityEnvironmentGpg*>(aEnvironment.get());
310 if( pSecEnv == nullptr )
311 throw RuntimeException() ;
312
313 // TODO figure out key from pSecEnv!
314 // unclear how/where that is transported in nss impl...
315
316 //Create Signature context
317 pDsigCtx = xmlSecDSigCtxCreate( nullptr ) ;
318 if( pDsigCtx == nullptr )
319 {
320 clearErrorRecorder();
321 return aTemplate;
322 }
323
324 // set intended operation to verify - several asserts inside libxmlsec
325 // wanting that for digest / transforms
326 pDsigCtx->operation = xmlSecTransformOperationVerify;
327
328 // reset status - to be set later
329 pDsigCtx->status = xmlSecDSigStatusUnknown;
330
331 // get me a digestible buffer from the SignatureInfo node!
332 // -------------------------------------------------------
333
334 // run the transformations - first child node is required to
335 // be SignatureInfo
336 xmlSecNodeSetPtr nodeset = nullptr;
337 xmlNodePtr cur = xmlSecGetNextElementNode(pNode->children);
338 // TODO assert that...
339 nodeset = xmlSecNodeSetGetChildren(pNode->doc, cur, 1, 0);
340 if(nodeset == nullptr)
341 throw RuntimeException("The GpgME library failed to initialize for the OpenPGP protocol.");
342
343 // TODO assert we really have the SignatureInfo here?
344 if( xmlSecTransformCtxXmlExecute(&(pDsigCtx->transformCtx), nodeset) < 0 )
345 throw RuntimeException("The GpgME library failed to initialize for the OpenPGP protocol.");
346
347 // Validate the template via gpgme
348 GpgME::Context& rCtx=pSecEnv->getGpgContext();
349
350 GpgME::Data data_text(
351 reinterpret_cast<char*>(xmlSecBufferGetData(pDsigCtx->transformCtx.result)),
352 xmlSecBufferGetSize(pDsigCtx->transformCtx.result), false);
353
354 SAL_INFO("xmlsecurity.xmlsec.gpg", "Validating SignatureInfo: " << xmlSecBufferGetData(pDsigCtx->transformCtx.result));
355
356 // walk xml tree to sign value node - go to children, first is
357 // SignedInfo, 2nd is signaturevalue
358 cur = xmlSecGetNextElementNode(pNode->children);
359 cur = xmlSecGetNextElementNode(cur->next);
360
361 if(!xmlSecCheckNodeName(cur, xmlSecNodeSignatureValue, xmlSecDSigNs))
362 throw RuntimeException("The GpgME library failed to initialize for the OpenPGP protocol.");
363 xmlChar* pSignatureValue=xmlNodeGetContent(cur);
364 xmlSecSize nSigSize;
365 int nRet = xmlSecBase64Decode_ex(pSignatureValue, reinterpret_cast<xmlSecByte*>(pSignatureValue), xmlStrlen(pSignatureValue), &nSigSize);
366 if( nRet < 0)
367 throw RuntimeException("The GpgME library failed to initialize for the OpenPGP protocol.");
368
369 GpgME::Data data_signature(
370 reinterpret_cast<char*>(pSignatureValue),
371 nSigSize, false);
372
373 GpgME::VerificationResult verify_res=rCtx.verifyDetachedSignature(
374 data_signature, data_text);
375
376 // TODO: needs some more error handling, needs checking _all_ signatures
377 if( verify_res.isNull() || verify_res.numSignatures() == 0
378 // there is at least 1 signature and it is anything else than fully valid
379 || ( (verify_res.numSignatures() > 0)
380 && verify_res.signature(0).status().encodedError() > 0 ) )
381 {
382 // let's try again, but this time import the public key
383 // payload (avoiding that in a first cut for being a bit
384 // speedier. also prevents all too easy poisoning/sha1
385 // fingerprint collision attacks)
386
387 // walk xml tree to PGPData node - go to children, first is
388 // SignedInfo, 2nd is signaturevalue, 3rd is KeyInfo
389 // 1st child is PGPData, 1st or 2nd grandchild is PGPKeyPacket
390 cur = xmlSecGetNextElementNode(pNode->children);
391 // TODO error handling
392 cur = xmlSecGetNextElementNode(cur->next);
393 cur = xmlSecGetNextElementNode(cur->next);
394 cur = xmlSecGetNextElementNode(cur->children);
395 // check that this is now PGPData
396 if(!xmlSecCheckNodeName(cur, xmlSecNodePGPData, xmlSecDSigNs))
397 throw RuntimeException("The GpgME library failed to initialize for the OpenPGP protocol.");
398 // check that this is now PGPKeyPacket
399 cur = xmlSecGetNextElementNode(cur->children);
400 static const xmlChar xmlSecNodePGPKeyPacket[] = "PGPKeyPacket";
401 if(!xmlSecCheckNodeName(cur, xmlSecNodePGPKeyPacket, xmlSecDSigNs))
402 {
403 // not this one, maybe the next?
404 cur = xmlSecGetNextElementNode(cur->next);
405 if(!xmlSecCheckNodeName(cur, xmlSecNodePGPKeyPacket, xmlSecDSigNs))
406 {
407 // ok, giving up
408 clearErrorRecorder();
409 xmlFree(pSignatureValue);
410
411 return aTemplate;
412 }
413 }
414
415 // got a key packet, import & re-validate
416 xmlChar* pKeyPacket=xmlNodeGetContent(cur);
417 xmlSecSize nKeyLen;
418 nRet = xmlSecBase64Decode_ex(pKeyPacket, reinterpret_cast<xmlSecByte*>(pKeyPacket), xmlStrlen(pKeyPacket), &nKeyLen);
419 if( nRet < 0)
420 throw RuntimeException("The GpgME library failed to initialize for the OpenPGP protocol.");
421
422 GpgME::Data data_key(
423 reinterpret_cast<char*>(pKeyPacket),
424 nKeyLen, false);
425
426 rCtx.importKeys(data_key);
427 xmlFree(pKeyPacket);
428
429 // and re-run (rewind text and signature streams to position 0)
430 (void)data_text.seek(0,SEEK_SET);
431 (void)data_signature.seek(0,SEEK_SET);
432 verify_res=rCtx.verifyDetachedSignature(data_signature, data_text);
433
434 // TODO: needs some more error handling, needs checking _all_ signatures
435 if( verify_res.isNull() || verify_res.numSignatures() == 0
436 // there is at least 1 signature and it is anything else than valid
437 || ( (verify_res.numSignatures() > 0)
438 && verify_res.signature(0).status().encodedError() > 0 ) )
439 {
440 clearErrorRecorder();
441 xmlFree(pSignatureValue);
442
443 return aTemplate;
444 }
445 }
446
447 xmlFree(pSignatureValue);
448
449 // now verify digest for all references
450 cur = xmlSecGetNextElementNode(pNode->children);
451 if( cur != nullptr )
452 cur = xmlSecGetNextElementNode(cur->children);
453 while( cur != nullptr )
454 {
455 // some of those children I suppose should be reference elements
456 if( xmlSecCheckNodeName(cur, xmlSecNodeReference, xmlSecDSigNs) )
457 {
458 xmlSecDSigReferenceCtxPtr pDsigRefCtx =
459 xmlSecDSigReferenceCtxCreate(pDsigCtx,
460 xmlSecDSigReferenceOriginSignedInfo);
461 if(pDsigRefCtx == nullptr)
462 throw RuntimeException();
463
464 // add this one to the list
465 if( xmlSecPtrListAdd(&(pDsigCtx->signedInfoReferences),
466 pDsigRefCtx) < 0 )
467 {
468 // TODO resource handling
469 xmlSecDSigReferenceCtxDestroy(pDsigRefCtx);
470 throw RuntimeException();
471 }
472
473 if( xmlSecDSigReferenceCtxProcessNode(pDsigRefCtx, cur) < 0 )
474 throw RuntimeException();
475
476 // final check - all good?
477 if(pDsigRefCtx->status != xmlSecDSigStatusSucceeded)
478 {
479 pDsigCtx->status = xmlSecDSigStatusInvalid;
480 return aTemplate; // TODO - harder error?
481 }
482 }
483
484 cur = xmlSecGetNextElementNode(cur->next);
485 }
486
487 // TODO - also verify manifest (only relevant for ooxml)?
488 aTemplate->setStatus(SecurityOperationStatus_OPERATION_SUCCEEDED);
489
490 // done
491 xmlSecDSigCtxDestroy( pDsigCtx ) ;
492 }
493
494 //Unregistered the stream/URI binding
495 if( xUriBinding.is() )
496 xmlUnregisterStreamInputCallbacks() ;
497
498 clearErrorRecorder();
499 return aTemplate ;
500 }
501
502 /* XServiceInfo */
503 OUString SAL_CALL XMLSignature_GpgImpl::getImplementationName() {
504 return impl_getImplementationName() ;
505 }
506
507 /* XServiceInfo */
508 sal_Bool SAL_CALL XMLSignature_GpgImpl::supportsService( const OUString& serviceName) {
509 return cppu::supportsService(this, serviceName);
510 }
511
512 /* XServiceInfo */
513 Sequence< OUString > SAL_CALL XMLSignature_GpgImpl::getSupportedServiceNames() {
514 return impl_getSupportedServiceNames() ;
515 }
516
517 //Helper for XServiceInfo
518 Sequence< OUString > XMLSignature_GpgImpl::impl_getSupportedServiceNames() {
519 Sequence<OUString> seqServiceNames { "com.sun.star.xml.crypto.XMLSignature" };
520 return seqServiceNames ;
521 }
522
523 OUString XMLSignature_GpgImpl::impl_getImplementationName() {
524 return "com.sun.star.xml.security.bridge.xmlsec.XMLSignature_GpgImpl" ;
525 }
526
527 //Helper for registry
528 Reference< XInterface > XMLSignature_GpgImpl::impl_createInstance( const Reference< XMultiServiceFactory >& ) {
529 return Reference< XInterface >( *new XMLSignature_GpgImpl ) ;
530 }
531
532 /* vim:set shiftwidth=4 softtabstop=4 expandtab: */
FREE OFFICE SUITE