search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
Bump version to 5.0-14
[LibreOffice.git] / xmlsecurity / source / helper / documentsignaturehelper.cxx
blob1d78da35c18deceb8e892231b02b29bf961dee63
1 /* -*- Mode: C++; tab-width: 4; indent-tabs-mode: nil; c-basic-offset: 4 -*- */
2 /*
3 * This file is part of the LibreOffice project.
4 *
5 * This Source Code Form is subject to the terms of the Mozilla Public
6 * License, v. 2.0. If a copy of the MPL was not distributed with this
7 * file, You can obtain one at http://mozilla.org/MPL/2.0/.
8 *
9 * This file incorporates work covered by the following license notice:
10 *
11 * Licensed to the Apache Software Foundation (ASF) under one or more
12 * contributor license agreements. See the NOTICE file distributed
13 * with this work for additional information regarding copyright
14 * ownership. The ASF licenses this file to you under the Apache
15 * License, Version 2.0 (the "License"); you may not use this file
16 * except in compliance with the License. You may obtain a copy of
17 * the License at http://www.apache.org/licenses/LICENSE-2.0 .
18 */
19
20
21 #include <xmlsecurity/documentsignaturehelper.hxx>
22
23 #include <com/sun/star/container/XNameAccess.hpp>
24 #include <com/sun/star/lang/XComponent.hpp>
25 #include <com/sun/star/lang/DisposedException.hpp>
26 #include <com/sun/star/embed/XStorage.hpp>
27 #include <com/sun/star/embed/ElementModes.hpp>
28 #include <com/sun/star/beans/XPropertySet.hpp>
29
30 #include <comphelper/documentconstants.hxx>
31 #include <tools/debug.hxx>
32 #include <osl/diagnose.h>
33 #include <rtl/uri.hxx>
34
35 using namespace ::com::sun::star::uno;
36
37 namespace
38 {
39 OUString getElement(OUString const & version, ::sal_Int32 * index)
40 {
41 while (*index < version.getLength() && version[*index] == '0') {
42 ++*index;
43 }
44 return version.getToken(0, '.', *index);
45 }
46
47
48
49 // Return 1 if version1 is greater then version 2, 0 if they are equal
50 //and -1 if version1 is less version 2
51 int compareVersions(
52 OUString const & version1, OUString const & version2)
53 {
54 for (::sal_Int32 i1 = 0, i2 = 0; i1 >= 0 || i2 >= 0;) {
55 OUString e1(getElement(version1, &i1));
56 OUString e2(getElement(version2, &i2));
57 if (e1.getLength() < e2.getLength()) {
58 return -1;
59 } else if (e1.getLength() > e2.getLength()) {
60 return 1;
61 } else if (e1 < e2) {
62 return -1;
63 } else if (e1 > e2) {
64 return 1;
65 }
66 }
67 return 0;
68 }
69 }
70 //If the OOo 3.0 mode is used then we exclude
71 //'mimetype' and all content of 'META-INF'.
72 //If the argument 'bSigning' is true then the element list is created for a signing
73 //operation in which case we use the latest signing algorithm. That is all elements
74 //we find in the zip storage are added to the list. We do not support the old signatures
75 //which did not contain all files.
76 //If 'bSigning' is false, then we validate. If the user enabled validating according to OOo 3.0
77 //then mimetype and all content of META-INF must be excluded.
78 void ImplFillElementList(
79 std::vector< OUString >& rList, const Reference < css::embed::XStorage >& rxStore,
80 const OUString& rRootStorageName, const bool bRecursive,
81 const DocumentSignatureAlgorithm mode)
82 {
83 OUString aMetaInfName( "META-INF" );
84 OUString sMimeTypeName ("mimetype");
85 OUString aSep( "/" );
86
87 Reference < css::container::XNameAccess > xElements( rxStore, UNO_QUERY );
88 Sequence< OUString > aElements = xElements->getElementNames();
89 sal_Int32 nElements = aElements.getLength();
90 const OUString* pNames = aElements.getConstArray();
91
92 for ( sal_Int32 n = 0; n < nElements; n++ )
93 {
94 if (mode != OOo3_2Document
95 && (pNames[n] == aMetaInfName
96 || pNames[n] == sMimeTypeName))
97 {
98 continue;
99 }
100 else
101 {
102 OUString sEncName = ::rtl::Uri::encode(
103 pNames[n], rtl_UriCharClassRelSegment,
104 rtl_UriEncodeStrict, RTL_TEXTENCODING_UTF8);
105 if (sEncName.isEmpty() && !pNames[n].isEmpty())
106 throw css::uno::RuntimeException("Failed to encode element name of XStorage", 0);
107
108 if ( rxStore->isStreamElement( pNames[n] ) )
109 {
110 //Exclude documentsignatures.xml!
111 if (pNames[n].equals(
112 DocumentSignatureHelper::GetDocumentContentSignatureDefaultStreamName()))
113 continue;
114 OUString aFullName( rRootStorageName + sEncName );
115 rList.push_back(aFullName);
116 }
117 else if ( bRecursive && rxStore->isStorageElement( pNames[n] ) )
118 {
119 Reference < css::embed::XStorage > xSubStore = rxStore->openStorageElement( pNames[n], css::embed::ElementModes::READ );
120 OUString aFullRootName( rRootStorageName + sEncName + aSep );
121 ImplFillElementList(rList, xSubStore, aFullRootName, bRecursive, mode);
122 }
123 }
124 }
125 }
126
127
128 bool DocumentSignatureHelper::isODFPre_1_2(const OUString & sVersion)
129 {
130 //The property version exists only if the document is at least version 1.2
131 //That is, if the document has version 1.1 and sVersion is empty.
132 //The constant is defined in comphelper/documentconstants.hxx
133 if (compareVersions(sVersion, ODFVER_012_TEXT) == -1)
134 return true;
135 return false;
136 }
137
138 bool DocumentSignatureHelper::isOOo3_2_Signature(const SignatureInformation & sigInfo)
139 {
140 OUString sManifestURI("META-INF/manifest.xml");
141 bool bOOo3_2 = false;
142 typedef ::std::vector< SignatureReferenceInformation >::const_iterator CIT;
143 for (CIT i = sigInfo.vSignatureReferenceInfors.begin();
144 i < sigInfo.vSignatureReferenceInfors.end(); ++i)
145 {
146 if (i->ouURI.equals(sManifestURI))
147 {
148 bOOo3_2 = true;
149 break;
150 }
151 }
152 return bOOo3_2;
153 }
154
155 DocumentSignatureAlgorithm
156 DocumentSignatureHelper::getDocumentAlgorithm(
157 const OUString & sODFVersion, const SignatureInformation & sigInfo)
158 {
159 OSL_ASSERT(!sODFVersion.isEmpty());
160 DocumentSignatureAlgorithm mode = OOo3_2Document;
161 if (!isOOo3_2_Signature(sigInfo))
162 {
163 if (isODFPre_1_2(sODFVersion))
164 mode = OOo2Document;
165 else
166 mode = OOo3_0Document;
167 }
168 return mode;
169 }
170
171 //The function creates a list of files which are to be signed or for which
172 //the signature is to be validated. The strings are UTF8 encoded URIs which
173 //contain '/' as path separators.
174 //
175 //The algorithm how document signatures are created and validated has
176 //changed over time. The change affects only which files within the document
177 //are changed. Document signatures created by OOo 2.x only used particular files. Since
178 //OOo 3.0 everything except "mimetype" and "META-INF" are signed. As of OOo 3.2 everything
179 //except META-INF/documentsignatures.xml is signed.
180 //Signatures are validated according to the algorithm which was then used for validation.
181 //That is, when validating a signature which was created by OOo 3.0, then mimetype and
182 //META-INF are not used.
183 //
184 //When a signature is created then we always use the latest algorithm. That is, we use
185 //that of OOo 3.2
186 std::vector< OUString >
187 DocumentSignatureHelper::CreateElementList(
188 const Reference < css::embed::XStorage >& rxStore,
189 DocumentSignatureMode eMode,
190 const DocumentSignatureAlgorithm mode)
191 {
192 std::vector< OUString > aElements;
193 OUString aSep( "/" );
194
195 switch ( eMode )
196 {
197 case SignatureModeDocumentContent:
198 {
199 if (mode == OOo2Document) //that is, ODF 1.0, 1.1
200 {
201 // 1) Main content
202 ImplFillElementList(aElements, rxStore, OUString(), false, mode);
203
204 // 2) Pictures...
205 OUString aSubStorageName( "Pictures" );
206 try
207 {
208 Reference < css::embed::XStorage > xSubStore = rxStore->openStorageElement( aSubStorageName, css::embed::ElementModes::READ );
209 ImplFillElementList(aElements, xSubStore, aSubStorageName+aSep, true, mode);
210 }
211 catch(css::io::IOException& )
212 {
213 ; // Doesn't have to exist...
214 }
215 // 3) OLE....
216 aSubStorageName = "ObjectReplacements";
217 try
218 {
219 Reference < css::embed::XStorage > xSubStore = rxStore->openStorageElement( aSubStorageName, css::embed::ElementModes::READ );
220 ImplFillElementList(aElements, xSubStore, aSubStorageName+aSep, true, mode);
221 xSubStore.clear();
222
223 // Object folders...
224 OUString aMatchStr( "Object " );
225 Reference < css::container::XNameAccess > xElements( rxStore, UNO_QUERY );
226 Sequence< OUString > aElementNames = xElements->getElementNames();
227 sal_Int32 nElements = aElementNames.getLength();
228 const OUString* pNames = aElementNames.getConstArray();
229 for ( sal_Int32 n = 0; n < nElements; n++ )
230 {
231 if ( ( pNames[n].match( aMatchStr ) ) && rxStore->isStorageElement( pNames[n] ) )
232 {
233 Reference < css::embed::XStorage > xTmpSubStore = rxStore->openStorageElement( pNames[n], css::embed::ElementModes::READ );
234 ImplFillElementList(aElements, xTmpSubStore, pNames[n]+aSep, true, mode);
235 }
236 }
237 }
238 catch( com::sun::star::io::IOException& )
239 {
240 ; // Doesn't have to exist...
241 }
242 }
243 else
244 {
245 // Everything except META-INF
246 ImplFillElementList(aElements, rxStore, OUString(), true, mode);
247 }
248 }
249 break;
250 case SignatureModeMacros:
251 {
252 // 1) Macros
253 OUString aSubStorageName( "Basic" );
254 try
255 {
256 Reference < css::embed::XStorage > xSubStore = rxStore->openStorageElement( aSubStorageName, css::embed::ElementModes::READ );
257 ImplFillElementList(aElements, xSubStore, aSubStorageName+aSep, true, mode);
258 }
259 catch( com::sun::star::io::IOException& )
260 {
261 ; // Doesn't have to exist...
262 }
263
264 // 2) Dialogs
265 aSubStorageName = "Dialogs";
266 try
267 {
268 Reference < css::embed::XStorage > xSubStore = rxStore->openStorageElement( aSubStorageName, css::embed::ElementModes::READ );
269 ImplFillElementList(aElements, xSubStore, aSubStorageName+aSep, true, mode);
270 }
271 catch( com::sun::star::io::IOException& )
272 {
273 ; // Doesn't have to exist...
274 }
275 // 3) Scripts
276 aSubStorageName = "Scripts";
277 try
278 {
279 Reference < css::embed::XStorage > xSubStore = rxStore->openStorageElement( aSubStorageName, css::embed::ElementModes::READ );
280 ImplFillElementList(aElements, xSubStore, aSubStorageName+aSep, true, mode);
281 }
282 catch( css::io::IOException& )
283 {
284 ; // Doesn't have to exist...
285 }
286 }
287 break;
288 case SignatureModePackage:
289 {
290 // Everything except META-INF
291 ImplFillElementList(aElements, rxStore, OUString(), true, mode);
292 }
293 break;
294 }
295
296 return aElements;
297 }
298
299 SignatureStreamHelper DocumentSignatureHelper::OpenSignatureStream(
300 const Reference < css::embed::XStorage >& rxStore, sal_Int32 nOpenMode, DocumentSignatureMode eDocSigMode )
301 {
302 sal_Int32 nSubStorageOpenMode = css::embed::ElementModes::READ;
303 if ( nOpenMode & css::embed::ElementModes::WRITE )
304 nSubStorageOpenMode = css::embed::ElementModes::WRITE;
305
306 SignatureStreamHelper aHelper;
307
308 try
309 {
310 OUString aSIGStoreName( "META-INF" );
311 aHelper.xSignatureStorage = rxStore->openStorageElement( aSIGStoreName, nSubStorageOpenMode );
312 if ( aHelper.xSignatureStorage.is() )
313 {
314 OUString aSIGStreamName;
315 if ( eDocSigMode == SignatureModeDocumentContent )
316 aSIGStreamName = DocumentSignatureHelper::GetDocumentContentSignatureDefaultStreamName();
317 else if ( eDocSigMode == SignatureModeMacros )
318 aSIGStreamName = DocumentSignatureHelper::GetScriptingContentSignatureDefaultStreamName();
319 else
320 aSIGStreamName = DocumentSignatureHelper::GetPackageSignatureDefaultStreamName();
321
322 aHelper.xSignatureStream = aHelper.xSignatureStorage->openStreamElement( aSIGStreamName, nOpenMode );
323 }
324 }
325 catch(css::io::IOException& )
326 {
327 // Doesn't have to exist...
328 DBG_ASSERT( nOpenMode == css::embed::ElementModes::READ, "Error creating signature stream..." );
329 }
330
331 return aHelper;
332 }
333
334 //sElementList contains all files which are expected to be signed. Only those files must me signed,
335 //no more, no less.
336 //The DocumentSignatureAlgorithm indicates if the document was created with OOo 2.x. Then
337 //the uri s in the Reference elements in the signature, were not properly encoded.
338 // For example: <Reference URI="ObjectReplacements/Object 1">
339 bool DocumentSignatureHelper::checkIfAllFilesAreSigned(
340 const ::std::vector< OUString > & sElementList,
341 const SignatureInformation & sigInfo,
342 const DocumentSignatureAlgorithm alg)
343 {
344 // Can only be valid if ALL streams are signed, which means real stream count == signed stream count
345 unsigned int nRealCount = 0;
346 for ( int i = sigInfo.vSignatureReferenceInfors.size(); i; )
347 {
348 const SignatureReferenceInformation& rInf = sigInfo.vSignatureReferenceInfors[--i];
349 // There is also an extra entry of type TYPE_SAMEDOCUMENT_REFERENCE because of signature date.
350 if ( ( rInf.nType == TYPE_BINARYSTREAM_REFERENCE ) || ( rInf.nType == TYPE_XMLSTREAM_REFERENCE ) )
351 {
352 OUString sReferenceURI = rInf.ouURI;
353 if (alg == OOo2Document)
354 {
355 //Comparing URIs is a difficult. Therefore we kind of normalize
356 //it before comparing. We assume that our URI do not have a leading "./"
357 //and fragments at the end (...#...)
358 sReferenceURI = ::rtl::Uri::encode(
359 sReferenceURI, rtl_UriCharClassPchar,
360 rtl_UriEncodeCheckEscapes, RTL_TEXTENCODING_UTF8);
361 }
362
363 //find the file in the element list
364 typedef ::std::vector< OUString >::const_iterator CIT;
365 for (CIT aIter = sElementList.begin(); aIter != sElementList.end(); ++aIter)
366 {
367 OUString sElementListURI = *aIter;
368 if (alg == OOo2Document)
369 {
370 sElementListURI =
371 ::rtl::Uri::encode(
372 sElementListURI, rtl_UriCharClassPchar,
373 rtl_UriEncodeCheckEscapes, RTL_TEXTENCODING_UTF8);
374 }
375 if (sElementListURI.equals(sReferenceURI))
376 {
377 nRealCount++;
378 break;
379 }
380 }
381 }
382 }
383 return sElementList.size() == nRealCount;
384 }
385
386 /*Compares the Uri which are obtained from CreateElementList with
387 the path obtained from the manifest.xml.
388 Returns true if both strings are equal.
389 */
390 bool DocumentSignatureHelper::equalsReferenceUriManifestPath(
391 const OUString & rUri, const OUString & rPath)
392 {
393 bool retVal = false;
394 //split up the uri and path into segments. Both are separated by '/'
395 std::vector<OUString> vUriSegments;
396 sal_Int32 nIndex = 0;
397 do
398 {
399 OUString aToken = rUri.getToken( 0, '/', nIndex );
400 vUriSegments.push_back(aToken);
401 }
402 while (nIndex >= 0);
403
404 std::vector<OUString> vPathSegments;
405 nIndex = 0;
406 do
407 {
408 OUString aToken = rPath.getToken( 0, '/', nIndex );
409 vPathSegments.push_back(aToken);
410 }
411 while (nIndex >= 0);
412
413 //Now compare each segment of the uri with its counterpart from the path
414 if (vUriSegments.size() == vPathSegments.size())
415 {
416 retVal = true;
417 typedef std::vector<OUString>::const_iterator CIT;
418 for (CIT i = vUriSegments.begin(), j = vPathSegments.begin();
419 i != vUriSegments.end(); ++i, ++j)
420 {
421 //Decode the uri segment, so that %20 becomes ' ', etc.
422 OUString sDecUri = ::rtl::Uri::decode(
423 *i, rtl_UriDecodeWithCharset, RTL_TEXTENCODING_UTF8);
424 if (!sDecUri.equals(*j))
425 {
426 retVal = false;
427 break;
428 }
429 }
430 }
431
432 return retVal;
433 }
434
435 OUString DocumentSignatureHelper::GetDocumentContentSignatureDefaultStreamName()
436 {
437 return OUString( "documentsignatures.xml" );
438 }
439
440 OUString DocumentSignatureHelper::GetScriptingContentSignatureDefaultStreamName()
441 {
442 return OUString( "macrosignatures.xml" );
443 }
444
445 OUString DocumentSignatureHelper::GetPackageSignatureDefaultStreamName()
446 {
447 return OUString( "packagesignatures.xml" );
448 }
449
450 /* vim:set shiftwidth=4 softtabstop=4 expandtab: */
FREE OFFICE SUITE