| blob | 99b27a37eddf902a0a3ad07085eb76d4f2fa6db0 |
1 /*************************************************************************
2 *
3 * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
4 *
5 * Copyright 2008 by Sun Microsystems, Inc.
6 *
7 * OpenOffice.org - a multi-platform office productivity suite
8 *
9 * $RCSfile: xsecctl.hxx,v $
10 * $Revision: 1.12 $
11 *
12 * This file is part of OpenOffice.org.
13 *
14 * OpenOffice.org is free software: you can redistribute it and/or modify
15 * it under the terms of the GNU Lesser General Public License version 3
16 * only, as published by the Free Software Foundation.
17 *
18 * OpenOffice.org is distributed in the hope that it will be useful,
19 * but WITHOUT ANY WARRANTY; without even the implied warranty of
20 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
21 * GNU Lesser General Public License version 3 for more details
22 * (a copy is included in the LICENSE file that accompanied this code).
23 *
24 * You should have received a copy of the GNU Lesser General Public License
25 * version 3 along with OpenOffice.org. If not, see
26 * <http://www.openoffice.org/license.html>
27 * for a copy of the LGPLv3 License.
28 *
29 ************************************************************************/
31 #ifndef _XSEC_CTL_HXX
32 #define _XSEC_CTL_HXX
34 #include <xmlsecurity/sigstruct.hxx>
36 #include <com/sun/star/uno/XComponentContext.hpp>
37 #include <com/sun/star/xml/sax/XParser.hpp>
38 #include <com/sun/star/lang/XInitialization.hpp>
39 #include <com/sun/star/xml/sax/XDocumentHandler.hpp>
40 #include <com/sun/star/xml/sax/XAttributeList.hpp>
41 #include <com/sun/star/xml/crypto/XXMLSignature.hpp>
42 #include <com/sun/star/xml/crypto/XSEInitializer.hpp>
43 #include <com/sun/star/xml/crypto/sax/XSecurityController.hpp>
44 #include <com/sun/star/xml/crypto/sax/XElementStackKeeper.hpp>
45 #include <com/sun/star/xml/crypto/sax/XSecuritySAXEventKeeper.hpp>
46 #include <com/sun/star/xml/crypto/sax/XReferenceResolvedListener.hpp>
47 #include <com/sun/star/xml/crypto/sax/XSAXEventKeeperStatusChangeListener.hpp>
48 #include <com/sun/star/xml/crypto/sax/XSignatureCreationResultListener.hpp>
49 #include <com/sun/star/xml/crypto/sax/XSignatureVerifyResultListener.hpp>
50 #include <com/sun/star/xml/wrapper/XXMLDocumentWrapper.hpp>
51 #include <com/sun/star/beans/XFastPropertySet.hpp>
52 #include <com/sun/star/io/XOutputStream.hpp>
53 #include <com/sun/star/io/XInputStream.hpp>
55 #include <rtl/ustrbuf.hxx>
57 #include <cppuhelper/implbase4.hxx>
59 #ifndef INCLUDED_VECTOR
60 #include <vector>
61 #define INCLUDED_VECTOR
62 #endif
64 /*
65 * all error information
66 */
72 /*
73 * all stringS in signature element
74 */
96 //#define TAG_TIME "time"
107 //#define NS_DATETIME "http://www.ietf.org/rfcXXXX.txt"
118 /*
119 * status of security related components
120 */
121 #define UNINITIALIZED 0
122 #define INITIALIZED 1
123 #define FAILTOINITIALIZED 2
125 #define RTL_ASCII_USTRINGPARAM( asciiStr ) asciiStr, strlen( asciiStr ), RTL_TEXTENCODING_ASCII_US
127 // forward declaration
130 class InternalSignatureInformation
131 {
133 SignatureInformation signatureInfor;
137 xReferenceResolvedListener;
142 sal_Int32 nId,
144 xListener)
146 {
148 }
151 {
155 }
156 };
161 <
163 //com::sun::star::beans::XFastPropertySet,
167 >
168 /****** XSecController.hxx/CLASS XSecController *******************************
169 *
170 * NAME
171 * XSecController -- the xml security framework controller
172 *
173 * FUNCTION
174 * Controlls the whole xml security framework to create signatures or to
175 * verify signatures.
176 *
177 * HISTORY
178 * 05.01.2004 - Interface supported: XSecurityController,
179 * XFastPropertySet, XSAXEventKeeperStatusChangeListener,
180 * XSignatureCreationResultListener,
181 * XSignatureVerifyResultListener
182 *
183 * NOTES
184 * The XFastPropertySet interface is used to transfer common values to
185 * classes in other module, for instance, the signature id for all
186 * sessions is transferred to xmloff module through this interface.
187 *
188 * AUTHOR
189 * Michael Mi
190 * Email: michael.mi@sun.com
191 ******************************************************************************/
192 {
198 /*
199 * used to buffer SAX events
200 */
204 /*
205 * the SAX events keeper
206 */
210 /*
211 * the bridge component which creates/verifies signature
212 */
216 /*
217 * the Security Context
218 */
222 #if 0
223 /*
224 * the signature creation result listener
225 */
227 com::sun::star::xml::crypto::sax::XSignatureCreationResultListener > m_xSignatureCreationResultListener;
228 /*
229 * the signature verify result listener
230 */
232 com::sun::star::xml::crypto::sax::XSignatureVerifyResultListener > m_xSignatureVerifyResultListener;
233 #endif
235 /*
236 * the security id incrementer, in order to make any security id unique
237 * to the SAXEventKeeper.
238 * Because each XSecController has its own SAXEventKeeper, so this variable
239 * is not necessary to be static.
240 */
241 sal_Int32 m_nNextSecurityId;
243 /*
244 * Signature information
245 */
246 InternalSignatureInformations m_vInternalSignatureInformations;
248 /*
249 * the previous node on the SAX chain.
250 * The reason that use a Reference<XInterface> type variable
251 * is that the previous components are different when exporting
252 * and importing, and there is no other common interface they
253 * can provided.
254 */
257 /*
258 * whether the preivous node can provide an XInitiazlize interface,
259 * use this variable in order to typecast the XInterface to the
260 * correct interface type.
261 */
264 /*
265 * the next node on the SAX chain.
266 * it can always provide an XDocumentHandler interface.
267 */
271 /*
272 * the ElementStackKeeper is used to reserve the key SAX events.
273 * when the SAXEventKeeper is chained on the SAX chain, it need
274 * first get all missed key SAX events in order to make sure the
275 * DOM tree it buffering has the same structure with the original
276 * document.
277 *
278 * For a given section of a SAX event stream, the key SAX events
279 * are the minimal SAX event subset of that section, which,
280 * combining with SAX events outside of this section, has the same
281 * structure with the original document.
282 *
283 * For example, sees the following dom fragment:
284 * <A>
285 * <B/>
286 * <C>
287 * <D>
288 * <E/>
289 * </D>
290 * </C>
291 * </A>
292 *
293 * If we consider the SAX event section from startElement(<A>) to
294 * startElement(<D>), then the key SAX events are:
295 *
296 * startElement(<A>), startElement(<C>), startElement(<D>)
297 *
298 * The startElement(<B>) and endElement(<B>) is ignored, because
299 * they are unimportant for the tree structure in this section.
300 *
301 * If we consider the SAX event section from startElement(<D>) to
302 * endElement(<A>), the key SAX events are:
303 *
304 * startElement(<D>), endElement(<D>), endElement(<C>),
305 * endElement(<A>).
306 */
310 /*
311 * a flag representing whether the SAXEventKeeper is now on the
312 * SAX chain.
313 */
316 /*
317 * a flag representing whether it is collecting some element,
318 * which means that the SAXEventKeeper can't be chained off the
319 * SAX chain.
320 */
323 /*
324 * a flag representing whether the SAX event stream is blocking,
325 * which also means that the SAXEventKeeper can't be chained off
326 * the SAX chain.
327 */
330 /*
331 * a flag representing the current status of security related
332 * components.
333 */
334 sal_Int32 m_nStatusOfSecurityComponents;
336 /*
337 * a flag representing whether the SAXEventKeeper need to be
338 * on the SAX chain all the time.
339 * This flag is used to the situation when creating signature.
340 */
343 /*
344 * fast property vector
345 */
349 /*
350 * error message pointer
351 */
354 /*
355 * the XSecParser which is used to parse the signature stream
356 */
359 /*
360 * the caller assigned signature id for the next signature in the
361 * signature stream
362 */
363 sal_Int32 m_nReservedSignatureId;
365 /*
366 * representing whether to verify the current signature
367 */
370 /*
371 * An xUriBinding is provided to map Uris to XInputStream interfaces.
372 */
378 /*
379 * Common methods
380 */
381 sal_Bool convertNumber( sal_Int32& rValue, const rtl::OUString& rString, sal_Int32 nMin, sal_Int32 nMax );
382 void convertDateTime( ::rtl::OUStringBuffer& rBuffer, const com::sun::star::util::DateTime& rDateTime );
383 sal_Bool convertDateTime( com::sun::star::util::DateTime& rDateTime, const ::rtl::OUString& rString );
395 //sal_Int32 getFastPropertyIndex(sal_Int32 nHandle) const;
397 /*
398 * For signature generation
399 */
405 /*
406 * For signature verification
407 */
428 sal_Int32 nSecurityId );
431 XSecController(const com::sun::star::uno::Reference<com::sun::star::uno::XComponentContext>& rxCtx);
470 /*
471 * For signature generation
472 */
474 void signAStream( sal_Int32 securityId, const rtl::OUString& uri, const rtl::OUString& objectURL, sal_Bool isBinary);
477 /** sets data that describes the certificate.
479 It is absolutely necessary that the parameter ouX509IssuerName is set. It contains
480 the base64 encoded certificate, which is DER encoded. The XMLSec needs it to find
481 the private key. Although issuer name and certificate should be sufficient to identify
482 the certificate the implementation in XMLSec is broken, both for Windows and mozilla.
483 The reason is that they use functions to find the certificate which take as parameter
484 the DER encoded ASN.1 issuer name. The issuer name is a DName, where most attributes
485 are of type DirectoryName, which is a choice of 5 string types. This information is
486 not contained in the issuer string and while it is converted to the ASN.1 name the
487 conversion function must assume a particular type, which is often wrong. For example,
488 the Windows function CertStrToName will use a T.61 string if the string does not contain
489 special characters. So if the certificate uses simple characters but encodes the
490 issuer attributes in Utf8, then CertStrToName will use T.61. The resulting DER encoded
491 ASN.1 name now contains different bytes which indicate the string type. The functions
492 for finding the certificate apparently use memcmp - hence they fail to find the
493 certificate.
494 */
496 sal_Int32 nSecurityId,
500 // see the other setX509Certifcate function
502 sal_Int32 nSecurityId,
509 sal_Int32 nSecurityId,
517 /*
518 * For signature verification
519 */
522 com::sun::star::uno::Reference< com::sun::star::xml::sax::XDocumentHandler > createSignatureReader();
526 /* Interface methods */
528 /*
529 * XSecurityController
530 *
531 * no method in XSecurityController interface
532 */
534 /*
535 * XFastPropertySet
536 */
537 /*
538 virtual void SAL_CALL setFastPropertyValue(
539 sal_Int32 nHandle,
540 const com::sun::star::uno::Any& aValue )
541 throw (
542 com::sun::star::beans::UnknownPropertyException,
543 com::sun::star::beans::PropertyVetoException,
544 com::sun::star::lang::IllegalArgumentException,
545 com::sun::star::lang::WrappedTargetException,
546 com::sun::star::uno::RuntimeException);
547 virtual com::sun::star::uno::Any SAL_CALL getFastPropertyValue(
548 sal_Int32 nHandle )
549 throw (
550 com::sun::star::beans::UnknownPropertyException,
551 com::sun::star::lang::WrappedTargetException,
552 com::sun::star::uno::RuntimeException);
553 */
555 /*
556 * XSAXEventKeeperStatusChangeListener
557 */
561 sal_Bool isInsideCollectedElement )
566 /*
567 * XSignatureCreationResultListener
568 */
569 virtual void SAL_CALL signatureCreated( sal_Int32 securityId, com::sun::star::xml::crypto::SecurityOperationStatus nResult )
572 /*
573 * XSignatureVerifyResultListener
574 */
575 virtual void SAL_CALL signatureVerified( sal_Int32 securityId, com::sun::star::xml::crypto::SecurityOperationStatus nResult )
577 };
579 #endif