diff options
| author | Michael Stahl <mstahl@redhat.com> | 2012-01-28 20:52:45 +0100 |
|---|---|---|
| committer | Michael Stahl <mstahl@redhat.com> | 2012-01-28 20:52:45 +0100 |
| commit | 2e626373db2412ac22e8c5c27a60d11cd29e875b (patch) | |
| tree | 9e9f67205cd5b72f1031721273e1534a3a1e5b0f /xmlsecurity/source/xmlsec/nss | |
| parent | f7ee7bbd5174b084f018c2ec94d8c70c98ee04da (diff) | |
replace obsolete "master" branch with README that points at new repoHEADmaster-deletedmaster
Diffstat (limited to 'xmlsecurity/source/xmlsec/nss')
26 files changed, 0 insertions, 5787 deletions
diff --git a/xmlsecurity/source/xmlsec/nss/certerrors.h b/xmlsecurity/source/xmlsec/nss/certerrors.h deleted file mode 100644 index 798d677bc..000000000 --- a/xmlsecurity/source/xmlsec/nss/certerrors.h +++ /dev/null @@ -1,394 +0,0 @@ -/* -*- Mode: C++; tab-width: 4; indent-tabs-mode: nil; c-basic-offset: 4 -*- */ -/************************************************************************* - * - * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. - * - * Copyright 2008 by Sun Microsystems, Inc. - * - * OpenOffice.org - a multi-platform office productivity suite - * - * This file is part of OpenOffice.org. - * - * OpenOffice.org is free software: you can redistribute it and/or modify - * it under the terms of the GNU Lesser General Public License version 3 - * only, as published by the Free Software Foundation. - * - * OpenOffice.org is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU Lesser General Public License version 3 for more details - * (a copy is included in the LICENSE file that accompanied this code). - * - * You should have received a copy of the GNU Lesser General Public License - * version 3 along with OpenOffice.org. If not, see - * <http://www.openoffice.org/license.html> - * for a copy of the LGPLv3 License. - * - ************************************************************************/ - -{SEC_ERROR_IO, "An I/O error occurred during security authorization."}, - -{SEC_ERROR_LIBRARY_FAILURE, "security library failure."}, - -{SEC_ERROR_BAD_DATA, "security library: received bad data."}, - -{SEC_ERROR_OUTPUT_LEN, "security library: output length error."}, - -{SEC_ERROR_INPUT_LEN, "security library has experienced an input length error."}, - -{SEC_ERROR_INVALID_ARGS, "security library: invalid arguments."}, - -{SEC_ERROR_INVALID_ALGORITHM, "security library: invalid algorithm."}, - -{SEC_ERROR_INVALID_AVA, "security library: invalid AVA."}, - -{SEC_ERROR_INVALID_TIME, "Improperly formatted time string."}, - -{SEC_ERROR_BAD_DER, "security library: improperly formatted DER-encoded message."}, - -{SEC_ERROR_BAD_SIGNATURE, "Peer's certificate has an invalid signature."}, - -{SEC_ERROR_EXPIRED_CERTIFICATE, "Peer's Certificate has expired."}, - -{SEC_ERROR_REVOKED_CERTIFICATE, "Peer's Certificate has been revoked."}, - -{SEC_ERROR_UNKNOWN_ISSUER, "Peer's Certificate issuer is not recognized."}, - -{SEC_ERROR_BAD_KEY, "Peer's public key is invalid."}, - -{SEC_ERROR_BAD_PASSWORD, "The security password entered is incorrect."}, - -{SEC_ERROR_RETRY_PASSWORD, "New password entered incorrectly. Please try again."}, - -{SEC_ERROR_NO_NODELOCK, "security library: no nodelock."}, - -{SEC_ERROR_BAD_DATABASE, "security library: bad database."}, - -{SEC_ERROR_NO_MEMORY, "security library: memory allocation failure."}, - -{SEC_ERROR_UNTRUSTED_ISSUER, "Peer's certificate issuer has been marked as not trusted by the user."}, - -{SEC_ERROR_UNTRUSTED_CERT, "Peer's certificate has been marked as not trusted by the user."}, - -{SEC_ERROR_DUPLICATE_CERT, "Certificate already exists in your database."}, - -{SEC_ERROR_DUPLICATE_CERT_NAME, "Downloaded certificate's name duplicates one already in your database."}, - -{SEC_ERROR_ADDING_CERT, "Error adding certificate to database."}, - -{SEC_ERROR_FILING_KEY, "Error refiling the key for this certificate."}, - -{SEC_ERROR_NO_KEY, "The private key for this certificate cannot be found in key database"}, - -{SEC_ERROR_CERT_VALID, "This certificate is valid."}, - -{SEC_ERROR_CERT_NOT_VALID, "This certificate is not valid."}, - -{SEC_ERROR_CERT_NO_RESPONSE, "Cert Library: No Response"}, - -{SEC_ERROR_EXPIRED_ISSUER_CERTIFICATE, "The certificate issuer's certificate has expired. Check your system date and time."}, - -{SEC_ERROR_CRL_EXPIRED, "The CRL for the certificate's issuer has expired. Update it or check your system date and time."}, - -{SEC_ERROR_CRL_BAD_SIGNATURE, "The CRL for the certificate's issuer has an invalid signature."}, - -{SEC_ERROR_CRL_INVALID, "New CRL has an invalid format."}, - -{SEC_ERROR_EXTENSION_VALUE_INVALID, "Certificate extension value is invalid."}, - -{SEC_ERROR_EXTENSION_NOT_FOUND, "Certificate extension not found."}, - -{SEC_ERROR_CA_CERT_INVALID, "Issuer certificate is invalid."}, - -{SEC_ERROR_PATH_LEN_CONSTRAINT_INVALID, "Certificate path length constraint is invalid."}, - -{SEC_ERROR_CERT_USAGES_INVALID, "Certificate usages field is invalid."}, - -{SEC_INTERNAL_ONLY, "**Internal ONLY module**"}, - -{SEC_ERROR_INVALID_KEY, "The key does not support the requested operation."}, - -{SEC_ERROR_UNKNOWN_CRITICAL_EXTENSION, "Certificate contains unknown critical extension."}, - -{SEC_ERROR_OLD_CRL, "New CRL is not later than the current one."}, - -{SEC_ERROR_NO_EMAIL_CERT, "Not encrypted or signed: you do not yet have an email certificate."}, - -{SEC_ERROR_NO_RECIPIENT_CERTS_QUERY, "Not encrypted: you do not have certificates for each of the recipients."}, - -{SEC_ERROR_NOT_A_RECIPIENT, "Cannot decrypt: you are not a recipient, or matching certificate and \ -private key not found."}, - -{SEC_ERROR_PKCS7_KEYALG_MISMATCH, "Cannot decrypt: key encryption algorithm does not match your certificate."}, - -{SEC_ERROR_PKCS7_BAD_SIGNATURE, "Signature verification failed: no signer found, too many signers found, \ -or improper or corrupted data."}, - -{SEC_ERROR_UNSUPPORTED_KEYALG, "Unsupported or unknown key algorithm."}, - -{SEC_ERROR_DECRYPTION_DISALLOWED, "Cannot decrypt: encrypted using a disallowed algorithm or key size."}, - - -/* Fortezza Alerts */ -{XP_SEC_FORTEZZA_BAD_CARD, "Fortezza card has not been properly initialized. \ -Please remove it and return it to your issuer."}, - -{XP_SEC_FORTEZZA_NO_CARD, "No Fortezza cards Found"}, - -{XP_SEC_FORTEZZA_NONE_SELECTED, "No Fortezza card selected"}, - -{XP_SEC_FORTEZZA_MORE_INFO, "Please select a personality to get more info on"}, - -{XP_SEC_FORTEZZA_PERSON_NOT_FOUND, "Personality not found"}, - -{XP_SEC_FORTEZZA_NO_MORE_INFO, "No more information on that Personality"}, - -{XP_SEC_FORTEZZA_BAD_PIN, "Invalid Pin"}, - -{XP_SEC_FORTEZZA_PERSON_ERROR, "Couldn't initialize Fortezza personalities."}, -/* end fortezza alerts. */ - -{SEC_ERROR_NO_KRL, "No KRL for this site's certificate has been found."}, - -{SEC_ERROR_KRL_EXPIRED, "The KRL for this site's certificate has expired."}, - -{SEC_ERROR_KRL_BAD_SIGNATURE, "The KRL for this site's certificate has an invalid signature."}, - -{SEC_ERROR_REVOKED_KEY, "The key for this site's certificate has been revoked."}, - -{SEC_ERROR_KRL_INVALID, "New KRL has an invalid format."}, - -{SEC_ERROR_NEED_RANDOM, "security library: need random data."}, - -{SEC_ERROR_NO_MODULE, "security library: no security module can perform the requested operation."}, - -{SEC_ERROR_NO_TOKEN, "The security card or token does not exist, needs to be initialized, or has been removed."}, - -{SEC_ERROR_READ_ONLY, "security library: read-only database."}, - -{SEC_ERROR_NO_SLOT_SELECTED, "No slot or token was selected."}, - -{SEC_ERROR_CERT_NICKNAME_COLLISION, "A certificate with the same nickname already exists."}, - -{SEC_ERROR_KEY_NICKNAME_COLLISION, "A key with the same nickname already exists."}, - -{SEC_ERROR_SAFE_NOT_CREATED, "error while creating safe object"}, - -{SEC_ERROR_BAGGAGE_NOT_CREATED, "error while creating baggage object"}, - -{XP_JAVA_REMOVE_PRINCIPAL_ERROR, "Couldn't remove the principal"}, - -{XP_JAVA_DELETE_PRIVILEGE_ERROR, "Couldn't delete the privilege"}, - -{XP_JAVA_CERT_NOT_EXISTS_ERROR, "This principal doesn't have a certificate"}, - -{SEC_ERROR_BAD_EXPORT_ALGORITHM, "Required algorithm is not allowed."}, - -{SEC_ERROR_EXPORTING_CERTIFICATES, "Error attempting to export certificates."}, - -{SEC_ERROR_IMPORTING_CERTIFICATES, "Error attempting to import certificates."}, - -{SEC_ERROR_PKCS12_DECODING_PFX, "Unable to import. Decoding error. File not valid."}, - -{SEC_ERROR_PKCS12_INVALID_MAC, "Unable to import. Invalid MAC. Incorrect password or corrupt file."}, - -{SEC_ERROR_PKCS12_UNSUPPORTED_MAC_ALGORITHM, "Unable to import. MAC algorithm not supported."}, - -{SEC_ERROR_PKCS12_UNSUPPORTED_TRANSPORT_MODE, "Unable to import. Only password integrity and privacy modes supported."}, - -{SEC_ERROR_PKCS12_CORRUPT_PFX_STRUCTURE, "Unable to import. File structure is corrupt."}, - -{SEC_ERROR_PKCS12_UNSUPPORTED_PBE_ALGORITHM, "Unable to import. Encryption algorithm not supported."}, - -{SEC_ERROR_PKCS12_UNSUPPORTED_VERSION, "Unable to import. File version not supported."}, - -{SEC_ERROR_PKCS12_PRIVACY_PASSWORD_INCORRECT, "Unable to import. Incorrect privacy password."}, - -{SEC_ERROR_PKCS12_CERT_COLLISION, "Unable to import. Same nickname already exists in database."}, - -{SEC_ERROR_USER_CANCELLED, "The user pressed cancel."}, - -{SEC_ERROR_PKCS12_DUPLICATE_DATA, "Not imported, already in database."}, - -{SEC_ERROR_MESSAGE_SEND_ABORTED, "Message not sent."}, - -{SEC_ERROR_INADEQUATE_KEY_USAGE, "Certificate key usage inadequate for attempted operation."}, - -{SEC_ERROR_INADEQUATE_CERT_TYPE, "Certificate type not approved for application."}, - -{SEC_ERROR_CERT_ADDR_MISMATCH, "Address in signing certificate does not match address in message headers."}, - -{SEC_ERROR_PKCS12_UNABLE_TO_IMPORT_KEY, "Unable to import. Error attempting to import private key."}, - -{SEC_ERROR_PKCS12_IMPORTING_CERT_CHAIN, "Unable to import. Error attempting to import certificate chain."}, - -{SEC_ERROR_PKCS12_UNABLE_TO_LOCATE_OBJECT_BY_NAME, "Unable to export. Unable to locate certificate or key by nickname."}, - -{SEC_ERROR_PKCS12_UNABLE_TO_EXPORT_KEY, "Unable to export. Private Key could not be located and exported."}, - -{SEC_ERROR_PKCS12_UNABLE_TO_WRITE, "Unable to export. Unable to write the export file."}, - -{SEC_ERROR_PKCS12_UNABLE_TO_READ, "Unable to import. Unable to read the import file."}, - -{SEC_ERROR_PKCS12_KEY_DATABASE_NOT_INITIALIZED, "Unable to export. Key database corrupt or deleted."}, - -{SEC_ERROR_KEYGEN_FAIL, "Unable to generate public/private key pair."}, - -{SEC_ERROR_INVALID_PASSWORD, "Password entered is invalid. Please pick a different one."}, - -{SEC_ERROR_RETRY_OLD_PASSWORD, "Old password entered incorrectly. Please try again."}, - -{SEC_ERROR_BAD_NICKNAME, "Certificate nickname already in use."}, - -{SEC_ERROR_NOT_FORTEZZA_ISSUER, "Peer FORTEZZA chain has a non-FORTEZZA Certificate."}, - -{SEC_ERROR_CANNOT_MOVE_SENSITIVE_KEY, "A sensitive key cannot be moved to the slot where it is needed."}, - -{SEC_ERROR_JS_INVALID_MODULE_NAME, "Invalid module name."}, - -{SEC_ERROR_JS_INVALID_DLL, "Invalid module path/filename"}, - -{SEC_ERROR_JS_ADD_MOD_FAILURE, "Unable to add module"}, - -{SEC_ERROR_JS_DEL_MOD_FAILURE, "Unable to delete module"}, - -{SEC_ERROR_OLD_KRL, "New KRL is not later than the current one."}, - -{SEC_ERROR_CKL_CONFLICT, "New CKL has different issuer than current CKL. Delete current CKL."}, - -{SEC_ERROR_CERT_NOT_IN_NAME_SPACE, "The Certifying Authority for this certificate is not permitted to issue a \ -certificate with this name."}, - -{SEC_ERROR_KRL_NOT_YET_VALID, "The key revocation list for this certificate is not yet valid."}, - -{SEC_ERROR_CRL_NOT_YET_VALID, "The certificate revocation list for this certificate is not yet valid."}, - -{SEC_ERROR_UNKNOWN_CERT, "The requested certificate could not be found."}, - -{SEC_ERROR_UNKNOWN_SIGNER, "The signer's certificate could not be found."}, - -{SEC_ERROR_CERT_BAD_ACCESS_LOCATION, "The location for the certificate status server has invalid format."}, - -{SEC_ERROR_OCSP_UNKNOWN_RESPONSE_TYPE, "The OCSP response cannot be fully decoded; it is of an unknown type."}, - -{SEC_ERROR_OCSP_BAD_HTTP_RESPONSE, "The OCSP server returned unexpected/invalid HTTP data."}, - -{SEC_ERROR_OCSP_MALFORMED_REQUEST, "The OCSP server found the request to be corrupted or improperly formed."}, - -{SEC_ERROR_OCSP_SERVER_ERROR, "The OCSP server experienced an internal error."}, - -{SEC_ERROR_OCSP_TRY_SERVER_LATER, "The OCSP server suggests trying again later."}, - -{SEC_ERROR_OCSP_REQUEST_NEEDS_SIG, "The OCSP server requires a signature on this request."}, - -{SEC_ERROR_OCSP_UNAUTHORIZED_REQUEST, "The OCSP server has refused this request as unauthorized."}, - -{SEC_ERROR_OCSP_UNKNOWN_RESPONSE_STATUS, "The OCSP server returned an unrecognizable status."}, - -{SEC_ERROR_OCSP_UNKNOWN_CERT, "The OCSP server has no status for the certificate."}, - -{SEC_ERROR_OCSP_NOT_ENABLED, "You must enable OCSP before performing this operation."}, - -{SEC_ERROR_OCSP_NO_DEFAULT_RESPONDER, "You must set the OCSP default responder before performing this operation."}, - -{SEC_ERROR_OCSP_MALFORMED_RESPONSE, "The response from the OCSP server was corrupted or improperly formed."}, - -{SEC_ERROR_OCSP_UNAUTHORIZED_RESPONSE, "The signer of the OCSP response is not authorized to give status for \ -this certificate."}, - -{SEC_ERROR_OCSP_FUTURE_RESPONSE, "The OCSP response is not yet valid (contains a date in the future},."}, - -{SEC_ERROR_OCSP_OLD_RESPONSE, "The OCSP response contains out-of-date information."}, - -{SEC_ERROR_DIGEST_NOT_FOUND, "The CMS or PKCS #7 Digest was not found in signed message."}, - -{SEC_ERROR_UNSUPPORTED_MESSAGE_TYPE, "The CMS or PKCS #7 Message type is unsupported."}, - -{SEC_ERROR_MODULE_STUCK, "PKCS #11 module could not be removed because it is still in use."}, - -{SEC_ERROR_BAD_TEMPLATE, "Could not decode ASN.1 data. Specified template was invalid."}, - -{SEC_ERROR_CRL_NOT_FOUND, "No matching CRL was found."}, - -{SEC_ERROR_REUSED_ISSUER_AND_SERIAL, "You are attempting to import a cert with the same issuer/serial as \ -an existing cert, but that is not the same cert."}, - -{SEC_ERROR_BUSY, "NSS could not shutdown. Objects are still in use."}, - -{SEC_ERROR_EXTRA_INPUT, "DER-encoded message contained extra unused data."}, - -{SEC_ERROR_UNSUPPORTED_ELLIPTIC_CURVE, "Unsupported elliptic curve."}, - -{SEC_ERROR_UNSUPPORTED_EC_POINT_FORM, "Unsupported elliptic curve point form."}, - -{SEC_ERROR_UNRECOGNIZED_OID, "Unrecognized Object Identifier."}, - -{SEC_ERROR_OCSP_INVALID_SIGNING_CERT, "Invalid OCSP signing certificate in OCSP response."}, - -{SEC_ERROR_REVOKED_CERTIFICATE_CRL, "Certificate is revoked in issuer's certificate revocation list."}, - -{SEC_ERROR_REVOKED_CERTIFICATE_OCSP, "Issuer's OCSP responder reports certificate is revoked."}, - -{SEC_ERROR_CRL_INVALID_VERSION, "Issuer's Certificate Revocation List has an unknown version number."}, - -{SEC_ERROR_CRL_V1_CRITICAL_EXTENSION, "Issuer's V1 Certificate Revocation List has a critical extension."}, - -{SEC_ERROR_CRL_UNKNOWN_CRITICAL_EXTENSION, "Issuer's V2 Certificate Revocation List has an unknown critical extension."}, - -{SEC_ERROR_UNKNOWN_OBJECT_TYPE, "Unknown object type specified."}, - -{SEC_ERROR_INCOMPATIBLE_PKCS11, "PKCS #11 driver violates the spec in an incompatible way."}, - -{SEC_ERROR_NO_EVENT, "No new slot event is available at this time."}, - -{SEC_ERROR_CRL_ALREADY_EXISTS, "CRL already exists."}, - -{SEC_ERROR_NOT_INITIALIZED, "NSS is not initialized."}, - -{SEC_ERROR_TOKEN_NOT_LOGGED_IN, "The operation failed because the PKCS#11 token is not logged in."}, - -{SEC_ERROR_OCSP_RESPONDER_CERT_INVALID, "Configured OCSP responder's certificate is invalid."}, - -{SEC_ERROR_OCSP_BAD_SIGNATURE, "OCSP response has an invalid signature."}, - -{SEC_ERROR_OUT_OF_SEARCH_LIMITS, "Cert validation search is out of search limits"}, - -{SEC_ERROR_INVALID_POLICY_MAPPING, "Policy mapping contains anypolicy"}, - -{SEC_ERROR_POLICY_VALIDATION_FAILED, "Cert chain fails policy validation"}, - -{SEC_ERROR_UNKNOWN_AIA_LOCATION_TYPE, "Unknown location type in cert AIA extension"}, - -{SEC_ERROR_BAD_HTTP_RESPONSE, "Server returned bad HTTP response"}, - -{SEC_ERROR_BAD_LDAP_RESPONSE, "Server returned bad LDAP response"}, - -{SEC_ERROR_FAILED_TO_ENCODE_DATA, "Failed to encode data with ASN1 encoder"}, - -{SEC_ERROR_BAD_INFO_ACCESS_LOCATION, "Bad information access location in cert extension"}, - -{SEC_ERROR_LIBPKIX_INTERNAL, "Libpkix internal error occurred during cert validation."}, - -#if ( NSS_VMAJOR > 3 ) || ( NSS_VMAJOR == 3 && NSS_VMINOR > 12 ) || ( NSS_VMAJOR == 3 && NSS_VMINOR == 12 && NSS_VPATCH > 2 ) -// following 3 errors got first used in NSS 3.12.3 -// they were in the header even in 3.12.2 but there was missing the mapping in pk11err.c -// see also https://bugzilla.mozilla.org/show_bug.cgi?id=453364 - -{SEC_ERROR_PKCS11_GENERAL_ERROR, "A PKCS #11 module returned CKR_GENERAL_ERROR, indicating that an unrecoverable error has occurred."}, - -{SEC_ERROR_PKCS11_FUNCTION_FAILED, "A PKCS #11 module returned CKR_FUNCTION_FAILED, indicating that the requested function could not be performed. Trying the same operation again might succeed."}, - -{SEC_ERROR_PKCS11_DEVICE_ERROR, "A PKCS #11 module returned CKR_DEVICE_ERROR, indicating that a problem has occurred with the token or slot."}, - -#endif - -#if ( NSS_VMAJOR > 3 ) || ( NSS_VMAJOR == 3 && NSS_VMINOR > 12 ) || ( NSS_VMAJOR == 3 && NSS_VMINOR == 12 && NSS_VPATCH > 3 ) -// following 2 errors got added in NSS 3.12.4 - -{SEC_ERROR_BAD_INFO_ACCESS_METHOD, "Unknown information access method in certificate extension."}, - -{SEC_ERROR_CRL_IMPORT_FAILED, "Error attempting to import a CRL."}, - -#endif - -/* vim:set shiftwidth=4 softtabstop=4 expandtab: */ diff --git a/xmlsecurity/source/xmlsec/nss/ciphercontext.cxx b/xmlsecurity/source/xmlsec/nss/ciphercontext.cxx deleted file mode 100644 index 93a17e351..000000000 --- a/xmlsecurity/source/xmlsec/nss/ciphercontext.cxx +++ /dev/null @@ -1,276 +0,0 @@ - /************************************************************************* - * - * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. - * - * Copyright 2000, 2010 Oracle and/or its affiliates. - * - * OpenOffice.org - a multi-platform office productivity suite - * - * This file is part of OpenOffice.org. - * - * OpenOffice.org is free software: you can redistribute it and/or modify - * it under the terms of the GNU Lesser General Public License version 3 - * only, as published by the Free Software Foundation. - * - * OpenOffice.org is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU Lesser General Public License version 3 for more details - * (a copy is included in the LICENSE file that accompanied this code). - * - * You should have received a copy of the GNU Lesser General Public License - * version 3 along with OpenOffice.org. If not, see - * <http://www.openoffice.org/license.html> - * for a copy of the LGPLv3 License. - * - ************************************************************************/ - -#include <precompiled_xmlsecurity.hxx> - -#include <osl/time.h> -#include <rtl/random.h> -#include <rtl/ref.hxx> - -#include "ciphercontext.hxx" - -using namespace ::com::sun::star; - -uno::Reference< xml::crypto::XCipherContext > OCipherContext::Create( CK_MECHANISM_TYPE nNSSCipherID, const uno::Sequence< ::sal_Int8 >& aKey, const uno::Sequence< ::sal_Int8 >& aInitializationVector, bool bEncryption, bool bW3CPadding ) -{ - ::rtl::Reference< OCipherContext > xResult = new OCipherContext; - - xResult->m_pSlot = PK11_GetBestSlot( nNSSCipherID, NULL ); - if ( xResult->m_pSlot ) - { - SECItem aKeyItem = { siBuffer, const_cast< unsigned char* >( reinterpret_cast< const unsigned char* >( aKey.getConstArray() ) ), aKey.getLength() }; - xResult->m_pSymKey = PK11_ImportSymKey( xResult->m_pSlot, nNSSCipherID, PK11_OriginDerive, bEncryption ? CKA_ENCRYPT : CKA_DECRYPT, &aKeyItem, NULL ); - if ( xResult->m_pSymKey ) - { - SECItem aIVItem = { siBuffer, const_cast< unsigned char* >( reinterpret_cast< const unsigned char* >( aInitializationVector.getConstArray() ) ), aInitializationVector.getLength() }; - xResult->m_pSecParam = PK11_ParamFromIV( nNSSCipherID, &aIVItem ); - if ( xResult->m_pSecParam ) - { - xResult->m_pContext = PK11_CreateContextBySymKey( nNSSCipherID, bEncryption ? CKA_ENCRYPT : CKA_DECRYPT, xResult->m_pSymKey, xResult->m_pSecParam); - if ( xResult->m_pContext ) - { - xResult->m_bEncryption = bEncryption; - xResult->m_bW3CPadding = bW3CPadding; - xResult->m_bPadding = bW3CPadding || ( PK11_GetPadMechanism( nNSSCipherID ) == nNSSCipherID ); - xResult->m_nBlockSize = PK11_GetBlockSize( nNSSCipherID, xResult->m_pSecParam ); - if ( xResult->m_nBlockSize <= SAL_MAX_INT8 ) - return xResult.get(); - } - } - } - } - - return uno::Reference< xml::crypto::XCipherContext >(); -} - -void OCipherContext::Dispose() -{ - ::osl::MutexGuard aGuard( m_aMutex ); - - if ( m_pContext ) - { - PK11_DestroyContext( m_pContext, PR_TRUE ); - m_pContext = NULL; - } - - if ( m_pSecParam ) - { - SECITEM_FreeItem( m_pSecParam, PR_TRUE ); - m_pSecParam = NULL; - } - - if ( m_pSymKey ) - { - PK11_FreeSymKey( m_pSymKey ); - m_pSymKey = NULL; - } - - if ( m_pSlot ) - { - PK11_FreeSlot( m_pSlot ); - m_pSlot = NULL; - } - - m_bDisposed = true; -} - -uno::Sequence< ::sal_Int8 > SAL_CALL OCipherContext::convertWithCipherContext( const uno::Sequence< ::sal_Int8 >& aData ) - throw ( lang::IllegalArgumentException, lang::DisposedException, uno::RuntimeException) -{ - ::osl::MutexGuard aGuard( m_aMutex ); - - if ( m_bBroken ) - throw uno::RuntimeException(); - - if ( m_bDisposed ) - throw lang::DisposedException(); - - uno::Sequence< sal_Int8 > aToConvert; - if ( aData.getLength() ) - { - sal_Int32 nOldLastBlockLen = m_aLastBlock.getLength(); - OSL_ENSURE( nOldLastBlockLen <= m_nBlockSize, "Unexpected last block size!" ); - - sal_Int32 nAvailableData = nOldLastBlockLen + aData.getLength(); - sal_Int32 nToConvertLen = nAvailableData; - if ( m_bEncryption || !m_bW3CPadding ) - { - if ( nAvailableData % m_nBlockSize == 0 ) - nToConvertLen = nAvailableData; - else if ( nAvailableData < m_nBlockSize ) - nToConvertLen = 0; - else - nToConvertLen = nAvailableData - nAvailableData % m_nBlockSize; - } - else - { - // decryption with W3C padding needs at least one block for finalizing - if ( nAvailableData < m_nBlockSize * 2 ) - nToConvertLen = 0; - else - nToConvertLen = nAvailableData - nAvailableData % m_nBlockSize - m_nBlockSize; - } - - aToConvert.realloc( nToConvertLen ); - if ( nToConvertLen == 0 ) - { - m_aLastBlock.realloc( nOldLastBlockLen + aData.getLength() ); - rtl_copyMemory( m_aLastBlock.getArray() + nOldLastBlockLen, aData.getConstArray(), aData.getLength() ); - // aToConvert stays empty - } - else if ( nToConvertLen < nOldLastBlockLen ) - { - rtl_copyMemory( aToConvert.getArray(), m_aLastBlock.getConstArray(), nToConvertLen ); - rtl_copyMemory( m_aLastBlock.getArray(), m_aLastBlock.getConstArray() + nToConvertLen, nOldLastBlockLen - nToConvertLen ); - m_aLastBlock.realloc( nOldLastBlockLen - nToConvertLen + aData.getLength() ); - rtl_copyMemory( m_aLastBlock.getArray() + nOldLastBlockLen - nToConvertLen, aData.getConstArray(), aData.getLength() ); - } - else - { - rtl_copyMemory( aToConvert.getArray(), m_aLastBlock.getConstArray(), nOldLastBlockLen ); - if ( nToConvertLen > nOldLastBlockLen ) - rtl_copyMemory( aToConvert.getArray() + nOldLastBlockLen, aData.getConstArray(), nToConvertLen - nOldLastBlockLen ); - m_aLastBlock.realloc( nAvailableData - nToConvertLen ); - rtl_copyMemory( m_aLastBlock.getArray(), aData.getConstArray() + nToConvertLen - nOldLastBlockLen, nAvailableData - nToConvertLen ); - } - } - - uno::Sequence< sal_Int8 > aResult; - OSL_ENSURE( aToConvert.getLength() % m_nBlockSize == 0, "Unexpected size of the data to encrypt!" ); - if ( aToConvert.getLength() ) - { - int nResultLen = 0; - aResult.realloc( aToConvert.getLength() + m_nBlockSize ); - if ( PK11_CipherOp( m_pContext, reinterpret_cast< unsigned char* >( aResult.getArray() ), &nResultLen, aResult.getLength(), const_cast< unsigned char* >( reinterpret_cast< const unsigned char* >( aToConvert.getConstArray() ) ), aToConvert.getLength() ) != SECSuccess ) - { - m_bBroken = true; - Dispose(); - throw uno::RuntimeException(); - } - - m_nConverted += aToConvert.getLength(); - aResult.realloc( nResultLen ); - } - - return aResult; -} - -uno::Sequence< ::sal_Int8 > SAL_CALL OCipherContext::finalizeCipherContextAndDispose() - throw (lang::DisposedException, uno::RuntimeException) -{ - ::osl::MutexGuard aGuard( m_aMutex ); - - if ( m_bBroken ) - throw uno::RuntimeException(); - - if ( m_bDisposed ) - throw lang::DisposedException(); - - OSL_ENSURE( m_nBlockSize <= SAL_MAX_INT8, "Unexpected block size!" ); - OSL_ENSURE( m_nConverted % m_nBlockSize == 0, "Unexpected amount of bytes is already converted!" ); - sal_Int32 nSizeForPadding = ( m_nConverted + m_aLastBlock.getLength() ) % m_nBlockSize; - - // if it is decryption, the amount of data should be rounded to the block size even in case of padding - if ( ( !m_bPadding || !m_bEncryption ) && nSizeForPadding ) - throw uno::RuntimeException( ::rtl::OUString( RTL_CONSTASCII_USTRINGPARAM( "The data should contain complete blocks only." ) ), uno::Reference< uno::XInterface >() ); - - if ( m_bW3CPadding && m_bEncryption ) - { - // in this case the last block should be smaller than standtard block - // it will be increased with the padding - OSL_ENSURE( m_aLastBlock.getLength() < m_nBlockSize, "Unexpected size of cashed incomplete last block!" ); - - // W3CPadding handling for encryption - sal_Int32 nPaddingSize = m_nBlockSize - nSizeForPadding; - sal_Int32 nOldLastBlockLen = m_aLastBlock.getLength(); - m_aLastBlock.realloc( nOldLastBlockLen + nPaddingSize ); - - if ( nPaddingSize > 1 ) - { - TimeValue aTime; - osl_getSystemTime( &aTime ); - rtlRandomPool aRandomPool = rtl_random_createPool(); - rtl_random_addBytes( aRandomPool, &aTime, 8 ); - rtl_random_getBytes( aRandomPool, m_aLastBlock.getArray() + nOldLastBlockLen, nPaddingSize - 1 ); - rtl_random_destroyPool ( aRandomPool ); - } - m_aLastBlock[m_aLastBlock.getLength() - 1] = static_cast< sal_Int8 >( nPaddingSize ); - } - - // finally should the last block be smaller than two standard blocks - OSL_ENSURE( m_aLastBlock.getLength() < m_nBlockSize * 2 , "Unexpected size of cashed incomplete last block!" ); - - uno::Sequence< sal_Int8 > aResult; - if ( m_aLastBlock.getLength() ) - { - int nPrefResLen = 0; - aResult.realloc( m_aLastBlock.getLength() + m_nBlockSize ); - if ( PK11_CipherOp( m_pContext, reinterpret_cast< unsigned char* >( aResult.getArray() ), &nPrefResLen, aResult.getLength(), const_cast< unsigned char* >( reinterpret_cast< const unsigned char* >( m_aLastBlock.getConstArray() ) ), m_aLastBlock.getLength() ) != SECSuccess ) - { - m_bBroken = true; - Dispose(); - throw uno::RuntimeException(); - } - - aResult.realloc( nPrefResLen ); - m_aLastBlock.realloc( 0 ); - } - - sal_Int32 nPrefixLen = aResult.getLength(); - aResult.realloc( nPrefixLen + m_nBlockSize * 2 ); - unsigned nFinalLen = 0; - if ( PK11_DigestFinal( m_pContext, reinterpret_cast< unsigned char* >( aResult.getArray() + nPrefixLen ), &nFinalLen, aResult.getLength() - nPrefixLen ) != SECSuccess ) - { - m_bBroken = true; - Dispose(); - throw uno::RuntimeException(); - } - - aResult.realloc( nPrefixLen + nFinalLen ); - - if ( m_bW3CPadding && !m_bEncryption ) - { - // W3CPadding handling for decryption - // aResult should have anough data, since we let m_aLastBlock be big enough in case of decryption - OSL_ENSURE( aResult.getLength() >= m_nBlockSize, "Not enough data to handle the padding!" ); - - sal_Int8 nBytesToRemove = aResult[aResult.getLength() - 1]; - if ( nBytesToRemove <= 0 || nBytesToRemove > aResult.getLength() ) - { - m_bBroken = true; - Dispose(); - throw uno::RuntimeException(); - } - - aResult.realloc( aResult.getLength() - nBytesToRemove ); - } - - Dispose(); - - return aResult; -} - diff --git a/xmlsecurity/source/xmlsec/nss/ciphercontext.hxx b/xmlsecurity/source/xmlsec/nss/ciphercontext.hxx deleted file mode 100644 index 1574a6238..000000000 --- a/xmlsecurity/source/xmlsec/nss/ciphercontext.hxx +++ /dev/null @@ -1,89 +0,0 @@ -/************************************************************************* - * - * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. - * - * Copyright 2000, 2010 Oracle and/or its affiliates. - * - * OpenOffice.org - a multi-platform office productivity suite - * - * This file is part of OpenOffice.org. - * - * OpenOffice.org is free software: you can redistribute it and/or modify - * it under the terms of the GNU Lesser General Public License version 3 - * only, as published by the Free Software Foundation. - * - * OpenOffice.org is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU Lesser General Public License version 3 for more details - * (a copy is included in the LICENSE file that accompanied this code). - * - * You should have received a copy of the GNU Lesser General Public License - * version 3 along with OpenOffice.org. If not, see - * <http://www.openoffice.org/license.html> - * for a copy of the LGPLv3 License. - * - ************************************************************************/ - -#ifndef _CIPHERCONTEXT_HXX -#define _CIPHERCONTEXT_HXX - -#include <com/sun/star/xml/crypto/XCipherContext.hpp> - -#include <cppuhelper/implbase1.hxx> -#include <osl/mutex.hxx> -#include <pk11pub.h> - -class OCipherContext : public cppu::WeakImplHelper1< ::com::sun::star::xml::crypto::XCipherContext > -{ -private: - ::osl::Mutex m_aMutex; - - PK11SlotInfo* m_pSlot; - PK11SymKey* m_pSymKey; - SECItem* m_pSecParam; - PK11Context* m_pContext; - - sal_Int32 m_nBlockSize; - ::com::sun::star::uno::Sequence< sal_Int8 > m_aLastBlock; - - bool m_bEncryption; - bool m_bPadding; - bool m_bW3CPadding; - sal_Int64 m_nConverted; - - bool m_bDisposed; - bool m_bBroken; - - void Dispose(); - - OCipherContext() - : m_pSlot( NULL ) - , m_pSymKey( NULL ) - , m_pSecParam( NULL ) - , m_pContext( NULL ) - , m_nBlockSize( 0 ) - , m_bEncryption( false ) - , m_bPadding( false ) - , m_bW3CPadding( false ) - , m_nConverted( 0 ) - , m_bDisposed( false ) - , m_bBroken( false ) - {} - -public: - - virtual ~OCipherContext() - { - Dispose(); - } - - static ::com::sun::star::uno::Reference< ::com::sun::star::xml::crypto::XCipherContext > Create( CK_MECHANISM_TYPE nNSSCipherID, const ::com::sun::star::uno::Sequence< ::sal_Int8 >& aKey, const ::com::sun::star::uno::Sequence< ::sal_Int8 >& aInitializationVector, bool bEncryption, bool bW3CPadding ); - - // XCipherContext - virtual ::com::sun::star::uno::Sequence< ::sal_Int8 > SAL_CALL convertWithCipherContext( const ::com::sun::star::uno::Sequence< ::sal_Int8 >& aData ) throw (::com::sun::star::lang::IllegalArgumentException, ::com::sun::star::lang::DisposedException, ::com::sun::star::uno::RuntimeException); - virtual ::com::sun::star::uno::Sequence< ::sal_Int8 > SAL_CALL finalizeCipherContextAndDispose( ) throw (::com::sun::star::lang::DisposedException, ::com::sun::star::uno::RuntimeException); -}; - -#endif - diff --git a/xmlsecurity/source/xmlsec/nss/digestcontext.cxx b/xmlsecurity/source/xmlsec/nss/digestcontext.cxx deleted file mode 100644 index 4b3a0d094..000000000 --- a/xmlsecurity/source/xmlsec/nss/digestcontext.cxx +++ /dev/null @@ -1,101 +0,0 @@ -/************************************************************************* - * - * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. - * - * Copyright 2000, 2010 Oracle and/or its affiliates. - * - * OpenOffice.org - a multi-platform office productivity suite - * - * This file is part of OpenOffice.org. - * - * OpenOffice.org is free software: you can redistribute it and/or modify - * it under the terms of the GNU Lesser General Public License version 3 - * only, as published by the Free Software Foundation. - * - * OpenOffice.org is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU Lesser General Public License version 3 for more details - * (a copy is included in the LICENSE file that accompanied this code). - * - * You should have received a copy of the GNU Lesser General Public License - * version 3 along with OpenOffice.org. If not, see - * <http://www.openoffice.org/license.html> - * for a copy of the LGPLv3 License. - * - ************************************************************************/ - -#include <precompiled_xmlsecurity.hxx> - -#include <pk11pub.h> -#include "digestcontext.hxx" - -using namespace ::com::sun::star; - -ODigestContext::~ODigestContext() -{ - if ( m_pContext ) - { - PK11_DestroyContext( m_pContext, PR_TRUE ); - m_pContext = NULL; - } -} - -void SAL_CALL ODigestContext::updateDigest( const uno::Sequence< ::sal_Int8 >& aData ) - throw (lang::DisposedException, uno::RuntimeException) -{ - ::osl::MutexGuard aGuard( m_aMutex ); - - if ( m_bBroken ) - throw uno::RuntimeException(); - - if ( m_bDisposed ) - throw lang::DisposedException(); - - if ( !m_b1KData || m_nDigested < 1024 ) - { - uno::Sequence< sal_Int8 > aToDigest = aData; - if ( m_b1KData && m_nDigested + aData.getLength() > 1024 ) - aToDigest.realloc( 1024 - m_nDigested ); - - if ( PK11_DigestOp( m_pContext, reinterpret_cast< const unsigned char* >( aToDigest.getConstArray() ), aToDigest.getLength() ) != SECSuccess ) - { - PK11_DestroyContext( m_pContext, PR_TRUE ); - m_pContext = NULL; - m_bBroken = true; - throw uno::RuntimeException(); - } - - m_nDigested += aToDigest.getLength(); - } -} - -uno::Sequence< ::sal_Int8 > SAL_CALL ODigestContext::finalizeDigestAndDispose() - throw (lang::DisposedException, uno::RuntimeException) -{ - ::osl::MutexGuard aGuard( m_aMutex ); - - if ( m_bBroken ) - throw uno::RuntimeException(); - - if ( m_bDisposed ) - throw lang::DisposedException(); - - uno::Sequence< sal_Int8 > aResult( m_nDigestLength ); - unsigned int nResultLen = 0; - if ( PK11_DigestFinal( m_pContext, reinterpret_cast< unsigned char* >( aResult.getArray() ), &nResultLen, aResult.getLength() ) != SECSuccess ) - { - PK11_DestroyContext( m_pContext, PR_TRUE ); - m_pContext = NULL; - m_bBroken = true; - throw uno::RuntimeException(); - } - - PK11_DestroyContext( m_pContext, PR_TRUE ); - m_pContext = NULL; - m_bDisposed = true; - - aResult.realloc( nResultLen ); - return aResult; -} - diff --git a/xmlsecurity/source/xmlsec/nss/digestcontext.hxx b/xmlsecurity/source/xmlsec/nss/digestcontext.hxx deleted file mode 100644 index 8f9ef475a..000000000 --- a/xmlsecurity/source/xmlsec/nss/digestcontext.hxx +++ /dev/null @@ -1,68 +0,0 @@ -/************************************************************************* - * - * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. - * - * Copyright 2000, 2010 Oracle and/or its affiliates. - * - * OpenOffice.org - a multi-platform office productivity suite - * - * This file is part of OpenOffice.org. - * - * OpenOffice.org is free software: you can redistribute it and/or modify - * it under the terms of the GNU Lesser General Public License version 3 - * only, as published by the Free Software Foundation. - * - * OpenOffice.org is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU Lesser General Public License version 3 for more details - * (a copy is included in the LICENSE file that accompanied this code). - * - * You should have received a copy of the GNU Lesser General Public License - * version 3 along with OpenOffice.org. If not, see - * <http://www.openoffice.org/license.html> - * for a copy of the LGPLv3 License. - * - ************************************************************************/ - -#ifndef _DIGESTCONTEXT_HXX -#define _DIGESTCONTEXT_HXX - -#include <com/sun/star/xml/crypto/XDigestContext.hpp> - -#include <cppuhelper/implbase1.hxx> -#include <osl/mutex.hxx> - -class ODigestContext : public cppu::WeakImplHelper1< ::com::sun::star::xml::crypto::XDigestContext > -{ -private: - ::osl::Mutex m_aMutex; - - PK11Context* m_pContext; - sal_Int32 m_nDigestLength; - bool m_b1KData; - sal_Int32 m_nDigested; - - bool m_bDisposed; - bool m_bBroken; - -public: - ODigestContext( PK11Context* pContext, sal_Int32 nDigestLength, bool b1KData ) - : m_pContext( pContext ) - , m_nDigestLength( nDigestLength ) - , m_b1KData( b1KData ) - , m_nDigested( 0 ) - , m_bDisposed( false ) - , m_bBroken( false ) - {} - - virtual ~ODigestContext(); - - - // XDigestContext - virtual void SAL_CALL updateDigest( const ::com::sun::star::uno::Sequence< ::sal_Int8 >& aData ) throw (::com::sun::star::lang::DisposedException, ::com::sun::star::uno::RuntimeException); - virtual ::com::sun::star::uno::Sequence< ::sal_Int8 > SAL_CALL finalizeDigestAndDispose() throw (::com::sun::star::lang::DisposedException, ::com::sun::star::uno::RuntimeException); -}; - -#endif - diff --git a/xmlsecurity/source/xmlsec/nss/makefile.mk b/xmlsecurity/source/xmlsec/nss/makefile.mk deleted file mode 100644 index ce088e2bb..000000000 --- a/xmlsecurity/source/xmlsec/nss/makefile.mk +++ /dev/null @@ -1,130 +0,0 @@ -#************************************************************************* -# -# DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. -# -# Copyright 2000, 2010 Oracle and/or its affiliates. -# -# OpenOffice.org - a multi-platform office productivity suite -# -# This file is part of OpenOffice.org. -# -# OpenOffice.org is free software: you can redistribute it and/or modify -# it under the terms of the GNU Lesser General Public License version 3 -# only, as published by the Free Software Foundation. -# -# OpenOffice.org is distributed in the hope that it will be useful, -# but WITHOUT ANY WARRANTY; without even the implied warranty of -# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -# GNU Lesser General Public License version 3 for more details -# (a copy is included in the LICENSE file that accompanied this code). -# -# You should have received a copy of the GNU Lesser General Public License -# version 3 along with OpenOffice.org. If not, see -# <http://www.openoffice.org/license.html> -# for a copy of the LGPLv3 License. -# -#************************************************************************* - -PRJ=..$/..$/.. - -PRJNAME = xmlsecurity -TARGET = xs_nss - -ENABLE_EXCEPTIONS = TRUE - -# --- Settings ----------------------------------------------------- - -.INCLUDE : settings.mk -.INCLUDE : $(PRJ)$/util$/target.pmk - -.IF "$(SYSTEM_LIBXML)" == "YES" -CFLAGS+=-DSYSTEM_LIBXML $(LIBXML_CFLAGS) -.ENDIF - -.IF "$(WITH_MOZILLA)" == "NO" || "$(ENABLE_NSS_MODULE)"!="YES" -.IF "$(SYSTEM_MOZILLA)" != "YES" -@all: - @echo "No mozilla -> no nss -> no libxmlsec -> no xmlsecurity/nss" -.ENDIF -.ENDIF - -.IF "$(SYSTEM_MOZILLA)" != "YES" -MOZ_INC = $(SOLARVERSION)$/$(INPATH)$/inc$(UPDMINOREXT)$/mozilla -NSS_INC = $(MOZ_INC)$/nss -NSPR_INC = $(MOZ_INC)$/nspr -.ELSE -# MOZ_INC already defined from environment -NSS_INC = $(MOZ_NSS_CFLAGS) -NSPR_INC = $(MOZ_INC)$/nspr -.ENDIF - -.IF "$(GUI)"=="UNX" -.IF "$(COMNAME)"=="sunpro5" -CFLAGS += -features=tmplife -#This flag is needed to build mozilla 1.7 code -.ENDIF # "$(COMNAME)"=="sunpro5" -.ENDIF - -.IF "$(GUI)" == "WNT" -.IF "$(DBG_LEVEL)" == "0" -INCPRE += \ --I$(MOZ_INC)$/profile \ --I$(MOZ_INC)$/string \ --I$(MOZ_INC)$/embed_base -CFLAGS += -GR- -W3 -Gy -MD -UDEBUG -.ELSE -INCPRE += \ --I$(MOZ_INC)$/profile \ --I$(MOZ_INC)$/string \ --I$(MOZ_INC)$/embed_base -CFLAGS += -Zi -GR- -W3 -Gy -MDd -UNDEBUG -.ENDIF -.ENDIF -.IF "$(GUI)" == "UNX" -INCPOST += \ -$(MOZ_INC)$/profile \ --I$(MOZ_INC)$/string \ --I$(MOZ_INC)$/embed_base -.ENDIF - -.IF "$(CRYPTO_ENGINE)" == "nss" -CDEFS += -DXMLSEC_CRYPTO_NSS -.ENDIF - -CDEFS += -DXMLSEC_NO_XSLT - -# --- Files -------------------------------------------------------- - -SOLARINC += \ - -I$(MOZ_INC) \ --I$(NSPR_INC) \ --I$(PRJ)$/source$/xmlsec - -.IF "$(SYSTEM_MOZILLA)" == "YES" -SOLARINC += -DSYSTEM_MOZILLA $(NSS_INC) -.ELSE -SOLARINC += -I$(NSS_INC) -.ENDIF - -SLOFILES = \ - $(SLO)$/nssinitializer.obj \ - $(SLO)$/digestcontext.obj \ - $(SLO)$/ciphercontext.obj \ - $(SLO)$/xsec_nss.obj - -.IF "$(CRYPTO_ENGINE)" == "nss" -SLOFILES += \ - $(SLO)$/securityenvironment_nssimpl.obj \ - $(SLO)$/seinitializer_nssimpl.obj \ - $(SLO)$/xmlencryption_nssimpl.obj \ - $(SLO)$/xmlsecuritycontext_nssimpl.obj \ - $(SLO)$/xmlsignature_nssimpl.obj \ - $(SLO)$/x509certificate_nssimpl.obj \ - $(SLO)$/sanextension_nssimpl.obj \ - $(SLO)$/secerror.obj - -.ENDIF - -# --- Targets ------------------------------------------------------ - -.INCLUDE : target.mk diff --git a/xmlsecurity/source/xmlsec/nss/nssinitializer.cxx b/xmlsecurity/source/xmlsec/nss/nssinitializer.cxx deleted file mode 100644 index ded32952d..000000000 --- a/xmlsecurity/source/xmlsec/nss/nssinitializer.cxx +++ /dev/null @@ -1,521 +0,0 @@ -/************************************************************************* - * - * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. - * - * Copyright 2000, 2010 Oracle and/or its affiliates. - * - * OpenOffice.org - a multi-platform office productivity suite - * - * This file is part of OpenOffice.org. - * - * OpenOffice.org is free software: you can redistribute it and/or modify - * it under the terms of the GNU Lesser General Public License version 3 - * only, as published by the Free Software Foundation. - * - * OpenOffice.org is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU Lesser General Public License version 3 for more details - * (a copy is included in the LICENSE file that accompanied this code). - * - * You should have received a copy of the GNU Lesser General Public License - * version 3 along with OpenOffice.org. If not, see - * <http://www.openoffice.org/license.html> - * for a copy of the LGPLv3 License. - * - ************************************************************************/ - -// MARKER(update_precomp.py): autogen include statement, do not remove -#include "precompiled_xmlsecurity.hxx" - -/* - * Turn off DEBUG Assertions - */ -#ifdef _DEBUG - #define _DEBUG_WAS_DEFINED _DEBUG - #undef _DEBUG -#else - #undef _DEBUG_WAS_DEFINED -#endif - -/* - * and turn off the additional virtual methods which are part of some interfaces when compiled - * with debug - */ -#ifdef DEBUG - #define DEBUG_WAS_DEFINED DEBUG - #undef DEBUG -#else - #undef DEBUG_WAS_DEFINED -#endif - - -#include <com/sun/star/mozilla/XMozillaBootstrap.hpp> -#include <com/sun/star/xml/crypto/DigestID.hpp> -#include <com/sun/star/xml/crypto/CipherID.hpp> - -#include <sal/types.h> -#include <rtl/instance.hxx> -#include <rtl/bootstrap.hxx> -#include <rtl/string.hxx> -#include <rtl/strbuf.hxx> -#include <osl/file.hxx> -#include <osl/thread.h> -#include <tools/debug.hxx> -#include <rtl/logfile.hxx> - -#include "seinitializer_nssimpl.hxx" -#include "../diagnose.hxx" - -#include "securityenvironment_nssimpl.hxx" -#include "digestcontext.hxx" -#include "ciphercontext.hxx" - -#include <nspr.h> -#include <cert.h> -#include <nss.h> -#include <pk11pub.h> -#include <secmod.h> -#include <nssckbi.h> - - -namespace css = ::com::sun::star; -namespace cssu = css::uno; -namespace cssl = css::lang; -namespace cssxc = css::xml::crypto; - -using namespace xmlsecurity; -using namespace com::sun::star; -using ::rtl::OUString; -using ::rtl::OString; - -#define IMPLEMENTATION_NAME "com.sun.star.xml.security.bridge.xmlsec.NSSInitializer_NssImpl" - -#define ROOT_CERTS "Root Certs for OpenOffice.org" - -extern "C" void nsscrypto_finalize(); - - -namespace -{ - -bool nsscrypto_initialize( const css::uno::Reference< css::lang::XMultiServiceFactory > &xMSF, bool & out_nss_init ); - -struct InitNSSInitialize -{ - css::uno::Reference< css::lang::XMultiServiceFactory > mxMSF; - - InitNSSInitialize( const css::uno::Reference< css::lang::XMultiServiceFactory > &xMSF ) - : mxMSF( xMSF ) - { - } - - bool * operator()() - { - static bool bInitialized = false; - bool bNSSInit = false; - bInitialized = nsscrypto_initialize( mxMSF, bNSSInit ); - if (bNSSInit) - atexit(nsscrypto_finalize ); - return & bInitialized; - } -}; - -struct GetNSSInitStaticMutex -{ - ::osl::Mutex* operator()() - { - static ::osl::Mutex aNSSInitMutex; - return &aNSSInitMutex; - } -}; - -void deleteRootsModule() -{ - SECMODModule *RootsModule = 0; - SECMODModuleList *list = SECMOD_GetDefaultModuleList(); - SECMODListLock *lock = SECMOD_GetDefaultModuleListLock(); - SECMOD_GetReadLock(lock); - - while (!RootsModule && list) - { - SECMODModule *module = list->module; - - for (int i=0; i < module->slotCount; i++) - { - PK11SlotInfo *slot = module->slots[i]; - if (PK11_IsPresent(slot)) - { - if (PK11_HasRootCerts(slot)) - { - xmlsec_trace("The root certifificates module \"%s" - "\" is already loaded: \n%s", - module->commonName, module->dllName); - - RootsModule = SECMOD_ReferenceModule(module); - break; - } - } - } - list = list->next; - } - SECMOD_ReleaseReadLock(lock); - - if (RootsModule) - { - PRInt32 modType; - if (SECSuccess == SECMOD_DeleteModule(RootsModule->commonName, &modType)) - { - xmlsec_trace("Deleted module \"%s\".", RootsModule->commonName); - } - else - { - xmlsec_trace("Failed to delete \"%s\" : \n%s", - RootsModule->commonName, RootsModule->dllName); - } - SECMOD_DestroyModule(RootsModule); - RootsModule = 0; - } -} - -::rtl::OString getMozillaCurrentProfile( const css::uno::Reference< css::lang::XMultiServiceFactory > &rxMSF ) -{ - ::rtl::OString sResult; - // first, try to get the profile from "MOZILLA_CERTIFICATE_FOLDER" - char* pEnv = getenv( "MOZILLA_CERTIFICATE_FOLDER" ); - if ( pEnv ) - { - sResult = ::rtl::OString( pEnv ); - RTL_LOGFILE_PRODUCT_TRACE1( "XMLSEC: Using env MOZILLA_CERTIFICATE_FOLDER: %s", sResult.getStr() ); - } - else - { - mozilla::MozillaProductType productTypes[4] = { - mozilla::MozillaProductType_Thunderbird, - mozilla::MozillaProductType_Mozilla, - mozilla::MozillaProductType_Firefox, - mozilla::MozillaProductType_Default }; - int nProduct = 4; - - uno::Reference<uno::XInterface> xInstance = rxMSF->createInstance( - ::rtl::OUString( RTL_CONSTASCII_USTRINGPARAM("com.sun.star.mozilla.MozillaBootstrap")) ); - OSL_ENSURE( xInstance.is(), "failed to create instance" ); - - uno::Reference<mozilla::XMozillaBootstrap> xMozillaBootstrap - = uno::Reference<mozilla::XMozillaBootstrap>(xInstance,uno::UNO_QUERY); - OSL_ENSURE( xMozillaBootstrap.is(), "failed to create instance" ); - - if (xMozillaBootstrap.is()) - { - for (int i=0; i<nProduct; i++) - { - ::rtl::OUString profile = xMozillaBootstrap->getDefaultProfile(productTypes[i]); - - if (profile != NULL && profile.getLength()>0) - { - ::rtl::OUString sProfilePath = xMozillaBootstrap->getProfilePath( productTypes[i], profile ); - sResult = ::rtl::OUStringToOString( sProfilePath, osl_getThreadTextEncoding() ); - RTL_LOGFILE_PRODUCT_TRACE1( "XMLSEC: Using Mozilla Profile: %s", sResult.getStr() ); - } - } - } - - RTL_LOGFILE_PRODUCT_TRACE( "XMLSEC: No Mozilla Profile found!" ); - } - - return sResult; -} - -//Older versions of Firefox (FF), for example FF2, and Thunderbird (TB) 2 write -//the roots certificate module (libnssckbi.so), which they use, into the -//profile. This module will then already be loaded during NSS_Init (and the -//other init functions). This fails in two cases. First, FF3 was used to create -//the profile, or possibly used that profile before, and second the profile was -//used on a different platform. -// -//Then one needs to add the roots module oneself. This should be done with -//SECMOD_LoadUserModule rather then SECMOD_AddNewModule. The latter would write -//the location of the roots module to the profile, which makes FF2 and TB2 use -//it instead of there own module. -// -//When using SYSTEM_MOZILLA then the libnss3.so lib is typically found in -///usr/lib. This folder may, however, NOT contain the roots certificate -//module. That is, just providing the library name in SECMOD_LoadUserModule or -//SECMOD_AddNewModule will FAIL to load the mozilla unless the LD_LIBRARY_PATH -//contains an FF or TB installation. -//ATTENTION: DO NOT call this function directly instead use initNSS -//return true - whole initialization was successful -//param out_nss_init = true: at least the NSS initialization (NSS_InitReadWrite -//was successful and therefor NSS_Shutdown should be called when terminating. -bool nsscrypto_initialize( const css::uno::Reference< css::lang::XMultiServiceFactory > &xMSF, bool & out_nss_init ) -{ - bool return_value = true; - - // this method must be called only once, no need for additional lock - rtl::OString sCertDir; - - (void) xMSF; -#ifdef XMLSEC_CRYPTO_NSS - if ( xMSF.is() ) - sCertDir = getMozillaCurrentProfile( xMSF ); -#endif - xmlsec_trace( "Using profile: %s", sCertDir.getStr() ); - - PR_Init( PR_USER_THREAD, PR_PRIORITY_NORMAL, 1 ) ; - - // there might be no profile - if ( sCertDir.getLength() > 0 ) - { - if( NSS_InitReadWrite( sCertDir.getStr() ) != SECSuccess ) - { - xmlsec_trace("Initializing NSS with profile failed."); - char * error = NULL; - - PR_GetErrorText(error); - if (error) - xmlsec_trace("%s",error); - return false ; - } - } - else - { - xmlsec_trace("Initializing NSS without profile."); - if ( NSS_NoDB_Init(NULL) != SECSuccess ) - { - xmlsec_trace("Initializing NSS without profile failed."); - char * error = NULL; - PR_GetErrorText(error); - if (error) - xmlsec_trace("%s",error); - return false ; - } - } - out_nss_init = true; - -#ifdef XMLSEC_CRYPTO_NSS -#if defined SYSTEM_MOZILLA - if (!SECMOD_HasRootCerts()) - { -#endif - deleteRootsModule(); - -#if defined SYSTEM_MOZILLA - OUString rootModule(RTL_CONSTASCII_USTRINGPARAM("libnssckbi"SAL_DLLEXTENSION)); -#else - OUString rootModule(RTL_CONSTASCII_USTRINGPARAM("${OOO_BASE_DIR}/program/libnssckbi"SAL_DLLEXTENSION)); -#endif - ::rtl::Bootstrap::expandMacros(rootModule); - - OUString rootModulePath; - if (::osl::File::E_None == ::osl::File::getSystemPathFromFileURL(rootModule, rootModulePath)) - { - ::rtl::OString ospath = ::rtl::OUStringToOString(rootModulePath, osl_getThreadTextEncoding()); - ::rtl::OStringBuffer pkcs11moduleSpec; - pkcs11moduleSpec.append("name=\""); - pkcs11moduleSpec.append(ROOT_CERTS); - pkcs11moduleSpec.append("\" library=\""); - pkcs11moduleSpec.append(ospath.getStr()); - pkcs11moduleSpec.append("\""); - - SECMODModule * RootsModule = - SECMOD_LoadUserModule( - const_cast<char*>(pkcs11moduleSpec.makeStringAndClear().getStr()), - 0, // no parent - PR_FALSE); // do not recurse - - if (RootsModule) - { - - bool found = RootsModule->loaded; - - SECMOD_DestroyModule(RootsModule); - RootsModule = 0; - if (found) - xmlsec_trace("Added new root certificate module " - "\""ROOT_CERTS"\" contained in \n%s", ospath.getStr()); - else - { - xmlsec_trace("FAILED to load the new root certificate module " - "\""ROOT_CERTS"\" contained in \n%s", ospath.getStr()); - return_value = false; - } - } - else - { - xmlsec_trace("FAILED to add new root certifice module: " - "\""ROOT_CERTS"\" contained in \n%s", ospath.getStr()); - return_value = false; - - } - } - else - { - xmlsec_trace("Adding new root certificate module failed."); - return_value = false; - } -#if SYSTEM_MOZILLA - } -#endif -#endif - - return return_value; -} - - -// must be extern "C" because we pass the function pointer to atexit -extern "C" void nsscrypto_finalize() -{ - SECMODModule *RootsModule = SECMOD_FindModule(ROOT_CERTS); - - if (RootsModule) - { - - if (SECSuccess == SECMOD_UnloadUserModule(RootsModule)) - { - xmlsec_trace("Unloaded module \""ROOT_CERTS"\"."); - } - else - { - xmlsec_trace("Failed unloadeding module \""ROOT_CERTS"\"."); - } - SECMOD_DestroyModule(RootsModule); - } - else - { - xmlsec_trace("Unloading module \""ROOT_CERTS - "\" failed because it was not found."); - } - PK11_LogoutAll(); - NSS_Shutdown(); -} -} // namespace - -ONSSInitializer::ONSSInitializer( - const css::uno::Reference< css::lang::XMultiServiceFactory > &rxMSF) - :mxMSF( rxMSF ) -{ -} - -ONSSInitializer::~ONSSInitializer() -{ -} - -bool ONSSInitializer::initNSS( const css::uno::Reference< css::lang::XMultiServiceFactory > &xMSF ) -{ - return *rtl_Instance< bool, InitNSSInitialize, ::osl::MutexGuard, GetNSSInitStaticMutex > - ::create( InitNSSInitialize( xMSF ), GetNSSInitStaticMutex() ); -} - -css::uno::Reference< css::xml::crypto::XDigestContext > SAL_CALL ONSSInitializer::getDigestContext( ::sal_Int32 nDigestID, const css::uno::Sequence< css::beans::NamedValue >& aParams ) - throw (css::lang::IllegalArgumentException, css::uno::RuntimeException) -{ - SECOidTag nNSSDigestID = SEC_OID_UNKNOWN; - sal_Int32 nDigestLength = 0; - bool b1KData = false; - if ( nDigestID == css::xml::crypto::DigestID::SHA256 - || nDigestID == css::xml::crypto::DigestID::SHA256_1K ) - { - nNSSDigestID = SEC_OID_SHA256; - nDigestLength = 32; - b1KData = ( nDigestID == css::xml::crypto::DigestID::SHA256_1K ); - } - else if ( nDigestID == css::xml::crypto::DigestID::SHA1 - || nDigestID == css::xml::crypto::DigestID::SHA1_1K ) - { - nNSSDigestID = SEC_OID_SHA1; - nDigestLength = 20; - b1KData = ( nDigestID == css::xml::crypto::DigestID::SHA1_1K ); - } - else - throw css::lang::IllegalArgumentException( ::rtl::OUString( RTL_CONSTASCII_USTRINGPARAM( "Unexpected digest requested." ) ), css::uno::Reference< css::uno::XInterface >(), 1 ); - - if ( aParams.getLength() ) - throw css::lang::IllegalArgumentException( ::rtl::OUString( RTL_CONSTASCII_USTRINGPARAM( "Unexpected arguments provided for digest creation." ) ), css::uno::Reference< css::uno::XInterface >(), 2 ); - - css::uno::Reference< css::xml::crypto::XDigestContext > xResult; - if( initNSS( mxMSF ) ) - { - PK11Context* pContext = PK11_CreateDigestContext( nNSSDigestID ); - if ( pContext && PK11_DigestBegin( pContext ) == SECSuccess ) - xResult = new ODigestContext( pContext, nDigestLength, b1KData ); - } - - return xResult; -} - -css::uno::Reference< css::xml::crypto::XCipherContext > SAL_CALL ONSSInitializer::getCipherContext( ::sal_Int32 nCipherID, const css::uno::Sequence< ::sal_Int8 >& aKey, const css::uno::Sequence< ::sal_Int8 >& aInitializationVector, ::sal_Bool bEncryption, const css::uno::Sequence< css::beans::NamedValue >& aParams ) - throw (css::lang::IllegalArgumentException, css::uno::RuntimeException) -{ - CK_MECHANISM_TYPE nNSSCipherID = 0; - bool bW3CPadding = false; - if ( nCipherID == css::xml::crypto::CipherID::AES_CBC_W3C_PADDING ) - { - nNSSCipherID = CKM_AES_CBC; - bW3CPadding = true; - - if ( aKey.getLength() != 16 && aKey.getLength() != 24 && aKey.getLength() != 32 ) - throw css::lang::IllegalArgumentException( ::rtl::OUString( RTL_CONSTASCII_USTRINGPARAM( "Unexpected key length." ) ), css::uno::Reference< css::uno::XInterface >(), 2 ); - - if ( aParams.getLength() ) - throw css::lang::IllegalArgumentException( ::rtl::OUString( RTL_CONSTASCII_USTRINGPARAM( "Unexpected arguments provided for cipher creation." ) ), css::uno::Reference< css::uno::XInterface >(), 5 ); - } - else - throw css::lang::IllegalArgumentException( ::rtl::OUString( RTL_CONSTASCII_USTRINGPARAM( "Unexpected cipher requested." ) ), css::uno::Reference< css::uno::XInterface >(), 1 ); - - css::uno::Reference< css::xml::crypto::XCipherContext > xResult; - if( initNSS( mxMSF ) ) - { - if ( aInitializationVector.getLength() != PK11_GetIVLength( nNSSCipherID ) ) - throw css::lang::IllegalArgumentException( ::rtl::OUString( RTL_CONSTASCII_USTRINGPARAM( "Unexpected length of initialization vector." ) ), css::uno::Reference< css::uno::XInterface >(), 3 ); - - xResult = OCipherContext::Create( nNSSCipherID, aKey, aInitializationVector, bEncryption, bW3CPadding ); - } - - return xResult; -} - -rtl::OUString ONSSInitializer_getImplementationName () - throw (cssu::RuntimeException) -{ - - return rtl::OUString ( RTL_CONSTASCII_USTRINGPARAM ( IMPLEMENTATION_NAME ) ); -} - -sal_Bool SAL_CALL ONSSInitializer_supportsService( const rtl::OUString& ServiceName ) - throw (cssu::RuntimeException) -{ - return ServiceName.equalsAsciiL( RTL_CONSTASCII_STRINGPARAM ( NSS_SERVICE_NAME )); -} - -cssu::Sequence< rtl::OUString > SAL_CALL ONSSInitializer_getSupportedServiceNames( ) - throw (cssu::RuntimeException) -{ - cssu::Sequence < rtl::OUString > aRet(1); - rtl::OUString* pArray = aRet.getArray(); - pArray[0] = rtl::OUString ( RTL_CONSTASCII_USTRINGPARAM ( NSS_SERVICE_NAME ) ); - return aRet; -} - -cssu::Reference< cssu::XInterface > SAL_CALL ONSSInitializer_createInstance( const cssu::Reference< cssl::XMultiServiceFactory > & rSMgr) - throw( cssu::Exception ) -{ - return (cppu::OWeakObject*) new ONSSInitializer( rSMgr ); -} - -/* XServiceInfo */ -rtl::OUString SAL_CALL ONSSInitializer::getImplementationName() - throw (cssu::RuntimeException) -{ - return ONSSInitializer_getImplementationName(); -} -sal_Bool SAL_CALL ONSSInitializer::supportsService( const rtl::OUString& rServiceName ) - throw (cssu::RuntimeException) -{ - return ONSSInitializer_supportsService( rServiceName ); -} -cssu::Sequence< rtl::OUString > SAL_CALL ONSSInitializer::getSupportedServiceNames( ) - throw (cssu::RuntimeException) -{ - return ONSSInitializer_getSupportedServiceNames(); -} - diff --git a/xmlsecurity/source/xmlsec/nss/nssinitializer.hxx b/xmlsecurity/source/xmlsec/nss/nssinitializer.hxx deleted file mode 100644 index 6e7fed190..000000000 --- a/xmlsecurity/source/xmlsec/nss/nssinitializer.hxx +++ /dev/null @@ -1,90 +0,0 @@ -/************************************************************************* - * - * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. - * - * Copyright 2000, 2010 Oracle and/or its affiliates. - * - * OpenOffice.org - a multi-platform office productivity suite - * - * This file is part of OpenOffice.org. - * - * OpenOffice.org is free software: you can redistribute it and/or modify - * it under the terms of the GNU Lesser General Public License version 3 - * only, as published by the Free Software Foundation. - * - * OpenOffice.org is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU Lesser General Public License version 3 for more details - * (a copy is included in the LICENSE file that accompanied this code). - * - * You should have received a copy of the GNU Lesser General Public License - * version 3 along with OpenOffice.org. If not, see - * <http://www.openoffice.org/license.html> - * for a copy of the LGPLv3 License. - * - ************************************************************************/ - -#ifndef _NSSINITIALIZER_HXX -#define _NSSINITIALIZER_HXX - -#include <com/sun/star/xml/crypto/XDigestContextSupplier.hpp> -#include <com/sun/star/xml/crypto/XCipherContextSupplier.hpp> -#include <com/sun/star/lang/XServiceInfo.hpp> -#include <com/sun/star/lang/XMultiServiceFactory.hpp> - -#include <cppuhelper/implbase3.hxx> - -#define NSS_SERVICE_NAME "com.sun.star.xml.crypto.NSSInitializer" - -class ONSSInitializer : public cppu::WeakImplHelper3 -< - ::com::sun::star::xml::crypto::XDigestContextSupplier, - ::com::sun::star::xml::crypto::XCipherContextSupplier, - ::com::sun::star::lang::XServiceInfo -> -{ -protected: - ::com::sun::star::uno::Reference< ::com::sun::star::lang::XMultiServiceFactory > mxMSF; - - ONSSInitializer() - {} - -public: - ONSSInitializer( const ::com::sun::star::uno::Reference< ::com::sun::star::lang::XMultiServiceFactory > &rxMSF ); - virtual ~ONSSInitializer(); - - bool initNSS( const ::com::sun::star::uno::Reference< ::com::sun::star::lang::XMultiServiceFactory > &xMSF ); - - /* XDigestContextSupplier */ - virtual ::com::sun::star::uno::Reference< ::com::sun::star::xml::crypto::XDigestContext > SAL_CALL getDigestContext( ::sal_Int32 nDigestID, const ::com::sun::star::uno::Sequence< ::com::sun::star::beans::NamedValue >& aParams ) throw (::com::sun::star::lang::IllegalArgumentException, ::com::sun::star::uno::RuntimeException); - - /* XCipherContextSupplier */ - virtual ::com::sun::star::uno::Reference< ::com::sun::star::xml::crypto::XCipherContext > SAL_CALL getCipherContext( ::sal_Int32 nCipherID, const ::com::sun::star::uno::Sequence< ::sal_Int8 >& aKey, const ::com::sun::star::uno::Sequence< ::sal_Int8 >& aInitializationVector, ::sal_Bool bEncryption, const ::com::sun::star::uno::Sequence< ::com::sun::star::beans::NamedValue >& aParams ) throw (::com::sun::star::lang::IllegalArgumentException, ::com::sun::star::uno::RuntimeException); - - /* XServiceInfo */ - virtual rtl::OUString SAL_CALL getImplementationName() - throw (::com::sun::star::uno::RuntimeException); - - virtual sal_Bool SAL_CALL supportsService( const rtl::OUString& ServiceName ) - throw (::com::sun::star::uno::RuntimeException); - - virtual ::com::sun::star::uno::Sequence< rtl::OUString > SAL_CALL getSupportedServiceNames() - throw (::com::sun::star::uno::RuntimeException); -}; - -rtl::OUString ONSSInitializer_getImplementationName() - throw ( ::com::sun::star::uno::RuntimeException ); - -sal_Bool SAL_CALL ONSSInitializer_supportsService( const rtl::OUString& ServiceName ) - throw ( ::com::sun::star::uno::RuntimeException ); - -com::sun::star::uno::Sequence< rtl::OUString > SAL_CALL ONSSInitializer_getSupportedServiceNames() - throw ( ::com::sun::star::uno::RuntimeException ); - -com::sun::star::uno::Reference< ::com::sun::star::uno::XInterface > -SAL_CALL ONSSInitializer_createInstance( const ::com::sun::star::uno::Reference< ::com::sun::star::lang::XMultiServiceFactory > & rSMgr ) - throw ( ::com::sun::star::uno::Exception ); - -#endif - diff --git a/xmlsecurity/source/xmlsec/nss/nssrenam.h b/xmlsecurity/source/xmlsec/nss/nssrenam.h deleted file mode 100644 index 903aded42..000000000 --- a/xmlsecurity/source/xmlsec/nss/nssrenam.h +++ /dev/null @@ -1,52 +0,0 @@ -/* -*- Mode: C++; tab-width: 4; indent-tabs-mode: nil; c-basic-offset: 4 -*- */ -/* - * The contents of this file are subject to the Mozilla Public - * License Version 1.1 (the "License"); you may not use this file - * except in compliance with the License. You may obtain a copy of - * the License at http://www.mozilla.org/MPL/ - * - * Software distributed under the License is distributed on an "AS - * IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or - * implied. See the License for the specific language governing - * rights and limitations under the License. - * - * The Original Code is the Netscape security libraries. - * - * The Initial Developer of the Original Code is Netscape - * Communications Corporation. Portions created by Netscape are - * Copyright (C) 2001 Netscape Communications Corporation. All - * Rights Reserved. - * - * Contributor(s): - * - * Alternatively, the contents of this file may be used under the - * terms of the GNU General Public License Version 2 or later (the - * "GPL"), in which case the provisions of the GPL are applicable - * instead of those above. If you wish to allow use of your - * version of this file only under the terms of the GPL and not to - * allow others to use your version of this file under the MPL, - * indicate your decision by deleting the provisions above and - * replace them with the notice and other provisions required by - * the GPL. If you do not delete the provisions above, a recipient - * may use your version of this file under either the MPL or the - * GPL. - */ - -#ifndef __nssrenam_h_ -#define __nssrenam_h_ - -#define CERT_NewTempCertificate __CERT_NewTempCertificate -#define PK11_CreateContextByRawKey __PK11_CreateContextByRawKey -#define PK11_GetKeyData __PK11_GetKeyData -#define nss_InitLock __nss_InitLock -#define CERT_ClosePermCertDB __CERT_ClosePermCertDB -#define CERT_DecodeDERCertificate __CERT_DecodeDERCertificate -#define CERT_TraversePermCertsForNickname __CERT_TraversePermCertsForNickname -#define CERT_TraversePermCertsForSubject __CERT_TraversePermCertsForSubject -#define PBE_CreateContext __PBE_CreateContext -#define PBE_DestroyContext __PBE_DestroyContext -#define PBE_GenerateBits __PBE_GenerateBits - -#endif /* __nssrenam_h_ */ - -/* vim:set shiftwidth=4 softtabstop=4 expandtab: */ diff --git a/xmlsecurity/source/xmlsec/nss/sanextension_nssimpl.cxx b/xmlsecurity/source/xmlsec/nss/sanextension_nssimpl.cxx deleted file mode 100644 index 2c6632112..000000000 --- a/xmlsecurity/source/xmlsec/nss/sanextension_nssimpl.cxx +++ /dev/null @@ -1,244 +0,0 @@ -/************************************************************************* -* -* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. -* -* Copyright 2000, 2010 Oracle and/or its affiliates. -* -* OpenOffice.org - a multi-platform office productivity suite -* -* This file is part of OpenOffice.org. -* -* OpenOffice.org is free software: you can redistribute it and/or modify -* it under the terms of the GNU Lesser General Public License version 3 -* only, as published by the Free Software Foundation. -* -* OpenOffice.org is distributed in the hope that it will be useful, -* but WITHOUT ANY WARRANTY; without even the implied warranty of -* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -* GNU Lesser General Public License version 3 for more details -* (a copy is included in the LICENSE file that accompanied this code). -* -* You should have received a copy of the GNU Lesser General Public License -* version 3 along with OpenOffice.org. If not, see -* <http://www.openoffice.org/license.html> -* for a copy of the LGPLv3 License. -* -************************************************************************/ - -// MARKER(update_precomp.py): autogen include statement, do not remove -#include "precompiled_xmlsecurity.hxx" -#include <sal/config.h> -#include <rtl/uuid.h> -#include <rtl/ustring.hxx> -#include <com/sun/star/security/ExtAltNameType.hpp> -#include <com/sun/star/security/CertAltNameEntry.hpp> -#include <com/sun/star/beans/PropertyValue.hpp> -#include <com/sun/star/uno/Reference.hxx> -#include <comphelper/sequence.hxx> -#include <seccomon.h> -#include <cert.h> -#include <certt.h> -#include <secitem.h> -#include <secport.h> - - -#ifndef _SANEXTENSION_NSSIMPL_HXX_ -#include "sanextension_nssimpl.hxx" -#endif - -using namespace ::com::sun::star; -using namespace ::com::sun::star::uno ; -using namespace ::com::sun::star::security ; -using ::rtl::OUString ; - -using ::com::sun::star::security::XCertificateExtension ; - - -SanExtensionImpl :: SanExtensionImpl() : -m_critical( sal_False ) -{ -} - -SanExtensionImpl :: ~SanExtensionImpl() { -} - - -//Methods from XCertificateExtension -sal_Bool SAL_CALL SanExtensionImpl :: isCritical() throw( ::com::sun::star::uno::RuntimeException ) { - return m_critical ; -} - -::com::sun::star::uno::Sequence< sal_Int8 > SAL_CALL SanExtensionImpl :: getExtensionId() throw( ::com::sun::star::uno::RuntimeException ) { - return m_xExtnId ; -} - -::com::sun::star::uno::Sequence< sal_Int8 > SAL_CALL SanExtensionImpl :: getExtensionValue() throw( ::com::sun::star::uno::RuntimeException ) { - return m_xExtnValue ; -} - -namespace { - // Helper functions from nss/lib/certdb/genname.c - static int GetNamesLength(CERTGeneralName *names) - { - int length = 0; - CERTGeneralName *first; - - first = names; - if (names != NULL) { - do { - length++; - names = CERT_GetNextGeneralName(names); - } while (names != first); - } - return length; - } - -} - -//Methods from XSanExtension -::com::sun::star::uno::Sequence< com::sun::star::security::CertAltNameEntry > SAL_CALL SanExtensionImpl :: getAlternativeNames() throw( ::com::sun::star::uno::RuntimeException ){ - - if (!m_Entries.hasElements()) - { - SECItem item; - - item.type = siDERCertBuffer; - item.data = (unsigned char*) m_xExtnValue.getArray(); - item.len = m_xExtnValue.getLength(); - - PRArenaPool *arena; - CERTGeneralName *nameList; - arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE); - - if (!arena) - return m_Entries; - - nameList = CERT_DecodeAltNameExtension(arena, &item); - - CERTGeneralName* current = nameList; - - int size = GetNamesLength(nameList); - CertAltNameEntry* arrCertAltNameEntry = new CertAltNameEntry[size]; - for(int i = 0; i < size ; i++){ - switch (current->type) { - case certOtherName: { - arrCertAltNameEntry[i].Type = ExtAltNameType_OTHER_NAME; - ::com::sun::star::beans::PropertyValue otherNameProp; - otherNameProp.Name = ::rtl::OUString::createFromAscii(CERT_GetOidString(¤t->name.OthName.oid)); - - Sequence< sal_Int8 > otherName( current->name.OthName.name.len ) ; - for( unsigned int r = 0; r < current->name.OthName.name.len ; r ++ ) - otherName[r] = *( current->name.OthName.name.data + r ) ; - - otherNameProp.Value <<= otherName; - - arrCertAltNameEntry[i].Value <<= otherNameProp; - break; - } - case certRFC822Name: - arrCertAltNameEntry[i].Type = ExtAltNameType_RFC822_NAME; - arrCertAltNameEntry[i].Value <<= ::rtl::OUString((const sal_Char*)current->name.other.data, current->name.other.len, RTL_TEXTENCODING_ASCII_US); - break; - case certDNSName: - arrCertAltNameEntry[i].Type = ExtAltNameType_DNS_NAME; - arrCertAltNameEntry[i].Value <<= ::rtl::OUString((const sal_Char*)current->name.other.data, current->name.other.len, RTL_TEXTENCODING_ASCII_US); - break; - case certX400Address: { - // unsupported - arrCertAltNameEntry[i].Type = ExtAltNameType_X400_ADDRESS; - break; - } - case certDirectoryName: { - // unsupported - arrCertAltNameEntry[i].Type = ExtAltNameType_DIRECTORY_NAME; - break; - } - case certEDIPartyName: { - // unsupported - arrCertAltNameEntry[i].Type = ExtAltNameType_EDI_PARTY_NAME; - break; - } - case certURI: - arrCertAltNameEntry[i].Type = ExtAltNameType_URL; - arrCertAltNameEntry[i].Value <<= ::rtl::OUString((const sal_Char*)current->name.other.data, current->name.other.len, RTL_TEXTENCODING_ASCII_US); - break; - case certIPAddress: { - arrCertAltNameEntry[i].Type = ExtAltNameType_IP_ADDRESS; - - Sequence< sal_Int8 > ipAddress( current->name.other.len ) ; - for( unsigned int r = 0; r < current->name.other.len ; r ++ ) - ipAddress[r] = *( current->name.other.data + r ) ; - - arrCertAltNameEntry[i].Value <<= ipAddress; - break; - } - case certRegisterID: - arrCertAltNameEntry[i].Type = ExtAltNameType_REGISTERED_ID; - - - rtl::OString nssOid = ::rtl::OString(CERT_GetOidString(¤t->name.other)); - rtl::OString unoOid = removeOIDFromString(nssOid); - arrCertAltNameEntry[i].Value <<= rtl::OStringToOUString( unoOid, RTL_TEXTENCODING_ASCII_US ); - break; - } - current = CERT_GetNextGeneralName(current); - } - - m_Entries = ::comphelper::arrayToSequence< com::sun::star::security::CertAltNameEntry >(arrCertAltNameEntry, size); - - delete [] arrCertAltNameEntry; - - PORT_FreeArena(arena, PR_FALSE); - - - } - - return m_Entries; -} - -::rtl::OString SanExtensionImpl :: removeOIDFromString( const ::rtl::OString &oidString) - { - ::rtl::OString objID; - ::rtl::OString oid("OID."); - if (oidString.match(oid)) - objID = oidString.copy(oid.getLength()); - else - objID = oidString; - return objID; - - } -//Helper method -void SanExtensionImpl :: setCertExtn( ::com::sun::star::uno::Sequence< sal_Int8 > extnId, ::com::sun::star::uno::Sequence< sal_Int8 > extnValue, sal_Bool critical ) { - m_critical = critical ; - m_xExtnId = extnId ; - m_xExtnValue = extnValue ; -} - -void SanExtensionImpl :: setCertExtn( unsigned char* value, unsigned int vlen, unsigned char* id, unsigned int idlen, sal_Bool critical ) { - unsigned int i ; - if( value != NULL && vlen != 0 ) { - Sequence< sal_Int8 > extnv( vlen ) ; - for( i = 0; i < vlen ; i ++ ) - extnv[i] = *( value + i ) ; - - m_xExtnValue = extnv ; - } else { - m_xExtnValue = Sequence<sal_Int8>(); - } - - if( id != NULL && idlen != 0 ) { - Sequence< sal_Int8 > extnId( idlen ) ; - for( i = 0; i < idlen ; i ++ ) - extnId[i] = *( id + i ) ; - - m_xExtnId = extnId ; - } else { - m_xExtnId = Sequence<sal_Int8>(); - } - - m_critical = critical ; -} - -void SanExtensionImpl :: extractCertExt () { -} - diff --git a/xmlsecurity/source/xmlsec/nss/sanextension_nssimpl.hxx b/xmlsecurity/source/xmlsec/nss/sanextension_nssimpl.hxx deleted file mode 100644 index 35df8d1d3..000000000 --- a/xmlsecurity/source/xmlsec/nss/sanextension_nssimpl.hxx +++ /dev/null @@ -1,77 +0,0 @@ -/************************************************************************* - * - * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. - * - * Copyright 2000, 2010 Oracle and/or its affiliates. - * - * OpenOffice.org - a multi-platform office productivity suite - * - * This file is part of OpenOffice.org. - * - * OpenOffice.org is free software: you can redistribute it and/or modify - * it under the terms of the GNU Lesser General Public License version 3 - * only, as published by the Free Software Foundation. - * - * OpenOffice.org is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU Lesser General Public License version 3 for more details - * (a copy is included in the LICENSE file that accompanied this code). - * - * You should have received a copy of the GNU Lesser General Public License - * version 3 along with OpenOffice.org. If not, see - * <http://www.openoffice.org/license.html> - * for a copy of the LGPLv3 License. - * - ************************************************************************/ - -#ifndef _SANEXTENSION_NSSIMPL_HXX_ -#define _SANEXTENSION_NSSIMPL_HXX_ - -#include <sal/config.h> -#include <rtl/ustring.hxx> -#include <cppuhelper/factory.hxx> -#include <cppuhelper/implbase1.hxx> -#include <com/sun/star/uno/Exception.hpp> -#include "com/sun/star/uno/SecurityException.hpp" -#include <com/sun/star/uno/Exception.hpp> -#include <com/sun/star/security/XCertificateExtension.hpp> -#include <com/sun/star/security/XSanExtension.hpp> -#include <com/sun/star/security/CertAltNameEntry.hpp> - -class SanExtensionImpl : public ::cppu::WeakImplHelper1< - ::com::sun::star::security::XSanExtension > -{ - private : - sal_Bool m_critical ; - ::com::sun::star::uno::Sequence< sal_Int8 > m_xExtnId ; - ::com::sun::star::uno::Sequence< sal_Int8 > m_xExtnValue ; - ::com::sun::star::uno::Sequence< com::sun::star::security::CertAltNameEntry > m_Entries; - - ::rtl::OString removeOIDFromString( const ::rtl::OString &oid); - - public : - SanExtensionImpl() ; - virtual ~SanExtensionImpl() ; - - //Methods from XCertificateExtension - virtual sal_Bool SAL_CALL isCritical() throw( ::com::sun::star::uno::RuntimeException ) ; - - virtual ::com::sun::star::uno::Sequence< sal_Int8 > SAL_CALL getExtensionId() throw( ::com::sun::star::uno::RuntimeException ) ; - - virtual ::com::sun::star::uno::Sequence< sal_Int8 > SAL_CALL getExtensionValue() throw( ::com::sun::star::uno::RuntimeException ) ; - - //Methods from XSanExtension - - virtual ::com::sun::star::uno::Sequence< com::sun::star::security::CertAltNameEntry > SAL_CALL getAlternativeNames() throw( ::com::sun::star::uno::RuntimeException ) ; - - //Helper method - void setCertExtn( ::com::sun::star::uno::Sequence< sal_Int8 > extnId, ::com::sun::star::uno::Sequence< sal_Int8 > extnValue, sal_Bool critical ) ; - - void setCertExtn( unsigned char* value, unsigned int vlen, unsigned char* id, unsigned int idlen, sal_Bool critical ) ; - - void extractCertExt() ; -} ; - -#endif // _CERTIFICATEEXTENSION_XMLSECIMPL_HXX_ - diff --git a/xmlsecurity/source/xmlsec/nss/secerror.cxx b/xmlsecurity/source/xmlsec/nss/secerror.cxx deleted file mode 100644 index c1a1fa0b6..000000000 --- a/xmlsecurity/source/xmlsec/nss/secerror.cxx +++ /dev/null @@ -1,166 +0,0 @@ -/* -*- Mode: C++; tab-width: 4; indent-tabs-mode: nil; c-basic-offset: 4 -*- */ -/************************************************************************* - * - * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. - * - * Copyright 2008 by Sun Microsystems, Inc. - * - * OpenOffice.org - a multi-platform office productivity suite - * - * This file is part of OpenOffice.org. - * - * OpenOffice.org is free software: you can redistribute it and/or modify - * it under the terms of the GNU Lesser General Public License version 3 - * only, as published by the Free Software Foundation. - * - * OpenOffice.org is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU Lesser General Public License version 3 for more details - * (a copy is included in the LICENSE file that accompanied this code). - * - * You should have received a copy of the GNU Lesser General Public License - * version 3 along with OpenOffice.org. If not, see - * <http://www.openoffice.org/license.html> - * for a copy of the LGPLv3 License. - * - ************************************************************************/ - - -#include "secerr.h" -#include "sslerr.h" -#include "nspr.h" -#include "certt.h" -#include <sal/macros.h> - -#include "../diagnose.hxx" - -using namespace xmlsecurity; - -struct ErrDesc { - PRErrorCode errNum; - const char * errString; -}; - - - -const ErrDesc allDesc[] = { - -#include "certerrors.h" - -}; - - - -/* Returns a UTF-8 encoded constant error string for "errNum". - * Returns NULL of errNum is unknown. - */ -const char * -getCertError(PRErrorCode errNum) -{ - static char sEmpty[] = ""; - const int numDesc = SAL_N_ELEMENTS(allDesc); - for (int i = 0; i < numDesc; i++) - { - if (allDesc[i].errNum == errNum) - return allDesc[i].errString; - } - - return sEmpty; -} - -void -printChainFailure(CERTVerifyLog *log) -{ - unsigned int depth = (unsigned int)-1; - const char * specificError = NULL; - const char * issuer = NULL; - CERTVerifyLogNode *node = NULL; - - if (log->count > 0) - { - xmlsec_trace("Bad certifcation path:"); - unsigned long errorFlags = 0; - for (node = log->head; node; node = node->next) - { - if (depth != node->depth) - { - depth = node->depth; - xmlsec_trace("Certificate: %d. %s %s:", depth, - node->cert->subjectName, - depth ? "[Certificate Authority]": ""); - } - xmlsec_trace(" ERROR %ld: %s", node->error, - getCertError(node->error)); - specificError = NULL; - issuer = NULL; - switch (node->error) - { - case SEC_ERROR_INADEQUATE_KEY_USAGE: - errorFlags = (unsigned long)node->arg; - switch (errorFlags) - { - case KU_DIGITAL_SIGNATURE: - specificError = "Certificate cannot sign."; - break; - case KU_KEY_ENCIPHERMENT: - specificError = "Certificate cannot encrypt."; - break; - case KU_KEY_CERT_SIGN: - specificError = "Certificate cannot sign other certs."; - break; - default: - specificError = "[unknown usage]."; - break; - } - case SEC_ERROR_INADEQUATE_CERT_TYPE: - errorFlags = (unsigned long)node->arg; - switch (errorFlags) - { - case NS_CERT_TYPE_SSL_CLIENT: - case NS_CERT_TYPE_SSL_SERVER: - specificError = "Certificate cannot be used for SSL."; - break; - case NS_CERT_TYPE_SSL_CA: - specificError = "Certificate cannot be used as an SSL CA."; - break; - case NS_CERT_TYPE_EMAIL: - specificError = "Certificate cannot be used for SMIME."; - break; - case NS_CERT_TYPE_EMAIL_CA: - specificError = "Certificate cannot be used as an SMIME CA."; - break; - case NS_CERT_TYPE_OBJECT_SIGNING: - specificError = "Certificate cannot be used for object signing."; - break; - case NS_CERT_TYPE_OBJECT_SIGNING_CA: - specificError = "Certificate cannot be used as an object signing CA."; - break; - default: - specificError = "[unknown usage]."; - break; - } - case SEC_ERROR_UNKNOWN_ISSUER: - specificError = "Unknown issuer:"; - issuer = node->cert->issuerName; - break; - case SEC_ERROR_UNTRUSTED_ISSUER: - specificError = "Untrusted issuer:"; - issuer = node->cert->issuerName; - break; - case SEC_ERROR_EXPIRED_ISSUER_CERTIFICATE: - specificError = "Expired issuer certificate:"; - issuer = node->cert->issuerName; - break; - default: - break; - } - if (specificError) - xmlsec_trace("%s", specificError); - if (issuer) - xmlsec_trace("%s", issuer); - } - } -} - -/* vim:set shiftwidth=4 softtabstop=4 expandtab: */ diff --git a/xmlsecurity/source/xmlsec/nss/secerror.hxx b/xmlsecurity/source/xmlsec/nss/secerror.hxx deleted file mode 100644 index 81c44a200..000000000 --- a/xmlsecurity/source/xmlsec/nss/secerror.hxx +++ /dev/null @@ -1,39 +0,0 @@ -/* -*- Mode: C++; tab-width: 4; indent-tabs-mode: nil; c-basic-offset: 4 -*- */ -/************************************************************************* - * - * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. - * - * Copyright 2008 by Sun Microsystems, Inc. - * - * OpenOffice.org - a multi-platform office productivity suite - * - * This file is part of OpenOffice.org. - * - * OpenOffice.org is free software: you can redistribute it and/or modify - * it under the terms of the GNU Lesser General Public License version 3 - * only, as published by the Free Software Foundation. - * - * OpenOffice.org is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU Lesser General Public License version 3 for more details - * (a copy is included in the LICENSE file that accompanied this code). - * - * You should have received a copy of the GNU Lesser General Public License - * version 3 along with OpenOffice.org. If not, see - * <http://www.openoffice.org/license.html> - * for a copy of the LGPLv3 License. - * - ************************************************************************/ - -#ifndef _XSECERROR_HXX_ -#define _XSECERROR_HXX_ - -const char * -getCertError(PRErrorCode errNum); - -void -printChainFailure(CERTVerifyLog *log); -#endif // _XSECERROR_HXX_ - -/* vim:set shiftwidth=4 softtabstop=4 expandtab: */ diff --git a/xmlsecurity/source/xmlsec/nss/securityenvironment_nssimpl.cxx b/xmlsecurity/source/xmlsec/nss/securityenvironment_nssimpl.cxx deleted file mode 100644 index 9928d5941..000000000 --- a/xmlsecurity/source/xmlsec/nss/securityenvironment_nssimpl.cxx +++ /dev/null @@ -1,1129 +0,0 @@ -/* -*- Mode: C++; tab-width: 4; indent-tabs-mode: nil; c-basic-offset: 4 -*- */ -/************************************************************************* - * - * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. - * - * Copyright 2000, 2010 Oracle and/or its affiliates. - * - * OpenOffice.org - a multi-platform office productivity suite - * - * This file is part of OpenOffice.org. - * - * OpenOffice.org is free software: you can redistribute it and/or modify - * it under the terms of the GNU Lesser General Public License version 3 - * only, as published by the Free Software Foundation. - * - * OpenOffice.org is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU Lesser General Public License version 3 for more details - * (a copy is included in the LICENSE file that accompanied this code). - * - * You should have received a copy of the GNU Lesser General Public License - * version 3 along with OpenOffice.org. If not, see - * <http://www.openoffice.org/license.html> - * for a copy of the LGPLv3 License. - * - ************************************************************************/ - - -// MARKER(update_precomp.py): autogen include statement, do not remove -#include "precompiled_xmlsecurity.hxx" - -//todo before commit: nssrenam.h is not delivered!!! -#include "nssrenam.h" -#include "cert.h" -#include "secerr.h" -#include "ocsp.h" - -#include <sal/config.h> -#include <sal/macros.h> -#include "securityenvironment_nssimpl.hxx" -#include "x509certificate_nssimpl.hxx" -#include <comphelper/servicehelper.hxx> -#include "../diagnose.hxx" - -#include <sal/types.h> -//For reasons that escape me, this is what xmlsec does when size_t is not 4 -#if SAL_TYPES_SIZEOFPOINTER != 4 -# define XMLSEC_NO_SIZE_T -#endif -#include <xmlsec/xmlsec.h> -#include <xmlsec/keysmngr.h> -#include <xmlsec/crypto.h> -#include <xmlsec/base64.h> -#include <xmlsec/strings.h> - -#include <tools/string.hxx> -#include <rtl/ustrbuf.hxx> -#include <comphelper/processfactory.hxx> -#include <cppuhelper/servicefactory.hxx> -#include <comphelper/docpasswordrequest.hxx> -#include <xmlsecurity/biginteger.hxx> -#include <rtl/logfile.h> -#include <com/sun/star/task/XInteractionHandler.hpp> -#include <vector> -#include "boost/scoped_array.hpp" - -#include "secerror.hxx" - -// added for password exception -#include <com/sun/star/security/NoPasswordException.hpp> -namespace csss = ::com::sun::star::security; -using namespace xmlsecurity; -using namespace ::com::sun::star::security; -using namespace com::sun::star; -using namespace ::com::sun::star::uno ; -using namespace ::com::sun::star::lang ; -using ::com::sun::star::lang::XMultiServiceFactory ; -using ::com::sun::star::lang::XSingleServiceFactory ; -using ::rtl::OUString ; - -using ::com::sun::star::xml::crypto::XSecurityEnvironment ; -using ::com::sun::star::security::XCertificate ; - -extern X509Certificate_NssImpl* NssCertToXCert( CERTCertificate* cert ) ; -extern X509Certificate_NssImpl* NssPrivKeyToXCert( SECKEYPrivateKey* ) ; - - -struct UsageDescription -{ - SECCertificateUsage usage; - char const* description; - - UsageDescription() - : usage( certificateUsageCheckAllUsages ) - , description( NULL ) - {} - - UsageDescription( SECCertificateUsage i_usage, char const* i_description ) - : usage( i_usage ) - , description( i_description ) - {} - - UsageDescription( const UsageDescription& aDescription ) - : usage( aDescription.usage ) - , description( aDescription.description ) - {} - - UsageDescription& operator =( const UsageDescription& aDescription ) - { - usage = aDescription.usage; - description = aDescription.description; - return *this; - } -}; - - - -char* GetPasswordFunction( PK11SlotInfo* pSlot, PRBool bRetry, void* /*arg*/ ) -{ - uno::Reference< lang::XMultiServiceFactory > xMSF( ::comphelper::getProcessServiceFactory() ); - if ( xMSF.is() ) - { - uno::Reference < task::XInteractionHandler > xInteractionHandler( - xMSF->createInstance( rtl::OUString(RTL_CONSTASCII_USTRINGPARAM("com.sun.star.task.InteractionHandler")) ), uno::UNO_QUERY ); - - if ( xInteractionHandler.is() ) - { - task::PasswordRequestMode eMode = bRetry ? task::PasswordRequestMode_PASSWORD_REENTER : task::PasswordRequestMode_PASSWORD_ENTER; - ::comphelper::DocPasswordRequest* pPasswordRequest = new ::comphelper::DocPasswordRequest( - ::comphelper::DocPasswordRequestType_STANDARD, eMode, ::rtl::OUString::createFromAscii(PK11_GetTokenName(pSlot)) ); - - uno::Reference< task::XInteractionRequest > xRequest( pPasswordRequest ); - xInteractionHandler->handle( xRequest ); - - if ( pPasswordRequest->isPassword() ) - { - ByteString aPassword = ByteString( String( pPasswordRequest->getPassword() ), gsl_getSystemTextEncoding() ); - sal_uInt16 nLen = aPassword.Len(); - char* pPassword = (char*) PORT_Alloc( nLen+1 ) ; - pPassword[nLen] = 0; - memcpy( pPassword, aPassword.GetBuffer(), nLen ); - return pPassword; - } - } - } - return NULL; -} - -SecurityEnvironment_NssImpl :: SecurityEnvironment_NssImpl( const Reference< XMultiServiceFactory >& ) : -m_pHandler( NULL ) , m_tSymKeyList() , m_tPubKeyList() , m_tPriKeyList() { - - PK11_SetPasswordFunc( GetPasswordFunction ) ; -} - -SecurityEnvironment_NssImpl :: ~SecurityEnvironment_NssImpl() { - - PK11_SetPasswordFunc( NULL ) ; - - for (CIT_SLOTS i = m_Slots.begin(); i != m_Slots.end(); i++) - { - PK11_FreeSlot(*i); - } - - if( !m_tSymKeyList.empty() ) { - std::list< PK11SymKey* >::iterator symKeyIt ; - - for( symKeyIt = m_tSymKeyList.begin() ; symKeyIt != m_tSymKeyList.end() ; ++symKeyIt ) - PK11_FreeSymKey( *symKeyIt ) ; - } - - if( !m_tPubKeyList.empty() ) { - std::list< SECKEYPublicKey* >::iterator pubKeyIt ; - - for( pubKeyIt = m_tPubKeyList.begin() ; pubKeyIt != m_tPubKeyList.end() ; ++pubKeyIt ) - SECKEY_DestroyPublicKey( *pubKeyIt ) ; - } - - if( !m_tPriKeyList.empty() ) { - std::list< SECKEYPrivateKey* >::iterator priKeyIt ; - - for( priKeyIt = m_tPriKeyList.begin() ; priKeyIt != m_tPriKeyList.end() ; ++priKeyIt ) - SECKEY_DestroyPrivateKey( *priKeyIt ) ; - } -} - -/* XInitialization */ -void SAL_CALL SecurityEnvironment_NssImpl :: initialize( const Sequence< Any >& ) throw( Exception, RuntimeException ) { - // TBD -} ; - -/* XServiceInfo */ -OUString SAL_CALL SecurityEnvironment_NssImpl :: getImplementationName() throw( RuntimeException ) { - return impl_getImplementationName() ; -} - -/* XServiceInfo */ -sal_Bool SAL_CALL SecurityEnvironment_NssImpl :: supportsService( const OUString& serviceName) throw( RuntimeException ) { - Sequence< OUString > seqServiceNames = getSupportedServiceNames() ; - const OUString* pArray = seqServiceNames.getConstArray() ; - for( sal_Int32 i = 0 ; i < seqServiceNames.getLength() ; i ++ ) { - if( *( pArray + i ) == serviceName ) - return sal_True ; - } - return sal_False ; -} - -/* XServiceInfo */ -Sequence< OUString > SAL_CALL SecurityEnvironment_NssImpl :: getSupportedServiceNames() throw( RuntimeException ) { - return impl_getSupportedServiceNames() ; -} - -//Helper for XServiceInfo -Sequence< OUString > SecurityEnvironment_NssImpl :: impl_getSupportedServiceNames() { - ::osl::Guard< ::osl::Mutex > aGuard( ::osl::Mutex::getGlobalMutex() ) ; - Sequence< OUString > seqServiceNames( 1 ) ; - seqServiceNames.getArray()[0] = OUString(RTL_CONSTASCII_USTRINGPARAM("com.sun.star.xml.crypto.SecurityEnvironment")) ; - return seqServiceNames ; -} - -OUString SecurityEnvironment_NssImpl :: impl_getImplementationName() throw( RuntimeException ) { - return OUString(RTL_CONSTASCII_USTRINGPARAM("com.sun.star.xml.security.bridge.xmlsec.SecurityEnvironment_NssImpl")) ; -} - -//Helper for registry -Reference< XInterface > SAL_CALL SecurityEnvironment_NssImpl :: impl_createInstance( const Reference< XMultiServiceFactory >& aServiceManager ) throw( RuntimeException ) { - return Reference< XInterface >( *new SecurityEnvironment_NssImpl( aServiceManager ) ) ; -} - -Reference< XSingleServiceFactory > SecurityEnvironment_NssImpl :: impl_createFactory( const Reference< XMultiServiceFactory >& aServiceManager ) { - return ::cppu::createSingleFactory( aServiceManager , impl_getImplementationName() , impl_createInstance , impl_getSupportedServiceNames() ) ; -} - -/* XUnoTunnel */ -sal_Int64 SAL_CALL SecurityEnvironment_NssImpl :: getSomething( const Sequence< sal_Int8 >& aIdentifier ) - throw( RuntimeException ) -{ - if( aIdentifier.getLength() == 16 && 0 == rtl_compareMemory( getUnoTunnelId().getConstArray(), aIdentifier.getConstArray(), 16 ) ) { - return sal::static_int_cast<sal_Int64>(reinterpret_cast<sal_uIntPtr>(this)); - } - return 0 ; -} - -/* XUnoTunnel extension */ - -namespace -{ - class theSecurityEnvironment_NssImplUnoTunnelId : public rtl::Static< UnoTunnelIdInit, theSecurityEnvironment_NssImplUnoTunnelId > {}; -} - -const Sequence< sal_Int8>& SecurityEnvironment_NssImpl :: getUnoTunnelId() { - return theSecurityEnvironment_NssImplUnoTunnelId::get().getSeq(); -} - -/* XUnoTunnel extension */ -SecurityEnvironment_NssImpl* SecurityEnvironment_NssImpl :: getImplementation( const Reference< XInterface > xObj ) { - Reference< XUnoTunnel > xUT( xObj , UNO_QUERY ) ; - if( xUT.is() ) { - return reinterpret_cast<SecurityEnvironment_NssImpl*>( - sal::static_int_cast<sal_uIntPtr>(xUT->getSomething( getUnoTunnelId() ))) ; - } else - return NULL ; -} - - -::rtl::OUString SecurityEnvironment_NssImpl::getSecurityEnvironmentInformation() throw( ::com::sun::star::uno::RuntimeException ) -{ - rtl::OUString result; - ::rtl::OUStringBuffer buff; - for (CIT_SLOTS is = m_Slots.begin(); is != m_Slots.end(); is++) - { - buff.append(rtl::OUString::createFromAscii(PK11_GetTokenName(*is))); - buff.appendAscii("\n"); - } - return buff.makeStringAndClear(); -} - -void SecurityEnvironment_NssImpl::addCryptoSlot( PK11SlotInfo* aSlot) throw( Exception , RuntimeException ) -{ - PK11_ReferenceSlot(aSlot); - m_Slots.push_back(aSlot); -} - -CERTCertDBHandle* SecurityEnvironment_NssImpl :: getCertDb() throw( Exception , RuntimeException ) { - return m_pHandler ; -} - -//Could we have multiple cert dbs? -void SecurityEnvironment_NssImpl :: setCertDb( CERTCertDBHandle* aCertDb ) throw( Exception , RuntimeException ) { - m_pHandler = aCertDb ; -} - -void SecurityEnvironment_NssImpl :: adoptSymKey( PK11SymKey* aSymKey ) throw( Exception , RuntimeException ) { - PK11SymKey* symkey ; - std::list< PK11SymKey* >::iterator keyIt ; - - if( aSymKey != NULL ) { - //First try to find the key in the list - for( keyIt = m_tSymKeyList.begin() ; keyIt != m_tSymKeyList.end() ; ++keyIt ) { - if( *keyIt == aSymKey ) - return ; - } - - //If we do not find the key in the list, add a new node - symkey = PK11_ReferenceSymKey( aSymKey ) ; - if( symkey == NULL ) - throw RuntimeException() ; - - try { - m_tSymKeyList.push_back( symkey ) ; - } catch ( Exception& ) { - PK11_FreeSymKey( symkey ) ; - } - } -} - -void SecurityEnvironment_NssImpl :: rejectSymKey( PK11SymKey* aSymKey ) throw( Exception , RuntimeException ) { - PK11SymKey* symkey ; - std::list< PK11SymKey* >::iterator keyIt ; - - if( aSymKey != NULL ) { - for( keyIt = m_tSymKeyList.begin() ; keyIt != m_tSymKeyList.end() ; ++keyIt ) { - if( *keyIt == aSymKey ) { - symkey = *keyIt ; - PK11_FreeSymKey( symkey ) ; - m_tSymKeyList.erase( keyIt ) ; - break ; - } - } - } -} - -PK11SymKey* SecurityEnvironment_NssImpl :: getSymKey( unsigned int position ) throw( Exception , RuntimeException ) { - PK11SymKey* symkey ; - std::list< PK11SymKey* >::iterator keyIt ; - unsigned int pos ; - - symkey = NULL ; - for( pos = 0, keyIt = m_tSymKeyList.begin() ; pos < position && keyIt != m_tSymKeyList.end() ; pos ++ , keyIt ++ ) ; - - if( pos == position && keyIt != m_tSymKeyList.end() ) - symkey = *keyIt ; - - return symkey ; -} - -void SecurityEnvironment_NssImpl :: adoptPubKey( SECKEYPublicKey* aPubKey ) throw( Exception , RuntimeException ) { - SECKEYPublicKey* pubkey ; - std::list< SECKEYPublicKey* >::iterator keyIt ; - - if( aPubKey != NULL ) { - //First try to find the key in the list - for( keyIt = m_tPubKeyList.begin() ; keyIt != m_tPubKeyList.end() ; ++keyIt ) { - if( *keyIt == aPubKey ) - return ; - } - - //If we do not find the key in the list, add a new node - pubkey = SECKEY_CopyPublicKey( aPubKey ) ; - if( pubkey == NULL ) - throw RuntimeException() ; - - try { - m_tPubKeyList.push_back( pubkey ) ; - } catch ( Exception& ) { - SECKEY_DestroyPublicKey( pubkey ) ; - } - } -} - -void SecurityEnvironment_NssImpl :: rejectPubKey( SECKEYPublicKey* aPubKey ) throw( Exception , RuntimeException ) { - SECKEYPublicKey* pubkey ; - std::list< SECKEYPublicKey* >::iterator keyIt ; - - if( aPubKey != NULL ) { - for( keyIt = m_tPubKeyList.begin() ; keyIt != m_tPubKeyList.end() ; ++keyIt ) { - if( *keyIt == aPubKey ) { - pubkey = *keyIt ; - SECKEY_DestroyPublicKey( pubkey ) ; - m_tPubKeyList.erase( keyIt ) ; - break ; - } - } - } -} - -SECKEYPublicKey* SecurityEnvironment_NssImpl :: getPubKey( unsigned int position ) throw( Exception , RuntimeException ) { - SECKEYPublicKey* pubkey ; - std::list< SECKEYPublicKey* >::iterator keyIt ; - unsigned int pos ; - - pubkey = NULL ; - for( pos = 0, keyIt = m_tPubKeyList.begin() ; pos < position && keyIt != m_tPubKeyList.end() ; pos ++ , keyIt ++ ) ; - - if( pos == position && keyIt != m_tPubKeyList.end() ) - pubkey = *keyIt ; - - return pubkey ; -} - -void SecurityEnvironment_NssImpl :: adoptPriKey( SECKEYPrivateKey* aPriKey ) throw( Exception , RuntimeException ) { - SECKEYPrivateKey* prikey ; - std::list< SECKEYPrivateKey* >::iterator keyIt ; - - if( aPriKey != NULL ) { - //First try to find the key in the list - for( keyIt = m_tPriKeyList.begin() ; keyIt != m_tPriKeyList.end() ; ++keyIt ) { - if( *keyIt == aPriKey ) - return ; - } - - //If we do not find the key in the list, add a new node - prikey = SECKEY_CopyPrivateKey( aPriKey ) ; - if( prikey == NULL ) - throw RuntimeException() ; - - try { - m_tPriKeyList.push_back( prikey ) ; - } catch ( Exception& ) { - SECKEY_DestroyPrivateKey( prikey ) ; - } - } -} - -void SecurityEnvironment_NssImpl :: rejectPriKey( SECKEYPrivateKey* aPriKey ) throw( Exception , RuntimeException ) { - SECKEYPrivateKey* prikey ; - std::list< SECKEYPrivateKey* >::iterator keyIt ; - - if( aPriKey != NULL ) { - for( keyIt = m_tPriKeyList.begin() ; keyIt != m_tPriKeyList.end() ; ++keyIt ) { - if( *keyIt == aPriKey ) { - prikey = *keyIt ; - SECKEY_DestroyPrivateKey( prikey ) ; - m_tPriKeyList.erase( keyIt ) ; - break ; - } - } - } -} - -SECKEYPrivateKey* SecurityEnvironment_NssImpl :: getPriKey( unsigned int position ) throw( ::com::sun::star::uno::Exception , ::com::sun::star::uno::RuntimeException ) { - SECKEYPrivateKey* prikey ; - std::list< SECKEYPrivateKey* >::iterator keyIt ; - unsigned int pos ; - - prikey = NULL ; - for( pos = 0, keyIt = m_tPriKeyList.begin() ; pos < position && keyIt != m_tPriKeyList.end() ; pos ++ , keyIt ++ ) ; - - if( pos == position && keyIt != m_tPriKeyList.end() ) - prikey = *keyIt ; - - return prikey ; -} - -void SecurityEnvironment_NssImpl::updateSlots() -{ - //In case new tokens are present then we can obtain the corresponding slot - PK11SlotList * soltList = NULL; - PK11SlotListElement * soltEle = NULL; - PK11SlotInfo * pSlot = NULL; - PK11SymKey * pSymKey = NULL; - - osl::MutexGuard guard(m_mutex); - - m_Slots.clear(); - m_tSymKeyList.clear(); - - soltList = PK11_GetAllTokens( CKM_INVALID_MECHANISM, PR_FALSE, PR_FALSE, NULL ) ; - if( soltList != NULL ) - { - for( soltEle = soltList->head ; soltEle != NULL; soltEle = soltEle->next ) - { - pSlot = soltEle->slot ; - - if(pSlot != NULL) - { - RTL_LOGFILE_TRACE2( "XMLSEC: Found a slot: SlotName=%s, TokenName=%s", PK11_GetSlotName(pSlot), PK11_GetTokenName(pSlot) ); - -//The following code which is commented out checks if a slot, that is a smart card for example, is -// able to generate a symmetric key of type CKM_DES3_CBC. If this fails then this token -// will not be used. This key is possibly used for the encryption service. However, all -// interfaces and services used for public key signature and encryption are not published -// and the encryption is not used in OOo. Therefore it does not do any harm to remove -// this code, hence allowing smart cards which cannot generate this type of key. -// -// By doing this, the encryption may fail if a smart card is being used which does not -// support this key generation. -// - pSymKey = PK11_KeyGen( pSlot , CKM_DES3_CBC, NULL, 128, NULL ) ; -// if( pSymKey == NULL ) -// { -// PK11_FreeSlot( pSlot ) ; -// RTL_LOGFILE_TRACE( "XMLSEC: Error - pSymKey is NULL" ); -// continue; -// } - addCryptoSlot(pSlot); - PK11_FreeSlot( pSlot ) ; - pSlot = NULL; - - if (pSymKey != NULL) - { - adoptSymKey( pSymKey ) ; - PK11_FreeSymKey( pSymKey ) ; - pSymKey = NULL; - } - - }// end of if(pSlot != NULL) - }// end of for - }// end of if( soltList != NULL ) - -} - - -Sequence< Reference < XCertificate > > -SecurityEnvironment_NssImpl::getPersonalCertificates() throw( SecurityException , RuntimeException ) -{ - sal_Int32 length ; - X509Certificate_NssImpl* xcert ; - std::list< X509Certificate_NssImpl* > certsList ; - - updateSlots(); - //firstly, we try to find private keys in slot - for (CIT_SLOTS is = m_Slots.begin(); is != m_Slots.end(); is++) - { - PK11SlotInfo *slot = *is; - SECKEYPrivateKeyList* priKeyList ; - SECKEYPrivateKeyListNode* curPri ; - - if( PK11_NeedLogin(slot ) ) { - SECStatus nRet = PK11_Authenticate(slot, PR_TRUE, NULL); - //PK11_Authenticate may fail in case the a slot has not been initialized. - //this is the case if the user has a new profile, so that they have never - //added a personal certificate. - if( nRet != SECSuccess && PORT_GetError() != SEC_ERROR_IO) { - throw NoPasswordException(); - } - } - - priKeyList = PK11_ListPrivateKeysInSlot(slot) ; - if( priKeyList != NULL ) { - for( curPri = PRIVKEY_LIST_HEAD( priKeyList ); - !PRIVKEY_LIST_END( curPri, priKeyList ) && curPri != NULL ; - curPri = PRIVKEY_LIST_NEXT( curPri ) ) { - xcert = NssPrivKeyToXCert( curPri->key ) ; - if( xcert != NULL ) - certsList.push_back( xcert ) ; - } - } - - SECKEY_DestroyPrivateKeyList( priKeyList ) ; - } - - //secondly, we try to find certificate from registered private keys. - if( !m_tPriKeyList.empty() ) { - std::list< SECKEYPrivateKey* >::iterator priKeyIt ; - - for( priKeyIt = m_tPriKeyList.begin() ; priKeyIt != m_tPriKeyList.end() ; ++priKeyIt ) { - xcert = NssPrivKeyToXCert( *priKeyIt ) ; - if( xcert != NULL ) - certsList.push_back( xcert ) ; - } - } - - length = certsList.size() ; - if( length != 0 ) { - int i ; - std::list< X509Certificate_NssImpl* >::iterator xcertIt ; - Sequence< Reference< XCertificate > > certSeq( length ) ; - - for( i = 0, xcertIt = certsList.begin(); xcertIt != certsList.end(); ++xcertIt, ++i ) { - certSeq[i] = *xcertIt ; - } - - return certSeq ; - } - - return Sequence< Reference < XCertificate > > (); -} - -Reference< XCertificate > SecurityEnvironment_NssImpl :: getCertificate( const OUString& issuerName, const Sequence< sal_Int8 >& serialNumber ) throw( SecurityException , RuntimeException ) -{ - X509Certificate_NssImpl* xcert = NULL; - - if( m_pHandler != NULL ) { - CERTIssuerAndSN issuerAndSN ; - CERTCertificate* cert ; - CERTName* nmIssuer ; - char* chIssuer ; - SECItem* derIssuer ; - PRArenaPool* arena ; - - arena = PORT_NewArena( DER_DEFAULT_CHUNKSIZE ) ; - if( arena == NULL ) - throw RuntimeException() ; - - // Create cert info from issue and serial - rtl::OString ostr = rtl::OUStringToOString( issuerName , RTL_TEXTENCODING_UTF8 ) ; - chIssuer = PL_strndup( ( char* )ostr.getStr(), ( int )ostr.getLength() ) ; - nmIssuer = CERT_AsciiToName( chIssuer ) ; - if( nmIssuer == NULL ) { - PL_strfree( chIssuer ) ; - PORT_FreeArena( arena, PR_FALSE ) ; - return NULL; // no need for exception cf. i40394 - } - - derIssuer = SEC_ASN1EncodeItem( arena, NULL, ( void* )nmIssuer, SEC_ASN1_GET( CERT_NameTemplate ) ) ; - if( derIssuer == NULL ) { - PL_strfree( chIssuer ) ; - CERT_DestroyName( nmIssuer ) ; - PORT_FreeArena( arena, PR_FALSE ) ; - throw RuntimeException() ; - } - - memset( &issuerAndSN, 0, sizeof( issuerAndSN ) ) ; - - issuerAndSN.derIssuer.data = derIssuer->data ; - issuerAndSN.derIssuer.len = derIssuer->len ; - - issuerAndSN.serialNumber.data = ( unsigned char* )&serialNumber[0] ; - issuerAndSN.serialNumber.len = serialNumber.getLength() ; - - cert = CERT_FindCertByIssuerAndSN( m_pHandler, &issuerAndSN ) ; - if( cert != NULL ) { - xcert = NssCertToXCert( cert ) ; - } else { - xcert = NULL ; - } - - PL_strfree( chIssuer ) ; - CERT_DestroyName( nmIssuer ) ; - //SECITEM_FreeItem( derIssuer, PR_FALSE ) ; - CERT_DestroyCertificate( cert ) ; - PORT_FreeArena( arena, PR_FALSE ) ; - } else { - xcert = NULL ; - } - - return xcert ; -} - -Reference< XCertificate > SecurityEnvironment_NssImpl :: getCertificate( const OUString& issuerName, const OUString& serialNumber ) throw( SecurityException , RuntimeException ) { - Sequence< sal_Int8 > serial = numericStringToBigInteger( serialNumber ) ; - return getCertificate( issuerName, serial ) ; -} - -Sequence< Reference < XCertificate > > SecurityEnvironment_NssImpl :: buildCertificatePath( const Reference< XCertificate >& begin ) throw( SecurityException , RuntimeException ) { - const X509Certificate_NssImpl* xcert ; - const CERTCertificate* cert ; - CERTCertList* certChain ; - - Reference< XUnoTunnel > xCertTunnel( begin, UNO_QUERY ) ; - if( !xCertTunnel.is() ) { - throw RuntimeException() ; - } - - xcert = reinterpret_cast<X509Certificate_NssImpl*>( - sal::static_int_cast<sal_uIntPtr>(xCertTunnel->getSomething( X509Certificate_NssImpl::getUnoTunnelId() ))) ; - if( xcert == NULL ) { - throw RuntimeException() ; - } - - cert = xcert->getNssCert() ; - if( cert != NULL ) { - int64 timeboundary ; - - //Get the system clock time - timeboundary = PR_Now() ; - - certChain = CERT_GetCertChainFromCert( ( CERTCertificate* )cert, timeboundary, certUsageAnyCA ) ; - } else { - certChain = NULL ; - } - - if( certChain != NULL ) { - X509Certificate_NssImpl* pCert ; - CERTCertListNode* node ; - int len ; - - for( len = 0, node = CERT_LIST_HEAD( certChain ); !CERT_LIST_END( node, certChain ); node = CERT_LIST_NEXT( node ), len ++ ) ; - Sequence< Reference< XCertificate > > xCertChain( len ) ; - - for( len = 0, node = CERT_LIST_HEAD( certChain ); !CERT_LIST_END( node, certChain ); node = CERT_LIST_NEXT( node ), len ++ ) { - pCert = new X509Certificate_NssImpl() ; - if( pCert == NULL ) { - CERT_DestroyCertList( certChain ) ; - throw RuntimeException() ; - } - - pCert->setCert( node->cert ) ; - - xCertChain[len] = pCert ; - } - - CERT_DestroyCertList( certChain ) ; - - return xCertChain ; - } - - return Sequence< Reference < XCertificate > >(); -} - -Reference< XCertificate > SecurityEnvironment_NssImpl :: createCertificateFromRaw( const Sequence< sal_Int8 >& rawCertificate ) throw( SecurityException , RuntimeException ) { - X509Certificate_NssImpl* xcert ; - - if( rawCertificate.getLength() > 0 ) { - xcert = new X509Certificate_NssImpl() ; - if( xcert == NULL ) - throw RuntimeException() ; - - xcert->setRawCert( rawCertificate ) ; - } else { - xcert = NULL ; - } - - return xcert ; -} - -Reference< XCertificate > SecurityEnvironment_NssImpl :: createCertificateFromAscii( const OUString& asciiCertificate ) throw( SecurityException , RuntimeException ) { - xmlChar* chCert ; - xmlSecSize certSize ; - - rtl::OString oscert = rtl::OUStringToOString( asciiCertificate , RTL_TEXTENCODING_ASCII_US ) ; - - chCert = xmlStrndup( ( const xmlChar* )oscert.getStr(), ( int )oscert.getLength() ) ; - - certSize = xmlSecBase64Decode( chCert, ( xmlSecByte* )chCert, xmlStrlen( chCert ) ) ; - - Sequence< sal_Int8 > rawCert( certSize ) ; - for( unsigned int i = 0 ; i < certSize ; i ++ ) - rawCert[i] = *( chCert + i ) ; - - xmlFree( chCert ) ; - - return createCertificateFromRaw( rawCert ) ; -} - -sal_Int32 SecurityEnvironment_NssImpl :: -verifyCertificate( const Reference< csss::XCertificate >& aCert, - const Sequence< Reference< csss::XCertificate > >& intermediateCerts ) - throw( ::com::sun::star::uno::SecurityException, ::com::sun::star::uno::RuntimeException ) -{ - sal_Int32 validity = csss::CertificateValidity::INVALID; - const X509Certificate_NssImpl* xcert ; - const CERTCertificate* cert ; - ::std::vector<CERTCertificate*> vecTmpNSSCertificates; - Reference< XUnoTunnel > xCertTunnel( aCert, UNO_QUERY ) ; - if( !xCertTunnel.is() ) { - throw RuntimeException() ; - } - - xmlsec_trace("Start verification of certificate: \n %s \n", - OUStringToOString( - aCert->getSubjectName(), osl_getThreadTextEncoding()).getStr()); - - xcert = reinterpret_cast<X509Certificate_NssImpl*>( - sal::static_int_cast<sal_uIntPtr>(xCertTunnel->getSomething( X509Certificate_NssImpl::getUnoTunnelId() ))) ; - if( xcert == NULL ) { - throw RuntimeException() ; - } - - //CERT_PKIXVerifyCert does not take a db as argument. It will therefore - //internally use CERT_GetDefaultCertDB - //Make sure m_pHandler is the default DB - OSL_ASSERT(m_pHandler == CERT_GetDefaultCertDB()); - CERTCertDBHandle * certDb = m_pHandler != NULL ? m_pHandler : CERT_GetDefaultCertDB(); - cert = xcert->getNssCert() ; - if( cert != NULL ) - { - - //prepare the intermediate certificates - for (sal_Int32 i = 0; i < intermediateCerts.getLength(); i++) - { - Sequence<sal_Int8> der = intermediateCerts[i]->getEncoded(); - SECItem item; - item.type = siBuffer; - item.data = (unsigned char*)der.getArray(); - item.len = der.getLength(); - - CERTCertificate* certTmp = CERT_NewTempCertificate(certDb, &item, - NULL /* nickname */, - PR_FALSE /* isPerm */, - PR_TRUE /* copyDER */); - if (!certTmp) - { - xmlsec_trace("Failed to add a temporary certificate: %s", - OUStringToOString(intermediateCerts[i]->getIssuerName(), - osl_getThreadTextEncoding()).getStr()); - - } - else - { - xmlsec_trace("Added temporary certificate: %s", - certTmp->subjectName ? certTmp->subjectName : ""); - vecTmpNSSCertificates.push_back(certTmp); - } - } - - - SECStatus status ; - - CERTVerifyLog log; - log.arena = PORT_NewArena(512); - log.head = log.tail = NULL; - log.count = 0; - - CERT_EnableOCSPChecking(certDb); - CERT_DisableOCSPDefaultResponder(certDb); - CERTValOutParam cvout[5]; - CERTValInParam cvin[3]; - int ncvinCount=0; - -#if ( NSS_VMAJOR > 3 ) || ( NSS_VMAJOR == 3 && NSS_VMINOR > 12 ) || ( NSS_VMAJOR == 3 && NSS_VMINOR == 12 && NSS_VPATCH > 0 ) - cvin[ncvinCount].type = cert_pi_useAIACertFetch; - cvin[ncvinCount].value.scalar.b = PR_TRUE; - ncvinCount++; -#endif - - PRUint64 revFlagsLeaf[2]; - PRUint64 revFlagsChain[2]; - CERTRevocationFlags rev; - rev.leafTests.number_of_defined_methods = 2; - rev.leafTests.cert_rev_flags_per_method = revFlagsLeaf; - //the flags are defined in cert.h - //We check both leaf and chain. - //It is enough if one revocation method has fresh info, - //but at least one must have some. Otherwise validation fails. - //!!! using leaf test and CERT_REV_MI_REQUIRE_SOME_FRESH_INFO_AVAILABLE - // when validating a root certificate will result in "revoked". Usually - //there is no revocation information available for the root cert because - //it must be trusted anyway and it does itself issue revocation information. - //When we use the flag here and OOo shows the certification path then the root - //cert is invalid while all other can be valid. It would probably best if - //this interface method returned the whole chain. - //Otherwise we need to check if the certificate is self-signed and if it is - //then not use the flag when doing the leaf-test. - rev.leafTests.cert_rev_flags_per_method[cert_revocation_method_crl] = - CERT_REV_M_TEST_USING_THIS_METHOD - | CERT_REV_M_IGNORE_IMPLICIT_DEFAULT_SOURCE; - rev.leafTests.cert_rev_flags_per_method[cert_revocation_method_ocsp] = - CERT_REV_M_TEST_USING_THIS_METHOD - | CERT_REV_M_IGNORE_IMPLICIT_DEFAULT_SOURCE; - rev.leafTests.number_of_preferred_methods = 0; - rev.leafTests.preferred_methods = NULL; - rev.leafTests.cert_rev_method_independent_flags = - CERT_REV_MI_TEST_ALL_LOCAL_INFORMATION_FIRST; - - rev.chainTests.number_of_defined_methods = 2; - rev.chainTests.cert_rev_flags_per_method = revFlagsChain; - rev.chainTests.cert_rev_flags_per_method[cert_revocation_method_crl] = - CERT_REV_M_TEST_USING_THIS_METHOD - | CERT_REV_M_IGNORE_IMPLICIT_DEFAULT_SOURCE; - rev.chainTests.cert_rev_flags_per_method[cert_revocation_method_ocsp] = - CERT_REV_M_TEST_USING_THIS_METHOD - | CERT_REV_M_IGNORE_IMPLICIT_DEFAULT_SOURCE; - rev.chainTests.number_of_preferred_methods = 0; - rev.chainTests.preferred_methods = NULL; - rev.chainTests.cert_rev_method_independent_flags = - CERT_REV_MI_TEST_ALL_LOCAL_INFORMATION_FIRST; - - - cvin[ncvinCount].type = cert_pi_revocationFlags; - cvin[ncvinCount].value.pointer.revocation = &rev; - ncvinCount++; - // does not work, not implemented yet in 3.12.4 -// cvin[ncvinCount].type = cert_pi_keyusage; -// cvin[ncvinCount].value.scalar.ui = KU_DIGITAL_SIGNATURE; -// ncvinCount++; - cvin[ncvinCount].type = cert_pi_end; - - cvout[0].type = cert_po_trustAnchor; - cvout[0].value.pointer.cert = NULL; - cvout[1].type = cert_po_errorLog; - cvout[1].value.pointer.log = &log; - cvout[2].type = cert_po_end; - - // We check SSL server certificates, CA certificates and signing sertificates. - // - // ToDo check keyusage, looking at CERT_KeyUsageAndTypeForCertUsage ( - // mozilla/security/nss/lib/certdb/certdb.c indicates that - // certificateUsageSSLClient, certificateUsageSSLServer and certificateUsageSSLCA - // are sufficient. They cover the key usages for digital signature, key agreement - // and encipherment and certificate signature - - //never use the following usages because they are not checked properly - // certificateUsageUserCertImport - // certificateUsageVerifyCA - // certificateUsageAnyCA - // certificateUsageProtectedObjectSigner - - UsageDescription arUsages[5]; - arUsages[0] = UsageDescription( certificateUsageSSLClient, "certificateUsageSSLClient" ); - arUsages[1] = UsageDescription( certificateUsageSSLServer, "certificateUsageSSLServer" ); - arUsages[2] = UsageDescription( certificateUsageSSLCA, "certificateUsageSSLCA" ); - arUsages[3] = UsageDescription( certificateUsageEmailSigner, "certificateUsageEmailSigner" ); - arUsages[4] = UsageDescription( certificateUsageEmailRecipient, "certificateUsageEmailRecipient" ); - - int numUsages = SAL_N_ELEMENTS(arUsages); - for (int i = 0; i < numUsages; i++) - { - xmlsec_trace("Testing usage %d of %d: %s (0x%x)", i + 1, - numUsages, arUsages[i].description, (int) arUsages[i].usage); - - status = CERT_PKIXVerifyCert(const_cast<CERTCertificate *>(cert), arUsages[i].usage, - cvin, cvout, NULL); - if( status == SECSuccess ) - { - xmlsec_trace("CERT_PKIXVerifyCert returned SECSuccess."); - //When an intermediate or root certificate is checked then we expect the usage - //certificateUsageSSLCA. This, however, will be only set when in the trust settings dialog - //the button "This certificate can identify websites" is checked. If for example only - //"This certificate can identify mail users" is set then the end certificate can - //be validated and the returned usage will conain certificateUsageEmailRecipient. - //But checking directly the root or intermediate certificate will fail. In the - //certificate path view the end certificate will be shown as valid but the others - //will be displayed as invalid. - - validity = csss::CertificateValidity::VALID; - xmlsec_trace("Certificate is valid.\n"); - CERTCertificate * issuerCert = cvout[0].value.pointer.cert; - if (issuerCert) - { - xmlsec_trace("Root certificate: %s", issuerCert->subjectName); - CERT_DestroyCertificate(issuerCert); - }; - - break; - } - else - { - PRIntn err = PR_GetError(); - xmlsec_trace("Error: , %d = %s", err, getCertError(err)); - - /* Display validation results */ - if ( log.count > 0) - { - CERTVerifyLogNode *node = NULL; - printChainFailure(&log); - - for (node = log.head; node; node = node->next) { - if (node->cert) - CERT_DestroyCertificate(node->cert); - } - log.head = log.tail = NULL; - log.count = 0; - } - xmlsec_trace("Certificate is invalid.\n"); - } - } - - } - else - { - validity = ::com::sun::star::security::CertificateValidity::INVALID ; - } - - //Destroying the temporary certificates - std::vector<CERTCertificate*>::const_iterator cert_i; - for (cert_i = vecTmpNSSCertificates.begin(); cert_i != vecTmpNSSCertificates.end(); ++cert_i) - { - xmlsec_trace("Destroying temporary certificate"); - CERT_DestroyCertificate(*cert_i); - } - return validity ; -} - -sal_Int32 SecurityEnvironment_NssImpl::getCertificateCharacters( - const ::com::sun::star::uno::Reference< ::com::sun::star::security::XCertificate >& aCert ) throw( ::com::sun::star::uno::SecurityException, ::com::sun::star::uno::RuntimeException ) { - sal_Int32 characters ; - const X509Certificate_NssImpl* xcert ; - const CERTCertificate* cert ; - - Reference< XUnoTunnel > xCertTunnel( aCert, UNO_QUERY ) ; - if( !xCertTunnel.is() ) { - throw RuntimeException() ; - } - - xcert = reinterpret_cast<X509Certificate_NssImpl*>( - sal::static_int_cast<sal_uIntPtr>(xCertTunnel->getSomething( X509Certificate_NssImpl::getUnoTunnelId() ))) ; - if( xcert == NULL ) { - throw RuntimeException() ; - } - - cert = xcert->getNssCert() ; - - characters = 0x00000000 ; - - //Firstly, find out whether or not the cert is self-signed. - if( SECITEM_CompareItem( &(cert->derIssuer), &(cert->derSubject) ) == SECEqual ) { - characters |= ::com::sun::star::security::CertificateCharacters::SELF_SIGNED ; - } else { - characters &= ~ ::com::sun::star::security::CertificateCharacters::SELF_SIGNED ; - } - - //Secondly, find out whether or not the cert has a private key. - - /* - * i40394 - * - * mmi : need to check whether the cert's slot is valid first - */ - SECKEYPrivateKey* priKey = NULL; - - if (cert->slot != NULL) - { - priKey = PK11_FindPrivateKeyFromCert( cert->slot, ( CERTCertificate* )cert, NULL ) ; - } - if(priKey == NULL) - { - for (CIT_SLOTS is = m_Slots.begin(); is != m_Slots.end(); is++) - { - priKey = PK11_FindPrivateKeyFromCert(*is, (CERTCertificate*)cert, NULL); - if (priKey) - break; - } - } - if( priKey != NULL ) { - characters |= ::com::sun::star::security::CertificateCharacters::HAS_PRIVATE_KEY ; - - SECKEY_DestroyPrivateKey( priKey ) ; - } else { - characters &= ~ ::com::sun::star::security::CertificateCharacters::HAS_PRIVATE_KEY ; - } - - return characters ; -} - -X509Certificate_NssImpl* NssCertToXCert( CERTCertificate* cert ) -{ - X509Certificate_NssImpl* xcert ; - - if( cert != NULL ) { - xcert = new X509Certificate_NssImpl() ; - if( xcert == NULL ) { - xcert = NULL ; - } else { - xcert->setCert( cert ) ; - } - } else { - xcert = NULL ; - } - - return xcert ; -} - -X509Certificate_NssImpl* NssPrivKeyToXCert( SECKEYPrivateKey* priKey ) -{ - CERTCertificate* cert ; - X509Certificate_NssImpl* xcert ; - - if( priKey != NULL ) { - cert = PK11_GetCertFromPrivateKey( priKey ) ; - - if( cert != NULL ) { - xcert = NssCertToXCert( cert ) ; - } else { - xcert = NULL ; - } - - CERT_DestroyCertificate( cert ) ; - } else { - xcert = NULL ; - } - - return xcert ; -} - - -/* Native methods */ -xmlSecKeysMngrPtr SecurityEnvironment_NssImpl::createKeysManager() throw( Exception, RuntimeException ) { - - unsigned int i ; - CERTCertDBHandle* handler = NULL ; - PK11SymKey* symKey = NULL ; - SECKEYPublicKey* pubKey = NULL ; - SECKEYPrivateKey* priKey = NULL ; - xmlSecKeysMngrPtr pKeysMngr = NULL ; - - handler = this->getCertDb() ; - - /*- - * The following lines is based on the private version of xmlSec-NSS - * crypto engine - */ - int cSlots = m_Slots.size(); - boost::scoped_array<PK11SlotInfo*> sarSlots(new PK11SlotInfo*[cSlots]); - PK11SlotInfo** slots = sarSlots.get(); - int count = 0; - for (CIT_SLOTS islots = m_Slots.begin();islots != m_Slots.end(); islots++, count++) - slots[count] = *islots; - - pKeysMngr = xmlSecNssAppliedKeysMngrCreate(slots, cSlots, handler ) ; - if( pKeysMngr == NULL ) - throw RuntimeException() ; - - /*- - * Adopt symmetric key into keys manager - */ - for( i = 0 ; ( symKey = this->getSymKey( i ) ) != NULL ; i ++ ) { - if( xmlSecNssAppliedKeysMngrSymKeyLoad( pKeysMngr, symKey ) < 0 ) { - throw RuntimeException() ; - } - } - - /*- - * Adopt asymmetric public key into keys manager - */ - for( i = 0 ; ( pubKey = this->getPubKey( i ) ) != NULL ; i ++ ) { - if( xmlSecNssAppliedKeysMngrPubKeyLoad( pKeysMngr, pubKey ) < 0 ) { - throw RuntimeException() ; - } - } - - /*- - * Adopt asymmetric private key into keys manager - */ - for( i = 0 ; ( priKey = this->getPriKey( i ) ) != NULL ; i ++ ) { - if( xmlSecNssAppliedKeysMngrPriKeyLoad( pKeysMngr, priKey ) < 0 ) { - throw RuntimeException() ; - } - } - return pKeysMngr ; -} -void SecurityEnvironment_NssImpl::destroyKeysManager(xmlSecKeysMngrPtr pKeysMngr) throw( Exception, RuntimeException ) { - if( pKeysMngr != NULL ) { - xmlSecKeysMngrDestroy( pKeysMngr ) ; - } -} - -/* vim:set shiftwidth=4 softtabstop=4 expandtab: */ diff --git a/xmlsecurity/source/xmlsec/nss/securityenvironment_nssimpl.hxx b/xmlsecurity/source/xmlsec/nss/securityenvironment_nssimpl.hxx deleted file mode 100644 index 59933aaf6..000000000 --- a/xmlsecurity/source/xmlsec/nss/securityenvironment_nssimpl.hxx +++ /dev/null @@ -1,171 +0,0 @@ -/* -*- Mode: C++; tab-width: 4; indent-tabs-mode: nil; c-basic-offset: 4 -*- */ -/************************************************************************* - * - * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. - * - * Copyright 2000, 2010 Oracle and/or its affiliates. - * - * OpenOffice.org - a multi-platform office productivity suite - * - * This file is part of OpenOffice.org. - * - * OpenOffice.org is free software: you can redistribute it and/or modify - * it under the terms of the GNU Lesser General Public License version 3 - * only, as published by the Free Software Foundation. - * - * OpenOffice.org is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU Lesser General Public License version 3 for more details - * (a copy is included in the LICENSE file that accompanied this code). - * - * You should have received a copy of the GNU Lesser General Public License - * version 3 along with OpenOffice.org. If not, see - * <http://www.openoffice.org/license.html> - * for a copy of the LGPLv3 License. - * - ************************************************************************/ - -#ifndef _XSECURITYENVIRONMENT_NSSIMPL_HXX_ -#define _XSECURITYENVIRONMENT_NSSIMPL_HXX_ - -#include <sal/config.h> -#include <rtl/ustring.hxx> -#include <cppuhelper/factory.hxx> -#include <cppuhelper/implbase4.hxx> -#include <com/sun/star/uno/Exception.hpp> - -#include <com/sun/star/uno/Reference.hxx> -#include <com/sun/star/lang/XSingleServiceFactory.hpp> - -#include <com/sun/star/lang/XServiceInfo.hpp> -#include <com/sun/star/lang/XInitialization.hpp> -#include <com/sun/star/xml/crypto/XSecurityEnvironment.hpp> -#include <com/sun/star/security/XCertificate.hpp> -#include <com/sun/star/security/CertificateCharacters.hpp> -#include <com/sun/star/security/CertificateValidity.hpp> -#include <com/sun/star/lang/XUnoTunnel.hpp> - -#include "osl/mutex.hxx" - -#include "pk11func.h" -#include "keyhi.h" -#include "certdb.h" -#include "list" - -#include <sal/types.h> -//For reasons that escape me, this is what xmlsec does when size_t is not 4 -#if SAL_TYPES_SIZEOFPOINTER != 4 -# define XMLSEC_NO_SIZE_T -#endif -#include "xmlsec/xmlsec.h" - -class SecurityEnvironment_NssImpl : public ::cppu::WeakImplHelper4< - ::com::sun::star::xml::crypto::XSecurityEnvironment , - ::com::sun::star::lang::XInitialization , - ::com::sun::star::lang::XServiceInfo , - ::com::sun::star::lang::XUnoTunnel > -{ -private : - - std::list< PK11SlotInfo* > m_Slots; - typedef std::list< PK11SlotInfo* >::const_iterator CIT_SLOTS; - - osl::Mutex m_mutex; - - CERTCertDBHandle* m_pHandler ; - std::list< PK11SymKey* > m_tSymKeyList ; - std::list< SECKEYPublicKey* > m_tPubKeyList ; - std::list< SECKEYPrivateKey* > m_tPriKeyList ; - ::com::sun::star::uno::Reference< ::com::sun::star::lang::XMultiServiceFactory > m_xServiceManager ; - - public : - SecurityEnvironment_NssImpl( const ::com::sun::star::uno::Reference< ::com::sun::star::lang::XMultiServiceFactory >& aFactory ) ; - virtual ~SecurityEnvironment_NssImpl() ; - - //Methods from XSecurityEnvironment - - //Methods from XInitialization - virtual void SAL_CALL initialize( - const ::com::sun::star::uno::Sequence< ::com::sun::star::uno::Any >& aArguments - ) throw( ::com::sun::star::uno::Exception , ::com::sun::star::uno::RuntimeException ) ; - - //Methods from XServiceInfo - virtual ::rtl::OUString SAL_CALL getImplementationName() throw( ::com::sun::star::uno::RuntimeException ) ; - - virtual sal_Bool SAL_CALL supportsService( - const ::rtl::OUString& ServiceName - ) throw( ::com::sun::star::uno::RuntimeException ) ; - - virtual ::com::sun::star::uno::Sequence< ::rtl::OUString > SAL_CALL getSupportedServiceNames() throw( ::com::sun::star::uno::RuntimeException ) ; - - //Helper for XServiceInfo - static ::com::sun::star::uno::Sequence< ::rtl::OUString > impl_getSupportedServiceNames() ; - - static ::rtl::OUString impl_getImplementationName() throw( ::com::sun::star::uno::RuntimeException ) ; - - //Helper for registry - static ::com::sun::star::uno::Reference< ::com::sun::star::uno::XInterface > SAL_CALL impl_createInstance( const ::com::sun::star::uno::Reference< ::com::sun::star::lang::XMultiServiceFactory >& aServiceManager ) throw( ::com::sun::star::uno::RuntimeException ) ; - - static ::com::sun::star::uno::Reference< ::com::sun::star::lang::XSingleServiceFactory > impl_createFactory( const ::com::sun::star::uno::Reference< ::com::sun::star::lang::XMultiServiceFactory >& aServiceManager ) ; - - virtual ::sal_Int32 SAL_CALL verifyCertificate( - const ::com::sun::star::uno::Reference< - ::com::sun::star::security::XCertificate >& xCert, - const ::com::sun::star::uno::Sequence< - ::com::sun::star::uno::Reference< ::com::sun::star::security::XCertificate > > & - intermediateCerts) - throw (::com::sun::star::uno::SecurityException, ::com::sun::star::uno::RuntimeException) ; - - virtual ::sal_Int32 SAL_CALL getCertificateCharacters( const ::com::sun::star::uno::Reference< ::com::sun::star::security::XCertificate >& xCert ) throw (::com::sun::star::uno::SecurityException, ::com::sun::star::uno::RuntimeException) ; - - virtual ::rtl::OUString SAL_CALL getSecurityEnvironmentInformation( ) throw (::com::sun::star::uno::RuntimeException); - - //Methods from XUnoTunnel - virtual sal_Int64 SAL_CALL getSomething( const ::com::sun::star::uno::Sequence< sal_Int8 >& aIdentifier ) - throw (::com::sun::star::uno::RuntimeException); - - static const ::com::sun::star::uno::Sequence< sal_Int8 >& getUnoTunnelId() ; - static SecurityEnvironment_NssImpl* getImplementation( const ::com::sun::star::uno::Reference< ::com::sun::star::uno::XInterface > xObj ) ; - - //Native mehtods - virtual CERTCertDBHandle* getCertDb() throw( ::com::sun::star::uno::Exception , ::com::sun::star::uno::RuntimeException ) ; - - virtual void setCertDb( CERTCertDBHandle* aCertDb ) throw( ::com::sun::star::uno::Exception , ::com::sun::star::uno::RuntimeException ) ; - - virtual void adoptSymKey( PK11SymKey* aSymKey ) throw( ::com::sun::star::uno::Exception , ::com::sun::star::uno::RuntimeException ) ; - virtual void rejectSymKey( PK11SymKey* aSymKey ) throw( ::com::sun::star::uno::Exception , ::com::sun::star::uno::RuntimeException ) ; - virtual PK11SymKey* getSymKey( unsigned int position ) throw( ::com::sun::star::uno::Exception , ::com::sun::star::uno::RuntimeException ) ; - - virtual void adoptPubKey( SECKEYPublicKey* aPubKey ) throw( ::com::sun::star::uno::Exception , ::com::sun::star::uno::RuntimeException ) ; - virtual void rejectPubKey( SECKEYPublicKey* aPubKey ) throw( ::com::sun::star::uno::Exception , ::com::sun::star::uno::RuntimeException ) ; - virtual SECKEYPublicKey* getPubKey( unsigned int position ) throw( ::com::sun::star::uno::Exception , ::com::sun::star::uno::RuntimeException ) ; - - virtual void adoptPriKey( SECKEYPrivateKey* aPriKey ) throw( ::com::sun::star::uno::Exception , ::com::sun::star::uno::RuntimeException ) ; - virtual void rejectPriKey( SECKEYPrivateKey* aPriKey ) throw( ::com::sun::star::uno::Exception , ::com::sun::star::uno::RuntimeException ) ; - virtual SECKEYPrivateKey* getPriKey( unsigned int position ) throw( ::com::sun::star::uno::Exception , ::com::sun::star::uno::RuntimeException ) ; - - virtual ::com::sun::star::uno::Sequence< ::com::sun::star::uno::Reference< ::com::sun::star::security::XCertificate > > SAL_CALL getPersonalCertificates() throw( ::com::sun::star::uno::SecurityException , ::com::sun::star::uno::RuntimeException ) ; - - virtual ::com::sun::star::uno::Reference< ::com::sun::star::security::XCertificate > SAL_CALL getCertificate( const ::rtl::OUString& issuerName, const ::com::sun::star::uno::Sequence< sal_Int8 >& serialNumber ) throw( ::com::sun::star::uno::SecurityException , ::com::sun::star::uno::RuntimeException ) ; - virtual ::com::sun::star::uno::Reference< ::com::sun::star::security::XCertificate > SAL_CALL getCertificate( const ::rtl::OUString& issuerName, const ::rtl::OUString& serialNumber ) throw( ::com::sun::star::uno::SecurityException , ::com::sun::star::uno::RuntimeException ) ; - - virtual ::com::sun::star::uno::Sequence< ::com::sun::star::uno::Reference< ::com::sun::star::security::XCertificate > > SAL_CALL buildCertificatePath( const ::com::sun::star::uno::Reference< ::com::sun::star::security::XCertificate >& beginCert ) throw( ::com::sun::star::uno::SecurityException , ::com::sun::star::uno::RuntimeException ) ; - - virtual ::com::sun::star::uno::Reference< ::com::sun::star::security::XCertificate > SAL_CALL createCertificateFromRaw( const ::com::sun::star::uno::Sequence< sal_Int8 >& rawCertificate ) throw( ::com::sun::star::uno::SecurityException , ::com::sun::star::uno::RuntimeException ) ; - virtual ::com::sun::star::uno::Reference< ::com::sun::star::security::XCertificate > SAL_CALL createCertificateFromAscii( const ::rtl::OUString& asciiCertificate ) throw( ::com::sun::star::uno::SecurityException , ::com::sun::star::uno::RuntimeException ) ; - - - //Native mehtods - virtual xmlSecKeysMngrPtr createKeysManager() throw( ::com::sun::star::uno::Exception , ::com::sun::star::uno::RuntimeException ) ; - virtual void destroyKeysManager(xmlSecKeysMngrPtr pKeysMngr) throw( ::com::sun::star::uno::Exception , ::com::sun::star::uno::RuntimeException ) ; - -private: - void updateSlots(); - - virtual void addCryptoSlot( PK11SlotInfo* aSlot ) throw( ::com::sun::star::uno::Exception , ::com::sun::star::uno::RuntimeException ) ; -} ; - -#endif // _XSECURITYENVIRONMENT_NSSIMPL_HXX_ - -/* vim:set shiftwidth=4 softtabstop=4 expandtab: */ diff --git a/xmlsecurity/source/xmlsec/nss/seinitializer_nssimpl.cxx b/xmlsecurity/source/xmlsec/nss/seinitializer_nssimpl.cxx deleted file mode 100644 index a28c4eaff..000000000 --- a/xmlsecurity/source/xmlsec/nss/seinitializer_nssimpl.cxx +++ /dev/null @@ -1,199 +0,0 @@ -/* -*- Mode: C++; tab-width: 4; indent-tabs-mode: nil; c-basic-offset: 4 -*- */ -/************************************************************************* - * - * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. - * - * Copyright 2000, 2010 Oracle and/or its affiliates. - * - * OpenOffice.org - a multi-platform office productivity suite - * - * This file is part of OpenOffice.org. - * - * OpenOffice.org is free software: you can redistribute it and/or modify - * it under the terms of the GNU Lesser General Public License version 3 - * only, as published by the Free Software Foundation. - * - * OpenOffice.org is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU Lesser General Public License version 3 for more details - * (a copy is included in the LICENSE file that accompanied this code). - * - * You should have received a copy of the GNU Lesser General Public License - * version 3 along with OpenOffice.org. If not, see - * <http://www.openoffice.org/license.html> - * for a copy of the LGPLv3 License. - * - ************************************************************************/ - -// MARKER(update_precomp.py): autogen include statement, do not remove -#include "precompiled_xmlsecurity.hxx" - -/* - * Turn off DEBUG Assertions - */ -#ifdef _DEBUG - #define _DEBUG_WAS_DEFINED _DEBUG - #undef _DEBUG -#else - #undef _DEBUG_WAS_DEFINED -#endif - -/* - * and turn off the additional virtual methods which are part of some interfaces when compiled - * with debug - */ -#ifdef DEBUG - #define DEBUG_WAS_DEFINED DEBUG - #undef DEBUG -#else - #undef DEBUG_WAS_DEFINED -#endif - -#include <sal/types.h> -#include <rtl/bootstrap.hxx> -#include <rtl/string.hxx> -#include <rtl/strbuf.hxx> -#include <osl/file.hxx> -#include <osl/thread.h> -#include <tools/debug.hxx> -#include <rtl/logfile.hxx> - -#include "seinitializer_nssimpl.hxx" -#include "securityenvironment_nssimpl.hxx" - -#include <nspr.h> -#include <cert.h> -#include <nss.h> -#include <pk11pub.h> -#include <secmod.h> -#include <nssckbi.h> - - -namespace css = ::com::sun::star; -namespace cssu = css::uno; -namespace cssl = css::lang; -namespace cssxc = css::xml::crypto; - -using namespace com::sun::star; -using ::rtl::OUString; -using ::rtl::OString; - -#define SE_SERVICE_NAME "com.sun.star.xml.crypto.SEInitializer" -#define IMPLEMENTATION_NAME "com.sun.star.xml.security.bridge.xmlsec.SEInitializer_NssImpl" -#define SECURITY_ENVIRONMENT "com.sun.star.xml.crypto.SecurityEnvironment" -#define SECURITY_CONTEXT "com.sun.star.xml.crypto.XMLSecurityContext" - - int nProduct = 4; -SEInitializer_NssImpl::SEInitializer_NssImpl( - const css::uno::Reference< css::lang::XMultiServiceFactory > &rxMSF ) -{ - mxMSF = rxMSF; -} - -SEInitializer_NssImpl::~SEInitializer_NssImpl() -{ -} - -/* XSEInitializer */ -cssu::Reference< cssxc::XXMLSecurityContext > SAL_CALL - SEInitializer_NssImpl::createSecurityContext( const ::rtl::OUString& ) - throw (cssu::RuntimeException) -{ - CERTCertDBHandle *pCertHandle = NULL ; - - if( !initNSS( mxMSF ) ) - return NULL; - - pCertHandle = CERT_GetDefaultCertDB() ; - - try - { - /* Build XML Security Context */ - const rtl::OUString sSecyrutyContext ( RTL_CONSTASCII_USTRINGPARAM( SECURITY_CONTEXT ) ); - cssu::Reference< cssxc::XXMLSecurityContext > xSecCtx( mxMSF->createInstance ( sSecyrutyContext ), cssu::UNO_QUERY ); - if( !xSecCtx.is() ) - return NULL; - - const rtl::OUString sSecyrutyEnvironment ( RTL_CONSTASCII_USTRINGPARAM( SECURITY_ENVIRONMENT ) ); - cssu::Reference< cssxc::XSecurityEnvironment > xSecEnv( mxMSF->createInstance ( sSecyrutyEnvironment ), cssu::UNO_QUERY ); - cssu::Reference< cssl::XUnoTunnel > xEnvTunnel( xSecEnv , cssu::UNO_QUERY ) ; - if( !xEnvTunnel.is() ) - return NULL; - SecurityEnvironment_NssImpl* pSecEnv = reinterpret_cast<SecurityEnvironment_NssImpl*>( - sal::static_int_cast<sal_uIntPtr>( - xEnvTunnel->getSomething(SecurityEnvironment_NssImpl::getUnoTunnelId() ))) ; - pSecEnv->setCertDb(pCertHandle); - - sal_Int32 n = xSecCtx->addSecurityEnvironment(xSecEnv); - //originally the SecurityEnvironment with the internal slot was set as default - xSecCtx->setDefaultSecurityEnvironmentIndex( n ); - return xSecCtx; - } - catch( cssu::Exception& ) - { - //PK11_LogoutAll(); - //NSS_Shutdown(); - return NULL; - } -} - -void SAL_CALL SEInitializer_NssImpl::freeSecurityContext( const cssu::Reference< cssxc::XXMLSecurityContext >& ) - throw (cssu::RuntimeException) -{ - /* - * because the security context will free all its content when it - * is destructed, so here no free process for the security context - * is needed. - */ - //PK11_LogoutAll(); - //NSS_Shutdown(); -} - -rtl::OUString SEInitializer_NssImpl_getImplementationName () - throw (cssu::RuntimeException) -{ - - return rtl::OUString ( RTL_CONSTASCII_USTRINGPARAM ( IMPLEMENTATION_NAME ) ); -} - -sal_Bool SAL_CALL SEInitializer_NssImpl_supportsService( const rtl::OUString& ServiceName ) - throw (cssu::RuntimeException) -{ - return ServiceName.equalsAsciiL( RTL_CONSTASCII_STRINGPARAM ( SE_SERVICE_NAME )) || ServiceName.equalsAsciiL( RTL_CONSTASCII_STRINGPARAM ( NSS_SERVICE_NAME )); -} - -cssu::Sequence< rtl::OUString > SAL_CALL SEInitializer_NssImpl_getSupportedServiceNames( ) - throw (cssu::RuntimeException) -{ - cssu::Sequence < rtl::OUString > aRet(2); - rtl::OUString* pArray = aRet.getArray(); - pArray[0] = rtl::OUString ( RTL_CONSTASCII_USTRINGPARAM ( SE_SERVICE_NAME ) ); - pArray[1] = rtl::OUString ( RTL_CONSTASCII_USTRINGPARAM ( NSS_SERVICE_NAME ) ); - return aRet; -} - -cssu::Reference< cssu::XInterface > SAL_CALL SEInitializer_NssImpl_createInstance( const cssu::Reference< cssl::XMultiServiceFactory > & rSMgr) - throw( cssu::Exception ) -{ - return (cppu::OWeakObject*) new SEInitializer_NssImpl(rSMgr); -} - -/* XServiceInfo */ -rtl::OUString SAL_CALL SEInitializer_NssImpl::getImplementationName( ) - throw (cssu::RuntimeException) -{ - return SEInitializer_NssImpl_getImplementationName(); -} -sal_Bool SAL_CALL SEInitializer_NssImpl::supportsService( const rtl::OUString& rServiceName ) - throw (cssu::RuntimeException) -{ - return SEInitializer_NssImpl_supportsService( rServiceName ); -} -cssu::Sequence< rtl::OUString > SAL_CALL SEInitializer_NssImpl::getSupportedServiceNames( ) - throw (cssu::RuntimeException) -{ - return SEInitializer_NssImpl_getSupportedServiceNames(); -} - -/* vim:set shiftwidth=4 softtabstop=4 expandtab: */ diff --git a/xmlsecurity/source/xmlsec/nss/seinitializer_nssimpl.hxx b/xmlsecurity/source/xmlsec/nss/seinitializer_nssimpl.hxx deleted file mode 100644 index 65d5c11bd..000000000 --- a/xmlsecurity/source/xmlsec/nss/seinitializer_nssimpl.hxx +++ /dev/null @@ -1,87 +0,0 @@ -/* -*- Mode: C++; tab-width: 4; indent-tabs-mode: nil; c-basic-offset: 4 -*- */ -/************************************************************************* - * - * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. - * - * Copyright 2000, 2010 Oracle and/or its affiliates. - * - * OpenOffice.org - a multi-platform office productivity suite - * - * This file is part of OpenOffice.org. - * - * OpenOffice.org is free software: you can redistribute it and/or modify - * it under the terms of the GNU Lesser General Public License version 3 - * only, as published by the Free Software Foundation. - * - * OpenOffice.org is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU Lesser General Public License version 3 for more details - * (a copy is included in the LICENSE file that accompanied this code). - * - * You should have received a copy of the GNU Lesser General Public License - * version 3 along with OpenOffice.org. If not, see - * <http://www.openoffice.org/license.html> - * for a copy of the LGPLv3 License. - * - ************************************************************************/ - -#ifndef _SEINITIALIZERIMPL_HXX -#define _SEINITIALIZERIMPL_HXX - -#include <com/sun/star/xml/crypto/XXMLSecurityContext.hpp> -#include <com/sun/star/xml/crypto/XSEInitializer.hpp> - -#include <cppuhelper/implbase1.hxx> - -#include <libxml/tree.h> - -#include "nssinitializer.hxx" - -class SEInitializer_NssImpl : public cppu::ImplInheritanceHelper1 -< - ONSSInitializer, - ::com::sun::star::xml::crypto::XSEInitializer -> -{ -public: - SEInitializer_NssImpl( const ::com::sun::star::uno::Reference< ::com::sun::star::lang::XMultiServiceFactory > &rxMSF ); - virtual ~SEInitializer_NssImpl(); - - /* XSEInitializer */ - virtual ::com::sun::star::uno::Reference< - ::com::sun::star::xml::crypto::XXMLSecurityContext > - SAL_CALL createSecurityContext( const ::rtl::OUString& ) - throw (::com::sun::star::uno::RuntimeException); - - virtual void SAL_CALL freeSecurityContext( const com::sun::star::uno::Reference< - com::sun::star::xml::crypto::XXMLSecurityContext >& securityContext ) - throw (com::sun::star::uno::RuntimeException); - - /* XServiceInfo */ - virtual rtl::OUString SAL_CALL getImplementationName( ) - throw (::com::sun::star::uno::RuntimeException); - - virtual sal_Bool SAL_CALL supportsService( const rtl::OUString& ServiceName ) - throw (::com::sun::star::uno::RuntimeException); - - virtual ::com::sun::star::uno::Sequence< rtl::OUString > SAL_CALL getSupportedServiceNames( ) - throw (::com::sun::star::uno::RuntimeException); -}; - -rtl::OUString SEInitializer_NssImpl_getImplementationName() - throw ( ::com::sun::star::uno::RuntimeException ); - -sal_Bool SAL_CALL SEInitializer_NssImpl_supportsService( const rtl::OUString& ServiceName ) - throw ( ::com::sun::star::uno::RuntimeException ); - -com::sun::star::uno::Sequence< rtl::OUString > SAL_CALL SEInitializer_NssImpl_getSupportedServiceNames( ) - throw ( ::com::sun::star::uno::RuntimeException ); - -com::sun::star::uno::Reference< ::com::sun::star::uno::XInterface > -SAL_CALL SEInitializer_NssImpl_createInstance( const ::com::sun::star::uno::Reference< ::com::sun::star::lang::XMultiServiceFactory > & rSMgr) - throw ( ::com::sun::star::uno::Exception ); - -#endif - -/* vim:set shiftwidth=4 softtabstop=4 expandtab: */ diff --git a/xmlsecurity/source/xmlsec/nss/x509certificate_nssimpl.cxx b/xmlsecurity/source/xmlsec/nss/x509certificate_nssimpl.cxx deleted file mode 100644 index 2e2836a0f..000000000 --- a/xmlsecurity/source/xmlsec/nss/x509certificate_nssimpl.cxx +++ /dev/null @@ -1,474 +0,0 @@ -/* -*- Mode: C++; tab-width: 4; indent-tabs-mode: nil; c-basic-offset: 4 -*- */ -/************************************************************************* - * - * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. - * - * Copyright 2000, 2010 Oracle and/or its affiliates. - * - * OpenOffice.org - a multi-platform office productivity suite - * - * This file is part of OpenOffice.org. - * - * OpenOffice.org is free software: you can redistribute it and/or modify - * it under the terms of the GNU Lesser General Public License version 3 - * only, as published by the Free Software Foundation. - * - * OpenOffice.org is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU Lesser General Public License version 3 for more details - * (a copy is included in the LICENSE file that accompanied this code). - * - * You should have received a copy of the GNU Lesser General Public License - * version 3 along with OpenOffice.org. If not, see - * <http://www.openoffice.org/license.html> - * for a copy of the LGPLv3 License. - * - ************************************************************************/ - -// MARKER(update_precomp.py): autogen include statement, do not remove -#include "precompiled_xmlsecurity.hxx" - - - -#include "nssrenam.h" -#include "nspr.h" -#include "nss.h" -#include "secder.h" - -#include "hasht.h" -#include "secoid.h" -#include "pk11func.h" - -#include <sal/config.h> -#include <comphelper/servicehelper.hxx> -#include "x509certificate_nssimpl.hxx" - -#include "certificateextension_xmlsecimpl.hxx" - -#include "sanextension_nssimpl.hxx" - -using namespace ::com::sun::star::uno ; -using namespace ::com::sun::star::security ; -using ::rtl::OUString ; - -using ::com::sun::star::security::XCertificate ; -using ::com::sun::star::util::DateTime ; - -X509Certificate_NssImpl :: X509Certificate_NssImpl() : - m_pCert( NULL ) -{ -} - -X509Certificate_NssImpl :: ~X509Certificate_NssImpl() { - if( m_pCert != NULL ) { - CERT_DestroyCertificate( m_pCert ) ; - } -} - -//Methods from XCertificate -sal_Int16 SAL_CALL X509Certificate_NssImpl :: getVersion() throw ( ::com::sun::star::uno::RuntimeException) { - if( m_pCert != NULL ) { - if( m_pCert->version.len > 0 ) { - return ( char )*( m_pCert->version.data ) ; - } else - return 0 ; - } else { - return -1 ; - } -} - -::com::sun::star::uno::Sequence< sal_Int8 > SAL_CALL X509Certificate_NssImpl :: getSerialNumber() throw ( ::com::sun::star::uno::RuntimeException) { - if( m_pCert != NULL && m_pCert->serialNumber.len > 0 ) { - Sequence< sal_Int8 > serial( m_pCert->serialNumber.len ) ; - for( unsigned int i = 0 ; i < m_pCert->serialNumber.len ; i ++ ) - serial[i] = *( m_pCert->serialNumber.data + i ) ; - - return serial ; - } else { - return ::com::sun::star::uno::Sequence< sal_Int8 >(); - } -} - -::rtl::OUString SAL_CALL X509Certificate_NssImpl :: getIssuerName() throw ( ::com::sun::star::uno::RuntimeException) { - if( m_pCert != NULL ) { - return OUString(m_pCert->issuerName , PL_strlen(m_pCert->issuerName) , RTL_TEXTENCODING_UTF8) ; - } else { - return OUString() ; - } -} - -::rtl::OUString SAL_CALL X509Certificate_NssImpl :: getSubjectName() throw ( ::com::sun::star::uno::RuntimeException) { - if( m_pCert != NULL ) { - return OUString(m_pCert->subjectName , PL_strlen(m_pCert->subjectName) , RTL_TEXTENCODING_UTF8); - } else { - return OUString() ; - } -} - -::com::sun::star::util::DateTime SAL_CALL X509Certificate_NssImpl :: getNotValidBefore() throw ( ::com::sun::star::uno::RuntimeException) { - if( m_pCert != NULL ) { - SECStatus rv ; - PRTime notBefore ; - PRExplodedTime explTime ; - DateTime dateTime ; - - rv = DER_DecodeTimeChoice( ¬Before, &m_pCert->validity.notBefore ) ; - if( rv ) { - return DateTime() ; - } - - //Convert the time to readable local time - PR_ExplodeTime( notBefore, PR_LocalTimeParameters, &explTime ) ; - - dateTime.HundredthSeconds = static_cast< sal_Int16 >( explTime.tm_usec / 1000 ); - dateTime.Seconds = static_cast< sal_Int16 >( explTime.tm_sec ); - dateTime.Minutes = static_cast< sal_Int16 >( explTime.tm_min ); - dateTime.Hours = static_cast< sal_Int16 >( explTime.tm_hour ); - dateTime.Day = static_cast< sal_Int16 >( explTime.tm_mday ); - dateTime.Month = static_cast< sal_Int16 >( explTime.tm_month+1 ); - dateTime.Year = static_cast< sal_Int16 >( explTime.tm_year ); - - return dateTime ; - } else { - return DateTime() ; - } -} - -::com::sun::star::util::DateTime SAL_CALL X509Certificate_NssImpl :: getNotValidAfter() throw ( ::com::sun::star::uno::RuntimeException) { - if( m_pCert != NULL ) { - SECStatus rv ; - PRTime notAfter ; - PRExplodedTime explTime ; - DateTime dateTime ; - - rv = DER_DecodeTimeChoice( ¬After, &m_pCert->validity.notAfter ) ; - if( rv ) { - return DateTime() ; - } - - //Convert the time to readable local time - PR_ExplodeTime( notAfter, PR_LocalTimeParameters, &explTime ) ; - - dateTime.HundredthSeconds = static_cast< sal_Int16 >( explTime.tm_usec / 1000 ); - dateTime.Seconds = static_cast< sal_Int16 >( explTime.tm_sec ); - dateTime.Minutes = static_cast< sal_Int16 >( explTime.tm_min ); - dateTime.Hours = static_cast< sal_Int16 >( explTime.tm_hour ); - dateTime.Day = static_cast< sal_Int16 >( explTime.tm_mday ); - dateTime.Month = static_cast< sal_Int16 >( explTime.tm_month+1 ); - dateTime.Year = static_cast< sal_Int16 >( explTime.tm_year ); - - return dateTime ; - } else { - return DateTime() ; - } -} - -::com::sun::star::uno::Sequence< sal_Int8 > SAL_CALL X509Certificate_NssImpl :: getIssuerUniqueID() throw ( ::com::sun::star::uno::RuntimeException) { - if( m_pCert != NULL && m_pCert->issuerID.len > 0 ) { - Sequence< sal_Int8 > issuerUid( m_pCert->issuerID.len ) ; - for( unsigned int i = 0 ; i < m_pCert->issuerID.len ; i ++ ) - issuerUid[i] = *( m_pCert->issuerID.data + i ) ; - - return issuerUid ; - } else { - return ::com::sun::star::uno::Sequence< sal_Int8 >(); - } -} - -::com::sun::star::uno::Sequence< sal_Int8 > SAL_CALL X509Certificate_NssImpl :: getSubjectUniqueID() throw ( ::com::sun::star::uno::RuntimeException) { - if( m_pCert != NULL && m_pCert->subjectID.len > 0 ) { - Sequence< sal_Int8 > subjectUid( m_pCert->subjectID.len ) ; - for( unsigned int i = 0 ; i < m_pCert->subjectID.len ; i ++ ) - subjectUid[i] = *( m_pCert->subjectID.data + i ) ; - - return subjectUid ; - } else { - return ::com::sun::star::uno::Sequence< sal_Int8 >(); - } -} - -::com::sun::star::uno::Sequence< ::com::sun::star::uno::Reference< ::com::sun::star::security::XCertificateExtension > > SAL_CALL X509Certificate_NssImpl :: getExtensions() throw ( ::com::sun::star::uno::RuntimeException) { - if( m_pCert != NULL && m_pCert->extensions != NULL ) { - CERTCertExtension** extns ; - CertificateExtension_XmlSecImpl* pExtn ; - sal_Bool crit ; - int len ; - - for( len = 0, extns = m_pCert->extensions; *extns != NULL; len ++, extns ++ ) ; - Sequence< Reference< XCertificateExtension > > xExtns( len ) ; - - for( extns = m_pCert->extensions, len = 0; *extns != NULL; extns ++, len ++ ) { - const SECItem id = (*extns)->id; - ::rtl::OString oidString(CERT_GetOidString(&id)); - - // remove "OID." prefix if existing - ::rtl::OString objID; - ::rtl::OString oid("OID."); - if (oidString.match(oid)) - objID = oidString.copy(oid.getLength()); - else - objID = oidString; - - if ( objID.equals("2.5.29.17") ) - pExtn = (CertificateExtension_XmlSecImpl*) new SanExtensionImpl() ; - else - pExtn = new CertificateExtension_XmlSecImpl() ; - - if( (*extns)->critical.data == NULL ) - crit = sal_False ; - else - crit = ( (*extns)->critical.data[0] == 0xFF ) ? sal_True : sal_False ; - pExtn->setCertExtn( (*extns)->value.data, (*extns)->value.len, (unsigned char*)objID.getStr(), objID.getLength(), crit ) ; - - xExtns[len] = pExtn ; - } - - return xExtns ; - } else { - return ::com::sun::star::uno::Sequence< ::com::sun::star::uno::Reference< ::com::sun::star::security::XCertificateExtension > > (); - } -} - -::com::sun::star::uno::Reference< ::com::sun::star::security::XCertificateExtension > SAL_CALL X509Certificate_NssImpl :: findCertificateExtension( const ::com::sun::star::uno::Sequence< sal_Int8 >& oid ) throw (::com::sun::star::uno::RuntimeException) { - if( m_pCert != NULL && m_pCert->extensions != NULL ) { - CertificateExtension_XmlSecImpl* pExtn ; - CERTCertExtension** extns ; - SECItem idItem ; - sal_Bool crit ; - - idItem.data = ( unsigned char* )&oid[0] ; - idItem.len = oid.getLength() ; - - pExtn = NULL ; - for( extns = m_pCert->extensions; *extns != NULL; extns ++ ) { - if( SECITEM_CompareItem( &idItem, &(*extns)->id ) == SECEqual ) { - const SECItem id = (*extns)->id; - ::rtl::OString objId(CERT_GetOidString(&id)); - if ( objId.equals("OID.2.5.29.17") ) - pExtn = (CertificateExtension_XmlSecImpl*) new SanExtensionImpl() ; - else - pExtn = new CertificateExtension_XmlSecImpl() ; - if( (*extns)->critical.data == NULL ) - crit = sal_False ; - else - crit = ( (*extns)->critical.data[0] == 0xFF ) ? sal_True : sal_False ; - pExtn->setCertExtn( (*extns)->value.data, (*extns)->value.len, (*extns)->id.data, (*extns)->id.len, crit ) ; - } - } - - return pExtn ; - } else { - return NULL ; - } -} - - -::com::sun::star::uno::Sequence< sal_Int8 > SAL_CALL X509Certificate_NssImpl :: getEncoded() throw ( ::com::sun::star::uno::RuntimeException) { - if( m_pCert != NULL && m_pCert->derCert.len > 0 ) { - Sequence< sal_Int8 > rawCert( m_pCert->derCert.len ) ; - - for( unsigned int i = 0 ; i < m_pCert->derCert.len ; i ++ ) - rawCert[i] = *( m_pCert->derCert.data + i ) ; - - return rawCert ; - } else { - return ::com::sun::star::uno::Sequence< sal_Int8 >(); - } -} - -//Helper methods -void X509Certificate_NssImpl :: setCert( CERTCertificate* cert ) { - if( m_pCert != NULL ) { - CERT_DestroyCertificate( m_pCert ) ; - m_pCert = NULL ; - } - - if( cert != NULL ) { - m_pCert = CERT_DupCertificate( cert ) ; - } -} - -const CERTCertificate* X509Certificate_NssImpl :: getNssCert() const { - if( m_pCert != NULL ) { - return m_pCert ; - } else { - return NULL ; - } -} - -void X509Certificate_NssImpl :: setRawCert( Sequence< sal_Int8 > rawCert ) throw ( ::com::sun::star::uno::RuntimeException) { - CERTCertificate* cert ; - SECItem certItem ; - - certItem.data = ( unsigned char* )&rawCert[0] ; - certItem.len = rawCert.getLength() ; - - cert = CERT_DecodeDERCertificate( &certItem, PR_TRUE, NULL ) ; - if( cert == NULL ) - throw RuntimeException() ; - - if( m_pCert != NULL ) { - CERT_DestroyCertificate( m_pCert ) ; - m_pCert = NULL ; - } - - m_pCert = cert ; -} - -/* XUnoTunnel */ -sal_Int64 SAL_CALL X509Certificate_NssImpl :: getSomething( const Sequence< sal_Int8 >& aIdentifier ) throw( RuntimeException ) { - if( aIdentifier.getLength() == 16 && 0 == rtl_compareMemory( getUnoTunnelId().getConstArray(), aIdentifier.getConstArray(), 16 ) ) { - return sal::static_int_cast<sal_Int64>(reinterpret_cast<sal_uIntPtr>(this)); - } - return 0 ; -} - -/* XUnoTunnel extension */ - -namespace -{ - class theX509Certificate_NssImplUnoTunnelId : public rtl::Static< UnoTunnelIdInit, theX509Certificate_NssImplUnoTunnelId > {}; -} - -const Sequence< sal_Int8>& X509Certificate_NssImpl :: getUnoTunnelId() { - return theX509Certificate_NssImplUnoTunnelId::get().getSeq(); -} - -/* XUnoTunnel extension */ -X509Certificate_NssImpl* X509Certificate_NssImpl :: getImplementation( const Reference< XInterface > xObj ) { - Reference< XUnoTunnel > xUT( xObj , UNO_QUERY ) ; - if( xUT.is() ) { - return reinterpret_cast<X509Certificate_NssImpl*>( - sal::static_int_cast<sal_uIntPtr>(xUT->getSomething( getUnoTunnelId() ))); - } else - return NULL ; -} - -::rtl::OUString getAlgorithmDescription(SECAlgorithmID *aid) -{ - SECOidTag tag; - tag = SECOID_GetAlgorithmTag(aid); - - const char *pDesc = SECOID_FindOIDTagDescription(tag); - - return rtl::OUString::createFromAscii( pDesc ) ; -} - -::com::sun::star::uno::Sequence< sal_Int8 > getThumbprint(CERTCertificate *pCert, SECOidTag id) -{ - if( pCert != NULL ) - { - unsigned char fingerprint[20]; - int length = ((id == SEC_OID_MD5)?MD5_LENGTH:SHA1_LENGTH); - - memset(fingerprint, 0, sizeof fingerprint); - PK11_HashBuf(id, fingerprint, pCert->derCert.data, pCert->derCert.len); - - Sequence< sal_Int8 > thumbprint( length ) ; - for( int i = 0 ; i < length ; i ++ ) - thumbprint[i] = fingerprint[i]; - - return thumbprint; - } - else - { - return ::com::sun::star::uno::Sequence< sal_Int8 >(); - } -} - -::rtl::OUString SAL_CALL X509Certificate_NssImpl::getSubjectPublicKeyAlgorithm() - throw ( ::com::sun::star::uno::RuntimeException) -{ - if( m_pCert != NULL ) - { - return getAlgorithmDescription(&(m_pCert->subjectPublicKeyInfo.algorithm)); - } - else - { - return OUString() ; - } -} - -::com::sun::star::uno::Sequence< sal_Int8 > SAL_CALL X509Certificate_NssImpl::getSubjectPublicKeyValue() - throw ( ::com::sun::star::uno::RuntimeException) -{ - if( m_pCert != NULL ) - { - SECItem spk = m_pCert->subjectPublicKeyInfo.subjectPublicKey; - DER_ConvertBitString(&spk); - - if ( spk.len>0) - { - Sequence< sal_Int8 > key( spk.len ) ; - for( unsigned int i = 0 ; i < spk.len ; i ++ ) - { - key[i] = *( spk.data + i ) ; - } - - return key ; - } - } - - return ::com::sun::star::uno::Sequence< sal_Int8 >(); -} - -::rtl::OUString SAL_CALL X509Certificate_NssImpl::getSignatureAlgorithm() - throw ( ::com::sun::star::uno::RuntimeException) -{ - if( m_pCert != NULL ) - { - return getAlgorithmDescription(&(m_pCert->signature)); - } - else - { - return OUString() ; - } -} - -::com::sun::star::uno::Sequence< sal_Int8 > SAL_CALL X509Certificate_NssImpl::getSHA1Thumbprint() - throw ( ::com::sun::star::uno::RuntimeException) -{ - return getThumbprint(m_pCert, SEC_OID_SHA1); -} - -::com::sun::star::uno::Sequence< sal_Int8 > SAL_CALL X509Certificate_NssImpl::getMD5Thumbprint() - throw ( ::com::sun::star::uno::RuntimeException) -{ - return getThumbprint(m_pCert, SEC_OID_MD5); -} - -sal_Int32 SAL_CALL X509Certificate_NssImpl::getCertificateUsage( ) - throw ( ::com::sun::star::uno::RuntimeException) -{ - SECStatus rv; - SECItem tmpitem; - sal_Int32 usage; - - rv = CERT_FindKeyUsageExtension(m_pCert, &tmpitem); - if ( rv == SECSuccess ) - { - usage = tmpitem.data[0]; - PORT_Free(tmpitem.data); - tmpitem.data = NULL; - } - else - { - usage = KU_ALL; - } - - /* - * to make the nss implementation compatible with MSCrypto, - * the following usage is ignored - * - * - if ( CERT_GovtApprovedBitSet(m_pCert) ) - { - usage |= KU_NS_GOVT_APPROVED; - } - */ - - return usage; -} - -/* vim:set shiftwidth=4 softtabstop=4 expandtab: */ diff --git a/xmlsecurity/source/xmlsec/nss/x509certificate_nssimpl.hxx b/xmlsecurity/source/xmlsec/nss/x509certificate_nssimpl.hxx deleted file mode 100644 index 50dedc5e7..000000000 --- a/xmlsecurity/source/xmlsec/nss/x509certificate_nssimpl.hxx +++ /dev/null @@ -1,105 +0,0 @@ -/* -*- Mode: C++; tab-width: 4; indent-tabs-mode: nil; c-basic-offset: 4 -*- */ -/************************************************************************* - * - * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. - * - * Copyright 2000, 2010 Oracle and/or its affiliates. - * - * OpenOffice.org - a multi-platform office productivity suite - * - * This file is part of OpenOffice.org. - * - * OpenOffice.org is free software: you can redistribute it and/or modify - * it under the terms of the GNU Lesser General Public License version 3 - * only, as published by the Free Software Foundation. - * - * OpenOffice.org is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU Lesser General Public License version 3 for more details - * (a copy is included in the LICENSE file that accompanied this code). - * - * You should have received a copy of the GNU Lesser General Public License - * version 3 along with OpenOffice.org. If not, see - * <http://www.openoffice.org/license.html> - * for a copy of the LGPLv3 License. - * - ************************************************************************/ - -#ifndef _X509CERTIFICATE_NSSIMPL_HXX_ -#define _X509CERTIFICATE_NSSIMPL_HXX_ - -#include <sal/config.h> -#include <rtl/ustring.hxx> -#include <cppuhelper/factory.hxx> -#include <cppuhelper/implbase2.hxx> -#include <com/sun/star/uno/Exception.hpp> -#include <com/sun/star/lang/XUnoTunnel.hpp> -#include "com/sun/star/uno/SecurityException.hpp" -#include <com/sun/star/security/XCertificate.hpp> - -#include "cert.h" - -class X509Certificate_NssImpl : public ::cppu::WeakImplHelper2< - ::com::sun::star::security::XCertificate , - ::com::sun::star::lang::XUnoTunnel > -{ - private : - CERTCertificate* m_pCert ; - - public : - X509Certificate_NssImpl() ; - virtual ~X509Certificate_NssImpl() ; - - //Methods from XCertificate - virtual sal_Int16 SAL_CALL getVersion( ) throw ( ::com::sun::star::uno::RuntimeException) ; - - virtual ::com::sun::star::uno::Sequence< sal_Int8 > SAL_CALL getSerialNumber( ) throw ( ::com::sun::star::uno::RuntimeException) ; - - virtual ::rtl::OUString SAL_CALL getIssuerName( ) throw ( ::com::sun::star::uno::RuntimeException) ; - virtual ::rtl::OUString SAL_CALL getSubjectName( ) throw ( ::com::sun::star::uno::RuntimeException) ; - - virtual ::com::sun::star::util::DateTime SAL_CALL getNotValidBefore( ) throw ( ::com::sun::star::uno::RuntimeException) ; - virtual ::com::sun::star::util::DateTime SAL_CALL getNotValidAfter( ) throw ( ::com::sun::star::uno::RuntimeException) ; - - virtual ::com::sun::star::uno::Sequence< sal_Int8 > SAL_CALL getIssuerUniqueID( ) throw ( ::com::sun::star::uno::RuntimeException) ; - virtual ::com::sun::star::uno::Sequence< sal_Int8 > SAL_CALL getSubjectUniqueID( ) throw ( ::com::sun::star::uno::RuntimeException) ; - - virtual ::com::sun::star::uno::Sequence< ::com::sun::star::uno::Reference< ::com::sun::star::security::XCertificateExtension > > SAL_CALL getExtensions( ) throw ( ::com::sun::star::uno::RuntimeException) ; - - virtual ::com::sun::star::uno::Reference< ::com::sun::star::security::XCertificateExtension > SAL_CALL findCertificateExtension( const ::com::sun::star::uno::Sequence< sal_Int8 >& oid ) throw (::com::sun::star::uno::RuntimeException) ; - - virtual ::com::sun::star::uno::Sequence< sal_Int8 > SAL_CALL getEncoded( ) throw ( ::com::sun::star::uno::RuntimeException) ; - - virtual ::rtl::OUString SAL_CALL getSubjectPublicKeyAlgorithm() - throw ( ::com::sun::star::uno::RuntimeException) ; - - virtual ::com::sun::star::uno::Sequence< sal_Int8 > SAL_CALL getSubjectPublicKeyValue() - throw ( ::com::sun::star::uno::RuntimeException) ; - - virtual ::rtl::OUString SAL_CALL getSignatureAlgorithm() - throw ( ::com::sun::star::uno::RuntimeException) ; - - virtual ::com::sun::star::uno::Sequence< sal_Int8 > SAL_CALL getSHA1Thumbprint() - throw ( ::com::sun::star::uno::RuntimeException) ; - - virtual ::com::sun::star::uno::Sequence< sal_Int8 > SAL_CALL getMD5Thumbprint() - throw ( ::com::sun::star::uno::RuntimeException) ; - - virtual sal_Int32 SAL_CALL getCertificateUsage( ) throw ( ::com::sun::star::uno::RuntimeException) ; - - //Methods from XUnoTunnel - virtual sal_Int64 SAL_CALL getSomething( const ::com::sun::star::uno::Sequence< sal_Int8 >& aIdentifier ) throw (com::sun::star::uno::RuntimeException); - - static const ::com::sun::star::uno::Sequence< sal_Int8 >& getUnoTunnelId() ; - static X509Certificate_NssImpl* getImplementation( const ::com::sun::star::uno::Reference< ::com::sun::star::uno::XInterface > xObj ) ; - - //Helper methods - void setCert( CERTCertificate* cert ) ; - const CERTCertificate* getNssCert() const ; - void setRawCert( ::com::sun::star::uno::Sequence< sal_Int8 > rawCert ) throw ( ::com::sun::star::uno::RuntimeException) ; -} ; - -#endif // _X509CERTIFICATE_NSSIMPL_HXX_ - -/* vim:set shiftwidth=4 softtabstop=4 expandtab: */ diff --git a/xmlsecurity/source/xmlsec/nss/xmlencryption_nssimpl.cxx b/xmlsecurity/source/xmlsec/nss/xmlencryption_nssimpl.cxx deleted file mode 100644 index 3e89ef901..000000000 --- a/xmlsecurity/source/xmlsec/nss/xmlencryption_nssimpl.cxx +++ /dev/null @@ -1,384 +0,0 @@ -/* -*- Mode: C++; tab-width: 4; indent-tabs-mode: nil; c-basic-offset: 4 -*- */ -/************************************************************************* - * - * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. - * - * Copyright 2000, 2010 Oracle and/or its affiliates. - * - * OpenOffice.org - a multi-platform office productivity suite - * - * This file is part of OpenOffice.org. - * - * OpenOffice.org is free software: you can redistribute it and/or modify - * it under the terms of the GNU Lesser General Public License version 3 - * only, as published by the Free Software Foundation. - * - * OpenOffice.org is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU Lesser General Public License version 3 for more details - * (a copy is included in the LICENSE file that accompanied this code). - * - * You should have received a copy of the GNU Lesser General Public License - * version 3 along with OpenOffice.org. If not, see - * <http://www.openoffice.org/license.html> - * for a copy of the LGPLv3 License. - * - ************************************************************************/ - -// MARKER(update_precomp.py): autogen include statement, do not remove -#include "precompiled_xmlsecurity.hxx" -#include <sal/config.h> -#include <rtl/uuid.h> -#include "xmlencryption_nssimpl.hxx" - -#include "xmldocumentwrapper_xmlsecimpl.hxx" - -#include "xmlelementwrapper_xmlsecimpl.hxx" - -#include "securityenvironment_nssimpl.hxx" -#include "errorcallback.hxx" - -#include <sal/types.h> -//For reasons that escape me, this is what xmlsec does when size_t is not 4 -#if SAL_TYPES_SIZEOFPOINTER != 4 -# define XMLSEC_NO_SIZE_T -#endif -#include "xmlsec/xmlsec.h" -#include "xmlsec/xmltree.h" -#include "xmlsec/xmlenc.h" -#include "xmlsec/crypto.h" - -#ifdef UNX -#define stricmp strcasecmp -#endif - -using namespace ::com::sun::star::uno ; -using namespace ::com::sun::star::lang ; -using ::com::sun::star::lang::XMultiServiceFactory ; -using ::com::sun::star::lang::XSingleServiceFactory ; -using ::rtl::OUString ; - -using ::com::sun::star::xml::wrapper::XXMLElementWrapper ; -using ::com::sun::star::xml::wrapper::XXMLDocumentWrapper ; -using ::com::sun::star::xml::crypto::XSecurityEnvironment ; -using ::com::sun::star::xml::crypto::XXMLEncryption ; -using ::com::sun::star::xml::crypto::XXMLEncryptionTemplate ; -using ::com::sun::star::xml::crypto::XXMLSecurityContext ; -using ::com::sun::star::xml::crypto::XSecurityEnvironment ; -using ::com::sun::star::xml::crypto::XMLEncryptionException ; - -XMLEncryption_NssImpl :: XMLEncryption_NssImpl( const Reference< XMultiServiceFactory >& aFactory ) : m_xServiceManager( aFactory ) { -} - -XMLEncryption_NssImpl :: ~XMLEncryption_NssImpl() { -} - -/* XXMLEncryption */ -Reference< XXMLEncryptionTemplate > -SAL_CALL XMLEncryption_NssImpl :: encrypt( - const Reference< XXMLEncryptionTemplate >& aTemplate , - const Reference< XSecurityEnvironment >& aEnvironment -) throw( com::sun::star::xml::crypto::XMLEncryptionException, - com::sun::star::uno::SecurityException ) -{ - xmlSecKeysMngrPtr pMngr = NULL ; - xmlSecEncCtxPtr pEncCtx = NULL ; - xmlNodePtr pEncryptedData = NULL ; - xmlNodePtr pContent = NULL ; - - if( !aTemplate.is() ) - throw RuntimeException() ; - - if( !aEnvironment.is() ) - throw RuntimeException() ; - - //Get Keys Manager - Reference< XUnoTunnel > xSecTunnel( aEnvironment , UNO_QUERY ) ; - if( !xSecTunnel.is() ) { - throw RuntimeException() ; - } - - SecurityEnvironment_NssImpl* pSecEnv = - reinterpret_cast<SecurityEnvironment_NssImpl*>( - sal::static_int_cast<sal_uIntPtr>(xSecTunnel->getSomething( SecurityEnvironment_NssImpl::getUnoTunnelId() ))) ; - if( pSecEnv == NULL ) - throw RuntimeException() ; - - //Get the encryption template - Reference< XXMLElementWrapper > xTemplate = aTemplate->getTemplate() ; - if( !xTemplate.is() ) { - throw RuntimeException() ; - } - - Reference< XUnoTunnel > xTplTunnel( xTemplate , UNO_QUERY ) ; - if( !xTplTunnel.is() ) { - throw RuntimeException() ; - } - - XMLElementWrapper_XmlSecImpl* pTemplate = - reinterpret_cast<XMLElementWrapper_XmlSecImpl*>( - sal::static_int_cast<sal_uIntPtr>( - xTplTunnel->getSomething( XMLElementWrapper_XmlSecImpl::getUnoTunnelImplementationId() ))); - if( pTemplate == NULL ) { - throw RuntimeException() ; - } - - // Get the element to be encrypted - Reference< XXMLElementWrapper > xTarget = aTemplate->getTarget() ; - if( !xTarget.is() ) { - throw XMLEncryptionException() ; - } - - Reference< XUnoTunnel > xTgtTunnel( xTarget , UNO_QUERY ) ; - if( !xTgtTunnel.is() ) { - throw XMLEncryptionException() ; - } - - XMLElementWrapper_XmlSecImpl* pTarget = - reinterpret_cast<XMLElementWrapper_XmlSecImpl*>( - sal::static_int_cast<sal_uIntPtr>( - xTgtTunnel->getSomething( XMLElementWrapper_XmlSecImpl::getUnoTunnelImplementationId() ))); - if( pTarget == NULL ) { - throw RuntimeException() ; - } - - pContent = pTarget->getNativeElement() ; - - if( pContent == NULL ) { - throw XMLEncryptionException() ; - } - - //remember the position of the element to be signed - sal_Bool isParentRef = sal_True; - xmlNodePtr pParent = pEncryptedData->parent; - xmlNodePtr referenceNode; - - if (pEncryptedData == pParent->children) - { - referenceNode = pParent; - } - else - { - referenceNode = pEncryptedData->prev; - isParentRef = sal_False; - } - - setErrorRecorder( ); - - pMngr = pSecEnv->createKeysManager() ; //i39448 - if( !pMngr ) { - throw RuntimeException() ; - } - - //Create Encryption context - pEncCtx = xmlSecEncCtxCreate( pMngr ) ; - if( pEncCtx == NULL ) - { - pSecEnv->destroyKeysManager( pMngr ) ; //i39448 - //throw XMLEncryptionException() ; - clearErrorRecorder(); - return aTemplate; - } - - pEncryptedData = pTemplate->getNativeElement() ; - - //Find the element to be encrypted. - - //Encrypt the template - if( xmlSecEncCtxXmlEncrypt( pEncCtx , pEncryptedData , pContent ) < 0 ) - { - xmlSecEncCtxDestroy( pEncCtx ) ; - pSecEnv->destroyKeysManager( pMngr ) ; //i39448 - - //throw XMLEncryptionException() ; - clearErrorRecorder(); - return aTemplate; - } - - xmlSecEncCtxDestroy( pEncCtx ) ; - pSecEnv->destroyKeysManager( pMngr ) ; //i39448 - - //get the new EncryptedData element - if (isParentRef) - { - pTemplate->setNativeElement(referenceNode->children) ; - } - else - { - pTemplate->setNativeElement(referenceNode->next); - } - - return aTemplate ; -} - -/* XXMLEncryption */ -Reference< XXMLEncryptionTemplate > -SAL_CALL XMLEncryption_NssImpl :: decrypt( - const Reference< XXMLEncryptionTemplate >& aTemplate , - const Reference< XXMLSecurityContext >& aSecurityCtx -) throw( com::sun::star::xml::crypto::XMLEncryptionException , - com::sun::star::uno::SecurityException) { - xmlSecKeysMngrPtr pMngr = NULL ; - xmlSecEncCtxPtr pEncCtx = NULL ; - xmlNodePtr pEncryptedData = NULL ; - - if( !aTemplate.is() ) - throw RuntimeException() ; - - if( !aSecurityCtx.is() ) - throw RuntimeException() ; - - //Get the encryption template - Reference< XXMLElementWrapper > xTemplate = aTemplate->getTemplate() ; - if( !xTemplate.is() ) { - throw RuntimeException() ; - } - - Reference< XUnoTunnel > xTplTunnel( xTemplate , UNO_QUERY ) ; - if( !xTplTunnel.is() ) { - throw RuntimeException() ; - } - - XMLElementWrapper_XmlSecImpl* pTemplate = - reinterpret_cast<XMLElementWrapper_XmlSecImpl*>( - sal::static_int_cast<sal_uIntPtr>( - xTplTunnel->getSomething( XMLElementWrapper_XmlSecImpl::getUnoTunnelImplementationId() ))); - if( pTemplate == NULL ) { - throw RuntimeException() ; - } - - pEncryptedData = pTemplate->getNativeElement() ; - - //remember the position of the element to be signed - sal_Bool isParentRef = sal_True; - xmlNodePtr pParent = pEncryptedData->parent; - xmlNodePtr referenceNode; - - if (pEncryptedData == pParent->children) - { - referenceNode = pParent; - } - else - { - referenceNode = pEncryptedData->prev; - isParentRef = sal_False; - } - - setErrorRecorder( ); - - sal_Int32 nSecurityEnvironment = aSecurityCtx->getSecurityEnvironmentNumber(); - sal_Int32 i; - - for (i=0; i<nSecurityEnvironment; ++i) - { - Reference< XSecurityEnvironment > aEnvironment = aSecurityCtx->getSecurityEnvironmentByIndex(i); - - //Get Keys Manager - Reference< XUnoTunnel > xSecTunnel( aEnvironment , UNO_QUERY ) ; - if( !aEnvironment.is() ) { - throw RuntimeException() ; - } - - SecurityEnvironment_NssImpl* pSecEnv = - reinterpret_cast<SecurityEnvironment_NssImpl*>( - sal::static_int_cast<sal_uIntPtr>( - xSecTunnel->getSomething( SecurityEnvironment_NssImpl::getUnoTunnelId() ))); - if( pSecEnv == NULL ) - throw RuntimeException() ; - - pMngr = pSecEnv->createKeysManager() ; //i39448 - if( !pMngr ) { - throw RuntimeException() ; - } - - //Create Encryption context - pEncCtx = xmlSecEncCtxCreate( pMngr ) ; - if( pEncCtx == NULL ) - { - pSecEnv->destroyKeysManager( pMngr ) ; //i39448 - //throw XMLEncryptionException() ; - clearErrorRecorder(); - return aTemplate; - } - - //Decrypt the template - if(!( xmlSecEncCtxDecrypt( pEncCtx , pEncryptedData ) < 0 || pEncCtx->result == NULL )) - { - //The decryption succeeds - - //Destroy the encryption context - xmlSecEncCtxDestroy( pEncCtx ) ; - pSecEnv->destroyKeysManager( pMngr ) ; //i39448 - - //get the decrypted element - XMLElementWrapper_XmlSecImpl * ret = new XMLElementWrapper_XmlSecImpl(isParentRef? - (referenceNode->children):(referenceNode->next)); - - //return ret; - aTemplate->setTemplate(ret); - break; - } - else - { - //The decryption fails, continue with the next security environment - xmlSecEncCtxDestroy( pEncCtx ) ; - pSecEnv->destroyKeysManager( pMngr ) ; //i39448 - } - } - - clearErrorRecorder(); - return aTemplate; -} - -/* XInitialization */ -void SAL_CALL XMLEncryption_NssImpl :: initialize( const Sequence< Any >& /*aArguments*/ ) throw( Exception, RuntimeException ) { - // TBD -} ; - -/* XServiceInfo */ -OUString SAL_CALL XMLEncryption_NssImpl :: getImplementationName() throw( RuntimeException ) { - return impl_getImplementationName() ; -} - -/* XServiceInfo */ -sal_Bool SAL_CALL XMLEncryption_NssImpl :: supportsService( const OUString& serviceName) throw( RuntimeException ) { - Sequence< OUString > seqServiceNames = getSupportedServiceNames() ; - const OUString* pArray = seqServiceNames.getConstArray() ; - for( sal_Int32 i = 0 ; i < seqServiceNames.getLength() ; i ++ ) { - if( *( pArray + i ) == serviceName ) - return sal_True ; - } - return sal_False ; -} - -/* XServiceInfo */ -Sequence< OUString > SAL_CALL XMLEncryption_NssImpl :: getSupportedServiceNames() throw( RuntimeException ) { - return impl_getSupportedServiceNames() ; -} - -//Helper for XServiceInfo -Sequence< OUString > XMLEncryption_NssImpl :: impl_getSupportedServiceNames() { - ::osl::Guard< ::osl::Mutex > aGuard( ::osl::Mutex::getGlobalMutex() ) ; - Sequence< OUString > seqServiceNames( 1 ) ; - seqServiceNames.getArray()[0] = OUString(RTL_CONSTASCII_USTRINGPARAM("com.sun.star.xml.crypto.XMLEncryption")) ; - return seqServiceNames ; -} - -OUString XMLEncryption_NssImpl :: impl_getImplementationName() throw( RuntimeException ) { - return OUString(RTL_CONSTASCII_USTRINGPARAM("com.sun.star.xml.security.bridge.xmlsec.XMLEncryption_NssImpl")) ; -} - -//Helper for registry -Reference< XInterface > SAL_CALL XMLEncryption_NssImpl :: impl_createInstance( const Reference< XMultiServiceFactory >& aServiceManager ) throw( RuntimeException ) { - return Reference< XInterface >( *new XMLEncryption_NssImpl( aServiceManager ) ) ; -} - -Reference< XSingleServiceFactory > XMLEncryption_NssImpl :: impl_createFactory( const Reference< XMultiServiceFactory >& aServiceManager ) { - //Reference< XSingleServiceFactory > xFactory ; - //xFactory = ::cppu::createSingleFactory( aServiceManager , impl_getImplementationName , impl_createInstance , impl_getSupportedServiceNames ) ; - //return xFactory ; - return ::cppu::createSingleFactory( aServiceManager , impl_getImplementationName() , impl_createInstance , impl_getSupportedServiceNames() ) ; -} - -/* vim:set shiftwidth=4 softtabstop=4 expandtab: */ diff --git a/xmlsecurity/source/xmlsec/nss/xmlencryption_nssimpl.hxx b/xmlsecurity/source/xmlsec/nss/xmlencryption_nssimpl.hxx deleted file mode 100644 index 009abec62..000000000 --- a/xmlsecurity/source/xmlsec/nss/xmlencryption_nssimpl.hxx +++ /dev/null @@ -1,100 +0,0 @@ -/* -*- Mode: C++; tab-width: 4; indent-tabs-mode: nil; c-basic-offset: 4 -*- */ -/************************************************************************* - * - * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. - * - * Copyright 2000, 2010 Oracle and/or its affiliates. - * - * OpenOffice.org - a multi-platform office productivity suite - * - * This file is part of OpenOffice.org. - * - * OpenOffice.org is free software: you can redistribute it and/or modify - * it under the terms of the GNU Lesser General Public License version 3 - * only, as published by the Free Software Foundation. - * - * OpenOffice.org is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU Lesser General Public License version 3 for more details - * (a copy is included in the LICENSE file that accompanied this code). - * - * You should have received a copy of the GNU Lesser General Public License - * version 3 along with OpenOffice.org. If not, see - * <http://www.openoffice.org/license.html> - * for a copy of the LGPLv3 License. - * - ************************************************************************/ - -#ifndef _XMLENCRYPTION_NSSIMPL_HXX_ -#define _XMLENCRYPTION_NSSIMPL_HXX_ - -#include <sal/config.h> -#include <rtl/ustring.hxx> -#include <cppuhelper/factory.hxx> -#include <cppuhelper/implbase3.hxx> -#include <com/sun/star/uno/Exception.hpp> - -#include <com/sun/star/uno/Reference.hxx> -#include <com/sun/star/lang/XSingleServiceFactory.hpp> - -#include <com/sun/star/lang/XServiceInfo.hpp> -#include <com/sun/star/lang/XInitialization.hpp> -#include <com/sun/star/xml/crypto/XXMLEncryption.hpp> -#include <com/sun/star/xml/crypto/XXMLEncryptionTemplate.hpp> -#include <com/sun/star/xml/crypto/XXMLSecurityContext.hpp> - -class XMLEncryption_NssImpl : public ::cppu::WeakImplHelper3< - ::com::sun::star::xml::crypto::XXMLEncryption , - ::com::sun::star::lang::XInitialization , - ::com::sun::star::lang::XServiceInfo > -{ - private : - ::com::sun::star::uno::Reference< ::com::sun::star::lang::XMultiServiceFactory > m_xServiceManager ; - - public : - XMLEncryption_NssImpl( const ::com::sun::star::uno::Reference< ::com::sun::star::lang::XMultiServiceFactory >& aFactory ) ; - virtual ~XMLEncryption_NssImpl() ; - - //Methods from XXMLEncryption - virtual ::com::sun::star::uno::Reference< ::com::sun::star::xml::crypto::XXMLEncryptionTemplate > SAL_CALL encrypt( - const ::com::sun::star::uno::Reference< ::com::sun::star::xml::crypto::XXMLEncryptionTemplate >& aTemplate , - const ::com::sun::star::uno::Reference< ::com::sun::star::xml::crypto::XSecurityEnvironment >& aEnvironment) - // ) throw( ::com::sun::star::uno::Exception , ::com::sun::star::uno::RuntimeException ) ; - throw ( com::sun::star::xml::crypto::XMLEncryptionException , - com::sun::star::uno::SecurityException); - - virtual ::com::sun::star::uno::Reference< ::com::sun::star::xml::crypto::XXMLEncryptionTemplate > SAL_CALL decrypt( - const ::com::sun::star::uno::Reference< ::com::sun::star::xml::crypto::XXMLEncryptionTemplate >& aTemplate , - const ::com::sun::star::uno::Reference< ::com::sun::star::xml::crypto::XXMLSecurityContext >& aContext - ) throw( com::sun::star::xml::crypto::XMLEncryptionException , - com::sun::star::uno::SecurityException) ; - - //Methods from XInitialization - virtual void SAL_CALL initialize( - const ::com::sun::star::uno::Sequence< ::com::sun::star::uno::Any >& aArguments - ) throw( ::com::sun::star::uno::Exception , ::com::sun::star::uno::RuntimeException ) ; - - //Methods from XServiceInfo - virtual ::rtl::OUString SAL_CALL getImplementationName() throw( ::com::sun::star::uno::RuntimeException ) ; - - virtual sal_Bool SAL_CALL supportsService( - const ::rtl::OUString& ServiceName - ) throw( ::com::sun::star::uno::RuntimeException ) ; - - virtual ::com::sun::star::uno::Sequence< ::rtl::OUString > SAL_CALL getSupportedServiceNames() throw( ::com::sun::star::uno::RuntimeException ) ; - - //Helper for XServiceInfo - static ::com::sun::star::uno::Sequence< ::rtl::OUString > impl_getSupportedServiceNames() ; - - static ::rtl::OUString impl_getImplementationName() throw( ::com::sun::star::uno::RuntimeException ) ; - - //Helper for registry - static ::com::sun::star::uno::Reference< ::com::sun::star::uno::XInterface > SAL_CALL impl_createInstance( const ::com::sun::star::uno::Reference< ::com::sun::star::lang::XMultiServiceFactory >& aServiceManager ) throw( ::com::sun::star::uno::RuntimeException ) ; - - static ::com::sun::star::uno::Reference< ::com::sun::star::lang::XSingleServiceFactory > impl_createFactory( const ::com::sun::star::uno::Reference< ::com::sun::star::lang::XMultiServiceFactory >& aServiceManager ) ; -} ; - -#endif // _XMLENCRYPTION_NSSIMPL_HXX_ - -/* vim:set shiftwidth=4 softtabstop=4 expandtab: */ diff --git a/xmlsecurity/source/xmlsec/nss/xmlsecuritycontext_nssimpl.cxx b/xmlsecurity/source/xmlsec/nss/xmlsecuritycontext_nssimpl.cxx deleted file mode 100644 index f5dcfe38f..000000000 --- a/xmlsecurity/source/xmlsec/nss/xmlsecuritycontext_nssimpl.cxx +++ /dev/null @@ -1,203 +0,0 @@ -/* -*- Mode: C++; tab-width: 4; indent-tabs-mode: nil; c-basic-offset: 4 -*- */ -/************************************************************************* - * - * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. - * - * Copyright 2000, 2010 Oracle and/or its affiliates. - * - * OpenOffice.org - a multi-platform office productivity suite - * - * This file is part of OpenOffice.org. - * - * OpenOffice.org is free software: you can redistribute it and/or modify - * it under the terms of the GNU Lesser General Public License version 3 - * only, as published by the Free Software Foundation. - * - * OpenOffice.org is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU Lesser General Public License version 3 for more details - * (a copy is included in the LICENSE file that accompanied this code). - * - * You should have received a copy of the GNU Lesser General Public License - * version 3 along with OpenOffice.org. If not, see - * <http://www.openoffice.org/license.html> - * for a copy of the LGPLv3 License. - * - ************************************************************************/ - -// MARKER(update_precomp.py): autogen include statement, do not remove -#include "precompiled_xmlsecurity.hxx" -#include <sal/config.h> -#include <rtl/uuid.h> -#include "securityenvironment_nssimpl.hxx" - -#include "xmlsecuritycontext_nssimpl.hxx" -#include "xmlstreamio.hxx" - -#include <sal/types.h> -//For reasons that escape me, this is what xmlsec does when size_t is not 4 -#if SAL_TYPES_SIZEOFPOINTER != 4 -# define XMLSEC_NO_SIZE_T -#endif -#include "xmlsec/xmlsec.h" -#include "xmlsec/keysmngr.h" -#include "xmlsec/crypto.h" - -using namespace ::com::sun::star::uno ; -using namespace ::com::sun::star::lang ; -using ::com::sun::star::lang::XMultiServiceFactory ; -using ::com::sun::star::lang::XSingleServiceFactory ; -using ::rtl::OUString ; - -using ::com::sun::star::xml::crypto::XSecurityEnvironment ; -using ::com::sun::star::xml::crypto::XXMLSecurityContext ; - -XMLSecurityContext_NssImpl :: XMLSecurityContext_NssImpl( const Reference< XMultiServiceFactory >& aFactory ) - ://i39448 : m_pKeysMngr( NULL ) , - m_xServiceManager( aFactory ) , - m_nDefaultEnvIndex(-1) - //m_xSecurityEnvironment( NULL ) -{ - //Init xmlsec library - if( xmlSecInit() < 0 ) { - throw RuntimeException() ; - } - - //Init xmlsec crypto engine library - if( xmlSecCryptoInit() < 0 ) { - xmlSecShutdown() ; - throw RuntimeException() ; - } - - //Enable external stream handlers - if( xmlEnableStreamInputCallbacks() < 0 ) { - xmlSecCryptoShutdown() ; - xmlSecShutdown() ; - throw RuntimeException() ; - } -} - -XMLSecurityContext_NssImpl :: ~XMLSecurityContext_NssImpl() { - //i39448 - - xmlDisableStreamInputCallbacks() ; - xmlSecCryptoShutdown() ; - xmlSecShutdown() ; -} - -//i39448 : new methods -sal_Int32 SAL_CALL XMLSecurityContext_NssImpl::addSecurityEnvironment( - const ::com::sun::star::uno::Reference< ::com::sun::star::xml::crypto::XSecurityEnvironment >& aSecurityEnvironment) - throw (::com::sun::star::security::SecurityInfrastructureException, ::com::sun::star::uno::RuntimeException) -{ - if( !aSecurityEnvironment.is() ) - { - throw RuntimeException() ; - } - - m_vSecurityEnvironments.push_back( aSecurityEnvironment ); - - return m_vSecurityEnvironments.size() - 1 ; -} - - -sal_Int32 SAL_CALL XMLSecurityContext_NssImpl::getSecurityEnvironmentNumber( ) - throw (::com::sun::star::uno::RuntimeException) -{ - return m_vSecurityEnvironments.size(); -} - -::com::sun::star::uno::Reference< ::com::sun::star::xml::crypto::XSecurityEnvironment > SAL_CALL - XMLSecurityContext_NssImpl::getSecurityEnvironmentByIndex( sal_Int32 index ) - throw (::com::sun::star::uno::RuntimeException) -{ - ::com::sun::star::uno::Reference< ::com::sun::star::xml::crypto::XSecurityEnvironment > xSecurityEnvironment; - - if (index >= 0 && index < ( sal_Int32 )m_vSecurityEnvironments.size()) - { - xSecurityEnvironment = m_vSecurityEnvironments[index]; - } - else - throw RuntimeException() ; - - return xSecurityEnvironment; -} - -::com::sun::star::uno::Reference< ::com::sun::star::xml::crypto::XSecurityEnvironment > SAL_CALL - XMLSecurityContext_NssImpl::getSecurityEnvironment( ) - throw (::com::sun::star::uno::RuntimeException) -{ - if (m_nDefaultEnvIndex >= 0 && m_nDefaultEnvIndex < ( sal_Int32 )m_vSecurityEnvironments.size()) - return getSecurityEnvironmentByIndex(m_nDefaultEnvIndex); - else - throw RuntimeException() ; -} - -sal_Int32 SAL_CALL XMLSecurityContext_NssImpl::getDefaultSecurityEnvironmentIndex( ) - throw (::com::sun::star::uno::RuntimeException) -{ - return m_nDefaultEnvIndex ; -} - -void SAL_CALL XMLSecurityContext_NssImpl::setDefaultSecurityEnvironmentIndex( sal_Int32 nDefaultEnvIndex ) - throw (::com::sun::star::uno::RuntimeException) -{ - m_nDefaultEnvIndex = nDefaultEnvIndex; -} - -//i39448 : old methods deleted - - -/* XInitialization */ -void SAL_CALL XMLSecurityContext_NssImpl :: initialize( const Sequence< Any >& /*aArguments*/ ) throw( Exception, RuntimeException ) { - // TBD -} ; - -/* XServiceInfo */ -OUString SAL_CALL XMLSecurityContext_NssImpl :: getImplementationName() throw( RuntimeException ) { - return impl_getImplementationName() ; -} - -/* XServiceInfo */ -sal_Bool SAL_CALL XMLSecurityContext_NssImpl :: supportsService( const OUString& serviceName) throw( RuntimeException ) { - Sequence< OUString > seqServiceNames = getSupportedServiceNames() ; - const OUString* pArray = seqServiceNames.getConstArray() ; - for( sal_Int32 i = 0 ; i < seqServiceNames.getLength() ; i ++ ) { - if( *( pArray + i ) == serviceName ) - return sal_True ; - } - return sal_False ; -} - -/* XServiceInfo */ -Sequence< OUString > SAL_CALL XMLSecurityContext_NssImpl :: getSupportedServiceNames() throw( RuntimeException ) { - return impl_getSupportedServiceNames() ; -} - -//Helper for XServiceInfo -Sequence< OUString > XMLSecurityContext_NssImpl :: impl_getSupportedServiceNames() { - ::osl::Guard< ::osl::Mutex > aGuard( ::osl::Mutex::getGlobalMutex() ) ; - Sequence< OUString > seqServiceNames( 1 ) ; - seqServiceNames.getArray()[0] = OUString(RTL_CONSTASCII_USTRINGPARAM("com.sun.star.xml.crypto.XMLSecurityContext")) ; - return seqServiceNames ; -} - -OUString XMLSecurityContext_NssImpl :: impl_getImplementationName() throw( RuntimeException ) { - return OUString(RTL_CONSTASCII_USTRINGPARAM("com.sun.star.xml.security.bridge.xmlsec.XMLSecurityContext_NssImpl")) ; -} - -//Helper for registry -Reference< XInterface > SAL_CALL XMLSecurityContext_NssImpl :: impl_createInstance( const Reference< XMultiServiceFactory >& aServiceManager ) throw( RuntimeException ) { - return Reference< XInterface >( *new XMLSecurityContext_NssImpl( aServiceManager ) ) ; -} - -Reference< XSingleServiceFactory > XMLSecurityContext_NssImpl :: impl_createFactory( const Reference< XMultiServiceFactory >& aServiceManager ) { - //Reference< XSingleServiceFactory > xFactory ; - //xFactory = ::cppu::createSingleFactory( aServiceManager , impl_getImplementationName , impl_createInstance , impl_getSupportedServiceNames ) ; - //return xFactory ; - return ::cppu::createSingleFactory( aServiceManager , impl_getImplementationName() , impl_createInstance , impl_getSupportedServiceNames() ) ; -} - - -/* vim:set shiftwidth=4 softtabstop=4 expandtab: */ diff --git a/xmlsecurity/source/xmlsec/nss/xmlsecuritycontext_nssimpl.hxx b/xmlsecurity/source/xmlsec/nss/xmlsecuritycontext_nssimpl.hxx deleted file mode 100644 index ca69b84dd..000000000 --- a/xmlsecurity/source/xmlsec/nss/xmlsecuritycontext_nssimpl.hxx +++ /dev/null @@ -1,137 +0,0 @@ -/* -*- Mode: C++; tab-width: 4; indent-tabs-mode: nil; c-basic-offset: 4 -*- */ -/************************************************************************* - * - * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. - * - * Copyright 2000, 2010 Oracle and/or its affiliates. - * - * OpenOffice.org - a multi-platform office productivity suite - * - * This file is part of OpenOffice.org. - * - * OpenOffice.org is free software: you can redistribute it and/or modify - * it under the terms of the GNU Lesser General Public License version 3 - * only, as published by the Free Software Foundation. - * - * OpenOffice.org is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU Lesser General Public License version 3 for more details - * (a copy is included in the LICENSE file that accompanied this code). - * - * You should have received a copy of the GNU Lesser General Public License - * version 3 along with OpenOffice.org. If not, see - * <http://www.openoffice.org/license.html> - * for a copy of the LGPLv3 License. - * - ************************************************************************/ - -#ifndef _XMLSIGNATURECONTEXT_NSSIMPL_HXX_ -#define _XMLSIGNATURECONTEXT_NSSIMPL_HXX_ - -#include <sal/config.h> -#include <rtl/ustring.hxx> -#include <cppuhelper/factory.hxx> -#include <cppuhelper/implbase3.hxx> -#include <com/sun/star/uno/Exception.hpp> - -#include <com/sun/star/uno/Reference.hxx> -#include <com/sun/star/lang/XSingleServiceFactory.hpp> - -#include <com/sun/star/lang/XServiceInfo.hpp> -#include <com/sun/star/lang/XInitialization.hpp> -#include <com/sun/star/lang/XUnoTunnel.hpp> -#include <com/sun/star/xml/crypto/XSecurityEnvironment.hpp> -#include <com/sun/star/xml/crypto/XXMLSecurityContext.hpp> - -#ifndef INCLUDED_VECTOR -#include <vector> -#define INCLUDED_VECTOR -#endif - -class XMLSecurityContext_NssImpl : public ::cppu::WeakImplHelper3< - ::com::sun::star::xml::crypto::XXMLSecurityContext , - ::com::sun::star::lang::XInitialization , - ::com::sun::star::lang::XServiceInfo > -{ - private : - //xmlSecKeysMngrPtr m_pKeysMngr ; - //::com::sun::star::uno::Reference< ::com::sun::star::xml::crypto::XSecurityEnvironment > m_xSecurityEnvironment ; - std::vector< ::com::sun::star::uno::Reference< ::com::sun::star::xml::crypto::XSecurityEnvironment > > m_vSecurityEnvironments; - - ::com::sun::star::uno::Reference< ::com::sun::star::lang::XMultiServiceFactory > m_xServiceManager ; - - sal_Int32 m_nDefaultEnvIndex; - - public : - XMLSecurityContext_NssImpl( const ::com::sun::star::uno::Reference< ::com::sun::star::lang::XMultiServiceFactory >& aFactory ) ; - virtual ~XMLSecurityContext_NssImpl() ; - - //Methods from XXMLSecurityContext - virtual sal_Int32 SAL_CALL addSecurityEnvironment( - const ::com::sun::star::uno::Reference< ::com::sun::star::xml::crypto::XSecurityEnvironment >& aSecurityEnvironment - ) throw (::com::sun::star::security::SecurityInfrastructureException, ::com::sun::star::uno::RuntimeException); - - virtual ::sal_Int32 SAL_CALL getSecurityEnvironmentNumber( ) - throw (::com::sun::star::uno::RuntimeException); - - virtual ::com::sun::star::uno::Reference< - ::com::sun::star::xml::crypto::XSecurityEnvironment > SAL_CALL - getSecurityEnvironmentByIndex( ::sal_Int32 index ) - throw (::com::sun::star::uno::RuntimeException); - - virtual ::com::sun::star::uno::Reference< - ::com::sun::star::xml::crypto::XSecurityEnvironment > SAL_CALL - getSecurityEnvironment( ) - throw (::com::sun::star::uno::RuntimeException); - - virtual ::sal_Int32 SAL_CALL getDefaultSecurityEnvironmentIndex( ) - throw (::com::sun::star::uno::RuntimeException); - - virtual void SAL_CALL setDefaultSecurityEnvironmentIndex( sal_Int32 nDefaultEnvIndex ) - throw (::com::sun::star::uno::RuntimeException); - - //Methods from XInitialization - virtual void SAL_CALL initialize( - const ::com::sun::star::uno::Sequence< ::com::sun::star::uno::Any >& aArguments - ) throw( ::com::sun::star::uno::Exception , ::com::sun::star::uno::RuntimeException ) ; - - //Methods from XServiceInfo - virtual ::rtl::OUString SAL_CALL getImplementationName() throw( ::com::sun::star::uno::RuntimeException ) ; - - virtual sal_Bool SAL_CALL supportsService( - const ::rtl::OUString& ServiceName - ) throw( ::com::sun::star::uno::RuntimeException ) ; - - virtual ::com::sun::star::uno::Sequence< ::rtl::OUString > SAL_CALL getSupportedServiceNames() throw( ::com::sun::star::uno::RuntimeException ) ; - - //Helper for XServiceInfo - static ::com::sun::star::uno::Sequence< ::rtl::OUString > impl_getSupportedServiceNames() ; - - static ::rtl::OUString impl_getImplementationName() throw( ::com::sun::star::uno::RuntimeException ) ; - - //Helper for registry - static ::com::sun::star::uno::Reference< ::com::sun::star::uno::XInterface > SAL_CALL impl_createInstance( const ::com::sun::star::uno::Reference< ::com::sun::star::lang::XMultiServiceFactory >& aServiceManager ) throw( ::com::sun::star::uno::RuntimeException ) ; - - static ::com::sun::star::uno::Reference< ::com::sun::star::lang::XSingleServiceFactory > impl_createFactory( const ::com::sun::star::uno::Reference< ::com::sun::star::lang::XMultiServiceFactory >& aServiceManager ) ; - - /* - * Because of the issue of multi-securityenvironment, so the keyManager method is not useful any longer. - * - - //Methods from XUnoTunnel - virtual sal_Int64 SAL_CALL getSomething( const ::com::sun::star::uno::Sequence< sal_Int8 >& aIdentifier ) - throw (com::sun::star::uno::RuntimeException); - - static const ::com::sun::star::uno::Sequence< sal_Int8 >& getUnoTunnelId() ; - static XMLSecurityContext_NssImpl* getImplementation( const ::com::sun::star::uno::Reference< ::com::sun::star::uno::XInterface > xObj ) ; - - //Native mehtods - virtual xmlSecKeysMngrPtr keysManager() throw( ::com::sun::star::uno::Exception , ::com::sun::star::uno::RuntimeException ) ; - - */ -} ; - -#endif // _XMLSIGNATURECONTEXT_NSSIMPL_HXX_ - -/* vim:set shiftwidth=4 softtabstop=4 expandtab: */ diff --git a/xmlsecurity/source/xmlsec/nss/xmlsignature_nssimpl.cxx b/xmlsecurity/source/xmlsec/nss/xmlsignature_nssimpl.cxx deleted file mode 100644 index 868cfb416..000000000 --- a/xmlsecurity/source/xmlsec/nss/xmlsignature_nssimpl.cxx +++ /dev/null @@ -1,344 +0,0 @@ -/* -*- Mode: C++; tab-width: 4; indent-tabs-mode: nil; c-basic-offset: 4 -*- */ -/************************************************************************* - * - * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. - * - * Copyright 2000, 2010 Oracle and/or its affiliates. - * - * OpenOffice.org - a multi-platform office productivity suite - * - * This file is part of OpenOffice.org. - * - * OpenOffice.org is free software: you can redistribute it and/or modify - * it under the terms of the GNU Lesser General Public License version 3 - * only, as published by the Free Software Foundation. - * - * OpenOffice.org is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU Lesser General Public License version 3 for more details - * (a copy is included in the LICENSE file that accompanied this code). - * - * You should have received a copy of the GNU Lesser General Public License - * version 3 along with OpenOffice.org. If not, see - * <http://www.openoffice.org/license.html> - * for a copy of the LGPLv3 License. - * - ************************************************************************/ - -// MARKER(update_precomp.py): autogen include statement, do not remove -#include "precompiled_xmlsecurity.hxx" -#include <sal/config.h> -#include <rtl/uuid.h> -#include "xmlsignature_nssimpl.hxx" - -#include "xmldocumentwrapper_xmlsecimpl.hxx" - -#include "xmlelementwrapper_xmlsecimpl.hxx" - -#include "securityenvironment_nssimpl.hxx" - -#include "xmlsecuritycontext_nssimpl.hxx" -#include "xmlstreamio.hxx" -#include "errorcallback.hxx" - -#include <sal/types.h> -//For reasons that escape me, this is what xmlsec does when size_t is not 4 -#if SAL_TYPES_SIZEOFPOINTER != 4 -# define XMLSEC_NO_SIZE_T -#endif -#include "xmlsec/xmlsec.h" -#include "xmlsec/xmldsig.h" -#include "xmlsec/crypto.h" - -using namespace ::com::sun::star::uno ; -using namespace ::com::sun::star::lang ; -using ::com::sun::star::lang::XMultiServiceFactory ; -using ::com::sun::star::lang::XSingleServiceFactory ; -using ::rtl::OUString ; - -using ::com::sun::star::xml::wrapper::XXMLElementWrapper ; -using ::com::sun::star::xml::wrapper::XXMLDocumentWrapper ; -using ::com::sun::star::xml::crypto::XSecurityEnvironment ; -using ::com::sun::star::xml::crypto::XXMLSignature ; -using ::com::sun::star::xml::crypto::XXMLSignatureTemplate ; -using ::com::sun::star::xml::crypto::XSecurityEnvironment ; -using ::com::sun::star::xml::crypto::XXMLSecurityContext ; -using ::com::sun::star::xml::crypto::XUriBinding ; -using ::com::sun::star::xml::crypto::XMLSignatureException ; - -XMLSignature_NssImpl :: XMLSignature_NssImpl( const Reference< XMultiServiceFactory >& aFactory ) : m_xServiceManager( aFactory ) { -} - -XMLSignature_NssImpl :: ~XMLSignature_NssImpl() { -} - -/* XXMLSignature */ -Reference< XXMLSignatureTemplate > -SAL_CALL XMLSignature_NssImpl :: generate( - const Reference< XXMLSignatureTemplate >& aTemplate , - const Reference< XSecurityEnvironment >& aEnvironment -) throw( com::sun::star::xml::crypto::XMLSignatureException, - com::sun::star::uno::SecurityException ) -{ - xmlSecKeysMngrPtr pMngr = NULL ; - xmlSecDSigCtxPtr pDsigCtx = NULL ; - xmlNodePtr pNode = NULL ; - - if( !aTemplate.is() ) - throw RuntimeException() ; - - if( !aEnvironment.is() ) - throw RuntimeException() ; - - //Get the xml node - Reference< XXMLElementWrapper > xElement = aTemplate->getTemplate() ; - if( !xElement.is() ) { - throw RuntimeException() ; - } - - Reference< XUnoTunnel > xNodTunnel( xElement , UNO_QUERY ) ; - if( !xNodTunnel.is() ) { - throw RuntimeException() ; - } - - XMLElementWrapper_XmlSecImpl* pElement = - reinterpret_cast<XMLElementWrapper_XmlSecImpl*>( - sal::static_int_cast<sal_uIntPtr>( - xNodTunnel->getSomething( XMLElementWrapper_XmlSecImpl::getUnoTunnelImplementationId() ))); - if( pElement == NULL ) { - throw RuntimeException() ; - } - - pNode = pElement->getNativeElement() ; - - //Get the stream/URI binding - Reference< XUriBinding > xUriBinding = aTemplate->getBinding() ; - if( xUriBinding.is() ) { - //Register the stream input callbacks into libxml2 - if( xmlRegisterStreamInputCallbacks( xUriBinding ) < 0 ) - throw RuntimeException() ; - } - - //Get Keys Manager - Reference< XUnoTunnel > xSecTunnel( aEnvironment , UNO_QUERY ) ; - if( !xSecTunnel.is() ) { - throw RuntimeException() ; - } - - //i39448 : the key manager should be retrieved from SecurityEnvironment, instead of SecurityContext - - SecurityEnvironment_NssImpl* pSecEnv = - reinterpret_cast<SecurityEnvironment_NssImpl*>( - sal::static_int_cast<sal_uIntPtr>( - xSecTunnel->getSomething( SecurityEnvironment_NssImpl::getUnoTunnelId() ))); - if( pSecEnv == NULL ) - throw RuntimeException() ; - - setErrorRecorder(); - - pMngr = pSecEnv->createKeysManager() ; //i39448 - if( !pMngr ) { - throw RuntimeException() ; - } - - //Create Signature context - pDsigCtx = xmlSecDSigCtxCreate( pMngr ) ; - if( pDsigCtx == NULL ) - { - pSecEnv->destroyKeysManager( pMngr ) ; //i39448 - //throw XMLSignatureException() ; - clearErrorRecorder(); - return aTemplate; - } - - //Sign the template - if( xmlSecDSigCtxSign( pDsigCtx , pNode ) == 0 ) - { - if (pDsigCtx->status == xmlSecDSigStatusSucceeded) - aTemplate->setStatus(com::sun::star::xml::crypto::SecurityOperationStatus_OPERATION_SUCCEEDED); - else - aTemplate->setStatus(com::sun::star::xml::crypto::SecurityOperationStatus_UNKNOWN); - } - else - { - aTemplate->setStatus(com::sun::star::xml::crypto::SecurityOperationStatus_UNKNOWN); - } - - - xmlSecDSigCtxDestroy( pDsigCtx ) ; - pSecEnv->destroyKeysManager( pMngr ) ; //i39448 - - //Unregistered the stream/URI binding - if( xUriBinding.is() ) - xmlUnregisterStreamInputCallbacks() ; - - clearErrorRecorder(); - return aTemplate ; -} - -/* XXMLSignature */ -Reference< XXMLSignatureTemplate > -SAL_CALL XMLSignature_NssImpl :: validate( - const Reference< XXMLSignatureTemplate >& aTemplate , - const Reference< XXMLSecurityContext >& aSecurityCtx -) throw( com::sun::star::uno::RuntimeException, - com::sun::star::uno::SecurityException, - com::sun::star::xml::crypto::XMLSignatureException ) { - xmlSecKeysMngrPtr pMngr = NULL ; - xmlSecDSigCtxPtr pDsigCtx = NULL ; - xmlNodePtr pNode = NULL ; - //sal_Bool valid ; - - if( !aTemplate.is() ) - throw RuntimeException() ; - - if( !aSecurityCtx.is() ) - throw RuntimeException() ; - - //Get the xml node - Reference< XXMLElementWrapper > xElement = aTemplate->getTemplate() ; - if( !xElement.is() ) - throw RuntimeException() ; - - Reference< XUnoTunnel > xNodTunnel( xElement , UNO_QUERY ) ; - if( !xNodTunnel.is() ) { - throw RuntimeException() ; - } - - XMLElementWrapper_XmlSecImpl* pElement = - reinterpret_cast<XMLElementWrapper_XmlSecImpl*>( - sal::static_int_cast<sal_uIntPtr>( - xNodTunnel->getSomething( XMLElementWrapper_XmlSecImpl::getUnoTunnelImplementationId() ))); - if( pElement == NULL ) - throw RuntimeException() ; - - pNode = pElement->getNativeElement() ; - - //Get the stream/URI binding - Reference< XUriBinding > xUriBinding = aTemplate->getBinding() ; - if( xUriBinding.is() ) { - //Register the stream input callbacks into libxml2 - if( xmlRegisterStreamInputCallbacks( xUriBinding ) < 0 ) - throw RuntimeException() ; - } - - setErrorRecorder(); - - sal_Int32 nSecurityEnvironment = aSecurityCtx->getSecurityEnvironmentNumber(); - sal_Int32 i; - - for (i=0; i<nSecurityEnvironment; ++i) - { - Reference< XSecurityEnvironment > aEnvironment = aSecurityCtx->getSecurityEnvironmentByIndex(i); - - //Get Keys Manager - Reference< XUnoTunnel > xSecTunnel( aEnvironment , UNO_QUERY ) ; - if( !xSecTunnel.is() ) { - throw RuntimeException() ; - } - - SecurityEnvironment_NssImpl* pSecEnv = - reinterpret_cast<SecurityEnvironment_NssImpl*>( - sal::static_int_cast<sal_uIntPtr>( - xSecTunnel->getSomething( SecurityEnvironment_NssImpl::getUnoTunnelId() ))); - if( pSecEnv == NULL ) - throw RuntimeException() ; - - pMngr = pSecEnv->createKeysManager() ; //i39448 - if( !pMngr ) { - throw RuntimeException() ; - } - - //Create Signature context - pDsigCtx = xmlSecDSigCtxCreate( pMngr ) ; - if( pDsigCtx == NULL ) - { - pSecEnv->destroyKeysManager( pMngr ) ; //i39448 - //throw XMLSignatureException() ; - clearErrorRecorder(); - return aTemplate; - } - - //Verify signature - int rs = xmlSecDSigCtxVerify( pDsigCtx , pNode ); - - - if (rs == 0 && - pDsigCtx->status == xmlSecDSigStatusSucceeded) - { - aTemplate->setStatus(com::sun::star::xml::crypto::SecurityOperationStatus_OPERATION_SUCCEEDED); - xmlSecDSigCtxDestroy( pDsigCtx ) ; - pSecEnv->destroyKeysManager( pMngr ); - break; - } - else - { - aTemplate->setStatus(com::sun::star::xml::crypto::SecurityOperationStatus_UNKNOWN); - } - xmlSecDSigCtxDestroy( pDsigCtx ) ; - pSecEnv->destroyKeysManager( pMngr ); - } - - - - //Unregistered the stream/URI binding - if( xUriBinding.is() ) - xmlUnregisterStreamInputCallbacks() ; - - //return valid ; - clearErrorRecorder(); - return aTemplate; -} - -/* XInitialization */ -void SAL_CALL XMLSignature_NssImpl :: initialize( const Sequence< Any >& /*aArguments*/ ) throw( Exception, RuntimeException ) { - // TBD -} ; - -/* XServiceInfo */ -OUString SAL_CALL XMLSignature_NssImpl :: getImplementationName() throw( RuntimeException ) { - return impl_getImplementationName() ; -} - -/* XServiceInfo */ -sal_Bool SAL_CALL XMLSignature_NssImpl :: supportsService( const OUString& serviceName) throw( RuntimeException ) { - Sequence< OUString > seqServiceNames = getSupportedServiceNames() ; - const OUString* pArray = seqServiceNames.getConstArray() ; - for( sal_Int32 i = 0 ; i < seqServiceNames.getLength() ; i ++ ) { - if( *( pArray + i ) == serviceName ) - return sal_True ; - } - return sal_False ; -} - -/* XServiceInfo */ -Sequence< OUString > SAL_CALL XMLSignature_NssImpl :: getSupportedServiceNames() throw( RuntimeException ) { - return impl_getSupportedServiceNames() ; -} - -//Helper for XServiceInfo -Sequence< OUString > XMLSignature_NssImpl :: impl_getSupportedServiceNames() { - ::osl::Guard< ::osl::Mutex > aGuard( ::osl::Mutex::getGlobalMutex() ) ; - Sequence< OUString > seqServiceNames( 1 ) ; - seqServiceNames.getArray()[0] = OUString(RTL_CONSTASCII_USTRINGPARAM("com.sun.star.xml.crypto.XMLSignature")) ; - return seqServiceNames ; -} - -OUString XMLSignature_NssImpl :: impl_getImplementationName() throw( RuntimeException ) { - return OUString(RTL_CONSTASCII_USTRINGPARAM("com.sun.star.xml.security.bridge.xmlsec.XMLSignature_NssImpl")) ; -} - -//Helper for registry -Reference< XInterface > SAL_CALL XMLSignature_NssImpl :: impl_createInstance( const Reference< XMultiServiceFactory >& aServiceManager ) throw( RuntimeException ) { - return Reference< XInterface >( *new XMLSignature_NssImpl( aServiceManager ) ) ; -} - -Reference< XSingleServiceFactory > XMLSignature_NssImpl :: impl_createFactory( const Reference< XMultiServiceFactory >& aServiceManager ) { - //Reference< XSingleServiceFactory > xFactory ; - //xFactory = ::cppu::createSingleFactory( aServiceManager , impl_getImplementationName , impl_createInstance , impl_getSupportedServiceNames ) ; - //return xFactory ; - return ::cppu::createSingleFactory( aServiceManager , impl_getImplementationName() , impl_createInstance , impl_getSupportedServiceNames() ) ; -} - -/* vim:set shiftwidth=4 softtabstop=4 expandtab: */ diff --git a/xmlsecurity/source/xmlsec/nss/xmlsignature_nssimpl.hxx b/xmlsecurity/source/xmlsec/nss/xmlsignature_nssimpl.hxx deleted file mode 100644 index 4c6017a69..000000000 --- a/xmlsecurity/source/xmlsec/nss/xmlsignature_nssimpl.hxx +++ /dev/null @@ -1,100 +0,0 @@ -/* -*- Mode: C++; tab-width: 4; indent-tabs-mode: nil; c-basic-offset: 4 -*- */ -/************************************************************************* - * - * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. - * - * Copyright 2000, 2010 Oracle and/or its affiliates. - * - * OpenOffice.org - a multi-platform office productivity suite - * - * This file is part of OpenOffice.org. - * - * OpenOffice.org is free software: you can redistribute it and/or modify - * it under the terms of the GNU Lesser General Public License version 3 - * only, as published by the Free Software Foundation. - * - * OpenOffice.org is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU Lesser General Public License version 3 for more details - * (a copy is included in the LICENSE file that accompanied this code). - * - * You should have received a copy of the GNU Lesser General Public License - * version 3 along with OpenOffice.org. If not, see - * <http://www.openoffice.org/license.html> - * for a copy of the LGPLv3 License. - * - ************************************************************************/ - -#ifndef _XMLSIGNATURE_NSSIMPL_HXX_ -#define _XMLSIGNATURE_NSSIMPL_HXX_ - -#include <sal/config.h> -#include <rtl/ustring.hxx> -#include <cppuhelper/factory.hxx> -#include <cppuhelper/implbase3.hxx> -#include <com/sun/star/uno/Exception.hpp> - -#include <com/sun/star/uno/Reference.hxx> -#include <com/sun/star/lang/XSingleServiceFactory.hpp> - -#include <com/sun/star/lang/XServiceInfo.hpp> -#include <com/sun/star/lang/XInitialization.hpp> -#include <com/sun/star/xml/crypto/XXMLSignature.hpp> -#include <com/sun/star/xml/crypto/XXMLSignatureTemplate.hpp> -#include <com/sun/star/xml/crypto/XXMLSecurityContext.hpp> - -class XMLSignature_NssImpl : public ::cppu::WeakImplHelper3< - ::com::sun::star::xml::crypto::XXMLSignature , - ::com::sun::star::lang::XInitialization , - ::com::sun::star::lang::XServiceInfo > -{ - private : - ::com::sun::star::uno::Reference< ::com::sun::star::lang::XMultiServiceFactory > m_xServiceManager ; - - public : - XMLSignature_NssImpl( const ::com::sun::star::uno::Reference< ::com::sun::star::lang::XMultiServiceFactory >& aFactory ) ; - virtual ~XMLSignature_NssImpl() ; - - //Methods from XXMLSignature - virtual ::com::sun::star::uno::Reference< ::com::sun::star::xml::crypto::XXMLSignatureTemplate > SAL_CALL generate( - const ::com::sun::star::uno::Reference< ::com::sun::star::xml::crypto::XXMLSignatureTemplate >& aTemplate , - const ::com::sun::star::uno::Reference< ::com::sun::star::xml::crypto::XSecurityEnvironment >& aEnvironment - ) throw( com::sun::star::xml::crypto::XMLSignatureException, - com::sun::star::uno::SecurityException) ; - - virtual ::com::sun::star::uno::Reference< ::com::sun::star::xml::crypto::XXMLSignatureTemplate > SAL_CALL validate( - const ::com::sun::star::uno::Reference< ::com::sun::star::xml::crypto::XXMLSignatureTemplate >& aTemplate , - const ::com::sun::star::uno::Reference< ::com::sun::star::xml::crypto::XXMLSecurityContext >& aContext - ) throw( com::sun::star::uno::RuntimeException, - com::sun::star::uno::SecurityException, - com::sun::star::xml::crypto::XMLSignatureException); - - //Methods from XInitialization - virtual void SAL_CALL initialize( - const ::com::sun::star::uno::Sequence< ::com::sun::star::uno::Any >& aArguments - ) throw( ::com::sun::star::uno::Exception , ::com::sun::star::uno::RuntimeException ) ; - - //Methods from XServiceInfo - virtual ::rtl::OUString SAL_CALL getImplementationName() throw( ::com::sun::star::uno::RuntimeException ) ; - - virtual sal_Bool SAL_CALL supportsService( - const ::rtl::OUString& ServiceName - ) throw( ::com::sun::star::uno::RuntimeException ) ; - - virtual ::com::sun::star::uno::Sequence< ::rtl::OUString > SAL_CALL getSupportedServiceNames() throw( ::com::sun::star::uno::RuntimeException ) ; - - //Helper for XServiceInfo - static ::com::sun::star::uno::Sequence< ::rtl::OUString > impl_getSupportedServiceNames() ; - - static ::rtl::OUString impl_getImplementationName() throw( ::com::sun::star::uno::RuntimeException ) ; - - //Helper for registry - static ::com::sun::star::uno::Reference< ::com::sun::star::uno::XInterface > SAL_CALL impl_createInstance( const ::com::sun::star::uno::Reference< ::com::sun::star::lang::XMultiServiceFactory >& aServiceManager ) throw( ::com::sun::star::uno::RuntimeException ) ; - - static ::com::sun::star::uno::Reference< ::com::sun::star::lang::XSingleServiceFactory > impl_createFactory( const ::com::sun::star::uno::Reference< ::com::sun::star::lang::XMultiServiceFactory >& aServiceManager ) ; -} ; - -#endif // _XMLSIGNATURE_NSSIMPL_HXX_ - -/* vim:set shiftwidth=4 softtabstop=4 expandtab: */ diff --git a/xmlsecurity/source/xmlsec/nss/xsec_nss.cxx b/xmlsecurity/source/xmlsec/nss/xsec_nss.cxx deleted file mode 100644 index 7b2fbd0d5..000000000 --- a/xmlsecurity/source/xmlsec/nss/xsec_nss.cxx +++ /dev/null @@ -1,107 +0,0 @@ -/* -*- Mode: C++; tab-width: 4; indent-tabs-mode: nil; c-basic-offset: 4 -*- */ -/************************************************************************* - * - * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. - * - * Copyright 2000, 2010 Oracle and/or its affiliates. - * - * OpenOffice.org - a multi-platform office productivity suite - * - * This file is part of OpenOffice.org. - * - * OpenOffice.org is free software: you can redistribute it and/or modify - * it under the terms of the GNU Lesser General Public License version 3 - * only, as published by the Free Software Foundation. - * - * OpenOffice.org is distributed in the hope that it will be useful, - * but WITHOUT ANY WARRANTY; without even the implied warranty of - * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - * GNU Lesser General Public License version 3 for more details - * (a copy is included in the LICENSE file that accompanied this code). - * - * You should have received a copy of the GNU Lesser General Public License - * version 3 along with OpenOffice.org. If not, see - * <http://www.openoffice.org/license.html> - * for a copy of the LGPLv3 License. - * - ************************************************************************/ - -// MARKER(update_precomp.py): autogen include statement, do not remove -#include "precompiled_xmlsecurity.hxx" - -#include <sal/config.h> -#include <stdio.h> - -#include <osl/mutex.hxx> -#include <osl/thread.h> -#include <cppuhelper/factory.hxx> -#include <com/sun/star/lang/XSingleServiceFactory.hpp> - -#include "seinitializer_nssimpl.hxx" -#include "xmlsignature_nssimpl.hxx" -#include "xmlencryption_nssimpl.hxx" -#include "xmlsecuritycontext_nssimpl.hxx" -#include "securityenvironment_nssimpl.hxx" - -using namespace ::rtl; -using namespace ::cppu; -using namespace ::com::sun::star::uno; -using namespace ::com::sun::star::lang; -using namespace ::com::sun::star::registry; - -extern "C" -{ - -void* SAL_CALL nss_component_getFactory( const sal_Char* pImplName , void* pServiceManager , void* /*pRegistryKey*/ ) -{ - void* pRet = 0; - Reference< XSingleServiceFactory > xFactory ; - - if( pImplName != NULL && pServiceManager != NULL ) - { -#ifdef XMLSEC_CRYPTO_NSS - if( SEInitializer_NssImpl_getImplementationName().equals( OUString::createFromAscii( pImplName ) ) ) - { - xFactory = Reference< XSingleServiceFactory >( createSingleFactory( - reinterpret_cast< XMultiServiceFactory * >( pServiceManager ), - OUString::createFromAscii( pImplName ), - SEInitializer_NssImpl_createInstance, SEInitializer_NssImpl_getSupportedServiceNames() ) ); - } - else if( XMLSignature_NssImpl::impl_getImplementationName().equals( OUString::createFromAscii( pImplName ) ) ) - { - xFactory = XMLSignature_NssImpl::impl_createFactory( reinterpret_cast< XMultiServiceFactory* >( pServiceManager ) ) ; - } - else if( XMLSecurityContext_NssImpl::impl_getImplementationName().equals( OUString::createFromAscii( pImplName ) ) ) - { - xFactory = XMLSecurityContext_NssImpl::impl_createFactory( reinterpret_cast< XMultiServiceFactory* >( pServiceManager ) ) ; - } - else if( SecurityEnvironment_NssImpl::impl_getImplementationName().equals( OUString::createFromAscii( pImplName ) ) ) - { - xFactory = SecurityEnvironment_NssImpl::impl_createFactory( reinterpret_cast< XMultiServiceFactory* >( pServiceManager ) ) ; - } - else if( XMLEncryption_NssImpl::impl_getImplementationName().equals( OUString::createFromAscii( pImplName ) ) ) - { - xFactory = XMLEncryption_NssImpl::impl_createFactory( reinterpret_cast< XMultiServiceFactory* >( pServiceManager ) ) ; - } -#else - if( ONSSInitializer_getImplementationName().equals( OUString::createFromAscii( pImplName ) ) ) - { - xFactory = Reference< XSingleServiceFactory >( createSingleFactory( - reinterpret_cast< XMultiServiceFactory * >( pServiceManager ), - OUString::createFromAscii( pImplName ), - ONSSInitializer_createInstance, ONSSInitializer_getSupportedServiceNames() ) ); - } -#endif - } - - if( xFactory.is() ) { - xFactory->acquire() ; - pRet = xFactory.get() ; - } - - return pRet ; -} - -} - -/* vim:set shiftwidth=4 softtabstop=4 expandtab: */ |