AOO410/main/xmlsecurity/tools/standalone/csfit/certmngr.cxx - openoffice - Git at Google

 /**************************************************************
  *
  * Licensed to the Apache Software Foundation (ASF) under one
  * or more contributor license agreements.  See the NOTICE file
  * distributed with this work for additional information
  * regarding copyright ownership.  The ASF licenses this file
  * to you under the Apache License, Version 2.0 (the
  * "License"); you may not use this file except in compliance
  * with the License.  You may obtain a copy of the License at
  *
  *   http://www.apache.org/licenses/LICENSE-2.0
  *
  * Unless required by applicable law or agreed to in writing,
  * software distributed under the License is distributed on an
  * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
  * KIND, either express or implied.  See the License for the
  * specific language governing permissions and limitations
  * under the License.
  *
  *************************************************************/


 // MARKER(update_precomp.py): autogen include statement, do not remove
 #include "precompiled_xmlsecurity.hxx"

 #include <stdio.h>
 #include "helper.hxx"

 #include "libxml/tree.h"
 #include "libxml/parser.h"
 #ifndef XMLSEC_NO_XSLT
 #include "libxslt/xslt.h"
 #endif

 #include "securityenvironment_nssimpl.hxx"

 #include <xmlsecurity/biginteger.hxx>


 #include "nspr.h"
 #include "prtypes.h"

 #include "pk11func.h"
 #include "cert.h"
 #include "cryptohi.h"
 #include "certdb.h"
 #include "nss.h"

 #include "xmlsec/strings.h"
 #include "xmlsec/xmltree.h"

 #include <rtl/ustring.hxx>

 using namespace ::rtl ;
 using namespace ::cppu ;
 using namespace ::com::sun::star::uno ;
 using namespace ::com::sun::star::io ;
 using namespace ::com::sun::star::ucb ;
 using namespace ::com::sun::star::beans ;
 using namespace ::com::sun::star::document ;
 using namespace ::com::sun::star::lang ;
 using namespace ::com::sun::star::security ;
 using namespace ::com::sun::star::xml::wrapper ;
 using namespace ::com::sun::star::xml::crypto ;

 int SAL_CALL main( int argc, char **argv )
 {
 	CERTCertDBHandle*	certHandle ;
 	PK11SlotInfo*		slot ;

 	if( argc != 3 ) {
 		fprintf( stderr, "Usage: %s < CertDir > <rdb file>\n\n" , argv[0] ) ;
 		return 1 ;
 	}

 	for( ; getchar() != 'q' ; ) {
 		slot = NULL ;

 	//Initialize NSPR and NSS
 	PR_Init( PR_SYSTEM_THREAD, PR_PRIORITY_NORMAL, 1 ) ;
 	PK11_SetPasswordFunc( PriPK11PasswordFunc ) ;
 	if( NSS_Init( argv[1] ) != SECSuccess ) {
 		fprintf( stderr , "### cannot intialize NSS!\n" ) ;
 		goto done ;
 	}

 	certHandle = CERT_GetDefaultCertDB() ;
 	slot = PK11_GetInternalKeySlot() ;

 	if( PK11_NeedLogin( slot ) ) {
 		SECStatus nRet = PK11_Authenticate( slot, PR_TRUE, NULL );
 		if( nRet != SECSuccess ) {
 			fprintf( stderr , "### cannot authehticate the crypto token!\n" ) ;
 			goto done ;
 		}
 	}


 	try {
 		Reference< XMultiComponentFactory > xManager = NULL ;
 		Reference< XComponentContext > xContext = NULL ;

 		xManager = serviceManager( xContext , OUString::createFromAscii( "local" ), OUString::createFromAscii( argv[2] ) ) ;
 		OSL_ENSURE( xManager.is() ,
 			"ServicesManager - "
 			"Cannot get service manager" ) ;

 		//Create security environment
 		//Build Security Environment
 		Reference< XInterface > xsecenv =
 			xManager->createInstanceWithContext( OUString::createFromAscii("com.sun.star.xml.security.bridge.xmlsec.SecurityEnvironment_NssImpl"), xContext ) ;
 		OSL_ENSURE( xsecenv.is() ,
 			"Signer - "
 			"Cannot get service instance of \"xsec.SecurityEnvironment\"" ) ;

 		Reference< XSecurityEnvironment > xSecEnv( xsecenv , UNO_QUERY ) ;
 		OSL_ENSURE( xSecEnv.is() ,
 			"Signer - "
 			"Cannot get interface of \"XSecurityEnvironment\" from service \"xsec.SecurityEnvironment\"" ) ;

 		//Setup key slot and certDb
 		Reference< XUnoTunnel > xEnvTunnel( xsecenv , UNO_QUERY ) ;
 		OSL_ENSURE( xEnvTunnel.is() ,
 			"Signer - "
 			"Cannot get interface of \"XUnoTunnel\" from service \"xsec.SecurityEnvironment\"" ) ;

 		SecurityEnvironment_NssImpl* pSecEnv = ( SecurityEnvironment_NssImpl* )xEnvTunnel->getSomething( SecurityEnvironment_NssImpl::getUnoTunnelId() ) ;
 		OSL_ENSURE( pSecEnv != NULL ,
 			"Signer - "
 			"Cannot get implementation of \"xsec.SecurityEnvironment\"" ) ;

 		pSecEnv->setCryptoSlot( slot ) ;
 		pSecEnv->setCertDb( certHandle ) ;

 		//Get personal certificate
 		Sequence < Reference< XCertificate > > xPersonalCerts = pSecEnv->getPersonalCertificates() ;
 		Sequence < Reference< XCertificate > > xCertPath ;
 		for( int i = 0; i < xPersonalCerts.getLength(); i ++ ) {
 			//Print the certificate infomation.
 			fprintf( stdout, "\nPersonal Certificate Info\n" ) ;
 			fprintf( stdout, "\tCertificate Issuer[%s]\n", OUStringToOString( xPersonalCerts[i]->getIssuerName(), RTL_TEXTENCODING_ASCII_US ).getStr() ) ;
 			fprintf( stdout, "\tCertificate Serial Number[%s]\n", OUStringToOString( bigIntegerToNumericString( xPersonalCerts[i]->getSerialNumber() ), RTL_TEXTENCODING_ASCII_US ).getStr() ) ;
 			fprintf( stdout, "\tCertificate Subject[%s]\n", OUStringToOString( xPersonalCerts[i]->getSubjectName(), RTL_TEXTENCODING_ASCII_US ).getStr() ) ;

 			//build the certificate path
 			xCertPath = pSecEnv->buildCertificatePath( xPersonalCerts[i] ) ;
 			//Print the certificate path.
 			fprintf( stdout, "\tCertificate Path\n" ) ;
 			for( int j = 0; j < xCertPath.getLength(); j ++ ) {
 				fprintf( stdout, "\t\tCertificate Authority Subject[%s]\n", OUStringToOString( xCertPath[j]->getSubjectName(), RTL_TEXTENCODING_ASCII_US ).getStr() ) ;
 			}

 			//Get the certificate
 			Sequence < sal_Int8 > serial = xPersonalCerts[i]->getSerialNumber() ;
 			Reference< XCertificate > xcert = pSecEnv->getCertificate( xPersonalCerts[i]->getIssuerName(), xPersonalCerts[i]->getSerialNumber() ) ;
 			if( !xcert.is() ) {
 				fprintf( stdout, "The personal certificate is not in the certificate database\n" ) ;
 			}

 			//Get the certificate characters
 			sal_Int32 chars = pSecEnv->getCertificateCharacters( xPersonalCerts[i] ) ;
 			fprintf( stdout, "The certificate characters are %d\n", chars ) ;

 			//Get the certificate status
 			sal_Int32 validity = pSecEnv->verifyCertificate( xPersonalCerts[i] ) ;
 			fprintf( stdout, "The certificate validities are %d\n", validity ) ;
 		}
 	} catch( Exception& e ) {
 		fprintf( stderr , "Error Message: %s\n" , OUStringToOString( e.Message , RTL_TEXTENCODING_ASCII_US ).getStr() ) ;
 		goto done ;
 	}

 done:
 	if( slot != NULL )
 		PK11_FreeSlot( slot ) ;

 	PK11_LogoutAll() ;
 	NSS_Shutdown() ;

 	}

 	return 0;
 }
	/**************************************************************
	*
	* Licensed to the Apache Software Foundation (ASF) under one
	* or more contributor license agreements. See the NOTICE file
	* distributed with this work for additional information
	* regarding copyright ownership. The ASF licenses this file
	* to you under the Apache License, Version 2.0 (the
	* "License"); you may not use this file except in compliance
	* with the License. You may obtain a copy of the License at
	*
	* http://www.apache.org/licenses/LICENSE-2.0
	*
	* Unless required by applicable law or agreed to in writing,
	* software distributed under the License is distributed on an
	* "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
	* KIND, either express or implied. See the License for the
	* specific language governing permissions and limitations
	* under the License.
	*
	*************************************************************/



	// MARKER(update_precomp.py): autogen include statement, do not remove
	#include "precompiled_xmlsecurity.hxx"

	#include <stdio.h>
	#include "helper.hxx"

	#include "libxml/tree.h"
	#include "libxml/parser.h"
	#ifndef XMLSEC_NO_XSLT
	#include "libxslt/xslt.h"
	#endif

	#include "securityenvironment_nssimpl.hxx"

	#include <xmlsecurity/biginteger.hxx>


	#include "nspr.h"
	#include "prtypes.h"

	#include "pk11func.h"
	#include "cert.h"
	#include "cryptohi.h"
	#include "certdb.h"
	#include "nss.h"

	#include "xmlsec/strings.h"
	#include "xmlsec/xmltree.h"

	#include <rtl/ustring.hxx>

	using namespace ::rtl ;
	using namespace ::cppu ;
	using namespace ::com::sun::star::uno ;
	using namespace ::com::sun::star::io ;
	using namespace ::com::sun::star::ucb ;
	using namespace ::com::sun::star::beans ;
	using namespace ::com::sun::star::document ;
	using namespace ::com::sun::star::lang ;
	using namespace ::com::sun::star::security ;
	using namespace ::com::sun::star::xml::wrapper ;
	using namespace ::com::sun::star::xml::crypto ;

	int SAL_CALL main( int argc, char **argv )
	{
	CERTCertDBHandle* certHandle ;
	PK11SlotInfo* slot ;

	if( argc != 3 ) {
	fprintf( stderr, "Usage: %s < CertDir > <rdb file>\n\n" , argv[0] ) ;
	return 1 ;
	}

	for( ; getchar() != 'q' ; ) {
	slot = NULL ;

	//Initialize NSPR and NSS
	PR_Init( PR_SYSTEM_THREAD, PR_PRIORITY_NORMAL, 1 ) ;
	PK11_SetPasswordFunc( PriPK11PasswordFunc ) ;
	if( NSS_Init( argv[1] ) != SECSuccess ) {
	fprintf( stderr , "### cannot intialize NSS!\n" ) ;
	goto done ;
	}

	certHandle = CERT_GetDefaultCertDB() ;
	slot = PK11_GetInternalKeySlot() ;

	if( PK11_NeedLogin( slot ) ) {
	SECStatus nRet = PK11_Authenticate( slot, PR_TRUE, NULL );
	if( nRet != SECSuccess ) {
	fprintf( stderr , "### cannot authehticate the crypto token!\n" ) ;
	goto done ;
	}
	}


	try {
	Reference< XMultiComponentFactory > xManager = NULL ;
	Reference< XComponentContext > xContext = NULL ;

	xManager = serviceManager( xContext , OUString::createFromAscii( "local" ), OUString::createFromAscii( argv[2] ) ) ;
	OSL_ENSURE( xManager.is() ,
	"ServicesManager - "
	"Cannot get service manager" ) ;

	//Create security environment
	//Build Security Environment
	Reference< XInterface > xsecenv =
	xManager->createInstanceWithContext( OUString::createFromAscii("com.sun.star.xml.security.bridge.xmlsec.SecurityEnvironment_NssImpl"), xContext ) ;
	OSL_ENSURE( xsecenv.is() ,
	"Signer - "
	"Cannot get service instance of \"xsec.SecurityEnvironment\"" ) ;

	Reference< XSecurityEnvironment > xSecEnv( xsecenv , UNO_QUERY ) ;
	OSL_ENSURE( xSecEnv.is() ,
	"Signer - "
	"Cannot get interface of \"XSecurityEnvironment\" from service \"xsec.SecurityEnvironment\"" ) ;

	//Setup key slot and certDb
	Reference< XUnoTunnel > xEnvTunnel( xsecenv , UNO_QUERY ) ;
	OSL_ENSURE( xEnvTunnel.is() ,
	"Signer - "
	"Cannot get interface of \"XUnoTunnel\" from service \"xsec.SecurityEnvironment\"" ) ;

	SecurityEnvironment_NssImpl* pSecEnv = ( SecurityEnvironment_NssImpl* )xEnvTunnel->getSomething( SecurityEnvironment_NssImpl::getUnoTunnelId() ) ;
	OSL_ENSURE( pSecEnv != NULL ,
	"Signer - "
	"Cannot get implementation of \"xsec.SecurityEnvironment\"" ) ;

	pSecEnv->setCryptoSlot( slot ) ;
	pSecEnv->setCertDb( certHandle ) ;

	//Get personal certificate
	Sequence < Reference< XCertificate > > xPersonalCerts = pSecEnv->getPersonalCertificates() ;
	Sequence < Reference< XCertificate > > xCertPath ;
	for( int i = 0; i < xPersonalCerts.getLength(); i ++ ) {
	//Print the certificate infomation.
	fprintf( stdout, "\nPersonal Certificate Info\n" ) ;
	fprintf( stdout, "\tCertificate Issuer[%s]\n", OUStringToOString( xPersonalCerts[i]->getIssuerName(), RTL_TEXTENCODING_ASCII_US ).getStr() ) ;
	fprintf( stdout, "\tCertificate Serial Number[%s]\n", OUStringToOString( bigIntegerToNumericString( xPersonalCerts[i]->getSerialNumber() ), RTL_TEXTENCODING_ASCII_US ).getStr() ) ;
	fprintf( stdout, "\tCertificate Subject[%s]\n", OUStringToOString( xPersonalCerts[i]->getSubjectName(), RTL_TEXTENCODING_ASCII_US ).getStr() ) ;

	//build the certificate path
	xCertPath = pSecEnv->buildCertificatePath( xPersonalCerts[i] ) ;
	//Print the certificate path.
	fprintf( stdout, "\tCertificate Path\n" ) ;
	for( int j = 0; j < xCertPath.getLength(); j ++ ) {
	fprintf( stdout, "\t\tCertificate Authority Subject[%s]\n", OUStringToOString( xCertPath[j]->getSubjectName(), RTL_TEXTENCODING_ASCII_US ).getStr() ) ;
	}

	//Get the certificate
	Sequence < sal_Int8 > serial = xPersonalCerts[i]->getSerialNumber() ;
	Reference< XCertificate > xcert = pSecEnv->getCertificate( xPersonalCerts[i]->getIssuerName(), xPersonalCerts[i]->getSerialNumber() ) ;
	if( !xcert.is() ) {
	fprintf( stdout, "The personal certificate is not in the certificate database\n" ) ;
	}

	//Get the certificate characters
	sal_Int32 chars = pSecEnv->getCertificateCharacters( xPersonalCerts[i] ) ;
	fprintf( stdout, "The certificate characters are %d\n", chars ) ;

	//Get the certificate status
	sal_Int32 validity = pSecEnv->verifyCertificate( xPersonalCerts[i] ) ;
	fprintf( stdout, "The certificate validities are %d\n", validity ) ;
	}
	} catch( Exception& e ) {
	fprintf( stderr , "Error Message: %s\n" , OUStringToOString( e.Message , RTL_TEXTENCODING_ASCII_US ).getStr() ) ;
	goto done ;
	}

	done:
	if( slot != NULL )
	PK11_FreeSlot( slot ) ;

	PK11_LogoutAll() ;
	NSS_Shutdown() ;

	}

	return 0;
	}