xref: /AOO41X/main/xmlsecurity/tools/standalone/csfit/certmngr.cxx (revision 06b3ce531745799678cf4bb887ef37436d81238b) 
1 /**************************************************************
2  *
3  * Licensed to the Apache Software Foundation (ASF) under one
4  * or more contributor license agreements.  See the NOTICE file
5  * distributed with this work for additional information
6  * regarding copyright ownership.  The ASF licenses this file
7  * to you under the Apache License, Version 2.0 (the
8  * "License"); you may not use this file except in compliance
9  * with the License.  You may obtain a copy of the License at
10  *
11  *   http://www.apache.org/licenses/LICENSE-2.0
12  *
13  * Unless required by applicable law or agreed to in writing,
14  * software distributed under the License is distributed on an
15  * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
16  * KIND, either express or implied.  See the License for the
17  * specific language governing permissions and limitations
18  * under the License.
19  *
20  *************************************************************/
21 
22 
23 
24 // MARKER(update_precomp.py): autogen include statement, do not remove
25 #include "precompiled_xmlsecurity.hxx"
26 
27 #include <stdio.h>
28 #include "helper.hxx"
29 
30 #include "libxml/tree.h"
31 #include "libxml/parser.h"
32 #ifndef XMLSEC_NO_XSLT
33 #include "libxslt/xslt.h"
34 #endif
35 
36 #include "securityenvironment_nssimpl.hxx"
37 
38 #include <xmlsecurity/biginteger.hxx>
39 
40 
41 #include "nspr.h"
42 #include "prtypes.h"
43 
44 #include "pk11func.h"
45 #include "cert.h"
46 #include "cryptohi.h"
47 #include "certdb.h"
48 #include "nss.h"
49 
50 #include "xmlsec/strings.h"
51 #include "xmlsec/xmltree.h"
52 
53 #include <rtl/ustring.hxx>
54 
55 using namespace ::rtl ;
56 using namespace ::cppu ;
57 using namespace ::com::sun::star::uno ;
58 using namespace ::com::sun::star::io ;
59 using namespace ::com::sun::star::ucb ;
60 using namespace ::com::sun::star::beans ;
61 using namespace ::com::sun::star::document ;
62 using namespace ::com::sun::star::lang ;
63 using namespace ::com::sun::star::security ;
64 using namespace ::com::sun::star::xml::wrapper ;
65 using namespace ::com::sun::star::xml::crypto ;
66 
main(int argc,char ** argv)67 int SAL_CALL main( int argc, char **argv )
68 {
69     CERTCertDBHandle*   certHandle ;
70     PK11SlotInfo*       slot ;
71 
72     if( argc != 3 ) {
73         fprintf( stderr, "Usage: %s < CertDir > <rdb file>\n\n" , argv[0] ) ;
74         return 1 ;
75     }
76 
77     for( ; getchar() != 'q' ; ) {
78         slot = NULL ;
79 
80     //Initialize NSPR and NSS
81     PR_Init( PR_SYSTEM_THREAD, PR_PRIORITY_NORMAL, 1 ) ;
82     PK11_SetPasswordFunc( PriPK11PasswordFunc ) ;
83     if( NSS_Init( argv[1] ) != SECSuccess ) {
84         fprintf( stderr , "### cannot intialize NSS!\n" ) ;
85         goto done ;
86     }
87 
88     certHandle = CERT_GetDefaultCertDB() ;
89     slot = PK11_GetInternalKeySlot() ;
90 
91     if( PK11_NeedLogin( slot ) ) {
92         SECStatus nRet = PK11_Authenticate( slot, PR_TRUE, NULL );
93         if( nRet != SECSuccess ) {
94             fprintf( stderr , "### cannot authehticate the crypto token!\n" ) ;
95             goto done ;
96         }
97     }
98 
99 
100     try {
101         Reference< XMultiComponentFactory > xManager = NULL ;
102         Reference< XComponentContext > xContext = NULL ;
103 
104         xManager = serviceManager( xContext , OUString::createFromAscii( "local" ), OUString::createFromAscii( argv[2] ) ) ;
105         OSL_ENSURE( xManager.is() ,
106             "ServicesManager - "
107             "Cannot get service manager" ) ;
108 
109         //Create security environment
110         //Build Security Environment
111         Reference< XInterface > xsecenv =
112             xManager->createInstanceWithContext( OUString::createFromAscii("com.sun.star.xml.security.bridge.xmlsec.SecurityEnvironment_NssImpl"), xContext ) ;
113         OSL_ENSURE( xsecenv.is() ,
114             "Signer - "
115             "Cannot get service instance of \"xsec.SecurityEnvironment\"" ) ;
116 
117         Reference< XSecurityEnvironment > xSecEnv( xsecenv , UNO_QUERY ) ;
118         OSL_ENSURE( xSecEnv.is() ,
119             "Signer - "
120             "Cannot get interface of \"XSecurityEnvironment\" from service \"xsec.SecurityEnvironment\"" ) ;
121 
122         //Setup key slot and certDb
123         Reference< XUnoTunnel > xEnvTunnel( xsecenv , UNO_QUERY ) ;
124         OSL_ENSURE( xEnvTunnel.is() ,
125             "Signer - "
126             "Cannot get interface of \"XUnoTunnel\" from service \"xsec.SecurityEnvironment\"" ) ;
127 
128         SecurityEnvironment_NssImpl* pSecEnv = ( SecurityEnvironment_NssImpl* )xEnvTunnel->getSomething( SecurityEnvironment_NssImpl::getUnoTunnelId() ) ;
129         OSL_ENSURE( pSecEnv != NULL ,
130             "Signer - "
131             "Cannot get implementation of \"xsec.SecurityEnvironment\"" ) ;
132 
133         pSecEnv->setCryptoSlot( slot ) ;
134         pSecEnv->setCertDb( certHandle ) ;
135 
136         //Get personal certificate
137         Sequence < Reference< XCertificate > > xPersonalCerts = pSecEnv->getPersonalCertificates() ;
138         Sequence < Reference< XCertificate > > xCertPath ;
139         for( int i = 0; i < xPersonalCerts.getLength(); i ++ ) {
140             //Print the certificate infomation.
141             fprintf( stdout, "\nPersonal Certificate Info\n" ) ;
142             fprintf( stdout, "\tCertificate Issuer[%s]\n", OUStringToOString( xPersonalCerts[i]->getIssuerName(), RTL_TEXTENCODING_ASCII_US ).getStr() ) ;
143             fprintf( stdout, "\tCertificate Serial Number[%s]\n", OUStringToOString( bigIntegerToNumericString( xPersonalCerts[i]->getSerialNumber() ), RTL_TEXTENCODING_ASCII_US ).getStr() ) ;
144             fprintf( stdout, "\tCertificate Subject[%s]\n", OUStringToOString( xPersonalCerts[i]->getSubjectName(), RTL_TEXTENCODING_ASCII_US ).getStr() ) ;
145 
146             //build the certificate path
147             xCertPath = pSecEnv->buildCertificatePath( xPersonalCerts[i] ) ;
148             //Print the certificate path.
149             fprintf( stdout, "\tCertificate Path\n" ) ;
150             for( int j = 0; j < xCertPath.getLength(); j ++ ) {
151                 fprintf( stdout, "\t\tCertificate Authority Subject[%s]\n", OUStringToOString( xCertPath[j]->getSubjectName(), RTL_TEXTENCODING_ASCII_US ).getStr() ) ;
152             }
153 
154             //Get the certificate
155             Sequence < sal_Int8 > serial = xPersonalCerts[i]->getSerialNumber() ;
156             Reference< XCertificate > xcert = pSecEnv->getCertificate( xPersonalCerts[i]->getIssuerName(), xPersonalCerts[i]->getSerialNumber() ) ;
157             if( !xcert.is() ) {
158                 fprintf( stdout, "The personal certificate is not in the certificate database\n" ) ;
159             }
160 
161             //Get the certificate characters
162             sal_Int32 chars = pSecEnv->getCertificateCharacters( xPersonalCerts[i] ) ;
163             fprintf( stdout, "The certificate characters are %d\n", chars ) ;
164 
165             //Get the certificate status
166             sal_Int32 validity = pSecEnv->verifyCertificate( xPersonalCerts[i] ) ;
167             fprintf( stdout, "The certificate validities are %d\n", validity ) ;
168         }
169     } catch( Exception& e ) {
170         fprintf( stderr , "Error Message: %s\n" , OUStringToOString( e.Message , RTL_TEXTENCODING_ASCII_US ).getStr() ) ;
171         goto done ;
172     }
173 
174 done:
175     if( slot != NULL )
176         PK11_FreeSlot( slot ) ;
177 
178     PK11_LogoutAll() ;
179     NSS_Shutdown() ;
180 
181     }
182 
183     return 0;
184 }
185 
186