libreoffice/xmlsecurity/source/gpg/SecurityEnvironment.cxx

/* -*- Mode: C++; tab-width: 4; indent-tabs-mode: nil; c-basic-offset: 4 -*- */
/*
 * This file is part of the LibreOffice project.
 *
 * This Source Code Form is subject to the terms of the Mozilla Public
 * License, v. 2.0. If a copy of the MPL was not distributed with this
 * file, You can obtain one at http://mozilla.org/MPL/2.0/.
 */

#include "SecurityEnvironment.hxx"
#include "CertificateImpl.hxx"

#include <cppuhelper/supportsservice.hxx>
#include <comphelper/servicehelper.hxx>
#include <list>

#include <gpgme.h>
#include <context.h>
#include <key.h>
#include <keylistresult.h>

using namespace css;
using namespace css::security;
using namespace css::uno;
using namespace css::lang;

SecurityEnvironmentGpg::SecurityEnvironmentGpg()
{
}

SecurityEnvironmentGpg::~SecurityEnvironmentGpg()
{
}

/* XUnoTunnel */
sal_Int64 SAL_CALL SecurityEnvironmentGpg::getSomething( const Sequence< sal_Int8 >& aIdentifier )
{
    if( aIdentifier.getLength() == 16 && 0 == memcmp( getUnoTunnelId().getConstArray(), aIdentifier.getConstArray(), 16 ) ) {
        return sal::static_int_cast<sal_Int64>(reinterpret_cast<sal_uIntPtr>(this));
    }
    return 0 ;
}

/* XUnoTunnel extension */

namespace
{
    class theSecurityEnvironmentUnoTunnelId  : public rtl::Static< UnoTunnelIdInit, theSecurityEnvironmentUnoTunnelId > {};
}

const Sequence< sal_Int8>& SecurityEnvironmentGpg::getUnoTunnelId() {
    return theSecurityEnvironmentUnoTunnelId::get().getSeq();
}

OUString SecurityEnvironmentGpg::getSecurityEnvironmentInformation()
{
    return OUString("");
}

Sequence< Reference < XCertificate > > SecurityEnvironmentGpg::getPersonalCertificates()
{
    GpgME::initializeLibrary();
    GpgME::Error err = GpgME::checkEngine(GpgME::OpenPGP);
    if (err)
        throw RuntimeException("The GpgME library failed to initialize for the OpenPGP protocol.");

    GpgME::Context* ctx = GpgME::Context::createForProtocol(GpgME::OpenPGP);
    if (ctx == nullptr)
        throw RuntimeException("The GpgME library failed to initialize for the OpenPGP protocol.");

    CertificateImpl* xCert;
    std::list< CertificateImpl* > certsList;

    ctx->setKeyListMode(GPGME_KEYLIST_MODE_LOCAL);
    err = ctx->startKeyListing();
    while (!err) {
        GpgME::Key k = ctx->nextKey(err);
        if (err)
            break;
        if (!k.isInvalid() && k.canEncrypt() && (k.ownerTrust() == GpgME::Key::Ultimate)) {
            xCert = new CertificateImpl();
            xCert->setCertificate(k);
            certsList.push_back(xCert);
        }
    }
    ctx->endKeyListing();

    Sequence< Reference< XCertificate > > xCertificateSequence(certsList.size());
    std::list< CertificateImpl* >::iterator xcertIt;
    int i;
    for (i = 0, xcertIt = certsList.begin(); xcertIt != certsList.end(); ++xcertIt, ++i)
        xCertificateSequence[i] = *xcertIt ;

    return xCertificateSequence;
}

Reference< XCertificate > SecurityEnvironmentGpg::getCertificate( const OUString& /*issuerName*/, const Sequence< sal_Int8 >& /*serialNumber*/ )
{
    return nullptr;
}

Sequence< Reference < XCertificate > > SecurityEnvironmentGpg::buildCertificatePath( const Reference< XCertificate >& /*begin*/ )
{
    return Sequence< Reference < XCertificate > >();
}

Reference< XCertificate > SecurityEnvironmentGpg::createCertificateFromRaw( const Sequence< sal_Int8 >& /*rawCertificate*/ )
{
    return nullptr;
}

Reference< XCertificate > SecurityEnvironmentGpg::createCertificateFromAscii( const OUString& /*asciiCertificate*/ )
{
    return nullptr;
}

sal_Int32 SecurityEnvironmentGpg::verifyCertificate( const Reference< XCertificate >& /*aCert*/,
                                                  const Sequence< Reference< XCertificate > >&  /*intermediateCerts*/ )
{
    return 0;
}

sal_Int32 SecurityEnvironmentGpg::getCertificateCharacters(
    const Reference< XCertificate >& aCert)
{
    const CertificateImpl* xCert;
    const GpgME::Key* key;

    Reference< XUnoTunnel > xCertTunnel(aCert, UNO_QUERY_THROW) ;
    xCert = reinterpret_cast<CertificateImpl*>(sal::static_int_cast<sal_uIntPtr>(xCertTunnel->getSomething(CertificateImpl::getUnoTunnelId()))) ;
    if (xCert == nullptr)
        throw RuntimeException();

    key = xCert->getCertificate();
    sal_Int32 characters = 0x0;

    // We need to use canSign() instead of hasSecret() because of a bug in the latter.
    if (key->canSign())
        characters |= CertificateCharacters::HAS_PRIVATE_KEY;

    return characters;
}

/* vim:set shiftwidth=4 softtabstop=4 expandtab: */
gpg4libre: List and view GPG keys * Add GPG implementation of css::xml::crypto UNO interfaces (part of that is only stub atm) * List gpg keys along with other certificates * Viewing gpg certificates: Not all properties are implemented yet Change-Id: I7f60b26efe949a94bf8fe1b8d4d428002c2995b1 Reviewed-on: https://gerrit.libreoffice.org/33843 Tested-by: Jenkins <ci@libreoffice.org> Reviewed-by: Siegmund Gorr <siegmund.gorr@cib.de> Reviewed-by: Thorsten Behrens <Thorsten.Behrens@CIB.de> 2017-02-02 17:33:30 +01:00			`/* -- Mode: C++; tab-width: 4; indent-tabs-mode: nil; c-basic-offset: 4 -- */`
			`/*`
			`* This file is part of the LibreOffice project.`
			`*`
			`* This Source Code Form is subject to the terms of the Mozilla Public`
			`* License, v. 2.0. If a copy of the MPL was not distributed with this`
			`* file, You can obtain one at http://mozilla.org/MPL/2.0/.`
			`*/`

			`#include "SecurityEnvironment.hxx"`
			`#include "CertificateImpl.hxx"`

			`#include <cppuhelper/supportsservice.hxx>`
			`#include <comphelper/servicehelper.hxx>`
			`#include <list>`

			`#include <gpgme.h>`
			`#include <context.h>`
			`#include <key.h>`
			`#include <keylistresult.h>`

			`using namespace css;`
			`using namespace css::security;`
			`using namespace css::uno;`
			`using namespace css::lang;`

			`SecurityEnvironmentGpg::SecurityEnvironmentGpg()`
			`{`
			`}`

			`SecurityEnvironmentGpg::~SecurityEnvironmentGpg()`
			`{`
			`}`

			`/* XUnoTunnel */`
			`sal_Int64 SAL_CALL SecurityEnvironmentGpg::getSomething( const Sequence< sal_Int8 >& aIdentifier )`
			`{`
			`if( aIdentifier.getLength() == 16 && 0 == memcmp( getUnoTunnelId().getConstArray(), aIdentifier.getConstArray(), 16 ) ) {`
			`return sal::static_int_cast<sal_Int64>(reinterpret_cast<sal_uIntPtr>(this));`
			`}`
			`return 0 ;`
			`}`

			`/* XUnoTunnel extension */`

			`namespace`
			`{`
			`class theSecurityEnvironmentUnoTunnelId : public rtl::Static< UnoTunnelIdInit, theSecurityEnvironmentUnoTunnelId > {};`
			`}`

			`const Sequence< sal_Int8>& SecurityEnvironmentGpg::getUnoTunnelId() {`
			`return theSecurityEnvironmentUnoTunnelId::get().getSeq();`
			`}`

			`OUString SecurityEnvironmentGpg::getSecurityEnvironmentInformation()`
			`{`
			`return OUString("");`
			`}`

			`Sequence< Reference < XCertificate > > SecurityEnvironmentGpg::getPersonalCertificates()`
			`{`
			`GpgME::initializeLibrary();`
			`GpgME::Error err = GpgME::checkEngine(GpgME::OpenPGP);`
			`if (err)`
			`throw RuntimeException("The GpgME library failed to initialize for the OpenPGP protocol.");`

No need to use a shared ptr here Change-Id: Ia3d2f019689efe990cbbde11e9c27a80fd95ae0a Reviewed-on: https://gerrit.libreoffice.org/35252 Reviewed-by: Samuel Mehrbrodt <Samuel.Mehrbrodt@cib.de> Tested-by: Samuel Mehrbrodt <Samuel.Mehrbrodt@cib.de> 2017-03-16 09:18:36 +01:00			`GpgME::Context* ctx = GpgME::Context::createForProtocol(GpgME::OpenPGP);`
gpg4libre: List and view GPG keys * Add GPG implementation of css::xml::crypto UNO interfaces (part of that is only stub atm) * List gpg keys along with other certificates * Viewing gpg certificates: Not all properties are implemented yet Change-Id: I7f60b26efe949a94bf8fe1b8d4d428002c2995b1 Reviewed-on: https://gerrit.libreoffice.org/33843 Tested-by: Jenkins <ci@libreoffice.org> Reviewed-by: Siegmund Gorr <siegmund.gorr@cib.de> Reviewed-by: Thorsten Behrens <Thorsten.Behrens@CIB.de> 2017-02-02 17:33:30 +01:00			`if (ctx == nullptr)`
			`throw RuntimeException("The GpgME library failed to initialize for the OpenPGP protocol.");`

			`CertificateImpl* xCert;`
			`std::list< CertificateImpl* > certsList;`

			`ctx->setKeyListMode(GPGME_KEYLIST_MODE_LOCAL);`
			`err = ctx->startKeyListing();`
			`while (!err) {`
			`GpgME::Key k = ctx->nextKey(err);`
			`if (err)`
			`break;`
			`if (!k.isInvalid() && k.canEncrypt() && (k.ownerTrust() == GpgME::Key::Ultimate)) {`
			`xCert = new CertificateImpl();`
			`xCert->setCertificate(k);`
			`certsList.push_back(xCert);`
			`}`
			`}`
			`ctx->endKeyListing();`

			`Sequence< Reference< XCertificate > > xCertificateSequence(certsList.size());`
			`std::list< CertificateImpl* >::iterator xcertIt;`
			`int i;`
			`for (i = 0, xcertIt = certsList.begin(); xcertIt != certsList.end(); ++xcertIt, ++i)`
			`xCertificateSequence[i] = *xcertIt ;`

			`return xCertificateSequence;`
			`}`

			`Reference< XCertificate > SecurityEnvironmentGpg::getCertificate( const OUString& /issuerName/, const Sequence< sal_Int8 >& /serialNumber/ )`
			`{`
			`return nullptr;`
			`}`

			`Sequence< Reference < XCertificate > > SecurityEnvironmentGpg::buildCertificatePath( const Reference< XCertificate >& /begin/ )`
			`{`
			`return Sequence< Reference < XCertificate > >();`
			`}`

			`Reference< XCertificate > SecurityEnvironmentGpg::createCertificateFromRaw( const Sequence< sal_Int8 >& /rawCertificate/ )`
			`{`
			`return nullptr;`
			`}`

			`Reference< XCertificate > SecurityEnvironmentGpg::createCertificateFromAscii( const OUString& /asciiCertificate/ )`
			`{`
			`return nullptr;`
			`}`

			`sal_Int32 SecurityEnvironmentGpg::verifyCertificate( const Reference< XCertificate >& /aCert/,`
			`const Sequence< Reference< XCertificate > >& /intermediateCerts/ )`
			`{`
			`return 0;`
			`}`

			`sal_Int32 SecurityEnvironmentGpg::getCertificateCharacters(`
gpg4libre: Don't mark all keys as private Only those that can sign (have a private key) Change-Id: I1c8b553a788a14c236022c819cbc346fc4735daf Reviewed-on: https://gerrit.libreoffice.org/35202 Tested-by: Jenkins <ci@libreoffice.org> Reviewed-by: Samuel Mehrbrodt <Samuel.Mehrbrodt@cib.de> 2017-03-14 21:28:17 +01:00			`const Reference< XCertificate >& aCert)`
			`{`
			`const CertificateImpl* xCert;`
			`const GpgME::Key* key;`

			`Reference< XUnoTunnel > xCertTunnel(aCert, UNO_QUERY_THROW) ;`
			`xCert = reinterpret_cast<CertificateImpl*>(sal::static_int_cast<sal_uIntPtr>(xCertTunnel->getSomething(CertificateImpl::getUnoTunnelId()))) ;`
			`if (xCert == nullptr)`
			`throw RuntimeException();`

			`key = xCert->getCertificate();`
gpg4libre: List and view GPG keys * Add GPG implementation of css::xml::crypto UNO interfaces (part of that is only stub atm) * List gpg keys along with other certificates * Viewing gpg certificates: Not all properties are implemented yet Change-Id: I7f60b26efe949a94bf8fe1b8d4d428002c2995b1 Reviewed-on: https://gerrit.libreoffice.org/33843 Tested-by: Jenkins <ci@libreoffice.org> Reviewed-by: Siegmund Gorr <siegmund.gorr@cib.de> Reviewed-by: Thorsten Behrens <Thorsten.Behrens@CIB.de> 2017-02-02 17:33:30 +01:00			`sal_Int32 characters = 0x0;`

gpg4libre: Don't mark all keys as private Only those that can sign (have a private key) Change-Id: I1c8b553a788a14c236022c819cbc346fc4735daf Reviewed-on: https://gerrit.libreoffice.org/35202 Tested-by: Jenkins <ci@libreoffice.org> Reviewed-by: Samuel Mehrbrodt <Samuel.Mehrbrodt@cib.de> 2017-03-14 21:28:17 +01:00			`// We need to use canSign() instead of hasSecret() because of a bug in the latter.`
			`if (key->canSign())`
gpg4libre: List and view GPG keys * Add GPG implementation of css::xml::crypto UNO interfaces (part of that is only stub atm) * List gpg keys along with other certificates * Viewing gpg certificates: Not all properties are implemented yet Change-Id: I7f60b26efe949a94bf8fe1b8d4d428002c2995b1 Reviewed-on: https://gerrit.libreoffice.org/33843 Tested-by: Jenkins <ci@libreoffice.org> Reviewed-by: Siegmund Gorr <siegmund.gorr@cib.de> Reviewed-by: Thorsten Behrens <Thorsten.Behrens@CIB.de> 2017-02-02 17:33:30 +01:00			`characters \|= CertificateCharacters::HAS_PRIVATE_KEY;`

			`return characters;`
			`}`

			`/* vim:set shiftwidth=4 softtabstop=4 expandtab: */`