LibreOffice Module ucb (master)  1
certvalidation_handler.cxx
Go to the documentation of this file.
1 /* -*- Mode: C++; tab-width: 4; indent-tabs-mode: nil; c-basic-offset: 4 -*- */
2 /*
3  * This file is part of the LibreOffice project.
4  *
5  * This Source Code Form is subject to the terms of the Mozilla Public
6  * License, v. 2.0. If a copy of the MPL was not distributed with this
7  * file, You can obtain one at http://mozilla.org/MPL/2.0/.
8  *
9  * This file incorporates work covered by the following license notice:
10  *
11  */
12 
13 #include <com/sun/star/security/CertificateContainer.hpp>
14 #include <com/sun/star/security/XCertificate.hpp>
15 #include <com/sun/star/security/XCertificateContainer.hpp>
16 #include <com/sun/star/xml/crypto/SEInitializer.hpp>
17 #include <com/sun/star/xml/crypto/XSecurityEnvironment.hpp>
18 
19 #include <rtl/ref.hxx>
20 #include <comphelper/sequence.hxx>
22 
24 
25 #define STD_TO_OUSTR( str ) OUString( str.c_str(), str.length( ), RTL_TEXTENCODING_UTF8 )
26 
27 using namespace com::sun::star;
28 
29 namespace cmis
30 {
31  bool CertValidationHandler::validateCertificate( std::vector< std::string > aCertificates )
32  {
33  bool bValidate = false;
34  if ( !aCertificates.empty() && m_xEnv.is() )
35  {
36  uno::Reference< xml::crypto::XSEInitializer > xSEInitializer;
37  try
38  {
39  xSEInitializer = xml::crypto::SEInitializer::create( m_xContext );
40  }
41  catch ( uno::Exception const & )
42  {
43  }
44 
45  if ( xSEInitializer.is() )
46  {
47  uno::Reference< xml::crypto::XXMLSecurityContext > xSecurityContext(
48  xSEInitializer->createSecurityContext( OUString() ) );
49 
50  uno::Reference< xml::crypto::XSecurityEnvironment > xSecurityEnv(
51  xSecurityContext->getSecurityEnvironment() );
52 
53  std::vector< std::string >::iterator pIt = aCertificates.begin();
54  std::string sCert = *pIt;
55  // We need to get rid of the PEM header/footer lines
56  OUString sCleanCert = STD_TO_OUSTR( sCert );
57  sCleanCert = sCleanCert.replaceAll( "-----BEGIN CERTIFICATE-----", "" );
58  sCleanCert = sCleanCert.replaceAll( "-----END CERTIFICATE-----", "" );
59  uno::Reference< security::XCertificate > xCert(
60  xSecurityEnv->createCertificateFromAscii(
61  sCleanCert ) );
62 
63  uno::Reference< security::XCertificateContainer > xCertificateContainer;
64  try
65  {
66  xCertificateContainer = security::CertificateContainer::create( m_xContext );
67  }
68  catch ( uno::Exception const & )
69  {
70  }
71 
72  if ( xCertificateContainer.is( ) )
73  {
74  security::CertificateContainerStatus status(
75  xCertificateContainer->hasCertificate(
76  m_sHostname, xCert->getSubjectName() ) );
77 
78  if ( status != security::CertificateContainerStatus_NOCERT )
79  return status == security::CertificateContainerStatus_TRUSTED;
80  }
81 
82  // If we had no certificate, ask what to do
83  std::vector< uno::Reference< security::XCertificate > > vecCerts;
84 
85  for ( ++pIt; pIt != aCertificates.end(); ++pIt )
86  {
87  sCert = *pIt;
88  uno::Reference< security::XCertificate> xImCert(
89  xSecurityEnv->createCertificateFromAscii(
90  STD_TO_OUSTR( sCert ) ) );
91  if ( xImCert.is() )
92  vecCerts.push_back( xImCert );
93  }
94 
95  sal_Int64 certValidity = xSecurityEnv->verifyCertificate( xCert,
96  ::comphelper::containerToSequence( vecCerts ) );
97 
98  uno::Reference< task::XInteractionHandler > xIH(
99  m_xEnv->getInteractionHandler() );
100  if ( xIH.is() )
101  {
104  sal_Int32( certValidity ), xCert, m_sHostname ) );
105  xIH->handle( xRequest );
107  = xRequest->getSelection();
108 
109  if ( xSelection.is() )
110  {
111  uno::Reference< task::XInteractionApprove > xApprove(
112  xSelection.get(), uno::UNO_QUERY );
113  bValidate = xApprove.is();
114 
115  // Store the decision in the container
116  xCertificateContainer->addCertificate(
117  m_sHostname, xCert->getSubjectName(), bValidate );
118  }
119  }
120  }
121  }
122  return bValidate;
123  }
124 }
125 
126 /* vim:set shiftwidth=4 softtabstop=4 expandtab: */
exports com.sun.star.frame. status
#define STD_TO_OUSTR(str)
css::uno::Sequence< DstElementType > containerToSequence(const SrcType &i_Container)
Reference< XComponentContext > m_xContext