13#include <com/sun/star/security/CertificateCharacters.hpp>
14#include <com/sun/star/security/CertificateValidity.hpp>
21#include <config_folders.h>
22#include <osl/file.hxx>
23#include <osl/process.h>
24#include <rtl/bootstrap.hxx>
29#include <keylistresult.h>
32#if defined _MSC_VER && defined __clang__
33#pragma clang diagnostic push
34#pragma clang diagnostic ignored "-Wundef"
37#if defined _MSC_VER && defined __clang__
38#pragma clang diagnostic pop
43using namespace css::security;
44using namespace css::uno;
45using namespace css::lang;
55 [[maybe_unused]]
static bool bSpawnPathInitialized = [] {
58 return file.open(osl_File_OpenFlag_Read) == osl::FileBase::E_None;
61 osl_getExecutableFile(&sPath.pData);
63 aPathUrl.
setName(
u"gpgme-w32spawn.exe");
64 if (!accessUrl(aPathUrl))
66 sPath =
"$BRAND_BASE_DIR/" LIBO_LIBEXEC_FOLDER
"/gpgme-w32spawn.exe";
67 rtl::Bootstrap::expandMacros(sPath);
69 if (accessUrl(aPathUrl))
72 GpgME::setGlobalFlag(
"w32-inst-dir",
73 aPathUrl.
getFSysPath(FSysStyle::Dos).toUtf8().getStr());
79 GpgME::Error
err = GpgME::checkEngine(GpgME::OpenPGP);
81 throw RuntimeException(
"The GpgME library failed to initialize for the OpenPGP protocol.");
83 m_ctx.reset( GpgME::Context::createForProtocol(GpgME::OpenPGP) );
85 throw RuntimeException(
"The GpgME library failed to initialize for the OpenPGP protocol.");
86 m_ctx->setArmor(
false);
100 std::vector< GpgME::Key > keyList;
101 std::vector< rtl::Reference<CertificateImpl> > certsList;
103 m_ctx->setKeyListMode(GPGME_KEYLIST_MODE_LOCAL);
104 GpgME::Error
err =
m_ctx->startKeyListing(
"", bPrivateOnly );
109 if (!k.isRevoked() && !k.isExpired() && !k.isDisabled() && !k.isInvalid()) {
112 keyList.push_back(k);
115 m_ctx->endKeyListing();
117 for (
auto const& key : keyList) {
119 xCert->setCertificate(
m_ctx.get(),key);
120 certsList.push_back(xCert);
123 Sequence< Reference< XCertificate > > xCertificateSequence(certsList.size());
124 auto xCertificateSequenceRange = asNonConstRange(xCertificateSequence);
126 for (
const auto& cert : certsList) {
127 xCertificateSequenceRange[
i++] = cert;
130 return xCertificateSequence;
147 const xmlChar* strKeyId =
reinterpret_cast<const xmlChar*
>(ostr.getStr());
149 int nRet = xmlSecBase64Decode_ex(strKeyId,
const_cast<xmlSecByte*
>(strKeyId), xmlStrlen(strKeyId), &nWritten);
153 m_ctx->setKeyListMode(GPGME_KEYLIST_MODE_LOCAL);
154 GpgME::Error
err =
m_ctx->startKeyListing(
"",
false);
159 if (!k.isInvalid() && strcmp(k.primaryFingerprint(),
reinterpret_cast<const char*
>(strKeyId)) == 0) {
161 xCert->setCertificate(
m_ctx.get(), k);
162 m_ctx->endKeyListing();
166 m_ctx->endKeyListing();
173 return Sequence< Reference < XCertificate > >();
187 const Sequence< Reference< XCertificate > >& )
190 if (xCert ==
nullptr) {
192 return security::CertificateValidity::ISSUER_UNKNOWN;
196 if (key->ownerTrust() == GpgME::Key::OwnerTrust::Marginal ||
197 key->ownerTrust() == GpgME::Key::OwnerTrust::Full ||
198 key->ownerTrust() == GpgME::Key::OwnerTrust::Ultimate)
200 return security::CertificateValidity::VALID;
203 return security::CertificateValidity::ISSUER_UNTRUSTED;
207 const Reference< XCertificate >& aCert)
214 return CertificateCharacters::HAS_PRIVATE_KEY;
const GpgME::Key * getCertificate() const
bool removeSegment(sal_Int32 nIndex=LAST_SEGMENT, bool bIgnoreFinalSlash=true)
bool setName(std::u16string_view rTheName, EncodeMechanism eMechanism=EncodeMechanism::WasEncoded, rtl_TextEncoding eCharset=RTL_TEXTENCODING_UTF8)
OUString getFSysPath(FSysStyle eStyle, sal_Unicode *pDelimiter=nullptr) const
bool SetURL(std::u16string_view rTheAbsURIRef, EncodeMechanism eMechanism=EncodeMechanism::WasEncoded, rtl_TextEncoding eCharset=RTL_TEXTENCODING_UTF8)
virtual OUString SAL_CALL getSecurityEnvironmentInformation() override
css::uno::Sequence< css::uno::Reference< css::security::XCertificate > > getCertificatesImpl(bool bPrivateOnly)
virtual css::uno::Reference< css::security::XCertificate > SAL_CALL createCertificateFromRaw(const css::uno::Sequence< sal_Int8 > &rawCertificate) override
std::unique_ptr< GpgME::Context > m_ctx
virtual css::uno::Sequence< css::uno::Reference< css::security::XCertificate > > SAL_CALL buildCertificatePath(const css::uno::Reference< css::security::XCertificate > &beginCert) override
virtual css::uno::Sequence< css::uno::Reference< css::security::XCertificate > > SAL_CALL getAllCertificates() override
virtual ::sal_Int32 SAL_CALL verifyCertificate(const css::uno::Reference< css::security::XCertificate > &xCert, const css::uno::Sequence< css::uno::Reference< css::security::XCertificate > > &intermediateCerts) override
virtual ::sal_Int32 SAL_CALL getCertificateCharacters(const css::uno::Reference< css::security::XCertificate > &xCert) override
virtual ~SecurityEnvironmentGpg() override
virtual css::uno::Sequence< css::uno::Reference< css::security::XCertificate > > SAL_CALL getPersonalCertificates() override
virtual css::uno::Reference< css::security::XCertificate > SAL_CALL createCertificateFromAscii(const OUString &asciiCertificate) override
virtual css::uno::Reference< css::security::XCertificate > SAL_CALL getCertificate(const OUString &keyId, const css::uno::Sequence< sal_Int8 > &serialNumber) override
We reinterpret the first parameter (originally issuerName) as keyId.
OString OUStringToOString(std::u16string_view str, ConnectionSettings const *settings)