You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
2173 lines
79 KiB
2173 lines
79 KiB
2 years ago
|
From 4201f1be45b4567ba64655439dcc39ac403c28e0 Mon Sep 17 00:00:00 2001
|
||
|
From: Michael Stahl <michael.stahl@allotropia.de>
|
||
|
Date: Fri, 12 Feb 2021 16:42:51 +0100
|
||
|
Subject: [PATCH 3/6] xmlsecurity: replace XSecParser implementation
|
||
|
MIME-Version: 1.0
|
||
|
Content-Type: text/plain; charset=UTF-8
|
||
|
Content-Transfer-Encoding: 8bit
|
||
|
|
||
|
Implement Namespaces in XML and follow xmldsig-core and XAdES schemas.
|
||
|
|
||
|
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/110833
|
||
|
Tested-by: Jenkins
|
||
|
Reviewed-by: Michael Stahl <michael.stahl@allotropia.de>
|
||
|
(cherry picked from commit 12b15be8f4f930a04d8056b9219ac969b42a9784)
|
||
|
|
||
|
xmlsecurity: move XSecParser state into contexts
|
||
|
|
||
|
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/111158
|
||
|
Tested-by: Jenkins
|
||
|
Reviewed-by: Michael Stahl <michael.stahl@allotropia.de>
|
||
|
(cherry picked from commit 59df9e70ce1a7ec797b836bda7f9642912febc53)
|
||
|
|
||
|
xmlsecurity: move XSecParser Reference state into contexts
|
||
|
|
||
|
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/111159
|
||
|
Tested-by: Jenkins
|
||
|
Reviewed-by: Michael Stahl <michael.stahl@allotropia.de>
|
||
|
(cherry picked from commit cfeb89a758b5f0ec406f0d72444e52ed2f47b85e)
|
||
|
|
||
|
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/111907
|
||
|
Tested-by: Jenkins
|
||
|
Reviewed-by: Caolán McNamara <caolanm@redhat.com>
|
||
|
(cherry picked from commit ad5930e87e788780a255523f106deb1dde5d7b37)
|
||
|
|
||
|
Change-Id: I03537b51bb757ecbfa63a826b38de543c70ba032
|
||
|
---
|
||
|
include/xmloff/xmlimp.hxx | 6 +-
|
||
|
include/xmloff/xmlnmspe.hxx | 7 +
|
||
|
include/xmloff/xmltoken.hxx | 13 +
|
||
|
xmloff/source/core/xmlimp.cxx | 26 +-
|
||
|
xmloff/source/core/xmltoken.cxx | 13 +
|
||
|
xmloff/source/token/tokens.txt | 10 +
|
||
|
xmlsecurity/source/helper/xsecparser.cxx | 1629 +++++++++++++++++-----
|
||
|
xmlsecurity/source/helper/xsecparser.hxx | 99 +-
|
||
|
8 files changed, 1425 insertions(+), 378 deletions(-)
|
||
|
|
||
|
diff --git a/include/xmloff/xmlimp.hxx b/include/xmloff/xmlimp.hxx
|
||
|
index 6d0dda96596a..8d557789aa4c 100644
|
||
|
--- a/include/xmloff/xmlimp.hxx
|
||
|
+++ b/include/xmloff/xmlimp.hxx
|
||
|
@@ -229,8 +229,12 @@ class XMLOFF_DLLPUBLIC SvXMLImport : public cppu::WeakImplHelper<
|
||
|
|
||
|
static void initializeNamespaceMaps();
|
||
|
void registerNamespaces();
|
||
|
- std::unique_ptr<SvXMLNamespaceMap> processNSAttributes(
|
||
|
+public:
|
||
|
+ static std::unique_ptr<SvXMLNamespaceMap> processNSAttributes(
|
||
|
+ std::unique_ptr<SvXMLNamespaceMap> & rpNamespaceMap,
|
||
|
+ SvXMLImport *const pImport,
|
||
|
const css::uno::Reference< css::xml::sax::XAttributeList >& xAttrList);
|
||
|
+private:
|
||
|
void Characters(const OUString& aChars);
|
||
|
|
||
|
css::uno::Reference< css::task::XStatusIndicator > mxStatusIndicator;
|
||
|
diff --git a/include/xmloff/xmlnmspe.hxx b/include/xmloff/xmlnmspe.hxx
|
||
|
index b079053c38d3..302a134f92fe 100644
|
||
|
--- a/include/xmloff/xmlnmspe.hxx
|
||
|
+++ b/include/xmloff/xmlnmspe.hxx
|
||
|
@@ -66,6 +66,13 @@ XML_NAMESPACE( XML_NAMESPACE_OF, 34U ) // OpenFormula aka ODFF
|
||
|
XML_NAMESPACE( XML_NAMESPACE_XHTML, 35U )
|
||
|
XML_NAMESPACE( XML_NAMESPACE_GRDDL, 36U )
|
||
|
XML_NAMESPACE( XML_NAMESPACE_VERSIONS_LIST, 37U )
|
||
|
+// OOo extension digital signatures, used in ODF 1.1
|
||
|
+XML_NAMESPACE( XML_NAMESPACE_DSIG_OOO, 38U )
|
||
|
+// ODF 1.2 digital signature namespaces
|
||
|
+XML_NAMESPACE( XML_NAMESPACE_DSIG, 39U )
|
||
|
+XML_NAMESPACE( XML_NAMESPACE_DS, 40U )
|
||
|
+XML_NAMESPACE( XML_NAMESPACE_XADES132, 41U )
|
||
|
+XML_NAMESPACE( XML_NAMESPACE_XADES141, 42U )
|
||
|
|
||
|
// namespaces for odf extended formats
|
||
|
|
||
|
diff --git a/include/xmloff/xmltoken.hxx b/include/xmloff/xmltoken.hxx
|
||
|
index b5105e5da0f3..a0e52903060a 100644
|
||
|
--- a/include/xmloff/xmltoken.hxx
|
||
|
+++ b/include/xmloff/xmltoken.hxx
|
||
|
@@ -133,6 +133,19 @@ namespace xmloff { namespace token {
|
||
|
XML_NP_GRDDL,
|
||
|
XML_N_GRDDL,
|
||
|
|
||
|
+ // OOo extension digital signatures, used in ODF 1.1
|
||
|
+ XML_NP_DSIG_OOO,
|
||
|
+ XML_N_DSIG_OOO,
|
||
|
+ // ODF 1.2 digital signatures
|
||
|
+ XML_NP_DSIG,
|
||
|
+ XML_N_DSIG,
|
||
|
+ XML_NP_DS,
|
||
|
+ XML_N_DS,
|
||
|
+ XML_NP_XADES132,
|
||
|
+ XML_N_XADES132,
|
||
|
+ XML_NP_XADES141,
|
||
|
+ XML_N_XADES141,
|
||
|
+
|
||
|
// ODF Enhanced namespaces
|
||
|
XML_NP_OFFICE_EXT,
|
||
|
XML_N_OFFICE_EXT,
|
||
|
diff --git a/xmloff/source/core/xmlimp.cxx b/xmloff/source/core/xmlimp.cxx
|
||
|
index ef63550ff2be..bfc9d3fe819a 100644
|
||
|
--- a/xmloff/source/core/xmlimp.cxx
|
||
|
+++ b/xmloff/source/core/xmlimp.cxx
|
||
|
@@ -653,6 +653,8 @@ void SAL_CALL SvXMLImport::endDocument()
|
||
|
}
|
||
|
|
||
|
std::unique_ptr<SvXMLNamespaceMap> SvXMLImport::processNSAttributes(
|
||
|
+ std::unique_ptr<SvXMLNamespaceMap> & rpNamespaceMap,
|
||
|
+ SvXMLImport *const pImport, // TODO???
|
||
|
const uno::Reference< xml::sax::XAttributeList >& xAttrList)
|
||
|
{
|
||
|
std::unique_ptr<SvXMLNamespaceMap> pRewindMap;
|
||
|
@@ -660,12 +662,13 @@ std::unique_ptr<SvXMLNamespaceMap> SvXMLImport::processNSAttributes(
|
||
|
for( sal_Int16 i=0; i < nAttrCount; i++ )
|
||
|
{
|
||
|
const OUString& rAttrName = xAttrList->getNameByIndex( i );
|
||
|
- if ( rAttrName == "office:version" )
|
||
|
+ if (pImport && rAttrName == "office:version")
|
||
|
{
|
||
|
- mpImpl->aODFVersion = xAttrList->getValueByIndex( i );
|
||
|
+ pImport->mpImpl->aODFVersion = xAttrList->getValueByIndex( i );
|
||
|
|
||
|
// the ODF version in content.xml and manifest.xml must be the same starting from ODF1.2
|
||
|
- if ( mpImpl->mStreamName == "content.xml" && !IsODFVersionConsistent( mpImpl->aODFVersion ) )
|
||
|
+ if (pImport->mpImpl->mStreamName == "content.xml"
|
||
|
+ && !pImport->IsODFVersionConsistent(pImport->mpImpl->aODFVersion))
|
||
|
{
|
||
|
throw xml::sax::SAXException("Inconsistent ODF versions in content.xml and manifest.xml!",
|
||
|
uno::Reference< uno::XInterface >(),
|
||
|
@@ -679,8 +682,8 @@ std::unique_ptr<SvXMLNamespaceMap> SvXMLImport::processNSAttributes(
|
||
|
{
|
||
|
if( !pRewindMap )
|
||
|
{
|
||
|
- pRewindMap = std::move(mpNamespaceMap);
|
||
|
- mpNamespaceMap.reset(new SvXMLNamespaceMap(*pRewindMap));
|
||
|
+ pRewindMap = std::move(rpNamespaceMap);
|
||
|
+ rpNamespaceMap.reset(new SvXMLNamespaceMap(*pRewindMap));
|
||
|
}
|
||
|
const OUString& rAttrValue = xAttrList->getValueByIndex( i );
|
||
|
|
||
|
@@ -688,18 +691,18 @@ std::unique_ptr<SvXMLNamespaceMap> SvXMLImport::processNSAttributes(
|
||
|
? OUString()
|
||
|
: rAttrName.copy( 6 ) );
|
||
|
// Add namespace, but only if it is known.
|
||
|
- sal_uInt16 nKey = mpNamespaceMap->AddIfKnown( aPrefix, rAttrValue );
|
||
|
+ sal_uInt16 nKey = rpNamespaceMap->AddIfKnown( aPrefix, rAttrValue );
|
||
|
// If namespace is unknown, try to match a name with similar
|
||
|
// TC Id and version
|
||
|
if( XML_NAMESPACE_UNKNOWN == nKey )
|
||
|
{
|
||
|
OUString aTestName( rAttrValue );
|
||
|
if( SvXMLNamespaceMap::NormalizeURI( aTestName ) )
|
||
|
- nKey = mpNamespaceMap->AddIfKnown( aPrefix, aTestName );
|
||
|
+ nKey = rpNamespaceMap->AddIfKnown( aPrefix, aTestName );
|
||
|
}
|
||
|
// If that namespace is not known, too, add it as unknown
|
||
|
if( XML_NAMESPACE_UNKNOWN == nKey )
|
||
|
- mpNamespaceMap->Add( aPrefix, rAttrValue );
|
||
|
+ rpNamespaceMap->Add( aPrefix, rAttrValue );
|
||
|
|
||
|
}
|
||
|
}
|
||
|
@@ -712,7 +715,8 @@ void SAL_CALL SvXMLImport::startElement( const OUString& rName,
|
||
|
// SAL_INFO("svg", "startElement " << rName);
|
||
|
// Process namespace attributes. This must happen before creating the
|
||
|
// context, because namespace declaration apply to the element name itself.
|
||
|
- std::unique_ptr<SvXMLNamespaceMap> pRewindMap(processNSAttributes(xAttrList));
|
||
|
+ std::unique_ptr<SvXMLNamespaceMap> pRewindMap(
|
||
|
+ processNSAttributes(mpNamespaceMap, this, xAttrList));
|
||
|
|
||
|
// Get element's namespace and local name.
|
||
|
OUString aLocalName;
|
||
|
@@ -885,7 +889,7 @@ void SAL_CALL SvXMLImport::startFastElement (sal_Int32 Element,
|
||
|
|
||
|
maNamespaceHandler->addNSDeclAttributes( maNamespaceAttrList );
|
||
|
std::unique_ptr<SvXMLNamespaceMap> pRewindMap(
|
||
|
- processNSAttributes( maNamespaceAttrList.get() ));
|
||
|
+ processNSAttributes(mpNamespaceMap, this, maNamespaceAttrList.get()));
|
||
|
assert( dynamic_cast<SvXMLImportContext*>( xContext.get() ) != nullptr );
|
||
|
SvXMLImportContext *pContext = static_cast<SvXMLImportContext*>( xContext.get() );
|
||
|
if (pRewindMap)
|
||
|
@@ -2231,7 +2235,7 @@ void SAL_CALL SvXMLLegacyToFastDocHandler::endDocument()
|
||
|
void SAL_CALL SvXMLLegacyToFastDocHandler::startElement( const OUString& rName,
|
||
|
const uno::Reference< xml::sax::XAttributeList >& xAttrList )
|
||
|
{
|
||
|
- mrImport->processNSAttributes(xAttrList);
|
||
|
+ SvXMLImport::processNSAttributes(mrImport->mpNamespaceMap, mrImport.get(), xAttrList);
|
||
|
OUString aLocalName;
|
||
|
sal_uInt16 nPrefix = mrImport->mpNamespaceMap->GetKeyByAttrName( rName, &aLocalName );
|
||
|
Sequence< sal_Int8 > aLocalNameSeq( reinterpret_cast<sal_Int8 const *>(
|
||
|
diff --git a/xmloff/source/core/xmltoken.cxx b/xmloff/source/core/xmltoken.cxx
|
||
|
index fb760c6307c5..13f1415b8cc4 100644
|
||
|
--- a/xmloff/source/core/xmltoken.cxx
|
||
|
+++ b/xmloff/source/core/xmltoken.cxx
|
||
|
@@ -137,6 +137,19 @@ namespace xmloff { namespace token {
|
||
|
TOKEN( "grddl", XML_NP_GRDDL ),
|
||
|
TOKEN( "http://www.w3.org/2003/g/data-view#", XML_N_GRDDL ),
|
||
|
|
||
|
+ // OOo extension digital signatures, used in ODF 1.1
|
||
|
+ TOKEN( "dsigooo", XML_NP_DSIG_OOO ),
|
||
|
+ TOKEN( "http://openoffice.org/2004/documentsignatures", XML_N_DSIG_OOO ),
|
||
|
+ // ODF 1.2 digital signature namespaces
|
||
|
+ TOKEN( "dsig", XML_NP_DSIG ),
|
||
|
+ TOKEN( "urn:oasis:names:tc:opendocument:xmlns:digitalsignature:1.0", XML_N_DSIG ),
|
||
|
+ TOKEN( "ds", XML_NP_DS ),
|
||
|
+ TOKEN( "http://www.w3.org/2000/09/xmldsig#", XML_N_DS ),
|
||
|
+ TOKEN( "xades132", XML_NP_XADES132 ),
|
||
|
+ TOKEN( "http://uri.etsi.org/01903/v1.3.2#", XML_N_XADES132 ),
|
||
|
+ TOKEN( "xades141", XML_NP_XADES141 ),
|
||
|
+ TOKEN( "http://uri.etsi.org/01903/v1.4.1#", XML_N_XADES141 ),
|
||
|
+
|
||
|
// ODF Enhanced namespaces
|
||
|
TOKEN( "officeooo", XML_NP_OFFICE_EXT ),
|
||
|
TOKEN( "http://openoffice.org/2009/office", XML_N_OFFICE_EXT ),
|
||
|
diff --git a/xmloff/source/token/tokens.txt b/xmloff/source/token/tokens.txt
|
||
|
index 024877e8cf45..b2b95e956bd1 100644
|
||
|
--- a/xmloff/source/token/tokens.txt
|
||
|
+++ b/xmloff/source/token/tokens.txt
|
||
|
@@ -72,6 +72,16 @@ xhtml
|
||
|
N_XHTML_DUMMY
|
||
|
grddl
|
||
|
N_GRDDL_DUMMY
|
||
|
+dsigooo
|
||
|
+N_DSIG_OOO_DUMMY
|
||
|
+dsig
|
||
|
+N_DSIG_DUMMY
|
||
|
+ds
|
||
|
+N_DS_DUMMY
|
||
|
+xades132
|
||
|
+N_XADES132_DUMMY
|
||
|
+xades141
|
||
|
+N_XADES141_DUMMY
|
||
|
officeooo
|
||
|
N_OFFICE_EXT_DUMMY
|
||
|
formx
|
||
|
diff --git a/xmlsecurity/source/helper/xsecparser.cxx b/xmlsecurity/source/helper/xsecparser.cxx
|
||
|
index 82f347bff976..5c92e5efa104 100644
|
||
|
--- a/xmlsecurity/source/helper/xsecparser.cxx
|
||
|
+++ b/xmlsecurity/source/helper/xsecparser.cxx
|
||
|
@@ -21,6 +21,10 @@
|
||
|
#include "xsecparser.hxx"
|
||
|
#include <xsecctl.hxx>
|
||
|
#include <xmlsignaturehelper.hxx>
|
||
|
+
|
||
|
+#include <xmloff/xmlnmspe.hxx>
|
||
|
+#include <xmloff/xmlimp.hxx>
|
||
|
+
|
||
|
#include <com/sun/star/xml/sax/SAXException.hpp>
|
||
|
#include <cppuhelper/exc_hlp.hxx>
|
||
|
#include <sal/log.hxx>
|
||
|
@@ -29,471 +33,1460 @@ namespace cssu = com::sun::star::uno;
|
||
|
namespace cssxc = com::sun::star::xml::crypto;
|
||
|
namespace cssxs = com::sun::star::xml::sax;
|
||
|
|
||
|
-XSecParser::XSecParser(XMLSignatureHelper& rXMLSignatureHelper,
|
||
|
- XSecController* pXSecController)
|
||
|
- : m_bInX509IssuerName(false)
|
||
|
- , m_bInX509SerialNumber(false)
|
||
|
- , m_bInX509Certificate(false)
|
||
|
- , m_bInGpgCertificate(false)
|
||
|
- , m_bInGpgKeyID(false)
|
||
|
- , m_bInGpgOwner(false)
|
||
|
- , m_bInCertDigest(false)
|
||
|
- , m_bInEncapsulatedX509Certificate(false)
|
||
|
- , m_bInSigningTime(false)
|
||
|
- , m_bInDigestValue(false)
|
||
|
- , m_bInSignatureValue(false)
|
||
|
- , m_bInDate(false)
|
||
|
- , m_bInDescription(false)
|
||
|
- , m_bInSignatureLineId(false)
|
||
|
- , m_bInSignatureLineValidImage(false)
|
||
|
- , m_bInSignatureLineInvalidImage(false)
|
||
|
- , m_pXSecController(pXSecController)
|
||
|
- , m_bReferenceUnresolved(false)
|
||
|
- , m_nReferenceDigestID(cssxc::DigestID::SHA1)
|
||
|
- , m_rXMLSignatureHelper(rXMLSignatureHelper)
|
||
|
+class XSecParser::Context
|
||
|
{
|
||
|
-}
|
||
|
+ protected:
|
||
|
+ friend class XSecParser;
|
||
|
+ XSecParser & m_rParser;
|
||
|
+ private:
|
||
|
+ std::unique_ptr<SvXMLNamespaceMap> m_pOldNamespaceMap;
|
||
|
+
|
||
|
+ public:
|
||
|
+ Context(XSecParser & rParser,
|
||
|
+ std::unique_ptr<SvXMLNamespaceMap> pOldNamespaceMap)
|
||
|
+ : m_rParser(rParser)
|
||
|
+ , m_pOldNamespaceMap(std::move(pOldNamespaceMap))
|
||
|
+ {
|
||
|
+ }
|
||
|
+
|
||
|
+ virtual ~Context() = default;
|
||
|
|
||
|
-OUString XSecParser::getIdAttr(const cssu::Reference< cssxs::XAttributeList >& xAttribs )
|
||
|
+ virtual void StartElement(
|
||
|
+ css::uno::Reference<css::xml::sax::XAttributeList> const& /*xAttrs*/)
|
||
|
+ {
|
||
|
+ }
|
||
|
+
|
||
|
+ virtual void EndElement()
|
||
|
+ {
|
||
|
+ }
|
||
|
+
|
||
|
+ virtual std::unique_ptr<Context> CreateChildContext(
|
||
|
+ std::unique_ptr<SvXMLNamespaceMap> pOldNamespaceMap,
|
||
|
+ sal_uInt16 const /*nNamespace*/, OUString const& /*rName*/);
|
||
|
+
|
||
|
+ virtual void Characters(OUString const& /*rChars*/)
|
||
|
+ {
|
||
|
+ }
|
||
|
+};
|
||
|
+
|
||
|
+// it's possible that an unsupported element has an Id attribute and a
|
||
|
+// ds:Reference digesting it - probably this means XSecController needs to know
|
||
|
+// about it. (For known elements, the Id attribute is only processed according
|
||
|
+// to the schema.)
|
||
|
+class XSecParser::UnknownContext
|
||
|
+ : public XSecParser::Context
|
||
|
{
|
||
|
- OUString ouIdAttr = xAttribs->getValueByName("id");
|
||
|
+ public:
|
||
|
+ UnknownContext(XSecParser & rParser,
|
||
|
+ std::unique_ptr<SvXMLNamespaceMap> pOldNamespaceMap)
|
||
|
+ : XSecParser::Context(rParser, std::move(pOldNamespaceMap))
|
||
|
+ {
|
||
|
+ }
|
||
|
|
||
|
- if (ouIdAttr.isEmpty())
|
||
|
- {
|
||
|
- ouIdAttr = xAttribs->getValueByName("Id");
|
||
|
- }
|
||
|
+ virtual void StartElement(
|
||
|
+ css::uno::Reference<css::xml::sax::XAttributeList> const& xAttrs) override
|
||
|
+ {
|
||
|
+ m_rParser.HandleIdAttr(xAttrs);
|
||
|
+ }
|
||
|
+};
|
||
|
|
||
|
- return ouIdAttr;
|
||
|
+auto XSecParser::Context::CreateChildContext(
|
||
|
+ std::unique_ptr<SvXMLNamespaceMap> pOldNamespaceMap,
|
||
|
+ sal_uInt16 const /*nNamespace*/, OUString const& /*rName*/)
|
||
|
+-> std::unique_ptr<Context>
|
||
|
+{
|
||
|
+ // default: create new base context
|
||
|
+ return std::make_unique<UnknownContext>(m_rParser, std::move(pOldNamespaceMap));
|
||
|
}
|
||
|
|
||
|
-/*
|
||
|
- * XDocumentHandler
|
||
|
- */
|
||
|
-void SAL_CALL XSecParser::startDocument( )
|
||
|
+class XSecParser::LoPGPOwnerContext
|
||
|
+ : public XSecParser::Context
|
||
|
{
|
||
|
- m_bInX509IssuerName = false;
|
||
|
- m_bInX509SerialNumber = false;
|
||
|
- m_bInX509Certificate = false;
|
||
|
- m_bInGpgCertificate = false;
|
||
|
- m_bInGpgKeyID = false;
|
||
|
- m_bInGpgOwner = false;
|
||
|
- m_bInSignatureValue = false;
|
||
|
- m_bInDigestValue = false;
|
||
|
- m_bInDate = false;
|
||
|
- m_bInDescription = false;
|
||
|
+ private:
|
||
|
+ OUString m_Value;
|
||
|
|
||
|
- if (m_xNextHandler.is())
|
||
|
- {
|
||
|
- m_xNextHandler->startDocument();
|
||
|
- }
|
||
|
-}
|
||
|
+ public:
|
||
|
+ LoPGPOwnerContext(XSecParser & rParser,
|
||
|
+ std::unique_ptr<SvXMLNamespaceMap> pOldNamespaceMap)
|
||
|
+ : XSecParser::Context(rParser, std::move(pOldNamespaceMap))
|
||
|
+ {
|
||
|
+ }
|
||
|
|
||
|
-void SAL_CALL XSecParser::endDocument( )
|
||
|
+ virtual void EndElement() override
|
||
|
+ {
|
||
|
+ m_rParser.m_pXSecController->setGpgOwner(m_Value);
|
||
|
+ }
|
||
|
+
|
||
|
+ virtual void Characters(OUString const& rChars) override
|
||
|
+ {
|
||
|
+ m_Value += rChars;
|
||
|
+ }
|
||
|
+};
|
||
|
+
|
||
|
+class XSecParser::DsPGPKeyPacketContext
|
||
|
+ : public XSecParser::Context
|
||
|
{
|
||
|
- if (m_xNextHandler.is())
|
||
|
- {
|
||
|
- m_xNextHandler->endDocument();
|
||
|
- }
|
||
|
-}
|
||
|
+ private:
|
||
|
+ OUString m_Value;
|
||
|
+
|
||
|
+ public:
|
||
|
+ DsPGPKeyPacketContext(XSecParser & rParser,
|
||
|
+ std::unique_ptr<SvXMLNamespaceMap> pOldNamespaceMap)
|
||
|
+ : XSecParser::Context(rParser, std::move(pOldNamespaceMap))
|
||
|
+ {
|
||
|
+ }
|
||
|
+
|
||
|
+ virtual void EndElement() override
|
||
|
+ {
|
||
|
+ m_rParser.m_pXSecController->setGpgCertificate(m_Value);
|
||
|
+ }
|
||
|
+
|
||
|
+ virtual void Characters(OUString const& rChars) override
|
||
|
+ {
|
||
|
+ m_Value += rChars;
|
||
|
+ }
|
||
|
+};
|
||
|
+
|
||
|
+class XSecParser::DsPGPKeyIDContext
|
||
|
+ : public XSecParser::Context
|
||
|
+{
|
||
|
+ private:
|
||
|
+ OUString m_Value;
|
||
|
+
|
||
|
+ public:
|
||
|
+ DsPGPKeyIDContext(XSecParser & rParser,
|
||
|
+ std::unique_ptr<SvXMLNamespaceMap> pOldNamespaceMap)
|
||
|
+ : XSecParser::Context(rParser, std::move(pOldNamespaceMap))
|
||
|
+ {
|
||
|
+ }
|
||
|
+
|
||
|
+ virtual void EndElement() override
|
||
|
+ {
|
||
|
+ m_rParser.m_pXSecController->setGpgKeyID(m_Value);
|
||
|
+ }
|
||
|
+
|
||
|
+ virtual void Characters(OUString const& rChars) override
|
||
|
+ {
|
||
|
+ m_Value += rChars;
|
||
|
+ }
|
||
|
+};
|
||
|
+
|
||
|
+class XSecParser::DsPGPDataContext
|
||
|
+ : public XSecParser::Context
|
||
|
+{
|
||
|
+ public:
|
||
|
+ DsPGPDataContext(XSecParser & rParser,
|
||
|
+ std::unique_ptr<SvXMLNamespaceMap> pOldNamespaceMap)
|
||
|
+ : XSecParser::Context(rParser, std::move(pOldNamespaceMap))
|
||
|
+ {
|
||
|
+ }
|
||
|
+
|
||
|
+ virtual void StartElement(
|
||
|
+ css::uno::Reference<css::xml::sax::XAttributeList> const& /*xAttrs*/) override
|
||
|
+ {
|
||
|
+ m_rParser.m_pXSecController->switchGpgSignature();
|
||
|
+ }
|
||
|
+
|
||
|
+ virtual std::unique_ptr<Context> CreateChildContext(
|
||
|
+ std::unique_ptr<SvXMLNamespaceMap> pOldNamespaceMap,
|
||
|
+ sal_uInt16 const nNamespace, OUString const& rName) override
|
||
|
+ {
|
||
|
+ if (nNamespace == XML_NAMESPACE_DS && rName == "PGPKeyID")
|
||
|
+ {
|
||
|
+ return std::make_unique<DsPGPKeyIDContext>(m_rParser, std::move(pOldNamespaceMap));
|
||
|
+ }
|
||
|
+ if (nNamespace == XML_NAMESPACE_DS && rName == "PGPKeyPacket")
|
||
|
+ {
|
||
|
+ return std::make_unique<DsPGPKeyPacketContext>(m_rParser, std::move(pOldNamespaceMap));
|
||
|
+ }
|
||
|
+ if (nNamespace == XML_NAMESPACE_LO_EXT && rName == "PGPOwner")
|
||
|
+ {
|
||
|
+ return std::make_unique<LoPGPOwnerContext>(m_rParser, std::move(pOldNamespaceMap));
|
||
|
+ }
|
||
|
+ return XSecParser::Context::CreateChildContext(std::move(pOldNamespaceMap), nNamespace, rName);
|
||
|
+ }
|
||
|
+};
|
||
|
+
|
||
|
+class XSecParser::DsX509CertificateContext
|
||
|
+ : public XSecParser::Context
|
||
|
+{
|
||
|
+ private:
|
||
|
+ OUString m_Value;
|
||
|
+
|
||
|
+ public:
|
||
|
+ DsX509CertificateContext(XSecParser & rParser,
|
||
|
+ std::unique_ptr<SvXMLNamespaceMap> pOldNamespaceMap)
|
||
|
+ : XSecParser::Context(rParser, std::move(pOldNamespaceMap))
|
||
|
+ {
|
||
|
+ }
|
||
|
+
|
||
|
+ virtual void EndElement() override
|
||
|
+ {
|
||
|
+ m_rParser.m_pXSecController->setX509Certificate(m_Value);
|
||
|
+ }
|
||
|
+
|
||
|
+ virtual void Characters(OUString const& rChars) override
|
||
|
+ {
|
||
|
+ m_Value += rChars;
|
||
|
+ }
|
||
|
+};
|
||
|
+
|
||
|
+class XSecParser::DsX509SerialNumberContext
|
||
|
+ : public XSecParser::Context
|
||
|
+{
|
||
|
+ private:
|
||
|
+ OUString m_Value;
|
||
|
+
|
||
|
+ public:
|
||
|
+ DsX509SerialNumberContext(XSecParser & rParser,
|
||
|
+ std::unique_ptr<SvXMLNamespaceMap> pOldNamespaceMap)
|
||
|
+ : XSecParser::Context(rParser, std::move(pOldNamespaceMap))
|
||
|
+ {
|
||
|
+ }
|
||
|
+
|
||
|
+ virtual void EndElement() override
|
||
|
+ {
|
||
|
+ m_rParser.m_pXSecController->setX509SerialNumber(m_Value);
|
||
|
+ }
|
||
|
+
|
||
|
+ virtual void Characters(OUString const& rChars) override
|
||
|
+ {
|
||
|
+ m_Value += rChars;
|
||
|
+ }
|
||
|
+};
|
||
|
+
|
||
|
+class XSecParser::DsX509IssuerNameContext
|
||
|
+ : public XSecParser::Context
|
||
|
+{
|
||
|
+ private:
|
||
|
+ OUString m_Value;
|
||
|
+
|
||
|
+ public:
|
||
|
+ DsX509IssuerNameContext(XSecParser & rParser,
|
||
|
+ std::unique_ptr<SvXMLNamespaceMap> pOldNamespaceMap)
|
||
|
+ : XSecParser::Context(rParser, std::move(pOldNamespaceMap))
|
||
|
+ {
|
||
|
+ }
|
||
|
+
|
||
|
+ virtual void EndElement() override
|
||
|
+ {
|
||
|
+ m_rParser.m_pXSecController->setX509IssuerName(m_Value);
|
||
|
+ }
|
||
|
+
|
||
|
+ virtual void Characters(OUString const& rChars) override
|
||
|
+ {
|
||
|
+ m_Value += rChars;
|
||
|
+ }
|
||
|
+};
|
||
|
+
|
||
|
+class XSecParser::DsX509IssuerSerialContext
|
||
|
+ : public XSecParser::Context
|
||
|
+{
|
||
|
+ public:
|
||
|
+ DsX509IssuerSerialContext(XSecParser & rParser,
|
||
|
+ std::unique_ptr<SvXMLNamespaceMap> pOldNamespaceMap)
|
||
|
+ : XSecParser::Context(rParser, std::move(pOldNamespaceMap))
|
||
|
+ {
|
||
|
+ }
|
||
|
+
|
||
|
+ virtual std::unique_ptr<Context> CreateChildContext(
|
||
|
+ std::unique_ptr<SvXMLNamespaceMap> pOldNamespaceMap,
|
||
|
+ sal_uInt16 const nNamespace, OUString const& rName) override
|
||
|
+ {
|
||
|
+ if (nNamespace == XML_NAMESPACE_DS && rName == "X509IssuerName")
|
||
|
+ {
|
||
|
+ return std::make_unique<DsX509IssuerNameContext>(m_rParser, std::move(pOldNamespaceMap));
|
||
|
+ }
|
||
|
+ if (nNamespace == XML_NAMESPACE_DS && rName == "X509SerialNumber")
|
||
|
+ {
|
||
|
+ return std::make_unique<DsX509SerialNumberContext>(m_rParser, std::move(pOldNamespaceMap));
|
||
|
+ }
|
||
|
+ // missing: ds:X509SKI, ds:X509SubjectName, ds:X509CRL
|
||
|
+ return XSecParser::Context::CreateChildContext(std::move(pOldNamespaceMap), nNamespace, rName);
|
||
|
+ }
|
||
|
+};
|
||
|
+
|
||
|
+class XSecParser::DsX509DataContext
|
||
|
+ : public XSecParser::Context
|
||
|
+{
|
||
|
+ public:
|
||
|
+ DsX509DataContext(XSecParser & rParser,
|
||
|
+ std::unique_ptr<SvXMLNamespaceMap> pOldNamespaceMap)
|
||
|
+ : XSecParser::Context(rParser, std::move(pOldNamespaceMap))
|
||
|
+ {
|
||
|
+ }
|
||
|
+
|
||
|
+ virtual std::unique_ptr<Context> CreateChildContext(
|
||
|
+ std::unique_ptr<SvXMLNamespaceMap> pOldNamespaceMap,
|
||
|
+ sal_uInt16 const nNamespace, OUString const& rName) override
|
||
|
+ {
|
||
|
+ if (nNamespace == XML_NAMESPACE_DS && rName == "X509IssuerSerial")
|
||
|
+ {
|
||
|
+ return std::make_unique<DsX509IssuerSerialContext>(m_rParser, std::move(pOldNamespaceMap));
|
||
|
+ }
|
||
|
+ if (nNamespace == XML_NAMESPACE_DS && rName == "X509Certificate")
|
||
|
+ {
|
||
|
+ return std::make_unique<DsX509CertificateContext>(m_rParser, std::move(pOldNamespaceMap));
|
||
|
+ }
|
||
|
+ // missing: ds:X509SKI, ds:X509SubjectName, ds:X509CRL
|
||
|
+ return XSecParser::Context::CreateChildContext(std::move(pOldNamespaceMap), nNamespace, rName);
|
||
|
+ }
|
||
|
+};
|
||
|
+
|
||
|
+class XSecParser::DsKeyInfoContext
|
||
|
+ : public XSecParser::Context
|
||
|
+{
|
||
|
+ public:
|
||
|
+ DsKeyInfoContext(XSecParser & rParser,
|
||
|
+ std::unique_ptr<SvXMLNamespaceMap> pOldNamespaceMap)
|
||
|
+ : XSecParser::Context(rParser, std::move(pOldNamespaceMap))
|
||
|
+ {
|
||
|
+ }
|
||
|
+
|
||
|
+ virtual void StartElement(
|
||
|
+ css::uno::Reference<css::xml::sax::XAttributeList> const& xAttrs) override
|
||
|
+ {
|
||
|
+ m_rParser.HandleIdAttr(xAttrs);
|
||
|
+ }
|
||
|
+
|
||
|
+ virtual std::unique_ptr<Context> CreateChildContext(
|
||
|
+ std::unique_ptr<SvXMLNamespaceMap> pOldNamespaceMap,
|
||
|
+ sal_uInt16 const nNamespace, OUString const& rName) override
|
||
|
+ {
|
||
|
+ if (nNamespace == XML_NAMESPACE_DS && rName == "X509Data")
|
||
|
+ {
|
||
|
+ return std::make_unique<DsX509DataContext>(m_rParser, std::move(pOldNamespaceMap));
|
||
|
+ }
|
||
|
+ if (nNamespace == XML_NAMESPACE_DS && rName == "PGPData")
|
||
|
+ {
|
||
|
+ return std::make_unique<DsPGPDataContext>(m_rParser, std::move(pOldNamespaceMap));
|
||
|
+ }
|
||
|
+ // missing: ds:KeyName, ds:KeyValue, ds:RetrievalMethod, ds:SPKIData, ds:MgmtData
|
||
|
+ // (old code would read ds:Transform inside ds:RetrievalMethod but
|
||
|
+ // presumably that was a bug)
|
||
|
+ return XSecParser::Context::CreateChildContext(std::move(pOldNamespaceMap), nNamespace, rName);
|
||
|
+ }
|
||
|
+
|
||
|
+};
|
||
|
+
|
||
|
+class XSecParser::DsSignatureValueContext
|
||
|
+ : public XSecParser::Context
|
||
|
+{
|
||
|
+ private:
|
||
|
+ OUString m_Value;
|
||
|
+
|
||
|
+ public:
|
||
|
+ DsSignatureValueContext(XSecParser & rParser,
|
||
|
+ std::unique_ptr<SvXMLNamespaceMap> pOldNamespaceMap)
|
||
|
+ : XSecParser::Context(rParser, std::move(pOldNamespaceMap))
|
||
|
+ {
|
||
|
+ }
|
||
|
+
|
||
|
+ virtual void StartElement(
|
||
|
+ css::uno::Reference<css::xml::sax::XAttributeList> const& xAttrs) override
|
||
|
+ {
|
||
|
+ m_rParser.HandleIdAttr(xAttrs);
|
||
|
+ }
|
||
|
+
|
||
|
+ virtual void EndElement() override
|
||
|
+ {
|
||
|
+ m_rParser.m_pXSecController->setSignatureValue(m_Value);
|
||
|
+ }
|
||
|
+
|
||
|
+ virtual void Characters(OUString const& rChars) override
|
||
|
+ {
|
||
|
+ m_Value += rChars;
|
||
|
+ }
|
||
|
+};
|
||
|
+
|
||
|
+class XSecParser::DsDigestValueContext
|
||
|
+ : public XSecParser::Context
|
||
|
+{
|
||
|
+ private:
|
||
|
+ OUString & m_rValue;
|
||
|
+
|
||
|
+ public:
|
||
|
+ DsDigestValueContext(XSecParser & rParser,
|
||
|
+ std::unique_ptr<SvXMLNamespaceMap> pOldNamespaceMap,
|
||
|
+ OUString & rValue)
|
||
|
+ : XSecParser::Context(rParser, std::move(pOldNamespaceMap))
|
||
|
+ , m_rValue(rValue)
|
||
|
+ {
|
||
|
+ }
|
||
|
+
|
||
|
+ virtual void StartElement(
|
||
|
+ css::uno::Reference<css::xml::sax::XAttributeList> const& /*xAttrs*/) override
|
||
|
+ {
|
||
|
+ m_rValue.clear();
|
||
|
+ }
|
||
|
+
|
||
|
+ virtual void Characters(OUString const& rChars) override
|
||
|
+ {
|
||
|
+ m_rValue += rChars;
|
||
|
+ }
|
||
|
+};
|
||
|
+
|
||
|
+class XSecParser::DsDigestMethodContext
|
||
|
+ : public XSecParser::Context
|
||
|
+{
|
||
|
+ private:
|
||
|
+ sal_Int32 & m_rReferenceDigestID;
|
||
|
+
|
||
|
+ public:
|
||
|
+ DsDigestMethodContext(XSecParser & rParser,
|
||
|
+ std::unique_ptr<SvXMLNamespaceMap> pOldNamespaceMap,
|
||
|
+ sal_Int32 & rReferenceDigestID)
|
||
|
+ : XSecParser::Context(rParser, std::move(pOldNamespaceMap))
|
||
|
+ , m_rReferenceDigestID(rReferenceDigestID)
|
||
|
+ {
|
||
|
+ }
|
||
|
+
|
||
|
+ virtual void StartElement(
|
||
|
+ css::uno::Reference<css::xml::sax::XAttributeList> const& xAttrs) override
|
||
|
+ {
|
||
|
+ OUString ouAlgorithm = xAttrs->getValueByName("Algorithm");
|
||
|
+
|
||
|
+ SAL_WARN_IF( ouAlgorithm.isEmpty(), "xmlsecurity.helper", "no Algorithm in Reference" );
|
||
|
+ if (!ouAlgorithm.isEmpty())
|
||
|
+ {
|
||
|
+ SAL_WARN_IF( ouAlgorithm != ALGO_XMLDSIGSHA1
|
||
|
+ && ouAlgorithm != ALGO_XMLDSIGSHA256
|
||
|
+ && ouAlgorithm != ALGO_XMLDSIGSHA512,
|
||
|
+ "xmlsecurity.helper", "Algorithm neither SHA1, SHA256 nor SHA512");
|
||
|
+ if (ouAlgorithm == ALGO_XMLDSIGSHA1)
|
||
|
+ m_rReferenceDigestID = css::xml::crypto::DigestID::SHA1;
|
||
|
+ else if (ouAlgorithm == ALGO_XMLDSIGSHA256)
|
||
|
+ m_rReferenceDigestID = css::xml::crypto::DigestID::SHA256;
|
||
|
+ else if (ouAlgorithm == ALGO_XMLDSIGSHA512)
|
||
|
+ m_rReferenceDigestID = css::xml::crypto::DigestID::SHA512;
|
||
|
+ else
|
||
|
+ m_rReferenceDigestID = 0;
|
||
|
+ }
|
||
|
+ }
|
||
|
+};
|
||
|
+
|
||
|
+class XSecParser::DsTransformContext
|
||
|
+ : public XSecParser::Context
|
||
|
+{
|
||
|
+ private:
|
||
|
+ bool & m_rIsC14N;
|
||
|
+
|
||
|
+ public:
|
||
|
+ DsTransformContext(XSecParser & rParser,
|
||
|
+ std::unique_ptr<SvXMLNamespaceMap> pOldNamespaceMap,
|
||
|
+ bool & rIsC14N)
|
||
|
+ : XSecParser::Context(rParser, std::move(pOldNamespaceMap))
|
||
|
+ , m_rIsC14N(rIsC14N)
|
||
|
+ {
|
||
|
+ }
|
||
|
+
|
||
|
+ virtual void StartElement(
|
||
|
+ css::uno::Reference<css::xml::sax::XAttributeList> const& xAttrs) override
|
||
|
+ {
|
||
|
+ OUString ouAlgorithm = xAttrs->getValueByName("Algorithm");
|
||
|
+
|
||
|
+ if (ouAlgorithm == ALGO_C14N)
|
||
|
+ /*
|
||
|
+ * a xml stream
|
||
|
+ */
|
||
|
+ {
|
||
|
+ m_rIsC14N = true;
|
||
|
+ }
|
||
|
+ }
|
||
|
+};
|
||
|
+
|
||
|
+class XSecParser::DsTransformsContext
|
||
|
+ : public XSecParser::Context
|
||
|
+{
|
||
|
+ private:
|
||
|
+ bool & m_rIsC14N;
|
||
|
+
|
||
|
+ public:
|
||
|
+ DsTransformsContext(XSecParser & rParser,
|
||
|
+ std::unique_ptr<SvXMLNamespaceMap> pOldNamespaceMap,
|
||
|
+ bool & rIsC14N)
|
||
|
+ : XSecParser::Context(rParser, std::move(pOldNamespaceMap))
|
||
|
+ , m_rIsC14N(rIsC14N)
|
||
|
+ {
|
||
|
+ }
|
||
|
+
|
||
|
+ virtual std::unique_ptr<Context> CreateChildContext(
|
||
|
+ std::unique_ptr<SvXMLNamespaceMap> pOldNamespaceMap,
|
||
|
+ sal_uInt16 const nNamespace, OUString const& rName) override
|
||
|
+ {
|
||
|
+ if (nNamespace == XML_NAMESPACE_DS && rName == "Transform")
|
||
|
+ {
|
||
|
+ return std::make_unique<DsTransformContext>(m_rParser, std::move(pOldNamespaceMap), m_rIsC14N);
|
||
|
+ }
|
||
|
+ return XSecParser::Context::CreateChildContext(std::move(pOldNamespaceMap), nNamespace, rName);
|
||
|
+ }
|
||
|
+};
|
||
|
+
|
||
|
+class XSecParser::DsReferenceContext
|
||
|
+ : public XSecParser::Context
|
||
|
+{
|
||
|
+ private:
|
||
|
+ OUString m_URI;
|
||
|
+ OUString m_Type;
|
||
|
+ OUString m_DigestValue;
|
||
|
+ bool m_IsC14N = false;
|
||
|
+ // Relevant for ODF. The digest algorithm selected by the DigestMethod
|
||
|
+ // element's Algorithm attribute. @see css::xml::crypto::DigestID.
|
||
|
+ sal_Int32 m_nReferenceDigestID = css::xml::crypto::DigestID::SHA1;
|
||
|
+
|
||
|
+ public:
|
||
|
+ DsReferenceContext(XSecParser & rParser,
|
||
|
+ std::unique_ptr<SvXMLNamespaceMap> pOldNamespaceMap)
|
||
|
+ : XSecParser::Context(rParser, std::move(pOldNamespaceMap))
|
||
|
+ {
|
||
|
+ }
|
||
|
+
|
||
|
+ virtual void StartElement(
|
||
|
+ css::uno::Reference<css::xml::sax::XAttributeList> const& xAttrs) override
|
||
|
+ {
|
||
|
+ m_rParser.HandleIdAttr(xAttrs);
|
||
|
+
|
||
|
+ m_URI = xAttrs->getValueByName("URI");
|
||
|
+ SAL_WARN_IF(m_URI.isEmpty(), "xmlsecurity.helper", "URI is empty");
|
||
|
+ // Remember the type of this reference.
|
||
|
+ m_Type = xAttrs->getValueByName("Type");
|
||
|
+ }
|
||
|
+
|
||
|
+ virtual void EndElement() override
|
||
|
+ {
|
||
|
+ if (m_URI.startsWith("#"))
|
||
|
+ {
|
||
|
+ /*
|
||
|
+ * remove the first character '#' from the attribute value
|
||
|
+ */
|
||
|
+ m_rParser.m_pXSecController->addReference(m_URI.copy(1), m_nReferenceDigestID, m_Type);
|
||
|
+ }
|
||
|
+ else
|
||
|
+ {
|
||
|
+ if (m_IsC14N) // this is determined by nested ds:Transform
|
||
|
+ {
|
||
|
+ m_rParser.m_pXSecController->addStreamReference(m_URI, false, m_nReferenceDigestID);
|
||
|
+ }
|
||
|
+ else
|
||
|
+ /*
|
||
|
+ * it must be an octet stream
|
||
|
+ */
|
||
|
+ {
|
||
|
+ m_rParser.m_pXSecController->addStreamReference(m_URI, true, m_nReferenceDigestID);
|
||
|
+ }
|
||
|
+ }
|
||
|
+
|
||
|
+ m_rParser.m_pXSecController->setDigestValue(m_nReferenceDigestID, m_DigestValue);
|
||
|
+ }
|
||
|
+
|
||
|
+ virtual std::unique_ptr<Context> CreateChildContext(
|
||
|
+ std::unique_ptr<SvXMLNamespaceMap> pOldNamespaceMap,
|
||
|
+ sal_uInt16 const nNamespace, OUString const& rName) override
|
||
|
+ {
|
||
|
+ if (nNamespace == XML_NAMESPACE_DS && rName == "Transforms")
|
||
|
+ {
|
||
|
+ return std::make_unique<DsTransformsContext>(m_rParser, std::move(pOldNamespaceMap), m_IsC14N);
|
||
|
+ }
|
||
|
+ if (nNamespace == XML_NAMESPACE_DS && rName == "DigestMethod")
|
||
|
+ {
|
||
|
+ return std::make_unique<DsDigestMethodContext>(m_rParser, std::move(pOldNamespaceMap), m_nReferenceDigestID);
|
||
|
+ }
|
||
|
+ if (nNamespace == XML_NAMESPACE_DS && rName == "DigestValue")
|
||
|
+ {
|
||
|
+ return std::make_unique<DsDigestValueContext>(m_rParser, std::move(pOldNamespaceMap), m_DigestValue);
|
||
|
+ }
|
||
|
+ return XSecParser::Context::CreateChildContext(std::move(pOldNamespaceMap), nNamespace, rName);
|
||
|
+ }
|
||
|
+};
|
||
|
+
|
||
|
+class XSecParser::DsSignatureMethodContext
|
||
|
+ : public XSecParser::Context
|
||
|
+{
|
||
|
+ public:
|
||
|
+ DsSignatureMethodContext(XSecParser & rParser,
|
||
|
+ std::unique_ptr<SvXMLNamespaceMap> pOldNamespaceMap)
|
||
|
+ : XSecParser::Context(rParser, std::move(pOldNamespaceMap))
|
||
|
+ {
|
||
|
+ }
|
||
|
+
|
||
|
+ virtual void StartElement(
|
||
|
+ css::uno::Reference<css::xml::sax::XAttributeList> const& xAttrs) override
|
||
|
+ {
|
||
|
+ OUString ouAlgorithm = xAttrs->getValueByName("Algorithm");
|
||
|
+ if (ouAlgorithm == ALGO_ECDSASHA1 || ouAlgorithm == ALGO_ECDSASHA256
|
||
|
+ || ouAlgorithm == ALGO_ECDSASHA512)
|
||
|
+ {
|
||
|
+ m_rParser.m_pXSecController->setSignatureMethod(svl::crypto::SignatureMethodAlgorithm::ECDSA);
|
||
|
+ }
|
||
|
+ }
|
||
|
+};
|
||
|
+
|
||
|
+class XSecParser::DsSignedInfoContext
|
||
|
+ : public XSecParser::Context
|
||
|
+{
|
||
|
+ public:
|
||
|
+ DsSignedInfoContext(XSecParser & rParser,
|
||
|
+ std::unique_ptr<SvXMLNamespaceMap> pOldNamespaceMap)
|
||
|
+ : XSecParser::Context(rParser, std::move(pOldNamespaceMap))
|
||
|
+ {
|
||
|
+ }
|
||
|
+
|
||
|
+ virtual void StartElement(
|
||
|
+ css::uno::Reference<css::xml::sax::XAttributeList> const& xAttrs) override
|
||
|
+ {
|
||
|
+ m_rParser.HandleIdAttr(xAttrs);
|
||
|
+ }
|
||
|
+
|
||
|
+ virtual void EndElement() override
|
||
|
+ {
|
||
|
+ m_rParser.m_pXSecController->setReferenceCount();
|
||
|
+ }
|
||
|
+
|
||
|
+ virtual std::unique_ptr<Context> CreateChildContext(
|
||
|
+ std::unique_ptr<SvXMLNamespaceMap> pOldNamespaceMap,
|
||
|
+ sal_uInt16 const nNamespace, OUString const& rName) override
|
||
|
+ {
|
||
|
+ if (nNamespace == XML_NAMESPACE_DS && rName == "SignatureMethod")
|
||
|
+ {
|
||
|
+ return std::make_unique<DsSignatureMethodContext>(m_rParser, std::move(pOldNamespaceMap));
|
||
|
+ }
|
||
|
+ if (nNamespace == XML_NAMESPACE_DS && rName == "Reference")
|
||
|
+ {
|
||
|
+ return std::make_unique<DsReferenceContext>(m_rParser, std::move(pOldNamespaceMap));
|
||
|
+ }
|
||
|
+ // missing: ds:CanonicalizationMethod
|
||
|
+ return XSecParser::Context::CreateChildContext(std::move(pOldNamespaceMap), nNamespace, rName);
|
||
|
+ }
|
||
|
+};
|
||
|
+
|
||
|
+class XSecParser::XadesEncapsulatedX509CertificateContext
|
||
|
+ : public XSecParser::Context
|
||
|
+{
|
||
|
+ private:
|
||
|
+ OUString m_Value;
|
||
|
+
|
||
|
+ public:
|
||
|
+ XadesEncapsulatedX509CertificateContext(XSecParser & rParser,
|
||
|
+ std::unique_ptr<SvXMLNamespaceMap> pOldNamespaceMap)
|
||
|
+ : XSecParser::Context(rParser, std::move(pOldNamespaceMap))
|
||
|
+ {
|
||
|
+ }
|
||
|
+
|
||
|
+ virtual void StartElement(
|
||
|
+ css::uno::Reference<css::xml::sax::XAttributeList> const& xAttrs) override
|
||
|
+ {
|
||
|
+ m_rParser.HandleIdAttr(xAttrs);
|
||
|
+ }
|
||
|
+
|
||
|
+ virtual void EndElement() override
|
||
|
+ {
|
||
|
+ m_rParser.m_pXSecController->addEncapsulatedX509Certificate(m_Value);
|
||
|
+ }
|
||
|
+
|
||
|
+ virtual void Characters(OUString const& rChars) override
|
||
|
+ {
|
||
|
+ m_Value += rChars;
|
||
|
+ }
|
||
|
+};
|
||
|
+
|
||
|
+class XSecParser::XadesCertificateValuesContext
|
||
|
+ : public XSecParser::Context
|
||
|
+{
|
||
|
+ public:
|
||
|
+ XadesCertificateValuesContext(XSecParser & rParser,
|
||
|
+ std::unique_ptr<SvXMLNamespaceMap> pOldNamespaceMap)
|
||
|
+ : XSecParser::Context(rParser, std::move(pOldNamespaceMap))
|
||
|
+ {
|
||
|
+ }
|
||
|
+
|
||
|
+ virtual void StartElement(
|
||
|
+ css::uno::Reference<css::xml::sax::XAttributeList> const& xAttrs) override
|
||
|
+ {
|
||
|
+ m_rParser.HandleIdAttr(xAttrs);
|
||
|
+ }
|
||
|
+
|
||
|
+ virtual std::unique_ptr<Context> CreateChildContext(
|
||
|
+ std::unique_ptr<SvXMLNamespaceMap> pOldNamespaceMap,
|
||
|
+ sal_uInt16 const nNamespace, OUString const& rName) override
|
||
|
+ {
|
||
|
+ if (nNamespace == XML_NAMESPACE_XADES132 && rName == "EncapsulatedX509Certificate")
|
||
|
+ {
|
||
|
+ return std::make_unique<XadesEncapsulatedX509CertificateContext>(m_rParser, std::move(pOldNamespaceMap));
|
||
|
+ }
|
||
|
+ // missing: xades:OtherCertificate
|
||
|
+ return XSecParser::Context::CreateChildContext(std::move(pOldNamespaceMap), nNamespace, rName);
|
||
|
+ }
|
||
|
+};
|
||
|
+
|
||
|
+class XSecParser::XadesUnsignedSignaturePropertiesContext
|
||
|
+ : public XSecParser::Context
|
||
|
+{
|
||
|
+ public:
|
||
|
+ XadesUnsignedSignaturePropertiesContext(XSecParser & rParser,
|
||
|
+ std::unique_ptr<SvXMLNamespaceMap> pOldNamespaceMap)
|
||
|
+ : XSecParser::Context(rParser, std::move(pOldNamespaceMap))
|
||
|
+ {
|
||
|
+ }
|
||
|
+
|
||
|
+ virtual void StartElement(
|
||
|
+ css::uno::Reference<css::xml::sax::XAttributeList> const& xAttrs) override
|
||
|
+ {
|
||
|
+ m_rParser.HandleIdAttr(xAttrs);
|
||
|
+ }
|
||
|
+
|
||
|
+ virtual std::unique_ptr<Context> CreateChildContext(
|
||
|
+ std::unique_ptr<SvXMLNamespaceMap> pOldNamespaceMap,
|
||
|
+ sal_uInt16 const nNamespace, OUString const& rName) override
|
||
|
+ {
|
||
|
+ if (nNamespace == XML_NAMESPACE_XADES132 && rName == "CertificateValues")
|
||
|
+ {
|
||
|
+ return std::make_unique<XadesCertificateValuesContext>(m_rParser, std::move(pOldNamespaceMap));
|
||
|
+ }
|
||
|
+ // missing:
|
||
|
+ // xades:CounterSignature
|
||
|
+ // ^ old code would read a ds:Signature inside it?
|
||
|
+ // xades:SignatureTimeStamp
|
||
|
+ // xades:CompleteCertificateRefs
|
||
|
+ // xades:CompleteRevocationRefs
|
||
|
+ // xades:AttributeCertificateRefs
|
||
|
+ // xades:AttributeRevocationRefs
|
||
|
+ // xades:SigAndRefsTimeStamp
|
||
|
+ // xades:RefsOnlyTimeStamp
|
||
|
+ // xades:RevocationValues
|
||
|
+ // xades:AttrAuthoritiesCertValues
|
||
|
+ // ^ old code: was equivalent to CertificateValues ???
|
||
|
+ // xades:AttributeRevocationValues
|
||
|
+ // xades:ArchiveTimeStamp
|
||
|
+ return XSecParser::Context::CreateChildContext(std::move(pOldNamespaceMap), nNamespace, rName);
|
||
|
+ }
|
||
|
+};
|
||
|
+
|
||
|
+class XSecParser::XadesUnsignedPropertiesContext
|
||
|
+ : public XSecParser::Context
|
||
|
+{
|
||
|
+ public:
|
||
|
+ XadesUnsignedPropertiesContext(XSecParser & rParser,
|
||
|
+ std::unique_ptr<SvXMLNamespaceMap> pOldNamespaceMap)
|
||
|
+ : XSecParser::Context(rParser, std::move(pOldNamespaceMap))
|
||
|
+ {
|
||
|
+ }
|
||
|
+
|
||
|
+ virtual void StartElement(
|
||
|
+ css::uno::Reference<css::xml::sax::XAttributeList> const& xAttrs) override
|
||
|
+ {
|
||
|
+ m_rParser.HandleIdAttr(xAttrs);
|
||
|
+ }
|
||
|
+
|
||
|
+ virtual std::unique_ptr<Context> CreateChildContext(
|
||
|
+ std::unique_ptr<SvXMLNamespaceMap> pOldNamespaceMap,
|
||
|
+ sal_uInt16 const nNamespace, OUString const& rName) override
|
||
|
+ {
|
||
|
+ if (nNamespace == XML_NAMESPACE_XADES132 && rName == "UnsignedSignatureProperties")
|
||
|
+ {
|
||
|
+ return std::make_unique<XadesUnsignedSignaturePropertiesContext>(m_rParser, std::move(pOldNamespaceMap));
|
||
|
+ }
|
||
|
+ // missing: xades:UnsignedDataObjectProperties
|
||
|
+ return XSecParser::Context::CreateChildContext(std::move(pOldNamespaceMap), nNamespace, rName);
|
||
|
+ }
|
||
|
+};
|
||
|
+
|
||
|
+class XSecParser::LoSignatureLineIdContext
|
||
|
+ : public XSecParser::Context
|
||
|
+{
|
||
|
+ private:
|
||
|
+ OUString m_Value;
|
||
|
+
|
||
|
+ public:
|
||
|
+ LoSignatureLineIdContext(XSecParser & rParser,
|
||
|
+ std::unique_ptr<SvXMLNamespaceMap> pOldNamespaceMap)
|
||
|
+ : XSecParser::Context(rParser, std::move(pOldNamespaceMap))
|
||
|
+ {
|
||
|
+ }
|
||
|
+
|
||
|
+ virtual void EndElement() override
|
||
|
+ {
|
||
|
+ m_rParser.m_pXSecController->setSignatureLineId(m_Value);
|
||
|
+ }
|
||
|
+
|
||
|
+ virtual void Characters(OUString const& rChars) override
|
||
|
+ {
|
||
|
+ m_Value += rChars;
|
||
|
+ }
|
||
|
+};
|
||
|
+
|
||
|
+class XSecParser::LoSignatureLineValidImageContext
|
||
|
+ : public XSecParser::Context
|
||
|
+{
|
||
|
+ private:
|
||
|
+ OUString m_Value;
|
||
|
+
|
||
|
+ public:
|
||
|
+ LoSignatureLineValidImageContext(XSecParser & rParser,
|
||
|
+ std::unique_ptr<SvXMLNamespaceMap> pOldNamespaceMap)
|
||
|
+ : XSecParser::Context(rParser, std::move(pOldNamespaceMap))
|
||
|
+ {
|
||
|
+ }
|
||
|
+
|
||
|
+ virtual void EndElement() override
|
||
|
+ {
|
||
|
+ m_rParser.m_pXSecController->setValidSignatureImage(m_Value);
|
||
|
+ }
|
||
|
|
||
|
-void SAL_CALL XSecParser::startElement(
|
||
|
- const OUString& aName,
|
||
|
- const cssu::Reference< cssxs::XAttributeList >& xAttribs )
|
||
|
+ virtual void Characters(OUString const& rChars) override
|
||
|
+ {
|
||
|
+ m_Value += rChars;
|
||
|
+ }
|
||
|
+};
|
||
|
+
|
||
|
+class XSecParser::LoSignatureLineInvalidImageContext
|
||
|
+ : public XSecParser::Context
|
||
|
{
|
||
|
- try
|
||
|
- {
|
||
|
- OUString ouIdAttr = getIdAttr(xAttribs);
|
||
|
- if (!ouIdAttr.isEmpty())
|
||
|
+ private:
|
||
|
+ OUString m_Value;
|
||
|
+
|
||
|
+ public:
|
||
|
+ LoSignatureLineInvalidImageContext(XSecParser & rParser,
|
||
|
+ std::unique_ptr<SvXMLNamespaceMap> pOldNamespaceMap)
|
||
|
+ : XSecParser::Context(rParser, std::move(pOldNamespaceMap))
|
||
|
{
|
||
|
- m_pXSecController->collectToVerify( ouIdAttr );
|
||
|
}
|
||
|
|
||
|
- if ( aName == "Signature" )
|
||
|
+ virtual void EndElement() override
|
||
|
{
|
||
|
- m_rXMLSignatureHelper.StartVerifySignatureElement();
|
||
|
- m_pXSecController->addSignature();
|
||
|
- if (!ouIdAttr.isEmpty())
|
||
|
- {
|
||
|
- m_pXSecController->setId( ouIdAttr );
|
||
|
- }
|
||
|
+ m_rParser.m_pXSecController->setInvalidSignatureImage(m_Value);
|
||
|
}
|
||
|
- else if (aName == "SignatureMethod")
|
||
|
+
|
||
|
+ virtual void Characters(OUString const& rChars) override
|
||
|
+ {
|
||
|
+ m_Value += rChars;
|
||
|
+ }
|
||
|
+};
|
||
|
+
|
||
|
+class XSecParser::LoSignatureLineContext
|
||
|
+ : public XSecParser::Context
|
||
|
+{
|
||
|
+ public:
|
||
|
+ LoSignatureLineContext(XSecParser & rParser,
|
||
|
+ std::unique_ptr<SvXMLNamespaceMap> pOldNamespaceMap)
|
||
|
+ : XSecParser::Context(rParser, std::move(pOldNamespaceMap))
|
||
|
{
|
||
|
- OUString ouAlgorithm = xAttribs->getValueByName("Algorithm");
|
||
|
- if (ouAlgorithm == ALGO_ECDSASHA1 || ouAlgorithm == ALGO_ECDSASHA256
|
||
|
- || ouAlgorithm == ALGO_ECDSASHA512)
|
||
|
- m_pXSecController->setSignatureMethod(svl::crypto::SignatureMethodAlgorithm::ECDSA);
|
||
|
}
|
||
|
- else if ( aName == "Reference" )
|
||
|
+
|
||
|
+ virtual std::unique_ptr<Context> CreateChildContext(
|
||
|
+ std::unique_ptr<SvXMLNamespaceMap> pOldNamespaceMap,
|
||
|
+ sal_uInt16 const nNamespace, OUString const& rName) override
|
||
|
{
|
||
|
- OUString ouUri = xAttribs->getValueByName("URI");
|
||
|
- SAL_WARN_IF( ouUri.isEmpty(), "xmlsecurity.helper", "URI is empty" );
|
||
|
- // Remember the type of this reference.
|
||
|
- OUString ouType = xAttribs->getValueByName("Type");
|
||
|
- if (ouUri.startsWith("#"))
|
||
|
+ if (nNamespace == XML_NAMESPACE_LO_EXT && rName == "SignatureLineId")
|
||
|
{
|
||
|
- /*
|
||
|
- * remove the first character '#' from the attribute value
|
||
|
- */
|
||
|
- m_pXSecController->addReference( ouUri.copy(1), m_nReferenceDigestID, ouType );
|
||
|
+ return std::make_unique<LoSignatureLineIdContext>(m_rParser, std::move(pOldNamespaceMap));
|
||
|
}
|
||
|
- else
|
||
|
+ if (nNamespace == XML_NAMESPACE_LO_EXT && rName == "SignatureLineValidImage")
|
||
|
{
|
||
|
- /*
|
||
|
- * remember the uri
|
||
|
- */
|
||
|
- m_currentReferenceURI = ouUri;
|
||
|
- m_bReferenceUnresolved = true;
|
||
|
+ return std::make_unique<LoSignatureLineValidImageContext>(m_rParser, std::move(pOldNamespaceMap));
|
||
|
}
|
||
|
- }
|
||
|
- else if (aName == "DigestMethod")
|
||
|
- {
|
||
|
- OUString ouAlgorithm = xAttribs->getValueByName("Algorithm");
|
||
|
-
|
||
|
- SAL_WARN_IF( ouAlgorithm.isEmpty(), "xmlsecurity.helper", "no Algorithm in Reference" );
|
||
|
- if (!ouAlgorithm.isEmpty())
|
||
|
+ if (nNamespace == XML_NAMESPACE_LO_EXT && rName == "SignatureLineInvalidImage")
|
||
|
{
|
||
|
- SAL_WARN_IF( ouAlgorithm != ALGO_XMLDSIGSHA1
|
||
|
- && ouAlgorithm != ALGO_XMLDSIGSHA256
|
||
|
- && ouAlgorithm != ALGO_XMLDSIGSHA512,
|
||
|
- "xmlsecurity.helper", "Algorithm neither SHA1, SHA256 nor SHA512");
|
||
|
- if (ouAlgorithm == ALGO_XMLDSIGSHA1)
|
||
|
- m_nReferenceDigestID = cssxc::DigestID::SHA1;
|
||
|
- else if (ouAlgorithm == ALGO_XMLDSIGSHA256)
|
||
|
- m_nReferenceDigestID = cssxc::DigestID::SHA256;
|
||
|
- else if (ouAlgorithm == ALGO_XMLDSIGSHA512)
|
||
|
- m_nReferenceDigestID = cssxc::DigestID::SHA512;
|
||
|
- else
|
||
|
- m_nReferenceDigestID = 0;
|
||
|
+ return std::make_unique<LoSignatureLineInvalidImageContext>(m_rParser, std::move(pOldNamespaceMap));
|
||
|
}
|
||
|
+ return XSecParser::Context::CreateChildContext(std::move(pOldNamespaceMap), nNamespace, rName);
|
||
|
}
|
||
|
- else if (aName == "Transform")
|
||
|
- {
|
||
|
- if ( m_bReferenceUnresolved )
|
||
|
- {
|
||
|
- OUString ouAlgorithm = xAttribs->getValueByName("Algorithm");
|
||
|
+};
|
||
|
|
||
|
- if (ouAlgorithm == ALGO_C14N)
|
||
|
- /*
|
||
|
- * a xml stream
|
||
|
- */
|
||
|
- {
|
||
|
- m_pXSecController->addStreamReference( m_currentReferenceURI, false, m_nReferenceDigestID );
|
||
|
- m_bReferenceUnresolved = false;
|
||
|
- }
|
||
|
- }
|
||
|
+class XSecParser::XadesCertDigestContext
|
||
|
+ : public XSecParser::Context
|
||
|
+{
|
||
|
+ private:
|
||
|
+ OUString m_Value;
|
||
|
+ sal_Int32 m_nReferenceDigestID = css::xml::crypto::DigestID::SHA1;
|
||
|
+
|
||
|
+ public:
|
||
|
+ XadesCertDigestContext(XSecParser & rParser,
|
||
|
+ std::unique_ptr<SvXMLNamespaceMap> pOldNamespaceMap)
|
||
|
+ : XSecParser::Context(rParser, std::move(pOldNamespaceMap))
|
||
|
+ {
|
||
|
}
|
||
|
- else if (aName == "X509IssuerName")
|
||
|
+
|
||
|
+ virtual void EndElement() override
|
||
|
{
|
||
|
- m_ouX509IssuerName.clear();
|
||
|
- m_bInX509IssuerName = true;
|
||
|
+ m_rParser.m_pXSecController->setCertDigest(m_Value/* FIXME , m_nReferenceDigestID*/);
|
||
|
}
|
||
|
- else if (aName == "X509SerialNumber")
|
||
|
+
|
||
|
+ virtual std::unique_ptr<Context> CreateChildContext(
|
||
|
+ std::unique_ptr<SvXMLNamespaceMap> pOldNamespaceMap,
|
||
|
+ sal_uInt16 const nNamespace, OUString const& rName) override
|
||
|
{
|
||
|
- m_ouX509SerialNumber.clear();
|
||
|
- m_bInX509SerialNumber = true;
|
||
|
+ if (nNamespace == XML_NAMESPACE_DS && rName == "DigestMethod")
|
||
|
+ {
|
||
|
+ return std::make_unique<DsDigestMethodContext>(m_rParser, std::move(pOldNamespaceMap), m_nReferenceDigestID);
|
||
|
+ }
|
||
|
+ if (nNamespace == XML_NAMESPACE_DS && rName == "DigestValue")
|
||
|
+ {
|
||
|
+ return std::make_unique<DsDigestValueContext>(m_rParser, std::move(pOldNamespaceMap), m_Value);
|
||
|
+ }
|
||
|
+ return XSecParser::Context::CreateChildContext(std::move(pOldNamespaceMap), nNamespace, rName);
|
||
|
}
|
||
|
- else if (aName == "X509Certificate")
|
||
|
+};
|
||
|
+
|
||
|
+class XSecParser::XadesCertContext
|
||
|
+ : public XSecParser::Context
|
||
|
+{
|
||
|
+ public:
|
||
|
+ XadesCertContext(XSecParser & rParser,
|
||
|
+ std::unique_ptr<SvXMLNamespaceMap> pOldNamespaceMap)
|
||
|
+ : XSecParser::Context(rParser, std::move(pOldNamespaceMap))
|
||
|
{
|
||
|
- m_ouX509Certificate.clear();
|
||
|
- m_bInX509Certificate = true;
|
||
|
}
|
||
|
- else if (aName == "PGPData")
|
||
|
+
|
||
|
+ virtual std::unique_ptr<Context> CreateChildContext(
|
||
|
+ std::unique_ptr<SvXMLNamespaceMap> pOldNamespaceMap,
|
||
|
+ sal_uInt16 const nNamespace, OUString const& rName) override
|
||
|
{
|
||
|
- m_pXSecController->switchGpgSignature();
|
||
|
+ if (nNamespace == XML_NAMESPACE_XADES132 && rName == "CertDigest")
|
||
|
+ {
|
||
|
+ return std::make_unique<XadesCertDigestContext>(m_rParser, std::move(pOldNamespaceMap));
|
||
|
+ }
|
||
|
+ if (nNamespace == XML_NAMESPACE_XADES132 && rName == "IssuerSerial")
|
||
|
+ {
|
||
|
+ return std::make_unique<DsX509IssuerSerialContext>(m_rParser, std::move(pOldNamespaceMap));
|
||
|
+ }
|
||
|
+ return XSecParser::Context::CreateChildContext(std::move(pOldNamespaceMap), nNamespace, rName);
|
||
|
}
|
||
|
- else if (aName == "PGPKeyID")
|
||
|
+};
|
||
|
+
|
||
|
+class XSecParser::XadesSigningCertificateContext
|
||
|
+ : public XSecParser::Context
|
||
|
+{
|
||
|
+ public:
|
||
|
+ XadesSigningCertificateContext(XSecParser & rParser,
|
||
|
+ std::unique_ptr<SvXMLNamespaceMap> pOldNamespaceMap)
|
||
|
+ : XSecParser::Context(rParser, std::move(pOldNamespaceMap))
|
||
|
{
|
||
|
- m_ouGpgKeyID.clear();
|
||
|
- m_bInGpgKeyID = true;
|
||
|
}
|
||
|
- else if (aName == "PGPKeyPacket")
|
||
|
+
|
||
|
+ virtual std::unique_ptr<Context> CreateChildContext(
|
||
|
+ std::unique_ptr<SvXMLNamespaceMap> pOldNamespaceMap,
|
||
|
+ sal_uInt16 const nNamespace, OUString const& rName) override
|
||
|
{
|
||
|
- m_ouGpgCertificate.clear();
|
||
|
- m_bInGpgCertificate = true;
|
||
|
+ if (nNamespace == XML_NAMESPACE_XADES132 && rName == "Cert")
|
||
|
+ {
|
||
|
+ return std::make_unique<XadesCertContext>(m_rParser, std::move(pOldNamespaceMap));
|
||
|
+ }
|
||
|
+ return XSecParser::Context::CreateChildContext(std::move(pOldNamespaceMap), nNamespace, rName);
|
||
|
}
|
||
|
- else if (aName == "loext:PGPOwner")
|
||
|
+};
|
||
|
+
|
||
|
+class XSecParser::XadesSigningTimeContext
|
||
|
+ : public XSecParser::Context
|
||
|
+{
|
||
|
+ public:
|
||
|
+ XadesSigningTimeContext(XSecParser & rParser,
|
||
|
+ std::unique_ptr<SvXMLNamespaceMap> pOldNamespaceMap)
|
||
|
+ : XSecParser::Context(rParser, std::move(pOldNamespaceMap))
|
||
|
{
|
||
|
- m_ouGpgOwner.clear();
|
||
|
- m_bInGpgOwner = true;
|
||
|
}
|
||
|
- else if (aName == "SignatureValue")
|
||
|
+
|
||
|
+ virtual void StartElement(
|
||
|
+ css::uno::Reference<css::xml::sax::XAttributeList> const& /*xAttrs*/) override
|
||
|
{
|
||
|
- m_ouSignatureValue.clear();
|
||
|
- m_bInSignatureValue = true;
|
||
|
+ m_rParser.m_ouDate.clear();
|
||
|
}
|
||
|
- else if (aName == "DigestValue" && !m_bInCertDigest)
|
||
|
+
|
||
|
+ virtual void EndElement() override
|
||
|
{
|
||
|
- m_ouDigestValue.clear();
|
||
|
- m_bInDigestValue = true;
|
||
|
+ m_rParser.m_pXSecController->setDate( m_rParser.m_ouDate );
|
||
|
}
|
||
|
- else if (aName == "xd:CertDigest")
|
||
|
+
|
||
|
+ virtual void Characters(OUString const& rChars) override
|
||
|
{
|
||
|
- m_ouCertDigest.clear();
|
||
|
- m_bInCertDigest = true;
|
||
|
+ m_rParser.m_ouDate += rChars;
|
||
|
}
|
||
|
- // FIXME: Existing code here in xmlsecurity uses "xd" as the namespace prefix for XAdES,
|
||
|
- // while the sample document attached to tdf#76142 uses "xades". So accept either here. Of
|
||
|
- // course this is idiotic and wrong, the right thing would be to use a proper way to parse
|
||
|
- // XML that would handle namespaces correctly. I have no idea how substantial re-plumbing of
|
||
|
- // this code that would require.
|
||
|
- else if (aName == "xd:EncapsulatedX509Certificate" || aName == "xades:EncapsulatedX509Certificate")
|
||
|
+};
|
||
|
+
|
||
|
+class XSecParser::XadesSignedSignaturePropertiesContext
|
||
|
+ : public XSecParser::Context
|
||
|
+{
|
||
|
+ public:
|
||
|
+ XadesSignedSignaturePropertiesContext(XSecParser & rParser,
|
||
|
+ std::unique_ptr<SvXMLNamespaceMap> pOldNamespaceMap)
|
||
|
+ : XSecParser::Context(rParser, std::move(pOldNamespaceMap))
|
||
|
{
|
||
|
- m_ouEncapsulatedX509Certificate.clear();
|
||
|
- m_bInEncapsulatedX509Certificate = true;
|
||
|
}
|
||
|
- else if (aName == "xd:SigningTime" || aName == "xades:SigningTime")
|
||
|
+
|
||
|
+ virtual void StartElement(
|
||
|
+ css::uno::Reference<css::xml::sax::XAttributeList> const& xAttrs) override
|
||
|
{
|
||
|
- m_ouDate.clear();
|
||
|
- m_bInSigningTime = true;
|
||
|
+ m_rParser.HandleIdAttr(xAttrs);
|
||
|
}
|
||
|
- else if ( aName == "SignatureProperty" )
|
||
|
+
|
||
|
+ virtual std::unique_ptr<Context> CreateChildContext(
|
||
|
+ std::unique_ptr<SvXMLNamespaceMap> pOldNamespaceMap,
|
||
|
+ sal_uInt16 const nNamespace, OUString const& rName) override
|
||
|
{
|
||
|
- if (!ouIdAttr.isEmpty())
|
||
|
+ if (nNamespace == XML_NAMESPACE_XADES132 && rName == "SigningTime")
|
||
|
+ {
|
||
|
+ return std::make_unique<XadesSigningTimeContext>(m_rParser, std::move(pOldNamespaceMap));
|
||
|
+ }
|
||
|
+ if (nNamespace == XML_NAMESPACE_XADES132 && rName == "SigningCertificate")
|
||
|
+ {
|
||
|
+ return std::make_unique<XadesSigningCertificateContext>(m_rParser, std::move(pOldNamespaceMap));
|
||
|
+ }
|
||
|
+ if (nNamespace == XML_NAMESPACE_LO_EXT && rName == "SignatureLine")
|
||
|
{
|
||
|
- m_pXSecController->setPropertyId( ouIdAttr );
|
||
|
+ return std::make_unique<LoSignatureLineContext>(m_rParser, std::move(pOldNamespaceMap));
|
||
|
}
|
||
|
+ // missing: xades:SignaturePolicyIdentifier, xades:SignatureProductionPlace, xades:SignerRole
|
||
|
+ return XSecParser::Context::CreateChildContext(std::move(pOldNamespaceMap), nNamespace, rName);
|
||
|
}
|
||
|
- else if (aName == "dc:date")
|
||
|
+};
|
||
|
+
|
||
|
+class XSecParser::XadesSignedPropertiesContext
|
||
|
+ : public XSecParser::Context
|
||
|
+{
|
||
|
+ public:
|
||
|
+ XadesSignedPropertiesContext(XSecParser & rParser,
|
||
|
+ std::unique_ptr<SvXMLNamespaceMap> pOldNamespaceMap)
|
||
|
+ : XSecParser::Context(rParser, std::move(pOldNamespaceMap))
|
||
|
{
|
||
|
- if (m_ouDate.isEmpty())
|
||
|
- m_bInDate = true;
|
||
|
}
|
||
|
- else if (aName == "dc:description")
|
||
|
+
|
||
|
+ virtual void StartElement(
|
||
|
+ css::uno::Reference<css::xml::sax::XAttributeList> const& xAttrs) override
|
||
|
{
|
||
|
- m_ouDescription.clear();
|
||
|
- m_bInDescription = true;
|
||
|
+ m_rParser.HandleIdAttr(xAttrs);
|
||
|
}
|
||
|
- else if (aName == "loext:SignatureLineId")
|
||
|
+
|
||
|
+ virtual std::unique_ptr<Context> CreateChildContext(
|
||
|
+ std::unique_ptr<SvXMLNamespaceMap> pOldNamespaceMap,
|
||
|
+ sal_uInt16 const nNamespace, OUString const& rName) override
|
||
|
{
|
||
|
- m_ouSignatureLineId.clear();
|
||
|
- m_bInSignatureLineId = true;
|
||
|
+ if (nNamespace == XML_NAMESPACE_XADES132 && rName == "SignedSignatureProperties")
|
||
|
+ {
|
||
|
+ return std::make_unique<XadesSignedSignaturePropertiesContext>(m_rParser, std::move(pOldNamespaceMap));
|
||
|
+ }
|
||
|
+ // missing: xades:SignedDataObjectProperties
|
||
|
+ return XSecParser::Context::CreateChildContext(std::move(pOldNamespaceMap), nNamespace, rName);
|
||
|
}
|
||
|
- else if (aName == "loext:SignatureLineValidImage")
|
||
|
+};
|
||
|
+
|
||
|
+class XSecParser::XadesQualifyingPropertiesContext
|
||
|
+ : public XSecParser::Context
|
||
|
+{
|
||
|
+ public:
|
||
|
+ XadesQualifyingPropertiesContext(XSecParser & rParser,
|
||
|
+ std::unique_ptr<SvXMLNamespaceMap> pOldNamespaceMap)
|
||
|
+ : XSecParser::Context(rParser, std::move(pOldNamespaceMap))
|
||
|
{
|
||
|
- m_ouSignatureLineValidImage.clear();
|
||
|
- m_bInSignatureLineValidImage = true;
|
||
|
}
|
||
|
- else if (aName == "loext:SignatureLineInvalidImage")
|
||
|
+
|
||
|
+ virtual void StartElement(
|
||
|
+ css::uno::Reference<css::xml::sax::XAttributeList> const& xAttrs) override
|
||
|
{
|
||
|
- m_ouSignatureLineInvalidImage.clear();
|
||
|
- m_bInSignatureLineInvalidImage = true;
|
||
|
+ m_rParser.HandleIdAttr(xAttrs);
|
||
|
}
|
||
|
|
||
|
- if (m_xNextHandler.is())
|
||
|
+ virtual std::unique_ptr<Context> CreateChildContext(
|
||
|
+ std::unique_ptr<SvXMLNamespaceMap> pOldNamespaceMap,
|
||
|
+ sal_uInt16 const nNamespace, OUString const& rName) override
|
||
|
{
|
||
|
- m_xNextHandler->startElement(aName, xAttribs);
|
||
|
+ if (nNamespace == XML_NAMESPACE_XADES132 && rName == "SignedProperties")
|
||
|
+ {
|
||
|
+ return std::make_unique<XadesSignedPropertiesContext>(m_rParser, std::move(pOldNamespaceMap));
|
||
|
+ }
|
||
|
+ if (nNamespace == XML_NAMESPACE_XADES132 && rName == "UnsignedProperties")
|
||
|
+ {
|
||
|
+ return std::make_unique<XadesUnsignedPropertiesContext>(m_rParser, std::move(pOldNamespaceMap));
|
||
|
+ }
|
||
|
+ return XSecParser::Context::CreateChildContext(std::move(pOldNamespaceMap), nNamespace, rName);
|
||
|
}
|
||
|
- }
|
||
|
- catch (cssu::Exception& )
|
||
|
- {//getCaughtException MUST be the first line in the catch block
|
||
|
- cssu::Any exc = cppu::getCaughtException();
|
||
|
- throw cssxs::SAXException(
|
||
|
- "xmlsecurity: Exception in XSecParser::startElement",
|
||
|
- nullptr, exc);
|
||
|
- }
|
||
|
- catch (...)
|
||
|
- {
|
||
|
- throw cssxs::SAXException(
|
||
|
- "xmlsecurity: unexpected exception in XSecParser::startElement", nullptr,
|
||
|
- cssu::Any());
|
||
|
- }
|
||
|
-}
|
||
|
+};
|
||
|
|
||
|
-void SAL_CALL XSecParser::endElement( const OUString& aName )
|
||
|
+class XSecParser::DcDateContext
|
||
|
+ : public XSecParser::Context
|
||
|
{
|
||
|
- try
|
||
|
- {
|
||
|
- if (aName == "DigestValue" && !m_bInCertDigest)
|
||
|
+ private:
|
||
|
+ bool m_isIgnore = false;
|
||
|
+
|
||
|
+ public:
|
||
|
+ DcDateContext(XSecParser & rParser,
|
||
|
+ std::unique_ptr<SvXMLNamespaceMap> pOldNamespaceMap)
|
||
|
+ : XSecParser::Context(rParser, std::move(pOldNamespaceMap))
|
||
|
{
|
||
|
- m_bInDigestValue = false;
|
||
|
}
|
||
|
- else if ( aName == "Reference" )
|
||
|
+
|
||
|
+ virtual void StartElement(
|
||
|
+ css::uno::Reference<css::xml::sax::XAttributeList> const& /*xAttrs*/) override
|
||
|
{
|
||
|
- if ( m_bReferenceUnresolved )
|
||
|
- /*
|
||
|
- * it must be an octet stream
|
||
|
- */
|
||
|
+ m_isIgnore = !m_rParser.m_ouDate.isEmpty();
|
||
|
+ }
|
||
|
+
|
||
|
+ virtual void EndElement() override
|
||
|
+ {
|
||
|
+ if (!m_isIgnore)
|
||
|
{
|
||
|
- m_pXSecController->addStreamReference( m_currentReferenceURI, true, m_nReferenceDigestID );
|
||
|
- m_bReferenceUnresolved = false;
|
||
|
+ m_rParser.m_pXSecController->setDate( m_rParser.m_ouDate );
|
||
|
}
|
||
|
+ }
|
||
|
|
||
|
- m_pXSecController->setDigestValue( m_nReferenceDigestID, m_ouDigestValue );
|
||
|
+ virtual void Characters(OUString const& rChars) override
|
||
|
+ {
|
||
|
+ if (!m_isIgnore)
|
||
|
+ {
|
||
|
+ m_rParser.m_ouDate += rChars;
|
||
|
+ }
|
||
|
}
|
||
|
- else if ( aName == "SignedInfo" )
|
||
|
+};
|
||
|
+
|
||
|
+class XSecParser::DcDescriptionContext
|
||
|
+ : public XSecParser::Context
|
||
|
+{
|
||
|
+ private:
|
||
|
+ OUString m_Value;
|
||
|
+
|
||
|
+ public:
|
||
|
+ DcDescriptionContext(XSecParser & rParser,
|
||
|
+ std::unique_ptr<SvXMLNamespaceMap> pOldNamespaceMap)
|
||
|
+ : XSecParser::Context(rParser, std::move(pOldNamespaceMap))
|
||
|
{
|
||
|
- m_pXSecController->setReferenceCount();
|
||
|
}
|
||
|
- else if ( aName == "SignatureValue" )
|
||
|
+
|
||
|
+ virtual void EndElement() override
|
||
|
{
|
||
|
- m_pXSecController->setSignatureValue( m_ouSignatureValue );
|
||
|
- m_bInSignatureValue = false;
|
||
|
+ m_rParser.m_pXSecController->setDescription(m_Value);
|
||
|
}
|
||
|
- else if (aName == "X509IssuerName")
|
||
|
+
|
||
|
+ virtual void Characters(OUString const& rChars) override
|
||
|
{
|
||
|
- m_pXSecController->setX509IssuerName( m_ouX509IssuerName );
|
||
|
- m_bInX509IssuerName = false;
|
||
|
+ m_Value += rChars;
|
||
|
}
|
||
|
- else if (aName == "X509SerialNumber")
|
||
|
+};
|
||
|
+
|
||
|
+class XSecParser::DsSignaturePropertyContext
|
||
|
+ : public XSecParser::Context
|
||
|
+{
|
||
|
+ public:
|
||
|
+ DsSignaturePropertyContext(XSecParser & rParser,
|
||
|
+ std::unique_ptr<SvXMLNamespaceMap> pOldNamespaceMap)
|
||
|
+ : XSecParser::Context(rParser, std::move(pOldNamespaceMap))
|
||
|
{
|
||
|
- m_pXSecController->setX509SerialNumber( m_ouX509SerialNumber );
|
||
|
- m_bInX509SerialNumber = false;
|
||
|
}
|
||
|
- else if (aName == "X509Certificate")
|
||
|
+
|
||
|
+ virtual void StartElement(
|
||
|
+ css::uno::Reference<css::xml::sax::XAttributeList> const& xAttrs) override
|
||
|
{
|
||
|
- m_pXSecController->setX509Certificate( m_ouX509Certificate );
|
||
|
- m_bInX509Certificate = false;
|
||
|
+ OUString const ouIdAttr(m_rParser.HandleIdAttr(xAttrs));
|
||
|
+ if (!ouIdAttr.isEmpty())
|
||
|
+ {
|
||
|
+ m_rParser.m_pXSecController->setPropertyId( ouIdAttr );
|
||
|
+ }
|
||
|
}
|
||
|
- else if (aName == "PGPKeyID")
|
||
|
+
|
||
|
+ virtual std::unique_ptr<Context> CreateChildContext(
|
||
|
+ std::unique_ptr<SvXMLNamespaceMap> pOldNamespaceMap,
|
||
|
+ sal_uInt16 const nNamespace, OUString const& rName) override
|
||
|
{
|
||
|
- m_pXSecController->setGpgKeyID( m_ouGpgKeyID );
|
||
|
- m_bInGpgKeyID = false;
|
||
|
+ if (nNamespace == XML_NAMESPACE_DC && rName == "date")
|
||
|
+ {
|
||
|
+ return std::make_unique<DcDateContext>(m_rParser, std::move(pOldNamespaceMap));
|
||
|
+ }
|
||
|
+ if (nNamespace == XML_NAMESPACE_DC && rName == "description")
|
||
|
+ {
|
||
|
+ return std::make_unique<DcDescriptionContext>(m_rParser, std::move(pOldNamespaceMap));
|
||
|
+ }
|
||
|
+ return XSecParser::Context::CreateChildContext(std::move(pOldNamespaceMap), nNamespace, rName);
|
||
|
}
|
||
|
- else if (aName == "PGPKeyPacket")
|
||
|
+};
|
||
|
+
|
||
|
+class XSecParser::DsSignaturePropertiesContext
|
||
|
+ : public XSecParser::Context
|
||
|
+{
|
||
|
+ public:
|
||
|
+ DsSignaturePropertiesContext(XSecParser & rParser,
|
||
|
+ std::unique_ptr<SvXMLNamespaceMap> pOldNamespaceMap)
|
||
|
+ : XSecParser::Context(rParser, std::move(pOldNamespaceMap))
|
||
|
{
|
||
|
- m_pXSecController->setGpgCertificate( m_ouGpgCertificate );
|
||
|
- m_bInGpgCertificate = false;
|
||
|
}
|
||
|
- else if (aName == "loext:PGPOwner")
|
||
|
+
|
||
|
+ virtual void StartElement(
|
||
|
+ css::uno::Reference<css::xml::sax::XAttributeList> const& xAttrs) override
|
||
|
{
|
||
|
- m_pXSecController->setGpgOwner( m_ouGpgOwner );
|
||
|
- m_bInGpgOwner = false;
|
||
|
+ m_rParser.HandleIdAttr(xAttrs);
|
||
|
}
|
||
|
- else if (aName == "xd:CertDigest")
|
||
|
+
|
||
|
+ virtual std::unique_ptr<Context> CreateChildContext(
|
||
|
+ std::unique_ptr<SvXMLNamespaceMap> pOldNamespaceMap,
|
||
|
+ sal_uInt16 const nNamespace, OUString const& rName) override
|
||
|
{
|
||
|
- m_pXSecController->setCertDigest( m_ouCertDigest );
|
||
|
- m_bInCertDigest = false;
|
||
|
+ if (nNamespace == XML_NAMESPACE_DS && rName == "SignatureProperty")
|
||
|
+ {
|
||
|
+ return std::make_unique<DsSignaturePropertyContext>(m_rParser, std::move(pOldNamespaceMap));
|
||
|
+ }
|
||
|
+ return XSecParser::Context::CreateChildContext(std::move(pOldNamespaceMap), nNamespace, rName);
|
||
|
}
|
||
|
- else if (aName == "xd:EncapsulatedX509Certificate" || aName == "xades:EncapsulatedX509Certificate")
|
||
|
+};
|
||
|
+
|
||
|
+class XSecParser::DsObjectContext
|
||
|
+ : public XSecParser::Context
|
||
|
+{
|
||
|
+ public:
|
||
|
+ DsObjectContext(XSecParser & rParser,
|
||
|
+ std::unique_ptr<SvXMLNamespaceMap> pOldNamespaceMap)
|
||
|
+ : XSecParser::Context(rParser, std::move(pOldNamespaceMap))
|
||
|
{
|
||
|
- m_pXSecController->addEncapsulatedX509Certificate( m_ouEncapsulatedX509Certificate );
|
||
|
- m_bInEncapsulatedX509Certificate = false;
|
||
|
}
|
||
|
- else if (aName == "xd:SigningTime" || aName == "xades:SigningTime")
|
||
|
+
|
||
|
+ virtual void StartElement(
|
||
|
+ css::uno::Reference<css::xml::sax::XAttributeList> const& xAttrs) override
|
||
|
{
|
||
|
- m_pXSecController->setDate( m_ouDate );
|
||
|
- m_bInSigningTime = false;
|
||
|
+ m_rParser.HandleIdAttr(xAttrs);
|
||
|
}
|
||
|
- else if (aName == "dc:date")
|
||
|
+
|
||
|
+ virtual std::unique_ptr<Context> CreateChildContext(
|
||
|
+ std::unique_ptr<SvXMLNamespaceMap> pOldNamespaceMap,
|
||
|
+ sal_uInt16 const nNamespace, OUString const& rName) override
|
||
|
{
|
||
|
- if (m_bInDate)
|
||
|
+ if (nNamespace == XML_NAMESPACE_DS && rName == "SignatureProperties")
|
||
|
{
|
||
|
- m_pXSecController->setDate( m_ouDate );
|
||
|
- m_bInDate = false;
|
||
|
+ return std::make_unique<DsSignaturePropertiesContext>(m_rParser, std::move(pOldNamespaceMap));
|
||
|
}
|
||
|
+ if (nNamespace == XML_NAMESPACE_XADES132 && rName == "QualifyingProperties")
|
||
|
+ {
|
||
|
+ return std::make_unique<XadesQualifyingPropertiesContext>(m_rParser, std::move(pOldNamespaceMap));
|
||
|
+ }
|
||
|
+ // missing: ds:Manifest
|
||
|
+ return XSecParser::Context::CreateChildContext(std::move(pOldNamespaceMap), nNamespace, rName);
|
||
|
}
|
||
|
- else if (aName == "dc:description")
|
||
|
+};
|
||
|
+
|
||
|
+class XSecParser::DsSignatureContext
|
||
|
+ : public XSecParser::Context
|
||
|
+{
|
||
|
+ public:
|
||
|
+ DsSignatureContext(XSecParser & rParser,
|
||
|
+ std::unique_ptr<SvXMLNamespaceMap> pOldNamespaceMap)
|
||
|
+ : XSecParser::Context(rParser, std::move(pOldNamespaceMap))
|
||
|
{
|
||
|
- m_pXSecController->setDescription( m_ouDescription );
|
||
|
- m_bInDescription = false;
|
||
|
}
|
||
|
- else if (aName == "loext:SignatureLineId")
|
||
|
+
|
||
|
+ virtual void StartElement(
|
||
|
+ css::uno::Reference<css::xml::sax::XAttributeList> const& xAttrs) override
|
||
|
{
|
||
|
- m_pXSecController->setSignatureLineId( m_ouSignatureLineId );
|
||
|
- m_bInSignatureLineId = false;
|
||
|
+ OUString const ouIdAttr(m_rParser.HandleIdAttr(xAttrs));
|
||
|
+ m_rParser.m_rXMLSignatureHelper.StartVerifySignatureElement();
|
||
|
+ m_rParser.m_pXSecController->addSignature();
|
||
|
+ if (!ouIdAttr.isEmpty())
|
||
|
+ {
|
||
|
+ m_rParser.m_pXSecController->setId( ouIdAttr );
|
||
|
+ }
|
||
|
}
|
||
|
- else if (aName == "loext:SignatureLineValidImage")
|
||
|
+
|
||
|
+ virtual std::unique_ptr<Context> CreateChildContext(
|
||
|
+ std::unique_ptr<SvXMLNamespaceMap> pOldNamespaceMap,
|
||
|
+ sal_uInt16 const nNamespace, OUString const& rName) override
|
||
|
{
|
||
|
- m_pXSecController->setValidSignatureImage( m_ouSignatureLineValidImage );
|
||
|
- m_bInSignatureLineValidImage = false;
|
||
|
+ if (nNamespace == XML_NAMESPACE_DS && rName == "SignedInfo")
|
||
|
+ {
|
||
|
+ return std::make_unique<DsSignedInfoContext>(m_rParser, std::move(pOldNamespaceMap));
|
||
|
+ }
|
||
|
+ if (nNamespace == XML_NAMESPACE_DS && rName == "SignatureValue")
|
||
|
+ {
|
||
|
+ return std::make_unique<DsSignatureValueContext>(m_rParser, std::move(pOldNamespaceMap));
|
||
|
+ }
|
||
|
+ if (nNamespace == XML_NAMESPACE_DS && rName == "KeyInfo")
|
||
|
+ {
|
||
|
+ return std::make_unique<DsKeyInfoContext>(m_rParser, std::move(pOldNamespaceMap));
|
||
|
+ }
|
||
|
+ if (nNamespace == XML_NAMESPACE_DS && rName == "Object")
|
||
|
+ {
|
||
|
+ return std::make_unique<DsObjectContext>(m_rParser, std::move(pOldNamespaceMap));
|
||
|
+ }
|
||
|
+ return XSecParser::Context::CreateChildContext(std::move(pOldNamespaceMap), nNamespace, rName);
|
||
|
}
|
||
|
- else if (aName == "loext:SignatureLineInvalidImage")
|
||
|
+};
|
||
|
+
|
||
|
+class XSecParser::DsigSignaturesContext
|
||
|
+ : public XSecParser::Context
|
||
|
+{
|
||
|
+ public:
|
||
|
+ DsigSignaturesContext(XSecParser & rParser,
|
||
|
+ std::unique_ptr<SvXMLNamespaceMap> pOldNamespaceMap)
|
||
|
+ : XSecParser::Context(rParser, std::move(pOldNamespaceMap))
|
||
|
{
|
||
|
- m_pXSecController->setInvalidSignatureImage( m_ouSignatureLineInvalidImage );
|
||
|
- m_bInSignatureLineInvalidImage = false;
|
||
|
}
|
||
|
|
||
|
- if (m_xNextHandler.is())
|
||
|
+ virtual std::unique_ptr<Context> CreateChildContext(
|
||
|
+ std::unique_ptr<SvXMLNamespaceMap> pOldNamespaceMap,
|
||
|
+ sal_uInt16 const nNamespace, OUString const& rName) override
|
||
|
{
|
||
|
- m_xNextHandler->endElement(aName);
|
||
|
+ if (nNamespace == XML_NAMESPACE_DS && rName == "Signature")
|
||
|
+ {
|
||
|
+ return std::make_unique<DsSignatureContext>(m_rParser, std::move(pOldNamespaceMap));
|
||
|
+ }
|
||
|
+ return XSecParser::Context::CreateChildContext(std::move(pOldNamespaceMap), nNamespace, rName);
|
||
|
}
|
||
|
- }
|
||
|
- catch (cssu::Exception& )
|
||
|
- {//getCaughtException MUST be the first line in the catch block
|
||
|
- cssu::Any exc = cppu::getCaughtException();
|
||
|
- throw cssxs::SAXException(
|
||
|
- "xmlsecurity: Exception in XSecParser::endElement",
|
||
|
- nullptr, exc);
|
||
|
- }
|
||
|
- catch (...)
|
||
|
- {
|
||
|
- throw cssxs::SAXException(
|
||
|
- "xmlsecurity: unexpected exception in XSecParser::endElement", nullptr,
|
||
|
- cssu::Any());
|
||
|
- }
|
||
|
+};
|
||
|
+
|
||
|
+
|
||
|
+XSecParser::XSecParser(XMLSignatureHelper& rXMLSignatureHelper,
|
||
|
+ XSecController* pXSecController)
|
||
|
+ : m_pNamespaceMap(new SvXMLNamespaceMap)
|
||
|
+ , m_pXSecController(pXSecController)
|
||
|
+ , m_rXMLSignatureHelper(rXMLSignatureHelper)
|
||
|
+{
|
||
|
+ using namespace xmloff::token;
|
||
|
+ m_pNamespaceMap->Add( GetXMLToken(XML_XML), GetXMLToken(XML_N_XML), XML_NAMESPACE_XML );
|
||
|
+ m_pNamespaceMap->Add( "_dsig_ooo", GetXMLToken(XML_N_DSIG_OOO), XML_NAMESPACE_DSIG_OOO );
|
||
|
+ m_pNamespaceMap->Add( "_dsig", GetXMLToken(XML_N_DSIG), XML_NAMESPACE_DSIG );
|
||
|
+ m_pNamespaceMap->Add( "_ds", GetXMLToken(XML_N_DS), XML_NAMESPACE_DS );
|
||
|
+ m_pNamespaceMap->Add( "_xades132", GetXMLToken(XML_N_XADES132), XML_NAMESPACE_XADES132);
|
||
|
+ m_pNamespaceMap->Add( "_xades141", GetXMLToken(XML_N_XADES141), XML_NAMESPACE_XADES141);
|
||
|
+ m_pNamespaceMap->Add( "_dc", GetXMLToken(XML_N_DC), XML_NAMESPACE_DC );
|
||
|
+ m_pNamespaceMap->Add( "_office_libo",
|
||
|
+ GetXMLToken(XML_N_LO_EXT), XML_NAMESPACE_LO_EXT);
|
||
|
}
|
||
|
|
||
|
-void SAL_CALL XSecParser::characters( const OUString& aChars )
|
||
|
+OUString XSecParser::HandleIdAttr(css::uno::Reference<css::xml::sax::XAttributeList> const& xAttrs)
|
||
|
{
|
||
|
- if (m_bInX509IssuerName)
|
||
|
- {
|
||
|
- m_ouX509IssuerName += aChars;
|
||
|
- }
|
||
|
- else if (m_bInX509SerialNumber)
|
||
|
+ OUString ouIdAttr = getIdAttr(xAttrs);
|
||
|
+ if (!ouIdAttr.isEmpty())
|
||
|
{
|
||
|
- m_ouX509SerialNumber += aChars;
|
||
|
+ m_pXSecController->collectToVerify( ouIdAttr );
|
||
|
}
|
||
|
- else if (m_bInX509Certificate)
|
||
|
- {
|
||
|
- m_ouX509Certificate += aChars;
|
||
|
- }
|
||
|
- else if (m_bInGpgCertificate)
|
||
|
- {
|
||
|
- m_ouGpgCertificate += aChars;
|
||
|
- }
|
||
|
- else if (m_bInGpgKeyID)
|
||
|
+ return ouIdAttr;
|
||
|
+}
|
||
|
+
|
||
|
+OUString XSecParser::getIdAttr(const css::uno::Reference< css::xml::sax::XAttributeList >& xAttribs )
|
||
|
+{
|
||
|
+ OUString ouIdAttr = xAttribs->getValueByName("id");
|
||
|
+
|
||
|
+ if (ouIdAttr.isEmpty())
|
||
|
{
|
||
|
- m_ouGpgKeyID += aChars;
|
||
|
+ ouIdAttr = xAttribs->getValueByName("Id");
|
||
|
}
|
||
|
- else if (m_bInGpgOwner)
|
||
|
+
|
||
|
+ return ouIdAttr;
|
||
|
+}
|
||
|
+
|
||
|
+/*
|
||
|
+ * XDocumentHandler
|
||
|
+ */
|
||
|
+void SAL_CALL XSecParser::startDocument( )
|
||
|
+{
|
||
|
+ if (m_xNextHandler.is())
|
||
|
{
|
||
|
- m_ouGpgOwner += aChars;
|
||
|
+ m_xNextHandler->startDocument();
|
||
|
}
|
||
|
- else if (m_bInSignatureValue)
|
||
|
+}
|
||
|
+
|
||
|
+void SAL_CALL XSecParser::endDocument( )
|
||
|
+{
|
||
|
+ if (m_xNextHandler.is())
|
||
|
{
|
||
|
- m_ouSignatureValue += aChars;
|
||
|
+ m_xNextHandler->endDocument();
|
||
|
}
|
||
|
- else if (m_bInDigestValue && !m_bInCertDigest)
|
||
|
+}
|
||
|
+
|
||
|
+void SAL_CALL XSecParser::startElement(
|
||
|
+ const OUString& rName,
|
||
|
+ const css::uno::Reference< css::xml::sax::XAttributeList >& xAttribs )
|
||
|
+{
|
||
|
+ assert(m_pNamespaceMap);
|
||
|
+ std::unique_ptr<SvXMLNamespaceMap> pRewindMap(
|
||
|
+ SvXMLImport::processNSAttributes(m_pNamespaceMap, nullptr, xAttribs));
|
||
|
+
|
||
|
+ OUString localName;
|
||
|
+ sal_uInt16 const nPrefix(m_pNamespaceMap->GetKeyByAttrName(rName, &localName));
|
||
|
+
|
||
|
+ std::unique_ptr<Context> pContext;
|
||
|
+
|
||
|
+ if (m_ContextStack.empty())
|
||
|
{
|
||
|
- m_ouDigestValue += aChars;
|
||
|
+ if ((nPrefix == XML_NAMESPACE_DSIG || nPrefix == XML_NAMESPACE_DSIG_OOO)
|
||
|
+ && localName == "document-signatures")
|
||
|
+ {
|
||
|
+ pContext.reset(new DsigSignaturesContext(*this, std::move(pRewindMap)));
|
||
|
+ }
|
||
|
+ else
|
||
|
+ {
|
||
|
+ throw css::xml::sax::SAXException(
|
||
|
+ "xmlsecurity: unexpected root element", nullptr,
|
||
|
+ css::uno::Any());
|
||
|
+ }
|
||
|
}
|
||
|
- else if (m_bInDate)
|
||
|
+ else
|
||
|
{
|
||
|
- m_ouDate += aChars;
|
||
|
+ pContext = m_ContextStack.top()->CreateChildContext(
|
||
|
+ std::move(pRewindMap), nPrefix, localName);
|
||
|
}
|
||
|
- else if (m_bInDescription)
|
||
|
+
|
||
|
+ m_ContextStack.push(std::move(pContext));
|
||
|
+ assert(!pRewindMap);
|
||
|
+
|
||
|
+ try
|
||
|
{
|
||
|
- m_ouDescription += aChars;
|
||
|
+ m_ContextStack.top()->StartElement(xAttribs);
|
||
|
+
|
||
|
+ if (m_xNextHandler.is())
|
||
|
+ {
|
||
|
+ m_xNextHandler->startElement(rName, xAttribs);
|
||
|
+ }
|
||
|
}
|
||
|
- else if (m_bInCertDigest)
|
||
|
- {
|
||
|
- m_ouCertDigest += aChars;
|
||
|
+ catch (css::uno::Exception& )
|
||
|
+ {//getCaughtException MUST be the first line in the catch block
|
||
|
+ css::uno::Any exc = cppu::getCaughtException();
|
||
|
+ throw css::xml::sax::SAXException(
|
||
|
+ "xmlsecurity: Exception in XSecParser::startElement",
|
||
|
+ nullptr, exc);
|
||
|
}
|
||
|
- else if (m_bInEncapsulatedX509Certificate)
|
||
|
+ catch (...)
|
||
|
{
|
||
|
- m_ouEncapsulatedX509Certificate += aChars;
|
||
|
+ throw css::xml::sax::SAXException(
|
||
|
+ "xmlsecurity: unexpected exception in XSecParser::startElement", nullptr,
|
||
|
+ css::uno::Any());
|
||
|
}
|
||
|
- else if (m_bInSigningTime)
|
||
|
+}
|
||
|
+
|
||
|
+void SAL_CALL XSecParser::endElement(const OUString& rName)
|
||
|
+{
|
||
|
+ assert(!m_ContextStack.empty()); // this should be checked by sax parser?
|
||
|
+
|
||
|
+ try
|
||
|
{
|
||
|
- m_ouDate += aChars;
|
||
|
+ m_ContextStack.top()->EndElement();
|
||
|
+
|
||
|
+ if (m_xNextHandler.is())
|
||
|
+ {
|
||
|
+ m_xNextHandler->endElement(rName);
|
||
|
+ }
|
||
|
}
|
||
|
- else if (m_bInSignatureLineId)
|
||
|
- {
|
||
|
- m_ouSignatureLineId += aChars;
|
||
|
+ catch (css::uno::Exception& )
|
||
|
+ {//getCaughtException MUST be the first line in the catch block
|
||
|
+ css::uno::Any exc = cppu::getCaughtException();
|
||
|
+ throw css::xml::sax::SAXException(
|
||
|
+ "xmlsecurity: Exception in XSecParser::endElement",
|
||
|
+ nullptr, exc);
|
||
|
}
|
||
|
- else if (m_bInSignatureLineValidImage)
|
||
|
+ catch (...)
|
||
|
{
|
||
|
- m_ouSignatureLineValidImage += aChars;
|
||
|
+ throw css::xml::sax::SAXException(
|
||
|
+ "xmlsecurity: unexpected exception in XSecParser::endElement", nullptr,
|
||
|
+ css::uno::Any());
|
||
|
}
|
||
|
- else if (m_bInSignatureLineInvalidImage)
|
||
|
+
|
||
|
+ if (m_ContextStack.top()->m_pOldNamespaceMap)
|
||
|
{
|
||
|
- m_ouSignatureLineInvalidImage += aChars;
|
||
|
+ m_pNamespaceMap = std::move(m_ContextStack.top()->m_pOldNamespaceMap);
|
||
|
}
|
||
|
+ m_ContextStack.pop();
|
||
|
+}
|
||
|
+
|
||
|
+void SAL_CALL XSecParser::characters(const OUString& rChars)
|
||
|
+{
|
||
|
+ assert(!m_ContextStack.empty()); // this should be checked by sax parser?
|
||
|
+ m_ContextStack.top()->Characters(rChars);
|
||
|
|
||
|
if (m_xNextHandler.is())
|
||
|
{
|
||
|
- m_xNextHandler->characters(aChars);
|
||
|
+ m_xNextHandler->characters(rChars);
|
||
|
}
|
||
|
}
|
||
|
|
||
|
diff --git a/xmlsecurity/source/helper/xsecparser.hxx b/xmlsecurity/source/helper/xsecparser.hxx
|
||
|
index d9b079aa3116..93efcb766e3e 100644
|
||
|
--- a/xmlsecurity/source/helper/xsecparser.hxx
|
||
|
+++ b/xmlsecurity/source/helper/xsecparser.hxx
|
||
|
@@ -25,6 +25,10 @@
|
||
|
|
||
|
#include <cppuhelper/implbase.hxx>
|
||
|
|
||
|
+#include <xmloff/nmspmap.hxx>
|
||
|
+
|
||
|
+#include <stack>
|
||
|
+
|
||
|
class XMLSignatureHelper;
|
||
|
class XSecController;
|
||
|
|
||
|
@@ -48,47 +52,59 @@ class XSecParser: public cppu::WeakImplHelper
|
||
|
******************************************************************************/
|
||
|
{
|
||
|
friend class XSecController;
|
||
|
+public:
|
||
|
+ class Context;
|
||
|
private:
|
||
|
+ class UnknownContext;
|
||
|
+ class LoPGPOwnerContext;
|
||
|
+ class DsPGPKeyPacketContext;
|
||
|
+ class DsPGPKeyIDContext;
|
||
|
+ class DsPGPDataContext;
|
||
|
+ class DsX509CertificateContext;
|
||
|
+ class DsX509SerialNumberContext;
|
||
|
+ class DsX509IssuerNameContext;
|
||
|
+ class DsX509IssuerSerialContext;
|
||
|
+ class DsX509DataContext;
|
||
|
+ class DsKeyInfoContext;
|
||
|
+ class DsSignatureValueContext;
|
||
|
+ class DsDigestValueContext;
|
||
|
+ class DsDigestMethodContext;
|
||
|
+ class DsTransformContext;
|
||
|
+ class DsTransformsContext;
|
||
|
+ class DsReferenceContext;
|
||
|
+ class DsSignatureMethodContext;
|
||
|
+ class DsSignedInfoContext;
|
||
|
+ class XadesEncapsulatedX509CertificateContext;
|
||
|
+ class XadesCertificateValuesContext;
|
||
|
+ class XadesUnsignedSignaturePropertiesContext;
|
||
|
+ class XadesUnsignedPropertiesContext;
|
||
|
+ class LoSignatureLineIdContext;
|
||
|
+ class LoSignatureLineValidImageContext;
|
||
|
+ class LoSignatureLineInvalidImageContext;
|
||
|
+ class LoSignatureLineContext;
|
||
|
+ class XadesCertDigestContext;
|
||
|
+ class XadesCertContext;
|
||
|
+ class XadesSigningCertificateContext;
|
||
|
+ class XadesSigningTimeContext;
|
||
|
+ class XadesSignedSignaturePropertiesContext;
|
||
|
+ class XadesSignedPropertiesContext;
|
||
|
+ class XadesQualifyingPropertiesContext;
|
||
|
+ class DcDateContext;
|
||
|
+ class DcDescriptionContext;
|
||
|
+ class DsSignaturePropertyContext;
|
||
|
+ class DsSignaturePropertiesContext;
|
||
|
+ class DsObjectContext;
|
||
|
+ class DsSignatureContext;
|
||
|
+ class DsigSignaturesContext;
|
||
|
+
|
||
|
/*
|
||
|
* the following members are used to reserve the signature information,
|
||
|
* including X509IssuerName, X509SerialNumber, and X509Certificate,etc.
|
||
|
*/
|
||
|
- OUString m_ouX509IssuerName;
|
||
|
- OUString m_ouX509SerialNumber;
|
||
|
- OUString m_ouX509Certificate;
|
||
|
- OUString m_ouGpgCertificate;
|
||
|
- OUString m_ouGpgKeyID;
|
||
|
- OUString m_ouGpgOwner;
|
||
|
- OUString m_ouCertDigest;
|
||
|
- OUString m_ouEncapsulatedX509Certificate;
|
||
|
- OUString m_ouDigestValue;
|
||
|
- OUString m_ouSignatureValue;
|
||
|
OUString m_ouDate;
|
||
|
- /// Characters of a <dc:description> element, as just read from XML.
|
||
|
- OUString m_ouDescription;
|
||
|
- OUString m_ouSignatureLineId;
|
||
|
- OUString m_ouSignatureLineValidImage;
|
||
|
- OUString m_ouSignatureLineInvalidImage;
|
||
|
|
||
|
- /*
|
||
|
- * whether inside a particular element
|
||
|
- */
|
||
|
- bool m_bInX509IssuerName;
|
||
|
- bool m_bInX509SerialNumber;
|
||
|
- bool m_bInX509Certificate;
|
||
|
- bool m_bInGpgCertificate;
|
||
|
- bool m_bInGpgKeyID;
|
||
|
- bool m_bInGpgOwner;
|
||
|
- bool m_bInCertDigest;
|
||
|
- bool m_bInEncapsulatedX509Certificate;
|
||
|
- bool m_bInSigningTime;
|
||
|
- bool m_bInDigestValue;
|
||
|
- bool m_bInSignatureValue;
|
||
|
- bool m_bInDate;
|
||
|
- bool m_bInDescription;
|
||
|
- bool m_bInSignatureLineId;
|
||
|
- bool m_bInSignatureLineValidImage;
|
||
|
- bool m_bInSignatureLineInvalidImage;
|
||
|
+ std::stack<std::unique_ptr<Context>> m_ContextStack;
|
||
|
+ std::unique_ptr<SvXMLNamespaceMap> m_pNamespaceMap;
|
||
|
|
||
|
/*
|
||
|
* the XSecController collaborating with XSecParser
|
||
|
@@ -101,22 +117,9 @@ private:
|
||
|
css::uno::Reference<
|
||
|
css::xml::sax::XDocumentHandler > m_xNextHandler;
|
||
|
|
||
|
- /*
|
||
|
- * this string is used to remember the current handled reference's URI,
|
||
|
- *
|
||
|
- * because it can be decided whether a stream reference is xml based or binary based
|
||
|
- * only after the Transforms element is read in, so we have to reserve the reference's
|
||
|
- * URI when the startElement event is met.
|
||
|
- */
|
||
|
- OUString m_currentReferenceURI;
|
||
|
- bool m_bReferenceUnresolved;
|
||
|
-
|
||
|
- // Relevant for ODF. The digest algorithm selected by the current DigestMethod element's
|
||
|
- // Algorithm attribute in the current Reference element. From css::xml::crypto::DigestID.
|
||
|
- sal_Int32 m_nReferenceDigestID;
|
||
|
XMLSignatureHelper& m_rXMLSignatureHelper;
|
||
|
|
||
|
-private:
|
||
|
+ OUString HandleIdAttr(css::uno::Reference<css::xml::sax::XAttributeList> const& xAttrs);
|
||
|
static OUString getIdAttr(const css::uno::Reference<
|
||
|
css::xml::sax::XAttributeList >& xAttribs );
|
||
|
|
||
|
--
|
||
|
2.32.0
|
||
|
|