gpg4libre: share static xmlsec lib between nss and gpg

In the end, the gpgme implementation uses enough of xmlsec functionality that splitting those (and ending up with two copies) was just not worth it. Change-Id: Ida87c848e4e6a770e3c697add9ceb589a9ec3930

gpg4libre: share static xmlsec lib between nss and gpg
In the end, the gpgme implementation uses enough of xmlsec functionality that splitting those (and ending up with two copies) was just not worth it. Change-Id: Ida87c848e4e6a770e3c697add9ceb589a9ec3930
06d7dbb3 · Thorsten Behrens · f172c37f · 06d7dbb3 · 06d7dbb3 · f172c37f
Kaydet (Commit) 06d7dbb3 authored May 21, 2017 tarafından Thorsten Behrens
16 changed files
--- a/postprocess/Rdb_services.mk
+++ b/postprocess/Rdb_services.mk
@@ -109,9 +109,6 @@ $(eval $(call gb_Rdb_add_components,services,\
 	xmloff/util/xo \
 	xmlscript/util/xmlscript \
 	$(if $(ENABLE_NSS), \
-		$(if $(filter-out WNT MACOSX ANDROID IOS,$(OS)), \
-			xmlsecurity/util/xsec_gpg \
-		) \
 		xmlsecurity/util/xmlsecurity \
 		xmlsecurity/util/xsec_xmlsec$(if $(filter WNT,$(OS)),.windows)) \
 	$(if $(ENABLE_COINMP), \

--- a/xmlsecurity/Library_xmlsecurity.mk
+++ b/xmlsecurity/Library_xmlsecurity.mk
@@ -45,12 +45,6 @@ $(eval $(call gb_Library_use_libraries,xmlsecurity,\
 	xsec_xmlsec \
 ))

-ifneq ($(filter-out WNT MACOSX ANDROID IOS,$(OS)),)
-$(eval $(call gb_Library_use_libraries,xmlsecurity,\
-	xsec_gpg \
-))
-endif
-
 $(eval $(call gb_Library_add_exception_objects,xmlsecurity,\
 	xmlsecurity/source/component/certificatecontainer \
 	xmlsecurity/source/component/documentdigitalsignatures \

--- a/xmlsecurity/Library_xsec_gpg.mk
+++ b/xmlsecurity/Library_xsec_gpg.mk
-# -*- Mode: makefile-gmake; tab-width: 4; indent-tabs-mode: t -*-
-#
-# This file is part of the LibreOffice project.
-#
-# This Source Code Form is subject to the terms of the Mozilla Public
-# License, v. 2.0. If a copy of the MPL was not distributed with this
-# file, You can obtain one at http://mozilla.org/MPL/2.0/.
-#
-
-$(eval $(call gb_Library_Library,xsec_gpg))
-
-$(eval $(call gb_Library_set_componentfile,xsec_gpg,xmlsecurity/util/xsec_gpg))
-
-$(eval $(call gb_Library_set_include,xsec_gpg,\
-	$$(INCLUDE) \
-	-I$(SRCDIR)/xmlsecurity/inc \
-	-I$(SRCDIR)/xmlsecurity/source/gpg \
-	-I$(call gb_UnpackedTarball_get_dir,xmlsec/include \
-)))
-
-$(eval $(call gb_Library_add_defs,xsec_gpg,\
-	-DXMLSEC_NO_XSLT \
-	-DXMLSEC_CRYPTO_NSS \
-	-DXSECGPG_DLLIMPLEMENTATION \
-))
-
-$(eval $(call gb_Library_use_custom_headers,xsec_gpg,\
-	officecfg/registry \
-))
-
-$(eval $(call gb_Library_use_sdk_api,xsec_gpg))
-
-$(eval $(call gb_Library_set_precompiled_header,xsec_gpg,$(SRCDIR)/xmlsecurity/inc/pch/precompiled_xsec_gpg))
-
-$(eval $(call gb_Library_use_packages,xsec_gpg,\
-	xmlsec \
-))
-$(eval $(call gb_Library_use_externals,xsec_gpg,\
-	boost_headers \
-	libxml2 \
-	nss3 \
-	gpgmepp))
-
-$(eval $(call gb_Library_use_libraries,xsec_gpg,\
-	comphelper \
-	cppu \
-	cppuhelper \
-	sal \
-	svl \
-	tl \
-	xo \
-	xsec_xmlsec \
-))
-
-$(eval $(call gb_Library_add_defs,xsec_gpg,\
-	-DXMLSEC_CRYPTO_NSS \
-))
-$(eval $(call gb_Library_add_libs,xsec_gpg,\
-	$(call gb_UnpackedTarball_get_dir,xmlsec)/src/nss/.libs/libxmlsec1-nss.a \
-	$(call gb_UnpackedTarball_get_dir,xmlsec)/src/.libs/libxmlsec1.a \
-))
-
-$(eval $(call gb_Library_add_exception_objects,xsec_gpg,\
-	xmlsecurity/source/gpg/CertificateImpl \
-	xmlsecurity/source/gpg/CipherContext \
-	xmlsecurity/source/gpg/DigestContext \
-	xmlsecurity/source/gpg/GpgComponentFactory \
-	xmlsecurity/source/gpg/SecurityEnvironment \
-	xmlsecurity/source/gpg/SEInitializer \
-	xmlsecurity/source/gpg/XMLEncryption \
-	xmlsecurity/source/gpg/XMLSecurityContext \
-	xmlsecurity/source/gpg/xmlsignature_gpgimpl \
-))
-
-# vim: set noet sw=4 ts=4:
--- a/xmlsecurity/Library_xsec_xmlsec.mk
+++ b/xmlsecurity/Library_xsec_xmlsec.mk
@@ -18,6 +18,7 @@ endif
 $(eval $(call gb_Library_set_include,xsec_xmlsec,\
 	$$(INCLUDE) \
 	-I$(SRCDIR)/xmlsecurity/inc \
+	-I$(SRCDIR)/xmlsecurity/source/gpg \
 	-I$(SRCDIR)/xmlsecurity/source/xmlsec \
 	-I$(call gb_UnpackedTarball_get_dir,xmlsec/include) \
 ))
@@ -52,6 +53,11 @@ $(eval $(call gb_Library_use_externals,xsec_xmlsec,\
 	boost_headers \
 	libxml2 \
 ))
+ifneq ($(filter-out WNT MACOSX ANDROID IOS,$(OS)),)
+$(eval $(call gb_Library_use_externals,xsec_xmlsec,\
+	gpgmepp \
+))
+endif

 $(eval $(call gb_Library_add_exception_objects,xsec_xmlsec,\
 	xmlsecurity/source/xmlsec/biginteger \
@@ -69,6 +75,19 @@ $(eval $(call gb_Library_add_exception_objects,xsec_xmlsec,\
 	xmlsecurity/source/xmlsec/nss/xsec_nss \
 ))

+ifneq ($(filter-out WNT MACOSX ANDROID IOS,$(OS)),)
+$(eval $(call gb_Library_add_exception_objects,xsec_xmlsec,\
+	xmlsecurity/source/gpg/CertificateImpl \
+	xmlsecurity/source/gpg/CipherContext \
+	xmlsecurity/source/gpg/DigestContext \
+	xmlsecurity/source/gpg/SecurityEnvironment \
+	xmlsecurity/source/gpg/SEInitializer \
+	xmlsecurity/source/gpg/XMLEncryption \
+	xmlsecurity/source/gpg/XMLSecurityContext \
+	xmlsecurity/source/gpg/xmlsignature_gpgimpl \
+))
+endif
+
 ifeq ($(OS),WNT)

 $(eval $(call gb_Library_add_defs,xsec_xmlsec,\

--- a/xmlsecurity/Module_xmlsecurity.mk
+++ b/xmlsecurity/Module_xmlsecurity.mk
@@ -19,12 +19,6 @@ $(eval $(call gb_Module_add_targets,xmlsecurity,\
 	Library_xsec_xmlsec \
 ))

-ifneq ($(filter-out WNT MACOSX ANDROID IOS,$(OS)),)
-$(eval $(call gb_Module_add_targets,xmlsecurity,\
-	Library_xsec_gpg \
-))
-endif
-
 $(eval $(call gb_Module_add_slowcheck_targets,xmlsecurity,\
    CppunitTest_xmlsecurity_signing \
    CppunitTest_xmlsecurity_pdfsigning \

--- a/xmlsecurity/inc/xmlsec/xmlstreamio.hxx
+++ b/xmlsecurity/inc/xmlsec/xmlstreamio.hxx
@@ -25,13 +25,11 @@

 #include <xsecxmlsecdllapi.h>

-int xmlEnableStreamInputCallbacks() ;
-void xmlDisableStreamInputCallbacks() ;
-
+XSECXMLSEC_DLLPUBLIC int xmlEnableStreamInputCallbacks() ;
+XSECXMLSEC_DLLPUBLIC void xmlDisableStreamInputCallbacks() ;
 XSECXMLSEC_DLLPUBLIC int xmlRegisterStreamInputCallbacks(
    css::uno::Reference< css::xml::crypto::XUriBinding >& aUriBinding
-) ;
-
+);
 XSECXMLSEC_DLLPUBLIC int xmlUnregisterStreamInputCallbacks() ;

 #endif // INCLUDED_XMLSECURITY_SOURCE_XMLSEC_XMLSTREAMIO_HXX

--- a/xmlsecurity/source/gpg/XMLSecurityContext.cxx
+++ b/xmlsecurity/source/gpg/XMLSecurityContext.cxx
@@ -10,6 +10,9 @@
 #include "XMLSecurityContext.hxx"
 #include "SecurityEnvironment.hxx"

+#include "xmlsec/xmlstreamio.hxx"
+#include "xmlsec-wrapper.h"
+
 using namespace css::uno;
 using namespace css::lang;
 using namespace css::xml::crypto;
@@ -17,10 +20,32 @@ using namespace css::xml::crypto;
 XMLSecurityContextGpg::XMLSecurityContextGpg()
    : m_nDefaultEnvIndex(-1)
 {
+    // TODO: same code in XMLSecurityContext_NssImpl, not a good idea
+    // prolly to initialize twice ...
+    //Init xmlsec library
+    if( xmlSecInit() < 0 ) {
+        throw RuntimeException() ;
+    }
+
+    //Init xmlsec crypto engine library
+    if( xmlSecCryptoInit() < 0 ) {
+        xmlSecShutdown() ;
+        throw RuntimeException() ;
+    }
+
+    //Enable external stream handlers
+    if( xmlEnableStreamInputCallbacks() < 0 ) {
+        xmlSecCryptoShutdown() ;
+        xmlSecShutdown() ;
+        throw RuntimeException() ;
+    }
 }

 XMLSecurityContextGpg::~XMLSecurityContextGpg()
 {
+    xmlDisableStreamInputCallbacks() ;
+    xmlSecCryptoShutdown() ;
+    xmlSecShutdown() ;
 }

 sal_Int32 SAL_CALL XMLSecurityContextGpg::addSecurityEnvironment(

--- a/xmlsecurity/source/gpg/xmlsignature_gpgimpl.cxx
+++ b/xmlsecurity/source/gpg/xmlsignature_gpgimpl.cxx
@@ -92,12 +92,15 @@ SAL_CALL XMLSignature_GpgImpl::generate(
            throw RuntimeException() ;
    }

+#if 0
    //Get Keys Manager
    SecurityEnvironmentGpg* pSecEnv =
        dynamic_cast<SecurityEnvironmentGpg*>(aEnvironment.get());
    if( pSecEnv == nullptr )
        throw RuntimeException() ;
+#endif

+    // TODO pSecEnv is still from nss, roll our own impl there
    // TODO figure out key from pSecEnv!
    // unclear how/where that is transported in nss impl...
    setErrorRecorder();

--- a/xmlsecurity/source/helper/documentsignaturehelper.cxx
+++ b/xmlsecurity/source/helper/documentsignaturehelper.cxx
@@ -554,7 +554,8 @@ void DocumentSignatureHelper::writeSignedProperties(
    writeDigestMethod(xDocumentHandler);

    xDocumentHandler->startElement("DigestValue", uno::Reference<xml::sax::XAttributeList>(new SvXMLAttributeList()));
-    assert(!signatureInfo.ouCertDigest.isEmpty());
+    // TODO: this is empty for gpg signatures currently
+    //assert(!signatureInfo.ouCertDigest.isEmpty());
    xDocumentHandler->characters(signatureInfo.ouCertDigest);
    xDocumentHandler->endElement("DigestValue");


--- a/xmlsecurity/source/helper/documentsignaturemanager.cxx
+++ b/xmlsecurity/source/helper/documentsignaturemanager.cxx
@@ -251,11 +251,12 @@ bool DocumentSignatureManager::add(const uno::Reference<security::XCertificate>&
        return false;
    }

+    // TODO: no serial number currently on gpg keys - better/more
+    // discriminative error handling?
    OUString aCertSerial = xmlsecurity::bigIntegerToNumericString(xCert->getSerialNumber());
    if (aCertSerial.isEmpty())
    {
        SAL_WARN("xmlsecurity.helper", "Error in Certificate, problem with serial number!");
-        return false;
    }

    if (!mxStore.is())
@@ -292,6 +293,9 @@ bool DocumentSignatureManager::add(const uno::Reference<security::XCertificate>&

    maSignatureHelper.SetX509Certificate(nSecurityId, xCert->getIssuerName(), aCertSerial, aStrBuffer.makeStringAndClear(), aCertDigest);

+#if 0
+    // TODO: so this currently uses an NSS security environment,
+    // think how to do that more generically
    uno::Sequence< uno::Reference< security::XCertificate > > aCertPath = getSecurityEnvironment()->buildCertificatePath(xCert);
    const uno::Reference< security::XCertificate >* pCertPath = aCertPath.getConstArray();
    sal_Int32 nCnt = aCertPath.getLength();
@@ -301,6 +305,7 @@ bool DocumentSignatureManager::add(const uno::Reference<security::XCertificate>&
        sax::Converter::encodeBase64(aStrBuffer, pCertPath[i]->getEncoded());
        maSignatureHelper.AddEncapsulatedX509Certificate(aStrBuffer.makeStringAndClear());
    }
+#endif

    std::vector< OUString > aElements = DocumentSignatureHelper::CreateElementList(mxStore, meSignatureMode, DocumentSignatureAlgorithm::OOo3_2);
    DocumentSignatureHelper::AppendContentTypes(mxStore, aElements);

--- a/xmlsecurity/source/helper/xsecctl.cxx
+++ b/xmlsecurity/source/helper/xsecctl.cxx
@@ -124,8 +124,9 @@ void XSecController::createXSecComponent( )

    cssu::Reference< cssl::XMultiComponentFactory > xMCF( mxCtx->getServiceManager() );

+    // TODO: have two services here, one for x509, one for gpg?
    m_xXMLSignature.set(
-        xMCF->createInstanceWithContext("com.sun.star.xml.crypto.XMLSignature", mxCtx ),
+        xMCF->createInstanceWithContext("com.sun.star.xml.crypto.XMLSignature2", mxCtx ),
        cssu::UNO_QUERY );

    bool bSuccess = m_xXMLSignature.is();

--- a/xmlsecurity/source/xmlsec/nss/xmlsecuritycontext_nssimpl.cxx
+++ b/xmlsecurity/source/xmlsec/nss/xmlsecuritycontext_nssimpl.cxx
@@ -37,6 +37,7 @@ using ::com::sun::star::xml::crypto::XXMLSecurityContext ;
 XMLSecurityContext_NssImpl::XMLSecurityContext_NssImpl()
    : m_nDefaultEnvIndex(-1)
 {
+#if 0
    //Init xmlsec library
    if( xmlSecInit() < 0 ) {
        throw RuntimeException() ;
@@ -54,13 +55,16 @@ XMLSecurityContext_NssImpl::XMLSecurityContext_NssImpl()
        xmlSecShutdown() ;
        throw RuntimeException() ;
    }
+#endif
 }

 XMLSecurityContext_NssImpl::~XMLSecurityContext_NssImpl()
 {
+#if 0
    xmlDisableStreamInputCallbacks() ;
    xmlSecCryptoShutdown() ;
    xmlSecShutdown() ;
+#endif
 }

 sal_Int32 SAL_CALL XMLSecurityContext_NssImpl::addSecurityEnvironment(

--- a/xmlsecurity/source/xmlsec/xmlstreamio.cxx
+++ b/xmlsecurity/source/xmlsec/xmlstreamio.cxx
@@ -145,7 +145,7 @@ int xmlStreamClose( void * context )
    return 0 ;
 }

-int xmlEnableStreamInputCallbacks()
+XSECXMLSEC_DLLPUBLIC int xmlEnableStreamInputCallbacks()
 {

    if( !( enableXmlStreamIO & XMLSTREAMIO_INITIALIZED ) ) {
@@ -210,7 +210,7 @@ XSECXMLSEC_DLLPUBLIC int xmlUnregisterStreamInputCallbacks()
    return 0 ;
 }

-void xmlDisableStreamInputCallbacks() {
+XSECXMLSEC_DLLPUBLIC void xmlDisableStreamInputCallbacks() {
    xmlUnregisterStreamInputCallbacks() ;
    enableXmlStreamIO &= ~XMLSTREAMIO_INITIALIZED ;
 }

--- a/xmlsecurity/source/xmlsec/xsec_xmlsec.cxx
+++ b/xmlsecurity/source/xmlsec/xsec_xmlsec.cxx
@@ -26,6 +26,7 @@
 #include "xmlsec/xmlelementwrapper_xmlsecimpl.hxx"
 #include "xmlsec/xmldocumentwrapper_xmlsecimpl.hxx"
 #include "xsec_xmlsec.hxx"
+#include "xmlsignature_gpgimpl.hxx"

 using namespace ::cppu;
 using namespace ::com::sun::star::uno;
@@ -40,7 +41,11 @@ SAL_DLLPUBLIC_EXPORT void* SAL_CALL xsec_xmlsec_component_getFactory( const sal_
    Reference< XInterface > xFactory ;

    if( pImplName != nullptr ) {
-        if( XMLElementWrapper_XmlSecImpl_getImplementationName().equalsAscii( pImplName ) )
+        if( XMLSignature_GpgImpl::impl_getImplementationName().equalsAscii( pImplName ) )
+        {
+            xFactory = XMLSignature_GpgImpl::impl_createFactory( static_cast< XMultiServiceFactory* >( pServiceManager ) ) ;
+        }
+        else if( XMLElementWrapper_XmlSecImpl_getImplementationName().equalsAscii( pImplName ) )
        {
            xFactory = cppu::createSingleComponentFactory(
                XMLElementWrapper_XmlSecImpl_createInstance,

--- a/xmlsecurity/util/xsec_gpg.component
+++ b/xmlsecurity/util/xsec_gpg.component
-<?xml version="1.0" encoding="UTF-8"?>
-<!--
- * This file is part of the LibreOffice project.
- *
- * This Source Code Form is subject to the terms of the Mozilla Public
- * License, v. 2.0. If a copy of the MPL was not distributed with this
- * file, You can obtain one at http://mozilla.org/MPL/2.0/.
- *
- * This file incorporates work covered by the following license notice:
- *
- *   Licensed to the Apache Software Foundation (ASF) under one or more
- *   contributor license agreements. See the NOTICE file distributed
- *   with this work for additional information regarding copyright
- *   ownership. The ASF licenses this file to you under the Apache
- *   License, Version 2.0 (the "License"); you may not use this file
- *   except in compliance with the License. You may obtain a copy of
- *   the License at http://www.apache.org/licenses/LICENSE-2.0 .
- -->
-
-<component loader="com.sun.star.loader.SharedLibrary" environment="@CPPU_ENV@"
-    prefix="xsec_gpg" xmlns="http://openoffice.org/2010/uno-components">
-  <implementation name="com.sun.star.xml.security.bridge.xmlsec.XMLSignature_GpgImpl">
-    <service name="com.sun.star.xml.crypto.XMLSignature2"/>
-  </implementation>
-</component>
--- a/xmlsecurity/util/xsec_xmlsec.component
+++ b/xmlsecurity/util/xsec_xmlsec.component
@@ -22,6 +22,9 @@
  <implementation name="com.sun.star.comp.security.SerialNumberAdapter">
    <service name="com.sun.star.security.SerialNumberAdapter"/>
  </implementation>
+  <implementation name="com.sun.star.xml.security.bridge.xmlsec.XMLSignature_GpgImpl">
+    <service name="com.sun.star.xml.crypto.XMLSignature2"/>
+  </implementation>
  <implementation name="com.sun.star.xml.security.bridge.xmlsec.SEInitializer_NssImpl">
    <service name="com.sun.star.xml.crypto.NSSInitializer"/>
    <service name="com.sun.star.xml.crypto.SEInitializer"/>