.

verify cert (openssl only)
.
2026-03-06 11:48:01 +08:00 · 2017-06-16 15:17:31 +03:00 · 2017-06-16 15:07:35 +03:00 · 2017-06-15 14:26:43 +03:00 · 2017-06-15 12:58:07 +03:00
7 changed files with 73 additions and 1 deletions
--- a/DesktopEditor/xmlsec/src/include/XmlCertificate.h
+++ b/DesktopEditor/xmlsec/src/include/XmlCertificate.h
@ -12,6 +12,7 @@
 #define OPEN_SSL_WARNING_ERR        1
 #define OPEN_SSL_WARNING_ALL_OK     2
 #define OPEN_SSL_WARNING_PASS       4
+#define OPEN_SSL_WARNING_NOVERIFY   8

 class ICertificate;
 class Q_DECL_EXPORT ICertificateSelectDialogOpenSsl
@ -45,6 +46,7 @@ private:
    std::wstring m_name;
    std::string m_date;
    std::string m_id;
+    std::string m_rawData;

 public:
    CCertificateInfo()
@ -80,6 +82,15 @@ public:
    {
        m_id = id;
    }
+
+    std::string GetRawBase64()
+    {
+        return m_rawData;
+    }
+    void SetRawBase64(const std::string& data)
+    {
+        m_rawData = data;
+    }
 };

 class Q_DECL_EXPORT ICertificate
@ -102,6 +113,7 @@ public:

    virtual std::string GetDate()               = 0;
    virtual std::string GetId()                 = 0;
+    virtual int VerifySelf()                    = 0;

 public:
    virtual std::string Sign(const std::string& sXml)                                   = 0;
--- a/DesktopEditor/xmlsec/src/src/OOXMLSigner.cpp
+++ b/DesktopEditor/xmlsec/src/src/OOXMLSigner.cpp
@ -1,5 +1,8 @@
 #include "./../include/OOXMLSigner.h"
 #include "./../src/XmlTransform.h"
+#include <cstdio>
+#include <ctime>
+#include <time.h>

 class COOXMLSigner_private
 {
@ -28,6 +31,20 @@ public:

        m_date = L"2017-04-21T08:30:21Z";

+        std::time_t rawtime;
+        std::tm* timeinfo;
+        char buffer1[100];
+        char buffer2[100];
+
+        std::time(&rawtime);
+        timeinfo = std::gmtime(&rawtime);
+
+        std::strftime(buffer1, 100, "%Y-%m-%d", timeinfo);
+        std::strftime(buffer2, 100, "%H:%M:%S", timeinfo);
+
+        std::string date = (std::string(buffer1) + "T" + std::string(buffer2) + "Z");
+        m_date = NSFile::CUtf8Converter::GetUnicodeFromCharPtr(date);
+
        m_signed_info.WriteString("<CanonicalizationMethod Algorithm=\"http://www.w3.org/TR/2001/REC-xml-c14n-20010315\"/>");
        m_signed_info.WriteString("<SignatureMethod Algorithm=\"http://www.w3.org/2000/09/xmldsig#rsa-sha1\"/>");
    }
--- a/DesktopEditor/xmlsec/src/src/OOXMLVerifier.cpp
+++ b/DesktopEditor/xmlsec/src/src/OOXMLVerifier.cpp
@ -248,7 +248,13 @@ public:
        std::string sSignatureValue = U_TO_UTF8((m_node.ReadValueString(L"SignatureValue")));

        if (!m_cert->Verify(sSignatureCalcValue, sSignatureValue, nSignatureMethod))
-            m_valid = OOXML_SIGNATURE_INVALID;                
+            m_valid = OOXML_SIGNATURE_INVALID;
+        else
+        {
+            int nCertVerify = m_cert->VerifySelf();
+            if (OPEN_SSL_WARNING_NOVERIFY == nCertVerify)
+                m_valid = OOXML_SIGNATURE_INVALID;
+        }
    }

    XmlUtils::CXmlNode GetObjectById(std::string sId)
--- a/DesktopEditor/xmlsec/src/src/XmlCertificate.cpp
+++ b/DesktopEditor/xmlsec/src/src/XmlCertificate.cpp
@ -58,6 +58,7 @@ CCertificateInfo ICertificate::GetInfo()
    info.SetName(GetSignerName());
    info.SetDate(GetDate());
    info.SetId(GetId());
+    info.SetRawBase64(GetCertificateBase64());
    return info;
 }

--- a/DesktopEditor/xmlsec/src/src/XmlSigner_mscrypto.h
+++ b/DesktopEditor/xmlsec/src/src/XmlSigner_mscrypto.h
@ -131,6 +131,11 @@ public:
        return GetNumber();
    }

+    virtual int VerifySelf()
+    {
+        return OPEN_SSL_WARNING_OK;
+    }
+
 public:
    virtual std::string Sign(const std::string& sXml)
    {
--- a/DesktopEditor/xmlsec/src/src/XmlSigner_openssl.cpp
+++ b/DesktopEditor/xmlsec/src/src/XmlSigner_openssl.cpp
@ -328,6 +328,7 @@ public:
            RELEASEARRAYOBJECTS(pData);
            return (NULL == m_cert) ? false : true;
        }
+
        return false;
    }

@ -395,6 +396,8 @@ public:

        if (!id.empty())
            arr.push_back(id);
+        else if (3 == arr.size())
+            arr.push_back("");

        if (4 != arr.size())
            return false;
@ -422,6 +425,27 @@ public:
        m_pDialog = pDialog;
    }

+    int VerifySelf()
+    {
+        if (NULL == m_cert)
+            return OPEN_SSL_WARNING_NOVERIFY;
+
+        X509_STORE_CTX* ctx = X509_STORE_CTX_new();
+        X509_STORE* store = X509_STORE_new();
+
+        X509_STORE_add_cert(store, m_cert);
+        X509_STORE_CTX_init(ctx, store, m_cert, NULL);
+
+        int status = X509_verify_cert(ctx);
+        int nErr = X509_STORE_CTX_get_error(ctx);
+        std::string sErr(X509_verify_cert_error_string(nErr));
+
+        X509_STORE_free(store);
+        X509_STORE_CTX_free(ctx);
+
+        return (1 == status) ? OPEN_SSL_WARNING_OK : OPEN_SSL_WARNING_NOVERIFY;
+    }
+
 protected:
    tm ASN1_GetTimeT(ASN1_TIME* time)
    {
@ -714,6 +738,11 @@ std::string CCertificate_openssl::GetId()
    return m_internal->GetId();
 }

+int CCertificate_openssl::VerifySelf()
+{
+    return m_internal->VerifySelf();
+}
+
 std::string CCertificate_openssl::Sign(const std::string& sXml)
 {
    return m_internal->Sign(sXml);
--- a/DesktopEditor/xmlsec/src/src/XmlSigner_openssl.h
+++ b/DesktopEditor/xmlsec/src/src/XmlSigner_openssl.h
@ -26,6 +26,8 @@ public:

    virtual std::string GetId();

+    virtual int VerifySelf();
+
 public:
    virtual std::string Sign(const std::string& sXml);
Author	SHA1	Message	Date
Oleg Korshul	48587f55b3	.	2017-06-16 15:17:31 +03:00
Oleg Korshul	a505ae391d	verify cert (openssl only)	2017-06-16 15:07:35 +03:00
Oleg Korshul	c389801937	.	2017-06-15 14:26:43 +03:00
Oleg Korshul	24214cb561	.	2017-06-15 12:58:07 +03:00