From 5212d87b9f6f32b9b1ac5fb7e66b4d9461bced68 Mon Sep 17 00:00:00 2001 From: Raul Metsma Date: Tue, 6 Aug 2024 20:19:50 +0300 Subject: [PATCH] Use libxml2/xmsec1 for XAdES signature parsing and validation (#1280) IB-7948 Signed-off-by: Raul Metsma --- client/CMakeLists.txt | 8 ++--- client/Diagnostics_unix.cpp | 15 ++++----- client/Diagnostics_win.cpp | 66 +++++++++++++------------------------ qdigidoc4.wxs | 4 --- 4 files changed, 31 insertions(+), 62 deletions(-) diff --git a/client/CMakeLists.txt b/client/CMakeLists.txt index 916bf49b..ec4551b7 100644 --- a/client/CMakeLists.txt +++ b/client/CMakeLists.txt @@ -173,9 +173,9 @@ if( APPLE ) COMMAND rm $/Frameworks/digidocpp.framework/Resources/digidoc-tool COMMAND find $/Frameworks -name Headers | xargs rm -rf COMMAND install_name_tool -delete_rpath /Library/Frameworks $ - COMMAND ln -sf digidocpp.framework/Libraries/libcrypto.dylib + COMMAND ln -sf digidocpp.framework/Libraries/libcrypto.3.dylib $/Frameworks/libcrypto.3.dylib - COMMAND ln -sf digidocpp.framework/Libraries/libssl.dylib + COMMAND ln -sf digidocpp.framework/Libraries/libssl.3.dylib $/Frameworks/libssl.3.dylib ) @@ -267,10 +267,6 @@ elseif(WIN32) COMMAND ${CMAKE_COMMAND} -E copy ${LIBS_PATH}/libcrypto-3${OPENSSL_SUFFIX}.dll appx COMMAND ${CMAKE_COMMAND} -E copy ${LIBS_PATH}/libssl-3${OPENSSL_SUFFIX}.dll appx COMMAND ${CMAKE_COMMAND} -E copy ${LIBS_PATH}/zlib1.dll appx - COMMAND ${CMAKE_COMMAND} -E copy ${LIBS_PATH}/xerces-c_3_2.dll appx - COMMAND ${CMAKE_COMMAND} -E copy ${LIBS_PATH}/XalanMessages_1_12.dll appx - COMMAND ${CMAKE_COMMAND} -E copy ${LIBS_PATH}/Xalan-C_1_12.dll appx - COMMAND ${CMAKE_COMMAND} -E copy ${LIBS_PATH}/xsec_2_0.dll appx COMMAND ${CMAKE_COMMAND} -E copy ${LIBS_PATH}/libxml2.dll appx COMMAND ${CMAKE_COMMAND} -E copy ${LIBS_PATH}/libxmlsec1.dll appx COMMAND ${CMAKE_COMMAND} -E copy ${LIBS_PATH}/libxmlsec1-openssl.dll appx diff --git a/client/Diagnostics_unix.cpp b/client/Diagnostics_unix.cpp index 74055273..4bfb7801 100644 --- a/client/Diagnostics_unix.cpp +++ b/client/Diagnostics_unix.cpp @@ -28,14 +28,14 @@ #include #include -#ifdef Q_OS_MAC +#ifdef Q_OS_DARWIN #include #endif QStringList Diagnostics::packages(const QStringList &names, bool withName) { QStringList packages; -#ifdef Q_OS_MAC +#ifdef Q_OS_DARWIN Q_UNUSED(withName); for (const QString &name: names) { CFStringRef id = QStringLiteral("ee.ria.%1").arg(name).toCFString(); @@ -88,7 +88,7 @@ void Diagnostics::run() emit update( info ); info.clear(); -#ifndef Q_OS_MAC +#ifndef Q_OS_DARWIN QStringList package = packages({"open-eid"}, false); if( !package.isEmpty() ) s << "" << tr("Base version:") << " " << package.first() << "
"; @@ -98,7 +98,7 @@ void Diagnostics::run() info.clear(); s << "" << tr("OS:") << " " << Common::applicationOs() << "
"; -#ifndef Q_OS_MAC +#ifndef Q_OS_DARWIN s << "" << tr("CPU:") << " "; QFile f( "/proc/cpuinfo" ); if( f.open( QFile::ReadOnly ) ) @@ -124,12 +124,11 @@ void Diagnostics::run() << "OpenSSL build (" << QSslSocket::sslLibraryBuildVersionString() << ")
" << "OpenSSL current (" << QSslSocket::sslLibraryVersionString() << ")
" << packages({ -#ifdef Q_OS_MAC +#ifdef Q_OS_DARWIN "digidocpp" #else "libdigidocpp1", "qdigidoc4", "firefox-pkcs11-loader", "chrome-token-signing", "web-eid", - "libxerces-c3.2", "libxml-security-c20", "libxalan-c111", "libxalan-c112", - "openssl", "libpcsclite1", "pcsc-lite", "opensc", "awp" + "libxml2", "libxmlsec1", "libpcsclite1", "pcsc-lite", "opensc" #endif }).join(QStringLiteral("
")) << "

"; emit update( info ); @@ -139,7 +138,7 @@ void Diagnostics::run() emit update( info ); info.clear(); -#ifndef Q_OS_MAC +#ifndef Q_OS_DARWIN QStringList browsers = packages({"chromium-browser", "firefox", "MozillaFirefox", "google-chrome-stable"}); if( !browsers.isEmpty() ) s << "

" << tr("Browsers:") << "
" << browsers.join(QStringLiteral("
")) << "

"; diff --git a/client/Diagnostics_win.cpp b/client/Diagnostics_win.cpp index f5ea2015..31f333a4 100644 --- a/client/Diagnostics_win.cpp +++ b/client/Diagnostics_win.cpp @@ -30,6 +30,8 @@ #include +using namespace Qt::StringLiterals; + static QString getUserRights() { HANDLE hToken {}; @@ -76,25 +78,24 @@ static QString getUserRights() QStringList Diagnostics::packages(const QStringList &names, bool withName) { QStringList packages; - for(const QString &group: {QStringLiteral("HKEY_LOCAL_MACHINE"), QStringLiteral("HKEY_CURRENT_USER")}) + for(const QString &group: {u"HKEY_LOCAL_MACHINE"_s, u"HKEY_CURRENT_USER"_s}) { - QString path = QStringLiteral("%1\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Uninstall").arg(group); static const QVector formats = []() -> QVector { - if(QSysInfo::currentCpuArchitecture().contains(QStringLiteral("64"))) + if(QSysInfo::currentCpuArchitecture().contains("64"_L1)) return {QSettings::Registry32Format, QSettings::Registry64Format}; return {QSettings::Registry32Format}; }(); for(QSettings::Format format: formats) { - QSettings s(path, format); + QSettings s(u"%1\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\Uninstall"_s.arg(group), format); for(const QString &key: s.childGroups()) { s.beginGroup(key); - QString name = s.value(QStringLiteral("/DisplayName")).toString(); - QString version = s.value(QStringLiteral("/DisplayVersion")).toString(); - QString type = s.value(QStringLiteral("/ReleaseType")).toString(); - if(!type.contains(QStringLiteral("Update"), Qt::CaseInsensitive) && - !name.contains(QStringLiteral("Update"), Qt::CaseInsensitive) && + QString name = s.value("/DisplayName"_L1).toString(); + QString version = s.value("/DisplayVersion"_L1).toString(); + QString type = s.value("/ReleaseType"_L1).toString(); + if(!type.contains("Update"_L1, Qt::CaseInsensitive) && + !name.contains("Update"_L1, Qt::CaseInsensitive) && name.contains(QRegularExpression(names.join('|').prepend('^'), QRegularExpression::CaseInsensitiveOption))) packages.append(packageName(name, version, withName)); s.endGroup(); @@ -142,19 +143,14 @@ void Diagnostics::run() QByteArray path = qgetenv("PATH"); qputenv("PATH", path + ";C:\\Program Files\\Open-EID" - + ";C:\\Program Files\\TeRa Client" + ";C:\\Program Files\\EstIDMinidriver Minidriver" + ";C:\\Program Files (x86)\\Open-EID" - + ";C:\\Program Files (x86)\\TeRa Client" + ";C:\\Program Files (x86)\\EstIDMinidriver Minidriver"); SetDllDirectory(LPCWSTR(qApp->applicationDirPath().utf16())); static const QStringList dlls{ - "digidoc", "digidocpp", "qdigidoc4.exe", "qdigidocclient.exe", "qesteidutil.exe", "id-updater.exe", "qdigidoc_tera_gui.exe", - "esteidcm", "esteidcm64", "EstIDMinidriver", "EstIDMinidriver64", "onepin-opensc-pkcs11", "EsteidShellExtension", - "esteid-plugin-ie", "esteid-plugin-ie64", "chrome-token-signing.exe", "web-eid.exe", - "libcrypto-3", "libssl-3", "libcrypto-3-x64", "libssl-3-x64", "libcrypto-1_1", "libssl-1_1", "libcrypto-1_1-x64", "libssl-1_1-x64", - "zlib1", "xerces-c_3_1", "xerces-c_3_2", "xalan-c_1_12", "xalanmessages_1_12", "xsec_1_7", "xsec_2_0", "libxml2", - "advapi32", "crypt32", "winscard"}; + "digidocpp", "qdigidoc4.exe", "EsteidShellExtension", "id-updater.exe", + "EstIDMinidriver", "EstIDMinidriver64", "web-eid.exe", + "zlib1", "libxml2", "libxmlsec1", "libxmlsec1-openssl"}; for(const QString &lib: dlls) { DWORD infoHandle {}; @@ -168,7 +164,7 @@ void Diagnostics::run() UINT len {}; if( !VerQueryValueW( data.constData(), L"\\", (LPVOID*)&info, &len ) ) continue; - s << QStringLiteral("%1 (%2.%3.%4.%5)").arg(lib) + s << u"%1 (%2.%3.%4.%5)"_s.arg(lib) .arg( HIWORD(info->dwFileVersionMS) ) .arg( LOWORD(info->dwFileVersionMS) ) .arg( HIWORD(info->dwFileVersionLS) ) @@ -181,53 +177,35 @@ void Diagnostics::run() emit update( info ); info.clear(); - enum { - Running, - Stopped, - NotFound - } atrfiltr = NotFound, certprop = NotFound; + QString atrfiltr = tr("Not found"); + QString certprop = tr("Not found"); if(SC_HANDLE h = OpenSCManager(nullptr, nullptr, SC_MANAGER_CONNECT)) { if( SC_HANDLE s = OpenService( h, L"atrfiltr", SERVICE_QUERY_STATUS ) ) { SERVICE_STATUS status {}; QueryServiceStatus( s, &status ); - atrfiltr = (status.dwCurrentState == SERVICE_RUNNING) ? Running : Stopped; + atrfiltr = status.dwCurrentState == SERVICE_RUNNING ? tr("Running") : tr("Not running"); CloseServiceHandle( s ); } if( SC_HANDLE s = OpenService( h, L"CertPropSvc", SERVICE_QUERY_STATUS )) { SERVICE_STATUS status {}; QueryServiceStatus( s, &status ); - certprop = (status.dwCurrentState == SERVICE_RUNNING) ? Running : Stopped; + certprop = status.dwCurrentState == SERVICE_RUNNING ? tr("Running") : tr("Not running"); CloseServiceHandle( s ); } CloseServiceHandle( h ); } - s << "
" << tr("ATRfiltr service status: ") << "" << " "; - switch( atrfiltr ) - { - case NotFound: s << tr("Not found"); break; - case Stopped: s << tr("Not running"); break; - case Running: s << tr("Running"); break; - } - s << "
" << tr("Certificate Propagation service status: ") << "" << " "; - switch( certprop ) - { - case NotFound: s << tr("Not found"); break; - case Stopped: s << tr("Not running"); break; - case Running: s << tr("Running"); break; - } - s << "
"; + s << "
" << tr("ATRfiltr service status: ") << "" << tr("Certificate Propagation service status: ") << " " << certprop << "
"; generalInfo( s ); emit update( info ); info.clear(); - QStringList browsers = packages({"Mozilla Firefox", "Google Chrome", "Microsoft EDGE"}); - QSettings reg(QStringLiteral("HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Internet Explorer"), QSettings::NativeFormat); - browsers << QStringLiteral("Internet Explorer (%1)").arg(reg.value("svcVersion", reg.value("Version")).toString()); - s << "

" << tr("Browsers:") << "
" << browsers.join(QStringLiteral("
")) << "

"; + s << "

" << tr("Browsers:") << "
" + << packages({"Mozilla Firefox", "Google Chrome", "Microsoft EDGE"}).join("
"_L1) << "

"; emit update( info ); info.clear(); } diff --git a/qdigidoc4.wxs b/qdigidoc4.wxs index 43d1708e..d669a008 100644 --- a/qdigidoc4.wxs +++ b/qdigidoc4.wxs @@ -96,10 +96,6 @@ - - - -