BOOL parseRootTsl(PSTR IN url, TCertListPtr IN pCertList, TURLListPtr IN URLListPtr)
{
BOOL ret;
IXMLDOMDocument2Ptr pXMLDoc;
LPWSTR pInsertStrings[2] = {NULL, NULL};
LPCWSTR searchTerm;
MSXML2::IXMLDOMElementPtr pXMLDocElement = NULL;
MSXML2::IXMLDOMNodeListPtr pXMLDomNodeList = NULL;
INT i;
pInsertStrings[0] = (LPWSTR) _strdup(url);
ret = ReportEvent(hEventLog, EVENTLOG_INFORMATION_TYPE, CAT_TSL_PARSER, TSL_PARSE_START, NULL, 1, 0, (LPCWSTR*)pInsertStrings, NULL);
printf("Opening %s...\n", url);
// add currently processed URL
ret = addUrl( url, &URLListPtr);
// initialize XML trees
CoInitialize(NULL);
// attempt to fetch TSL file from Internet
pXMLDoc = TslFetch(url);
try{
#define DSIG_NS L"xmlns:tsl='http://uri.etsi.org/02231/v2#' xmlns:tslx='http://uri.etsi.org/02231/v2/additionaltypes#'"
// Initialize XML parser
pXMLDoc->async = VARIANT_FALSE;
pXMLDoc->setProperty("SelectionLanguage", "XPath"); // tell MSXML that we will use XPath syntax
pXMLDoc->setProperty("SelectionNamespaces", DSIG_NS); // set namespace
pXMLDocElement = pXMLDoc->documentElement;
// Structure for root TSL (root=true)
// OtherTSLPointer
// +- ServiceDigitalIdentities
// +- ServiceDigitalIdentity
// +- DigitalId
// +- X509Certificate CERT - we add this to GlobalCertList
// +- TSLLocation SUB-TSL - we parse this recursively
// +- AdditionalInformation
// +- OtherInformation*
// +- tslx:MimeType MIME - need this to skip PDF files
// +- OtherInformation*
// +- SchemeOperatorName
// +- Name
searchTerm = L"//tsl:TSLLocation[../tsl:AdditionalInformation/tsl:OtherInformation/tslx:MimeType='application/vnd.etsi.tsl+xml']";
pXMLDomNodeList = pXMLDocElement->selectNodes(searchTerm);
INT count = 0;
count = pXMLDomNodeList->length;
wprintf(L"XML query: %s\n", searchTerm);
printf("Found %d nodes.\n", count);
for(i=0; i<count; i++) {
// process sub-TSL location
MSXML2::IXMLDOMElementPtr current_elem = NULL;
MSXML2::IXMLDOMElementPtr cert_elem = NULL;
MSXML2::IXMLDOMElementPtr name_elem = NULL;
BSTR tagName, newUrl;
PSTR copyNewUrl;
current_elem = pXMLDomNodeList->item[i]; // for root we are at TSLLocation level, for child at
tagName = current_elem->tagName;
newUrl = current_elem->text;
copyNewUrl = (PSTR) malloc(wcslen(newUrl)*2);
// convert URL to PSTR as this is what TslFetch expects later on
WideCharToMultiByte(CP_ACP, 0, newUrl, -1, copyNewUrl, wcslen(newUrl)*2, NULL, NULL);
// this part is recursively calling parseTSL()
// need to check duplicate urls because most TSL will publish reference to EU TSL
if(isKnownUrl((PSTR) copyNewUrl, URLListPtr) == false) {
// fetch operator name for current certificate
name_elem = current_elem->selectSingleNode(L"../tsl:AdditionalInformation/tsl:OtherInformation/tsl:SchemeOperatorName/tsl:Name");
assert(name_elem != NULL);
wprintf(L"Child TSL operator name=%s\n", (LPWSTR) name_elem->text);
// if this TSL wasn't previously parse, do it now
wprintf(L"Found new TSL %s=%s\n", (LPWSTR) tagName, (LPWSTR) newUrl);
ret = parseChildTsl( copyNewUrl, pCertList, URLListPtr);
}
// fetch certificate
/* this is not really needed until we verify TSL signatures
cert_elem = current_elem->selectSingleNode(L"../tsl:ServiceDigitalIdentities/tsl:ServiceDigitalIdentity/tsl:DigitalId/tsl:X509Certificate");
if(cert_elem == NULL) {
printf("No certificate found in TSL: %s\n", copyNewUrl);
} else {
printf("Adding cert to urllist, size=%d\n", certCount(pCertList));
// add certificate to global certificate list for further processing
ret = addCert((PSTR) cert_elem->text, &pCertList);
}
*/
if(certCount(pCertList) > 4) // XXX for faster debugging just process 4 certs
return true;
} /* end of XML parsing loop */
} // end of try block
catch(_com_error &e)
{
dump_com_error(e);
return false;
}
return true;
} // end of parseTSL
BOOL parseChildTsl(PSTR IN url, TCertListPtr IN pCertList, TURLListPtr IN URLListPtr)
{
BOOL ret;
IXMLDOMDocument2Ptr pXMLDoc;
LPWSTR pInsertStrings[2] = {NULL, NULL};
LPCWSTR searchTerm;
MSXML2::IXMLDOMElementPtr pXMLDocElement = NULL;
MSXML2::IXMLDOMNodeListPtr pXMLDomNodeList = NULL;
INT i;
pInsertStrings[0] = (LPWSTR) _strdup(url);
ret = ReportEvent(hEventLog, EVENTLOG_INFORMATION_TYPE, CAT_TSL_PARSER, TSL_PARSE_START, NULL, 1, 0, (LPCWSTR*)pInsertStrings, NULL);
printf("Opening child TSL %s...\n", url);
// add currently processed URL
ret = addUrl( url, &URLListPtr);
// initialize XML trees
CoInitialize(NULL);
// attempt to fetch TSL file from Internet
pXMLDoc = TslFetch(url);
try{
#define DSIG_NS L"xmlns:tsl='http://uri.etsi.org/02231/v2#' xmlns:tslx='http://uri.etsi.org/02231/v2/additionaltypes#'"
// Initialize XML parser
pXMLDoc->async = VARIANT_FALSE;
pXMLDoc->setProperty("SelectionLanguage", "XPath"); // tell MSXML that we will use XPath syntax
pXMLDoc->setProperty("SelectionNamespaces", DSIG_NS); // set namespace
pXMLDocElement = pXMLDoc->documentElement;
// Structure for child TSL (root=false)
//tsl:TrustServiceProvider
// tsl:TSPInformation
// tsl:TSPName
// tsl:Name[xml:lang='en']
// tsl:TSPServices
// tsl:TSPService
// tsl:ServiceInformation
// tsl:ServiceTypeIdentifier
// tsl:ServiceDigitalIdentity
// tsl:DigitalId
// tsl:X509Certificate
searchTerm = L"//tsl:TSPService";
pXMLDomNodeList = pXMLDocElement->selectNodes(searchTerm);
INT count = 0;
count = pXMLDomNodeList->length;
wprintf(L"XML query: %s\n", searchTerm);
printf("Found %d nodes.\n", count);
for(i=0; i<count; i++) {
// process sub-TSL location
MSXML2::IXMLDOMElementPtr current_elem = NULL;
MSXML2::IXMLDOMElementPtr cert_elem = NULL;
MSXML2::IXMLDOMElementPtr name_elem = NULL;
MSXML2::IXMLDOMElementPtr service_elem = NULL;
MSXML2::IXMLDOMElementPtr status_elem = NULL;
current_elem = pXMLDomNodeList->item[i]; // at tsl:TSPService level
wprintf(L"Found %s\n", (LPWSTR) current_elem->tagName);
// fetch operator name for current certificate
name_elem = current_elem->selectSingleNode(L"../../tsl:TSPInformation/tsl:TSPName/tsl:Name[@xml:lang='en']");
assert(name_elem != NULL);
wprintf(L"Operator name=%s\n", (LPWSTR) name_elem->text);
// fetch service name identifier (QC, TSP etc)
// Annex D.2 page 73 of ETSI TS 102 200
status_elem = current_elem->selectSingleNode(L"tsl:ServiceInformation/tsl:ServiceTypeIdentifier");
assert(status_elem != NULL);
wprintf(L"Service id=%s\n", (LPWSTR) status_elem->text);
// fetch service status identifier (active, discontinued etc)
// Annex L.2 page 100 of ETSI TS 102 200
service_elem = current_elem->selectSingleNode(L"tsl:ServiceInformation/tsl:ServiceStatus");
assert(service_elem != NULL);
wprintf(L"Service status=%s\n", (LPWSTR) service_elem->text);
//assert( wcscmp(L"http://uri.etsi.org/TrstSvc/eSigDir-1999-93-EC-TrustedList/Svcstatus/undersupervision", status_elem->text) == 0);
// fetch certificate
cert_elem = current_elem->selectSingleNode(L"tsl:ServiceInformation/tsl:ServiceDigitalIdentity/tsl:DigitalId/tsl:X509Certificate");
assert(cert_elem != NULL);
printf("Adding cert to urllist, size=%d\n", certCount(pCertList));
// add certificate to global certificate list for further processing
ret = addCert((PSTR) cert_elem->text, &pCertList);
if(certCount(pCertList) > 20) // XXX for faster debugging
return true;
} /* end of XML parsing loop */
} // end of try block
catch(_com_error &e)
{
dump_com_error(e);
return false;
}
return true;
} // end of parseTSL
