Use libxml2/xmsec1 for TSL parsing and validation (#1278)

IB-7947

Signed-off-by: Raul Metsma <[email protected]>

Author: metsma

.github/workflows/build.yml

@@ -5,6 +5,7 @@ permissions:
 env:
   BUILD_NUMBER: ${{ github.run_number }}
   CMAKE_BUILD_PARALLEL_LEVEL: 4
+  UBUNTU_DEPS: ./libdigidocpp-pkg/*.deb cmake libldap2-dev gettext libpcsclite-dev libssl-dev libgl-dev libqt6svg6-dev qt6-tools-dev qt6-tools-dev-tools qt6-l10n-tools libflatbuffers-dev zlib1g-dev
 jobs:
   macos:
     name: Build on macOS
@@ -61,16 +62,6 @@ jobs:
       DEBFULLNAME: github-actions
       DEBEMAIL: [email protected]
     steps:
-    - name: Install dependencies
-      if: matrix.container == '20.04'
-      run: apt update -qq && apt install --no-install-recommends -y git lsb-release build-essential devscripts debhelper pkg-config cmake libldap2-dev gettext libpcsclite-dev libssl-dev libqt5svg5-dev qttools5-dev-tools qttools5-dev lintian libflatbuffers-dev zlib1g-dev
-    - name: Install dependencies
-      if: matrix.container != '20.04'
-      run: apt update -qq && apt install --no-install-recommends -y git lsb-release build-essential devscripts debhelper pkg-config cmake libldap2-dev gettext libpcsclite-dev libssl-dev libgl-dev libqt6svg6-dev qt6-tools-dev qt6-tools-dev-tools qt6-l10n-tools lintian libflatbuffers-dev zlib1g-dev
-    - name: Checkout
-      uses: actions/checkout@v4
-      with:
-        submodules: recursive
     - name: Download artifact
       uses: dawidd6/action-download-artifact@v6
       with:
@@ -79,12 +70,19 @@ jobs:
         name: ubuntu_${{ matrix.container }}
         path: libdigidocpp-pkg
         repo: open-eid/libdigidocpp
-    - name: Install artifact
-      run: |
-        apt install --no-install-recommends -y ./libdigidocpp-pkg/*.deb
-        rm -rf libdigidocpp-pkg
+    - name: Install dependencies
+      if: matrix.container == '20.04'
+      run: apt update -qq && apt install --no-install-recommends -y git lsb-release build-essential devscripts debhelper pkg-config lintian ./libdigidocpp-pkg/*.deb cmake libldap2-dev gettext libpcsclite-dev libssl-dev libqt5svg5-dev qttools5-dev-tools qttools5-dev libflatbuffers-dev zlib1g-dev
+    - name: Install dependencies
+      if: matrix.container != '20.04'
+      run: apt update -qq && apt install --no-install-recommends -y git lsb-release build-essential devscripts debhelper pkg-config lintian ${UBUNTU_DEPS}
+    - name: Checkout
+      uses: actions/checkout@v4
+      with:
+        submodules: recursive
     - name: Setup changelog
       run: |
+        rm -rf libdigidocpp-pkg
         export VERSION=$(grep project CMakeLists.txt | egrep -o "([0-9]{1,}\.)+[0-9]{1,}")
         export VERSIONEX=${VERSION}.${BUILD_NUMBER}.$(lsb_release -rs)
         dch --distribution $(lsb_release -cs) -v ${VERSIONEX} "Release ${VERSIONEX}."
@@ -216,8 +214,6 @@ jobs:
       uses: actions/checkout@v4
       with:
         submodules: recursive
-    - name: Install dependencies
-      run: sudo apt update -qq && sudo apt install --no-install-recommends -y cmake libldap2-dev gettext libpcsclite-dev libminizip-dev libxml-security-c-dev libgl-dev libqt6svg6-dev qt6-tools-dev qt6-tools-dev-tools qt6-l10n-tools libflatbuffers-dev zlib1g-dev
     - name: Download artifact
       uses: dawidd6/action-download-artifact@v6
       with:
@@ -226,8 +222,8 @@ jobs:
         name: ubuntu_22.04
         path: libdigidocpp-pkg
         repo: open-eid/libdigidocpp
-    - name: Install artifact
-      run: sudo dpkg -i libdigidocpp-pkg/*.deb
+    - name: Install dependencies
+      run: sudo apt update -qq && sudo apt install --no-install-recommends -y ${UBUNTU_DEPS}
     - name: Download Coverity Build Tool
       run: |
         curl -s -d "token=$TOKEN&project=$PROJECTNAME" -o cov-analysis-linux64.tar.gz https://scan.coverity.com/download/cxx/linux64
@@ -260,8 +256,6 @@ jobs:
       uses: actions/checkout@v4
       with:
         submodules: recursive
-    - name: Install dependencies
-      run: sudo apt update -qq && sudo apt install --no-install-recommends -y cmake libldap2-dev gettext libpcsclite-dev libminizip-dev libxml-security-c-dev libgl-dev libqt6svg6-dev qt6-tools-dev qt6-tools-dev-tools qt6-l10n-tools libflatbuffers-dev zlib1g-dev
     - name: Download artifact
       uses: dawidd6/action-download-artifact@v6
       with:
@@ -270,8 +264,8 @@ jobs:
         name: ubuntu_22.04
         path: libdigidocpp-pkg
         repo: open-eid/libdigidocpp
-    - name: Install artifact
-      run: sudo dpkg -i libdigidocpp-pkg/*.deb
+    - name: Install dependencies
+      run: sudo apt update -qq && sudo apt install --no-install-recommends -y ${UBUNTU_DEPS}
     - name: Initialize CodeQL
       uses: github/codeql-action/init@v3
       with:

.github/workflows/tar.yml

@@ -1,6 +1,6 @@
 cmake_minimum_required(VERSION 3.16)
 if(NOT EXISTS ${CMAKE_SOURCE_DIR}/cmake/modules/VersionInfo.cmake)
-	message(FATAL_ERROR "cmake submodule directory empty, did you 'git clone --recursive'?")
+    message(FATAL_ERROR "cmake submodule directory empty, did you 'git clone --recursive'?")
 endif()
 project(qdigidoc4 VERSION 4.6.0)
 

CMakeLists.txt

@@ -264,3 +264,28 @@ client/fonts/Open_Sans
    WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
    See the License for the specific language governing permissions and
    limitations under the License.
+
+_______________________________________________________________________________
+schema
+
+MIT License
+
+Copyright (c) 2023 Open Electronic Identity
+
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is
+furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in all
+copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+SOFTWARE.

COPYING

@@ -266,6 +266,9 @@ elseif(WIN32)
 		COMMAND ${CMAKE_COMMAND} -E copy ${LIBS_PATH}/XalanMessages_1_12.dll appx
 		COMMAND ${CMAKE_COMMAND} -E copy ${LIBS_PATH}/Xalan-C_1_12.dll appx
 		COMMAND ${CMAKE_COMMAND} -E copy ${LIBS_PATH}/xsec_2_0.dll appx
+		COMMAND ${CMAKE_COMMAND} -E copy ${LIBS_PATH}/libxml2.dll appx
+		COMMAND ${CMAKE_COMMAND} -E copy ${LIBS_PATH}/libxmlsec1.dll appx
+		COMMAND ${CMAKE_COMMAND} -E copy ${LIBS_PATH}/libxmlsec1-openssl.dll appx
 		COMMAND ${CMAKE_COMMAND} -E copy ${LIBS_PATH}/digidocpp.dll appx
 		COMMAND ${CMAKE_COMMAND} -E copy ${LIBS_PATH}/digidocpp.conf appx
 		COMMAND ${CMAKE_COMMAND} -E copy_directory ${CMAKE_SOURCE_DIR}/Assets appx/Assets

client/CMakeLists.txt

@@ -101,9 +101,14 @@
         <File Name="Xalan-C_1_12$(var.qt_suffix).dll" />
         <File Name="xsec_2_0$(var.qt_suffix).dll" />
         <File Name="libxml2.dll" />
+        <File Name="libxmlsec1.dll" />
+        <File Name="libxmlsec1-openssl.dll" />
         <File Name="digidocpp$(var.qt_suffix).dll" />
         <File Name="digidoc-tool.exe" />
         <File Name="digidocpp.conf" />
+        <Directory Name="schema">
+          <Files Include="$(var.libs_path)\schema\*.xsd" />
+        </Directory>
 <?ifdef var.qt_path ?>
         <File Name="libcrypto-3$(var.OpenSSLSuffix).dll" />
         <File Name="libssl-3$(var.OpenSSLSuffix).dll" />
@@ -123,11 +128,6 @@
         <File Source="$(var.qt_path)\D3DCompiler_47.dll" />
         <File Source="$(var.qt_path)\opengl32sw.dll" />
         <File Source="$(var.qt_path)\Qt6SvgWidgets$(var.qt_suffix).dll" />
-<?endif?>
-        <Directory Name="schema">
-          <Files Include="$(var.libs_path)\schema\*.xsd" />
-        </Directory>
-<?ifdef var.qt_path ?>
         <Directory Name="platforms">
           <File Source="$(var.qt_path)\..\plugins\platforms\qwindows$(var.qt_suffix).dll" />
         </Directory>

qdigidoc4.wxs

@@ -1,19 +1,25 @@
 /*
- * QDigiDocClient
+ * MIT License
  *
- * This library is free software; you can redistribute it and/or
- * modify it under the terms of the GNU Lesser General Public
- * License as published by the Free Software Foundation; either
- * version 2.1 of the License, or (at your option) any later version.
+ * Copyright (c) 2023 Open Electronic Identity
  *
- * This library is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
- * Lesser General Public License for more details.
+ * Permission is hereby granted, free of charge, to any person obtaining a copy
+ * of this software and associated documentation files (the "Software"), to deal
+ * in the Software without restriction, including without limitation the rights
+ * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+ * copies of the Software, and to permit persons to whom the Software is
+ * furnished to do so, subject to the following conditions:
  *
- * You should have received a copy of the GNU Lesser General Public
- * License along with this library; if not, write to the Free Software
- * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA  02110-1301  USA
+ * The above copyright notice and this permission notice shall be included in all
+ * copies or substantial portions of the Software.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+ * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+ * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+ * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+ * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+ * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+ * SOFTWARE.
  *
  */
 

schema/header.fbs

@@ -1,19 +1,25 @@
 /*
- * QDigiDocClient
+ * MIT License
  *
- * This library is free software; you can redistribute it and/or
- * modify it under the terms of the GNU Lesser General Public
- * License as published by the Free Software Foundation; either
- * version 2.1 of the License, or (at your option) any later version.
+ * Copyright (c) 2023 Open Electronic Identity
  *
- * This library is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
- * Lesser General Public License for more details.
+ * Permission is hereby granted, free of charge, to any person obtaining a copy
+ * of this software and associated documentation files (the "Software"), to deal
+ * in the Software without restriction, including without limitation the rights
+ * to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+ * copies of the Software, and to permit persons to whom the Software is
+ * furnished to do so, subject to the following conditions:
  *
- * You should have received a copy of the GNU Lesser General Public
- * License along with this library; if not, write to the Free Software
- * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA  02110-1301  USA
+ * The above copyright notice and this permission notice shall be included in all
+ * copies or substantial portions of the Software.
+ *
+ * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+ * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+ * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+ * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+ * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+ * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+ * SOFTWARE.
  *
  */