2010-10-12 15:57:08 +02:00
|
|
|
/* -*- Mode: C++; tab-width: 4; indent-tabs-mode: nil; c-basic-offset: 4 -*- */
|
2012-07-16 17:32:30 +01:00
|
|
|
/*
|
|
|
|
|
* This file is part of the LibreOffice project.
|
|
|
|
|
*
|
|
|
|
|
* This Source Code Form is subject to the terms of the Mozilla Public
|
|
|
|
|
* License, v. 2.0. If a copy of the MPL was not distributed with this
|
|
|
|
|
* file, You can obtain one at http://mozilla.org/MPL/2.0/.
|
|
|
|
|
*
|
|
|
|
|
* This file incorporates work covered by the following license notice:
|
|
|
|
|
*
|
|
|
|
|
* Licensed to the Apache Software Foundation (ASF) under one or more
|
|
|
|
|
* contributor license agreements. See the NOTICE file distributed
|
|
|
|
|
* with this work for additional information regarding copyright
|
|
|
|
|
* ownership. The ASF licenses this file to you under the Apache
|
|
|
|
|
* License, Version 2.0 (the "License"); you may not use this file
|
|
|
|
|
* except in compliance with the License. You may obtain a copy of
|
|
|
|
|
* the License at http://www.apache.org/licenses/LICENSE-2.0 .
|
|
|
|
|
*/
|
2004-07-12 12:15:31 +00:00
|
|
|
|
|
|
|
|
#include <sal/config.h>
|
2011-06-04 00:17:31 +01:00
|
|
|
#include <comphelper/servicehelper.hxx>
|
2004-07-12 12:15:31 +00:00
|
|
|
#include "x509certificate_mscryptimpl.hxx"
|
|
|
|
|
#include "certificateextension_xmlsecimpl.hxx"
|
2011-02-03 16:22:52 +01:00
|
|
|
#include "sanextension_mscryptimpl.hxx"
|
2004-07-12 12:15:31 +00:00
|
|
|
|
2004-07-14 09:28:28 +00:00
|
|
|
#include "oid.hxx"
|
|
|
|
|
|
2005-03-10 17:10:47 +00:00
|
|
|
#include <rtl/locale.h>
|
|
|
|
|
#include <osl/nlsupport.h>
|
|
|
|
|
#include <osl/process.h>
|
2009-09-17 13:53:54 +00:00
|
|
|
#include <utility>
|
2005-03-10 17:10:47 +00:00
|
|
|
|
2004-07-12 12:15:31 +00:00
|
|
|
using namespace ::com::sun::star::uno ;
|
|
|
|
|
using namespace ::com::sun::star::security ;
|
|
|
|
|
using ::rtl::OUString ;
|
|
|
|
|
|
|
|
|
|
using ::com::sun::star::security::XCertificate ;
|
|
|
|
|
using ::com::sun::star::util::DateTime ;
|
|
|
|
|
|
2009-09-17 13:53:54 +00:00
|
|
|
#define OUSTR(x) ::rtl::OUString( RTL_CONSTASCII_USTRINGPARAM(x) )
|
|
|
|
|
|
|
|
|
|
/*Resturns the index withing rRawString where sTypeName starts and where it ends.
|
|
|
|
|
The starting index is pair.first. The ending index in pair.second points
|
|
|
|
|
one char after the last character of the type.
|
|
|
|
|
sTypeName can be
|
|
|
|
|
"S" or "CN" (without ""). Do not use spaces at the beginning of the type name.
|
|
|
|
|
If the type name is not found then pair.first and pair.second are -1.
|
|
|
|
|
*/
|
|
|
|
|
std::pair< sal_Int32, sal_Int32 >
|
|
|
|
|
findTypeInDN(const OUString& rRawString, const OUString& sTypeName)
|
2005-03-10 17:10:47 +00:00
|
|
|
{
|
2009-09-17 13:53:54 +00:00
|
|
|
std::pair< sal_Int32, sal_Int32 > retVal;
|
|
|
|
|
bool bInEscape = false;
|
|
|
|
|
bool bInValue = false;
|
|
|
|
|
bool bFound = false;
|
|
|
|
|
sal_Int32 nTypeNameStart = 0;
|
|
|
|
|
sal_Int32 length = rRawString.getLength();
|
|
|
|
|
|
|
|
|
|
for (sal_Int32 i = 0; i < length; i++)
|
2005-03-10 17:10:47 +00:00
|
|
|
{
|
2009-09-17 13:53:54 +00:00
|
|
|
sal_Unicode c = rRawString[i];
|
|
|
|
|
|
|
|
|
|
if (c == '=')
|
2005-03-10 17:10:47 +00:00
|
|
|
{
|
2009-09-17 13:53:54 +00:00
|
|
|
if (! bInValue)
|
|
|
|
|
{
|
|
|
|
|
OUString sType = rRawString.copy(nTypeNameStart, i - nTypeNameStart);
|
|
|
|
|
sType = sType.trim();
|
|
|
|
|
if (sType.equalsIgnoreAsciiCase(sTypeName))
|
|
|
|
|
{
|
|
|
|
|
bFound = true;
|
|
|
|
|
break;
|
|
|
|
|
}
|
|
|
|
|
}
|
2005-03-10 17:10:47 +00:00
|
|
|
}
|
2009-09-17 13:53:54 +00:00
|
|
|
else if (c == '"')
|
2005-03-10 17:10:47 +00:00
|
|
|
{
|
2009-09-17 13:53:54 +00:00
|
|
|
if (!bInEscape)
|
|
|
|
|
{
|
|
|
|
|
//If this is the quote is the first of the couple which enclose the
|
|
|
|
|
//whole value, because the value contains special characters
|
|
|
|
|
//then we just drop it. That is, this character must be followed by
|
|
|
|
|
//a character which is not '"'.
|
|
|
|
|
if ( i + 1 < length && rRawString[i+1] == '"')
|
|
|
|
|
bInEscape = true;
|
|
|
|
|
else
|
|
|
|
|
bInValue = !bInValue; //value is enclosed in " "
|
|
|
|
|
}
|
|
|
|
|
else
|
|
|
|
|
{
|
|
|
|
|
//This quote is escaped by a preceding quote and therefore is
|
|
|
|
|
//part of the value
|
|
|
|
|
bInEscape = false;
|
|
|
|
|
}
|
|
|
|
|
}
|
2010-06-18 15:33:33 +02:00
|
|
|
else if (c == ',' || c == '+')
|
2009-09-17 13:53:54 +00:00
|
|
|
{
|
|
|
|
|
//The comma separate the attribute value pairs.
|
|
|
|
|
//If the comma is not part of a value (the value would then be enclosed in '"'),
|
|
|
|
|
//then we have reached the end of the value
|
|
|
|
|
if (!bInValue)
|
|
|
|
|
{
|
|
|
|
|
//The next char is the start of the new type
|
|
|
|
|
nTypeNameStart = i + 1;
|
|
|
|
|
}
|
2005-03-10 17:10:47 +00:00
|
|
|
}
|
2009-09-17 13:53:54 +00:00
|
|
|
}
|
2005-03-10 17:10:47 +00:00
|
|
|
|
2009-09-17 13:53:54 +00:00
|
|
|
//Found the Type Name, but there can still be spaces after the last comma
|
|
|
|
|
//and the beginning of the type.
|
|
|
|
|
if (bFound)
|
|
|
|
|
{
|
|
|
|
|
while (true)
|
2005-03-10 17:10:47 +00:00
|
|
|
{
|
2009-09-17 13:53:54 +00:00
|
|
|
sal_Unicode c = rRawString[nTypeNameStart];
|
|
|
|
|
if (c != ' ' && c != '\t')
|
|
|
|
|
//found
|
|
|
|
|
break;
|
|
|
|
|
nTypeNameStart ++;
|
2005-03-10 17:10:47 +00:00
|
|
|
}
|
2009-09-17 13:53:54 +00:00
|
|
|
// search end (one after last letter)
|
|
|
|
|
sal_Int32 nTypeNameEnd = nTypeNameStart;
|
|
|
|
|
nTypeNameEnd++;
|
|
|
|
|
while (true)
|
|
|
|
|
{
|
|
|
|
|
sal_Unicode c = rRawString[nTypeNameEnd];
|
|
|
|
|
if (c == ' ' || c == '\t' || c == '=')
|
|
|
|
|
break;
|
|
|
|
|
nTypeNameEnd++;
|
|
|
|
|
}
|
|
|
|
|
retVal = std::make_pair(nTypeNameStart, nTypeNameEnd);
|
|
|
|
|
}
|
|
|
|
|
else
|
|
|
|
|
{
|
|
|
|
|
retVal = std::make_pair(-1, -1);
|
|
|
|
|
}
|
|
|
|
|
return retVal;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
/*
|
|
|
|
|
MS Crypto uses the 'S' tag (equal to the 'ST' tag in NSS), but the NSS can't recognise
|
|
|
|
|
it, so the 'S' tag should be changed to 'ST' tag. However I am not sure if this is necessary
|
|
|
|
|
anymore, because we provide always the signers certificate when signing. So libmlsec can find
|
|
|
|
|
the private key based on the provided certificate (X509Certificate element) and does not need
|
|
|
|
|
the issuer name (X509IssuerName element). The issuer name in the xml signature has also no
|
|
|
|
|
effect for the signature nor the certificate validation.
|
|
|
|
|
In many RFCs, for example 4519, on speaks of 'ST'. However, the certificate does not contain
|
|
|
|
|
strings for type names. Instead it uses OIDs.
|
|
|
|
|
*/
|
2005-03-10 17:10:47 +00:00
|
|
|
|
2009-09-17 13:53:54 +00:00
|
|
|
OUString replaceTagSWithTagST(OUString oldDN)
|
|
|
|
|
{
|
|
|
|
|
std::pair<sal_Int32, sal_Int32 > pairIndex = findTypeInDN(oldDN, OUSTR("S"));
|
|
|
|
|
|
|
|
|
|
if (pairIndex.first != -1)
|
|
|
|
|
{
|
|
|
|
|
OUString newDN = oldDN.copy(0, pairIndex.first);
|
|
|
|
|
newDN += OUSTR("ST");
|
|
|
|
|
newDN += oldDN.copy(pairIndex.second);
|
|
|
|
|
return newDN;
|
|
|
|
|
}
|
|
|
|
|
return oldDN;
|
2005-03-10 17:10:47 +00:00
|
|
|
}
|
|
|
|
|
/* end */
|
|
|
|
|
|
2004-07-12 12:15:31 +00:00
|
|
|
X509Certificate_MSCryptImpl :: X509Certificate_MSCryptImpl() :
|
|
|
|
|
m_pCertContext( NULL )
|
|
|
|
|
{
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
X509Certificate_MSCryptImpl :: ~X509Certificate_MSCryptImpl() {
|
|
|
|
|
if( m_pCertContext != NULL ) {
|
|
|
|
|
CertFreeCertificateContext( m_pCertContext ) ;
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
//Methods from XCertificate
|
|
|
|
|
sal_Int16 SAL_CALL X509Certificate_MSCryptImpl :: getVersion() throw ( ::com::sun::star::uno::RuntimeException) {
|
|
|
|
|
if( m_pCertContext != NULL && m_pCertContext->pCertInfo != NULL ) {
|
|
|
|
|
return ( char )m_pCertContext->pCertInfo->dwVersion ;
|
|
|
|
|
} else {
|
|
|
|
|
return -1 ;
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
::com::sun::star::uno::Sequence< sal_Int8 > SAL_CALL X509Certificate_MSCryptImpl :: getSerialNumber() throw ( ::com::sun::star::uno::RuntimeException) {
|
|
|
|
|
if( m_pCertContext != NULL && m_pCertContext->pCertInfo != NULL ) {
|
|
|
|
|
Sequence< sal_Int8 > serial( m_pCertContext->pCertInfo->SerialNumber.cbData ) ;
|
|
|
|
|
for( unsigned int i = 0 ; i < m_pCertContext->pCertInfo->SerialNumber.cbData ; i ++ )
|
|
|
|
|
serial[i] = *( m_pCertContext->pCertInfo->SerialNumber.pbData + m_pCertContext->pCertInfo->SerialNumber.cbData - i - 1 ) ;
|
|
|
|
|
|
|
|
|
|
return serial ;
|
|
|
|
|
} else {
|
2010-07-15 13:58:09 +02:00
|
|
|
return Sequence< sal_Int8 >();
|
2004-07-12 12:15:31 +00:00
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
::rtl::OUString SAL_CALL X509Certificate_MSCryptImpl :: getIssuerName() throw ( ::com::sun::star::uno::RuntimeException) {
|
|
|
|
|
if( m_pCertContext != NULL && m_pCertContext->pCertInfo != NULL ) {
|
|
|
|
|
char* issuer ;
|
|
|
|
|
DWORD cbIssuer ;
|
|
|
|
|
|
|
|
|
|
cbIssuer = CertNameToStr(
|
|
|
|
|
X509_ASN_ENCODING | PKCS_7_ASN_ENCODING ,
|
|
|
|
|
&( m_pCertContext->pCertInfo->Issuer ),
|
|
|
|
|
CERT_X500_NAME_STR | CERT_NAME_STR_REVERSE_FLAG ,
|
|
|
|
|
NULL, 0
|
|
|
|
|
) ;
|
|
|
|
|
|
2005-03-10 17:10:47 +00:00
|
|
|
// Here the cbIssuer count the last 0x00 , take care.
|
2004-07-12 12:15:31 +00:00
|
|
|
if( cbIssuer != 0 ) {
|
|
|
|
|
issuer = new char[ cbIssuer ] ;
|
|
|
|
|
if( issuer == NULL )
|
|
|
|
|
throw RuntimeException() ;
|
|
|
|
|
|
|
|
|
|
cbIssuer = CertNameToStr(
|
|
|
|
|
X509_ASN_ENCODING | PKCS_7_ASN_ENCODING ,
|
|
|
|
|
&( m_pCertContext->pCertInfo->Issuer ),
|
|
|
|
|
CERT_X500_NAME_STR | CERT_NAME_STR_REVERSE_FLAG ,
|
|
|
|
|
issuer, cbIssuer
|
|
|
|
|
) ;
|
|
|
|
|
|
|
|
|
|
if( cbIssuer <= 0 ) {
|
2009-11-06 11:03:40 +00:00
|
|
|
delete [] issuer ;
|
2004-07-12 12:15:31 +00:00
|
|
|
throw RuntimeException() ;
|
|
|
|
|
}
|
|
|
|
|
|
2011-03-05 16:45:26 +00:00
|
|
|
// for correct encoding
|
2005-03-10 17:10:47 +00:00
|
|
|
sal_uInt16 encoding ;
|
|
|
|
|
rtl_Locale *pLocale = NULL ;
|
|
|
|
|
osl_getProcessLocale( &pLocale ) ;
|
|
|
|
|
encoding = osl_getTextEncodingFromLocale( pLocale ) ;
|
|
|
|
|
|
|
|
|
|
if(issuer[cbIssuer-1] == 0) cbIssuer--; //delimit the last 0x00;
|
2011-03-05 16:45:26 +00:00
|
|
|
OUString xIssuer(issuer , cbIssuer ,encoding ) ;
|
2009-11-06 11:03:40 +00:00
|
|
|
delete [] issuer ;
|
2004-07-12 12:15:31 +00:00
|
|
|
|
2009-09-17 13:53:54 +00:00
|
|
|
return replaceTagSWithTagST(xIssuer);
|
2004-07-12 12:15:31 +00:00
|
|
|
} else {
|
|
|
|
|
return OUString() ;
|
|
|
|
|
}
|
|
|
|
|
} else {
|
|
|
|
|
return OUString() ;
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
2009-12-08 15:52:14 +01:00
|
|
|
::rtl::OUString SAL_CALL X509Certificate_MSCryptImpl :: getSubjectName() throw ( ::com::sun::star::uno::RuntimeException)
|
|
|
|
|
{
|
|
|
|
|
if( m_pCertContext != NULL && m_pCertContext->pCertInfo != NULL )
|
|
|
|
|
{
|
|
|
|
|
wchar_t* subject ;
|
2004-07-12 12:15:31 +00:00
|
|
|
DWORD cbSubject ;
|
|
|
|
|
|
2009-12-08 15:52:14 +01:00
|
|
|
cbSubject = CertNameToStrW(
|
2004-07-12 12:15:31 +00:00
|
|
|
X509_ASN_ENCODING | PKCS_7_ASN_ENCODING ,
|
|
|
|
|
&( m_pCertContext->pCertInfo->Subject ),
|
|
|
|
|
CERT_X500_NAME_STR | CERT_NAME_STR_REVERSE_FLAG ,
|
|
|
|
|
NULL, 0
|
|
|
|
|
) ;
|
|
|
|
|
|
2009-12-08 15:52:14 +01:00
|
|
|
if( cbSubject != 0 )
|
|
|
|
|
{
|
|
|
|
|
subject = new wchar_t[ cbSubject ] ;
|
2004-07-12 12:15:31 +00:00
|
|
|
if( subject == NULL )
|
|
|
|
|
throw RuntimeException() ;
|
|
|
|
|
|
2009-12-08 15:52:14 +01:00
|
|
|
cbSubject = CertNameToStrW(
|
2004-07-12 12:15:31 +00:00
|
|
|
X509_ASN_ENCODING | PKCS_7_ASN_ENCODING ,
|
|
|
|
|
&( m_pCertContext->pCertInfo->Subject ),
|
|
|
|
|
CERT_X500_NAME_STR | CERT_NAME_STR_REVERSE_FLAG ,
|
|
|
|
|
subject, cbSubject
|
|
|
|
|
) ;
|
|
|
|
|
|
|
|
|
|
if( cbSubject <= 0 ) {
|
2009-11-06 11:03:40 +00:00
|
|
|
delete [] subject ;
|
2004-07-12 12:15:31 +00:00
|
|
|
throw RuntimeException() ;
|
|
|
|
|
}
|
|
|
|
|
|
2010-03-24 19:23:56 +09:00
|
|
|
OUString xSubject(reinterpret_cast<const sal_Unicode*>(subject));
|
2009-11-06 11:03:40 +00:00
|
|
|
delete [] subject ;
|
2004-07-12 12:15:31 +00:00
|
|
|
|
2009-09-17 13:53:54 +00:00
|
|
|
return replaceTagSWithTagST(xSubject);
|
2009-12-08 15:52:14 +01:00
|
|
|
} else
|
|
|
|
|
{
|
2004-07-12 12:15:31 +00:00
|
|
|
return OUString() ;
|
|
|
|
|
}
|
2009-12-08 15:52:14 +01:00
|
|
|
}
|
|
|
|
|
else
|
|
|
|
|
{
|
2004-07-12 12:15:31 +00:00
|
|
|
return OUString() ;
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
2005-03-29 12:25:33 +00:00
|
|
|
::com::sun::star::util::DateTime SAL_CALL X509Certificate_MSCryptImpl :: getNotValidBefore() throw ( ::com::sun::star::uno::RuntimeException ) {
|
2004-07-12 12:15:31 +00:00
|
|
|
if( m_pCertContext != NULL && m_pCertContext->pCertInfo != NULL ) {
|
|
|
|
|
SYSTEMTIME explTime ;
|
|
|
|
|
DateTime dateTime ;
|
2005-01-18 13:35:09 +00:00
|
|
|
FILETIME localFileTime;
|
|
|
|
|
|
|
|
|
|
if (FileTimeToLocalFileTime(&( m_pCertContext->pCertInfo->NotBefore ), &localFileTime))
|
|
|
|
|
{
|
|
|
|
|
if( FileTimeToSystemTime( &localFileTime, &explTime ) ) {
|
|
|
|
|
//Convert the time to readable local time
|
|
|
|
|
dateTime.HundredthSeconds = explTime.wMilliseconds / 100 ;
|
|
|
|
|
dateTime.Seconds = explTime.wSecond ;
|
|
|
|
|
dateTime.Minutes = explTime.wMinute ;
|
|
|
|
|
dateTime.Hours = explTime.wHour ;
|
|
|
|
|
dateTime.Day = explTime.wDay ;
|
|
|
|
|
dateTime.Month = explTime.wMonth ;
|
|
|
|
|
dateTime.Year = explTime.wYear ;
|
|
|
|
|
}
|
2004-07-12 12:15:31 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
return dateTime ;
|
|
|
|
|
} else {
|
|
|
|
|
return DateTime() ;
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
2005-03-29 12:25:33 +00:00
|
|
|
::com::sun::star::util::DateTime SAL_CALL X509Certificate_MSCryptImpl :: getNotValidAfter() throw ( ::com::sun::star::uno::RuntimeException) {
|
2004-07-12 12:15:31 +00:00
|
|
|
if( m_pCertContext != NULL && m_pCertContext->pCertInfo != NULL ) {
|
|
|
|
|
SYSTEMTIME explTime ;
|
|
|
|
|
DateTime dateTime ;
|
2005-01-18 13:35:09 +00:00
|
|
|
FILETIME localFileTime;
|
|
|
|
|
|
|
|
|
|
if (FileTimeToLocalFileTime(&( m_pCertContext->pCertInfo->NotAfter ), &localFileTime))
|
|
|
|
|
{
|
|
|
|
|
if( FileTimeToSystemTime( &localFileTime, &explTime ) ) {
|
|
|
|
|
//Convert the time to readable local time
|
|
|
|
|
dateTime.HundredthSeconds = explTime.wMilliseconds / 100 ;
|
|
|
|
|
dateTime.Seconds = explTime.wSecond ;
|
|
|
|
|
dateTime.Minutes = explTime.wMinute ;
|
|
|
|
|
dateTime.Hours = explTime.wHour ;
|
|
|
|
|
dateTime.Day = explTime.wDay ;
|
|
|
|
|
dateTime.Month = explTime.wMonth ;
|
|
|
|
|
dateTime.Year = explTime.wYear ;
|
|
|
|
|
}
|
2004-07-12 12:15:31 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
return dateTime ;
|
|
|
|
|
} else {
|
|
|
|
|
return DateTime() ;
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
::com::sun::star::uno::Sequence< sal_Int8 > SAL_CALL X509Certificate_MSCryptImpl :: getIssuerUniqueID() throw ( ::com::sun::star::uno::RuntimeException) {
|
|
|
|
|
if( m_pCertContext != NULL && m_pCertContext->pCertInfo != NULL ) {
|
|
|
|
|
Sequence< sal_Int8 > issuerUid( m_pCertContext->pCertInfo->IssuerUniqueId.cbData ) ;
|
|
|
|
|
for( unsigned int i = 0 ; i < m_pCertContext->pCertInfo->IssuerUniqueId.cbData; i ++ )
|
|
|
|
|
issuerUid[i] = *( m_pCertContext->pCertInfo->IssuerUniqueId.pbData + i ) ;
|
|
|
|
|
|
|
|
|
|
return issuerUid ;
|
|
|
|
|
} else {
|
2010-07-15 13:58:09 +02:00
|
|
|
return Sequence< sal_Int8 >();
|
2004-07-12 12:15:31 +00:00
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
::com::sun::star::uno::Sequence< sal_Int8 > SAL_CALL X509Certificate_MSCryptImpl :: getSubjectUniqueID() throw ( ::com::sun::star::uno::RuntimeException ) {
|
|
|
|
|
if( m_pCertContext != NULL && m_pCertContext->pCertInfo != NULL ) {
|
|
|
|
|
Sequence< sal_Int8 > subjectUid( m_pCertContext->pCertInfo->SubjectUniqueId.cbData ) ;
|
|
|
|
|
for( unsigned int i = 0 ; i < m_pCertContext->pCertInfo->SubjectUniqueId.cbData; i ++ )
|
|
|
|
|
subjectUid[i] = *( m_pCertContext->pCertInfo->SubjectUniqueId.pbData + i ) ;
|
|
|
|
|
|
|
|
|
|
return subjectUid ;
|
|
|
|
|
} else {
|
2010-07-15 13:58:09 +02:00
|
|
|
return Sequence< sal_Int8 >();
|
2004-07-12 12:15:31 +00:00
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
::com::sun::star::uno::Sequence< ::com::sun::star::uno::Reference< ::com::sun::star::security::XCertificateExtension > > SAL_CALL X509Certificate_MSCryptImpl :: getExtensions() throw ( ::com::sun::star::uno::RuntimeException ) {
|
|
|
|
|
if( m_pCertContext != NULL && m_pCertContext->pCertInfo != NULL && m_pCertContext->pCertInfo->cExtension != 0 ) {
|
|
|
|
|
CertificateExtension_XmlSecImpl* xExtn ;
|
|
|
|
|
CERT_EXTENSION* pExtn ;
|
|
|
|
|
Sequence< Reference< XCertificateExtension > > xExtns( m_pCertContext->pCertInfo->cExtension ) ;
|
|
|
|
|
|
|
|
|
|
for( unsigned int i = 0; i < m_pCertContext->pCertInfo->cExtension; i++ ) {
|
|
|
|
|
pExtn = &(m_pCertContext->pCertInfo->rgExtension[i]) ;
|
|
|
|
|
|
2011-02-03 16:22:52 +01:00
|
|
|
|
|
|
|
|
::rtl::OUString objId = ::rtl::OUString::createFromAscii( pExtn->pszObjId );
|
|
|
|
|
|
2012-04-06 15:05:52 +02:00
|
|
|
if ( objId == "2.5.29.17" )
|
2011-02-03 16:22:52 +01:00
|
|
|
xExtn = (CertificateExtension_XmlSecImpl*) new SanExtensionImpl() ;
|
|
|
|
|
else
|
|
|
|
|
xExtn = new CertificateExtension_XmlSecImpl() ;
|
2004-07-12 12:15:31 +00:00
|
|
|
if( xExtn == NULL )
|
|
|
|
|
throw RuntimeException() ;
|
|
|
|
|
|
2007-04-17 09:25:15 +00:00
|
|
|
xExtn->setCertExtn( pExtn->Value.pbData, pExtn->Value.cbData, ( unsigned char* )pExtn->pszObjId, strlen( pExtn->pszObjId ), sal::static_int_cast<sal_Bool>(pExtn->fCritical) ) ;
|
2004-07-12 12:15:31 +00:00
|
|
|
|
|
|
|
|
xExtns[i] = xExtn ;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
return xExtns ;
|
|
|
|
|
} else {
|
2010-07-15 13:58:09 +02:00
|
|
|
return Sequence< Reference< XCertificateExtension > >();
|
2004-07-12 12:15:31 +00:00
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
2007-04-17 09:25:15 +00:00
|
|
|
::com::sun::star::uno::Reference< ::com::sun::star::security::XCertificateExtension > SAL_CALL X509Certificate_MSCryptImpl :: findCertificateExtension( const ::com::sun::star::uno::Sequence< sal_Int8 >& /*oid*/ ) throw (::com::sun::star::uno::RuntimeException) {
|
2004-07-12 12:15:31 +00:00
|
|
|
if( m_pCertContext != NULL && m_pCertContext->pCertInfo != NULL && m_pCertContext->pCertInfo->cExtension != 0 ) {
|
|
|
|
|
CertificateExtension_XmlSecImpl* xExtn ;
|
|
|
|
|
CERT_EXTENSION* pExtn ;
|
|
|
|
|
Sequence< Reference< XCertificateExtension > > xExtns( m_pCertContext->pCertInfo->cExtension ) ;
|
|
|
|
|
|
|
|
|
|
xExtn = NULL ;
|
|
|
|
|
for( unsigned int i = 0; i < m_pCertContext->pCertInfo->cExtension; i++ ) {
|
|
|
|
|
pExtn = &( m_pCertContext->pCertInfo->rgExtension[i] ) ;
|
|
|
|
|
|
|
|
|
|
//TODO: Compare the oid
|
|
|
|
|
if( 0 ) {
|
|
|
|
|
xExtn = new CertificateExtension_XmlSecImpl() ;
|
|
|
|
|
if( xExtn == NULL )
|
|
|
|
|
throw RuntimeException() ;
|
|
|
|
|
|
2007-04-17 09:25:15 +00:00
|
|
|
xExtn->setCertExtn( pExtn->Value.pbData, pExtn->Value.cbData, ( unsigned char* )pExtn->pszObjId, strlen( pExtn->pszObjId ), sal::static_int_cast<sal_Bool>(pExtn->fCritical) ) ;
|
2004-07-12 12:15:31 +00:00
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
return xExtn ;
|
|
|
|
|
} else {
|
|
|
|
|
return NULL ;
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
::com::sun::star::uno::Sequence< sal_Int8 > SAL_CALL X509Certificate_MSCryptImpl :: getEncoded() throw ( ::com::sun::star::uno::RuntimeException) {
|
|
|
|
|
if( m_pCertContext != NULL && m_pCertContext->cbCertEncoded > 0 ) {
|
|
|
|
|
Sequence< sal_Int8 > rawCert( m_pCertContext->cbCertEncoded ) ;
|
|
|
|
|
|
|
|
|
|
for( unsigned int i = 0 ; i < m_pCertContext->cbCertEncoded ; i ++ )
|
|
|
|
|
rawCert[i] = *( m_pCertContext->pbCertEncoded + i ) ;
|
|
|
|
|
|
|
|
|
|
return rawCert ;
|
|
|
|
|
} else {
|
2010-07-15 13:58:09 +02:00
|
|
|
return Sequence< sal_Int8 >();
|
2004-07-12 12:15:31 +00:00
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
//Helper methods
|
|
|
|
|
void X509Certificate_MSCryptImpl :: setMswcryCert( const CERT_CONTEXT* cert ) {
|
|
|
|
|
if( m_pCertContext != NULL ) {
|
|
|
|
|
CertFreeCertificateContext( m_pCertContext ) ;
|
|
|
|
|
m_pCertContext = NULL ;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
if( cert != NULL ) {
|
|
|
|
|
m_pCertContext = CertDuplicateCertificateContext( cert ) ;
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
const CERT_CONTEXT* X509Certificate_MSCryptImpl :: getMswcryCert() const {
|
|
|
|
|
if( m_pCertContext != NULL ) {
|
|
|
|
|
return m_pCertContext ;
|
|
|
|
|
} else {
|
|
|
|
|
return NULL ;
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
void X509Certificate_MSCryptImpl :: setRawCert( Sequence< sal_Int8 > rawCert ) throw ( ::com::sun::star::uno::RuntimeException) {
|
|
|
|
|
if( m_pCertContext != NULL ) {
|
|
|
|
|
CertFreeCertificateContext( m_pCertContext ) ;
|
|
|
|
|
m_pCertContext = NULL ;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
if( rawCert.getLength() != 0 ) {
|
2011-01-14 14:16:44 +01:00
|
|
|
m_pCertContext = CertCreateCertificateContext( X509_ASN_ENCODING, ( const sal_uInt8* )&rawCert[0], rawCert.getLength() ) ;
|
2004-07-12 12:15:31 +00:00
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/* XUnoTunnel */
|
|
|
|
|
sal_Int64 SAL_CALL X509Certificate_MSCryptImpl :: getSomething( const Sequence< sal_Int8 >& aIdentifier ) throw( RuntimeException ) {
|
|
|
|
|
if( aIdentifier.getLength() == 16 && 0 == rtl_compareMemory( getUnoTunnelId().getConstArray(), aIdentifier.getConstArray(), 16 ) ) {
|
|
|
|
|
return ( sal_Int64 )this ;
|
|
|
|
|
}
|
|
|
|
|
return 0 ;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/* XUnoTunnel extension */
|
2011-06-04 00:17:31 +01:00
|
|
|
|
|
|
|
|
namespace
|
|
|
|
|
{
|
|
|
|
|
class theX509Certificate_MSCryptImplUnoTunnelId : public rtl::Static< UnoTunnelIdInit, theX509Certificate_MSCryptImplUnoTunnelId > {};
|
|
|
|
|
}
|
|
|
|
|
|
2004-07-12 12:15:31 +00:00
|
|
|
const Sequence< sal_Int8>& X509Certificate_MSCryptImpl :: getUnoTunnelId() {
|
2011-06-04 00:17:31 +01:00
|
|
|
return theX509Certificate_MSCryptImplUnoTunnelId::get().getSeq();
|
2004-07-12 12:15:31 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
/* XUnoTunnel extension */
|
|
|
|
|
X509Certificate_MSCryptImpl* X509Certificate_MSCryptImpl :: getImplementation( const Reference< XInterface > xObj ) {
|
|
|
|
|
Reference< XUnoTunnel > xUT( xObj , UNO_QUERY ) ;
|
|
|
|
|
if( xUT.is() ) {
|
|
|
|
|
return ( X509Certificate_MSCryptImpl* )xUT->getSomething( getUnoTunnelId() ) ;
|
|
|
|
|
} else
|
|
|
|
|
return NULL ;
|
|
|
|
|
}
|
|
|
|
|
|
2004-07-14 09:28:28 +00:00
|
|
|
::rtl::OUString findOIDDescription(char *oid)
|
|
|
|
|
{
|
|
|
|
|
OUString ouOID = OUString::createFromAscii( oid );
|
|
|
|
|
for (int i=0; i<nOID; i++)
|
|
|
|
|
{
|
|
|
|
|
OUString item = OUString::createFromAscii( OIDs[i].oid );
|
|
|
|
|
if (ouOID == item)
|
|
|
|
|
{
|
|
|
|
|
return OUString::createFromAscii( OIDs[i].desc );
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
return OUString() ;
|
|
|
|
|
}
|
|
|
|
|
|
2004-07-15 07:12:10 +00:00
|
|
|
::com::sun::star::uno::Sequence< sal_Int8 > getThumbprint(const CERT_CONTEXT* pCertContext, DWORD dwPropId)
|
|
|
|
|
{
|
|
|
|
|
if( pCertContext != NULL )
|
|
|
|
|
{
|
2004-11-26 13:57:53 +00:00
|
|
|
DWORD cbData = 20;
|
2004-07-15 07:12:10 +00:00
|
|
|
unsigned char fingerprint[20];
|
|
|
|
|
if (CertGetCertificateContextProperty(pCertContext, dwPropId, (void*)fingerprint, &cbData))
|
|
|
|
|
{
|
|
|
|
|
Sequence< sal_Int8 > thumbprint( cbData ) ;
|
|
|
|
|
for( unsigned int i = 0 ; i < cbData ; i ++ )
|
|
|
|
|
{
|
|
|
|
|
thumbprint[i] = fingerprint[i];
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
return thumbprint;
|
|
|
|
|
}
|
2004-11-26 13:57:53 +00:00
|
|
|
else
|
|
|
|
|
{
|
|
|
|
|
DWORD e = GetLastError();
|
|
|
|
|
cbData = e;
|
|
|
|
|
}
|
2004-07-15 07:12:10 +00:00
|
|
|
}
|
|
|
|
|
|
2010-07-15 13:58:09 +02:00
|
|
|
return Sequence< sal_Int8 >();
|
2004-07-15 07:12:10 +00:00
|
|
|
}
|
|
|
|
|
|
2004-07-14 07:12:31 +00:00
|
|
|
::rtl::OUString SAL_CALL X509Certificate_MSCryptImpl::getSubjectPublicKeyAlgorithm()
|
|
|
|
|
throw ( ::com::sun::star::uno::RuntimeException)
|
|
|
|
|
{
|
|
|
|
|
if( m_pCertContext != NULL && m_pCertContext->pCertInfo != NULL )
|
|
|
|
|
{
|
|
|
|
|
CRYPT_ALGORITHM_IDENTIFIER algorithm = m_pCertContext->pCertInfo->SubjectPublicKeyInfo.Algorithm;
|
2004-07-14 09:28:28 +00:00
|
|
|
return findOIDDescription( algorithm.pszObjId ) ;
|
2004-07-14 07:12:31 +00:00
|
|
|
}
|
|
|
|
|
else
|
|
|
|
|
{
|
|
|
|
|
return OUString() ;
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
::com::sun::star::uno::Sequence< sal_Int8 > SAL_CALL X509Certificate_MSCryptImpl::getSubjectPublicKeyValue()
|
|
|
|
|
throw ( ::com::sun::star::uno::RuntimeException)
|
|
|
|
|
{
|
|
|
|
|
if( m_pCertContext != NULL && m_pCertContext->pCertInfo != NULL )
|
|
|
|
|
{
|
|
|
|
|
CRYPT_BIT_BLOB publicKey = m_pCertContext->pCertInfo->SubjectPublicKeyInfo.PublicKey;
|
|
|
|
|
|
|
|
|
|
Sequence< sal_Int8 > key( publicKey.cbData ) ;
|
|
|
|
|
for( unsigned int i = 0 ; i < publicKey.cbData ; i++ )
|
|
|
|
|
{
|
|
|
|
|
key[i] = *(publicKey.pbData + i) ;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
return key;
|
|
|
|
|
}
|
|
|
|
|
else
|
|
|
|
|
{
|
2010-07-15 13:58:09 +02:00
|
|
|
return Sequence< sal_Int8 >();
|
2004-07-14 07:12:31 +00:00
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
::rtl::OUString SAL_CALL X509Certificate_MSCryptImpl::getSignatureAlgorithm()
|
|
|
|
|
throw ( ::com::sun::star::uno::RuntimeException)
|
|
|
|
|
{
|
|
|
|
|
if( m_pCertContext != NULL && m_pCertContext->pCertInfo != NULL )
|
|
|
|
|
{
|
|
|
|
|
CRYPT_ALGORITHM_IDENTIFIER algorithm = m_pCertContext->pCertInfo->SignatureAlgorithm;
|
2004-07-14 09:28:28 +00:00
|
|
|
return findOIDDescription( algorithm.pszObjId ) ;
|
2004-07-14 07:12:31 +00:00
|
|
|
}
|
|
|
|
|
else
|
|
|
|
|
{
|
|
|
|
|
return OUString() ;
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
2004-07-15 07:12:10 +00:00
|
|
|
::com::sun::star::uno::Sequence< sal_Int8 > SAL_CALL X509Certificate_MSCryptImpl::getSHA1Thumbprint()
|
2004-07-14 07:12:31 +00:00
|
|
|
throw ( ::com::sun::star::uno::RuntimeException)
|
|
|
|
|
{
|
2004-07-15 07:12:10 +00:00
|
|
|
return getThumbprint(m_pCertContext, CERT_SHA1_HASH_PROP_ID);
|
2004-07-14 07:12:31 +00:00
|
|
|
}
|
|
|
|
|
|
2004-07-15 07:12:10 +00:00
|
|
|
::com::sun::star::uno::Sequence< sal_Int8 > SAL_CALL X509Certificate_MSCryptImpl::getMD5Thumbprint()
|
2004-07-14 07:12:31 +00:00
|
|
|
throw ( ::com::sun::star::uno::RuntimeException)
|
|
|
|
|
{
|
2004-07-15 07:12:10 +00:00
|
|
|
return getThumbprint(m_pCertContext, CERT_MD5_HASH_PROP_ID);
|
2004-07-14 07:12:31 +00:00
|
|
|
}
|
2005-03-29 12:25:33 +00:00
|
|
|
|
|
|
|
|
sal_Int32 SAL_CALL X509Certificate_MSCryptImpl::getCertificateUsage( )
|
|
|
|
|
throw ( ::com::sun::star::uno::RuntimeException)
|
|
|
|
|
{
|
|
|
|
|
sal_Int32 usage =
|
|
|
|
|
CERT_DATA_ENCIPHERMENT_KEY_USAGE |
|
|
|
|
|
CERT_DIGITAL_SIGNATURE_KEY_USAGE |
|
|
|
|
|
CERT_KEY_AGREEMENT_KEY_USAGE |
|
|
|
|
|
CERT_KEY_CERT_SIGN_KEY_USAGE |
|
|
|
|
|
CERT_KEY_ENCIPHERMENT_KEY_USAGE |
|
|
|
|
|
CERT_NON_REPUDIATION_KEY_USAGE |
|
|
|
|
|
CERT_OFFLINE_CRL_SIGN_KEY_USAGE;
|
|
|
|
|
|
|
|
|
|
if( m_pCertContext != NULL && m_pCertContext->pCertInfo != NULL && m_pCertContext->pCertInfo->cExtension != 0 )
|
|
|
|
|
{
|
|
|
|
|
CERT_EXTENSION* pExtn = CertFindExtension(
|
|
|
|
|
szOID_KEY_USAGE,
|
|
|
|
|
m_pCertContext->pCertInfo->cExtension,
|
|
|
|
|
m_pCertContext->pCertInfo->rgExtension);
|
|
|
|
|
|
|
|
|
|
if (pExtn != NULL)
|
|
|
|
|
{
|
|
|
|
|
CERT_KEY_USAGE_RESTRICTION_INFO keyUsage;
|
|
|
|
|
DWORD length = sizeof(CERT_KEY_USAGE_RESTRICTION_INFO);
|
|
|
|
|
|
|
|
|
|
bool rc = CryptDecodeObject(
|
|
|
|
|
X509_ASN_ENCODING,
|
|
|
|
|
X509_KEY_USAGE,
|
|
|
|
|
pExtn->Value.pbData,
|
|
|
|
|
pExtn->Value.cbData,
|
|
|
|
|
CRYPT_DECODE_NOCOPY_FLAG,
|
|
|
|
|
(void *)&keyUsage,
|
|
|
|
|
&length);
|
|
|
|
|
|
|
|
|
|
if (rc && keyUsage.RestrictedKeyUsage.cbData!=0)
|
|
|
|
|
{
|
|
|
|
|
usage = (sal_Int32)keyUsage.RestrictedKeyUsage.pbData;
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
return usage;
|
|
|
|
|
}
|
|
|
|
|
|
2010-10-12 15:57:08 +02:00
|
|
|
/* vim:set shiftwidth=4 softtabstop=4 expandtab: */
|
