cc5db648bc
* commit 'ooo/DEV300_m101': (185 commits) masterfix DEV300: #i10000# usage of L10N build_type masterfix: #i10000# INT16 -> sal_Int16 fixed compile errors after resync to m100, part2 gridsort: post-rebase fixes CWS gnumake3: found another tools integer type removetooltypes01: Fix build problems after rebase to DEV300m99 in basctl, cui, reportdesign, sw native359: #i114398# changing mac langpack icon native359: #i115669# fixing package description for solaris packages gnumake3: remove comphelper version; fix including extract.hxx locales34: #i106785# add Haitian_Haiti [ht-HT] to language list and locale data; locale data contributed by <jcpoulard> sb138: #i116659# timely termination of OnLogRotateThread accfixes: removed include of obsolete header file accfixes: removed obsolete file removetooltypes01: #i112600# Fix build problems on non-pro accfixes: moved some shared strings to svx part2 accfixes: moved some shared strings to svx accfixes: added more accessibility information and fixed tab orders in multiple dialogs (cui module) removetooltypes01: #i112600# Remove tools types for Mac specific parts fixed tab order in BasicIDE, Library dialog tab page added some accessible names in BasicIDE ... Conflicts: UnoControls/source/base/registercontrols.cxx accessibility/inc/accessibility/standard/vclxaccessiblelistboxlist.hxx automation/inc/automation/communi.hxx automation/inc/automation/simplecm.hxx automation/source/communi/communi.cxx automation/source/inc/rcontrol.hxx automation/source/miniapp/servuid.hxx automation/source/server/XMLParser.cxx automation/source/server/cmdbasestream.cxx automation/source/server/profiler.hxx automation/source/server/recorder.cxx automation/source/server/retstrm.hxx automation/source/server/server.cxx automation/source/server/sta_list.cxx automation/source/server/statemnt.cxx automation/source/server/statemnt.hxx automation/source/simplecm/packethandler.cxx automation/source/simplecm/simplecm.cxx automation/source/simplecm/tcpio.cxx automation/source/simplecm/tcpio.hxx automation/source/testtool/comm_bas.hxx automation/source/testtool/cretstrm.hxx automation/source/testtool/httprequest.cxx automation/source/testtool/httprequest.hxx automation/source/testtool/objtest.cxx automation/source/testtool/objtest.hxx basctl/source/basicide/baside2.cxx basctl/source/basicide/baside2.hxx basctl/source/basicide/baside2b.cxx basctl/source/basicide/baside3.cxx basctl/source/basicide/basides1.cxx basctl/source/basicide/basides2.cxx basctl/source/basicide/basidesh.cxx basctl/source/basicide/basidesh.src basctl/source/basicide/basobj3.cxx basctl/source/basicide/bastype2.cxx basctl/source/basicide/bastype3.cxx basctl/source/basicide/bastypes.cxx basctl/source/basicide/brkdlg.cxx basctl/source/basicide/iderdll.cxx basctl/source/basicide/macrodlg.cxx basctl/source/basicide/moduldl2.cxx basctl/source/basicide/moduldlg.cxx basctl/source/basicide/objdlg.cxx basctl/source/basicide/scriptdocument.cxx basctl/source/basicide/tbxctl.cxx basctl/source/basicide/tbxctl.hxx basctl/source/basicide/tbxctl.src basctl/source/dlged/dlged.cxx basctl/source/dlged/dlgedfunc.cxx basctl/source/dlged/dlgedobj.cxx basctl/source/inc/basidesh.hxx basctl/source/inc/bastypes.hxx basctl/source/inc/dlgedmod.hxx basctl/source/inc/dlgedpage.hxx crashrep/prj/build.lst cui/inc/pch/precompiled_cui.hxx cui/source/customize/acccfg.cxx cui/source/customize/acccfg.hrc cui/source/customize/acccfg.src cui/source/customize/cfg.cxx cui/source/customize/cfgutil.cxx cui/source/customize/macropg.cxx cui/source/customize/macropg.src cui/source/customize/selector.cxx cui/source/dialogs/SpellDialog.cxx cui/source/dialogs/commonlingui.cxx cui/source/dialogs/cuicharmap.cxx cui/source/dialogs/cuifmsearch.cxx cui/source/dialogs/cuigaldlg.cxx cui/source/dialogs/cuigrfflt.cxx cui/source/dialogs/hldocntp.cxx cui/source/dialogs/hldoctp.cxx cui/source/dialogs/hlinettp.cxx cui/source/dialogs/hlmailtp.cxx cui/source/dialogs/hlmarkwn.cxx cui/source/dialogs/hlmarkwn.src cui/source/dialogs/hltpbase.cxx cui/source/dialogs/iconcdlg.cxx cui/source/dialogs/passwdomdlg.cxx cui/source/dialogs/pastedlg.cxx cui/source/dialogs/scriptdlg.cxx cui/source/dialogs/thesdlg.cxx cui/source/dialogs/zoom.cxx cui/source/factory/dlgfact.hxx cui/source/inc/SpellDialog.hxx cui/source/inc/autocdlg.hxx cui/source/inc/backgrnd.hxx cui/source/inc/bbdlg.hxx cui/source/inc/cfg.hxx cui/source/inc/cfgutil.hxx cui/source/inc/cuigaldlg.hxx cui/source/inc/cuigrfflt.hxx cui/source/inc/cuitabarea.hxx cui/source/inc/cuitabline.hxx cui/source/inc/hldocntp.hxx cui/source/inc/hltpbase.hxx cui/source/inc/iconcdlg.hxx cui/source/inc/numpages.hxx cui/source/inc/page.hxx cui/source/inc/postdlg.hxx cui/source/inc/scriptdlg.hxx cui/source/inc/transfrm.hxx cui/source/inc/zoom.hxx cui/source/options/cfgchart.cxx cui/source/options/cuisrchdlg.cxx cui/source/options/dbregister.cxx cui/source/options/dbregister.src cui/source/options/fontsubs.cxx cui/source/options/internationaloptions.cxx cui/source/options/optasian.cxx cui/source/options/optchart.cxx cui/source/options/optcolor.cxx cui/source/options/optcolor.src cui/source/options/optfltr.cxx cui/source/options/optfltr.src cui/source/options/optgdlg.cxx cui/source/options/optgdlg.src cui/source/options/optgenrl.cxx cui/source/options/opthtml.cxx cui/source/options/optimprove.cxx cui/source/options/optinet2.cxx cui/source/options/optinet2.hxx cui/source/options/optjava.cxx cui/source/options/optlingu.cxx cui/source/options/optsave.cxx cui/source/options/optsave.hxx cui/source/options/treeopt.cxx cui/source/options/webconninfo.cxx cui/source/tabpages/autocdlg.cxx cui/source/tabpages/backgrnd.cxx cui/source/tabpages/border.cxx cui/source/tabpages/chardlg.cxx cui/source/tabpages/dstribut.cxx cui/source/tabpages/grfpage.cxx cui/source/tabpages/macroass.cxx cui/source/tabpages/measure.cxx cui/source/tabpages/numfmt.cxx cui/source/tabpages/numpages.cxx cui/source/tabpages/page.cxx cui/source/tabpages/paragrph.cxx cui/source/tabpages/swpossizetabpage.cxx cui/source/tabpages/tabarea.src cui/source/tabpages/textanim.cxx cui/source/tabpages/textattr.cxx cui/source/tabpages/tparea.cxx cui/source/tabpages/tpbitmap.cxx cui/source/tabpages/tpcolor.cxx cui/source/tabpages/tpgradnt.cxx cui/source/tabpages/tphatch.cxx cui/source/tabpages/tpline.cxx cui/source/tabpages/tplnedef.cxx cui/source/tabpages/tplneend.cxx cui/source/tabpages/tpshadow.cxx cui/source/tabpages/transfrm.cxx embedserv/source/embed/register.cxx extensions/inc/pch/precompiled_extensions.hxx extensions/inc/propctrlr.hrc extensions/source/abpilot/abpservices.cxx extensions/source/bibliography/bibload.cxx extensions/source/bibliography/datman.cxx extensions/source/bibliography/general.cxx extensions/source/dbpilots/dbpservices.cxx extensions/source/inc/componentmodule.cxx extensions/source/nsplugin/source/so_env.cxx extensions/source/ole/oleobjw.cxx extensions/source/ole/oleobjw.hxx extensions/source/oooimprovement/invite_job.cxx extensions/source/oooimprovement/onlogrotate_job.cxx extensions/source/plugin/base/service.cxx extensions/source/plugin/inc/plugin/unx/mediator.hxx extensions/source/plugin/inc/plugin/unx/plugcon.hxx extensions/source/plugin/unx/mediator.cxx extensions/source/plugin/unx/nppapi.cxx extensions/source/plugin/unx/plugcon.cxx extensions/source/preload/services.cxx extensions/source/propctrlr/formmetadata.cxx extensions/source/propctrlr/pcrservices.cxx extensions/source/resource/resource.cxx extensions/source/scanner/sane.hxx extensions/source/scanner/sanedlg.cxx extensions/source/scanner/scanunx.cxx extensions/source/scanner/scanwin.cxx extensions/source/scanner/twain.cxx extensions/source/scanner/twain.hxx extensions/source/update/check/updatecheckconfig.cxx extensions/test/stm/datatest.cxx extensions/test/stm/marktest.cxx extensions/test/stm/pipetest.cxx extensions/test/stm/testfactreg.cxx extensions/workben/testpgp.cxx forms/qa/complex/forms/CheckOGroupBoxModel.java forms/qa/makefile.mk forms/source/component/Button.cxx forms/source/component/Button.hxx forms/source/component/ListBox.cxx forms/source/inc/forms_module_impl.hxx forms/source/misc/services.cxx forms/source/solar/control/navtoolbar.cxx javainstaller2/prj/build.lst javainstaller2/src/JavaSetup/org/openoffice/setup/Util/ModuleCtrl.java lingucomponent/prj/build.lst lingucomponent/source/hyphenator/altlinuxhyph/hyphen/hyphenimp.cxx lingucomponent/source/spellcheck/spell/sreg.cxx lingucomponent/source/spellcheck/spell/sspellimp.cxx package/source/manifest/ManifestExport.cxx package/source/manifest/UnoRegister.cxx package/source/xstor/owriteablestream.cxx package/source/xstor/owriteablestream.hxx package/source/xstor/xstorage.hxx package/source/zippackage/ZipPackageFolder.cxx package/source/zippackage/ZipPackageStream.cxx setup_native/source/mac/ooo/DS_Store setup_native/source/win32/customactions/shellextensions/registerextensions.cxx xmlsecurity/prj/build.lst xmlsecurity/source/component/registerservices.cxx xmlsecurity/source/dialogs/stbcontrl.cxx xmlsecurity/source/framework/xsec_framework.cxx xmlsecurity/source/xmlsec/xsec_xmlsec.cxx xmlsecurity/tools/demo/util.hxx xmlsecurity/workben/signaturetest.cxx
653 lines
22 KiB
C++
653 lines
22 KiB
C++
/* -*- Mode: C++; tab-width: 4; indent-tabs-mode: nil; c-basic-offset: 4 -*- */
|
|
/*************************************************************************
|
|
*
|
|
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
|
|
*
|
|
* Copyright 2000, 2010 Oracle and/or its affiliates.
|
|
*
|
|
* OpenOffice.org - a multi-platform office productivity suite
|
|
*
|
|
* This file is part of OpenOffice.org.
|
|
*
|
|
* OpenOffice.org is free software: you can redistribute it and/or modify
|
|
* it under the terms of the GNU Lesser General Public License version 3
|
|
* only, as published by the Free Software Foundation.
|
|
*
|
|
* OpenOffice.org is distributed in the hope that it will be useful,
|
|
* but WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
|
* GNU Lesser General Public License version 3 for more details
|
|
* (a copy is included in the LICENSE file that accompanied this code).
|
|
*
|
|
* You should have received a copy of the GNU Lesser General Public License
|
|
* version 3 along with OpenOffice.org. If not, see
|
|
* <http://www.openoffice.org/license.html>
|
|
* for a copy of the LGPLv3 License.
|
|
*
|
|
************************************************************************/
|
|
|
|
// MARKER(update_precomp.py): autogen include statement, do not remove
|
|
#include "precompiled_xmlsecurity.hxx"
|
|
#include <sal/config.h>
|
|
#include <rtl/uuid.h>
|
|
#include "x509certificate_mscryptimpl.hxx"
|
|
#include "certificateextension_xmlsecimpl.hxx"
|
|
|
|
#include "oid.hxx"
|
|
|
|
#include <rtl/locale.h>
|
|
#include <osl/nlsupport.h>
|
|
#include <osl/process.h>
|
|
#include <utility>
|
|
|
|
using namespace ::com::sun::star::uno ;
|
|
using namespace ::com::sun::star::security ;
|
|
using ::rtl::OUString ;
|
|
|
|
using ::com::sun::star::security::XCertificate ;
|
|
using ::com::sun::star::util::DateTime ;
|
|
|
|
#define OUSTR(x) ::rtl::OUString( RTL_CONSTASCII_USTRINGPARAM(x) )
|
|
|
|
/*Resturns the index withing rRawString where sTypeName starts and where it ends.
|
|
The starting index is pair.first. The ending index in pair.second points
|
|
one char after the last character of the type.
|
|
sTypeName can be
|
|
"S" or "CN" (without ""). Do not use spaces at the beginning of the type name.
|
|
If the type name is not found then pair.first and pair.second are -1.
|
|
*/
|
|
std::pair< sal_Int32, sal_Int32 >
|
|
findTypeInDN(const OUString& rRawString, const OUString& sTypeName)
|
|
{
|
|
std::pair< sal_Int32, sal_Int32 > retVal;
|
|
bool bInEscape = false;
|
|
bool bInValue = false;
|
|
bool bFound = false;
|
|
sal_Int32 nTypeNameStart = 0;
|
|
sal_Int32 length = rRawString.getLength();
|
|
|
|
for (sal_Int32 i = 0; i < length; i++)
|
|
{
|
|
sal_Unicode c = rRawString[i];
|
|
|
|
if (c == '=')
|
|
{
|
|
if (! bInValue)
|
|
{
|
|
OUString sType = rRawString.copy(nTypeNameStart, i - nTypeNameStart);
|
|
sType = sType.trim();
|
|
if (sType.equalsIgnoreAsciiCase(sTypeName))
|
|
{
|
|
bFound = true;
|
|
break;
|
|
}
|
|
}
|
|
}
|
|
else if (c == '"')
|
|
{
|
|
if (!bInEscape)
|
|
{
|
|
//If this is the quote is the first of the couple which enclose the
|
|
//whole value, because the value contains special characters
|
|
//then we just drop it. That is, this character must be followed by
|
|
//a character which is not '"'.
|
|
if ( i + 1 < length && rRawString[i+1] == '"')
|
|
bInEscape = true;
|
|
else
|
|
bInValue = !bInValue; //value is enclosed in " "
|
|
}
|
|
else
|
|
{
|
|
//This quote is escaped by a preceding quote and therefore is
|
|
//part of the value
|
|
bInEscape = false;
|
|
}
|
|
}
|
|
else if (c == ',' || c == '+')
|
|
{
|
|
//The comma separate the attribute value pairs.
|
|
//If the comma is not part of a value (the value would then be enclosed in '"'),
|
|
//then we have reached the end of the value
|
|
if (!bInValue)
|
|
{
|
|
//The next char is the start of the new type
|
|
nTypeNameStart = i + 1;
|
|
}
|
|
}
|
|
}
|
|
|
|
//Found the Type Name, but there can still be spaces after the last comma
|
|
//and the beginning of the type.
|
|
if (bFound)
|
|
{
|
|
while (true)
|
|
{
|
|
sal_Unicode c = rRawString[nTypeNameStart];
|
|
if (c != ' ' && c != '\t')
|
|
//found
|
|
break;
|
|
nTypeNameStart ++;
|
|
}
|
|
// search end (one after last letter)
|
|
sal_Int32 nTypeNameEnd = nTypeNameStart;
|
|
nTypeNameEnd++;
|
|
while (true)
|
|
{
|
|
sal_Unicode c = rRawString[nTypeNameEnd];
|
|
if (c == ' ' || c == '\t' || c == '=')
|
|
break;
|
|
nTypeNameEnd++;
|
|
}
|
|
retVal = std::make_pair(nTypeNameStart, nTypeNameEnd);
|
|
}
|
|
else
|
|
{
|
|
retVal = std::make_pair(-1, -1);
|
|
}
|
|
return retVal;
|
|
}
|
|
|
|
|
|
/*
|
|
MS Crypto uses the 'S' tag (equal to the 'ST' tag in NSS), but the NSS can't recognise
|
|
it, so the 'S' tag should be changed to 'ST' tag. However I am not sure if this is necessary
|
|
anymore, because we provide always the signers certificate when signing. So libmlsec can find
|
|
the private key based on the provided certificate (X509Certificate element) and does not need
|
|
the issuer name (X509IssuerName element). The issuer name in the xml signature has also no
|
|
effect for the signature nor the certificate validation.
|
|
In many RFCs, for example 4519, on speaks of 'ST'. However, the certificate does not contain
|
|
strings for type names. Instead it uses OIDs.
|
|
*/
|
|
|
|
OUString replaceTagSWithTagST(OUString oldDN)
|
|
{
|
|
std::pair<sal_Int32, sal_Int32 > pairIndex = findTypeInDN(oldDN, OUSTR("S"));
|
|
|
|
if (pairIndex.first != -1)
|
|
{
|
|
OUString newDN = oldDN.copy(0, pairIndex.first);
|
|
newDN += OUSTR("ST");
|
|
newDN += oldDN.copy(pairIndex.second);
|
|
return newDN;
|
|
}
|
|
return oldDN;
|
|
}
|
|
/* end */
|
|
|
|
X509Certificate_MSCryptImpl :: X509Certificate_MSCryptImpl() :
|
|
m_pCertContext( NULL )
|
|
{
|
|
}
|
|
|
|
X509Certificate_MSCryptImpl :: ~X509Certificate_MSCryptImpl() {
|
|
if( m_pCertContext != NULL ) {
|
|
CertFreeCertificateContext( m_pCertContext ) ;
|
|
}
|
|
}
|
|
|
|
//Methods from XCertificate
|
|
sal_Int16 SAL_CALL X509Certificate_MSCryptImpl :: getVersion() throw ( ::com::sun::star::uno::RuntimeException) {
|
|
if( m_pCertContext != NULL && m_pCertContext->pCertInfo != NULL ) {
|
|
return ( char )m_pCertContext->pCertInfo->dwVersion ;
|
|
} else {
|
|
return -1 ;
|
|
}
|
|
}
|
|
|
|
::com::sun::star::uno::Sequence< sal_Int8 > SAL_CALL X509Certificate_MSCryptImpl :: getSerialNumber() throw ( ::com::sun::star::uno::RuntimeException) {
|
|
if( m_pCertContext != NULL && m_pCertContext->pCertInfo != NULL ) {
|
|
Sequence< sal_Int8 > serial( m_pCertContext->pCertInfo->SerialNumber.cbData ) ;
|
|
for( unsigned int i = 0 ; i < m_pCertContext->pCertInfo->SerialNumber.cbData ; i ++ )
|
|
serial[i] = *( m_pCertContext->pCertInfo->SerialNumber.pbData + m_pCertContext->pCertInfo->SerialNumber.cbData - i - 1 ) ;
|
|
|
|
return serial ;
|
|
} else {
|
|
return Sequence< sal_Int8 >();
|
|
}
|
|
}
|
|
|
|
::rtl::OUString SAL_CALL X509Certificate_MSCryptImpl :: getIssuerName() throw ( ::com::sun::star::uno::RuntimeException) {
|
|
if( m_pCertContext != NULL && m_pCertContext->pCertInfo != NULL ) {
|
|
char* issuer ;
|
|
DWORD cbIssuer ;
|
|
|
|
cbIssuer = CertNameToStr(
|
|
X509_ASN_ENCODING | PKCS_7_ASN_ENCODING ,
|
|
&( m_pCertContext->pCertInfo->Issuer ),
|
|
CERT_X500_NAME_STR | CERT_NAME_STR_REVERSE_FLAG ,
|
|
NULL, 0
|
|
) ;
|
|
|
|
// Here the cbIssuer count the last 0x00 , take care.
|
|
if( cbIssuer != 0 ) {
|
|
issuer = new char[ cbIssuer ] ;
|
|
if( issuer == NULL )
|
|
throw RuntimeException() ;
|
|
|
|
cbIssuer = CertNameToStr(
|
|
X509_ASN_ENCODING | PKCS_7_ASN_ENCODING ,
|
|
&( m_pCertContext->pCertInfo->Issuer ),
|
|
CERT_X500_NAME_STR | CERT_NAME_STR_REVERSE_FLAG ,
|
|
issuer, cbIssuer
|
|
) ;
|
|
|
|
if( cbIssuer <= 0 ) {
|
|
delete [] issuer ;
|
|
throw RuntimeException() ;
|
|
}
|
|
|
|
// for correct encoding
|
|
sal_uInt16 encoding ;
|
|
rtl_Locale *pLocale = NULL ;
|
|
osl_getProcessLocale( &pLocale ) ;
|
|
encoding = osl_getTextEncodingFromLocale( pLocale ) ;
|
|
|
|
if(issuer[cbIssuer-1] == 0) cbIssuer--; //delimit the last 0x00;
|
|
OUString xIssuer(issuer , cbIssuer ,encoding ) ;
|
|
delete [] issuer ;
|
|
|
|
return replaceTagSWithTagST(xIssuer);
|
|
} else {
|
|
return OUString() ;
|
|
}
|
|
} else {
|
|
return OUString() ;
|
|
}
|
|
}
|
|
|
|
::rtl::OUString SAL_CALL X509Certificate_MSCryptImpl :: getSubjectName() throw ( ::com::sun::star::uno::RuntimeException)
|
|
{
|
|
if( m_pCertContext != NULL && m_pCertContext->pCertInfo != NULL )
|
|
{
|
|
wchar_t* subject ;
|
|
DWORD cbSubject ;
|
|
|
|
cbSubject = CertNameToStrW(
|
|
X509_ASN_ENCODING | PKCS_7_ASN_ENCODING ,
|
|
&( m_pCertContext->pCertInfo->Subject ),
|
|
CERT_X500_NAME_STR | CERT_NAME_STR_REVERSE_FLAG ,
|
|
NULL, 0
|
|
) ;
|
|
|
|
if( cbSubject != 0 )
|
|
{
|
|
subject = new wchar_t[ cbSubject ] ;
|
|
if( subject == NULL )
|
|
throw RuntimeException() ;
|
|
|
|
cbSubject = CertNameToStrW(
|
|
X509_ASN_ENCODING | PKCS_7_ASN_ENCODING ,
|
|
&( m_pCertContext->pCertInfo->Subject ),
|
|
CERT_X500_NAME_STR | CERT_NAME_STR_REVERSE_FLAG ,
|
|
subject, cbSubject
|
|
) ;
|
|
|
|
if( cbSubject <= 0 ) {
|
|
delete [] subject ;
|
|
throw RuntimeException() ;
|
|
}
|
|
|
|
OUString xSubject(reinterpret_cast<const sal_Unicode*>(subject));
|
|
delete [] subject ;
|
|
|
|
return replaceTagSWithTagST(xSubject);
|
|
} else
|
|
{
|
|
return OUString() ;
|
|
}
|
|
}
|
|
else
|
|
{
|
|
return OUString() ;
|
|
}
|
|
}
|
|
|
|
::com::sun::star::util::DateTime SAL_CALL X509Certificate_MSCryptImpl :: getNotValidBefore() throw ( ::com::sun::star::uno::RuntimeException ) {
|
|
if( m_pCertContext != NULL && m_pCertContext->pCertInfo != NULL ) {
|
|
SYSTEMTIME explTime ;
|
|
DateTime dateTime ;
|
|
FILETIME localFileTime;
|
|
|
|
if (FileTimeToLocalFileTime(&( m_pCertContext->pCertInfo->NotBefore ), &localFileTime))
|
|
{
|
|
if( FileTimeToSystemTime( &localFileTime, &explTime ) ) {
|
|
//Convert the time to readable local time
|
|
dateTime.HundredthSeconds = explTime.wMilliseconds / 100 ;
|
|
dateTime.Seconds = explTime.wSecond ;
|
|
dateTime.Minutes = explTime.wMinute ;
|
|
dateTime.Hours = explTime.wHour ;
|
|
dateTime.Day = explTime.wDay ;
|
|
dateTime.Month = explTime.wMonth ;
|
|
dateTime.Year = explTime.wYear ;
|
|
}
|
|
}
|
|
|
|
return dateTime ;
|
|
} else {
|
|
return DateTime() ;
|
|
}
|
|
}
|
|
|
|
::com::sun::star::util::DateTime SAL_CALL X509Certificate_MSCryptImpl :: getNotValidAfter() throw ( ::com::sun::star::uno::RuntimeException) {
|
|
if( m_pCertContext != NULL && m_pCertContext->pCertInfo != NULL ) {
|
|
SYSTEMTIME explTime ;
|
|
DateTime dateTime ;
|
|
FILETIME localFileTime;
|
|
|
|
if (FileTimeToLocalFileTime(&( m_pCertContext->pCertInfo->NotAfter ), &localFileTime))
|
|
{
|
|
if( FileTimeToSystemTime( &localFileTime, &explTime ) ) {
|
|
//Convert the time to readable local time
|
|
dateTime.HundredthSeconds = explTime.wMilliseconds / 100 ;
|
|
dateTime.Seconds = explTime.wSecond ;
|
|
dateTime.Minutes = explTime.wMinute ;
|
|
dateTime.Hours = explTime.wHour ;
|
|
dateTime.Day = explTime.wDay ;
|
|
dateTime.Month = explTime.wMonth ;
|
|
dateTime.Year = explTime.wYear ;
|
|
}
|
|
}
|
|
|
|
return dateTime ;
|
|
} else {
|
|
return DateTime() ;
|
|
}
|
|
}
|
|
|
|
::com::sun::star::uno::Sequence< sal_Int8 > SAL_CALL X509Certificate_MSCryptImpl :: getIssuerUniqueID() throw ( ::com::sun::star::uno::RuntimeException) {
|
|
if( m_pCertContext != NULL && m_pCertContext->pCertInfo != NULL ) {
|
|
Sequence< sal_Int8 > issuerUid( m_pCertContext->pCertInfo->IssuerUniqueId.cbData ) ;
|
|
for( unsigned int i = 0 ; i < m_pCertContext->pCertInfo->IssuerUniqueId.cbData; i ++ )
|
|
issuerUid[i] = *( m_pCertContext->pCertInfo->IssuerUniqueId.pbData + i ) ;
|
|
|
|
return issuerUid ;
|
|
} else {
|
|
return Sequence< sal_Int8 >();
|
|
}
|
|
}
|
|
|
|
::com::sun::star::uno::Sequence< sal_Int8 > SAL_CALL X509Certificate_MSCryptImpl :: getSubjectUniqueID() throw ( ::com::sun::star::uno::RuntimeException ) {
|
|
if( m_pCertContext != NULL && m_pCertContext->pCertInfo != NULL ) {
|
|
Sequence< sal_Int8 > subjectUid( m_pCertContext->pCertInfo->SubjectUniqueId.cbData ) ;
|
|
for( unsigned int i = 0 ; i < m_pCertContext->pCertInfo->SubjectUniqueId.cbData; i ++ )
|
|
subjectUid[i] = *( m_pCertContext->pCertInfo->SubjectUniqueId.pbData + i ) ;
|
|
|
|
return subjectUid ;
|
|
} else {
|
|
return Sequence< sal_Int8 >();
|
|
}
|
|
}
|
|
|
|
::com::sun::star::uno::Sequence< ::com::sun::star::uno::Reference< ::com::sun::star::security::XCertificateExtension > > SAL_CALL X509Certificate_MSCryptImpl :: getExtensions() throw ( ::com::sun::star::uno::RuntimeException ) {
|
|
if( m_pCertContext != NULL && m_pCertContext->pCertInfo != NULL && m_pCertContext->pCertInfo->cExtension != 0 ) {
|
|
CertificateExtension_XmlSecImpl* xExtn ;
|
|
CERT_EXTENSION* pExtn ;
|
|
Sequence< Reference< XCertificateExtension > > xExtns( m_pCertContext->pCertInfo->cExtension ) ;
|
|
|
|
for( unsigned int i = 0; i < m_pCertContext->pCertInfo->cExtension; i++ ) {
|
|
pExtn = &(m_pCertContext->pCertInfo->rgExtension[i]) ;
|
|
|
|
xExtn = new CertificateExtension_XmlSecImpl() ;
|
|
if( xExtn == NULL )
|
|
throw RuntimeException() ;
|
|
|
|
xExtn->setCertExtn( pExtn->Value.pbData, pExtn->Value.cbData, ( unsigned char* )pExtn->pszObjId, strlen( pExtn->pszObjId ), sal::static_int_cast<sal_Bool>(pExtn->fCritical) ) ;
|
|
|
|
xExtns[i] = xExtn ;
|
|
}
|
|
|
|
return xExtns ;
|
|
} else {
|
|
return Sequence< Reference< XCertificateExtension > >();
|
|
}
|
|
}
|
|
|
|
::com::sun::star::uno::Reference< ::com::sun::star::security::XCertificateExtension > SAL_CALL X509Certificate_MSCryptImpl :: findCertificateExtension( const ::com::sun::star::uno::Sequence< sal_Int8 >& /*oid*/ ) throw (::com::sun::star::uno::RuntimeException) {
|
|
if( m_pCertContext != NULL && m_pCertContext->pCertInfo != NULL && m_pCertContext->pCertInfo->cExtension != 0 ) {
|
|
CertificateExtension_XmlSecImpl* xExtn ;
|
|
CERT_EXTENSION* pExtn ;
|
|
Sequence< Reference< XCertificateExtension > > xExtns( m_pCertContext->pCertInfo->cExtension ) ;
|
|
|
|
xExtn = NULL ;
|
|
for( unsigned int i = 0; i < m_pCertContext->pCertInfo->cExtension; i++ ) {
|
|
pExtn = &( m_pCertContext->pCertInfo->rgExtension[i] ) ;
|
|
|
|
//TODO: Compare the oid
|
|
if( 0 ) {
|
|
xExtn = new CertificateExtension_XmlSecImpl() ;
|
|
if( xExtn == NULL )
|
|
throw RuntimeException() ;
|
|
|
|
xExtn->setCertExtn( pExtn->Value.pbData, pExtn->Value.cbData, ( unsigned char* )pExtn->pszObjId, strlen( pExtn->pszObjId ), sal::static_int_cast<sal_Bool>(pExtn->fCritical) ) ;
|
|
}
|
|
}
|
|
|
|
return xExtn ;
|
|
} else {
|
|
return NULL ;
|
|
}
|
|
}
|
|
|
|
|
|
::com::sun::star::uno::Sequence< sal_Int8 > SAL_CALL X509Certificate_MSCryptImpl :: getEncoded() throw ( ::com::sun::star::uno::RuntimeException) {
|
|
if( m_pCertContext != NULL && m_pCertContext->cbCertEncoded > 0 ) {
|
|
Sequence< sal_Int8 > rawCert( m_pCertContext->cbCertEncoded ) ;
|
|
|
|
for( unsigned int i = 0 ; i < m_pCertContext->cbCertEncoded ; i ++ )
|
|
rawCert[i] = *( m_pCertContext->pbCertEncoded + i ) ;
|
|
|
|
return rawCert ;
|
|
} else {
|
|
return Sequence< sal_Int8 >();
|
|
}
|
|
}
|
|
|
|
//Helper methods
|
|
void X509Certificate_MSCryptImpl :: setMswcryCert( const CERT_CONTEXT* cert ) {
|
|
if( m_pCertContext != NULL ) {
|
|
CertFreeCertificateContext( m_pCertContext ) ;
|
|
m_pCertContext = NULL ;
|
|
}
|
|
|
|
if( cert != NULL ) {
|
|
m_pCertContext = CertDuplicateCertificateContext( cert ) ;
|
|
}
|
|
}
|
|
|
|
const CERT_CONTEXT* X509Certificate_MSCryptImpl :: getMswcryCert() const {
|
|
if( m_pCertContext != NULL ) {
|
|
return m_pCertContext ;
|
|
} else {
|
|
return NULL ;
|
|
}
|
|
}
|
|
|
|
void X509Certificate_MSCryptImpl :: setRawCert( Sequence< sal_Int8 > rawCert ) throw ( ::com::sun::star::uno::RuntimeException) {
|
|
if( m_pCertContext != NULL ) {
|
|
CertFreeCertificateContext( m_pCertContext ) ;
|
|
m_pCertContext = NULL ;
|
|
}
|
|
|
|
if( rawCert.getLength() != 0 ) {
|
|
m_pCertContext = CertCreateCertificateContext( X509_ASN_ENCODING, ( const sal_uInt8* )&rawCert[0], rawCert.getLength() ) ;
|
|
}
|
|
}
|
|
|
|
/* XUnoTunnel */
|
|
sal_Int64 SAL_CALL X509Certificate_MSCryptImpl :: getSomething( const Sequence< sal_Int8 >& aIdentifier ) throw( RuntimeException ) {
|
|
if( aIdentifier.getLength() == 16 && 0 == rtl_compareMemory( getUnoTunnelId().getConstArray(), aIdentifier.getConstArray(), 16 ) ) {
|
|
return ( sal_Int64 )this ;
|
|
}
|
|
return 0 ;
|
|
}
|
|
|
|
/* XUnoTunnel extension */
|
|
const Sequence< sal_Int8>& X509Certificate_MSCryptImpl :: getUnoTunnelId() {
|
|
static Sequence< sal_Int8 >* pSeq = 0 ;
|
|
if( !pSeq ) {
|
|
::osl::Guard< ::osl::Mutex > aGuard( ::osl::Mutex::getGlobalMutex() ) ;
|
|
if( !pSeq ) {
|
|
static Sequence< sal_Int8> aSeq( 16 ) ;
|
|
rtl_createUuid( ( sal_uInt8* )aSeq.getArray() , 0 , sal_True ) ;
|
|
pSeq = &aSeq ;
|
|
}
|
|
}
|
|
return *pSeq ;
|
|
}
|
|
|
|
/* XUnoTunnel extension */
|
|
X509Certificate_MSCryptImpl* X509Certificate_MSCryptImpl :: getImplementation( const Reference< XInterface > xObj ) {
|
|
Reference< XUnoTunnel > xUT( xObj , UNO_QUERY ) ;
|
|
if( xUT.is() ) {
|
|
return ( X509Certificate_MSCryptImpl* )xUT->getSomething( getUnoTunnelId() ) ;
|
|
} else
|
|
return NULL ;
|
|
}
|
|
|
|
::rtl::OUString findOIDDescription(char *oid)
|
|
{
|
|
OUString ouOID = OUString::createFromAscii( oid );
|
|
for (int i=0; i<nOID; i++)
|
|
{
|
|
OUString item = OUString::createFromAscii( OIDs[i].oid );
|
|
if (ouOID == item)
|
|
{
|
|
return OUString::createFromAscii( OIDs[i].desc );
|
|
}
|
|
}
|
|
|
|
return OUString() ;
|
|
}
|
|
|
|
::com::sun::star::uno::Sequence< sal_Int8 > getThumbprint(const CERT_CONTEXT* pCertContext, DWORD dwPropId)
|
|
{
|
|
if( pCertContext != NULL )
|
|
{
|
|
DWORD cbData = 20;
|
|
unsigned char fingerprint[20];
|
|
if (CertGetCertificateContextProperty(pCertContext, dwPropId, (void*)fingerprint, &cbData))
|
|
{
|
|
Sequence< sal_Int8 > thumbprint( cbData ) ;
|
|
for( unsigned int i = 0 ; i < cbData ; i ++ )
|
|
{
|
|
thumbprint[i] = fingerprint[i];
|
|
}
|
|
|
|
return thumbprint;
|
|
}
|
|
else
|
|
{
|
|
DWORD e = GetLastError();
|
|
cbData = e;
|
|
}
|
|
}
|
|
|
|
return Sequence< sal_Int8 >();
|
|
}
|
|
|
|
::rtl::OUString SAL_CALL X509Certificate_MSCryptImpl::getSubjectPublicKeyAlgorithm()
|
|
throw ( ::com::sun::star::uno::RuntimeException)
|
|
{
|
|
if( m_pCertContext != NULL && m_pCertContext->pCertInfo != NULL )
|
|
{
|
|
CRYPT_ALGORITHM_IDENTIFIER algorithm = m_pCertContext->pCertInfo->SubjectPublicKeyInfo.Algorithm;
|
|
return findOIDDescription( algorithm.pszObjId ) ;
|
|
}
|
|
else
|
|
{
|
|
return OUString() ;
|
|
}
|
|
}
|
|
|
|
::com::sun::star::uno::Sequence< sal_Int8 > SAL_CALL X509Certificate_MSCryptImpl::getSubjectPublicKeyValue()
|
|
throw ( ::com::sun::star::uno::RuntimeException)
|
|
{
|
|
if( m_pCertContext != NULL && m_pCertContext->pCertInfo != NULL )
|
|
{
|
|
CRYPT_BIT_BLOB publicKey = m_pCertContext->pCertInfo->SubjectPublicKeyInfo.PublicKey;
|
|
|
|
Sequence< sal_Int8 > key( publicKey.cbData ) ;
|
|
for( unsigned int i = 0 ; i < publicKey.cbData ; i++ )
|
|
{
|
|
key[i] = *(publicKey.pbData + i) ;
|
|
}
|
|
|
|
return key;
|
|
}
|
|
else
|
|
{
|
|
return Sequence< sal_Int8 >();
|
|
}
|
|
}
|
|
|
|
::rtl::OUString SAL_CALL X509Certificate_MSCryptImpl::getSignatureAlgorithm()
|
|
throw ( ::com::sun::star::uno::RuntimeException)
|
|
{
|
|
if( m_pCertContext != NULL && m_pCertContext->pCertInfo != NULL )
|
|
{
|
|
CRYPT_ALGORITHM_IDENTIFIER algorithm = m_pCertContext->pCertInfo->SignatureAlgorithm;
|
|
return findOIDDescription( algorithm.pszObjId ) ;
|
|
}
|
|
else
|
|
{
|
|
return OUString() ;
|
|
}
|
|
}
|
|
|
|
::com::sun::star::uno::Sequence< sal_Int8 > SAL_CALL X509Certificate_MSCryptImpl::getSHA1Thumbprint()
|
|
throw ( ::com::sun::star::uno::RuntimeException)
|
|
{
|
|
return getThumbprint(m_pCertContext, CERT_SHA1_HASH_PROP_ID);
|
|
}
|
|
|
|
::com::sun::star::uno::Sequence< sal_Int8 > SAL_CALL X509Certificate_MSCryptImpl::getMD5Thumbprint()
|
|
throw ( ::com::sun::star::uno::RuntimeException)
|
|
{
|
|
return getThumbprint(m_pCertContext, CERT_MD5_HASH_PROP_ID);
|
|
}
|
|
|
|
sal_Int32 SAL_CALL X509Certificate_MSCryptImpl::getCertificateUsage( )
|
|
throw ( ::com::sun::star::uno::RuntimeException)
|
|
{
|
|
sal_Int32 usage =
|
|
CERT_DATA_ENCIPHERMENT_KEY_USAGE |
|
|
CERT_DIGITAL_SIGNATURE_KEY_USAGE |
|
|
CERT_KEY_AGREEMENT_KEY_USAGE |
|
|
CERT_KEY_CERT_SIGN_KEY_USAGE |
|
|
CERT_KEY_ENCIPHERMENT_KEY_USAGE |
|
|
CERT_NON_REPUDIATION_KEY_USAGE |
|
|
CERT_OFFLINE_CRL_SIGN_KEY_USAGE;
|
|
|
|
if( m_pCertContext != NULL && m_pCertContext->pCertInfo != NULL && m_pCertContext->pCertInfo->cExtension != 0 )
|
|
{
|
|
CERT_EXTENSION* pExtn = CertFindExtension(
|
|
szOID_KEY_USAGE,
|
|
m_pCertContext->pCertInfo->cExtension,
|
|
m_pCertContext->pCertInfo->rgExtension);
|
|
|
|
if (pExtn != NULL)
|
|
{
|
|
CERT_KEY_USAGE_RESTRICTION_INFO keyUsage;
|
|
DWORD length = sizeof(CERT_KEY_USAGE_RESTRICTION_INFO);
|
|
|
|
bool rc = CryptDecodeObject(
|
|
X509_ASN_ENCODING,
|
|
X509_KEY_USAGE,
|
|
pExtn->Value.pbData,
|
|
pExtn->Value.cbData,
|
|
CRYPT_DECODE_NOCOPY_FLAG,
|
|
(void *)&keyUsage,
|
|
&length);
|
|
|
|
if (rc && keyUsage.RestrictedKeyUsage.cbData!=0)
|
|
{
|
|
usage = (sal_Int32)keyUsage.RestrictedKeyUsage.pbData;
|
|
}
|
|
}
|
|
}
|
|
|
|
return usage;
|
|
}
|
|
|
|
/* vim:set shiftwidth=4 softtabstop=4 expandtab: */
|