1*06b3ce53SAndrew Rist /**************************************************************
2cdf0e10cSrcweir *
3*06b3ce53SAndrew Rist * Licensed to the Apache Software Foundation (ASF) under one
4*06b3ce53SAndrew Rist * or more contributor license agreements. See the NOTICE file
5*06b3ce53SAndrew Rist * distributed with this work for additional information
6*06b3ce53SAndrew Rist * regarding copyright ownership. The ASF licenses this file
7*06b3ce53SAndrew Rist * to you under the Apache License, Version 2.0 (the
8*06b3ce53SAndrew Rist * "License"); you may not use this file except in compliance
9*06b3ce53SAndrew Rist * with the License. You may obtain a copy of the License at
10*06b3ce53SAndrew Rist *
11*06b3ce53SAndrew Rist * http://www.apache.org/licenses/LICENSE-2.0
12*06b3ce53SAndrew Rist *
13*06b3ce53SAndrew Rist * Unless required by applicable law or agreed to in writing,
14*06b3ce53SAndrew Rist * software distributed under the License is distributed on an
15*06b3ce53SAndrew Rist * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
16*06b3ce53SAndrew Rist * KIND, either express or implied. See the License for the
17*06b3ce53SAndrew Rist * specific language governing permissions and limitations
18*06b3ce53SAndrew Rist * under the License.
19*06b3ce53SAndrew Rist *
20*06b3ce53SAndrew Rist *************************************************************/
21*06b3ce53SAndrew Rist
22*06b3ce53SAndrew Rist
23cdf0e10cSrcweir
24cdf0e10cSrcweir // MARKER(update_precomp.py): autogen include statement, do not remove
25cdf0e10cSrcweir #include "precompiled_xmlsecurity.hxx"
26cdf0e10cSrcweir
27cdf0e10cSrcweir
28e00f6fb2SPedro Giffuni #ifndef __nssrenam_h_
29e00f6fb2SPedro Giffuni #define CERT_DecodeDERCertificate __CERT_DecodeDERCertificate
30e00f6fb2SPedro Giffuni #endif /* __nssrenam_h_ */
31cdf0e10cSrcweir
32cdf0e10cSrcweir #include "nspr.h"
33cdf0e10cSrcweir #include "nss.h"
34cdf0e10cSrcweir #include "secder.h"
35cdf0e10cSrcweir
36cdf0e10cSrcweir //MM : added by MM
37cdf0e10cSrcweir #include "hasht.h"
38cdf0e10cSrcweir #include "secoid.h"
39cdf0e10cSrcweir #include "pk11func.h"
40cdf0e10cSrcweir //MM : end
41cdf0e10cSrcweir
42cdf0e10cSrcweir
43cdf0e10cSrcweir
44cdf0e10cSrcweir #include <sal/config.h>
45cdf0e10cSrcweir #include <rtl/uuid.h>
46cdf0e10cSrcweir #include "x509certificate_nssimpl.hxx"
47cdf0e10cSrcweir
48cdf0e10cSrcweir #ifndef _CERTIFICATEEXTENSION_NSSIMPL_HXX_
49cdf0e10cSrcweir #include "certificateextension_xmlsecimpl.hxx"
50cdf0e10cSrcweir #endif
51cdf0e10cSrcweir
52cdf0e10cSrcweir #ifndef _SANEXTENSION_NSSIMPL_HXX_
53cdf0e10cSrcweir #include "sanextension_nssimpl.hxx"
54cdf0e10cSrcweir #endif
55cdf0e10cSrcweir
56cdf0e10cSrcweir using namespace ::com::sun::star::uno ;
57cdf0e10cSrcweir using namespace ::com::sun::star::security ;
58cdf0e10cSrcweir using ::rtl::OUString ;
59cdf0e10cSrcweir
60cdf0e10cSrcweir using ::com::sun::star::security::XCertificate ;
61cdf0e10cSrcweir using ::com::sun::star::util::DateTime ;
62cdf0e10cSrcweir
X509Certificate_NssImpl()63cdf0e10cSrcweir X509Certificate_NssImpl :: X509Certificate_NssImpl() :
64cdf0e10cSrcweir m_pCert( NULL )
65cdf0e10cSrcweir {
66cdf0e10cSrcweir }
67cdf0e10cSrcweir
~X509Certificate_NssImpl()68cdf0e10cSrcweir X509Certificate_NssImpl :: ~X509Certificate_NssImpl() {
69cdf0e10cSrcweir if( m_pCert != NULL ) {
70cdf0e10cSrcweir CERT_DestroyCertificate( m_pCert ) ;
71cdf0e10cSrcweir }
72cdf0e10cSrcweir }
73cdf0e10cSrcweir
74cdf0e10cSrcweir //Methods from XCertificate
getVersion()75cdf0e10cSrcweir sal_Int16 SAL_CALL X509Certificate_NssImpl :: getVersion() throw ( ::com::sun::star::uno::RuntimeException) {
76cdf0e10cSrcweir if( m_pCert != NULL ) {
77cdf0e10cSrcweir if( m_pCert->version.len > 0 ) {
78cdf0e10cSrcweir return ( char )*( m_pCert->version.data ) ;
79cdf0e10cSrcweir } else
80cdf0e10cSrcweir return 0 ;
81cdf0e10cSrcweir } else {
82cdf0e10cSrcweir return -1 ;
83cdf0e10cSrcweir }
84cdf0e10cSrcweir }
85cdf0e10cSrcweir
getSerialNumber()86cdf0e10cSrcweir ::com::sun::star::uno::Sequence< sal_Int8 > SAL_CALL X509Certificate_NssImpl :: getSerialNumber() throw ( ::com::sun::star::uno::RuntimeException) {
87cdf0e10cSrcweir if( m_pCert != NULL && m_pCert->serialNumber.len > 0 ) {
88cdf0e10cSrcweir Sequence< sal_Int8 > serial( m_pCert->serialNumber.len ) ;
89cdf0e10cSrcweir for( unsigned int i = 0 ; i < m_pCert->serialNumber.len ; i ++ )
90cdf0e10cSrcweir serial[i] = *( m_pCert->serialNumber.data + i ) ;
91cdf0e10cSrcweir
92cdf0e10cSrcweir return serial ;
93cdf0e10cSrcweir } else {
94cdf0e10cSrcweir return ::com::sun::star::uno::Sequence< sal_Int8 >();
95cdf0e10cSrcweir }
96cdf0e10cSrcweir }
97cdf0e10cSrcweir
getIssuerName()98cdf0e10cSrcweir ::rtl::OUString SAL_CALL X509Certificate_NssImpl :: getIssuerName() throw ( ::com::sun::star::uno::RuntimeException) {
99cdf0e10cSrcweir if( m_pCert != NULL ) {
100cdf0e10cSrcweir return OUString(m_pCert->issuerName , PL_strlen(m_pCert->issuerName) , RTL_TEXTENCODING_UTF8) ;
101cdf0e10cSrcweir } else {
102cdf0e10cSrcweir return OUString() ;
103cdf0e10cSrcweir }
104cdf0e10cSrcweir }
105cdf0e10cSrcweir
getSubjectName()106cdf0e10cSrcweir ::rtl::OUString SAL_CALL X509Certificate_NssImpl :: getSubjectName() throw ( ::com::sun::star::uno::RuntimeException) {
107cdf0e10cSrcweir if( m_pCert != NULL ) {
108cdf0e10cSrcweir return OUString(m_pCert->subjectName , PL_strlen(m_pCert->subjectName) , RTL_TEXTENCODING_UTF8);
109cdf0e10cSrcweir } else {
110cdf0e10cSrcweir return OUString() ;
111cdf0e10cSrcweir }
112cdf0e10cSrcweir }
113cdf0e10cSrcweir
getNotValidBefore()114cdf0e10cSrcweir ::com::sun::star::util::DateTime SAL_CALL X509Certificate_NssImpl :: getNotValidBefore() throw ( ::com::sun::star::uno::RuntimeException) {
115cdf0e10cSrcweir if( m_pCert != NULL ) {
116cdf0e10cSrcweir SECStatus rv ;
117cdf0e10cSrcweir PRTime notBefore ;
118cdf0e10cSrcweir PRExplodedTime explTime ;
119cdf0e10cSrcweir DateTime dateTime ;
120cdf0e10cSrcweir
121cdf0e10cSrcweir rv = DER_DecodeTimeChoice( ¬Before, &m_pCert->validity.notBefore ) ;
122cdf0e10cSrcweir if( rv ) {
123cdf0e10cSrcweir return DateTime() ;
124cdf0e10cSrcweir }
125cdf0e10cSrcweir
126cdf0e10cSrcweir //Convert the time to readable local time
127cdf0e10cSrcweir PR_ExplodeTime( notBefore, PR_LocalTimeParameters, &explTime ) ;
128cdf0e10cSrcweir
129cdf0e10cSrcweir dateTime.HundredthSeconds = static_cast< sal_Int16 >( explTime.tm_usec / 1000 );
130cdf0e10cSrcweir dateTime.Seconds = static_cast< sal_Int16 >( explTime.tm_sec );
131cdf0e10cSrcweir dateTime.Minutes = static_cast< sal_Int16 >( explTime.tm_min );
132cdf0e10cSrcweir dateTime.Hours = static_cast< sal_Int16 >( explTime.tm_hour );
133cdf0e10cSrcweir dateTime.Day = static_cast< sal_Int16 >( explTime.tm_mday );
134cdf0e10cSrcweir dateTime.Month = static_cast< sal_Int16 >( explTime.tm_month+1 );
135cdf0e10cSrcweir dateTime.Year = static_cast< sal_Int16 >( explTime.tm_year );
136cdf0e10cSrcweir
137cdf0e10cSrcweir return dateTime ;
138cdf0e10cSrcweir } else {
139cdf0e10cSrcweir return DateTime() ;
140cdf0e10cSrcweir }
141cdf0e10cSrcweir }
142cdf0e10cSrcweir
getNotValidAfter()143cdf0e10cSrcweir ::com::sun::star::util::DateTime SAL_CALL X509Certificate_NssImpl :: getNotValidAfter() throw ( ::com::sun::star::uno::RuntimeException) {
144cdf0e10cSrcweir if( m_pCert != NULL ) {
145cdf0e10cSrcweir SECStatus rv ;
146cdf0e10cSrcweir PRTime notAfter ;
147cdf0e10cSrcweir PRExplodedTime explTime ;
148cdf0e10cSrcweir DateTime dateTime ;
149cdf0e10cSrcweir
150cdf0e10cSrcweir rv = DER_DecodeTimeChoice( ¬After, &m_pCert->validity.notAfter ) ;
151cdf0e10cSrcweir if( rv ) {
152cdf0e10cSrcweir return DateTime() ;
153cdf0e10cSrcweir }
154cdf0e10cSrcweir
155cdf0e10cSrcweir //Convert the time to readable local time
156cdf0e10cSrcweir PR_ExplodeTime( notAfter, PR_LocalTimeParameters, &explTime ) ;
157cdf0e10cSrcweir
158cdf0e10cSrcweir dateTime.HundredthSeconds = static_cast< sal_Int16 >( explTime.tm_usec / 1000 );
159cdf0e10cSrcweir dateTime.Seconds = static_cast< sal_Int16 >( explTime.tm_sec );
160cdf0e10cSrcweir dateTime.Minutes = static_cast< sal_Int16 >( explTime.tm_min );
161cdf0e10cSrcweir dateTime.Hours = static_cast< sal_Int16 >( explTime.tm_hour );
162cdf0e10cSrcweir dateTime.Day = static_cast< sal_Int16 >( explTime.tm_mday );
163cdf0e10cSrcweir dateTime.Month = static_cast< sal_Int16 >( explTime.tm_month+1 );
164cdf0e10cSrcweir dateTime.Year = static_cast< sal_Int16 >( explTime.tm_year );
165cdf0e10cSrcweir
166cdf0e10cSrcweir return dateTime ;
167cdf0e10cSrcweir } else {
168cdf0e10cSrcweir return DateTime() ;
169cdf0e10cSrcweir }
170cdf0e10cSrcweir }
171cdf0e10cSrcweir
getIssuerUniqueID()172cdf0e10cSrcweir ::com::sun::star::uno::Sequence< sal_Int8 > SAL_CALL X509Certificate_NssImpl :: getIssuerUniqueID() throw ( ::com::sun::star::uno::RuntimeException) {
173cdf0e10cSrcweir if( m_pCert != NULL && m_pCert->issuerID.len > 0 ) {
174cdf0e10cSrcweir Sequence< sal_Int8 > issuerUid( m_pCert->issuerID.len ) ;
175cdf0e10cSrcweir for( unsigned int i = 0 ; i < m_pCert->issuerID.len ; i ++ )
176cdf0e10cSrcweir issuerUid[i] = *( m_pCert->issuerID.data + i ) ;
177cdf0e10cSrcweir
178cdf0e10cSrcweir return issuerUid ;
179cdf0e10cSrcweir } else {
180cdf0e10cSrcweir return ::com::sun::star::uno::Sequence< sal_Int8 >();
181cdf0e10cSrcweir }
182cdf0e10cSrcweir }
183cdf0e10cSrcweir
getSubjectUniqueID()184cdf0e10cSrcweir ::com::sun::star::uno::Sequence< sal_Int8 > SAL_CALL X509Certificate_NssImpl :: getSubjectUniqueID() throw ( ::com::sun::star::uno::RuntimeException) {
185cdf0e10cSrcweir if( m_pCert != NULL && m_pCert->subjectID.len > 0 ) {
186cdf0e10cSrcweir Sequence< sal_Int8 > subjectUid( m_pCert->subjectID.len ) ;
187cdf0e10cSrcweir for( unsigned int i = 0 ; i < m_pCert->subjectID.len ; i ++ )
188cdf0e10cSrcweir subjectUid[i] = *( m_pCert->subjectID.data + i ) ;
189cdf0e10cSrcweir
190cdf0e10cSrcweir return subjectUid ;
191cdf0e10cSrcweir } else {
192cdf0e10cSrcweir return ::com::sun::star::uno::Sequence< sal_Int8 >();
193cdf0e10cSrcweir }
194cdf0e10cSrcweir }
195cdf0e10cSrcweir
getExtensions()196cdf0e10cSrcweir ::com::sun::star::uno::Sequence< ::com::sun::star::uno::Reference< ::com::sun::star::security::XCertificateExtension > > SAL_CALL X509Certificate_NssImpl :: getExtensions() throw ( ::com::sun::star::uno::RuntimeException) {
197cdf0e10cSrcweir if( m_pCert != NULL && m_pCert->extensions != NULL ) {
198cdf0e10cSrcweir CERTCertExtension** extns ;
199cdf0e10cSrcweir CertificateExtension_XmlSecImpl* pExtn ;
200cdf0e10cSrcweir sal_Bool crit ;
201cdf0e10cSrcweir int len ;
202cdf0e10cSrcweir
203cdf0e10cSrcweir for( len = 0, extns = m_pCert->extensions; *extns != NULL; len ++, extns ++ ) ;
204cdf0e10cSrcweir Sequence< Reference< XCertificateExtension > > xExtns( len ) ;
205cdf0e10cSrcweir
206cdf0e10cSrcweir for( extns = m_pCert->extensions, len = 0; *extns != NULL; extns ++, len ++ ) {
207cdf0e10cSrcweir const SECItem id = (*extns)->id;
208cdf0e10cSrcweir ::rtl::OString oidString(CERT_GetOidString(&id));
209cdf0e10cSrcweir
210cdf0e10cSrcweir // remove "OID." prefix if existing
211cdf0e10cSrcweir ::rtl::OString objID;
212cdf0e10cSrcweir ::rtl::OString oid("OID.");
213cdf0e10cSrcweir if (oidString.match(oid))
214cdf0e10cSrcweir objID = oidString.copy(oid.getLength());
215cdf0e10cSrcweir else
216cdf0e10cSrcweir objID = oidString;
217cdf0e10cSrcweir
218cdf0e10cSrcweir if ( objID.equals("2.5.29.17") )
219cdf0e10cSrcweir pExtn = (CertificateExtension_XmlSecImpl*) new SanExtensionImpl() ;
220cdf0e10cSrcweir else
221cdf0e10cSrcweir pExtn = new CertificateExtension_XmlSecImpl() ;
222cdf0e10cSrcweir
223cdf0e10cSrcweir if( (*extns)->critical.data == NULL )
224cdf0e10cSrcweir crit = sal_False ;
225cdf0e10cSrcweir else
226cdf0e10cSrcweir crit = ( (*extns)->critical.data[0] == 0xFF ) ? sal_True : sal_False ;
227cdf0e10cSrcweir pExtn->setCertExtn( (*extns)->value.data, (*extns)->value.len, (unsigned char*)objID.getStr(), objID.getLength(), crit ) ;
228cdf0e10cSrcweir
229cdf0e10cSrcweir xExtns[len] = pExtn ;
230cdf0e10cSrcweir }
231cdf0e10cSrcweir
232cdf0e10cSrcweir return xExtns ;
233cdf0e10cSrcweir } else {
234cdf0e10cSrcweir return ::com::sun::star::uno::Sequence< ::com::sun::star::uno::Reference< ::com::sun::star::security::XCertificateExtension > > ();
235cdf0e10cSrcweir }
236cdf0e10cSrcweir }
237cdf0e10cSrcweir
findCertificateExtension(const::com::sun::star::uno::Sequence<sal_Int8> & oid)238cdf0e10cSrcweir ::com::sun::star::uno::Reference< ::com::sun::star::security::XCertificateExtension > SAL_CALL X509Certificate_NssImpl :: findCertificateExtension( const ::com::sun::star::uno::Sequence< sal_Int8 >& oid ) throw (::com::sun::star::uno::RuntimeException) {
239cdf0e10cSrcweir if( m_pCert != NULL && m_pCert->extensions != NULL ) {
240cdf0e10cSrcweir CertificateExtension_XmlSecImpl* pExtn ;
241cdf0e10cSrcweir CERTCertExtension** extns ;
242cdf0e10cSrcweir SECItem idItem ;
243cdf0e10cSrcweir sal_Bool crit ;
244cdf0e10cSrcweir
245cdf0e10cSrcweir idItem.data = ( unsigned char* )&oid[0] ;
246cdf0e10cSrcweir idItem.len = oid.getLength() ;
247cdf0e10cSrcweir
248cdf0e10cSrcweir pExtn = NULL ;
249cdf0e10cSrcweir for( extns = m_pCert->extensions; *extns != NULL; extns ++ ) {
250cdf0e10cSrcweir if( SECITEM_CompareItem( &idItem, &(*extns)->id ) == SECEqual ) {
251cdf0e10cSrcweir const SECItem id = (*extns)->id;
252cdf0e10cSrcweir ::rtl::OString objId(CERT_GetOidString(&id));
253cdf0e10cSrcweir if ( objId.equals("OID.2.5.29.17") )
254cdf0e10cSrcweir pExtn = (CertificateExtension_XmlSecImpl*) new SanExtensionImpl() ;
255cdf0e10cSrcweir else
256cdf0e10cSrcweir pExtn = new CertificateExtension_XmlSecImpl() ;
257cdf0e10cSrcweir if( (*extns)->critical.data == NULL )
258cdf0e10cSrcweir crit = sal_False ;
259cdf0e10cSrcweir else
260cdf0e10cSrcweir crit = ( (*extns)->critical.data[0] == 0xFF ) ? sal_True : sal_False ;
261cdf0e10cSrcweir pExtn->setCertExtn( (*extns)->value.data, (*extns)->value.len, (*extns)->id.data, (*extns)->id.len, crit ) ;
262cdf0e10cSrcweir }
263cdf0e10cSrcweir }
264cdf0e10cSrcweir
265cdf0e10cSrcweir return pExtn ;
266cdf0e10cSrcweir } else {
267cdf0e10cSrcweir return NULL ;
268cdf0e10cSrcweir }
269cdf0e10cSrcweir }
270cdf0e10cSrcweir
271cdf0e10cSrcweir
getEncoded()272cdf0e10cSrcweir ::com::sun::star::uno::Sequence< sal_Int8 > SAL_CALL X509Certificate_NssImpl :: getEncoded() throw ( ::com::sun::star::uno::RuntimeException) {
273cdf0e10cSrcweir if( m_pCert != NULL && m_pCert->derCert.len > 0 ) {
274cdf0e10cSrcweir Sequence< sal_Int8 > rawCert( m_pCert->derCert.len ) ;
275cdf0e10cSrcweir
276cdf0e10cSrcweir for( unsigned int i = 0 ; i < m_pCert->derCert.len ; i ++ )
277cdf0e10cSrcweir rawCert[i] = *( m_pCert->derCert.data + i ) ;
278cdf0e10cSrcweir
279cdf0e10cSrcweir return rawCert ;
280cdf0e10cSrcweir } else {
281cdf0e10cSrcweir return ::com::sun::star::uno::Sequence< sal_Int8 >();
282cdf0e10cSrcweir }
283cdf0e10cSrcweir }
284cdf0e10cSrcweir
285cdf0e10cSrcweir //Helper methods
setCert(CERTCertificate * cert)286cdf0e10cSrcweir void X509Certificate_NssImpl :: setCert( CERTCertificate* cert ) {
287cdf0e10cSrcweir if( m_pCert != NULL ) {
288cdf0e10cSrcweir CERT_DestroyCertificate( m_pCert ) ;
289cdf0e10cSrcweir m_pCert = NULL ;
290cdf0e10cSrcweir }
291cdf0e10cSrcweir
292cdf0e10cSrcweir if( cert != NULL ) {
293cdf0e10cSrcweir m_pCert = CERT_DupCertificate( cert ) ;
294cdf0e10cSrcweir }
295cdf0e10cSrcweir }
296cdf0e10cSrcweir
getNssCert() const297cdf0e10cSrcweir const CERTCertificate* X509Certificate_NssImpl :: getNssCert() const {
298cdf0e10cSrcweir if( m_pCert != NULL ) {
299cdf0e10cSrcweir return m_pCert ;
300cdf0e10cSrcweir } else {
301cdf0e10cSrcweir return NULL ;
302cdf0e10cSrcweir }
303cdf0e10cSrcweir }
304cdf0e10cSrcweir
setRawCert(Sequence<sal_Int8> rawCert)305cdf0e10cSrcweir void X509Certificate_NssImpl :: setRawCert( Sequence< sal_Int8 > rawCert ) throw ( ::com::sun::star::uno::RuntimeException) {
306cdf0e10cSrcweir CERTCertificate* cert ;
307cdf0e10cSrcweir SECItem certItem ;
308cdf0e10cSrcweir
309cdf0e10cSrcweir certItem.data = ( unsigned char* )&rawCert[0] ;
310cdf0e10cSrcweir certItem.len = rawCert.getLength() ;
311cdf0e10cSrcweir
312cdf0e10cSrcweir cert = CERT_DecodeDERCertificate( &certItem, PR_TRUE, NULL ) ;
313cdf0e10cSrcweir if( cert == NULL )
314cdf0e10cSrcweir throw RuntimeException() ;
315cdf0e10cSrcweir
316cdf0e10cSrcweir if( m_pCert != NULL ) {
317cdf0e10cSrcweir CERT_DestroyCertificate( m_pCert ) ;
318cdf0e10cSrcweir m_pCert = NULL ;
319cdf0e10cSrcweir }
320cdf0e10cSrcweir
321cdf0e10cSrcweir m_pCert = cert ;
322cdf0e10cSrcweir }
323cdf0e10cSrcweir
324cdf0e10cSrcweir /* XUnoTunnel */
getSomething(const Sequence<sal_Int8> & aIdentifier)325cdf0e10cSrcweir sal_Int64 SAL_CALL X509Certificate_NssImpl :: getSomething( const Sequence< sal_Int8 >& aIdentifier ) throw( RuntimeException ) {
326cdf0e10cSrcweir if( aIdentifier.getLength() == 16 && 0 == rtl_compareMemory( getUnoTunnelId().getConstArray(), aIdentifier.getConstArray(), 16 ) ) {
327cdf0e10cSrcweir return sal::static_int_cast<sal_Int64>(reinterpret_cast<sal_uIntPtr>(this));
328cdf0e10cSrcweir }
329cdf0e10cSrcweir return 0 ;
330cdf0e10cSrcweir }
331cdf0e10cSrcweir
332cdf0e10cSrcweir /* XUnoTunnel extension */
getUnoTunnelId()333cdf0e10cSrcweir const Sequence< sal_Int8>& X509Certificate_NssImpl :: getUnoTunnelId() {
334cdf0e10cSrcweir static Sequence< sal_Int8 >* pSeq = 0 ;
335cdf0e10cSrcweir if( !pSeq ) {
336cdf0e10cSrcweir ::osl::Guard< ::osl::Mutex > aGuard( ::osl::Mutex::getGlobalMutex() ) ;
337cdf0e10cSrcweir if( !pSeq ) {
338cdf0e10cSrcweir static Sequence< sal_Int8> aSeq( 16 ) ;
339cdf0e10cSrcweir rtl_createUuid( ( sal_uInt8* )aSeq.getArray() , 0 , sal_True ) ;
340cdf0e10cSrcweir pSeq = &aSeq ;
341cdf0e10cSrcweir }
342cdf0e10cSrcweir }
343cdf0e10cSrcweir return *pSeq ;
344cdf0e10cSrcweir }
345cdf0e10cSrcweir
346cdf0e10cSrcweir /* XUnoTunnel extension */
getImplementation(const Reference<XInterface> xObj)347cdf0e10cSrcweir X509Certificate_NssImpl* X509Certificate_NssImpl :: getImplementation( const Reference< XInterface > xObj ) {
348cdf0e10cSrcweir Reference< XUnoTunnel > xUT( xObj , UNO_QUERY ) ;
349cdf0e10cSrcweir if( xUT.is() ) {
350cdf0e10cSrcweir return reinterpret_cast<X509Certificate_NssImpl*>(
351cdf0e10cSrcweir sal::static_int_cast<sal_uIntPtr>(xUT->getSomething( getUnoTunnelId() )));
352cdf0e10cSrcweir } else
353cdf0e10cSrcweir return NULL ;
354cdf0e10cSrcweir }
355cdf0e10cSrcweir
356cdf0e10cSrcweir // MM : added by MM
getAlgorithmDescription(SECAlgorithmID * aid)357cdf0e10cSrcweir ::rtl::OUString getAlgorithmDescription(SECAlgorithmID *aid)
358cdf0e10cSrcweir {
359cdf0e10cSrcweir SECOidTag tag;
360cdf0e10cSrcweir tag = SECOID_GetAlgorithmTag(aid);
361cdf0e10cSrcweir
362cdf0e10cSrcweir const char *pDesc = SECOID_FindOIDTagDescription(tag);
363cdf0e10cSrcweir
364cdf0e10cSrcweir return rtl::OUString::createFromAscii( pDesc ) ;
365cdf0e10cSrcweir }
366cdf0e10cSrcweir
getThumbprint(CERTCertificate * pCert,SECOidTag id)367cdf0e10cSrcweir ::com::sun::star::uno::Sequence< sal_Int8 > getThumbprint(CERTCertificate *pCert, SECOidTag id)
368cdf0e10cSrcweir {
369cdf0e10cSrcweir if( pCert != NULL )
370cdf0e10cSrcweir {
371cdf0e10cSrcweir unsigned char fingerprint[20];
372cdf0e10cSrcweir //char *fpStr = NULL;
373cdf0e10cSrcweir SECItem fpItem;
374cdf0e10cSrcweir int length = ((id == SEC_OID_MD5)?MD5_LENGTH:SHA1_LENGTH);
375cdf0e10cSrcweir
376cdf0e10cSrcweir memset(fingerprint, 0, sizeof fingerprint);
377cdf0e10cSrcweir PK11_HashBuf(id, fingerprint, pCert->derCert.data, pCert->derCert.len);
378cdf0e10cSrcweir fpItem.data = fingerprint;
379cdf0e10cSrcweir fpItem.len = length;
380cdf0e10cSrcweir //fpStr = CERT_Hexify(&fpItem, 1);
381cdf0e10cSrcweir
382cdf0e10cSrcweir Sequence< sal_Int8 > thumbprint( length ) ;
383cdf0e10cSrcweir for( int i = 0 ; i < length ; i ++ )
384cdf0e10cSrcweir {
385cdf0e10cSrcweir thumbprint[i] = fingerprint[i];
386cdf0e10cSrcweir }
387cdf0e10cSrcweir
388cdf0e10cSrcweir //PORT_Free(fpStr);
389cdf0e10cSrcweir return thumbprint;
390cdf0e10cSrcweir }
391cdf0e10cSrcweir else
392cdf0e10cSrcweir {
393cdf0e10cSrcweir return ::com::sun::star::uno::Sequence< sal_Int8 >();
394cdf0e10cSrcweir }
395cdf0e10cSrcweir }
396cdf0e10cSrcweir
getSubjectPublicKeyAlgorithm()397cdf0e10cSrcweir ::rtl::OUString SAL_CALL X509Certificate_NssImpl::getSubjectPublicKeyAlgorithm()
398cdf0e10cSrcweir throw ( ::com::sun::star::uno::RuntimeException)
399cdf0e10cSrcweir {
400cdf0e10cSrcweir if( m_pCert != NULL )
401cdf0e10cSrcweir {
402cdf0e10cSrcweir return getAlgorithmDescription(&(m_pCert->subjectPublicKeyInfo.algorithm));
403cdf0e10cSrcweir }
404cdf0e10cSrcweir else
405cdf0e10cSrcweir {
406cdf0e10cSrcweir return OUString() ;
407cdf0e10cSrcweir }
408cdf0e10cSrcweir }
409cdf0e10cSrcweir
getSubjectPublicKeyValue()410cdf0e10cSrcweir ::com::sun::star::uno::Sequence< sal_Int8 > SAL_CALL X509Certificate_NssImpl::getSubjectPublicKeyValue()
411cdf0e10cSrcweir throw ( ::com::sun::star::uno::RuntimeException)
412cdf0e10cSrcweir {
413cdf0e10cSrcweir if( m_pCert != NULL )
414cdf0e10cSrcweir {
415cdf0e10cSrcweir SECItem spk = m_pCert->subjectPublicKeyInfo.subjectPublicKey;
416cdf0e10cSrcweir DER_ConvertBitString(&spk);
417cdf0e10cSrcweir
418cdf0e10cSrcweir if ( spk.len>0)
419cdf0e10cSrcweir {
420cdf0e10cSrcweir Sequence< sal_Int8 > key( spk.len ) ;
421cdf0e10cSrcweir for( unsigned int i = 0 ; i < spk.len ; i ++ )
422cdf0e10cSrcweir {
423cdf0e10cSrcweir key[i] = *( spk.data + i ) ;
424cdf0e10cSrcweir }
425cdf0e10cSrcweir
426cdf0e10cSrcweir return key ;
427cdf0e10cSrcweir }
428cdf0e10cSrcweir }
429cdf0e10cSrcweir
430cdf0e10cSrcweir return ::com::sun::star::uno::Sequence< sal_Int8 >();
431cdf0e10cSrcweir }
432cdf0e10cSrcweir
getSignatureAlgorithm()433cdf0e10cSrcweir ::rtl::OUString SAL_CALL X509Certificate_NssImpl::getSignatureAlgorithm()
434cdf0e10cSrcweir throw ( ::com::sun::star::uno::RuntimeException)
435cdf0e10cSrcweir {
436cdf0e10cSrcweir if( m_pCert != NULL )
437cdf0e10cSrcweir {
438cdf0e10cSrcweir return getAlgorithmDescription(&(m_pCert->signature));
439cdf0e10cSrcweir }
440cdf0e10cSrcweir else
441cdf0e10cSrcweir {
442cdf0e10cSrcweir return OUString() ;
443cdf0e10cSrcweir }
444cdf0e10cSrcweir }
445cdf0e10cSrcweir
getSHA1Thumbprint()446cdf0e10cSrcweir ::com::sun::star::uno::Sequence< sal_Int8 > SAL_CALL X509Certificate_NssImpl::getSHA1Thumbprint()
447cdf0e10cSrcweir throw ( ::com::sun::star::uno::RuntimeException)
448cdf0e10cSrcweir {
449cdf0e10cSrcweir return getThumbprint(m_pCert, SEC_OID_SHA1);
450cdf0e10cSrcweir }
451cdf0e10cSrcweir
getMD5Thumbprint()452cdf0e10cSrcweir ::com::sun::star::uno::Sequence< sal_Int8 > SAL_CALL X509Certificate_NssImpl::getMD5Thumbprint()
453cdf0e10cSrcweir throw ( ::com::sun::star::uno::RuntimeException)
454cdf0e10cSrcweir {
455cdf0e10cSrcweir return getThumbprint(m_pCert, SEC_OID_MD5);
456cdf0e10cSrcweir }
457cdf0e10cSrcweir
getCertificateUsage()458cdf0e10cSrcweir sal_Int32 SAL_CALL X509Certificate_NssImpl::getCertificateUsage( )
459cdf0e10cSrcweir throw ( ::com::sun::star::uno::RuntimeException)
460cdf0e10cSrcweir {
461cdf0e10cSrcweir SECStatus rv;
462cdf0e10cSrcweir SECItem tmpitem;
463cdf0e10cSrcweir sal_Int32 usage;
464cdf0e10cSrcweir
465cdf0e10cSrcweir rv = CERT_FindKeyUsageExtension(m_pCert, &tmpitem);
466cdf0e10cSrcweir if ( rv == SECSuccess )
467cdf0e10cSrcweir {
468cdf0e10cSrcweir usage = tmpitem.data[0];
469cdf0e10cSrcweir PORT_Free(tmpitem.data);
470cdf0e10cSrcweir tmpitem.data = NULL;
471cdf0e10cSrcweir }
472cdf0e10cSrcweir else
473cdf0e10cSrcweir {
474cdf0e10cSrcweir usage = KU_ALL;
475cdf0e10cSrcweir }
476cdf0e10cSrcweir
477cdf0e10cSrcweir /*
478cdf0e10cSrcweir * to make the nss implementation compatible with MSCrypto,
479cdf0e10cSrcweir * the following usage is ignored
480cdf0e10cSrcweir *
481cdf0e10cSrcweir *
482cdf0e10cSrcweir if ( CERT_GovtApprovedBitSet(m_pCert) )
483cdf0e10cSrcweir {
484cdf0e10cSrcweir usage |= KU_NS_GOVT_APPROVED;
485cdf0e10cSrcweir }
486cdf0e10cSrcweir */
487cdf0e10cSrcweir
488cdf0e10cSrcweir return usage;
489cdf0e10cSrcweir }
490cdf0e10cSrcweir
491cdf0e10cSrcweir // MM : end
492cdf0e10cSrcweir
493