1*cdf0e10cSrcweir /************************************************************************* 2*cdf0e10cSrcweir * 3*cdf0e10cSrcweir * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. 4*cdf0e10cSrcweir * 5*cdf0e10cSrcweir * Copyright 2000, 2010 Oracle and/or its affiliates. 6*cdf0e10cSrcweir * 7*cdf0e10cSrcweir * OpenOffice.org - a multi-platform office productivity suite 8*cdf0e10cSrcweir * 9*cdf0e10cSrcweir * This file is part of OpenOffice.org. 10*cdf0e10cSrcweir * 11*cdf0e10cSrcweir * OpenOffice.org is free software: you can redistribute it and/or modify 12*cdf0e10cSrcweir * it under the terms of the GNU Lesser General Public License version 3 13*cdf0e10cSrcweir * only, as published by the Free Software Foundation. 14*cdf0e10cSrcweir * 15*cdf0e10cSrcweir * OpenOffice.org is distributed in the hope that it will be useful, 16*cdf0e10cSrcweir * but WITHOUT ANY WARRANTY; without even the implied warranty of 17*cdf0e10cSrcweir * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 18*cdf0e10cSrcweir * GNU Lesser General Public License version 3 for more details 19*cdf0e10cSrcweir * (a copy is included in the LICENSE file that accompanied this code). 20*cdf0e10cSrcweir * 21*cdf0e10cSrcweir * You should have received a copy of the GNU Lesser General Public License 22*cdf0e10cSrcweir * version 3 along with OpenOffice.org. If not, see 23*cdf0e10cSrcweir * <http://www.openoffice.org/license.html> 24*cdf0e10cSrcweir * for a copy of the LGPLv3 License. 25*cdf0e10cSrcweir * 26*cdf0e10cSrcweir ************************************************************************/ 27*cdf0e10cSrcweir 28*cdf0e10cSrcweir // MARKER(update_precomp.py): autogen include statement, do not remove 29*cdf0e10cSrcweir #include "precompiled_xmlsecurity.hxx" 30*cdf0e10cSrcweir 31*cdf0e10cSrcweir 32*cdf0e10cSrcweir 33*cdf0e10cSrcweir #include "nssrenam.h" 34*cdf0e10cSrcweir #include "nspr.h" 35*cdf0e10cSrcweir #include "nss.h" 36*cdf0e10cSrcweir #include "secder.h" 37*cdf0e10cSrcweir 38*cdf0e10cSrcweir //MM : added by MM 39*cdf0e10cSrcweir #include "hasht.h" 40*cdf0e10cSrcweir #include "secoid.h" 41*cdf0e10cSrcweir #include "pk11func.h" 42*cdf0e10cSrcweir //MM : end 43*cdf0e10cSrcweir 44*cdf0e10cSrcweir 45*cdf0e10cSrcweir 46*cdf0e10cSrcweir #include <sal/config.h> 47*cdf0e10cSrcweir #include <rtl/uuid.h> 48*cdf0e10cSrcweir #include "x509certificate_nssimpl.hxx" 49*cdf0e10cSrcweir 50*cdf0e10cSrcweir #ifndef _CERTIFICATEEXTENSION_NSSIMPL_HXX_ 51*cdf0e10cSrcweir #include "certificateextension_xmlsecimpl.hxx" 52*cdf0e10cSrcweir #endif 53*cdf0e10cSrcweir 54*cdf0e10cSrcweir #ifndef _SANEXTENSION_NSSIMPL_HXX_ 55*cdf0e10cSrcweir #include "sanextension_nssimpl.hxx" 56*cdf0e10cSrcweir #endif 57*cdf0e10cSrcweir 58*cdf0e10cSrcweir using namespace ::com::sun::star::uno ; 59*cdf0e10cSrcweir using namespace ::com::sun::star::security ; 60*cdf0e10cSrcweir using ::rtl::OUString ; 61*cdf0e10cSrcweir 62*cdf0e10cSrcweir using ::com::sun::star::security::XCertificate ; 63*cdf0e10cSrcweir using ::com::sun::star::util::DateTime ; 64*cdf0e10cSrcweir 65*cdf0e10cSrcweir X509Certificate_NssImpl :: X509Certificate_NssImpl() : 66*cdf0e10cSrcweir m_pCert( NULL ) 67*cdf0e10cSrcweir { 68*cdf0e10cSrcweir } 69*cdf0e10cSrcweir 70*cdf0e10cSrcweir X509Certificate_NssImpl :: ~X509Certificate_NssImpl() { 71*cdf0e10cSrcweir if( m_pCert != NULL ) { 72*cdf0e10cSrcweir CERT_DestroyCertificate( m_pCert ) ; 73*cdf0e10cSrcweir } 74*cdf0e10cSrcweir } 75*cdf0e10cSrcweir 76*cdf0e10cSrcweir //Methods from XCertificate 77*cdf0e10cSrcweir sal_Int16 SAL_CALL X509Certificate_NssImpl :: getVersion() throw ( ::com::sun::star::uno::RuntimeException) { 78*cdf0e10cSrcweir if( m_pCert != NULL ) { 79*cdf0e10cSrcweir if( m_pCert->version.len > 0 ) { 80*cdf0e10cSrcweir return ( char )*( m_pCert->version.data ) ; 81*cdf0e10cSrcweir } else 82*cdf0e10cSrcweir return 0 ; 83*cdf0e10cSrcweir } else { 84*cdf0e10cSrcweir return -1 ; 85*cdf0e10cSrcweir } 86*cdf0e10cSrcweir } 87*cdf0e10cSrcweir 88*cdf0e10cSrcweir ::com::sun::star::uno::Sequence< sal_Int8 > SAL_CALL X509Certificate_NssImpl :: getSerialNumber() throw ( ::com::sun::star::uno::RuntimeException) { 89*cdf0e10cSrcweir if( m_pCert != NULL && m_pCert->serialNumber.len > 0 ) { 90*cdf0e10cSrcweir Sequence< sal_Int8 > serial( m_pCert->serialNumber.len ) ; 91*cdf0e10cSrcweir for( unsigned int i = 0 ; i < m_pCert->serialNumber.len ; i ++ ) 92*cdf0e10cSrcweir serial[i] = *( m_pCert->serialNumber.data + i ) ; 93*cdf0e10cSrcweir 94*cdf0e10cSrcweir return serial ; 95*cdf0e10cSrcweir } else { 96*cdf0e10cSrcweir return ::com::sun::star::uno::Sequence< sal_Int8 >(); 97*cdf0e10cSrcweir } 98*cdf0e10cSrcweir } 99*cdf0e10cSrcweir 100*cdf0e10cSrcweir ::rtl::OUString SAL_CALL X509Certificate_NssImpl :: getIssuerName() throw ( ::com::sun::star::uno::RuntimeException) { 101*cdf0e10cSrcweir if( m_pCert != NULL ) { 102*cdf0e10cSrcweir return OUString(m_pCert->issuerName , PL_strlen(m_pCert->issuerName) , RTL_TEXTENCODING_UTF8) ; 103*cdf0e10cSrcweir } else { 104*cdf0e10cSrcweir return OUString() ; 105*cdf0e10cSrcweir } 106*cdf0e10cSrcweir } 107*cdf0e10cSrcweir 108*cdf0e10cSrcweir ::rtl::OUString SAL_CALL X509Certificate_NssImpl :: getSubjectName() throw ( ::com::sun::star::uno::RuntimeException) { 109*cdf0e10cSrcweir if( m_pCert != NULL ) { 110*cdf0e10cSrcweir return OUString(m_pCert->subjectName , PL_strlen(m_pCert->subjectName) , RTL_TEXTENCODING_UTF8); 111*cdf0e10cSrcweir } else { 112*cdf0e10cSrcweir return OUString() ; 113*cdf0e10cSrcweir } 114*cdf0e10cSrcweir } 115*cdf0e10cSrcweir 116*cdf0e10cSrcweir ::com::sun::star::util::DateTime SAL_CALL X509Certificate_NssImpl :: getNotValidBefore() throw ( ::com::sun::star::uno::RuntimeException) { 117*cdf0e10cSrcweir if( m_pCert != NULL ) { 118*cdf0e10cSrcweir SECStatus rv ; 119*cdf0e10cSrcweir PRTime notBefore ; 120*cdf0e10cSrcweir PRExplodedTime explTime ; 121*cdf0e10cSrcweir DateTime dateTime ; 122*cdf0e10cSrcweir 123*cdf0e10cSrcweir rv = DER_DecodeTimeChoice( ¬Before, &m_pCert->validity.notBefore ) ; 124*cdf0e10cSrcweir if( rv ) { 125*cdf0e10cSrcweir return DateTime() ; 126*cdf0e10cSrcweir } 127*cdf0e10cSrcweir 128*cdf0e10cSrcweir //Convert the time to readable local time 129*cdf0e10cSrcweir PR_ExplodeTime( notBefore, PR_LocalTimeParameters, &explTime ) ; 130*cdf0e10cSrcweir 131*cdf0e10cSrcweir dateTime.HundredthSeconds = static_cast< sal_Int16 >( explTime.tm_usec / 1000 ); 132*cdf0e10cSrcweir dateTime.Seconds = static_cast< sal_Int16 >( explTime.tm_sec ); 133*cdf0e10cSrcweir dateTime.Minutes = static_cast< sal_Int16 >( explTime.tm_min ); 134*cdf0e10cSrcweir dateTime.Hours = static_cast< sal_Int16 >( explTime.tm_hour ); 135*cdf0e10cSrcweir dateTime.Day = static_cast< sal_Int16 >( explTime.tm_mday ); 136*cdf0e10cSrcweir dateTime.Month = static_cast< sal_Int16 >( explTime.tm_month+1 ); 137*cdf0e10cSrcweir dateTime.Year = static_cast< sal_Int16 >( explTime.tm_year ); 138*cdf0e10cSrcweir 139*cdf0e10cSrcweir return dateTime ; 140*cdf0e10cSrcweir } else { 141*cdf0e10cSrcweir return DateTime() ; 142*cdf0e10cSrcweir } 143*cdf0e10cSrcweir } 144*cdf0e10cSrcweir 145*cdf0e10cSrcweir ::com::sun::star::util::DateTime SAL_CALL X509Certificate_NssImpl :: getNotValidAfter() throw ( ::com::sun::star::uno::RuntimeException) { 146*cdf0e10cSrcweir if( m_pCert != NULL ) { 147*cdf0e10cSrcweir SECStatus rv ; 148*cdf0e10cSrcweir PRTime notAfter ; 149*cdf0e10cSrcweir PRExplodedTime explTime ; 150*cdf0e10cSrcweir DateTime dateTime ; 151*cdf0e10cSrcweir 152*cdf0e10cSrcweir rv = DER_DecodeTimeChoice( ¬After, &m_pCert->validity.notAfter ) ; 153*cdf0e10cSrcweir if( rv ) { 154*cdf0e10cSrcweir return DateTime() ; 155*cdf0e10cSrcweir } 156*cdf0e10cSrcweir 157*cdf0e10cSrcweir //Convert the time to readable local time 158*cdf0e10cSrcweir PR_ExplodeTime( notAfter, PR_LocalTimeParameters, &explTime ) ; 159*cdf0e10cSrcweir 160*cdf0e10cSrcweir dateTime.HundredthSeconds = static_cast< sal_Int16 >( explTime.tm_usec / 1000 ); 161*cdf0e10cSrcweir dateTime.Seconds = static_cast< sal_Int16 >( explTime.tm_sec ); 162*cdf0e10cSrcweir dateTime.Minutes = static_cast< sal_Int16 >( explTime.tm_min ); 163*cdf0e10cSrcweir dateTime.Hours = static_cast< sal_Int16 >( explTime.tm_hour ); 164*cdf0e10cSrcweir dateTime.Day = static_cast< sal_Int16 >( explTime.tm_mday ); 165*cdf0e10cSrcweir dateTime.Month = static_cast< sal_Int16 >( explTime.tm_month+1 ); 166*cdf0e10cSrcweir dateTime.Year = static_cast< sal_Int16 >( explTime.tm_year ); 167*cdf0e10cSrcweir 168*cdf0e10cSrcweir return dateTime ; 169*cdf0e10cSrcweir } else { 170*cdf0e10cSrcweir return DateTime() ; 171*cdf0e10cSrcweir } 172*cdf0e10cSrcweir } 173*cdf0e10cSrcweir 174*cdf0e10cSrcweir ::com::sun::star::uno::Sequence< sal_Int8 > SAL_CALL X509Certificate_NssImpl :: getIssuerUniqueID() throw ( ::com::sun::star::uno::RuntimeException) { 175*cdf0e10cSrcweir if( m_pCert != NULL && m_pCert->issuerID.len > 0 ) { 176*cdf0e10cSrcweir Sequence< sal_Int8 > issuerUid( m_pCert->issuerID.len ) ; 177*cdf0e10cSrcweir for( unsigned int i = 0 ; i < m_pCert->issuerID.len ; i ++ ) 178*cdf0e10cSrcweir issuerUid[i] = *( m_pCert->issuerID.data + i ) ; 179*cdf0e10cSrcweir 180*cdf0e10cSrcweir return issuerUid ; 181*cdf0e10cSrcweir } else { 182*cdf0e10cSrcweir return ::com::sun::star::uno::Sequence< sal_Int8 >(); 183*cdf0e10cSrcweir } 184*cdf0e10cSrcweir } 185*cdf0e10cSrcweir 186*cdf0e10cSrcweir ::com::sun::star::uno::Sequence< sal_Int8 > SAL_CALL X509Certificate_NssImpl :: getSubjectUniqueID() throw ( ::com::sun::star::uno::RuntimeException) { 187*cdf0e10cSrcweir if( m_pCert != NULL && m_pCert->subjectID.len > 0 ) { 188*cdf0e10cSrcweir Sequence< sal_Int8 > subjectUid( m_pCert->subjectID.len ) ; 189*cdf0e10cSrcweir for( unsigned int i = 0 ; i < m_pCert->subjectID.len ; i ++ ) 190*cdf0e10cSrcweir subjectUid[i] = *( m_pCert->subjectID.data + i ) ; 191*cdf0e10cSrcweir 192*cdf0e10cSrcweir return subjectUid ; 193*cdf0e10cSrcweir } else { 194*cdf0e10cSrcweir return ::com::sun::star::uno::Sequence< sal_Int8 >(); 195*cdf0e10cSrcweir } 196*cdf0e10cSrcweir } 197*cdf0e10cSrcweir 198*cdf0e10cSrcweir ::com::sun::star::uno::Sequence< ::com::sun::star::uno::Reference< ::com::sun::star::security::XCertificateExtension > > SAL_CALL X509Certificate_NssImpl :: getExtensions() throw ( ::com::sun::star::uno::RuntimeException) { 199*cdf0e10cSrcweir if( m_pCert != NULL && m_pCert->extensions != NULL ) { 200*cdf0e10cSrcweir CERTCertExtension** extns ; 201*cdf0e10cSrcweir CertificateExtension_XmlSecImpl* pExtn ; 202*cdf0e10cSrcweir sal_Bool crit ; 203*cdf0e10cSrcweir int len ; 204*cdf0e10cSrcweir 205*cdf0e10cSrcweir for( len = 0, extns = m_pCert->extensions; *extns != NULL; len ++, extns ++ ) ; 206*cdf0e10cSrcweir Sequence< Reference< XCertificateExtension > > xExtns( len ) ; 207*cdf0e10cSrcweir 208*cdf0e10cSrcweir for( extns = m_pCert->extensions, len = 0; *extns != NULL; extns ++, len ++ ) { 209*cdf0e10cSrcweir const SECItem id = (*extns)->id; 210*cdf0e10cSrcweir ::rtl::OString oidString(CERT_GetOidString(&id)); 211*cdf0e10cSrcweir 212*cdf0e10cSrcweir // remove "OID." prefix if existing 213*cdf0e10cSrcweir ::rtl::OString objID; 214*cdf0e10cSrcweir ::rtl::OString oid("OID."); 215*cdf0e10cSrcweir if (oidString.match(oid)) 216*cdf0e10cSrcweir objID = oidString.copy(oid.getLength()); 217*cdf0e10cSrcweir else 218*cdf0e10cSrcweir objID = oidString; 219*cdf0e10cSrcweir 220*cdf0e10cSrcweir if ( objID.equals("2.5.29.17") ) 221*cdf0e10cSrcweir pExtn = (CertificateExtension_XmlSecImpl*) new SanExtensionImpl() ; 222*cdf0e10cSrcweir else 223*cdf0e10cSrcweir pExtn = new CertificateExtension_XmlSecImpl() ; 224*cdf0e10cSrcweir 225*cdf0e10cSrcweir if( (*extns)->critical.data == NULL ) 226*cdf0e10cSrcweir crit = sal_False ; 227*cdf0e10cSrcweir else 228*cdf0e10cSrcweir crit = ( (*extns)->critical.data[0] == 0xFF ) ? sal_True : sal_False ; 229*cdf0e10cSrcweir pExtn->setCertExtn( (*extns)->value.data, (*extns)->value.len, (unsigned char*)objID.getStr(), objID.getLength(), crit ) ; 230*cdf0e10cSrcweir 231*cdf0e10cSrcweir xExtns[len] = pExtn ; 232*cdf0e10cSrcweir } 233*cdf0e10cSrcweir 234*cdf0e10cSrcweir return xExtns ; 235*cdf0e10cSrcweir } else { 236*cdf0e10cSrcweir return ::com::sun::star::uno::Sequence< ::com::sun::star::uno::Reference< ::com::sun::star::security::XCertificateExtension > > (); 237*cdf0e10cSrcweir } 238*cdf0e10cSrcweir } 239*cdf0e10cSrcweir 240*cdf0e10cSrcweir ::com::sun::star::uno::Reference< ::com::sun::star::security::XCertificateExtension > SAL_CALL X509Certificate_NssImpl :: findCertificateExtension( const ::com::sun::star::uno::Sequence< sal_Int8 >& oid ) throw (::com::sun::star::uno::RuntimeException) { 241*cdf0e10cSrcweir if( m_pCert != NULL && m_pCert->extensions != NULL ) { 242*cdf0e10cSrcweir CertificateExtension_XmlSecImpl* pExtn ; 243*cdf0e10cSrcweir CERTCertExtension** extns ; 244*cdf0e10cSrcweir SECItem idItem ; 245*cdf0e10cSrcweir sal_Bool crit ; 246*cdf0e10cSrcweir 247*cdf0e10cSrcweir idItem.data = ( unsigned char* )&oid[0] ; 248*cdf0e10cSrcweir idItem.len = oid.getLength() ; 249*cdf0e10cSrcweir 250*cdf0e10cSrcweir pExtn = NULL ; 251*cdf0e10cSrcweir for( extns = m_pCert->extensions; *extns != NULL; extns ++ ) { 252*cdf0e10cSrcweir if( SECITEM_CompareItem( &idItem, &(*extns)->id ) == SECEqual ) { 253*cdf0e10cSrcweir const SECItem id = (*extns)->id; 254*cdf0e10cSrcweir ::rtl::OString objId(CERT_GetOidString(&id)); 255*cdf0e10cSrcweir if ( objId.equals("OID.2.5.29.17") ) 256*cdf0e10cSrcweir pExtn = (CertificateExtension_XmlSecImpl*) new SanExtensionImpl() ; 257*cdf0e10cSrcweir else 258*cdf0e10cSrcweir pExtn = new CertificateExtension_XmlSecImpl() ; 259*cdf0e10cSrcweir if( (*extns)->critical.data == NULL ) 260*cdf0e10cSrcweir crit = sal_False ; 261*cdf0e10cSrcweir else 262*cdf0e10cSrcweir crit = ( (*extns)->critical.data[0] == 0xFF ) ? sal_True : sal_False ; 263*cdf0e10cSrcweir pExtn->setCertExtn( (*extns)->value.data, (*extns)->value.len, (*extns)->id.data, (*extns)->id.len, crit ) ; 264*cdf0e10cSrcweir } 265*cdf0e10cSrcweir } 266*cdf0e10cSrcweir 267*cdf0e10cSrcweir return pExtn ; 268*cdf0e10cSrcweir } else { 269*cdf0e10cSrcweir return NULL ; 270*cdf0e10cSrcweir } 271*cdf0e10cSrcweir } 272*cdf0e10cSrcweir 273*cdf0e10cSrcweir 274*cdf0e10cSrcweir ::com::sun::star::uno::Sequence< sal_Int8 > SAL_CALL X509Certificate_NssImpl :: getEncoded() throw ( ::com::sun::star::uno::RuntimeException) { 275*cdf0e10cSrcweir if( m_pCert != NULL && m_pCert->derCert.len > 0 ) { 276*cdf0e10cSrcweir Sequence< sal_Int8 > rawCert( m_pCert->derCert.len ) ; 277*cdf0e10cSrcweir 278*cdf0e10cSrcweir for( unsigned int i = 0 ; i < m_pCert->derCert.len ; i ++ ) 279*cdf0e10cSrcweir rawCert[i] = *( m_pCert->derCert.data + i ) ; 280*cdf0e10cSrcweir 281*cdf0e10cSrcweir return rawCert ; 282*cdf0e10cSrcweir } else { 283*cdf0e10cSrcweir return ::com::sun::star::uno::Sequence< sal_Int8 >(); 284*cdf0e10cSrcweir } 285*cdf0e10cSrcweir } 286*cdf0e10cSrcweir 287*cdf0e10cSrcweir //Helper methods 288*cdf0e10cSrcweir void X509Certificate_NssImpl :: setCert( CERTCertificate* cert ) { 289*cdf0e10cSrcweir if( m_pCert != NULL ) { 290*cdf0e10cSrcweir CERT_DestroyCertificate( m_pCert ) ; 291*cdf0e10cSrcweir m_pCert = NULL ; 292*cdf0e10cSrcweir } 293*cdf0e10cSrcweir 294*cdf0e10cSrcweir if( cert != NULL ) { 295*cdf0e10cSrcweir m_pCert = CERT_DupCertificate( cert ) ; 296*cdf0e10cSrcweir } 297*cdf0e10cSrcweir } 298*cdf0e10cSrcweir 299*cdf0e10cSrcweir const CERTCertificate* X509Certificate_NssImpl :: getNssCert() const { 300*cdf0e10cSrcweir if( m_pCert != NULL ) { 301*cdf0e10cSrcweir return m_pCert ; 302*cdf0e10cSrcweir } else { 303*cdf0e10cSrcweir return NULL ; 304*cdf0e10cSrcweir } 305*cdf0e10cSrcweir } 306*cdf0e10cSrcweir 307*cdf0e10cSrcweir void X509Certificate_NssImpl :: setRawCert( Sequence< sal_Int8 > rawCert ) throw ( ::com::sun::star::uno::RuntimeException) { 308*cdf0e10cSrcweir CERTCertificate* cert ; 309*cdf0e10cSrcweir SECItem certItem ; 310*cdf0e10cSrcweir 311*cdf0e10cSrcweir certItem.data = ( unsigned char* )&rawCert[0] ; 312*cdf0e10cSrcweir certItem.len = rawCert.getLength() ; 313*cdf0e10cSrcweir 314*cdf0e10cSrcweir cert = CERT_DecodeDERCertificate( &certItem, PR_TRUE, NULL ) ; 315*cdf0e10cSrcweir if( cert == NULL ) 316*cdf0e10cSrcweir throw RuntimeException() ; 317*cdf0e10cSrcweir 318*cdf0e10cSrcweir if( m_pCert != NULL ) { 319*cdf0e10cSrcweir CERT_DestroyCertificate( m_pCert ) ; 320*cdf0e10cSrcweir m_pCert = NULL ; 321*cdf0e10cSrcweir } 322*cdf0e10cSrcweir 323*cdf0e10cSrcweir m_pCert = cert ; 324*cdf0e10cSrcweir } 325*cdf0e10cSrcweir 326*cdf0e10cSrcweir /* XUnoTunnel */ 327*cdf0e10cSrcweir sal_Int64 SAL_CALL X509Certificate_NssImpl :: getSomething( const Sequence< sal_Int8 >& aIdentifier ) throw( RuntimeException ) { 328*cdf0e10cSrcweir if( aIdentifier.getLength() == 16 && 0 == rtl_compareMemory( getUnoTunnelId().getConstArray(), aIdentifier.getConstArray(), 16 ) ) { 329*cdf0e10cSrcweir return sal::static_int_cast<sal_Int64>(reinterpret_cast<sal_uIntPtr>(this)); 330*cdf0e10cSrcweir } 331*cdf0e10cSrcweir return 0 ; 332*cdf0e10cSrcweir } 333*cdf0e10cSrcweir 334*cdf0e10cSrcweir /* XUnoTunnel extension */ 335*cdf0e10cSrcweir const Sequence< sal_Int8>& X509Certificate_NssImpl :: getUnoTunnelId() { 336*cdf0e10cSrcweir static Sequence< sal_Int8 >* pSeq = 0 ; 337*cdf0e10cSrcweir if( !pSeq ) { 338*cdf0e10cSrcweir ::osl::Guard< ::osl::Mutex > aGuard( ::osl::Mutex::getGlobalMutex() ) ; 339*cdf0e10cSrcweir if( !pSeq ) { 340*cdf0e10cSrcweir static Sequence< sal_Int8> aSeq( 16 ) ; 341*cdf0e10cSrcweir rtl_createUuid( ( sal_uInt8* )aSeq.getArray() , 0 , sal_True ) ; 342*cdf0e10cSrcweir pSeq = &aSeq ; 343*cdf0e10cSrcweir } 344*cdf0e10cSrcweir } 345*cdf0e10cSrcweir return *pSeq ; 346*cdf0e10cSrcweir } 347*cdf0e10cSrcweir 348*cdf0e10cSrcweir /* XUnoTunnel extension */ 349*cdf0e10cSrcweir X509Certificate_NssImpl* X509Certificate_NssImpl :: getImplementation( const Reference< XInterface > xObj ) { 350*cdf0e10cSrcweir Reference< XUnoTunnel > xUT( xObj , UNO_QUERY ) ; 351*cdf0e10cSrcweir if( xUT.is() ) { 352*cdf0e10cSrcweir return reinterpret_cast<X509Certificate_NssImpl*>( 353*cdf0e10cSrcweir sal::static_int_cast<sal_uIntPtr>(xUT->getSomething( getUnoTunnelId() ))); 354*cdf0e10cSrcweir } else 355*cdf0e10cSrcweir return NULL ; 356*cdf0e10cSrcweir } 357*cdf0e10cSrcweir 358*cdf0e10cSrcweir // MM : added by MM 359*cdf0e10cSrcweir ::rtl::OUString getAlgorithmDescription(SECAlgorithmID *aid) 360*cdf0e10cSrcweir { 361*cdf0e10cSrcweir SECOidTag tag; 362*cdf0e10cSrcweir tag = SECOID_GetAlgorithmTag(aid); 363*cdf0e10cSrcweir 364*cdf0e10cSrcweir const char *pDesc = SECOID_FindOIDTagDescription(tag); 365*cdf0e10cSrcweir 366*cdf0e10cSrcweir return rtl::OUString::createFromAscii( pDesc ) ; 367*cdf0e10cSrcweir } 368*cdf0e10cSrcweir 369*cdf0e10cSrcweir ::com::sun::star::uno::Sequence< sal_Int8 > getThumbprint(CERTCertificate *pCert, SECOidTag id) 370*cdf0e10cSrcweir { 371*cdf0e10cSrcweir if( pCert != NULL ) 372*cdf0e10cSrcweir { 373*cdf0e10cSrcweir unsigned char fingerprint[20]; 374*cdf0e10cSrcweir //char *fpStr = NULL; 375*cdf0e10cSrcweir SECItem fpItem; 376*cdf0e10cSrcweir int length = ((id == SEC_OID_MD5)?MD5_LENGTH:SHA1_LENGTH); 377*cdf0e10cSrcweir 378*cdf0e10cSrcweir memset(fingerprint, 0, sizeof fingerprint); 379*cdf0e10cSrcweir PK11_HashBuf(id, fingerprint, pCert->derCert.data, pCert->derCert.len); 380*cdf0e10cSrcweir fpItem.data = fingerprint; 381*cdf0e10cSrcweir fpItem.len = length; 382*cdf0e10cSrcweir //fpStr = CERT_Hexify(&fpItem, 1); 383*cdf0e10cSrcweir 384*cdf0e10cSrcweir Sequence< sal_Int8 > thumbprint( length ) ; 385*cdf0e10cSrcweir for( int i = 0 ; i < length ; i ++ ) 386*cdf0e10cSrcweir { 387*cdf0e10cSrcweir thumbprint[i] = fingerprint[i]; 388*cdf0e10cSrcweir } 389*cdf0e10cSrcweir 390*cdf0e10cSrcweir //PORT_Free(fpStr); 391*cdf0e10cSrcweir return thumbprint; 392*cdf0e10cSrcweir } 393*cdf0e10cSrcweir else 394*cdf0e10cSrcweir { 395*cdf0e10cSrcweir return ::com::sun::star::uno::Sequence< sal_Int8 >(); 396*cdf0e10cSrcweir } 397*cdf0e10cSrcweir } 398*cdf0e10cSrcweir 399*cdf0e10cSrcweir ::rtl::OUString SAL_CALL X509Certificate_NssImpl::getSubjectPublicKeyAlgorithm() 400*cdf0e10cSrcweir throw ( ::com::sun::star::uno::RuntimeException) 401*cdf0e10cSrcweir { 402*cdf0e10cSrcweir if( m_pCert != NULL ) 403*cdf0e10cSrcweir { 404*cdf0e10cSrcweir return getAlgorithmDescription(&(m_pCert->subjectPublicKeyInfo.algorithm)); 405*cdf0e10cSrcweir } 406*cdf0e10cSrcweir else 407*cdf0e10cSrcweir { 408*cdf0e10cSrcweir return OUString() ; 409*cdf0e10cSrcweir } 410*cdf0e10cSrcweir } 411*cdf0e10cSrcweir 412*cdf0e10cSrcweir ::com::sun::star::uno::Sequence< sal_Int8 > SAL_CALL X509Certificate_NssImpl::getSubjectPublicKeyValue() 413*cdf0e10cSrcweir throw ( ::com::sun::star::uno::RuntimeException) 414*cdf0e10cSrcweir { 415*cdf0e10cSrcweir if( m_pCert != NULL ) 416*cdf0e10cSrcweir { 417*cdf0e10cSrcweir SECItem spk = m_pCert->subjectPublicKeyInfo.subjectPublicKey; 418*cdf0e10cSrcweir DER_ConvertBitString(&spk); 419*cdf0e10cSrcweir 420*cdf0e10cSrcweir if ( spk.len>0) 421*cdf0e10cSrcweir { 422*cdf0e10cSrcweir Sequence< sal_Int8 > key( spk.len ) ; 423*cdf0e10cSrcweir for( unsigned int i = 0 ; i < spk.len ; i ++ ) 424*cdf0e10cSrcweir { 425*cdf0e10cSrcweir key[i] = *( spk.data + i ) ; 426*cdf0e10cSrcweir } 427*cdf0e10cSrcweir 428*cdf0e10cSrcweir return key ; 429*cdf0e10cSrcweir } 430*cdf0e10cSrcweir } 431*cdf0e10cSrcweir 432*cdf0e10cSrcweir return ::com::sun::star::uno::Sequence< sal_Int8 >(); 433*cdf0e10cSrcweir } 434*cdf0e10cSrcweir 435*cdf0e10cSrcweir ::rtl::OUString SAL_CALL X509Certificate_NssImpl::getSignatureAlgorithm() 436*cdf0e10cSrcweir throw ( ::com::sun::star::uno::RuntimeException) 437*cdf0e10cSrcweir { 438*cdf0e10cSrcweir if( m_pCert != NULL ) 439*cdf0e10cSrcweir { 440*cdf0e10cSrcweir return getAlgorithmDescription(&(m_pCert->signature)); 441*cdf0e10cSrcweir } 442*cdf0e10cSrcweir else 443*cdf0e10cSrcweir { 444*cdf0e10cSrcweir return OUString() ; 445*cdf0e10cSrcweir } 446*cdf0e10cSrcweir } 447*cdf0e10cSrcweir 448*cdf0e10cSrcweir ::com::sun::star::uno::Sequence< sal_Int8 > SAL_CALL X509Certificate_NssImpl::getSHA1Thumbprint() 449*cdf0e10cSrcweir throw ( ::com::sun::star::uno::RuntimeException) 450*cdf0e10cSrcweir { 451*cdf0e10cSrcweir return getThumbprint(m_pCert, SEC_OID_SHA1); 452*cdf0e10cSrcweir } 453*cdf0e10cSrcweir 454*cdf0e10cSrcweir ::com::sun::star::uno::Sequence< sal_Int8 > SAL_CALL X509Certificate_NssImpl::getMD5Thumbprint() 455*cdf0e10cSrcweir throw ( ::com::sun::star::uno::RuntimeException) 456*cdf0e10cSrcweir { 457*cdf0e10cSrcweir return getThumbprint(m_pCert, SEC_OID_MD5); 458*cdf0e10cSrcweir } 459*cdf0e10cSrcweir 460*cdf0e10cSrcweir sal_Int32 SAL_CALL X509Certificate_NssImpl::getCertificateUsage( ) 461*cdf0e10cSrcweir throw ( ::com::sun::star::uno::RuntimeException) 462*cdf0e10cSrcweir { 463*cdf0e10cSrcweir SECStatus rv; 464*cdf0e10cSrcweir SECItem tmpitem; 465*cdf0e10cSrcweir sal_Int32 usage; 466*cdf0e10cSrcweir 467*cdf0e10cSrcweir rv = CERT_FindKeyUsageExtension(m_pCert, &tmpitem); 468*cdf0e10cSrcweir if ( rv == SECSuccess ) 469*cdf0e10cSrcweir { 470*cdf0e10cSrcweir usage = tmpitem.data[0]; 471*cdf0e10cSrcweir PORT_Free(tmpitem.data); 472*cdf0e10cSrcweir tmpitem.data = NULL; 473*cdf0e10cSrcweir } 474*cdf0e10cSrcweir else 475*cdf0e10cSrcweir { 476*cdf0e10cSrcweir usage = KU_ALL; 477*cdf0e10cSrcweir } 478*cdf0e10cSrcweir 479*cdf0e10cSrcweir /* 480*cdf0e10cSrcweir * to make the nss implementation compatible with MSCrypto, 481*cdf0e10cSrcweir * the following usage is ignored 482*cdf0e10cSrcweir * 483*cdf0e10cSrcweir * 484*cdf0e10cSrcweir if ( CERT_GovtApprovedBitSet(m_pCert) ) 485*cdf0e10cSrcweir { 486*cdf0e10cSrcweir usage |= KU_NS_GOVT_APPROVED; 487*cdf0e10cSrcweir } 488*cdf0e10cSrcweir */ 489*cdf0e10cSrcweir 490*cdf0e10cSrcweir return usage; 491*cdf0e10cSrcweir } 492*cdf0e10cSrcweir 493*cdf0e10cSrcweir // MM : end 494*cdf0e10cSrcweir 495