1cdf0e10cSrcweir /************************************************************************* 2cdf0e10cSrcweir * 3cdf0e10cSrcweir * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. 4cdf0e10cSrcweir * 5cdf0e10cSrcweir * Copyright 2000, 2010 Oracle and/or its affiliates. 6cdf0e10cSrcweir * 7cdf0e10cSrcweir * OpenOffice.org - a multi-platform office productivity suite 8cdf0e10cSrcweir * 9cdf0e10cSrcweir * This file is part of OpenOffice.org. 10cdf0e10cSrcweir * 11cdf0e10cSrcweir * OpenOffice.org is free software: you can redistribute it and/or modify 12cdf0e10cSrcweir * it under the terms of the GNU Lesser General Public License version 3 13cdf0e10cSrcweir * only, as published by the Free Software Foundation. 14cdf0e10cSrcweir * 15cdf0e10cSrcweir * OpenOffice.org is distributed in the hope that it will be useful, 16cdf0e10cSrcweir * but WITHOUT ANY WARRANTY; without even the implied warranty of 17cdf0e10cSrcweir * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 18cdf0e10cSrcweir * GNU Lesser General Public License version 3 for more details 19cdf0e10cSrcweir * (a copy is included in the LICENSE file that accompanied this code). 20cdf0e10cSrcweir * 21cdf0e10cSrcweir * You should have received a copy of the GNU Lesser General Public License 22cdf0e10cSrcweir * version 3 along with OpenOffice.org. If not, see 23cdf0e10cSrcweir * <http://www.openoffice.org/license.html> 24cdf0e10cSrcweir * for a copy of the LGPLv3 License. 25cdf0e10cSrcweir * 26cdf0e10cSrcweir ************************************************************************/ 27cdf0e10cSrcweir 28cdf0e10cSrcweir // MARKER(update_precomp.py): autogen include statement, do not remove 29cdf0e10cSrcweir #include "precompiled_xmlsecurity.hxx" 30cdf0e10cSrcweir 31cdf0e10cSrcweir 32*e00f6fb2SPedro Giffuni #ifndef __nssrenam_h_ 33*e00f6fb2SPedro Giffuni #define CERT_DecodeDERCertificate __CERT_DecodeDERCertificate 34*e00f6fb2SPedro Giffuni #endif /* __nssrenam_h_ */ 35cdf0e10cSrcweir 36cdf0e10cSrcweir #include "nspr.h" 37cdf0e10cSrcweir #include "nss.h" 38cdf0e10cSrcweir #include "secder.h" 39cdf0e10cSrcweir 40cdf0e10cSrcweir //MM : added by MM 41cdf0e10cSrcweir #include "hasht.h" 42cdf0e10cSrcweir #include "secoid.h" 43cdf0e10cSrcweir #include "pk11func.h" 44cdf0e10cSrcweir //MM : end 45cdf0e10cSrcweir 46cdf0e10cSrcweir 47cdf0e10cSrcweir 48cdf0e10cSrcweir #include <sal/config.h> 49cdf0e10cSrcweir #include <rtl/uuid.h> 50cdf0e10cSrcweir #include "x509certificate_nssimpl.hxx" 51cdf0e10cSrcweir 52cdf0e10cSrcweir #ifndef _CERTIFICATEEXTENSION_NSSIMPL_HXX_ 53cdf0e10cSrcweir #include "certificateextension_xmlsecimpl.hxx" 54cdf0e10cSrcweir #endif 55cdf0e10cSrcweir 56cdf0e10cSrcweir #ifndef _SANEXTENSION_NSSIMPL_HXX_ 57cdf0e10cSrcweir #include "sanextension_nssimpl.hxx" 58cdf0e10cSrcweir #endif 59cdf0e10cSrcweir 60cdf0e10cSrcweir using namespace ::com::sun::star::uno ; 61cdf0e10cSrcweir using namespace ::com::sun::star::security ; 62cdf0e10cSrcweir using ::rtl::OUString ; 63cdf0e10cSrcweir 64cdf0e10cSrcweir using ::com::sun::star::security::XCertificate ; 65cdf0e10cSrcweir using ::com::sun::star::util::DateTime ; 66cdf0e10cSrcweir 67cdf0e10cSrcweir X509Certificate_NssImpl :: X509Certificate_NssImpl() : 68cdf0e10cSrcweir m_pCert( NULL ) 69cdf0e10cSrcweir { 70cdf0e10cSrcweir } 71cdf0e10cSrcweir 72cdf0e10cSrcweir X509Certificate_NssImpl :: ~X509Certificate_NssImpl() { 73cdf0e10cSrcweir if( m_pCert != NULL ) { 74cdf0e10cSrcweir CERT_DestroyCertificate( m_pCert ) ; 75cdf0e10cSrcweir } 76cdf0e10cSrcweir } 77cdf0e10cSrcweir 78cdf0e10cSrcweir //Methods from XCertificate 79cdf0e10cSrcweir sal_Int16 SAL_CALL X509Certificate_NssImpl :: getVersion() throw ( ::com::sun::star::uno::RuntimeException) { 80cdf0e10cSrcweir if( m_pCert != NULL ) { 81cdf0e10cSrcweir if( m_pCert->version.len > 0 ) { 82cdf0e10cSrcweir return ( char )*( m_pCert->version.data ) ; 83cdf0e10cSrcweir } else 84cdf0e10cSrcweir return 0 ; 85cdf0e10cSrcweir } else { 86cdf0e10cSrcweir return -1 ; 87cdf0e10cSrcweir } 88cdf0e10cSrcweir } 89cdf0e10cSrcweir 90cdf0e10cSrcweir ::com::sun::star::uno::Sequence< sal_Int8 > SAL_CALL X509Certificate_NssImpl :: getSerialNumber() throw ( ::com::sun::star::uno::RuntimeException) { 91cdf0e10cSrcweir if( m_pCert != NULL && m_pCert->serialNumber.len > 0 ) { 92cdf0e10cSrcweir Sequence< sal_Int8 > serial( m_pCert->serialNumber.len ) ; 93cdf0e10cSrcweir for( unsigned int i = 0 ; i < m_pCert->serialNumber.len ; i ++ ) 94cdf0e10cSrcweir serial[i] = *( m_pCert->serialNumber.data + i ) ; 95cdf0e10cSrcweir 96cdf0e10cSrcweir return serial ; 97cdf0e10cSrcweir } else { 98cdf0e10cSrcweir return ::com::sun::star::uno::Sequence< sal_Int8 >(); 99cdf0e10cSrcweir } 100cdf0e10cSrcweir } 101cdf0e10cSrcweir 102cdf0e10cSrcweir ::rtl::OUString SAL_CALL X509Certificate_NssImpl :: getIssuerName() throw ( ::com::sun::star::uno::RuntimeException) { 103cdf0e10cSrcweir if( m_pCert != NULL ) { 104cdf0e10cSrcweir return OUString(m_pCert->issuerName , PL_strlen(m_pCert->issuerName) , RTL_TEXTENCODING_UTF8) ; 105cdf0e10cSrcweir } else { 106cdf0e10cSrcweir return OUString() ; 107cdf0e10cSrcweir } 108cdf0e10cSrcweir } 109cdf0e10cSrcweir 110cdf0e10cSrcweir ::rtl::OUString SAL_CALL X509Certificate_NssImpl :: getSubjectName() throw ( ::com::sun::star::uno::RuntimeException) { 111cdf0e10cSrcweir if( m_pCert != NULL ) { 112cdf0e10cSrcweir return OUString(m_pCert->subjectName , PL_strlen(m_pCert->subjectName) , RTL_TEXTENCODING_UTF8); 113cdf0e10cSrcweir } else { 114cdf0e10cSrcweir return OUString() ; 115cdf0e10cSrcweir } 116cdf0e10cSrcweir } 117cdf0e10cSrcweir 118cdf0e10cSrcweir ::com::sun::star::util::DateTime SAL_CALL X509Certificate_NssImpl :: getNotValidBefore() throw ( ::com::sun::star::uno::RuntimeException) { 119cdf0e10cSrcweir if( m_pCert != NULL ) { 120cdf0e10cSrcweir SECStatus rv ; 121cdf0e10cSrcweir PRTime notBefore ; 122cdf0e10cSrcweir PRExplodedTime explTime ; 123cdf0e10cSrcweir DateTime dateTime ; 124cdf0e10cSrcweir 125cdf0e10cSrcweir rv = DER_DecodeTimeChoice( ¬Before, &m_pCert->validity.notBefore ) ; 126cdf0e10cSrcweir if( rv ) { 127cdf0e10cSrcweir return DateTime() ; 128cdf0e10cSrcweir } 129cdf0e10cSrcweir 130cdf0e10cSrcweir //Convert the time to readable local time 131cdf0e10cSrcweir PR_ExplodeTime( notBefore, PR_LocalTimeParameters, &explTime ) ; 132cdf0e10cSrcweir 133cdf0e10cSrcweir dateTime.HundredthSeconds = static_cast< sal_Int16 >( explTime.tm_usec / 1000 ); 134cdf0e10cSrcweir dateTime.Seconds = static_cast< sal_Int16 >( explTime.tm_sec ); 135cdf0e10cSrcweir dateTime.Minutes = static_cast< sal_Int16 >( explTime.tm_min ); 136cdf0e10cSrcweir dateTime.Hours = static_cast< sal_Int16 >( explTime.tm_hour ); 137cdf0e10cSrcweir dateTime.Day = static_cast< sal_Int16 >( explTime.tm_mday ); 138cdf0e10cSrcweir dateTime.Month = static_cast< sal_Int16 >( explTime.tm_month+1 ); 139cdf0e10cSrcweir dateTime.Year = static_cast< sal_Int16 >( explTime.tm_year ); 140cdf0e10cSrcweir 141cdf0e10cSrcweir return dateTime ; 142cdf0e10cSrcweir } else { 143cdf0e10cSrcweir return DateTime() ; 144cdf0e10cSrcweir } 145cdf0e10cSrcweir } 146cdf0e10cSrcweir 147cdf0e10cSrcweir ::com::sun::star::util::DateTime SAL_CALL X509Certificate_NssImpl :: getNotValidAfter() throw ( ::com::sun::star::uno::RuntimeException) { 148cdf0e10cSrcweir if( m_pCert != NULL ) { 149cdf0e10cSrcweir SECStatus rv ; 150cdf0e10cSrcweir PRTime notAfter ; 151cdf0e10cSrcweir PRExplodedTime explTime ; 152cdf0e10cSrcweir DateTime dateTime ; 153cdf0e10cSrcweir 154cdf0e10cSrcweir rv = DER_DecodeTimeChoice( ¬After, &m_pCert->validity.notAfter ) ; 155cdf0e10cSrcweir if( rv ) { 156cdf0e10cSrcweir return DateTime() ; 157cdf0e10cSrcweir } 158cdf0e10cSrcweir 159cdf0e10cSrcweir //Convert the time to readable local time 160cdf0e10cSrcweir PR_ExplodeTime( notAfter, PR_LocalTimeParameters, &explTime ) ; 161cdf0e10cSrcweir 162cdf0e10cSrcweir dateTime.HundredthSeconds = static_cast< sal_Int16 >( explTime.tm_usec / 1000 ); 163cdf0e10cSrcweir dateTime.Seconds = static_cast< sal_Int16 >( explTime.tm_sec ); 164cdf0e10cSrcweir dateTime.Minutes = static_cast< sal_Int16 >( explTime.tm_min ); 165cdf0e10cSrcweir dateTime.Hours = static_cast< sal_Int16 >( explTime.tm_hour ); 166cdf0e10cSrcweir dateTime.Day = static_cast< sal_Int16 >( explTime.tm_mday ); 167cdf0e10cSrcweir dateTime.Month = static_cast< sal_Int16 >( explTime.tm_month+1 ); 168cdf0e10cSrcweir dateTime.Year = static_cast< sal_Int16 >( explTime.tm_year ); 169cdf0e10cSrcweir 170cdf0e10cSrcweir return dateTime ; 171cdf0e10cSrcweir } else { 172cdf0e10cSrcweir return DateTime() ; 173cdf0e10cSrcweir } 174cdf0e10cSrcweir } 175cdf0e10cSrcweir 176cdf0e10cSrcweir ::com::sun::star::uno::Sequence< sal_Int8 > SAL_CALL X509Certificate_NssImpl :: getIssuerUniqueID() throw ( ::com::sun::star::uno::RuntimeException) { 177cdf0e10cSrcweir if( m_pCert != NULL && m_pCert->issuerID.len > 0 ) { 178cdf0e10cSrcweir Sequence< sal_Int8 > issuerUid( m_pCert->issuerID.len ) ; 179cdf0e10cSrcweir for( unsigned int i = 0 ; i < m_pCert->issuerID.len ; i ++ ) 180cdf0e10cSrcweir issuerUid[i] = *( m_pCert->issuerID.data + i ) ; 181cdf0e10cSrcweir 182cdf0e10cSrcweir return issuerUid ; 183cdf0e10cSrcweir } else { 184cdf0e10cSrcweir return ::com::sun::star::uno::Sequence< sal_Int8 >(); 185cdf0e10cSrcweir } 186cdf0e10cSrcweir } 187cdf0e10cSrcweir 188cdf0e10cSrcweir ::com::sun::star::uno::Sequence< sal_Int8 > SAL_CALL X509Certificate_NssImpl :: getSubjectUniqueID() throw ( ::com::sun::star::uno::RuntimeException) { 189cdf0e10cSrcweir if( m_pCert != NULL && m_pCert->subjectID.len > 0 ) { 190cdf0e10cSrcweir Sequence< sal_Int8 > subjectUid( m_pCert->subjectID.len ) ; 191cdf0e10cSrcweir for( unsigned int i = 0 ; i < m_pCert->subjectID.len ; i ++ ) 192cdf0e10cSrcweir subjectUid[i] = *( m_pCert->subjectID.data + i ) ; 193cdf0e10cSrcweir 194cdf0e10cSrcweir return subjectUid ; 195cdf0e10cSrcweir } else { 196cdf0e10cSrcweir return ::com::sun::star::uno::Sequence< sal_Int8 >(); 197cdf0e10cSrcweir } 198cdf0e10cSrcweir } 199cdf0e10cSrcweir 200cdf0e10cSrcweir ::com::sun::star::uno::Sequence< ::com::sun::star::uno::Reference< ::com::sun::star::security::XCertificateExtension > > SAL_CALL X509Certificate_NssImpl :: getExtensions() throw ( ::com::sun::star::uno::RuntimeException) { 201cdf0e10cSrcweir if( m_pCert != NULL && m_pCert->extensions != NULL ) { 202cdf0e10cSrcweir CERTCertExtension** extns ; 203cdf0e10cSrcweir CertificateExtension_XmlSecImpl* pExtn ; 204cdf0e10cSrcweir sal_Bool crit ; 205cdf0e10cSrcweir int len ; 206cdf0e10cSrcweir 207cdf0e10cSrcweir for( len = 0, extns = m_pCert->extensions; *extns != NULL; len ++, extns ++ ) ; 208cdf0e10cSrcweir Sequence< Reference< XCertificateExtension > > xExtns( len ) ; 209cdf0e10cSrcweir 210cdf0e10cSrcweir for( extns = m_pCert->extensions, len = 0; *extns != NULL; extns ++, len ++ ) { 211cdf0e10cSrcweir const SECItem id = (*extns)->id; 212cdf0e10cSrcweir ::rtl::OString oidString(CERT_GetOidString(&id)); 213cdf0e10cSrcweir 214cdf0e10cSrcweir // remove "OID." prefix if existing 215cdf0e10cSrcweir ::rtl::OString objID; 216cdf0e10cSrcweir ::rtl::OString oid("OID."); 217cdf0e10cSrcweir if (oidString.match(oid)) 218cdf0e10cSrcweir objID = oidString.copy(oid.getLength()); 219cdf0e10cSrcweir else 220cdf0e10cSrcweir objID = oidString; 221cdf0e10cSrcweir 222cdf0e10cSrcweir if ( objID.equals("2.5.29.17") ) 223cdf0e10cSrcweir pExtn = (CertificateExtension_XmlSecImpl*) new SanExtensionImpl() ; 224cdf0e10cSrcweir else 225cdf0e10cSrcweir pExtn = new CertificateExtension_XmlSecImpl() ; 226cdf0e10cSrcweir 227cdf0e10cSrcweir if( (*extns)->critical.data == NULL ) 228cdf0e10cSrcweir crit = sal_False ; 229cdf0e10cSrcweir else 230cdf0e10cSrcweir crit = ( (*extns)->critical.data[0] == 0xFF ) ? sal_True : sal_False ; 231cdf0e10cSrcweir pExtn->setCertExtn( (*extns)->value.data, (*extns)->value.len, (unsigned char*)objID.getStr(), objID.getLength(), crit ) ; 232cdf0e10cSrcweir 233cdf0e10cSrcweir xExtns[len] = pExtn ; 234cdf0e10cSrcweir } 235cdf0e10cSrcweir 236cdf0e10cSrcweir return xExtns ; 237cdf0e10cSrcweir } else { 238cdf0e10cSrcweir return ::com::sun::star::uno::Sequence< ::com::sun::star::uno::Reference< ::com::sun::star::security::XCertificateExtension > > (); 239cdf0e10cSrcweir } 240cdf0e10cSrcweir } 241cdf0e10cSrcweir 242cdf0e10cSrcweir ::com::sun::star::uno::Reference< ::com::sun::star::security::XCertificateExtension > SAL_CALL X509Certificate_NssImpl :: findCertificateExtension( const ::com::sun::star::uno::Sequence< sal_Int8 >& oid ) throw (::com::sun::star::uno::RuntimeException) { 243cdf0e10cSrcweir if( m_pCert != NULL && m_pCert->extensions != NULL ) { 244cdf0e10cSrcweir CertificateExtension_XmlSecImpl* pExtn ; 245cdf0e10cSrcweir CERTCertExtension** extns ; 246cdf0e10cSrcweir SECItem idItem ; 247cdf0e10cSrcweir sal_Bool crit ; 248cdf0e10cSrcweir 249cdf0e10cSrcweir idItem.data = ( unsigned char* )&oid[0] ; 250cdf0e10cSrcweir idItem.len = oid.getLength() ; 251cdf0e10cSrcweir 252cdf0e10cSrcweir pExtn = NULL ; 253cdf0e10cSrcweir for( extns = m_pCert->extensions; *extns != NULL; extns ++ ) { 254cdf0e10cSrcweir if( SECITEM_CompareItem( &idItem, &(*extns)->id ) == SECEqual ) { 255cdf0e10cSrcweir const SECItem id = (*extns)->id; 256cdf0e10cSrcweir ::rtl::OString objId(CERT_GetOidString(&id)); 257cdf0e10cSrcweir if ( objId.equals("OID.2.5.29.17") ) 258cdf0e10cSrcweir pExtn = (CertificateExtension_XmlSecImpl*) new SanExtensionImpl() ; 259cdf0e10cSrcweir else 260cdf0e10cSrcweir pExtn = new CertificateExtension_XmlSecImpl() ; 261cdf0e10cSrcweir if( (*extns)->critical.data == NULL ) 262cdf0e10cSrcweir crit = sal_False ; 263cdf0e10cSrcweir else 264cdf0e10cSrcweir crit = ( (*extns)->critical.data[0] == 0xFF ) ? sal_True : sal_False ; 265cdf0e10cSrcweir pExtn->setCertExtn( (*extns)->value.data, (*extns)->value.len, (*extns)->id.data, (*extns)->id.len, crit ) ; 266cdf0e10cSrcweir } 267cdf0e10cSrcweir } 268cdf0e10cSrcweir 269cdf0e10cSrcweir return pExtn ; 270cdf0e10cSrcweir } else { 271cdf0e10cSrcweir return NULL ; 272cdf0e10cSrcweir } 273cdf0e10cSrcweir } 274cdf0e10cSrcweir 275cdf0e10cSrcweir 276cdf0e10cSrcweir ::com::sun::star::uno::Sequence< sal_Int8 > SAL_CALL X509Certificate_NssImpl :: getEncoded() throw ( ::com::sun::star::uno::RuntimeException) { 277cdf0e10cSrcweir if( m_pCert != NULL && m_pCert->derCert.len > 0 ) { 278cdf0e10cSrcweir Sequence< sal_Int8 > rawCert( m_pCert->derCert.len ) ; 279cdf0e10cSrcweir 280cdf0e10cSrcweir for( unsigned int i = 0 ; i < m_pCert->derCert.len ; i ++ ) 281cdf0e10cSrcweir rawCert[i] = *( m_pCert->derCert.data + i ) ; 282cdf0e10cSrcweir 283cdf0e10cSrcweir return rawCert ; 284cdf0e10cSrcweir } else { 285cdf0e10cSrcweir return ::com::sun::star::uno::Sequence< sal_Int8 >(); 286cdf0e10cSrcweir } 287cdf0e10cSrcweir } 288cdf0e10cSrcweir 289cdf0e10cSrcweir //Helper methods 290cdf0e10cSrcweir void X509Certificate_NssImpl :: setCert( CERTCertificate* cert ) { 291cdf0e10cSrcweir if( m_pCert != NULL ) { 292cdf0e10cSrcweir CERT_DestroyCertificate( m_pCert ) ; 293cdf0e10cSrcweir m_pCert = NULL ; 294cdf0e10cSrcweir } 295cdf0e10cSrcweir 296cdf0e10cSrcweir if( cert != NULL ) { 297cdf0e10cSrcweir m_pCert = CERT_DupCertificate( cert ) ; 298cdf0e10cSrcweir } 299cdf0e10cSrcweir } 300cdf0e10cSrcweir 301cdf0e10cSrcweir const CERTCertificate* X509Certificate_NssImpl :: getNssCert() const { 302cdf0e10cSrcweir if( m_pCert != NULL ) { 303cdf0e10cSrcweir return m_pCert ; 304cdf0e10cSrcweir } else { 305cdf0e10cSrcweir return NULL ; 306cdf0e10cSrcweir } 307cdf0e10cSrcweir } 308cdf0e10cSrcweir 309cdf0e10cSrcweir void X509Certificate_NssImpl :: setRawCert( Sequence< sal_Int8 > rawCert ) throw ( ::com::sun::star::uno::RuntimeException) { 310cdf0e10cSrcweir CERTCertificate* cert ; 311cdf0e10cSrcweir SECItem certItem ; 312cdf0e10cSrcweir 313cdf0e10cSrcweir certItem.data = ( unsigned char* )&rawCert[0] ; 314cdf0e10cSrcweir certItem.len = rawCert.getLength() ; 315cdf0e10cSrcweir 316cdf0e10cSrcweir cert = CERT_DecodeDERCertificate( &certItem, PR_TRUE, NULL ) ; 317cdf0e10cSrcweir if( cert == NULL ) 318cdf0e10cSrcweir throw RuntimeException() ; 319cdf0e10cSrcweir 320cdf0e10cSrcweir if( m_pCert != NULL ) { 321cdf0e10cSrcweir CERT_DestroyCertificate( m_pCert ) ; 322cdf0e10cSrcweir m_pCert = NULL ; 323cdf0e10cSrcweir } 324cdf0e10cSrcweir 325cdf0e10cSrcweir m_pCert = cert ; 326cdf0e10cSrcweir } 327cdf0e10cSrcweir 328cdf0e10cSrcweir /* XUnoTunnel */ 329cdf0e10cSrcweir sal_Int64 SAL_CALL X509Certificate_NssImpl :: getSomething( const Sequence< sal_Int8 >& aIdentifier ) throw( RuntimeException ) { 330cdf0e10cSrcweir if( aIdentifier.getLength() == 16 && 0 == rtl_compareMemory( getUnoTunnelId().getConstArray(), aIdentifier.getConstArray(), 16 ) ) { 331cdf0e10cSrcweir return sal::static_int_cast<sal_Int64>(reinterpret_cast<sal_uIntPtr>(this)); 332cdf0e10cSrcweir } 333cdf0e10cSrcweir return 0 ; 334cdf0e10cSrcweir } 335cdf0e10cSrcweir 336cdf0e10cSrcweir /* XUnoTunnel extension */ 337cdf0e10cSrcweir const Sequence< sal_Int8>& X509Certificate_NssImpl :: getUnoTunnelId() { 338cdf0e10cSrcweir static Sequence< sal_Int8 >* pSeq = 0 ; 339cdf0e10cSrcweir if( !pSeq ) { 340cdf0e10cSrcweir ::osl::Guard< ::osl::Mutex > aGuard( ::osl::Mutex::getGlobalMutex() ) ; 341cdf0e10cSrcweir if( !pSeq ) { 342cdf0e10cSrcweir static Sequence< sal_Int8> aSeq( 16 ) ; 343cdf0e10cSrcweir rtl_createUuid( ( sal_uInt8* )aSeq.getArray() , 0 , sal_True ) ; 344cdf0e10cSrcweir pSeq = &aSeq ; 345cdf0e10cSrcweir } 346cdf0e10cSrcweir } 347cdf0e10cSrcweir return *pSeq ; 348cdf0e10cSrcweir } 349cdf0e10cSrcweir 350cdf0e10cSrcweir /* XUnoTunnel extension */ 351cdf0e10cSrcweir X509Certificate_NssImpl* X509Certificate_NssImpl :: getImplementation( const Reference< XInterface > xObj ) { 352cdf0e10cSrcweir Reference< XUnoTunnel > xUT( xObj , UNO_QUERY ) ; 353cdf0e10cSrcweir if( xUT.is() ) { 354cdf0e10cSrcweir return reinterpret_cast<X509Certificate_NssImpl*>( 355cdf0e10cSrcweir sal::static_int_cast<sal_uIntPtr>(xUT->getSomething( getUnoTunnelId() ))); 356cdf0e10cSrcweir } else 357cdf0e10cSrcweir return NULL ; 358cdf0e10cSrcweir } 359cdf0e10cSrcweir 360cdf0e10cSrcweir // MM : added by MM 361cdf0e10cSrcweir ::rtl::OUString getAlgorithmDescription(SECAlgorithmID *aid) 362cdf0e10cSrcweir { 363cdf0e10cSrcweir SECOidTag tag; 364cdf0e10cSrcweir tag = SECOID_GetAlgorithmTag(aid); 365cdf0e10cSrcweir 366cdf0e10cSrcweir const char *pDesc = SECOID_FindOIDTagDescription(tag); 367cdf0e10cSrcweir 368cdf0e10cSrcweir return rtl::OUString::createFromAscii( pDesc ) ; 369cdf0e10cSrcweir } 370cdf0e10cSrcweir 371cdf0e10cSrcweir ::com::sun::star::uno::Sequence< sal_Int8 > getThumbprint(CERTCertificate *pCert, SECOidTag id) 372cdf0e10cSrcweir { 373cdf0e10cSrcweir if( pCert != NULL ) 374cdf0e10cSrcweir { 375cdf0e10cSrcweir unsigned char fingerprint[20]; 376cdf0e10cSrcweir //char *fpStr = NULL; 377cdf0e10cSrcweir SECItem fpItem; 378cdf0e10cSrcweir int length = ((id == SEC_OID_MD5)?MD5_LENGTH:SHA1_LENGTH); 379cdf0e10cSrcweir 380cdf0e10cSrcweir memset(fingerprint, 0, sizeof fingerprint); 381cdf0e10cSrcweir PK11_HashBuf(id, fingerprint, pCert->derCert.data, pCert->derCert.len); 382cdf0e10cSrcweir fpItem.data = fingerprint; 383cdf0e10cSrcweir fpItem.len = length; 384cdf0e10cSrcweir //fpStr = CERT_Hexify(&fpItem, 1); 385cdf0e10cSrcweir 386cdf0e10cSrcweir Sequence< sal_Int8 > thumbprint( length ) ; 387cdf0e10cSrcweir for( int i = 0 ; i < length ; i ++ ) 388cdf0e10cSrcweir { 389cdf0e10cSrcweir thumbprint[i] = fingerprint[i]; 390cdf0e10cSrcweir } 391cdf0e10cSrcweir 392cdf0e10cSrcweir //PORT_Free(fpStr); 393cdf0e10cSrcweir return thumbprint; 394cdf0e10cSrcweir } 395cdf0e10cSrcweir else 396cdf0e10cSrcweir { 397cdf0e10cSrcweir return ::com::sun::star::uno::Sequence< sal_Int8 >(); 398cdf0e10cSrcweir } 399cdf0e10cSrcweir } 400cdf0e10cSrcweir 401cdf0e10cSrcweir ::rtl::OUString SAL_CALL X509Certificate_NssImpl::getSubjectPublicKeyAlgorithm() 402cdf0e10cSrcweir throw ( ::com::sun::star::uno::RuntimeException) 403cdf0e10cSrcweir { 404cdf0e10cSrcweir if( m_pCert != NULL ) 405cdf0e10cSrcweir { 406cdf0e10cSrcweir return getAlgorithmDescription(&(m_pCert->subjectPublicKeyInfo.algorithm)); 407cdf0e10cSrcweir } 408cdf0e10cSrcweir else 409cdf0e10cSrcweir { 410cdf0e10cSrcweir return OUString() ; 411cdf0e10cSrcweir } 412cdf0e10cSrcweir } 413cdf0e10cSrcweir 414cdf0e10cSrcweir ::com::sun::star::uno::Sequence< sal_Int8 > SAL_CALL X509Certificate_NssImpl::getSubjectPublicKeyValue() 415cdf0e10cSrcweir throw ( ::com::sun::star::uno::RuntimeException) 416cdf0e10cSrcweir { 417cdf0e10cSrcweir if( m_pCert != NULL ) 418cdf0e10cSrcweir { 419cdf0e10cSrcweir SECItem spk = m_pCert->subjectPublicKeyInfo.subjectPublicKey; 420cdf0e10cSrcweir DER_ConvertBitString(&spk); 421cdf0e10cSrcweir 422cdf0e10cSrcweir if ( spk.len>0) 423cdf0e10cSrcweir { 424cdf0e10cSrcweir Sequence< sal_Int8 > key( spk.len ) ; 425cdf0e10cSrcweir for( unsigned int i = 0 ; i < spk.len ; i ++ ) 426cdf0e10cSrcweir { 427cdf0e10cSrcweir key[i] = *( spk.data + i ) ; 428cdf0e10cSrcweir } 429cdf0e10cSrcweir 430cdf0e10cSrcweir return key ; 431cdf0e10cSrcweir } 432cdf0e10cSrcweir } 433cdf0e10cSrcweir 434cdf0e10cSrcweir return ::com::sun::star::uno::Sequence< sal_Int8 >(); 435cdf0e10cSrcweir } 436cdf0e10cSrcweir 437cdf0e10cSrcweir ::rtl::OUString SAL_CALL X509Certificate_NssImpl::getSignatureAlgorithm() 438cdf0e10cSrcweir throw ( ::com::sun::star::uno::RuntimeException) 439cdf0e10cSrcweir { 440cdf0e10cSrcweir if( m_pCert != NULL ) 441cdf0e10cSrcweir { 442cdf0e10cSrcweir return getAlgorithmDescription(&(m_pCert->signature)); 443cdf0e10cSrcweir } 444cdf0e10cSrcweir else 445cdf0e10cSrcweir { 446cdf0e10cSrcweir return OUString() ; 447cdf0e10cSrcweir } 448cdf0e10cSrcweir } 449cdf0e10cSrcweir 450cdf0e10cSrcweir ::com::sun::star::uno::Sequence< sal_Int8 > SAL_CALL X509Certificate_NssImpl::getSHA1Thumbprint() 451cdf0e10cSrcweir throw ( ::com::sun::star::uno::RuntimeException) 452cdf0e10cSrcweir { 453cdf0e10cSrcweir return getThumbprint(m_pCert, SEC_OID_SHA1); 454cdf0e10cSrcweir } 455cdf0e10cSrcweir 456cdf0e10cSrcweir ::com::sun::star::uno::Sequence< sal_Int8 > SAL_CALL X509Certificate_NssImpl::getMD5Thumbprint() 457cdf0e10cSrcweir throw ( ::com::sun::star::uno::RuntimeException) 458cdf0e10cSrcweir { 459cdf0e10cSrcweir return getThumbprint(m_pCert, SEC_OID_MD5); 460cdf0e10cSrcweir } 461cdf0e10cSrcweir 462cdf0e10cSrcweir sal_Int32 SAL_CALL X509Certificate_NssImpl::getCertificateUsage( ) 463cdf0e10cSrcweir throw ( ::com::sun::star::uno::RuntimeException) 464cdf0e10cSrcweir { 465cdf0e10cSrcweir SECStatus rv; 466cdf0e10cSrcweir SECItem tmpitem; 467cdf0e10cSrcweir sal_Int32 usage; 468cdf0e10cSrcweir 469cdf0e10cSrcweir rv = CERT_FindKeyUsageExtension(m_pCert, &tmpitem); 470cdf0e10cSrcweir if ( rv == SECSuccess ) 471cdf0e10cSrcweir { 472cdf0e10cSrcweir usage = tmpitem.data[0]; 473cdf0e10cSrcweir PORT_Free(tmpitem.data); 474cdf0e10cSrcweir tmpitem.data = NULL; 475cdf0e10cSrcweir } 476cdf0e10cSrcweir else 477cdf0e10cSrcweir { 478cdf0e10cSrcweir usage = KU_ALL; 479cdf0e10cSrcweir } 480cdf0e10cSrcweir 481cdf0e10cSrcweir /* 482cdf0e10cSrcweir * to make the nss implementation compatible with MSCrypto, 483cdf0e10cSrcweir * the following usage is ignored 484cdf0e10cSrcweir * 485cdf0e10cSrcweir * 486cdf0e10cSrcweir if ( CERT_GovtApprovedBitSet(m_pCert) ) 487cdf0e10cSrcweir { 488cdf0e10cSrcweir usage |= KU_NS_GOVT_APPROVED; 489cdf0e10cSrcweir } 490cdf0e10cSrcweir */ 491cdf0e10cSrcweir 492cdf0e10cSrcweir return usage; 493cdf0e10cSrcweir } 494cdf0e10cSrcweir 495cdf0e10cSrcweir // MM : end 496cdf0e10cSrcweir 497