1*cdf0e10cSrcweir /************************************************************************* 2*cdf0e10cSrcweir * 3*cdf0e10cSrcweir * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER. 4*cdf0e10cSrcweir * 5*cdf0e10cSrcweir * Copyright 2000, 2010 Oracle and/or its affiliates. 6*cdf0e10cSrcweir * 7*cdf0e10cSrcweir * OpenOffice.org - a multi-platform office productivity suite 8*cdf0e10cSrcweir * 9*cdf0e10cSrcweir * This file is part of OpenOffice.org. 10*cdf0e10cSrcweir * 11*cdf0e10cSrcweir * OpenOffice.org is free software: you can redistribute it and/or modify 12*cdf0e10cSrcweir * it under the terms of the GNU Lesser General Public License version 3 13*cdf0e10cSrcweir * only, as published by the Free Software Foundation. 14*cdf0e10cSrcweir * 15*cdf0e10cSrcweir * OpenOffice.org is distributed in the hope that it will be useful, 16*cdf0e10cSrcweir * but WITHOUT ANY WARRANTY; without even the implied warranty of 17*cdf0e10cSrcweir * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 18*cdf0e10cSrcweir * GNU Lesser General Public License version 3 for more details 19*cdf0e10cSrcweir * (a copy is included in the LICENSE file that accompanied this code). 20*cdf0e10cSrcweir * 21*cdf0e10cSrcweir * You should have received a copy of the GNU Lesser General Public License 22*cdf0e10cSrcweir * version 3 along with OpenOffice.org. If not, see 23*cdf0e10cSrcweir * <http://www.openoffice.org/license.html> 24*cdf0e10cSrcweir * for a copy of the LGPLv3 License. 25*cdf0e10cSrcweir * 26*cdf0e10cSrcweir ************************************************************************/ 27*cdf0e10cSrcweir 28*cdf0e10cSrcweir // MARKER(update_precomp.py): autogen include statement, do not remove 29*cdf0e10cSrcweir #include "precompiled_xmlsecurity.hxx" 30*cdf0e10cSrcweir #include <sal/config.h> 31*cdf0e10cSrcweir #include <rtl/uuid.h> 32*cdf0e10cSrcweir #include <rtl/ustring.hxx> 33*cdf0e10cSrcweir #include <com/sun/star/security/ExtAltNameType.hpp> 34*cdf0e10cSrcweir #include <com/sun/star/security/CertAltNameEntry.hpp> 35*cdf0e10cSrcweir #include <com/sun/star/beans/PropertyValue.hpp> 36*cdf0e10cSrcweir #include <com/sun/star/uno/Reference.hxx> 37*cdf0e10cSrcweir #include <comphelper/sequence.hxx> 38*cdf0e10cSrcweir #include <seccomon.h> 39*cdf0e10cSrcweir #include <cert.h> 40*cdf0e10cSrcweir #include <certt.h> 41*cdf0e10cSrcweir #include <secitem.h> 42*cdf0e10cSrcweir #include <secport.h> 43*cdf0e10cSrcweir 44*cdf0e10cSrcweir 45*cdf0e10cSrcweir #ifndef _SANEXTENSION_NSSIMPL_HXX_ 46*cdf0e10cSrcweir #include "sanextension_nssimpl.hxx" 47*cdf0e10cSrcweir #endif 48*cdf0e10cSrcweir 49*cdf0e10cSrcweir using namespace ::com::sun::star; 50*cdf0e10cSrcweir using namespace ::com::sun::star::uno ; 51*cdf0e10cSrcweir using namespace ::com::sun::star::security ; 52*cdf0e10cSrcweir using ::rtl::OUString ; 53*cdf0e10cSrcweir 54*cdf0e10cSrcweir using ::com::sun::star::security::XCertificateExtension ; 55*cdf0e10cSrcweir 56*cdf0e10cSrcweir 57*cdf0e10cSrcweir SanExtensionImpl :: SanExtensionImpl() : 58*cdf0e10cSrcweir m_critical( sal_False ) 59*cdf0e10cSrcweir { 60*cdf0e10cSrcweir } 61*cdf0e10cSrcweir 62*cdf0e10cSrcweir SanExtensionImpl :: ~SanExtensionImpl() { 63*cdf0e10cSrcweir } 64*cdf0e10cSrcweir 65*cdf0e10cSrcweir 66*cdf0e10cSrcweir //Methods from XCertificateExtension 67*cdf0e10cSrcweir sal_Bool SAL_CALL SanExtensionImpl :: isCritical() throw( ::com::sun::star::uno::RuntimeException ) { 68*cdf0e10cSrcweir return m_critical ; 69*cdf0e10cSrcweir } 70*cdf0e10cSrcweir 71*cdf0e10cSrcweir ::com::sun::star::uno::Sequence< sal_Int8 > SAL_CALL SanExtensionImpl :: getExtensionId() throw( ::com::sun::star::uno::RuntimeException ) { 72*cdf0e10cSrcweir return m_xExtnId ; 73*cdf0e10cSrcweir } 74*cdf0e10cSrcweir 75*cdf0e10cSrcweir ::com::sun::star::uno::Sequence< sal_Int8 > SAL_CALL SanExtensionImpl :: getExtensionValue() throw( ::com::sun::star::uno::RuntimeException ) { 76*cdf0e10cSrcweir return m_xExtnValue ; 77*cdf0e10cSrcweir } 78*cdf0e10cSrcweir 79*cdf0e10cSrcweir namespace { 80*cdf0e10cSrcweir // Helper functions from nss/lib/certdb/genname.c 81*cdf0e10cSrcweir static int GetNamesLength(CERTGeneralName *names) 82*cdf0e10cSrcweir { 83*cdf0e10cSrcweir int length = 0; 84*cdf0e10cSrcweir CERTGeneralName *first; 85*cdf0e10cSrcweir 86*cdf0e10cSrcweir first = names; 87*cdf0e10cSrcweir if (names != NULL) { 88*cdf0e10cSrcweir do { 89*cdf0e10cSrcweir length++; 90*cdf0e10cSrcweir names = CERT_GetNextGeneralName(names); 91*cdf0e10cSrcweir } while (names != first); 92*cdf0e10cSrcweir } 93*cdf0e10cSrcweir return length; 94*cdf0e10cSrcweir } 95*cdf0e10cSrcweir 96*cdf0e10cSrcweir } 97*cdf0e10cSrcweir 98*cdf0e10cSrcweir //Methods from XSanExtension 99*cdf0e10cSrcweir ::com::sun::star::uno::Sequence< com::sun::star::security::CertAltNameEntry > SAL_CALL SanExtensionImpl :: getAlternativeNames() throw( ::com::sun::star::uno::RuntimeException ){ 100*cdf0e10cSrcweir 101*cdf0e10cSrcweir if (!m_Entries.hasElements()) 102*cdf0e10cSrcweir { 103*cdf0e10cSrcweir SECItem item; 104*cdf0e10cSrcweir 105*cdf0e10cSrcweir item.type = siDERCertBuffer; 106*cdf0e10cSrcweir item.data = (unsigned char*) m_xExtnValue.getArray(); 107*cdf0e10cSrcweir item.len = m_xExtnValue.getLength(); 108*cdf0e10cSrcweir 109*cdf0e10cSrcweir PRArenaPool *arena; 110*cdf0e10cSrcweir CERTGeneralName *nameList; 111*cdf0e10cSrcweir arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE); 112*cdf0e10cSrcweir 113*cdf0e10cSrcweir if (!arena) 114*cdf0e10cSrcweir return m_Entries; 115*cdf0e10cSrcweir 116*cdf0e10cSrcweir nameList = CERT_DecodeAltNameExtension(arena, &item); 117*cdf0e10cSrcweir 118*cdf0e10cSrcweir CERTGeneralName* current = nameList; 119*cdf0e10cSrcweir 120*cdf0e10cSrcweir int size = GetNamesLength(nameList); 121*cdf0e10cSrcweir CertAltNameEntry* arrCertAltNameEntry = new CertAltNameEntry[size]; 122*cdf0e10cSrcweir for(int i = 0; i < size ; i++){ 123*cdf0e10cSrcweir switch (current->type) { 124*cdf0e10cSrcweir case certOtherName: { 125*cdf0e10cSrcweir arrCertAltNameEntry[i].Type = ExtAltNameType_OTHER_NAME; 126*cdf0e10cSrcweir ::com::sun::star::beans::PropertyValue otherNameProp; 127*cdf0e10cSrcweir otherNameProp.Name = ::rtl::OUString::createFromAscii(CERT_GetOidString(¤t->name.OthName.oid)); 128*cdf0e10cSrcweir 129*cdf0e10cSrcweir Sequence< sal_Int8 > otherName( current->name.OthName.name.len ) ; 130*cdf0e10cSrcweir for( unsigned int r = 0; r < current->name.OthName.name.len ; r ++ ) 131*cdf0e10cSrcweir otherName[r] = *( current->name.OthName.name.data + r ) ; 132*cdf0e10cSrcweir 133*cdf0e10cSrcweir otherNameProp.Value <<= otherName; 134*cdf0e10cSrcweir 135*cdf0e10cSrcweir arrCertAltNameEntry[i].Value <<= otherNameProp; 136*cdf0e10cSrcweir break; 137*cdf0e10cSrcweir } 138*cdf0e10cSrcweir case certRFC822Name: 139*cdf0e10cSrcweir arrCertAltNameEntry[i].Type = ExtAltNameType_RFC822_NAME; 140*cdf0e10cSrcweir arrCertAltNameEntry[i].Value <<= ::rtl::OUString((const sal_Char*)current->name.other.data, current->name.other.len, RTL_TEXTENCODING_ASCII_US); 141*cdf0e10cSrcweir break; 142*cdf0e10cSrcweir case certDNSName: 143*cdf0e10cSrcweir arrCertAltNameEntry[i].Type = ExtAltNameType_DNS_NAME; 144*cdf0e10cSrcweir arrCertAltNameEntry[i].Value <<= ::rtl::OUString((const sal_Char*)current->name.other.data, current->name.other.len, RTL_TEXTENCODING_ASCII_US); 145*cdf0e10cSrcweir break; 146*cdf0e10cSrcweir case certX400Address: { 147*cdf0e10cSrcweir // unsupported 148*cdf0e10cSrcweir arrCertAltNameEntry[i].Type = ExtAltNameType_X400_ADDRESS; 149*cdf0e10cSrcweir break; 150*cdf0e10cSrcweir } 151*cdf0e10cSrcweir case certDirectoryName: { 152*cdf0e10cSrcweir // unsupported 153*cdf0e10cSrcweir arrCertAltNameEntry[i].Type = ExtAltNameType_DIRECTORY_NAME; 154*cdf0e10cSrcweir break; 155*cdf0e10cSrcweir } 156*cdf0e10cSrcweir case certEDIPartyName: { 157*cdf0e10cSrcweir // unsupported 158*cdf0e10cSrcweir arrCertAltNameEntry[i].Type = ExtAltNameType_EDI_PARTY_NAME; 159*cdf0e10cSrcweir break; 160*cdf0e10cSrcweir } 161*cdf0e10cSrcweir case certURI: 162*cdf0e10cSrcweir arrCertAltNameEntry[i].Type = ExtAltNameType_URL; 163*cdf0e10cSrcweir arrCertAltNameEntry[i].Value <<= ::rtl::OUString((const sal_Char*)current->name.other.data, current->name.other.len, RTL_TEXTENCODING_ASCII_US); 164*cdf0e10cSrcweir break; 165*cdf0e10cSrcweir case certIPAddress: { 166*cdf0e10cSrcweir arrCertAltNameEntry[i].Type = ExtAltNameType_IP_ADDRESS; 167*cdf0e10cSrcweir 168*cdf0e10cSrcweir Sequence< sal_Int8 > ipAddress( current->name.other.len ) ; 169*cdf0e10cSrcweir for( unsigned int r = 0; r < current->name.other.len ; r ++ ) 170*cdf0e10cSrcweir ipAddress[r] = *( current->name.other.data + r ) ; 171*cdf0e10cSrcweir 172*cdf0e10cSrcweir arrCertAltNameEntry[i].Value <<= ipAddress; 173*cdf0e10cSrcweir break; 174*cdf0e10cSrcweir } 175*cdf0e10cSrcweir case certRegisterID: 176*cdf0e10cSrcweir arrCertAltNameEntry[i].Type = ExtAltNameType_REGISTERED_ID; 177*cdf0e10cSrcweir 178*cdf0e10cSrcweir 179*cdf0e10cSrcweir rtl::OString nssOid = ::rtl::OString(CERT_GetOidString(¤t->name.other)); 180*cdf0e10cSrcweir rtl::OString unoOid = removeOIDFromString(nssOid); 181*cdf0e10cSrcweir arrCertAltNameEntry[i].Value <<= rtl::OStringToOUString( unoOid, RTL_TEXTENCODING_ASCII_US ); 182*cdf0e10cSrcweir break; 183*cdf0e10cSrcweir } 184*cdf0e10cSrcweir current = CERT_GetNextGeneralName(current); 185*cdf0e10cSrcweir } 186*cdf0e10cSrcweir 187*cdf0e10cSrcweir m_Entries = ::comphelper::arrayToSequence< com::sun::star::security::CertAltNameEntry >(arrCertAltNameEntry, size); 188*cdf0e10cSrcweir 189*cdf0e10cSrcweir delete [] arrCertAltNameEntry; 190*cdf0e10cSrcweir 191*cdf0e10cSrcweir PORT_FreeArena(arena, PR_FALSE); 192*cdf0e10cSrcweir 193*cdf0e10cSrcweir 194*cdf0e10cSrcweir } 195*cdf0e10cSrcweir 196*cdf0e10cSrcweir return m_Entries; 197*cdf0e10cSrcweir } 198*cdf0e10cSrcweir 199*cdf0e10cSrcweir ::rtl::OString SanExtensionImpl :: removeOIDFromString( const ::rtl::OString &oidString) 200*cdf0e10cSrcweir { 201*cdf0e10cSrcweir ::rtl::OString objID; 202*cdf0e10cSrcweir ::rtl::OString oid("OID."); 203*cdf0e10cSrcweir if (oidString.match(oid)) 204*cdf0e10cSrcweir objID = oidString.copy(oid.getLength()); 205*cdf0e10cSrcweir else 206*cdf0e10cSrcweir objID = oidString; 207*cdf0e10cSrcweir return objID; 208*cdf0e10cSrcweir 209*cdf0e10cSrcweir } 210*cdf0e10cSrcweir //Helper method 211*cdf0e10cSrcweir void SanExtensionImpl :: setCertExtn( ::com::sun::star::uno::Sequence< sal_Int8 > extnId, ::com::sun::star::uno::Sequence< sal_Int8 > extnValue, sal_Bool critical ) { 212*cdf0e10cSrcweir m_critical = critical ; 213*cdf0e10cSrcweir m_xExtnId = extnId ; 214*cdf0e10cSrcweir m_xExtnValue = extnValue ; 215*cdf0e10cSrcweir } 216*cdf0e10cSrcweir 217*cdf0e10cSrcweir void SanExtensionImpl :: setCertExtn( unsigned char* value, unsigned int vlen, unsigned char* id, unsigned int idlen, sal_Bool critical ) { 218*cdf0e10cSrcweir unsigned int i ; 219*cdf0e10cSrcweir if( value != NULL && vlen != 0 ) { 220*cdf0e10cSrcweir Sequence< sal_Int8 > extnv( vlen ) ; 221*cdf0e10cSrcweir for( i = 0; i < vlen ; i ++ ) 222*cdf0e10cSrcweir extnv[i] = *( value + i ) ; 223*cdf0e10cSrcweir 224*cdf0e10cSrcweir m_xExtnValue = extnv ; 225*cdf0e10cSrcweir } else { 226*cdf0e10cSrcweir m_xExtnValue = Sequence<sal_Int8>(); 227*cdf0e10cSrcweir } 228*cdf0e10cSrcweir 229*cdf0e10cSrcweir if( id != NULL && idlen != 0 ) { 230*cdf0e10cSrcweir Sequence< sal_Int8 > extnId( idlen ) ; 231*cdf0e10cSrcweir for( i = 0; i < idlen ; i ++ ) 232*cdf0e10cSrcweir extnId[i] = *( id + i ) ; 233*cdf0e10cSrcweir 234*cdf0e10cSrcweir m_xExtnId = extnId ; 235*cdf0e10cSrcweir } else { 236*cdf0e10cSrcweir m_xExtnId = Sequence<sal_Int8>(); 237*cdf0e10cSrcweir } 238*cdf0e10cSrcweir 239*cdf0e10cSrcweir m_critical = critical ; 240*cdf0e10cSrcweir } 241*cdf0e10cSrcweir 242*cdf0e10cSrcweir void SanExtensionImpl :: extractCertExt () { 243*cdf0e10cSrcweir } 244*cdf0e10cSrcweir 245