1 /**************************************************************
2 *
3 * Licensed to the Apache Software Foundation (ASF) under one
4 * or more contributor license agreements. See the NOTICE file
5 * distributed with this work for additional information
6 * regarding copyright ownership. The ASF licenses this file
7 * to you under the Apache License, Version 2.0 (the
8 * "License"); you may not use this file except in compliance
9 * with the License. You may obtain a copy of the License at
10 *
11 * http://www.apache.org/licenses/LICENSE-2.0
12 *
13 * Unless required by applicable law or agreed to in writing,
14 * software distributed under the License is distributed on an
15 * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
16 * KIND, either express or implied. See the License for the
17 * specific language governing permissions and limitations
18 * under the License.
19 *
20 *************************************************************/
21
22
23
24 // MARKER(update_precomp.py): autogen include statement, do not remove
25 #include "precompiled_xmlsecurity.hxx"
26 #include <sal/config.h>
27 #include <rtl/uuid.h>
28 #include <rtl/ustring.hxx>
29 #include <com/sun/star/security/ExtAltNameType.hpp>
30 #include <com/sun/star/security/CertAltNameEntry.hpp>
31 #include <com/sun/star/beans/PropertyValue.hpp>
32 #include <com/sun/star/uno/Reference.hxx>
33 #include <comphelper/sequence.hxx>
34 #include <seccomon.h>
35 #include <cert.h>
36 #include <certt.h>
37 #include <secitem.h>
38 #include <secport.h>
39
40
41 #ifndef _SANEXTENSION_NSSIMPL_HXX_
42 #include "sanextension_nssimpl.hxx"
43 #endif
44
45 using namespace ::com::sun::star;
46 using namespace ::com::sun::star::uno ;
47 using namespace ::com::sun::star::security ;
48 using ::rtl::OUString ;
49
50 using ::com::sun::star::security::XCertificateExtension ;
51
52
SanExtensionImpl()53 SanExtensionImpl :: SanExtensionImpl() :
54 m_critical( sal_False )
55 {
56 }
57
~SanExtensionImpl()58 SanExtensionImpl :: ~SanExtensionImpl() {
59 }
60
61
62 //Methods from XCertificateExtension
isCritical()63 sal_Bool SAL_CALL SanExtensionImpl :: isCritical() throw( ::com::sun::star::uno::RuntimeException ) {
64 return m_critical ;
65 }
66
getExtensionId()67 ::com::sun::star::uno::Sequence< sal_Int8 > SAL_CALL SanExtensionImpl :: getExtensionId() throw( ::com::sun::star::uno::RuntimeException ) {
68 return m_xExtnId ;
69 }
70
getExtensionValue()71 ::com::sun::star::uno::Sequence< sal_Int8 > SAL_CALL SanExtensionImpl :: getExtensionValue() throw( ::com::sun::star::uno::RuntimeException ) {
72 return m_xExtnValue ;
73 }
74
75 namespace {
76 // Helper functions from nss/lib/certdb/genname.c
GetNamesLength(CERTGeneralName * names)77 static int GetNamesLength(CERTGeneralName *names)
78 {
79 int length = 0;
80 CERTGeneralName *first;
81
82 first = names;
83 if (names != NULL) {
84 do {
85 length++;
86 names = CERT_GetNextGeneralName(names);
87 } while (names != first);
88 }
89 return length;
90 }
91
92 }
93
94 //Methods from XSanExtension
getAlternativeNames()95 ::com::sun::star::uno::Sequence< com::sun::star::security::CertAltNameEntry > SAL_CALL SanExtensionImpl :: getAlternativeNames() throw( ::com::sun::star::uno::RuntimeException ){
96
97 if (!m_Entries.hasElements())
98 {
99 SECItem item;
100
101 item.type = siDERCertBuffer;
102 item.data = (unsigned char*) m_xExtnValue.getArray();
103 item.len = m_xExtnValue.getLength();
104
105 PRArenaPool *arena;
106 CERTGeneralName *nameList;
107 arena = PORT_NewArena(DER_DEFAULT_CHUNKSIZE);
108
109 if (!arena)
110 return m_Entries;
111
112 nameList = CERT_DecodeAltNameExtension(arena, &item);
113
114 CERTGeneralName* current = nameList;
115
116 int size = GetNamesLength(nameList);
117 CertAltNameEntry* arrCertAltNameEntry = new CertAltNameEntry[size];
118 for(int i = 0; i < size ; i++){
119 switch (current->type) {
120 case certOtherName: {
121 arrCertAltNameEntry[i].Type = ExtAltNameType_OTHER_NAME;
122 ::com::sun::star::beans::PropertyValue otherNameProp;
123 otherNameProp.Name = ::rtl::OUString::createFromAscii(CERT_GetOidString(¤t->name.OthName.oid));
124
125 Sequence< sal_Int8 > otherName( current->name.OthName.name.len ) ;
126 for( unsigned int r = 0; r < current->name.OthName.name.len ; r ++ )
127 otherName[r] = *( current->name.OthName.name.data + r ) ;
128
129 otherNameProp.Value <<= otherName;
130
131 arrCertAltNameEntry[i].Value <<= otherNameProp;
132 break;
133 }
134 case certRFC822Name:
135 arrCertAltNameEntry[i].Type = ExtAltNameType_RFC822_NAME;
136 arrCertAltNameEntry[i].Value <<= ::rtl::OUString((const sal_Char*)current->name.other.data, current->name.other.len, RTL_TEXTENCODING_ASCII_US);
137 break;
138 case certDNSName:
139 arrCertAltNameEntry[i].Type = ExtAltNameType_DNS_NAME;
140 arrCertAltNameEntry[i].Value <<= ::rtl::OUString((const sal_Char*)current->name.other.data, current->name.other.len, RTL_TEXTENCODING_ASCII_US);
141 break;
142 case certX400Address: {
143 // unsupported
144 arrCertAltNameEntry[i].Type = ExtAltNameType_X400_ADDRESS;
145 break;
146 }
147 case certDirectoryName: {
148 // unsupported
149 arrCertAltNameEntry[i].Type = ExtAltNameType_DIRECTORY_NAME;
150 break;
151 }
152 case certEDIPartyName: {
153 // unsupported
154 arrCertAltNameEntry[i].Type = ExtAltNameType_EDI_PARTY_NAME;
155 break;
156 }
157 case certURI:
158 arrCertAltNameEntry[i].Type = ExtAltNameType_URL;
159 arrCertAltNameEntry[i].Value <<= ::rtl::OUString((const sal_Char*)current->name.other.data, current->name.other.len, RTL_TEXTENCODING_ASCII_US);
160 break;
161 case certIPAddress: {
162 arrCertAltNameEntry[i].Type = ExtAltNameType_IP_ADDRESS;
163
164 Sequence< sal_Int8 > ipAddress( current->name.other.len ) ;
165 for( unsigned int r = 0; r < current->name.other.len ; r ++ )
166 ipAddress[r] = *( current->name.other.data + r ) ;
167
168 arrCertAltNameEntry[i].Value <<= ipAddress;
169 break;
170 }
171 case certRegisterID:
172 arrCertAltNameEntry[i].Type = ExtAltNameType_REGISTERED_ID;
173
174
175 rtl::OString nssOid = ::rtl::OString(CERT_GetOidString(¤t->name.other));
176 rtl::OString unoOid = removeOIDFromString(nssOid);
177 arrCertAltNameEntry[i].Value <<= rtl::OStringToOUString( unoOid, RTL_TEXTENCODING_ASCII_US );
178 break;
179 }
180 current = CERT_GetNextGeneralName(current);
181 }
182
183 m_Entries = ::comphelper::arrayToSequence< com::sun::star::security::CertAltNameEntry >(arrCertAltNameEntry, size);
184
185 delete [] arrCertAltNameEntry;
186
187 PORT_FreeArena(arena, PR_FALSE);
188
189
190 }
191
192 return m_Entries;
193 }
194
removeOIDFromString(const::rtl::OString & oidString)195 ::rtl::OString SanExtensionImpl :: removeOIDFromString( const ::rtl::OString &oidString)
196 {
197 ::rtl::OString objID;
198 ::rtl::OString oid("OID.");
199 if (oidString.match(oid))
200 objID = oidString.copy(oid.getLength());
201 else
202 objID = oidString;
203 return objID;
204
205 }
206 //Helper method
setCertExtn(::com::sun::star::uno::Sequence<sal_Int8> extnId,::com::sun::star::uno::Sequence<sal_Int8> extnValue,sal_Bool critical)207 void SanExtensionImpl :: setCertExtn( ::com::sun::star::uno::Sequence< sal_Int8 > extnId, ::com::sun::star::uno::Sequence< sal_Int8 > extnValue, sal_Bool critical ) {
208 m_critical = critical ;
209 m_xExtnId = extnId ;
210 m_xExtnValue = extnValue ;
211 }
212
setCertExtn(unsigned char * value,unsigned int vlen,unsigned char * id,unsigned int idlen,sal_Bool critical)213 void SanExtensionImpl :: setCertExtn( unsigned char* value, unsigned int vlen, unsigned char* id, unsigned int idlen, sal_Bool critical ) {
214 unsigned int i ;
215 if( value != NULL && vlen != 0 ) {
216 Sequence< sal_Int8 > extnv( vlen ) ;
217 for( i = 0; i < vlen ; i ++ )
218 extnv[i] = *( value + i ) ;
219
220 m_xExtnValue = extnv ;
221 } else {
222 m_xExtnValue = Sequence<sal_Int8>();
223 }
224
225 if( id != NULL && idlen != 0 ) {
226 Sequence< sal_Int8 > extnId( idlen ) ;
227 for( i = 0; i < idlen ; i ++ )
228 extnId[i] = *( id + i ) ;
229
230 m_xExtnId = extnId ;
231 } else {
232 m_xExtnId = Sequence<sal_Int8>();
233 }
234
235 m_critical = critical ;
236 }
237
extractCertExt()238 void SanExtensionImpl :: extractCertExt () {
239 }
240
241