xmlsecurity: add EqualDistinguishedNames()

Change-Id: I1222658522e25b916010817f847685c20b1cf5c4
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/111545
Tested-by: Jenkins
Reviewed-by: Michael Stahl <michael.stahl@allotropia.de>
This commit is contained in:
Michael Stahl 2021-02-25 14:17:48 +01:00
parent 2bfa00e6bf
commit 1d3da3486d
3 changed files with 75 additions and 0 deletions

View file

@ -34,6 +34,9 @@ namespace xmlsecurity
XSECXMLSEC_DLLPUBLIC OUString bigIntegerToNumericString(const css::uno::Sequence<sal_Int8>& serial);
XSECXMLSEC_DLLPUBLIC css::uno::Sequence<sal_Int8>
numericStringToBigInteger(std::u16string_view serialNumber);
XSECXMLSEC_DLLPUBLIC bool EqualDistinguishedNames(std::u16string_view rName1,
std::u16string_view rName2);
}
/* vim:set shiftwidth=4 softtabstop=4 expandtab: */

View file

@ -26,6 +26,7 @@
#include <cppuhelper/supportsservice.hxx>
#include "x509certificate_mscryptimpl.hxx"
#include <certificateextension_xmlsecimpl.hxx>
#include <biginteger.hxx>
#include "sanextension_mscryptimpl.hxx"
#include "oid.hxx"
@ -651,4 +652,50 @@ Sequence<OUString> SAL_CALL X509Certificate_MSCryptImpl::getSupportedServiceName
return { OUString() };
}
namespace xmlsecurity {
static bool EncodeDistinguishedName(std::u16string_view const rName, CERT_NAME_BLOB & rBlob)
{
LPCWSTR pszError;
if (!CertStrToNameW(X509_ASN_ENCODING,
reinterpret_cast<LPCWSTR>(rName.data()), CERT_X500_NAME_STR,
nullptr, nullptr, &rBlob.cbData, &pszError))
{
SAL_INFO("xmlsecurity.xmlsec", "CertStrToNameW failed: " << WindowsErrorString(GetLastError()) << "; " << reinterpret_cast<char16_t const*>(pszError));
return false;
}
rBlob.pbData = new BYTE[rBlob.cbData];
if (!CertStrToNameW(X509_ASN_ENCODING,
reinterpret_cast<LPCWSTR>(rName.data()), CERT_X500_NAME_STR,
nullptr, rBlob.pbData, &rBlob.cbData, &pszError))
{
SAL_INFO("xmlsecurity.xmlsec", "CertStrToNameW failed: " << WindowsErrorString(GetLastError()) << "; " << reinterpret_cast<char16_t const*>(pszError));
return false;
}
return true;
}
bool EqualDistinguishedNames(
std::u16string_view const rName1, std::u16string_view const rName2)
{
CERT_NAME_BLOB blob1;
if (!EncodeDistinguishedName(rName1, blob1))
{
return false;
}
CERT_NAME_BLOB blob2;
if (!EncodeDistinguishedName(rName2, blob2))
{
delete[] blob1.pbData;
return false;
}
bool const ret(CertCompareCertificateName(X509_ASN_ENCODING,
&blob1, &blob2) == TRUE);
delete[] blob2.pbData;
delete[] blob1.pbData;
return ret;
}
} // namespace xmlsecurity
/* vim:set shiftwidth=4 softtabstop=4 expandtab: */

View file

@ -31,6 +31,7 @@
#include <rtl/ref.hxx>
#include "x509certificate_nssimpl.hxx"
#include <biginteger.hxx>
#include <certificateextension_xmlsecimpl.hxx>
#include "sanextension_nssimpl.hxx"
@ -533,4 +534,28 @@ sal_Bool SAL_CALL X509Certificate_NssImpl::supportsService(const OUString& servi
/* XServiceInfo */
Sequence<OUString> SAL_CALL X509Certificate_NssImpl::getSupportedServiceNames() { return { OUString() }; }
namespace xmlsecurity {
bool EqualDistinguishedNames(
std::u16string_view const rName1, std::u16string_view const rName2)
{
CERTName *const pName1(CERT_AsciiToName(OUStringToOString(rName1, RTL_TEXTENCODING_UTF8).getStr()));
if (pName1 == nullptr)
{
return false;
}
CERTName *const pName2(CERT_AsciiToName(OUStringToOString(rName2, RTL_TEXTENCODING_UTF8).getStr()));
if (pName2 == nullptr)
{
CERT_DestroyName(pName1);
return false;
}
bool const ret(CERT_CompareName(pName1, pName2) == SECEqual);
CERT_DestroyName(pName2);
CERT_DestroyName(pName1);
return ret;
}
} // namespace xmlsecurity
/* vim:set shiftwidth=4 softtabstop=4 expandtab: */