diff --git a/xmlsecurity/inc/biginteger.hxx b/xmlsecurity/inc/biginteger.hxx index ac411c2e53b7..c15b54de6229 100644 --- a/xmlsecurity/inc/biginteger.hxx +++ b/xmlsecurity/inc/biginteger.hxx @@ -34,6 +34,9 @@ namespace xmlsecurity XSECXMLSEC_DLLPUBLIC OUString bigIntegerToNumericString(const css::uno::Sequence& serial); XSECXMLSEC_DLLPUBLIC css::uno::Sequence numericStringToBigInteger(std::u16string_view serialNumber); + +XSECXMLSEC_DLLPUBLIC bool EqualDistinguishedNames(std::u16string_view rName1, + std::u16string_view rName2); } /* vim:set shiftwidth=4 softtabstop=4 expandtab: */ diff --git a/xmlsecurity/source/xmlsec/mscrypt/x509certificate_mscryptimpl.cxx b/xmlsecurity/source/xmlsec/mscrypt/x509certificate_mscryptimpl.cxx index 1672a21c7868..d9d45f5e7062 100644 --- a/xmlsecurity/source/xmlsec/mscrypt/x509certificate_mscryptimpl.cxx +++ b/xmlsecurity/source/xmlsec/mscrypt/x509certificate_mscryptimpl.cxx @@ -26,6 +26,7 @@ #include #include "x509certificate_mscryptimpl.hxx" #include +#include #include "sanextension_mscryptimpl.hxx" #include "oid.hxx" @@ -651,4 +652,50 @@ Sequence SAL_CALL X509Certificate_MSCryptImpl::getSupportedServiceName return { OUString() }; } +namespace xmlsecurity { + +static bool EncodeDistinguishedName(std::u16string_view const rName, CERT_NAME_BLOB & rBlob) +{ + LPCWSTR pszError; + if (!CertStrToNameW(X509_ASN_ENCODING, + reinterpret_cast(rName.data()), CERT_X500_NAME_STR, + nullptr, nullptr, &rBlob.cbData, &pszError)) + { + SAL_INFO("xmlsecurity.xmlsec", "CertStrToNameW failed: " << WindowsErrorString(GetLastError()) << "; " << reinterpret_cast(pszError)); + return false; + } + rBlob.pbData = new BYTE[rBlob.cbData]; + if (!CertStrToNameW(X509_ASN_ENCODING, + reinterpret_cast(rName.data()), CERT_X500_NAME_STR, + nullptr, rBlob.pbData, &rBlob.cbData, &pszError)) + { + SAL_INFO("xmlsecurity.xmlsec", "CertStrToNameW failed: " << WindowsErrorString(GetLastError()) << "; " << reinterpret_cast(pszError)); + return false; + } + return true; +} + +bool EqualDistinguishedNames( + std::u16string_view const rName1, std::u16string_view const rName2) +{ + CERT_NAME_BLOB blob1; + if (!EncodeDistinguishedName(rName1, blob1)) + { + return false; + } + CERT_NAME_BLOB blob2; + if (!EncodeDistinguishedName(rName2, blob2)) + { + delete[] blob1.pbData; + return false; + } + bool const ret(CertCompareCertificateName(X509_ASN_ENCODING, + &blob1, &blob2) == TRUE); + delete[] blob2.pbData; + delete[] blob1.pbData; + return ret; +} + +} // namespace xmlsecurity + /* vim:set shiftwidth=4 softtabstop=4 expandtab: */ diff --git a/xmlsecurity/source/xmlsec/nss/x509certificate_nssimpl.cxx b/xmlsecurity/source/xmlsec/nss/x509certificate_nssimpl.cxx index 15ec8a346895..940656193e94 100644 --- a/xmlsecurity/source/xmlsec/nss/x509certificate_nssimpl.cxx +++ b/xmlsecurity/source/xmlsec/nss/x509certificate_nssimpl.cxx @@ -31,6 +31,7 @@ #include #include "x509certificate_nssimpl.hxx" +#include #include #include "sanextension_nssimpl.hxx" @@ -533,4 +534,28 @@ sal_Bool SAL_CALL X509Certificate_NssImpl::supportsService(const OUString& servi /* XServiceInfo */ Sequence SAL_CALL X509Certificate_NssImpl::getSupportedServiceNames() { return { OUString() }; } +namespace xmlsecurity { + +bool EqualDistinguishedNames( + std::u16string_view const rName1, std::u16string_view const rName2) +{ + CERTName *const pName1(CERT_AsciiToName(OUStringToOString(rName1, RTL_TEXTENCODING_UTF8).getStr())); + if (pName1 == nullptr) + { + return false; + } + CERTName *const pName2(CERT_AsciiToName(OUStringToOString(rName2, RTL_TEXTENCODING_UTF8).getStr())); + if (pName2 == nullptr) + { + CERT_DestroyName(pName1); + return false; + } + bool const ret(CERT_CompareName(pName1, pName2) == SECEqual); + CERT_DestroyName(pName2); + CERT_DestroyName(pName1); + return ret; +} + +} // namespace xmlsecurity + /* vim:set shiftwidth=4 softtabstop=4 expandtab: */