2554b31146
Conflicts: extensions/source/svg/svgaction.cxx extensions/source/svg/svgaction.hxx extensions/source/svg/svgcom.hxx extensions/source/svg/svgprinter.cxx extensions/source/svg/svgprinter.hxx extensions/source/svg/svguno.cxx extensions/source/svg/svgwriter.cxx extensions/source/svg/svgwriter.hxx javainstaller2/src/JavaSetup/org/openoffice/setup/Controller/InstallationOngoingCtrl.java javainstaller2/src/JavaSetup/org/openoffice/setup/InstallData.java javainstaller2/src/JavaSetup/org/openoffice/setup/Installer/LinuxInstaller.java package/inc/ZipFile.hxx package/inc/ZipOutputStream.hxx package/inc/ZipPackage.hxx package/inc/ZipPackageStream.hxx package/source/manifest/ManifestExport.cxx package/source/manifest/ManifestImport.cxx package/source/manifest/UnoRegister.cxx package/source/xstor/owriteablestream.cxx package/source/xstor/xstorage.cxx package/source/xstor/xstorage.hxx package/source/zipapi/EntryInputStream.cxx package/source/zipapi/EntryInputStream.hxx package/source/zipapi/XFileStream.cxx package/source/zipapi/XFileStream.hxx package/source/zipapi/XMemoryStream.cxx package/source/zipapi/XUnbufferedStream.cxx package/source/zipapi/XUnbufferedStream.hxx package/source/zipapi/ZipFile.cxx package/source/zipapi/ZipOutputStream.cxx package/source/zipapi/sha1context.hxx package/source/zippackage/ZipPackage.cxx package/source/zippackage/ZipPackageFolder.cxx package/source/zippackage/ZipPackageStream.cxx setup_native/source/win32/customactions/shellextensions/registerextensions.cxx wizards/com/sun/star/wizards/letter/LetterWizardDialogImpl.java xmlsecurity/prj/build.lst xmlsecurity/source/helper/xmlsignaturehelper.cxx xmlsecurity/source/xmlsec/nss/seinitializer_nssimpl.cxx xmlsecurity/source/xmlsec/nss/seinitializer_nssimpl.hxx
479 lines
16 KiB
C++
479 lines
16 KiB
C++
/* -*- Mode: C++; tab-width: 4; indent-tabs-mode: nil; c-basic-offset: 4 -*- */
|
|
/*************************************************************************
|
|
*
|
|
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
|
|
*
|
|
* Copyright 2000, 2010 Oracle and/or its affiliates.
|
|
*
|
|
* OpenOffice.org - a multi-platform office productivity suite
|
|
*
|
|
* This file is part of OpenOffice.org.
|
|
*
|
|
* OpenOffice.org is free software: you can redistribute it and/or modify
|
|
* it under the terms of the GNU Lesser General Public License version 3
|
|
* only, as published by the Free Software Foundation.
|
|
*
|
|
* OpenOffice.org is distributed in the hope that it will be useful,
|
|
* but WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
|
* GNU Lesser General Public License version 3 for more details
|
|
* (a copy is included in the LICENSE file that accompanied this code).
|
|
*
|
|
* You should have received a copy of the GNU Lesser General Public License
|
|
* version 3 along with OpenOffice.org. If not, see
|
|
* <http://www.openoffice.org/license.html>
|
|
* for a copy of the LGPLv3 License.
|
|
*
|
|
************************************************************************/
|
|
|
|
// MARKER(update_precomp.py): autogen include statement, do not remove
|
|
#include "precompiled_xmlsecurity.hxx"
|
|
|
|
|
|
|
|
#include "nssrenam.h"
|
|
#include "nspr.h"
|
|
#include "nss.h"
|
|
#include "secder.h"
|
|
|
|
#include "hasht.h"
|
|
#include "secoid.h"
|
|
#include "pk11func.h"
|
|
|
|
#include <sal/config.h>
|
|
#include <rtl/uuid.h>
|
|
#include "x509certificate_nssimpl.hxx"
|
|
|
|
#include "certificateextension_xmlsecimpl.hxx"
|
|
|
|
#ifndef _SANEXTENSION_NSSIMPL_HXX_
|
|
#include "sanextension_nssimpl.hxx"
|
|
#endif
|
|
|
|
using namespace ::com::sun::star::uno ;
|
|
using namespace ::com::sun::star::security ;
|
|
using ::rtl::OUString ;
|
|
|
|
using ::com::sun::star::security::XCertificate ;
|
|
using ::com::sun::star::util::DateTime ;
|
|
|
|
X509Certificate_NssImpl :: X509Certificate_NssImpl() :
|
|
m_pCert( NULL )
|
|
{
|
|
}
|
|
|
|
X509Certificate_NssImpl :: ~X509Certificate_NssImpl() {
|
|
if( m_pCert != NULL ) {
|
|
CERT_DestroyCertificate( m_pCert ) ;
|
|
}
|
|
}
|
|
|
|
//Methods from XCertificate
|
|
sal_Int16 SAL_CALL X509Certificate_NssImpl :: getVersion() throw ( ::com::sun::star::uno::RuntimeException) {
|
|
if( m_pCert != NULL ) {
|
|
if( m_pCert->version.len > 0 ) {
|
|
return ( char )*( m_pCert->version.data ) ;
|
|
} else
|
|
return 0 ;
|
|
} else {
|
|
return -1 ;
|
|
}
|
|
}
|
|
|
|
::com::sun::star::uno::Sequence< sal_Int8 > SAL_CALL X509Certificate_NssImpl :: getSerialNumber() throw ( ::com::sun::star::uno::RuntimeException) {
|
|
if( m_pCert != NULL && m_pCert->serialNumber.len > 0 ) {
|
|
Sequence< sal_Int8 > serial( m_pCert->serialNumber.len ) ;
|
|
for( unsigned int i = 0 ; i < m_pCert->serialNumber.len ; i ++ )
|
|
serial[i] = *( m_pCert->serialNumber.data + i ) ;
|
|
|
|
return serial ;
|
|
} else {
|
|
return ::com::sun::star::uno::Sequence< sal_Int8 >();
|
|
}
|
|
}
|
|
|
|
::rtl::OUString SAL_CALL X509Certificate_NssImpl :: getIssuerName() throw ( ::com::sun::star::uno::RuntimeException) {
|
|
if( m_pCert != NULL ) {
|
|
return OUString(m_pCert->issuerName , PL_strlen(m_pCert->issuerName) , RTL_TEXTENCODING_UTF8) ;
|
|
} else {
|
|
return OUString() ;
|
|
}
|
|
}
|
|
|
|
::rtl::OUString SAL_CALL X509Certificate_NssImpl :: getSubjectName() throw ( ::com::sun::star::uno::RuntimeException) {
|
|
if( m_pCert != NULL ) {
|
|
return OUString(m_pCert->subjectName , PL_strlen(m_pCert->subjectName) , RTL_TEXTENCODING_UTF8);
|
|
} else {
|
|
return OUString() ;
|
|
}
|
|
}
|
|
|
|
::com::sun::star::util::DateTime SAL_CALL X509Certificate_NssImpl :: getNotValidBefore() throw ( ::com::sun::star::uno::RuntimeException) {
|
|
if( m_pCert != NULL ) {
|
|
SECStatus rv ;
|
|
PRTime notBefore ;
|
|
PRExplodedTime explTime ;
|
|
DateTime dateTime ;
|
|
|
|
rv = DER_DecodeTimeChoice( ¬Before, &m_pCert->validity.notBefore ) ;
|
|
if( rv ) {
|
|
return DateTime() ;
|
|
}
|
|
|
|
//Convert the time to readable local time
|
|
PR_ExplodeTime( notBefore, PR_LocalTimeParameters, &explTime ) ;
|
|
|
|
dateTime.HundredthSeconds = static_cast< sal_Int16 >( explTime.tm_usec / 1000 );
|
|
dateTime.Seconds = static_cast< sal_Int16 >( explTime.tm_sec );
|
|
dateTime.Minutes = static_cast< sal_Int16 >( explTime.tm_min );
|
|
dateTime.Hours = static_cast< sal_Int16 >( explTime.tm_hour );
|
|
dateTime.Day = static_cast< sal_Int16 >( explTime.tm_mday );
|
|
dateTime.Month = static_cast< sal_Int16 >( explTime.tm_month+1 );
|
|
dateTime.Year = static_cast< sal_Int16 >( explTime.tm_year );
|
|
|
|
return dateTime ;
|
|
} else {
|
|
return DateTime() ;
|
|
}
|
|
}
|
|
|
|
::com::sun::star::util::DateTime SAL_CALL X509Certificate_NssImpl :: getNotValidAfter() throw ( ::com::sun::star::uno::RuntimeException) {
|
|
if( m_pCert != NULL ) {
|
|
SECStatus rv ;
|
|
PRTime notAfter ;
|
|
PRExplodedTime explTime ;
|
|
DateTime dateTime ;
|
|
|
|
rv = DER_DecodeTimeChoice( ¬After, &m_pCert->validity.notAfter ) ;
|
|
if( rv ) {
|
|
return DateTime() ;
|
|
}
|
|
|
|
//Convert the time to readable local time
|
|
PR_ExplodeTime( notAfter, PR_LocalTimeParameters, &explTime ) ;
|
|
|
|
dateTime.HundredthSeconds = static_cast< sal_Int16 >( explTime.tm_usec / 1000 );
|
|
dateTime.Seconds = static_cast< sal_Int16 >( explTime.tm_sec );
|
|
dateTime.Minutes = static_cast< sal_Int16 >( explTime.tm_min );
|
|
dateTime.Hours = static_cast< sal_Int16 >( explTime.tm_hour );
|
|
dateTime.Day = static_cast< sal_Int16 >( explTime.tm_mday );
|
|
dateTime.Month = static_cast< sal_Int16 >( explTime.tm_month+1 );
|
|
dateTime.Year = static_cast< sal_Int16 >( explTime.tm_year );
|
|
|
|
return dateTime ;
|
|
} else {
|
|
return DateTime() ;
|
|
}
|
|
}
|
|
|
|
::com::sun::star::uno::Sequence< sal_Int8 > SAL_CALL X509Certificate_NssImpl :: getIssuerUniqueID() throw ( ::com::sun::star::uno::RuntimeException) {
|
|
if( m_pCert != NULL && m_pCert->issuerID.len > 0 ) {
|
|
Sequence< sal_Int8 > issuerUid( m_pCert->issuerID.len ) ;
|
|
for( unsigned int i = 0 ; i < m_pCert->issuerID.len ; i ++ )
|
|
issuerUid[i] = *( m_pCert->issuerID.data + i ) ;
|
|
|
|
return issuerUid ;
|
|
} else {
|
|
return ::com::sun::star::uno::Sequence< sal_Int8 >();
|
|
}
|
|
}
|
|
|
|
::com::sun::star::uno::Sequence< sal_Int8 > SAL_CALL X509Certificate_NssImpl :: getSubjectUniqueID() throw ( ::com::sun::star::uno::RuntimeException) {
|
|
if( m_pCert != NULL && m_pCert->subjectID.len > 0 ) {
|
|
Sequence< sal_Int8 > subjectUid( m_pCert->subjectID.len ) ;
|
|
for( unsigned int i = 0 ; i < m_pCert->subjectID.len ; i ++ )
|
|
subjectUid[i] = *( m_pCert->subjectID.data + i ) ;
|
|
|
|
return subjectUid ;
|
|
} else {
|
|
return ::com::sun::star::uno::Sequence< sal_Int8 >();
|
|
}
|
|
}
|
|
|
|
::com::sun::star::uno::Sequence< ::com::sun::star::uno::Reference< ::com::sun::star::security::XCertificateExtension > > SAL_CALL X509Certificate_NssImpl :: getExtensions() throw ( ::com::sun::star::uno::RuntimeException) {
|
|
if( m_pCert != NULL && m_pCert->extensions != NULL ) {
|
|
CERTCertExtension** extns ;
|
|
CertificateExtension_XmlSecImpl* pExtn ;
|
|
sal_Bool crit ;
|
|
int len ;
|
|
|
|
for( len = 0, extns = m_pCert->extensions; *extns != NULL; len ++, extns ++ ) ;
|
|
Sequence< Reference< XCertificateExtension > > xExtns( len ) ;
|
|
|
|
for( extns = m_pCert->extensions, len = 0; *extns != NULL; extns ++, len ++ ) {
|
|
const SECItem id = (*extns)->id;
|
|
::rtl::OString oidString(CERT_GetOidString(&id));
|
|
|
|
// remove "OID." prefix if existing
|
|
::rtl::OString objID;
|
|
::rtl::OString oid("OID.");
|
|
if (oidString.match(oid))
|
|
objID = oidString.copy(oid.getLength());
|
|
else
|
|
objID = oidString;
|
|
|
|
if ( objID.equals("2.5.29.17") )
|
|
pExtn = (CertificateExtension_XmlSecImpl*) new SanExtensionImpl() ;
|
|
else
|
|
pExtn = new CertificateExtension_XmlSecImpl() ;
|
|
|
|
if( (*extns)->critical.data == NULL )
|
|
crit = sal_False ;
|
|
else
|
|
crit = ( (*extns)->critical.data[0] == 0xFF ) ? sal_True : sal_False ;
|
|
pExtn->setCertExtn( (*extns)->value.data, (*extns)->value.len, (unsigned char*)objID.getStr(), objID.getLength(), crit ) ;
|
|
|
|
xExtns[len] = pExtn ;
|
|
}
|
|
|
|
return xExtns ;
|
|
} else {
|
|
return ::com::sun::star::uno::Sequence< ::com::sun::star::uno::Reference< ::com::sun::star::security::XCertificateExtension > > ();
|
|
}
|
|
}
|
|
|
|
::com::sun::star::uno::Reference< ::com::sun::star::security::XCertificateExtension > SAL_CALL X509Certificate_NssImpl :: findCertificateExtension( const ::com::sun::star::uno::Sequence< sal_Int8 >& oid ) throw (::com::sun::star::uno::RuntimeException) {
|
|
if( m_pCert != NULL && m_pCert->extensions != NULL ) {
|
|
CertificateExtension_XmlSecImpl* pExtn ;
|
|
CERTCertExtension** extns ;
|
|
SECItem idItem ;
|
|
sal_Bool crit ;
|
|
|
|
idItem.data = ( unsigned char* )&oid[0] ;
|
|
idItem.len = oid.getLength() ;
|
|
|
|
pExtn = NULL ;
|
|
for( extns = m_pCert->extensions; *extns != NULL; extns ++ ) {
|
|
if( SECITEM_CompareItem( &idItem, &(*extns)->id ) == SECEqual ) {
|
|
const SECItem id = (*extns)->id;
|
|
::rtl::OString objId(CERT_GetOidString(&id));
|
|
if ( objId.equals("OID.2.5.29.17") )
|
|
pExtn = (CertificateExtension_XmlSecImpl*) new SanExtensionImpl() ;
|
|
else
|
|
pExtn = new CertificateExtension_XmlSecImpl() ;
|
|
if( (*extns)->critical.data == NULL )
|
|
crit = sal_False ;
|
|
else
|
|
crit = ( (*extns)->critical.data[0] == 0xFF ) ? sal_True : sal_False ;
|
|
pExtn->setCertExtn( (*extns)->value.data, (*extns)->value.len, (*extns)->id.data, (*extns)->id.len, crit ) ;
|
|
}
|
|
}
|
|
|
|
return pExtn ;
|
|
} else {
|
|
return NULL ;
|
|
}
|
|
}
|
|
|
|
|
|
::com::sun::star::uno::Sequence< sal_Int8 > SAL_CALL X509Certificate_NssImpl :: getEncoded() throw ( ::com::sun::star::uno::RuntimeException) {
|
|
if( m_pCert != NULL && m_pCert->derCert.len > 0 ) {
|
|
Sequence< sal_Int8 > rawCert( m_pCert->derCert.len ) ;
|
|
|
|
for( unsigned int i = 0 ; i < m_pCert->derCert.len ; i ++ )
|
|
rawCert[i] = *( m_pCert->derCert.data + i ) ;
|
|
|
|
return rawCert ;
|
|
} else {
|
|
return ::com::sun::star::uno::Sequence< sal_Int8 >();
|
|
}
|
|
}
|
|
|
|
//Helper methods
|
|
void X509Certificate_NssImpl :: setCert( CERTCertificate* cert ) {
|
|
if( m_pCert != NULL ) {
|
|
CERT_DestroyCertificate( m_pCert ) ;
|
|
m_pCert = NULL ;
|
|
}
|
|
|
|
if( cert != NULL ) {
|
|
m_pCert = CERT_DupCertificate( cert ) ;
|
|
}
|
|
}
|
|
|
|
const CERTCertificate* X509Certificate_NssImpl :: getNssCert() const {
|
|
if( m_pCert != NULL ) {
|
|
return m_pCert ;
|
|
} else {
|
|
return NULL ;
|
|
}
|
|
}
|
|
|
|
void X509Certificate_NssImpl :: setRawCert( Sequence< sal_Int8 > rawCert ) throw ( ::com::sun::star::uno::RuntimeException) {
|
|
CERTCertificate* cert ;
|
|
SECItem certItem ;
|
|
|
|
certItem.data = ( unsigned char* )&rawCert[0] ;
|
|
certItem.len = rawCert.getLength() ;
|
|
|
|
cert = CERT_DecodeDERCertificate( &certItem, PR_TRUE, NULL ) ;
|
|
if( cert == NULL )
|
|
throw RuntimeException() ;
|
|
|
|
if( m_pCert != NULL ) {
|
|
CERT_DestroyCertificate( m_pCert ) ;
|
|
m_pCert = NULL ;
|
|
}
|
|
|
|
m_pCert = cert ;
|
|
}
|
|
|
|
/* XUnoTunnel */
|
|
sal_Int64 SAL_CALL X509Certificate_NssImpl :: getSomething( const Sequence< sal_Int8 >& aIdentifier ) throw( RuntimeException ) {
|
|
if( aIdentifier.getLength() == 16 && 0 == rtl_compareMemory( getUnoTunnelId().getConstArray(), aIdentifier.getConstArray(), 16 ) ) {
|
|
return sal::static_int_cast<sal_Int64>(reinterpret_cast<sal_uIntPtr>(this));
|
|
}
|
|
return 0 ;
|
|
}
|
|
|
|
/* XUnoTunnel extension */
|
|
const Sequence< sal_Int8>& X509Certificate_NssImpl :: getUnoTunnelId() {
|
|
static Sequence< sal_Int8 >* pSeq = 0 ;
|
|
if( !pSeq ) {
|
|
::osl::Guard< ::osl::Mutex > aGuard( ::osl::Mutex::getGlobalMutex() ) ;
|
|
if( !pSeq ) {
|
|
static Sequence< sal_Int8> aSeq( 16 ) ;
|
|
rtl_createUuid( ( sal_uInt8* )aSeq.getArray() , 0 , sal_True ) ;
|
|
pSeq = &aSeq ;
|
|
}
|
|
}
|
|
return *pSeq ;
|
|
}
|
|
|
|
/* XUnoTunnel extension */
|
|
X509Certificate_NssImpl* X509Certificate_NssImpl :: getImplementation( const Reference< XInterface > xObj ) {
|
|
Reference< XUnoTunnel > xUT( xObj , UNO_QUERY ) ;
|
|
if( xUT.is() ) {
|
|
return reinterpret_cast<X509Certificate_NssImpl*>(
|
|
sal::static_int_cast<sal_uIntPtr>(xUT->getSomething( getUnoTunnelId() )));
|
|
} else
|
|
return NULL ;
|
|
}
|
|
|
|
::rtl::OUString getAlgorithmDescription(SECAlgorithmID *aid)
|
|
{
|
|
SECOidTag tag;
|
|
tag = SECOID_GetAlgorithmTag(aid);
|
|
|
|
const char *pDesc = SECOID_FindOIDTagDescription(tag);
|
|
|
|
return rtl::OUString::createFromAscii( pDesc ) ;
|
|
}
|
|
|
|
::com::sun::star::uno::Sequence< sal_Int8 > getThumbprint(CERTCertificate *pCert, SECOidTag id)
|
|
{
|
|
if( pCert != NULL )
|
|
{
|
|
unsigned char fingerprint[20];
|
|
int length = ((id == SEC_OID_MD5)?MD5_LENGTH:SHA1_LENGTH);
|
|
|
|
memset(fingerprint, 0, sizeof fingerprint);
|
|
PK11_HashBuf(id, fingerprint, pCert->derCert.data, pCert->derCert.len);
|
|
|
|
Sequence< sal_Int8 > thumbprint( length ) ;
|
|
for( int i = 0 ; i < length ; i ++ )
|
|
thumbprint[i] = fingerprint[i];
|
|
|
|
return thumbprint;
|
|
}
|
|
else
|
|
{
|
|
return ::com::sun::star::uno::Sequence< sal_Int8 >();
|
|
}
|
|
}
|
|
|
|
::rtl::OUString SAL_CALL X509Certificate_NssImpl::getSubjectPublicKeyAlgorithm()
|
|
throw ( ::com::sun::star::uno::RuntimeException)
|
|
{
|
|
if( m_pCert != NULL )
|
|
{
|
|
return getAlgorithmDescription(&(m_pCert->subjectPublicKeyInfo.algorithm));
|
|
}
|
|
else
|
|
{
|
|
return OUString() ;
|
|
}
|
|
}
|
|
|
|
::com::sun::star::uno::Sequence< sal_Int8 > SAL_CALL X509Certificate_NssImpl::getSubjectPublicKeyValue()
|
|
throw ( ::com::sun::star::uno::RuntimeException)
|
|
{
|
|
if( m_pCert != NULL )
|
|
{
|
|
SECItem spk = m_pCert->subjectPublicKeyInfo.subjectPublicKey;
|
|
DER_ConvertBitString(&spk);
|
|
|
|
if ( spk.len>0)
|
|
{
|
|
Sequence< sal_Int8 > key( spk.len ) ;
|
|
for( unsigned int i = 0 ; i < spk.len ; i ++ )
|
|
{
|
|
key[i] = *( spk.data + i ) ;
|
|
}
|
|
|
|
return key ;
|
|
}
|
|
}
|
|
|
|
return ::com::sun::star::uno::Sequence< sal_Int8 >();
|
|
}
|
|
|
|
::rtl::OUString SAL_CALL X509Certificate_NssImpl::getSignatureAlgorithm()
|
|
throw ( ::com::sun::star::uno::RuntimeException)
|
|
{
|
|
if( m_pCert != NULL )
|
|
{
|
|
return getAlgorithmDescription(&(m_pCert->signature));
|
|
}
|
|
else
|
|
{
|
|
return OUString() ;
|
|
}
|
|
}
|
|
|
|
::com::sun::star::uno::Sequence< sal_Int8 > SAL_CALL X509Certificate_NssImpl::getSHA1Thumbprint()
|
|
throw ( ::com::sun::star::uno::RuntimeException)
|
|
{
|
|
return getThumbprint(m_pCert, SEC_OID_SHA1);
|
|
}
|
|
|
|
::com::sun::star::uno::Sequence< sal_Int8 > SAL_CALL X509Certificate_NssImpl::getMD5Thumbprint()
|
|
throw ( ::com::sun::star::uno::RuntimeException)
|
|
{
|
|
return getThumbprint(m_pCert, SEC_OID_MD5);
|
|
}
|
|
|
|
sal_Int32 SAL_CALL X509Certificate_NssImpl::getCertificateUsage( )
|
|
throw ( ::com::sun::star::uno::RuntimeException)
|
|
{
|
|
SECStatus rv;
|
|
SECItem tmpitem;
|
|
sal_Int32 usage;
|
|
|
|
rv = CERT_FindKeyUsageExtension(m_pCert, &tmpitem);
|
|
if ( rv == SECSuccess )
|
|
{
|
|
usage = tmpitem.data[0];
|
|
PORT_Free(tmpitem.data);
|
|
tmpitem.data = NULL;
|
|
}
|
|
else
|
|
{
|
|
usage = KU_ALL;
|
|
}
|
|
|
|
/*
|
|
* to make the nss implementation compatible with MSCrypto,
|
|
* the following usage is ignored
|
|
*
|
|
*
|
|
if ( CERT_GovtApprovedBitSet(m_pCert) )
|
|
{
|
|
usage |= KU_NS_GOVT_APPROVED;
|
|
}
|
|
*/
|
|
|
|
return usage;
|
|
}
|
|
|
|
/* vim:set shiftwidth=4 softtabstop=4 expandtab: */
|