diff options
author | Daniel Baumann <daniel.baumann@progress-linux.org> | 2024-04-27 16:51:28 +0000 |
---|---|---|
committer | Daniel Baumann <daniel.baumann@progress-linux.org> | 2024-04-27 16:51:28 +0000 |
commit | 940b4d1848e8c70ab7642901a68594e8016caffc (patch) | |
tree | eb72f344ee6c3d9b80a7ecc079ea79e9fba8676d /xmlsecurity/qa/certext | |
parent | Initial commit. (diff) | |
download | libreoffice-upstream.tar.xz libreoffice-upstream.zip |
Adding upstream version 1:7.0.4.upstream/1%7.0.4upstream
Signed-off-by: Daniel Baumann <daniel.baumann@progress-linux.org>
Diffstat (limited to 'xmlsecurity/qa/certext')
-rw-r--r-- | xmlsecurity/qa/certext/SanCertExt.cxx | 260 | ||||
-rw-r--r-- | xmlsecurity/qa/certext/User_35_Root_11.crt | 64 |
2 files changed, 324 insertions, 0 deletions
diff --git a/xmlsecurity/qa/certext/SanCertExt.cxx b/xmlsecurity/qa/certext/SanCertExt.cxx new file mode 100644 index 000000000..c117f4c00 --- /dev/null +++ b/xmlsecurity/qa/certext/SanCertExt.cxx @@ -0,0 +1,260 @@ +/* -*- Mode: C++; tab-width: 4; indent-tabs-mode: nil; c-basic-offset: 4 -*- */ +/* + * This file is part of the LibreOffice project. + * + * This Source Code Form is subject to the terms of the Mozilla Public + * License, v. 2.0. If a copy of the MPL was not distributed with this + * file, You can obtain one at http://mozilla.org/MPL/2.0/. + * + * This file incorporates work covered by the following license notice: + * + * Licensed to the Apache Software Foundation (ASF) under one or more + * contributor license agreements. See the NOTICE file distributed + * with this work for additional information regarding copyright + * ownership. The ASF licenses this file to you under the Apache + * License, Version 2.0 (the "License"); you may not use this file + * except in compliance with the License. You may obtain a copy of + * the License at http://www.apache.org/licenses/LICENSE-2.0 . + */ + +#include <test/officeconnection.hxx> + +#include <com/sun/star/security/XSanExtension.hpp> +#include <com/sun/star/security/ExtAltNameType.hpp> +#include <com/sun/star/xml/crypto/XSecurityEnvironment.hpp> +#include <com/sun/star/xml/crypto/SEInitializer.hpp> +#include <com/sun/star/xml/crypto/XXMLSecurityContext.hpp> +#include <com/sun/star/security/XCertificate.hpp> +#include <com/sun/star/lang/XMultiServiceFactory.hpp> +#include <com/sun/star/beans/NamedValue.hpp> +#include <com/sun/star/uno/XComponentContext.hpp> +#include <com/sun/star/uno/Reference.hxx> + +#include <cppuhelper/bootstrap.hxx> +#include "cppunit/TestAssert.h" +#include "cppunit/TestFixture.h" +#include "cppunit/extensions/HelperMacros.h" +#include "cppunit/plugin/TestPlugIn.h" +#include <sal/types.h> +#include <rtl/ustring.hxx> + +#include <neon/ne_ssl.h> + +using namespace com::sun::star; + +#define OID_SUBJECT_ALTERNATIVE_NAME "2.5.29.17" + + +namespace { + + class Test: public CppUnit::TestFixture { + + private: + static uno::Sequence< security::CertAltNameEntry > altNames; + static bool runOnce; + + uno::Reference< xml::crypto::XSecurityEnvironment > initUno(); + void init(); + OString getB64CertFromFile(const char filename[]); + test::OfficeConnection connection_; + + public: + + Test(); + + ~Test(); + + void test_Others(); + + void test_RFC822(); + + void test_DNS(); + + void test_Directory(); + + void test_URI(); + + void test_IP(); + + void test_RID(); + + void test_EDI(); + + void test_X400(); + + CPPUNIT_TEST_SUITE(Test); + CPPUNIT_TEST(test_Others); + CPPUNIT_TEST(test_RFC822); + CPPUNIT_TEST(test_DNS); + CPPUNIT_TEST(test_Directory); + CPPUNIT_TEST(test_URI); + CPPUNIT_TEST(test_IP); + CPPUNIT_TEST(test_RID); + CPPUNIT_TEST(test_EDI); + CPPUNIT_TEST(test_X400); + CPPUNIT_TEST_SUITE_END(); + }; + + uno::Sequence< security::CertAltNameEntry > Test::altNames; + bool Test::runOnce = false; + + CPPUNIT_TEST_SUITE_REGISTRATION(Test); + + Test::Test() + { + if (runOnce) + return; + runOnce = true; + connection_.setUp(); + init(); + } + + Test::~Test() + { + if (runOnce) + { + connection_.tearDown(); + runOnce = false; + } + } + + + uno::Reference< xml::crypto::XSecurityEnvironment > Test::initUno() + { + uno::Reference< uno::XComponentContext > context(connection_.getComponentContext(), uno::UNO_QUERY_THROW); + uno::Reference< lang::XMultiServiceFactory > factory(context->getServiceManager(), uno::UNO_QUERY_THROW); + uno::Reference< xml::crypto::XSEInitializer > xSEInitializer = xml::crypto::SEInitializer::create(context); + uno::Reference< xml::crypto::XXMLSecurityContext > xSecurityContext( + xSEInitializer->createSecurityContext(OUString())); + return xSecurityContext->getSecurityEnvironment(); + } + + + void Test::init() + { + uno::Reference< xml::crypto::XSecurityEnvironment > xSecurityEnv = initUno(); + OString b64Cert(getB64CertFromFile("User_35_Root_11.crt")); + uno::Reference< security::XCertificate > xCert = xSecurityEnv->createCertificateFromAscii( + OStringToOUString( b64Cert, RTL_TEXTENCODING_ASCII_US ) ); + uno::Sequence< uno::Reference< security::XCertificateExtension > > extensions = xCert->getExtensions(); + for (sal_Int32 i = 0 ; i < extensions.getLength(); i++) + { + uno::Reference< security::XCertificateExtension >element = extensions[i]; + OString aId ( (const char *)element->getExtensionId().getArray(), element->getExtensionId().getLength()); + if (aId.equals(OID_SUBJECT_ALTERNATIVE_NAME)) + { + uno::Reference< security::XSanExtension > sanExtension ( element, uno::UNO_QUERY ); + altNames = sanExtension->getAlternativeNames(); + break; + } + } + } + + OString Test::getB64CertFromFile(const char filename[]) + { + ne_ssl_certificate* cert = ne_ssl_cert_read(filename); + char* certExportB64 = ne_ssl_cert_export(cert); + OString certB64( certExportB64 ); + return certB64; + } + + + void Test::test_Others() { + CPPUNIT_ASSERT_ASSERTION_PASS( CPPUNIT_ASSERT( altNames.getLength() > 0 ) ); + for(int n = 1; n < altNames.getLength(); n++) + { + if (altNames[n].Type == security::ExtAltNameType_OTHER_NAME) + { + css::beans::NamedValue otherNameProp; + if (altNames[n].Value >>= otherNameProp) + { + CPPUNIT_ASSERT_EQUAL( OUString("1.2.3.4"), otherNameProp.Name); + uno::Sequence< sal_Int8 > ipAddress; + otherNameProp.Value >>= ipAddress; + CPPUNIT_ASSERT_ASSERTION_PASS( CPPUNIT_ASSERT( ipAddress.getLength() > 0 ) ); + } + } + } + } + + void Test::test_RFC822() { + CPPUNIT_ASSERT_ASSERTION_PASS( CPPUNIT_ASSERT( altNames.getLength() > 0 ) ); + for(int n = 1; n < altNames.getLength(); n++) + { + if (altNames[n].Type == security::ExtAltNameType_RFC822_NAME) + { + OUString value; + altNames[n].Value >>= value; + CPPUNIT_ASSERT_EQUAL( OUString("my@other.address"), value); + } + } + } + + void Test::test_DNS() { + CPPUNIT_ASSERT_ASSERTION_PASS( CPPUNIT_ASSERT( altNames.getLength() > 0 ) ); + for(int n = 1; n < altNames.getLength(); n++) + { + if (altNames[n].Type == security::ExtAltNameType_DNS_NAME) + { + OUString value; + altNames[n].Value >>= value; + CPPUNIT_ASSERT_EQUAL( OUString("alt.openoffice.org"), value); + } + } + } + + void Test::test_Directory() { + // Not implemented + } + + void Test::test_URI() { + CPPUNIT_ASSERT_ASSERTION_PASS( CPPUNIT_ASSERT( altNames.getLength() > 0 ) ); + for(int n = 1; n < altNames.getLength(); n++) + { + if (altNames[n].Type == security::ExtAltNameType_URL) + { + OUString value; + altNames[n].Value >>= value; + CPPUNIT_ASSERT_EQUAL( OUString("http://my.url.here/"), value); + } + } + } + + void Test::test_IP() { + CPPUNIT_ASSERT_ASSERTION_PASS( CPPUNIT_ASSERT( altNames.getLength() > 0 ) ); + for(int n = 1; n < altNames.getLength(); n++) + { + if (altNames[n].Type == security::ExtAltNameType_IP_ADDRESS) + { + uno::Sequence< sal_Int8 > ipAddress; + altNames[n].Value >>= ipAddress; + CPPUNIT_ASSERT_ASSERTION_PASS( CPPUNIT_ASSERT( ipAddress.getLength() > 0 ) ); + } + } + + } + + void Test::test_RID() { + CPPUNIT_ASSERT_ASSERTION_PASS( CPPUNIT_ASSERT( altNames.getLength() > 0 ) ); + for(int n = 1; n < altNames.getLength(); n++) + { + if (altNames[n].Type == security::ExtAltNameType_REGISTERED_ID) + { + OUString value; + altNames[n].Value >>= value; + CPPUNIT_ASSERT( OUString("1.2.3.4").equals(value)); + } + } + } + + void Test::test_EDI() { + // Not implemented + } + + void Test::test_X400() { + // Not implemented + } +} +CPPUNIT_PLUGIN_IMPLEMENT(); + +/* vim:set shiftwidth=4 softtabstop=4 expandtab: */ diff --git a/xmlsecurity/qa/certext/User_35_Root_11.crt b/xmlsecurity/qa/certext/User_35_Root_11.crt new file mode 100644 index 000000000..0092d16c7 --- /dev/null +++ b/xmlsecurity/qa/certext/User_35_Root_11.crt @@ -0,0 +1,64 @@ +Certificate: + Data: + Version: 3 (0x2) + Serial Number: 4130 (0x1022) + Signature Algorithm: sha1WithRSAEncryption + Issuer: C=DE, ST=Hamburg, O=OpenOffice.org, OU=Development, CN=Root 11 + Validity + Not Before: Nov 8 10:51:39 2010 GMT + Not After : Nov 8 10:51:39 2011 GMT + Subject: C=DE, ST=Hamburg, O=OpenOffice.org, OU=Development, CN=User 35 + Subject Public Key Info: + Public Key Algorithm: rsaEncryption + RSA Public Key: (1024 bit) + Modulus (1024 bit): + 00:9b:36:00:64:f3:ce:93:97:62:19:fa:78:d9:6f: + 92:6a:b9:d2:9a:4e:06:2c:02:52:cd:93:50:84:28: + 19:42:a2:4a:34:e2:cd:e6:b0:39:7a:c8:4d:84:bc: + 71:51:ed:5d:6c:7e:f9:cc:01:5a:4b:73:50:a9:3b: + 5d:ad:cc:89:f7:dc:e0:dd:0a:ff:48:01:a9:34:19: + c0:6a:ee:4b:20:f4:cf:3c:94:c1:ae:88:0f:c9:42: + 1a:a6:47:31:fe:37:04:00:bb:ec:07:5f:cb:ee:70: + c4:c7:7c:6f:ee:03:19:76:de:0b:df:d0:48:91:67: + 55:9b:90:91:f4:ce:56:04:d5 + Exponent: 65537 (0x10001) + X509v3 extensions: + X509v3 Key Usage: + Digital Signature, Non Repudiation, Key Encipherment + X509v3 Subject Key Identifier: + 91:47:AC:29:95:5D:EF:72:14:8F:82:45:07:E2:94:49:75:C6:7D:73 + X509v3 Authority Key Identifier: + keyid:E8:6A:BB:C2:90:EA:6C:70:22:3E:F6:F6:48:1B:03:E6:BE:B7:A6:55 + + X509v3 Subject Alternative Name: + DNS:alt.openoffice.org, IP Address:192.168.7.1, IP Address:13:0:0:0:0:0:0:17, email:my@other.address, Registered ID:1.2.3.4, othername:<unsupported>, DirName:/C=DE/O=OpenOffice.org/OU=Development/CN=User 32 Root 11, URI:http://my.url.here/ + Signature Algorithm: sha1WithRSAEncryption + 6e:80:e6:1e:86:3d:d2:65:a6:17:fa:80:2d:2e:dc:85:32:05: + a1:69:82:e1:79:d1:dc:de:69:cd:9e:f0:cc:90:75:a9:45:ee: + 73:46:fe:29:69:c0:99:bb:fc:3a:db:c0:5f:69:c6:b7:ea:9a: + 63:b2:8e:29:2c:a5:5a:88:88:94:75:4b:ab:0a:72:f6:3a:aa: + 5d:6b:3a:5c:b6:9b:57:f5:c1:51:af:df:3c:a6:8a:a3:da:70: + 66:61:49:12:06:78:98:9f:bc:78:3c:43:6d:08:94:aa:32:b6: + f3:cc:af:0d:29:fe:96:47:7d:fe:4a:61:48:90:11:0b:bd:0f: + a0:fd +-----BEGIN CERTIFICATE----- +MIIDajCCAtOgAwIBAgICECIwDQYJKoZIhvcNAQEFBQAwYDELMAkGA1UEBhMCREUx +EDAOBgNVBAgTB0hhbWJ1cmcxFzAVBgNVBAoTDk9wZW5PZmZpY2Uub3JnMRQwEgYD +VQQLEwtEZXZlbG9wbWVudDEQMA4GA1UEAxMHUm9vdCAxMTAeFw0xMDExMDgxMDUx +MzlaFw0xMTExMDgxMDUxMzlaMGAxCzAJBgNVBAYTAkRFMRAwDgYDVQQIEwdIYW1i +dXJnMRcwFQYDVQQKEw5PcGVuT2ZmaWNlLm9yZzEUMBIGA1UECxMLRGV2ZWxvcG1l +bnQxEDAOBgNVBAMTB1VzZXIgMzUwgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGB +AJs2AGTzzpOXYhn6eNlvkmq50ppOBiwCUs2TUIQoGUKiSjTizeawOXrITYS8cVHt +XWx++cwBWktzUKk7Xa3Miffc4N0K/0gBqTQZwGruSyD0zzyUwa6ID8lCGqZHMf43 +BAC77Adfy+5wxMd8b+4DGXbeC9/QSJFnVZuQkfTOVgTVAgMBAAGjggExMIIBLTAL +BgNVHQ8EBAMCBeAwHQYDVR0OBBYEFJFHrCmVXe9yFI+CRQfilEl1xn1zMB8GA1Ud +IwQYMBaAFOhqu8KQ6mxwIj729kgbA+a+t6ZVMIHdBgNVHREEgdUwgdKCEmFsdC5v +cGVub2ZmaWNlLm9yZ4cEwKgHAYcQABMAAAAAAAAAAAAAAAAAF4EQbXlAb3RoZXIu +YWRkcmVzc4gDKgMEoB4GAyoDBKAXDBVzb21lIG90aGVyIGlkZW50aWZpZXKkWDBW +MQswCQYDVQQGEwJERTEXMBUGA1UEChMOT3Blbk9mZmljZS5vcmcxFDASBgNVBAsT +C0RldmVsb3BtZW50MRgwFgYDVQQDEw9Vc2VyIDMyIFJvb3QgMTGGE2h0dHA6Ly9t +eS51cmwuaGVyZS8wDQYJKoZIhvcNAQEFBQADgYEAboDmHoY90mWmF/qALS7chTIF +oWmC4XnR3N5pzZ7wzJB1qUXuc0b+KWnAmbv8OtvAX2nGt+qaY7KOKSylWoiIlHVL +qwpy9jqqXWs6XLabV/XBUa/fPKaKo9pwZmFJEgZ4mJ+8eDxDbQiUqjK288yvDSn+ +lkd9/kphSJARC70PoP0= +-----END CERTIFICATE----- |