summaryrefslogtreecommitdiffstats
path: root/comphelper/source/misc/xmlsechelper.cxx
diff options
context:
space:
mode:
Diffstat (limited to '')
-rw-r--r--comphelper/source/misc/xmlsechelper.cxx319
1 files changed, 319 insertions, 0 deletions
diff --git a/comphelper/source/misc/xmlsechelper.cxx b/comphelper/source/misc/xmlsechelper.cxx
new file mode 100644
index 000000000..c01743b36
--- /dev/null
+++ b/comphelper/source/misc/xmlsechelper.cxx
@@ -0,0 +1,319 @@
+/* -*- Mode: C++; tab-width: 4; indent-tabs-mode: nil; c-basic-offset: 4 -*- */
+/*
+ * This file is part of the LibreOffice project.
+ *
+ * This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/.
+ *
+ * This file incorporates work covered by the following license notice:
+ *
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements. See the NOTICE file distributed
+ * with this work for additional information regarding copyright
+ * ownership. The ASF licenses this file to you under the Apache
+ * License, Version 2.0 (the "License"); you may not use this file
+ * except in compliance with the License. You may obtain a copy of
+ * the License at http://www.apache.org/licenses/LICENSE-2.0 .
+ */
+
+
+#include <comphelper/xmlsechelper.hxx>
+
+#include <rtl/ustrbuf.hxx>
+#include <osl/diagnose.h>
+#include <vector>
+
+using namespace std;
+
+namespace comphelper::xmlsec
+{
+ OUString GetCertificateKind( const css::security::CertificateKind &rKind )
+ {
+ switch (rKind)
+ {
+ case css::security::CertificateKind_X509:
+ return "X.509";
+ case css::security::CertificateKind_OPENPGP:
+ return "OpenPGP";
+ default:
+ return OUString();
+ }
+ }
+
+ /*
+ Creates two strings based on the distinguished name which are displayed in the
+ certificate details view. The first string contains only the values of the attribute
+ and values pairs, which are separated by commas. All escape characters ('"') are
+ removed.
+ The second string is for the details view at the bottom. It shows the attribute/value
+ pairs on different lines. All escape characters ('"') are removed.
+ */
+ pair< OUString, OUString> GetDNForCertDetailsView( const OUString & rRawString)
+ {
+ vector< pair< OUString, OUString > > vecAttrValueOfDN = parseDN(rRawString);
+ OUStringBuffer s1, s2;
+ for (auto i = vecAttrValueOfDN.cbegin(); i < vecAttrValueOfDN.cend(); ++i)
+ {
+ if (i != vecAttrValueOfDN.cbegin())
+ {
+ s1.append(',');
+ s2.append('\n');
+ }
+ s1.append(i->second);
+ s2.append(i->first).append(" = ").append(i->second);
+ }
+ return make_pair(s1.makeStringAndClear(), s2.makeStringAndClear());
+ }
+
+/*
+ Whenever the attribute value contains special characters, such as '"' or ',' (without '')
+ then the value will be enclosed in double quotes by the respective Windows or NSS function
+ which we use to retrieve, for example, the subject name. If double quotes appear in the value then
+ they are escaped with a double quote. This function removes the escape characters.
+*/
+#ifdef _WIN32
+vector< pair< OUString, OUString> > parseDN(const OUString& rRawString)
+{
+ vector< pair<OUString, OUString> > retVal;
+ bool bInEscape = false;
+ bool bInValue = false;
+ bool bInType = true;
+ sal_Int32 nTypeNameStart = 0;
+ OUString sType;
+ OUStringBuffer sbufValue;
+ sal_Int32 length = rRawString.getLength();
+
+ for (sal_Int32 i = 0; i < length; i++)
+ {
+ sal_Unicode c = rRawString[i];
+
+ if (c == '=')
+ {
+ if (! bInValue)
+ {
+ sType = rRawString.copy(nTypeNameStart, i - nTypeNameStart);
+ sType = sType.trim();
+ bInType = false;
+ }
+ else
+ {
+ sbufValue.append(c);
+ }
+ }
+ else if (c == '"')
+ {
+ if (!bInEscape)
+ {
+ //If this is the quote is the first of the couple which enclose the
+ //whole value, because the value contains special characters
+ //then we just drop it. That is, this character must be followed by
+ //a character which is not '"'.
+ if ( i + 1 < length && rRawString[i+1] == '"')
+ bInEscape = true;
+ else
+ bInValue = !bInValue; //value is enclosed in " "
+ }
+ else
+ {
+ //This quote is escaped by a preceding quote and therefore is
+ //part of the value
+ sbufValue.append(c);
+ bInEscape = false;
+ }
+ }
+ else if (c == ',' || c == '+')
+ {
+ //The comma separate the attribute value pairs.
+ //If the comma is not part of a value (the value would then be enclosed in '"'),
+ //then we have reached the end of the value
+ if (!bInValue)
+ {
+ OSL_ASSERT(!sType.isEmpty());
+ retVal.push_back(make_pair(sType, sbufValue.makeStringAndClear()));
+ sType.clear();
+ //The next char is the start of the new type
+ nTypeNameStart = i + 1;
+ bInType = true;
+ }
+ else
+ {
+ //The whole string is enclosed because it contains special characters.
+ //The enclosing '"' are not part of certificate but will be added by
+ //the function (Windows or NSS) which retrieves DN
+ sbufValue.append(c);
+ }
+ }
+ else
+ {
+ if (!bInType)
+ sbufValue.append(c);
+ }
+ }
+ if (sbufValue.getLength())
+ {
+ OSL_ASSERT(!sType.isEmpty());
+ retVal.push_back(make_pair(sType, sbufValue.makeStringAndClear()));
+ }
+ return retVal;
+ }
+#else
+vector< pair< OUString, OUString> > parseDN(const OUString& rRawString)
+ {
+ vector< pair<OUString, OUString> > retVal;
+ //bInEscape == true means that the preceding character is an escape character
+ bool bInEscape = false;
+ bool bInValue = false;
+ bool bInType = true;
+ sal_Int32 nTypeNameStart = 0;
+ OUString sType;
+ OUStringBuffer sbufValue;
+ sal_Int32 length = rRawString.getLength();
+
+ for (sal_Int32 i = 0; i < length; i++)
+ {
+ sal_Unicode c = rRawString[i];
+
+ if (c == '=')
+ {
+ if (! bInValue)
+ {
+ sType = rRawString.copy(nTypeNameStart, i - nTypeNameStart);
+ sType = sType.trim();
+ bInType = false;
+ }
+ else
+ {
+ sbufValue.append(c);
+ }
+ }
+ else if (c == '\\')
+ {
+ if (!bInEscape)
+ {
+ bInEscape = true;
+ }
+ else
+ { // bInEscape is true
+ sbufValue.append(c);
+ bInEscape = false;
+ }
+ }
+ else if (c == '"')
+ {
+ //an unescaped '"' is either at the beginning or end of the value
+ if (!bInEscape)
+ {
+ if ( !bInValue)
+ bInValue = true;
+ else if (bInValue)
+ bInValue = false;
+ }
+ else
+ {
+ //This quote is escaped by a preceding quote and therefore is
+ //part of the value
+ sbufValue.append(c);
+ bInEscape = false;
+ }
+ }
+ else if (c == ',' || c == '+')
+ {
+ //The comma separate the attribute value pairs.
+ //If the comma is not part of a value (the value would then be enclosed in '"'),
+ //then we have reached the end of the value
+ if (!bInValue)
+ {
+ OSL_ASSERT(!sType.isEmpty());
+ retVal.emplace_back(sType, sbufValue.makeStringAndClear());
+ sType.clear();
+ //The next char is the start of the new type
+ nTypeNameStart = i + 1;
+ bInType = true;
+ }
+ else
+ {
+ //The whole string is enclosed because it contains special characters.
+ //The enclosing '"' are not part of certificate but will be added by
+ //the function (Windows or NSS) which retrieves DN
+ sbufValue.append(c);
+ }
+ }
+ else
+ {
+ if (!bInType)
+ {
+ sbufValue.append(c);
+ bInEscape = false;
+ }
+ }
+ }
+ if (!sbufValue.isEmpty())
+ {
+ OSL_ASSERT(!sType.isEmpty());
+ retVal.emplace_back(sType, sbufValue.makeStringAndClear());
+ }
+ return retVal;
+ }
+
+#endif
+
+ OUString GetContentPart( const OUString& _rRawString, const css::security::CertificateKind &rKind )
+ {
+ char const * aIDs[] = { "CN", "OU", "O", "E", nullptr };
+
+ // tdf#131733 Don't process OpenPGP certs, only X509
+ if (rKind == css::security::CertificateKind_OPENPGP )
+ return _rRawString;
+
+ OUString retVal;
+ int i = 0;
+ vector< pair< OUString, OUString > > vecAttrValueOfDN = parseDN(_rRawString);
+ while ( aIDs[i] )
+ {
+ OUString sPartId = OUString::createFromAscii( aIDs[i++] );
+ auto idn = std::find_if(vecAttrValueOfDN.cbegin(), vecAttrValueOfDN.cend(),
+ [&sPartId](const pair< OUString, OUString >& dn) { return dn.first == sPartId; });
+ if (idn != vecAttrValueOfDN.cend())
+ retVal = idn->second;
+ if (!retVal.isEmpty())
+ break;
+ }
+ return retVal.isEmpty() ? _rRawString : retVal;
+ }
+
+ OUString GetHexString( const css::uno::Sequence< sal_Int8 >& _rSeq, const char* _pSep, sal_uInt16 _nLineBreak )
+ {
+ const sal_Int8* pSerNumSeq = _rSeq.getConstArray();
+ int nCnt = _rSeq.getLength();
+ OUStringBuffer aStr;
+ const char pHexDigs[ 17 ] = "0123456789ABCDEF";
+ char pBuffer[ 3 ] = " ";
+ sal_uInt8 nNum;
+ sal_uInt16 nBreakStart = _nLineBreak? _nLineBreak : 1;
+ sal_uInt16 nBreak = nBreakStart;
+ for( int i = 0 ; i < nCnt ; ++i )
+ {
+ nNum = sal_uInt8( pSerNumSeq[ i ] );
+
+ // exchange the buffer[0] and buffer[1], which make it consistent with Mozilla and Windows
+ pBuffer[ 1 ] = pHexDigs[ nNum & 0x0F ];
+ nNum >>= 4;
+ pBuffer[ 0 ] = pHexDigs[ nNum ];
+ aStr.appendAscii( pBuffer );
+
+ --nBreak;
+ if( nBreak )
+ aStr.appendAscii( _pSep );
+ else
+ {
+ nBreak = nBreakStart;
+ aStr.append( '\n' );
+ }
+ }
+
+ return aStr.makeStringAndClear();
+ }
+}
+
+/* vim:set shiftwidth=4 softtabstop=4 expandtab: */