summaryrefslogtreecommitdiffstats
path: root/xmlsecurity/qa/certext
diff options
context:
space:
mode:
Diffstat (limited to '')
-rw-r--r--xmlsecurity/qa/certext/SanCertExt.cxx260
-rw-r--r--xmlsecurity/qa/certext/User_35_Root_11.crt64
2 files changed, 324 insertions, 0 deletions
diff --git a/xmlsecurity/qa/certext/SanCertExt.cxx b/xmlsecurity/qa/certext/SanCertExt.cxx
new file mode 100644
index 000000000..c117f4c00
--- /dev/null
+++ b/xmlsecurity/qa/certext/SanCertExt.cxx
@@ -0,0 +1,260 @@
+/* -*- Mode: C++; tab-width: 4; indent-tabs-mode: nil; c-basic-offset: 4 -*- */
+/*
+ * This file is part of the LibreOffice project.
+ *
+ * This Source Code Form is subject to the terms of the Mozilla Public
+ * License, v. 2.0. If a copy of the MPL was not distributed with this
+ * file, You can obtain one at http://mozilla.org/MPL/2.0/.
+ *
+ * This file incorporates work covered by the following license notice:
+ *
+ * Licensed to the Apache Software Foundation (ASF) under one or more
+ * contributor license agreements. See the NOTICE file distributed
+ * with this work for additional information regarding copyright
+ * ownership. The ASF licenses this file to you under the Apache
+ * License, Version 2.0 (the "License"); you may not use this file
+ * except in compliance with the License. You may obtain a copy of
+ * the License at http://www.apache.org/licenses/LICENSE-2.0 .
+ */
+
+#include <test/officeconnection.hxx>
+
+#include <com/sun/star/security/XSanExtension.hpp>
+#include <com/sun/star/security/ExtAltNameType.hpp>
+#include <com/sun/star/xml/crypto/XSecurityEnvironment.hpp>
+#include <com/sun/star/xml/crypto/SEInitializer.hpp>
+#include <com/sun/star/xml/crypto/XXMLSecurityContext.hpp>
+#include <com/sun/star/security/XCertificate.hpp>
+#include <com/sun/star/lang/XMultiServiceFactory.hpp>
+#include <com/sun/star/beans/NamedValue.hpp>
+#include <com/sun/star/uno/XComponentContext.hpp>
+#include <com/sun/star/uno/Reference.hxx>
+
+#include <cppuhelper/bootstrap.hxx>
+#include "cppunit/TestAssert.h"
+#include "cppunit/TestFixture.h"
+#include "cppunit/extensions/HelperMacros.h"
+#include "cppunit/plugin/TestPlugIn.h"
+#include <sal/types.h>
+#include <rtl/ustring.hxx>
+
+#include <neon/ne_ssl.h>
+
+using namespace com::sun::star;
+
+#define OID_SUBJECT_ALTERNATIVE_NAME "2.5.29.17"
+
+
+namespace {
+
+ class Test: public CppUnit::TestFixture {
+
+ private:
+ static uno::Sequence< security::CertAltNameEntry > altNames;
+ static bool runOnce;
+
+ uno::Reference< xml::crypto::XSecurityEnvironment > initUno();
+ void init();
+ OString getB64CertFromFile(const char filename[]);
+ test::OfficeConnection connection_;
+
+ public:
+
+ Test();
+
+ ~Test();
+
+ void test_Others();
+
+ void test_RFC822();
+
+ void test_DNS();
+
+ void test_Directory();
+
+ void test_URI();
+
+ void test_IP();
+
+ void test_RID();
+
+ void test_EDI();
+
+ void test_X400();
+
+ CPPUNIT_TEST_SUITE(Test);
+ CPPUNIT_TEST(test_Others);
+ CPPUNIT_TEST(test_RFC822);
+ CPPUNIT_TEST(test_DNS);
+ CPPUNIT_TEST(test_Directory);
+ CPPUNIT_TEST(test_URI);
+ CPPUNIT_TEST(test_IP);
+ CPPUNIT_TEST(test_RID);
+ CPPUNIT_TEST(test_EDI);
+ CPPUNIT_TEST(test_X400);
+ CPPUNIT_TEST_SUITE_END();
+ };
+
+ uno::Sequence< security::CertAltNameEntry > Test::altNames;
+ bool Test::runOnce = false;
+
+ CPPUNIT_TEST_SUITE_REGISTRATION(Test);
+
+ Test::Test()
+ {
+ if (runOnce)
+ return;
+ runOnce = true;
+ connection_.setUp();
+ init();
+ }
+
+ Test::~Test()
+ {
+ if (runOnce)
+ {
+ connection_.tearDown();
+ runOnce = false;
+ }
+ }
+
+
+ uno::Reference< xml::crypto::XSecurityEnvironment > Test::initUno()
+ {
+ uno::Reference< uno::XComponentContext > context(connection_.getComponentContext(), uno::UNO_QUERY_THROW);
+ uno::Reference< lang::XMultiServiceFactory > factory(context->getServiceManager(), uno::UNO_QUERY_THROW);
+ uno::Reference< xml::crypto::XSEInitializer > xSEInitializer = xml::crypto::SEInitializer::create(context);
+ uno::Reference< xml::crypto::XXMLSecurityContext > xSecurityContext(
+ xSEInitializer->createSecurityContext(OUString()));
+ return xSecurityContext->getSecurityEnvironment();
+ }
+
+
+ void Test::init()
+ {
+ uno::Reference< xml::crypto::XSecurityEnvironment > xSecurityEnv = initUno();
+ OString b64Cert(getB64CertFromFile("User_35_Root_11.crt"));
+ uno::Reference< security::XCertificate > xCert = xSecurityEnv->createCertificateFromAscii(
+ OStringToOUString( b64Cert, RTL_TEXTENCODING_ASCII_US ) );
+ uno::Sequence< uno::Reference< security::XCertificateExtension > > extensions = xCert->getExtensions();
+ for (sal_Int32 i = 0 ; i < extensions.getLength(); i++)
+ {
+ uno::Reference< security::XCertificateExtension >element = extensions[i];
+ OString aId ( (const char *)element->getExtensionId().getArray(), element->getExtensionId().getLength());
+ if (aId.equals(OID_SUBJECT_ALTERNATIVE_NAME))
+ {
+ uno::Reference< security::XSanExtension > sanExtension ( element, uno::UNO_QUERY );
+ altNames = sanExtension->getAlternativeNames();
+ break;
+ }
+ }
+ }
+
+ OString Test::getB64CertFromFile(const char filename[])
+ {
+ ne_ssl_certificate* cert = ne_ssl_cert_read(filename);
+ char* certExportB64 = ne_ssl_cert_export(cert);
+ OString certB64( certExportB64 );
+ return certB64;
+ }
+
+
+ void Test::test_Others() {
+ CPPUNIT_ASSERT_ASSERTION_PASS( CPPUNIT_ASSERT( altNames.getLength() > 0 ) );
+ for(int n = 1; n < altNames.getLength(); n++)
+ {
+ if (altNames[n].Type == security::ExtAltNameType_OTHER_NAME)
+ {
+ css::beans::NamedValue otherNameProp;
+ if (altNames[n].Value >>= otherNameProp)
+ {
+ CPPUNIT_ASSERT_EQUAL( OUString("1.2.3.4"), otherNameProp.Name);
+ uno::Sequence< sal_Int8 > ipAddress;
+ otherNameProp.Value >>= ipAddress;
+ CPPUNIT_ASSERT_ASSERTION_PASS( CPPUNIT_ASSERT( ipAddress.getLength() > 0 ) );
+ }
+ }
+ }
+ }
+
+ void Test::test_RFC822() {
+ CPPUNIT_ASSERT_ASSERTION_PASS( CPPUNIT_ASSERT( altNames.getLength() > 0 ) );
+ for(int n = 1; n < altNames.getLength(); n++)
+ {
+ if (altNames[n].Type == security::ExtAltNameType_RFC822_NAME)
+ {
+ OUString value;
+ altNames[n].Value >>= value;
+ CPPUNIT_ASSERT_EQUAL( OUString("my@other.address"), value);
+ }
+ }
+ }
+
+ void Test::test_DNS() {
+ CPPUNIT_ASSERT_ASSERTION_PASS( CPPUNIT_ASSERT( altNames.getLength() > 0 ) );
+ for(int n = 1; n < altNames.getLength(); n++)
+ {
+ if (altNames[n].Type == security::ExtAltNameType_DNS_NAME)
+ {
+ OUString value;
+ altNames[n].Value >>= value;
+ CPPUNIT_ASSERT_EQUAL( OUString("alt.openoffice.org"), value);
+ }
+ }
+ }
+
+ void Test::test_Directory() {
+ // Not implemented
+ }
+
+ void Test::test_URI() {
+ CPPUNIT_ASSERT_ASSERTION_PASS( CPPUNIT_ASSERT( altNames.getLength() > 0 ) );
+ for(int n = 1; n < altNames.getLength(); n++)
+ {
+ if (altNames[n].Type == security::ExtAltNameType_URL)
+ {
+ OUString value;
+ altNames[n].Value >>= value;
+ CPPUNIT_ASSERT_EQUAL( OUString("http://my.url.here/"), value);
+ }
+ }
+ }
+
+ void Test::test_IP() {
+ CPPUNIT_ASSERT_ASSERTION_PASS( CPPUNIT_ASSERT( altNames.getLength() > 0 ) );
+ for(int n = 1; n < altNames.getLength(); n++)
+ {
+ if (altNames[n].Type == security::ExtAltNameType_IP_ADDRESS)
+ {
+ uno::Sequence< sal_Int8 > ipAddress;
+ altNames[n].Value >>= ipAddress;
+ CPPUNIT_ASSERT_ASSERTION_PASS( CPPUNIT_ASSERT( ipAddress.getLength() > 0 ) );
+ }
+ }
+
+ }
+
+ void Test::test_RID() {
+ CPPUNIT_ASSERT_ASSERTION_PASS( CPPUNIT_ASSERT( altNames.getLength() > 0 ) );
+ for(int n = 1; n < altNames.getLength(); n++)
+ {
+ if (altNames[n].Type == security::ExtAltNameType_REGISTERED_ID)
+ {
+ OUString value;
+ altNames[n].Value >>= value;
+ CPPUNIT_ASSERT( OUString("1.2.3.4").equals(value));
+ }
+ }
+ }
+
+ void Test::test_EDI() {
+ // Not implemented
+ }
+
+ void Test::test_X400() {
+ // Not implemented
+ }
+}
+CPPUNIT_PLUGIN_IMPLEMENT();
+
+/* vim:set shiftwidth=4 softtabstop=4 expandtab: */
diff --git a/xmlsecurity/qa/certext/User_35_Root_11.crt b/xmlsecurity/qa/certext/User_35_Root_11.crt
new file mode 100644
index 000000000..0092d16c7
--- /dev/null
+++ b/xmlsecurity/qa/certext/User_35_Root_11.crt
@@ -0,0 +1,64 @@
+Certificate:
+ Data:
+ Version: 3 (0x2)
+ Serial Number: 4130 (0x1022)
+ Signature Algorithm: sha1WithRSAEncryption
+ Issuer: C=DE, ST=Hamburg, O=OpenOffice.org, OU=Development, CN=Root 11
+ Validity
+ Not Before: Nov 8 10:51:39 2010 GMT
+ Not After : Nov 8 10:51:39 2011 GMT
+ Subject: C=DE, ST=Hamburg, O=OpenOffice.org, OU=Development, CN=User 35
+ Subject Public Key Info:
+ Public Key Algorithm: rsaEncryption
+ RSA Public Key: (1024 bit)
+ Modulus (1024 bit):
+ 00:9b:36:00:64:f3:ce:93:97:62:19:fa:78:d9:6f:
+ 92:6a:b9:d2:9a:4e:06:2c:02:52:cd:93:50:84:28:
+ 19:42:a2:4a:34:e2:cd:e6:b0:39:7a:c8:4d:84:bc:
+ 71:51:ed:5d:6c:7e:f9:cc:01:5a:4b:73:50:a9:3b:
+ 5d:ad:cc:89:f7:dc:e0:dd:0a:ff:48:01:a9:34:19:
+ c0:6a:ee:4b:20:f4:cf:3c:94:c1:ae:88:0f:c9:42:
+ 1a:a6:47:31:fe:37:04:00:bb:ec:07:5f:cb:ee:70:
+ c4:c7:7c:6f:ee:03:19:76:de:0b:df:d0:48:91:67:
+ 55:9b:90:91:f4:ce:56:04:d5
+ Exponent: 65537 (0x10001)
+ X509v3 extensions:
+ X509v3 Key Usage:
+ Digital Signature, Non Repudiation, Key Encipherment
+ X509v3 Subject Key Identifier:
+ 91:47:AC:29:95:5D:EF:72:14:8F:82:45:07:E2:94:49:75:C6:7D:73
+ X509v3 Authority Key Identifier:
+ keyid:E8:6A:BB:C2:90:EA:6C:70:22:3E:F6:F6:48:1B:03:E6:BE:B7:A6:55
+
+ X509v3 Subject Alternative Name:
+ DNS:alt.openoffice.org, IP Address:192.168.7.1, IP Address:13:0:0:0:0:0:0:17, email:my@other.address, Registered ID:1.2.3.4, othername:<unsupported>, DirName:/C=DE/O=OpenOffice.org/OU=Development/CN=User 32 Root 11, URI:http://my.url.here/
+ Signature Algorithm: sha1WithRSAEncryption
+ 6e:80:e6:1e:86:3d:d2:65:a6:17:fa:80:2d:2e:dc:85:32:05:
+ a1:69:82:e1:79:d1:dc:de:69:cd:9e:f0:cc:90:75:a9:45:ee:
+ 73:46:fe:29:69:c0:99:bb:fc:3a:db:c0:5f:69:c6:b7:ea:9a:
+ 63:b2:8e:29:2c:a5:5a:88:88:94:75:4b:ab:0a:72:f6:3a:aa:
+ 5d:6b:3a:5c:b6:9b:57:f5:c1:51:af:df:3c:a6:8a:a3:da:70:
+ 66:61:49:12:06:78:98:9f:bc:78:3c:43:6d:08:94:aa:32:b6:
+ f3:cc:af:0d:29:fe:96:47:7d:fe:4a:61:48:90:11:0b:bd:0f:
+ a0:fd
+-----BEGIN CERTIFICATE-----
+MIIDajCCAtOgAwIBAgICECIwDQYJKoZIhvcNAQEFBQAwYDELMAkGA1UEBhMCREUx
+EDAOBgNVBAgTB0hhbWJ1cmcxFzAVBgNVBAoTDk9wZW5PZmZpY2Uub3JnMRQwEgYD
+VQQLEwtEZXZlbG9wbWVudDEQMA4GA1UEAxMHUm9vdCAxMTAeFw0xMDExMDgxMDUx
+MzlaFw0xMTExMDgxMDUxMzlaMGAxCzAJBgNVBAYTAkRFMRAwDgYDVQQIEwdIYW1i
+dXJnMRcwFQYDVQQKEw5PcGVuT2ZmaWNlLm9yZzEUMBIGA1UECxMLRGV2ZWxvcG1l
+bnQxEDAOBgNVBAMTB1VzZXIgMzUwgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGB
+AJs2AGTzzpOXYhn6eNlvkmq50ppOBiwCUs2TUIQoGUKiSjTizeawOXrITYS8cVHt
+XWx++cwBWktzUKk7Xa3Miffc4N0K/0gBqTQZwGruSyD0zzyUwa6ID8lCGqZHMf43
+BAC77Adfy+5wxMd8b+4DGXbeC9/QSJFnVZuQkfTOVgTVAgMBAAGjggExMIIBLTAL
+BgNVHQ8EBAMCBeAwHQYDVR0OBBYEFJFHrCmVXe9yFI+CRQfilEl1xn1zMB8GA1Ud
+IwQYMBaAFOhqu8KQ6mxwIj729kgbA+a+t6ZVMIHdBgNVHREEgdUwgdKCEmFsdC5v
+cGVub2ZmaWNlLm9yZ4cEwKgHAYcQABMAAAAAAAAAAAAAAAAAF4EQbXlAb3RoZXIu
+YWRkcmVzc4gDKgMEoB4GAyoDBKAXDBVzb21lIG90aGVyIGlkZW50aWZpZXKkWDBW
+MQswCQYDVQQGEwJERTEXMBUGA1UEChMOT3Blbk9mZmljZS5vcmcxFDASBgNVBAsT
+C0RldmVsb3BtZW50MRgwFgYDVQQDEw9Vc2VyIDMyIFJvb3QgMTGGE2h0dHA6Ly9t
+eS51cmwuaGVyZS8wDQYJKoZIhvcNAQEFBQADgYEAboDmHoY90mWmF/qALS7chTIF
+oWmC4XnR3N5pzZ7wzJB1qUXuc0b+KWnAmbv8OtvAX2nGt+qaY7KOKSylWoiIlHVL
+qwpy9jqqXWs6XLabV/XBUa/fPKaKo9pwZmFJEgZ4mJ+8eDxDbQiUqjK288yvDSn+
+lkd9/kphSJARC70PoP0=
+-----END CERTIFICATE-----