LibreOffice Module comphelper (master)  1
xmlsechelper.cxx
Go to the documentation of this file.
1 /* -*- Mode: C++; tab-width: 4; indent-tabs-mode: nil; c-basic-offset: 4 -*- */
2 /*
3  * This file is part of the LibreOffice project.
4  *
5  * This Source Code Form is subject to the terms of the Mozilla Public
6  * License, v. 2.0. If a copy of the MPL was not distributed with this
7  * file, You can obtain one at http://mozilla.org/MPL/2.0/.
8  *
9  * This file incorporates work covered by the following license notice:
10  *
11  * Licensed to the Apache Software Foundation (ASF) under one or more
12  * contributor license agreements. See the NOTICE file distributed
13  * with this work for additional information regarding copyright
14  * ownership. The ASF licenses this file to you under the Apache
15  * License, Version 2.0 (the "License"); you may not use this file
16  * except in compliance with the License. You may obtain a copy of
17  * the License at http://www.apache.org/licenses/LICENSE-2.0 .
18  */
19 
20 
22 
23 #include <rtl/ustrbuf.hxx>
24 #include <osl/diagnose.h>
25 #include <vector>
26 
27 using namespace std;
28 
30 {
31  OUString GetCertificateKind( const css::security::CertificateKind &rKind )
32  {
33  switch (rKind)
34  {
35  case css::security::CertificateKind_X509:
36  return "X.509";
37  case css::security::CertificateKind_OPENPGP:
38  return "OpenPGP";
39  default:
40  return OUString();
41  }
42  }
43 
44  /*
45  Creates two strings based on the distinguished name which are displayed in the
46  certificate details view. The first string contains only the values of the attribute
47  and values pairs, which are separated by commas. All escape characters ('"') are
48  removed.
49  The second string is for the details view at the bottom. It shows the attribute/value
50  pairs on different lines. All escape characters ('"') are removed.
51  */
52  pair< OUString, OUString> GetDNForCertDetailsView( const OUString & rRawString)
53  {
54  vector< pair< OUString, OUString > > vecAttrValueOfDN = parseDN(rRawString);
55  OUStringBuffer s1, s2;
56  for (auto i = vecAttrValueOfDN.cbegin(); i < vecAttrValueOfDN.cend(); ++i)
57  {
58  if (i != vecAttrValueOfDN.cbegin())
59  {
60  s1.append(',');
61  s2.append('\n');
62  }
63  s1.append(i->second);
64  s2.append(i->first).append(" = ").append(i->second);
65  }
66  return make_pair(s1.makeStringAndClear(), s2.makeStringAndClear());
67  }
68 
69 /*
70  Whenever the attribute value contains special characters, such as '"' or ',' (without '')
71  then the value will be enclosed in double quotes by the respective Windows or NSS function
72  which we use to retrieve, for example, the subject name. If double quotes appear in the value then
73  they are escaped with a double quote. This function removes the escape characters.
74 */
75 #ifdef _WIN32
76 vector< pair< OUString, OUString> > parseDN(const OUString& rRawString)
77 {
78  vector< pair<OUString, OUString> > retVal;
79  bool bInEscape = false;
80  bool bInValue = false;
81  bool bInType = true;
82  sal_Int32 nTypeNameStart = 0;
83  OUString sType;
84  OUStringBuffer sbufValue;
85  sal_Int32 length = rRawString.getLength();
86 
87  for (sal_Int32 i = 0; i < length; i++)
88  {
89  sal_Unicode c = rRawString[i];
90 
91  if (c == '=')
92  {
93  if (! bInValue)
94  {
95  sType = rRawString.copy(nTypeNameStart, i - nTypeNameStart);
96  sType = sType.trim();
97  bInType = false;
98  }
99  else
100  {
101  sbufValue.append(c);
102  }
103  }
104  else if (c == '"')
105  {
106  if (!bInEscape)
107  {
108  //If this is the quote is the first of the couple which enclose the
109  //whole value, because the value contains special characters
110  //then we just drop it. That is, this character must be followed by
111  //a character which is not '"'.
112  if ( i + 1 < length && rRawString[i+1] == '"')
113  bInEscape = true;
114  else
115  bInValue = !bInValue; //value is enclosed in " "
116  }
117  else
118  {
119  //This quote is escaped by a preceding quote and therefore is
120  //part of the value
121  sbufValue.append(c);
122  bInEscape = false;
123  }
124  }
125  else if (c == ',' || c == '+')
126  {
127  //The comma separate the attribute value pairs.
128  //If the comma is not part of a value (the value would then be enclosed in '"'),
129  //then we have reached the end of the value
130  if (!bInValue)
131  {
132  OSL_ASSERT(!sType.isEmpty());
133  retVal.push_back(make_pair(sType, sbufValue.makeStringAndClear()));
134  sType.clear();
135  //The next char is the start of the new type
136  nTypeNameStart = i + 1;
137  bInType = true;
138  }
139  else
140  {
141  //The whole string is enclosed because it contains special characters.
142  //The enclosing '"' are not part of certificate but will be added by
143  //the function (Windows or NSS) which retrieves DN
144  sbufValue.append(c);
145  }
146  }
147  else
148  {
149  if (!bInType)
150  sbufValue.append(c);
151  }
152  }
153  if (sbufValue.getLength())
154  {
155  OSL_ASSERT(!sType.isEmpty());
156  retVal.push_back(make_pair(sType, sbufValue.makeStringAndClear()));
157  }
158  return retVal;
159  }
160 #else
161 vector< pair< OUString, OUString> > parseDN(const OUString& rRawString)
162  {
163  vector< pair<OUString, OUString> > retVal;
164  //bInEscape == true means that the preceding character is an escape character
165  bool bInEscape = false;
166  bool bInValue = false;
167  bool bInType = true;
168  sal_Int32 nTypeNameStart = 0;
169  OUString sType;
170  OUStringBuffer sbufValue;
171  sal_Int32 length = rRawString.getLength();
172 
173  for (sal_Int32 i = 0; i < length; i++)
174  {
175  sal_Unicode c = rRawString[i];
176 
177  if (c == '=')
178  {
179  if (! bInValue)
180  {
181  sType = rRawString.copy(nTypeNameStart, i - nTypeNameStart);
182  sType = sType.trim();
183  bInType = false;
184  }
185  else
186  {
187  sbufValue.append(c);
188  }
189  }
190  else if (c == '\\')
191  {
192  if (!bInEscape)
193  {
194  bInEscape = true;
195  }
196  else
197  { // bInEscape is true
198  sbufValue.append(c);
199  bInEscape = false;
200  }
201  }
202  else if (c == '"')
203  {
204  //an unescaped '"' is either at the beginning or end of the value
205  if (!bInEscape)
206  {
207  if ( !bInValue)
208  bInValue = true;
209  else if (bInValue)
210  bInValue = false;
211  }
212  else
213  {
214  //This quote is escaped by a preceding quote and therefore is
215  //part of the value
216  sbufValue.append(c);
217  bInEscape = false;
218  }
219  }
220  else if (c == ',' || c == '+')
221  {
222  //The comma separate the attribute value pairs.
223  //If the comma is not part of a value (the value would then be enclosed in '"'),
224  //then we have reached the end of the value
225  if (!bInValue)
226  {
227  OSL_ASSERT(!sType.isEmpty());
228  retVal.emplace_back(sType, sbufValue.makeStringAndClear());
229  sType.clear();
230  //The next char is the start of the new type
231  nTypeNameStart = i + 1;
232  bInType = true;
233  }
234  else
235  {
236  //The whole string is enclosed because it contains special characters.
237  //The enclosing '"' are not part of certificate but will be added by
238  //the function (Windows or NSS) which retrieves DN
239  sbufValue.append(c);
240  }
241  }
242  else
243  {
244  if (!bInType)
245  {
246  sbufValue.append(c);
247  bInEscape = false;
248  }
249  }
250  }
251  if (!sbufValue.isEmpty())
252  {
253  OSL_ASSERT(!sType.isEmpty());
254  retVal.emplace_back(sType, sbufValue.makeStringAndClear());
255  }
256  return retVal;
257  }
258 
259 #endif
260 
261  OUString GetContentPart( const OUString& _rRawString, const css::security::CertificateKind &rKind )
262  {
263  char const * aIDs[] = { "CN", "OU", "O", "E", nullptr };
264 
265  // tdf#131733 Don't process OpenPGP certs, only X509
266  if (rKind == css::security::CertificateKind_OPENPGP )
267  return _rRawString;
268 
269  OUString retVal;
270  int i = 0;
271  vector< pair< OUString, OUString > > vecAttrValueOfDN = parseDN(_rRawString);
272  while ( aIDs[i] )
273  {
274  OUString sPartId = OUString::createFromAscii( aIDs[i++] );
275  auto idn = std::find_if(vecAttrValueOfDN.cbegin(), vecAttrValueOfDN.cend(),
276  [&sPartId](const pair< OUString, OUString >& dn) { return dn.first == sPartId; });
277  if (idn != vecAttrValueOfDN.cend())
278  retVal = idn->second;
279  if (!retVal.isEmpty())
280  break;
281  }
282  return retVal.isEmpty() ? _rRawString : retVal;
283  }
284 
285  OUString GetHexString( const css::uno::Sequence< sal_Int8 >& _rSeq, const char* _pSep, sal_uInt16 _nLineBreak )
286  {
287  const sal_Int8* pSerNumSeq = _rSeq.getConstArray();
288  int nCnt = _rSeq.getLength();
289  OUStringBuffer aStr;
290  const char pHexDigs[ 17 ] = "0123456789ABCDEF";
291  char pBuffer[ 3 ] = " ";
292  sal_uInt8 nNum;
293  sal_uInt16 nBreakStart = _nLineBreak? _nLineBreak : 1;
294  sal_uInt16 nBreak = nBreakStart;
295  for( int i = 0 ; i < nCnt ; ++i )
296  {
297  nNum = sal_uInt8( pSerNumSeq[ i ] );
298 
299  // exchange the buffer[0] and buffer[1], which make it consistent with Mozilla and Windows
300  pBuffer[ 1 ] = pHexDigs[ nNum & 0x0F ];
301  nNum >>= 4;
302  pBuffer[ 0 ] = pHexDigs[ nNum ];
303  aStr.appendAscii( pBuffer );
304 
305  --nBreak;
306  if( nBreak )
307  aStr.appendAscii( _pSep );
308  else
309  {
310  nBreak = nBreakStart;
311  aStr.append( '\n' );
312  }
313  }
314 
315  return aStr.makeStringAndClear();
316  }
317 }
318 
319 /* vim:set shiftwidth=4 softtabstop=4 expandtab: */
signed char sal_Int8
sal_uInt16 sal_Unicode
OUString GetCertificateKind(const css::security::CertificateKind &rKind)
pair< OUString, OUString > GetDNForCertDetailsView(const OUString &rRawString)
length
OUString GetHexString(const css::uno::Sequence< sal_Int8 > &_rSeq, const char *_pSep, sal_uInt16 _nLineBreak)
OptionalString sType
int i
OUString GetContentPart(const OUString &_rRawString, const css::security::CertificateKind &rKind)
unsigned char sal_uInt8
if(!pCandidateA->getEnd().equal(pCandidateB->getStart()))
vector< pair< OUString, OUString > > parseDN(const OUString &rRawString)
aStr