search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
Version 7.6.3.2-android, tag libreoffice-7.6.3.2-android
[LibreOffice.git] / comphelper / source / misc / xmlsechelper.cxx
blob5b1a438abbeae882161c33eb3b017d570a099f6d
1 /* -*- Mode: C++; tab-width: 4; indent-tabs-mode: nil; c-basic-offset: 4 -*- */
2 /*
3 * This file is part of the LibreOffice project.
4 *
5 * This Source Code Form is subject to the terms of the Mozilla Public
6 * License, v. 2.0. If a copy of the MPL was not distributed with this
7 * file, You can obtain one at http://mozilla.org/MPL/2.0/.
8 *
9 * This file incorporates work covered by the following license notice:
10 *
11 * Licensed to the Apache Software Foundation (ASF) under one or more
12 * contributor license agreements. See the NOTICE file distributed
13 * with this work for additional information regarding copyright
14 * ownership. The ASF licenses this file to you under the Apache
15 * License, Version 2.0 (the "License"); you may not use this file
16 * except in compliance with the License. You may obtain a copy of
17 * the License at http://www.apache.org/licenses/LICENSE-2.0 .
18 */
19
20 #include <comphelper/xmlsechelper.hxx>
21
22 #include <rtl/ustrbuf.hxx>
23 #include <osl/diagnose.h>
24 #include <o3tl/string_view.hxx>
25
26 #include <utility>
27 #include <vector>
28
29 namespace comphelper::xmlsec
30 {
31 OUString GetCertificateKind( const css::security::CertificateKind &rKind )
32 {
33 switch (rKind)
34 {
35 case css::security::CertificateKind_X509:
36 return "X.509";
37 case css::security::CertificateKind_OPENPGP:
38 return "OpenPGP";
39 default:
40 return OUString();
41 }
42 }
43
44 /*
45 Creates two strings based on the distinguished name which are displayed in the
46 certificate details view. The first string contains only the values of the attribute
47 and values pairs, which are separated by commas. All escape characters ('"') are
48 removed.
49 The second string is for the details view at the bottom. It shows the attribute/value
50 pairs on different lines. All escape characters ('"') are removed.
51 */
52 std::pair< OUString, OUString> GetDNForCertDetailsView( std::u16string_view rRawString)
53 {
54 std::vector< std::pair< OUString, OUString > > vecAttrValueOfDN = parseDN(rRawString);
55 OUStringBuffer s1, s2;
56 for (auto i = vecAttrValueOfDN.cbegin(); i < vecAttrValueOfDN.cend(); ++i)
57 {
58 if (i != vecAttrValueOfDN.cbegin())
59 {
60 s1.append(',');
61 s2.append('\n');
62 }
63 s1.append(i->second);
64 s2.append(i->first + " = " + i->second);
65 }
66 return std::make_pair(s1.makeStringAndClear(), s2.makeStringAndClear());
67 }
68
69 /*
70 Whenever the attribute value contains special characters, such as '"' or ',' (without '')
71 then the value will be enclosed in double quotes by the respective Windows or NSS function
72 which we use to retrieve, for example, the subject name. If double quotes appear in the value then
73 they are escaped with a double quote. This function removes the escape characters.
74 */
75 #ifdef _WIN32
76 std::vector< std::pair< OUString, OUString> > parseDN(std::u16string_view rRawString)
77 {
78 std::vector< std::pair<OUString, OUString> > retVal;
79 bool bInEscape = false;
80 bool bInValue = false;
81 bool bInType = true;
82 sal_Int32 nTypeNameStart = 0;
83 std::u16string_view sType;
84 OUStringBuffer sbufValue;
85 size_t length = rRawString.size();
86
87 for (size_t i = 0; i < length; i++)
88 {
89 sal_Unicode c = rRawString[i];
90
91 if (c == '=')
92 {
93 if (! bInValue)
94 {
95 sType = rRawString.substr(nTypeNameStart, i - nTypeNameStart);
96 sType = o3tl::trim(sType);
97 bInType = false;
98 }
99 else
100 {
101 sbufValue.append(c);
102 }
103 }
104 else if (c == '"')
105 {
106 if (!bInEscape)
107 {
108 //If this is the quote is the first of the couple which enclose the
109 //whole value, because the value contains special characters
110 //then we just drop it. That is, this character must be followed by
111 //a character which is not '"'.
112 if ( i + 1 < length && rRawString[i+1] == '"')
113 bInEscape = true;
114 else
115 bInValue = !bInValue; //value is enclosed in " "
116 }
117 else
118 {
119 //This quote is escaped by a preceding quote and therefore is
120 //part of the value
121 sbufValue.append(c);
122 bInEscape = false;
123 }
124 }
125 else if (c == ',' || c == '+')
126 {
127 //The comma separate the attribute value pairs.
128 //If the comma is not part of a value (the value would then be enclosed in '"'),
129 //then we have reached the end of the value
130 if (!bInValue)
131 {
132 OSL_ASSERT(!sType.empty());
133 retVal.push_back(std::make_pair(OUString(sType), sbufValue.makeStringAndClear()));
134 sType = {};
135 //The next char is the start of the new type
136 nTypeNameStart = i + 1;
137 bInType = true;
138 }
139 else
140 {
141 //The whole string is enclosed because it contains special characters.
142 //The enclosing '"' are not part of certificate but will be added by
143 //the function (Windows or NSS) which retrieves DN
144 sbufValue.append(c);
145 }
146 }
147 else
148 {
149 if (!bInType)
150 sbufValue.append(c);
151 }
152 }
153 if (sbufValue.getLength())
154 {
155 OSL_ASSERT(!sType.empty());
156 retVal.push_back(std::make_pair(OUString(sType), sbufValue.makeStringAndClear()));
157 }
158 return retVal;
159 }
160 #else
161 std::vector< std::pair< OUString, OUString> > parseDN(std::u16string_view rRawString)
162 {
163 std::vector< std::pair<OUString, OUString> > retVal;
164 //bInEscape == true means that the preceding character is an escape character
165 bool bInEscape = false;
166 bool bInValue = false;
167 bool bInType = true;
168 sal_Int32 nTypeNameStart = 0;
169 std::u16string_view sType;
170 OUStringBuffer sbufValue;
171 size_t length = rRawString.size();
172
173 for (size_t i = 0; i < length; i++)
174 {
175 sal_Unicode c = rRawString[i];
176
177 if (c == '=')
178 {
179 if (! bInValue)
180 {
181 sType = rRawString.substr(nTypeNameStart, i - nTypeNameStart);
182 sType = o3tl::trim(sType);
183 bInType = false;
184 }
185 else
186 {
187 sbufValue.append(c);
188 }
189 }
190 else if (c == '\\')
191 {
192 if (!bInEscape)
193 {
194 bInEscape = true;
195 }
196 else
197 { // bInEscape is true
198 sbufValue.append(c);
199 bInEscape = false;
200 }
201 }
202 else if (c == '"')
203 {
204 //an unescaped '"' is either at the beginning or end of the value
205 if (!bInEscape)
206 {
207 if ( !bInValue)
208 bInValue = true;
209 else if (bInValue)
210 bInValue = false;
211 }
212 else
213 {
214 //This quote is escaped by a preceding quote and therefore is
215 //part of the value
216 sbufValue.append(c);
217 bInEscape = false;
218 }
219 }
220 else if (c == ',' || c == '+')
221 {
222 //The comma separate the attribute value pairs.
223 //If the comma is not part of a value (the value would then be enclosed in '"'),
224 //then we have reached the end of the value
225 if (!bInValue)
226 {
227 OSL_ASSERT(!sType.empty());
228 retVal.emplace_back(sType, sbufValue.makeStringAndClear());
229 sType = {};
230 //The next char is the start of the new type
231 nTypeNameStart = i + 1;
232 bInType = true;
233 }
234 else
235 {
236 //The whole string is enclosed because it contains special characters.
237 //The enclosing '"' are not part of certificate but will be added by
238 //the function (Windows or NSS) which retrieves DN
239 sbufValue.append(c);
240 }
241 }
242 else
243 {
244 if (!bInType)
245 {
246 sbufValue.append(c);
247 bInEscape = false;
248 }
249 }
250 }
251 if (!sbufValue.isEmpty())
252 {
253 OSL_ASSERT(!sType.empty());
254 retVal.emplace_back(sType, sbufValue.makeStringAndClear());
255 }
256 return retVal;
257 }
258
259 #endif
260
261 OUString GetContentPart( const OUString& _rRawString, const css::security::CertificateKind &rKind )
262 {
263 char const * aIDs[] = { "CN", "OU", "O", "E", nullptr };
264
265 // tdf#131733 Don't process OpenPGP certs, only X509
266 if (rKind == css::security::CertificateKind_OPENPGP )
267 return _rRawString;
268
269 OUString retVal;
270 int i = 0;
271 std::vector< std::pair< OUString, OUString > > vecAttrValueOfDN = parseDN(_rRawString);
272 while ( aIDs[i] )
273 {
274 OUString sPartId = OUString::createFromAscii( aIDs[i++] );
275 auto idn = std::find_if(vecAttrValueOfDN.cbegin(), vecAttrValueOfDN.cend(),
276 [&sPartId](const std::pair< OUString, OUString >& dn) { return dn.first == sPartId; });
277 if (idn != vecAttrValueOfDN.cend())
278 retVal = idn->second;
279 if (!retVal.isEmpty())
280 break;
281 }
282 return retVal.isEmpty() ? _rRawString : retVal;
283 }
284
285 OUString GetHexString( const css::uno::Sequence< sal_Int8 >& _rSeq, const char* _pSep, sal_uInt16 _nLineBreak )
286 {
287 const sal_Int8* pSerNumSeq = _rSeq.getConstArray();
288 int nCnt = _rSeq.getLength();
289 OUStringBuffer aStr;
290 const char pHexDigs[ 17 ] = "0123456789ABCDEF";
291 char pBuffer[ 3 ] = " ";
292 sal_uInt8 nNum;
293 sal_uInt16 nBreakStart = _nLineBreak? _nLineBreak : 1;
294 sal_uInt16 nBreak = nBreakStart;
295 for( int i = 0 ; i < nCnt ; ++i )
296 {
297 nNum = sal_uInt8( pSerNumSeq[ i ] );
298
299 // exchange the buffer[0] and buffer[1], which make it consistent with Mozilla and Windows
300 pBuffer[ 1 ] = pHexDigs[ nNum & 0x0F ];
301 nNum >>= 4;
302 pBuffer[ 0 ] = pHexDigs[ nNum ];
303 aStr.appendAscii( pBuffer );
304
305 --nBreak;
306 if( nBreak )
307 aStr.appendAscii( _pSep );
308 else
309 {
310 nBreak = nBreakStart;
311 aStr.append( '\n' );
312 }
313 }
314
315 return aStr.makeStringAndClear();
316 }
317 }
318
319 /* vim:set shiftwidth=4 softtabstop=4 expandtab: */
FREE OFFICE SUITE