summaryrefslogtreecommitdiff
path: root/xmlsecurity/source/xmlsec/mscrypt/x509certificate_mscryptimpl.cxx
diff options
context:
space:
mode:
authorMichael Stahl <mstahl@redhat.com>2012-01-28 20:52:45 +0100
committerMichael Stahl <mstahl@redhat.com>2012-01-28 20:52:45 +0100
commit2e626373db2412ac22e8c5c27a60d11cd29e875b (patch)
tree9e9f67205cd5b72f1031721273e1534a3a1e5b0f /xmlsecurity/source/xmlsec/mscrypt/x509certificate_mscryptimpl.cxx
parentf7ee7bbd5174b084f018c2ec94d8c70c98ee04da (diff)
replace obsolete "master" branch with README that points at new repoHEADmaster-deletedmaster
Diffstat (limited to 'xmlsecurity/source/xmlsec/mscrypt/x509certificate_mscryptimpl.cxx')
-rw-r--r--xmlsecurity/source/xmlsec/mscrypt/x509certificate_mscryptimpl.cxx656
1 files changed, 0 insertions, 656 deletions
diff --git a/xmlsecurity/source/xmlsec/mscrypt/x509certificate_mscryptimpl.cxx b/xmlsecurity/source/xmlsec/mscrypt/x509certificate_mscryptimpl.cxx
deleted file mode 100644
index 1c608af10..000000000
--- a/xmlsecurity/source/xmlsec/mscrypt/x509certificate_mscryptimpl.cxx
+++ /dev/null
@@ -1,656 +0,0 @@
-/* -*- Mode: C++; tab-width: 4; indent-tabs-mode: nil; c-basic-offset: 4 -*- */
-/*************************************************************************
- *
- * DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS FILE HEADER.
- *
- * Copyright 2000, 2010 Oracle and/or its affiliates.
- *
- * OpenOffice.org - a multi-platform office productivity suite
- *
- * This file is part of OpenOffice.org.
- *
- * OpenOffice.org is free software: you can redistribute it and/or modify
- * it under the terms of the GNU Lesser General Public License version 3
- * only, as published by the Free Software Foundation.
- *
- * OpenOffice.org is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
- * GNU Lesser General Public License version 3 for more details
- * (a copy is included in the LICENSE file that accompanied this code).
- *
- * You should have received a copy of the GNU Lesser General Public License
- * version 3 along with OpenOffice.org. If not, see
- * <http://www.openoffice.org/license.html>
- * for a copy of the LGPLv3 License.
- *
- ************************************************************************/
-
-// MARKER(update_precomp.py): autogen include statement, do not remove
-#include "precompiled_xmlsecurity.hxx"
-#include <sal/config.h>
-#include <comphelper/servicehelper.hxx>
-#include "x509certificate_mscryptimpl.hxx"
-#include "certificateextension_xmlsecimpl.hxx"
-#include "sanextension_mscryptimpl.hxx"
-
-#include "oid.hxx"
-
-#include <rtl/locale.h>
-#include <osl/nlsupport.h>
-#include <osl/process.h>
-#include <utility>
-
-using namespace ::com::sun::star::uno ;
-using namespace ::com::sun::star::security ;
-using ::rtl::OUString ;
-
-using ::com::sun::star::security::XCertificate ;
-using ::com::sun::star::util::DateTime ;
-
-#define OUSTR(x) ::rtl::OUString( RTL_CONSTASCII_USTRINGPARAM(x) )
-
-/*Resturns the index withing rRawString where sTypeName starts and where it ends.
- The starting index is pair.first. The ending index in pair.second points
- one char after the last character of the type.
- sTypeName can be
- "S" or "CN" (without ""). Do not use spaces at the beginning of the type name.
- If the type name is not found then pair.first and pair.second are -1.
-*/
-std::pair< sal_Int32, sal_Int32 >
-findTypeInDN(const OUString& rRawString, const OUString& sTypeName)
-{
- std::pair< sal_Int32, sal_Int32 > retVal;
- bool bInEscape = false;
- bool bInValue = false;
- bool bFound = false;
- sal_Int32 nTypeNameStart = 0;
- sal_Int32 length = rRawString.getLength();
-
- for (sal_Int32 i = 0; i < length; i++)
- {
- sal_Unicode c = rRawString[i];
-
- if (c == '=')
- {
- if (! bInValue)
- {
- OUString sType = rRawString.copy(nTypeNameStart, i - nTypeNameStart);
- sType = sType.trim();
- if (sType.equalsIgnoreAsciiCase(sTypeName))
- {
- bFound = true;
- break;
- }
- }
- }
- else if (c == '"')
- {
- if (!bInEscape)
- {
- //If this is the quote is the first of the couple which enclose the
- //whole value, because the value contains special characters
- //then we just drop it. That is, this character must be followed by
- //a character which is not '"'.
- if ( i + 1 < length && rRawString[i+1] == '"')
- bInEscape = true;
- else
- bInValue = !bInValue; //value is enclosed in " "
- }
- else
- {
- //This quote is escaped by a preceding quote and therefore is
- //part of the value
- bInEscape = false;
- }
- }
- else if (c == ',' || c == '+')
- {
- //The comma separate the attribute value pairs.
- //If the comma is not part of a value (the value would then be enclosed in '"'),
- //then we have reached the end of the value
- if (!bInValue)
- {
- //The next char is the start of the new type
- nTypeNameStart = i + 1;
- }
- }
- }
-
- //Found the Type Name, but there can still be spaces after the last comma
- //and the beginning of the type.
- if (bFound)
- {
- while (true)
- {
- sal_Unicode c = rRawString[nTypeNameStart];
- if (c != ' ' && c != '\t')
- //found
- break;
- nTypeNameStart ++;
- }
- // search end (one after last letter)
- sal_Int32 nTypeNameEnd = nTypeNameStart;
- nTypeNameEnd++;
- while (true)
- {
- sal_Unicode c = rRawString[nTypeNameEnd];
- if (c == ' ' || c == '\t' || c == '=')
- break;
- nTypeNameEnd++;
- }
- retVal = std::make_pair(nTypeNameStart, nTypeNameEnd);
- }
- else
- {
- retVal = std::make_pair(-1, -1);
- }
- return retVal;
-}
-
-
-/*
- MS Crypto uses the 'S' tag (equal to the 'ST' tag in NSS), but the NSS can't recognise
- it, so the 'S' tag should be changed to 'ST' tag. However I am not sure if this is necessary
- anymore, because we provide always the signers certificate when signing. So libmlsec can find
- the private key based on the provided certificate (X509Certificate element) and does not need
- the issuer name (X509IssuerName element). The issuer name in the xml signature has also no
- effect for the signature nor the certificate validation.
- In many RFCs, for example 4519, on speaks of 'ST'. However, the certificate does not contain
- strings for type names. Instead it uses OIDs.
- */
-
-OUString replaceTagSWithTagST(OUString oldDN)
-{
- std::pair<sal_Int32, sal_Int32 > pairIndex = findTypeInDN(oldDN, OUSTR("S"));
-
- if (pairIndex.first != -1)
- {
- OUString newDN = oldDN.copy(0, pairIndex.first);
- newDN += OUSTR("ST");
- newDN += oldDN.copy(pairIndex.second);
- return newDN;
- }
- return oldDN;
-}
-/* end */
-
-X509Certificate_MSCryptImpl :: X509Certificate_MSCryptImpl() :
- m_pCertContext( NULL )
-{
-}
-
-X509Certificate_MSCryptImpl :: ~X509Certificate_MSCryptImpl() {
- if( m_pCertContext != NULL ) {
- CertFreeCertificateContext( m_pCertContext ) ;
- }
-}
-
-//Methods from XCertificate
-sal_Int16 SAL_CALL X509Certificate_MSCryptImpl :: getVersion() throw ( ::com::sun::star::uno::RuntimeException) {
- if( m_pCertContext != NULL && m_pCertContext->pCertInfo != NULL ) {
- return ( char )m_pCertContext->pCertInfo->dwVersion ;
- } else {
- return -1 ;
- }
-}
-
-::com::sun::star::uno::Sequence< sal_Int8 > SAL_CALL X509Certificate_MSCryptImpl :: getSerialNumber() throw ( ::com::sun::star::uno::RuntimeException) {
- if( m_pCertContext != NULL && m_pCertContext->pCertInfo != NULL ) {
- Sequence< sal_Int8 > serial( m_pCertContext->pCertInfo->SerialNumber.cbData ) ;
- for( unsigned int i = 0 ; i < m_pCertContext->pCertInfo->SerialNumber.cbData ; i ++ )
- serial[i] = *( m_pCertContext->pCertInfo->SerialNumber.pbData + m_pCertContext->pCertInfo->SerialNumber.cbData - i - 1 ) ;
-
- return serial ;
- } else {
- return Sequence< sal_Int8 >();
- }
-}
-
-::rtl::OUString SAL_CALL X509Certificate_MSCryptImpl :: getIssuerName() throw ( ::com::sun::star::uno::RuntimeException) {
- if( m_pCertContext != NULL && m_pCertContext->pCertInfo != NULL ) {
- char* issuer ;
- DWORD cbIssuer ;
-
- cbIssuer = CertNameToStr(
- X509_ASN_ENCODING | PKCS_7_ASN_ENCODING ,
- &( m_pCertContext->pCertInfo->Issuer ),
- CERT_X500_NAME_STR | CERT_NAME_STR_REVERSE_FLAG ,
- NULL, 0
- ) ;
-
- // Here the cbIssuer count the last 0x00 , take care.
- if( cbIssuer != 0 ) {
- issuer = new char[ cbIssuer ] ;
- if( issuer == NULL )
- throw RuntimeException() ;
-
- cbIssuer = CertNameToStr(
- X509_ASN_ENCODING | PKCS_7_ASN_ENCODING ,
- &( m_pCertContext->pCertInfo->Issuer ),
- CERT_X500_NAME_STR | CERT_NAME_STR_REVERSE_FLAG ,
- issuer, cbIssuer
- ) ;
-
- if( cbIssuer <= 0 ) {
- delete [] issuer ;
- throw RuntimeException() ;
- }
-
- // for correct encoding
- sal_uInt16 encoding ;
- rtl_Locale *pLocale = NULL ;
- osl_getProcessLocale( &pLocale ) ;
- encoding = osl_getTextEncodingFromLocale( pLocale ) ;
-
- if(issuer[cbIssuer-1] == 0) cbIssuer--; //delimit the last 0x00;
- OUString xIssuer(issuer , cbIssuer ,encoding ) ;
- delete [] issuer ;
-
- return replaceTagSWithTagST(xIssuer);
- } else {
- return OUString() ;
- }
- } else {
- return OUString() ;
- }
-}
-
-::rtl::OUString SAL_CALL X509Certificate_MSCryptImpl :: getSubjectName() throw ( ::com::sun::star::uno::RuntimeException)
-{
- if( m_pCertContext != NULL && m_pCertContext->pCertInfo != NULL )
- {
- wchar_t* subject ;
- DWORD cbSubject ;
-
- cbSubject = CertNameToStrW(
- X509_ASN_ENCODING | PKCS_7_ASN_ENCODING ,
- &( m_pCertContext->pCertInfo->Subject ),
- CERT_X500_NAME_STR | CERT_NAME_STR_REVERSE_FLAG ,
- NULL, 0
- ) ;
-
- if( cbSubject != 0 )
- {
- subject = new wchar_t[ cbSubject ] ;
- if( subject == NULL )
- throw RuntimeException() ;
-
- cbSubject = CertNameToStrW(
- X509_ASN_ENCODING | PKCS_7_ASN_ENCODING ,
- &( m_pCertContext->pCertInfo->Subject ),
- CERT_X500_NAME_STR | CERT_NAME_STR_REVERSE_FLAG ,
- subject, cbSubject
- ) ;
-
- if( cbSubject <= 0 ) {
- delete [] subject ;
- throw RuntimeException() ;
- }
-
- OUString xSubject(reinterpret_cast<const sal_Unicode*>(subject));
- delete [] subject ;
-
- return replaceTagSWithTagST(xSubject);
- } else
- {
- return OUString() ;
- }
- }
- else
- {
- return OUString() ;
- }
-}
-
-::com::sun::star::util::DateTime SAL_CALL X509Certificate_MSCryptImpl :: getNotValidBefore() throw ( ::com::sun::star::uno::RuntimeException ) {
- if( m_pCertContext != NULL && m_pCertContext->pCertInfo != NULL ) {
- SYSTEMTIME explTime ;
- DateTime dateTime ;
- FILETIME localFileTime;
-
- if (FileTimeToLocalFileTime(&( m_pCertContext->pCertInfo->NotBefore ), &localFileTime))
- {
- if( FileTimeToSystemTime( &localFileTime, &explTime ) ) {
- //Convert the time to readable local time
- dateTime.HundredthSeconds = explTime.wMilliseconds / 100 ;
- dateTime.Seconds = explTime.wSecond ;
- dateTime.Minutes = explTime.wMinute ;
- dateTime.Hours = explTime.wHour ;
- dateTime.Day = explTime.wDay ;
- dateTime.Month = explTime.wMonth ;
- dateTime.Year = explTime.wYear ;
- }
- }
-
- return dateTime ;
- } else {
- return DateTime() ;
- }
-}
-
-::com::sun::star::util::DateTime SAL_CALL X509Certificate_MSCryptImpl :: getNotValidAfter() throw ( ::com::sun::star::uno::RuntimeException) {
- if( m_pCertContext != NULL && m_pCertContext->pCertInfo != NULL ) {
- SYSTEMTIME explTime ;
- DateTime dateTime ;
- FILETIME localFileTime;
-
- if (FileTimeToLocalFileTime(&( m_pCertContext->pCertInfo->NotAfter ), &localFileTime))
- {
- if( FileTimeToSystemTime( &localFileTime, &explTime ) ) {
- //Convert the time to readable local time
- dateTime.HundredthSeconds = explTime.wMilliseconds / 100 ;
- dateTime.Seconds = explTime.wSecond ;
- dateTime.Minutes = explTime.wMinute ;
- dateTime.Hours = explTime.wHour ;
- dateTime.Day = explTime.wDay ;
- dateTime.Month = explTime.wMonth ;
- dateTime.Year = explTime.wYear ;
- }
- }
-
- return dateTime ;
- } else {
- return DateTime() ;
- }
-}
-
-::com::sun::star::uno::Sequence< sal_Int8 > SAL_CALL X509Certificate_MSCryptImpl :: getIssuerUniqueID() throw ( ::com::sun::star::uno::RuntimeException) {
- if( m_pCertContext != NULL && m_pCertContext->pCertInfo != NULL ) {
- Sequence< sal_Int8 > issuerUid( m_pCertContext->pCertInfo->IssuerUniqueId.cbData ) ;
- for( unsigned int i = 0 ; i < m_pCertContext->pCertInfo->IssuerUniqueId.cbData; i ++ )
- issuerUid[i] = *( m_pCertContext->pCertInfo->IssuerUniqueId.pbData + i ) ;
-
- return issuerUid ;
- } else {
- return Sequence< sal_Int8 >();
- }
-}
-
-::com::sun::star::uno::Sequence< sal_Int8 > SAL_CALL X509Certificate_MSCryptImpl :: getSubjectUniqueID() throw ( ::com::sun::star::uno::RuntimeException ) {
- if( m_pCertContext != NULL && m_pCertContext->pCertInfo != NULL ) {
- Sequence< sal_Int8 > subjectUid( m_pCertContext->pCertInfo->SubjectUniqueId.cbData ) ;
- for( unsigned int i = 0 ; i < m_pCertContext->pCertInfo->SubjectUniqueId.cbData; i ++ )
- subjectUid[i] = *( m_pCertContext->pCertInfo->SubjectUniqueId.pbData + i ) ;
-
- return subjectUid ;
- } else {
- return Sequence< sal_Int8 >();
- }
-}
-
-::com::sun::star::uno::Sequence< ::com::sun::star::uno::Reference< ::com::sun::star::security::XCertificateExtension > > SAL_CALL X509Certificate_MSCryptImpl :: getExtensions() throw ( ::com::sun::star::uno::RuntimeException ) {
- if( m_pCertContext != NULL && m_pCertContext->pCertInfo != NULL && m_pCertContext->pCertInfo->cExtension != 0 ) {
- CertificateExtension_XmlSecImpl* xExtn ;
- CERT_EXTENSION* pExtn ;
- Sequence< Reference< XCertificateExtension > > xExtns( m_pCertContext->pCertInfo->cExtension ) ;
-
- for( unsigned int i = 0; i < m_pCertContext->pCertInfo->cExtension; i++ ) {
- pExtn = &(m_pCertContext->pCertInfo->rgExtension[i]) ;
-
-
- ::rtl::OUString objId = ::rtl::OUString::createFromAscii( pExtn->pszObjId );
-
- if ( objId.equalsAscii("2.5.29.17") )
- xExtn = (CertificateExtension_XmlSecImpl*) new SanExtensionImpl() ;
- else
- xExtn = new CertificateExtension_XmlSecImpl() ;
- if( xExtn == NULL )
- throw RuntimeException() ;
-
- xExtn->setCertExtn( pExtn->Value.pbData, pExtn->Value.cbData, ( unsigned char* )pExtn->pszObjId, strlen( pExtn->pszObjId ), sal::static_int_cast<sal_Bool>(pExtn->fCritical) ) ;
-
- xExtns[i] = xExtn ;
- }
-
- return xExtns ;
- } else {
- return Sequence< Reference< XCertificateExtension > >();
- }
-}
-
-::com::sun::star::uno::Reference< ::com::sun::star::security::XCertificateExtension > SAL_CALL X509Certificate_MSCryptImpl :: findCertificateExtension( const ::com::sun::star::uno::Sequence< sal_Int8 >& /*oid*/ ) throw (::com::sun::star::uno::RuntimeException) {
- if( m_pCertContext != NULL && m_pCertContext->pCertInfo != NULL && m_pCertContext->pCertInfo->cExtension != 0 ) {
- CertificateExtension_XmlSecImpl* xExtn ;
- CERT_EXTENSION* pExtn ;
- Sequence< Reference< XCertificateExtension > > xExtns( m_pCertContext->pCertInfo->cExtension ) ;
-
- xExtn = NULL ;
- for( unsigned int i = 0; i < m_pCertContext->pCertInfo->cExtension; i++ ) {
- pExtn = &( m_pCertContext->pCertInfo->rgExtension[i] ) ;
-
- //TODO: Compare the oid
- if( 0 ) {
- xExtn = new CertificateExtension_XmlSecImpl() ;
- if( xExtn == NULL )
- throw RuntimeException() ;
-
- xExtn->setCertExtn( pExtn->Value.pbData, pExtn->Value.cbData, ( unsigned char* )pExtn->pszObjId, strlen( pExtn->pszObjId ), sal::static_int_cast<sal_Bool>(pExtn->fCritical) ) ;
- }
- }
-
- return xExtn ;
- } else {
- return NULL ;
- }
-}
-
-
-::com::sun::star::uno::Sequence< sal_Int8 > SAL_CALL X509Certificate_MSCryptImpl :: getEncoded() throw ( ::com::sun::star::uno::RuntimeException) {
- if( m_pCertContext != NULL && m_pCertContext->cbCertEncoded > 0 ) {
- Sequence< sal_Int8 > rawCert( m_pCertContext->cbCertEncoded ) ;
-
- for( unsigned int i = 0 ; i < m_pCertContext->cbCertEncoded ; i ++ )
- rawCert[i] = *( m_pCertContext->pbCertEncoded + i ) ;
-
- return rawCert ;
- } else {
- return Sequence< sal_Int8 >();
- }
-}
-
-//Helper methods
-void X509Certificate_MSCryptImpl :: setMswcryCert( const CERT_CONTEXT* cert ) {
- if( m_pCertContext != NULL ) {
- CertFreeCertificateContext( m_pCertContext ) ;
- m_pCertContext = NULL ;
- }
-
- if( cert != NULL ) {
- m_pCertContext = CertDuplicateCertificateContext( cert ) ;
- }
-}
-
-const CERT_CONTEXT* X509Certificate_MSCryptImpl :: getMswcryCert() const {
- if( m_pCertContext != NULL ) {
- return m_pCertContext ;
- } else {
- return NULL ;
- }
-}
-
-void X509Certificate_MSCryptImpl :: setRawCert( Sequence< sal_Int8 > rawCert ) throw ( ::com::sun::star::uno::RuntimeException) {
- if( m_pCertContext != NULL ) {
- CertFreeCertificateContext( m_pCertContext ) ;
- m_pCertContext = NULL ;
- }
-
- if( rawCert.getLength() != 0 ) {
- m_pCertContext = CertCreateCertificateContext( X509_ASN_ENCODING, ( const sal_uInt8* )&rawCert[0], rawCert.getLength() ) ;
- }
-}
-
-/* XUnoTunnel */
-sal_Int64 SAL_CALL X509Certificate_MSCryptImpl :: getSomething( const Sequence< sal_Int8 >& aIdentifier ) throw( RuntimeException ) {
- if( aIdentifier.getLength() == 16 && 0 == rtl_compareMemory( getUnoTunnelId().getConstArray(), aIdentifier.getConstArray(), 16 ) ) {
- return ( sal_Int64 )this ;
- }
- return 0 ;
-}
-
-/* XUnoTunnel extension */
-
-namespace
-{
- class theX509Certificate_MSCryptImplUnoTunnelId : public rtl::Static< UnoTunnelIdInit, theX509Certificate_MSCryptImplUnoTunnelId > {};
-}
-
-const Sequence< sal_Int8>& X509Certificate_MSCryptImpl :: getUnoTunnelId() {
- return theX509Certificate_MSCryptImplUnoTunnelId::get().getSeq();
-}
-
-/* XUnoTunnel extension */
-X509Certificate_MSCryptImpl* X509Certificate_MSCryptImpl :: getImplementation( const Reference< XInterface > xObj ) {
- Reference< XUnoTunnel > xUT( xObj , UNO_QUERY ) ;
- if( xUT.is() ) {
- return ( X509Certificate_MSCryptImpl* )xUT->getSomething( getUnoTunnelId() ) ;
- } else
- return NULL ;
-}
-
-::rtl::OUString findOIDDescription(char *oid)
-{
- OUString ouOID = OUString::createFromAscii( oid );
- for (int i=0; i<nOID; i++)
- {
- OUString item = OUString::createFromAscii( OIDs[i].oid );
- if (ouOID == item)
- {
- return OUString::createFromAscii( OIDs[i].desc );
- }
- }
-
- return OUString() ;
-}
-
-::com::sun::star::uno::Sequence< sal_Int8 > getThumbprint(const CERT_CONTEXT* pCertContext, DWORD dwPropId)
-{
- if( pCertContext != NULL )
- {
- DWORD cbData = 20;
- unsigned char fingerprint[20];
- if (CertGetCertificateContextProperty(pCertContext, dwPropId, (void*)fingerprint, &cbData))
- {
- Sequence< sal_Int8 > thumbprint( cbData ) ;
- for( unsigned int i = 0 ; i < cbData ; i ++ )
- {
- thumbprint[i] = fingerprint[i];
- }
-
- return thumbprint;
- }
- else
- {
- DWORD e = GetLastError();
- cbData = e;
- }
- }
-
- return Sequence< sal_Int8 >();
-}
-
-::rtl::OUString SAL_CALL X509Certificate_MSCryptImpl::getSubjectPublicKeyAlgorithm()
- throw ( ::com::sun::star::uno::RuntimeException)
-{
- if( m_pCertContext != NULL && m_pCertContext->pCertInfo != NULL )
- {
- CRYPT_ALGORITHM_IDENTIFIER algorithm = m_pCertContext->pCertInfo->SubjectPublicKeyInfo.Algorithm;
- return findOIDDescription( algorithm.pszObjId ) ;
- }
- else
- {
- return OUString() ;
- }
-}
-
-::com::sun::star::uno::Sequence< sal_Int8 > SAL_CALL X509Certificate_MSCryptImpl::getSubjectPublicKeyValue()
- throw ( ::com::sun::star::uno::RuntimeException)
-{
- if( m_pCertContext != NULL && m_pCertContext->pCertInfo != NULL )
- {
- CRYPT_BIT_BLOB publicKey = m_pCertContext->pCertInfo->SubjectPublicKeyInfo.PublicKey;
-
- Sequence< sal_Int8 > key( publicKey.cbData ) ;
- for( unsigned int i = 0 ; i < publicKey.cbData ; i++ )
- {
- key[i] = *(publicKey.pbData + i) ;
- }
-
- return key;
- }
- else
- {
- return Sequence< sal_Int8 >();
- }
-}
-
-::rtl::OUString SAL_CALL X509Certificate_MSCryptImpl::getSignatureAlgorithm()
- throw ( ::com::sun::star::uno::RuntimeException)
-{
- if( m_pCertContext != NULL && m_pCertContext->pCertInfo != NULL )
- {
- CRYPT_ALGORITHM_IDENTIFIER algorithm = m_pCertContext->pCertInfo->SignatureAlgorithm;
- return findOIDDescription( algorithm.pszObjId ) ;
- }
- else
- {
- return OUString() ;
- }
-}
-
-::com::sun::star::uno::Sequence< sal_Int8 > SAL_CALL X509Certificate_MSCryptImpl::getSHA1Thumbprint()
- throw ( ::com::sun::star::uno::RuntimeException)
-{
- return getThumbprint(m_pCertContext, CERT_SHA1_HASH_PROP_ID);
-}
-
-::com::sun::star::uno::Sequence< sal_Int8 > SAL_CALL X509Certificate_MSCryptImpl::getMD5Thumbprint()
- throw ( ::com::sun::star::uno::RuntimeException)
-{
- return getThumbprint(m_pCertContext, CERT_MD5_HASH_PROP_ID);
-}
-
-sal_Int32 SAL_CALL X509Certificate_MSCryptImpl::getCertificateUsage( )
- throw ( ::com::sun::star::uno::RuntimeException)
-{
- sal_Int32 usage =
- CERT_DATA_ENCIPHERMENT_KEY_USAGE |
- CERT_DIGITAL_SIGNATURE_KEY_USAGE |
- CERT_KEY_AGREEMENT_KEY_USAGE |
- CERT_KEY_CERT_SIGN_KEY_USAGE |
- CERT_KEY_ENCIPHERMENT_KEY_USAGE |
- CERT_NON_REPUDIATION_KEY_USAGE |
- CERT_OFFLINE_CRL_SIGN_KEY_USAGE;
-
- if( m_pCertContext != NULL && m_pCertContext->pCertInfo != NULL && m_pCertContext->pCertInfo->cExtension != 0 )
- {
- CERT_EXTENSION* pExtn = CertFindExtension(
- szOID_KEY_USAGE,
- m_pCertContext->pCertInfo->cExtension,
- m_pCertContext->pCertInfo->rgExtension);
-
- if (pExtn != NULL)
- {
- CERT_KEY_USAGE_RESTRICTION_INFO keyUsage;
- DWORD length = sizeof(CERT_KEY_USAGE_RESTRICTION_INFO);
-
- bool rc = CryptDecodeObject(
- X509_ASN_ENCODING,
- X509_KEY_USAGE,
- pExtn->Value.pbData,
- pExtn->Value.cbData,
- CRYPT_DECODE_NOCOPY_FLAG,
- (void *)&keyUsage,
- &length);
-
- if (rc && keyUsage.RestrictedKeyUsage.cbData!=0)
- {
- usage = (sal_Int32)keyUsage.RestrictedKeyUsage.pbData;
- }
- }
- }
-
- return usage;
-}
-
-/* vim:set shiftwidth=4 softtabstop=4 expandtab: */