diff options
| author | Miklos Vajna <vmiklos@collabora.co.uk> | 2016-02-11 17:11:55 +0100 |
|---|---|---|
| committer | Miklos Vajna <vmiklos@collabora.co.uk> | 2016-02-11 17:30:02 +0100 |
| commit | f09f61c9b4f474a95fafa144b4eb18dbdf2a166c (patch) | |
| tree | 7a9a3a9e8bd70d0f1969d74e46def7728e367faf | |
| parent | df4ebee2eff7f3766b604f4928ddf0f0f6e810bd (diff) | |
xmlsecurity: expose the certificate's SHA-256 checksum in the NSS backend
OOXML export will need an SHA-256 hash of the certificate, introducing
a css::security::XCertificate2 just for this would be probably an
overkill. The same will have to be done in the mscrypto backend in the
near future.
Change-Id: Id2df06416a713927edd60e1253ff8e1c09dd706a
| -rw-r--r-- | xmlsecurity/inc/certificate.hxx | 34 | ||||
| -rw-r--r-- | xmlsecurity/source/xmlsec/nss/x509certificate_nssimpl.cxx | 24 | ||||
| -rw-r--r-- | xmlsecurity/source/xmlsec/nss/x509certificate_nssimpl.hxx | 6 |
3 files changed, 61 insertions, 3 deletions
diff --git a/xmlsecurity/inc/certificate.hxx b/xmlsecurity/inc/certificate.hxx new file mode 100644 index 000000000000..2c0e0498bcf9 --- /dev/null +++ b/xmlsecurity/inc/certificate.hxx @@ -0,0 +1,34 @@ +/* -*- Mode: C++; tab-width: 4; indent-tabs-mode: nil; c-basic-offset: 4 -*- */ +/* + * This file is part of the LibreOffice project. + * + * This Source Code Form is subject to the terms of the Mozilla Public + * License, v. 2.0. If a copy of the MPL was not distributed with this + * file, You can obtain one at http://mozilla.org/MPL/2.0/. + */ + +#ifndef INCLUDED_XMLSECURITY_INC_CERTIFICATE_H +#define INCLUDED_XMLSECURITY_INC_CERTIFICATE_H + +#include <sal/types.h> + +namespace xmlsecurity +{ + +/// Extension of css::security::XCertificate for module-internal purposes. +class SAL_NO_VTABLE SAL_DLLPUBLIC_RTTI Certificate +{ +public: + + /// Returns the SHA-256 thumbprint. + virtual css::uno::Sequence<sal_Int8> getSHA256Thumbprint() throw (css::uno::RuntimeException, std::exception) = 0; + +protected: + ~Certificate() throw () {} +}; + +} + +#endif // INCLUDED_XMLSECURITY_INC_CERTIFICATE_H + +/* vim:set shiftwidth=4 softtabstop=4 expandtab: */ diff --git a/xmlsecurity/source/xmlsec/nss/x509certificate_nssimpl.cxx b/xmlsecurity/source/xmlsec/nss/x509certificate_nssimpl.cxx index 0939a1f95bfb..9d7cd557db20 100644 --- a/xmlsecurity/source/xmlsec/nss/x509certificate_nssimpl.cxx +++ b/xmlsecurity/source/xmlsec/nss/x509certificate_nssimpl.cxx @@ -35,6 +35,7 @@ #include "sanextension_nssimpl.hxx" #include <tools/time.hxx> +using namespace ::com::sun::star; using namespace ::com::sun::star::uno ; using namespace ::com::sun::star::security ; @@ -337,8 +338,22 @@ OUString getAlgorithmDescription(SECAlgorithmID *aid) if( pCert != nullptr ) { SECStatus rv; - unsigned char fingerprint[20]; - int length = ((id == SEC_OID_MD5)?MD5_LENGTH:SHA1_LENGTH); + unsigned char fingerprint[32]; + int length = 0; + switch (id) + { + case SEC_OID_MD5: + length = MD5_LENGTH; + break; + case SEC_OID_SHA1: + length = SHA1_LENGTH; + break; + case SEC_OID_SHA256: + length = SHA256_LENGTH; + break; + default: + break; + } memset(fingerprint, 0, sizeof fingerprint); rv = PK11_HashBuf(id, fingerprint, pCert->derCert.data, pCert->derCert.len); @@ -409,6 +424,11 @@ OUString SAL_CALL X509Certificate_NssImpl::getSignatureAlgorithm() return getThumbprint(m_pCert, SEC_OID_SHA1); } +uno::Sequence<sal_Int8> X509Certificate_NssImpl::getSHA256Thumbprint() throw (uno::RuntimeException, std::exception) +{ + return getThumbprint(m_pCert, SEC_OID_SHA256); +} + ::com::sun::star::uno::Sequence< sal_Int8 > SAL_CALL X509Certificate_NssImpl::getMD5Thumbprint() throw ( ::com::sun::star::uno::RuntimeException, std::exception) { diff --git a/xmlsecurity/source/xmlsec/nss/x509certificate_nssimpl.hxx b/xmlsecurity/source/xmlsec/nss/x509certificate_nssimpl.hxx index 70714a4a8bc3..7bad209b7177 100644 --- a/xmlsecurity/source/xmlsec/nss/x509certificate_nssimpl.hxx +++ b/xmlsecurity/source/xmlsec/nss/x509certificate_nssimpl.hxx @@ -29,11 +29,12 @@ #include <com/sun/star/uno/SecurityException.hpp> #include <com/sun/star/security/XCertificate.hpp> +#include <certificate.hxx> #include "cert.h" class X509Certificate_NssImpl : public ::cppu::WeakImplHelper< ::com::sun::star::security::XCertificate , - ::com::sun::star::lang::XUnoTunnel > + ::com::sun::star::lang::XUnoTunnel > , public xmlsecurity::Certificate { private: CERTCertificate* m_pCert ; @@ -82,6 +83,9 @@ class X509Certificate_NssImpl : public ::cppu::WeakImplHelper< //Methods from XUnoTunnel virtual sal_Int64 SAL_CALL getSomething( const ::com::sun::star::uno::Sequence< sal_Int8 >& aIdentifier ) throw (com::sun::star::uno::RuntimeException, std::exception) override; + /// @see xmlsecurity::Certificate::getSHA256Thumbprint(). + virtual css::uno::Sequence<sal_Int8> getSHA256Thumbprint() throw (css::uno::RuntimeException, std::exception) override; + static const ::com::sun::star::uno::Sequence< sal_Int8 >& getUnoTunnelId() ; //Helper methods |