diff options
author | Tomaž Vajngerl <tomaz.vajngerl@collabora.co.uk> | 2018-11-29 21:52:26 +0100 |
---|---|---|
committer | Michael Meeks <michael.meeks@collabora.com> | 2019-08-05 21:06:36 -0400 |
commit | 5888ab62b06f5f5f53578b10bbd4db61e50ee8c6 (patch) | |
tree | f67534b95f3ac38acbc8ab118f1afaa6000cad42 /desktop/source/lib/init.cxx | |
parent | e4680c2b746dd8607a92a8470cefd1109caae66f (diff) |
lokit: convert PEM certificate to DER if it is detected as such
Change-Id: I1ae105067c109a32f4acc34749b425d9e4e26514
Reviewed-on: https://gerrit.libreoffice.org/64291
Tested-by: Jenkins
Reviewed-by: Tomaž Vajngerl <quikee@gmail.com>
Diffstat (limited to 'desktop/source/lib/init.cxx')
-rw-r--r-- | desktop/source/lib/init.cxx | 90 |
1 files changed, 84 insertions, 6 deletions
diff --git a/desktop/source/lib/init.cxx b/desktop/source/lib/init.cxx index 0cc4e3bace4c..8d2c594bc3b3 100644 --- a/desktop/source/lib/init.cxx +++ b/desktop/source/lib/init.cxx @@ -49,6 +49,7 @@ #include <comphelper/propertysequence.hxx> #include <comphelper/scopeguard.hxx> #include <comphelper/threadpool.hxx> +#include <comphelper/base64.hxx> #include <com/sun/star/beans/XPropertySet.hpp> #include <com/sun/star/container/XNameAccess.hpp> @@ -535,6 +536,48 @@ int lcl_getViewId(const std::string& payload) return 0; } +std::string extractCertificate(const std::string & certificate) +{ + const std::string header("-----BEGIN CERTIFICATE-----"); + const std::string footer("-----END CERTIFICATE-----"); + + std::string result; + + size_t pos1 = certificate.find(header); + if (pos1 == std::string::npos) + return result; + + size_t pos2 = certificate.find(footer, pos1 + 1); + if (pos2 == std::string::npos) + return result; + + pos1 = pos1 + header.length(); + pos2 = pos2 - pos1; + + return certificate.substr(pos1, pos2); +} + +std::string extractPrivateKey(const std::string & privateKey) +{ + const std::string header("-----BEGIN PRIVATE KEY-----"); + const std::string footer("-----END PRIVATE KEY-----"); + + std::string result; + + size_t pos1 = privateKey.find(header); + if (pos1 == std::string::npos) + return result; + + size_t pos2 = privateKey.find(footer, pos1 + 1); + if (pos2 == std::string::npos) + return result; + + pos1 = pos1 + header.length(); + pos2 = pos2 - pos1; + + return privateKey.substr(pos1, pos2); +} + } // end anonymous namespace // Could be anonymous in principle, but for the unit testing purposes, we @@ -3856,11 +3899,34 @@ static bool doc_insertCertificate(LibreOfficeKitDocument* pThis, if (!xCertificateCreator.is()) return false; - uno::Sequence<sal_Int8> aCertificateSequence(nCertificateBinarySize); - std::copy(pCertificateBinary, pCertificateBinary + nCertificateBinarySize, aCertificateSequence.begin()); + uno::Sequence<sal_Int8> aCertificateSequence; - uno::Sequence<sal_Int8> aPrivateKeySequence(nPrivateKeySize); - std::copy(pPrivateKeyBinary, pPrivateKeyBinary + nPrivateKeySize, aPrivateKeySequence.begin()); + std::string aCertificateString(reinterpret_cast<const char*>(pCertificateBinary), nCertificateBinarySize); + std::string aCertificateBase64String = extractCertificate(aCertificateString); + if (!aCertificateBase64String.empty()) + { + OUString aBase64OUString = OUString::createFromAscii(aCertificateBase64String.c_str()); + comphelper::Base64::decode(aCertificateSequence, aBase64OUString); + } + else + { + aCertificateSequence.realloc(nCertificateBinarySize); + std::copy(pCertificateBinary, pCertificateBinary + nCertificateBinarySize, aCertificateSequence.begin()); + } + + uno::Sequence<sal_Int8> aPrivateKeySequence; + std::string aPrivateKeyString(reinterpret_cast<const char*>(pPrivateKeyBinary), nPrivateKeySize); + std::string aPrivateKeyBase64String = extractPrivateKey(aPrivateKeyString); + if (!aPrivateKeyBase64String.empty()) + { + OUString aBase64OUString = OUString::createFromAscii(aPrivateKeyBase64String.c_str()); + comphelper::Base64::decode(aPrivateKeySequence, aBase64OUString); + } + else + { + aPrivateKeySequence.realloc(nPrivateKeySize); + std::copy(pPrivateKeyBinary, pPrivateKeyBinary + nPrivateKeySize, aPrivateKeySequence.begin()); + } uno::Reference<security::XCertificate> xCertificate; xCertificate = xCertificateCreator->createDERCertificateWithPrivateKey(aCertificateSequence, aPrivateKeySequence); @@ -3904,8 +3970,20 @@ static bool doc_addCertificate(LibreOfficeKitDocument* pThis, if (!xCertificateCreator.is()) return false; - uno::Sequence<sal_Int8> aCertificateSequence(nCertificateBinarySize); - std::copy(pCertificateBinary, pCertificateBinary + nCertificateBinarySize, aCertificateSequence.begin()); + uno::Sequence<sal_Int8> aCertificateSequence; + + std::string aCertificateString(reinterpret_cast<const char*>(pCertificateBinary), nCertificateBinarySize); + std::string aCertificateBase64String = extractCertificate(aCertificateString); + if (!aCertificateBase64String.empty()) + { + OUString aBase64OUString = OUString::createFromAscii(aCertificateBase64String.c_str()); + comphelper::Base64::decode(aCertificateSequence, aBase64OUString); + } + else + { + aCertificateSequence.realloc(nCertificateBinarySize); + std::copy(pCertificateBinary, pCertificateBinary + nCertificateBinarySize, aCertificateSequence.begin()); + } uno::Reference<security::XCertificate> xCertificate; xCertificate = xCertificateCreator->addDERCertificateToTheDatabase(aCertificateSequence, "TCu,Cu,Tu"); |