tdf#131733 Show only CN part of X.509 subject info
The problem was that the whole Subject info was returned from
X.509 certs if they did not start with one of "CN", "OU", "O", "E"
Instead of extending this list with random keys, pass the type of cert
and only return the whole Subject info if it's an OpenGPG one, and
process the info unconditionally if it's X.509 like before the OpenGPG
integration
Change-Id: I1aa5d7285e48b0f4a769a073cdfb7732e482792c
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/92675
Tested-by: Jenkins
Reviewed-by: Samuel Mehrbrodt <Samuel.Mehrbrodt@cib.de>
(cherry picked from commit bedba76adb9b1421a7d939cfef44b8194e987888)
Reviewed-on: https://gerrit.libreoffice.org/c/core/+/93129
diff --git a/comphelper/source/misc/xmlsechelper.cxx b/comphelper/source/misc/xmlsechelper.cxx
index d0b4b30..86df56c 100644
--- a/comphelper/source/misc/xmlsechelper.cxx
+++ b/comphelper/source/misc/xmlsechelper.cxx
@@ -260,25 +260,16 @@ vector< pair< OUString, OUString> > parseDN(const OUString& rRawString)
#endif
OUString GetContentPart( const OUString& _rRawString )
OUString GetContentPart( const OUString& _rRawString, const css::security::CertificateKind &rKind )
{
char const * aIDs[] = { "CN", "OU", "O", "E", nullptr };
bool shouldBeParsed = false;
int i = 0;
while ( aIDs[i] )
{
if (_rRawString.startsWith(OUString::createFromAscii(aIDs[i++])))
{
shouldBeParsed = true;
break;
}
}
if (!shouldBeParsed)
// tdf#131733 Don't process OpenPGP certs, only X509
if (rKind == css::security::CertificateKind_OPENPGP )
return _rRawString;
OUString retVal;
i = 0;
int i = 0;
vector< pair< OUString, OUString > > vecAttrValueOfDN = parseDN(_rRawString);
while ( aIDs[i] )
{
@@ -290,7 +281,7 @@ vector< pair< OUString, OUString> > parseDN(const OUString& rRawString)
if (!retVal.isEmpty())
break;
}
return retVal;
return retVal.isEmpty() ? _rRawString : retVal;
}
OUString GetHexString( const css::uno::Sequence< sal_Int8 >& _rSeq, const char* _pSep, sal_uInt16 _nLineBreak )
diff --git a/cui/source/dialogs/SignSignatureLineDialog.cxx b/cui/source/dialogs/SignSignatureLineDialog.cxx
index 00ad09f..96fa942 100644
--- a/cui/source/dialogs/SignSignatureLineDialog.cxx
+++ b/cui/source/dialogs/SignSignatureLineDialog.cxx
@@ -180,8 +180,8 @@ IMPL_LINK_NOARG(SignSignatureLineDialog, chooseCertificate, weld::Button&, void)
if (xSignCertificate.is())
{
m_xSelectedCertifate = xSignCertificate;
m_xBtnChooseCertificate->set_label(
xmlsec::GetContentPart(xSignCertificate->getSubjectName()));
m_xBtnChooseCertificate->set_label(xmlsec::GetContentPart(
xSignCertificate->getSubjectName(), xSignCertificate->getCertificateKind()));
}
ValidateFields();
}
@@ -223,7 +223,9 @@ css::uno::Reference<css::graphic::XGraphic> SignSignatureLineDialog::getSignedGr
OUString aIssuerLine
= CuiResId(RID_SVXSTR_SIGNATURELINE_SIGNED_BY)
.replaceFirst("%1", xmlsec::GetContentPart(m_xSelectedCertifate->getSubjectName()));
.replaceFirst("%1",
xmlsec::GetContentPart(m_xSelectedCertifate->getSubjectName(),
m_xSelectedCertifate->getCertificateKind()));
aSvgImage = aSvgImage.replaceAll("[SIGNED_BY]", getCDataString(aIssuerLine));
if (bValid)
aSvgImage = aSvgImage.replaceAll("[INVALID_SIGNATURE]", "");
diff --git a/include/comphelper/xmlsechelper.hxx b/include/comphelper/xmlsechelper.hxx
index ba702fa..5bf3add 100644
--- a/include/comphelper/xmlsechelper.hxx
+++ b/include/comphelper/xmlsechelper.hxx
@@ -36,7 +36,8 @@ COMPHELPER_DLLPUBLIC OUString GetCertificateKind(const css::security::Certificat
COMPHELPER_DLLPUBLIC std::vector<std::pair<OUString, OUString>> parseDN(const OUString& rRawString);
COMPHELPER_DLLPUBLIC std::pair<OUString, OUString>
GetDNForCertDetailsView(const OUString& rRawString);
COMPHELPER_DLLPUBLIC OUString GetContentPart(const OUString& _rRawString);
COMPHELPER_DLLPUBLIC OUString GetContentPart(const OUString& _rRawString,
const css::security::CertificateKind& rKind);
COMPHELPER_DLLPUBLIC OUString GetHexString(const css::uno::Sequence<sal_Int8>& _rSeq,
const char* _pSep, sal_uInt16 _nLineBreak = 0xFFFF);
diff --git a/sfx2/source/dialog/dinfdlg.cxx b/sfx2/source/dialog/dinfdlg.cxx
index 85d4661..af34596 100644
--- a/sfx2/source/dialog/dinfdlg.cxx
+++ b/sfx2/source/dialog/dinfdlg.cxx
@@ -818,7 +818,7 @@ void SfxDocumentPage::ImplUpdateSignatures()
{
const security::DocumentSignatureInformation& rInfo = aInfos[ 0 ];
s = utl::GetDateTimeString( rInfo.SignatureDate, rInfo.SignatureTime ) + ", " +
comphelper::xmlsec::GetContentPart(rInfo.Signer->getSubjectName());
comphelper::xmlsec::GetContentPart(rInfo.Signer->getSubjectName(), rInfo.Signer->getCertificateKind());
}
m_xSignedValFt->set_label(s);
}
diff --git a/xmlsecurity/source/dialogs/certificatechooser.cxx b/xmlsecurity/source/dialogs/certificatechooser.cxx
index 4345bb2..929915f 100644
--- a/xmlsecurity/source/dialogs/certificatechooser.cxx
+++ b/xmlsecurity/source/dialogs/certificatechooser.cxx
@@ -206,11 +206,11 @@ void CertificateChooser::ImplInitialize()
userData->xSecurityEnvironment = secEnvironment;
mvUserData.push_back(userData);
OUString sIssuer = xmlsec::GetContentPart( xCert->getIssuerName() );
OUString sIssuer = xmlsec::GetContentPart( xCert->getIssuerName(), xCert->getCertificateKind());
m_xCertLB->append();
int nRow = m_xCertLB->n_children() - 1;
m_xCertLB->set_text(nRow, xmlsec::GetContentPart(xCert->getSubjectName()), 0);
m_xCertLB->set_text(nRow, xmlsec::GetContentPart(xCert->getSubjectName(), xCert->getCertificateKind()), 0);
m_xCertLB->set_text(nRow, sIssuer, 1);
m_xCertLB->set_text(nRow, xmlsec::GetCertificateKind(xCert->getCertificateKind()), 2);
m_xCertLB->set_text(nRow, utl::GetDateString(xCert->getNotValidAfter()), 3);
diff --git a/xmlsecurity/source/dialogs/certificateviewer.cxx b/xmlsecurity/source/dialogs/certificateviewer.cxx
index cb7ce25..3807300 100644
--- a/xmlsecurity/source/dialogs/certificateviewer.cxx
+++ b/xmlsecurity/source/dialogs/certificateviewer.cxx
@@ -106,12 +106,12 @@ CertificateViewerGeneralTP::CertificateViewerGeneralTP(weld::Container* pParent,
// insert data
css::uno::Reference< css::security::XCertificate > xCert = mpDlg->mxCert;
OUString sSubjectName(xmlsec::GetContentPart(xCert->getSubjectName()));
OUString sSubjectName(xmlsec::GetContentPart(xCert->getSubjectName(), xCert->getCertificateKind()));
if (!sSubjectName.isEmpty())
m_xIssuedToFT->set_label(sSubjectName);
else
m_xIssuedToLabelFT->hide();
OUString sIssuerName(xmlsec::GetContentPart(xCert->getIssuerName()));
OUString sIssuerName(xmlsec::GetContentPart(xCert->getIssuerName(), xCert->getCertificateKind()));
if (!sIssuerName.isEmpty())
m_xIssuedByFT->set_label(sIssuerName);
else
@@ -282,7 +282,7 @@ void CertificateViewerCertPathTP::ActivatePage()
for (i = nCnt-1; i >= 0; i--)
{
const Reference< security::XCertificate > rCert = pCertPath[ i ];
OUString sName = xmlsec::GetContentPart( rCert->getSubjectName() );
OUString sName = xmlsec::GetContentPart( rCert->getSubjectName(), rCert->getCertificateKind() );
//Verify the certificate
sal_Int32 certStatus = mpDlg->mxSecurityEnvironment->verifyCertificate(rCert,
Sequence<Reference<css::security::XCertificate> >());
diff --git a/xmlsecurity/source/dialogs/digitalsignaturesdialog.cxx b/xmlsecurity/source/dialogs/digitalsignaturesdialog.cxx
index 5c1c7da..d90bd33 100644
--- a/xmlsecurity/source/dialogs/digitalsignaturesdialog.cxx
+++ b/xmlsecurity/source/dialogs/digitalsignaturesdialog.cxx
@@ -568,8 +568,8 @@ void DigitalSignaturesDialog::ImplFillSignaturesBox()
bCertValid = false;
}
aSubject = xmlsec::GetContentPart( xCert->getSubjectName() );
aIssuer = xmlsec::GetContentPart( xCert->getIssuerName() );
aSubject = xmlsec::GetContentPart( xCert->getSubjectName(), xCert->getCertificateKind() );
aIssuer = xmlsec::GetContentPart( xCert->getIssuerName(), xCert->getCertificateKind() );
}
else if (!rInfo.ouGpgCertificate.isEmpty())
{
diff --git a/xmlsecurity/source/dialogs/macrosecurity.cxx b/xmlsecurity/source/dialogs/macrosecurity.cxx
index 0fbdbcf..1596e32 100644
--- a/xmlsecurity/source/dialogs/macrosecurity.cxx
+++ b/xmlsecurity/source/dialogs/macrosecurity.cxx
@@ -340,8 +340,8 @@ void MacroSecurityTrustedSourcesTP::FillCertLB(const bool bShowWarnings)
{
// create from RawData
uno::Reference< css::security::XCertificate > xCert = m_pDlg->m_xSecurityEnvironment->createCertificateFromAscii(rEntry[2]);
m_xTrustCertLB->append(OUString::number(nEntry), xmlsec::GetContentPart(xCert->getSubjectName()));
m_xTrustCertLB->set_text(nEntry, xmlsec::GetContentPart(xCert->getIssuerName()), 1);
m_xTrustCertLB->append(OUString::number(nEntry), xmlsec::GetContentPart(xCert->getSubjectName(), xCert->getCertificateKind()));
m_xTrustCertLB->set_text(nEntry, xmlsec::GetContentPart(xCert->getIssuerName(), xCert->getCertificateKind()), 1);
m_xTrustCertLB->set_text(nEntry, utl::GetDateTimeString(xCert->getNotValidAfter()), 2);
}
catch (...)
