diff options
| -rw-r--r-- | chrome/app/generated_resources.grd | 3 | ||||
| -rw-r--r-- | chrome/browser/gtk/certificate_manager.cc | 3 | ||||
| -rw-r--r-- | chrome/browser/gtk/certificate_viewer.cc | 4 | ||||
| -rw-r--r-- | chrome/third_party/mozilla_security_manager/nsNSSCertHelper.cpp | 44 | ||||
| -rw-r--r-- | chrome/third_party/mozilla_security_manager/nsNSSCertHelper.h | 5 |
5 files changed, 54 insertions, 5 deletions
diff --git a/chrome/app/generated_resources.grd b/chrome/app/generated_resources.grd index ec923a0..848ba5b 100644 --- a/chrome/app/generated_resources.grd +++ b/chrome/app/generated_resources.grd @@ -2594,6 +2594,9 @@ each locale. --> <message name="IDS_CERT_INFO_COMMON_NAME_LABEL" desc="The label of the Common Name field in the general page of the certificate info dialog. (CN) is the name of this field in the standard"> Common Name (CN) </message> + <message name="IDS_CERT_INFO_IDN_VALUE_FORMAT" desc="The format of values for Common Name and SubjectAltName fields in the certificate info dialog when a name is an Internationalized Domain Name."> + <ph name="ASCII_NAME">$1<ex>xn--hxajbheg2az3al.xn--jxalpdlp</ex></ph> (<ph name="UNICODE_NAME">$2<ex>παράδειγμα.δοκιμή</ex></ph>) + </message> <message name="IDS_CERT_INFO_ORGANIZATION_LABEL" desc="The label of the Organization field in the general page of the certificate info dialog. (O) is the name of this field in the standard"> Organization (O) </message> diff --git a/chrome/browser/gtk/certificate_manager.cc b/chrome/browser/gtk/certificate_manager.cc index 5ce3543..0b73ea4 100644 --- a/chrome/browser/gtk/certificate_manager.cc +++ b/chrome/browser/gtk/certificate_manager.cc @@ -249,7 +249,8 @@ void CertificatePage::PopulateTree(CERTCertList* cert_list) { org_tree_map_iter = org_tree_map.insert(std::make_pair(org, iter)).first; } - std::string name = Stringize(CERT_GetCommonName(&cert->subject)); + std::string name = psm::ProcessIDN( + Stringize(CERT_GetCommonName(&cert->subject))); if (name.empty() && cert->nickname) { name = cert->nickname; // Hack copied from mozilla: Cut off text before first :, which seems to diff --git a/chrome/browser/gtk/certificate_viewer.cc b/chrome/browser/gtk/certificate_viewer.cc index 779fe58..7a041c2 100644 --- a/chrome/browser/gtk/certificate_viewer.cc +++ b/chrome/browser/gtk/certificate_viewer.cc @@ -284,7 +284,7 @@ void CertificateViewer::InitGeneralPage() { l10n_util::GetStringUTF8(IDS_CERT_INFO_SUBJECT_GROUP)); AddKeyValue(table, row++, l10n_util::GetStringUTF8(IDS_CERT_INFO_COMMON_NAME_LABEL), - Stringize(CERT_GetCommonName(&cert->subject))); + psm::ProcessIDN(Stringize(CERT_GetCommonName(&cert->subject)))); AddKeyValue(table, row++, l10n_util::GetStringUTF8(IDS_CERT_INFO_ORGANIZATION_LABEL), Stringize(CERT_GetOrgName(&cert->subject))); @@ -301,7 +301,7 @@ void CertificateViewer::InitGeneralPage() { l10n_util::GetStringUTF8(IDS_CERT_INFO_ISSUER_GROUP)); AddKeyValue(table, row++, l10n_util::GetStringUTF8(IDS_CERT_INFO_COMMON_NAME_LABEL), - Stringize(CERT_GetCommonName(&cert->issuer))); + psm::ProcessIDN(Stringize(CERT_GetCommonName(&cert->issuer)))); AddKeyValue(table, row++, l10n_util::GetStringUTF8(IDS_CERT_INFO_ORGANIZATION_LABEL), Stringize(CERT_GetOrgName(&cert->issuer))); diff --git a/chrome/third_party/mozilla_security_manager/nsNSSCertHelper.cpp b/chrome/third_party/mozilla_security_manager/nsNSSCertHelper.cpp index 8b8e279..360ff3f 100644 --- a/chrome/third_party/mozilla_security_manager/nsNSSCertHelper.cpp +++ b/chrome/third_party/mozilla_security_manager/nsNSSCertHelper.cpp @@ -42,6 +42,7 @@ #include <keyhi.h> #include <prprf.h> +#include <unicode/uidna.h> #include "app/l10n_util.h" #include "base/i18n/number_formatting.h" @@ -166,6 +167,43 @@ std::string ProcessRawBits(SECItem* data) { return ProcessRawBytes(&bytedata); } +std::string ProcessIDN(const std::string& input) { + // Convert the ASCII input to a string16 for ICU. + string16 input16; + input16.reserve(input.length()); + std::copy(input.begin(), input.end(), std::back_inserter(input16)); + + string16 output16; + output16.resize(input.length()); + + UErrorCode status = U_ZERO_ERROR; + int output_chars = uidna_IDNToUnicode(input16.data(), input.length(), + &output16[0], output16.length(), + UIDNA_DEFAULT, NULL, &status); + if (status == U_ZERO_ERROR) { + output16.resize(output_chars); + } else if (status != U_BUFFER_OVERFLOW_ERROR) { + return input; + } else { + output16.resize(output_chars); + output_chars = uidna_IDNToUnicode(input16.data(), input.length(), + &output16[0], output16.length(), + UIDNA_DEFAULT, NULL, &status); + if (status != U_ZERO_ERROR) + return input; + DCHECK_EQ(static_cast<size_t>(output_chars), output16.length()); + output16.resize(output_chars); // Just to be safe. + } + + if (input16 == output16) + return input; // Input did not contain any encoded data. + + // Input contained encoded data, return formatted string showing original and + // decoded forms. + return l10n_util::GetStringFUTF8(IDS_CERT_INFO_IDN_VALUE_FORMAT, + input16, output16); +} + std::string DumpOidString(SECItem* oid) { char* pr_string = CERT_GetOidString(oid); if (pr_string) { @@ -383,7 +421,6 @@ std::string GetOIDText(SECItem* oid) { return DumpOidString(oid); } - // Get a display string from a Relative Distinguished Name. std::string ProcessRDN(CERTRDN* rdn) { std::string rv; @@ -397,6 +434,8 @@ std::string ProcessRDN(CERTRDN* rdn) { rv += " = "; std::string value(reinterpret_cast<char*>(decode_item->data), decode_item->len); + if (SECOID_FindOIDTag(&avas[i]->type) == SEC_OID_AVA_COMMON_NAME) + value = ProcessIDN(value); rv += value; SECITEM_FreeItem(decode_item, PR_TRUE); } @@ -501,6 +540,7 @@ std::string ProcessGeneralName(PRArenaPool* arena, key = l10n_util::GetStringUTF8(IDS_CERT_GENERAL_NAME_DNS_NAME); value = std::string(reinterpret_cast<char*>(current->name.other.data), current->name.other.len); + value = ProcessIDN(value); break; case certX400Address: key = l10n_util::GetStringUTF8(IDS_CERT_GENERAL_NAME_X400_ADDRESS); @@ -568,7 +608,7 @@ std::string ProcessGeneralNames(PRArenaPool* arena, std::string text = ProcessGeneralName(arena, current); if (text.empty()) break; - rv += text + '\n'; + rv += text; current = CERT_GetNextGeneralName(current); } while (current != name_list); return rv; diff --git a/chrome/third_party/mozilla_security_manager/nsNSSCertHelper.h b/chrome/third_party/mozilla_security_manager/nsNSSCertHelper.h index 9c98fbd..271d88e 100644 --- a/chrome/third_party/mozilla_security_manager/nsNSSCertHelper.h +++ b/chrome/third_party/mozilla_security_manager/nsNSSCertHelper.h @@ -81,6 +81,11 @@ std::string ProcessRawBytes(SECItem* data); // For fields which have the length specified in bits, rather than bytes. std::string ProcessRawBits(SECItem* data); +// For host values, if they contain IDN Punycode-encoded A-labels, this will +// return a string suitable for display that contains both the original and the +// decoded U-label form. Otherwise, the string will be returned as is. +std::string ProcessIDN(const std::string& input); + std::string DumpOidString(SECItem* oid); std::string GetOIDText(SECItem* oid); |