gtk: Certificate viewer should show both A-label and U-label for CN and SubjectAltName IDNs

chrome/third_party/mozilla_security_manager/nsNSSCertHelper.cpp

 /* ***** BEGIN LICENSE BLOCK *****
  * Version: MPL 1.1/GPL 2.0/LGPL 2.1
  *
  * The contents of this file are subject to the Mozilla Public License Version
  * 1.1 (the "License"); you may not use this file except in compliance with
  * the License. You may obtain a copy of the License at
  * http://www.mozilla.org/MPL/
  *
  * Software distributed under the License is distributed on an "AS IS" basis,
  * WITHOUT WARRANTY OF ANY KIND, either express or implied. See the License
@@ skipping 24 matching lines @@
  * and other provisions required by the GPL or the LGPL. If you do not delete
  * the provisions above, a recipient may use your version of this file under
  * the terms of any one of the MPL, the GPL or the LGPL.
  *
  * ***** END LICENSE BLOCK ***** */
 
 #include "chrome/third_party/mozilla_security_manager/nsNSSCertHelper.h"
 
 #include <keyhi.h>
 #include <prprf.h>
+#include <unicode/uidna.h>
 
 #include "app/l10n_util.h"
 #include "base/i18n/number_formatting.h"
 #include "base/utf_string_conversions.h"
 #include "chrome/third_party/mozilla_security_manager/nsNSSCertTrust.h"
 #include "grit/generated_resources.h"
 #include "net/base/net_util.h"
 
 namespace {
 
@@ skipping 104 matching lines @@
   return ret;
 }
 
 std::string ProcessRawBits(SECItem* data) {
   SECItem bytedata;
   bytedata.data = data->data;
   bytedata.len = data->len / 8;
   return ProcessRawBytes(&bytedata);
 }
 
+std::string ProcessIDN(const std::string& input) {
+  // Convert the ASCII input to a string16 for ICU.
+  string16 input16;
+  input16.reserve(input.length());
+  std::copy(input.begin(), input.end(), std::back_inserter(input16));
+
+  string16 output16;
+  output16.resize(input.length());
+
+  UErrorCode status = U_ZERO_ERROR;
+  int output_chars = uidna_IDNToUnicode(input16.data(), input.length(),
+                                        &output16[0], output16.length(),
+                                        UIDNA_DEFAULT, NULL, &status);
+  if (status == U_ZERO_ERROR) {
+    output16.resize(output_chars);
+  } else if (status != U_BUFFER_OVERFLOW_ERROR) {
+    return input;
+  } else {
+    output16.resize(output_chars);
+    output_chars = uidna_IDNToUnicode(input16.data(), input.length(),
+                                      &output16[0], output16.length(),
+                                      UIDNA_DEFAULT, NULL, &status);
+    if (status != U_ZERO_ERROR)
+      return input;
+    DCHECK_EQ(static_cast<size_t>(output_chars), output16.length());
+    output16.resize(output_chars);  // Just to be safe.
+  }
+
+  if (input16 == output16)
+    return input;  // Input did not contain any encoded data.
+
+  // Input contained encoded data, return formatted string showing original and
+  // decoded forms.
+  return l10n_util::GetStringFUTF8(IDS_CERT_INFO_IDN_VALUE_FORMAT,
+                                   input16, output16);
+}
+
 std::string DumpOidString(SECItem* oid) {
   char* pr_string = CERT_GetOidString(oid);
   if (pr_string) {
     std::string rv = pr_string;
     PR_smprintf_free(pr_string);
     return rv;
   }
 
   return ProcessRawBytes(oid);
 }
@@ skipping 197 matching lines @@
       else
         string_id = -1;
       break;
   }
   if (string_id >= 0)
     return l10n_util::GetStringUTF8(string_id);
 
   return DumpOidString(oid);
 }
 
-
 // Get a display string from a Relative Distinguished Name.
 std::string ProcessRDN(CERTRDN* rdn) {
   std::string rv;
 
   CERTAVA** avas = rdn->avas;
   for (size_t i = 0; avas[i] != NULL; ++i) {
     rv += GetOIDText(&avas[i]->type);
     SECItem* decode_item = CERT_DecodeAVAValue(&avas[i]->value);
     if (decode_item) {
       // TODO(mattm): Pass decode_item to CERT_RFC1485_EscapeAndQuote.
       rv += " = ";
       std::string value(reinterpret_cast<char*>(decode_item->data),
                         decode_item->len);
+      if (SECOID_FindOIDTag(&avas[i]->type) == SEC_OID_AVA_COMMON_NAME)
+        value = ProcessIDN(value);
       rv += value;
       SECITEM_FreeItem(decode_item, PR_TRUE);
     }
     rv += '\n';
   }
 
   return rv;
 }
 
 std::string ProcessName(CERTName* name) {
@@ skipping 84 matching lines @@
     }
     case certRFC822Name:
       key = l10n_util::GetStringUTF8(IDS_CERT_GENERAL_NAME_RFC822_NAME);
       value = std::string(reinterpret_cast<char*>(current->name.other.data),
                           current->name.other.len);
       break;
     case certDNSName:
       key = l10n_util::GetStringUTF8(IDS_CERT_GENERAL_NAME_DNS_NAME);
       value = std::string(reinterpret_cast<char*>(current->name.other.data),
                           current->name.other.len);
+      value = ProcessIDN(value);
       break;
     case certX400Address:
       key = l10n_util::GetStringUTF8(IDS_CERT_GENERAL_NAME_X400_ADDRESS);
       value = ProcessRawBytes(&current->name.other);
       break;
     case certDirectoryName:
       key = l10n_util::GetStringUTF8(IDS_CERT_GENERAL_NAME_DIRECTORY_NAME);
       value = ProcessName(&current->name.directoryName);
       break;
     case certEDIPartyName:
@@ skipping 47 matching lines @@
 
 std::string ProcessGeneralNames(PRArenaPool* arena,
                                 CERTGeneralName* name_list) {
   std::string rv;
   CERTGeneralName* current = name_list;
 
   do {
     std::string text = ProcessGeneralName(arena, current);
     if (text.empty())
       break;
-    rv += text + '\n';
+    rv += text;
     current = CERT_GetNextGeneralName(current);
   } while (current != name_list);
   return rv;
 }
 
 std::string ProcessAltName(SECItem* extension_data) {
   CERTGeneralName* name_list;
 
   ScopedPRArenaPool arena(PORT_NewArena(DER_DEFAULT_CHUNKSIZE));
   CHECK(arena.get());
@@ skipping 358 matching lines @@
   if (trust.HasPeer(PR_FALSE, PR_TRUE, PR_FALSE) && cert->emailAddr)
     return EMAIL_CERT;
   if (CERT_IsCACert(cert, NULL))
     return CA_CERT;
   if (cert->emailAddr)
     return EMAIL_CERT;
   return UNKNOWN_CERT;
 }
 
 }  // namespace mozilla_security_manager