+
+ public void addAttachment(AttachmentType tp, String data) throws GigiApiException {
+ if (getAttachment(tp) != null) {
+ throw new GigiApiException("Cannot override attachment");
+ }
+ if (data == null) {
+ throw new GigiApiException("Attachment must not be null");
+ }
+ try (GigiPreparedStatement ps = new GigiPreparedStatement("INSERT INTO `certificateAttachment` SET `certid`=?, `type`=?::`certificateAttachmentType`, `content`=?")) {
+ ps.setInt(1, getId());
+ ps.setEnum(2, tp);
+ ps.setString(3, data);
+ ps.execute();
+ }
+ }
+
+ public String getAttachment(AttachmentType tp) throws GigiApiException {
+ try (GigiPreparedStatement ps = new GigiPreparedStatement("SELECT `content` FROM `certificateAttachment` WHERE `certid`=? AND `type`=?::`certificateAttachmentType`")) {
+ ps.setInt(1, getId());
+ ps.setEnum(2, tp);
+ GigiResultSet rs = ps.executeQuery();
+ if ( !rs.next()) {
+ return null;
+ }
+ String s = rs.getString(1);
+ if (rs.next()) {
+ throw new GigiApiException("Invalid database state");
+ }
+ return s;
+ }
+ }
+
+ public void setDescription(String description) {
+ try (GigiPreparedStatement ps = new GigiPreparedStatement("UPDATE `certs` SET `description`=? WHERE `id`=?")) {
+ ps.setString(1, description);
+ ps.setInt(2, id);
+ ps.execute();
+ }
+ this.description = description;
+ }
+
+ public String getDescription() {
+ return description;
+ }
+
+ public static Certificate locateCertificate(String serial, String certData) throws GigiApiException {
+ Certificate c = null;
+
+ if (serial != null && !serial.isEmpty()) {
+ c = getBySerial(normalizeSerial(serial));
+ if (c == null) {
+ return null;
+ }
+ }
+ if (certData != null && !certData.isEmpty()) {
+ X509Certificate c0;
+ X509Certificate cert = null;
+ final byte[] supplied;
+ try {
+ supplied = PEM.decode("CERTIFICATE", certData);
+ c0 = (X509Certificate) CertificateFactory.getInstance("X509").generateCertificate(new ByteArrayInputStream(supplied));
+ } catch (IllegalArgumentException e1) {
+ throw new GigiApiException(NOT_PARSED);
+ } catch (CertificateException e1) {
+ throw new GigiApiException(NOT_PARSED);
+ }
+ try {
+ c = getBySerial(c0.getSerialNumber().toString(16));
+ if (c == null) {
+ return null;
+ }
+ cert = c.cert();
+ if ( !Arrays.equals(supplied, cert.getEncoded())) {
+ return null;
+ }
+ } catch (IOException e) {
+ throw new GigiApiException(NOT_LOADED);
+ } catch (GeneralSecurityException e) {
+ throw new GigiApiException(NOT_LOADED);
+ }
+ }
+ if (c == null) {
+ throw new GigiApiException("No information to identify the correct certificate was provided.");
+ }
+ return c;
+ }
+
+ public static String normalizeSerial(String serial) throws GigiApiException {
+ serial = serial.replace(" ", "");
+ serial = serial.toLowerCase();
+ if (serial.matches("[0-9a-f]{2}(:[0-9a-f]{2})*")) {
+ serial = serial.replace(":", "");
+ }
+ int idx = 0;
+ while (idx < serial.length() && serial.charAt(idx) == '0') {
+ idx++;
+ }
+ serial = serial.substring(idx);
+ if ( !serial.matches("[0-9a-f]+")) {
+ throw new GigiApiException("Malformed serial");
+ }
+ return serial;
+ }