private String dnString;
+ private CACertificate ca;
+
public Certificate(User owner, HashMap<String, String> dn, String md, String csr, CSRType csrType, CertificateProfile profile, SubjectAlternateName... sans) throws GigiApiException {
- if ( !owner.canIssue(profile)) {
+ if ( !profile.canBeIssuedBy(owner)) {
throw new GigiApiException("You are not allowed to issue these certificates.");
}
this.owner = owner;
}
- public CertificateStatus getStatus() {
+ public synchronized CertificateStatus getStatus() {
if (id == 0) {
return CertificateStatus.DRAFT;
}
- GigiPreparedStatement searcher = DatabaseConnection.getInstance().prepare("SELECT crt_name, created, revoked, serial FROM certs WHERE id=?");
+ GigiPreparedStatement searcher = DatabaseConnection.getInstance().prepare("SELECT crt_name, created, revoked, serial, caid FROM certs WHERE id=?");
searcher.setInt(1, id);
GigiResultSet rs = searcher.executeQuery();
if ( !rs.next()) {
if (rs.getTimestamp(2) == null) {
return CertificateStatus.DRAFT;
}
+ ca = CACertificate.getById(rs.getInt("caid"));
if (rs.getTimestamp(2) != null && rs.getTimestamp(3) == null) {
return CertificateStatus.ISSUED;
}
}
File csrFile = KeyStorage.locateCsr(id);
csrName = csrFile.getPath();
- FileOutputStream fos = new FileOutputStream(csrFile);
- fos.write(csr.getBytes());
- fos.close();
+ try (FileOutputStream fos = new FileOutputStream(csrFile)) {
+ fos.write(csr.getBytes("UTF-8"));
+ }
GigiPreparedStatement updater = DatabaseConnection.getInstance().prepare("UPDATE certs SET csr_name=? WHERE id=?");
updater.setString(1, csrName);
}
+ public CACertificate getParent() {
+ CertificateStatus status = getStatus();
+ if (status != CertificateStatus.REVOKED && status != CertificateStatus.ISSUED) {
+ throw new IllegalStateException(status + " is not wanted here.");
+ }
+ return ca;
+ }
+
public X509Certificate cert() throws IOException, GeneralSecurityException {
CertificateStatus status = getStatus();
if (status != CertificateStatus.REVOKED && status != CertificateStatus.ISSUED) {
}
public static Certificate getBySerial(String serial) {
+ if (serial == null || "".equals(serial)) {
+ return null;
+ }
// TODO caching?
try {
return new Certificate(serial);