X-Git-Url: https://code.wpia.club/?a=blobdiff_plain;f=src%2Forg%2Fcacert%2Fgigi%2FCertificate.java;h=32ada17f59465b0c001fd5081d83886c0198a5b4;hb=7c8371fe9fd2fdf2fa2512394713060716bcf75c;hp=d7af542b674134f0045e57a162077716bac49b17;hpb=943d8e7ed0ea5a9d56e7e694a3cbd849c52bad16;p=gigi.git diff --git a/src/org/cacert/gigi/Certificate.java b/src/org/cacert/gigi/Certificate.java index d7af542b..32ada17f 100644 --- a/src/org/cacert/gigi/Certificate.java +++ b/src/org/cacert/gigi/Certificate.java @@ -11,6 +11,10 @@ import java.security.cert.X509Certificate; import java.sql.PreparedStatement; import java.sql.ResultSet; import java.sql.SQLException; +import java.util.Arrays; +import java.util.Collections; +import java.util.LinkedList; +import java.util.List; import org.cacert.gigi.database.DatabaseConnection; import org.cacert.gigi.util.Job; @@ -20,6 +24,41 @@ import org.cacert.gigi.util.Notary; public class Certificate { + public enum SANType { + EMAIL("email"), DNS("DNS"); + + private final String opensslName; + + private SANType(String opensslName) { + this.opensslName = opensslName; + } + + public String getOpensslName() { + return opensslName; + } + } + + public static class SubjectAlternateName { + + private SANType type; + + private String name; + + public SubjectAlternateName(SANType type, String name) { + this.type = type; + this.name = name; + } + + public String getName() { + return name; + } + + public SANType getType() { + return type; + } + + } + public enum CSRType { CSR, SPKAC; } @@ -42,12 +81,15 @@ public class Certificate { private CSRType csrType; - public Certificate(int ownerId, String dn, String md, String csr, CSRType csrType) { + private List sans; + + public Certificate(int ownerId, String dn, String md, String csr, CSRType csrType, SubjectAlternateName... sans) { this.ownerId = ownerId; this.dn = dn; this.md = md; this.csr = csr; this.csrType = csrType; + this.sans = Arrays.asList(sans); } private Certificate(String serial) { @@ -65,6 +107,16 @@ public class Certificate { crtName = rs.getString(5); ownerId = rs.getInt(6); this.serial = serial; + + PreparedStatement ps2 = DatabaseConnection.getInstance().prepare("SELECT contents, type FROM `subjectAlternativeNames` WHERE certId=?"); + ps2.setInt(1, id); + ResultSet rs2 = ps2.executeQuery(); + sans = new LinkedList<>(); + while (rs2.next()) { + sans.add(new SubjectAlternateName(SANType.valueOf(rs2.getString("type").toUpperCase()), rs2.getString("contents"))); + } + rs2.close(); + rs.close(); } catch (SQLException e) { e.printStackTrace(); @@ -126,7 +178,7 @@ public class Certificate { } Notary.writeUserAgreement(ownerId, "CCA", "issue certificate", "", true, 0); - PreparedStatement inserter = DatabaseConnection.getInstance().prepare("INSERT INTO emailcerts SET md=?, subject=?, csr_type=?, crt_name='', memid=?"); + PreparedStatement inserter = DatabaseConnection.getInstance().prepare("INSERT INTO emailcerts SET md=?, subject=?, csr_type=?, crt_name='', memid=?, profile=1"); inserter.setString(1, md); inserter.setString(2, dn); inserter.setString(3, csrType.toString()); @@ -139,6 +191,15 @@ public class Certificate { fos.write(csr.getBytes()); fos.close(); + // TODO draft to insert SANs + PreparedStatement san = DatabaseConnection.getInstance().prepare("INSERT INTO subjectAlternativeNames SET certId=?, contents=?, type=?"); + for (SubjectAlternateName subjectAlternateName : sans) { + san.setInt(1, id); + san.setString(2, subjectAlternateName.getName()); + san.setString(3, subjectAlternateName.getType().getOpensslName()); + san.execute(); + } + PreparedStatement updater = DatabaseConnection.getInstance().prepare("UPDATE emailcerts SET csr_name=? WHERE id=?"); updater.setString(1, csrName); updater.setInt(2, id); @@ -203,6 +264,10 @@ public class Certificate { return ownerId; } + public List getSans() { + return Collections.unmodifiableList(sans); + } + public static Certificate getBySerial(String serial) { // TODO caching? try {