X-Git-Url: https://code.wpia.club/?a=blobdiff_plain;f=src%2Forg%2Fcacert%2Fgigi%2FCertificate.java;h=71fb5b72fb37453b09293ad6cf8d92f000f5c012;hb=c65ba6025305b2c4eb238f19fe14e9ef9fd0d50b;hp=47efacce6b33df4e4d38a86f8b73a91ee50c1c2a;hpb=35733d6e3c2b8706de5739d3d1ef6cc93a8ea5f6;p=gigi.git diff --git a/src/org/cacert/gigi/Certificate.java b/src/org/cacert/gigi/Certificate.java index 47efacce..71fb5b72 100644 --- a/src/org/cacert/gigi/Certificate.java +++ b/src/org/cacert/gigi/Certificate.java @@ -17,53 +17,116 @@ import org.cacert.gigi.util.KeyStorage; public class Certificate { private int id; + private int ownerId; private int serial; private String dn; private String md; private String csrName; private String crtName; private String csr = null; - public Certificate(String dn, String md, String csr) { + + public Certificate(int ownerId, String dn, String md, String csr) { + this.ownerId = ownerId; this.dn = dn; this.md = md; this.csr = csr; } + public Certificate(int id) { + try { + PreparedStatement ps = DatabaseConnection.getInstance().prepare( + "SELECT id,subject, md, csr_name, crt_name,memid FROM `emailcerts` WHERE serial=?"); + ps.setInt(1, id); + ResultSet rs = ps.executeQuery(); + if (!rs.next()) { + throw new IllegalArgumentException("Invalid mid " + id); + } + this.id = rs.getInt(1); + dn = rs.getString(2); + md = rs.getString(3); + csrName = rs.getString(4); + crtName = rs.getString(5); + ownerId = rs.getInt(6); + serial = id; + rs.close(); + } catch (SQLException e) { + e.printStackTrace(); + } + } + public enum CertificateStatus { - DRAFT(false), BEING_ISSUED(true), ISSUED(false), BEING_REVOKED(true), REVOKED( - false); + /** + * This certificate is not in the database, has no id and only exists as + * this java object. + */ + DRAFT(false), + /** + * The certificate has been written to the database and is waiting for + * the signer to sign it. + */ + SIGNING(true), + /** + * The certificate has been signed. It is stored in the database. + * {@link Certificate#cert()} is valid. + */ + ISSUED(false), + /** + * The cetrificate is about to be revoked by the signer bot. + */ + BEING_REVOKED(true), + + /** + * The certificate has been revoked. + */ + REVOKED(false), + + /** + * If this certificate cannot be updated because an error happened in + * the signer. + */ + ERROR(false); private boolean unstable; private CertificateStatus(boolean unstable) { this.unstable = unstable; } + + /** + * Checks, iff this certificate stage will be left by signer actions. + * + * @return True, iff this certificate stage will be left by signer + * actions. + */ public boolean isUnstable() { return unstable; } } + public CertificateStatus getStatus() throws SQLException { if (id == 0) { return CertificateStatus.DRAFT; } PreparedStatement searcher = DatabaseConnection.getInstance().prepare( - "SELECT crt_name, created, revoked FROM emailcerts WHERE id=?"); + "SELECT crt_name, created, revoked, warning FROM emailcerts WHERE id=?"); searcher.setInt(1, id); ResultSet rs = searcher.executeQuery(); if (!rs.next()) { throw new IllegalStateException("Certificate not in Database"); } + if (rs.getInt(4) >= 3) { + return CertificateStatus.ERROR; + } + if (rs.getString(2) == null) { - return CertificateStatus.BEING_ISSUED; + return CertificateStatus.SIGNING; } crtName = rs.getString(1); - System.out.println(crtName); if (rs.getTime(2) != null && rs.getTime(3) == null) { return CertificateStatus.ISSUED; } - if (rs.getTime(2) != null - && rs.getString(3).equals("1970-01-01 00:00:00.0")) { + if (rs.getTime(2) != null && rs.getString(3).equals("1970-01-01 00:00:00.0")) { return CertificateStatus.BEING_REVOKED; } return CertificateStatus.REVOKED; @@ -74,12 +137,11 @@ public class Certificate { if (getStatus() != CertificateStatus.DRAFT) { throw new IllegalStateException(); } - PreparedStatement inserter = DatabaseConnection - .getInstance() - .prepare( - "INSERT INTO emailcerts SET md=?, subject=?, coll_found=0, crt_name=''"); + PreparedStatement inserter = DatabaseConnection.getInstance().prepare( + "INSERT INTO emailcerts SET md=?, subject=?, coll_found=0, crt_name='', memid=?"); inserter.setString(1, md); inserter.setString(2, dn); + inserter.setInt(3, ownerId); inserter.execute(); id = DatabaseConnection.lastInsertId(inserter); File csrFile = KeyStorage.locateCsr(id); @@ -88,8 +150,8 @@ public class Certificate { fos.write(csr.getBytes()); fos.close(); - PreparedStatement updater = DatabaseConnection.getInstance() - .prepare("UPDATE emailcerts SET csr_name=? WHERE id=?"); + PreparedStatement updater = DatabaseConnection.getInstance().prepare( + "UPDATE emailcerts SET csr_name=? WHERE id=?"); updater.setString(1, csrName); updater.setInt(2, id); updater.execute(); @@ -98,6 +160,7 @@ public class Certificate { } } + public boolean waitFor(int max) throws SQLException, InterruptedException { long start = System.currentTimeMillis(); while (getStatus().isUnstable()) { @@ -108,15 +171,14 @@ public class Certificate { } return true; } + public void revoke() { try { if (getStatus() != CertificateStatus.ISSUED) { throw new IllegalStateException(); } - PreparedStatement inserter = DatabaseConnection - .getInstance() - .prepare( - "UPDATE emailcerts SET revoked = '1970-01-01' WHERE id=?"); + PreparedStatement inserter = DatabaseConnection.getInstance().prepare( + "UPDATE emailcerts SET revoked = '1970-01-01' WHERE id=?"); inserter.setInt(1, id); inserter.execute(); } catch (SQLException e) { @@ -125,8 +187,7 @@ public class Certificate { } - public X509Certificate cert() throws IOException, GeneralSecurityException, - SQLException { + public X509Certificate cert() throws IOException, GeneralSecurityException, SQLException { CertificateStatus status = getStatus(); if (status != CertificateStatus.ISSUED) { throw new IllegalStateException(status + " is not wanted here."); @@ -144,20 +205,29 @@ public class Certificate { } return crt; } + public Certificate renew() { return null; } + public int getId() { return id; } + public int getSerial() { return serial; } + public String getDistinguishedName() { return dn; } + public String getMessageDigest() { return md; } + public int getOwnerId() { + return ownerId; + } + }