X-Git-Url: https://code.wpia.club/?a=blobdiff_plain;f=src%2Forg%2Fcacert%2Fgigi%2FCertificate.java;h=7a13b45f945d1b1935032102ac0732d18b7f9411;hb=2233a655b4ef4c1122a406e83a0e6334b9fd49b6;hp=f2011052c7b4fb16b84a3a3bd5e51bec99b9af5c;hpb=e9336bb2781a287a5542179208a869acd17c9a5a;p=gigi.git diff --git a/src/org/cacert/gigi/Certificate.java b/src/org/cacert/gigi/Certificate.java index f2011052..7a13b45f 100644 --- a/src/org/cacert/gigi/Certificate.java +++ b/src/org/cacert/gigi/Certificate.java @@ -13,38 +13,50 @@ import java.sql.ResultSet; import java.sql.SQLException; import org.cacert.gigi.database.DatabaseConnection; +import org.cacert.gigi.util.Job; +import org.cacert.gigi.util.Job.JobType; import org.cacert.gigi.util.KeyStorage; +import org.cacert.gigi.util.Notary; public class Certificate { + public enum CSRType { + CSR, SPKAC; + } + private int id; - private int serial; + private int ownerId; + private String serial; private String dn; private String md; private String csrName; private String crtName; private String csr = null; - public Certificate(String dn, String md, String csr) { + private CSRType csrType; + + public Certificate(int ownerId, String dn, String md, String csr, CSRType csrType) { + this.ownerId = ownerId; this.dn = dn; this.md = md; this.csr = csr; + this.csrType = csrType; } - public Certificate(int id) { + private Certificate(String serial) { try { - PreparedStatement ps = DatabaseConnection - .getInstance() - .prepare( - "SELECT subject, md, csr_name, crt_name FROM `emailcerts` WHERE id=?"); - ps.setInt(1, id); + PreparedStatement ps = DatabaseConnection.getInstance().prepare( + "SELECT id,subject, md, csr_name, crt_name,memid FROM `emailcerts` WHERE serial=?"); + ps.setString(1, serial); ResultSet rs = ps.executeQuery(); if (!rs.next()) { - throw new IllegalArgumentException("Invalid mid " + id); + throw new IllegalArgumentException("Invalid mid " + serial); } - this.id = id; - dn = rs.getString(1); - md = rs.getString(2); - csrName = rs.getString(3); - crtName = rs.getString(4); + this.id = rs.getInt(1); + dn = rs.getString(2); + md = rs.getString(3); + csrName = rs.getString(4); + crtName = rs.getString(5); + ownerId = rs.getInt(6); + this.serial = serial; rs.close(); } catch (SQLException e) { e.printStackTrace(); @@ -56,139 +68,90 @@ public class Certificate { * This certificate is not in the database, has no id and only exists as * this java object. */ - DRAFT(false), - /** - * The certificate has been written to the database and is waiting for - * the signer to sign it. - */ - SIGNING(true), + DRAFT(), /** * The certificate has been signed. It is stored in the database. * {@link Certificate#cert()} is valid. */ - ISSUED(false), - /** - * The cetrificate is about to be revoked by the signer bot. - */ - BEING_REVOKED(true), + ISSUED(), /** * The certificate has been revoked. */ - REVOKED(false), + REVOKED(), /** * If this certificate cannot be updated because an error happened in * the signer. */ - ERROR(false); - - private boolean unstable; + ERROR(); - private CertificateStatus(boolean unstable) { - this.unstable = unstable; - } - /** - * Checks, iff this certificate stage will be left by signer actions. - * - * @return True, iff this certificate stage will be left by signer - * actions. - */ - public boolean isUnstable() { - return unstable; + private CertificateStatus() { } } + public CertificateStatus getStatus() throws SQLException { if (id == 0) { return CertificateStatus.DRAFT; } - PreparedStatement searcher = DatabaseConnection - .getInstance() - .prepare( - "SELECT crt_name, created, revoked, warning FROM emailcerts WHERE id=?"); + PreparedStatement searcher = DatabaseConnection.getInstance().prepare( + "SELECT crt_name, created, revoked, serial FROM emailcerts WHERE id=?"); searcher.setInt(1, id); ResultSet rs = searcher.executeQuery(); if (!rs.next()) { throw new IllegalStateException("Certificate not in Database"); } - if (rs.getInt(4) >= 3) { - return CertificateStatus.ERROR; - } - if (rs.getString(2) == null) { - return CertificateStatus.SIGNING; - } crtName = rs.getString(1); - System.out.println(crtName); + serial = rs.getString(4); + if (rs.getTime(2) == null) { + return CertificateStatus.DRAFT; + } if (rs.getTime(2) != null && rs.getTime(3) == null) { return CertificateStatus.ISSUED; } - if (rs.getTime(2) != null - && rs.getString(3).equals("1970-01-01 00:00:00.0")) { - return CertificateStatus.BEING_REVOKED; - } return CertificateStatus.REVOKED; } - public void issue() throws IOException { - try { - if (getStatus() != CertificateStatus.DRAFT) { - throw new IllegalStateException(); - } - PreparedStatement inserter = DatabaseConnection - .getInstance() - .prepare( - "INSERT INTO emailcerts SET md=?, subject=?, coll_found=0, crt_name=''"); - inserter.setString(1, md); - inserter.setString(2, dn); - inserter.execute(); - id = DatabaseConnection.lastInsertId(inserter); - File csrFile = KeyStorage.locateCsr(id); - csrName = csrFile.getPath(); - FileOutputStream fos = new FileOutputStream(csrFile); - fos.write(csr.getBytes()); - fos.close(); - - PreparedStatement updater = DatabaseConnection.getInstance() - .prepare("UPDATE emailcerts SET csr_name=? WHERE id=?"); - updater.setString(1, csrName); - updater.setInt(2, id); - updater.execute(); - } catch (SQLException e) { - e.printStackTrace(); + public Job issue() throws IOException, SQLException { + if (getStatus() != CertificateStatus.DRAFT) { + throw new IllegalStateException(); } + Notary.writeUserAgreement(ownerId, "CCA", "issue certificate", "", true, 0); + + PreparedStatement inserter = DatabaseConnection.getInstance().prepare( + "INSERT INTO emailcerts SET md=?, subject=?, csr_type=?, crt_name='', memid=?"); + inserter.setString(1, md); + inserter.setString(2, dn); + inserter.setString(3, csrType.toString()); + inserter.setInt(4, ownerId); + inserter.execute(); + id = DatabaseConnection.lastInsertId(inserter); + File csrFile = KeyStorage.locateCsr(id); + csrName = csrFile.getPath(); + FileOutputStream fos = new FileOutputStream(csrFile); + fos.write(csr.getBytes()); + fos.close(); + + PreparedStatement updater = DatabaseConnection.getInstance().prepare( + "UPDATE emailcerts SET csr_name=? WHERE id=?"); + updater.setString(1, csrName); + updater.setInt(2, id); + updater.execute(); + return Job.submit(this, JobType.SIGN); } - public boolean waitFor(int max) throws SQLException, InterruptedException { - long start = System.currentTimeMillis(); - while (getStatus().isUnstable()) { - if (max != 0 && System.currentTimeMillis() - start > max) { - return false; - } - Thread.sleep((long) (2000 + Math.random() * 2000)); - } - return true; - } - public void revoke() { - try { - if (getStatus() != CertificateStatus.ISSUED) { - throw new IllegalStateException(); - } - PreparedStatement inserter = DatabaseConnection - .getInstance() - .prepare( - "UPDATE emailcerts SET revoked = '1970-01-01' WHERE id=?"); - inserter.setInt(1, id); - inserter.execute(); - } catch (SQLException e) { - e.printStackTrace(); + + public Job revoke() throws SQLException { + if (getStatus() != CertificateStatus.ISSUED) { + throw new IllegalStateException(); } + return Job.submit(this, JobType.REVOKE); } - public X509Certificate cert() throws IOException, GeneralSecurityException, - SQLException { + public X509Certificate cert() throws IOException, GeneralSecurityException, SQLException { CertificateStatus status = getStatus(); if (status != CertificateStatus.ISSUED) { throw new IllegalStateException(status + " is not wanted here."); @@ -206,20 +169,44 @@ public class Certificate { } return crt; } + public Certificate renew() { return null; } + public int getId() { return id; } - public int getSerial() { + + public String getSerial() { + try { + getStatus(); + } catch (SQLException e) { + e.printStackTrace(); + } // poll changes return serial; } + public String getDistinguishedName() { return dn; } + public String getMessageDigest() { return md; } + public int getOwnerId() { + return ownerId; + } + + public static Certificate getBySerial(String serial) { + // TODO caching? + try { + return new Certificate(serial); + } catch (IllegalArgumentException e) { + + } + return null; + } + }