X-Git-Url: https://code.wpia.club/?a=blobdiff_plain;f=src%2Forg%2Fcacert%2Fgigi%2FCertificate.java;h=8094419ba3473f2c95f43bc0f3ac461519ca2e52;hb=ccccf71df5e25af791078b408eab30e162926868;hp=a2645c62d22ebe231b496e15fe22519602febc7d;hpb=b0a970a60d0001260594468f3ffffbf92a19bc44;p=gigi.git diff --git a/src/org/cacert/gigi/Certificate.java b/src/org/cacert/gigi/Certificate.java index a2645c62..8094419b 100644 --- a/src/org/cacert/gigi/Certificate.java +++ b/src/org/cacert/gigi/Certificate.java @@ -8,6 +8,7 @@ import java.io.InputStream; import java.security.GeneralSecurityException; import java.security.cert.CertificateFactory; import java.security.cert.X509Certificate; +import java.sql.Date; import java.sql.PreparedStatement; import java.sql.ResultSet; import java.sql.SQLException; @@ -18,7 +19,6 @@ import java.util.List; import org.cacert.gigi.database.DatabaseConnection; import org.cacert.gigi.util.Job; -import org.cacert.gigi.util.Job.JobType; import org.cacert.gigi.util.KeyStorage; import org.cacert.gigi.util.Notary; @@ -38,7 +38,7 @@ public class Certificate { } } - public static class SubjectAlternateName { + public static class SubjectAlternateName implements Comparable { private SANType type; @@ -57,6 +57,49 @@ public class Certificate { return type; } + @Override + public int compareTo(SubjectAlternateName o) { + int i = type.compareTo(o.type); + if (i != 0) { + return i; + } + return name.compareTo(o.name); + } + + @Override + public int hashCode() { + final int prime = 31; + int result = 1; + result = prime * result + ((name == null) ? 0 : name.hashCode()); + result = prime * result + ((type == null) ? 0 : type.hashCode()); + return result; + } + + @Override + public boolean equals(Object obj) { + if (this == obj) { + return true; + } + if (obj == null) { + return false; + } + if (getClass() != obj.getClass()) { + return false; + } + SubjectAlternateName other = (SubjectAlternateName) obj; + if (name == null) { + if (other.name != null) { + return false; + } + } else if ( !name.equals(other.name)) { + return false; + } + if (type != other.type) { + return false; + } + return true; + } + } public enum CSRType { @@ -83,18 +126,21 @@ public class Certificate { private List sans; - public Certificate(int ownerId, String dn, String md, String csr, CSRType csrType, SubjectAlternateName... sans) { + private CertificateProfile profile; + + public Certificate(int ownerId, String dn, String md, String csr, CSRType csrType, CertificateProfile profile, SubjectAlternateName... sans) { this.ownerId = ownerId; this.dn = dn; this.md = md; this.csr = csr; this.csrType = csrType; + this.profile = profile; this.sans = Arrays.asList(sans); } private Certificate(String serial) { try { - PreparedStatement ps = DatabaseConnection.getInstance().prepare("SELECT id,subject, md, csr_name, crt_name,memid FROM `certs` WHERE serial=?"); + PreparedStatement ps = DatabaseConnection.getInstance().prepare("SELECT id,subject, md, csr_name, crt_name,memid, profile FROM `certs` WHERE serial=?"); ps.setString(1, serial); ResultSet rs = ps.executeQuery(); if ( !rs.next()) { @@ -106,6 +152,7 @@ public class Certificate { csrName = rs.getString(4); crtName = rs.getString(5); ownerId = rs.getInt(6); + profile = CertificateProfile.getById(rs.getInt(7)); this.serial = serial; PreparedStatement ps2 = DatabaseConnection.getInstance().prepare("SELECT contents, type FROM `subjectAlternativeNames` WHERE certId=?"); @@ -172,17 +219,34 @@ public class Certificate { return CertificateStatus.REVOKED; } - public Job issue() throws IOException, SQLException { + /** + * @param start + * the date from which on the certificate should be valid. (or + * null if it should be valid instantly) + * @param period + * the period for which the date should be valid. (a + * yyyy-mm-dd or a "2y" (2 calendar years), "6m" (6 + * months) + * @return A job which can be used to monitor the progress of this task. + * @throws IOException + * for problems with writing the CSR/SPKAC + * @throws SQLException + * for problems with writing to the DB + * @throws GigiApiException + * if the period is bogus + */ + public Job issue(Date start, String period) throws IOException, SQLException, GigiApiException { if (getStatus() != CertificateStatus.DRAFT) { throw new IllegalStateException(); } Notary.writeUserAgreement(ownerId, "CCA", "issue certificate", "", true, 0); - PreparedStatement inserter = DatabaseConnection.getInstance().prepare("INSERT INTO certs SET md=?, subject=?, csr_type=?, crt_name='', memid=?, profile=1"); + PreparedStatement inserter = DatabaseConnection.getInstance().prepare("INSERT INTO certs SET md=?, subject=?, csr_type=?, crt_name='', memid=?, profile=?"); inserter.setString(1, md); inserter.setString(2, dn); inserter.setString(3, csrType.toString()); inserter.setInt(4, ownerId); + inserter.setInt(5, profile.getId()); inserter.execute(); id = DatabaseConnection.lastInsertId(inserter); File csrFile = KeyStorage.locateCsr(id); @@ -204,7 +268,7 @@ public class Certificate { updater.setString(1, csrName); updater.setInt(2, id); updater.execute(); - return Job.submit(this, JobType.SIGN); + return Job.sign(this, start, period); } @@ -212,7 +276,7 @@ public class Certificate { if (getStatus() != CertificateStatus.ISSUED) { throw new IllegalStateException(); } - return Job.submit(this, JobType.REVOKE); + return Job.revoke(this); } @@ -264,10 +328,14 @@ public class Certificate { return ownerId; } - public List getSans() { + public List getSANs() { return Collections.unmodifiableList(sans); } + public CertificateProfile getProfile() { + return profile; + } + public static Certificate getBySerial(String serial) { // TODO caching? try {