X-Git-Url: https://code.wpia.club/?a=blobdiff_plain;f=src%2Forg%2Fcacert%2Fgigi%2FdbObjects%2FCertificate.java;h=b0c85e96b9f691b13b6bdd68e5b678b5b95264da;hb=1d08cc98005de07c416207536bcae3592fbc7b73;hp=8e66c7f30c3d98c3b123ef9f6f5c73114aa95905;hpb=a0232b6e40e7e09767f0444d24e18bf12dafc362;p=gigi.git diff --git a/src/org/cacert/gigi/dbObjects/Certificate.java b/src/org/cacert/gigi/dbObjects/Certificate.java index 8e66c7f3..b0c85e96 100644 --- a/src/org/cacert/gigi/dbObjects/Certificate.java +++ b/src/org/cacert/gigi/dbObjects/Certificate.java @@ -19,8 +19,9 @@ import java.util.Map.Entry; import org.cacert.gigi.GigiApiException; import org.cacert.gigi.database.GigiPreparedStatement; import org.cacert.gigi.database.GigiResultSet; +import org.cacert.gigi.output.template.Outputable; +import org.cacert.gigi.output.template.TranslateCommand; import org.cacert.gigi.util.KeyStorage; -import org.cacert.gigi.util.Notary; public class Certificate implements IdCachable { @@ -139,7 +140,7 @@ public class Certificate implements IdCachable { this.owner = owner; this.dn = dn; if (dn.size() == 0) { - throw new GigiApiException("DN must not be empty"); + throw new GigiApiException("DN must not be empty."); } dnString = stringifyDN(dn); this.md = md; @@ -151,7 +152,7 @@ public class Certificate implements IdCachable { try (GigiPreparedStatement inserter = new GigiPreparedStatement("INSERT INTO certs SET md=?::`mdType`, csr_type=?::`csrType`, crt_name='', memid=?, profile=?")) { inserter.setString(1, md.toString().toLowerCase()); - inserter.setString(2, csrType.toString()); + inserter.setString(2, this.csrType.toString()); inserter.setInt(3, owner.getId()); inserter.setInt(4, profile.getId()); inserter.execute(); @@ -169,7 +170,7 @@ public class Certificate implements IdCachable { try (GigiPreparedStatement insertAVA = new GigiPreparedStatement("INSERT INTO `certAvas` SET `certId`=?, name=?, value=?")) { insertAVA.setInt(1, id); - for (Entry e : dn.entrySet()) { + for (Entry e : this.dn.entrySet()) { insertAVA.setString(2, e.getKey()); insertAVA.setString(3, e.getValue()); insertAVA.execute(); @@ -178,7 +179,7 @@ public class Certificate implements IdCachable { File csrFile = KeyStorage.locateCsr(id); csrName = csrFile.getPath(); try (FileOutputStream fos = new FileOutputStream(csrFile)) { - fos.write(csr.getBytes("UTF-8")); + fos.write(this.csr.getBytes("UTF-8")); } try (GigiPreparedStatement updater = new GigiPreparedStatement("UPDATE `certs` SET `csr_name`=? WHERE id=?")) { updater.setString(1, csrName); @@ -215,25 +216,34 @@ public class Certificate implements IdCachable { * This certificate is not in the database, has no id and only exists as * this java object. */ - DRAFT(), + DRAFT("draft"), /** * The certificate has been signed. It is stored in the database. * {@link Certificate#cert()} is valid. */ - ISSUED(), + ISSUED("issued"), /** * The certificate has been revoked. */ - REVOKED(), + REVOKED("revoked"), /** * If this certificate cannot be updated because an error happened in * the signer. */ - ERROR(); + ERROR("error"); - private CertificateStatus() {} + private final Outputable name; + + private CertificateStatus(String codename) { + this.name = new TranslateCommand(codename); + + } + + public Outputable getName() { + return name; + } } @@ -276,7 +286,6 @@ public class Certificate implements IdCachable { if (getStatus() != CertificateStatus.DRAFT) { throw new IllegalStateException(); } - Notary.writeUserAgreement(actor, "CCA", "issue certificate", "", true, 0); return Job.sign(this, start, period); @@ -434,4 +443,54 @@ public class Certificate implements IdCachable { } return null; } + + public void setLoginEnabled(boolean activate) { + if (activate) { + if ( !isLoginEnabled()) { + try (GigiPreparedStatement prep = new GigiPreparedStatement("INSERT INTO `logincerts` SET `id`=?")) { + prep.setInt(1, id); + prep.execute(); + } + } + } else { + try (GigiPreparedStatement prep = new GigiPreparedStatement("DELETE FROM `logincerts` WHERE `id`=?")) { + prep.setInt(1, id); + prep.execute(); + } + } + } + + public boolean isLoginEnabled() { + try (GigiPreparedStatement prep = new GigiPreparedStatement("SELECT 1 FROM `logincerts` WHERE `id`=?")) { + prep.setInt(1, id); + GigiResultSet res = prep.executeQuery(); + return res.next(); + } + } + + public static Certificate[] findBySerialPattern(String serial) { + try (GigiPreparedStatement prep = new GigiPreparedStatement("SELECT `id` FROM `certs` WHERE `serial` LIKE ? GROUP BY `id` LIMIT 100", true)) { + prep.setString(1, serial); + return fetchCertsToArray(prep); + } + } + + public static Certificate[] findBySANPattern(String request, SANType type) { + try (GigiPreparedStatement prep = new GigiPreparedStatement("SELECT `certId` FROM `subjectAlternativeNames` WHERE `contents` LIKE ? and `type`=?::`SANType` GROUP BY `certId` LIMIT 100", true)) { + prep.setString(1, request); + prep.setString(2, type.getOpensslName()); + return fetchCertsToArray(prep); + } + } + + private static Certificate[] fetchCertsToArray(GigiPreparedStatement prep) { + GigiResultSet res = prep.executeQuery(); + res.last(); + Certificate[] certs = new Certificate[res.getRow()]; + res.beforeFirst(); + for (int i = 0; res.next(); i++) { + certs[i] = Certificate.getById(res.getInt(1)); + } + return certs; + } }