1 package org.cacert.gigi;
3 import java.io.FileInputStream;
4 import java.io.IOException;
5 import java.io.InputStream;
6 import java.security.GeneralSecurityException;
7 import java.security.cert.CertificateFactory;
8 import java.security.cert.X509Certificate;
9 import java.sql.PreparedStatement;
10 import java.sql.ResultSet;
11 import java.sql.SQLException;
12 import org.cacert.gigi.database.DatabaseConnection;
14 public class Certificate {
22 // created, modified, revoked, expire
23 public enum CertificateStatus {
24 DRAFT(false), BEEING_ISSUED(true), ISSUED(false), BEEING_REVOKED(true), REVOKED(
29 private CertificateStatus(boolean unstable) {
30 this.unstable = unstable;
32 public boolean isUnstable() {
37 public CertificateStatus getStatus() throws SQLException {
39 return CertificateStatus.DRAFT;
41 PreparedStatement searcher = DatabaseConnection.getInstance().prepare(
42 "SELECT crt_name, created, revoked FROM emailcerts WHERE id=?");
43 searcher.setInt(1, id);
44 ResultSet rs = searcher.executeQuery();
46 throw new IllegalStateException("Certificate not in Database");
48 if (rs.getString(2) == null) {
49 return CertificateStatus.BEEING_ISSUED;
51 crtName = rs.getString(1);
52 if (rs.getTime(2) != null && rs.getTime(3) == null) {
53 return CertificateStatus.ISSUED;
55 if (rs.getTime(2) != null
56 && rs.getString(3).equals("1970-01-01 00:00:00.0")) {
57 return CertificateStatus.BEEING_REVOKED;
59 return CertificateStatus.REVOKED;
64 if (getStatus() != CertificateStatus.DRAFT) {
65 throw new IllegalStateException();
67 PreparedStatement inserter = DatabaseConnection
70 "INSERT INTO emailcerts SET csr_name =?, md=?, subject=?, coll_found=0, crt_name=''");
71 inserter.setString(1, csrName);
72 inserter.setString(2, md);
73 inserter.setString(3, dn);
75 id = DatabaseConnection.lastInsertId(inserter);
76 } catch (SQLException e) {
81 public boolean waitFor(int max) throws SQLException, InterruptedException {
82 long start = System.currentTimeMillis();
83 while (getStatus().isUnstable()) {
84 if (max != 0 && System.currentTimeMillis() - start > max) {
87 Thread.sleep((long) (2000 + Math.random() * 2000));
91 public void revoke() {
93 if (getStatus() != CertificateStatus.ISSUED) {
94 throw new IllegalStateException();
96 PreparedStatement inserter = DatabaseConnection
99 "UPDATE emailcerts SET revoked = '1970-01-01' WHERE id=?");
100 inserter.setInt(1, id);
102 } catch (SQLException e) {
108 public X509Certificate cert() throws IOException, GeneralSecurityException {
109 InputStream is = null;
110 X509Certificate crt = null;
112 is = new FileInputStream(crtName);
113 CertificateFactory cf = CertificateFactory.getInstance("X.509");
114 crt = (X509Certificate) cf.generateCertificate(is);
122 public Certificate renew() {