1 package org.cacert.gigi;
4 import java.io.FileInputStream;
5 import java.io.FileOutputStream;
6 import java.io.IOException;
7 import java.io.InputStream;
8 import java.security.GeneralSecurityException;
9 import java.security.cert.CertificateFactory;
10 import java.security.cert.X509Certificate;
11 import java.sql.PreparedStatement;
12 import java.sql.ResultSet;
13 import java.sql.SQLException;
15 import org.cacert.gigi.database.DatabaseConnection;
16 import org.cacert.gigi.util.KeyStorage;
18 public class Certificate {
26 public Certificate(String dn, String md, String csr) {
32 // created, modified, revoked, expire
33 public enum CertificateStatus {
34 DRAFT(false), BEEING_ISSUED(true), ISSUED(false), BEEING_REVOKED(true), REVOKED(
39 private CertificateStatus(boolean unstable) {
40 this.unstable = unstable;
42 public boolean isUnstable() {
47 public CertificateStatus getStatus() throws SQLException {
49 return CertificateStatus.DRAFT;
51 PreparedStatement searcher = DatabaseConnection.getInstance().prepare(
52 "SELECT crt_name, created, revoked FROM emailcerts WHERE id=?");
53 searcher.setInt(1, id);
54 ResultSet rs = searcher.executeQuery();
56 throw new IllegalStateException("Certificate not in Database");
58 if (rs.getString(2) == null) {
59 return CertificateStatus.BEEING_ISSUED;
61 crtName = rs.getString(1);
62 System.out.println(crtName);
63 if (rs.getTime(2) != null && rs.getTime(3) == null) {
64 return CertificateStatus.ISSUED;
66 if (rs.getTime(2) != null
67 && rs.getString(3).equals("1970-01-01 00:00:00.0")) {
68 return CertificateStatus.BEEING_REVOKED;
70 return CertificateStatus.REVOKED;
73 public void issue() throws IOException {
75 if (getStatus() != CertificateStatus.DRAFT) {
76 throw new IllegalStateException();
78 PreparedStatement inserter = DatabaseConnection
81 "INSERT INTO emailcerts SET md=?, subject=?, coll_found=0, crt_name=''");
82 inserter.setString(1, md);
83 inserter.setString(2, dn);
85 id = DatabaseConnection.lastInsertId(inserter);
86 File csrFile = KeyStorage.locateCsr(id);
87 csrName = csrFile.getPath();
88 FileOutputStream fos = new FileOutputStream(csrFile);
89 fos.write(csr.getBytes());
92 PreparedStatement updater = DatabaseConnection.getInstance()
93 .prepare("UPDATE emailcerts SET csr_name=? WHERE id=?");
94 updater.setString(1, csrName);
95 updater.setInt(2, id);
97 } catch (SQLException e) {
102 public boolean waitFor(int max) throws SQLException, InterruptedException {
103 long start = System.currentTimeMillis();
104 while (getStatus().isUnstable()) {
105 if (max != 0 && System.currentTimeMillis() - start > max) {
108 Thread.sleep((long) (2000 + Math.random() * 2000));
112 public void revoke() {
114 if (getStatus() != CertificateStatus.ISSUED) {
115 throw new IllegalStateException();
117 PreparedStatement inserter = DatabaseConnection
120 "UPDATE emailcerts SET revoked = '1970-01-01' WHERE id=?");
121 inserter.setInt(1, id);
123 } catch (SQLException e) {
129 public X509Certificate cert() throws IOException, GeneralSecurityException,
131 CertificateStatus status = getStatus();
132 if (status != CertificateStatus.ISSUED) {
133 throw new IllegalStateException(status + " is not wanted here.");
135 InputStream is = null;
136 X509Certificate crt = null;
138 is = new FileInputStream(crtName);
139 CertificateFactory cf = CertificateFactory.getInstance("X.509");
140 crt = (X509Certificate) cf.generateCertificate(is);
148 public Certificate renew() {