private String dnString;
+ private CACertificate ca;
+
public Certificate(User owner, HashMap<String, String> dn, String md, String csr, CSRType csrType, CertificateProfile profile, SubjectAlternateName... sans) throws GigiApiException {
- if ( !owner.canIssue(profile)) {
+ if ( !profile.canBeIssuedBy(owner)) {
throw new GigiApiException("You are not allowed to issue these certificates.");
}
this.owner = owner;
if (id == 0) {
return CertificateStatus.DRAFT;
}
- GigiPreparedStatement searcher = DatabaseConnection.getInstance().prepare("SELECT crt_name, created, revoked, serial FROM certs WHERE id=?");
+ GigiPreparedStatement searcher = DatabaseConnection.getInstance().prepare("SELECT crt_name, created, revoked, serial, caid FROM certs WHERE id=?");
searcher.setInt(1, id);
GigiResultSet rs = searcher.executeQuery();
if ( !rs.next()) {
if (rs.getTimestamp(2) == null) {
return CertificateStatus.DRAFT;
}
+ ca = CACertificate.getById(rs.getInt("caid"));
if (rs.getTimestamp(2) != null && rs.getTimestamp(3) == null) {
return CertificateStatus.ISSUED;
}
}
+ public CACertificate getParent() {
+ CertificateStatus status = getStatus();
+ if (status != CertificateStatus.REVOKED && status != CertificateStatus.ISSUED) {
+ throw new IllegalStateException(status + " is not wanted here.");
+ }
+ return ca;
+ }
+
public X509Certificate cert() throws IOException, GeneralSecurityException {
CertificateStatus status = getStatus();
if (status != CertificateStatus.REVOKED && status != CertificateStatus.ISSUED) {
projects / gigi.git / blobdiff