add: Highlight certificates outside validity period in Cert Overview

[gigi.git] / src / org / cacert / gigi / output / CertificateIterable.java

diff --git a/src/org/cacert/gigi/output/CertificateIterable.java b/src/org/cacert/gigi/output/CertificateIterable.java
index 261fef196245897d08abf9988398873460771c27..afc883ff4a13544a04df6bcb6fd91d70c4965a23 100644 (file)
--- a/src/org/cacert/gigi/output/CertificateIterable.java
+++ b/src/org/cacert/gigi/output/CertificateIterable.java
@@ -1,15 +1,23 @@
 package org.cacert.gigi.output;
 
+import java.io.IOException;
+import java.security.GeneralSecurityException;
+import java.security.cert.X509Certificate;
+import java.util.Date;
 import java.util.Map;
 
 import org.cacert.gigi.dbObjects.Certificate;
+import org.cacert.gigi.dbObjects.Certificate.CertificateStatus;
 import org.cacert.gigi.localisation.Language;
 import org.cacert.gigi.output.template.IterableDataset;
+import org.cacert.gigi.util.CalendarUtil;
 
 public class CertificateIterable implements IterableDataset {
 
     private Certificate[] certificates;
 
+    public static final int EXPIRING_IN_DAYS = 14;
+
     public CertificateIterable(Certificate[] certificates) {
         this.certificates = certificates;
     }
@@ -22,15 +30,53 @@ public class CertificateIterable implements IterableDataset {
             return false;
         }
         Certificate c = certificates[i++];
-        vars.put("state", l.getTranslation(c.getStatus().toString().toLowerCase()));
+        vars.put("state", c.getStatus());
         vars.put("CN", c.getDistinguishedName());
         vars.put("serial", c.getSerial());
         vars.put("digest", c.getMessageDigest());
         vars.put("profile", c.getProfile().getVisibleName());
+        try {
+            CertificateStatus st = c.getStatus();
+            vars.put("revokable", st != CertificateStatus.REVOKED && st == CertificateStatus.ISSUED);
+            String issuedWarning = "";
+            String expiredWarning = "";
+            if (st == CertificateStatus.ISSUED || st == CertificateStatus.REVOKED) {
+                X509Certificate cert = c.cert();
+                vars.put("issued", cert.getNotBefore());
+                vars.put("expire", cert.getNotAfter());
+
+                if (cert.getNotBefore().after(new Date())) {
+                    issuedWarning = "bg-warning";
+                }
+                vars.put("classIssued", issuedWarning);
+
+                if (cert.getNotAfter().before(CalendarUtil.timeDifferenceDays(EXPIRING_IN_DAYS))) {
+                    expiredWarning = "bg-warning";
+                }
+                if (cert.getNotAfter().before(new Date())) {
+                    expiredWarning = "bg-danger";
+                }
+                vars.put("classExpired", expiredWarning);
+            } else {
+                vars.put("issued", l.getTranslation("N/A"));
+                vars.put("expire", l.getTranslation("N/A"));
+            }
 
-        vars.put("issued", "TODO"); // TODO output dates
-        vars.put("revoked", "TODO");
-        vars.put("expire", "TODO");
+            if (st == CertificateStatus.REVOKED) {
+                vars.put("revoked", c.getRevocationDate());
+            } else {
+                vars.put("revoked", l.getTranslation("N/A"));
+            }
+        } catch (IOException e) {
+            e.printStackTrace();
+        } catch (GeneralSecurityException e) {
+            e.printStackTrace();
+        }
+        if (c.isLoginEnabled()) {
+            vars.put("login", l.getTranslation("No"));
+        } else {
+            vars.put("login", l.getTranslation("Yes"));
+        }
         return true;
     }
 }