import java.security.interfaces.DSAPublicKey;
import java.security.interfaces.ECPublicKey;
import java.security.interfaces.RSAPublicKey;
-import java.sql.SQLException;
import java.util.Base64;
import java.util.HashMap;
import java.util.LinkedHashSet;
import org.cacert.gigi.GigiApiException;
import org.cacert.gigi.crypto.SPKAC;
import org.cacert.gigi.dbObjects.Certificate;
-import org.cacert.gigi.dbObjects.CertificateProfile;
-import org.cacert.gigi.dbObjects.Digest;
-import org.cacert.gigi.dbObjects.User;
import org.cacert.gigi.dbObjects.Certificate.CSRType;
import org.cacert.gigi.dbObjects.Certificate.SANType;
import org.cacert.gigi.dbObjects.Certificate.SubjectAlternateName;
+import org.cacert.gigi.dbObjects.CertificateProfile;
+import org.cacert.gigi.dbObjects.Digest;
+import org.cacert.gigi.dbObjects.User;
import org.cacert.gigi.localisation.Language;
import org.cacert.gigi.output.CertificateValiditySelector;
import org.cacert.gigi.output.Form;
selectedDigest = Digest.valueOf(hashAlg);
}
profile = CertificateProfile.getByName(req.getParameter("profile"));
+ if ( !u.canIssue(profile)) {
+ profile = CertificateProfile.getById(1);
+ outputError(out, req, "Certificate Profile is invalid.");
+ return false;
+ }
String pDNS = null;
String pMail = null;
throw new GigiApiException("Certificate Request format is invalid.");
} catch (InterruptedException e) {
e.printStackTrace();
- } catch (SQLException e) {
- throw new GigiApiException(e);
}
} catch (GigiApiException e) {
e.format(out, Page.getLanguage(req));
@Override
public boolean next(Language l, Map<String, Object> vars) {
- CertificateProfile cp = CertificateProfile.getById(i++);
- if (cp == null) {
- return false;
- }
+ CertificateProfile cp;
+ do {
+ cp = CertificateProfile.getById(i++);
+ if (cp == null) {
+ return false;
+ }
+ } while ( !u.canIssue(cp));
+
if (cp.getId() == profile.getId()) {
vars.put("selected", " selected");
} else {