X-Git-Url: https://code.wpia.club/?p=gigi.git;a=blobdiff_plain;f=src%2Forg%2Fcacert%2Fgigi%2FdbObjects%2FCertificate.java;h=6971b5e9f528d6fe6ee36490eba6697913a0c8d6;hp=0c63c2cdee088add0a37f51154cd01a41863d76d;hb=a793cf333e23cba27e2ce4378becc0426f1e186a;hpb=3fe883ddebca5de19caf5ef68c492db7eb6dc342 diff --git a/src/org/cacert/gigi/dbObjects/Certificate.java b/src/org/cacert/gigi/dbObjects/Certificate.java index 0c63c2cd..6971b5e9 100644 --- a/src/org/cacert/gigi/dbObjects/Certificate.java +++ b/src/org/cacert/gigi/dbObjects/Certificate.java @@ -11,8 +11,10 @@ import java.security.cert.X509Certificate; import java.sql.Date; import java.util.Arrays; import java.util.Collections; +import java.util.HashMap; import java.util.LinkedList; import java.util.List; +import java.util.Map.Entry; import org.cacert.gigi.GigiApiException; import org.cacert.gigi.database.DatabaseConnection; @@ -112,8 +114,6 @@ public class Certificate { private String serial; - private String dn; - private String md; private String csrName; @@ -128,12 +128,20 @@ public class Certificate { private CertificateProfile profile; - public Certificate(User owner, String dn, String md, String csr, CSRType csrType, CertificateProfile profile, SubjectAlternateName... sans) throws GigiApiException { + private HashMap dn; + + private String dnString; + + public Certificate(User owner, HashMap dn, String md, String csr, CSRType csrType, CertificateProfile profile, SubjectAlternateName... sans) throws GigiApiException { if ( !owner.canIssue(profile)) { throw new GigiApiException("You are not allowed to issue these certificates."); } this.owner = owner; this.dn = dn; + if (dn.size() == 0) { + throw new GigiApiException("DN must not be empty"); + } + dnString = stringifyDN(dn); this.md = md; this.csr = csr; this.csrType = csrType; @@ -142,14 +150,16 @@ public class Certificate { } private Certificate(String serial) { - GigiPreparedStatement ps = DatabaseConnection.getInstance().prepare("SELECT id,subject, md, csr_name, crt_name,memid, profile FROM `certs` WHERE serial=?"); + // + String concat = "group_concat(concat('/', `name`, '=', REPLACE(REPLACE(value, '\\\\', '\\\\\\\\'), '/', '\\\\/')))"; + GigiPreparedStatement ps = DatabaseConnection.getInstance().prepare("SELECT certs.id, " + concat + " as subject, md, csr_name, crt_name,memid, profile FROM `certs` LEFT JOIN certAvas ON certAvas.certid=certs.id WHERE serial=? GROUP BY certs.id"); ps.setString(1, serial); GigiResultSet rs = ps.executeQuery(); if ( !rs.next()) { throw new IllegalArgumentException("Invalid mid " + serial); } this.id = rs.getInt(1); - dn = rs.getString(2); + dnString = rs.getString(2); md = rs.getString(3); csrName = rs.getString(4); crtName = rs.getString(5); @@ -238,21 +248,14 @@ public class Certificate { } Notary.writeUserAgreement(owner, "CCA", "issue certificate", "", true, 0); - GigiPreparedStatement inserter = DatabaseConnection.getInstance().prepare("INSERT INTO certs SET md=?, subject=?, csr_type=?, crt_name='', memid=?, profile=?"); + GigiPreparedStatement inserter = DatabaseConnection.getInstance().prepare("INSERT INTO certs SET md=?, csr_type=?, crt_name='', memid=?, profile=?"); inserter.setString(1, md); - inserter.setString(2, dn); - inserter.setString(3, csrType.toString()); - inserter.setInt(4, owner.getId()); - inserter.setInt(5, profile.getId()); + inserter.setString(2, csrType.toString()); + inserter.setInt(3, owner.getId()); + inserter.setInt(4, profile.getId()); inserter.execute(); id = inserter.lastInsertId(); - File csrFile = KeyStorage.locateCsr(id); - csrName = csrFile.getPath(); - FileOutputStream fos = new FileOutputStream(csrFile); - fos.write(csr.getBytes()); - fos.close(); - // TODO draft to insert SANs GigiPreparedStatement san = DatabaseConnection.getInstance().prepare("INSERT INTO subjectAlternativeNames SET certId=?, contents=?, type=?"); for (SubjectAlternateName subjectAlternateName : sans) { san.setInt(1, id); @@ -261,6 +264,19 @@ public class Certificate { san.execute(); } + GigiPreparedStatement insertAVA = DatabaseConnection.getInstance().prepare("INSERT certAvas SET certid=?, name=?, value=?"); + insertAVA.setInt(1, id); + for (Entry e : dn.entrySet()) { + insertAVA.setString(2, e.getKey()); + insertAVA.setString(3, e.getValue()); + insertAVA.execute(); + } + File csrFile = KeyStorage.locateCsr(id); + csrName = csrFile.getPath(); + FileOutputStream fos = new FileOutputStream(csrFile); + fos.write(csr.getBytes()); + fos.close(); + GigiPreparedStatement updater = DatabaseConnection.getInstance().prepare("UPDATE certs SET csr_name=? WHERE id=?"); updater.setString(1, csrName); updater.setInt(2, id); @@ -311,7 +327,7 @@ public class Certificate { } public String getDistinguishedName() { - return dn; + return dnString; } public String getMessageDigest() { @@ -340,4 +356,25 @@ public class Certificate { return null; } + public static String escapeAVA(String value) { + + return value.replace("\\", "\\\\").replace("/", "\\/"); + } + + public static String stringifyDN(HashMap contents) { + StringBuffer res = new StringBuffer(); + for (Entry i : contents.entrySet()) { + res.append("/" + i.getKey() + "="); + res.append(escapeAVA(i.getValue())); + } + return res.toString(); + } + + public static HashMap buildDN(String... contents) { + HashMap res = new HashMap<>(); + for (int i = 0; i + 1 < contents.length; i += 2) { + res.put(contents[i], contents[i + 1]); + } + return res; + } }