upd: use serials lowercase-only
authorFelix Dörre <felix@dogcraft.de>
Sun, 11 Sep 2016 08:46:54 +0000 (10:46 +0200)
committerFelix Dörre <felix@dogcraft.de>
Mon, 12 Sep 2016 21:54:31 +0000 (23:54 +0200)
Change-Id: Ia30c803c25f6b593086df614ce1d711c1be84ebf

src/org/cacert/gigi/api/CATSResolve.java
src/org/cacert/gigi/dbObjects/CertificateOwner.java
src/org/cacert/gigi/pages/LoginPage.java
tests/org/cacert/gigi/pages/account/TestCertificateAdd.java

index 1b25e9d5dd241c49d8e04f94272ad9b505ff1670..0e9f2a01e08bfc71f8a7760e0485d256936d02ba 100644 (file)
@@ -29,7 +29,7 @@ public class CATSResolve extends APIPoint {
             return;
         }
 
-        CertificateOwner o = CertificateOwner.getByEnabledSerial(target);
+        CertificateOwner o = CertificateOwner.getByEnabledSerial(target.toLowerCase());
         if ( !(o instanceof User)) {
             resp.sendError(500, "Error, requires valid serial");
             return;
index cc96ade7c39a5f3e532986cf3ed68a5378f0f24b..ab854bccd1e0dd40eab1b9b17a8cb5e7f8b07b9c 100644 (file)
@@ -127,7 +127,7 @@ public abstract class CertificateOwner implements IdCachable, Serializable {
 
     public static CertificateOwner getByEnabledSerial(String serial) {
         try (GigiPreparedStatement prep = new GigiPreparedStatement("SELECT `memid` FROM `certs` INNER JOIN `logincerts` ON `logincerts`.`id`=`certs`.`id` WHERE serial=? AND `revoked` is NULL")) {
-            prep.setString(1, serial.toLowerCase());
+            prep.setString(1, serial);
             GigiResultSet res = prep.executeQuery();
             if (res.next()) {
                 return getById(res.getInt(1));
index 5232c09446733bfd3e8290fd200f44fa83f24a31..69b05887bb0babd9d381603504031e8cccb55d2e 100644 (file)
@@ -164,11 +164,11 @@ public class LoginPage extends Page {
     }
 
     public static String extractSerialFormCert(X509Certificate x509Certificate) {
-        return x509Certificate.getSerialNumber().toString(16).toUpperCase();
+        return x509Certificate.getSerialNumber().toString(16).toLowerCase();
     }
 
     public static User fetchUserBySerial(String serial) {
-        if ( !serial.matches("[A-Fa-f0-9]+")) {
+        if ( !serial.matches("[a-f0-9]+")) {
             throw new Error("serial malformed.");
         }
 
index 4d6529db3197554802749bfefeee3430c04db9aa..cbce25d49e17fa30e573b6b57582ed3df4432ea9 100644 (file)
@@ -378,9 +378,9 @@ public class TestCertificateAdd extends ClientTest {
     @Test
     public void testSetLoginEnabled() throws IOException, GeneralSecurityException {
         X509Certificate parsedLoginNotEnabled = createCertWithValidity("&validFrom=now&validity=1m", false);
-        assertNull(CertificateOwner.getByEnabledSerial(parsedLoginNotEnabled.getSerialNumber().toString(16)));
+        assertNull(CertificateOwner.getByEnabledSerial(parsedLoginNotEnabled.getSerialNumber().toString(16).toLowerCase()));
 
         X509Certificate parsedLoginEnabled = createCertWithValidity("&validFrom=now&validity=1m", true);
-        assertEquals(u, CertificateOwner.getByEnabledSerial(parsedLoginEnabled.getSerialNumber().toString(16)));
+        assertEquals(u, CertificateOwner.getByEnabledSerial(parsedLoginEnabled.getSerialNumber().toString(16).toLowerCase()));
     }
 }