resp.sendError(500, "Error, invalid cert");
return;
}
- if ( !"CAcert".equals(((Organisation) u).getName())) {
+ if ( !((Organisation) u).isSelfOrganisation()) {
resp.sendError(500, "Error, invalid cert");
return;
if ( !actor.isInGroup(Group.CODESIGNING)) {
return false;
}
+ } else if (s.equals("ocsp")) {
+ if ( !(owner instanceof Organisation)) {
+ return false;
+ }
+ Organisation o = (Organisation) owner;
+ if ( !o.isSelfOrganisation()) {
+ return false;
+ }
} else {
return false;
}
public boolean isValidEmail(String email) {
return isValidDomain(email.split("@", 2)[1]);
}
+
+ public boolean isSelfOrganisation() {
+ return "CAcert".equals(getName());
+ }
}
vars2.put("hashs", new HashAlgorithms(cr.getSelectedDigest()));
vars2.put("profiles", new IterableDataset() {
- int i = 1;
+ CertificateProfile[] cps = CertificateProfile.getAll();
+
+ int i = 0;
@Override
public boolean next(Language l, Map<String, Object> vars) {
CertificateProfile cp;
do {
- cp = CertificateProfile.getById(i++);
- if (cp == null) {
+ if (i >= cps.length) {
return false;
}
+ cp = cps[i];
+ i++;
} while ( !cp.canBeIssuedBy(c.getTarget(), c.getActor()));
if (cp.getId() == cr.getProfile().getId()) {
case "emailProtection":
oid = new ObjectIdentifier("1.3.6.1.5.5.7.3.4");
break;
+ case "OCSPSigning":
+ oid = new ObjectIdentifier("1.3.6.1.5.5.7.3.9");
+ break;
default:
throw new Error(name);