private int id;
- private int ownerId;
+ private User owner;
private String serial;
private CertificateProfile profile;
- public Certificate(int ownerId, String dn, String md, String csr, CSRType csrType, CertificateProfile profile, SubjectAlternateName... sans) {
- this.ownerId = ownerId;
+ public Certificate(User owner, String dn, String md, String csr, CSRType csrType, CertificateProfile profile, SubjectAlternateName... sans) {
+ this.owner = owner;
this.dn = dn;
this.md = md;
this.csr = csr;
md = rs.getString(3);
csrName = rs.getString(4);
crtName = rs.getString(5);
- ownerId = rs.getInt(6);
+ owner = User.getById(rs.getInt(6));
profile = CertificateProfile.getById(rs.getInt(7));
this.serial = serial;
if (getStatus() != CertificateStatus.DRAFT) {
throw new IllegalStateException();
}
- Notary.writeUserAgreement(ownerId, "CCA", "issue certificate", "", true, 0);
+ Notary.writeUserAgreement(owner, "CCA", "issue certificate", "", true, 0);
GigiPreparedStatement inserter = DatabaseConnection.getInstance().prepare("INSERT INTO certs SET md=?, subject=?, csr_type=?, crt_name='', memid=?, profile=?");
inserter.setString(1, md);
inserter.setString(2, dn);
inserter.setString(3, csrType.toString());
- inserter.setInt(4, ownerId);
+ inserter.setInt(4, owner.getId());
inserter.setInt(5, profile.getId());
inserter.execute();
id = inserter.lastInsertId();
return md;
}
- public int getOwnerId() {
- return ownerId;
+ public User getOwner() {
+ return owner;
}
public List<SubjectAlternateName> getSANs() {
return false;
}
- result = new Certificate(LoginPage.getUser(req).getId(), subject.toString(), selectedDigest.toString(), //
+ result = new Certificate(LoginPage.getUser(req), subject.toString(), selectedDigest.toString(), //
this.csr, this.csrType, profile, SANs.toArray(new SubjectAlternateName[SANs.size()]));
result.issue(issueDate.getFrom(), issueDate.getTo()).waitFor(60000);
return true;
<td>SANs</td>
<td align="left"><textarea rows='5' name='SANs' placeholder="dns:my.domain.example.com, dns:*.example.com, email:my.email@example.com (or newline separated)"><?=$emails?></textarea></td>
</tr>
-
+ <? if($orga) { ?>
+ <tr>
+ <td><?=_Departement?></td>
+ <td align="left"><input type='text' name='OU'/></td>
+ </tr>
+ <? } ?>
<tr class="expertoff">
<td class='check'>
<input type="checkbox" id="expertbox" name="expertbox"/>
String serial = pi;
try {
Certificate c = Certificate.getBySerial(serial);
- if (c == null || getUser(req).getId() != c.getOwnerId()) {
+ if (c == null || getUser(req).getId() != c.getOwner().getId()) {
resp.sendError(404);
return true;
}
String serial = pi;
Certificate c = Certificate.getBySerial(serial);
- if (c == null || LoginPage.getUser(req).getId() != c.getOwnerId()) {
+ if (c == null || LoginPage.getUser(req).getId() != c.getOwner().getId()) {
resp.sendError(404);
return;
}
ps.setString(4, regional ? "1" : "0");
ps.setString(5, radius ? "1" : "0");
ps.execute();
- Notary.writeUserAgreement(memid, "CCA", "account creation", "", true, 0);
+ Notary.writeUserAgreement(buildup, "CCA", "account creation", "", true, 0);
DatabaseConnection.getInstance().commitTransaction();
} finally {
BigInteger serial = first.getSerialNumber();
Certificate c = Certificate.getBySerial(serial.toString(16));
- if (c.getOwnerId() != subject.getId()) {
+ if (c.getOwner().getId() != subject.getId()) {
return "Owner mismatch";
}
return PING_SUCCEDED;
public class Notary {
- public static void writeUserAgreement(int memid, String document, String method, String comment, boolean active, int secmemid) {
+ public static void writeUserAgreement(User member, String document, String method, String comment, boolean active, int secmemid) {
GigiPreparedStatement q = DatabaseConnection.getInstance().prepare("insert into `user_agreements` set `memid`=?, `secmemid`=?," + " `document`=?,`date`=NOW(), `active`=?,`method`=?,`comment`=?");
- q.setInt(1, memid);
+ q.setInt(1, member.getId());
q.setInt(2, secmemid);
q.setString(3, document);
q.setInt(4, active ? 1 : 0);
import org.cacert.gigi.dbObjects.Certificate.SANType;
import org.cacert.gigi.dbObjects.Certificate.SubjectAlternateName;
import org.cacert.gigi.dbObjects.CertificateProfile;
+import org.cacert.gigi.dbObjects.User;
import org.cacert.gigi.testUtils.ManagedTest;
import org.junit.Test;
public class TestCertificate extends ManagedTest {
+ User u = User.getById(createVerifiedUser("fn", "ln", createUniqueName() + "@example.com", TEST_PASSWORD));
+
@Test
public void testClientCertLoginStates() throws IOException, GeneralSecurityException, SQLException, InterruptedException, GigiApiException {
KeyPair kp = generateKeypair();
String key1 = generatePEMCSR(kp, "CN=testmail@example.com");
- Certificate c = new Certificate(1, "/CN=testmail@example.com", "sha256", key1, CSRType.CSR, CertificateProfile.getById(1));
+ Certificate c = new Certificate(u, "/CN=testmail@example.com", "sha256", key1, CSRType.CSR, CertificateProfile.getById(1));
final PrivateKey pk = kp.getPrivate();
c.issue(null, "2y").waitFor(60000);
final X509Certificate ce = c.cert();
public void testSANs() throws IOException, GeneralSecurityException, SQLException, InterruptedException, GigiApiException {
KeyPair kp = generateKeypair();
String key = generatePEMCSR(kp, "CN=testmail@example.com");
- Certificate c = new Certificate(1, "/CN=testmail@example.com", "sha256", key, CSRType.CSR, CertificateProfile.getById(1),//
+ Certificate c = new Certificate(u, "/CN=testmail@example.com", "sha256", key, CSRType.CSR, CertificateProfile.getById(1),//
new SubjectAlternateName(SANType.EMAIL, "testmail@example.com"), new SubjectAlternateName(SANType.DNS, "testmail.example.com"));
testFails(CertificateStatus.DRAFT, c);
public void testCertLifeCycle() throws IOException, GeneralSecurityException, SQLException, InterruptedException, GigiApiException {
KeyPair kp = generateKeypair();
String key = generatePEMCSR(kp, "CN=testmail@example.com");
- Certificate c = new Certificate(1, "/CN=testmail@example.com", "sha256", key, CSRType.CSR, CertificateProfile.getById(1));
+ Certificate c = new Certificate(u, "/CN=testmail@example.com", "sha256", key, CSRType.CSR, CertificateProfile.getById(1));
final PrivateKey pk = kp.getPrivate();
testFails(CertificateStatus.DRAFT, c);
import org.cacert.gigi.dbObjects.Certificate;
import org.cacert.gigi.dbObjects.Certificate.CSRType;
import org.cacert.gigi.dbObjects.CertificateProfile;
+import org.cacert.gigi.dbObjects.User;
import org.cacert.gigi.testUtils.IOUtils;
import org.cacert.gigi.testUtils.ManagedTest;
import org.cacert.gigi.util.ServerConstants;
int id = createVerifiedUser("Kurti", "Hansel", email, TEST_PASSWORD);
KeyPair kp = generateKeypair();
String key1 = generatePEMCSR(kp, "CN=" + email);
- Certificate c = new Certificate(id, "/CN=" + email, "sha256", key1, CSRType.CSR, CertificateProfile.getById(1));
+ Certificate c = new Certificate(User.getById(id), "/CN=" + email, "sha256", key1, CSRType.CSR, CertificateProfile.getById(1));
final PrivateKey pk = kp.getPrivate();
c.issue(null, "2y").waitFor(60000);
final X509Certificate ce = c.cert();
import org.cacert.gigi.dbObjects.Certificate;
import org.cacert.gigi.dbObjects.Certificate.CSRType;
import org.cacert.gigi.dbObjects.CertificateProfile;
+import org.cacert.gigi.dbObjects.User;
import org.cacert.gigi.testUtils.ManagedTest;
import org.junit.Test;
String cookie = login(mail, TEST_PASSWORD);
KeyPair kp = generateKeypair();
String csr = generatePEMCSR(kp, "CN=felix@dogcraft.de");
- Certificate c = new Certificate(user, "/CN=testmail@example.com", "sha256", csr, CSRType.CSR, CertificateProfile.getById(1));
+ Certificate c = new Certificate(User.getById(user), "/CN=testmail@example.com", "sha256", csr, CSRType.CSR, CertificateProfile.getById(1));
final PrivateKey pk = kp.getPrivate();
c.issue(null, "2y").waitFor(60000);
final X509Certificate ce = c.cert();
import org.cacert.gigi.dbObjects.Certificate;
import org.cacert.gigi.dbObjects.Certificate.CSRType;
import org.cacert.gigi.dbObjects.CertificateProfile;
+import org.cacert.gigi.dbObjects.User;
import org.cacert.gigi.pages.account.domain.DomainOverview;
import org.cacert.gigi.testUtils.IOUtils;
import org.cacert.gigi.testUtils.PingTest;
private void createCertificate(String test, CertificateProfile profile) throws GeneralSecurityException, IOException, SQLException, InterruptedException, GigiApiException {
kp = generateKeypair();
String csr = generatePEMCSR(kp, "CN=" + test);
- c = new Certificate(userid, "/CN=" + test, "sha256", csr, CSRType.CSR, profile);
+ c = new Certificate(User.getById(userid), "/CN=" + test, "sha256", csr, CSRType.CSR, profile);
c.issue(null, "2y").waitFor(60000);
}