"version" smallint NOT NULL,
PRIMARY KEY ("version")
);
-INSERT INTO "schemeVersion" (version) VALUES(30);
+INSERT INTO "schemeVersion" (version) VALUES(31);
DROP TABLE IF EXISTS `passwordResetTickets`;
CREATE TABLE `passwordResetTickets` (
"type" "namePartType" NOT NULL,
"value" varchar(255) NOT NULL
);
+
+
+DROP TABLE IF EXISTS "certificateAttachment";
+DROP TYPE IF EXISTS "certificateAttachmentType";
+CREATE TYPE "certificateAttachmentType" AS ENUM ('CSR','CRT');
+
+CREATE TABLE "certificateAttachment" (
+ "certid" int NOT NULL,
+ "type" "certificateAttachmentType" NOT NULL,
+ "content" text NOT NULL,
+ PRIMARY KEY ("certid", "type")
+);
}
}
+ public enum AttachmentType implements DBEnum {
+ CSR, CRT;
+
+ @Override
+ public String getDBName() {
+ return toString();
+ }
+ }
+
public enum SANType implements DBEnum {
EMAIL("email"), DNS("DNS");
}
return certs;
}
+
+ public void addAttachment(AttachmentType tp, String data) throws GigiApiException {
+ if (getAttachment(tp) != null) {
+ throw new GigiApiException("Cannot override attachment");
+ }
+ if (data == null) {
+ throw new GigiApiException("Attachment must not be null");
+ }
+ try (GigiPreparedStatement ps = new GigiPreparedStatement("INSERT INTO `certificateAttachment` SET `certid`=?, `type`=?::`certificateAttachmentType`, `content`=?")) {
+ ps.setInt(1, getId());
+ ps.setEnum(2, tp);
+ ps.setString(3, data);
+ ps.execute();
+ }
+ }
+
+ public String getAttachment(AttachmentType tp) throws GigiApiException {
+ try (GigiPreparedStatement ps = new GigiPreparedStatement("SELECT `content` FROM `certificateAttachment` WHERE `certid`=? AND `type`=?::`certificateAttachmentType`")) {
+ ps.setInt(1, getId());
+ ps.setEnum(2, tp);
+ GigiResultSet rs = ps.executeQuery();
+ if ( !rs.next()) {
+ return null;
+ }
+ String s = rs.getString(1);
+ if (rs.next()) {
+ throw new GigiApiException("Invalid database state");
+ }
+ return s;
+ }
+ }
}
import org.junit.Test;
import club.wpia.gigi.GigiApiException;
-import club.wpia.gigi.dbObjects.Certificate;
-import club.wpia.gigi.dbObjects.Digest;
+import club.wpia.gigi.dbObjects.Certificate.AttachmentType;
import club.wpia.gigi.dbObjects.Certificate.CSRType;
import club.wpia.gigi.testUtils.ClientBusinessTest;
c.setLoginEnabled(false);
assertFalse(c.isLoginEnabled());
}
+
+ @Test
+ public void testAttachment() throws GeneralSecurityException, IOException, GigiApiException {
+ KeyPair kp = generateKeypair();
+ String key = generatePEMCSR(kp, "CN=testmail@example.com");
+ Certificate c = new Certificate(u, u, Certificate.buildDN("CN", "testmail@example.com"), Digest.SHA256, key, CSRType.CSR, getClientProfile());
+ assertNull(c.getAttachment(AttachmentType.CRT));
+ assertNull(c.getAttachment(AttachmentType.CSR));
+ c.addAttachment(AttachmentType.CSR, "a");
+ assertNull(c.getAttachment(AttachmentType.CRT));
+ assertEquals("a", c.getAttachment(AttachmentType.CSR));
+ try {
+ c.addAttachment(AttachmentType.CSR, "different CSR");
+ fail("double add attachment must fail");
+ } catch (GigiApiException e) {
+ // expected
+ }
+ assertNull(c.getAttachment(AttachmentType.CRT));
+ assertEquals("a", c.getAttachment(AttachmentType.CSR));
+ try {
+ c.addAttachment(AttachmentType.CRT, null);
+ fail("attachment must not be null");
+ } catch (GigiApiException e) {
+ // expected
+ }
+ assertNull(c.getAttachment(AttachmentType.CRT));
+ assertEquals("a", c.getAttachment(AttachmentType.CSR));
+ c.addAttachment(AttachmentType.CRT, "b");
+ assertEquals("a", c.getAttachment(AttachmentType.CSR));
+ assertEquals("b", c.getAttachment(AttachmentType.CRT));
+ try {
+ c.addAttachment(AttachmentType.CRT, "different CRT");
+ fail("double add attachment must fail");
+ } catch (GigiApiException e) {
+ // expected
+ }
+ assertEquals("a", c.getAttachment(AttachmentType.CSR));
+ assertEquals("b", c.getAttachment(AttachmentType.CRT));
+ }
}