Certificate c = null;
if (serial != null && !serial.isEmpty()) {
- c = getBySerialFriendly(serial);
+ c = getBySerial(normalizeSerial(serial));
if (c == null) {
return null;
}
throw new GigiApiException(NOT_PARSED);
}
try {
- c = getBySerialFriendly(c0.getSerialNumber().toString(16));
+ c = getBySerial(c0.getSerialNumber().toString(16));
if (c == null) {
return null;
}
return c;
}
- private static Certificate getBySerialFriendly(String serial) throws GigiApiException {
- serial = serial.trim().toLowerCase();
+ public static String normalizeSerial(String serial) throws GigiApiException {
+ serial = serial.replace(" ", "");
+ serial = serial.toLowerCase();
+ if (serial.matches("[0-9a-f]{2}(:[0-9a-f]{2})*")) {
+ serial = serial.replace(":", "");
+ }
int idx = 0;
while (idx < serial.length() && serial.charAt(idx) == '0') {
idx++;
}
serial = serial.substring(idx);
- return Certificate.getBySerial(serial);
+ if ( !serial.matches("[0-9a-f]+")) {
+ throw new GigiApiException("Malformed serial");
+ }
+ return serial;
}
}
--- /dev/null
+package club.wpia.gigi.dbObjects;
+
+import static org.junit.Assert.*;
+
+import java.util.Arrays;
+import java.util.List;
+
+import org.junit.Test;
+import org.junit.runner.RunWith;
+import org.junit.runners.Parameterized;
+import org.junit.runners.Parameterized.Parameters;
+
+import club.wpia.gigi.GigiApiException;
+
+@RunWith(Parameterized.class)
+public class TestSerialNormalization {
+
+ private final String input;
+
+ private final String normalized;
+
+ @Parameters
+ public static List<String[]> params() {
+ return Arrays.asList(new String[] {
+ "dead00beef", "dead00beef"
+ }, new String[] {
+ "Dead00beef", "dead00beef"
+ }, new String[] {
+ "DEAD00BEEF", "dead00beef"
+ }, new String[] {
+ "00DEAD00BEEF", "dead00beef"
+ }, new String[] {
+ " 00dead00beef", "dead00beef"
+ }, new String[] {
+ "00dead00beef ", "dead00beef"
+ }, new String[] {
+ " 00dead00beef ", "dead00beef"
+ }, new String[] {
+ " 00dead 00beef ", "dead00beef"
+ }, new String[] {
+ " 00d ead 00beef ", "dead00beef"
+ }, new String[] {
+ "de:ad:00:be:ef", "dead00beef"
+ }, new String[] {
+ "00:de:ad:03:be:ef", "dead03beef"
+ }, new String[] {
+ "08:15:47:11", "8154711"
+ }, new String[] {
+ " 00:de:Ad:43:be:ef ", "dead43beef"
+ }, new String[] {
+ "00:de:ad:43:beef", null
+ }, new String[] {
+ "g", null
+ }, new String[] {
+ ".", null
+ });
+ }
+
+ public TestSerialNormalization(String input, String normalized) {
+ this.input = input;
+ this.normalized = normalized;
+ }
+
+ @Test
+ public void testNormalize() throws GigiApiException {
+ if (normalized == null) {
+ try {
+ Certificate.normalizeSerial(input);
+ fail("malformed serial accepted");
+ } catch (GigiApiException e) {
+ return;
+ }
+ }
+ assertEquals(normalized, Certificate.normalizeSerial(input));
+ }
+}
params("cert=%cert&priv=%priv", null),// cert+key
params("serial=%serial&signature=%signature", null),
// Zero serial
- params("serial=0000&priv=%priv", NOT_FOUND),
- params("serial=0lkd&priv=%priv", NOT_FOUND),
+ params("serial=0000&priv=%priv", "Malformed serial"),
+ params("serial=0lkd&priv=%priv", "Malformed serial"),
// tampered cert
params("cert=%tamperedCert&priv=%priv", "not be parsed"),
params("cert=%cert&priv=%tamperedPriv", "Private Key is malformed"),