From 169827a9a62b0ac7f63a0b2a7e806e1cb8365d67 Mon Sep 17 00:00:00 2001 From: =?utf8?q?Felix=20D=C3=B6rre?= Date: Sun, 11 Sep 2016 10:46:54 +0200 Subject: [PATCH] upd: use serials lowercase-only Change-Id: Ia30c803c25f6b593086df614ce1d711c1be84ebf --- src/org/cacert/gigi/api/CATSResolve.java | 2 +- src/org/cacert/gigi/dbObjects/CertificateOwner.java | 2 +- src/org/cacert/gigi/pages/LoginPage.java | 4 ++-- tests/org/cacert/gigi/pages/account/TestCertificateAdd.java | 4 ++-- 4 files changed, 6 insertions(+), 6 deletions(-) diff --git a/src/org/cacert/gigi/api/CATSResolve.java b/src/org/cacert/gigi/api/CATSResolve.java index 1b25e9d5..0e9f2a01 100644 --- a/src/org/cacert/gigi/api/CATSResolve.java +++ b/src/org/cacert/gigi/api/CATSResolve.java @@ -29,7 +29,7 @@ public class CATSResolve extends APIPoint { return; } - CertificateOwner o = CertificateOwner.getByEnabledSerial(target); + CertificateOwner o = CertificateOwner.getByEnabledSerial(target.toLowerCase()); if ( !(o instanceof User)) { resp.sendError(500, "Error, requires valid serial"); return; diff --git a/src/org/cacert/gigi/dbObjects/CertificateOwner.java b/src/org/cacert/gigi/dbObjects/CertificateOwner.java index cc96ade7..ab854bcc 100644 --- a/src/org/cacert/gigi/dbObjects/CertificateOwner.java +++ b/src/org/cacert/gigi/dbObjects/CertificateOwner.java @@ -127,7 +127,7 @@ public abstract class CertificateOwner implements IdCachable, Serializable { public static CertificateOwner getByEnabledSerial(String serial) { try (GigiPreparedStatement prep = new GigiPreparedStatement("SELECT `memid` FROM `certs` INNER JOIN `logincerts` ON `logincerts`.`id`=`certs`.`id` WHERE serial=? AND `revoked` is NULL")) { - prep.setString(1, serial.toLowerCase()); + prep.setString(1, serial); GigiResultSet res = prep.executeQuery(); if (res.next()) { return getById(res.getInt(1)); diff --git a/src/org/cacert/gigi/pages/LoginPage.java b/src/org/cacert/gigi/pages/LoginPage.java index 5232c094..69b05887 100644 --- a/src/org/cacert/gigi/pages/LoginPage.java +++ b/src/org/cacert/gigi/pages/LoginPage.java @@ -164,11 +164,11 @@ public class LoginPage extends Page { } public static String extractSerialFormCert(X509Certificate x509Certificate) { - return x509Certificate.getSerialNumber().toString(16).toUpperCase(); + return x509Certificate.getSerialNumber().toString(16).toLowerCase(); } public static User fetchUserBySerial(String serial) { - if ( !serial.matches("[A-Fa-f0-9]+")) { + if ( !serial.matches("[a-f0-9]+")) { throw new Error("serial malformed."); } diff --git a/tests/org/cacert/gigi/pages/account/TestCertificateAdd.java b/tests/org/cacert/gigi/pages/account/TestCertificateAdd.java index 4d6529db..cbce25d4 100644 --- a/tests/org/cacert/gigi/pages/account/TestCertificateAdd.java +++ b/tests/org/cacert/gigi/pages/account/TestCertificateAdd.java @@ -378,9 +378,9 @@ public class TestCertificateAdd extends ClientTest { @Test public void testSetLoginEnabled() throws IOException, GeneralSecurityException { X509Certificate parsedLoginNotEnabled = createCertWithValidity("&validFrom=now&validity=1m", false); - assertNull(CertificateOwner.getByEnabledSerial(parsedLoginNotEnabled.getSerialNumber().toString(16))); + assertNull(CertificateOwner.getByEnabledSerial(parsedLoginNotEnabled.getSerialNumber().toString(16).toLowerCase())); X509Certificate parsedLoginEnabled = createCertWithValidity("&validFrom=now&validity=1m", true); - assertEquals(u, CertificateOwner.getByEnabledSerial(parsedLoginEnabled.getSerialNumber().toString(16))); + assertEquals(u, CertificateOwner.getByEnabledSerial(parsedLoginEnabled.getSerialNumber().toString(16).toLowerCase())); } } -- 2.39.2