From 214daf6a8eca8376b0ff835b6d28abaaa61a0792 Mon Sep 17 00:00:00 2001 From: =?utf8?q?Felix=20D=C3=B6rre?= Date: Sat, 7 Nov 2015 18:42:48 +0100 Subject: [PATCH] fix: Use correct type in dbObjects.Certificate --- src/org/cacert/gigi/dbObjects/Certificate.java | 10 +++++----- .../gigi/pages/account/certs/CertificateRequest.java | 2 +- tests/org/cacert/gigi/TestCertificate.java | 7 ++++--- tests/org/cacert/gigi/TestCrossDomainAccess.java | 3 ++- tests/org/cacert/gigi/TestSeparateSessionScope.java | 7 ++++--- tests/org/cacert/gigi/api/IssueCert.java | 3 ++- tests/org/cacert/gigi/ping/TestSSL.java | 3 ++- 7 files changed, 20 insertions(+), 15 deletions(-) diff --git a/src/org/cacert/gigi/dbObjects/Certificate.java b/src/org/cacert/gigi/dbObjects/Certificate.java index 7dabe8cc..7512712d 100644 --- a/src/org/cacert/gigi/dbObjects/Certificate.java +++ b/src/org/cacert/gigi/dbObjects/Certificate.java @@ -113,7 +113,7 @@ public class Certificate implements IdCachable { private String serial; - private String md; + private Digest md; private String csrName; @@ -133,7 +133,7 @@ public class Certificate implements IdCachable { private CACertificate ca; - public Certificate(CertificateOwner owner, User actor, HashMap dn, String md, String csr, CSRType csrType, CertificateProfile profile, SubjectAlternateName... sans) throws GigiApiException, IOException { + public Certificate(CertificateOwner owner, User actor, HashMap dn, Digest md, String csr, CSRType csrType, CertificateProfile profile, SubjectAlternateName... sans) throws GigiApiException, IOException { if ( !profile.canBeIssuedBy(owner, actor)) { throw new GigiApiException("You are not allowed to issue these certificates."); } @@ -151,7 +151,7 @@ public class Certificate implements IdCachable { synchronized (Certificate.class) { GigiPreparedStatement inserter = DatabaseConnection.getInstance().prepare("INSERT INTO certs SET md=?::`mdType`, csr_type=?::`csrType`, crt_name='', memid=?, profile=?"); - inserter.setString(1, md.toLowerCase()); + inserter.setString(1, md.toString().toLowerCase()); inserter.setString(2, csrType.toString()); inserter.setInt(3, owner.getId()); inserter.setInt(4, profile.getId()); @@ -191,7 +191,7 @@ public class Certificate implements IdCachable { private Certificate(GigiResultSet rs) { this.id = rs.getInt("id"); dnString = rs.getString("subject"); - md = rs.getString("md"); + md = Digest.valueOf(rs.getString("md").toUpperCase()); csrName = rs.getString("csr_name"); crtName = rs.getString("crt_name"); owner = CertificateOwner.getById(rs.getInt("memid")); @@ -334,7 +334,7 @@ public class Certificate implements IdCachable { return dnString; } - public String getMessageDigest() { + public Digest getMessageDigest() { return md; } diff --git a/src/org/cacert/gigi/pages/account/certs/CertificateRequest.java b/src/org/cacert/gigi/pages/account/certs/CertificateRequest.java index e8a53df0..74652949 100644 --- a/src/org/cacert/gigi/pages/account/certs/CertificateRequest.java +++ b/src/org/cacert/gigi/pages/account/certs/CertificateRequest.java @@ -430,7 +430,7 @@ public class CertificateRequest { throw error; } try { - return new Certificate(ctx.getTarget(), ctx.getActor(), subject, selectedDigest.toString(), // + return new Certificate(ctx.getTarget(), ctx.getActor(), subject, selectedDigest, // this.csr, this.csrType, profile, SANs.toArray(new SubjectAlternateName[SANs.size()])); } catch (IOException e) { e.printStackTrace(); diff --git a/tests/org/cacert/gigi/TestCertificate.java b/tests/org/cacert/gigi/TestCertificate.java index 2f5dd747..63aa908f 100644 --- a/tests/org/cacert/gigi/TestCertificate.java +++ b/tests/org/cacert/gigi/TestCertificate.java @@ -17,6 +17,7 @@ import org.cacert.gigi.dbObjects.Certificate.CertificateStatus; import org.cacert.gigi.dbObjects.Certificate.SANType; import org.cacert.gigi.dbObjects.Certificate.SubjectAlternateName; import org.cacert.gigi.dbObjects.CertificateProfile; +import org.cacert.gigi.dbObjects.Digest; import org.cacert.gigi.dbObjects.User; import org.cacert.gigi.testUtils.ManagedTest; import org.junit.Test; @@ -31,7 +32,7 @@ public class TestCertificate extends ManagedTest { public void testClientCertLoginStates() throws IOException, GeneralSecurityException, SQLException, InterruptedException, GigiApiException { KeyPair kp = generateKeypair(); String key1 = generatePEMCSR(kp, "CN=testmail@example.com"); - Certificate c = new Certificate(u, u, Certificate.buildDN("CN", "testmail@example.com"), "sha256", key1, CSRType.CSR, CertificateProfile.getById(1)); + Certificate c = new Certificate(u, u, Certificate.buildDN("CN", "testmail@example.com"), Digest.SHA256, key1, CSRType.CSR, CertificateProfile.getById(1)); final PrivateKey pk = kp.getPrivate(); c.issue(null, "2y", u).waitFor(60000); final X509Certificate ce = c.cert(); @@ -42,7 +43,7 @@ public class TestCertificate extends ManagedTest { public void testSANs() throws IOException, GeneralSecurityException, SQLException, InterruptedException, GigiApiException { KeyPair kp = generateKeypair(); String key = generatePEMCSR(kp, "CN=testmail@example.com"); - Certificate c = new Certificate(u, u, Certificate.buildDN("CN", "testmail@example.com"), "sha256", key, CSRType.CSR, CertificateProfile.getById(1),// + Certificate c = new Certificate(u, u, Certificate.buildDN("CN", "testmail@example.com"), Digest.SHA256, key, CSRType.CSR, CertificateProfile.getById(1),// new SubjectAlternateName(SANType.EMAIL, "testmail@example.com"), new SubjectAlternateName(SANType.DNS, "testmail.example.com")); testFails(CertificateStatus.DRAFT, c); @@ -94,7 +95,7 @@ public class TestCertificate extends ManagedTest { public void testCertLifeCycle() throws IOException, GeneralSecurityException, SQLException, InterruptedException, GigiApiException { KeyPair kp = generateKeypair(); String key = generatePEMCSR(kp, "CN=testmail@example.com"); - Certificate c = new Certificate(u, u, Certificate.buildDN("CN", "testmail@example.com"), "sha256", key, CSRType.CSR, CertificateProfile.getById(1)); + Certificate c = new Certificate(u, u, Certificate.buildDN("CN", "testmail@example.com"), Digest.SHA256, key, CSRType.CSR, CertificateProfile.getById(1)); final PrivateKey pk = kp.getPrivate(); testFails(CertificateStatus.DRAFT, c); diff --git a/tests/org/cacert/gigi/TestCrossDomainAccess.java b/tests/org/cacert/gigi/TestCrossDomainAccess.java index 7bc9c317..95f2380f 100644 --- a/tests/org/cacert/gigi/TestCrossDomainAccess.java +++ b/tests/org/cacert/gigi/TestCrossDomainAccess.java @@ -15,6 +15,7 @@ import java.sql.SQLException; import org.cacert.gigi.dbObjects.Certificate; import org.cacert.gigi.dbObjects.Certificate.CSRType; import org.cacert.gigi.dbObjects.CertificateProfile; +import org.cacert.gigi.dbObjects.Digest; import org.cacert.gigi.dbObjects.User; import org.cacert.gigi.testUtils.IOUtils; import org.cacert.gigi.testUtils.ManagedTest; @@ -48,7 +49,7 @@ public class TestCrossDomainAccess extends ManagedTest { User u = User.getById(createVerifiedUser("fn", "ln", "testmail@example.com", TEST_PASSWORD)); KeyPair kp = generateKeypair(); String key = generatePEMCSR(kp, "CN=testmail@example.com"); - Certificate c = new Certificate(u, u, Certificate.buildDN("CN", "testmail@example.com"), "sha256", key, CSRType.CSR, CertificateProfile.getById(1)); + Certificate c = new Certificate(u, u, Certificate.buildDN("CN", "testmail@example.com"), Digest.SHA256, key, CSRType.CSR, CertificateProfile.getById(1)); final PrivateKey pk = kp.getPrivate(); c.issue(null, "2y", u).waitFor(60000); diff --git a/tests/org/cacert/gigi/TestSeparateSessionScope.java b/tests/org/cacert/gigi/TestSeparateSessionScope.java index f80c216c..9d2ff10c 100644 --- a/tests/org/cacert/gigi/TestSeparateSessionScope.java +++ b/tests/org/cacert/gigi/TestSeparateSessionScope.java @@ -16,6 +16,7 @@ import java.sql.SQLException; import org.cacert.gigi.dbObjects.Certificate; import org.cacert.gigi.dbObjects.Certificate.CSRType; import org.cacert.gigi.dbObjects.CertificateProfile; +import org.cacert.gigi.dbObjects.Digest; import org.cacert.gigi.dbObjects.Job; import org.cacert.gigi.dbObjects.User; import org.cacert.gigi.testUtils.ManagedTest; @@ -31,7 +32,7 @@ public class TestSeparateSessionScope extends ManagedTest { KeyPair kp = generateKeypair(); String csr = generatePEMCSR(kp, "CN=hans"); User u = User.getById(user); - Certificate c = new Certificate(u, u, Certificate.buildDN("CN", "hans"), "sha256", csr, CSRType.CSR, CertificateProfile.getById(1)); + Certificate c = new Certificate(u, u, Certificate.buildDN("CN", "hans"), Digest.SHA256, csr, CSRType.CSR, CertificateProfile.getById(1)); final PrivateKey pk = kp.getPrivate(); c.issue(null, "2y", u).waitFor(60000); final X509Certificate ce = c.cert(); @@ -51,8 +52,8 @@ public class TestSeparateSessionScope extends ManagedTest { KeyPair kp = generateKeypair(); String csr = generatePEMCSR(kp, "CN=hans"); User u = User.getById(user); - Certificate c = new Certificate(u, u, Certificate.buildDN("CN", "hans"), "sha256", csr, CSRType.CSR, CertificateProfile.getById(1)); - Certificate c2 = new Certificate(u, u, Certificate.buildDN("CN", "hans"), "sha256", csr, CSRType.CSR, CertificateProfile.getById(1)); + Certificate c = new Certificate(u, u, Certificate.buildDN("CN", "hans"), Digest.SHA256, csr, CSRType.CSR, CertificateProfile.getById(1)); + Certificate c2 = new Certificate(u, u, Certificate.buildDN("CN", "hans"), Digest.SHA256, csr, CSRType.CSR, CertificateProfile.getById(1)); final PrivateKey pk = kp.getPrivate(); Job j1 = c.issue(null, "2y", u); c2.issue(null, "2y", u).waitFor(60000); diff --git a/tests/org/cacert/gigi/api/IssueCert.java b/tests/org/cacert/gigi/api/IssueCert.java index b4943591..0a66a417 100644 --- a/tests/org/cacert/gigi/api/IssueCert.java +++ b/tests/org/cacert/gigi/api/IssueCert.java @@ -16,6 +16,7 @@ import java.security.cert.X509Certificate; import org.cacert.gigi.dbObjects.Certificate; import org.cacert.gigi.dbObjects.Certificate.CSRType; import org.cacert.gigi.dbObjects.CertificateProfile; +import org.cacert.gigi.dbObjects.Digest; import org.cacert.gigi.testUtils.ClientTest; import org.cacert.gigi.testUtils.IOUtils; import org.junit.Test; @@ -28,7 +29,7 @@ public class IssueCert extends ClientTest { public void testIssueCert() throws Exception { KeyPair kp = generateKeypair(); String key1 = generatePEMCSR(kp, "EMAIL=testmail@example.com"); - Certificate c = new Certificate(u, u, Certificate.buildDN("EMAIL", "testmail@example.com"), "sha256", key1, CSRType.CSR, CertificateProfile.getById(1)); + Certificate c = new Certificate(u, u, Certificate.buildDN("EMAIL", "testmail@example.com"), Digest.SHA256, key1, CSRType.CSR, CertificateProfile.getById(1)); final PrivateKey pk = kp.getPrivate(); c.issue(null, "2y", u).waitFor(60000); final X509Certificate ce = c.cert(); diff --git a/tests/org/cacert/gigi/ping/TestSSL.java b/tests/org/cacert/gigi/ping/TestSSL.java index 01386c53..f1aa3732 100644 --- a/tests/org/cacert/gigi/ping/TestSSL.java +++ b/tests/org/cacert/gigi/ping/TestSSL.java @@ -32,6 +32,7 @@ import org.cacert.gigi.GigiApiException; import org.cacert.gigi.dbObjects.Certificate; import org.cacert.gigi.dbObjects.Certificate.CSRType; import org.cacert.gigi.dbObjects.CertificateProfile; +import org.cacert.gigi.dbObjects.Digest; import org.cacert.gigi.dbObjects.User; import org.cacert.gigi.pages.account.domain.DomainOverview; import org.cacert.gigi.testUtils.IOUtils; @@ -186,7 +187,7 @@ public class TestSSL extends PingTest { kp = generateKeypair(); String csr = generatePEMCSR(kp, "CN=" + test); User u = User.getById(id); - c = new Certificate(u, u, Certificate.buildDN("CN", test), "sha256", csr, CSRType.CSR, profile); + c = new Certificate(u, u, Certificate.buildDN("CN", test), Digest.SHA256, csr, CSRType.CSR, profile); c.issue(null, "2y", u).waitFor(60000); } -- 2.39.2