From ab88602bac4ff5c5540765a85a2013ecadb070df Mon Sep 17 00:00:00 2001
From: =?utf8?q?Felix=20D=C3=B6rre?= <felix@dogcraft.de>
Date: Wed, 9 Jul 2014 15:30:59 +0200
Subject: [PATCH] Implement first issuing for email cert.

---
 src/org/cacert/gigi/Certificate.java          | 38 ++++++++++++++++---
 .../pages/account/MailCertificateAdd.java     | 25 +++++++++++-
 .../pages/account/MailCertificateAdd.templ    |  2 +-
 3 files changed, 57 insertions(+), 8 deletions(-)

diff --git a/src/org/cacert/gigi/Certificate.java b/src/org/cacert/gigi/Certificate.java
index 11747bd5..c5aaf3fd 100644
--- a/src/org/cacert/gigi/Certificate.java
+++ b/src/org/cacert/gigi/Certificate.java
@@ -1,6 +1,8 @@
 package org.cacert.gigi;
 
+import java.io.File;
 import java.io.FileInputStream;
+import java.io.FileOutputStream;
 import java.io.IOException;
 import java.io.InputStream;
 import java.security.GeneralSecurityException;
@@ -9,7 +11,9 @@ import java.security.cert.X509Certificate;
 import java.sql.PreparedStatement;
 import java.sql.ResultSet;
 import java.sql.SQLException;
+
 import org.cacert.gigi.database.DatabaseConnection;
+import org.cacert.gigi.util.KeyStorage;
 
 public class Certificate {
 	int id;
@@ -18,6 +22,12 @@ public class Certificate {
 	String md;
 	String csrName;
 	String crtName;
+	String csr = null;
+	public Certificate(String dn, String md, String csr) {
+		this.dn = dn;
+		this.md = md;
+		this.csr = csr;
+	}
 
 	// created, modified, revoked, expire
 	public enum CertificateStatus {
@@ -49,6 +59,7 @@ public class Certificate {
 			return CertificateStatus.BEEING_ISSUED;
 		}
 		crtName = rs.getString(1);
+		System.out.println(crtName);
 		if (rs.getTime(2) != null && rs.getTime(3) == null) {
 			return CertificateStatus.ISSUED;
 		}
@@ -59,7 +70,7 @@ public class Certificate {
 		return CertificateStatus.REVOKED;
 	}
 
-	public void issue() {
+	public void issue() throws IOException {
 		try {
 			if (getStatus() != CertificateStatus.DRAFT) {
 				throw new IllegalStateException();
@@ -67,12 +78,22 @@ public class Certificate {
 			PreparedStatement inserter = DatabaseConnection
 					.getInstance()
 					.prepare(
-							"INSERT INTO emailcerts SET csr_name =?, md=?, subject=?, coll_found=0, crt_name=''");
-			inserter.setString(1, csrName);
-			inserter.setString(2, md);
-			inserter.setString(3, dn);
+							"INSERT INTO emailcerts SET md=?, subject=?, coll_found=0, crt_name=''");
+			inserter.setString(1, md);
+			inserter.setString(2, dn);
 			inserter.execute();
 			id = DatabaseConnection.lastInsertId(inserter);
+			File csrFile = KeyStorage.locateCsr(id);
+			csrName = csrFile.getPath();
+			FileOutputStream fos = new FileOutputStream(csrFile);
+			fos.write(csr.getBytes());
+			fos.close();
+
+			PreparedStatement updater = DatabaseConnection.getInstance()
+					.prepare("UPDATE emailcerts SET csr_name=? WHERE id=?");
+			updater.setString(1, csrName);
+			updater.setInt(2, id);
+			updater.execute();
 		} catch (SQLException e) {
 			e.printStackTrace();
 		}
@@ -105,7 +126,12 @@ public class Certificate {
 
 	}
 
-	public X509Certificate cert() throws IOException, GeneralSecurityException {
+	public X509Certificate cert() throws IOException, GeneralSecurityException,
+			SQLException {
+		CertificateStatus status = getStatus();
+		if (status != CertificateStatus.ISSUED) {
+			throw new IllegalStateException(status + " is not wanted here.");
+		}
 		InputStream is = null;
 		X509Certificate crt = null;
 		try {
diff --git a/src/org/cacert/gigi/pages/account/MailCertificateAdd.java b/src/org/cacert/gigi/pages/account/MailCertificateAdd.java
index 35899c5d..97038898 100644
--- a/src/org/cacert/gigi/pages/account/MailCertificateAdd.java
+++ b/src/org/cacert/gigi/pages/account/MailCertificateAdd.java
@@ -2,11 +2,14 @@ package org.cacert.gigi.pages.account;
 
 import java.io.IOException;
 import java.io.PrintWriter;
+import java.security.GeneralSecurityException;
+import java.sql.SQLException;
 import java.util.HashMap;
 
 import javax.servlet.http.HttpServletRequest;
 import javax.servlet.http.HttpServletResponse;
 
+import org.cacert.gigi.Certificate;
 import org.cacert.gigi.output.ClientCSRGenerate;
 import org.cacert.gigi.pages.Page;
 
@@ -21,6 +24,8 @@ public class MailCertificateAdd extends Page {
 	public void doGet(HttpServletRequest req, HttpServletResponse resp)
 			throws IOException {
 		HashMap<String, Object> vars = new HashMap<String, Object>();
+		vars.put("CCA",
+				"<a href='/policy/CAcertCommunityAgreement.html'>CCA</a>");
 		getDefaultTemplate().output(resp.getWriter(), getLanguage(req), vars);
 	}
 	@Override
@@ -32,7 +37,25 @@ public class MailCertificateAdd extends Page {
 			out.println("csr missing");
 			ClientCSRGenerate.output(req, resp);
 		}
-		out.println("could now start processing the cert request");
+		String csr = req.getParameter("optionalCSR");
+		if (!"on".equals(req.getParameter("CCA"))) {
+			// Error.
+			return;
+		}
+		Certificate c = new Certificate("/commonName=felix@dogcraft.de",
+				"sha256", csr);
+		c.issue();
+		try {
+			c.waitFor(60000);
+			out.println(c.getStatus());
+			out.println(c.cert());
+		} catch (SQLException e1) {
+			e1.printStackTrace();
+		} catch (GeneralSecurityException e) {
+			e.printStackTrace();
+		} catch (InterruptedException e) {
+			e.printStackTrace();
+		}
 	}
 
 }
diff --git a/src/org/cacert/gigi/pages/account/MailCertificateAdd.templ b/src/org/cacert/gigi/pages/account/MailCertificateAdd.templ
index 7d55930c..3d479caf 100644
--- a/src/org/cacert/gigi/pages/account/MailCertificateAdd.templ
+++ b/src/org/cacert/gigi/pages/account/MailCertificateAdd.templ
@@ -110,7 +110,7 @@
       <input type="checkbox" id="CCA" name="CCA" />
     </td>
     <td class="DataTD" align="left">
-      <!--<label for="CCA"><strong>=s,I accept the CAcert Community Agreement (%s)."),"<a href='/policy/CAcertCommunityAgreement.html'>CCA</a> </strong><br />-->
+      <label for="CCA"><strong><?=s,$CCA,I accept the CAcert Community Agreement (%s).?> </strong><br />
       <?=_Please note: You need to accept the CCA to proceed.?></label>
     </td>
   </tr>
-- 
2.39.2