Include revocation reason in REST cert data

Fixes: https://fedorahosted.org/pki/ticket/2601
author: Fraser Tweedale <ftweedal@redhat.com> 2017-02-22 11:26:43 +1000
committer: Fraser Tweedale <ftweedal@redhat.com> 2017-03-14 11:22:07 +1000
commit: 6fa6b692882d00c8228aed7f5780b13f1b09c98c (patch)
tree: 7c43c72e1ebb156fc9519c9cefe3fd0328d780ce /base/ca
parent: 18612df432d73ace0523c63ea9f82ee13a4b0b4e (diff)
download: pki-6fa6b692882d00c8228aed7f5780b13f1b09c98c.tar.gz
pki-6fa6b692882d00c8228aed7f5780b13f1b09c98c.tar.xz
pki-6fa6b692882d00c8228aed7f5780b13f1b09c98c.zip
1 files changed, 18 insertions, 0 deletions
diff --git a/base/ca/src/org/dogtagpki/server/ca/rest/CertService.java b/base/ca/src/org/dogtagpki/server/ca/rest/CertService.java
index 2f9f46729..ebbab2572 100644
--- a/base/ca/src/org/dogtagpki/server/ca/rest/CertService.java
+++ b/base/ca/src/org/dogtagpki/server/ca/rest/CertService.java
@@ -64,6 +64,7 @@ import com.netscape.certsrv.dbs.certdb.CertId;
 import com.netscape.certsrv.dbs.certdb.ICertRecord;
 import com.netscape.certsrv.dbs.certdb.ICertRecordList;
 import com.netscape.certsrv.dbs.certdb.ICertificateRepository;
+import com.netscape.certsrv.dbs.certdb.IRevocationInfo;
 import com.netscape.certsrv.logging.AuditFormat;
 import com.netscape.certsrv.logging.ILogger;
 import com.netscape.certsrv.request.IRequest;
@@ -80,8 +81,11 @@ import netscape.security.pkcs.PKCS7;
 import netscape.security.pkcs.SignerInfo;
 import netscape.security.provider.RSAPublicKey;
 import netscape.security.x509.AlgorithmId;
+import netscape.security.x509.CRLExtensions;
+import netscape.security.x509.CRLReasonExtension;
 import netscape.security.x509.RevocationReason;
 import netscape.security.x509.X509CertImpl;
+import netscape.security.x509.X509ExtensionException;
 import netscape.security.x509.X509Key;
 
 /**
@@ -529,6 +533,20 @@ public class CertService extends PKIService implements CertResource {
         certData.setRevokedOn(record.getRevokedOn());
         certData.setRevokedBy(record.getRevokedBy());
 
+        IRevocationInfo revInfo = record.getRevocationInfo();
+        if (revInfo != null) {
+            CRLExtensions revExts = revInfo.getCRLEntryExtensions();
+            if (revExts != null) {
+                try {
+                    CRLReasonExtension ext = (CRLReasonExtension)
+                        revExts.get(CRLReasonExtension.NAME);
+                    certData.setRevocationReason(ext.getReason().getCode());
+                } catch (X509ExtensionException e) {
+                    // nothing to do
+                }
+            }
+        }
+
         certData.setStatus(record.getStatus());
 
         if (authority.noncesEnabled() && generateNonce) {
author	Fraser Tweedale <ftweedal@redhat.com>	2017-02-22 11:26:43 +1000
committer	Fraser Tweedale <ftweedal@redhat.com>	2017-03-14 11:22:07 +1000
commit	6fa6b692882d00c8228aed7f5780b13f1b09c98c (patch)
tree	7c43c72e1ebb156fc9519c9cefe3fd0328d780ce /base/ca
parent	18612df432d73ace0523c63ea9f82ee13a4b0b4e (diff)
download	pki-6fa6b692882d00c8228aed7f5780b13f1b09c98c.tar.gz pki-6fa6b692882d00c8228aed7f5780b13f1b09c98c.tar.xz pki-6fa6b692882d00c8228aed7f5780b13f1b09c98c.zip