From ab3d3c8075a0b5244765a931ff11e6658130ade1 Mon Sep 17 00:00:00 2001
From: Endi Sukma Dewata <edewata@redhat.com>
Date: Tue, 8 Jan 2013 20:05:53 +0700
Subject: Added nonce validation for certificate revocation.

The certificate REST service has been modified to validate
nonce when revoking a certificate.

Ticket #213
---
 base/common/src/com/netscape/certsrv/cert/CertData.java | 17 +++++++++++++++++
 1 file changed, 17 insertions(+)

(limited to 'base/common/src/com/netscape/certsrv/cert/CertData.java')

diff --git a/base/common/src/com/netscape/certsrv/cert/CertData.java b/base/common/src/com/netscape/certsrv/cert/CertData.java
index 58f7fcd2c..1c75d8f7c 100644
--- a/base/common/src/com/netscape/certsrv/cert/CertData.java
+++ b/base/common/src/com/netscape/certsrv/cert/CertData.java
@@ -63,6 +63,7 @@ public class CertData {
     String notBefore;
     String notAfter;
     String status;
+    Long nonce;
 
     Link link;
 
@@ -148,6 +149,15 @@ public class CertData {
         this.status = status;
     }
 
+    @XmlElement(name="Nonce")
+    public Long getNonce() {
+        return nonce;
+    }
+
+    public void setNonce(Long nonce) {
+        this.nonce = nonce;
+    }
+
     @XmlElement(name="Link")
     public Link getLink() {
         return link;
@@ -163,6 +173,7 @@ public class CertData {
         int result = 1;
         result = prime * result + ((encoded == null) ? 0 : encoded.hashCode());
         result = prime * result + ((issuerDN == null) ? 0 : issuerDN.hashCode());
+        result = prime * result + ((nonce == null) ? 0 : nonce.hashCode());
         result = prime * result + ((notAfter == null) ? 0 : notAfter.hashCode());
         result = prime * result + ((notBefore == null) ? 0 : notBefore.hashCode());
         result = prime * result + ((pkcs7CertChain == null) ? 0 : pkcs7CertChain.hashCode());
@@ -192,6 +203,11 @@ public class CertData {
                 return false;
         } else if (!issuerDN.equals(other.issuerDN))
             return false;
+        if (nonce == null) {
+            if (other.nonce != null)
+                return false;
+        } else if (!nonce.equals(other.nonce))
+            return false;
         if (notAfter == null) {
             if (other.notAfter != null)
                 return false;
@@ -273,6 +289,7 @@ public class CertData {
         before.setIssuerDN("CN=Test User,UID=testuser,O=EXAMPLE-COM");
         before.setSubjectDN("CN=Test User,UID=testuser,O=EXAMPLE-COM");
         before.setEncoded(sw.toString());
+        before.setNonce(12345l);
 
         String string = before.toString();
         System.out.println(string);
-- 
cgit