X-Git-Url: http://www.project-moonshot.org/gitweb/?a=blobdiff_plain;f=src%2Fmoonshot-id.vala;h=82ce1ac4a131aee5add07954764cbaa965101cdc;hb=6126cbf57cedf1523c30d8ad3cdf15f272185a99;hp=b8e92a6d997bbd58200b39d53fcd54990a97b75b;hpb=1d7bb0f8787ac31c1660d7f755ae88ebb21e25c2;p=moonshot-ui.git

diff --git a/src/moonshot-id.vala b/src/moonshot-id.vala
index b8e92a6..82ce1ac 100644
--- a/src/moonshot-id.vala
+++ b/src/moonshot-id.vala
@@ -43,6 +43,7 @@ public class TrustAnchor : Object
     private static const string CERT_FOOTER = "-----END CERTIFICATE-----";
 
     public enum TrustAnchorType {
+        EMPTY,
         CA_CERT,
         SERVER_CERT
     }
@@ -52,21 +53,25 @@ public class TrustAnchor : Object
     private string _subject_alt = "";
     private string _server_cert = "";
     private string _datetime_added = "";
-    public bool user_verified = false;
 
     private static string fixup (string s) {
         return (s == null ? "" : s.strip());
     }
 
-    public TrustAnchor(string ca_cert, string server_cert, string subject, string subject_alt, bool user_verified) {
+    public TrustAnchor(string ca_cert, string server_cert, string subject, string subject_alt) {
         _ca_cert = fixup(ca_cert);
         _server_cert = fixup(server_cert);
         _subject = fixup(subject);
         _subject_alt = fixup(subject_alt);
-        this.user_verified = user_verified;
 
         // If we're reading from store, this will be overridden (see set_datetime_added)
         _datetime_added = "";
+
+        // Work around a Portal bug that littered some credential files with this cruft.
+        string cruft = 
+"""<!-- Remove the begin and end lines from the PEM output of
+openssl to produce this format.  Alternatively, base64 encode a DER format certificate -->""";
+        _ca_cert = _ca_cert.replace(cruft, "");
     }
 
     public TrustAnchor.empty() {
@@ -105,11 +110,12 @@ public class TrustAnchor : Object
     }
 
     public bool is_empty() {
-        return ca_cert == "" && subject == "" && subject_alt == "" && server_cert == "";
+        return ca_cert == "" && server_cert == "";
     }
 
     public TrustAnchorType get_anchor_type() {
-        return server_cert == "" ? TrustAnchorType.CA_CERT : TrustAnchorType.SERVER_CERT;
+        return (server_cert != "" ? TrustAnchorType.SERVER_CERT 
+                : (ca_cert != "" ? TrustAnchorType.CA_CERT : TrustAnchorType.EMPTY));
     }
 
     internal void set_datetime_added(string datetime) {
@@ -117,9 +123,16 @@ public class TrustAnchor : Object
     }
 
     internal static string format_datetime_now() {
-        DateTime now = new DateTime.now_utc();
-        string dt = now.format("%b %d %T %Y %Z");
-        return dt;
+         // DateTime now = new DateTime.now_utc();
+	 //         string dt = now.format("%b %d %T %Y %Z");
+	 //        return dt;
+	 return "Sorry; formatted date/time strings not available on Centos 6";
+    }
+
+    internal void update_server_fingerprint(string fingerprint) {
+        this._server_cert = fingerprint;
+        string ta_datetime_added = TrustAnchor.format_datetime_now();
+        this.set_datetime_added(ta_datetime_added);
     }
 
     public int Compare(TrustAnchor other)
@@ -141,7 +154,7 @@ public class TrustAnchor : Object
             return 1;
         }
 
-        // Do not compare the user_verified and datetime_added fields; they are not essential.
+        // Do not compare the datetime_added fields; it's not essential.
 
         return 0;
     }
@@ -163,7 +176,7 @@ public class TrustAnchor : Object
         cert.chomp();
 
         uchar[] binary = Base64.decode(cert);
-        IdCard.logger.trace("get_expiration_date: encoded length=%d; decoded length=%d".printf(cert.length, binary.length));
+        IdCard.logger.trace("get_expiration_date: encoded length=%ld; decoded length=%d".printf(cert.length, binary.length));
 
         char buf[64];
         string err = (string) get_cert_valid_before(binary, binary.length, buf, 64);
@@ -332,6 +345,18 @@ public class IdCard : Object
 
     public bool store_password { get; set; default = false; }
 
+    // uuid is currently used only for debugging. Must be unique, even between cards with same nai and display name.
+    public string uuid {
+        public get {return _uuid;}
+    }
+    private string _uuid = generate_uuid();
+
+    internal static string generate_uuid() {
+        uint32 rand1 = Random.next_int();
+        uint32 rand2 = Random.next_int();
+        return "%08X.%08X::%s".printf(rand1, rand2, TrustAnchor.format_datetime_now());
+    }
+
     public bool is_no_identity() 
     {
         return (display_name == NO_IDENTITY);
@@ -382,6 +407,7 @@ public class IdCard : Object
     { 
         IdCard card = new IdCard();
         card.display_name = NO_IDENTITY;
+	card._nai = "";
         return card;
     }