using Gee;
-extern char* get_cert_valid_before(char* cert, int certlen, char* datebuf, int buflen);
+extern char* get_cert_valid_before(uchar* inbuf, int inlen, char* outbuf, int outlen);
// A TrustAnchor object can be imported or installed via the API, but cannot
private string _subject = "";
private string _subject_alt = "";
private string _server_cert = "";
-
+ private string _datetime_added = "";
public bool user_verified = false;
+ private static string fixup (string s) {
+ return (s == null ? "" : s.strip());
+ }
+
public TrustAnchor(string ca_cert, string server_cert, string subject, string subject_alt, bool user_verified) {
- _ca_cert = ca_cert;
- _server_cert = server_cert;
- _subject = subject;
- _subject_alt = subject_alt;
+ _ca_cert = fixup(ca_cert);
+ _server_cert = fixup(server_cert);
+ _subject = fixup(subject);
+ _subject_alt = fixup(subject_alt);
this.user_verified = user_verified;
+
+ // If we're reading from store, this will be overridden (see set_datetime_added)
+ _datetime_added = "";
}
public TrustAnchor.empty() {
- _ca_cert = "";
- _server_cert = "";
- _subject = "";
- _subject_alt = "";
- this.user_verified = false;
}
}
}
+ public string datetime_added {
+ get {
+ return _datetime_added;
+ }
+ }
+
public bool is_empty() {
return ca_cert == "" && subject == "" && subject_alt == "" && server_cert == "";
}
return server_cert == "" ? TrustAnchorType.CA_CERT : TrustAnchorType.SERVER_CERT;
}
+ internal void set_datetime_added(string datetime) {
+ _datetime_added = fixup(datetime);
+ }
+
+ internal static string format_datetime_now() {
+ DateTime now = new DateTime.now_utc();
+ string dt = now.format("%b %d %T %Y %Z");
+ return dt;
+ }
+
public int Compare(TrustAnchor other)
{
- if (this.ca_cert != other.ca_cert)
- return 1;
- if (this.subject != other.subject)
+ if (this.ca_cert != other.ca_cert) {
+ // IdCard.logger.trace("TrustAnchor.Compare: this.ca_cert='%s'; other.ca_cert='%s'".printf(this.ca_cert, other.ca_cert));
return 1;
- if (this.subject_alt != other.subject_alt)
+ }
+ if (this.subject != other.subject) {
+ // IdCard.logger.trace("TrustAnchor.Compare: this.subject='%s'; other.subject='%s'".printf(this.subject, other.subject));
return 1;
- if (this.server_cert != other.server_cert)
+ }
+ if (this.subject_alt != other.subject_alt) {
+ // IdCard.logger.trace("TrustAnchor.Compare: this.subject_alt='%s'; other.subject_alt='%s'".printf(this.subject_alt, other.subject_alt));
return 1;
- if (this.user_verified != other.user_verified)
+ }
+ if (this.server_cert != other.server_cert) {
+ // IdCard.logger.trace("TrustAnchor.Compare: this.server_cert=%s'; other.server_cert='%s'".printf(this.server_cert, other.server_cert));
return 1;
+ }
+
+ // Do not compare the user_verified and datetime_added fields; they are not essential.
+
return 0;
}
string cert = this.ca_cert;
cert.chomp();
- if (cert.substring(0, CERT_HEADER.length) != CERT_HEADER) {
- cert = CERT_HEADER + "\n" + cert;
- }
- if (cert.substring(0, -CERT_FOOTER.length) != CERT_FOOTER) {
- cert += "\n" + CERT_FOOTER;
- }
- cert += "\n";
- IdCard.logger.trace(@"get_expiration_date: Sending " + cert);
+ uchar[] binary = Base64.decode(cert);
+ IdCard.logger.trace("get_expiration_date: encoded length=%d; decoded length=%d".printf(cert.length, binary.length));
char buf[64];
- string err = (string) get_cert_valid_before(cert, cert.length, buf, 64);
+ string err = (string) get_cert_valid_before(binary, binary.length, buf, 64);
if (err != "") {
IdCard.logger.error(@"get_expiration_date: get_cert_valid_before returned '$err'");
if (&err_out != null) {
public const string NO_IDENTITY = "No Identity";
- private string _nai;
-
+ private string _username = "";
+ private string _issuer = "";
+
public string display_name { get; set; default = ""; }
- public string username { get; set; default = ""; }
+ public string username {
+ public get {
+ return _username;
+ }
+ public set {
+ _username = value;
+ update_nai();
+ }
+ }
+
+ public string issuer {
+ public get {
+ return _issuer;
+ }
+ public set {
+ _issuer = value;
+ update_nai();
+ }
+ }
+
+ private void update_nai() {
+ _nai = username + "@" + issuer;
+ }
+
#if GNOME_KEYRING
private unowned string _password;
public string password {
public string password { get; set; default = null; }
#endif
- public string issuer { get; set; default = ""; }
-
private Rule[] _rules = new Rule[0];
public Rule[] rules {
get {return _rules;}
_trust_anchor = new TrustAnchor.empty();
}
- public unowned string nai { get { _nai = username + "@" + issuer; return _nai;}}
+ public string nai { public get; private set;}
public bool store_password { get; set; default = false; }