redirect.go 1.68 KB
Newer Older
Heiko Reese's avatar
 
Heiko Reese committed
1
2
3
package websearch

import (
Heiko Reese's avatar
../..    
Heiko Reese committed
4
	"errors"
Heiko Reese's avatar
Heiko Reese committed
5
	"fmt"
Heiko Reese's avatar
../..    
Heiko Reese committed
6
	"math/big"
Heiko Reese's avatar
 
Heiko Reese committed
7
8
9
)

var (
10
11
	serialG2First      big.Int
	serialG1Final      big.Int
Heiko Reese's avatar
Heiko Reese committed
12
13
14
15
16
	errorCannotConvert = errors.New("Unable to convert serial number to bigint")
	errorUnknownCA     = errors.New("Unable to determine CA generation")
	RedirTemplates     = map[string]string{
		"getcert":     "https://pki.pca.dfn.de/%s/cgi-bin/pub/pki?cmd=send_email_cert&type=email&dataType=CERTIFICATE&key=%s",
		"installcert": "https://pki.pca.dfn.de/%s/cgi-bin/pub/pki?cmd=getcert&type=CERTIFICATE&key=%s",
Heiko Reese's avatar
Heiko Reese committed
17
		"viewcert":    "https://pki.pca.dfn.de/%s/cgi-bin/pub/pki?cmd=viewCert;dataType=CERTIFICATE;key=%s",
Heiko Reese's avatar
Heiko Reese committed
18
	}
Heiko Reese's avatar
 
Heiko Reese committed
19
20
21
)

func init() {
22
23
24
25
	// this is the serial of the first certificate of KIT-CA G2
	serialG2First.SetString("8926168349745120614054526923", 10)
	// this is the serial of the last certificate of KIT-CA G1
	serialG1Final.SetString("9999999999999999999999999999", 10) // TODO: anpassen sobald bekannt
Heiko Reese's avatar
 
Heiko Reese committed
26
27
28

}

Heiko Reese's avatar
Heiko Reese committed
29
func GetIssuer(serial string, ccache *CertCache) (string, error) {
30
	// convert serial to integer
Heiko Reese's avatar
 
Heiko Reese committed
31
32
33
	var sernum big.Int
	_, ok := sernum.SetString(serial, 10)
	if !ok {
Heiko Reese's avatar
Heiko Reese committed
34
		return "", errorCannotConvert
Heiko Reese's avatar
 
Heiko Reese committed
35
36
	}
	// alte CA (kurze nummern, serial kleiner als erstes g2)
37
	if len(serial) == 8 || len(serial) == 14 || sernum.Cmp(&serialG2First) < 1 {
Heiko Reese's avatar
 
Heiko Reese committed
38
39
40
		return kitcag1, nil
	}
	// neue CA (seriennummer größer als letztes g1)
41
	if sernum.Cmp(&serialG1Final) == 1 {
Heiko Reese's avatar
 
Heiko Reese committed
42
43
		return kitcag2, nil
	}
Heiko Reese's avatar
Heiko Reese committed
44
45
46
	// check certificate cache
	fromcache := ccache.Get(serial)
	if fromcache == nil {
47
48
		// don't know? assume G2
		return kitcag2, nil
Heiko Reese's avatar
   
Heiko Reese committed
49
		//return "", errorUnknownCA
Heiko Reese's avatar
Heiko Reese committed
50
51
52
	}
	return *fromcache.CAGeneration, nil
}
Heiko Reese's avatar
 
Heiko Reese committed
53

Heiko Reese's avatar
Heiko Reese committed
54
55
func BuildCertificateLink(template, ca, serial string) string {
	return fmt.Sprintf(template, ca, serial)
Heiko Reese's avatar
 
Heiko Reese committed
56
}