Skip to content

Commit 6b56d6b

Browse files
vitormattosvitormattos
authored
Merge pull request #7614 from LibreSign/backport/7612/stable33
[stable33] refactor: signer TSA component and simplify CRL validation messaging
2 parents f8d6ba4 + e1b8644 commit 6b56d6b

14 files changed

Lines changed: 1415 additions & 279 deletions

lib/Db/CrlMapper.php

Lines changed: 5 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -90,6 +90,7 @@ public function revokeCertificate(
9090
?string $revokedBy = null,
9191
?DateTime $invalidityDate = null,
9292
?int $crlNumber = null,
93+
?DateTime $revokedAt = null,
9394
): Crl {
9495
$certificate = $this->findBySerialNumber($serialNumber);
9596
return $this->revokeCertificateEntity(
@@ -98,7 +99,8 @@ public function revokeCertificate(
9899
$comment,
99100
$revokedBy,
100101
$invalidityDate,
101-
$crlNumber
102+
$crlNumber,
103+
$revokedAt,
102104
);
103105
}
104106

@@ -109,6 +111,7 @@ public function revokeCertificateEntity(
109111
?string $revokedBy = null,
110112
?DateTime $invalidityDate = null,
111113
?int $crlNumber = null,
114+
?DateTime $revokedAt = null,
112115
): Crl {
113116
if (CRLStatus::from($certificate->getStatus()) !== CRLStatus::ISSUED) {
114117
throw new \InvalidArgumentException('Certificate is not in issued status');
@@ -118,7 +121,7 @@ public function revokeCertificateEntity(
118121
$certificate->setReasonCode($reason->value);
119122
$certificate->setComment($comment !== '' ? $comment : null);
120123
$certificate->setRevokedBy($revokedBy);
121-
$certificate->setRevokedAt(new DateTime());
124+
$certificate->setRevokedAt($revokedAt ?? new DateTime());
122125
$certificate->setInvalidityDate($invalidityDate);
123126
$certificate->setCrlNumber($crlNumber);
124127

lib/Listener/RevokeClickToSignCertificateListener.php

Lines changed: 4 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -9,6 +9,7 @@
99

1010
namespace OCA\Libresign\Listener;
1111

12+
use DateTime;
1213
use OCA\Libresign\Enum\CRLReason;
1314
use OCA\Libresign\Events\SignedEvent;
1415
use OCA\Libresign\Service\Crl\CrlService;
@@ -47,7 +48,9 @@ public function handle(Event $event): void {
4748
$serialNumber,
4849
CRLReason::SUPERSEDED,
4950
'Temporary certificate issued for click-to-sign. Automatically revoked after document signing.',
50-
'system'
51+
'system',
52+
null,
53+
new DateTime('+1 second'),
5154
);
5255

5356
if ($success) {

lib/Service/Crl/CrlService.php

Lines changed: 3 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -60,6 +60,7 @@ public function revokeCertificate(
6060
?string $reasonText = null,
6161
?string $revokedBy = null,
6262
?DateTime $invalidityDate = null,
63+
?DateTime $revokedAt = null,
6364
): bool {
6465

6566
try {
@@ -73,7 +74,8 @@ public function revokeCertificate(
7374
$reasonText,
7475
$revokedBy,
7576
$invalidityDate,
76-
$crlNumber
77+
$crlNumber,
78+
$revokedAt,
7779
);
7880

7981
return true;

0 commit comments

Comments
 (0)