pki: improve serial number generation + fix team association

Replace math/rand by crypto/rand.

Fix big when associating certificate with leading zero: nginx prepend 0 wherehas we don't.

libfic/certificate.go

@@ -2,11 +2,12 @@ package fic
 
 import (
 	"database/sql"
+	"math/big"
 	"time"
 )
 
 type Certificate struct {
-	Id       int64      `json:"id,string"`
+	Id       uint64     `json:"id,string"`
 	Creation time.Time  `json:"creation"`
 	Password string     `json:"password"`
 	IdTeam   *int64     `json:"id_team"`
@@ -49,17 +50,20 @@ func GetTeamCertificates(team Team) (certificates []Certificate, err error) {
 	return
 }
 
-func GetCertificate(serial int64) (c Certificate, err error) {
+func GetCertificate(serial uint64) (c Certificate, err error) {
 	err = DBQueryRow("SELECT id_cert, creation, password, id_team, revoked FROM certificates WHERE id_cert = ?", serial).Scan(&c.Id, &c.Creation, &c.Password, &c.IdTeam, &c.Revoked)
 	return
 }
 
-func ExistingCertSerial(serial int64) (bool) {
-	c, _ := GetCertificate(serial)
+func ExistingCertSerial(serial [8]byte) (bool) {
+	var m big.Int
+	m.SetBytes(serial[:])
+
+	c, _ := GetCertificate(m.Uint64())
 	return c.Id > 0
 }
 
-func RegisterCertificate(serial int64, password string) (Certificate, error) {
+func RegisterCertificate(serial uint64, password string) (Certificate, error) {
 	now := time.Now()
 	if _, err := DBExec("INSERT INTO certificates (id_cert, creation, password) VALUES (?, ?, ?)", serial, now, password); err != nil {
 		return Certificate{}, err

libfic/db.go

@@ -84,7 +84,7 @@ CREATE TABLE IF NOT EXISTS teams(
 	}
 	if _, err := db.Exec(`
 CREATE TABLE IF NOT EXISTS certificates(
-  id_cert BIGINT NOT NULL PRIMARY KEY AUTO_INCREMENT,
+  id_cert BIGINT UNSIGNED NOT NULL PRIMARY KEY AUTO_INCREMENT,
   creation TIMESTAMP NOT NULL,
   password VARCHAR(255) NOT NULL,
   id_team INTEGER NULL,