From 99e53ccfe6085875142064c7566143b82cfd542d Mon Sep 17 00:00:00 2001
From: Pierre-Olivier Mercier <nemunaire@nemunai.re>
Date: Tue, 21 Jan 2020 13:14:19 +0100
Subject: [PATCH] admin: use hexadecimal certificate ID

---
 admin/api/certificate.go          | 17 ++++++++++-------
 admin/api/handlers.go             | 13 ++++++++++---
 admin/static/js/app.js            |  5 -----
 admin/static/views/pki.html       |  2 +-
 admin/static/views/team-edit.html |  2 +-
 5 files changed, 22 insertions(+), 17 deletions(-)

diff --git a/admin/api/certificate.go b/admin/api/certificate.go
index 7b0340f6..18ef26e4 100644
--- a/admin/api/certificate.go
+++ b/admin/api/certificate.go
@@ -12,6 +12,7 @@ import (
 	"fmt"
 	"io/ioutil"
 	"log"
+	"math"
 	"math/big"
 	"os"
 	"path"
@@ -52,10 +53,10 @@ func init() {
 			if serials, err := pki.GetTeamSerials(TeamsDir, team.Id); err != nil {
 				return nil, err
 			} else {
-				var certs []fic.Certificate
+				var certs []CertExported
 				for _, serial := range serials {
 					if cert, err := fic.GetCertificate(serial); err == nil {
-						certs = append(certs, cert)
+						certs = append(certs, CertExported{fmt.Sprintf("%0[2]*[1]X", cert.Id, int(math.Ceil(math.Log2(float64(cert.Id))/8)*2)), cert.Creation, cert.Password, &team.Id, cert.Revoked})
 					} else {
 						log.Println("Unable to get back certificate, whereas an association exists on disk: ", err)
 					}
@@ -247,13 +248,15 @@ func generateClientCert(_ httprouter.Params, _ []byte) (interface{}, error) {
 	}
 
 	// Save in DB
-	return fic.RegisterCertificate(serial, password)
+	cert, err := fic.RegisterCertificate(serial, password)
+	return CertExported{fmt.Sprintf("%0[2]*[1]X", cert.Id, int(math.Ceil(math.Log2(float64(cert.Id))/8)*2)), cert.Creation, cert.Password, nil, cert.Revoked}, err
 }
 
 type CertExported struct {
 	Id       string     `json:"id"`
 	Creation time.Time  `json:"creation"`
-	IdTeam   *uint64    `json:"id_team"`
+	Password string     `json:"password,omitempty"`
+	IdTeam   *int64    `json:"id_team"`
 	Revoked  *time.Time `json:"revoked"`
 }
 
@@ -265,14 +268,14 @@ func getCertificates(_ httprouter.Params, _ []byte) (interface{}, error) {
 		for _, cert := range certificates {
 			dstLinkPath := path.Join(TeamsDir, pki.GetCertificateAssociation(cert.Id))
 
-			var idTeam *uint64 = nil
+			var idTeam *int64 = nil
 			if lnk, err := os.Readlink(dstLinkPath); err == nil {
-				if tid, err := strconv.ParseUint(lnk, 10, 64); err == nil {
+				if tid, err := strconv.ParseInt(lnk, 10, 64); err == nil {
 					idTeam = &tid
 				}
 			}
 
-			ret = append(ret, CertExported{fmt.Sprintf("%d", cert.Id), cert.Creation, idTeam, cert.Revoked})
+			ret = append(ret, CertExported{fmt.Sprintf("%0[2]*[1]X", cert.Id, int(math.Ceil(math.Log2(float64(cert.Id))/8)*2)), cert.Creation, "", idTeam, cert.Revoked})
 		}
 		return ret, nil
 	}
diff --git a/admin/api/handlers.go b/admin/api/handlers.go
index 5bae2ca8..fcd37344 100644
--- a/admin/api/handlers.go
+++ b/admin/api/handlers.go
@@ -330,9 +330,16 @@ func fileDependancyHandler(f func(fic.EFile, int64, []byte) (interface{}, error)
 
 func certificateHandler(f func(fic.Certificate, []byte) (interface{}, error)) func(httprouter.Params, []byte) (interface{}, error) {
 	return func(ps httprouter.Params, body []byte) (interface{}, error) {
-		if certid, err := strconv.ParseUint(strings.TrimSuffix(string(ps.ByName("certid")), ".p12"), 10, 64); err != nil {
-			return nil, err
-		} else if cert, err := fic.GetCertificate(certid); err != nil {
+		var cid uint64
+		var err error
+		certid := strings.TrimSuffix(ps.ByName("certid"), ".p12")
+		if cid, err = strconv.ParseUint(certid, 10, 64); err != nil {
+			if cid, err = strconv.ParseUint(certid, 16, 64); err != nil {
+				return nil, err
+			}
+		}
+
+		if cert, err := fic.GetCertificate(cid); err != nil {
 			return nil, err
 		} else {
 			return f(cert, body)
diff --git a/admin/static/js/app.js b/admin/static/js/app.js
index d21c338e..9eb08d49 100644
--- a/admin/static/js/app.js
+++ b/admin/static/js/app.js
@@ -601,11 +601,6 @@ angular.module("FICApp")
 
 	$scope.teams = Team.query();
 	$scope.certificates = Certificate.query();
-	$scope.certificates.$promise.then(function(certificates) {
-	    certificates.forEach(function(certificate, cid) {
-		certificate.serial = parseInt(certificate.id).toString(16);
-	    });
-	});
 	$scope.ca = CACertificate.get();
 
 	$scope.revoke = function() {
diff --git a/admin/static/views/pki.html b/admin/static/views/pki.html
index 3a4dc8be..84477eb3 100644
--- a/admin/static/views/pki.html
+++ b/admin/static/views/pki.html
@@ -16,7 +16,7 @@
   </thead>
   <tbody>
     <tr ng-repeat="certificate in certificates | filter: query" ng-click="show(certificate.id)" ng-class="{'bg-danger': certificate.revoked}">
-      <td>{{ certificate.serial | uppercase }}</td>
+      <td>{{ certificate.id }}</td>
       <td>{{ certificate.creation }}</td>
       <td ng-if="certificate.id_team">
 	<span ng-repeat="team in teams" ng-if="team.id == certificate.id_team">
diff --git a/admin/static/views/team-edit.html b/admin/static/views/team-edit.html
index e730ad31..8696a49c 100644
--- a/admin/static/views/team-edit.html
+++ b/admin/static/views/team-edit.html
@@ -84,7 +84,7 @@
 	  <button type="button" class="btn btn-sm btn-primary float-right" ng-click="dissociateCertificate(cert)">Dissocier</button>
 	</dt>
 	<dd>
-	  {{ cert.serial | uppercase }}
+	  {{ cert.id }}
 	  <span class="badge badge-danger" ng-if="cert.revoked">Révoqué</span>
 	</dd>
 	<dt>