1 package org.cacert.gigi.pages.account;
3 import java.io.IOException;
4 import java.io.PrintWriter;
5 import java.security.GeneralSecurityException;
6 import java.security.PublicKey;
7 import java.security.interfaces.DSAPublicKey;
8 import java.security.interfaces.ECPublicKey;
9 import java.security.interfaces.RSAPublicKey;
10 import java.sql.PreparedStatement;
11 import java.sql.ResultSet;
12 import java.sql.SQLException;
13 import java.util.Base64;
14 import java.util.HashMap;
17 import javax.servlet.http.HttpServletRequest;
18 import javax.servlet.http.HttpServletResponse;
20 import org.cacert.gigi.Certificate;
21 import org.cacert.gigi.Digest;
22 import org.cacert.gigi.Language;
23 import org.cacert.gigi.User;
24 import org.cacert.gigi.database.DatabaseConnection;
25 import org.cacert.gigi.output.Form;
26 import org.cacert.gigi.output.template.HashAlgorithms;
27 import org.cacert.gigi.output.template.IterableDataset;
28 import org.cacert.gigi.output.template.Template;
29 import org.cacert.gigi.pages.LoginPage;
31 import sun.security.pkcs10.PKCS10;
34 * This class represents a form that is used for issuing certificates.
36 * This class uses "sun.security" and therefore needs "-XDignore.symbol.file"
39 public class IssueCertificateForm extends Form {
41 Digest selectedDigest = Digest.getDefault();
43 private final static Template t = new Template(IssueCertificateForm.class.getResource("IssueCertificateForm.templ"));
45 public IssueCertificateForm(HttpServletRequest hsr) {
47 u = LoginPage.getUser(hsr);
51 public boolean submit(PrintWriter out, HttpServletRequest req) {
52 String csr = req.getParameter("CSR");
53 String spkac = req.getParameter("spkac");
55 if (csr != null && !"".equals(csr)) {
56 PKCS10 parsed = parseCSR(csr);
57 out.println(parsed.getSubjectName().getCommonName());
58 out.println(parsed.getSubjectName().getCountry());
59 out.println("CSR DN: " + parsed.getSubjectName() + "<br/>");
60 PublicKey pk = parsed.getSubjectPublicKeyInfo();
61 out.println("Type: " + pk.getAlgorithm() + "<br/>");
62 if (pk instanceof RSAPublicKey) {
63 out.println("Exponent: " + ((RSAPublicKey) pk).getPublicExponent() + "<br/>");
64 out.println("Length: " + ((RSAPublicKey) pk).getModulus().bitLength());
65 } else if (pk instanceof DSAPublicKey) {
66 DSAPublicKey dpk = (DSAPublicKey) pk;
67 out.println("Length: " + dpk.getY().bitLength() + "<br/>");
68 out.println(dpk.getParams());
69 } else if (pk instanceof ECPublicKey) {
70 ECPublicKey epk = (ECPublicKey) pk;
71 out.println("Length-x: " + epk.getW().getAffineX().bitLength() + "<br/>");
72 out.println("Length-y: " + epk.getW().getAffineY().bitLength() + "<br/>");
73 out.println(epk.getParams().getCurve());
75 out.println("<br/>digest: sha256<br/>");
78 } catch (IOException e) {
80 } catch (GeneralSecurityException e) {
86 private void issue(HttpServletRequest req, HttpServletResponse resp, String csr) throws IOException {
87 Certificate c = new Certificate(LoginPage.getUser(req).getId(), "/commonName=CAcert WoT User", "sha256", csr);
91 resp.sendRedirect(MailCertificates.PATH + "/" + c.getSerial());
92 } catch (SQLException e) {
94 } catch (InterruptedException e) {
99 private PKCS10 parseCSR(String csr) throws IOException, GeneralSecurityException {
100 csr = csr.replaceFirst("-----BEGIN (NEW )?CERTIFICATE REQUEST-----", "");
101 csr = csr.replaceFirst("-----END (NEW )?CERTIFICATE REQUEST-----", "");
102 csr = csr.replace("\r", "");
103 csr = csr.replace("\n", "");
104 byte[] b = Base64.getDecoder().decode(csr);
105 // Also checks signature validity
106 return new PKCS10(b);
110 protected void outputContent(PrintWriter out, Language l, Map<String, Object> vars) {
111 HashMap<String, Object> vars2 = new HashMap<String, Object>(vars);
112 vars2.put("CCA", "<a href='/policy/CAcertCommunityAgreement.html'>CCA</a>");
115 PreparedStatement ps = DatabaseConnection.getInstance().prepare(
116 "SELECT `id`,`email` from `email` WHERE `memid`=? AND `deleted`=0");
117 ps.setInt(1, u.getId());
118 final ResultSet rs = ps.executeQuery();
119 vars2.put("emails", new IterableDataset() {
122 public boolean next(Language l, Map<String, Object> vars) {
127 vars.put("id", rs.getString(1));
128 vars.put("value", rs.getString(2));
130 } catch (SQLException e) {
136 vars2.put("hashs", new HashAlgorithms(selectedDigest));
137 t.output(out, l, vars2);
138 } catch (SQLException e) {