X-Git-Url: https://code.wpia.club/?a=blobdiff_plain;f=src%2Fclub%2Fwpia%2Fgigi%2Futil%2FCertExporter.java;h=5d465919331ef435e9bec93448eb1c54df1a9519;hb=a62ba7752bf2a56c6325bc34fb1dce04d02323ff;hp=cfe97ef2c847430711289e752837ddc41ca5f720;hpb=bccd4cc0dba0f89aa045b113bac46eb8cc1dab4e;p=gigi.git

diff --git a/src/club/wpia/gigi/util/CertExporter.java b/src/club/wpia/gigi/util/CertExporter.java
index cfe97ef2..5d465919 100644
--- a/src/club/wpia/gigi/util/CertExporter.java
+++ b/src/club/wpia/gigi/util/CertExporter.java
@@ -1,6 +1,7 @@
 package club.wpia.gigi.util;
 
 import java.io.IOException;
+import java.io.OutputStream;
 import java.math.BigInteger;
 import java.security.GeneralSecurityException;
 import java.security.cert.CRLException;
@@ -14,6 +15,7 @@ import java.util.Set;
 
 import javax.servlet.ServletOutputStream;
 
+import club.wpia.gigi.GigiApiException;
 import club.wpia.gigi.dbObjects.CACertificate;
 import club.wpia.gigi.dbObjects.Certificate;
 import sun.security.pkcs.ContentInfo;
@@ -29,7 +31,7 @@ public class CertExporter {
 
     private CertExporter() {}
 
-    public static void writeCertCrt(Certificate c, ServletOutputStream out, boolean doChain, boolean includeAnchor, boolean includeLeaf) throws IOException, GeneralSecurityException {
+    public static void writeCertCrt(Certificate c, ServletOutputStream out, boolean doChain, boolean includeAnchor, boolean includeLeaf) throws IOException, GeneralSecurityException, GigiApiException {
         X509Certificate cert = c.cert();
         if (includeLeaf) {
             out.println(PEM.encode("CERTIFICATE", cert.getEncoded()));
@@ -46,7 +48,7 @@ public class CertExporter {
         }
     }
 
-    public static void writeCertCer(Certificate c, ServletOutputStream out, boolean doChain, boolean includeAnchor) throws IOException, GeneralSecurityException {
+    public static void writeCertCer(Certificate c, ServletOutputStream out, boolean doChain, boolean includeAnchor) throws IOException, GeneralSecurityException, GigiApiException {
         X509Certificate cert = c.cert();
         if (doChain) {
             PKCS7 p7 = toP7Chain(c);
@@ -56,8 +58,13 @@ public class CertExporter {
         }
     }
 
-    private static PKCS7 toP7Chain(Certificate c) throws IOException, GeneralSecurityException {
-        LinkedList<X509Certificate> ll = getChain(c);
+    private static PKCS7 toP7Chain(Certificate c) throws IOException, GeneralSecurityException, GigiApiException {
+
+        return generateP7Bundle(getChain(c));
+
+    }
+
+    private static PKCS7 generateP7Bundle(LinkedList<X509Certificate> ll) {
         PKCS7 p7 = new PKCS7(new AlgorithmId[0], new ContentInfo(ContentInfo.DATA_OID, null), ll.toArray(new X509Certificate[ll.size()]), new SignerInfo[0]) {
 
             @Override
@@ -151,7 +158,7 @@ public class CertExporter {
         return p7;
     }
 
-    private static LinkedList<X509Certificate> getChain(Certificate c) throws IOException, GeneralSecurityException {
+    private static LinkedList<X509Certificate> getChain(Certificate c) throws IOException, GeneralSecurityException, GigiApiException {
         LinkedList<X509Certificate> ll = new LinkedList<>();
         ll.add(c.cert());
         CACertificate ca = c.getParent();
@@ -163,4 +170,17 @@ public class CertExporter {
         return ll;
     }
 
+    public static void writeCertBundle(OutputStream out) throws IOException, GeneralSecurityException, GigiApiException {
+
+        CACertificate[] cs = CACertificate.getAll();
+        LinkedList<X509Certificate> ll = new LinkedList<>();
+        for (CACertificate cb : cs) {
+            if ( !cb.isSelfsigned()) {
+                ll.add(cb.getCertificate());
+            }
+        }
+
+        PKCS7 p7 = generateP7Bundle(ll);
+        p7.encodeSignedData(out);
+    }
 }