X-Git-Url: https://code.wpia.club/?a=blobdiff_plain;f=src%2Forg%2Fcacert%2Fgigi%2Fpages%2Faccount%2FMailCertificates.java;h=de8c1ca010c1cde5d5fd2b7727896b3823cf6a81;hb=ed26a914878caf7fc51262a759d21f9313943cfa;hp=72952d4bb4d9bc516a6068763e42ccc0d7e6d6b0;hpb=ea6ee43a84f9a1f055d97ff0de8196569154e4d0;p=gigi.git

diff --git a/src/org/cacert/gigi/pages/account/MailCertificates.java b/src/org/cacert/gigi/pages/account/MailCertificates.java
index 72952d4b..de8c1ca0 100644
--- a/src/org/cacert/gigi/pages/account/MailCertificates.java
+++ b/src/org/cacert/gigi/pages/account/MailCertificates.java
@@ -1,14 +1,20 @@
 package org.cacert.gigi.pages.account;
 
 import java.io.IOException;
+import java.io.PrintWriter;
+import java.security.GeneralSecurityException;
+import java.security.cert.X509Certificate;
 import java.sql.PreparedStatement;
 import java.sql.ResultSet;
 import java.sql.SQLException;
+import java.util.Base64;
 import java.util.HashMap;
 
+import javax.servlet.ServletOutputStream;
 import javax.servlet.http.HttpServletRequest;
 import javax.servlet.http.HttpServletResponse;
 
+import org.cacert.gigi.Certificate;
 import org.cacert.gigi.User;
 import org.cacert.gigi.database.DatabaseConnection;
 import org.cacert.gigi.output.CertificateTable;
@@ -24,19 +30,115 @@ public class MailCertificates extends Page {
 	}
 
 	@Override
-	public void doGet(HttpServletRequest req, HttpServletResponse resp)
-			throws IOException {
+	public boolean beforeTemplate(HttpServletRequest req, HttpServletResponse resp) throws IOException {
+
+		String pi = req.getPathInfo().substring(PATH.length());
+		if (pi.length() == 0) {
+			return false;
+		}
+		pi = pi.substring(1);
+		boolean crt = false;
+		boolean cer = false;
+		resp.setContentType("application/pkix-cert");
+		if (pi.endsWith(".crt")) {
+			crt = true;
+			pi = pi.substring(0, pi.length() - 4);
+		} else if (pi.endsWith(".cer")) {
+			if (req.getParameter("install") != null) {
+				resp.setContentType("application/x-x509-user-cert");
+			}
+			cer = true;
+			pi = pi.substring(0, pi.length() - 4);
+		} else if (pi.endsWith(".cer")) {
+			cer = true;
+			pi = pi.substring(0, pi.length() - 4);
+		}
+		String serial = pi;
+		try {
+			Certificate c = Certificate.getBySerial(serial);
+			if (c == null || LoginPage.getUser(req).getId() != c.getOwnerId()) {
+				resp.sendError(404);
+				return true;
+			}
+			X509Certificate cert = c.cert();
+			if (!crt && !cer) {
+				return false;
+			}
+			ServletOutputStream out = resp.getOutputStream();
+			if (crt) {
+				out.println("-----BEGIN CERTIFICATE-----");
+				String block = Base64.getEncoder().encodeToString(cert.getEncoded()).replaceAll("(.{64})(?=.)", "$1\n");
+				out.println(block);
+				out.println("-----END CERTIFICATE-----");
+			} else if (cer) {
+				out.write(cert.getEncoded());
+			}
+		} catch (IllegalArgumentException e) {
+			resp.sendError(404);
+			return true;
+		} catch (GeneralSecurityException e) {
+			resp.sendError(404);
+			return true;
+		} catch (SQLException e) {
+			resp.sendError(404);
+			return true;
+		}
+
+		return true;
+	}
+
+	@Override
+	public void doGet(HttpServletRequest req, HttpServletResponse resp) throws IOException {
+		PrintWriter out = resp.getWriter();
+		String pi = req.getPathInfo().substring(PATH.length());
+		if (pi.length() != 0) {
+			pi = pi.substring(1);
+
+			String serial = pi;
+			Certificate c = Certificate.getBySerial(serial);
+			if (c == null || LoginPage.getUser(req).getId() != c.getOwnerId()) {
+				resp.sendError(404);
+				return;
+			}
+			out.print("<a href='");
+			out.print(serial);
+			out.print(".crt'>");
+			out.print(translate(req, "PEM encoded Certificate"));
+			out.println("</a><br/>");
+
+			out.print("<a href='");
+			out.print(serial);
+			out.print(".cer'>");
+			out.print(translate(req, "DER encoded Certificate"));
+			out.println("</a><br/>");
+			out.print("<a href='");
+			out.print(serial);
+			out.print(".cer?install'>");
+			out.print(translate(req, "Install into browser."));
+			out.println("</a><br/>");
+
+			out.println("<pre>");
+			try {
+				X509Certificate cert = c.cert();
+				out.print(cert);
+			} catch (GeneralSecurityException e) {
+				e.printStackTrace();
+			} catch (SQLException e) {
+				e.printStackTrace();
+			}
+			out.println("</pre>");
+			return;
+		}
+
 		HashMap<String, Object> vars = new HashMap<String, Object>();
 		User us = LoginPage.getUser(req);
 		try {
-			PreparedStatement ps = DatabaseConnection
-					.getInstance()
-					.prepare(
-							"SELECT `id`, `CN`, `serial`, `revoked`, `expire`, `disablelogin` FROM `emailcerts` WHERE `memid`=?");
+			PreparedStatement ps = DatabaseConnection.getInstance().prepare(
+				"SELECT `id`, `CN`, `serial`, `revoked`, `expire`, `disablelogin` FROM `emailcerts` WHERE `memid`=?");
 			ps.setInt(1, us.getId());
 			ResultSet rs = ps.executeQuery();
 			vars.put("mailcerts", rs);
-			myTable.output(resp.getWriter(), getLanguage(req), vars);
+			myTable.output(out, getLanguage(req), vars);
 			rs.close();
 		} catch (SQLException e) {
 			e.printStackTrace();