src/club/wpia/gigi/pages/RootCertPage.java

   1 package club.wpia.gigi.pages;
   2
   3 import java.io.IOException;
   4 import java.io.PrintWriter;
   5 import java.security.GeneralSecurityException;
   6 import java.security.KeyStore;
   7 import java.security.KeyStoreException;
   8 import java.security.cert.Certificate;
   9 import java.security.cert.CertificateEncodingException;
  10 import java.util.Collections;
  11 import java.util.Comparator;
  12 import java.util.LinkedList;
  13 import java.util.Map;
  14
  15 import javax.servlet.ServletOutputStream;
  16 import javax.servlet.http.HttpServletRequest;
  17 import javax.servlet.http.HttpServletResponse;
  18
  19 import club.wpia.gigi.GigiApiException;
  20 import club.wpia.gigi.dbObjects.CACertificate;
  21 import club.wpia.gigi.localisation.Language;
  22 import club.wpia.gigi.output.template.Outputable;
  23 import club.wpia.gigi.util.CertExporter;
  24 import club.wpia.gigi.util.HTMLEncoder;
  25 import club.wpia.gigi.util.PEM;
  26 import club.wpia.gigi.util.ServerConstants;
  27
  28 public class RootCertPage extends Page {
  29
  30     private final Certificate root;
  31
  32     private final CACertificate[] cs;
  33
  34     private final OutputableCertificate rootP;
  35
  36     private final String appName = ServerConstants.getAppName().toLowerCase();
  37
  38     private class OutputableCertificate implements Outputable {
  39
  40         private final CACertificate target;
  41
  42         private final OutputableCertificate[] children;
  43
  44         public OutputableCertificate(CACertificate c) {
  45             target = c;
  46             LinkedList<OutputableCertificate> children = new LinkedList<>();
  47             for (CACertificate c0 : cs) {
  48                 if (c0.getParent() == c && c0 != c) {
  49                     children.add(new OutputableCertificate(c0));
  50                 }
  51             }
  52
  53             Collections.sort(children, new Comparator<OutputableCertificate>() {
  54
  55                 @Override
  56                 public int compare(OutputableCertificate o1, OutputableCertificate o2) {
  57                     return o1.target.getKeyname().compareTo(o2.target.getKeyname());
  58                 }
  59             });
  60             this.children = children.toArray(new OutputableCertificate[children.size()]);
  61         }
  62
  63         @Override
  64         public void output(PrintWriter out, Language l, Map<String, Object> vars) {
  65             out.println("<a href='" + HTMLEncoder.encodeHTML(target.getLink()) + "'>");
  66             out.println(HTMLEncoder.encodeHTML(target.getKeyname()));
  67             out.println("</a>");
  68             out.println(HTMLEncoder.encodeHTML(target.getCertificate().getSubjectX500Principal().toString()));
  69             out.println("<ul>");
  70             for (OutputableCertificate c : children) {
  71                 out.print("<li>");
  72                 c.output(out, l, vars);
  73                 out.print("</li>");
  74             }
  75             out.println("</ul>");
  76         }
  77
  78     }
  79
  80     public RootCertPage(KeyStore ks) {
  81         super("Root Certificates");
  82         try {
  83             root = ks.getCertificate("root");
  84         } catch (KeyStoreException e) {
  85             throw new Error(e);
  86         }
  87         cs = CACertificate.getAll();
  88         CACertificate rootC = null;
  89         for (CACertificate c : cs) {
  90             if (c.isSelfsigned()) {
  91                 rootC = c;
  92                 break;
  93             }
  94         }
  95         if (rootC == null) {
  96             throw new Error();
  97         }
  98         rootP = new OutputableCertificate(rootC);
  99     }
 100
 101     @Override
 102     public boolean beforeTemplate(HttpServletRequest req, HttpServletResponse resp) throws IOException {
 103         if (req.getParameter("pem") != null && root != null) {
 104             resp.setContentType("application/x-x509-ca-cert");
 105             resp.setHeader("Content-Disposition", "attachment; filename=\"" + appName + "_roots.crt\"");
 106             ServletOutputStream out = resp.getOutputStream();
 107             try {
 108                 out.println(PEM.encode("CERTIFICATE", root.getEncoded()));
 109             } catch (CertificateEncodingException e) {
 110                 e.printStackTrace();
 111             }
 112             return true;
 113         } else if (req.getParameter("bundle") != null && root != null) {
 114             resp.setContentType("application/x-x509-ca-cert");
 115             resp.setHeader("Content-Disposition", "attachment; filename=\"" + appName + "_intermediate_bundle.p7b\"");
 116             ServletOutputStream out = resp.getOutputStream();
 117             try {
 118                 CertExporter.writeCertBundle(out);
 119             } catch (CertificateEncodingException e) {
 120                 e.printStackTrace();
 121             } catch (GeneralSecurityException e) {
 122                 e.printStackTrace();
 123             } catch (GigiApiException e) {
 124                 e.printStackTrace();
 125             }
 126             return true;
 127         } else if (req.getParameter("cer") != null && root != null) {
 128             resp.setContentType("application/x-x509-ca-cert");
 129             resp.setHeader("Content-Disposition", "attachment; filename=\"" + appName + "_roots.cer\"");
 130             ServletOutputStream out = resp.getOutputStream();
 131             try {
 132                 out.write(root.getEncoded());
 133             } catch (CertificateEncodingException e) {
 134                 e.printStackTrace();
 135             }
 136             return true;
 137         }
 138         return false;
 139     }
 140
 141     @Override
 142     public void doGet(HttpServletRequest req, HttpServletResponse resp) throws IOException {
 143         Map<String, Object> map = Page.getDefaultVars(req);
 144         map.put("root", rootP);
 145         map.put("bundle", appName + "_intermediate_bundle.p7b");
 146         getDefaultTemplate().output(resp.getWriter(), getLanguage(req), map);
 147
 148     }
 149
 150     @Override
 151     public boolean needsLogin() {
 152         return false;
 153     }
 154
 155 }