src/org/cacert/gigi/pages/account/IssueCertificateForm.java

   1 package org.cacert.gigi.pages.account;
   2
   3 import java.io.IOException;
   4 import java.io.PrintWriter;
   5 import java.security.GeneralSecurityException;
   6 import java.security.PublicKey;
   7 import java.security.interfaces.DSAPublicKey;
   8 import java.security.interfaces.ECPublicKey;
   9 import java.security.interfaces.RSAPublicKey;
  10 import java.sql.PreparedStatement;
  11 import java.sql.ResultSet;
  12 import java.sql.SQLException;
  13 import java.util.Base64;
  14 import java.util.HashMap;
  15 import java.util.Map;
  16
  17 import javax.servlet.http.HttpServletRequest;
  18 import javax.servlet.http.HttpServletResponse;
  19
  20 import org.cacert.gigi.Certificate;
  21 import org.cacert.gigi.Digest;
  22 import org.cacert.gigi.Language;
  23 import org.cacert.gigi.User;
  24 import org.cacert.gigi.database.DatabaseConnection;
  25 import org.cacert.gigi.output.Form;
  26 import org.cacert.gigi.output.template.HashAlgorithms;
  27 import org.cacert.gigi.output.template.IterableDataset;
  28 import org.cacert.gigi.output.template.Template;
  29 import org.cacert.gigi.pages.LoginPage;
  30
  31 import sun.security.pkcs10.PKCS10;
  32
  33 /**
  34  * This class represents a form that is used for issuing certificates.
  35  *
  36  * This class uses "sun.security" and therefore needs "-XDignore.symbol.file"
  37  *
  38  */
  39 public class IssueCertificateForm extends Form {
  40         User u;
  41         Digest selectedDigest = Digest.getDefault();
  42
  43         private final static Template t = new Template(IssueCertificateForm.class.getResource("IssueCertificateForm.templ"));
  44
  45         public IssueCertificateForm(HttpServletRequest hsr) {
  46                 super(hsr);
  47                 u = LoginPage.getUser(hsr);
  48         }
  49
  50         @Override
  51         public boolean submit(PrintWriter out, HttpServletRequest req) {
  52                 String csr = req.getParameter("CSR");
  53                 String spkac = req.getParameter("spkac");
  54                 try {
  55                         if (csr != null && !"".equals(csr)) {
  56                                 PKCS10 parsed = parseCSR(csr);
  57                                 out.println(parsed.getSubjectName().getCommonName());
  58                                 out.println(parsed.getSubjectName().getCountry());
  59                                 out.println("CSR DN: " + parsed.getSubjectName() + "<br/>");
  60                                 PublicKey pk = parsed.getSubjectPublicKeyInfo();
  61                                 out.println("Type: " + pk.getAlgorithm() + "<br/>");
  62                                 if (pk instanceof RSAPublicKey) {
  63                                         out.println("Exponent: " + ((RSAPublicKey) pk).getPublicExponent() + "<br/>");
  64                                         out.println("Length: " + ((RSAPublicKey) pk).getModulus().bitLength());
  65                                 } else if (pk instanceof DSAPublicKey) {
  66                                         DSAPublicKey dpk = (DSAPublicKey) pk;
  67                                         out.println("Length: " + dpk.getY().bitLength() + "<br/>");
  68                                         out.println(dpk.getParams());
  69                                 } else if (pk instanceof ECPublicKey) {
  70                                         ECPublicKey epk = (ECPublicKey) pk;
  71                                         out.println("Length-x: " + epk.getW().getAffineX().bitLength() + "<br/>");
  72                                         out.println("Length-y: " + epk.getW().getAffineY().bitLength() + "<br/>");
  73                                         out.println(epk.getParams().getCurve());
  74                                 }
  75                                 out.println("<br/>digest: sha256<br/>");
  76
  77                         }
  78                 } catch (IOException e) {
  79                         e.printStackTrace();
  80                 } catch (GeneralSecurityException e) {
  81                         e.printStackTrace();
  82                 }
  83                 return false;
  84         }
  85
  86         private void issue(HttpServletRequest req, HttpServletResponse resp, String csr) throws IOException {
  87                 Certificate c = new Certificate(LoginPage.getUser(req).getId(), "/commonName=CAcert WoT User", "sha256", csr);
  88                 c.issue();
  89                 try {
  90                         c.waitFor(60000);
  91                         resp.sendRedirect(MailCertificates.PATH + "/" + c.getSerial());
  92                 } catch (SQLException e) {
  93                         e.printStackTrace();
  94                 } catch (InterruptedException e) {
  95                         e.printStackTrace();
  96                 }
  97         }
  98
  99         private PKCS10 parseCSR(String csr) throws IOException, GeneralSecurityException {
 100                 csr = csr.replaceFirst("-----BEGIN (NEW )?CERTIFICATE REQUEST-----", "");
 101                 csr = csr.replaceFirst("-----END (NEW )?CERTIFICATE REQUEST-----", "");
 102                 csr = csr.replace("\r", "");
 103                 csr = csr.replace("\n", "");
 104                 byte[] b = Base64.getDecoder().decode(csr);
 105                 // Also checks signature validity
 106                 return new PKCS10(b);
 107         }
 108
 109         @Override
 110         protected void outputContent(PrintWriter out, Language l, Map<String, Object> vars) {
 111                 HashMap<String, Object> vars2 = new HashMap<String, Object>(vars);
 112                 vars2.put("CCA", "<a href='/policy/CAcertCommunityAgreement.html'>CCA</a>");
 113
 114                 try {
 115                         PreparedStatement ps = DatabaseConnection.getInstance().prepare(
 116                                 "SELECT `id`,`email` from `email` WHERE `memid`=? AND `deleted`=0");
 117                         ps.setInt(1, u.getId());
 118                         final ResultSet rs = ps.executeQuery();
 119                         vars2.put("emails", new IterableDataset() {
 120
 121                                 @Override
 122                                 public boolean next(Language l, Map<String, Object> vars) {
 123                                         try {
 124                                                 if (!rs.next()) {
 125                                                         return false;
 126                                                 }
 127                                                 vars.put("id", rs.getString(1));
 128                                                 vars.put("value", rs.getString(2));
 129                                                 return true;
 130                                         } catch (SQLException e) {
 131                                                 e.printStackTrace();
 132                                         }
 133                                         return false;
 134                                 }
 135                         });
 136                         vars2.put("hashs", new HashAlgorithms(selectedDigest));
 137                         t.output(out, l, vars2);
 138                 } catch (SQLException e) {
 139                         e.printStackTrace();
 140                 }
 141         }
 142
 143 }