package club.wpia.gigi.util;
import java.io.IOException;
+import java.io.OutputStream;
import java.math.BigInteger;
import java.security.GeneralSecurityException;
import java.security.cert.CRLException;
import javax.servlet.ServletOutputStream;
+import club.wpia.gigi.GigiApiException;
import club.wpia.gigi.dbObjects.CACertificate;
import club.wpia.gigi.dbObjects.Certificate;
import sun.security.pkcs.ContentInfo;
private CertExporter() {}
- public static void writeCertCrt(Certificate c, ServletOutputStream out, boolean doChain, boolean includeAnchor, boolean includeLeaf) throws IOException, GeneralSecurityException {
+ public static void writeCertCrt(Certificate c, ServletOutputStream out, boolean doChain, boolean includeAnchor, boolean includeLeaf) throws IOException, GeneralSecurityException, GigiApiException {
X509Certificate cert = c.cert();
if (includeLeaf) {
out.println(PEM.encode("CERTIFICATE", cert.getEncoded()));
}
}
- public static void writeCertCer(Certificate c, ServletOutputStream out, boolean doChain, boolean includeAnchor) throws IOException, GeneralSecurityException {
+ public static void writeCertCer(Certificate c, ServletOutputStream out, boolean doChain, boolean includeAnchor) throws IOException, GeneralSecurityException, GigiApiException {
X509Certificate cert = c.cert();
if (doChain) {
PKCS7 p7 = toP7Chain(c);
}
}
- private static PKCS7 toP7Chain(Certificate c) throws IOException, GeneralSecurityException {
- LinkedList<X509Certificate> ll = getChain(c);
+ private static PKCS7 toP7Chain(Certificate c) throws IOException, GeneralSecurityException, GigiApiException {
+
+ return generateP7Bundle(getChain(c));
+
+ }
+
+ private static PKCS7 generateP7Bundle(LinkedList<X509Certificate> ll) {
PKCS7 p7 = new PKCS7(new AlgorithmId[0], new ContentInfo(ContentInfo.DATA_OID, null), ll.toArray(new X509Certificate[ll.size()]), new SignerInfo[0]) {
@Override
return p7;
}
- private static LinkedList<X509Certificate> getChain(Certificate c) throws IOException, GeneralSecurityException {
+ private static LinkedList<X509Certificate> getChain(Certificate c) throws IOException, GeneralSecurityException, GigiApiException {
LinkedList<X509Certificate> ll = new LinkedList<>();
ll.add(c.cert());
CACertificate ca = c.getParent();
return ll;
}
+ public static void writeCertBundle(OutputStream out) throws IOException, GeneralSecurityException, GigiApiException {
+
+ CACertificate[] cs = CACertificate.getAll();
+ LinkedList<X509Certificate> ll = new LinkedList<>();
+ for (CACertificate cb : cs) {
+ if ( !cb.isSelfsigned()) {
+ ll.add(cb.getCertificate());
+ }
+ }
+
+ PKCS7 p7 = generateP7Bundle(ll);
+ p7.encodeSignedData(out);
+ }
}