X-Git-Url: https://code.wpia.club/?p=gigi.git;a=blobdiff_plain;f=src%2Fclub%2Fwpia%2Fgigi%2Fpages%2Faccount%2Fcerts%2FCertificates.java;h=765a0fd0a15305eff404dda6ebdc008db64a827b;hp=07028f6ff217a48bc4b5c0ed081928c1bd5e6756;hb=71d767826ea9dbd16f0d6da92dfa321308ce3f9d;hpb=d71624703243c182beb0f946ebc582e0366a4686 diff --git a/src/club/wpia/gigi/pages/account/certs/Certificates.java b/src/club/wpia/gigi/pages/account/certs/Certificates.java index 07028f6f..765a0fd0 100644 --- a/src/club/wpia/gigi/pages/account/certs/Certificates.java +++ b/src/club/wpia/gigi/pages/account/certs/Certificates.java @@ -2,6 +2,7 @@ package club.wpia.gigi.pages.account.certs; import java.io.IOException; import java.io.PrintWriter; +import java.math.BigInteger; import java.net.URLEncoder; import java.security.GeneralSecurityException; import java.security.cert.X509Certificate; @@ -13,6 +14,7 @@ import javax.servlet.ServletOutputStream; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; +import club.wpia.gigi.GigiApiException; import club.wpia.gigi.dbObjects.Certificate; import club.wpia.gigi.dbObjects.Certificate.CertificateStatus; import club.wpia.gigi.dbObjects.Certificate.SubjectAlternateName; @@ -64,17 +66,17 @@ public class Certificates extends Page implements HandlesMixedRequest { if (req.getParameter("install") != null) { resp.setContentType("application/x-x509-user-cert"); } - if (pi.endsWith(".crt")) { + if (pi.endsWith(".crt") || pi.endsWith(".pem")) { crt = true; pi = pi.substring(0, pi.length() - 4); } else if (pi.endsWith(".cer")) { cer = true; pi = pi.substring(0, pi.length() - 4); } - String serial = pi; + BigInteger serial = new BigInteger(pi, 16); try { Certificate c = Certificate.getBySerial(serial); - if (c == null || LoginPage.getAuthorizationContext(req).getTarget().getId() != c.getOwner().getId()) { + if (c == null || ( !support && LoginPage.getAuthorizationContext(req).getTarget().getId() != c.getOwner().getId())) { resp.sendError(404); return true; } @@ -93,6 +95,9 @@ public class Certificates extends Page implements HandlesMixedRequest { } catch (IllegalArgumentException e) { resp.sendError(404); return true; + } catch (GigiApiException e) { + resp.sendError(404); + return true; } catch (GeneralSecurityException e) { resp.sendError(404); return true; @@ -140,10 +145,10 @@ public class Certificates extends Page implements HandlesMixedRequest { pi = pi.substring(1); String serial = pi; - Certificate c = Certificate.getBySerial(serial); + Certificate c = Certificate.getBySerial(new BigInteger(serial, 16)); Language l = LoginPage.getLanguage(req); - if ( !support && (c == null || LoginPage.getAuthorizationContext(req).getTarget().getId() != c.getOwner().getId())) { + if (c == null || ( !support && LoginPage.getAuthorizationContext(req).getTarget().getId() != c.getOwner().getId())) { resp.sendError(404); return; } @@ -178,8 +183,15 @@ public class Certificates extends Page implements HandlesMixedRequest { vars.put("DN", c.getDistinguishedName()); vars.put("digest", c.getMessageDigest()); vars.put("profile", c.getProfile().getVisibleName()); - vars.put("fingerprint", "TBD"); // TODO function needs to be - // implemented in Certificate.java + try { + vars.put("fingerprintSHA1", c.getFingerprint("sha-1")); + vars.put("fingerprintSHA256", c.getFingerprint("sha-256")); + } catch (GeneralSecurityException e) { + e.printStackTrace(); + } catch (GigiApiException e) { + e.format(out, l, getDefaultVars(req)); + } + try { if (st == CertificateStatus.ISSUED || st == CertificateStatus.REVOKED) { @@ -226,6 +238,8 @@ public class Certificates extends Page implements HandlesMixedRequest { vars.put("login", c.isLoginEnabled()); } catch (GeneralSecurityException e) { e.printStackTrace(); + } catch (GigiApiException e) { + e.format(out, l, getDefaultVars(req)); } certDisplay.output(out, getLanguage(req), vars);