X-Git-Url: https://code.wpia.club/?p=gigi.git;a=blobdiff_plain;f=src%2Forg%2Fcacert%2Fgigi%2Fpages%2Faccount%2Fcerts%2FCertificateIssueForm.java;fp=src%2Forg%2Fcacert%2Fgigi%2Fpages%2Faccount%2Fcerts%2FCertificateIssueForm.java;h=0000000000000000000000000000000000000000;hp=3e2d8052f52a92b63b99725e45d370613ae5f413;hb=bccd4cc0dba0f89aa045b113bac46eb8cc1dab4e;hpb=c9ed09f0007fc2c813815be927a5a24b23dab83c diff --git a/src/org/cacert/gigi/pages/account/certs/CertificateIssueForm.java b/src/org/cacert/gigi/pages/account/certs/CertificateIssueForm.java deleted file mode 100644 index 3e2d8052..00000000 --- a/src/org/cacert/gigi/pages/account/certs/CertificateIssueForm.java +++ /dev/null @@ -1,209 +0,0 @@ -package org.cacert.gigi.pages.account.certs; - -import java.io.IOException; -import java.io.PrintWriter; -import java.security.GeneralSecurityException; -import java.util.HashMap; -import java.util.Map; - -import javax.servlet.http.HttpServletRequest; - -import org.cacert.gigi.GigiApiException; -import org.cacert.gigi.dbObjects.Certificate; -import org.cacert.gigi.dbObjects.Certificate.CertificateStatus; -import org.cacert.gigi.dbObjects.Certificate.SubjectAlternateName; -import org.cacert.gigi.dbObjects.CertificateProfile; -import org.cacert.gigi.dbObjects.Domain; -import org.cacert.gigi.dbObjects.Organisation; -import org.cacert.gigi.dbObjects.User; -import org.cacert.gigi.localisation.Language; -import org.cacert.gigi.output.CertificateValiditySelector; -import org.cacert.gigi.output.HashAlgorithms; -import org.cacert.gigi.output.template.Form; -import org.cacert.gigi.output.template.IterableDataset; -import org.cacert.gigi.output.template.Outputable; -import org.cacert.gigi.output.template.Template; -import org.cacert.gigi.pages.LoginPage; -import org.cacert.gigi.util.AuthorizationContext; -import org.cacert.gigi.util.HTMLEncoder; -import org.cacert.gigi.util.RandomToken; -import org.cacert.gigi.util.ServerConstants; - -/** - * This class represents a form that is used for issuing certificates. This - * class uses "sun.security" and therefore needs "-XDignore.symbol.file" - */ -public class CertificateIssueForm extends Form { - - private final static Template t = new Template(CertificateIssueForm.class.getResource("CertificateIssueForm.templ")); - - private final static Template tIni = new Template(CertificateAdd.class.getResource("RequestCertificate.templ")); - - private AuthorizationContext c; - - private String spkacChallenge; - - private boolean login; - - public CertificateIssueForm(HttpServletRequest hsr) { - super(hsr); - c = LoginPage.getAuthorizationContext(hsr); - spkacChallenge = RandomToken.generateToken(16); - } - - private Certificate result; - - public Certificate getResult() { - return result; - } - - private CertificateRequest cr; - - CertificateValiditySelector issueDate = new CertificateValiditySelector(); - - @Override - public SubmissionResult submit(HttpServletRequest req) throws GigiApiException { - String csr = req.getParameter("CSR"); - String spkac = req.getParameter("SPKAC"); - try { - if (csr != null) { - cr = new CertificateRequest(c, csr); - // TODO cr.checkKeyStrength(out); - return new FormContinue(); - } else if (spkac != null) { - cr = new CertificateRequest(c, spkac, spkacChallenge); - // TODO cr.checkKeyStrength(out); - return new FormContinue(); - } else if (cr != null) { - login = "1".equals(req.getParameter("login")); - issueDate.update(req); - GigiApiException error = new GigiApiException(); - - try { - cr.update(req.getParameter("CN"), req.getParameter("hash_alg"), req.getParameter("profile"), // - req.getParameter("org"), req.getParameter("OU"), req.getParameter("SANs")); - } catch (GigiApiException e) { - error.mergeInto(e); - } - - Certificate result = null; - try { - result = cr.draft(); - } catch (GigiApiException e) { - error.mergeInto(e); - } - if ( !error.isEmpty() || result == null) { - throw error; - } - if (login) { - result.setLoginEnabled(true); - } - result.issue(issueDate.getFrom(), issueDate.getTo(), c.getActor()).waitFor(60000); - this.result = result; - Certificate c = result; - if (c.getStatus() != CertificateStatus.ISSUED) { - throw new PermamentFormException(new GigiApiException("Timeout while waiting for certificate.")); - } - String ser = c.getSerial(); - if (ser.isEmpty()) { - throw new PermamentFormException(new GigiApiException("Timeout while waiting for certificate.")); - } - return new RedirectResult(Certificates.PATH + "/" + ser); - } else { - throw new GigiApiException("Error no action."); - } - } catch (IOException e) { - e.printStackTrace(); - throw new GigiApiException("Certificate Request format is invalid."); - } catch (IllegalArgumentException e) { - e.printStackTrace(); - throw new GigiApiException("Certificate Request format is invalid."); - } catch (GeneralSecurityException e) { - e.printStackTrace(); - throw new GigiApiException("Certificate Request format is invalid."); - } - } - - @Override - public void output(PrintWriter out, Language l, Map vars) { - if (cr == null) { - HashMap vars2 = new HashMap(vars); - vars2.put("csrf", getCSRFToken()); - vars2.put("csrf_name", getCsrfFieldName()); - vars2.put("spkacChallenge", spkacChallenge); - tIni.output(out, l, vars2); - return; - } else { - super.output(out, l, vars); - } - } - - @Override - protected void outputContent(PrintWriter out, Language l, Map vars) { - HashMap vars2 = new HashMap(vars); - - StringBuffer content = new StringBuffer(); - for (SubjectAlternateName SAN : cr.getSANs()) { - content.append(SAN.getType().toString().toLowerCase()); - content.append(':'); - content.append(SAN.getName()); - content.append('\n'); - } - vars2.put("placeholderName", CertificateRequest.DEFAULT_CN); - if (c.getTarget() instanceof User) { - User target = (User) c.getTarget(); - vars2.put("defaultName", target.getPreferredName().toString()); - vars2.put("defaultEmail", target.getEmail()); - Domain[] domains = target.getDomains(); - if (domains.length > 0) { - vars2.put("defaultDomain", domains[0].getSuffix()); - } - } - vars2.put("CN", cr.getName()); - if (c.getTarget() instanceof Organisation) { - vars2.put("orga", "true"); - vars2.put("department", cr.getOu()); - } - vars2.put("secureHostname", new Outputable() { - - @Override - public void output(PrintWriter out, Language l, Map vars) { - out.print(""); - out.print(HTMLEncoder.encodeHTML("https://" + ServerConstants.getSecureHostNamePortSecure())); - out.print(""); - } - }); - vars2.put("validity", issueDate); - vars2.put("emails", content.toString()); - vars2.put("hashs", new HashAlgorithms(cr.getSelectedDigest())); - vars2.put("profiles", new IterableDataset() { - - CertificateProfile[] cps = CertificateProfile.getAll(); - - int i = 0; - - @Override - public boolean next(Language l, Map vars) { - CertificateProfile cp; - do { - if (i >= cps.length) { - return false; - } - cp = cps[i]; - i++; - } while ( !cp.canBeIssuedBy(c.getTarget(), c.getActor())); - - if (cp.getId() == cr.getProfile().getId()) { - vars.put("selected", " selected"); - } else { - vars.put("selected", ""); - } - vars.put("key", cp.getKeyName()); - vars.put("name", cp.getVisibleName()); - return true; - } - }); - - t.output(out, l, vars2); - } -}