X-Git-Url: https://code.wpia.club/?p=gigi.git;a=blobdiff_plain;f=src%2Forg%2Fcacert%2Fgigi%2Fpages%2Faccount%2Fcerts%2FCertificateIssueForm.java;h=0a29fb2d7506e8037750e455426485508048b564;hp=5712190bcd8f84e66329637fd9644e1e78806abe;hb=65e50396a0c9fdc000036f5990ffa1b388df4c5e;hpb=dc10b875c132eb7840a6b9827ec93916076d34f7 diff --git a/src/org/cacert/gigi/pages/account/certs/CertificateIssueForm.java b/src/org/cacert/gigi/pages/account/certs/CertificateIssueForm.java index 5712190b..0a29fb2d 100644 --- a/src/org/cacert/gigi/pages/account/certs/CertificateIssueForm.java +++ b/src/org/cacert/gigi/pages/account/certs/CertificateIssueForm.java @@ -10,6 +10,7 @@ import javax.servlet.http.HttpServletRequest; import org.cacert.gigi.GigiApiException; import org.cacert.gigi.dbObjects.Certificate; +import org.cacert.gigi.dbObjects.Certificate.CertificateStatus; import org.cacert.gigi.dbObjects.Certificate.SubjectAlternateName; import org.cacert.gigi.dbObjects.CertificateProfile; import org.cacert.gigi.dbObjects.Organisation; @@ -20,7 +21,6 @@ import org.cacert.gigi.output.template.Form; import org.cacert.gigi.output.template.IterableDataset; import org.cacert.gigi.output.template.Template; import org.cacert.gigi.pages.LoginPage; -import org.cacert.gigi.pages.Page; import org.cacert.gigi.util.AuthorizationContext; import org.cacert.gigi.util.RandomToken; @@ -57,62 +57,66 @@ public class CertificateIssueForm extends Form { CertificateValiditySelector issueDate = new CertificateValiditySelector(); @Override - public boolean submit(PrintWriter out, HttpServletRequest req) { + public SubmissionResult submit(HttpServletRequest req) throws GigiApiException { String csr = req.getParameter("CSR"); String spkac = req.getParameter("SPKAC"); try { - try { - if (csr != null) { - cr = new CertificateRequest(c, csr); - cr.checkKeyStrength(out); - } else if (spkac != null) { - cr = new CertificateRequest(c, spkac, spkacChallenge); - cr.checkKeyStrength(out); - } else if (cr != null) { - login = "1".equals(req.getParameter("login")); - issueDate.update(req); - GigiApiException error = new GigiApiException(); - - try { - cr.update(req.getParameter("CN"), req.getParameter("hash_alg"), req.getParameter("profile"), // - req.getParameter("org"), req.getParameter("OU"), req.getParameter("SANs"), out, req); - } catch (GigiApiException e) { - error.mergeInto(e); - } - if (req.getParameter("CCA") == null) { - error.mergeInto(new GigiApiException("You need to accept the CCA.")); - } - Certificate result = null; - try { - result = cr.draft(); - } catch (GigiApiException e) { - error.mergeInto(e); - } - if ( !error.isEmpty() || result == null) { - error.format(out, Page.getLanguage(req)); - return false; - } - result.issue(issueDate.getFrom(), issueDate.getTo(), c.getActor()).waitFor(60000); - this.result = result; - return true; - } else { - throw new GigiApiException("Error no action."); + if (csr != null) { + cr = new CertificateRequest(c, csr); + // TODO cr.checkKeyStrength(out); + return new FormContinue(); + } else if (spkac != null) { + cr = new CertificateRequest(c, spkac, spkacChallenge); + // TODO cr.checkKeyStrength(out); + return new FormContinue(); + } else if (cr != null) { + login = "1".equals(req.getParameter("login")); + issueDate.update(req); + GigiApiException error = new GigiApiException(); + + try { + cr.update(req.getParameter("CN"), req.getParameter("hash_alg"), req.getParameter("profile"), // + req.getParameter("org"), req.getParameter("OU"), req.getParameter("SANs")); + } catch (GigiApiException e) { + error.mergeInto(e); } - } catch (IOException e) { - e.printStackTrace(); - } catch (IllegalArgumentException e) { - e.printStackTrace(); - throw new GigiApiException("Certificate Request format is invalid."); - } catch (GeneralSecurityException e) { - e.printStackTrace(); - throw new GigiApiException("Certificate Request format is invalid."); - } catch (InterruptedException e) { - e.printStackTrace(); + + Certificate result = null; + try { + result = cr.draft(); + } catch (GigiApiException e) { + error.mergeInto(e); + } + if ( !error.isEmpty() || result == null) { + throw error; + } + if (login) { + result.setLoginEnabled(true); + } + result.issue(issueDate.getFrom(), issueDate.getTo(), c.getActor()).waitFor(60000); + this.result = result; + Certificate c = result; + if (c.getStatus() != CertificateStatus.ISSUED) { + throw new PermamentFormException(new GigiApiException("Timeout while waiting for certificate.")); + } + String ser = c.getSerial(); + if (ser.isEmpty()) { + throw new PermamentFormException(new GigiApiException("Timeout while waiting for certificate.")); + } + return new RedirectResult(Certificates.PATH + "/" + ser); + } else { + throw new GigiApiException("Error no action."); } - } catch (GigiApiException e) { - e.format(out, Page.getLanguage(req)); + } catch (IOException e) { + e.printStackTrace(); + throw new GigiApiException("Certificate Request format is invalid."); + } catch (IllegalArgumentException e) { + e.printStackTrace(); + throw new GigiApiException("Certificate Request format is invalid."); + } catch (GeneralSecurityException e) { + e.printStackTrace(); + throw new GigiApiException("Certificate Request format is invalid."); } - return false; } @Override @@ -132,7 +136,6 @@ public class CertificateIssueForm extends Form { @Override protected void outputContent(PrintWriter out, Language l, Map vars) { HashMap vars2 = new HashMap(vars); - vars2.put("CCA", "CCA"); StringBuffer content = new StringBuffer(); for (SubjectAlternateName SAN : cr.getSANs()) { @@ -152,16 +155,19 @@ public class CertificateIssueForm extends Form { vars2.put("hashs", new HashAlgorithms(cr.getSelectedDigest())); vars2.put("profiles", new IterableDataset() { - int i = 1; + CertificateProfile[] cps = CertificateProfile.getAll(); + + int i = 0; @Override public boolean next(Language l, Map vars) { CertificateProfile cp; do { - cp = CertificateProfile.getById(i++); - if (cp == null) { + if (i >= cps.length) { return false; } + cp = cps[i]; + i++; } while ( !cp.canBeIssuedBy(c.getTarget(), c.getActor())); if (cp.getId() == cr.getProfile().getId()) {