add: manager call to add an certificate
authorFelix Dörre <felix@dogcraft.de>
Thu, 4 Jun 2015 20:03:35 +0000 (22:03 +0200)
committerFelix Dörre <felix@dogcraft.de>
Thu, 4 Jun 2015 20:03:35 +0000 (22:03 +0200)
util-testing/org/cacert/gigi/pages/Manager.java
util-testing/org/cacert/gigi/pages/Manager.templ

index d8cd700600d6e6d995ba280f53b922e5a4e0a7db..cccb0ac9b25ae3da8c0418b4de8aa59099305b1e 100644 (file)
@@ -3,7 +3,12 @@ package org.cacert.gigi.pages;
 import java.io.IOException;
 import java.io.PrintWriter;
 import java.lang.reflect.Field;
+import java.security.GeneralSecurityException;
+import java.security.KeyPair;
+import java.security.KeyPairGenerator;
+import java.security.Signature;
 import java.sql.Date;
+import java.util.Base64;
 import java.util.Calendar;
 import java.util.GregorianCalendar;
 import java.util.HashMap;
@@ -17,8 +22,10 @@ import javax.servlet.http.HttpServletRequest;
 import javax.servlet.http.HttpServletResponse;
 
 import org.cacert.gigi.GigiApiException;
+import org.cacert.gigi.crypto.SPKAC;
 import org.cacert.gigi.database.DatabaseConnection;
 import org.cacert.gigi.database.GigiPreparedStatement;
+import org.cacert.gigi.dbObjects.Digest;
 import org.cacert.gigi.dbObjects.EmailAddress;
 import org.cacert.gigi.dbObjects.Group;
 import org.cacert.gigi.dbObjects.Name;
@@ -27,8 +34,11 @@ import org.cacert.gigi.email.EmailProvider;
 import org.cacert.gigi.localisation.Language;
 import org.cacert.gigi.output.template.IterableDataset;
 import org.cacert.gigi.output.template.Template;
+import org.cacert.gigi.pages.account.certs.CertificateRequest;
 import org.cacert.gigi.util.Notary;
 
+import sun.security.x509.X509Key;
+
 public class Manager extends Page {
 
     public static final String PATH = "/manager";
@@ -216,6 +226,28 @@ public class Manager extends Page {
             } catch (GigiApiException e) {
                 e.format(resp.getWriter(), Language.getInstance(Locale.ENGLISH));
             }
+        } else if (req.getParameter("addCert") != null) {
+            User u = User.getByEmail(req.getParameter("addCertEmail"));
+            try {
+                KeyPairGenerator kpg = KeyPairGenerator.getInstance("RSA");
+                kpg.initialize(4096);
+                KeyPair kp = kpg.generateKeyPair();
+                SPKAC s = new SPKAC((X509Key) kp.getPublic(), "challange");
+                Signature sign = Signature.getInstance("SHA512withRSA");
+                sign.initSign(kp.getPrivate());
+
+                byte[] res = s.getEncoded(sign);
+
+                CertificateRequest cr = new CertificateRequest(u, Base64.getEncoder().encodeToString(res), "challange");
+                cr.update(CertificateRequest.DEFAULT_CN, Digest.SHA512.toString(), "client", null, "", "email:" + u.getEmail(), resp.getWriter(), req);
+                cr.draft().issue(null, "2y");
+                resp.getWriter().println("added certificate");
+            } catch (GeneralSecurityException e1) {
+                e1.printStackTrace();
+                resp.getWriter().println("error");
+            } catch (GigiApiException e) {
+                e.format(resp.getWriter(), Language.getInstance(Locale.ENGLISH));
+            }
 
         }
     }
index 9d700ee93ee1e06c4c9b334dfbd1cfe861844406..2bfe725e81347d2a0206665caa39733b84ea8efb 100644 (file)
@@ -48,5 +48,11 @@ Email: <input type="text" name="assureEmail"/>
 Add verified Email:
 Email: <input type="text" name="addEmailEmail"/>
 new Email: <input type="text" name="addEmailNew"/>
-<input type="submit" value="Assure 100 Points" name="addEmail"/>
+<input type="submit" value="Add verified Email" name="addEmail"/>
+</form>
+
+<form method='post'>
+Add Client Cert:
+Email: <input type="text" name="addCertEmail"/>
+<input type="submit" value="Add an certificate" name="addCert"/>
 </form>