Extract PEM I/O

diff --git a/src/org/cacert/gigi/pages/account/IssueCertificateForm.java b/src/org/cacert/gigi/pages/account/IssueCertificateForm.java
index 334fd5449bd21d87328b7cb3acc7b222fbe6e657..be8bbb5d34df3dc683efd847a96c697f156bc051 100644 (file)
--- a/src/org/cacert/gigi/pages/account/IssueCertificateForm.java
+++ b/src/org/cacert/gigi/pages/account/IssueCertificateForm.java
@@ -11,7 +11,6 @@ import java.security.interfaces.DSAPublicKey;
 import java.security.interfaces.ECPublicKey;
 import java.security.interfaces.RSAPublicKey;
 import java.sql.SQLException;
-import java.util.Base64;
 import java.util.HashMap;
 import java.util.Map;
 
@@ -30,6 +29,7 @@ import org.cacert.gigi.output.template.IterableDataset;
 import org.cacert.gigi.output.template.Template;
 import org.cacert.gigi.pages.LoginPage;
 import org.cacert.gigi.pages.Page;
+import org.cacert.gigi.util.PEM;
 import org.cacert.gigi.util.RandomToken;
 
 import sun.security.pkcs10.PKCS10;
@@ -171,13 +171,7 @@ public class IssueCertificateForm extends Form {
     }
 
     private PKCS10 parseCSR(String csr) throws IOException, GeneralSecurityException {
-        csr = csr.replaceFirst("-----BEGIN (NEW )?CERTIFICATE REQUEST-----", "");
-        csr = csr.replaceFirst("-----END (NEW )?CERTIFICATE REQUEST-----", "");
-        csr = csr.replace("\r", "");
-        csr = csr.replace("\n", "");
-        byte[] b = Base64.getDecoder().decode(csr);
-        // Also checks signature validity
-        return new PKCS10(b);
+        return new PKCS10(PEM.decode("(NEW )?CERTIFICATE REQUEST", csr));
     }
 
     @Override

diff --git a/src/org/cacert/gigi/pages/account/MailCertificates.java b/src/org/cacert/gigi/pages/account/MailCertificates.java
index d65a3ef073e7c4864214744598a058a3cb68362c..b725dda076bc7c6a893f2c79bc58bda09ae56d31 100644 (file)
--- a/src/org/cacert/gigi/pages/account/MailCertificates.java
+++ b/src/org/cacert/gigi/pages/account/MailCertificates.java
@@ -7,7 +7,6 @@ import java.security.cert.X509Certificate;
 import java.sql.PreparedStatement;
 import java.sql.ResultSet;
 import java.sql.SQLException;
-import java.util.Base64;
 import java.util.HashMap;
 
 import javax.servlet.ServletOutputStream;
@@ -20,6 +19,7 @@ import org.cacert.gigi.database.DatabaseConnection;
 import org.cacert.gigi.output.CertificateTable;
 import org.cacert.gigi.pages.LoginPage;
 import org.cacert.gigi.pages.Page;
+import org.cacert.gigi.util.PEM;
 
 public class MailCertificates extends Page {
 
@@ -68,10 +68,7 @@ public class MailCertificates extends Page {
             }
             ServletOutputStream out = resp.getOutputStream();
             if (crt) {
-                out.println("-----BEGIN CERTIFICATE-----");
-                String block = Base64.getEncoder().encodeToString(cert.getEncoded()).replaceAll("(.{64})(?=.)", "$1\n");
-                out.println(block);
-                out.println("-----END CERTIFICATE-----");
+                out.println(PEM.encode("CERTIFICATE", cert.getEncoded()));
             } else if (cer) {
                 out.write(cert.getEncoded());
             }

diff --git a/src/org/cacert/gigi/util/PEM.java b/src/org/cacert/gigi/util/PEM.java
new file mode 100644 (file)
index 0000000..0616270
--- /dev/null
+++ b/src/org/cacert/gigi/util/PEM.java
@@ -0,0 +1,21 @@
+package org.cacert.gigi.util;
+
+import java.util.Base64;
+
+public class PEM {
+
+    public static String encode(String type, byte[] data) {
+        return "-----BEGIN " + type + "-----\n" + //
+                Base64.getEncoder().encodeToString(data).replaceAll("(.{64})(?=.)", "$1\n") + //
+                "\n-----END " + type + "-----";
+    }
+
+    public static byte[] decode(String type, String data) {
+        data = data.replaceAll("-----BEGIN " + type + "-----", "").replace("\n", "").replace("\r", "");
+        // Remove the first and last lines
+        data = data.replaceAll("-----END " + type + "-----", "");
+        // Base64 decode the data
+        return Base64.getDecoder().decode(data);
+
+    }
+}