Implement first issuing for email cert.
authorFelix Dörre <felix@dogcraft.de>
Wed, 9 Jul 2014 13:30:59 +0000 (15:30 +0200)
committerFelix Dörre <felix@dogcraft.de>
Thu, 10 Jul 2014 22:35:12 +0000 (00:35 +0200)
src/org/cacert/gigi/Certificate.java
src/org/cacert/gigi/pages/account/MailCertificateAdd.java
src/org/cacert/gigi/pages/account/MailCertificateAdd.templ

index 11747bd5707880914149ccd449c57cae8f0fdbf8..c5aaf3fdd3f650f1f89f37aaaf9973bce36f09e1 100644 (file)
@@ -1,6 +1,8 @@
 package org.cacert.gigi;
 
+import java.io.File;
 import java.io.FileInputStream;
+import java.io.FileOutputStream;
 import java.io.IOException;
 import java.io.InputStream;
 import java.security.GeneralSecurityException;
@@ -9,7 +11,9 @@ import java.security.cert.X509Certificate;
 import java.sql.PreparedStatement;
 import java.sql.ResultSet;
 import java.sql.SQLException;
+
 import org.cacert.gigi.database.DatabaseConnection;
+import org.cacert.gigi.util.KeyStorage;
 
 public class Certificate {
        int id;
@@ -18,6 +22,12 @@ public class Certificate {
        String md;
        String csrName;
        String crtName;
+       String csr = null;
+       public Certificate(String dn, String md, String csr) {
+               this.dn = dn;
+               this.md = md;
+               this.csr = csr;
+       }
 
        // created, modified, revoked, expire
        public enum CertificateStatus {
@@ -49,6 +59,7 @@ public class Certificate {
                        return CertificateStatus.BEEING_ISSUED;
                }
                crtName = rs.getString(1);
+               System.out.println(crtName);
                if (rs.getTime(2) != null && rs.getTime(3) == null) {
                        return CertificateStatus.ISSUED;
                }
@@ -59,7 +70,7 @@ public class Certificate {
                return CertificateStatus.REVOKED;
        }
 
-       public void issue() {
+       public void issue() throws IOException {
                try {
                        if (getStatus() != CertificateStatus.DRAFT) {
                                throw new IllegalStateException();
@@ -67,12 +78,22 @@ public class Certificate {
                        PreparedStatement inserter = DatabaseConnection
                                        .getInstance()
                                        .prepare(
-                                                       "INSERT INTO emailcerts SET csr_name =?, md=?, subject=?, coll_found=0, crt_name=''");
-                       inserter.setString(1, csrName);
-                       inserter.setString(2, md);
-                       inserter.setString(3, dn);
+                                                       "INSERT INTO emailcerts SET md=?, subject=?, coll_found=0, crt_name=''");
+                       inserter.setString(1, md);
+                       inserter.setString(2, dn);
                        inserter.execute();
                        id = DatabaseConnection.lastInsertId(inserter);
+                       File csrFile = KeyStorage.locateCsr(id);
+                       csrName = csrFile.getPath();
+                       FileOutputStream fos = new FileOutputStream(csrFile);
+                       fos.write(csr.getBytes());
+                       fos.close();
+
+                       PreparedStatement updater = DatabaseConnection.getInstance()
+                                       .prepare("UPDATE emailcerts SET csr_name=? WHERE id=?");
+                       updater.setString(1, csrName);
+                       updater.setInt(2, id);
+                       updater.execute();
                } catch (SQLException e) {
                        e.printStackTrace();
                }
@@ -105,7 +126,12 @@ public class Certificate {
 
        }
 
-       public X509Certificate cert() throws IOException, GeneralSecurityException {
+       public X509Certificate cert() throws IOException, GeneralSecurityException,
+                       SQLException {
+               CertificateStatus status = getStatus();
+               if (status != CertificateStatus.ISSUED) {
+                       throw new IllegalStateException(status + " is not wanted here.");
+               }
                InputStream is = null;
                X509Certificate crt = null;
                try {
index 35899c5da73e82ebf328f052dd30a41214f9282e..97038898e8e704619dead0ded5b15f57eee6f66b 100644 (file)
@@ -2,11 +2,14 @@ package org.cacert.gigi.pages.account;
 
 import java.io.IOException;
 import java.io.PrintWriter;
+import java.security.GeneralSecurityException;
+import java.sql.SQLException;
 import java.util.HashMap;
 
 import javax.servlet.http.HttpServletRequest;
 import javax.servlet.http.HttpServletResponse;
 
+import org.cacert.gigi.Certificate;
 import org.cacert.gigi.output.ClientCSRGenerate;
 import org.cacert.gigi.pages.Page;
 
@@ -21,6 +24,8 @@ public class MailCertificateAdd extends Page {
        public void doGet(HttpServletRequest req, HttpServletResponse resp)
                        throws IOException {
                HashMap<String, Object> vars = new HashMap<String, Object>();
+               vars.put("CCA",
+                               "<a href='/policy/CAcertCommunityAgreement.html'>CCA</a>");
                getDefaultTemplate().output(resp.getWriter(), getLanguage(req), vars);
        }
        @Override
@@ -32,7 +37,25 @@ public class MailCertificateAdd extends Page {
                        out.println("csr missing");
                        ClientCSRGenerate.output(req, resp);
                }
-               out.println("could now start processing the cert request");
+               String csr = req.getParameter("optionalCSR");
+               if (!"on".equals(req.getParameter("CCA"))) {
+                       // Error.
+                       return;
+               }
+               Certificate c = new Certificate("/commonName=felix@dogcraft.de",
+                               "sha256", csr);
+               c.issue();
+               try {
+                       c.waitFor(60000);
+                       out.println(c.getStatus());
+                       out.println(c.cert());
+               } catch (SQLException e1) {
+                       e1.printStackTrace();
+               } catch (GeneralSecurityException e) {
+                       e.printStackTrace();
+               } catch (InterruptedException e) {
+                       e.printStackTrace();
+               }
        }
 
 }
index 7d55930c36cd9192bd59637a21701a7ac6f49c40..3d479cafac2de48e30ec057c82a92e503790031c 100644 (file)
       <input type="checkbox" id="CCA" name="CCA" />
     </td>
     <td class="DataTD" align="left">
-      <!--<label for="CCA"><strong>=s,I accept the CAcert Community Agreement (%s)."),"<a href='/policy/CAcertCommunityAgreement.html'>CCA</a> </strong><br />-->
+      <label for="CCA"><strong><?=s,$CCA,I accept the CAcert Community Agreement (%s).?> </strong><br />
       <?=_Please note: You need to accept the CCA to proceed.?></label>
     </td>
   </tr>