+ @Override
+ public boolean beforeTemplate(HttpServletRequest req, HttpServletResponse resp) throws IOException {
+ String pi = req.getPathInfo().substring(PATH.length());
+ if (pi.length() == 0) {
+ return false;
+ }
+ pi = pi.substring(1);
+ boolean crt = false;
+ boolean cer = false;
+ if (pi.endsWith(".crt")) {
+ crt = true;
+ pi = pi.substring(0, pi.length() - 4);
+ } else if (pi.endsWith(".cer")) {
+ cer = true;
+ pi = pi.substring(0, pi.length() - 4);
+ }
+ int serial = 0;
+ try {
+ serial = Integer.parseInt(pi);
+ } catch (NumberFormatException nfe) {
+ resp.sendError(404);
+ return true;
+ }
+ try {
+ Certificate c = new Certificate(serial);
+ if (LoginPage.getUser(req).getId() != c.getOwnerId()) {
+ resp.sendError(404);
+ return true;
+ }
+ X509Certificate cert = c.cert();
+ if (!crt && !cer) {
+ return false;
+ }
+ ServletOutputStream out = resp.getOutputStream();
+ if (crt) {
+ out.println("-----BEGIN CERTIFICATE-----");
+ String block = Base64.getEncoder().encodeToString(cert.getEncoded()).replaceAll("(.{64})(?=.)", "$1\n");
+ out.println(block);
+ out.println("-----END CERTIFICATE-----");
+ } else if (cer) {
+ out.write(cert.getEncoded());
+ }
+ } catch (IllegalArgumentException e) {
+ resp.sendError(404);
+ return true;
+ } catch (GeneralSecurityException e) {
+ resp.sendError(404);
+ return true;
+ } catch (SQLException e) {
+ resp.sendError(404);
+ return true;
+ }
+
+ return true;
+ }
+