From: INOPIAE
Date: Sat, 23 Feb 2019 04:04:57 +0000 (+0100)
Subject: fix: remove SPKAC from certificate request routine
X-Git-Url: https://code.wpia.club/?p=gigi.git;a=commitdiff_plain;h=42466c8f42d997ae9abd583ad9eaeef512b62f1f
fix: remove SPKAC from certificate request routine
fixes issue #137
Change-Id: I67f71265c8b675c8a746539db66f534660d8cd55
---
diff --git a/src/club/wpia/gigi/pages/account/certs/CertificateIssueForm.java b/src/club/wpia/gigi/pages/account/certs/CertificateIssueForm.java
index 81925716..31be06f4 100644
--- a/src/club/wpia/gigi/pages/account/certs/CertificateIssueForm.java
+++ b/src/club/wpia/gigi/pages/account/certs/CertificateIssueForm.java
@@ -26,7 +26,6 @@ import club.wpia.gigi.output.template.Template;
import club.wpia.gigi.pages.LoginPage;
import club.wpia.gigi.util.AuthorizationContext;
import club.wpia.gigi.util.HTMLEncoder;
-import club.wpia.gigi.util.RandomToken;
import club.wpia.gigi.util.ServerConstants;
import club.wpia.gigi.util.ServerConstants.Host;
@@ -42,14 +41,11 @@ public class CertificateIssueForm extends Form {
private AuthorizationContext c;
- private String spkacChallenge;
-
private boolean login;
public CertificateIssueForm(HttpServletRequest hsr) {
super(hsr);
c = LoginPage.getAuthorizationContext(hsr);
- spkacChallenge = RandomToken.generateToken(16);
}
private Certificate result;
@@ -65,16 +61,11 @@ public class CertificateIssueForm extends Form {
@Override
public SubmissionResult submit(HttpServletRequest req) throws GigiApiException {
String csr = req.getParameter("CSR");
- String spkac = req.getParameter("SPKAC");
try {
if (csr != null) {
cr = new CertificateRequest(c, csr);
// TODO cr.checkKeyStrength(out);
return new FormContinue();
- } else if (spkac != null) {
- cr = new CertificateRequest(c, spkac, spkacChallenge);
- // TODO cr.checkKeyStrength(out);
- return new FormContinue();
} else if (cr != null) {
login = "1".equals(req.getParameter("login"));
issueDate.update(req);
@@ -138,7 +129,6 @@ public class CertificateIssueForm extends Form {
HashMap vars2 = new HashMap(vars);
vars2.put("csrf", getCSRFToken());
vars2.put("csrf_name", getCsrfFieldName());
- vars2.put("spkacChallenge", spkacChallenge);
tIni.output(out, l, vars2);
return;
} else {
diff --git a/src/club/wpia/gigi/pages/account/certs/RequestCertificate.templ b/src/club/wpia/gigi/pages/account/certs/RequestCertificate.templ
index 89abb8df..274ad8eb 100644
--- a/src/club/wpia/gigi/pages/account/certs/RequestCertificate.templ
+++ b/src/club/wpia/gigi/pages/account/certs/RequestCertificate.templ
@@ -1,6 +1,6 @@
=_${appName} offers two ways to create a certificate.?>
-=_One is to paste a certificate signing request (CSR) created from an existing or newly created private key.?> =_If you do not know what a CSR is or how to create one take a look at the !(/kb/CSR)FAQ!''.?>
-=_As an alternative you can generate the private key inside your browser and export it once the certificate has been issued.?>
+=_One is to paste a certificate signing request (CSR) created from an existing or newly created private key.?> =_If you do not know what a CSR is or how to create one take a look at the !(/kb/CSR)FAQ!''.?>
+
=_For inexperienced users the usage of !(/kb/XCA)XCA!'' is recommended and described in !(/kb/XCADocu)XCA usage documentation!''?>