From: Felix Dörre Date: Thu, 10 Jul 2014 20:19:12 +0000 (+0200) Subject: Better display of encoded certificates. X-Git-Url: https://code.wpia.club/?p=gigi.git;a=commitdiff_plain;h=baa0986163014f20ca273c1502754940f60b7d41 Better display of encoded certificates. --- diff --git a/src/org/cacert/gigi/pages/account/MailCertificates.java b/src/org/cacert/gigi/pages/account/MailCertificates.java index f073d33a..e0dd947a 100644 --- a/src/org/cacert/gigi/pages/account/MailCertificates.java +++ b/src/org/cacert/gigi/pages/account/MailCertificates.java @@ -3,11 +3,14 @@ package org.cacert.gigi.pages.account; import java.io.IOException; import java.io.PrintWriter; import java.security.GeneralSecurityException; +import java.security.cert.X509Certificate; import java.sql.PreparedStatement; import java.sql.ResultSet; import java.sql.SQLException; +import java.util.Base64; import java.util.HashMap; +import javax.servlet.ServletOutputStream; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; @@ -26,21 +29,98 @@ public class MailCertificates extends Page { super("Email Certificates"); } + @Override + public boolean beforeTemplate(HttpServletRequest req, HttpServletResponse resp) throws IOException { + String pi = req.getPathInfo().substring(PATH.length()); + if (pi.length() == 0) { + return false; + } + pi = pi.substring(1); + boolean crt = false; + boolean cer = false; + if (pi.endsWith(".crt")) { + crt = true; + pi = pi.substring(0, pi.length() - 4); + } else if (pi.endsWith(".cer")) { + cer = true; + pi = pi.substring(0, pi.length() - 4); + } + int serial = 0; + try { + serial = Integer.parseInt(pi); + } catch (NumberFormatException nfe) { + resp.sendError(404); + return true; + } + try { + Certificate c = new Certificate(serial); + if (LoginPage.getUser(req).getId() != c.getOwnerId()) { + resp.sendError(404); + return true; + } + X509Certificate cert = c.cert(); + if (!crt && !cer) { + return false; + } + ServletOutputStream out = resp.getOutputStream(); + if (crt) { + out.println("-----BEGIN CERTIFICATE-----"); + String block = Base64.getEncoder().encodeToString(cert.getEncoded()).replaceAll("(.{64})(?=.)", "$1\n"); + out.println(block); + out.println("-----END CERTIFICATE-----"); + } else if (cer) { + out.write(cert.getEncoded()); + } + } catch (IllegalArgumentException e) { + resp.sendError(404); + return true; + } catch (GeneralSecurityException e) { + resp.sendError(404); + return true; + } catch (SQLException e) { + resp.sendError(404); + return true; + } + + return true; + } + @Override public void doGet(HttpServletRequest req, HttpServletResponse resp) throws IOException { PrintWriter out = resp.getWriter(); String pi = req.getPathInfo().substring(PATH.length()); if (pi.length() != 0) { pi = pi.substring(1); - int serial = Integer.parseInt(pi); - Certificate c = new Certificate(serial); - if (LoginPage.getUser(req).getId() != c.getOwnerId()) { - out.println(translate(req, "You do not own this certificate.")); + + int serial = 0; + try { + serial = Integer.parseInt(pi); + } catch (NumberFormatException nfe) { + } + Certificate c = null; + if (serial != 0) { + c = new Certificate(serial); + } + if (c == null || LoginPage.getUser(req).getId() != c.getOwnerId()) { + resp.sendError(404); return; } + out.print(""); + out.print(translate(req, "PEM encoded Certificate")); + out.println("
"); + + out.print(""); + out.print(translate(req, "DER encoded Certificate")); + out.println("
"); + out.println("
");
 			try {
-				out.print(c.cert());
+				X509Certificate cert = c.cert();
+				out.print(cert);
 			} catch (GeneralSecurityException e) {
 				e.printStackTrace();
 			} catch (SQLException e) {