From 1ac0f1ee537003550d27362e3d72f4308a5e35f4 Mon Sep 17 00:00:00 2001 From: =?utf8?q?Felix=20D=C3=B6rre?= Date: Thu, 4 Jun 2015 22:03:35 +0200 Subject: [PATCH] add: manager call to add an certificate --- .../org/cacert/gigi/pages/Manager.java | 32 +++++++++++++++++++ .../org/cacert/gigi/pages/Manager.templ | 8 ++++- 2 files changed, 39 insertions(+), 1 deletion(-) diff --git a/util-testing/org/cacert/gigi/pages/Manager.java b/util-testing/org/cacert/gigi/pages/Manager.java index d8cd7006..cccb0ac9 100644 --- a/util-testing/org/cacert/gigi/pages/Manager.java +++ b/util-testing/org/cacert/gigi/pages/Manager.java @@ -3,7 +3,12 @@ package org.cacert.gigi.pages; import java.io.IOException; import java.io.PrintWriter; import java.lang.reflect.Field; +import java.security.GeneralSecurityException; +import java.security.KeyPair; +import java.security.KeyPairGenerator; +import java.security.Signature; import java.sql.Date; +import java.util.Base64; import java.util.Calendar; import java.util.GregorianCalendar; import java.util.HashMap; @@ -17,8 +22,10 @@ import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; import org.cacert.gigi.GigiApiException; +import org.cacert.gigi.crypto.SPKAC; import org.cacert.gigi.database.DatabaseConnection; import org.cacert.gigi.database.GigiPreparedStatement; +import org.cacert.gigi.dbObjects.Digest; import org.cacert.gigi.dbObjects.EmailAddress; import org.cacert.gigi.dbObjects.Group; import org.cacert.gigi.dbObjects.Name; @@ -27,8 +34,11 @@ import org.cacert.gigi.email.EmailProvider; import org.cacert.gigi.localisation.Language; import org.cacert.gigi.output.template.IterableDataset; import org.cacert.gigi.output.template.Template; +import org.cacert.gigi.pages.account.certs.CertificateRequest; import org.cacert.gigi.util.Notary; +import sun.security.x509.X509Key; + public class Manager extends Page { public static final String PATH = "/manager"; @@ -216,6 +226,28 @@ public class Manager extends Page { } catch (GigiApiException e) { e.format(resp.getWriter(), Language.getInstance(Locale.ENGLISH)); } + } else if (req.getParameter("addCert") != null) { + User u = User.getByEmail(req.getParameter("addCertEmail")); + try { + KeyPairGenerator kpg = KeyPairGenerator.getInstance("RSA"); + kpg.initialize(4096); + KeyPair kp = kpg.generateKeyPair(); + SPKAC s = new SPKAC((X509Key) kp.getPublic(), "challange"); + Signature sign = Signature.getInstance("SHA512withRSA"); + sign.initSign(kp.getPrivate()); + + byte[] res = s.getEncoded(sign); + + CertificateRequest cr = new CertificateRequest(u, Base64.getEncoder().encodeToString(res), "challange"); + cr.update(CertificateRequest.DEFAULT_CN, Digest.SHA512.toString(), "client", null, "", "email:" + u.getEmail(), resp.getWriter(), req); + cr.draft().issue(null, "2y"); + resp.getWriter().println("added certificate"); + } catch (GeneralSecurityException e1) { + e1.printStackTrace(); + resp.getWriter().println("error"); + } catch (GigiApiException e) { + e.format(resp.getWriter(), Language.getInstance(Locale.ENGLISH)); + } } } diff --git a/util-testing/org/cacert/gigi/pages/Manager.templ b/util-testing/org/cacert/gigi/pages/Manager.templ index 9d700ee9..2bfe725e 100644 --- a/util-testing/org/cacert/gigi/pages/Manager.templ +++ b/util-testing/org/cacert/gigi/pages/Manager.templ @@ -48,5 +48,11 @@ Email: Add verified Email: Email: new Email: - + + + +
+Add Client Cert: +Email: +
-- 2.39.2