From 2a55aad15a217b2410c79f23e42605186028ac38 Mon Sep 17 00:00:00 2001 From: =?utf8?q?Felix=20D=C3=B6rre?= Date: Tue, 29 Jul 2014 16:43:14 +0200 Subject: [PATCH] Extract PEM I/O --- .../pages/account/IssueCertificateForm.java | 10 ++------- .../gigi/pages/account/MailCertificates.java | 7 ++----- src/org/cacert/gigi/util/PEM.java | 21 +++++++++++++++++++ 3 files changed, 25 insertions(+), 13 deletions(-) create mode 100644 src/org/cacert/gigi/util/PEM.java diff --git a/src/org/cacert/gigi/pages/account/IssueCertificateForm.java b/src/org/cacert/gigi/pages/account/IssueCertificateForm.java index 334fd544..be8bbb5d 100644 --- a/src/org/cacert/gigi/pages/account/IssueCertificateForm.java +++ b/src/org/cacert/gigi/pages/account/IssueCertificateForm.java @@ -11,7 +11,6 @@ import java.security.interfaces.DSAPublicKey; import java.security.interfaces.ECPublicKey; import java.security.interfaces.RSAPublicKey; import java.sql.SQLException; -import java.util.Base64; import java.util.HashMap; import java.util.Map; @@ -30,6 +29,7 @@ import org.cacert.gigi.output.template.IterableDataset; import org.cacert.gigi.output.template.Template; import org.cacert.gigi.pages.LoginPage; import org.cacert.gigi.pages.Page; +import org.cacert.gigi.util.PEM; import org.cacert.gigi.util.RandomToken; import sun.security.pkcs10.PKCS10; @@ -171,13 +171,7 @@ public class IssueCertificateForm extends Form { } private PKCS10 parseCSR(String csr) throws IOException, GeneralSecurityException { - csr = csr.replaceFirst("-----BEGIN (NEW )?CERTIFICATE REQUEST-----", ""); - csr = csr.replaceFirst("-----END (NEW )?CERTIFICATE REQUEST-----", ""); - csr = csr.replace("\r", ""); - csr = csr.replace("\n", ""); - byte[] b = Base64.getDecoder().decode(csr); - // Also checks signature validity - return new PKCS10(b); + return new PKCS10(PEM.decode("(NEW )?CERTIFICATE REQUEST", csr)); } @Override diff --git a/src/org/cacert/gigi/pages/account/MailCertificates.java b/src/org/cacert/gigi/pages/account/MailCertificates.java index d65a3ef0..b725dda0 100644 --- a/src/org/cacert/gigi/pages/account/MailCertificates.java +++ b/src/org/cacert/gigi/pages/account/MailCertificates.java @@ -7,7 +7,6 @@ import java.security.cert.X509Certificate; import java.sql.PreparedStatement; import java.sql.ResultSet; import java.sql.SQLException; -import java.util.Base64; import java.util.HashMap; import javax.servlet.ServletOutputStream; @@ -20,6 +19,7 @@ import org.cacert.gigi.database.DatabaseConnection; import org.cacert.gigi.output.CertificateTable; import org.cacert.gigi.pages.LoginPage; import org.cacert.gigi.pages.Page; +import org.cacert.gigi.util.PEM; public class MailCertificates extends Page { @@ -68,10 +68,7 @@ public class MailCertificates extends Page { } ServletOutputStream out = resp.getOutputStream(); if (crt) { - out.println("-----BEGIN CERTIFICATE-----"); - String block = Base64.getEncoder().encodeToString(cert.getEncoded()).replaceAll("(.{64})(?=.)", "$1\n"); - out.println(block); - out.println("-----END CERTIFICATE-----"); + out.println(PEM.encode("CERTIFICATE", cert.getEncoded())); } else if (cer) { out.write(cert.getEncoded()); } diff --git a/src/org/cacert/gigi/util/PEM.java b/src/org/cacert/gigi/util/PEM.java new file mode 100644 index 00000000..06162705 --- /dev/null +++ b/src/org/cacert/gigi/util/PEM.java @@ -0,0 +1,21 @@ +package org.cacert.gigi.util; + +import java.util.Base64; + +public class PEM { + + public static String encode(String type, byte[] data) { + return "-----BEGIN " + type + "-----\n" + // + Base64.getEncoder().encodeToString(data).replaceAll("(.{64})(?=.)", "$1\n") + // + "\n-----END " + type + "-----"; + } + + public static byte[] decode(String type, String data) { + data = data.replaceAll("-----BEGIN " + type + "-----", "").replace("\n", "").replace("\r", ""); + // Remove the first and last lines + data = data.replaceAll("-----END " + type + "-----", ""); + // Base64 decode the data + return Base64.getDecoder().decode(data); + + } +} -- 2.39.2