1   /**
    2    *
    3    *  Licensed to the Apache Software Foundation (ASF) under one or more
    4    *  contributor license agreements.  See the NOTICE file distributed with
    5    *  this work for additional information regarding copyright ownership.
    6    *  The ASF licenses this file to You under the Apache License, Version 2.0
    7    *  (the "License"); you may not use this file except in compliance with
    8    *  the License.  You may obtain a copy of the License at
    9    *
   10    *     http://www.apache.org/licenses/LICENSE-2.0
   11    *
   12    *  Unless required by applicable law or agreed to in writing, software
   13    *  distributed under the License is distributed on an "AS IS" BASIS,
   14    *  WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
   15    *  See the License for the specific language governing permissions and
   16    *  limitations under the License.
   17    */
   18   package org.apache.geronimo.ca.helper;
   19   
   20   import java.io.ByteArrayOutputStream;
   21   import java.io.IOException;
   22   import java.io.PrintStream;
   23   import java.util.Properties;
   24   
   25   import javax.servlet.ServletException;
   26   import javax.servlet.http.HttpServletRequest;
   27   import javax.servlet.http.HttpServletResponse;
   28   
   29   import org.apache.geronimo.ca.helper.util.CAHelperUtils;
   30   import org.apache.geronimo.crypto.CaUtils;
   31   
   32   /**
   33    * Servlet implementation class for Servlet: CertificateRequestServlet
   34    *
   35    * @version $Rev: 617588 $ $Date: 2008-02-01 10:20:07 -0800 (Fri, 01 Feb 2008) $
   36    */
   37    public class CertificateRequestServlet extends javax.servlet.http.HttpServlet implements javax.servlet.Servlet {
   38       /* (non-Java-doc)
   39        * @see javax.servlet.http.HttpServlet#HttpServlet()
   40        */
   41       public CertificateRequestServlet() {
   42           super();
   43       }       
   44   
   45       /* (non-Java-doc)
   46        * @see javax.servlet.http.HttpServlet#doGet(HttpServletRequest request, HttpServletResponse response)
   47        */
   48       protected void doGet(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
   49           doPost(request, response);
   50       }      
   51   
   52       /* (non-Java-doc)
   53        * @see javax.servlet.http.HttpServlet#doPost(HttpServletRequest request, HttpServletResponse response)
   54        */
   55       protected void doPost(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
   56           // Retrieve the values submitted by the user
   57           String reqCN = request.getParameter("reqCN");
   58           String reqOU = request.getParameter("reqOU");
   59           String reqO = request.getParameter("reqO");
   60           String reqL = request.getParameter("reqL");
   61           String reqST = request.getParameter("reqST");
   62           String reqC = request.getParameter("reqC");
   63           String spkac = request.getParameter("spkac");
   64           String pkcs10req = request.getParameter("pkcs10req");
   65   
   66           String toStore = null;
   67           if(pkcs10req != null && !pkcs10req.equals("")) {
   68               // Either generated from Internet Explorer or submitted as PKCS10 request
   69               if(!pkcs10req.startsWith(CaUtils.CERT_REQ_HEADER)) {
   70                   ByteArrayOutputStream baos = new ByteArrayOutputStream();
   71                   PrintStream out = new PrintStream(baos);
   72                   out.println(CaUtils.CERT_REQ_HEADER);
   73                   out.println(pkcs10req.trim());
   74                   out.println(CaUtils.CERT_REQ_FOOTER);
   75                   out.close();
   76                   toStore = baos.toString();
   77               } else {
   78                   toStore = pkcs10req;
   79               }
   80           } else if(spkac != null && !spkac.equals("")) {
   81               // Received from a web browser that supports KEYGEN tag
   82               // Create a Properties object with user supplied values
   83               Properties csrProps = new Properties();
   84               csrProps.setProperty("CN", reqCN);
   85               csrProps.setProperty("OU", reqOU);
   86               csrProps.setProperty("O", reqO);
   87               csrProps.setProperty("L", reqL);
   88               csrProps.setProperty("ST", reqST);
   89               csrProps.setProperty("C", reqC);
   90               csrProps.setProperty("SPKAC", spkac);
   91               ByteArrayOutputStream baos = new ByteArrayOutputStream();
   92               csrProps.store(baos, "Request received through CA Helper Application");
   93               baos.close();
   94               toStore = baos.toString();
   95           } else {
   96               // Did not receive a SignedPublicKeyAndChallenge or a PKCS10 Cerificate Request
   97               throw new ServletException("Did not receive a SignedPublicKeyAndChallenge or a PKCS10 Cerificate Request. Resubmit your certificate request.");
   98           }
   99   
  100           // Store the CSR in the Certificate Request Store.
  101           String csrId = CAHelperUtils.getCertificateRequestStore().storeRequest(null, toStore);
  102   
  103           // Display the CSR Id to the user and confirm the receipt of CSR
  104           request.setAttribute("id", csrId);
  105           getServletContext().getRequestDispatcher("/receivedCSR.jsp").forward(request, response);
  106       }    
  107   }