1 files changed, 155 insertions, 0 deletions

diff --git a/pki/base/common/src/com/netscape/cms/servlet/csadmin/GetSubsystemCert.java b/pki/base/common/src/com/netscape/cms/servlet/csadmin/GetSubsystemCert.java
new file mode 100644
index 000000000..ab6a1aa01
--- /dev/null
+++ b/pki/base/common/src/com/netscape/cms/servlet/csadmin/GetSubsystemCert.java
@@ -0,0 +1,155 @@
+// --- BEGIN COPYRIGHT BLOCK ---
+// This program is free software; you can redistribute it and/or modify
+// it under the terms of the GNU General Public License as published by
+// the Free Software Foundation; version 2 of the License.
+//
+// This program is distributed in the hope that it will be useful,
+// but WITHOUT ANY WARRANTY; without even the implied warranty of
+// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+// GNU General Public License for more details.
+//
+// You should have received a copy of the GNU General Public License along
+// with this program; if not, write to the Free Software Foundation, Inc.,
+// 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
+//
+// (C) 2007 Red Hat, Inc.
+// All rights reserved.
+// --- END COPYRIGHT BLOCK ---
+package com.netscape.cms.servlet.csadmin;
+
+
+import com.netscape.cms.servlet.common.*;
+import com.netscape.cms.servlet.base.*;
+import java.io.*;
+import java.util.*;
+import java.math.*;
+import javax.servlet.*;
+import java.security.cert.*;
+import javax.servlet.http.*;
+import netscape.ldap.*;
+import netscape.security.x509.*;
+import com.netscape.certsrv.base.*;
+import com.netscape.certsrv.authority.*;
+import com.netscape.certsrv.policy.*;
+import com.netscape.certsrv.request.IRequest;
+import com.netscape.certsrv.dbs.*;
+import com.netscape.certsrv.dbs.certdb.*;
+import com.netscape.certsrv.ldap.*;
+import com.netscape.certsrv.logging.*;
+import com.netscape.certsrv.apps.CMS;
+import com.netscape.certsrv.authentication.*;
+import com.netscape.certsrv.authorization.*;
+import com.netscape.cms.servlet.*;
+import com.netscape.cmsutil.xml.*;
+import com.netscape.cmsutil.crypto.*;
+import org.w3c.dom.*;
+import org.mozilla.jss.crypto.*;
+import org.mozilla.jss.*;
+import org.mozilla.jss.crypto.X509Certificate;
+
+
+public class GetSubsystemCert extends CMSServlet {
+
+    private final static String SUCCESS = "0";
+    private final static String FAILED = "1";
+
+    public GetSubsystemCert() {
+        super();
+    }
+
+    /**
+     * initialize the servlet.
+     * @param sc servlet configuration, read from the web.xml file
+     */
+    public void init(ServletConfig sc) throws ServletException {
+        super.init(sc);
+    }
+
+    /**
+     * Process the HTTP request. 
+     */
+    protected void process(CMSRequest cmsReq) throws EBaseException {
+        HttpServletRequest httpReq = cmsReq.getHttpReq();
+        HttpServletResponse httpResp = cmsReq.getHttpResp();
+
+        String outputString = null;
+
+        IConfigStore cs = CMS.getConfigStore();
+        String nickname = "";
+        try {
+            nickname = cs.getString("ca.subsystem.nickname", "");
+            String tokenname = cs.getString("ca.subsystem.tokenname", "");
+            if (!tokenname.equals("internal") && !tokenname.equals("Internal Key Storage Token"))
+                nickname = tokenname+":"+nickname;
+        } catch (Exception e) {
+        }
+
+        CMS.debug("GetSubsystemCert process: nickname="+nickname);
+        String s = "";
+        try {
+            CryptoManager cm = CryptoManager.getInstance();
+            X509Certificate cert = cm.findCertByNickname(nickname);
+ 
+            if (cert == null) {
+                CMS.debug("GetSubsystemCert process: subsystem cert is null");
+                outputError(httpResp, "Error: Failed to get subsystem certificate.");
+                return;
+            }
+
+            byte[] bytes = cert.getEncoded();
+            s = CryptoUtil.normalizeCertStr(CryptoUtil.base64Encode(bytes));
+        } catch (Exception e) {
+            CMS.debug("GetSubsystemCert process: exception: "+e.toString());
+        }
+
+        try {
+            XMLObject xmlObj = null;
+            xmlObj = new XMLObject();
+            Node root = xmlObj.createRoot("XMLResponse");
+            xmlObj.addItemToContainer(root, "Status", SUCCESS);
+            xmlObj.addItemToContainer(root, "Cert", s);
+            byte[] cb = xmlObj.toByteArray();
+            outputResult(httpResp, "application/xml", cb);
+        } catch (Exception e) {
+            CMS.debug("Failed to send the XML output");
+        }
+    }
+
+    protected void renderResult(CMSRequest cmsReq) throws IOException {// do nothing, ie, it will not return the default javascript.
+    }
+
+    /**
+     * Retrieves locale based on the request.
+     */
+    protected Locale getLocale(HttpServletRequest req) {
+        Locale locale = null;
+        String lang = req.getHeader("accept-language");
+
+        if (lang == null) {
+            // use server locale
+            locale = Locale.getDefault();
+        } else {
+            locale = new Locale(UserInfo.getUserLanguage(lang),
+                    UserInfo.getUserCountry(lang));
+        }
+        return locale;
+    }
+
+    private String normalizeCertStr(String s) {
+        StringBuffer val = new StringBuffer();
+
+        for (int i = 0; i < s.length(); i++) {
+            if (s.charAt(i) == '\n') {
+                continue;
+            } else if (s.charAt(i) == '\r') {
+                continue;
+            } else if (s.charAt(i) == '"') {
+                continue;
+            } else if (s.charAt(i) == ' ') {
+                continue;
+            }
+            val.append(s.charAt(i));
+        }
+        return val.toString();
+    }
+}