Permalink
Browse files

Updates to CF-Certman

  • Loading branch information...
webdevsourcerer
webdevsourcerer committed Jan 26, 2015
1 parent e4b6c83 commit 08d3844453ed4c54c02b29a02e88d9336f337951
View
@@ -0,0 +1,49 @@
<!--- Copyright (c) 2011 Paul Connell <certman@paulconnell.info> --->
<cfcomponent displayname="Certificate" hint="Data and Methods representing an SSL certificate" output="false">
<cfset Variables.ThisCertificate = "">
<cffunction name="init" output="false" access="public">
<cfargument name="CertificateObject" required="true">
<cfset Variables.ThisCertificate = Arguments.CertificateObject>
<cfreturn This>
</cffunction>
<!--- return this certificate entry as a raw string --->
<cffunction name="asString" output="false" access="public">
<cfreturn Variables.ThisCertificate.toString()>
</cffunction>
<!--- certificate common name (some certs do not have this)--->
<cffunction name="getCommonName" output="false">
<cfset var certificateDetailsList = Trim(Variables.ThisCertificate.getSubjectX500Principal().getName())>
<cfset var certificateDetailsStruct = StructNew()>
<cfif ListLen(certificateDetailsList)>
<!--- This is a comma delimited list, with key value pairs - extract them --->
<cfloop from="1" to="#ListLen(certificateDetailsList)#" step="1" index="i">
<cfset currentItem = ListGetAt(certificateDetailsList,i,',')>
<cfset certificateDetailsStruct[listfirst(currentitem,'=')] = listLast(currentitem,'=')>
</cfloop>
<cfif StructKeyExists(certificateDetailsStruct,"CN")>
<cfreturn Trim(certificateDetailsStruct["CN"])>
<cfelseif StructKeyExists(certificateDetailsStruct,"OU")>
<cfreturn Trim(certificateDetailsStruct["OU"])>
</cfif>
<cfelse>
<cfreturn "Unknown">
</cfif>
</cffunction>
<cffunction name="getNotBefore" output="false" access="public">
<cfreturn Variables.ThisCertificate.getNotBefore()>
</cffunction>
<cffunction name="getNotAfter" output="false" access="public">
<cfreturn Variables.ThisCertificate.getNotAfter()>
</cffunction>
<cffunction name="getPublicKeyBase64">
<cfreturn Trim("-----BEGIN CERTIFICATE-----#Chr(13)##Chr(10)##Wrap(ToBase64(Variables.ThisCertificate.getEncoded()),64,true)#-----END CERTIFICATE-----")>
</cffunction>
</cfcomponent>
View
@@ -0,0 +1,177 @@
<!--- Copyright (c) 2008 Paul Connell <certman@paulconnell.info> --->
<cfcomponent displayname="KeyStoreManager" hint="Methods and data for accessing the Java Keystore" output="false">
<cfset Variables.KeyStorePath = "">
<!--- if this is not your cacerts password, alter it (this is the default) --->
<cfset Variables.KeyStorePassword = "changeit">
<cfset Variables.ks = "">
<cffunction name="init" output="false" access="public">
<cfscript>
var SystemSettings = CreateObject("java","java.lang.System");
var FileSeparator = SystemSettings.getProperty("file.separator");
Variables.KeyStorePath = "#SystemSettings.getProperty('java.home')##FileSeparator#lib#FileSeparator#security#FileSeparator#cacerts";
// load the keystore into the object
Load();
return This;
</cfscript>
</cffunction>
<cffunction name="listAll" output="false" access="public">
<cfset var CertificateArray = ArrayNew(2)>
<cfset var AliasEnum = Variables.ks.aliases()>
<cfset var ThisCertificate = "">
<cfset var AliasString = "">
<cfset var ArrayLength = 0>
<cfloop condition="#AliasEnum.hasMoreElements()#">
<cfscript>
ArrayLength = ArrayLen(CertificateArray)+1;
AliasString = AliasEnum.nextElement().toString();
ThisCertificate = CreateObject("component","Certificate").init(Variables.ks.getCertificate(AliasString));
CertificateArray[ArrayLength][1] = AliasString;
CertificateArray[ArrayLength][2] = ThisCertificate;
</cfscript>
</cfloop>
<cfset sortedCertArray=ArraySort2D(CertificateArray, 1, "textnocase")>
<cfreturn sortedCertArray>
</cffunction>
<cffunction name="containsAlias" output="false" access="public">
<cfargument name="Alias" required="true">
<cfreturn Variables.ks.containsAlias(Arguments.Alias)>
</cffunction>
<cffunction name="add" output="false" access="public">
<cfargument name="Alias" required="true">
<cfargument name="CertificateFilePath" required="true">
<cfset var InputStream = "">
<cfset var BufferedInputStream = "">
<cfset var CertificateFactory = "">
<cfset var Certificate = "">
<cftry>
<cfscript>
InputStream = CreateObject("java","java.io.FileInputStream").init(Arguments.CertificateFilePath);
BufferedInputStream = CreateObject("java","java.io.BufferedInputStream").init(InputStream);
CertificateFactory = CreateObject("java", "java.security.cert.CertificateFactory").getInstance("X.509");
Certificate = CertificateFactory.generateCertificate(BufferedInputStream);
InputStream.close();
if (NOT Len(Trim(Variables.ks.getCertificateAlias(Certificate))))
{
Variables.ks.setCertificateEntry(Arguments.Alias, Certificate);
Store();
return "";
}
else
{
return Variables.ks.getCertificateAlias(Certificate);
}
</cfscript>
<cfcatch type="any">
<cfset InputStream.close()>
<cfrethrow>
</cfcatch>
</cftry>
</cffunction>
<cffunction name="delete" output="false" access="public">
<cfargument name="CertificateAlias" required="true">
<cfscript>
if (Variables.ks.containsAlias(Arguments.CertificateAlias))
{
Variables.ks.deleteEntry(Arguments.CertificateAlias);
Store();
}
</cfscript>
</cffunction>
<cffunction name="read" output="false" access="public">
<cfargument name="CertificateAlias" required="true">
<cfscript>
var ThisCertificate = "";
if (Variables.ks.containsAlias(Arguments.CertificateAlias))
{
ThisCertificate = CreateObject("component","Certificate").init(Variables.ks.getCertificate(Arguments.CertificateAlias));
}
return ThisCertificate;
</cfscript>
</cffunction>
<cffunction name="load" output="false" access="private">
<cfset var KeyStore = "">
<cfset var InputStream = "">
<cftry>
<cflock name="KeyStoreFileLock" timeout="5" type="readonly">
<cfscript>
KeyStore = CreateObject("java","java.security.KeyStore");
Variables.ks = KeyStore.getInstance(KeyStore.getDefaultType());
InputStream = CreateObject("java","java.io.FileInputStream").init(Variables.KeyStorePath);
Variables.ks.load(InputStream, Variables.KeyStorePassword.toCharArray());
InputStream.close();
</cfscript>
</cflock>
<cfcatch type="any">
<cfset InputStream.close()>
<cfrethrow>
</cfcatch>
</cftry>
</cffunction>
<cffunction name="store" output="false" access="private">
<cfset var OutputStream = "">
<cftry>
<cflock name="KeyStoreFileLock" timeout="5" type="exclusive">
<cfscript>
OutputStream = CreateObject("java","java.io.FileOutputStream").init(Variables.KeyStorePath);
Variables.ks.store(OutputStream, Variables.KeyStorePassword.toCharArray());
OutputStream.close();
</cfscript>
</cflock>
<cfcatch type="any">
<cfset OutputStream.close()>
<cfrethrow>
</cfcatch>
</cftry>
</cffunction>
<cfscript>
/**
* Sorts a two dimensional array by the specified column in the second dimension.
*
* @return Returns an array.
* @author Robert West (robert.west@digiphilic.com)
* @version 1, October 8, 2002
*/
function ArraySort2D(arrayToSort, sortColumn, type) {
var order = "asc";
var delim = "`";
var i = 1;
var j = 1;
var thePosition = "";
var theList = "";
var arrayToReturn = ArrayNew(2);
var sortArray = ArrayNew(1);
var counter = 1;
if (ArrayLen(Arguments) GT 3){
order = Arguments[4];
}
for (i=1; i LTE ArrayLen(arrayToSort); i=i+1) {
ArrayAppend(sortArray, arrayToSort[i][sortColumn]);
}
theList = ArrayToList(sortArray, delim);
ArraySort(sortArray, type, order);
for (i=1; i LTE ArrayLen(sortArray); i=i+1) {
thePosition = ListFind(theList, sortArray[i], delim);
theList = ListDeleteAt(theList, thePosition, delim);
for (j=1; j LTE ArrayLen(arrayToSort[thePosition]); j=j+1) {
arrayToReturn[counter][j] = arrayToSort[thePosition][j];
}
ArrayDeleteAt(arrayToSort, thePosition);
counter = counter + 1;
}
return arrayToReturn;
}
</cfscript>
</cfcomponent>
View
@@ -0,0 +1,51 @@
<!--- Copyright (c) 2011 Paul Connell <certman@paulconnell.info> --->
<cfif NOT IsDefined("form.alias") OR NOT Len(Trim(form.alias))>
<cfif FileExists("#cffile.serverdirectory#/#cffile.serverfile#")>
<cffile action="Delete" file="#cffile.serverdirectory#/#cffile.serverfile#">
</cfif>
<cflocation url="addCertForm.cfm?error=You must provide a valid Key Alias">
</cfif>
<cfinvoke component="KeyStoreManager" method="init" returnvariable="KeyStoreManager">
<cfif KeyStoreManager.containsAlias(form.alias)>
<cfif FileExists("#cffile.serverdirectory#/#cffile.serverfile#")>
<cffile action="Delete" file="#cffile.serverdirectory#/#cffile.serverfile#">
</cfif>
<cflocation url="addCertForm.cfm?error=The alias '#form.alias#' is already used. Please choose another alias or delete the existing key.">
</cfif>
<cftry>
<cffile action="upload" filefield="form.pubkey" nameconflict="makeunique" destination="#Expandpath('./tmp')#">
<cfcatch type="Application">
<cfif FileExists("#cffile.serverdirectory#/#cffile.serverfile#")>
<cffile action="Delete" file="#cffile.serverdirectory#/#cffile.serverfile#">
</cfif>
<cflocation url="addCertForm.cfm?error=You must provide a valid key file."><cfabort>
</cfcatch>
</cftry>
<cftry>
<cfset KeyClashAlias = KeyStoreManager.add(form.alias,"#cffile.serverdirectory#/#cffile.serverfile#")>
<cfcatch type="Any">
<cfif cfcatch.type EQ "java.security.cert.CertificateException">
<cfif FileExists("#cffile.serverdirectory#/#cffile.serverfile#")>
<cffile action="Delete" file="#cffile.serverdirectory#/#cffile.serverfile#">
</cfif>
<cflocation url="addCertForm.cfm?error=Invalid or corrupt key file."><cfabort>
</cfif>
</cfcatch>
</cftry>
<cfif Len(Trim(KeyClashAlias))>
<cfif FileExists("#cffile.serverdirectory#/#cffile.serverfile#")>
<cffile action="Delete" file="#cffile.serverdirectory#/#cffile.serverfile#">
</cfif>
<cflocation url="addCertForm.cfm?error=Certificate is already in the store as '#KeyClashAlias#'."><cfabort>
</cfif>
<cfif FileExists("#cffile.serverdirectory#/#cffile.serverfile#")>
<cffile action="Delete" file="#cffile.serverdirectory#/#cffile.serverfile#">
</cfif>
<cflocation url="index.cfm?restartreq=1&message=Certificate successfully added to the keystore." addtoken="false">
View
@@ -0,0 +1,54 @@
<!--- Copyright (c) 2011 Paul Connell <certman@paulconnell.info> --->
<cfinclude template="../header.cfm">
<h2 class="pageHeader"> SSL Certificates &gt; Certificate Management &gt; Add Certificate</h2>
<p>Please complete the form to add a certificate to the Keystore.</p>
<cfif IsDefined("url.error")>
<p style="font-size:larger;color:ff0000;"><cfoutput>Error: #url.error#</cfoutput></p>
</cfif>
<table border="0" cellpadding="5" cellspacing="0" width="100%">
<cfform name="add" id="add" action="addCert.cfm" method="post" enctype="multipart/form-data">
<tr>
<td bgcolor="#E2E6E7" class="cellBlueTopAndBottom">
<b>Add New Certificate</b>
</td>
</tr>
<tr>
<td>
<table border="0" cellpadding="2" cellspacing="0" width="100%">
<tr>
<td width="200">
<label for="alias"> Alias </label>
</td>
<td width="1000"><cfinput name="alias" type="text" maxlength="150" class="label" size="20" style="width:20em;" id="alias" required="true" message="Please enter a Certificate Alias."/>
</td>
</tr>
<tr>
<td style="vertical-align:top;">
<label for="pubkey"> Key File </label>
</td>
<td>
<cfinput type="file" required="true" name="pubkey" class="label" size="55" message="Please choose a keyfile." />
<br /><a href="##" onClick="javascript:document.getElementById('wherekey').style.display = 'inline';">Where do I get the Key File?</a>
<div style="display:none;" id="wherekey">
<h1>Where do I get the key from?</h1>
<ul>
<li>IE Certificates -&gt; Copy to file (CER base64)</li>
<li>Firefox -&gt; Click Padlock, More Information, View Certificate, Details tab, Export, X.509 Certificate (PEM) format</li>
</ul>
</div>
</td>
</tr>
<tr>
<td colspan="2" class="cellBlueTopAndBottom" bgcolor="#F3F7F7">
<input type="submit" name="AddCertificate" value="&nbsp; Add &nbsp;">&nbsp;&nbsp;<input type="button" name="Cancel" value="Cancel" onClick="document.location.href='index.cfm';">
</td>
</tr>
</table>
</td>
</tr>
</cfform>
</table>
<cfinclude template="footer.cfm">
View
@@ -0,0 +1,7 @@
<!--- Copyright (c) 2011 Paul Connell <certman@paulconnell.info> --->
<cfinvoke component="KeyStoreManager" method="init" returnvariable="KeyStoreManager">
<cfset KeyStoreManager.delete(url.alias)>
<cflocation url="index.cfm?restartreq=1&message=Certificate successfully deleted from the keystore.">
View
@@ -0,0 +1,19 @@
<!--- Copyright (c) 2011 Paul Connell <certman@paulconnell.info> --->
<cfinclude template="../header.cfm">
<cfinvoke component="KeyStoreManager" method="init" returnvariable="KeyStoreManager">
<cfset Certificate = KeyStoreManager.read(url.alias)>
<h2 class="pageHeader"> SSL Certificates &gt; Certificate Management &gt; Certificate &quot;<cfoutput>#url.alias#</cfoutput>&quot;</h2>
<form action="index.cfm" method="get">
<input type="submit" name="back" value="Back to Certificate List">
</form>
<hr />
<cfoutput><pre>#Wrap(Certificate.asString(),155)#</pre></cfoutput>
<hr />
<form action="index.cfm" method="get">
<input type="submit" name="back" value="Back to Certificate List">
</form>
<cfinclude template="footer.cfm">
View
@@ -0,0 +1,7 @@
<!--- Copyright (c) 2011 Paul Connell <certman@paulconnell.info> --->
<cfinvoke component="KeyStoreManager" method="init" returnvariable="KeyStoreManager">
<cfset Certificate = KeyStoreManager.read(url.alias)>
<cfheader name="content-disposition" value="attachment; filename=#url.alias#.cer"/>
<cfcontent type="text/plain" reset="true"><cfoutput>#Certificate.getPublicKeyBase64()#</cfoutput>
Oops, something went wrong.

0 comments on commit 08d3844

Please sign in to comment.