Add pem bundle (with root) as download option to UI, closes #198

openxpki · Jan 29, 2015 · 2a7421d · 2a7421d
1 parent 28157ed
commit 2a7421d
Show file tree

Hide file tree

Showing 4 changed files with 39 additions and 65 deletions.
diff --git a/core/server/OpenXPKI/Client/UI/Certificate.pm b/core/server/OpenXPKI/Client/UI/Certificate.pm
@@ -73,8 +73,7 @@ sub init_search {
     return $self;
 }
 
-
-sub init_info {
+sub init_detail {
 
 
     my $self = shift;
@@ -95,6 +94,13 @@ sub init_info {
         $cert->{STATUS} = 'EXPIRED';
     }
 
+    # check if this is a entity certificate from the current realm
+    my $is_local_entity = 0;
+    if ($cert->{CSR_SERIAL} && $cert->{PKI_REALM} eq $self->_client()->session()->param('pki_realm')) {
+        $self->logger()->debug("cert is local entity");
+        $is_local_entity = 1;
+    }
+
     my @fields = (
         { label => 'Subject', value => $cert->{BODY}->{SUBJECT} },
         { label => 'Serial', value => $cert->{BODY}->{SERIAL_HEX} },
@@ -104,22 +110,15 @@ sub init_info {
         { label => 'Status', value => { label => i18nGettext('I18N_OPENXPKI_CERT_'.$cert->{STATUS}) , value => $cert->{STATUS} }, format => 'certstatus' },
     );
 
-    # TODO - Need to decide of we use buttons or links
+    # was in info, bullet list for downloads
     my $base =  $self->_client()->_config()->{'scripturl'} . "?page=certificate!download!identifier!$cert_identifier!format!";
-    my @buttons = (
-        { label => i18nGettext('I18N_OPENXPKI_UI_DOWNLOAD_INSTALL'), 'href' => $base.'install' },
-        { label => i18nGettext('I18N_OPENXPKI_UI_DOWNLOAD_PEM'), 'href' => $base.'pem' },
-        { label => i18nGettext('I18N_OPENXPKI_UI_DOWNLOAD_DER'), 'page' => $base.'der', target => '_blank' },
-        # core bug see #185 { label => i18nGettext('I18N_OPENXPKI_UI_DOWNLOAD_TXT'), 'page' => $base.'txt', target => '_blank' },
-        { label => i18nGettext('I18N_OPENXPKI_UI_DOWNLOAD_PKCS7'), 'page' => $base.'pkcs7', target => '_blank' }
-    );
-
     my $pattern = '<li><a href="'.$base.'%s" target="_blank">%s</a></li>';
 
     my $privkey = '';
     # check for private key
     # TODO - add ACL, only owner should be allowed to dl key
-    if ($self->send_command ( "private_key_exists_for_cert", { IDENTIFIER => $cert_identifier })) {
+    if ($is_local_entity &&
+        $self->send_command ( "private_key_exists_for_cert", { IDENTIFIER => $cert_identifier })) {
         $privkey = '<li><a href="#certificate!privkey!identifier!'.$cert_identifier.'">'.i18nGettext('I18N_OPENXPKI_UI_DOWNLOAD_PRIVATE_KEY').'</a></li>';
     }
 
@@ -128,60 +127,12 @@ sub init_info {
         # core bug see #185 sprintf ($pattern, 'txt', i18nGettext('I18N_OPENXPKI_UI_DOWNLOAD_TXT')).
         sprintf ($pattern, 'der', i18nGettext('I18N_OPENXPKI_UI_DOWNLOAD_DER')).
         sprintf ($pattern, 'pkcs7', i18nGettext('I18N_OPENXPKI_UI_DOWNLOAD_PKCS7')).
+        sprintf ($pattern, 'bundle', i18nGettext('I18N_OPENXPKI_UI_DOWNLOAD_BUNDLE')).
         $privkey.
         sprintf ($pattern, 'install', i18nGettext('I18N_OPENXPKI_UI_DOWNLOAD_INSTALL')).
         '</ul>'
     };
 
-    $self->_result()->{main} = [{
-        type => 'keyvalue',
-        content => {
-            label => '',
-            description => '',
-            data => \@fields,
-            #buttons => \@buttons
-        }},
-    ];
-
-}
-
-
-sub init_detail {
-
-
-    my $self = shift;
-    my $args = shift;
-
-    my $cert_identifier = $self->param('identifier');
-
-    my $cert = $self->send_command( 'get_cert', {  IDENTIFIER => $cert_identifier });
-    $self->logger()->debug("result: " . Dumper $cert);
-
-    $self->_page({
-        label => 'Certificate Information',
-        shortlabel => $cert->{BODY}->{SUBJECT_HASH}->{CN}->[0],
-    });
-
-
-    if ($cert->{STATUS} eq 'ISSUED' && $cert->{BODY}->{NOTAFTER} < time()) {
-        $cert->{STATUS} = 'EXPIRED';
-    }
-
-    # check if this is a entity certificate from the current realm
-    my $is_local_entity = 0;
-    if ($cert->{CSR_SERIAL} && $cert->{PKI_REALM} eq $self->_client()->session()->param('pki_realm')) {
-        $self->logger()->debug("cert is local entity");
-        $is_local_entity = 1;
-    }
-
-    my @fields = (
-        { label => 'Subject', value => $cert->{BODY}->{SUBJECT} },
-        { label => 'Serial', value => $cert->{BODY}->{SERIAL_HEX} },
-        { label => 'Issuer',  format=>'link', value => { label => $cert->{BODY}->{ISSUER}, page => 'certificate!detail!identifier!'. $cert->{ISSUER_IDENTIFIER} } },
-        { label => 'not before', value => $cert->{BODY}->{NOTBEFORE}, format => 'timestamp'  },
-        { label => 'not after', value => $cert->{BODY}->{NOTAFTER}, format => 'timestamp' },
-        { label => 'Status', value => { label => i18nGettext('I18N_OPENXPKI_CERT_'.$cert->{STATUS}) , value => $cert->{STATUS} }, format => 'certstatus' },
-    );
 
     my @buttons;
     push @buttons, {
@@ -330,6 +281,7 @@ sub init_download {
                 #sprintf ($pattern, 'txt', i18nGettext('I18N_OPENXPKI_UI_DOWNLOAD_TXT')). # core bug see #185
                 sprintf ($pattern, 'der', i18nGettext('I18N_OPENXPKI_UI_DOWNLOAD_DER')).
                 sprintf ($pattern, 'pkcs7', i18nGettext('I18N_OPENXPKI_UI_DOWNLOAD_PKCS7')).
+                sprintf ($pattern, 'bundle', i18nGettext('I18N_OPENXPKI_UI_DOWNLOAD_BUNDLE')).
                 $privkey.
                 '</ul>',
         }});
@@ -345,6 +297,24 @@ sub init_download {
         print $pkcs7;
         exit;
 
+    } elsif ($format eq 'bundle') {
+
+        my $chain = $self->send_command ( "get_chain", { START_IDENTIFIER => $cert_identifier, OUTFORMAT => 'PEM', 'KEEPROOT' => 1 });
+        $self->logger()->debug("chain info " . Dumper $chain );
+
+        my $cert_info  = $self->send_command ( "get_cert", {'IDENTIFIER' => $cert_identifier, 'FORMAT' => 'HASH' });
+        my $filename = $cert_info->{BODY}->{SUBJECT_HASH}->{CN}->[0] || $cert_info->{BODY}->{IDENTIFIER};
+
+        my $output = '';
+        for (my $i=0;$i<@{$chain->{CERTIFICATES}};$i++) {
+            $output .= $chain->{SUBJECT}->[$i]. "\n". $chain->{CERTIFICATES}->[$i]."\n\n";
+        }
+
+        print $self->cgi()->header( -type => 'application/octet-string', -expires => "1m", -attachment => "$filename.bundle" );
+        print $output;
+        exit;
+
+
     } else {
 
         my $cert_info = $self->send_command ( "get_cert", {'IDENTIFIER' => $cert_identifier, 'FORMAT' => 'HASH' });
@@ -522,7 +492,7 @@ sub action_search {
         content => {
             header => 'Grid-Headline',
             actions => [{
-                path => 'certificate!info!identifier!{identifier}',
+                path => 'certificate!detail!identifier!{identifier}',
                 label => 'Download',
                 icon => 'download',
                 target => 'modal'

diff --git a/core/server/OpenXPKI/Client/UI/Information.pm b/core/server/OpenXPKI/Client/UI/Information.pm
@@ -56,7 +56,7 @@ sub init_issuer {
         content => {
             actions => [{
                 path => 'certificate!detail!identifier!{identifier}',
-                target => 'tab',
+                target => 'modal',
             }],
             columns => [
                 { sTitle => "subject" },
@@ -185,4 +185,4 @@ sub init_process {
 
     return $self;
 }
-1;
+1;
diff --git a/core/server/OpenXPKI/Client/UI/Workflow.pm b/core/server/OpenXPKI/Client/UI/Workflow.pm
@@ -855,7 +855,7 @@ sub __render_from_workflow {
             # create a link on cert_identifier fields
             if ( $key =~ m{ cert_identifier \z }x) {
                 $item->{format} = 'link';
-                $item->{value}  = { label => $context->{$key}, page => 'certificate!info!identifier!'. $context->{$key}, target => 'modal' };
+                $item->{value}  = { label => $context->{$key}, page => 'certificate!detail!identifier!'. $context->{$key}, target => 'modal' };
             }
 
             # Code format any PEM blocks

diff --git a/core/server/OpenXPKI/Server/API/Default.pm b/core/server/OpenXPKI/Server/API/Default.pm
@@ -364,6 +364,7 @@ sub get_chain {
     my $return_ref;
     my @identifiers;
     my @certificates;
+    my @subject;
     my $finished = 0;
     my $complete = 0;
     my %already_seen; # hash of identifiers that have already been seen
@@ -399,6 +400,7 @@ sub get_chain {
             $finished = 1;
         }
         else {
+            push @subject, $cert->{SUBJECT};
             if ($inner_format) {
                 if ($inner_format eq 'PEM') {
                     push @certs, $cert->{DATA};
@@ -454,6 +456,7 @@ sub get_chain {
         return $result;
     }
 
+    $return_ref->{SUBJECT} = \@subject;
     $return_ref->{IDENTIFIERS} = \@identifiers;
     $return_ref->{COMPLETE}    = $complete;
     if (defined $arg_ref->{OUTFORMAT}) {
@@ -824,6 +827,7 @@ OUTFORMAT, which can be either 'PEM' or 'DER'.
 Returns a hash ref with the following entries:
 
     IDENTIFIERS   the chain of certificate identifiers as an array
+    SUBJECT       list of subjects for the returned certificates
     CERTIFICATES  the certificates as an array of data in outformat
                   (if requested)
     COMPLETE      1 if the complete chain was found in the database