package ui; import model.asn1.exceptions.InvalidCAException; import model.asn1.exceptions.ParseException; import model.asn1.parsing.BytesReader; import model.csr.CertificationRequest; import model.pki.cert.Certificate; import model.pki.cert.TbsCertificate; import java.security.NoSuchAlgorithmException; import java.util.Base64; /** * Manage the private key and CA certificate. It can print the public key, generate CSR, and install CA cert. */ public class MgmtScreen implements UIHandler { private final JCA session; /** * EFFECTS: Init with the parent session. */ public MgmtScreen(JCA session) { this.session = session; } /** * EFFECTS: Print help */ @Override public void help() { System.out.print("show\tView the public key and CA certificate\n" + "genkey\tGenerate a RSA private key\n" + "csr\tGenerate a CSR for a upper-level CA to sign\n" + "install\tInstall a CA certificate\n" + "exit\tGo to main menu\n" + "help\tPrint this message\n"); } /** * EFFECTS: Format the public key and CA */ @Override public void show() { if (session.getCa().getPublicKey() == null) { System.out.println("No private key installed"); } else { System.out.println("Public Key (RSA2048):"); System.out.printf("\tModules:\t\t%s\n", session.getCa().getPublicKey().getModulus().toString(10)); System.out.printf("\tPublic Exponent:\t%s\n", session.getCa().getPublicKey().getPublicExponent().toString(16)); } if (!session.checkCA(true)) { return; } final TbsCertificate info = session.getCa().getCertificate().getCertificate(); System.out.printf("Subject:\t%s\n", info.getSubject().toString()); System.out.printf("Issuer:\t%s\n", info.getIssuer().toString()); System.out.printf("Not Before:\t%s\n", info.getValidity().getNotBefore().getTimestamp()); System.out.printf("Not After:\t%s\n", info.getValidity().getNotAfter().getTimestamp()); System.out.printf("Signature:\t%s\n", Base64.getEncoder().encodeToString(Utils.byteToByte(info.getSubjectPublicKeyInfo() .getSubjectPublicKey().getConvertedVal()))); } /** * EFFECT: Generate a CSR * MODIFIES: session */ private void handleCSR() { if (!session.checkCA(false)) { return; } try { CertificationRequest req = session.getCa().signCSR(); System.out.println(Utils.toPEM(req.encodeDER(), "CERTIFICATE REQUEST")); session.setUnsaved(true); } catch (Throwable e) { System.out.println(e.getMessage()); } } /** * EFFECTS: Handle the 'install' command. Read incoming certificate and validate it. * MODIFIES: session */ private void handleInstall() { if (!session.checkCA(false)) { return; } try { final Byte[] in = session.handleInputPEM("CERTIFICATE"); final Certificate cert = new Certificate(new BytesReader(in), false); session.getCa().installCertificate(cert); session.setUnsaved(true); } catch (InvalidCAException | ParseException e) { System.out.println(e.getMessage()); } } /** * EFFECTS: Handle the 'genkey' command. Generate a RSA2048 private key. * MODIFIES: session */ private void handleGenKey() { if (session.getCa().getPublicKey() != null) { System.out.println("A private key is already installed."); } try { session.getCa().generateKey(); session.setUnsaved(true); } catch (NoSuchAlgorithmException e) { System.out.println(e.getMessage()); } } /** * EFFECTS: Handle commands. */ @Override public void command(String... args) { switch (args[0]) { case "genkey": handleGenKey(); break; case "csr": handleCSR(); break; case "install": handleInstall(); break; default: help(); break; } } /** * EFFECTS: Go to main menu */ @Override public Screen exit() { return Screen.MAIN; } /** * EFFECTS: return "/ca/ #" */ @Override public String getPS1() { return "/ca/ #"; } }