package org.apache.geronimo.ca.helper;

import java.io.IOException;
import java.math.BigInteger;
import javax.servlet.Servlet;
import javax.servlet.ServletException;
import javax.servlet.ServletOutputStream;
import javax.servlet.http.HttpServlet;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.apache.geronimo.ca.helper.util.CAHelperUtils;

/* loaded from: input_file:WEB-INF/lib/geronimo-ca-helper-2.2.jar:org/apache/geronimo/ca/helper/DownloadCertificateServlet.class */
public class DownloadCertificateServlet extends HttpServlet implements Servlet {
    protected void doGet(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws ServletException, IOException {
        doPost(httpServletRequest, httpServletResponse);
    }

    protected void doPost(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse) throws ServletException, IOException {
        String parameter = httpServletRequest.getParameter("type");
        String parameter2 = httpServletRequest.getParameter("csrId");
        if (parameter != null) {
            try {
                if (parameter.equals("ca")) {
                    byte[] encoded = CAHelperUtils.getCertificateStore().getCACertificate().getEncoded();
                    httpServletResponse.setContentType("application/x-x509-ca-cert");
                    httpServletResponse.setContentLength(encoded.length);
                    httpServletResponse.getOutputStream().write(encoded);
                }
            } catch (Exception e) {
                throw new ServletException("Exception while uploading certificate.", e);
            }
        }
        if (parameter2 == null) {
            throw new Exception("Invalid certificate download request.");
        }
        BigInteger serialNumberForRequest = CAHelperUtils.getCertificateRequestStore().getSerialNumberForRequest(parameter2);
        if (serialNumberForRequest == null) {
            throw new Exception("Either the CSR is yet to be fulfilled or the csrId is invalid. csrId = " + parameter2);
        }
        byte[] encoded2 = CAHelperUtils.getCertificateStore().getCertificate(serialNumberForRequest).getEncoded();
        String serverName = httpServletRequest.getServerName();
        int httpsClientAuthPort = CAHelperUtils.getHttpsClientAuthPort();
        String contextPath = httpServletRequest.getContextPath();
        String str = "https://" + serverName + ":" + httpsClientAuthPort + "" + contextPath + "/verifyCertificate.jsp?csrId=" + httpServletRequest.getParameter("csrId");
        httpServletResponse.setContentType("multipart/mixed; boundary=\"BOUNDARY\"");
        ServletOutputStream outputStream = httpServletResponse.getOutputStream();
        outputStream.write("This is a multi-part message in MIME format.\n".getBytes());
        outputStream.write("--BOUNDARY\n".getBytes());
        outputStream.write("Content-type: application/x-x509-user-cert\n\n".getBytes());
        outputStream.write(encoded2);
        outputStream.write("--BOUNDARY\n".getBytes());
        outputStream.write("Content-type: text/html\n\n".getBytes());
        outputStream.write("<html><body>".getBytes());
        outputStream.write("<p>Certificate is downloaded successfully. ".getBytes());
        if (httpsClientAuthPort != -1) {
            outputStream.write(("Access <a href=" + str + ">this link</a> to verify.</p>\n").getBytes());
        } else {
            outputStream.write("No HTTPS client-authentication port is configured to verify.</p>\n".getBytes());
        }
        outputStream.write(("<a href=\"" + contextPath + "\"> Back to CA Helper home</a>").getBytes());
        outputStream.write("</body></html>".getBytes());
        outputStream.write("--BOUNDARY--\n".getBytes());
        outputStream.flush();
    }
}
