From ddfa9d528d44b2977800b256fa00ee1b71d4af4d Mon Sep 17 00:00:00 2001 From: theko2fi Date: Sat, 9 Dec 2023 15:10:44 +0100 Subject: [PATCH] Add button to export certificates in PEM format Co-authored-by: Tobias Brunner --- .../templates/certificates/details.html | 46 ++++++++++--------- .../apps/certificates/views/DetailsHandler.py | 23 +++++++++- 2 files changed, 46 insertions(+), 23 deletions(-) diff --git a/strongMan/apps/certificates/templates/certificates/details.html b/strongMan/apps/certificates/templates/certificates/details.html index 108ce35..718718e 100644 --- a/strongMan/apps/certificates/templates/certificates/details.html +++ b/strongMan/apps/certificates/templates/certificates/details.html @@ -169,21 +169,23 @@

-
- {% if not readonly %} -
-
- {% csrf_token %} - - - -
+
+
+ {% csrf_token %} +
+ + {% if not readonly %} + + {% endif %}
- {% endif %} +
@@ -214,18 +216,18 @@

-
+
{% csrf_token %} - - - + + +
{% endif %}

-{% endblock content %} \ No newline at end of file +{% endblock content %} diff --git a/strongMan/apps/certificates/views/DetailsHandler.py b/strongMan/apps/certificates/views/DetailsHandler.py index 85c38cb..3229072 100644 --- a/strongMan/apps/certificates/views/DetailsHandler.py +++ b/strongMan/apps/certificates/views/DetailsHandler.py @@ -1,6 +1,9 @@ +import oscrypto.asymmetric +from urllib.parse import quote + from django.contrib import messages from django.urls import reverse -from django.http import HttpResponseRedirect +from django.http import HttpResponseRedirect, HttpResponse from django.shortcuts import render from ..models import UserCertificate, ViciCertificate, CertificateDoNotDelete from ..forms import ChangeNicknameForm @@ -28,11 +31,15 @@ def _render_user_details(self): def handle(self): if self._is_vicicert(): + if self.request.method == "POST" and "export_cert" in self.request.POST: + return self._export_certificate() return self._render_vici_details() if self.request.method == "GET": return self._render_user_details() elif self.request.method == "POST": + if "export_cert" in self.request.POST: + return self._export_certificate() if "remove_cert" in self.request.POST: return self._delete_cert() elif "remove_privatekey" in self.request.POST: @@ -78,3 +85,17 @@ def _delete_private_key(self): messages.add_message(self.request, messages.ERROR, "Can't delete private key. " + str(e)) return self._render_user_details() + + def _export_certificate(self): + try: + cert = oscrypto.asymmetric.load_certificate(self.certificate.der_container) + pem_bytes = oscrypto.asymmetric.dump_certificate(cert) + + filename = quote(self._vicicert.nickname if self._is_vicicert() else self._usercert.nickname) + + response = HttpResponse(pem_bytes, content_type="application/x-pem-file") + response['Content-Disposition'] = "attachment; filename*=utf-8''%s.pem" % filename + return response + except Exception as e: + messages.add_message(self.request, messages.ERROR, "Couldn't export the cert. " + str(e)) + return self._render_user_details()