From 4fe1e21029013d5b1aa6d0e2f1ca80f3a9b0182b Mon Sep 17 00:00:00 2001
From: William Enright <william.enright@savoirfairelinux.com>
Date: Wed, 7 Oct 2020 16:59:35 -0400
Subject: [PATCH] Ported and adjusted OCSP endpoint

Change-Id: I892c4e5626d7f38ff8b1c37cdfa9e3755c3f96cb
---
 .../server/servlets/x509/OCSPServlet.java     | 28 +++++++++++++++----
 1 file changed, 22 insertions(+), 6 deletions(-)

diff --git a/jams-server/src/main/java/net/jami/jams/server/servlets/x509/OCSPServlet.java b/jams-server/src/main/java/net/jami/jams/server/servlets/x509/OCSPServlet.java
index eeb0b3f1..00b71627 100644
--- a/jams-server/src/main/java/net/jami/jams/server/servlets/x509/OCSPServlet.java
+++ b/jams-server/src/main/java/net/jami/jams/server/servlets/x509/OCSPServlet.java
@@ -22,22 +22,38 @@
 */
 package net.jami.jams.server.servlets.x509;
 
-import jakarta.servlet.ServletException;
 import jakarta.servlet.annotation.WebServlet;
 import jakarta.servlet.http.HttpServlet;
 import jakarta.servlet.http.HttpServletRequest;
 import jakarta.servlet.http.HttpServletResponse;
+import org.bouncycastle.cert.ocsp.OCSPReq;
+import org.bouncycastle.cert.ocsp.OCSPResp;
 
 import java.io.IOException;
 
 import static net.jami.jams.server.Server.certificateAuthority;
 
-@WebServlet("/api/auth/ocsp")
+@WebServlet("/api/ocsp")
 public class OCSPServlet extends HttpServlet {
 
     @Override
-    protected void doGet(HttpServletRequest req, HttpServletResponse resp) throws ServletException, IOException {
-        certificateAuthority.getOCSPResponse(null);
-        super.doGet(req, resp);
+    protected void doPost(HttpServletRequest req, HttpServletResponse resp) throws IOException {
+        resp.setContentType("application/ocsp-response");
+        byte[] content = new byte[Integer.parseInt(req.getHeader("Content-Length"))];
+        try {
+            for(int i=0;i<content.length;i++){
+                req.getInputStream().read(content);
+            }
+            OCSPReq ocspReq = new OCSPReq(content);
+            OCSPResp ocspResp =  certificateAuthority.getOCSPResponse(ocspReq);
+
+            if (ocspResp != null) {
+                byte[] respBytes = ocspResp.getEncoded();
+                resp.getOutputStream().write(respBytes);
+            } else resp.setStatus(404);
+        }
+        catch (Exception e) {
+            resp.sendError(404, "Could not find the requested certificate!");
+        }
     }
-}
+}
\ No newline at end of file
-- 
GitLab