diff options
Diffstat (limited to 'base/ra/apache/docroot/ee/user')
| -rwxr-xr-x | base/ra/apache/docroot/ee/user/index.cgi | 68 | ||||
| -rw-r--r-- | base/ra/apache/docroot/ee/user/index.vm | 83 | ||||
| -rwxr-xr-x | base/ra/apache/docroot/ee/user/renew.cgi | 165 | ||||
| -rw-r--r-- | base/ra/apache/docroot/ee/user/renew.vm | 86 | ||||
| -rwxr-xr-x | base/ra/apache/docroot/ee/user/renewal.cgi | 74 | ||||
| -rw-r--r-- | base/ra/apache/docroot/ee/user/renewal.vm | 73 | ||||
| -rwxr-xr-x | base/ra/apache/docroot/ee/user/submit.cgi | 112 | ||||
| -rw-r--r-- | base/ra/apache/docroot/ee/user/submit.vm | 75 | ||||
| -rwxr-xr-x | base/ra/apache/docroot/ee/user/user.cgi | 68 | ||||
| -rw-r--r-- | base/ra/apache/docroot/ee/user/user.vm | 435 |
10 files changed, 1239 insertions, 0 deletions
diff --git a/base/ra/apache/docroot/ee/user/index.cgi b/base/ra/apache/docroot/ee/user/index.cgi new file mode 100755 index 000000000..ef6b3aa47 --- /dev/null +++ b/base/ra/apache/docroot/ee/user/index.cgi @@ -0,0 +1,68 @@ +#!/usr/bin/perl +# +# --- BEGIN COPYRIGHT BLOCK --- +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License as published by +# the Free Software Foundation; version 2 of the License. +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License along +# with this program; if not, write to the Free Software Foundation, Inc., +# 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. +# +# Copyright (C) 2007 Red Hat, Inc. +# All rights reserved. +# --- END COPYRIGHT BLOCK --- +# +# +# +# + +package op; + +use lib $ENV{DOCUMENT_ROOT} . "/../lib/perl"; + +use CGI; +use PKI::Service::Op; +use Template::Velocity; +use PKI::Base::Registry; + +use vars qw (@ISA); +use PKI::Service::Op; +@ISA = qw(PKI::Service::Op); + +sub new { + my $self = {}; + bless ($self); + return $self; +} + +sub process() +{ + my $self = shift; + my $q = CGI->new(); + + my $docroot = PKI::Base::Registry->get_docroot(); + my $parser = PKI::Base::Registry->get_parser(); + my $cfg = PKI::Base::Registry->get_config(); + + my %context; + my $result = $parser->execute_file_with_context("ee/user/index.vm", + \%context); + + my $xml = $q->param('xml'); + if ($xml eq "true") { + print "Content-Type: text/xml\n\n"; + print $self->xml_output(\%context); + } else { + print "Content-Type: text/html\n\n"; + print "$result"; + } +} + +my $op = op->new(); +$op->execute(); diff --git a/base/ra/apache/docroot/ee/user/index.vm b/base/ra/apache/docroot/ee/user/index.vm new file mode 100644 index 000000000..76b06a91c --- /dev/null +++ b/base/ra/apache/docroot/ee/user/index.vm @@ -0,0 +1,83 @@ +<!-- --- BEGIN COPYRIGHT BLOCK --- + This program is free software; you can redistribute it and/or modify + it under the terms of the GNU General Public License as published by + the Free Software Foundation; version 2 of the License. + + This program is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + GNU General Public License for more details. + + You should have received a copy of the GNU General Public License along + with this program; if not, write to the Free Software Foundation, Inc., + 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. + + Copyright (C) 2007 Red Hat, Inc. + All rights reserved. + --- END COPYRIGHT BLOCK --- --> +<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd"> +<html> + +<title>RA End-Entity</title> + <link rel="shortcut icon" href="/pki/images/favicon.ico" /> + <link rel="stylesheet" href="/pki/css/pki-base.css" type="text/css" /> + <META http-equiv=Content-Type content="text/html; charset=UTF-8"> + +</head> +<body bgcolor="#FFFFFF" link="#666699" vlink="#666699" alink="#333366"> + +#include ( "header.vm" ) + +<div id="mainNavOuter"> +<div id="mainNav"> +<div id="mainNavInner"> + +</div><!-- end mainNavInner --> +</div><!-- end mainNav --> +</div><!-- end mainNavOuter --> + + +<div id="bar"> + +<div id="systembar"> +<div id="systembarinner"> + +<div> + - +</div> + + +</div> +</div> + +</div> + + +<font size="+1" face="PrimaSans BT, Verdana, Arial, Helvetica, sans-serif"> +<a href="/ee/index.cgi">RA Services</a> : <a href="/ee/user/index.cgi">User Enrollment</a><br /> +</font><br> +<p> +For user enrollment, user must access the following forms with appropriate client (i.e. browser) where key pair will be generated. +<p> +<center> +<table border="0" cellspacing="0" cellpadding="0"> +<tr valign="TOP"> +<td> +<font size=4 face="PrimaSans BT, Verdana, sans-serif"> +<li><a href="user.cgi">Request Submission - User</a></li> +</font> +</td> +</tr> +<tr valign="TOP"> +<td> +<font size=4 face="PrimaSans BT, Verdana, sans-serif"> +<li><a href="renewal.cgi">Renewal - User</a></li> +</font> +</td> +</tr> +</table> +</center> +#include ( "footer.vm" ) + +</body> +</html> diff --git a/base/ra/apache/docroot/ee/user/renew.cgi b/base/ra/apache/docroot/ee/user/renew.cgi new file mode 100755 index 000000000..63d646ec9 --- /dev/null +++ b/base/ra/apache/docroot/ee/user/renew.cgi @@ -0,0 +1,165 @@ +#!/usr/bin/perl +# +# --- BEGIN COPYRIGHT BLOCK --- +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License as published by +# the Free Software Foundation; version 2 of the License. +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License along +# with this program; if not, write to the Free Software Foundation, Inc., +# 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. +# +# Copyright (C) 2007 Red Hat, Inc. +# All rights reserved. +# --- END COPYRIGHT BLOCK --- +# +# +# +# + +package op; + +use lib $ENV{DOCUMENT_ROOT} . "/../lib/perl"; + +use CGI; +use PKI::Base::Conf; +use PKI::Request::Queue; +use Template::Velocity; +use PKI::Service::Op; +use PKI::Base::Util; +use PKI::Base::Registry; + +use vars qw (@ISA); +@ISA = qw(PKI::Service::Op); + +sub new { + my $self = {}; + bless ($self); + return $self; +} + +sub process() +{ + my $self = shift; + my $q = CGI->new(); + + my $docroot = PKI::Base::Registry->get_docroot(); + my $parser = PKI::Base::Registry->get_parser(); + my $cfg = PKI::Base::Registry->get_config(); + + my $util = PKI::Base::Util->new(); + my $error = ""; + + my $host = $cfg->get("service.machineName"); + my $port = $cfg->get("service.non_clientauth_securePort"); + + $self->debug_params($cfg, $q); + + my $cert = $self->get_cert_record($cfg); + $self->debug_log( $cfg, "after get_cert_record"); + if (!defined($cert) || ($cert eq "")) { + $self->debug_log( $cfg, "cert not defined"); + $error = "certificate not found in database"; + print $q->redirect("/ee/error.cgi?error=$error"); + return; + } + $self->debug_log( $cfg, "got cert"); + + my $csr = $cert->{'csr'}; + if ($csr eq "") { + $error = "csr not found in database"; + print $q->redirect("/ee/error.cgi?error=$error"); + return; + } + $self->debug_log( $cfg, "got csr"); + + my $req_id = $cert->{'rid'}; + if ($req_id eq "") { + $error = "reqid not found in database"; + print $q->redirect("/ee/error.cgi?error=$error"); + return; + } + $self->debug_log( $cfg, "got req_id = $req_id"); + $self->debug_log( $cfg, "before renewl read/create request"); + my $queue = PKI::Request::Queue->new(); + $queue->open($cfg); + my $o_req = $queue->read_request($req_id); + if ($o_req eq "") { + $self->debug_log( $cfg, "got null o_req"); + print $q->redirect("/ee/error.cgi?error=$error"); + return; + } + + my $uid = ""; + my $site_id = ""; + my $org_csr = ""; + my $csr_type = ""; + + my $data = $o_req->{'data'}; + foreach $nv (split(/;/, $data)) { + my ($n, $v) = split(/=/, $nv); + if ($n eq "uid") { + $uid = $v; + } + if ($n eq "site_id") { + $site_id = $v; + } + if ($n eq "csr") { + $org_csr = $v; + } + if ($n eq "csr_type") { + $csr_type = $v; + } + } + + my $new_request = $queue->create_request("renewal", + "uid=" . $uid . ";" . + "site_id=" . $site_id . ";" . + "csr_type=" . $csr_type . ";" . + "csr=" . $csr, + "orig_reqid=" . $o_req->{'rowid'}, + $o_req->{'created_by'}); + + #self-renewal is created and processed by the same user + $ref = $queue->approve_request($new_request, $o_req->{'created_by'}); + my $nreq = $queue->read_request($new_request); + $error = $nreq->{'errorString'}; + if ($error ne "0") { + $self->debug_log( $cfg, "after approve request, got error=$error"); + print $q->redirect("/ee/error.cgi?error=$error"); + return; + } + + my %context; + $context{request_id} = $util->html_encode($new_request); + $self->debug_log($cfg, "request $new_request created"); + $queue->close(); + $self->debug_log( $cfg, "after renewl read/create request $new_request"); + + $context{data} = $util->breakline($util->html_encode($ref->{'data'}), 40); + $context{output} = $util->breakline($util->html_encode($ref->{'output'}), 40); + $context{serialno} = $util->html_encode($ref->{'serialno'}); + $context{host} = $util->html_encode($host); + $context{port} = $util->html_encode($port); + + #print $q->redirect("/ee/request/getcert.cgi?id=$new_request"); + my $result = $parser->execute_file_with_context("ee/user/renew.vm", + \%context); + + my $xml = $q->param('xml'); + if ($xml eq "true") { + print "Content-Type: text/xml\n\n"; + print $self->xml_output(\%context); + } else { + print "Content-Type: text/html\n\n"; + print "$result"; + } +} + +my $op = op->new(); +$op->execute(); diff --git a/base/ra/apache/docroot/ee/user/renew.vm b/base/ra/apache/docroot/ee/user/renew.vm new file mode 100644 index 000000000..dee119c65 --- /dev/null +++ b/base/ra/apache/docroot/ee/user/renew.vm @@ -0,0 +1,86 @@ +<!-- --- BEGIN COPYRIGHT BLOCK --- + This program is free software; you can redistribute it and/or modify + it under the terms of the GNU General Public License as published by + the Free Software Foundation; version 2 of the License. + + This program is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + GNU General Public License for more details. + + You should have received a copy of the GNU General Public License along + with this program; if not, write to the Free Software Foundation, Inc., + 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. + + Copyright (C) 2007 Red Hat, Inc. + All rights reserved. + --- END COPYRIGHT BLOCK --- --> +<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd"> +<html> + +<title>User Certificate Renewal Notification</title> + <link rel="shortcut icon" href="/pki/images/favicon.ico" /> + <link rel="stylesheet" href="/pki/css/pki-base.css" type="text/css" /> + <META http-equiv=Content-Type content="text/html; charset=UTF-8"> + +</head> +<body bgcolor="#FFFFFF" link="#666699" vlink="#666699" alink="#333366"> + +#include ( "header.vm" ) + +<div id="mainNavOuter"> +<div id="mainNav"> +<div id="mainNavInner"> + +</div><!-- end mainNavInner --> +</div><!-- end mainNav --> +</div><!-- end mainNavOuter --> + + +<div id="bar"> + +<div id="systembar"> +<div id="systembarinner"> + +<div> + - +</div> + + +</div> +</div> + +</div> + + +<font size="+1" face="PrimaSans BT, Verdana, Arial, Helvetica, sans-serif"> +<a href="https://$host:$port/ee/index.cgi">RA Services</a> : +<a href="https://$host:$port/ee/user/index.cgi">User Enrollment</a><br /> +Renewal Interface +</font><br> +<p> +Your certificate has been successfully renewed. +<p> +<center> +<table border="0" cellspacing="1" cellpadding="1"> +<tr> + <td width=20%>Request ID:</td> + <td><a href="https://$host:$port/ee/request/status.cgi?id=$request_id">$request_id</a></td> +<tr valign="TOP"> +<td><b>Data</b></td> +<td>$data</td> +</tr> +<tr valign="TOP"> +<td><b>Output</b></td> +<td>$output</td> +</tr> +<tr valign="TOP"> +<td><b>Serial Number</b></td> +<td>$serialno</td> +</tr> +</table> +</center> +#include ( "footer.vm" ) + +</body> +</html> diff --git a/base/ra/apache/docroot/ee/user/renewal.cgi b/base/ra/apache/docroot/ee/user/renewal.cgi new file mode 100755 index 000000000..63a211eff --- /dev/null +++ b/base/ra/apache/docroot/ee/user/renewal.cgi @@ -0,0 +1,74 @@ +#!/usr/bin/perl +# +# --- BEGIN COPYRIGHT BLOCK --- +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License as published by +# the Free Software Foundation; version 2 of the License. +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License along +# with this program; if not, write to the Free Software Foundation, Inc., +# 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. +# +# Copyright (C) 2007 Red Hat, Inc. +# All rights reserved. +# --- END COPYRIGHT BLOCK --- +# +# +# +# + +package op; + +use lib $ENV{DOCUMENT_ROOT} . "/../lib/perl"; + +use CGI; +use PKI::Service::Op; +use Template::Velocity; +use PKI::Base::Conf; +use PKI::Base::Registry; + +use vars qw (@ISA); +@ISA = qw(PKI::Service::Op); + +sub new { + my $self = {}; + bless ($self); + return $self; +} + +sub process() +{ + my $self = shift; + my $q = CGI->new(); + + my $docroot = PKI::Base::Registry->get_docroot(); + my $parser = PKI::Base::Registry->get_parser(); + my $cfg = PKI::Base::Registry->get_config(); + + $self->debug_params($cfg, $q); + + my $host = $cfg->get("service.machineName"); + my $port = $cfg->get("service.securePort"); + + my %context; + $context{url} = "https://$host:$port/ee/user/renew.cgi"; + my $result = $parser->execute_file_with_context("ee/user/renewal.vm", + \%context); + + my $xml = $q->param('xml'); + if ($xml eq "true") { + print "Content-Type: text/xml\n\n"; + print $self->xml_output(\%context); + } else { + print "Content-Type: text/html\n\n"; + print "$result"; + } +} + +my $op = op->new(); +$op->execute(); diff --git a/base/ra/apache/docroot/ee/user/renewal.vm b/base/ra/apache/docroot/ee/user/renewal.vm new file mode 100644 index 000000000..1e2b438a1 --- /dev/null +++ b/base/ra/apache/docroot/ee/user/renewal.vm @@ -0,0 +1,73 @@ +<!-- --- BEGIN COPYRIGHT BLOCK --- + This program is free software; you can redistribute it and/or modify + it under the terms of the GNU General Public License as published by + the Free Software Foundation; version 2 of the License. + + This program is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + GNU General Public License for more details. + + You should have received a copy of the GNU General Public License along + with this program; if not, write to the Free Software Foundation, Inc., + 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. + + Copyright (C) 2007 Red Hat, Inc. + All rights reserved. + --- END COPYRIGHT BLOCK --- --> +<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd"> +<html> + +<title>User Certificate Renewal</title> + <link rel="shortcut icon" href="/pki/images/favicon.ico" /> + <link rel="stylesheet" href="/pki/css/pki-base.css" type="text/css" /> + <META http-equiv=Content-Type content="text/html; charset=UTF-8"> + +</head> +<body bgcolor="#FFFFFF" link="#666699" vlink="#666699" alink="#333366"> + +#include ( "header.vm" ) + +<div id="mainNavOuter"> +<div id="mainNav"> +<div id="mainNavInner"> + +</div><!-- end mainNavInner --> +</div><!-- end mainNav --> +</div><!-- end mainNavOuter --> + + +<div id="bar"> + +<div id="systembar"> +<div id="systembarinner"> + +<div> + - +</div> + + +</div> +</div> + +</div> + + +<font size="+1" face="PrimaSans BT, Verdana, Arial, Helvetica, sans-serif"> +<a href="/ee/index.cgi">RA Services</a> : +<a href="/ee/user/index.cgi">User Enrollment</a><br /> +User Renewal Interface +</font><br> +<p> +This form is for end user to renew his/her certificates.<br> +At popup, please select the user certificate to renew. +<p> +<center> +<form method=post action=$url> +<input type=submit name=Submit value="Renewal"> +</form> +</center> +#include ( "footer.vm" ) + +</body> +</html> diff --git a/base/ra/apache/docroot/ee/user/submit.cgi b/base/ra/apache/docroot/ee/user/submit.cgi new file mode 100755 index 000000000..26c900e00 --- /dev/null +++ b/base/ra/apache/docroot/ee/user/submit.cgi @@ -0,0 +1,112 @@ +#!/usr/bin/perl +# +# --- BEGIN COPYRIGHT BLOCK --- +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License as published by +# the Free Software Foundation; version 2 of the License. +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License along +# with this program; if not, write to the Free Software Foundation, Inc., +# 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. +# +# Copyright (C) 2007 Red Hat, Inc. +# All rights reserved. +# --- END COPYRIGHT BLOCK --- +# +# +# +# + +package op; + +use lib $ENV{DOCUMENT_ROOT} . "/../lib/perl"; + +use Benchmark; +use CGI; +use PKI::Service::Op; +use Template::Velocity; +use PKI::Base::Conf; +use PKI::Base::Util; +use PKI::Base::Registry; +use PKI::Request::Queue; + +use vars qw (@ISA); +use PKI::Service::Op; +@ISA = qw(PKI::Service::Op); + +sub new { + my $self = {}; + bless ($self); + return $self; +} + +sub process() +{ + my $self = shift; + my $q = CGI->new(); + + my $st = new Benchmark; + + my $util = PKI::Base::Util->new(); + + my $userid = $util->get_val($q->param('uid')); + my $fullname = $util->get_val($q->param('cn')); + my $site_id = $util->get_val($q->param('site_id')); + my $email = $util->get_val($q->param('email')); + my $csr_type = $util->get_alphanum_val($q->param('csr_type')); + my $csr = $util->get_val($q->param('csr')); + + $csr = $util->normalize_csr($csr); + + my $docroot = PKI::Base::Registry->get_docroot(); + my $parser = PKI::Base::Registry->get_parser(); + my $cfg = PKI::Base::Registry->get_config(); + + $self->debug_params($cfg, $q); + + my $db_st = new Benchmark; + my $queue = PKI::Request::Queue->new(); + $queue->open($cfg); + my $request_id = $queue->create_request("user", + "uid=" . $userid . ";" . + "cn=" . $fullname . ";" . + "site_id=" . $site_id . ";" . + "csr_type=" . $csr_type . ";" . + "csr=" . $csr, + "0", + $email); + my %context; + $context{request_id} = $util->html_encode($request_id); + $self->debug_log($cfg, "request $request_id created"); + $queue->close(); + my $db_et = new Benchmark; + + my $t_st = new Benchmark; + my $result = $parser->execute_file_with_context("ee/user/submit.vm", + \%context); + my $t_et = new Benchmark; + + my $xml = $q->param('xml'); + if ($xml eq "true") { + print "Content-Type: text/xml\n\n"; + print $self->xml_output(\%context); + } else { + print "Content-Type: text/html\n\n"; + print "$result"; + } + + my $et = new Benchmark; + $self->debug_log($cfg, "benchmark " . + "total=" . timestr(timediff($et, $st)) . " " . + "db total=" . timestr(timediff($db_et, $db_st)) . " " . + "template total=" . timestr(timediff($t_et, $t_st)) . " " + ); +} + +my $op = op->new(); +$op->execute(); diff --git a/base/ra/apache/docroot/ee/user/submit.vm b/base/ra/apache/docroot/ee/user/submit.vm new file mode 100644 index 000000000..6c7a0cd44 --- /dev/null +++ b/base/ra/apache/docroot/ee/user/submit.vm @@ -0,0 +1,75 @@ +<!-- --- BEGIN COPYRIGHT BLOCK --- + This program is free software; you can redistribute it and/or modify + it under the terms of the GNU General Public License as published by + the Free Software Foundation; version 2 of the License. + + This program is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + GNU General Public License for more details. + + You should have received a copy of the GNU General Public License along + with this program; if not, write to the Free Software Foundation, Inc., + 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. + + Copyright (C) 2007 Red Hat, Inc. + All rights reserved. + --- END COPYRIGHT BLOCK --- --> +<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd"> +<html> + +<title>User Certificate Request Submission</title> + <link rel="shortcut icon" href="/pki/images/favicon.ico" /> + <link rel="stylesheet" href="/pki/css/pki-base.css" type="text/css" /> + <META http-equiv=Content-Type content="text/html; charset=UTF-8"> + +</head> +<body bgcolor="#FFFFFF" link="#666699" vlink="#666699" alink="#333366"> + +#include ( "header.vm" ) + +<div id="mainNavOuter"> +<div id="mainNav"> +<div id="mainNavInner"> + +</div><!-- end mainNavInner --> +</div><!-- end mainNav --> +</div><!-- end mainNavOuter --> + + +<div id="bar"> + +<div id="systembar"> +<div id="systembarinner"> + +<div> + - +</div> + + +</div> +</div> + +</div> + + +<font size="+1" face="PrimaSans BT, Verdana, Arial, Helvetica, sans-serif"> +<a href="/ee/index.cgi">RA Services</a> : +<a href="/ee/user/index.cgi">User Enrollment</a><br /> +Manager Interface +</font><br> +<p> +Your request has been successfully submitted. +<p> +<center> +<table border="0" cellspacing="1" cellpadding="1"> +<tr> + <td width=20%>Request ID:</td> + <td><a href="/ee/request/status.cgi?id=$request_id">$request_id</td> +</tr> +</table> +</center> +#include ( "footer.vm" ) + +</body> +</html> diff --git a/base/ra/apache/docroot/ee/user/user.cgi b/base/ra/apache/docroot/ee/user/user.cgi new file mode 100755 index 000000000..2d58a532b --- /dev/null +++ b/base/ra/apache/docroot/ee/user/user.cgi @@ -0,0 +1,68 @@ +#!/usr/bin/perl +# +# --- BEGIN COPYRIGHT BLOCK --- +# This program is free software; you can redistribute it and/or modify +# it under the terms of the GNU General Public License as published by +# the Free Software Foundation; version 2 of the License. +# +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. +# +# You should have received a copy of the GNU General Public License along +# with this program; if not, write to the Free Software Foundation, Inc., +# 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. +# +# Copyright (C) 2007 Red Hat, Inc. +# All rights reserved. +# --- END COPYRIGHT BLOCK --- +# +# +# +# + +package op; + +use lib $ENV{DOCUMENT_ROOT} . "/../lib/perl"; + +use CGI; +use PKI::Service::Op; +use Template::Velocity; +use PKI::Base::Registry; + +use vars qw (@ISA); +use PKI::Service::Op; +@ISA = qw(PKI::Service::Op); + +sub new { + my $self = {}; + bless ($self); + return $self; +} + +sub process() +{ + my $self = shift; + my $q = CGI->new(); + + my $docroot = PKI::Base::Registry->get_docroot(); + my $parser = PKI::Base::Registry->get_parser(); + my $cfg = PKI::Base::Registry->get_config(); + + my %context; + my $result = $parser->execute_file_with_context("ee/user/user.vm", + \%context); + + my $xml = $q->param('xml'); + if ($xml eq "true") { + print "Content-Type: text/xml\n\n"; + print $self->xml_output(\%context); + } else { + print "Content-Type: text/html\n\n"; + print "$result"; + } +} + +my $op = op->new(); +$op->execute(); diff --git a/base/ra/apache/docroot/ee/user/user.vm b/base/ra/apache/docroot/ee/user/user.vm new file mode 100644 index 000000000..04763d7cf --- /dev/null +++ b/base/ra/apache/docroot/ee/user/user.vm @@ -0,0 +1,435 @@ +<!-- --- BEGIN COPYRIGHT BLOCK --- + This program is free software; you can redistribute it and/or modify + it under the terms of the GNU General Public License as published by + the Free Software Foundation; either version 2 of the License, or + (at your option) any later version. + + This program is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + GNU General Public License for more details. + + You should have received a copy of the GNU General Public License along + with this program; if not, write to the Free Software Foundation, Inc., + 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. + + Copyright (C) 2007 Red Hat, Inc. + All rights reserved. + --- END COPYRIGHT BLOCK --- --> +<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd"> +<html> + +<OBJECT + classid="clsid:127698e4-e730-4e5c-a2b1-21490a70c8a1" + CODEBASE="/ee/xenroll.dll" + id="Enroll"> +</OBJECT> + +<OBJECT id='g_objClassFactory' CLASSID='clsid:884e2049-217d-11da-b2a4-000e7bbb2b09'> +</OBJECT> + +<title>User Certificate Request</title> + <link rel="shortcut icon" href="/pki/images/favicon.ico" /> + <link rel="stylesheet" href="/pki/css/pki-base.css" type="text/css" /> + <META http-equiv=Content-Type content="text/html; charset=UTF-8"> + +</head> +<body bgcolor="#FFFFFF" link="#666699" vlink="#666699" alink="#333366"> + +#include ( "header.vm" ) + +<div id="mainNavOuter"> +<div id="mainNav"> +<div id="mainNavInner"> + +</div><!-- end mainNavInner --> +</div><!-- end mainNav --> +</div><!-- end mainNavOuter --> + + +<div id="bar"> + +<div id="systembar"> +<div id="systembarinner"> + +<div> + - +</div> + + +</div> +</div> + +</div> + +<SCRIPT LANGUAGE="JavaScript"> +function encode_utf8( s ) +{ + return unescape( encodeURIComponent( s ) ); +} + +function decode_utf8( s ) +{ + return decodeURIComponent( escape( s ) ); +} + +function validate() +{ + var x = document.enrollment.uid.value; + if (x == '') { + alert("uid is empty"); + return false; + } + var e = document.enrollment.email.value; + if (e == '') { + alert("email is empty"); + return false; + } + var cn = document.enrollment.cn.value; + if (cn == '') { + alert("Full name is empty"); + return false; + } + var dn = encode_utf8("uid="+x+",e="+e+",cn="+cn); + with (document.forms[0]) { + crmfObject = crypto.generateCRMFRequest( + dn, + "regToken", "authenticator", + null, + "setCRMFRequest();", + 1024, null, "rsa-dual-use"); + return false; + } +} + +function setCRMFRequest() +{ + with (document.forms[0]) { + csr.value = crmfObject.request; + submit(); + } +} + +</SCRIPT> + + +<font size="+1" face="PrimaSans BT, Verdana, Arial, Helvetica, sans-serif"> +<a href="/ee/index.cgi">RA Services</a> : +<a href="/ee/user/index.cgi">User Enrollment</a><br /> +User Interface +</font><br> +<p> +This form is for user to request for an end-user certificate. +<p> +<script language=javascript> +<!-- + if (navigator.appName == "Microsoft Internet Explorer") { + document.writeln('<form name="enrollment" method=post action="submit.cgi">'); + } else { + document.writeln('<form name="enrollment" onSubmit="return validate();" method=post action="submit.cgi">'); + } +--> +</script> +<SCRIPT LANGUAGE=VBS> +<!-- +'Get OS Version, works for Vista and below only +Function GetOSVersion + dim agent + dim result + dim pos + + agent = Navigator.appVersion + pos = InStr(agent,"NT 6.") + + If pos > 0 Then + GetOSVersion = 6 ' Vista + Exit Function + End If + + pos = InStr(agent,"NT 5.") + + If pos > 0 Then + GetOSVersion = 5 ' XP etc + Exit Function + End If + +' Default + GetOSVersion = 5 +End Function + +Sub Send_OnClick + Dim TheForm + Dim szName + Dim options + Dim osVersion + Dim result + Set TheForm = Document.enrollment + + osVersion = GetOSVersion() + + If osVersion <> 6 Then 'Not Vista + + ' Contruct the X500 distinguished name + szName = "0.9.2342.19200300.100.1.1=" & TheForm.uid.Value & ",E=" & TheForm.email.Value & ",CN=" & TheForm.cn.Value + + On Error Resume Next + Enroll.HashAlgorithm = "MD5" + Enroll.KeySpec = 1 + + ' Pick the provider that is selected + set options = TheForm.all.cryptprovider.options + index = options.selectedIndex + Enroll.providerType = options(index).value + Enroll.providerName = options(index).text + + ' adding 2 to "GenKeyFlags" will enable the 'High Security' + ' (USER_PROTECTED) mode, which means IE will pop up a dialog + ' asking what level of protection you would like to give + ' the key - this varies from 'none' to 'confirm password + ' every time the key is used' + Enroll.GenKeyFlags = 1 ' key PKCS12-exportable + szCertReq = Enroll.createPKCS10(szName, "1.3.6.1.5.5.7.3.2") + theError = Err.Number + On Error Goto 0 + ' + ' If the user has cancelled things the we simply ignore whatever + ' they were doing ... need to think what should be done here + ' + If (szCertReq = Empty AND theError = 0) Then + Exit Sub + End If + + If (szCertReq = Empty OR theError <> 0) Then + ' + ' There was an error in the key pair generation. The error value + ' is found in the variable 'theError' which we snarfed above before + ' we did the 'On Error Goto 0' which cleared it again. + ' + sz = "The error '" & Hex(theError) & "' occurred." & chr(13) & chr(10) & "Your credentials could not be generated." + result = MsgBox(sz, 0, "Credentials Enrollment") + Exit Sub + End If + + TheForm.csr.Value = szCertReq + + ' TheForm.Submit + +Else 'Vista + Dim enrollment + Dim privateKey + Dim request + Dim csr + Dim objDN + + 'certUsage is "1.3.6.1.5.5.7.3.2" + + On Error Resume Next + 'CreateObject("X509Enrollment.CX509EnrollmentWebClassFactory") + + If IsObject(g_objClassFactory) = False Then + result = MsgBox("Can't create Factory Object " & " Error: " & Err.number & " :" & Err.description,0,"") + Exit Sub + End If + + Set enrollment = g_objClassFactory.CreateObject("X509Enrollment.CX509Enrollment") + + If IsObject(enrollment) = False Then + result = MsgBox("Can't create enroll Object! " & " Error: " & Err.number & " :" & Err.description,"") + Exit Sub + End If + + Set privateKey = g_objClassFactory.CreateObject("X509Enrollment.CX509PrivateKey") + + If IsObject(privateKey) = False Then + result = MsgBox("Can't create Key Object! " & " Error: " & Err.number & " :" & Err.description,0,"") + Exit Sub + End If + + Set request = g_objClassFactory.CreateObject("X509Enrollment.CX509CertificateRequestPkcs10") + + If IsObject(request) = False Then + result = MsgBox("Can't create Request Object. ! " & " Error: " & Err.number & " :" & Err.description,0,"") + Exit Sub + End If + + privateKey.KeySpec= "1" + + ' Pick the provider that is selected + set options = TheForm.all.cryptprovider.options + index = options.selectedIndex + privateKey.ProviderType= index + privateKey.ProviderName = options(index).text + + szName = "0.9.2342.19200300.100.1.1=" & TheForm.uid.Value & ",E=" & TheForm.email.Value & ",CN=" & TheForm.cn.Value + + Set objDN = g_objClassFactory.CreateObject("X509Enrollment.CX500DistinguishedName") + + If IsObject(objDN) = False Then + result = MsgBox("Can't create DN Object. ! " & " Error: " & Err.number & " :" & Err.description,0,"") + Exit Sub + End If + + objDN.Encode szName,0 + + request.InitializeFromPrivateKey 1,privateKey,"" + request.Subject = objDN + + enrollment.InitializeFromRequest(request) + csr=enrollment.CreateRequest(1) + + If len(csr) = 0 Then + result = MsgBox("Error Creating Request! "& " Error: " & Err.number & " :" & Err.description,0,"") + Exit Sub + End If + + TheForm.csr.Value = csr + + End If + Exit Sub + +End Sub + +--> +</SCRIPT> +<center> +<table border="0" cellspacing="1" cellpadding="1"> +<tr> + <td>UID:</td> + <td><input type=text name=uid value=""></td> +</tr> +<tr> + <td>Full Name:</td> + <td><input type=text name=cn value=""></td> +</tr> +<tr> + <td>Site ID:</td> + <td><input type=text name=site_id value=""></td> +</tr> +<tr> + <td>Your Email:</td> + <td><input type=text name=email value=""></td> +</tr> +<tr> +</tr> +<tr> + <td> </td> + <td> </td> +</tr> +<script language=javascript> +<!-- + if (navigator.appName == "Microsoft Internet Explorer") { + document.writeln('<SELECT NAME=\"cryptprovider\"></SELECT>'); + } +--> +</script> +<tr> + <td> +<script language=javascript> +<!-- + if (navigator.appName == "Microsoft Internet Explorer") { + document.writeln('<input type=hidden name=csr_type value="pkcs10">'); + document.writeln('<input type=submit Name=Send value="Submit">'); + } else { + document.writeln('<input type=hidden name=csr_type value="crmf">'); + document.writeln('<input type=submit name=Submit value="Submit">'); + } +--> +</script> + </td> + <td></td> +</tr> +</table> +</center> +<input type=hidden name="csr" value=""> +<SCRIPT LANGUAGE=VBS> +<!-- +FindProviders + +Function FindProviders + Dim i, j + Dim providers() + i = 0 + j = 1 + Dim el + Dim temp + Dim first + Dim TheForm + Set TheForm = document.enrollment + On Error Resume Next + first = 0 + + Dim osVersion + Dim result + osVersion = GetOSVersion() + + If osVersion <> 6 Then 'Not Vista + Do While True + temp = "" + Enroll.providerType = j + temp = Enroll.enumProviders(i,0) + If Len(temp) = 0 Then + If j < 1 Then + j = j + 1 + i = 0 + Else + Exit Do + End If + Else + set el = document.createElement("OPTION") + el.text = temp + el.value = j + If temp = "Microsoft Base Cryptographic Provider v1.0" Then + first = i + End If + TheForm.cryptprovider.add(el) + If first = 0 Then + first = 1 + TheForm.cryptprovider.selectedIndex = 0 + Else + TheForm.cryptprovider.selectedIndex = first + End If + i = i + 1 + End If + Loop + Else 'Vista + + Dim csps + Set csps = g_objClassFactory.CreateObject("X509Enrollment.CCspInformations") + If IsObject(csps) = False Then + result = MsgBox("Can't create CSP List Object! " & " Error: " & Err.number & " :" & Err.description,0,"") + Exit Function + + End If + csps.AddAvailableCsps() + 'result = MsgBox(csps.Count,0,"Number of CSPS") + + Dim curName + Dim csp + Dim selected + selected = 0 + For i = 0 to csps.Count-1 + + curName = csps.ItemByIndex(i).Name + If len(curName) > 0 Then + Set csp = document.createElement("OPTION") + csp.text = curName + csp.value = 1 + TheForm.cryptprovider.add(csp) + + If curName = "Microsoft Base Cryptographic Provider v1.0" Then + selected = i + End If + 'result = MsgBox(curName,0,"") + End If + Next +TheForm.cryptprovider.selectedIndex = selected + End If +End Function + +--> +</SCRIPT> +</form> +#include ( "footer.vm" ) + +</body> +</html> |