function pre_process($person)
{
parent::pre_process($person);
/* can be received when pressing "Back" on the CSR-signing overview */
if (isset($_POST['deleteCSR'])) {
$authToken = Input::sanitizeCertKey($_POST['deleteCSR']);
CSR::deleteFromDB($person, $authToken);
return;
}
$this->tpl->assign('extraScripts', array('js/jquery-1.6.1.min.js'));
$this->tpl->assign('rawScript', file_get_contents('../include/rawToggleExpand.js'));
$emailsDesiredByNREN = $this->person->getNREN()->getEnableEmail();
$registeredPersonMails = $this->person->getNumEmails();
/** e-mail selection was skipped */
if (isset($_GET['skipped_email']) && $_GET['skipped_email'] == 'yes') {
$this->tpl->assign('skippedEmail', true);
if (($emailsDesiredByNREN == '1' || $emailsDesiredByNREN == 'm') && $registeredPersonMails == 1) {
$this->person->regCertEmail($this->person->getEmail());
$this->person->storeRegCertEmails();
}
} else {
if (isset($_POST['subjAltName_email']) && is_array($_POST['subjAltName_email'])) {
foreach ($_POST['subjAltName_email'] as $key => $value) {
Logger::logEvent(LOG_INFO, "CP_Select_Email", "pre_process()", "User " . $this->person->getEPPN() . ", registering " . "the following e-mail: " . $value);
$this->person->regCertEmail(Input::sanitizeText($value));
}
$this->person->storeRegCertEmails();
}
}
}
public function pre_process($person)
{
parent::pre_process($person);
$res = false;
if ($this->person->isAuth()) {
if (isset($_GET['file_cert'])) {
$authKey = Input::sanitizeCertKey($_GET['file_cert']);
try {
$cert = $this->ca->getCert($authKey);
if (isset($cert) && $cert->isValid()) {
include 'file_download.php';
download_file($cert->getPEMContent(), 'usercert.pem');
exit(0);
}
} catch (ConfusaGenException $cge) {
Framework::error_output($this->translateMessageTag('downl_err_nodownload') . " " . htmlentities($cge->getMessage()));
}
} else {
if (isset($_GET['cert_status'])) {
$this->pollCertStatusAJAX(Input::sanitizeCertKey($_GET['cert_status']));
} else {
if (isset($_GET['certlist_all'])) {
$this->showAll = $_GET['certlist_all'] == "true";
} else {
if (isset($_GET['revoke']) && $_GET['revoke'] == 'revoke_single') {
$order_number = Input::sanitizeCertKey($_GET['order_number']);
/* sanitized by checking inclusion in the REVOCATION_REASONS
* array
*/
if (!array_key_exists('reason', $_GET)) {
Framework::error_output($this->translateMessageTag('rev_err_singlenoreason'));
return;
}
$reason = Input::sanitizeText(trim($_GET['reason']));
try {
if (!isset($order_number) || !isset($reason)) {
Framework::error_output("Revoke Certificate: Errors with parameters, not set properly");
} elseif (!$this->checkRevocationPermissions($order_number)) {
Framework::error_output($this->translateMessageTag('rev_err_singlenoperm'));
} elseif (!$this->ca->revokeCert($order_number, $reason)) {
Framework::error_output($this->translateMessageTag('rev_err_notyet1') . htmlentities($order_number) . $this->translateMessageTag('rev_err_notyet2') . htmlentities($reason));
} else {
Framework::message_output($this->translateMessageTag('rev_suc_single1') . htmlentities($order_number) . $this->translateMessageTag('rev_suc_single2'));
if (Config::get_config('ca_mode') === CA_COMODO && Config::get_config('capi_test') === true) {
Framework::message_output($this->translateTag('l10n_msg_revsim1', 'revocation'));
}
}
} catch (ConfusaGenException $cge) {
Framework::error_output($this->translateMessageTag('rev_err_singleunspec') . " " . htmlentities($cge->getMessage()));
}
}
}
}
}
}
return false;
}
public function pre_process($person)
{
parent::pre_process($person);
$this->tpl->assign('extraScripts', array('js/jquery-1.6.1.min.js'));
$this->tpl->assign('rawScript', file_get_contents('../include/rawToggleExpand.js'));
if (isset($_GET['status_poll'])) {
$order_number = Input::sanitizeCertKey($_GET['status_poll']);
/* assign the order_number again */
$this->tpl->assign('order_number', $order_number);
$this->tpl->assign('status_poll', true);
$anticsrf = "anticsrf=" . Input::sanitizeAntiCSRFToken($_GET['anticsrf']);
$this->tpl->assign('ganticsrf', $anticsrf);
if ($this->ca->pollCertStatus($order_number)) {
/* redirect to certificate download area */
CS::setSessionKey("browserCert", $order_number);
header("Location: download_certificate.php");
}
}
/* when the key has been generated in the browser and the
* resulting CSR has been uploaded to the server, we end up
* here.
*/
if (isset($_POST['browserRequest'])) {
$ua = Output::getUserAgent();
switch ($ua) {
case "opera":
case "safari":
case "mozilla":
case "chrome":
$csr = new CSR_SPKAC(trim(Input::sanitizeBase64($_POST['browserRequest'])));
break;
case "msie_pre_vista":
case "msie_post_vista":
$csrContent = CSR::$PEM_PREFIX . "\n" . trim(Input::sanitizeBase64($_POST['browserRequest'])) . "\n" . CSR::$PEM_SUFFIX;
$csr = new CSR_PKCS10($csrContent);
break;
}
if (!empty($csr) && $csr->isValid()) {
try {
$order_number = $this->signCSR($csr);
$this->tpl->assign('order_number', $order_number);
} catch (KeySignException $kse) {
Framework::error_output($this->translateTag('l10n_sign_error', 'processcsr') . "<br /><br />" . $kse->getMessage());
Logger::logEvent(LOG_WARNING, "CP_Browser_CSR", "pre_process()", "Could not sign CSR because of " . $kse->getMessage() . " User: "******"CP_Browser_CSR", "pre_process()", "Received browser-CSR that could not be parsed!" . " User: " . $this->person->getEPPN(), __LINE__);
}
}
}
public function pre_process($person)
{
parent::pre_process($person);
$authvar = "";
$csr = null;
if (isset($_POST['signCSR'])) {
$this->signCSR(Input::sanitizeCertKey($_POST['signCSR']));
return;
}
/* Testing for uploaded files */
if (isset($_FILES['user_csr']['name'])) {
try {
$csr = CSRUpload::receiveUploadedCSR('user_csr', true);
} catch (FileException $fileEx) {
$msg = $this->translateTag('l10n_err_csrproc', 'processcsr');
Framework::error_output($msg . $fileEx->getMessage());
$this->csr = null;
return;
}
} else {
if (isset($_POST['user_csr'])) {
try {
$csr = CSRUPload::receivePastedCSR('user_csr');
} catch (ConfusaGenException $cge) {
$msg = $this->translateTag('l10n_err_no_csr', 'processcsr');
Framework::error_output($msg . $cg - e > getMessage());
$this->csr = null;
return;
}
} else {
/* No CSR present, neither paste nor file, kindly bump user */
Framework::error_output($this->translateTag('l10n_err_no_csr', 'processcsr'));
return;
}
}
if (!$csr->isValid()) {
$msg = $this->translateTag('l10n_err_csrinvalid1', 'processcsr');
$msg .= Config::get_config('min_key_length');
$msg .= $this->translateTag('l10n_err_csrinvalid2', 'processcsr');
Framework::error_output($msg);
$this->csr = null;
return;
}
if (Config::get_config('ca_mode') == CA_COMODO || match_dn($csr->getSubject(), $this->ca->getFullDN())) {
$csr->setUploadedDate(date("Y-m-d H:i:s"));
$csr->setUploadedFromIP($_SERVER['REMOTE_ADDR']);
$csr->storeDB($this->person);
$this->csr = $csr;
}
}
/**
* Download a single certificate, identified by some sort of auth-key
* (order-number, hash-like auth-key)
* FIXME format currently ignored
*/
public function processDownloadSingle()
{
/* FIXME return a separate status code if the certificate does not
* exist (404), wait for better CA interface :)
*/
/* FIXME return 202 if the cert is still being processed, wait for
* a better CA interface for that */
$auth_key = Input::sanitizeCertKey($this->parameters[0]);
if (isset($this->parameters[1])) {
$format = $this->parameters[1];
if (array_search(strtoupper($format), $this->CERT_FORMATS) === FALSE) {
$msg = "If you want to query for certificates, do HTTP GET on an URL like:\n";
$msg .= "/api/certifificates.php/<auth-key>/<cert-format> where:\n";
$msg .= "\t\t<auth-key>:\tUnique identifier of the certificate.\n";
$msg .= "\t\t<cert-format>:\tThe format of the certificate, one of " . implode(",", $this->CERT_FORMATS) . "\n";
$this->errorBadRequest($msg);
}
}
$cert = $this->ca->getCert($auth_key);
$certHash = hash("sha256", $cert);
header("ETag: \"{$certHash}\"");
echo "cert={$cert}";
exit(0);
}
