/**
* Sign the CSR with the passed authToken. If signing succeeds, the class
* member authKey is set to the orderNumber/certHash. If not, an error is
* displayer
* @param $authToken pubkey hash of the CSR that is to be signed
*/
private function signCSR($authToken)
{
$csr = CSR::getFromDB($this->person->getX509ValidCN(), $authToken);
if (!isset($csr) || !$csr) {
$errorTag = PW::create();
Framework::error_output("[{$errorTag}] Did not find CSR with auth_token " . htmlentities($auth_token));
$msg = "User " . $this->person->getEPPN() . " ";
$msg .= "tried to delete CSR with auth_token " . $authToken . " but was unsuccessful";
Logger::logEvent(LOG_NOTICE, "Process_CSR", "approveCSR({$authToken})", $msg, __LINE__, $errorTag);
return false;
}
try {
if (!isset($this->ca)) {
Framework::error_output($this->translateTag('l10n_err_noca', 'processcsr'));
return false;
}
$permission = $this->person->mayRequestCertificate();
if ($permission->isPermissionGranted() === false) {
Framework::error_output($this->translateTag('l10n_err_noperm1', 'processcsr') . "<br /><br />" . $permission->getFormattedReasons() . "<br />" . $this->translateTag('l10n_err_noperm2', 'processcsr'));
return;
}
$this->authKey = $this->ca->signKey($csr);
} catch (CGE_ComodoAPIException $capie) {
Framework::error_output($this->translateTag('l10n_sign_error', 'processcsr') . htmlentities($capie));
return false;
} catch (ConfusaGenException $e) {
$msg = $this->translateTag('l10n_sign_error', 'processcsr') . "<br /><br /><i>" . htmlentities($e->getMessage()) . "</i><br />";
Framework::error_output($msg);
return false;
} catch (KeySigningException $kse) {
Framework::error_output($this->translateTag('l10n_sign_error', 'processcsr') . htmlentites($kse->getMessage()));
return false;
}
CSR::deleteFromDB($this->person, $authToken);
}
