public function pre_process($person)
{
parent::pre_process($person);
$this->tpl->assign('extraScripts', array('js/jquery-1.6.1.min.js'));
$this->tpl->assign('rawScript', file_get_contents('../include/rawToggleExpand.js'));
if (isset($_GET['status_poll'])) {
$order_number = Input::sanitizeCertKey($_GET['status_poll']);
/* assign the order_number again */
$this->tpl->assign('order_number', $order_number);
$this->tpl->assign('status_poll', true);
$anticsrf = "anticsrf=" . Input::sanitizeAntiCSRFToken($_GET['anticsrf']);
$this->tpl->assign('ganticsrf', $anticsrf);
if ($this->ca->pollCertStatus($order_number)) {
/* redirect to certificate download area */
CS::setSessionKey("browserCert", $order_number);
header("Location: download_certificate.php");
}
}
/* when the key has been generated in the browser and the
* resulting CSR has been uploaded to the server, we end up
* here.
*/
if (isset($_POST['browserRequest'])) {
$ua = Output::getUserAgent();
switch ($ua) {
case "opera":
case "safari":
case "mozilla":
case "chrome":
$csr = new CSR_SPKAC(trim(Input::sanitizeBase64($_POST['browserRequest'])));
break;
case "msie_pre_vista":
case "msie_post_vista":
$csrContent = CSR::$PEM_PREFIX . "\n" . trim(Input::sanitizeBase64($_POST['browserRequest'])) . "\n" . CSR::$PEM_SUFFIX;
$csr = new CSR_PKCS10($csrContent);
break;
}
if (!empty($csr) && $csr->isValid()) {
try {
$order_number = $this->signCSR($csr);
$this->tpl->assign('order_number', $order_number);
} catch (KeySignException $kse) {
Framework::error_output($this->translateTag('l10n_sign_error', 'processcsr') . "<br /><br />" . $kse->getMessage());
Logger::logEvent(LOG_WARNING, "CP_Browser_CSR", "pre_process()", "Could not sign CSR because of " . $kse->getMessage() . " User: "******"CP_Browser_CSR", "pre_process()", "Received browser-CSR that could not be parsed!" . " User: " . $this->person->getEPPN(), __LINE__);
}
}
}
/**
* getFromDB() find one (or all) CSR(s) for a person in the database.
*
* @param uid $person limit the query to the person's common-name
* @param String|null $pubHash the hash of the public key
* @return CSR|False The CSR for the person
* @access public
*/
static function getFromDB($uid, $pubHash)
{
$res = false;
if (!isset($uid) || !isset($pubHash)) {
return false;
}
$query = "SELECT * FROM csr_cache WHERE ";
$query .= "auth_key=:auth_key AND ";
$query .= "common_name=:common_name";
$data = array();
$data['auth_key'] = $pubHash;
$data['common_name'] = $uid;
try {
$csr_res = MDB2Wrapper::execute($query, null, $data);
if (count($csr_res) != 1) {
return false;
}
} catch (DBStatementException $dbse) {
Logger::log_event(LOG_WARNING, __FILE__ . ":" . __LINE__ . "cannot retrieve CSR from DB. Server said: " . $dbse->getMessage());
return false;
} catch (DBQueryException $dbqe) {
Logger::log_event(LOG_WARNING, __FILE__ . ":" . __LINE__ . "cannot retrieve CSR from DB. Server said: " . $dbse->getMessage());
return false;
}
$csr_type = $csr_res[0]['type'];
if ($csr_type == CSR_PKCS10::getCSRType()) {
$csr = new CSR_PKCS10($csr_res[0]['csr']);
} else {
if ($csr_type == CSR_SPKAC::getCSRType()) {
$csr = new CSR_SPKAC($csr_res[0]['csr']);
} else {
throw new CryptoElementException("Unsupported CSR type " . $csr_type . "!");
}
}
$csr->setUploadedDate($csr_res[0]['uploaded_date']);
$csr->setUploadedFromIP(Output::formatIP($csr_res[0]['from_ip'], true));
if ($csr->getAuthToken() !== $pubHash) {
Logger::log_event(LOG_ALERT, "Found CSR in database with hash {$pubHash} but " . "this does not correspond to pubkey. Corrupted db?");
return false;
}
return $csr;
}
