public function pre_process($person) { parent::pre_process($person); $this->tpl->assign('extraScripts', array('js/jquery-1.6.1.min.js')); $this->tpl->assign('rawScript', file_get_contents('../include/rawToggleExpand.js')); if (isset($_GET['status_poll'])) { $order_number = Input::sanitizeCertKey($_GET['status_poll']); /* assign the order_number again */ $this->tpl->assign('order_number', $order_number); $this->tpl->assign('status_poll', true); $anticsrf = "anticsrf=" . Input::sanitizeAntiCSRFToken($_GET['anticsrf']); $this->tpl->assign('ganticsrf', $anticsrf); if ($this->ca->pollCertStatus($order_number)) { /* redirect to certificate download area */ CS::setSessionKey("browserCert", $order_number); header("Location: download_certificate.php"); } } /* when the key has been generated in the browser and the * resulting CSR has been uploaded to the server, we end up * here. */ if (isset($_POST['browserRequest'])) { $ua = Output::getUserAgent(); switch ($ua) { case "opera": case "safari": case "mozilla": case "chrome": $csr = new CSR_SPKAC(trim(Input::sanitizeBase64($_POST['browserRequest']))); break; case "msie_pre_vista": case "msie_post_vista": $csrContent = CSR::$PEM_PREFIX . "\n" . trim(Input::sanitizeBase64($_POST['browserRequest'])) . "\n" . CSR::$PEM_SUFFIX; $csr = new CSR_PKCS10($csrContent); break; } if (!empty($csr) && $csr->isValid()) { try { $order_number = $this->signCSR($csr); $this->tpl->assign('order_number', $order_number); } catch (KeySignException $kse) { Framework::error_output($this->translateTag('l10n_sign_error', 'processcsr') . "<br /><br />" . $kse->getMessage()); Logger::logEvent(LOG_WARNING, "CP_Browser_CSR", "pre_process()", "Could not sign CSR because of " . $kse->getMessage() . " User: "******"CP_Browser_CSR", "pre_process()", "Received browser-CSR that could not be parsed!" . " User: " . $this->person->getEPPN(), __LINE__); } } }
/** * getFromDB() find one (or all) CSR(s) for a person in the database. * * @param uid $person limit the query to the person's common-name * @param String|null $pubHash the hash of the public key * @return CSR|False The CSR for the person * @access public */ static function getFromDB($uid, $pubHash) { $res = false; if (!isset($uid) || !isset($pubHash)) { return false; } $query = "SELECT * FROM csr_cache WHERE "; $query .= "auth_key=:auth_key AND "; $query .= "common_name=:common_name"; $data = array(); $data['auth_key'] = $pubHash; $data['common_name'] = $uid; try { $csr_res = MDB2Wrapper::execute($query, null, $data); if (count($csr_res) != 1) { return false; } } catch (DBStatementException $dbse) { Logger::log_event(LOG_WARNING, __FILE__ . ":" . __LINE__ . "cannot retrieve CSR from DB. Server said: " . $dbse->getMessage()); return false; } catch (DBQueryException $dbqe) { Logger::log_event(LOG_WARNING, __FILE__ . ":" . __LINE__ . "cannot retrieve CSR from DB. Server said: " . $dbse->getMessage()); return false; } $csr_type = $csr_res[0]['type']; if ($csr_type == CSR_PKCS10::getCSRType()) { $csr = new CSR_PKCS10($csr_res[0]['csr']); } else { if ($csr_type == CSR_SPKAC::getCSRType()) { $csr = new CSR_SPKAC($csr_res[0]['csr']); } else { throw new CryptoElementException("Unsupported CSR type " . $csr_type . "!"); } } $csr->setUploadedDate($csr_res[0]['uploaded_date']); $csr->setUploadedFromIP(Output::formatIP($csr_res[0]['from_ip'], true)); if ($csr->getAuthToken() !== $pubHash) { Logger::log_event(LOG_ALERT, "Found CSR in database with hash {$pubHash} but " . "this does not correspond to pubkey. Corrupted db?"); return false; } return $csr; }