示例#1
0
    case 'display':
        printHeader(false);
        ?>
    <div style="text-align:center"><h2>Certificate Details</h2></div>
	<div style="text-align:center"><h3 style="color:#0000AA">(#<?php 
        echo $serial;
        ?>
)<br><?php 
        echo htvar(CA_cert_cname($serial) . ' <' . CA_cert_email($serial) . '>');
        ?>
 </h3></div>
	<?php 
        if ($revoke_date = CAdb_is_revoked($serial)) {
            print '<div style="text-align:center"><h2 style="color:red">REVOKED ' . $revoke_date . '</h2></div>';
        }
        print '<pre>' . CA_cert_text($serial) . '</pre>';
        # Added htvar() to sanitize against htmlentities
        break;
    case 'dl-confirm':
        printHeader('ca');
        $rec = CAdb_get_entry($serial);
        ?>
	<h3>You are about to download the <font color="red">PRIVATE</font> certificate key for <?php 
        echo htvar($rec['common_name']) . ' &lt;' . htvar($rec['email']) . '&gt; ';
        ?>
</h3>
	<h3 style="color:red">DO NOT DISTRIBUTE THIS FILE TO THE PUBLIC!</h3>
	<form action="<?php 
        echo $PHP_SELF . '?stage=download&serial=' . $serial . '&' . $qstr_sort . '&' . $qstr_filter;
        ?>
" method="post">
示例#2
0
文件: search.php 项目: rhaxton/phpki
    $stage = "";
}
# Force filter to (V)alid certs if no search status is selected.
if (!($show_valid . $show_revoked . $show_expired)) {
    $show_valid = 'V';
}
switch ($stage) {
    case display:
        printHeader('about');
        print '
	<center><h2>Certificate Details</h2></center>
	<center><font color=#0000AA><h3>(#' . htvar($serial) . ')<br>' . htvar(CA_cert_cname($serial) . ' <' . CA_cert_email($serial) . '>') . '</h3></font></center>';
        if ($revoke_date = CAdb_is_revoked($serial)) {
            print '<center><font color=red><h2>REVOKED ' . htvar($revoke_date) . '</h2></font></center>';
        }
        print '<pre>' . htvar(CA_cert_text($serial)) . '</pre>';
        break;
    case 'download':
        $rec = CAdb_get_entry($serial);
        upload("{$config['cert_dir']}/{$serial}.der", "{$rec['common_name']} ({$rec['email']}).cer", 'application/pkix-cert');
        break;
    case search:
        printHeader('public');
        $db = CAdb_to_array("^[{$show_valid}{$show_revoked}{$show_expired}].*{$search}");
        print '<body onLoad="self.focus();document.form.submit.focus()">';
        if (sizeof($db) == 0) {
            ?>
		<center>
		<h2>Nothing Found</h2>
		<form action=<?php 
            echo $PHP_SELF;
示例#3
0
        }
        //if ( ! is_alnum($passwd) or ! is_alnum($passwdv) )
        //	$er .= 'Password contains invalid characters.<br>';
        if ($email && !is_email($email)) {
            $er .= 'E-mail address (' . htvar($email) . ') may be invalid.<br>';
        }
        if ($country && !is_alpha($country)) {
            # Check if country code only contains alphabetic characters
            $er .= 'Country code is invalid.';
        }
        if ($er) {
            $er = '<h2>ERROR(S) IN FORM:</h2><h4><blockquote>' . $er . '</blockquote></h4>';
        }
        if ($email && ($serial = CAdb_in($email, $common_name))) {
            $er = '';
            $certtext = CA_cert_text($serial);
            $er .= '<h2>A valid certificate already exists for ' . htvar("{$common_name}  <{$email}>") . '</h2>';
            $er .= '</font><blockquote><pre> ' . htvar($certtext) . ' </pre></blockquote>';
        }
        if ($er) {
            printHeader();
            ?>
		
		<form action="<?php 
            print $PHP_SELF;
            ?>
" method="post">
		<input class="btn" type="submit" name="submit" value='Go Back'>
		<font color=#ff0000><?php 
            print $er;
            ?>
示例#4
0
function CA_cert_type($serial)
{
    $certtext = CA_cert_text($serial);
    #if (ereg('OpenSSL.* (E.?mail|Personal) .*Certificate', $certtext) && ereg('Code Signing', $certtest)) {
    #	$cert_type = 'email_signing';
    #}
    if (preg_match('OpenSSL.* (E.?mail|Personal) .*Certificate', $certtext) && preg_match('Code Signing', $certtest)) {
        $cert_type = 'email_signing';
    }
    #if (ereg('OpenSSL.* (E.?mail|Personal) .*Certificate', $certtext)) {
    #	$cert_type = 'email';
    #}
    if (preg_match('OpenSSL.* (E.?mail|Personal) .*Certificate', $certtext)) {
        $cert_type = 'email';
    } elseif (preg_match('OpenSSL.* Server .*Certificate', $certtext)) {
        $cert_type = 'server';
    } elseif (preg_match('timeStamping|Time Stamping', $certtext)) {
        $cert_type = 'time_stamping';
    } elseif (preg_match('TLS Web Client Authentication', $certtext) && preg_match('TLS Web Server Authentication', $certtext)) {
        $cert_type = 'vpn_client_server';
    } elseif (preg_match('TLS Web Client Authentication', $certtext)) {
        $cert_type = 'vpn_client';
    } elseif (preg_match('TLS Web Server Authentication', $certtext)) {
        $cert_type = 'vpn_server';
    } else {
        $cert_type = 'vpn_client_server';
    }
    return $cert_type;
}