Source code taken from cacert-20131016.tar.bz2
[cacert-devel.git] / includes / keygen.php
1 <? /*
2 LibreSSL - CAcert web application
3 Copyright (C) 2004-2011 CAcert Inc.
4
5 This program is free software; you can redistribute it and/or modify
6 it under the terms of the GNU General Public License as published by
7 the Free Software Foundation; version 2 of the License.
8
9 This program is distributed in the hope that it will be useful,
10 but WITHOUT ANY WARRANTY; without even the implied warranty of
11 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
12 GNU General Public License for more details.
13
14 You should have received a copy of the GNU General Public License
15 along with this program; if not, write to the Free Software
16 Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
17 */
18
19 if (array_key_exists('HTTP_USER_AGENT',$_SERVER) && strstr($_SERVER['HTTP_USER_AGENT'], "MSIE")) { ?>
20
21 <noscript>
22 <p><?=_('You have to enable JavaScript to generate certificates in the browser.')?></p>
23 <p><?=_('If you don\'t want to do that for any reason, you can use '.
24 'manually created certificate requests instead.')?></p>
25 </noscript>
26
27 <div id="noActiveX" style="color:red">
28 <p><?=_('Could not initialize ActiveX object required for certificate generation.')?></p>
29 <p><?=_('You have to enable ActiveX for this to work. On Windows Vista, Windows 7 and '.
30 'later versions you have to add this website to the list of trusted sites '.
31 'in the internet settings.')?></p>
32 <p><?php
33 printf(_('Go to "Extras -> Internet Options -> Security -> Trusted '.
34 'Websites", click on "Custom Level", set "ActiveX control '.
35 'elements that are not marked as safe initialized on start in '.
36 'scripts" to "Confirm" and click "OK". Now click "Sites", add '.
37 '"%s" and "%s" to your list of trusted sites and make the '.
38 'changes come into effect by clicking "Close" and "OK".'),
39 'https://'.$_SESSION['_config']['normalhostname'],
40 'https://'.$_SESSION['_config']['securehostname'])?>
41 </p>
42 </div>
43
44 <form method="post" style="display:none" action="account.php"
45 id="CertReqForm">
46 <input type="hidden" name="oldid" value="<?=intval($id)?>" />
47 <input type="hidden" id="CSR" name="CSR" />
48 <input type="hidden" name="keytype" value="MS" />
49
50 <p><?=_('Security level')?>:
51 <select id="SecurityLevel">
52 <option value="high" selected="selected"><?=_('High')?></option>
53 <option value="medium"><?=_('Medium')?></option>
54 <option value="custom"><?=_('Custom')?>&hellip;</option>
55 </select>
56 </p>
57
58 <fieldset id="customSettings" style="display:none">
59 <legend><?=_('Custom Parameters')?></legend>
60
61 <p><?=_('Cryptography Provider')?>:
62 <select id="CspProvider"></select>
63 </p>
64 <p><?=_('Algorithm')?>: <select id="algorithm"></select></p>
65 <p><?=_('Keysize')?>:
66 <input id="keySize" type="number" />
67 <?=_('Minimum Size')?>: <span id="keySizeMin"></span>,
68 <?=_('Maximum Size')?>: <span id="keySizeMax"></span>,
69 <?php
70 // TRANSLATORS: this specifies the step between two valid key
71 // sizes. E.g. if the step is 512 and the minimum is 1024 and
72 // the maximum is 2048, then only 1024, 1536 and 2048 bits may
73 // be specified as key size.
74 echo _('Step')?>: <span id="keySizeStep"></span></p>
75 <p style="color:red"><?php
76 printf(_('Please note that RSA key sizes smaller than %d bit '.
77 'will not be accepted by CAcert.'),
78 2048)?>
79 </p>
80 </fieldset>
81
82 <p><input type="submit" id="GenReq" name="GenReq" value="<?=_('Create Certificate')?>" /></p>
83 <p id="generatingKeyNotice" style="display:none">
84 <?=_('Generating your key. Please wait')?>&hellip;</p>
85 </form>
86
87 <!-- Error messages used in the JavaScript. Defined here so they can be
88 translated without passing the JavaScript code through PHP -->
89 <p id="createRequestErrorChooseAlgorithm" style="display:none">
90 <?=_('Could not generate certificate request. Probably you need to '.
91 'choose a different algorithm.')?>
92 </p>
93 <p id="createRequestErrorConfirmDialogue" style="display:none">
94 <?=_('Could not generate certificate request. Please confirm the '.
95 'dialogue if you are asked if you want to generate the key.')?>
96 </p>
97 <p id="createRequestErrorConnectDevice" style="display:none">
98 <?=_('Could not generate certificate request. Please make sure the '.
99 'cryptography device (e.g. the smartcard) is connected.')?>
100 </p>
101 <p id="createRequestError" style="display:none">
102 <?=_('Could not generate certificate request.')?>
103 </p>
104 <p id="invalidKeySizeError" style="display:none">
105 <?=_('You have specified an invalid key size')?>
106 </p>
107 <p id="unsupportedPlatformError" style="display:none">
108 <?=_('Could not initialize the cryptographic module for your '.
109 'platform. Currently we support Microsoft Windows XP, Vista '.
110 'and 7. If you\'re using one of these platforms and see this '.
111 'error message anyway you might have to enable ActiveX as '.
112 'described in the red explanation text and accept loading of '.
113 'the module.')?>
114 </p>
115
116 <script type="text/javascript" src="keygenIE.js"></script>
117
118 <? } else { ?>
119 <p>
120 <form method="post" action="account.php">
121 <input type="hidden" name="keytype" value="NS">
122 <?=_("Keysize:")?> <keygen name="SPKAC" challenge="<? $_SESSION['spkac_hash']=make_hash(); echo $_SESSION['spkac_hash']; ?>">
123
124 <input type="submit" name="submit" value="<?=_("Create Certificate Request")?>">
125 <input type="hidden" name="oldid" value="<?=intval($id)?>">
126 </form>
127 </p>
128 <? }