974d56e51c4ffc1f2e3df08563ced633d94612d5
[cacert-devel.git] / includes / keygen.php
1 <? /*
2 LibreSSL - CAcert web application
3 Copyright (C) 2004-2011 CAcert Inc.
4
5 This program is free software; you can redistribute it and/or modify
6 it under the terms of the GNU General Public License as published by
7 the Free Software Foundation; version 2 of the License.
8
9 This program is distributed in the hope that it will be useful,
10 but WITHOUT ANY WARRANTY; without even the implied warranty of
11 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
12 GNU General Public License for more details.
13
14 You should have received a copy of the GNU General Public License
15 along with this program; if not, write to the Free Software
16 Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
17 */
18
19 if (array_key_exists('HTTP_USER_AGENT',$_SERVER) &&
20 strstr($_SERVER['HTTP_USER_AGENT'], "MSIE")) { ?>
21 <object
22 classid="clsid:127698e4-e730-4e5c-a2b1-21490a70c8a1"
23 codebase="/xenroll.cab#Version=5,131,3659,0"
24 id="cec"
25 >
26 <?=_("You must enable ActiveX for this to work. On Vista you have to add this website to the list of trusted sites in the internet-settings.")?>
27 <?=_("Go to Extras->Internet Options->Security->Trusted Websites, click on Custom Level, check ActiveX control elements that are not marked as safe initialized on start in scripts")?>
28 </object>
29
30 <form method="post" action="account.php" name="CertReqForm"><p>
31 <input type="hidden" name="session" value="UsedXenroll">
32 <?=_("Key Strength:")?> <select name="CspProvider"></select>
33
34 <input type="hidden" name="oldid" value="<?=$id?>">
35 <INPUT TYPE=HIDDEN NAME="CSR">
36 <input type="hidden" name="keytype" value="MS">
37 <input type="submit" name="GenReq" value="Create Certificate"><br>
38 </p></form>
39
40 <script type="text/vbscript" language="vbscript">
41 <!--
42 Function GetProviderList()
43 Dim CspList, cspIndex, ProviderName
44 On Error Resume Next
45
46 count = 0
47 base = 0
48 enhanced = 0
49 CspList = ""
50 ProviderName = ""
51
52 // Vista:
53 Set csps = CreateObject("X509Enrollment.CCspInformations")
54 If IsObject(csps) Then
55 csps.AddAvailableCsps()
56 Document.CertReqForm.keytype.value="VI"
57 For j = 0 to csps.Count-1
58 Set oOption = document.createElement("OPTION")
59 oOption.text = csps.ItemByIndex(j).Name
60 oOption.value = j
61 Document.CertReqForm.CspProvider.add(oOption)
62 Next
63
64 Else
65
66 // 2000,XP:
67
68 For ProvType = 0 to 13
69 cspIndex = 0
70 cec.ProviderType = ProvType
71 ProviderName = cec.enumProviders(cspIndex,0)
72
73 while ProviderName <> ""
74 Set oOption = document.createElement("OPTION")
75 oOption.text = ProviderName
76 oOption.value = ProvType
77 Document.CertReqForm.CspProvider.add(oOption)
78 if ProviderName = "Microsoft Base Cryptographic Provider v1.0" Then
79 base = count
80 end if
81 if ProviderName = "Microsoft Enhanced Cryptographic Provider v1.0" Then
82 enhanced = count
83 end if
84 cspIndex = cspIndex +1
85 ProviderName = ""
86 ProviderName = cec.enumProviders(cspIndex,0)
87 count = count + 1
88 wend
89 Next
90 Document.CertReqForm.CspProvider.selectedIndex = base
91 if enhanced then
92 Document.CertReqForm.CspProvider.selectedIndex = enhanced
93 end if
94 End If
95 End Function
96
97 Function CSR(keyflags)
98 CSR = ""
99 szName = ""
100
101
102 // Vista
103 if Document.CertReqForm.keytype.value="VI" Then
104 Dim g_objClassFactory
105 Dim obj
106 Dim objPrivateKey
107 Dim g_objRequest
108 Dim g_objRequestCMC
109
110 Set g_objClassFactory = CreateObject("X509Enrollment.CX509EnrollmentWebClassFactory")
111 Set obj = g_objClassFactory.CreateObject("X509Enrollment.CX509Enrollment")
112 Set objPrivateKey = g_objClassFactory.CreateObject("X509Enrollment.CX509PrivateKey")
113 Set objRequest = g_objClassFactory.CreateObject("X509Enrollment.CX509CertificateRequestPkcs10")
114 //Msgbox exit function
115 objPrivateKey.ProviderName = Document.CertReqForm.CspProvider(Document.CertReqForm.CspProvider.selectedIndex).text
116 // "Microsoft Enhanced RSA and AES Cryptographic Provider"
117 objPrivateKey.ProviderType = "24"
118 objPrivateKey.KeySpec = "1"
119 objPrivateKey.ExportPolicy = 1
120 select case Document.CertReqForm.keySize
121 case "3072"
122 objPrivateKey.Length = &h0C000000
123 case "4096"
124 objPrivateKey.Length = &h10000000
125 case else
126 objPrivateKey.Length = &h08000000
127 end select
128 objRequest.InitializeFromPrivateKey 1, objPrivateKey, ""
129 Set objDN = g_objClassFactory.CreateObject("X509Enrollment.CX500DistinguishedName")
130 objDN.Encode("CN=CAcertRequest")
131 objRequest.Subject = objDN
132
133 // obj.Initialize(1)
134 obj.InitializeFromRequest(objRequest)
135 obj.CertificateDescription = "Description"
136 obj.CertificateFriendlyName = "FriendlyName"
137 CSR = obj.CreateRequest(1)
138 If len(CSR)<>0 Then Exit Function
139 Msgbox "<?=_("Error while generating the certificate-request. Please make sure that you have added this website to the list of trusted sites in the Internet-Options menu!")?>"
140
141 else
142 // XP
143 Dim lngAltKeyFlag
144
145 cec.HashAlgorithm = "MD5"
146 err.clear
147 On Error Resume Next
148 set options = document.all.CspProvider.options
149 index = options.selectedIndex
150 cec.providerName = options(index).text
151 tmpProviderType = options(index).value
152 cec.providerType = tmpProviderType
153 cec.KeySpec = 2
154 if tmpProviderType < 2 Then
155 cec.KeySpec = 1
156 end if
157
158 select case Document.CertReqForm.keySize
159 case "3072"
160 cec.GenKeyFlags = &h0C000001
161 lngAltKeyFLag = &h0C000000
162 case "4096"
163 cec.GenKeyFlags = &h10000001
164 lngAltKeyFLag = &h10000000
165 case else
166 cec.GenKeyFlags = &h08000001
167 lngAltKeyFLag = &h08000000
168 end select
169 CSR = cec.createPKCS10(szName, "1.3.6.1.5.5.7.3.2")
170 if len(CSR)<>0 then Exit Function
171 cec.GenKeyFlags = lngAltKeyFLag
172 CSR = cec.createPKCS10(szName, "1.3.6.1.5.5.7.3.2")
173 if len(CSR)<>0 then Exit Function
174 if cec.providerName = "Microsoft Enhanced Cryptographic Provider v1.0" Then
175 if MsgBox("<?=_("The high encryption key generation failed. Would you like to try 512 instead?")?>", vbOkCancel)=vbOk Then
176 cec.providerName = "Microsoft Base Cryptographic Provider v1.0"
177 else
178 Exit Function
179 end if
180 end if
181 cec.GenKeyFlags = 1 OR keyflags
182 CSR = cec.createPKCS10(szName, "1.3.6.1.5.5.7.3.2")
183 if len(CSR)<>0 then Exit Function
184 cec.GenKeyFlags = keyflags
185 CSR = cec.createPKCS10(szName, "1.3.6.1.5.5.7.3.2")
186 if len(CSR)<>0 then Exit Function
187 cec.GenKeyFlags = 0
188 CSR = cec.createPKCS10(szName, "1.3.6.1.5.5.7.3.2")
189 End if
190 End Function
191
192 Sub GenReq_OnClick
193 Dim TheForm
194 Set TheForm = Document.CertReqForm
195 err.clear
196 result = CSR(2)
197 if len(result)=0 Then
198 result = MsgBox("Unable to generate PKCS#10.", 0, "Alert")
199 Exit Sub
200 end if
201 TheForm.CSR.Value = result
202 TheForm.Submit
203 Exit Sub
204 End Sub
205
206 GetProviderList()
207 -->
208 </script>
209 <? } else { ?>
210 <p>
211 <form method="post" action="account.php">
212 Select Keysize: <select name="keySize" id="keySize">
213 <option value="2048" selected="selected">2048</option>
214 <option value="3072">3072</option>
215 <option value="4096">4096</option>
216 </select>
217
218 <input type="hidden" name="keytype" value="NS">
219 <?=_("Keysize:")?> <keygen name="SPKAC" challenge="<? $_SESSION['spkac_hash']=make_hash(); echo $_SESSION['spkac_hash']; ?>">
220
221 <input type="submit" name="submit" value="<?=_("Create Certificate Request")?>">
222 <input type="hidden" name="oldid" value="<?=$id?>">
223 </form>
224 </p>
225 <? }