First commit of tag changes. bug-1444
[cacert-devel.git] / includes / keygen.php
1 <?php /*
2 LibreSSL - CAcert web application
3 Copyright (C) 2004-2011 CAcert Inc.
4
5 This program is free software; you can redistribute it and/or modify
6 it under the terms of the GNU General Public License as published by
7 the Free Software Foundation; version 2 of the License.
8
9 This program is distributed in the hope that it will be useful,
10 but WITHOUT ANY WARRANTY; without even the implied warranty of
11 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
12 GNU General Public License for more details.
13
14 You should have received a copy of the GNU General Public License
15 along with this program; if not, write to the Free Software
16 Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
17 */
18
19 if (array_key_exists('HTTP_USER_AGENT',$_SERVER) && strstr($_SERVER['HTTP_USER_AGENT'], "MSIE")) { ?>
20
21 <noscript>
22 <p><?php echo _('You have to enable JavaScript to generate certificates in the browser.')?></p>
23 <p><?php echo _('If you don\'t want to do that for any reason, you can use '.
24 'manually created certificate requests instead.')?></p>
25 </noscript>
26
27 <div id="noActiveX" style="color:red">
28 <p><?php echo _('Could not initialize ActiveX object required for certificate generation.')?></p>
29 <p><?php echo _('You have to enable ActiveX for this to work. On Windows Vista, Windows 7 and '.
30 'later versions you have to add this website to the list of trusted sites '.
31 'in the internet settings.')?></p>
32 <p><?php
33 printf(_('Go to "Extras -> Internet Options -> Security -> Trusted '.
34 'Websites", click on "Custom Level", set "ActiveX control '.
35 'elements that are not marked as safe initialized on start in '.
36 'scripts" to "Confirm" and click "OK". Now click "Sites", add '.
37 '"%s" and "%s" to your list of trusted sites and make the '.
38 'changes come into effect by clicking "Close" and "OK".'),
39 'https://'.$_SESSION['_config']['normalhostname'],
40 'https://'.$_SESSION['_config']['securehostname'])?>
41 </p>
42 </div>
43
44 <form method="post" style="display:none" action="account.php"
45 id="CertReqForm">
46 <input type="hidden" name="oldid" value="<?php echo intval($id)?>" />
47 <input type="hidden" id="CSR" name="CSR" />
48 <input type="hidden" name="keytype" value="MS" />
49
50 <p><?php echo _('Security level')?>:
51 <select id="SecurityLevel">
52 <option value="high" selected="selected"><?php echo _('High')?></option>
53 <option value="medium"><?php echo _('Medium')?></option>
54 <option value="custom"><?php echo _('Custom')?>&hellip;</option>
55 </select>
56 </p>
57
58 <fieldset id="customSettings" style="display:none">
59 <legend><?php echo _('Custom Parameters')?></legend>
60
61 <p><?php echo _('Cryptography Provider')?>:
62 <select id="CspProvider"></select>
63 </p>
64 <p><?php echo _('Algorithm')?>: <select id="algorithm"></select></p>
65 <p><?php echo _('Keysize')?>:
66 <input id="keySize" type="number" />
67 <?php echo _('Minimum Size')?>: <span id="keySizeMin"></span>,
68 <?php echo _('Maximum Size')?>: <span id="keySizeMax"></span>,
69 <?php
70 // TRANSLATORS: this specifies the step between two valid key
71 // sizes. E.g. if the step is 512 and the minimum is 1024 and
72 // the maximum is 2048, then only 1024, 1536 and 2048 bits may
73 // be specified as key size.
74 echo _('Step')?>: <span id="keySizeStep"></span></p>
75 <p style="color:red"><?php
76 printf(_('Please note that RSA key sizes smaller than %d bit '.
77 'will not be accepted by CAcert.'),
78 2048)?>
79 </p>
80 </fieldset>
81
82 <p><input type="submit" id="GenReq" name="GenReq" value="<?php echo _('Create Certificate')?>" /></p>
83 <p id="generatingKeyNotice" style="display:none">
84 <?php echo _('Generating your key. Please wait')?>&hellip;</p>
85 </form>
86
87 <!-- Error messages used in the JavaScript. Defined here so they can be
88 translated without passing the JavaScript code through PHP -->
89 <p id="createRequestErrorChooseAlgorithm" style="display:none">
90 <?php echo _('Could not generate certificate request. Probably you need to '.
91 'choose a different algorithm.')?>
92 </p>
93 <p id="createRequestErrorConfirmDialogue" style="display:none">
94 <?php echo _('Could not generate certificate request. Please confirm the '.
95 'dialogue if you are asked if you want to generate the key.')?>
96 </p>
97 <p id="createRequestErrorConnectDevice" style="display:none">
98 <?php echo _('Could not generate certificate request. Please make sure the '.
99 'cryptography device (e.g. the smartcard) is connected.')?>
100 </p>
101 <p id="createRequestError" style="display:none">
102 <?php echo _('Could not generate certificate request.')?>
103 </p>
104 <p id="invalidKeySizeError" style="display:none">
105 <?php echo _('You have specified an invalid key size')?>
106 </p>
107 <p id="unsupportedPlatformError" style="display:none">
108 <?php echo _('Could not initialize the cryptographic module for your '.
109 'platform. Currently we support Microsoft Windows XP, Vista '.
110 'and 7. If you\'re using one of these platforms and see this '.
111 'error message anyway you might have to enable ActiveX as '.
112 'described in the red explanation text and accept loading of '.
113 'the module.')?>
114 </p>
115
116 <script type="text/javascript" src="keygenIE.js"></script>
117
118 <?php } else { ?>
119 <p>
120 <form method="post" action="account.php">
121 <input type="hidden" name="keytype" value="NS">
122 <?php echo _("Keysize:")?> <keygen name="SPKAC" challenge="<?php $_SESSION['spkac_hash']=make_hash(); echo $_SESSION['spkac_hash']; ?>">
123
124 <input type="submit" name="submit" value="<?php echo _("Generate key pair within browser")?>">
125 <input type="hidden" name="oldid" value="<?php echo intval($id)?>">
126 </form>
127 </p>
128 <?php }