bug 1017: Read the certificate before sending it
[cacert-devel.git] / pages / account / 6.php
1 <? /*
2 LibreSSL - CAcert web application
3 Copyright (C) 2004-2008 CAcert Inc.
4
5 This program is free software; you can redistribute it and/or modify
6 it under the terms of the GNU General Public License as published by
7 the Free Software Foundation; version 2 of the License.
8
9 This program is distributed in the hope that it will be useful,
10 but WITHOUT ANY WARRANTY; without even the implied warranty of
11 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
12 GNU General Public License for more details.
13
14 You should have received a copy of the GNU General Public License
15 along with this program; if not, write to the Free Software
16 Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
17 */
18
19 // Get certificate information
20 $certid = 0;
21 if(array_key_exists('cert',$_REQUEST)) {
22 $certid = intval($_REQUEST['cert']);
23 }
24
25 $query = "select * from `emailcerts`
26 where `id`='$certid'
27 and `memid`='".intval($_SESSION['profile']['id'])."'";
28 $res = mysql_query($query);
29 if(mysql_num_rows($res) <= 0) {
30 showheader(_("My CAcert.org Account!"));
31 echo _("No such certificate attached to your account.");
32 showfooter();
33 exit;
34 }
35 $row = mysql_fetch_assoc($res);
36
37
38 if (array_key_exists('format', $_REQUEST)) {
39 // Which output format?
40 if ($_REQUEST['format'] === 'der') {
41 $outform = '-outform DER';
42 $extension = 'cer';
43 } else {
44 $outform = '-outform PEM';
45 $extension = 'crt';
46 }
47
48 $crtname=escapeshellarg($row['crt_name']);
49 $cert = `/usr/bin/openssl x509 -in $crtname $outform`;
50
51 header("Content-Type: application/pkix-cert");
52 header("Content-Length: ".strlen($cert));
53
54 $fname = sanitizeFilename($row['CN']);
55 if ($fname=="") $fname="certificate";
56 header("Content-Disposition: attachment; filename=\"${fname}.${extension}\"");
57
58 echo $cert;
59 exit;
60
61 } elseif (array_key_exists('install', $_REQUEST)) {
62 if (array_key_exists('HTTP_USER_AGENT',$_SERVER) &&
63 strstr($_SERVER['HTTP_USER_AGENT'], "MSIE")) {
64
65 // Handle IE
66 //TODO
67
68 } else {
69 // All other browsers
70 $crtname=escapeshellarg($row['crt_name']);
71 $cert = `/usr/bin/openssl x509 -in $crtname -outform DER`;
72
73 header("Content-Type: application/x-x509-user-cert");
74 header("Content-Length: ".strlen($cert));
75
76 $fname = sanitizeFilename($row['CN']);
77 if ($fname=="") $fname="certificate";
78 header("Content-Disposition: inline; filename=\"${fname}.cer\"");
79
80 echo $cert;
81 exit;
82 }
83
84 } else {
85 showheader(_("My CAcert.org Account!"));
86 echo "<h3>"._("Install your certificate")."</h3>\n";
87
88 echo "<p><a href='account.php?id=$id&amp;cert=$certid&amp;install'>".
89 _("Install the certificate into your browser").
90 "</a></p>\n";
91
92 echo "<p><a href='account.php?id=$id&amp;cert=$certid&amp;format=pem'>".
93 _("Download the certificate in PEM format")."</a></p>\n";
94
95 echo "<p><a href='account.php?id=$id&amp;cert=$certid&amp;format=der'>".
96 _("Download the certificate in DER format")."</a></p>\n";
97
98 echo "<br /><br /><br />";
99
100 // Allow to directly copy and paste the cert in PEM format
101 $crtname=escapeshellarg($row['crt_name']);
102 $cert = `/usr/bin/openssl x509 -in $crtname -outform PEM`;
103 echo "<pre>$cert</pre>";
104
105 showfooter();
106 exit;
107 }
108
109
110 ?>
111 <!-- to be converted to JavaScript -->
112 <h3><?=_("Installing your certificate")?></h3>
113
114 <p><?=_("Hit the 'Install your Certificate' button below to install the certificate into MS IE 5.x and above.")?>
115 <OBJECT classid="clsid:127698e4-e730-4e5c-a2b1-21490a70c8a1" codebase="/xenroll.cab#Version=5,131,3659,0" id="cec">
116 <?=_("You must enable ActiveX for this to work.")?>
117 </OBJECT>
118 <FORM>
119 <INPUT TYPE=BUTTON NAME="CertInst" VALUE="<?=_("Install Your Certificate")?>">
120 </FORM>
121 </P>
122
123 <SCRIPT LANGUAGE=VBS>
124 Sub CertInst_OnClick
125 certchain = _
126 <?
127 $lines = explode("\n", $cert);
128 if(is_array($lines))
129 foreach($lines as $line)
130 {
131 $line = trim($line);
132 if($line != "-----END CERTIFICATE-----")
133 echo "\"$line\" & _\n";
134 else {
135 echo "\"$line\"\n";
136 break;
137 }
138 }
139 ?>
140
141 On Error Resume Next
142
143 Dim obj
144 Set obj=CreateObject("X509Enrollment.CX509Enrollment")
145 If IsObject(obj) Then
146 obj.Initialize(1)
147 obj.InstallResponse 0,certchain,0,""
148 if err.number<>0 then
149 msgbox err.Description
150 else
151 msgbox "<?=_("Certificate installed successfully. Please don't forget to backup now")?>"
152 end if
153 else
154
155 cec.DeleteRequestCert = FALSE
156 err.clear
157
158 cec.WriteCertToCSP = TRUE
159 cec.acceptPKCS7(certchain)
160 if err.number <> 0 Then
161 cec.WriteCertToCSP = FALSE
162 end if
163 err.clear
164 cec.acceptPKCS7(certchain)
165 if err.number <> 0 then
166 errorMsg = "<?=_("Certificate installation failed!")?>" & chr(13) & chr(10) & _
167 "(Error code " & err.number & ")"
168 msgRes = MsgBox(errorMsg, 0, "<?=_("Certificate Installation Error")?>")
169 else
170 okMsg = "<?=_("Personal Certificate Installed.")?>" & chr(13) & chr(10) & _
171 "See Tools->Internet Options->Content->Certificates"
172 msgRes = MsgBox(okMsg, 0, "<?=_("Certificate Installation Complete!")?>")
173 end if
174 End If
175 End Sub
176 </SCRIPT>