6168db99c503af0496a937720debb3b8da7c435e
[cacert-devel.git] / pages / account / 6.php
1 <? /*
2 LibreSSL - CAcert web application
3 Copyright (C) 2004-2008 CAcert Inc.
4
5 This program is free software; you can redistribute it and/or modify
6 it under the terms of the GNU General Public License as published by
7 the Free Software Foundation; version 2 of the License.
8
9 This program is distributed in the hope that it will be useful,
10 but WITHOUT ANY WARRANTY; without even the implied warranty of
11 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
12 GNU General Public License for more details.
13
14 You should have received a copy of the GNU General Public License
15 along with this program; if not, write to the Free Software
16 Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA
17 */
18
19 // Get certificate information
20 $certid = 0;
21 if(array_key_exists('cert',$_REQUEST)) {
22 $certid = intval($_REQUEST['cert']);
23 }
24
25 $query = "select * from `emailcerts`
26 where `id`='$certid'
27 and `memid`='".intval($_SESSION['profile']['id'])."'";
28 $res = mysql_query($query);
29 if(mysql_num_rows($res) <= 0) {
30 showheader(_("My CAcert.org Account!"));
31 echo _("No such certificate attached to your account.");
32 showfooter();
33 exit;
34 }
35 $row = mysql_fetch_assoc($res);
36
37
38 if (array_key_exists('format', $_REQUEST)) {
39 // Which output format?
40 if ($_REQUEST['format'] === 'der') {
41 $outform = '-outform DER';
42 $extension = 'cer';
43 } else {
44 $outform = '-outform PEM';
45 $extension = 'crt';
46 }
47
48 $crtname=escapeshellarg($row['crt_name']);
49 $cert = `/usr/bin/openssl x509 -in $crtname $outform`;
50
51 header("Content-Type: application/pkix-cert");
52 header("Content-Length: ".strlen($cert));
53
54 $fname = sanitizeFilename($row['CN']);
55 if ($fname=="") $fname="certificate";
56 header("Content-Disposition: attachment; filename=\"${fname}.${extension}\"");
57
58 echo $cert;
59 exit;
60
61 } elseif (array_key_exists('install', $_REQUEST)) {
62 if (array_key_exists('HTTP_USER_AGENT',$_SERVER) &&
63 strstr($_SERVER['HTTP_USER_AGENT'], "MSIE")) {
64
65 // Handle IE
66 //TODO
67
68 } else {
69 // All other browsers
70 $crtname=escapeshellarg($row['crt_name']);
71 $cert = `/usr/bin/openssl x509 -in $crtname -outform DER`;
72
73 header("Content-Type: application/x-x509-user-cert");
74 header("Content-Length: ".strlen($cert));
75
76 $fname = sanitizeFilename($row['CN']);
77 if ($fname=="") $fname="certificate";
78 header("Content-Disposition: inline; filename=\"${fname}.cer\"");
79
80 echo $cert;
81 exit;
82 }
83
84 } else {
85 showheader(_("My CAcert.org Account!"));
86 echo "<h3>"._("Install your certificate")."</h3>\n";
87
88 echo "<p><a href='account.php?id=$id&amp;cert=$certid&amp;install'>".
89 _("Install the certificate into your browser").
90 "</a></p>\n";
91
92 echo "<p><a href='account.php?id=$id&amp;cert=$certid&amp;format=pem'>".
93 _("Download the certificate in PEM format")."</a></p>\n";
94
95 echo "<p><a href='account.php?id=$id&amp;cert=$certid&amp;format=der'>".
96 _("Download the certificate in DER format")."</a></p>\n";
97
98 echo "<br /><br /><br />";
99 echo "<pre>$cert</pre>";
100
101 showfooter();
102 exit;
103 }
104
105
106 ?>
107 <!-- to be converted to JavaScript -->
108 <h3><?=_("Installing your certificate")?></h3>
109
110 <p><?=_("Hit the 'Install your Certificate' button below to install the certificate into MS IE 5.x and above.")?>
111 <OBJECT classid="clsid:127698e4-e730-4e5c-a2b1-21490a70c8a1" codebase="/xenroll.cab#Version=5,131,3659,0" id="cec">
112 <?=_("You must enable ActiveX for this to work.")?>
113 </OBJECT>
114 <FORM>
115 <INPUT TYPE=BUTTON NAME="CertInst" VALUE="<?=_("Install Your Certificate")?>">
116 </FORM>
117 </P>
118
119 <SCRIPT LANGUAGE=VBS>
120 Sub CertInst_OnClick
121 certchain = _
122 <?
123 $lines = explode("\n", $cert);
124 if(is_array($lines))
125 foreach($lines as $line)
126 {
127 $line = trim($line);
128 if($line != "-----END CERTIFICATE-----")
129 echo "\"$line\" & _\n";
130 else {
131 echo "\"$line\"\n";
132 break;
133 }
134 }
135 ?>
136
137 On Error Resume Next
138
139 Dim obj
140 Set obj=CreateObject("X509Enrollment.CX509Enrollment")
141 If IsObject(obj) Then
142 obj.Initialize(1)
143 obj.InstallResponse 0,certchain,0,""
144 if err.number<>0 then
145 msgbox err.Description
146 else
147 msgbox "<?=_("Certificate installed successfully. Please don't forget to backup now")?>"
148 end if
149 else
150
151 cec.DeleteRequestCert = FALSE
152 err.clear
153
154 cec.WriteCertToCSP = TRUE
155 cec.acceptPKCS7(certchain)
156 if err.number <> 0 Then
157 cec.WriteCertToCSP = FALSE
158 end if
159 err.clear
160 cec.acceptPKCS7(certchain)
161 if err.number <> 0 then
162 errorMsg = "<?=_("Certificate installation failed!")?>" & chr(13) & chr(10) & _
163 "(Error code " & err.number & ")"
164 msgRes = MsgBox(errorMsg, 0, "<?=_("Certificate Installation Error")?>")
165 else
166 okMsg = "<?=_("Personal Certificate Installed.")?>" & chr(13) & chr(10) & _
167 "See Tools->Internet Options->Content->Certificates"
168 msgRes = MsgBox(okMsg, 0, "<?=_("Certificate Installation Complete!")?>")
169 end if
170 End If
171 End Sub
172 </SCRIPT>