Skip to content

O
OpnSense
Commit 3cb09b78 authored by Ad Schellevis's avatar Ad Schellevis
Browse files
Options

(legacy) refactor system_camanager.php

parent da8a2bed
Show whitespace changes
Inline Side-by-side
Showing with 676 additions and 738 deletions
src/www/system_camanager.php
View file @ 3cb09b78
......@@ -34,35 +34,40 @@ function ca_import(& $ca, $str, $key="", $serial=0) {
global $config;
$ca['crt'] = base64_encode($str);
if (!empty($key))
if (!empty($key)) {
$ca['prv'] = base64_encode($key);
if (!empty($serial))
}
if (!empty($serial)) {
$ca['serial'] = $serial;
}
$subject = cert_get_subject($str, false);
$issuer = cert_get_issuer($str, false);
// Find my issuer unless self-signed
if($issuer <> $subject) {
$issuer_crt =& lookup_ca_by_subject($issuer);
if($issuer_crt)
if($issuer_crt) {
$ca['caref'] = $issuer_crt['refid'];
}
}
/* Correct if child certificate was loaded first */
if (is_array($config['ca']))
foreach ($config['ca'] as & $oca)
{
if (is_array($config['ca'])) {
foreach ($config['ca'] as & $oca) {
$issuer = cert_get_issuer($oca['crt']);
if($ca['refid']<>$oca['refid'] && $issuer==$subject)
if($ca['refid']<>$oca['refid'] && $issuer==$subject) {
$oca['caref'] = $ca['refid'];
}
if (is_array($config['cert']))
foreach ($config['cert'] as & $cert)
{
}
}
if (is_array($config['cert'])) {
foreach ($config['cert'] as & $cert) {
$issuer = cert_get_issuer($cert['crt']);
if($issuer==$subject)
if($issuer==$subject) {
$cert['caref'] = $ca['refid'];
}
}
}
return true;
}
......@@ -122,76 +127,50 @@ function ca_inter_create(&$ca, $keylen, $lifetime, $dn, $caref, $digest_alg = 's
return true;
}
$ca_methods = array(
"existing" => gettext("Import an existing Certificate Authority"),
"internal" => gettext("Create an internal Certificate Authority"),
"intermediate" => gettext("Create an intermediate Certificate Authority"));
$ca_keylens = array( "512", "1024", "2048", "4096");
$openssl_digest_algs = array("sha1", "sha224", "sha256", "sha384", "sha512");
if (isset($_GET['id']) && is_numericint($_GET['id'])) {
$id = $_GET['id'];
}
if (isset($_POST['id']) && is_numericint($_POST['id'])) {
$id = $_POST['id'];
}
if (!isset($config['ca']) || !is_array($config['ca'])) {
$config['ca'] = array();
}
$a_ca =& $config['ca'];
if (!is_array($config['cert'])) {
$config['cert'] = array();
}
$a_cert =& $config['cert'];
if (!isset($config['crl']) || !is_array($config['crl'])) {
$config['crl'] = array();
}
$a_crl =& $config['crl'];
$act=null;
if (isset($_GET['act'])) {
$act = $_GET['act'];
} elseif (isset($_POST['act'])) {
$act = $_POST['act'];
if (!isset($config['ca']) || !is_array($config['ca'])) {
$config['ca'] = array();
}
if ($act == "del") {
if (!isset($a_ca[$id])) {
header("Location: system_camanager.php");
exit;
}
$a_ca =& $config['ca'];
$index = count($a_cert) - 1;
for (; $index >=0; $index--) {
if (isset($a_cert[$index]['caref']) && isset($a_ca[$id]['refid']) && $a_cert[$index]['caref'] == $a_ca[$id]['refid']) {
unset($a_cert[$index]);
}
if ($_SERVER['REQUEST_METHOD'] === 'GET') {
if (isset($a_ca[$_GET['id']])) {
$id = $_GET['id'];
}
$index = count($a_crl) - 1;
for (; $index >=0; $index--) {
if ($a_crl[$index]['caref'] == $a_ca[$id]['refid']) {
unset($a_crl[$index]);
}
if (isset($_GET['act'])) {
$act = $_GET['act'];
} else {
$act = null;
}
$name = $a_ca[$id]['descr'];
unset($a_ca[$id]);
write_config();
$savemsg = sprintf(gettext("Certificate Authority %s and its CRLs (if any) successfully deleted"), $name) . "<br />";
header("Location: system_camanager.php");
exit;
}
// set defaults
$pconfig = array();
$pconfig['camethod'] = null ;
$pconfig['descr'] = null;
$pconfig['serial'] = null;
$pconfig['lifetime'] = null;
$pconfig['dn_country'] = null;
$pconfig['dn_state'] = null;
$pconfig['dn_city'] = null;
$pconfig['dn_organization'] = null;
$pconfig['dn_email'] = null;
$pconfig['dn_commonname'] = null;
if ($act == "edit") {
if (!isset($a_ca[$id])) {
if ($act == "edit") {
if (!isset($id)) {
header("Location: system_camanager.php");
exit;
}
......@@ -202,22 +181,17 @@ if ($act == "edit") {
if (!empty($a_ca[$id]['prv'])) {
$pconfig['key'] = base64_decode($a_ca[$id]['prv']);
}
}
if ($act == "new") {
} elseif ($act == "new") {
if (isset($_GET['method'])) {
$pconfig['method'] = $_GET['method'];
} else {
$pconfig['method'] = null ;
$pconfig['camethod'] = $_GET['method'];
}
$pconfig['refid'] = null;
$pconfig['keylen'] = "2048";
$pconfig['digest_alg'] = "sha256";
$pconfig['lifetime'] = "365";
$pconfig['dn_commonname'] = "internal-ca";
}
if ($act == "exp") {
if (!$a_ca[$id]) {
} elseif ($act == "exp") {
if (!isset($id)) {
header("Location: system_camanager.php");
exit;
}
......@@ -231,10 +205,8 @@ if ($act == "exp") {
header("Content-Length: $exp_size");
echo $exp_data;
exit;
}
if ($act == "expkey") {
if (!$a_ca[$id]) {
} elseif ($act == "expkey") {
if (!isset($id)) {
header("Location: system_camanager.php");
exit;
}
......@@ -248,27 +220,59 @@ if ($act == "expkey") {
header("Content-Length: $exp_size");
echo $exp_data;
exit;
}
}
} elseif ($_SERVER['REQUEST_METHOD'] === 'POST') {
if (isset($a_ca[$_POST['id']])) {
$id = $_POST['id'];
}
if (isset($_POST['act'])) {
$act = $_POST['act'];
} else {
$act = null;
}
if ($act == "del") {
if (!isset($id)) {
header("Location: system_camanager.php");
exit;
}
$a_cert =& $config['cert'];
$index = count($a_cert) - 1;
for (; $index >=0; $index--) {
if (isset($a_cert[$index]['caref']) && isset($a_ca[$id]['refid']) && $a_cert[$index]['caref'] == $a_ca[$id]['refid']) {
unset($a_cert[$index]);
}
}
if ($_POST) {
unset($input_errors);
$a_crl =& $config['crl'];
$index = count($a_crl) - 1;
for (; $index >=0; $index--) {
if ($a_crl[$index]['caref'] == $a_ca[$id]['refid']) {
unset($a_crl[$index]);
}
}
unset($a_ca[$id]);
write_config();
header("Location: system_camanager.php");
exit;
} else {
$input_errors = array();
$pconfig = $_POST;
/* input validation */
if ($pconfig['method'] == "existing") {
if ($pconfig['camethod'] == "existing") {
$reqdfields = explode(" ", "descr cert");
$reqdfieldsn = array(
gettext("Descriptive name"),
gettext("Certificate data"));
if ($_POST['cert'] && (!strstr($_POST['cert'], "BEGIN CERTIFICATE") || !strstr($_POST['cert'], "END CERTIFICATE"))) {
if (!empty($pconfig['cert']) && (!strstr($pconfig['cert'], "BEGIN CERTIFICATE") || !strstr($pconfig['cert'], "END CERTIFICATE"))) {
$input_errors[] = gettext("This certificate does not appear to be valid.");
}
if ($_POST['key'] && strstr($_POST['key'], "ENCRYPTED")) {
if (!empty($pconfig['key']) && strstr($pconfig['key'], "ENCRYPTED")) {
$input_errors[] = gettext("Encrypted private keys are not yet supported.");
}
}
if ($pconfig['method'] == "internal") {
} elseif ($pconfig['camethod'] == "internal") {
$reqdfields = explode(
" ",
"descr keylen lifetime dn_country dn_state dn_city ".
......@@ -284,8 +288,7 @@ if ($_POST) {
gettext("Distinguished name Organization"),
gettext("Distinguished name Email Address"),
gettext("Distinguished name Common Name"));
}
if ($pconfig['method'] == "intermediate") {
} elseif ($pconfig['camethod'] == "intermediate") {
$reqdfields = explode(
" ",
"descr caref keylen lifetime dn_country dn_state dn_city ".
......@@ -304,41 +307,38 @@ if ($_POST) {
gettext("Distinguished name Common Name"));
}
do_input_validation($_POST, $reqdfields, $reqdfieldsn, $input_errors);
if ($pconfig['method'] != "existing") {
do_input_validation($pconfig, $reqdfields, $reqdfieldsn, $input_errors);
if ($pconfig['camethod'] != "existing") {
/* Make sure we do not have invalid characters in the fields for the certificate */
for ($i = 0; $i < count($reqdfields); $i++) {
if ($reqdfields[$i] == 'dn_email') {
if (preg_match("/[\!\#\$\%\^\(\)\~\?\>\<\&\/\\\,\"\']/", $_POST["dn_email"])) {
if (preg_match("/[\!\#\$\%\^\(\)\~\?\>\<\&\/\\\,\"\']/", $pconfig["dn_email"])) {
$input_errors[] = gettext("The field 'Distinguished name Email Address' contains invalid characters.");
}
} elseif ($reqdfields[$i] == 'dn_commonname') {
if (preg_match("/[\!\@\#\$\%\^\(\)\~\?\>\<\&\/\\\,\"\']/", $_POST["dn_commonname"])) {
if (preg_match("/[\!\@\#\$\%\^\(\)\~\?\>\<\&\/\\\,\"\']/", $pconfig["dn_commonname"])) {
$input_errors[] = gettext("The field 'Distinguished name Common Name' contains invalid characters.");
}
} elseif (($reqdfields[$i] != "descr") && preg_match("/[\!\@\#\$\%\^\(\)\~\?\>\<\&\/\\\,\.\"\']/", $_POST["$reqdfields[$i]"])) {
} elseif (($reqdfields[$i] != "descr") && preg_match("/[\!\@\#\$\%\^\(\)\~\?\>\<\&\/\\\,\.\"\']/", $pconfig["$reqdfields[$i]"])) {
$input_errors[] = sprintf(gettext("The field '%s' contains invalid characters."), $reqdfieldsn[$i]);
}
}
if (!in_array($_POST["keylen"], $ca_keylens)) {
if (!in_array($pconfig["keylen"], $ca_keylens)) {
$input_errors[] = gettext("Please select a valid Key Length.");
}
if (!in_array($_POST["digest_alg"], $openssl_digest_algs)) {
if (!in_array($pconfig["digest_alg"], $openssl_digest_algs)) {
$input_errors[] = gettext("Please select a valid Digest Algorithm.");
}
}
/* save modifications */
if (!$input_errors) {
if (count($input_errors) == 0) {
$ca = array();
if (!isset($pconfig['refid']) || empty($pconfig['refid'])) {
$ca['refid'] = uniqid();
} else {
$ca['refid'] = $pconfig['refid'];
}
if (isset($id) && $a_ca[$id]) {
if (isset($id)) {
$ca = $a_ca[$id];
} else {
$ca['refid'] = uniqid();
}
if (isset($pconfig['descr'])) {
......@@ -347,19 +347,21 @@ if ($_POST) {
$ca['descr'] = null;
}
if (isset($_POST['edit']) && $_POST['edit'] == "edit") {
$ca['descr'] = $pconfig['descr'];
$ca['refid'] = $pconfig['refid'];
if (!empty($pconfig['serial'])) {
$ca['serial'] = $pconfig['serial'];
}
if (isset($id)) {
// edit existing
$ca['crt'] = base64_encode($pconfig['cert']);
if (!empty($pconfig['key'])) {
$ca['prv'] = base64_encode($pconfig['key']);
}
} else {
$old_err_level = error_reporting(0); /* otherwise openssl_ functions throw warings directly to a page screwing menu tab */
if ($pconfig['method'] == "existing") {
$old_err_level = error_reporting(0); /* otherwise openssl_ functions throw warnings directly to a page screwing menu tab */
if ($pconfig['camethod'] == "existing") {
ca_import($ca, $pconfig['cert'], $pconfig['key'], $pconfig['serial']);
} elseif ($pconfig['method'] == "internal") {
} elseif ($pconfig['camethod'] == "internal") {
$dn = array(
'countryName' => $pconfig['dn_country'],
'stateOrProvinceName' => $pconfig['dn_state'],
......@@ -373,7 +375,7 @@ if ($_POST) {
$input_errors[] = gettext("openssl library returns:") . " " . $ssl_err;
}
}
} elseif ($pconfig['method'] == "intermediate") {
} elseif ($pconfig['camethod'] == "intermediate") {
$dn = array(
'countryName' => $pconfig['dn_country'],
'stateOrProvinceName' => $pconfig['dn_state'],
......@@ -397,14 +399,16 @@ if ($_POST) {
$a_ca[] = $ca;
}
if (!$input_errors) {
if (count($input_errors) == 0) {
write_config();
unset($input_errors);
header("Location: system_camanager.php");
}
}
// header("Location: system_camanager.php");
}
}
legacy_html_escape_form_data($pconfig);
include("head.inc");
$main_buttons = array(
......@@ -415,345 +419,305 @@ $main_buttons = array(
?>
<body>
<?php include("fbegin.inc"); ?>
<script type="text/javascript">
//<![CDATA[
function method_change() {
method = document.iform.method.selectedIndex;
switch (method) {
case 0:
document.getElementById("existing").style.display="";
document.getElementById("internal").style.display="none";
document.getElementById("intermediate").style.display="none";
break;
case 1:
document.getElementById("existing").style.display="none";
document.getElementById("internal").style.display="";
document.getElementById("intermediate").style.display="none";
break;
case 2:
document.getElementById("existing").style.display="none";
document.getElementById("internal").style.display="";
document.getElementById("intermediate").style.display="";
break;
<script type="text/javascript">
$( document ).ready(function() {
// delete entry
$(".act_delete").click(function(event){
event.preventDefault();
var id = $(this).data('id');
BootstrapDialog.show({
type:BootstrapDialog.TYPE_INFO,
title: "<?= gettext("Authorities");?>",
message: "<?=gettext("Do you really want to delete this Certificate Authority and its CRLs, and unreference any associated certificates?");?>",
buttons: [{
label: "<?=gettext("No");?>",
action: function(dialogRef) {
dialogRef.close();
}}, {
label: "<?=gettext("Yes");?>",
action: function(dialogRef) {
$("#id").val(id);
$("#action").val("del");
$("#iform").submit()
}
}]
});
});
$("#camethod").change(function(){
$("#existing").addClass("hidden");
$("#internal").addClass("hidden");
$("#intermediate").addClass("hidden");
if ($(this).val() == "existing") {
$("#existing").removeClass("hidden");
} else if ($(this).val() == "internal") {
$("#internal").removeClass("hidden");
} else {
$("#internal").removeClass("hidden");
$("#intermediate").removeClass("hidden");
}
}
//]]>
</script>
});
$("#camethod").change();
});
</script>
<!-- row -->
<?php include("fbegin.inc"); ?>
<section class="page-content-main">
<div class="container-fluid">
<div class="row">
<?php
<?php
if (isset($input_errors) && count($input_errors) > 0) {
print_input_errors($input_errors);
}
if (isset($savemsg)) {
print_info_box($savemsg);
}
?>
<section class="col-xs-12">
<div class="content-box tab-content table-responsive" style="overflow: auto;">
<?php if ($act == "new" || $act == "edit" || $act == gettext("Save") || isset($input_errors)) :
?>
<section class="col-xs-12">
<div class="content-box tab-content table-responsive">
<form action="system_camanager.php" method="post" name="iform" id="iform" class="table table-striped">
<?php if ($act == "edit") :
<?php if ($act == "new" || $act == "edit") :
?>
<input type="hidden" name="edit" value="edit" id="edit" />
<input type="hidden" name="id" value="<?php echo htmlspecialchars($id); ?>" id="id" />
<input type="hidden" name="refid" value="<?php echo $pconfig['refid']; ?>" id="refid" />
<?php
endif; ?>
<table width="100%" border="0" cellpadding="6" cellspacing="0" summary="main area" class="table table-striped">
<form action="system_camanager.php" method="post" name="iform" id="iform">
<input type="hidden" name="id" id="id" value="<?=isset($id) ? $id :"";?>"/>
<input type="hidden" name="act" id="action" value="<?=$act;?>"/>
<table class="table table-striped">
<tr>
<td width="22%" valign="top" class="vncellreq"><?=gettext("Descriptive name");?></td>
<td width="78%" class="vtable">
<input name="descr" type="text" class="formfld unknown" id="descr" size="20" value="<?php if (isset($pconfig['descr'])) echo htmlspecialchars($pconfig['descr']);?>"/>
<td width="22%"><?=gettext("Descriptive name");?></td>
<td width="78%">
<input name="descr" type="text" id="descr" size="20" value="<?=$pconfig['descr'];?>"/>
</td>
</tr>
<?php if (!isset($id) || $act == "edit") :
?>
<tr>
<td width="22%" valign="top" class="vncellreq"><?=gettext("Method");?></td>
<td width="78%" class="vtable">
<select name='method' id='method' class="selectpicker" data-style="btn-default" onchange='method_change()'>
<?php
foreach ($ca_methods as $method => $desc) :
$selected = "";
if (isset($pconfig['method']) && $pconfig['method'] == $method) {
$selected = " selected=\"selected\"";
}
?>
<option value="<?=$method;
?>"<?=$selected;
?>><?=$desc;?></option>
<?php
endforeach; ?>
<tr class="<?=isset($id) ? "hidden" : "";?>">
<td><i class="fa fa-info-circle text-muted"></i> <?=gettext("Method");?></td>
<td>
<select name='camethod' id='camethod' class="selectpicker" data-style="btn-default">
<option value="existing" <?=$pconfig['camethod'] == "existing" ? "selected=\"selected\"" : "";?>>
<?=gettext("Import an existing Certificate Authority");?>
</option>
<option value="internal" <?=$pconfig['camethod'] == "internal" ? "selected=\"selected\"" : "";?>>
<?=gettext("Create an internal Certificate Authority");?>
</option>
<option value="intermediate" <?=$pconfig['camethod'] == "intermediate" ? "selected=\"selected\"" : "";?>>
<?=gettext("Create an intermediate Certificate Authority");?>
</option>
</select>
</td>
</tr>
<?php
endif; ?>
</table>
<table width="100%" border="0" cellpadding="6" cellspacing="0" id="existing" summary="existing" class="table table-striped">
<!-- existing ca -->
<table id="existing" class="table table-striped">
<thead>
<tr>
<th colspan="2" valign="top" class="listtopic"><?=gettext("Existing Certificate Authority");?></th>
<th colspan="2"><?=gettext("Existing Certificate Authority");?></th>
</tr>
</thead>
<tbody>
<tr>
<td width="22%" valign="top" class="vncellreq"><?=gettext("Certificate data");?></td>
<td width="78%" class="vtable">
<textarea name="cert" id="cert" cols="65" rows="7" class="formfld_cert"><?php if (isset($pconfig['cert'])) echo htmlspecialchars($pconfig['cert']);?></textarea>
<br />
<td width="22%"><a id="help_for_cert" href="#" class="showhelp"><i class="fa fa-info-circle"></i></a> <?=gettext("Certificate data");?></td>
<td width="78%">
<textarea name="cert" cols="65" rows="7" id="cert"><?=isset($pconfig['cert']) ? $pconfig['cert'] : "";?></textarea>
<div class="hidden" for="help_for_cert">
<?=gettext("Paste a certificate in X.509 PEM format here.");?>
</div>
</td>
</tr>
<tr>
<td width="22%" valign="top" class="vncellreq"><?=gettext("Certificate Private Key");
?><br /><?=gettext("(optional)");?></td>
<td width="78%" class="vtable">
<textarea name="key" id="key" cols="65" rows="7" class="formfld_cert"><?php if (isset($pconfig['key'])) echo htmlspecialchars($pconfig['key']);?></textarea>
<br />
<td>
<a id="help_for_key" href="#" class="showhelp"><i class="fa fa-info-circle"></i></a> <?=gettext("Certificate Private Key");?><br />
<?=gettext("(optional)");?>
</td>
<td width="78%">
<textarea name="key" id="key" cols="65" rows="7"><?= isset($pconfig['key']) ? $pconfig['key'] : "";?></textarea>
<div class="hidden" for="help_for_key">
<?=gettext("Paste the private key for the above certificate here. This is optional in most cases, but required if you need to generate a Certificate Revocation List (CRL).");?>
</div>
</td>
</tr>
<?php if (!isset($id) || $act == "edit") :
?>
<tr>
<td width="22%" valign="top" class="vncellreq"><?=gettext("Serial for next certificate");?></td>
<td width="78%" class="vtable">
<input name="serial" type="text" class="formfld unknown" id="serial" size="20" value="<?php if(isset($pconfig['serial'])) echo htmlspecialchars($pconfig['serial']);?>"/>
<br /><?=gettext("Enter a decimal number to be used as the serial number for the next certificate to be created using this CA.");?>
<td><a id="help_for_serial" href="#" class="showhelp"><i class="fa fa-info-circle"></i></a> <?=gettext("Serial for next certificate");?></td>
<td>
<input name="serial" type="text" id="serial" size="20" value="<?=$pconfig['serial'];?>"/>
<div class="hidden" for="help_for_serial">
<?=gettext("Enter a decimal number to be used as the serial number for the next certificate to be created using this CA.");?>
</div>
</td>
</tr>
<?php
endif; ?>
</tbody>
</table>
<table width="100%" border="0" cellpadding="6" cellspacing="0" id="internal" summary="internal" class="table table-striped">
<!-- internal ca -->
<table id="internal" class="table table-striped">
<thead>
<tr>
<th colspan="2" valign="top" class="listtopic"><?=gettext("Internal Certificate Authority");?></th>
<th colspan="2"><?=gettext("Internal Certificate Authority");?></th>
</tr>
</thead>
<tbody>
<tr id='intermediate'>
<td width="22%" valign="top" class="vncellreq"><?=gettext("Signing Certificate Authority");?></td>
<td width="78%" class="vtable">
<td width="22%"> <i class="fa fa-info-circle text-muted"></i> <?=gettext("Signing Certificate Authority");?></td>
<td width="78%">
<select name='caref' id='caref' class="selectpicker" onchange='internalca_change()'>
<?php
<?php
foreach ($a_ca as $ca) :
if (!$ca['prv']) {
continue;
}
$selected = "";
if (isset($pconfig['caref']) && isset($ca['refid']) && $pconfig['caref'] == $ca['refid']) {
$selected = " selected=\"selected\"";
}
?>
<option value="<?=$ca['refid'];
?>"<?=$selected;
?>><?=htmlspecialchars($ca['descr']);?></option>
<?php
}?>
<option value="<?=$ca['refid'];?>"<?=isset($pconfig['caref']) && isset($ca['refid']) && $pconfig['caref'] == $ca['refid'] ? " selected=\"selected\"" :"" ;?>><?=htmlspecialchars($ca['descr']);?></option>
<?php
endforeach; ?>
</select>
</td>
</tr>
<tr>
<td width="22%" valign="top" class="vncellreq"><?=gettext("Key length");?></td>
<td width="78%" class="vtable">
<td><i class="fa fa-info-circle text-muted"></i> <?=gettext("Key length");?> (<?=gettext("bits");?>)</td>
<td width="78%">
<select name='keylen' id='keylen' class="selectpicker">
<?php
foreach ($ca_keylens as $len) :
$selected = "";
if (isset($pconfig['keylen']) && $pconfig['keylen'] == $len) {
$selected = " selected=\"selected\"";
}
?>
<option value="<?=$len;
?>"<?=$selected;
?>><?=$len;?></option>
<?php
<?php
foreach ($ca_keylens as $len) :?>
<option value="<?=$len;?>" <?=isset($pconfig['keylen']) && $pconfig['keylen'] == $len ? "selected=\"selected\"" : "";?>><?=$len;?></option>
<?php
endforeach; ?>
</select>
<?=gettext("bits");?>
</td>
</tr>
<tr>
<td width="22%" valign="top" class="vncellreq"><?=gettext("Digest Algorithm");?></td>
<td width="78%" class="vtable">
<td><a id="help_for_digest_alg" href="#" class="showhelp"><i class="fa fa-info-circle"></i></a> <?=gettext("Digest Algorithm");?></td>
<td>
<select name='digest_alg' id='digest_alg' class="selectpicker">
<?php
foreach ($openssl_digest_algs as $digest_alg) :
$selected = "";
if (isset($pconfig['digest_alg']) && $pconfig['digest_alg'] == $digest_alg) {
$selected = " selected=\"selected\"";
}
?>
<option value="<?=$digest_alg;
?>"<?=$selected;
?>><?=strtoupper($digest_alg);?></option>
<?php
<?php
foreach ($openssl_digest_algs as $digest_alg) :?>
<option value="<?=$digest_alg;?>" <?=isset($pconfig['digest_alg']) && $pconfig['digest_alg'] == $digest_alg ? "selected=\"selected\"" : "";?>><?=strtoupper($digest_alg);?></option>
<?php
endforeach; ?>
</select>
<br /><?= gettext("NOTE: It is recommended to use an algorithm stronger than SHA1 when possible.") ?>
<div class="hidden" for="help_for_digest_alg">
<?= gettext("NOTE: It is recommended to use an algorithm stronger than SHA1 when possible.") ?>
</div>
</td>
</tr>
<tr>
<td width="22%" valign="top" class="vncellreq"><?=gettext("Lifetime");?></td>
<td width="78%" class="vtable">
<input name="lifetime" type="text" class="formfld unknown" id="lifetime" size="5" value="<?php if (isset($pconfig['lifetime'])) echo htmlspecialchars($pconfig['lifetime']);?>"/>
<?=gettext("days");?>
<td><i class="fa fa-info-circle text-muted"></i> <?=gettext("Lifetime");?> (<?=gettext("days");?>)</td>
<td>
<input name="lifetime" type="text" id="lifetime" value="<?=$pconfig['lifetime'];?>"/>
</td>
</tr>
<tr>
<td width="22%" valign="top" class="vncellreq"><?=gettext("Distinguished name");?></td>
<td width="78%" class="vtable">
<table border="0" cellspacing="0" cellpadding="2" summary="name">
<th colspan="2"><?=gettext("Distinguished name");?></th>
</tr>
<tr>
<td align="right"><?=gettext("Country Code");?> : &nbsp;</td>
<td align="left">
<select name='dn_country' class="selectpicker">
<?php
$dn_cc = get_country_codes();
foreach ($dn_cc as $cc => $cn) {
$selected = '';
if (isset($pconfig['dn_country']) && $pconfig['dn_country'] == $cc) {
$selected = ' selected="selected"';
}
print "<option value=\"$cc\"$selected>$cc ($cn)</option>";
}
?>
<td><i class="fa fa-info-circle text-muted"></i> <?=gettext("Country Code");?> : &nbsp;</td>
<td>
<select name="dn_country" class="selectpicker">
<?php
foreach (get_country_codes() as $cc => $cn):?>
<option value="<?=$cc;?>" <?=$pconfig['dn_country'] == $cc ? "selected=\"selected\"" : "";?>>
<?=$cc;?> (<?=$cn;?>)
</option>
<?php
endforeach;?>
</select>
</td>
</tr>
<tr>
<td align="right"><?=gettext("State or Province");?> : &nbsp;</td>
<td align="left">
<input name="dn_state" type="text" class="formfld unknown" size="40" value="<?php if (isset($pconfig['dn_state'])) echo htmlspecialchars($pconfig['dn_state']);?>"/>
&nbsp;
<td><a id="help_for_digest_dn_state" href="#" class="showhelp"><i class="fa fa-info-circle"></i></a> <?=gettext("State or Province");?> : &nbsp;</td>
<td>
<input name="dn_state" type="text" size="40" value="<?=$pconfig['dn_state'];?>"/>
<div class="hidden" for="help_for_digest_dn_state">
<em><?=gettext("ex:");?></em>
&nbsp;
<?=gettext("Sachsen");?>
</div>
</td>
</tr>
<tr>
<td align="right"><?=gettext("City");?> : &nbsp;</td>
<td align="left">
<input name="dn_city" type="text" class="formfld unknown" size="40" value="<?php if (isset($pconfig['dn_city'])) echo htmlspecialchars($pconfig['dn_city']);?>"/>
&nbsp;
<td><a id="help_for_digest_dn_city" href="#" class="showhelp"><i class="fa fa-info-circle"></i></a> <?=gettext("City");?> : &nbsp;</td>
<td>
<input name="dn_city" type="text" size="40" value="<?=$pconfig['dn_city'];?>"/>
<div class="hidden" for="help_for_digest_dn_city">
<em><?=gettext("ex:");?></em>
&nbsp;
<?=gettext("Leipzig");?>
</div>
</td>
</tr>
<tr>
<td align="right"><?=gettext("Organization");?> : &nbsp;</td>
<td align="left">
<input name="dn_organization" type="text" class="formfld unknown" size="40" value="<?php if (isset($pconfig['dn_organization'])) echo htmlspecialchars($pconfig['dn_organization']);?>"/>
&nbsp;
<td><a id="help_for_digest_dn_organization" href="#" class="showhelp"><i class="fa fa-info-circle"></i></a> <?=gettext("Organization");?> : &nbsp;</td>
<td>
<input name="dn_organization" type="text" size="40" value="<?=$pconfig['dn_organization'];?>"/>
<div class="hidden" for="help_for_digest_dn_organization">
<em><?=gettext("ex:");?></em>
&nbsp;
<?=gettext("My Company Inc");?>
</div>
</td>
</tr>
<tr>
<td align="right"><?=gettext("Email Address");?> : &nbsp;</td>
<td align="left">
<input name="dn_email" type="text" class="formfld unknown" size="25" value="<?php if (isset($pconfig['dn_email'])) echo htmlspecialchars($pconfig['dn_email']);?>"/>
&nbsp;
<td><a id="help_for_digest_dn_email" href="#" class="showhelp"><i class="fa fa-info-circle"></i></a> <?=gettext("Email Address");?> : &nbsp;</td>
<td>
<input name="dn_email" type="text" size="25" value="<?=$pconfig['dn_email'];?>"/>
<div class="hidden" for="help_for_digest_dn_email">
<em><?=gettext("ex:");?></em>
&nbsp;
<?=gettext("admin@mycompany.com");?>
</div>
</td>
</tr>
<tr>
<td align="right"><?=gettext("Common Name");?> : &nbsp;</td>
<td align="left">
<input name="dn_commonname" type="text" class="formfld unknown" size="25" value="<?php if (isset($pconfig['dn_commonname'])) echo htmlspecialchars($pconfig['dn_commonname']);?>"/>
&nbsp;
<td><a id="help_for_digest_dn_commonname" href="#" class="showhelp"><i class="fa fa-info-circle"></i></a> <?=gettext("Common Name");?> : &nbsp;</td>
<td>
<input name="dn_commonname" type="text" size="25" value="<?=$pconfig['dn_commonname'];?>"/>
<div class="hidden" for="help_for_digest_dn_commonname">
<em><?=gettext("ex:");?></em>
&nbsp;
<?=gettext("internal-ca");?>
</div>
</td>
</tr>
</table>
</td>
</tr>
</tbody>
</table>
<table width="100%" border="0" cellpadding="6" cellspacing="0" summary="save" class="table">
<table class="table">
<tr>
<td width="22%" valign="top">&nbsp;</td>
<td width="22%">&nbsp;</td>
<td width="78%">
<input id="submit" name="save" type="submit" class="btn btn-primary" value="<?=gettext("Save"); ?>" />
<?php if (isset($id) && $a_ca[$id]) :
?>
<input name="id" type="hidden" value="<?=htmlspecialchars($id);?>" />
<?php
endif;?>
</td>
</tr>
</table>
</form>
<?php
else :
?>
<?php
else :?>
<form action="system_camanager.php" method="post" name="iform" id="iform">
<input type="hidden" name="id" id="id" value="<?=isset($id) ? $id :"";?>"/>
<input type="hidden" name="act" id="action" value="<?=$act;?>"/>
</form>
<table width="100%" border="0" cellpadding="0" cellspacing="0" summary="" class="table table-striped">
<thead>
<tr>
<th width="18%" class="listhdrr"><?=gettext("Name");?></th>
<th width="10%" class="listhdrr"><?=gettext("Internal");?></th>
<th width="10%" class="listhdrr"><?=gettext("Issuer");?></th>
<th width="10%" class="listhdrr"><?=gettext("Certificates");?></th>
<th width="40%" class="listhdrr"><?=gettext("Distinguished Name");?></th>
<th width="12%" class="list"></th>
<th><?=gettext("Name");?></th>
<th><?=gettext("Internal");?></th>
<th><?=gettext("Issuer");?></th>
<th><?=gettext("Certificates");?></th>
<th><?=gettext("Distinguished Name");?></th>
<th></th>
</tr>
</thead>
<tbody>
<?php
<?php
$i = 0;
foreach ($a_ca as $ca) :
$name = htmlspecialchars($ca['descr']);
$subj = cert_get_subject($ca['crt']);
$issuer = cert_get_issuer($ca['crt']);
$issuer = htmlspecialchars(cert_get_issuer($ca['crt']));
$subj = htmlspecialchars(cert_get_subject($ca['crt']));
list($startdate, $enddate) = cert_get_dates($ca['crt']);
if ($subj == $issuer) {
$issuer_name = "<em>" . gettext("self-signed") . "</em>";
} else {
$issuer_name = "<em>" . gettext("external") . "</em>";
}
$subj = htmlspecialchars($subj);
$issuer = htmlspecialchars($issuer);
$certcount = 0;
if (isset($ca['caref'])) {
......@@ -761,7 +725,7 @@ else :
if ($issuer_ca) {
$issuer_name = $issuer_ca['descr'];
}
foreach ($a_cert as $cert) {
foreach ($config['cert'] as $cert) {
if ($cert['caref'] == $ca['refid']) {
$certcount++;
}
......@@ -772,27 +736,16 @@ else :
}
}
}
// TODO : Need gray certificate icon
if ($ca['prv']) {
$internal = "YES";
} else {
$internal = "NO";
}
?>
?>
<tr>
<td class="listlr">
<?=$name;?>
</td>
<td class="listr"><?=$internal;?>&nbsp;</td>
<td class="listr"><?=$issuer_name;?>&nbsp;</td>
<td class="listr"><?=$certcount;?>&nbsp;</td>
<td class="listr"><?=$subj;?><br />
<table width="100%" style="font-size: 9px" summary="valid">
<td><?=htmlspecialchars($ca['descr']);?></td>
<td><?=!empty($ca['prv']) ? gettext("YES") : gettext("NO");?>&nbsp;</td>
<td><?=$issuer_name;?>&nbsp;</td>
<td><?=$certcount;?>&nbsp;</td>
<td><?=$subj;?><br />
<table width="100%" style="font-size: 9px">
<tr>
<td width="10%">&nbsp;</td>
<td>&nbsp;</td>
<td width="20%"><?=gettext("Valid From")?>:</td>
<td width="70%"><?= $startdate ?></td>
</tr>
......@@ -803,50 +756,35 @@ else :
</tr>
</table>
</td>
<td valign="middle" class="list nowrap">
<a href="system_camanager.php?act=edit&amp;id=<?=$i;
?>" data-toggle="tooltip" data-placement="left" title="<?=gettext("edit CA");
?>" alt="<?=gettext("edit CA");?>" class="btn btn-default btn-xs"><span class="glyphicon glyphicon-pencil"></span></a>
<a href="system_camanager.php?act=exp&amp;id=<?=$i;
?>" data-toggle="tooltip" data-placement="left" title="<?=gettext("export CA cert");
?>" alt="<?=gettext("export CA cert");?>" class="btn btn-default btn-xs"><span class="glyphicon glyphicon-download"></span></a>
<?php if ($ca['prv']) :
?>
<a href="system_camanager.php?act=expkey&amp;id=<?=$i;
?>" data-toggle="tooltip" data-placement="left" title="<?=gettext("export CA private key");?>" class="btn btn-default btn-xs"><span class="glyphicon glyphicon-download"></span></a>
<?php
endif; ?>
<a href="system_camanager.php?act=del&amp;id=<?=$i;
?>" data-toggle="tooltip" data-placement="left" onclick="return confirm('<?=gettext("Do you really want to delete this Certificate Authority and its CRLs, and unreference any associated certificates?");
?>')" title="<?=gettext("delete ca");?>" class="btn btn-default btn-xs"><span class="glyphicon glyphicon-remove"></span></a>
<td>
<a href="system_camanager.php?act=edit&amp;id=<?=$i;?>" data-toggle="tooltip" data-placement="left" title="<?=gettext("edit CA");?>" alt="<?=gettext("edit CA");?>" class="btn btn-default btn-xs">
<span class="glyphicon glyphicon-pencil"></span>
</a>
<a href="system_camanager.php?act=exp&amp;id=<?=$i;?>" data-toggle="tooltip" data-placement="left" title="<?=gettext("export CA cert");?>" alt="<?=gettext("export CA cert");?>" class="btn btn-default btn-xs">
<span class="glyphicon glyphicon-download"></span>
</a>
<?php
if ($ca['prv']) :?>
<a href="system_camanager.php?act=expkey&amp;id=<?=$i;?>" data-toggle="tooltip" data-placement="left" title="<?=gettext("export CA private key");?>" class="btn btn-default btn-xs">
<span class="glyphicon glyphicon-download"></span>
</a>
<?php
endif; ?>
<a id="del_<?=$i;?>" data-id="<?=$i;?>" title="<?=gettext("delete ca"); ?>" data-toggle="tooltip" class="act_delete btn btn-default btn-xs">
<span class="glyphicon glyphicon-remove"></span>
</a>
</td>
</tr>
<?php
<?php
$i++;
endforeach;
?>
endforeach;?>
</tbody>
</table>
<?php
endif; ?>
<?php
endif; ?>
</div>
</section>
</div>
</div>
</section>
<script type="text/javascript">
//<![CDATA[
method_change();
//]]>
</script>
<?php include("foot.inc");
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment

Technounit-GROUP 2023