from time import time,localtime,strftime,mktime
from pycacnf import opensslcnf, pyca_section
from openssl.db import \
empty_DN_dict, \
DB_type,DB_exp_date,DB_rev_date,DB_serial,DB_file,DB_name,DB_number, \
DB_TYPE_REV,DB_TYPE_EXP,DB_TYPE_VAL, \
dbtime2tuple,GetEntriesbyDN,SplitDN
sys.stdin.close()
# Path to openssl executable
OpenSSLExec = pyca_section.get('OpenSSLExec','/usr/bin/openssl')
form = cgiforms.formClass()
form.add(
cgiforms.formSelectClass(
'operation',
'Operation',
['GetCACert','PKIOperation']
)
)
form.add(
cgiforms.formInputClass(
'message',
'Message',
10000,
(r'.*',re.M+re.S)
)
)
policy_section = opensslcnf.data.get(ca.policy,{})
req_section = opensslcnf.data.get(ca.req,{})
if req_section and req_section.has_key('distinguished_name'):
req_distinguished_name_section = opensslcnf.data.get(req_section['distinguished_name'],{})
req_distinguished_name_keys = opensslcnf.sectionkeys.get(req_section['distinguished_name'],[])
else:
htmlbase.PrintErrorMsg('Request section for "%s" not found.' % ca_name)
sys.exit(0)
if not ca.isclientcert():
htmlbase.PrintErrorMsg('Certificate authority "%s" does not issue client certificates.' % ca_name)
sys.exit(0)
form = cgiforms.formClass(charset='iso-8859-1')
alphanumregex = r'[0-9a-zA-Z\344\366\374\304\326\334\337�/\'"._ -]*'
# telephoneregex = r'^\+[0-9][0-9]-[0-9]*-[0-9]*'
# Check which browser is used
http_browsertype,http_browserversion = BrowserType(os.environ.get('HTTP_USER_AGENT',''))
key_gen_browsers = {'Microsoft Internet Explorer':('PKCS10','pem'),'Netscape Navigator':('SPKAC','spkac'),'Opera':('SPKAC','spkac')}
if not known_browsers.get(http_browsertype,http_browsertype) in key_gen_browsers.keys():
http_browsertype=''
form.add(cgiforms.formSelectClass('browsertype','Browser Software',key_gen_browsers.keys(),known_browsers.get(http_browsertype,''),required=1))
form.add(cgiforms.formPasswordClass('challenge','Initial Master Secret',30,alphanumregex,required=1))
# The form is build by looking at a [req] section in openssl.cnf
from time import time, localtime, strftime, mktime
from pycacnf import opensslcnf, pyca_section
from openssl.db import \
empty_DN_dict, \
DB_type,DB_exp_date,DB_rev_date,DB_serial,DB_file,DB_name,DB_number, \
DB_TYPE_REV,DB_TYPE_EXP,DB_TYPE_VAL, \
dbtime2tuple,GetEntriesbyDN,SplitDN
sys.stdin.close()
# Path to openssl executable
OpenSSLExec = pyca_section.get('OpenSSLExec', '/usr/bin/openssl')
form = cgiforms.formClass()
form.add(
cgiforms.formSelectClass('operation', 'Operation',
['GetCACert', 'PKIOperation']))
form.add(
cgiforms.formInputClass('message', 'Message', 10000, (r'.*', re.M + re.S)))
form.getparams()
scep_operation = form.field['operation'][0].content
scep_message = form.field['message'][0].content
if scep_operation in ['GetCACert', 'GetCACertChain']:
# *** Check parameter message again for being valid FQDN.
