from openssl.db import \ empty_DN_dict, \ DB_type,DB_exp_date,DB_rev_date,DB_serial,DB_file,DB_name,DB_number, \ DB_TYPE_REV,DB_TYPE_EXP,DB_TYPE_VAL, \ dbtime2tuple,GetEntriesbyDN,SplitDN sys.stdin.close() # Path to openssl executable OpenSSLExec = pyca_section.get('OpenSSLExec','/usr/bin/openssl') form = cgiforms.formClass() form.add( cgiforms.formSelectClass( 'operation', 'Operation', ['GetCACert','PKIOperation'] ) ) form.add( cgiforms.formInputClass( 'message', 'Message', 10000, (r'.*',re.M+re.S) ) ) form.getparams() scep_operation = form.field['operation'][0].content
if not ca.isclientcert(): htmlbase.PrintErrorMsg('Certificate authority "%s" does not issue client certificates.' % ca_name) sys.exit(0) form = cgiforms.formClass(charset='iso-8859-1') alphanumregex = r'[0-9a-zA-Z\344\366\374\304\326\334\337�/\'"._ -]*' # telephoneregex = r'^\+[0-9][0-9]-[0-9]*-[0-9]*' # Check which browser is used http_browsertype,http_browserversion = BrowserType(os.environ.get('HTTP_USER_AGENT','')) key_gen_browsers = {'Microsoft Internet Explorer':('PKCS10','pem'),'Netscape Navigator':('SPKAC','spkac'),'Opera':('SPKAC','spkac')} if not known_browsers.get(http_browsertype,http_browsertype) in key_gen_browsers.keys(): http_browsertype='' form.add(cgiforms.formSelectClass('browsertype','Browser Software',key_gen_browsers.keys(),known_browsers.get(http_browsertype,''),required=1)) form.add(cgiforms.formPasswordClass('challenge','Initial Master Secret',30,alphanumregex,required=1)) # The form is build by looking at a [req] section in openssl.cnf dn_attr_keys = [] dn_attr = {} for i in req_distinguished_name_keys: l = string.split(i,'_') attr_name = string.strip(l[0]) if not attr_name in dn_attr_keys: dn_attr_keys.append(attr_name) dn_attr[attr_name]={'comment':'','max':'40','regex':alphanumregex,'default':''} if len(l)>1: dn_attr[attr_name][l[1]]=req_distinguished_name_section.get(i,'') elif len(l)==1:
from pycacnf import opensslcnf, pyca_section from openssl.db import \ empty_DN_dict, \ DB_type,DB_exp_date,DB_rev_date,DB_serial,DB_file,DB_name,DB_number, \ DB_TYPE_REV,DB_TYPE_EXP,DB_TYPE_VAL, \ dbtime2tuple,GetEntriesbyDN,SplitDN sys.stdin.close() # Path to openssl executable OpenSSLExec = pyca_section.get('OpenSSLExec', '/usr/bin/openssl') form = cgiforms.formClass() form.add( cgiforms.formSelectClass('operation', 'Operation', ['GetCACert', 'PKIOperation'])) form.add( cgiforms.formInputClass('message', 'Message', 10000, (r'.*', re.M + re.S))) form.getparams() scep_operation = form.field['operation'][0].content scep_message = form.field['message'][0].content if scep_operation in ['GetCACert', 'GetCACertChain']: # *** Check parameter message again for being valid FQDN. # *** Set to pre-configured SCEP CA scep_message = 'SCEP'