74ccae2000-02-24Per Hedbor /*
0917d32013-03-04Anders Johansson  * $Id$
74ccae2000-02-24Per Hedbor  */
fc40392008-08-15Martin Stjernholm #if constant (Nettle)
7ba3aa2000-09-09Andreas Lange  inherit "ssl_common.pike";
74ccae2000-02-24Per Hedbor inherit "wizard";
7ba3aa2000-09-09Andreas Lange #include <roxen.h> //<locale-token project="admin_tasks"> LOCALE </locale-token> #define LOCALE(X,Y) _STR_LOCALE("admin_tasks",X,Y)
74ccae2000-02-24Per Hedbor  import Standards.PKCS; import Standards.ASN1.Types;
d3021b2000-04-06Per Hedbor constant action = "SSL";
74ccae2000-02-24Per Hedbor 
7ba3aa2000-09-09Andreas Lange string name= LOCALE(132, "Generate an RSA key and a Self Signed Certificate..."); string doc = doc_string_start + doc_string_end_b;
74ccae2000-02-24Per Hedbor 
7ba3aa2000-09-09Andreas Lange /* In ssl_common.pike: * * mixed page_0(object id, object mc) * mixed verify_0(object id, object mc) */
74ccae2000-02-24Per Hedbor  mixed page_1(mixed id, mixed mc) {
7ba3aa2000-09-09Andreas Lange  return certificate_parameters;
74ccae2000-02-24Per Hedbor } mixed page_2(object id, object mc) {
7ba3aa2000-09-09Andreas Lange  return certificate_TTL;
74ccae2000-02-24Per Hedbor } mixed verify_2(object id, object mc) { if ( ( (int) id->variables->ttl) <= 0) { id->variables->_error = "Invalid certificate lifetime; must be positive."; return 1; } return 0; } mixed page_3(object id, object mc) {
51d0db2001-12-14Henrik Grubbström (Grubba)  object file;
74ccae2000-02-24Per Hedbor  object privs = Privs("Reading private RSA key");
51d0db2001-12-14Henrik Grubbström (Grubba)  if (!(file = lopen(id->variables->key_file, "r")))
74ccae2000-02-24Per Hedbor  { privs = 0;
7ba3aa2000-09-09Andreas Lange  return "<font color='red'>Could not open key file: "
51d0db2001-12-14Henrik Grubbström (Grubba)  + strerror(errno()) + "\n</font>";
74ccae2000-02-24Per Hedbor  } privs = 0; string s = file->read(0x10000); if (!s) return "<font color=red>Could not read private key: " + strerror(file->errno()) + "\n</font>"; object msg = Tools.PEM.pem_msg()->init(s); object part = msg->parts["RSA PRIVATE KEY"]; if (!part)
7ba3aa2000-09-09Andreas Lange  return "<font color='red'>Key file not formatted properly.\n</font>";
74ccae2000-02-24Per Hedbor  object rsa = RSA.parse_private_key(part->decoded_body()); if (!rsa)
7ba3aa2000-09-09Andreas Lange  return "<font color='red'>Invalid key.\n</font>";
74ccae2000-02-24Per Hedbor  mapping attrs = ([]); string attr; /* Remove initial and trailing whitespace, and ignore * empty attributes. */ foreach( ({ "countryName", "stateOrProvinceName", "localityName", "organizationName", "organizationUnitName", "commonName" }), attr) { if (id->variables[attr]) {
a7e8862006-03-30Martin Stjernholm  attrs[attr] = global.String.trim_whites (id->variables[attr]);
74ccae2000-02-24Per Hedbor  if (attrs[attr] == "") m_delete (attrs, attr); } } array name = ({ }); if (attrs->countryName)
8bd0112014-11-27Henrik Grubbström (Grubba)  name += ({([ "countryName": PrintableString(attrs->countryName) ])});
74ccae2000-02-24Per Hedbor  foreach( ({ "stateOrProvinceName", "localityName", "organizationName", "organizationUnitName", "commonName" }), attr) { if (attrs[attr])
91bf5e2014-11-27Henrik Grubbström (Grubba)  name += ({ ([ attr : UTF8String(attrs[attr]) ]) });
74ccae2000-02-24Per Hedbor  }
6f11fd2015-07-02Henrik Grubbström (Grubba)  /* Create a plain X.509 v1 certificate, with default extensions and hash. */ string cert = Standards.X509.make_selfsigned_certificate
74ccae2000-02-24Per Hedbor  (rsa, 24 * 3600 * (int) id->variables->ttl, name);
7ba3aa2000-09-09Andreas Lange  string res=("<font size='+2'>"+LOCALE(133,"This is your Certificate.")+ "</font>" "<textarea name='certificate' cols='80' rows='12'>");
74ccae2000-02-24Per Hedbor  res += Tools.PEM.simple_build_pem("CERTIFICATE", cert); res += "</textarea>";
7ba3aa2000-09-09Andreas Lange  res += save_certificate_form("cert_file", "my_rsa_certificate.pem");
74ccae2000-02-24Per Hedbor  return res; } mixed verify_3(object id, object mc) {
7ba3aa2000-09-09Andreas Lange  if (sizeof(id->variables->cert_file))
74ccae2000-02-24Per Hedbor  {
51d0db2001-12-14Henrik Grubbström (Grubba)  object file; if (!(file = lopen(id->variables->cert_file, "wct")))
74ccae2000-02-24Per Hedbor  { /* FIXME: Should we use a verify function, to get * better error handling? */ id->variables->_error = "Could not open certificate file: "
51d0db2001-12-14Henrik Grubbström (Grubba)  + (strerror(errno()) || (string) errno())
74ccae2000-02-24Per Hedbor  + "."; return 1; } if (file->write(id->variables->certificate) != strlen(id->variables->certificate)) { id->variables->_error = "Write failed: " + (strerror(file->errno()) || (string) file->errno()) + "."; return 1; } } return 0; }
f6244a2000-08-19Per Hedbor mixed wizard_done(object id, object mc) {
a995202017-11-07Anders Johansson  roxen.background_run(0, roxen.scan_certs);
7ba3aa2000-09-09Andreas Lange  return http_string_answer( sprintf("<p>"+LOCALE(131,"Wrote %d bytes to %s.")+ "</p>\n<p><cf-ok/></p>\n", strlen(id->variables->certificate),
f8b9b12004-06-16Henrik Grubbström (Grubba)  combine_path(getcwd(), "../local/",
7ba3aa2000-09-09Andreas Lange  id->variables->cert_file)) );
f6244a2000-08-19Per Hedbor }
7ba3aa2000-09-09Andreas Lange mixed parse( RequestID id ) { return wizard_for(id,0); }
74ccae2000-02-24Per Hedbor 
fc40392008-08-15Martin Stjernholm #endif /* constant (Nettle) */