windows-nt/Source/XPSP1/NT/ds/security/services/ca/certweb/certnew.cer

<%@ CODEPAGE=65001 'UTF-8%>
<%' certnew.cer - (CERT)srv web - return a (NEW) certificate
  ' Copyright (C) Microsoft Corporation, 1998 - 1999 %>
<!-- #include FILE=certdat.inc -->
<!-- #include FILE=certsrck.inc -->
<%  ' ########## BEGIN SERVER SIDE EXECUTION ##########

	'Process a Certificate Request

	Dim nDisposition, nResult, sCert, sErrMsg, nEncoding
	On Error Resume Next

	' from \nt\public\sdk\inc\certcli.h
	Const CR_OUT_BASE64HEADER=&H00000000
	Const CR_OUT_BASE64=&H00000001
	Const CR_OUT_BINARY=&H00000002
	Const CR_OUT_CHAIN=&H00000100
	
	'Disposition code ref: \nt\public\sdk\inc\certcli.h
	Const CR_DISP_INCOMPLETE        =0
	Const CR_DISP_ERROR             =1
	Const CR_DISP_DENIED            =2
	Const CR_DISP_ISSUED            =3
	Const CR_DISP_ISSUED_OUT_OF_BAND=4
	Const CR_DISP_UNDER_SUBMISSION  =5
	Const CR_DISP_REVOKED           =6
	Const no_disp=-1

	Const CR_PROP_CASIGCERT=12
	Const PROPTYPE_BINARY=3

	'Stop 'debugging breakpoint
	
	' determine the requested encoding
	If "bin"=Request.QueryString("Enc") Then
		nEncoding=CR_OUT_BINARY
	Else '"b64"=Request.QueryString("Enc")
		nEncoding=CR_OUT_BASE64HEADER
	End If

	' create the object to do the request
	Set Session("ICertRequest")=Server.CreateObject("CertificateAuthority.Request")
	Set ICertRequest=Session("ICertRequest")
	nDisposition=no_disp

	Err.Clear 'make sure we catch the HRESULT and not some earlier error
	
	If "CACert"=Request.QueryString("ReqID") Then
		' get the CA cert
		sCert=ICertRequest.GetCAProperty(sServerConfig, CR_PROP_CASIGCERT, Request.QueryString("Renewal"), PROPTYPE_BINARY, nEncoding)
		nResult=Err.Number
		sErrMsg=Err.Description

		If 0<>nResult Then
			'internal redirect - transfer control to error page
			Session("nResult")=nResult
			Session("sErrMsg")=sErrMsg
			Server.Transfer("certrser.asp")
		End If

	Else
		' Fetch the user's cert
		nDisposition=ICertRequest.RetrievePending(Request.QueryString("ReqID"), sServerConfig)
		nResult=Err.number
		sErrMsg=Err.Description
		
		If nDisposition=CR_DISP_ISSUED Then
			' Remove this request from the user's cookie
			RemoveReq(Request.QueryString("ReqID"))

			sCert=ICertRequest.GetCertificate(nEncoding)
		Else
			'internal redirect - transfer control to error page
			Session("nDisposition")=nDisposition
			Session("nResult")=nResult
			Session("sErrMsg")=sErrMsg
			Server.Transfer("certrser.asp")
		End If
	End If

	' Netscape automagically installs anything that is "x-x509-***-cert",
	' so pick MIME type depending upon what we want the browser to do.
	' (IE treats all types the same)
	If "inst"=Request.QueryString("Mode") Then
		' We want Netscape to install
		If "CACert"=Request.QueryString("ReqID") Then
			' Netscape installs this type and does not expect to have a private key
			Response.ContentType="application/x-x509-ca-cert" 
		Else
			' Netscape installs this type and expects to have a private key
			Response.ContentType="application/x-x509-user-cert" 
		End If

	Else
		' We don't wan't Netscape to install
		Response.ContentType="application/pkix-cert" ' Netscape does not install this type
	End If

	' send the cert to the client
	Response.Clear 'guarantee no extraneous bytes
	If CR_OUT_BINARY=nEncoding Then
		Response.BinaryWrite(sCert)
	Else
		Response.Write(sCert)
	End If
	
	' ########## END SERVER SIDE EXECUTION ##########
%>
Add source files 2020-09-26 03:20:57 -05:00			`<%@ CODEPAGE=65001 'UTF-8%>`
			`<%' certnew.cer - (CERT)srv web - return a (NEW) certificate`
			`' Copyright (C) Microsoft Corporation, 1998 - 1999 %>`
			`<!-- #include FILE=certdat.inc -->`
			`<!-- #include FILE=certsrck.inc -->`
			`<% ' ########## BEGIN SERVER SIDE EXECUTION ##########`

			`'Process a Certificate Request`

			`Dim nDisposition, nResult, sCert, sErrMsg, nEncoding`
			`On Error Resume Next`

			`' from \nt\public\sdk\inc\certcli.h`
			`Const CR_OUT_BASE64HEADER=&H00000000`
			`Const CR_OUT_BASE64=&H00000001`
			`Const CR_OUT_BINARY=&H00000002`
			`Const CR_OUT_CHAIN=&H00000100`

			`'Disposition code ref: \nt\public\sdk\inc\certcli.h`
			`Const CR_DISP_INCOMPLETE =0`
			`Const CR_DISP_ERROR =1`
			`Const CR_DISP_DENIED =2`
			`Const CR_DISP_ISSUED =3`
			`Const CR_DISP_ISSUED_OUT_OF_BAND=4`
			`Const CR_DISP_UNDER_SUBMISSION =5`
			`Const CR_DISP_REVOKED =6`
			`Const no_disp=-1`

			`Const CR_PROP_CASIGCERT=12`
			`Const PROPTYPE_BINARY=3`

			`'Stop 'debugging breakpoint`

			`' determine the requested encoding`
			`If "bin"=Request.QueryString("Enc") Then`
			`nEncoding=CR_OUT_BINARY`
			`Else '"b64"=Request.QueryString("Enc")`
			`nEncoding=CR_OUT_BASE64HEADER`
			`End If`

			`' create the object to do the request`
			`Set Session("ICertRequest")=Server.CreateObject("CertificateAuthority.Request")`
			`Set ICertRequest=Session("ICertRequest")`
			`nDisposition=no_disp`

			`Err.Clear 'make sure we catch the HRESULT and not some earlier error`

			`If "CACert"=Request.QueryString("ReqID") Then`
			`' get the CA cert`
			`sCert=ICertRequest.GetCAProperty(sServerConfig, CR_PROP_CASIGCERT, Request.QueryString("Renewal"), PROPTYPE_BINARY, nEncoding)`
			`nResult=Err.Number`
			`sErrMsg=Err.Description`

			`If 0<>nResult Then`
			`'internal redirect - transfer control to error page`
			`Session("nResult")=nResult`
			`Session("sErrMsg")=sErrMsg`
			`Server.Transfer("certrser.asp")`
			`End If`

			`Else`
			`' Fetch the user's cert`
			`nDisposition=ICertRequest.RetrievePending(Request.QueryString("ReqID"), sServerConfig)`
			`nResult=Err.number`
			`sErrMsg=Err.Description`

			`If nDisposition=CR_DISP_ISSUED Then`
			`' Remove this request from the user's cookie`
			`RemoveReq(Request.QueryString("ReqID"))`

			`sCert=ICertRequest.GetCertificate(nEncoding)`
			`Else`
			`'internal redirect - transfer control to error page`
			`Session("nDisposition")=nDisposition`
			`Session("nResult")=nResult`
			`Session("sErrMsg")=sErrMsg`
			`Server.Transfer("certrser.asp")`
			`End If`
			`End If`

			`' Netscape automagically installs anything that is "x-x509-***-cert",`
			`' so pick MIME type depending upon what we want the browser to do.`
			`' (IE treats all types the same)`
			`If "inst"=Request.QueryString("Mode") Then`
			`' We want Netscape to install`
			`If "CACert"=Request.QueryString("ReqID") Then`
			`' Netscape installs this type and does not expect to have a private key`
			`Response.ContentType="application/x-x509-ca-cert"`
			`Else`
			`' Netscape installs this type and expects to have a private key`
			`Response.ContentType="application/x-x509-user-cert"`
			`End If`

			`Else`
			`' We don't wan't Netscape to install`
			`Response.ContentType="application/pkix-cert" ' Netscape does not install this type`
			`End If`

			`' send the cert to the client`
			`Response.Clear 'guarantee no extraneous bytes`
			`If CR_OUT_BINARY=nEncoding Then`
			`Response.BinaryWrite(sCert)`
			`Else`
			`Response.Write(sCert)`
			`End If`

			`' ########## END SERVER SIDE EXECUTION ##########`
			`%>`