windows-nt/Source/XPSP1/NT/ds/security/services/ca/certweb/certnoca.hta
2020-09-26 16:20:57 +08:00

1360 lines
44 KiB
HTML

<HTML>
<!--
certnoca.hta - (CERT)srv web - (NO) (CA) cert-request management
This is an HTML application. We are assuming that we are running
on IE 5 (or compatible), stand alone from any CA.
-->
<Head>
<Title>No-CA Certificate Request Manager</Title>
</Head>
<Body BgColor=#FFFFFF OnLoad="postLoad();"><Font Face="Arial">
<Table border=0 CellSpacing=0 CellPadding=4 width=100% BgColor=#008080>
<TR>
<TD><font color=#FFFFFF size=-1 Face="Arial"><B><I>Microsoft</I></B> Certificate Services</Font></TD>
<TD Align=right><A href="" OnClick="goHome();return false;"><font color=#FFFFFF size=-1 Face="Arial"><B>Home</B></Font></A></TD>
</TR>
</Table>
<Form name=UIForm>
<!-- #################### PAGE 1 #################### -->
<Span ID="spnPage1">
<P> <B> Welcome </B>
<!-- Green HR --><Table border=0 cellspacing=0 cellpadding=0 width=100%><TR><TD BgColor=#008080><IMG Src="certspc.gif" alt="" height=2 width=1></TD></TR></Table>
<P> You use this application to generate PKCS #10 certificate requests and install PKCS #7 certificates.
<P>
<Table border=0 cellspacing=0 cellpadding=0>
<TR>
<TD Colspan=3><Font Face="Arial"><B>Select a task:</B></Font></TD>
</TR><TR>
<TD rowspan=2><IMG Src="certspc.gif" alt="" height=1 width=20></TD>
<TD><INPUT type="radio" id=rbGenReq name=rbgrpAction checked value=1></TD>
<TD><Font Face="Arial"><Label for=rbGenReq>Generate a PKCS #10 certificate request</Label></Font></TD>
</TR> <TR>
<TD><INPUT type="radio" id=rbInstall name=rbgrpAction value=2></TD>
<TD><Font Face="Arial"><Label for=rbInstall>Install an PKCS #7 certificate</Label></Font></TD>
</TR>
</Table>
<P>
<!-- Green HR --><Table border=0 cellspacing=0 cellpadding=0 width=100%><TR><TD BgColor=#008080><IMG Src="certspc.gif" alt="" height=2 width=1></TD></TR></Table>
<!-- White HR --><Table border=0 cellspacing=0 cellpadding=0 width=100%><TR><TD BgColor=#FFFFFF><IMG Src="certspc.gif" alt="" height=5 width=1></TD></TR></Table>
<Table width=100% border=0 cellpadding=0 cellspacing=0><TR><TD align=right>
<INPUT type=button value="Next &gt;" Name=btnNext1 style="width:.75in" OnClick="goNext();">
&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;
</TD></TR></Table>
</Span>
<!-- #################### PAGE 2 #################### -->
<Span ID="spnPage2" Style="display:none">
<P> <B> Generate A PKCS #10 Certificate Request </B>
<!-- Green HR --><Table border=0 cellspacing=0 cellpadding=0 width=100%><TR><TD BgColor=#008080><IMG Src="certspc.gif" alt="" height=2 width=1></TD></TR></Table>
<Span ID="spnFixTxt" style="display:none">
<Table border=0 cellspacing=0 cellpadding=4 Style="Color:#FF0000"><TR><TD>
<I>Please correct the fields marked in <B><Font color=#FF0000>RED</Font></B>.</I>
One or more fields are contain the characters (, ; " or +)
that cannot be processed, or the e-mail or country fields contain non-English characters.
</TD></TR></Table>
</Span>
<Span ID="spnErrorTxt" style="display:none">
<Table border=0 cellspacing=0 cellpadding=4 Style="Color:#FF0000">
<TR><TD>
<B>An error occurred</B> while creating the certificate request.
Please verify that your CSP supports any settings you have made
and that your input is valid.
</TD></TR><TR><TD>
<B>Suggested cause:</B><BR>
<span ID="spnErrorMsg"></span>
</TD></TR><TR>
<TD><font size=-2>Error: <span ID="spnErrorNum"></span></font></TD>
</TR>
</Table>
</Span>
<P>
<Table Border=0 CellSpacing=0 CellPadding=0>
<TR> <!-- establish column widths. -->
<TD width=100></TD> <!-- label column, top border -->
<TD rowspan=59 width=4></TD> <!-- label spacing column -->
<TD></TD> <!-- field column -->
</TR>
<TR>
<TD colspan=3><Font Size=-1><B>Identifying Information:</B></Font></TD>
</TR><TR><TD colspan=3 height=2 BgColor=#008080></TD>
</TR><TR><TD colspan=3 height=6></TD>
</TR><TR>
<TD Align=right><Font size=-1><Span ID="spnNameLabel">Name:</Span></Font></TD>
<TD><Input Type="text" MaxLength="64" Size=42 Name="tbCommonName"></TD>
</TR><TR>
<TD Align=right><Font size=-1><Span ID="spnEmailLabel">E-Mail:</Span></Font></TD>
<TD><Input Type="text" MaxLength="64" Size=42 Name="tbEmail"></TD>
</TR><TR><TD height=8></TD> <TD></TD>
</TR><TR>
<TD Align=right><Font size=-1><Span ID="spnCompanyLabel">Company:</Span></Font></TD>
<TD><Input Type="text" MaxLength="64" Size=42 Name="tbOrg"></TD>
</TR><TR>
<TD Align=right><Font size=-1><Span ID="spnDepartmentLabel">Department:</Span></Font></TD>
<TD><Input Type="text" MaxLength="64" Size=42 Name="tbOrgUnit"></TD>
</TR><TR><TD height=8></TD> <TD></TD>
</TR><TR>
<TD Align=right><Font size=-1><Span ID="spnCityLabel">City:</Span></Font></TD>
<TD><Input Type="text" MaxLength="64" Size=42 Name="tbLocality"></TD>
</TR><TR>
<TD Align=right><Font size=-1><Span ID="spnStateLabel">State:</Span></Font></TD>
<TD><Input Type="text" MaxLength="64" Size=42 Name="tbState"></TD>
</TR><TR>
<TD Align=right><Font size=-1><Span ID="spnCountryLabel">Country:</Span></Font></TD>
<TD><Input Type="text" MaxLength="2" Size=2 Name="tbCountry"></TD>
</TR>
<!-- Stand-Alone Options -->
<TR>
<TD colspan=3><Font Size=-1><B><BR>Extended Key Usage:</B></Font></TD>
</TR><TR><TD colspan=3 height=2 BgColor=#008080></TD>
</TR><TR><TD colspan=3 height=6></TD>
</TR><TR><TD></TD>
<TD><SELECT Name="lbUsageOID" OnChange="handleUsageOID();">
<OPTION SELECTED Value="1.3.6.1.5.5.8.2.2"> IPSec
<OPTION Value="1.3.6.1.5.5.7.3.2"> Client Authentication
<OPTION Value="1.3.6.1.5.5.7.3.4"> E-Mail Protection
<OPTION Value="1.3.6.1.5.5.7.3.1"> Server Authentication
<OPTION Value="1.3.6.1.5.5.7.3.3"> Code Signing
<OPTION Value="1.3.6.1.5.5.7.3.8"> Time Stamp Signing
<OPTION Value="other"> other...
</SELECT></TD>
</TR>
<TR><TD Align=Right><Span ID=spnEKUOther1 Style="display:none"><Font size=-1>Usage OID:</Font></Span></TD>
<TD><Span ID=spnEKUOther2 Style="display:none"><Input Type="TEXT" Name="tbEKUOther" Value="1.3.6.1.5.5.7.3."></Span></TD>
</TR>
<!-- Enterprise Options -->
<!--
<TR>
<TD colspan=3><Font Size=-1><B><BR>Certificate Template:</B></Font></TD>
</TR><TR><TD colspan=3 height=2 BgColor=#008080></TD>
</TR><TR><TD colspan=3 height=6></TD>
</TR><TR><TD></TD>
<TD><SELECT Name="lbCertTemplate">
< %
Dim nWriteTemplateResult
nWriteTemplateResult=WriteTemplateList()
% >
</SELECT></TD>
</TR>
-->
<!-- common -->
<TR>
<TD colspan=3><Font Size=-1><B><BR>Cryptographic Service Provider Options:</B></Font></TD>
</TR><TR><TD colspan=3 height=2 BgColor=#008080></TD>
</TR><TR><TD colspan=3 height=6></TD>
</TR>
<TR>
<TD Align=right><Font size=-1>CSP:</Font></TD>
<TD><SELECT Name="lbCSP">
<option>Loading...</Option>
</SELECT></TD>
</TR>
<TR><TD colspan=3 height=4></TD></TR>
<TR>
<TD Align=right ><Font size=-1>Key Size:</Font></TD>
<TD><Font size=-2><Input Type="TEXT" Name="tbKeySize" Value="512" MaxLength=4 size=4>
(common key sizes:
<A Href="" OnClick="document.UIForm.tbKeySize.value='512';return false;">512</a>,
<A Href="" OnClick="document.UIForm.tbKeySize.value='1024';return false;">1024</a>,
<A Href="" OnClick="document.UIForm.tbKeySize.value='2048';return false;">2048</a>,
<A Href="" OnClick="document.UIForm.tbKeySize.value='4096';return false;">4096</a>
)</Font></TD>
</TR>
<TR><TD colspan=3 height=4></TD></TR>
<TR>
<TD Align=right><Font size=-1>Hash Algorithm:</Font></TD>
<TD><Select Name="lbHashAlgorithm">
<Option Selected Value="SHA1"> SHA/RSA
<Option Value="1.3.14.3.2.13"> SHA/DSA
<Option Value="MD2"> MD2
<Option Value="MD5"> MD5
</Select></TD>
</TR>
<TR><TD colspan=3 height=4></TD></TR>
<TR>
<TD Align=right><Font size=-1>Key Spec:</Font></TD>
<TD><Font size=-1><Input Type="Radio" ID=rbKS1 Name="rbKeySpec" Value="1" CHECKED><Label for=rbKS1>Exchange</Label>
&nbsp;&nbsp;&nbsp;<Input Type="Radio" ID=rbKS2 Name="rbKeySpec" Value="2"><Label for=rbKS2>Signature</Label></Font></TD>
</TR>
<TR>
<TD colspan=3><Font Size=-1><B><BR>Key Generation Options:</B></Font></TD>
</TR><TR><TD colspan=3 height=2 BgColor=#008080></TD>
</TR><TR><TD colspan=3 height=6></TD>
</TR>
<TR><TD></TD>
<TD><Font size=-1><Input Type="Radio" ID=rbKG1 Name="rbKeyGen" Value="0" OnClick="handleKeyGen();" Checked><Label for=rbKG1>Create new key set</Label>
<Span Id="spnNewKeys">
<BR><IMG Src="certspc.gif" alt="" height=1 width=25><Input type="checkbox" Id=cbSetContainer name=cbSetContainer OnClick="handleSetContainer();"><Label for=cbSetContainer>Set the container name</Label>
<Span Id="spnNewContainer" Style="display:none">
<BR><IMG Src="certspc.gif" alt="" height=1 width=25>Container name:<Input Type="text" Name="tbNewContainerName" Size=20>
</Span>
</Span>
</Font></TD>
</TR><TR><TD></TD>
<TD><Font size=-1><Input Type="Radio" ID=rbKG2 Name="rbKeyGen" Value="1" OnClick="handleKeyGen();"><Label for=rbKG2>Use existing key set</Label>
<Span Id="spnExistingKeys" Style="display:none">
<BR><IMG Src="certspc.gif" alt="" height=1 width=25>Container name:<Input Type="text" Name="tbOldContainerName" Size=20>
</Span>
</Font></TD>
</TR>
<TR><TD colspan=3 height=4></TD></TR>
<TR>
<TD></TD>
<TD><Font size=-1><Input type="checkbox" Id=cbStrongKey name=cbStrongKey><Label for=cbStrongKey>Enable strong private key protection</Label></Font></TD>
</TR>
<TR><TD colspan=3 height=4></TD></TR>
<TR><TD></TD>
<TD><Font size=-1><Input Type="CHECKBOX" Name="cbMarkKeyExportable" ID=cbMarkKeyExportable OnClick="handleMarkExport();"><Label for=cbMarkKeyExportable>Mark keys as exportable</Label>
<Span Id="spnMarkKeyExportable" Style="display:none">
<BR><IMG Src="certspc.gif" alt="" height=1 width=25><Input Type="CHECKBOX" Name="cbExportKeys" ID=cbExportKeys OnClick="handleExportKeys();"><Label for=cbExportKeys>Export keys to file</Label>
<Span Id="spnExportKeys" Style="display:none">
<BR><IMG Src="certspc.gif" alt="" height=1 width=25>File name: <Input Type="text" Name="tbExportKeyFile" Size=20>
</Span>
</Span>
</Font></TD>
</TR>
<TR><TD colspan=3 height=4></TD></TR>
<TR><TD></TD>
<TD><Font size=-1><Input Type="CHECKBOX" Name="cbLocalMachineStore" ID=cbLocalMachineStore><Label for=cbLocalMachineStore>Use local machine store</Label></Font></TD>
</TR>
<TR>
<TD colspan=3><Font Size=-1><B><BR>Additional Options:</B></Font></TD>
</TR><TR><TD colspan=3 height=2 BgColor=#008080></TD>
</TR><TR><TD colspan=3 height=3></TD>
</TR>
<TR><TD colspan=3 height=6></TD>
</TR><TR>
<TD Align=right><Font size=-1>Attributes:</Font></TD>
<TD><TextArea Name="taAttrib" Wrap=off rows=4 cols=30></TextArea></TD>
</TR>
<TR>
<TD colspan=3><Font Size=-1><B><BR>Output File Name:</B></Font></TD>
</TR><TR><TD colspan=3 height=2 BgColor=#008080></TD>
</TR><TR><TD colspan=3 height=6></TD>
</TR><TR>
<TD Align=right></TD>
<TD><Input Type="text" MaxLength="64" Size=42 Name="tbFileName"></TD>
</TR>
</Table>
</P>
<!-- Green HR --><Table border=0 cellspacing=0 cellpadding=0 width=100%><TR><TD BgColor=#008080><IMG Src="certspc.gif" alt="" height=2 width=1></TD></TR></Table>
<!-- White HR --><Table border=0 cellspacing=0 cellpadding=0 width=100%><TR><TD BgColor=#FFFFFF><IMG Src="certspc.gif" alt="" height=5 width=1></TD></TR></Table>
<Table width=100% border=0 cellpadding=0 cellspacing=0><TR><TD align=right>
<INPUT type=button value="Generate and Save" OnClick="generateRequest();return false;">
&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;
</TD></TR></Table>
</Span>
<!-- #################### PAGE 3 #################### -->
<Span ID="spnPage3" Style="display:none">
<P> <B> Install An PKCS #7 Certificate </B>
<!-- Green HR --><Table border=0 cellspacing=0 cellpadding=0 width=100%><TR><TD BgColor=#008080><IMG Src="certspc.gif" alt="" height=2 width=1></TD></TR></Table>
<P>
<Table Border=0 CellSpacing=0 CellPadding=0>
<TR> <!-- establish column widths. -->
<TD><IMG Src="certspc.gif" alt="" height=1 width=100></TD> <!-- label column, top border -->
<TD rowspan=59><IMG Src="certspc.gif" alt="" height=1 width=4></TD> <!-- label spacing column -->
<TD></TD> <!-- field column -->
</TR>
<TR>
<TD colspan=3><Font Face="Arial" Size=-1><B>Saved Certificate:</B></Font></TD>
</TR><TR><TD colspan=3 BgColor=#008080><IMG Src="certspc.gif" alt="" height=2 width=1></TD>
</TR><TR><TD colspan=3><IMG Src="certspc.gif" alt="" height=3 width=1></TD></TR>
<TR>
<TD Align=right><Font Face="Arial" size=-1><Span id=spPaste>Base64 Encoded <BR>PKCS #7 Certificate:</Span></Font></TD>
<TD><TEXTAREA rows=6 cols=40 name=taInstallCert wrap=off></TEXTAREA></TD>
</TR><TR><TD colspan=3 height=3></TD>
</TR><TR><TD></TD>
<TD>
<Font Face="Arial" Size=-1><A Href="#" onclick="BeginRead();blur();return false;"
OnMouseOver="window.status='Read a file';return true;" OnMouseOut="window.status='';return true;">Browse</A>
for a file to insert.</Font>
<Span id=spRead style="display:none">
<Table Border=0 CellSpacing=0 CellPadding=0>
<TR><TD Height=5></TD>
<TR>
<TD Width=6></TD>
<TD Width=3 BgColor=#008080></TD>
<TD Width=4></TD>
<TD>
File name: <Input Type="file" size=40 name=flRequest><BR>
<Input Type=Button Value="Read!" onClick="FinishRead();blur();" Style="font-weight:bold">
<Input Type=Button Value="Cancel" onClick="spRead.style.display='none';blur();">
</TD>
</TR>
</Table>
</Span>
</TD>
</TR>
<!-- Enterprise
<TR>
<TD colspan=3><Font Face="Arial" Size=-1><BR><B>Certificate Template:</B></Font></TD>
</TR><TR><TD colspan=3 BgColor=#008080><IMG Src="certspc.gif" alt="" height=2 width=1></TD>
</TR><TR><TD colspan=3><IMG Src="certspc.gif" alt="" height=3 width=1></TD>
</TR><TR><TD></TD>
<TD><SELECT Name="lbCertTemplate">
< %
Dim nWriteTemplateResult
nWriteTemplateResult=WriteTemplateList()
% >
</SELECT></TD>
</TR>
-->
<TR>
<TD colspan=3><Font Face="Arial" Size=-1><BR><B>Additional Options:</B></Font></TD>
</TR><TR><TD colspan=3 BgColor=#008080><IMG Src="certspc.gif" alt="" height=2 width=1></TD>
</TR><TR><TD colspan=3><IMG Src="certspc.gif" alt="" height=6 width=1></TD>
</TR>
<TR><TD colspan=3 height=4></TD></TR>
<TR><TD></TD>
<TD><Font size=-1><Input Type="CHECKBOX" Name="cbInstLocalMachineStore" ID=cbInstLocalMachineStore><Label for=cbInstLocalMachineStore>Use local machine store</Label></Font></TD>
</TR>
</Table>
<P>
<!-- Green HR --><Table border=0 cellspacing=0 cellpadding=0 width=100%><TR><TD BgColor=#008080><IMG Src="certspc.gif" alt="" height=2 width=1></TD></TR></Table>
<!-- White HR --><Table border=0 cellspacing=0 cellpadding=0 width=100%><TR><TD BgColor=#FFFFFF><IMG Src="certspc.gif" alt="" height=5 width=1></TD></TR></Table>
<Table width=100% border=0 cellpadding=0 cellspacing=0><TR><TD align=right>
<INPUT type=Button id=btnInstall value="Install" style="width:.75in" OnClick="doInstall();return false;">
&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;
</TD></TR></Table>
</Span>
<!-- #################### SCRIPTS #################### -->
</Form>
</Font>
<Span id="spnIControl" style="display:none">
<!-- XEnroll will be inserted here -->
</Span>
<!-- A DHTML alert box -->
<Table border=0 cellspacing=0 cellpadding=0 ID="tblWorkingMsg" style="display:none; position:absolute;">
<TR>
<TD BgColor=#000040 height=3 colspan=3></TD>
</TR> <TR>
<TD BgColor=#000040 width=3></TD>
<TD BgColor=#008080><font Color=#FFFFFF><B><BR>&nbsp;&nbsp;&nbsp;&nbsp;<Span ID="spnWorkingMsg"></Span>&nbsp;&nbsp;&nbsp;&nbsp;<BR><BR></B></Font></TD>
<TD BgColor=#000040 width=3></TD>
</TR> <TR>
<TD BgColor=#000040 height=3 colspan=3></TD>
</TR>
</Table>
<Script Language=JavaScript>
//================================================================
// GLOBAL VARIABLES
var g_bIControlReady=false; // true when XEnroll is loaded and ready to go
// some constants defined in wincrypt.h:
var CRYPT_EXPORTABLE=1;
var CRYPT_USER_PROTECTED=2;
var CRYPT_MACHINE_KEYSET=0x20;
var AT_KEYEXCHANGE=1;
var AT_SIGNATURE=2;
var CERT_SYSTEM_STORE_LOCATION_SHIFT=16;
var CERT_SYSTEM_STORE_LOCAL_MACHINE_ID=2;
var CERT_SYSTEM_STORE_LOCAL_MACHINE=CERT_SYSTEM_STORE_LOCAL_MACHINE_ID << CERT_SYSTEM_STORE_LOCATION_SHIFT;
//================================================================
// SCRIPTS COMMON TO ALL PAGES
//----------------------------------------------------------------
// reset the page to the begining
function goHome() {
spnPage1.style.display="";
spnPage2.style.display="none";
spnPage3.style.display="none";
}
//----------------------------------------------------------------
// XEnroll only allows us to set the CSP once.
// So, if something goes wrong in certificate creation,
// we need a new XEnroll before we can try again
// Thus, we use a script to reincarnate it.
function recreateIControl() {
g_bIControlReady=false;
spnIControl.innerHTML="";
spnIControl.innerHTML="<OBJECT"
+ " classid=\"clsid:43F8F289-7A20-11D0-8F06-00C04FC295E1\""
//+ " codebase=\"/CertControl/xenroll.cab#Version=5,131,1837,1\""
+ " id=IControl"
+ "> </OBJECT>";
g_bIControlReady=true;
}
//----------------------------------------------------------------
// This contains the functions we want executed immediately after load completes
function postLoad() {
var nResult;
// We're not ready to go yet
g_bIControlReady=false;
// Load an XEnroll object into the page
recreateIControl();
// get the CSP list
showTransientMessage("Getting CSP list");
setTimeout("postLoadPhase2();",1); } function postLoadPhase2() {
nResult=GetCSPList();
hideTransientMessage();
if (0!=nResult) {
handleLoadError(nResult, "CSP");
return;
}
// enterprise stuff
//< % If "StandAlone"<>sCSType And 0<>nWriteTemplateResult Then % >
//handleLoadError(< % =nWriteTemplateResult % >, "certificate template");
//< % End If % >
// Now we're ready to go
g_bIControlReady=true;
}
//----------------------------------------------------------------
// handle errors from GetCSPList()
function handleLoadError(nResult, sList) {
if (-1==nResult) {
alert("An unexpected error occurred while"
+" getting the "+sList+" list:\nNo "+sList+"s could be found!");
} else {
alert("An unexpected error (0x"+toHex(nResult)+") occurred while"
+" getting the "+sList+" list.");
}
document.UIForm.btnNext1.disabled=true;
}
//----------------------------------------------------------------
// show the message in the status bar and in the middle of the screen
function showTransientMessage(sMessage) {
window.status=sMessage;
spnWorkingMsg.innerText=sMessage;
tblWorkingMsg.style.display='';
tblWorkingMsg.style.pixelTop=
(document.body.clientHeight/2)-(tblWorkingMsg.offsetHeight/2)+(document.body.scrollTop);
//alert("w: d.b.cw:"+document.body.clientWidth+" m.ow:"+tblWorkingMsg.offsetWidth+" d.b.sl:"+document.body.scrollLeft);
tblWorkingMsg.style.pixelLeft=
(document.body.clientWidth/2)-(tblWorkingMsg.offsetWidth/2)+(document.body.scrollLeft);
}
//----------------------------------------------------------------
// hide the message box
function hideTransientMessage() {
window.status="";
tblWorkingMsg.style.display='none';
}
//----------------------------------------------------------------
// throw up a confirmation dialog
function myConfirm(sPrompt) {
return confirm(sPrompt);
}
//================================================================
// SCRIPTS FOR PAGE 1
//----------------------------------------------------------------
// this function is called from the first page to dispatch
function goNext() {
// make sure XEnroll is ready before continuing
if (false==g_bIControlReady) {
alert("This page has not finished loading yet. Please wait a few seconds and try again.");
return;
}
// go to the page the user selected
spnPage1.style.display="none";
if (document.UIForm.rbgrpAction[0].checked) {
spnPage2.style.display="";
} else {
spnPage3.style.display="";
}
}
//================================================================
// SCRIPTS FOR PAGE 2
//----------------------------------------------------------------
// Morph routine
function handleUsageOID() {
if ("other"==document.UIForm.lbUsageOID.options[document.UIForm.lbUsageOID.selectedIndex].value) {
spnEKUOther1.style.display='';
spnEKUOther2.style.display='';
document.UIForm.lbUsageOID.blur();
document.UIForm.tbEKUOther.select();
document.UIForm.tbEKUOther.focus();
} else {
spnEKUOther1.style.display='none';
spnEKUOther2.style.display='none';
}
}
//----------------------------------------------------------------
// Morph routine
function handleSaveReq() {
if (document.UIForm.cbSaveRequest.checked) {
spnSaveRequest.style.display='';
} else {
spnSaveRequest.style.display='none';
}
}
//----------------------------------------------------------------
// Morph routine
function handleMarkExport() {
if (document.UIForm.cbMarkKeyExportable.checked) {
spnMarkKeyExportable.style.display='';
} else {
spnMarkKeyExportable.style.display='none';
}
}
//----------------------------------------------------------------
// Morph routine
function handleExportKeys() {
if (document.UIForm.cbExportKeys.checked) {
spnExportKeys.style.display='';
} else {
spnExportKeys.style.display='none';
}
}
//----------------------------------------------------------------
// Morph routine
function handleKeyGen() {
if (document.UIForm.rbKeyGen[0].checked) {
spnNewKeys.style.display='';
spnExistingKeys.style.display='none';
} else {
spnNewKeys.style.display='none';
spnExistingKeys.style.display='';
}
}
//----------------------------------------------------------------
// Morph routine
function handleSetContainer() {
if (document.UIForm.cbSetContainer.checked) {
spnNewContainer.style.display='';
} else {
spnNewContainer.style.display='none';
}
}
//----------------------------------------------------------------
// make sure the given string is valid
function isValidX500String(sSource) {
if (//""==sSource || //On advanced page, we allow blank entries
-1!=sSource.indexOf(",",0) ||
-1!=sSource.indexOf("\"",0) ||
-1!=sSource.indexOf("+",0) ||
-1!=sSource.indexOf(";",0)) {
return false;
} else {
return true;
}
}
//----------------------------------------------------------------
// check for invalid characters and empty strings
function isValidIA5String(sSource) {
var nIndex;
for (nIndex=sSource.length-1; nIndex>=0; nIndex--) {
if (sSource.charCodeAt(nIndex)>127) { // NOTE: this is better, but not compatible with old browsers.
return false;
}
};
return true;
}
//----------------------------------------------------------------
// check for invalid characters
function isValidCountryField(tbCountry) {
tbCountry.value=tbCountry.value.toUpperCase();
var sSource=tbCountry.value;
var nIndex, ch;
if (sSource.length!=2 && sSource.length!=0) {
return false;
}
for (nIndex=sSource.length-1; nIndex>=0; nIndex--) {
ch=sSource.charAt(nIndex)
if (ch<"A" || ch>"Z") {
return false;
}
};
return true;
}
//----------------------------------------------------------------
// set a label to normal style
function markLabelNormal(spn) {
spn.style.color="#000000";
spn.style.fontWeight='normal';
}
//----------------------------------------------------------------
// set a label to error state
function markLabelError(spn) {
spn.style.color='#FF0000';
spn.style.fontWeight='bold';
}
//----------------------------------------------------------------
// check that the form has data in it
function validateRequest() {
markLabelNormal(spnNameLabel);
markLabelNormal(spnEmailLabel);
markLabelNormal(spnCompanyLabel);
markLabelNormal(spnDepartmentLabel);
markLabelNormal(spnCityLabel);
markLabelNormal(spnStateLabel);
markLabelNormal(spnCountryLabel);
var bOK=true;
var fldFocusMe=null;
// check in 'reverse' order so that focus gets set to last item
// don't set focus immediately because we'd get funny scrolling effects.
if (false==isValidCountryField(document.UIForm.tbCountry)) {
bOK=false;
fldFocusMe=document.UIForm.tbCountry;
markLabelError(spnCountryLabel);
}
if (false==isValidX500String(document.UIForm.tbState.value)) {
bOK=false;
fldFocusMe=document.UIForm.tbState;
markLabelError(spnStateLabel);
}
if (false==isValidX500String(document.UIForm.tbLocality.value)) {
bOK=false;
fldFocusMe=document.UIForm.tbLocality;
markLabelError(spnCityLabel);
}
if (false==isValidX500String(document.UIForm.tbOrgUnit.value)) {
bOK=false;
fldFocusMe=document.UIForm.tbOrgUnit;
markLabelError(spnDepartmentLabel);
}
if (false==isValidX500String(document.UIForm.tbOrg.value)) {
bOK=false;
fldFocusMe=document.UIForm.tbOrg;
markLabelError(spnCompanyLabel);
}
if (false==isValidX500String(document.UIForm.tbEmail.value) || false==isValidIA5String(document.UIForm.tbEmail.value)) {
bOK=false;
fldFocusMe=document.UIForm.tbEmail;
markLabelError(spnEmailLabel);
}
if (false==isValidX500String(document.UIForm.tbCommonName.value)) {
bOK=false;
fldFocusMe=document.UIForm.tbCommonName;
markLabelError(spnNameLabel);
}
if (false==bOK) {
spnFixTxt.style.display='';
window.scrollTo(0,0);
fldFocusMe.focus();
}
// validity check on the key size
if (true==bOK) {
var nKeySize=parseInt(document.UIForm.tbKeySize.value);
var sMessage;
if (isNaN(nKeySize)) {
sMessage="Please enter a number for the key size.";
bOK=false;
} else if (nKeySize<512 || nKeySize>4096) {
sMessage="Please enter a valid number for the key size. The key size must be between 512 and 4096.";
bOK=false;
}
if (false==bOK) {
alert (sMessage);
document.UIForm.tbKeySize.focus();
}
}
// Check the container name
if (true==bOK) {
if (document.UIForm.rbKeyGen[0].checked) {
// new keyset
if (document.UIForm.cbSetContainer.checked) {
if (""==document.UIForm.tbNewContainerName.value) {
bOK=false;
}
}
} else {
// existing keyset
if (""==document.UIForm.tbOldContainerName.value) {
bOK=false;
}
}
if (false==bOK) {
alert ("Please enter a key container name.");
if (document.UIForm.rbKeyGen[0].checked) {
document.UIForm.tbNewContainerName.focus();
} else {
document.UIForm.tbOldContainerName.focus();
}
}
}
// validity check on the file name
if (true==bOK) {
if (""==document.UIForm.tbFileName.value) {
alert ("Please enter a file name.");
document.UIForm.tbFileName.focus();
bOK=false;
}
}
return bOK;
}
//----------------------------------------------------------------
function generateRequest() {
// check that the form is filled in
spnErrorTxt.style.display='none';
spnFixTxt.style.display='none';
if (false==validateRequest()) {
return;
}
// show a nice message since request creation can take a while
showTransientMessage("Generating Request...");
// Make the message show up on the screen,
// then continue with 'generateRequest':
// Pause 1 mS before executing phase 2,
// so screen will have time to repaint.
setTimeout("generateRequestPhase2();",1); } function generateRequestPhase2() {
// set the identifying info
var sDistinguishedName=""
+ "C="+document.UIForm.tbCountry.value +";"
+ "S="+document.UIForm.tbState.value +";"
+ "L="+document.UIForm.tbLocality.value +";"
+ "O="+document.UIForm.tbOrg.value +";"
+"OU="+document.UIForm.tbOrgUnit.value +";"
+ "E="+document.UIForm.tbEmail.value +";"
+"CN="+document.UIForm.tbCommonName.value+";";
//
// Stand-Alone Options
//
// set the extended key usage and certificate request 'friendly type'
var nUsageIndex=document.UIForm.lbUsageOID.selectedIndex;
var sCertUsage;
if ("other"==document.UIForm.lbUsageOID.options[nUsageIndex].value) {
sCertUsage=document.UIForm.tbEKUOther.value;
} else {
sCertUsage=document.UIForm.lbUsageOID.options[nUsageIndex].value;
}
//
// Enterprise Options
//
// get the selected template
//var nTemplateIndex=document.UIForm.lbCertTemplate.selectedIndex;
//var sTemplate=document.UIForm.lbCertTemplate.options[nTemplateIndex].value;
// extract the template type (the first char)
// X-bad, U-user, M-machine
//var sTemplateType=sTemplate.substring(0,1);
//sTemplate=sTemplate.slice(1);
// set the cert template
//IControl.addCertTypeToRequest(sTemplate);
//var sCertUsage=""; // ignored
//
// CSP Options subheading:
//
// set the CSP
var nCSPIndex=document.UIForm.lbCSP.selectedIndex;
IControl.ProviderName=document.UIForm.lbCSP.options[nCSPIndex].text;
IControl.ProviderType=document.UIForm.lbCSP.options[nCSPIndex].value;
// set the key size (the upper 16 bits of GenKeyFlags)
// note: this value has already been validated
var nKeySize=parseInt(document.UIForm.tbKeySize.value);
IControl.GenKeyFlags=nKeySize<<16;
// set the KeySpec
if (document.UIForm.rbKeySpec[0].checked) {
IControl.KeySpec=AT_KEYEXCHANGE;
} else {
IControl.KeySpec=AT_SIGNATURE;
}
// set the hash algorithm
var nHashIndex=document.UIForm.lbHashAlgorithm.selectedIndex;
IControl.HashAlgorithm=document.UIForm.lbHashAlgorithm.options[nHashIndex].value;
//
// Key Generation Options subheading:
//
// set the 'use existing key set' flag
if (document.UIForm.rbKeyGen[0].checked) {
IControl.UseExistingKeySet=false;
if (document.UIForm.cbSetContainer.checked) {
IControl.ContainerName=document.UIForm.tbNewContainerName.value;
}
} else {
IControl.UseExistingKeySet=true;
IControl.ContainerName=document.UIForm.tbOldContainerName.value;
}
// set 'Strong private key protection'
// note: upper 16 bits already set as key size
if (document.UIForm.cbStrongKey.checked) {
IControl.GenKeyFlags|=CRYPT_USER_PROTECTED;
}
// mark the keys as exportable
if (document.UIForm.cbMarkKeyExportable.checked) {
IControl.GenKeyFlags|=CRYPT_EXPORTABLE;
// set the key export file (.pvk)
if (document.UIForm.cbExportKeys.checked) {
IControl.PVKFileName=document.UIForm.tbExportKeyFile.value;
}
}
// place the keys in the local machine store
if (document.UIForm.cbLocalMachineStore.checked) {
// the keys attached to the dummy request cert go in the local machine store
IControl.RequestStoreFlags=CERT_SYSTEM_STORE_LOCAL_MACHINE;
// used in CryptAcquireContext
IControl.ProviderFlags=CRYPT_MACHINE_KEYSET;
}
//
// Additional Options subheading:
// File Name subheading:
//
// get any extra attributes
var sAttrib=document.UIForm.taAttrib.value;
// get the file name
var sFileName=document.UIForm.tbFileName.value;
//
// Build and save the certificate request
//
// build and save the certificate request
// ask VB to do it, since it can handle errors
nResult=CreateAndSaveRequest(sDistinguishedName, sCertUsage, sAttrib, sFileName);
// hide the message box
hideTransientMessage();
// deal with an error if there was one
if (0!=nResult) {
handleError(nResult);
} else {
alert("The request was generated and saved.");
goHome();
}
// reincarnate XEnroll
recreateIControl();
}
//----------------------------------------------------------------
function handleError(nResult) {
var sSugCause="No suggestion.";
var sErrorName="(unknown)";
// analyze the error - funny use of XOR ('^') because obvious choice '==' doesn't work
if (0==(0x80090008^nResult)) {
sErrorName="NTE_BAD_ALGID";
sSugCause="The CSP you chose was unable to process the request. Try a different CSP.";
} else if (0==(0x80090016^nResult)) {
sErrorName="NTE_BAD_KEYSET";
if (document.UIForm.rbKeyGen[0].checked) {
sSugCause="The CSP you chose was unable to process the request. Try a different CSP.";
} else {
sSugCause="Either the key container you specified does not exist, or the CSP you chose was unable to process the request. Enter the name of an existing key container; choose 'Create new keyset'; or try a different CSP.";
}
} else if (0==(0x80090019^nResult)) {
sErrorName="NTE_KEYSET_NOT_DEF";
sSugCause="The CSP you chose was unable to process the request. Try a different CSP.";
} else if (0==(0x80090020^nResult)) {
sErrorName="NTE_FAIL";
sSugCause="The CSP you chose was unable to process the request. Try a different CSP.";
} else if (0==(0x80090009^nResult)) {
sErrorName="NTE_BAD_FLAGS";
sSugCause="The CSP you chose does not support one or more of the settings"
+ " you have made, such as key size, key spec, hash algorithm, etc."
+ " Try using different settings or a different CSP.";
} else if (0==(0x8009000F^nResult)) {
sErrorName="NTE_EXISTS";
sSugCause="The container you named already exists. When creating a new key,"
+ " you must use a new container name.";
} else if (0==(0x80092002^nResult)) {
sErrorName="CRYPT_E_BAD_ENCODE";
//sSugCause="";
} else if (0==(0x80092022^nResult)) {
sErrorName="CRYPT_E_INVALID_IA5_STRING";
sSugCause="You entered an invalid character. Report a bug, because this"
+ " should have been caught in validation.";
} else if (0==(0x80092023^nResult)) {
sErrorName="CRYPT_E_INVALID_X500_STRING";
sSugCause="You entered an invalid character. Report a bug, because this"
+ " should have been caught in validation.";
} else if (0==(0x80070003^nResult)) {
sErrorName="ERROR_PATH_NOT_FOUND";
sSugCause="The file name you entered is invalid.";
} else if (0==(0x8000FFFF^nResult)) {
sErrorName="E_UNEXPECTED";
} else if (58==nResult) {
sErrorName="File already exists";
sSugCause="The file already exists and you chose not to overwrite it. The certificate was not saved.";
}
// modify the document text and appearance to show the error message
spnErrorNum.innerText="0x"+toHex(nResult)+" - "+sErrorName;
spnErrorMsg.innerText=sSugCause;
spnErrorTxt.style.display='';
// back to the top so the messages show
window.scrollTo(0,0);
}
//================================================================
// SCRIPTS FOR PAGE 3
//----------------------------------------------------------------
function BeginRead() {
spRead.style.display='';
document.UIForm.flRequest.focus()
}
//----------------------------------------------------------------
function FinishRead() {
if (""==document.UIForm.flRequest.value) {
handleReadError(5);
return;
}
var nResult=GetFileData(); // use VBScript to read the file, since it can handle errors
if (0!=nResult) {
handleReadError(nResult);
return;
}
spRead.style.display='none';
document.UIForm.btnInstall.focus()
}
//----------------------------------------------------------------
function handleReadError(nResult) {
var sMessage="An unexpected error occured.";
var sErrorName="(unknown)";
var elemFocusMe=null;
if (429==nResult) {
sMessage="Your web browser security settings prohibit this page"
+ "from accessing your disk. The file cannot be read.\n"
+ "Possible solutions:\n"
+ " - Paste the data in yourself.\n"
+ " - Add this page to your browser's list of trusted sites.";
sErrorName="ActiveX component can't create object"
elemFocusMe=document.UIForm.flRequest;
} else if (53==nResult) {
sMessage="The file you specified was not found. Please enter a valid file name.";
sErrorName="File not found"
elemFocusMe=document.UIForm.flRequest;
} else if (5==nResult) {
sMessage="Please enter a file name.";
sErrorName="Invalid argument"
elemFocusMe=document.UIForm.flRequest;
} else if (0!=nResult) {
sMessage="An unexpected error occurred while trying to read the file.\n\nError: "+nResult;
}
alert(sMessage);
// place focus on offending control
if (null!=elemFocusMe) {
elemFocusMe.focus();
}
}
//----------------------------------------------------------------
function doInstall() {
// get the cert, and make sure it's not empty
var sPKCS7=document.UIForm.taInstallCert.value;
if (""==sPKCS7) {
alert("Please place a base64-encoded certificate in the field.");
return;
}
// check for the begin/end tags
if (-1==sPKCS7.indexOf("-----BEGIN CERTIFICATE-----") ||
-1==sPKCS7.indexOf("-----END CERTIFICATE-----")) {
if (false==confirm("The PKCS #7 certificate should contain\na 'BEGIN' and"
+" an 'END' tag, but it does not.\n\n"
+"Are you sure you want to install this certificate?")) {
return;
}
}
// place the keys in the local machine store?
if (document.UIForm.cbInstLocalMachineStore.checked) {
// the keys attached to the final cert also go in the local machine store
IControl.MyStoreFlags=CERT_SYSTEM_STORE_LOCAL_MACHINE;
IControl.RequestStoreFlags=CERT_SYSTEM_STORE_LOCAL_MACHINE;
}
// install the cert
var nResult=InstallCert(sPKCS7);
// check for errors
if(0==nResult) {
alert("Your new certificate has been successfully installed.");
goHome();
} else {
var sMessage="Unable to install the certificate:\n"
+"Please verify that your CSP supports any settings you have made "
+"and that your input is valid.\n\n"
+"Error: 0x"+toHex(nResult);
// funny use of XOR ('^') because obvious choice '==' doesn't work
if (0==(0x80092004^nResult)) {
sMessage="Unable to install the certificate:\n"
+"The system could not find the keyset associated with this certificate."
+" This cert may have already been installed,"
+" or the keyset may be in a different store from the one you selected.\n\n"
+"Error: 0x80092004 - CRYPT_E_NOT_FOUND";
}
alert(sMessage);
}
// reincarnate XEnroll
recreateIControl();
}
</Script>
<Script Language=VBScript>
Option Explicit
'/================================================================
'/ SCRIPTS COMMON TO ALL PAGES
'/----------------------------------------------------------------
'/ Get the list of CSPs from XEnroll
'/ returns error number
'/ assumes XEnroll is named 'IControl' and the list box is 'document.UIForm.lbCSP'
Function GetCSPList()
On Error Resume Next
Dim nProvType, nOrigProvType, nTotCSPs, nDefaultCSP
Const nMaxProvType=25 ' should be >= the number of providers defined in wincrypt.h (~line 431)
nTotCSPs=0
nDefaultCSP=-1
' save the original provider type
nOrigProvType=IControl.ProviderType
If 0<>Err.number Then
' something wrong with IControl
GetCSPList=Err.Number
Exit Function
End If
' enumerate through each of the provider types
For nProvType=0 To nMaxProvType
Dim nCSPIndex
nCSPIndex=0
IControl.ProviderType=nProvType
' enumerate through each of the providers for this type
Do
Dim sProviderName
'get the name
sProviderName=IControl.enumProviders(nCSPIndex, 0)
If &H80070103=Err.number Then
' no more providers
Err.Clear
Exit Do
End If
' For each provider, add an element to the list box.
Dim oOption
Set oOption=document.createElement("OPTION")
oOption.text=sProviderName
oOption.Value=nProvType
document.UIForm.lbCSP.add(oOption)
If InStr(sProviderName, "Microsoft Base Cryptographic Provider") <> 0 Then
oOption.selected=True
nDefaultCSP=nTotCSPs
End If
nTotCSPs=nTotCSPs+1
' get the next provider
nCSPIndex=nCSPIndex+1
Loop
Next
' if there are no CSPs, we're kinda stuck
If 0=nTotCSPs Then
Set oElement=document.createElement("OPTION")
oElement.text="(no CSPs found)"
document.UIForm.lbCSP.Options.Add oElement
End If
' remove the 'loading' text
document.UIForm.lbCSP.remove(0)
' select the default provider
If -1<>nDefaultCSP Then
document.UIForm.lbCSP.selectedIndex=nDefaultCSP
End If
' restore the original provider type
IControl.ProviderType=nOrigProvType
' set the return value and exit
If 0<>Err.Number Then
GetCSPList=Err.Number
ElseIf 0=nTotCSPs Then
' signal no elements with -1
GetCSPList=-1
Else
GetCSPList=0
End If
End Function
'/----------------------------------------------------------------
'/ Convert a number to a hex string (JavaScript doesn't have this)
Function toHex(number)
toHex=Hex(number)
End Function
'/================================================================
'/ SCRIPTS FOR PAGE 2
'/----------------------------------------------------------------
Function CreateRequest(sDistinguishedName, sCertUsage)
On Error Resume Next
document.SubmittedData.CertRequest.value = _
IControl.CreatePKCS10(sDistinguishedName, sCertUsage)
CreateRequest=Err.number
End Function
'/----------------------------------------------------------------
Function CreateAndSaveRequest(sDistinguishedName, sCertUsage, sAttrib, sFileName)
On Error Resume Next
Dim sPKCS10
' first, create the PKCS10
sPKCS10=IControl.CreatePKCS10(sDistinguishedName, sCertUsage)
If 0<>Err.Number Then
CreateAndSaveRequest=Err.number
Exit Function
End If
' prepend the attribs and wrap in begin/end tags
sPKCS10=sAttrib & vbNewLine & "-----BEGIN NEW CERTIFICATE REQUEST-----" & vbNewLine & _
sPKCS10 & "-----END NEW CERTIFICATE REQUEST-----" & vbNewLine
showTransientMessage("Saving request...")
' save the file
CreateAndSaveRequest=WriteFileData(sFileName, sPKCS10)
If 0<>Err.Number Then
CreateAndSaveRequest=Err.number
End If
End Function
'/----------------------------------------------------------------
'/ Write the give strign to the given file,
'/ prompting to overwrite if necessary
Function WriteFileData(sFileName, sData)
Dim filesystem, file
On Error Resume Next
' First, create the FileSystem object
Set filesystem = CreateObject("Scripting.FileSystemObject")
' Security may not allow this
If Err.number<>0 Then
WriteFileData=Err.number
Exit Function
End If
' check for existing file
Dim bExists
bExists=filesystem.FileExists(sFileName)
If 0<>Err.Number Then
WriteFileData=Err.number
Exit Function
End If
If True=bExists Then
'file exists. Overwrite?
If False=myConfirm("The file '" & sFileName & "' already exists. Overwrite?") Then
WriteFileData=58 'File Already Exists
Exit Function
End If
End If
' open the specified file
Set file=filesystem.OpenTextFile(sFileName, 2, true) '2->ForWriting, true->create
If Err.Number<>0 Then
WriteFileData=Err.number
Exit Function
End If
' read the data and stash it into the form
file.Write sData
' catch any read errors
If Err.Number<>0 Then
WriteFileData=Err.number
Exit Function
End If
' clean up
file.Close
Set file=Nothing
Set filesystem=Nothing
WriteFileData=0
End Function
'/================================================================
'/ SCRIPTS FOR PAGE 3
'/----------------------------------------------------------------
'/ Read the data from the file listed in UIForm.flRequest and place
'/ it in UIForm.taInstallCert
Function GetFileData()
Dim filesystem, file
On Error Resume Next
' First, create the FileSystem object
Set filesystem = CreateObject("Scripting.FileSystemObject")
' Security may not allow this
If Err.number<>0 Then
GetFileData=Err.number
Exit Function
End If
' open the specified file
Set file=filesystem.OpenTextFile(document.UIForm.flRequest.value, 1 , false) '1->ForReading, false->don't create
' file may not exist
If Err.number<>0 Then
GetFileData=Err.number
Exit Function
End If
' read the data and stash it into the form
document.UIForm.taInstallCert.value=file.ReadAll
' catch any read errors
If Err.number<>0 Then
GetFileData=Err.number
Exit Function
End If
' clean up
file.Close
Set file=Nothing
Set filesystem=Nothing
GetFileData=0
End Function
'/----------------------------------------------------------------
'/ Call XEnroll to install the given cert
Function InstallCert(sPKCS7)
On Error Resume Next
IControl.AcceptPKCS7(sPKCS7)
InstallCert=Err.Number
End Function
</SCRIPT>
</Script>
<!-- \/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/\/ -->
</Body>
</HTML>