testcert

Perl写的CA认证程序

#!/usr/bin/perl

## Certificate Testing Script
## (c) 1999 by The OpenCA Team
## All Rights Reserved
##
## Project Information:
##
## 	Current Version ..................... $ver: 0.020a
##      Project Started on .................. 17/03/1999
##      Last Modified on .................... 17/03/1999
##      Project Closed on ................... n/a
##
## If you want to contact me (the author) please use the e-mail
## addresses listed below. Do not esitate in reporting bugs, enhancement
## or anything seems useful in developing this software:
##
##	Miguel Armas <kuko@ulpgc.es>
##

## Thank you for using this software, and remember that Open Projects
## are the future of mankind. Do not sleep, partecipate to world wide
## efforts to make life easier for all!

## Base requirements
require 5.001;
push (@INC, "lib/" );

## Modules to be installed to have this program to work properly
use OpenCA::Configuration;
use OpenCA::TRIStateCGI;

## Generate a new reference to Configuration ( instance )
my $config = new OpenCA::Configuration;

## Let's load our default configuration
$CONFIG = 'conf/public.conf';
 
if( $config->loadCfg( "$CONFIG" ) == -1 ) {
	print "Content-type: text/html\n\n";
	print "Error while Loading Configuration ($CONFIG)!";
	die "Can not load config file ($CONFIG).";
}

## Now it's time to get the parameters passed over the web
my $query  = new OpenCA::TRIStateCGI;

## Flush the output
$|=1;

## Print the Content Type for Browser
print "Content-type: text/html\n\n";

## Let's get the base Directory
my ( $basedir ) = ( $ENV{'SCRIPT_FILENAME'} =~ /(.*)\/.*/ );

 
## Main Section
## ============

my $doc = 'testcertform';

my $basedoc = ($config->getParam($doc))->{VALUES}->[0];
my $verifypath = ($config->getParam('VerifyPath'))->{VALUES}->[0];
my $cacert = ($config->getParam('VerifyCACert'))->{VALUES}->[0];

if ( $basedoc !~ /\/.*/ ) {
	$basedoc = "$basedir/$basedoc";
}

$basedoc = ( glob("$basedir/$basedoc"))[0];

# Read query parameters
my $OPERATION = $query->param('operation'); 
my $signature = $query->param('signature'); 
my $text  = $query->param('text'); 

## Get the base Page ( got in $page variable )
open ( FD, "$basedoc" ) || die ( "File not Found : $basedoc" );
	while( $temp = <FD> ) {
		$page .= $temp;
	};
close ( FD );

$uptime = `date`;
chop( $uptime );

$table = createTable();

## Process all variables
#while (($key,$val) = each %ENV) {
#        $table .= addEntry ( $key, $val);
#}

# Add relevant Variables...
$table .= addEntry ( "Subject:", $ENV{SSL_CLIENT_S_DN_CN});
$table .= addEntry ( "E-Mail:", $ENV{SSL_CLIENT_S_DN_Email});
$table .= addEntry ( "Disinguished Name:", $ENV{SSL_CLIENT_S_DN});
$table .= addEntry ( "Issued by:", $ENV{SSL_CLIENT_I_DN});
$table .= addEntry ( "Valid From:", $ENV{SSL_CLIENT_V_START});
$table .= addEntry ( "Valid Until:", $ENV{SSL_CLIENT_V_END});
$table .= addEntry ( "Serial Num.:", $ENV{SSL_CLIENT_M_SERIAL});

if ( $OPERATION eq "sign" ) {
     $table .= addEntry ( "Text:", "<PRE>$text</PRE>");   
     $table .= addEntry ( "Signature:", $signature);   
     
     # Now write text and signature to temp file (to verify signature)
     $textfile="/tmp/signtext.$$";
     $signaturefile="/tmp/signature.$$";
     
     open(TXT,">$textfile") or die("Can't open $textfile: $!\n");
     open(SIGN,">$signaturefile") or die("Can't open $signaturefile: $!\n");
     
     print TXT $text;
     print SIGN "-----BEGIN PKCS7-----\n";
     print SIGN $signature;
     print SIGN "\n-----END PKCS7-----\n";
     
     close(TXT);
     close(SIGN);
     
     $command = "$verifypath $signaturefile -d $textfile -cf $cacert > /dev/null";
     if (system("$command")) {
	$signout = "Couldn't verify the signature";
     }
     else {
        $signout = "Signature correctly verified";
     }
     unlink $textfile;
     unlink $signaturefile;

     $table .= addEntry ( "Verification:", $signout);
     $table .= addEntry ( "Commmand", $command);
}

# Text to sign
$text  = "The following data is correct:\n";
$text .= "Subject: $ENV{SSL_CLIENT_S_DN_CN} \n";
$text .= "E-Mail: $ENV{SSL_CLIENT_S_DN_Email} \n";
$text .= "Distinguished Name: $ENV{SSL_CLIENT_S_DN} \n";
$text .= "Issued By: $ENV{SSL_CLIENT_I_DN} \n";
$text .= "Valid From: $ENV{SSL_CLIENT_V_START} \n";
$text .= "Valid Until: $ENV{SSL_CLIENT_V_END} \n";
$text .= "Serial Num.: $ENV{SSL_CLIENT_M_SERIAL} \n";

## Close the Table
$table .= "</TABLE>\n\n";
$table .= "<!--- End of the Cert Test CGI Generated Table ---!>";
$table .= "<BR><CENTER>";
$table .= "&copy; 1999 The OpenCA Team.";
$table .= "</CENTER>\n";

## Substitute the Variables in the $page
$page = $query->subVar( $page, '$uptime', $uptime );
$page = $query->subVar( $page, '$table', $table );
$page = $query->subVar( $page, '$text', $text );

print "$page";
exit 0;

## Subroutines Section : main subroutines are the createTable wich 
## creates the base Table with the main row ( with Descriptions ),
## the addFile wich adds a Row with the File description and date of
## creations and so on, and the subVars ehich substitutes the variables
## name contained in the $page var with their correct values.

sub createTable {
	my @keys;
        my $ret;
        @keys = @_; 

	## No parameters needed
	$ret  = '<!--- Table Generated by Cert Testing CGI ---!>';
	$ret .= '<TABLE BORDER=0 CELLSPACING=5 CELLPADDING=2 WIDTH="95%"';
	$ret .= ' BGCOLOR="#FFFFFF">'."\n";
	$ret .= '<TR BGCOLOR="#DDCCFF" NOSAVE>'."\n";
	$ret .= '<TD NOSAVE><B>Variable</B></TD>'."\n";
	$ret .= '<TD><B>Value</B></TD>'."\n";
	$ret .= '</TR>'."\n";

	return $ret;
}

sub addEntry {
         my $key = shift @_;
	 my $val = shift @_;
         my $ret;

	 $val =~ s/\///;
	 $val =~ s/\//<BR>\n/g;

         $ret = '<TR VALIGN=TOP BGCOLOR="#FFFFFF">'."\n";
	 $ret .= "<TD><B>$key</B></TD>";
	 $ret .= '<TD>'. "$val" . '</TD>';
         $ret .= "</TR>";
	 
}

## Service Functions
## =================

sub subVars {
	my @keys;
        my $ret;
        @keys = @_; 

	$pageVar = $keys[0];
	$varName = $keys[1];
	$var	 = $keys[2];

	$match = "\\$varName";
        $pageVar =~ s/$match/$var/g;

	return $pageVar;
};