#!/usr/local/bin/perl # view.cgi # Views certificates and keys in detail require './certmgr-lib.pl'; $access{'view'} || &error($text{'ecannot'}); &ReadParse(); if (!$in{'wildcard'}){$in{'wildcard'}=$config{'default_wildcard'}} $wildcard_pattern=$in{'wildcard'}; $wildcard_pattern=~s/\./\\./g; $wildcard_pattern=~s/\*/[^\/]*?/g; $wildcard_pattern=~s/\?/./g; if ($in{'dl'} ne "yes" && $in{'pkcs12'} ne "yes") { &header($text{'view_title'}, ""); print &ui_hr(); } if ($in{'delete'} eq "yes"){ if ($in{'keyfile'}) { $file=$in{'keyfile'} } elsif ($in{'certfile'}) { $file=$in{'certfile'} } elsif ($in{'csrfile'}) { $file=$in{'csrfile'} } elsif ($in{'keycertfile'}) { $file=$in{'keycertfile'} } if (!($file)&&((-f $file)||(-s $file))){ print "$file: $text{'view_e_nofile'}\n

\n"; } if (unlink($file)) { print "$file: $text{'view_deleted'}\n

\n"; } else { print "$file: $text{'view_e_not_deleted'}\n

\n"; } &footer("", $text{'index_return'}); exit; } if (($in{'filename'}) && ($in{'view'} eq $text{'view_view'})) { $in{'filename'}=$config{'ssl_dir'}."/".$in{'filename'}; if (!open(FILE,$in{'filename'})) { print "$text{'e_file'}\n

\n"; &footer("", $text{'index_return'}); exit; } while(){ $buffer.=$_;} if ($buffer=~/^\s*-+BEGIN\s*RSA\s*PRIVATE\s*KEY-*\s*$/mi) { $key=1; } if ($buffer=~/^\s*-+BEGIN\s*CERTIFICATE-*\s*$/mi) { $cert=1; } if ($buffer=~/^\s*-+BEGIN\s*CERTIFICATE\s*REQUEST-*\s*$/mi) { $csr=1; } if (($key)&&($cert)) {$in{'keycertfile'}=$in{'filename'};} elsif ($key) {$in{'keyfile'}=$in{'filename'};} elsif ($cert) {$in{'certfile'}=$in{'filename'};} elsif ($csr) {$in{'csrfile'}=$in{'filename'};} else { print "$text{'e_file'}
\n$text{'e_notcert'}\n

\n"; &footer("", $text{'index_return'}); exit; } undef($buffer); undef($key); undef($cert); } if ($in{'keyfile'}) { if ($in{'dl'} eq 'yes') { # Just output in PEM format &output_cert($in{'keyfile'}); } elsif ($in{'pkcs12'} eq 'yes') { # Just output in PKCS8 format &output_pkcs12($in{'keyfile'}); } open(OPENSSL,"$config{'openssl_cmd'} rsa -in $in{'keyfile'} -text -noout|"); while(){ $buffer.=$_; } close(OPENSSL); print "\n
$in{'keyfile'}
\n"; if (!$buffer) { print $text{'e_file'};} else {&print_key_info(1,$buffer);} print "
\n"; &download_form("keyfile", $in{'keyfile'}, $text{'key'}); print &ui_hr(); &footer("", $text{'index_return'}); exit; } if ($in{'certfile'}||$in{'csrfile'}) { if ($in{'csrfile'}){ $in{'certfile'}=$in{'csrfile'}; $text{'certificate'}=$text{'csr'}; } if ($in{'dl'} eq 'yes') { # Just output in PEM format &output_cert($in{'certfile'}); } elsif ($in{'pkcs12'} eq 'yes') { # Just output in PKCS8 format &output_pkcs12($in{'certfile'}); } if ($in{'csrfile'}) { open(OPENSSL,"$config{'openssl_cmd'} req -in $in{'certfile'} -text -noout|"); } else { open(OPENSSL,"$config{'openssl_cmd'} x509 -in $in{'certfile'} -text -fingerprint -noout|"); } while(){ $buffer.=$_; } close(OPENSSL); print "\n
$in{'certfile'}
\n"; if (!$buffer) { print $text{'e_file'};} else {&print_cert_info(1,$buffer);} print "
\n"; &download_form("certfile", $in{'certfile'}, $text{'certificate'}); print &ui_hr(); &footer("", $text{'index_return'}); exit; } if ($in{'keycertfile'}) { if ($in{'dl'} eq 'yes') { # Just output in PEM format &output_cert($in{'keycertfile'}); } elsif ($in{'pkcs12'} eq 'yes') { # Just output in PKCS8 format &output_pkcs12($in{'keycertfile'}); } open(OPENSSL,"$config{'openssl_cmd'} x509 -in $in{'keycertfile'} -text -fingerprint -noout|"); while(){ $buffer.=$_; } close(OPENSSL); print "\n"; print "\n
$in{'keycertfile'}
$text{'certificate'}$text{'key'}
\n"; if (!$buffer) { print $text{'e_file'};} else {&print_cert_info(1,$buffer);} print "\n"; undef($buffer); open(OPENSSL,"$config{'openssl_cmd'} rsa -in $in{'keycertfile'} -text -noout|"); while(){ $buffer.=$_; } close(OPENSSL); if (!$buffer) { print $text{'e_file'};} else {&print_key_info(1,$buffer);} print "
\n"; &download_form("keycertfile", $in{'keycertfile'}, "$text{'certificate'} / $text{'key'}"); print &ui_hr(); &footer("", $text{'index_return'}); exit; } print "

\n"; print "\n\n"; print "
$text{'view_select'}
"; print "\n"; print "
$text{'view_wildcard'}:
\n"; print "
\n"; print "
\n"; print &ui_hr(); &footer("", $text{'index_return'}); sub output_cert { print "Content-type: text/plain\n\n"; open(OPENSSL, $_[0]); while(){ print; } close(OPENSSL); exit; } sub output_pkcs12 { print "Content-type: application/pkcs12\n\n"; local $qp = quotemeta($in{'pass'}); open(OPENSSL, "$config{'openssl_cmd'} pkcs12 -in $_[0] -export -passout pass:$qp |"); while(){ print; } close(OPENSSL); exit; } sub pkcs12_filename { local $fn = &my_urlize($_[0]); $fn =~ s/\.pem$/\.p12/i; return $fn; } # download_form(mode, file, suffix) sub download_form { local ($mode, $keyfile, $suffix) = @_; $suffix = ""; $keyfile =~ /\/([^\/]*)$/; local $filename = &my_urlize($1); local $p12filename = &pkcs12_filename($1); print "
\n"; print "
\n"; print "\n"; print "\n"; print "
\n"; print "		\n"; print "
\n"; print "\n"; print "\n"; print "\n"; print "\n"; print "
\n"; print "		\n"; print "
\n"; print "\n"; print "\n"; print "
\n"; print "
\n"; }