PC World 2001 July

home *** CD-ROM | disk | FTP | other *** search

/ PC World 2001 July / PCWorld_2001-07_cd.bin / Software / Topware / w2ksp2en / w2ksp2.exe / i386 / certrqma.as_ / certrqma.asp

Wrap

Text File | 2001-05-04 | 44.0 KB | 1,172 lines

<%@ CODEPAGE=65001 'UTF-8%> <%' certrqma.asp - (CERT)srv web - (R)e(Q)uest, (M)ore (A)dvanced ' Copyright (C) Microsoft Corporation, 1998 - 1999 %>   <HTML> <Head> <Meta HTTP-Equiv="Content-Type" Content="text/html; charset=UTF-8"> <Title>Microsoft Certificate Services</Title> </Head> <Body BgColor=#FFFFFF OnLoad="postLoad();"><Font ID=locPageFont Face="Arial"> <Table Border=0 CellSpacing=0 CellPadding=4 Width=100% BgColor=#008080> <TR> <TD><Font Color=#FFFFFF><LocID ID=locMSCertSrv><Font Face="Arial" Size=-1><B><I>Microsoft</I></B> Certificate Services -- <%=sServerDisplayName%> </Font></LocID></Font></TD> <TD ID=locHomeAlign Align=Right><A Href="/certsrv"><Font Color=#FFFFFF><LocID ID=locHomeLink><Font Face="Arial" Size=-1><B>Home</B></Font></LocID></Font></A></TD> </TR> </Table> <Form Name=UIForm OnSubmit="goNext();return false;" Action="certlynx.asp" Method=Post> <Input Type=Hidden Name=SourcePage Value="certrqma"> <P ID=locPageTitle> <B> Advanced Certificate Request </B> <Table Border=0 CellSpacing=0 CellPadding=0 Width=100%><TR><TD BgColor=#008080><Img Src="certspc.gif" Alt="" Height=2 Width=></TD></TR></Table> <Span ID=spnFixTxt Style="display:none"> <Table Border=0 CellSpacing=0 CellPadding=4 Style="Color:#FF0000"><TR><TD ID=locBadCharError> <I>Please correct the fields marked in <B>RED</B>.</I> No field may contain the characters (, ; " +). The e-mail address may contain the characters A-Z, a-z, 0-9, and some common symbols, but no extended characters. The country/region field must be a two letter ISO 3166 country/region code. </TD></TR></Table> </Span> <Span ID=spnErrorTxt Style="display:none"> <Table Border=0 CellSpacing=0 CellPadding=4 Style="Color:#FF0000"> <TR><TD ID=locErrMsgBasic> <B>An error occurred</B> while creating the certificate request. Please verify that your CSP supports any settings you have made and that your input is valid. </TD></TR><TR><TD> <LocID ID=locErrorCause><B>Suggested cause:</B></LocID><BR> <Span ID=spnErrorMsg></Span> </TD></TR><TR> <TD ID=locErrorNumber><Font Size=-2>Error: <Span ID=spnErrorNum></Span></Font></TD> </TR> </Table> </Span> <Table Border=0 CellSpacing=0 CellPadding=0> <TR>  <TD Width=<%=L_LabelColWidth_Number%>></TD>  <TD RowSpan=59 Width=4></TD>  <TD></TD>  </TR> <%If "Enterprise"=sServerType Then%>  <TR> <TD ID=locTemplateHead ColSpan=3><Font Size=-1><BR><B>Certificate Template:</B></Font></TD> </TR><TR><TD ColSpan=3 Height=2 BgColor=#008080></TD> </TR><TR><TD ColSpan=3 Height=6></TD> </TR><TR><TD></TD> <TD><Select Name=lbCertTemplate OnChange="handleTemplateChange();"> <% Dim nWriteTemplateResult nWriteTemplateResult=WriteTemplateList() %> </Select></TD> </TR> <TR><TD ColSpan=3> <Span ID=spnIDInfo Style="display:none"> <Table Border=0 CellSpacing=0 CellPadding=0> <TR>  <TD Width=<%=L_LabelColWidth_Number%>></TD>  <TD RowSpan=59 Width=4></TD>  <TD></TD>  </TR> <%End If '"Enterprise"=sServerType%> <TR> <%If "StandAlone"=sServerType Then%> <TD ID=locIdentHeadStandAlone ColSpan=3><Font Size=-1><BR><B>Identifying Information:</B></Font></TD> </TR><TR><TD ColSpan=3 Height=2 BgColor=#008080></TD> <%Else%> <TD ID=locIdentHeadEnterprise ColSpan=3><Font Size=-1><BR><B>Identifying Information For Offline Template:</B></Font></TD> </TR> <%End If%> </TR><TR><TD ColSpan=3 Height=6></TD> </TR><TR> <TD ID=locNameAlign Align=Right><Span ID=spnNameLabel><LocID ID=locNameLabel><Font Size=-1>Name:</Font></LocID></Span></TD> <TD><Input ID=locTbCommonName Type=Text MaxLength=64 Size=42 Name=tbCommonName></TD> </TR><TR> <TD ID=locEmailAlign Align=Right><Span ID=spnEmailLabel><LocID ID=locEmailLabel><Font Size=-1>E-Mail:</Font></LocID></Span></TD> <TD><Input ID=locTbEmail Type=Text MaxLength=128 Size=42 Name=tbEmail></TD> </TR><TR> <TD Height=8></TD> <TD></TD> </TR><TR> <TD ID=locCompanyAlign Align=Right><Span ID=spnCompanyLabel><LocID ID=locOrgLabel><Font Size=-1>Company:</Font></LocID></Span></TD> <TD><Input ID=locTbOrg Type=Text MaxLength=64 Size=42 Name=tbOrg Value="<%=sDefaultCompany%>"></TD> </TR><TR> <TD ID=locDepartmentAlign Align=Right><Span ID=spnDepartmentLabel><LocID ID=locOrgUnitLabel><Font Size=-1>Department:</Font></LocID></Span></TD> <TD><Input ID=locTbOrgUnit Type=Text MaxLength=64 Size=42 Name=tbOrgUnit Value="<%=sDefaultOrgUnit%>"></TD> </TR><TR> <TD Height=8></TD> <TD></TD> </TR><TR> <TD ID=locCityAlign Align=Right><Span ID=spnCityLabel><LocID ID=locLocalityLabel><Font Size=-1>City:</Font></LocID></Span></TD> <TD><Input ID=locTbLocality Type=Text MaxLength=128 Size=42 Name=tbLocality Value="<%=sDefaultLocality%>"></TD> </TR><TR> <TD ID=locStateAlign Align=Right><Span ID=spnStateLabel><LocID ID=locStateLabel><Font Size=-1>State:</Font></LocID></Span></TD> <TD><Input ID=locTbState Type=Text MaxLength=128 Size=42 Name=tbState Value="<%=sDefaultState%>"></TD> </TR><TR> <TD ID=locCountryAlign Align=Right><Span ID=spnCountryLabel><LocID ID=locCountryLabel><Font Size=-1>Country/Region:</Font></LocID></Span></TD> <TD><Input ID=locTbCountry Type=Text MaxLength=2 Size=2 Name=tbCountry Value="<%=sDefaultCountry%>"></TD> </TR> <%If "Enterprise"=sServerType Then%> </Table> </Span> </TD></TR> <%End If '"Enterprise"=sServerType%> <%If "StandAlone"=sServerType Then%>  <TR> <TD ID=locEKUHead ColSpan=3><Font Size=-1><BR><B>Intended Purpose:</B></Font></TD> </TR><TR><TD ColSpan=3 Height=2 BgColor=#008080></TD> </TR><TR><TD ColSpan=3 Height=6></TD> </TR><TR><TD></TD> <TD><Select Name=lbUsageOID OnChange="handleUsageOID();"> <Option ID=locCliAuthCert Selected Value="1.3.6.1.5.5.7.3.2"> Client Authentication Certificate <Option ID=locEmailCert Value="1.3.6.1.5.5.7.3.4"> E-Mail Protection Certificate <Option ID=locSrvAuthCert Value="1.3.6.1.5.5.7.3.1"> Server Authentication Certificate <Option ID=locCodeSgnCert Value="1.3.6.1.5.5.7.3.3"> Code Signing Certificate <Option ID=locTimStmpCert Value="1.3.6.1.5.5.7.3.8"> Time Stamp Signing Certificate <Option ID=locIPSecCert Value="1.3.6.1.5.5.8.2.2"> IPSec Certificate <Option ID=locUserEKUCert Value="**"> Other... </Select></TD> </TR> <TR><TD ID=locEkuAlign Align=Right><Span ID=spnEKUOther1 Style="display:none"><LocID ID=locUserEKULabel><Font Size=-1>OID:</Font></LocID></Span></TD> <TD><Span ID=spnEKUOther2 Style="display:none"><Input ID=locTbEKUOther Type=Text Name=tbEKUOther Value="1.3.6.1.5.5.7.3."></Span></TD> </TR> <%End If%>  <TR> <TD ID=locKeyOptHead ColSpan=3><Font Size=-1><BR><B>Key Options:</B></Font></TD> </TR><TR><TD ColSpan=3 Height=2 BgColor=#008080></TD> </TR><TR><TD ColSpan=3 Height=6></TD> </TR> <TR> <TD ID=locCSPLabel Align=Right><Font Size=-1>CSP:</Font></TD> <TD><Select Name=lbCSP OnChange="handleCSPChange();"> <Option ID=locLoading>Loading...</Option> </Select></TD> </TR> <TR><TD ColSpan=3 Height=4></TD></TR> <TR> <TD ID=locKeyUsageLabel Align=Right><Font Size=-1>Key Usage:</Font></TD> <TD><Font Size=-1> <Span ID=spnKeyUsageKeyExchange><Input Type=Radio ID=rbKU1 Name=rbKeyUsage Value="0" Checked OnClick="handleKeyUsageChange();"><Label For=rbKU1 ID=locKUExch>Exchange</Label><LocID ID=locSpc1> <LocID></Span> <Span ID=spnKeyUsageSignature><Input Type=Radio ID=rbKU2 Name=rbKeyUsage Value="1" OnClick="handleKeyUsageChange();"><Label For=rbKU2 ID=locKUSig>Signature</Label><LocID ID=locSpc2> <LocID></Span> <Span ID=spnKeyUsageBoth><Input Type=Radio ID=rbKU3 Name=rbKeyUsage Value="2" OnClick="handleKeyUsageChange();"><Label For=rbKU3 ID=locKUBoth>Both</Label></Span></Font></TD> </TR> <TR><TD ColSpan=3 Height=4></TD></TR> <TR> <TD ID=locKeySizeLabel Align=Right ><Font Size=-1>Key Size:</Font></TD> <TD><Table Border=0 CellPadding=0 CellSpacing=0> <TR> <TD RowSpan=2><Input ID=locTbKeySize Type=Text Name=tbKeySize Value="512" MaxLength=5 Size=4> </TD> <TD ID=locKeySizeMinLabel Align=Right><Font Size=-2>Min:</Font></TD> <TD ID=locKeySizeMin Align=Right><Font Size=-2><Span ID=spnKeySizeMin></Span></Font></TD> <TD ID=locKeySizeCommon RowSpan=2><Font Size=-2> (common key sizes: <Span ID=spnKeySizeCommon></Span>)</Font></TD> </TR><TR> <TD ID=locKeySizeMaxLabel Align=Right><Font Size=-2>Max:</Font></TD> <TD ID=locKeySizeMax Align=Right><Font Size=-2><Span ID=spnKeySizeMax></Span></Font></TD> </TR> </Table></TD> </TR> <TR><TD ColSpan=3 Height=12></TD></TR> <TR><TD></TD> <TD><Font Size=-1><Input Type=Radio ID=rbKG1 Name=rbKeyGen Value="0" OnClick="handleKeyGen();" Checked><Label For=rbKG1 ID=locNewKeyLabel>Create new key set</Label> <Span ID=spnNewKeys> <BR><Img Src="certspc.gif" Alt="" Height=1 Width=25><Input Type=Checkbox ID=cbSetContainer Name=cbSetContainer OnClick="handleSetContainer();"><Label For=cbSetContainer ID=locSetNameLabel>Set the container name</Label> <Span ID=spnNewContainer Style="display:none"> <BR><Img Src="certspc.gif" Alt="" Height=1 Width=25><LocID ID=locCntnrNameLabel1>Container name:</LocID> <Input ID=locTbNewContainerName Type=Text Name=tbNewContainerName Size=20> </Span> </Span> </Font></TD> </TR><TR><TD></TD> <TD><Font Size=-1><Input Type=Radio ID=rbKG2 Name=rbKeyGen Value="1" OnClick="handleKeyGen();"><Label For=rbKG2 ID=locExistKeyLabel>Use existing key set</Label> <Span ID=spnExistingKeys Style="display:none"> <BR><Img Src="certspc.gif" Alt="" Height=1 Width=25><LocID ID=locCntnrNameLabel2>Container name:</LocID> <Input ID=locTbOldContainerName Type=Text Name=tbOldContainerName Size=20> </Span> </Font></TD> </TR> <TR><TD ColSpan=3 Height=4></TD></TR> <TR> <TD></TD> <TD><Font Size=-1><Input Type=Checkbox ID=cbStrongKey Name=cbStrongKey><Label For=cbStrongKey ID=locStrongKeyLabel>Enable strong private key protection</Label></Font></TD> </TR> <TR><TD ColSpan=3 Height=4></TD></TR> <TR><TD></TD> <TD><Font Size=-1><Input Type=Checkbox Name=cbMarkKeyExportable ID=cbMarkKeyExportable OnClick="handleMarkExport();"><Label For=cbMarkKeyExportable ID=locMarkExportLabel>Mark keys as exportable</Label> <Span ID=spnMarkKeyExportable Style="display:none"> <BR><Img Src="certspc.gif" Alt="" Height=1 Width=25><Input Type=Checkbox Name=cbExportKeys ID=cbExportKeys OnClick="handleExportKeys();"><Label For=cbExportKeys ID=locExportToFileLabel>Export keys to file</Label> <Span ID=spnExportKeys Style="display:none"> <BR><Img Src="certspc.gif" Alt="" Height=1 Width=25><LocID ID=locExpFileNameLabel>File name:</LocID> <Input ID=locTbExportKeyFile Type=Text Name=tbExportKeyFile Size=20> </Span> </Span> </Font></TD> </TR> <TR><TD ColSpan=3 Height=4></TD></TR> <TR><TD></TD> <TD><Font Size=-1><Input Type=Checkbox Name=cbLocalMachineStore ID=cbLocalMachineStore><Label For=cbLocalMachineStore ID=locLMStoreLabel>Use local machine store</Label><BR> <LocID ID=locAdminWarning><Img Src="certspc.gif" Alt="" Height=1 Width=25><I>You must be an administrator to generate<BR> <Img Src="certspc.gif" Alt="" Height=1 Width=25> a key in the local machine store.</I></Font></LocID></TD> </TR> <TR> <TD ID=locAddOptHead ColSpan=3><Font Size=-1><BR><B>Additional Options:</B></Font></TD> </TR><TR><TD ColSpan=3 Height=2 BgColor=#008080></TD> </TR><TR><TD ColSpan=3 Height=3></TD> </TR> <TR><TD ColSpan=3 Height=4></TD></TR> <TR> <TD ID=locHashAlgLabel Align=Right><Font Size=-1>Hash Algorithm:</Font></TD> <TD><Select Name=lbHashAlgorithm></Select></TD> </TR> <TR><TD></TD><TD ID=locHashAlgWarning><Font Size=-1><I>Only used to sign request.</I></Font></TD></TR> <TR><TD ColSpan=3 Height=8></TD></TR> <TR><TD></TD> <TD><Font Size=-1><Input Type=Checkbox Name=cbSaveRequest ID=cbSaveRequest OnClick="handleSaveReq();"><Label For=cbSaveRequest ID=locSaveReqLabel>Save request to a PKCS #10 file</Label> <Span ID=spnSaveRequest Style="display:none"> <BR><Img Src="certspc.gif" Alt="" Height=1 Width=25><LocID ID=locReqFileNameLabel>File name:</LocID> <Input ID=locTbSaveReqFile Type=Text Name=tbSaveReqFile Size=20> <BR><Img Src="certspc.gif" Alt="" Height=1 Width=25><LocID ID=locSaveReqWarning><B>This request will be saved and not submited.</B></LocID> </Span> </Font></TD> </TR> <TR><TD ColSpan=3 Height=6></TD> </TR><TR> <TD ID=locAttribLabel Align=Right><Font Size=-1>Attributes:</Font></TD> <TD><TextArea ID=locTaAttrib Name=taAttrib Wrap=Off Rows=2 Cols=30></TextArea></TD> </TR> </Table> </P> <Table Border=0 CellSpacing=0 CellPadding=0 Width=100%><TR><TD BgColor=#008080><Img Src="certspc.gif" Alt="" Height=2 Width=1></TD></TR></Table> <Table Border=0 CellSpacing=0 CellPadding=0 Width=100%><TR><TD BgColor=#FFFFFF><Img Src="certspc.gif" Alt="" Height=5 Width=1></TD></TR></Table> <Table Width=100% Border=0 CellPadding=0 CellSpacing=0><TR><TD ID=locSubmitAlign Align=Right> <Input ID=locBtnSubmit Type=Submit Name=btnSubmit Value="Submit >" Style="width:.75in"> <Input ID=locBtnSave Type=Submit Name=btnSave Value="Save" Style="width:.75in; display:none"> </TD></TR></Table> </Form> </Font>   <%bIncludeXEnroll=True%> <%bIncludeGetCspList=True%>   <Span Style="display:none"> <Form Name=SubmittedData Action="certfnsh.asp" Method=Post> <Input Type=Hidden Name=Mode>  <Input Type=Hidden Name=CertRequest>  <Input Type=Hidden Name=CertAttrib>  <Input Type=Hidden Name=FriendlyType>  <Input Type=Hidden Name=TargetStoreFlags>  <Input Type=Hidden Name=SaveCert>  </FORM> </Span> <Script Language="JavaScript"> //================================================================ // PAGE GLOBAL VARIABLES //---------------------------------------------------------------- // Strings to be localized var L_CspLoadErrNoneFound_ErrorMessage="An unexpected error occurred while getting the CSP list:\nNo CSPs could be found!"; var L_CspLoadErrUnexpected_ErrorMessage="\"An unexpected error (\"+sErrorNumber+\") occurred while getting the CSP list.\""; var L_TemplateLoadErrNoneFound_ErrorMessage="No certificate templates could be found. You do not have permission to request a certificate from this CA, or an error occured while accessing the Active Directory."; var L_TemplateLoadErrUnexpected_ErrorMessage="\"An unexpected error (\"+sErrorNumber+\") occurred while getting the certificate template list.\""; var L_SetKeySize_Message="\"Set key size to \"+nPowerSize"; var L_StillLoading_ErrorMessage="This page has not finished loading yet. Please wait a few seconds and try again."; var L_KeySizeNotNumber_ErrorMessage="Please enter a number for the key size."; var L_KeySizeBadNumber_ErrorMessage="\"Please enter a valid number for the key size. The key size must be between \"+nKeyMin+\" and \"+nKeyMax+\".\""; var L_NoCntnrName_ErrorMessage="Please enter a key container name."; var L_NoExportFileName_ErrorMessage="Please enter a file name for exporting the keys."; var L_NoSaveReqFileName_ErrorMessage="Please enter a file name for saving the request."; var L_Generating_Message="Generating request..."; var L_UserEKUCert_Text="\"User-EKU (\"+sCertUsage+\") Certificate\""; var L_TemplateCert_Text="sTemplate+\" Certificate\""; var L_RequestSaved_Message="Request saved to file."; var L_Waiting_Message="Waiting for server response..."; var L_ErrNameUnknown_ErrorMessage="(unknown)"; var L_SugCauseNone_ErrorMessage="No suggestion."; var L_SugCauseBadCSP_ErrorMessage="The CSP you chose was unable to process the request. Try a different CSP."; var L_SugCauseBadSetting2_ErrorMessage="The CSP you chose does not support one or more of the settings you have made, such as key size, key spec, hash algorithm, etc. Try using different settings or a different CSP."; var L_SugCauseBadKeyContainer_ErrorMessage="Either the key container you specified does not exist, or the CSP you chose was unable to process the request. Enter the name of an existing key container; choose 'Create new keyset'; or try a different CSP."; var L_SugCauseExistKeyContainer_ErrorMessage="The container you named already exists. When creating a new key, you must use a new container name."; var L_SugCauseBadChar_ErrorMessage="You entered an invalid character. Report a bug, because this should have been caught in validation."; var L_SugCauseBadFileName_ErrorMessage="The file name you entered is invalid."; var L_SugCauseBadHash_ErrorMessage="The hash algorithm you selected cannot be used for signing. Please select a different hash algorithm."; var L_SugCauseNoFileName_ErrorMessage="You did not enter a file name."; var L_ErrNameNoFileName_ErrorMessage="(no file name)"; var L_SugCauseNotAdmin_ErrorMessage="You must be an administrator to generate a key in the local machine store."; var L_ErrNamePermissionDenied_ErrorMessage="Permission Denied"; // IE is not ready until XEnroll has been loaded var g_bOkToSubmit=false; // some constants defined in wincrypt.h: var CRYPT_EXPORTABLE=1; var CRYPT_USER_PROTECTED=2; var CRYPT_MACHINE_KEYSET=0x20; var AT_KEYEXCHANGE=1; var AT_SIGNATURE=2; var CERT_SYSTEM_STORE_LOCATION_SHIFT=16; var CERT_SYSTEM_STORE_LOCAL_MACHINE_ID=2; var CERT_SYSTEM_STORE_LOCAL_MACHINE=CERT_SYSTEM_STORE_LOCAL_MACHINE_ID << CERT_SYSTEM_STORE_LOCATION_SHIFT; var ALG_CLASS_ANY=0 var ALG_CLASS_SIGNATURE=1<<13; var ALG_CLASS_HASH=4<<13; var PROV_DSS=3; var PROV_DSS_DH=13; // convenience constants, for readability var KEY_LEN_MIN=true; var KEY_LEN_MAX=false; var KEY_USAGE_EXCH=0; var KEY_USAGE_SIG=1; var KEY_USAGE_BOTH=2; // defaults var KEY_LEN_MIN_DEFAULT=384; var KEY_LEN_MAX_DEFAULT=16384; //================================================================ // INITIALIZATION ROUTINES //---------------------------------------------------------------- // This contains the functions we want executed immediately after load completes function postLoad() { // Load an XEnroll object into the page loadXEnroll("postLoadPhase2()"); } function postLoadPhase2() { // continued from above var nResult; // get the CSP list nResult=GetCSPList(); if (0!=nResult) { handleLoadError(nResult, L_CspLoadErrNoneFound_ErrorMessage, L_CspLoadErrUnexpected_ErrorMessage); return; } <%If "StandAlone"<>sServerType And 0<>nWriteTemplateResult Then%> handleLoadError(<%=nWriteTemplateResult%>, L_TemplateLoadErrNoneFound_ErrorMessage, L_TemplateLoadErrUnexpected_ErrorMessage); return; <%End If%> // Now we're ready to go g_bOkToSubmit=true; handleCSPChange(); <%If "Enterprise"=sServerType Then%> handleTemplateChange(); <%End If%> } //---------------------------------------------------------------- // handle errors from GetCSPList() and GetTemplateList() function handleLoadError(nResult, sNoneFound, sUnexpected) { if (-1==nResult) { alert(sNoneFound); } else { var sErrorNumber="0x"+toHex(nResult); alert(eval(sUnexpected)); } disableAllControls(); } //================================================================ // PAGE MANAGEMENT ROUTINES <%If "StandAlone"=sServerType Then%> //---------------------------------------------------------------- // handle the appearance of the text box when 'other...' is selected function handleUsageOID() { if ("**"==document.UIForm.lbUsageOID.options[document.UIForm.lbUsageOID.selectedIndex].value) { spnEKUOther1.style.display=''; spnEKUOther2.style.display=''; document.UIForm.lbUsageOID.blur(); document.UIForm.tbEKUOther.select(); document.UIForm.tbEKUOther.focus(); } else { spnEKUOther1.style.display='none'; spnEKUOther2.style.display='none'; } } <%End If%> <%If "Enterprise"=sServerType Then%> //---------------------------------------------------------------- // handle a change in the current template function isOfflineTemplate() { // extract the template type (the first char) // X-bad, E-Enterprise, O-Offline var nTemplateIndex=document.UIForm.lbCertTemplate.selectedIndex; var sTemplate=document.UIForm.lbCertTemplate.options[nTemplateIndex].value; var sTemplateType=sTemplate.substring(0,1); return "O"==sTemplateType; } //---------------------------------------------------------------- // handle a change in the current template function handleTemplateChange() { if (false==isOfflineTemplate()) { spnIDInfo.style.display="none"; } else { spnIDInfo.style.display=""; } } <%End If%> //---------------------------------------------------------------- // handle a change in the current CSP function handleCSPChange() { var nCSPIndex=document.UIForm.lbCSP.selectedIndex; XEnroll.ProviderName=document.UIForm.lbCSP.options[nCSPIndex].text; var nProvType=document.UIForm.lbCSP.options[nCSPIndex].value; XEnroll.ProviderType=nProvType; // update the key spec options. If we support both, default to key exchange var nSupportedKeyUsages=XEnroll.GetSupportedKeySpec(); if (0==nSupportedKeyUsages) { nSupportedKeyUsages=AT_SIGNATURE | AT_KEYEXCHANGE; } if (PROV_DSS==nProvType || PROV_DSS_DH==nProvType) { nSupportedKeyUsages=AT_SIGNATURE; } if (nSupportedKeyUsages&AT_SIGNATURE) { spnKeyUsageSignature.style.display=""; document.UIForm.rbKeyUsage[KEY_USAGE_SIG].checked=true; } else { spnKeyUsageSignature.style.display="none"; } if (nSupportedKeyUsages&AT_KEYEXCHANGE) { spnKeyUsageKeyExchange.style.display=""; document.UIForm.rbKeyUsage[KEY_USAGE_EXCH].checked=true; } else { spnKeyUsageKeyExchange.style.display="none"; } if ((AT_SIGNATURE|AT_KEYEXCHANGE)==nSupportedKeyUsages) { spnKeyUsageBoth.style.display=""; document.UIForm.rbKeyUsage[KEY_USAGE_BOTH].checked=true; } else { spnKeyUsageBoth.style.display="none"; } handleKeyUsageChange(); UpdateHashAlgList(); } //---------------------------------------------------------------- // handle a change in the current CSP function handleKeyUsageChange() { // get the min and max from the CSP var bExchange=document.UIForm.rbKeyUsage[KEY_USAGE_EXCH].checked || document.UIForm.rbKeyUsage[KEY_USAGE_BOTH].checked ; var nKeyMin=MyGetKeyLen(KEY_LEN_MIN, bExchange); var nKeyMax=MyGetKeyLen(KEY_LEN_MAX, bExchange); // show the min and max spnKeySizeMin.innerText=nKeyMin; spnKeySizeMax.innerText=nKeyMax; // keep the key size in bounds var nKeySize=parseInt(document.UIForm.tbKeySize.value); if (isNaN(nKeySize) || nKeySize>nKeyMax) { document.UIForm.tbKeySize.value=nKeyMax; } else if (nKeySize<nKeyMin) { //> document.UIForm.tbKeySize.value=nKeyMin; } // update list of valid common key sizes var nPowerSize=128; var sCommonKeys=""; while (nPowerSize<nKeyMin) { //> nPowerSize*=2; } while (nPowerSize<=nKeyMax) { sCommonKeys+="<A Href=\"\"" +" OnMouseOver=\"window.status='"+eval(L_SetKeySize_Message)+"';return true;\"" +" OnMouseOut=\"window.status='';return true;\"" +" OnMouseUp=\"window.status='"+eval(L_SetKeySize_Message)+"';return true;\"" +" OnClick=\"document.UIForm.tbKeySize.value='"+nPowerSize +"';blur();return false;\">"+nPowerSize+"</A> "; nPowerSize*=2; } spnKeySizeCommon.innerHTML=sCommonKeys; } //---------------------------------------------------------------- // morphing routine function handleSaveReq() { if (document.UIForm.cbSaveRequest.checked) { spnSaveRequest.style.display=''; document.UIForm.btnSubmit.style.display='none'; document.UIForm.btnSave.style.display=''; } else { spnSaveRequest.style.display='none'; document.UIForm.btnSubmit.style.display=''; document.UIForm.btnSave.style.display='none'; } } //---------------------------------------------------------------- // morphing routine function handleMarkExport() { if (document.UIForm.cbMarkKeyExportable.checked) { spnMarkKeyExportable.style.display=''; } else { spnMarkKeyExportable.style.display='none'; } } //---------------------------------------------------------------- // morphing routine function handleExportKeys() { if (document.UIForm.cbExportKeys.checked) { spnExportKeys.style.display=''; } else { spnExportKeys.style.display='none'; } } //---------------------------------------------------------------- // morphing routine function handleKeyGen() { if (document.UIForm.rbKeyGen[0].checked) { spnNewKeys.style.display=''; spnExistingKeys.style.display='none'; } else { spnNewKeys.style.display='none'; spnExistingKeys.style.display=''; } } //---------------------------------------------------------------- // morphing routine function handleSetContainer() { if (document.UIForm.cbSetContainer.checked) { spnNewContainer.style.display=''; } else { spnNewContainer.style.display='none'; } } //================================================================ // SUBMIT ROUTINES //---------------------------------------------------------------- // determine what to do when the submit button is pressed function goNext() { if (false==g_bOkToSubmit) { alert(L_StillLoading_ErrorMessage); } else { SubmitRequest(); } } //---------------------------------------------------------------- // check for invalid characters and empty strings function isValidX500String(sSource) { if (-1!=sSource.indexOf(",",0) || -1!=sSource.indexOf("\"",0) || -1!=sSource.indexOf("+",0) || -1!=sSource.indexOf(";",0)) { return false; } else { return true; } } //---------------------------------------------------------------- // check for invalid characters and empty strings function isValidIA5String(sSource) { var nIndex; for (nIndex=sSource.length-1; nIndex>=0; nIndex--) { if (sSource.charCodeAt(nIndex)>127) { // NOTE: this is better, but not compatible with old browsers. return false; } }; return true; } //---------------------------------------------------------------- // check for invalid characters function isValidCountryField(tbCountry) { tbCountry.value=tbCountry.value.toUpperCase(); var sSource=tbCountry.value; var nIndex, ch; if (0!=sSource.length && 2!=sSource.length) { return false; } for (nIndex=sSource.length-1; nIndex>=0; nIndex--) { ch=sSource.charAt(nIndex) if (ch<"A" || ch>"Z") { return false; } }; return true; } //---------------------------------------------------------------- // set a label to normal style function markLabelNormal(spn) { spn.style.color="#000000"; spn.style.fontWeight='normal'; } //---------------------------------------------------------------- // set a label to error state function markLabelError(spn) { spn.style.color='#FF0000'; spn.style.fontWeight='bold'; } //---------------------------------------------------------------- // check that the form has data in it function validateRequest() { markLabelNormal(spnNameLabel); markLabelNormal(spnEmailLabel); markLabelNormal(spnCompanyLabel); markLabelNormal(spnDepartmentLabel); markLabelNormal(spnCityLabel); markLabelNormal(spnStateLabel); markLabelNormal(spnCountryLabel); var bOK=true; <%If "Enterprise"=sServerType Then%> if (true==isOfflineTemplate()) { <%End If%> var fldFocusMe=null; if (false==isValidCountryField(document.UIForm.tbCountry)) { bOK=false; fldFocusMe=document.UIForm.tbCountry; markLabelError(spnCountryLabel); } if (false==isValidX500String(document.UIForm.tbState.value)) { bOK=false; fldFocusMe=document.UIForm.tbState; markLabelError(spnStateLabel); } if (false==isValidX500String(document.UIForm.tbLocality.value)) { bOK=false; fldFocusMe=document.UIForm.tbLocality; markLabelError(spnCityLabel); } if (false==isValidX500String(document.UIForm.tbOrgUnit.value)) { bOK=false; fldFocusMe=document.UIForm.tbOrgUnit; markLabelError(spnDepartmentLabel); } if (false==isValidX500String(document.UIForm.tbOrg.value)) { bOK=false; fldFocusMe=document.UIForm.tbOrg; markLabelError(spnCompanyLabel); } if (false==isValidX500String(document.UIForm.tbEmail.value) || false==isValidIA5String(document.UIForm.tbEmail.value)) { bOK=false; fldFocusMe=document.UIForm.tbEmail; markLabelError(spnEmailLabel); } if (false==isValidX500String(document.UIForm.tbCommonName.value)) { bOK=false; fldFocusMe=document.UIForm.tbCommonName; markLabelError(spnNameLabel); } if (false==bOK) { spnFixTxt.style.display=''; window.scrollTo(0,0); fldFocusMe.focus(); } <%If "Enterprise"=sServerType Then%> } // <- End if offline template <%End If%> // Check the keysize field if (true==bOK) { // get the min and max from the CSP var bExchange=document.UIForm.rbKeyUsage[KEY_USAGE_EXCH].checked || document.UIForm.rbKeyUsage[KEY_USAGE_BOTH].checked; var nKeyMin=MyGetKeyLen(KEY_LEN_MIN, bExchange); var nKeyMax=MyGetKeyLen(KEY_LEN_MAX, bExchange); var nKeySize=parseInt(document.UIForm.tbKeySize.value); var sMessage; if (isNaN(nKeySize)) { sMessage=L_KeySizeNotNumber_ErrorMessage; bOK=false; } else if (nKeySize<nKeyMin || nKeySize>nKeyMax) { sMessage=eval(L_KeySizeBadNumber_ErrorMessage); bOK=false; } if (false==bOK) { alert (sMessage); document.UIForm.tbKeySize.focus(); } } // Check the container name if (true==bOK) { if (document.UIForm.rbKeyGen[0].checked) { // new keyset if (document.UIForm.cbSetContainer.checked) { if (""==document.UIForm.tbNewContainerName.value) { bOK=false; } } } else { // existing keyset if (""==document.UIForm.tbOldContainerName.value) { bOK=false; } } if (false==bOK) { alert(L_NoCntnrName_ErrorMessage); if (document.UIForm.rbKeyGen[0].checked) { document.UIForm.tbNewContainerName.focus(); } else { document.UIForm.tbOldContainerName.focus(); } } } // Check the exported private key file name if (true==bOK) { if (document.UIForm.cbMarkKeyExportable.checked && document.UIForm.cbExportKeys.checked) { if (""==document.UIForm.tbExportKeyFile.value) { bOK=false; alert(L_NoExportFileName_ErrorMessage); document.UIForm.tbExportKeyFile.focus(); } } } // Check the saved-request file name if (true==bOK) { if (document.UIForm.cbSaveRequest.checked) { if (""==document.UIForm.tbSaveReqFile.value) { bOK=false; alert(L_NoSaveReqFileName_ErrorMessage); document.UIForm.tbSaveReqFile.focus(); } } } return bOK; } //---------------------------------------------------------------- function SubmitRequest() { // check that the form is filled in spnErrorTxt.style.display='none'; spnFixTxt.style.display='none'; if (false==validateRequest()) { return; } // show a nice message since request creation can take a while ShowTransientMessage(L_Generating_Message); // Make the message show up on the screen, // then continue with 'SubmitRequest': // Pause 1 mS before executing phase 2, // so screen will have time to repaint. setTimeout("SubmitRequestPhase2();",1); } function SubmitRequestPhase2() { // continued from above <%If "StandAlone"=sServerType Then%> // // Stand-Alone Options // // set the extended key usage and certificate request 'friendly type' var nUsageIndex=document.UIForm.lbUsageOID.selectedIndex; var sCertUsage; if ("**"==document.UIForm.lbUsageOID.options[nUsageIndex].value) { sCertUsage=document.UIForm.tbEKUOther.value; document.SubmittedData.FriendlyType.value=eval(L_UserEKUCert_Text); } else { sCertUsage=document.UIForm.lbUsageOID.options[nUsageIndex].value; document.SubmittedData.FriendlyType.value=document.UIForm.lbUsageOID.options[nUsageIndex].text; } DoEkuSpecificSettings(sCertUsage); <%Else 'Enterprise%> // // Enterprise Options // // get the selected template var nTemplateIndex=document.UIForm.lbCertTemplate.selectedIndex; var sTemplate=document.UIForm.lbCertTemplate.options[nTemplateIndex].value; // Turn on SMIME capabilities if necessary if ("Y"==sTemplate.substring(1,2)) { XEnroll.EnableSMIMECapabilities=true; } // extract the template name (skip the first two chars) sTemplate=sTemplate.slice(2); // set the cert template XEnroll.addCertTypeToRequest(sTemplate); document.SubmittedData.FriendlyType.value=eval(L_TemplateCert_Text); var sCertUsage=""; // ignored <%End If 'StandAlone or Enterprise%> // // Common // // set the identifying info var sDistinguishedName=""; if (""!=document.UIForm.tbCountry.value) { sDistinguishedName+="C=\""+document.UIForm.tbCountry.value.replace(/"/g, "\"\"") +"\";"; } if (""!=document.UIForm.tbState.value) { sDistinguishedName+="S=\""+document.UIForm.tbState.value.replace(/"/g, "\"\"") +"\";"; } if (""!=document.UIForm.tbLocality.value) { sDistinguishedName+="L=\""+document.UIForm.tbLocality.value.replace(/"/g, "\"\"") +"\";"; } if (""!=document.UIForm.tbOrg.value) { sDistinguishedName+="O=\""+document.UIForm.tbOrg.value.replace(/"/g, "\"\"") +"\";"; } if (""!=document.UIForm.tbOrgUnit.value) { sDistinguishedName+="OU=\""+document.UIForm.tbOrgUnit.value.replace(/"/g, "\"\"") +"\";"; } if (""!=document.UIForm.tbEmail.value) { sDistinguishedName+="E=\""+document.UIForm.tbEmail.value.replace(/"/g, "\"\"") +"\";"; } if (""!=document.UIForm.tbCommonName.value) { sDistinguishedName+="CN=\""+document.UIForm.tbCommonName.value.replace(/"/g, "\"\"")+"\";"; } <%If "Enterprise"=sServerType Then%> if (false==isOfflineTemplate()) { sDistinguishedName=""; } <%End If%> // append the local date to the type document.SubmittedData.FriendlyType.value+=" ("+(new Date()).toLocaleString()+")"; // // Key Options subheading: // // set the CSP var nCSPIndex=document.UIForm.lbCSP.selectedIndex; XEnroll.ProviderName=document.UIForm.lbCSP.options[nCSPIndex].text; XEnroll.ProviderType=document.UIForm.lbCSP.options[nCSPIndex].value; // set the key size (the upper 16 bits of GenKeyFlags) // note: this value has already been validated var nKeySize=parseInt(document.UIForm.tbKeySize.value); XEnroll.GenKeyFlags=nKeySize<<16; // set the KeyUsage if (document.UIForm.rbKeyUsage[KEY_USAGE_EXCH].checked) { XEnroll.KeySpec=AT_KEYEXCHANGE; XEnroll.LimitExchangeKeyToEncipherment=true; } else if (document.UIForm.rbKeyUsage[KEY_USAGE_SIG].checked) { XEnroll.KeySpec=AT_SIGNATURE; XEnroll.LimitExchangeKeyToEncipherment=false; } else { // KEY_USAGE_BOTH XEnroll.KeySpec=AT_KEYEXCHANGE; XEnroll.LimitExchangeKeyToEncipherment=false; } // set the 'use existing key set' flag if (document.UIForm.rbKeyGen[0].checked) { XEnroll.UseExistingKeySet=false; if (document.UIForm.cbSetContainer.checked) { XEnroll.ContainerName=document.UIForm.tbNewContainerName.value; } } else { XEnroll.UseExistingKeySet=true; XEnroll.ContainerName=document.UIForm.tbOldContainerName.value; } // set 'Strong private key protection' // note: upper 16 bits already set as key size if (document.UIForm.cbStrongKey.checked) { XEnroll.GenKeyFlags|=CRYPT_USER_PROTECTED; } // set the 'SaveCert' flag to install the cert instead of saving document.SubmittedData.SaveCert.value="no"; // mark the keys as exportable if (document.UIForm.cbMarkKeyExportable.checked) { XEnroll.GenKeyFlags|=CRYPT_EXPORTABLE; // set the key export file (.pvk) and save the cert instead of installing if (document.UIForm.cbExportKeys.checked) { XEnroll.PVKFileName=document.UIForm.tbExportKeyFile.value; document.SubmittedData.SaveCert.value="yes"; } } // place the keys in the local machine store if (document.UIForm.cbLocalMachineStore.checked) { // the keys attached to the dummy request cert go in the local machine store XEnroll.RequestStoreFlags=CERT_SYSTEM_STORE_LOCAL_MACHINE; // used in CryptAcquireContext XEnroll.ProviderFlags=CRYPT_MACHINE_KEYSET; // the keys attached to the final cert also go in the local machine store document.SubmittedData.TargetStoreFlags.value=CERT_SYSTEM_STORE_LOCAL_MACHINE; } else { // the keys attached to the final cert also go in the user store document.SubmittedData.TargetStoreFlags.value=0; // 0=Use default (=user store) } // // Additional Options subheading: // // set the hash algorithm var nHashIndex=document.UIForm.lbHashAlgorithm.selectedIndex; XEnroll.HashAlgID=document.UIForm.lbHashAlgorithm.options[nHashIndex].value; // set any extra attributes var sAttrib=document.UIForm.taAttrib.value; if (sAttrib.lastIndexOf("\r\n")!=sAttrib.length-2 && sAttrib.length>0) { sAttrib=sAttrib+"\r\n"; } // for interop debug purposes sAttrib+="UserAgent:<%=Request.ServerVariables("HTTP_USER_AGENT")%>\r\n"; document.SubmittedData.CertAttrib.value=sAttrib; // we are submitting a new request document.SubmittedData.Mode.value='newreq'; // // Create the request // if (document.UIForm.cbSaveRequest.checked) { // build and save the certificate request var nResult; var sSaveReqFile=document.UIForm.tbSaveReqFile.value; nResult=CreateAndSaveRequest(sDistinguishedName, sCertUsage, sSaveReqFile); // ask VB to do it, since it can handle errors } else { // build the certificate request var nResult=CreateRequest(sDistinguishedName, sCertUsage); // ask VB to do it, since it can handle errors } // hide the message box HideTransientMessage(); // reset XEnroll so the user can select a different CSP, etc. XEnroll.reset(); // however, make sure it still matches the UI. XEnroll.ProviderName=document.UIForm.lbCSP.options[nCSPIndex].text; XEnroll.ProviderType=document.UIForm.lbCSP.options[nCSPIndex].value; // deal with an error if there was one if (0!=nResult) { handleError(nResult); return; } // check for special "no submit" case if (document.UIForm.cbSaveRequest.checked) { // just inform the user that it went OK, but don't submit alert(L_RequestSaved_Message); } else { // put up a new wait message ShowTransientMessage(L_Waiting_Message); // Submit the cert request and move forward in the wizard document.SubmittedData.submit(); } } //---------------------------------------------------------------- function handleError(nResult) { var sSugCause=L_SugCauseNone_ErrorMessage; var sErrorName=L_ErrNameUnknown_ErrorMessage; // analyze the error - funny use of XOR ('^') because obvious choice '==' doesn't work if (0==(0x80090008^nResult)) { sErrorName="NTE_BAD_ALGID"; sSugCause=L_SugCauseBadSetting2_ErrorMessage; } else if (0==(0x80090016^nResult)) { sErrorName="NTE_BAD_KEYSET"; if (document.UIForm.rbKeyGen[0].checked) { sSugCause=L_SugCauseBadCSP_ErrorMessage; } else { sSugCause=L_SugCauseBadKeyContainer_ErrorMessage; } } else if (0==(0x80090019^nResult)) { sErrorName="NTE_KEYSET_NOT_DEF"; sSugCause=L_SugCauseBadCSP_ErrorMessage; } else if (0==(0x80090020^nResult)) { sErrorName="NTE_FAIL"; sSugCause=L_SugCauseBadCSP_ErrorMessage; } else if (0==(0x80090009^nResult)) { sErrorName="NTE_BAD_FLAGS"; sSugCause=L_SugCauseBadSetting2_ErrorMessage; } else if (0==(0x8009000F^nResult)) { sErrorName="NTE_EXISTS"; sSugCause=L_SugCauseExistKeyContainer_ErrorMessage; } else if (0==(0x80092002^nResult)) { sErrorName="CRYPT_E_BAD_ENCODE"; //sSugCause=""; } else if (0==(0x80092022^nResult)) { sErrorName="CRYPT_E_INVALID_IA5_STRING"; sSugCause=L_SugCauseBadChar_ErrorMessage; } else if (0==(0x80092023^nResult)) { sErrorName="CRYPT_E_INVALID_X500_STRING"; sSugCause=L_SugCauseBadChar_ErrorMessage; } else if (0==(0x80070003^nResult)) { sErrorName="ERROR_PATH_NOT_FOUND"; sSugCause=L_SugCauseBadFileName_ErrorMessage; } else if (0==(0x80070103^nResult)) { sErrorName="ERROR_NO_MORE_ITEMS"; sSugCause=L_SugCauseBadHash_ErrorMessage; } else if (0==(0xFFFFFFFF^nResult)) { sErrorName=L_ErrNameNoFileName_ErrorMessage; sSugCause=L_SugCauseNoFileName_ErrorMessage; } else if (0==(0x8000FFFF^nResult)) { sErrorName="E_UNEXPECTED"; } else if (0==(0x00000046^nResult)) { sErrorName=L_ErrNamePermissionDenied_ErrorMessage; sSugCause=L_SugCauseNotAdmin_ErrorMessage; } // modify the document text and appearance to show the error message spnErrorNum.innerText="0x"+toHex(nResult)+" - "+sErrorName; spnErrorMsg.innerText=sSugCause; spnFixTxt.style.display='none'; spnErrorTxt.style.display=''; // back to the top so the messages show window.scrollTo(0,0); } </Script> <Script Language="VBScript"> '----------------------------------------------------------------- ' call XEnroll to create a request, since javascript has no error handling Function CreateRequest(sDistinguishedName, sCertUsage) On Error Resume Next document.SubmittedData.CertRequest.value= _ XEnroll.CreatePKCS10(sDistinguishedName, sCertUsage) CreateRequest=Err.Number End Function '----------------------------------------------------------------- ' call XEnroll to create and save a request, since javascript has no error handling Function CreateAndSaveRequest(sDistinguishedName, sCertUsage, sSaveReqFile) On Error Resume Next XEnroll.CreateFilePKCS10 sDistinguishedName, sCertUsage, sSaveReqFile CreateAndSaveRequest=Err.Number End Function '---------------------------------------------------------------- ' handle a change in the current CSP, since javascript has no error handling Sub UpdateHashAlgList On Error Resume Next Dim nIndex, nAlgID, oElem ' clear the list While document.UIForm.lbHashAlgorithm.length>0 document.UIForm.lbHashAlgorithm.options.remove(0) Wend ' retrieve the list from XEnroll nIndex=0 Do ' get the next AlgID nAlgID=XEnroll.EnumAlgs(nIndex, ALG_CLASS_HASH) If 0<>Err.Number Then ' no more algs Err.Clear Exit Do End If ' get the corresponding name and create an option in the list box sName=XEnroll.GetAlgName(nAlgID) Set oElem=document.createElement("Option") oElem.text=sName oElem.value=nAlgID document.UIForm.lbHashAlgorithm.options.add(oElem) nIndex=nIndex+1 Loop ' <- End alg enumeration loop ' make sure the first one is selectd document.UIForm.lbHashAlgorithm.selectedIndex=0 End Sub '---------------------------------------------------------------- ' call XEnroll to get the key length, since javascript has no error handling Function MyGetKeyLen(bMinMax, bExchange) On Error Resume Next MyGetKeyLen=XEnroll.GetKeyLen(bMinMax, bExchange) If 0<>Err.Number Then If KEY_LEN_MIN=bMinMax Then MyGetKeyLen=KEY_LEN_MIN_DEFAULT Else MyGetKeyLen=KEY_LEN_MAX_DEFAULT End If End If End Function </Script> </Body> </HTML>