Asking for parts of full name in browser_req.xml

View: New views

13 Messages — Rating Filter: Alert me

Asking for parts of full name in browser_req.xml

by blainedw :: Rate this Message:

Reply to Author | View Threaded | Show Only this Message

Hi all,

Currently the req form asks for first and last name. I thought I would throw in fields that also ask for middle initial and suffix (jr, sr, ii, iii, etc). I then modified the XML that builds the CN appropriately.

<input>
<name>cn</name>
<label>Subject Name</label>
<type>textfield</type>
<charset>UTF8_LETTERS</charset>
<value>$ADDITIONAL_ATTRIBUTE_FIRSTNAME $ADDITIONAL_ATTRIBUTE_MIDDLEINITIAL $ADDITIONAL_ATTRIBUTE_LASTNAME $ADDITIONAL_ATTRIBUTE_SUFFIX</value>
<minlen>3</minlen>
<required>YES</required>
</input>

However, when a person does not have a middle initial or a suffix then the CN either gets an extra space in the middle or a trailing "/" at the end. Is there a way to eliminate these extra things? Is there a way to conditionally build the CN? Or should I just revert back to the default form?

Dave This is an e-mail from General Dynamics Land Systems. It is for the intended recipient only and may contain confidential and privileged information. No one else may read, print, store, copy, forward or act in reliance on it or its attachments. If you are not the intended recipient, please return this message to the sender and delete the message and any attachments from your computer. Your cooperation is appreciated.
------------------------------------------------------------------------------
Are you an open source citizen? Join us for the Open Source Bridge conference!
Portland, OR, June 17-19. Two days of sessions, one day of unconference: $250.
Need another reason to go? 24-hour hacker lounge. Register today!
http://ad.doubleclick.net/clk;215844324;13503038;v?http://opensourcebridge.org
_______________________________________________
Openca-Users mailing list
Openca-Users@...
https://lists.sourceforge.net/lists/listinfo/openca-users

Customising browser_req.xml

by Ionescu Dan :: Rate this Message:

Reply to Author | View Threaded | Show Only this Message

Hi.

When a user request a certificate from the browser I want to automatically fill out the email field based upon the First Name Field and Country. It was supposed to look like this:
First Name    XXX
Country        YYY

Email:            XXX_YYY@...

I tried to edit the browser_req.xml file but without success. I cannot find a way to concatenate strings at least not without leaving an additional space character between the two strings.
If i try
<value>$VALUE_A $VALUE_B </value>
i get Value_A space Value_B

Then, I tried to write a small perl function that takes the two strings as parameters and fills out the email field. I know that I'm a newbie in perl but if i call the function that I've created with the two strings as parameters the page fails to load. The strange thing is that when i call the function without any parameters the filed gets populated.

So, i need help ppl
Thank You.
Dan

------------------------------------------------------------------------------
Are you an open source citizen? Join us for the Open Source Bridge conference!
Portland, OR, June 17-19. Two days of sessions, one day of unconference: $250.
Need another reason to go? 24-hour hacker lounge. Register today!
http://ad.doubleclick.net/clk;215844324;13503038;v?http://opensourcebridge.org
_______________________________________________
Openca-Users mailing list
Openca-Users@...
https://lists.sourceforge.net/lists/listinfo/openca-users

Re: Customising browser_req.xml

by blainedw :: Rate this Message:

Reply to Author | View Threaded | Show Only this Message

Hi,

I was looking into this as well but the only way to do it is to split the one screen into 2, AFAIK. The first screen would ask for the user details without the email. The second screen would ask for the remaining information and build the email from the first screen. This is because the first screen must have a submit which sets the variable values.

Dave This is an e-mail from General Dynamics Land Systems. It is for the intended recipient only and may contain confidential and privileged information. No one else may read, print, store, copy, forward or act in reliance on it or its attachments. If you are not the intended recipient, please return this message to the sender and delete the message and any attachments from your computer. Your cooperation is appreciated.
------------------------------------------------------------------------------
Are you an open source citizen? Join us for the Open Source Bridge conference!
Portland, OR, June 17-19. Two days of sessions, one day of unconference: $250.
Need another reason to go? 24-hour hacker lounge. Register today!
http://ad.doubleclick.net/clk;215844324;13503038;v?http://opensourcebridge.org
_______________________________________________
Openca-Users mailing list
Openca-Users@...
https://lists.sourceforge.net/lists/listinfo/openca-users

Re: Customising browser_req.xml

by Ionescu Dan :: Rate this Message:

Reply to Author | View Threaded | Show Only this Message

blainedw@... wrote:

Hi,

I was looking into this as well but the only way to do it is to split the one screen into 2, AFAIK. The first screen would ask for the user details without the email. The second screen would ask for the remaining information and build the email from the first screen. This is because the first screen must have a submit which sets the variable values.

I'm already using two screens, in the first one I'm setting all the variables that I need, and in the second screen I try to fill out the email field.
So in the second page is just a mater of adding $VARIABLE_A with $VARIABLE_B into $VARIABLE_C but ...

If i try something like this:
<value>$VALUE_A$VALUE_B </value> i get an error

And if i try something like this:
<value>$VALUE_A $VALUE_B </value> i get a empty space between the values.

I don't know, it was supposed to be very easy to concatenate two strings but for an unknown reason it seams that i cannot do it properly.

Any pointers on concatenating two strings in browser_req.xml ?

------------------------------------------------------------------------------

_______________________________________________
Openca-Users mailing list
Openca-Users@...
https://lists.sourceforge.net/lists/listinfo/openca-users

Re: Customising browser_req.xml

by blainedw :: Rate this Message:

Reply to Author | View Threaded | Show Only this Message

Hi,

Haven't tried this but would this work?

${VARIABLE_A}${VARIABLE_B}

Dave

This is an e-mail from General Dynamics Land Systems. It is for the intended recipient only and may contain confidential and privileged information. No one else may read, print, store, copy, forward or act in reliance on it or its attachments. If you are not the intended recipient, please return this message to the sender and delete the message and any attachments from your computer. Your cooperation is appreciated.
------------------------------------------------------------------------------

_______________________________________________
Openca-Users mailing list
Openca-Users@...
https://lists.sourceforge.net/lists/listinfo/openca-users

Re: Asking for parts of full name in browser_req.xml

by blainedw :: Rate this Message:

Reply to Author | View Threaded | Show Only this Message

Hi all,

I had a thought about addressing this issue but unsure how it could be implemented. I'm thinking that the $EXEC feautre of the XML and some custom code could be used to solve this problem but I need the group's input:

<input>
<name>cn</name>
<label>Subject Name</label>
<type>textfield</type>
<charset>UTF8_LETTERS</charset>
<value>$EXEC::concatName($ADDITIONAL_ATTRIBUTE_FIRSTNAME,$ADDITIONAL_ATTRIBUTE_MIDDLEINITIAL,$ADDITIONAL_ATTRIBUTE_LASTNAME,$ADDITIONAL_ATTRIBUTE_SUFFIX)</value>
<minlen>3</minlen>
<required>YES</required>
</input>

Here is the code I would think would be added to one of the libs (or a custom lib):

sub concatName {

my $first=shift;
my $middle=shift;
my $last=shift;
my $suffix=shift;
my $name="";

$name=$first;
if ($middle ne "") {
$name=$name . " " . $middle;
}
$name=$name . " " . $last;
if ($suffix ne "") {
$name=$name . " " . $suffix;
}
return $name;
} This is an e-mail from General Dynamics Land Systems. It is for the intended recipient only and may contain confidential and privileged information. No one else may read, print, store, copy, forward or act in reliance on it or its attachments. If you are not the intended recipient, please return this message to the sender and delete the message and any attachments from your computer. Your cooperation is appreciated.
------------------------------------------------------------------------------

_______________________________________________
Openca-Users mailing list
Openca-Users@...
https://lists.sourceforge.net/lists/listinfo/openca-users

Re: Asking for parts of full name in browser_req.xml

by blainedw :: Rate this Message:

Reply to Author | View Threaded | Show Only this Message

Hi all,

Problem appears that the EXEC call doesn't like to pass parameters. Bummer. Unless someone knows anything different.

Dave This is an e-mail from General Dynamics Land Systems. It is for the intended recipient only and may contain confidential and privileged information. No one else may read, print, store, copy, forward or act in reliance on it or its attachments. If you are not the intended recipient, please return this message to the sender and delete the message and any attachments from your computer. Your cooperation is appreciated.
------------------------------------------------------------------------------

_______________________________________________
Openca-Users mailing list
Openca-Users@...
https://lists.sourceforge.net/lists/listinfo/openca-users

Re: Asking for parts of full name in browser_req.xml

by Ionescu Dan :: Rate this Message:

Reply to Author | View Threaded | Show Only this Message

blainedw@... wrote:

Hi all,

Problem appears that the EXEC call doesn't like to pass parameters. Bummer. Unless someone knows anything different.

That was what i was telling you, could not pass parameters to exec calls.
I manage to solve my problem by going a little deeper into the code and modifying the parser.
If you need further info just let me now and i will explain it after the weekend.

Dan.

------------------------------------------------------------------------------

_______________________________________________
Openca-Users mailing list
Openca-Users@...
https://lists.sourceforge.net/lists/listinfo/openca-users

Re: Asking for parts of full name in browser_req.xml

by blainedw :: Rate this Message:

Reply to Author | View Threaded | Show Only this Message

Hi,

Guess I missed that. Course now it has real problem for me. I have also looked into the parser and I thought I knew where to change it but it is not working (course I'm not a skilled perl programmer either but I can read regex). Anyways, any info you could provide would be appreciated!

Dave

This is an e-mail from General Dynamics Land Systems. It is for the intended recipient only and may contain confidential and privileged information. No one else may read, print, store, copy, forward or act in reliance on it or its attachments. If you are not the intended recipient, please return this message to the sender and delete the message and any attachments from your computer. Your cooperation is appreciated.
------------------------------------------------------------------------------

_______________________________________________
Openca-Users mailing list
Openca-Users@...
https://lists.sourceforge.net/lists/listinfo/openca-users

Re: Asking for parts of full name in browser_req.xml

by blainedw :: Rate this Message:

Reply to Author | View Threaded | Show Only this Message

Hi

Please provide the updated parser code when you have a chance.

Dave This is an e-mail from General Dynamics Land Systems. It is for the intended recipient only and may contain confidential and privileged information. No one else may read, print, store, copy, forward or act in reliance on it or its attachments. If you are not the intended recipient, please return this message to the sender and delete the message and any attachments from your computer. Your cooperation is appreciated.
------------------------------------------------------------------------------

_______________________________________________
Openca-Users mailing list
Openca-Users@...
https://lists.sourceforge.net/lists/listinfo/openca-users

Re: Asking for parts of full name in browser_req.xml

by Massimiliano Pala-3 :: Rate this Message:

Reply to Author | View Threaded | Show Only this Message

hi,

try this one, let me know if it works for you :D

Later,
Max

blainedw@... wrote:
>
> Hi
>
> Please provide the updated parser code when you have a chance.

--

Best Regards,

Massimiliano Pala

--o------------------------------------------------------------------------
Massimiliano Pala [OpenCA Project Manager] Massimiliano.Pala@...
project.manager@...

Dartmouth Computer Science Dept Home Phone: +1 (603) 369-9332
PKI/Trust Laboratory Work Phone: +1 (603) 646-9179
--o------------------------------------------------------------------------

People who think they know everything are a great annoyance to those of us
who do.
-- Isaac Asimov

## OpenCA - Request Utils
## (c) 1999-2009 by Massimiliano Pala and OpenCA Group

use strict;

our ( $query );

##################################################################
# #
# Safely get a field from a twig object - if the field does not #
# Exists, it will just return undef #
# #
##################################################################

sub getField {
my $item = shift;
my $name = shift;
my $ret = undef;

if( (defined $item) and (defined $name) and ($name ne "") ) {
my $retChild = $item->first_child($name);
if( $retChild ) {
$ret = $retChild->field;
} else {
return undef;
}
} else {
return undef;
}

return $ret;
}

sub getFieldAtts {
my $item = shift;
my $name = shift;
my $ret = undef;

if( (defined $item) and (defined $name) and ($name ne "") ) {
my $retChild = $item->first_child($name);
if( $retChild ) {
$ret = $retChild->atts;
} else {
return undef;
}
} else {
return undef;
}

return $ret;
}

sub getXMLItemAttrs {
my $item = shift;
my $ret = undef;

if( defined $item ) {
return $item->atts;
} else {
return undef;
}
}

####################################################################
# #
# Generate HTML input element from the TWIG element passed as the #
# first argument ( $item ) #
# #
####################################################################

sub getInput {
my $item = shift;
my $ret = undef;

my @fields = ( 'label', 'name', 'type', 'charset', 'minlen',
'required', 'readonly', 'errlabel', 'readonly',
'class', 'disabled', 'info' );

foreach my $att ( @fields ) {
$ret->{$att} = getField ( $item, $att );
}

return $ret;
}

sub getInputAtts {
my $item = shift;
my $ret = undef;

my @fields = ( 'label', 'name', 'type', 'charset', 'minlen',
'required', 'readonly', 'errlabel', 'readonly',
'class', 'disabled', 'info' );

foreach my $att ( @fields ) {
$ret->{$att} = getFieldAtts ( $item, $att );
}

return $ret;
}

sub genInputXML {
my $item = shift;
my $data = shift;
my $class = undef;
my $optional = undef;
my $html_input = undef;
my $readonly = undef;
my $disabled = undef;
my %ret = undef;

my @valSet = ();
my @value = ();

if( not defined $item ) {
return "";
}

my $input = getInput( $item );
my $inputAtts = getInputAtts ( $item );

my $htdocs_prefix = getRequired( "HtdocsUrlPrefix" );

@valSet = ($item->get_xpath('value'));

if( $input->{type} =~ /select/i ) {
$input->{type} = "popup_menu";
} elsif ( $input->{type} =~ /passwd|password|pass/i ) {
$input->{type} = "password_field";
}

foreach my $r ( @valSet ) {
push ( @value, $r->field );
}

for( my $t=0; $t < @value; $t++ ) {
while( $value[$t] =~ /(\$[^\$\s]+)/g ) {
my $tmpVal = $1;
my $paramVal = undef;

if ( $tmpVal =~ /^\$CONFIG::/ ) {
my @valList = ();
my @newValue = ();

$tmpVal =~ s/\$CONFIG:://;

foreach my $list_item(getRequiredList($tmpVal)){
push @valList, gettext ($list_item);
}

$value[$t] =~
s/(\$CONFIG::$tmpVal)/$valList[0]/;

shift ( @valList );
@newValue = @value[0 .. $t];
push( @newValue, @valList );
push( @newValue, @value[$t+1 .. $#value] );

@value = @newValue;

} elsif ( $tmpVal =~ /^\$EXEC::/ ) {
my @valList = ();
my @newValue = ();

$tmpVal =~ s/\$EXEC:://;

foreach my $list_item( eval $tmpVal ){
push @valList, gettext ($list_item);
}

$value[$t] =~
s/(\$EXEC::$tmpVal[\)\(]*)/$valList[0]/;

shift ( @valList );
@newValue = @value[0 .. $t];
push( @newValue, @valList );
push( @newValue, @value[$t+1 .. $#value] );

@value = @newValue;

} elsif ( $tmpVal =~ /^\$DATA::/ ) {
$tmpVal =~ s/\$DATA:://;
$value[$t] =~ s/(\$DATA::$tmpVal)/$data->{$tmpVal}/g;
} else {
my $newVal = undef;
my $origVal = undef;

$origVal = $tmpVal;
foreach my $l ( $origVal =~ /\$([^\s\$]+)/g ) {
$newVal = $query->param("$l");
if( $newVal eq "" ) {
$newVal = (eval $$l);
}

$value[$t] =~ s/(\$$l)/$newVal/;
}
}

# } else {
# $tmpVal =~ s/^\$//;
# $paramVal = $query->param( "$tmpVal");
# $value[$t] =~ s/(\$$tmpVal)/$paramVal/g;
# }
}
}

if( $input->{required} =~ /YES/gi ) {
$optional = 0;
$class = "required";
} else {
$optional = 1;
$class = "optional";
}

$ret{LABEL} = gettext( $input->{label} );

if ( $input->{disabled} =~ /YES/i ) {
$disabled=1;
} elsif ( $input->{readonly} =~ /YES/i ) {
$readonly=1;
}

if( $input->{type} =~ /popup_menu/i ) {
my %labels = undef;

if( $disabled == 1) {
$html_input = $query->newInput (
-regx => uc($input->{charset}),
-intype => $input->{type},
-disabled => $disabled,
-class => $class,
-name => $input->{name},
-optional => $optional,
-check => 'fill',
-minlen => $input->{minlen},
-labels => \%labels,
-value => [ @value ] );
} elsif ( $readonly == 1 ) {
$html_input = $query->newInput (
-regx => uc($input->{charset}),
-intype => $input->{type},
-readonly => $readonly,
-class => $class,
-name => $input->{name},
-optional => $optional,
-check => 'fill',
-minlen => $input->{minlen},
-labels => \%labels,
-value => [ @value ] );
} else {
$html_input = $query->newInput (
-regx => uc($input->{charset}),
-intype => $input->{type},
-class => $class,
-name => $input->{name},
-optional => $optional,
-check => 'fill',
-minlen => $input->{minlen},
-labels => \%labels,
-value => [ @value ] );
}
} else {
if( $disabled == 1) {
$html_input = $query->newInput (
-regx => uc($input->{charset}),
-intype => $input->{type},
-class => $class,
-name => $input->{name},
-optional => $optional,
-check => 'fill',
-minlen => $input->{minlen},
-disabled => $disabled,
-value => $value[0] );
} elsif ( $readonly == 1 ) {
$html_input = $query->newInput (
-regx => uc($input->{charset}),
-intype => $input->{type},
-class => $class,
-name => $input->{name},
-optional => $optional,
-check => 'fill',
-minlen => $input->{minlen},
-readonly => $disabled,
-value => $value[0] );
} else {
$html_input = $query->newInput (
-regx => uc($input->{charset}),
-intype => $input->{type},
-class => $class,
-name => $input->{name},
-optional => $optional,
-check => 'fill',
-minlen => $input->{minlen},
-value => $value[0] );
}
}

$ret{VALUE} = $html_input;

if( $input->{info} ) {
$ret{VALUE} .= " <a href=\"" .
$input->{info} . "\">" .
"<img src=\"$htdocs_prefix/images/" .
$inputAtts->{info}->{img} . "\" " .
"style='vertical-align:bottom;' />".
"</a>";
}

return ( %ret );

}

sub loadKeyStrengths {

our ( $query );

my @keySizeList = ();
my @supportedList = getRequiredList('SupportedKeyStrengths');

## Now we shall get the LOA configuration
my $loaName = gettext( $query->param('loa'));

if ( $loaName eq "" ) {
## If no loa value, we just return the list
## Get the list of supported Labels for Algorithms
foreach my $r ( @supportedList ) {
push (@keySizeList, gettext ( $r ));
}

return (@keySizeList);
}

# cmds_debug("loadLeyStrength()::loaName = $loaName\n");

## load the LOA configuration file
my $loaTwig = loadConfigXML ('LOAConfiguration');

## for each Loa...
foreach my $loa ( $loaTwig->get_xpath("loa")) {

my $name = gettext (getField( $loa, 'name'));

if ( $name !~ /^$loaName$/i ) {
next;
};

foreach my $algor ( $loa->get_xpath("requires/strength")) {

my $name = undef;
my $bits = undef;

my $algorName = getField ( $algor, 'name' );

# cmds_debug("loadLeyStrength()::algorName $algorName");

if ( $algorName eq "" ) {
next;
}

if( grep ( /$algorName/i , @supportedList ) ) {
#cmds_debug("loadLeyStrength()::adding " .
# "$algorName to the list of Strengthes\n");
push ( @keySizeList, gettext ( $algorName ))
}
}
}

return ( @keySizeList );
}

sub loadKeygenMode {

our ( $query );

my $loaparam = shift;

my $loaName = $query->param('loa') or $loaparam;

my @retList = ();

if( $loaName eq "" ) {
$loaName = $loaparam;
}

## load the LOA configuration file
my $loaTwig = loadConfigXML ('LOAConfiguration');

## for each Loa...
foreach my $loa ( $loaTwig->get_xpath("loa")) {

my $name = getField( $loa, 'name');

if ( ($name eq "" ) or ($name !~ /^$loaName$/i )) {
next;
};

foreach my $mode ($loa->get_xpath("requires/keygen/mode")) {
# print STDERR "loadKeygenMode()::adding " .
# $mode->field . "\n";
if( $mode->field ne "" ) {
push (@retList, $mode->field );
}
}
}

return ( @retList );
}

sub loadKeyTypes {

our ( $query );

my @keyTypeList = ();
my @retList = ();
my %hashList = undef;

my $type = getReqType();

my $loaAlgs = getLoaAlgorithms( $query->param('loa'));

if ( $type =~ /BASIC/gi ) {
# We provide the possibility to choose
# only from rsa and dsa for now, in future
# we may enable ECDSA
@keyTypeList = ( 'RSA', 'DSA', 'ECDSA' );
} elsif ( $type =~ /IE|NSS|VISTA/gi ) {
@keyTypeList = ( 'RSA', 'DSA' );
} else {
@keyTypeList = ( 'RSA' );
}

foreach my $r ( keys %$loaAlgs ) {
foreach my $t ( keys %{ $loaAlgs->{$r}} ) {

if ( $t =~ /ID-ECPUBLICKEY/i ) {
$t = "ECDSA";
};

$hashList { $t } = 1;
}
}

foreach my $k ( @keyTypeList ) {
if ( $hashList { $k } eq "1" ) {
push ( @retList, $k );
}
}

return ( @retList );
}

sub getLoaAlgorithms {

my $loaName = shift;

my $ret = undef;

# my @supportedList = getRequiredList('SupportedKeyStrengths');

## load the LOA configuration file
my $loaTwig = loadConfigXML ('LOAConfiguration');

## for each Loa...
foreach my $loa ( $loaTwig->get_xpath("loa")) {

my $name = gettext (getField( $loa, 'name'));

if ( ($loaName ne "" ) and ($name !~ /^$loaName$/i )) {
next;
};

foreach my $algor ( $loa->get_xpath("requires/strength")) {

my $name = undef;
my $bits = undef;

my $algorName = uc ( getField ( $algor, 'name' ));

if ( $algorName eq "" ) {
next;
}

#if( not grep ( /$algorName/i , @supportedList ) ) {
# next;
#}

foreach my $allowed ($algor->get_xpath("allowed")) {

( $name, $bits ) = ( $allowed->field =~
/([^\+\_]+)[\+\_]+(\d+)$/ );

$ret->{uc($algorName)}->{uc($name)} = $bits;

if( $name =~ /ecdsa/i ) {
$ret->{uc($algorName)}->{uc('id-ecPublicKey')} = $bits;
};
}
}
}

return ( $ret );
}

sub getKeyBitsize {

my $strength = shift;
my $algorithm = shift;
my $loaName = shift;

my $ret = undef;

my $algs = undef;

$algs = getLoaAlgorithms( $loaName );

return $algs->{uc($strength)}->{uc($algorithm)};
}

sub getReqType {

my $AGENT_NAME = $query->param("AGENT_NAME");
my $AGENT_OS_NAME = $query->param("AGENT_OS_NAME");
my $AGENT_OS_VERSION = $query->param("AGENT_OS_VERSION");

my $reqType = undef;

if( $query->param('genkey') =~ /Server/ig ) {
$reqType = "BASIC";
} elsif ( $AGENT_NAME =~ /Opera/i ) {
$reqType = "SPKAC";
} elsif ( $AGENT_NAME =~ /Netscape/i ) {
$reqType = "SPKAC";
} elsif ( $AGENT_NAME =~ /Safari/i ) {
if( $AGENT_OS_NAME =~ /Windows/i ) {
$reqType="BASIC";
} else {
$reqType="SPKAC";
}
} elsif ( $AGENT_NAME =~ /Mozilla/i ) {
$reqType = "SPKAC";
} elsif ( $AGENT_NAME =~ /Firefox/i ) {
#
# if( $AGENT_VERSION > 1 ) {
# $req_type = "NSS";
#} else {
$reqType = "SPKAC";
#}
} elsif ( $AGENT_NAME =~ /Konqueror/i ) {
$reqType = "SPKAC";
} elsif ( $AGENT_NAME =~ /MSIE/i ) {
$reqType = "IE";
if( $AGENT_OS_NAME =~ /Windows NT/ ) {
if ( $AGENT_OS_VERSION >= 6 ) {
$reqType = "VISTA";
};
}
} else {
$reqType = "BASIC";
}

return $reqType;
}

sub loadLoa {

my $loaOption = getRequired('USE_LOAS');

my ($loaTwig, $xmlLOA, %LOALevels, @LOANames, $loaHtml );
my ( $loaSelect, %LOAHash );

if ($loaOption =~ /yes/i) {
$loaTwig = loadConfigXML ('LOAConfiguration');
if (not $loaTwig) {
generalError (gettext ("Cannot load LOA configration"));
}
}

for my $al ($loaTwig->get_xpath("loa")) {
push( @LOANames, getField($al, 'name' ));

# $LOALevels{$xmlLOA}=gettext(($al->first_child('level'))->field);
# $LOAHash{gettext(($al->first_child('level'))->field)}=$xmlLOA;
# push (@LOANames, $xmlLOA);
debug_cmds ("advanced_csr: LOANames: ".@LOANames);
}

return ( @LOANames );
}

sub getLoaLevel {

my $loaName = shift;

my $loaTwig = loadConfigXML ('LOAConfiguration');
my $reqLoaItem = undef;

my $ret = undef;

if ( $loaName eq "" ) {
return $ret;
}

foreach my $al ( $loaTwig->get_xpath("loa")) {
my $level = getField( $al, 'level' );
my $name = getField( $al, 'name' );

if( $name eq $loaName ) {
$ret = $level;

last;
}
}

return $ret;

}

sub getLoaMinKeysize {

my $loa = shift;

my $loaTwig = loadConfigXML ('LOAConfiguration');
my @loas = $loaTwig->get_xpath("loa" );

my $reqLoaItem = undef;

my @ret = ();

if ( not $loa or $loa eq "" ) {
return @ret;
}

foreach my $al ( $loaTwig->get_xpath("loa")) {
my $level = getField( $al, 'level' );

if( $level eq $loa ) {
$reqLoaItem = $al;

last;
}

}

if( not $reqLoaItem ) {
# LOA not found
return @ret;
}

foreach my $alg ( $reqLoaItem->get_xpath("requires/strength") ) {

my $val = getField( $alg, "minkeysize");

if ( $val ne "" ) {
push ( @ret, $val );
}
}

return @ret ;
}

sub getAgreement {

my $loa = shift;

my $ret = undef;
my $file = undef;
my $FD = undef;

if ( $loa eq "" ) {
return undef;
}

my $loaTwig = loadConfigXML ('LOAConfiguration');
my @loas = $loaTwig->get_xpath("openca/loa" );

foreach my $al ( $loaTwig->get_xpath("loa")) {
my $name = getField( $al, 'name' );

if( $name eq $loa ) {
$file = getField( $al, 'agreement');
last;
}
}

if( ($file ne "" ) and (open( FD, "$file" )) ) {
while( <FD> ) {
$ret .= $_;
}
close ( FD );
}

return $ret;
}

sub getReqTypeName {

my $type = shift;

my $req_type_name = undef;

if ( $type eq "" ) {
$type = getReqType();
};

if( $type =~ /BASIC/i ) {
$req_type_name = "Server Generated " .
gettext ("Certificate Request" ) ;
} else {
my $aname = $query->param('AGENT_NAME');
my $aver = $query->param('AGENT_VERSION');
my $osver = $query->param('AGENT_OS_VERSION');
my $osname = $query->param('AGENT_OS_NAME');
my ( $myaver ) =~ /(\d+)/;

( $myaver ) = ( $aver =~ /(\d+)/ );

if( $type =~ /IE/i ) {
$req_type_name = "IE";
if( $aname =~ /IE/ ) {
$req_type_name .= " " . $myaver;
};
} elsif( $type =~ /NSS/i ) {
$req_type_name = "Firefox";
} elsif( $type =~ /SPKAC/i ) {
if( $aname =~ /(Firefox|Safari|Mozilla|Konqueror|Opera)/i ) {
$req_type_name = "$aname";
$req_type_name .= " " . $myaver;
} else {
$req_type_name = "Mozilla/Firefox";
}
}

if( $osname =~ /Windows NT/ ) {
if ( $osver >= 6 ) {
$osname = "Vista";
} else {
$osname = "Windows";
}
}

$req_type_name .= " " . gettext ("Certificate Request" ) .
" (" . $osname . ")";
}

return $req_type_name;
}

sub checkRequirements {

my $req = shift;
my $loa = shift;
my $genMode = shift;

my $ret = undef;
my $reqLoaItem = undef;
my $requires = undef;
my $FD = undef;

my $supportedAlg = undef;
my $supportedKeygen = undef;
my $reqAlg = undef;

if ( (not $req) or ($loa eq "") ) {
return ("General Request Requirement Error!");
}

my $loaTwig = loadConfigXML ('LOAConfiguration');
my @loas = $loaTwig->get_xpath("openca/loa" );

foreach my $al ( $loaTwig->get_xpath("loa")) {
my $name = getField( $al, 'name' );

if( $name eq $loa ) {
$reqLoaItem = $al;
last;
}
}

if( not $reqLoaItem ) {
return ( "Error in LOA Configuration" );
};

if( not $reqLoaItem->get_xpath("requires" )) {
# If no requires section, than everything is
# allowed...
return undef;
}

my $algor = getLoaAlgorithms( $loa ) ;

my $supportedAlg = 0;
my $reqPubkeyAlg = $req->getParsed->{PUBKEY_ALGORITHM};
my $reqKeysize = $req->getParsed->{KEYSIZE};

foreach my $strength ( keys %$algor ) {
my $size = undef;

$size = $algor->{$strength}->{uc($reqPubkeyAlg)};

if( $size <= $reqKeysize ) {
$supportedAlg = 1;
last;
}
}

if ( $supportedAlg == 0 ) {
return ("The selected request algorithm " .
$req->getParsed->{PUBKEY_ALGORITHM} .
" (" . $reqKeysize . ") is not supported by ".
"the selected Level of Assurance ($loa)." );
}

print STDERR "checkRequirements()::genMode is $genMode\n";

$supportedKeygen = 1;
if( $genMode ne "" ) {
my @genModeList = loadKeygenMode();
my $GGGMode = undef;

( $GGGMode ) = ( $genMode =~ /^([^\s]+)/i );

$supportedKeygen = 0;
if ( grep ( /$GGGMode/i , @genModeList)) {
$supportedKeygen = 1;
}
}

if( $supportedKeygen == 0 ) {
return ( "The selected Key Generation Mode ($genMode) is not supported by the selected Level of Assurance ($loa).");
}

return "OK";
}

sub checkGenMode {

## Check consistency between KeygenMode and selected LOA
my $genMode = shift;

if( $genMode ne "" ) {
my @genModeList = loadKeygenMode();
my $GGGMode = undef;

( $GGGMode ) = ( $genMode =~ /^([^\s]+)/i );

if ( not grep ( /$GGGMode/i , @genModeList)) {
return i18nGettext ( "The selected Key " .
"Generation Mode __GENMODE__ is not " .
"supported by the selected Level of " .
"Assurance __LOA__.",
"__GENMODE__", "<b>$genMode</b>",
"__LOA__", "<b>" . $query->param('loa') .
"</b>") . " " .
i18nGettext ( "Please return to the " .
"previous page and select a different ".
"Key Generation Mode or a different LOA.");
}
}

return "OK";
}

sub getXMLReqParamVals {

## We require the TWIG object to point to the request
## configuration and the list of paths to get the params
## name from

## Parameters
##
## * TWIG - TWIG object
## * QUERY - CGI object
## * PATHS - List of paths to get the name of the params from

my $keys = { @_ };

my $reqTwig = $keys->{TWIG};
my @paths = @{ $keys->{PATHS} };
my $query = $keys->{QUERY};

my $ret = undef;

# print STDERR "getXMLReqParamValues()::Start\n";

if ( (not $reqTwig) or (not $query) ) {
return undef;
}

# print STDERR "getXMLReqParamValues()::Required params are ok\n";

foreach my $xPath ( @paths ) {

# print STDERR "getXMLReqParamValues()::Processing $xPath\n";

# Let's pass on the values of the fields from the user
# data form
foreach my $item ($reqTwig->get_xpath("$xPath")) {
my $name = getField($item, 'name');

## Let's handle the special cases here
if ( $name =~ /strength/i ) {
$ret->{"$name"} = $query->param("$name");

$ret->{"bits"} =
getKeyBitsize( $query->param("$name"),
$query->param("keytype"),
$query->param("loa"));

# print STDERR "getXMLReqParamValues()::strength found ($name) " . $ret->{"$name"} . " => " . $ret->{"bits"} . "\n";

} else {
$ret->{"$name"} = $query->param("$name");
# print STDERR "getXMLReqParamValues()::adding param $name => " . $ret->{"$name"} . "\n";
}
}
}
return $ret;
}

1;

------------------------------------------------------------------------------

_______________________________________________
Openca-Users mailing list
Openca-Users@...
https://lists.sourceforge.net/lists/listinfo/openca-users

smime.p7s (4K) Download Attachment

Re: Asking for parts of full name in browser_req.xml

by blainedw :: Rate this Message:

Reply to Author | View Threaded | Show Only this Message

Nope, I get the following:

It seems that line 173 is incorrect.

shouldn't the regex be this?

$value[$t] =~ s/(\$EXEC::$tmpVal$*$*)/$valList[0]/;

Unfortunately I tried it and it also doesn't work. It complains about unmatched regex (like above).

A little digging shows that $tmpVal is now equal to function() when I believe it should be function(param1,param2,param3)

Dave This is an e-mail from General Dynamics Land Systems. It is for the intended recipient only and may contain confidential and privileged information. No one else may read, print, store, copy, forward or act in reliance on it or its attachments. If you are not the intended recipient, please return this message to the sender and delete the message and any attachments from your computer. Your cooperation is appreciated.
------------------------------------------------------------------------------

_______________________________________________
Openca-Users mailing list
Openca-Users@...
https://lists.sourceforge.net/lists/listinfo/openca-users

Re: Asking for parts of full name in browser_req.xml

by blainedw :: Rate this Message:

Reply to Author | View Threaded | Show Only this Message

Bump. Ionescu Dan you said you had some code?

This is an e-mail from General Dynamics Land Systems. It is for the intended recipient only and may contain confidential and privileged information. No one else may read, print, store, copy, forward or act in reliance on it or its attachments. If you are not the intended recipient, please return this message to the sender and delete the message and any attachments from your computer. Your cooperation is appreciated.
------------------------------------------------------------------------------
Enter the BlackBerry Developer Challenge
This is your chance to win up to $100,000 in prizes! For a limited time,
vendors submitting new applications to BlackBerry App World(TM) will have
the opportunity to enter the BlackBerry Developer Challenge. See full prize
details at: http://p.sf.net/sfu/Challenge
_______________________________________________
Openca-Users mailing list
Openca-Users@...
https://lists.sourceforge.net/lists/listinfo/openca-users