File: //www/exchange0old/exchange/js/enroll.js
/**
Copyright@ Digi-Sign Limited, 2009. All rights reserved.
Terms and conditions of use at http://www.digi-sign.com
**/
/*
this utility depends on checkbrowser.js
*/
/* vars coming from original service engine */
var requireOrgUnitVar=false;
var requireLocalityVar=false;
var requireTelephoneVar=true;
var requirePcAccessVar=true;
var requireStateVar=false;
var advancedOptions=true;
var disableKeyExportVar=false;
var keyExportableChecked="checked";
var g_isDHTML = 0;
var g_isLayers = 0;
var g_isAll = 0;
var g_isID = 0;
var g_env = 0;
var g_objCspInfos = null;
var g_defProviderType = 1;
var g_defCSPName = "";
var g_cspIndex = null;
var g_cspList = new Array(0);
var g_keyFlags;
var g_keySize = 2048;
var g_advancedWindow = null;
//var advancedOptions = true;
if (BrowserDetect.browser == 'MSIE')
{
if (BrowserDetect.OS == "Windows Vista")
{
g_env = 2;
document.write("<object classid=\"clsid:884e2049-217d-11da-b2a4-000e7bbb2b09\" id=\"CEnroll\"></object>");
}
else
{
g_env = 1;
document.write("<object classid=\"clsid:127698e4-e730-4e5c-a2b1-21490a70c8a1\" codebase=\"cab/xenroll.cab\" id=\"XEnroll\"></object>");
g_keySize=2048;
}
}
else if(BrowserDetect.browser=='Firefox')
g_env=3;
else if(BrowserDetect.browser=='Chrome')
{
alert("Warning! Google Chrome web browsers are currently not supported! Please switch to a Microsoft Internet Explorer or Mozilla Firefox web browser before continuing.");
g_env=-3;
}
try
{
if (g_env == 1)
XEnroll.Reset();
else if (g_env == 2)
{
g_objCspInfos = CEnroll.CreateObject("X509Enrollment.CCspInformation");
g_objCspInfos.AddAvailableCsps();
}
}
catch (e)
{
if(errorNumberToString(e.number)=="800A01B6")
g_env = -g_env;
}
if (g_env>0 && g_env<3)
{
setListOfCSPs(g_defProviderType);
g_cspIndex = getDefaultCSPIndex();
}
if (document.getElementById)
{
g_isID = 1;
g_isDHTML = 1;
}
else if (document.all)
{
g_isAll = 1;
g_isDHTML = 1;
}
else
{
browserVersion = parseInt(navigator.appVersion);
if ((navigator.appName.indexOf('Netscape') != -1)
&& (browserVersion == 4))
{
g_isLayers = 1;
g_isDHTML = 1;
}
}
function findDOM(v_objectID, v_withStyle)
{
if (v_withStyle == 1)
{
if (g_isID)
return (document.getElementById(v_objectID).style);
else if (g_isAll)
return (document.all[v_objectID].style);
else if (g_isLayers)
return (document.layers[v_objectID]);
}
else if (g_isID)
return (document.getElementById(v_objectID));
else if (g_isAll)
return (document.all[v_objectID]);
else if (g_isLayers)
return (document.layers[v_objectID]);
}
function errorNumberToString(v_errorNumber)
{
return (v_errorNumber + parseInt("100000000", 16)).toString(16).toUpperCase();
}
function verifyError(v_caughtErrorNumber, v_anticipatedHexErrorNumber)
{
return (errorNumberToString(v_caughtErrorNumber) == (v_anticipatedHexErrorNumber.toUpperCase()));
}
function displayError(v_enumber, v_emsg)
{
alert("Error has occured: 0x" + errorNumberToString(v_enumber) + ". " + v_emsg + ".");
}
function setListOfCSPs(v_providerType)
{
var t_cspNo = 0;
if (g_env == 1)
XEnroll.ProviderType = v_providerType;
try
{
for (var l_cspIndex = 0; ; l_cspIndex++)
{
if (g_env == 1)
g_cspList[t_cspNo++] = XEnroll.EnumProviders(l_cspIndex, 0);
else if (g_env == 2)
{
if (l_cspIndex < g_objCspInfos.Count)
{
if (g_objCspInfos.ItemByIndex(l_cspIndex).Type == v_providerType)
g_cspList[t_cspNo++] = g_objCspInfos.ItemByIndex(l_cspIndex).Name;
}
else
break;
}
}
}
catch(e)
{
if (verifyError(e.number, "80070103"))
;
else
alert(e.number + " " + e.description);
}
}
function getDefaultCSPIndex()
{
if (g_cspList.length <= 0)
return -1;
for (var l_cspIndex = 0; l_cspIndex < g_cspList.length; l_cspIndex++)
{
if (g_defCSPName != "" && g_cspList[l_cspIndex] == g_defCSPName)
return l_cspIndex;
//else if (g_cspList[l_cspIndex].indexOf("Microsoft Enhanced") >= 0)
//return l_cspIndex;
else if (g_cspList[l_cspIndex].indexOf("Microsoft Strong") >= 0)
return l_cspIndex;
}
return -1;
}
function alertIEWarning()
{
var imageSrc="";
if(g_env==3 || g_env==-3)
{
document.write(" ");
return;
}
if(g_env==1)
imageSrc="digi-access-potential.gif";
else if(g_env==2)
imageSrc="digi-access-potential-Vista.png";
v_text="<img alt=\"arrow\" style=\"border:0px;\" src=\"images/digi-access-arrow.gif\" width=\"50\" height=\"66\"/><br/>"+
"<img alt=\"potentialviolation\" style=\"border:0px;\" src=\"images/"+imageSrc+"\" /><br/><br/>"+
"<img alt=\"warning\" style=\"border:0px;\" src=\"images/warning.gif\" align=\"middle\" vspace=\"2\" hspace=\"2\" />A pop-up dialogue will request your permission to proceed. Click "Yes".";
document.write(v_text);
}
/* if cert enrol object is not loaded */
function alertWinUntrustedSite()
{
//document.getElementById("advancedOptions").style.visibility = "visible";
document.write("<TABLE class=\"alertmessage\"\n" +
" <TR>\n" +
" <TD>To get past the security warning shown above, you need to\n" +
" authorize this webpage to create a certificate request for you:\n" +
" <UL>\n" +
" <LI>On the <B>Tools</B> menu, select <B>Internet Options</B>.</LI>\n" +
" <LI>Click the <B>Security</B> tab, select the <B>Trusted sites</B>\n" +
" zone and click <B>Sites</B>.</LI>\n" +
" <LI>Ensure that <B>" + window.location.protocol + "//" + window.location.host +
"</B> is in the \"Add this website to the zone:\" box.</LI>\n" +
" <LI>Click <B>Add</B>, then <B>Close</B>, then <B>OK</B>.</LI>\n" +
" <LI>Finally, <A href=\"javascript:history.go(0)\">click here to\n" +
" continue...</A>\n" +
" </UL>\n" +
" </TD>\n" +
" </TR>\n" +
"</TABLE>\n<br/>");
}
function alertCertEnrollNotLoaded()
{
//document.getElementById("certEnroll_advancedOptions").style.visibility = "visible";
document.write("<TABLE class=\"alertmessage\"\n" +
" <TR>\n" +
" <TD>You need to authorize the \"Microsoft Certificate Enrollment\n" +
" Control\" to create a certificate request for you:\n" +
" <p align=\"center\" style=\"color:#FF0000;\">IMPORTANT INSTRUCTIONS - READ CAREFULLY</p>
<p>You need to authorise the \"Microsoft Enrollment Control\" to create a Certificate request for you </p>
<p>Follow these instructions step-by-step:</p>
<ol>
<li>Reload this Webpage, but <style=\"color:#FF0000;\">read these instructions completely before</span> doing so, then..</li>
<li>When you see a <B>Security Warning</B> popup, click <B>Yes</B> to install the \"Microsoft Certificate Enrollment Control\".</li>
<li>To get past the security warning shown above, you need to authorize this webpage to create a certificate request for you</li>
<li>On the <B>Tools</B> menu in this browser(at the top of the screen). select <B>Internet Options</B></li>
<li>Click the <B>Security</B> tab, select the <B>Trusted sites</B> zone and click <B>Sites</B></li>
<li>Ensure that <B>" + window.location.protocol + "//" + window.location.host +
"</B> is in the \"Add this website to the zone:\" box.</li>
<li>Click <B>Add</B>, then <B>Close</B>, then <B>OK</B>.</li>
</ol>
<p align=\"center\"><s href=\"javascript:history.go(0)\">Click here to continue...</a></p>
" +
" </TD>\n" +
" </TR>\n" +
"</TABLE>\n<br/>");
}
function setAdvancedOptions(v_text)
{
var t_dom = findDOM("advancedOptions", 0);
if (g_isLayers)
{
t_dom.document.write(v_text);
t_dom.document.close();
}
else
t_dom.innerHTML = v_text;
}
function hideAdvancedOptions()
{
var advancedOptions = ""+
"<table border=\"0\" cellpadding=\"3\" cellspacing=\"3\" class=\"table\" style=\"width:580px;margin:auto;\" id=\"advanced_key\">"+
"<tr>"+
"<td width=\"92%\" style=\"text-align:left;\">"+
"<b>**</b><a href=\"javascript:showAdvancedOptions()\" class=\"tahoma_bold\">Choose Advanced Private Key Options Here ...</a>"+
"</td>"+
"<td align=\"right\">"+
"</td>"+
"</tr>"+
"</table>";
setAdvancedOptions(advancedOptions);
}
function defaultAdvancedOptions()
{
setKeyExport(true);
//g_keySize = 1024;
//g_keyFlags = (g_keyFlags & 2);
//if(!window.adminKeySubOptionsVar)
//{
g_cspIndex = getDefaultCSPIndex();
//}
//else
//g_cspIndex = -1;
hideAdvancedOptions();
//showAdvancedOptions();
}
function showAdvancedOptions()
{
var t_advancedOptions = ""+
"<table cellpadding=\"3\" cellspacing=\"3\" class=\"table\" style=\"width:580px;margin:auto;border:0px;border-style:none;\" id=\"advanced_key\">" +
"<tr>"+
"<td style=\"text-align:left\" colspan=\"3\" class=\"tahoma_bold\">"+
"<b>Advanced Private Key Options</b> " +
"<a href=\"javascript:defaultAdvancedOptions()\">Use Default Settings</a>"+
"</td>"+
"</tr>"+
"<tr>"+
"<td class=\"ftdleft\">"+
"CSP"+
"</td>"+
"<td class=\"ftdright\">"+
"<select class=\"form\" style=\"width:300px;\" name=\"csp\" onChange=\"g_cspIndex=this.value\">"+
"<option value=\"\" ";
t_advancedOptions += ">Available CSPs</option>";
var t_cspName = null;
for (var l_cspIndex = 0; l_cspIndex < g_cspList.length; l_cspIndex++)
{
t_advancedOptions+= ""+
"<option value=\"" + l_cspIndex + "\"";
if (l_cspIndex == g_cspIndex)
t_advancedOptions += " selected";
t_advancedOptions+= ">" + g_cspList[l_cspIndex] + "</option>\n";
}
t_advancedOptions+= ""+
"</select>"+
"</td>"+
"<td class=\"ftdhelp\">"+
"</td>"+
"</tr>"+
"<tr>"+
"<td class=\"ftdleft\">"+
"Key Size"+
"</td>"+
"<td class=\"ftdright\">"+
"<select class=\"form\" name=\"keySize\" style=\"width:70px;\" onChange=\"g_keySize=this.value\">";
for (var l_keySize = 4096; l_keySize >= 512; l_keySize=l_keySize >> 1)
{
t_advancedOptions+= ""+
"<option value=\"" + l_keySize + "\"";
if (l_keySize == g_keySize)
t_advancedOptions += " selected";
t_advancedOptions+= ">" + l_keySize + "</option>";
}
t_advancedOptions+= ""+
"</select>"+
"</td>"+
"<td class=\"ftdhelp\">"+
"</td>"+
"</tr>"+
"<tr>"+
"<td class=\"ftdleft\">"+
"Exportable?"+
"</td>"+
"<td class=\"ftdright\">"+
"<input type=\"checkbox\" class=\"form\" style=\"width:15px;\" name=\"exportable\" onClick=\"setKeyExport(this.checked);\" ";
if (g_keyFlags & 1)
t_advancedOptions+=keyExportableChecked;
t_advancedOptions+= ">";
t_advancedOptions+= ""+
"</td>"+
"<td class=\"ftdhelp\">"+
"</td>"+
"</tr>"+
"<tr>"+
"<td class=\"ftdleft\">"+
"User protected?"+
"</td>"+
"<td class=\"ftdright\">"+
"<input type=\"checkbox\" class=\"form\" style=\"width:15px;\" name=\"userProtected\" onClick=\"setKeySecurity(this.checked);\"";
if (g_keyFlags & 2)
t_advancedOptions+= " checked";
t_advancedOptions+= ">";
t_advancedOptions+= ""+
"</td>"+
"<td class=\"ftdhelp\">"+
"</td>"+
"</tr>"+
"</table>";
setAdvancedOptions(t_advancedOptions);
}
/*
function certEnroll(formName)
{
if (!validate_form())
return false;
else if (g_cspIndex != null)
{
//showAdvancedOptions();
return generateRequest(formName);
}
else
return true;
}
*/
function drawAllKeyOptions()
{
if (g_cspIndex != null && g_env > 0 && g_env < 3)
{
document.write("<div id=\"advancedOptions\"></div>");
defaultAdvancedOptions();
}
else if(g_env==-2)
{
//document.write("<div id=\"advancedOptions\"></div>");
alert("Error: Certificate enrolment engine has not been loaded! Check your screen for error details.");
alertCertEnrollNotLoaded();
//alertWinUntrustedSite();
}
else if(g_env==-1)
{
alert("Error: Certificate enrolment engine has not been loaded! Check your screen for error details.");
alertCertEnrollNotLoaded();
}
else
drawMozillaKeyOptions();
if(advancedOptions)
advanced_key.style.display="";
else
advanced_key.style.display="none";
}
function drawMozillaKeyOptions()
{
var t_advancedOptions = ""+
"<table border=\"0\" cellpadding=\"3\" cellspacing=\"3\" class=\"table\" style=\"width:580px;margin:auto;border:0px;border-style:none;\">"+
"<tr>"+
"<td colspan=\"3\" style=\"text-align:left;\" class=\"tahoma_bold\">"+
"<b>Advanced Private Key Options</b>"+
"</td>"+
"</tr>"+
"<tr>"+
"<td class=\"ftdleft\">"+
"Key Size:"+
"</td>"+
"<td class=\"ftdright\">"+
"<keygen name=\"publicKey\" challenge=\"keygenChallenge\" value=\"\" class=\"form\">"+
"<input type=\"hidden\" name=\"csp\" id=\"csp\" value=\"-1\">"+
"<input type=\"hidden\" name=\"cspname\" id=\"cspname\" value=\"Mozilla Keygen\">"+
"</td>"+
"<td class=\"ftdhelp\">"+
"</td>"+
"</tr>"+
"</table>"
document.write(t_advancedOptions);
}
function setKeyExport(bvalue)
{
if(disableKeyExportVar)
{
document.hiddenForm.exportable.checked = false;
g_keyFlags = (g_keyFlags & 2);
}
else
{
if(bvalue)
g_keyFlags = (g_keyFlags | 1);
else
g_keyFlags = (g_keyFlags & 2);
}
}
function setKeySecurity(bvalue)
{
if(bvalue)
g_keyFlags = (g_keyFlags | 2);
else
g_keyFlags = (g_keyFlags & 2);
}
function getMaxKeySizeForVista(v_cspAlgorithms)
{
for (var i = 0; i < v_cspAlgorithms.Count; i++)
{
var t_algorithm = v_cspAlgorithms.ItemByIndex(i);
// Asymmetric Encryption and Signature Generation
if ((t_algorithm.Operations & 4) && (t_algorithm.Operations & 16))
return t_algorithm.MaxLength;
}
if (t_maxKeySize == 0)
{
for (var i = 0; i < v_cspAlgorithms.Count; i++)
{
var t_algorithm = v_cspAlgorithms.ItemByIndex(i);
// Signature Generation.
if (t_algorithm.Operations & 16)
return t_algorithm.MaxLength;
}
}
}
function generateRequest(FormName)
{
try
{
if (g_env == 1)
{
XEnroll.Reset();
XEnroll.KeySpec = 1;
XEnroll.ProviderType = 1;
XEnroll.ProviderName = g_cspList[g_cspIndex];
XEnroll.HashAlgID = 0x8004;
//
//if (g_pvkAllowed)
//if (g_form.pvkFilename.value != "")
//XEnroll.PVKFilename = g_form.pvkFilename.value;
//
while (true)
{
if (g_keySize < 1024)
if (!confirm("We strongly recommend that you use a 1024-bit (or " +
"larger) key. Are you sure you want to use a " +
String(g_keySize) + "-bit key?"))
return false;
XEnroll.GenKeyFlags = (g_keySize << 16) + g_keyFlags;
try
{
FormName.csr.value = XEnroll.CreatePKCS10("", "");
//FormName.cspname.value = XEnroll.ProviderName;
XEnroll.Reset();
return true;
}
catch (e)
{
if (verifyError(e.number, "80090009"))
{
if (g_keySize < 1024)
alert("Unable to generate a key!");
else if (confirm("Unable to generate a " + String(g_keySize) + "-bit" +
" key. Would you like to try generating a smaller" +
" key instead?"))
{
g_keySize >>= 1;
continue;
}
}
else if (verifyError(e.number, "800704C7"))
displayError(e.number, "You have clicked 'No' - you must click 'Yes' to proceed");
else if ((verifyError(e.number, "8000FFFF")) || (verifyError(e.number, "80090016")))
displayError(e.number, "Have you clicked 'Cancel' on the 'Private Key Container'? You must click 'OK' to proceed");
else if (verifyError(e.number, "80090019"))
displayError(e.number, "Missing Cryptographic Service Provider" + ". " + "Notify your Operating System Administrator");
else
displayError(e.number, "Notify your Operating System Administrator");
XEnroll.Reset();
return false;
}
}
}
else if (g_env == 2)
{
try
{
var t_selectedCSP = CEnroll.CreateObject("X509Enrollment.CCspInformation");
t_selectedCSP.InitializeFromName(g_cspList[g_cspIndex]);
var t_objPrivateKey = CEnroll.CreateObject("X509Enrollment.CX509PrivateKey");
t_objPrivateKey.CspInformations = g_objCspInfos;
t_objPrivateKey.CspInformations.Add(t_selectedCSP);
t_objPrivateKey.ProviderName = g_cspList[g_cspIndex];
var t_maxKeySize = getMaxKeySizeForVista(t_selectedCSP.CspAlgorithms);
t_objPrivateKey.Length = (g_keySize <= t_maxKeySize) ? g_keySize : t_maxKeySize;
t_objPrivateKey.KeySpec = 1;
t_objPrivateKey.ExportPolicy = ((g_keyFlags & 1) ? 1 : 0);
t_objPrivateKey.KeyProtection = ((g_keyFlags & 2) ? 1 : 0);
var t_objRequest = CEnroll.CreateObject("X509Enrollment.CX509CertificateRequestPkcs10");
// ContextUser,
t_objRequest.InitializeFromPrivateKey(1, t_objPrivateKey, "");
var t_objEnroll = CEnroll.CreateObject("X509Enrollment.CX509Enrollment");
t_objEnroll.InitializeFromRequest(t_objRequest);
// Base64
FormName.csr.value = t_objEnroll.CreateRequest(1);
//FormName.cspname.value = t_objPrivateKey.ProviderName;
return true;
}
catch (e)
{
if (verifyError(e.number, "800704C7"))
displayError(e.number, "You have clicked \"No\" - you must click \"Yes\" to proceed");
else
displayError(e.number, "Notify your Operating System Administrator");
return false;
}
}
}
catch (e)
{
displayError(e.number, "Notify your Operating System Administrator");
}
return false;
}
function submitForm(v_hiddenForm)
{
if(g_env<0)
{
alert("Unable to continue! Check your screen for error details.");
return false;
}
else if (g_cspIndex != null)
{
//hideAdvancedOptions();
return generateRequest(v_hiddenForm);
}
else { return true; }
}