our
(
$errno
,
$errval
);
(
$OpenCA::REQ::VERSION
=
'$Revision: 1.52 $'
)=~ s/(?:^.*: (\d+))|(?:\s+\$$)/
defined
$1?
"0\.9"
:
""
/eg;
my
%params
= (
req
=>
undef
,
item
=>
undef
,
pemREQ
=>
undef
,
derREQ
=>
undef
,
txtREQ
=>
undef
,
spkacREQ
=>
undef
,
revokeREQ
=>
undef
,
parsedSPKAC
=>
undef
,
parsedCRR
=>
undef
,
parsedItem
=>
undef
,
backend
=>
undef
,
beginHeader
=>
undef
,
endHeader
=>
undef
,
beginSignature
=>
undef
,
endSignature
=>
undef
,
beginKey
=>
undef
,
endKey
=>
undef
,
beginAttribute
=>
undef
,
endAttribute
=>
undef
,
reqFormat
=>
undef
,
);
sub
setError {
my
$self
=
shift
;
if
(
scalar
(
@_
) == 4) {
my
$keys
= {
@_
};
$errval
=
$keys
->{ERRVAL};
$errno
=
$keys
->{ERRNO};
}
else
{
$errno
=
$_
[0];
$errval
=
$_
[1];
}
return
undef
;
}
sub
new {
my
$that
=
shift
;
my
$class
=
ref
(
$that
) ||
$that
;
my
$self
= {
%params
,
};
bless
$self
,
$class
;
$self
->{beginHeader} =
"-----BEGIN HEADER-----"
;
$self
->{endHeader} =
"-----END HEADER-----"
;
$self
->{beginSignature} =
"-----BEGIN PKCS7-----"
;
$self
->{endSignature} =
"-----END PKCS7-----"
;
$self
->{beginKey} =
"-----BEGIN ENCRYPTED PRIVATE KEY-----"
;
$self
->{endKey} =
"-----END ENCRYPTED PRIVATE KEY-----"
;
$self
->{beginAttribute} =
"-----BEGIN ATTRIBUTE-----"
;
$self
->{endAttribute} =
"-----END ATTRIBUTE-----"
;
$self
->{reqFormat} =
""
;
my
$keys
= {
@_
};
my
(
$infile
,
$keyfile
,
$tmp
);
$self
->{req} =
$keys
->{DATA};
$self
->{reqFormat} = (
$keys
->{FORMAT} or
$keys
->{INFORM} );
$self
->{backend} =
$keys
->{SHELL};
$infile
=
$keys
->{INFILE};
$keyfile
=
$keys
->{KEYFILE};
return
$self
->setError (7211011,
"OpenCA::REQ->new: The backend is not specified."
)
if
(not
$self
->{backend});
if
(
$keyfile
) {
if
( not
defined
$self
->{reqFormat} or not
$self
->{reqFormat} ) {
$self
->{reqFormat} =
"PEM"
;
}
$self
->{req} =
$self
->{backend}->genReq(
KEYFILE
=>
$keys
->{KEYFILE},
DN
=>
$keys
->{DN},
SUBJECT
=>
$keys
->{SUBJECT},
OUTFORM
=>
$self
->{reqFormat},
PASSWD
=>
$keys
->{PASSWD} );
return
$self
->setError (7211021,
"OpenCA::REQ->new: Cannot create new request.\n"
.
"Backend fails with errorcode "
.
$OpenCA::OpenSSL::errno
.
"\n"
.
$OpenCA::OpenSSL::errval
)
if
( not
$self
->{req} );
}
if
(
$infile
) {
$self
->{req} =
""
;
open
(FD,
"<$infile"
) or
return
$self
->setError (7211031,
"OpenCA::REQ->new: Cannot open infile $infile for reading."
);
while
(
$tmp
= <FD> ) {
$self
->{req} .=
$tmp
;
}
close
(FD);
return
$self
->setError (7211033,
"Cannot read request from infile $infile."
)
if
( not
$self
->{req});
}
if
( not (
defined
(
$self
->{reqFormat})) or (
$self
->{reqFormat} eq
""
)) {
if
( (
$self
->{req} ) and (
$self
->{req} =~ /SPKAC\s*=\s*/g ) ){
$self
->{reqFormat} =
"SPKAC"
;
}
elsif
((
$self
->{req}) and (
$self
->{req} =~
/REVOKE_CERTIFICATE_SERIAL\s*=\s*/g)){
$self
->{reqFormat} =
"CRR"
;
}
else
{
$self
->{reqFormat} =
"PEM"
;
}
}
if
(
$self
->{req} ne
""
) {
$self
->{item} =
$self
->{req};
if
( not
$self
->init(
REQ
=>
$self
->{req},
FORMAT
=>
$self
->{reqFormat})) {
return
$self
->setError (7211041,
"OpenCA::REQ->new: Cannot initialize request ("
.
$errno
.
")\n"
.
$errval
);
}
}
return
$self
;
}
sub
init {
my
$self
=
shift
;
my
$keys
= {
@_
};
$self
->{reqFormat} =
$keys
->{FORMAT};
$self
->{req} =
$self
->getBody(
REQUEST
=>
$keys
->{REQ});
if
(not
$self
->{req}) {
$self
->{parsedItem} =
$self
->parseReq(
REQ
=>
$keys
->{REQ},
FORMAT
=>
$self
->{reqFormat} );
return
$self
->setError (7212011,
"OpenCA::REQ->init: Cannot parse request "
.
"($errno):\n$errval"
)
if
(not
$self
->{parsedItem});
}
elsif
(
$self
->{reqFormat} !~ /SPKAC|CRR/i ) {
$self
->{pemREQ} =
""
;
$self
->{derREQ} =
""
;
$self
->{txtREQ} =
""
;
$self
->{parsedItem} =
$self
->parseReq(
REQ
=>
$keys
->{REQ},
FORMAT
=>
$self
->{reqFormat} );
return
$self
->setError (7212024,
"OpenCA::REQ->init: Cannot parse request "
.
"($errno):\n$errval"
)
if
(not
$self
->{parsedItem});
}
else
{
if
(
$self
->{reqFormat} =~ /SPKAC/ ) {
$self
->{spkacREQ} =
$self
->{req};
$self
->{parsedSPKAC}=
$self
->parseReq(
REQ
=>
$keys
->{REQ},
FORMAT
=>
"SPKAC"
);
$self
->{parsedItem} =
$self
->{parsedSPKAC};
return
$self
->setError (7212026,
"OpenCA::REQ->init: Cannot parse request "
.
"($errno):\n$errval"
)
if
( not
$self
->{parsedSPKAC} );
}
elsif
(
$self
->{reqFormat} =~ /CRR/ ) {
$self
->{revokeREQ} =
$self
->{req};
$self
->{parsedCRR}=
$self
->parseReq(
REQ
=>
$keys
->{REQ},
FORMAT
=>
"CRR"
);
$self
->{parsedItem} =
$self
->{parsedCRR};
return
$self
->setError (7212031,
"OpenCA::REQ->init: Cannot parse request "
.
"($errno):\n$errval"
)
if
( not
$self
->{parsedCRR} );
}
else
{
return
$self
->setError (7212041,
"OpenCA::REQ->init: Unknown request's format."
);
}
}
return
1;
}
sub
getParsed {
my
$self
=
shift
;
if
(
$self
->{reqFormat} =~ /SPKAC/i ) {
return
$self
->setError (7221011,
"OpenCA::REQ->getParsed: SPKAC-request was not parsed."
)
if
( not
$self
->{parsedSPKAC} );
return
$self
->{parsedSPKAC};
}
elsif
(
$self
->{reqFormat} =~ /CRR/i ) {
return
$self
->setError (7221013,
"OpenCA::REQ->getParsed: CRR was not parsed."
)
if
( not
$self
->{parsedCRR} );
return
$self
->{parsedCRR};
}
else
{
return
$self
->setError (7221014,
"OpenCA::REQ->getParsed: Request was not parsed."
)
if
( not
$self
->{parsedItem} );
return
$self
->{parsedItem};
}
}
sub
getHeader {
my
$self
=
shift
;
my
$keys
= {
@_
};
my
$req
=
$keys
->{REQUEST};
my
(
$txt
,
$ret
,
$i
,
$key
,
$val
);
my
$beginHeader
=
$self
->{beginHeader};
my
$endHeader
=
$self
->{endHeader};
my
$beginAttribute
=
$self
->{beginAttribute};
my
$endAttribute
=
$self
->{endAttribute};
if
( (
$txt
) = (
$req
=~ /
$beginHeader
\s*\n([\s\S\n]+)\n
$endHeader
/) ) {
my
$active_multirow
= 0;
foreach
$i
(
split
( /\s*\n/,
$txt
) ) {
if
(
$active_multirow
) {
if
(
$i
=~ /^
$endAttribute
$/) {
$active_multirow
= 0;
}
else
{
$ret
->{
$key
} .=
"\n"
if
(
$ret
->{
$key
});
$ret
->{
$key
} .=
$i
;
}
}
elsif
(
$i
=~ /^
$beginAttribute
$/) {
$active_multirow
= 1;
}
else
{
$i
=~ s/\s*\r$//;
$i
=~ s/\s*=\s*/=/;
(
$key
,
$val
) = (
$i
=~ /^([^=]*)\s*=\s*(.*)\s*/ );
$ret
->{
$key
} =
$val
;
if
(
$key
eq
"SUBJ"
) {
$ret
->{SUBJECT} =
$val
;
}
}
}
}
return
$ret
;
}
sub
getRawHeader {
my
$self
=
shift
;
my
$keys
= {
@_
};
my
$req
=
$keys
->{REQUEST};
my
$beginHeader
=
$self
->{beginHeader};
my
$endHeader
=
$self
->{endHeader};
my
(
$ret
) = (
$req
=~ /(
$beginHeader
[\S\s\n]+
$endHeader
)/ );
return
$ret
;
}
sub
getSignature {
my
$self
=
shift
;
my
$keys
= {
@_
};
my
$req
=
$keys
->{REQUEST};
my
$beginSig
=
$self
->{beginSignature};
my
$endSig
=
$self
->{endSignature};
my
(
$ret
) = (
$req
=~ /(
$beginSig
[\S\s\n]+
$endSig
)/ );
return
$ret
;
}
sub
getKey {
my
$self
=
shift
;
my
$keys
= {
@_
};
my
$req
=
$keys
->{REQUEST};
my
$beginKey
=
$self
->{beginKey};
my
$endKey
=
$self
->{endKey};
my
(
$ret
) = (
$req
=~ /(
$beginKey
[\S\s\n]+
$endKey
)/ );
return
$ret
;
}
sub
getBody {
my
$self
=
shift
;
my
$keys
= {
@_
};
my
$ret
=
$keys
->{REQUEST};
return
$self
->{req}
if
(not
$ret
);
my
$beginHeader
=
$self
->{beginHeader};
my
$endHeader
=
$self
->{endHeader};
my
$beginSig
=
$self
->{beginSignature};
my
$endSig
=
$self
->{endSignature};
my
$beginKey
=
$self
->{beginKey};
my
$endKey
=
$self
->{endKey};
$ret
=~ s/(
$beginHeader
[\S\s\n]+
$endHeader
\n*)//;
$ret
=~ s/(
$beginSig
[\S\s\n]+
$endSig
)//;
$ret
=~ s/(
$beginKey
[\S\s\n]+
$endKey
)//;
$ret
=~ s/\n$//;
return
$ret
;
}
sub
parseReq {
my
$self
=
shift
;
my
$keys
= {
@_
};
my
$fullReq
=
$keys
->{REQ};
my
$format
=
$keys
->{FORMAT};
my
@dnList
= ();
my
@exts
= ();
my
(
$ret
,
$tmp
,
$key
,
$val
,
$tmpOU
,
$ra
,
$textReq
);
return
$self
->setError (7213011,
"There is no complete request available."
)
if
(not
$fullReq
);
$ret
->{SIGNATURE} =
$self
->getSignature (
REQUEST
=>
$fullReq
);
$ret
->{KEY} =
$self
->getKey (
REQUEST
=>
$fullReq
);
$ret
->{HEADER} =
$self
->getHeader (
REQUEST
=>
$fullReq
);
$ret
->{RAWHEADER} =
$self
->getRawHeader (
REQUEST
=>
$fullReq
);
$ret
->{BODY} =
$self
->getBody (
REQUEST
=>
$fullReq
);
$ret
->{ITEM} =
$self
->{item};
if
(not
$ret
->{BODY}) {
print
"OpenCA::REQ->parseReq: This is a HEADER only.<br>\n"
if
(
$self
->{DEBUG});
if
( not
$ret
->{HEADER} ) {
return
$self
->setError (7213015,
"OpenCA::REQ->init: The request has no body."
);
}
if
( not
$ret
->{HEADER}->{TYPE} =~ /HEADER/i ) {
return
$self
->setError (7213016,
"OpenCA::REQ->init: The request has no body and has not the type HEADER."
);
}
$ret
->{TYPE} =
"HEADER"
;
$ret
->{DN} =
$ret
->{HEADER}->{SUBJECT};
}
else
{
$textReq
=
$ret
->{BODY};
print
"OpenCA::REQ->parseReq: FORMAT: $format<br>\n"
if
(
$self
->{DEBUG});
if
(
uc
$format
ne
"CRR"
) {
my
@attrlist
;
if
(
$format
=~ /SPKAC/i ) {
@attrlist
= (
"PUBKEY"
,
"KEYSIZE"
,
"PUBKEY_ALGORITHM"
,
"EXPONENT"
,
"MODULUS"
,
"SIGNATURE_ALGORITHM"
);
}
else
{
@attrlist
= (
"DN"
,
"VERSION"
,
"SIGNATURE_ALGORITHM"
,
"PUBKEY"
,
"KEYSIZE"
,
"PUBKEY_ALGORITHM"
,
"EXPONENT"
,
"MODULUS"
);
}
my
$attrs
=
$self
->{backend}->getReqAttribute(
DATA
=>
$ret
->{BODY}.
"\n"
,
ATTRIBUTE_LIST
=>\
@attrlist
,
INFORM
=>
$format
);
foreach
(
keys
%$attrs
) {
$ret
->{
$_
} =
$attrs
->{
$_
};
if
(
$self
->{DEBUG}) {
print
"OpenCA::REQ->parseReq: ATTRIBUTE: "
.
$_
.
"<br>\n"
;
print
"OpenCA::REQ->parseReq: VALUE: "
.
$ret
->{
$_
}.
"<br>\n"
;
}
}
}
if
(
exists
$ret
->{PUBKEY} ) {
my
$md5
= new Digest::MD5;
$md5
->add(
$ret
->{PUBKEY} );
$ret
->{KEY_DIGEST} =
$md5
->hexdigest();
}
if
(
$format
=~ /SPKAC/i ) {
my
(
@reqLines
);
@reqLines
=
split
( /\n/ ,
$textReq
);
for
$tmp
(
@reqLines
) {
$tmp
=~ s/\r$//;
my
(
$key
,
$val
)=(
$tmp
=~ /([\w]+)\s*=\s*(.*)\s*/ );
if
(
$key
ne
""
) {
if
(
$key
=~ /SPKAC/i) {
$ret
->{SPKAC} =
$val
;
}
else
{
$ret
->{DN} .=
", "
if
(
$ret
->{DN});
$ret
->{DN} .=
$key
.
"="
.
$val
;
}
}
}
$textReq
=
$self
->{backend}->SPKAC(
SPKAC
=>
$textReq
);
$ret
->{VERSION} = 1;
$ret
->{TYPE} =
'SPKAC'
;
}
elsif
(
$format
=~ /CRR/i ) {
my
(
@reqLines
);
@reqLines
=
split
( /\n/ ,
$textReq
);
for
$tmp
(
@reqLines
) {
$tmp
=~ s/\r$//;
(
$key
,
$val
)=(
$tmp
=~ /([\w]+)\s*=\s*(.*)\s*/ );
$key
=
uc
(
$key
);
$ret
->{
$key
} =
$val
;
}
$ret
->{VERSION} = 1
if
( not
exists
$ret
->{VERSION});
$ret
->{TYPE} =
'CRR'
;
$ret
->{HEADER}->{TYPE} =
$ret
->{TYPE};
$ret
->{REVOKE_CERTIFICATE_DN} =~ s/^\///;
$ret
->{REVOKE_CERTIFICATE_DN} =~ s/\/([A-Za-z0-9\-]+)=/, $1=/g;
$ret
->{DN} =
$ret
->{REVOKE_CERTIFICATE_DN};
$ret
->{REASON} =
$ret
->{REVOKE_REASON};
$ret
->{REVOKE_REASON} =
$ret
->{REVOKE_REASON};
}
else
{
$ret
->{DN} =~ s/\,\s*$//;
if
(
exists
$ret
->{HEADER}->{TYPE} ) {
$ret
->{TYPE} =
$ret
->{HEADER}->{TYPE};
}
else
{
$ret
->{TYPE} =
'PKCS#10'
;
}
}
}
my
$fixed_dn
;
my
$rdn
;
if
(
$ret
->{HEADER}->{SUBJECT}) {
print
"OpenCA::REQ->parseReq: SUBJECT: "
.
$ret
->{HEADER}->{SUBJECT}.
"<br>\n"
if
(
$self
->{DEBUG});
$fixed_dn
=
$ret
->{HEADER}->{SUBJECT};
}
else
{
print
"OpenCA::REQ->parseReq: DN: "
.
$ret
->{DN}.
"<br>\n"
if
(
$self
->{DEBUG});
$fixed_dn
=
$ret
->{DN};
}
my
$i
= 0;
my
$now
=
"name"
;
while
(
$i
<
length
(
$fixed_dn
))
{
if
(
substr
(
$fixed_dn
,
$i
, 1) eq
'\\'
)
{
$i
++;
}
elsif
(
substr
(
$fixed_dn
,
$i
, 1) eq
'='
) {
if
(
$now
=~ /value/)
{
$fixed_dn
=
substr
(
$fixed_dn
, 0,
$i
).
"\\"
.
substr
(
$fixed_dn
,
$i
);
$i
++;
}
else
{
$now
=
"value"
;
}
}
elsif
(
substr
(
$fixed_dn
,
$i
, 1) =~ /[,+]/) {
$now
=
"name"
;
}
$i
++;
}
if
(
$fixed_dn
=~ /[\\+]/) {
my
$x500_dn
= X500::DN->ParseRFC2253 (
$fixed_dn
);
foreach
$rdn
(
$x500_dn
->getRDNs()) {
next
if
(
$rdn
->isMultivalued());
my
@attr_types
=
$rdn
->getAttributeTypes();
my
$type
=
$attr_types
[0];
my
$value
=
$rdn
->getAttributeValue (
$type
);
push
(@{
$ret
->{DN_HASH}->{
uc
(
$type
)}},
$value
);
print
"OpenCA::REQ->parseReq: DN_HASH: $type=$value<br>\n"
if
(
$self
->{DEBUG});
}
}
else
{
my
@rdns
=
split
/,/,
$fixed_dn
;
foreach
$rdn
(
@rdns
) {
my
(
$type
,
$value
) =
split
/=/,
$rdn
;
$type
=~ s/^\s*//;
$type
=~ s/\s*$//;
$value
=~ s/^\s*//;
$value
=~ s/\s*$//;
push
(@{
$ret
->{DN_HASH}->{
uc
(
$type
)}},
$value
);
print
"OpenCA::REQ->parseReq: DN_HASH: $type=$value<br>\n"
if
(
$self
->{DEBUG});
}
}
if
(
$self
->{DEBUG}) {
print
"OpenCA::REQ->parseReq: TYPE: "
.
$ret
->{TYPE}.
"<br>\n"
;
print
"OpenCA::REQ->parseReq: DN: "
.
$ret
->{DN}.
"<br>\n"
;
}
if
(
$ret
->{HEADER}->{SUBJECT_ALT_NAME} and
( (
$ret
->{HEADER}->{SUBJECT_ALT_NAME} =~ /^\s
*email
\s*:/i) or
(
$ret
->{HEADER}->{SUBJECT_ALT_NAME} =~ /,\s
*email
\s*:/i) ) ) {
(
$ret
->{EMAILADDRESS} ) =
(
$ret
->{HEADER}->{SUBJECT_ALT_NAME} =~
/^\s
*email
\s*:\s*([^,]*),?/ );
if
(not
$ret
->{EMAILADDRESS}) {
(
$ret
->{EMAILADDRESS} ) =
(
$ret
->{HEADER}->{SUBJECT_ALT_NAME} =~
/,\s
*email
\s*:\s*([^,]*),?/ );
}
}
elsif
(
$ret
->{DN_HASH}->{EMAILADDRESS} and
$ret
->{DN_HASH}->{EMAILADDRESS}[0]) {
$ret
->{EMAILADDRESS} =
$ret
->{DN_HASH}->{EMAILADDRESS}[0];
}
if
(
$self
->{DEBUG}) {
print
"OpenCA::REQ->parseReq: SUBJECT_ALT_NAME: "
.
$ret
->{HEADER}->{SUBJECT_ALT_NAME}.
"<br>\n"
;
print
"OpenCA::REQ->parseReq: EMAILADDRESS: "
.
$ret
->{EMAILADDRESS}.
"<br>\n"
;
}
if
(
$ret
->{HEADER}->{TYPE} !~ /HEADER/) {
$ret
->{PK_ALGORITHM} =
$ret
->{PUBKEY_ALGORITHM};
$ret
->{SIG_ALGORITHM} =
$ret
->{SIGNATURE_ALGORITHM};
$ret
->{TYPE} .=
" with PKCS#7 Signature"
if
(
$ret
->{SIGNATURE} );
}
return
$ret
;
}
sub
getTXT {
my
$self
=
shift
;
my
$ret
;
if
(
$self
->{reqFormat} =~ /SPKAC/i ) {
return
$self
->setError (7241011,
"OpenCA::REQ->getTXT: The request should be in SPKAC-format "
.
"but there is no SPKAC-request."
)
if
( not
$self
->{spkacREQ} );
$ret
=
$self
->{req} .
$self
->{backend}->SPKAC(
SPKAC
=>
$self
->{spkacREQ} );
return
$ret
;
}
elsif
(
$self
->{reqFormat} =~ /CRR/i ) {
return
$self
->setError (7241013,
"OpenCA::REQ->getTXT: The request should be a CRR "
.
"but there is no such request."
)
if
( not
$self
->{revokeREQ} );
$ret
=
$self
->{req};
return
$ret
;
}
else
{
if
(not
$self
->{txtREQ}) {
$self
->{txtREQ} =
$self
->{backend}->dataConvert(
DATA
=>
$self
->{req},
DATATYPE
=>
"REQUEST"
,
INFORM
=>
$self
->{reqFormat},
OUTFORM
=>
"TXT"
);
return
$self
->setError (7241021,
"OpenCA::REQ->init: Cannot convert request to TXT-format "
.
"("
.
$OpenCA::OpenSSL::errno
.
"):\n"
.
$OpenCA::OpenSSL::errval
)
if
(not
$self
->{txtREQ});
}
return
$self
->setError (7241015,
"OpenCA::REQ->getTXT: The request should be a TXT-request "
.
"but there is no TXT-request."
)
if
( not
$self
->{txtREQ} );
return
$self
->{txtREQ};
}
}
sub
getPEM {
my
$self
=
shift
;
my
$ret
;
return
$self
->setError (7242011,
"OpenCA::REQ->getPEM: The request is in SPKAC-format and not in PEM-format."
)
if
(
$self
->{reqFormat} =~ /SPKAC/i );
return
$self
->setError (7242013,
"OpenCA::REQ->getPEM: The request is a CRR."
)
if
(
$self
->{reqFormat} =~ /CRR/i );
if
(
$self
->{reqFormat} eq
'PEM'
) {
$self
->{req} .=
"\n"
if
(
$self
->{req} !~ /\n$/);
return
$self
->{req};
}
if
(not
$self
->{pemREQ}) {
$self
->{pemREQ} =
$self
->{backend}->dataConvert(
DATA
=>
$self
->{req},
DATATYPE
=>
"REQUEST"
,
INFORM
=>
$self
->{reqFormat},
OUTFORM
=>
"PEM"
);
return
$self
->setError (7242021,
"OpenCA::REQ->getPEM: Cannot convert request to PEM-format "
.
"("
.
$OpenCA::OpenSSL::errno
.
"):\n"
.
$OpenCA::OpenSSL::errval
)
if
(not
$self
->{pemREQ});
}
return
$self
->setError (7242015,
"OpenCA::REQ->getPEM: The request is not available in PEM-format."
)
if
( not
$self
->{pemREQ} );
return
$self
->{pemREQ};
}
sub
getDER {
my
$self
=
shift
;
my
$ret
;
return
$self
->setError (7243011,
"OpenCA::REQ->getDER: The request is in SPKAC-format and not in DER-format."
)
if
(
$self
->{reqFormat} =~ /SPKAC/i );
return
$self
->setError (7243013,
"OpenCA::REQ->getDER: The request is a CRR."
)
if
(
$self
->{reqFormat} =~ /CRR/i );
if
(
$self
->{reqFormat} eq
'DER'
) {
return
$self
->{req};
}
if
(not
$self
->{derREQ}) {
$self
->{derREQ} =
$self
->{backend}->dataConvert(
DATA
=>
$self
->{req},
DATATYPE
=>
"REQUEST"
,
INFORM
=>
$self
->{reqFormat},
OUTFORM
=>
"DER"
);
return
$self
->setError (7243021,
"OpenCA::REQ->getDER: Cannot convert request to DER-format "
.
"("
.
$OpenCA::OpenSSL::errno
.
"):\n"
.
$OpenCA::OpenSSL::errval
)
if
(not
$self
->{derREQ});
}
return
$self
->setError (7243015,
"OpenCA::REQ->getDER: The request is not available in DER-format."
)
if
( not
$self
->{derREQ} );
return
$self
->{derREQ};
}
sub
getItem {
my
$self
=
shift
;
return
$self
->getParsed()->{ITEM};
}
sub
getSerial {
my
$self
=
shift
;
my
$ret
=
$self
->getParsed()->{HEADER}->{SERIAL};
if
(not
defined
$ret
) {
$ret
=
$self
->getParsed()->{SERIAL};
}
return
$ret
;
}
sub
setParams {
my
$self
=
shift
;
my
$params
= {
@_
};
my
$key
;
foreach
$key
(
keys
%{
$params
} ) {
}
return
1;
}
sub
setHeaderAttribute {
my
$self
=
shift
;
my
$keys
= {
@_
};
my
$beginHeader
=
$self
->{beginHeader};
my
$endHeader
=
$self
->{endHeader};
my
$beginAttribute
=
$self
->{beginAttribute};
my
$endAttribute
=
$self
->{endAttribute};
return
$self
->setError (7251011,
"OpenCA::REQ->setHeaderAttribute: The request is not in PEM-format."
)
if
(
$self
->{reqFormat} !~ /^PEM|CRR|SPKAC$/i);
print
"REQ->setHeaderAttribute: correct format - PEM<br>\n"
if
(
$self
->{DEBUG});
if
(
$self
->{item} !~ /
$beginHeader
/) {
$self
->{item} =
$beginHeader
.
"\n"
.
$endHeader
.
"\n"
.
$self
->{item};
}
for
my
$attribute
(
keys
%{
$keys
}) {
print
"REQ->setHeaderAttribute: $attribute:="
.
$keys
->{
$attribute
}.
"<br>\n"
if
(
$self
->{DEBUG});
if
(
$keys
->{
$attribute
} =~ /\n/) {
$self
->{item} =~ s/${endHeader}/${attribute}=\n${beginAttribute}\n
$keys
->{
$attribute
}\n${endAttribute}\n${endHeader}/;
}
else
{
$self
->{item} =~ s/${endHeader}/${attribute}=
$keys
->{
$attribute
}\n${endHeader}/;
}
}
return
$self
->setError (7251021,
"OpenCA::REQ->setHeaderAttribute: Cannot re-initialize the request "
.
"($errno)\n$errval"
)
if
(not
$self
->init (
REQ
=>
$self
->{item},
FORMAT
=>
$self
->{reqFormat}));
return
1;
}
1;