security/nss/cmd/crmf-cgi/crmfcgi.html@141e0f1194b1 (annotated)
security/nss/cmd/crmf-cgi/crmfcgi.html
Wed, 31 Dec 2014 07:16:47 +0100
- author
- Michael Schloh von Bennewitz <michael@schloh.com>
- date
- Wed, 31 Dec 2014 07:16:47 +0100
- branch
- TOR_BUG_9701
- changeset 3
- 141e0f1194b1
- permissions
- -rw-r--r--
Revert simplistic fix pending revisit of Mozilla integration attempt.
| michael@0 | 1 | <!-- This Source Code Form is subject to the terms of the Mozilla Public |
| michael@0 | 2 | - License, v. 2.0. If a copy of the MPL was not distributed with this |
| michael@0 | 3 | - file, You can obtain one at http://mozilla.org/MPL/2.0/. --> |
| michael@0 | 4 | |
| michael@0 | 5 | <html> |
| michael@0 | 6 | <head> |
| michael@0 | 7 | <title>CRMF Test Page for PSM</title> |
| michael@0 | 8 | <script language=javascript> |
| michael@0 | 9 | var request; |
| michael@0 | 10 | //This variable must be set to the first value |
| michael@0 | 11 | //in the select field "testType" in the form. |
| michael@0 | 12 | var keyGenType="SigningOnlyRSA"; |
| michael@0 | 13 | |
| michael@0 | 14 | var requestedDN = "CN=Javi CA Shack ID, O=NSS"; |
| michael@0 | 15 | |
| michael@0 | 16 | function setTestType() { |
| michael@0 | 17 | var testType = document.crmfForm.testType; |
| michael@0 | 18 | |
| michael@0 | 19 | keyGenType = testType.options[testType.selectedIndex].value; |
| michael@0 | 20 | } |
| michael@0 | 21 | |
| michael@0 | 22 | function setRequest() { |
| michael@0 | 23 | with (document.crmfForm) { |
| michael@0 | 24 | CRMFRequest.value = request.request; |
| michael@0 | 25 | submit(); |
| michael@0 | 26 | } |
| michael@0 | 27 | } |
| michael@0 | 28 | |
| michael@0 | 29 | function generateSignAndEncryptRSARequest() { |
| michael@0 | 30 | request = crypto.generateCRMFRequest(requestedDN, |
| michael@0 | 31 | null, null, null, "setRequest()", |
| michael@0 | 32 | crypto.algorithms.rsa.keyEx.keySizes[0], |
| michael@0 | 33 | null, "rsa-dual-use"); |
| michael@0 | 34 | } |
| michael@0 | 35 | |
| michael@0 | 36 | function generateSigningOnlyRSARequest() { |
| michael@0 | 37 | request = crypto.generateCRMFRequest(requestedDN,null,null,null,"setRequest()", |
| michael@0 | 38 | crypto.algorithms.rsa.signing.keySizes[0], |
| michael@0 | 39 | null, "rsa-sign"); |
| michael@0 | 40 | } |
| michael@0 | 41 | |
| michael@0 | 42 | function generateEncryptionOnlyRSARequest() { |
| michael@0 | 43 | request = crypto.generateCRMFRequest(requestedDN, null, null, null, "setRequest()", |
| michael@0 | 44 | crypto.algorithms.rsa.keyEx.keySizes[0], |
| michael@0 | 45 | null, "rsa-ex"); |
| michael@0 | 46 | } |
| michael@0 | 47 | |
| michael@0 | 48 | function generateDualRSAKeys() { |
| michael@0 | 49 | request = crypto.generateCRMFRequest(requestedDN, null, null, null, "setRequest()", |
| michael@0 | 50 | crypto.algorithms.rsa.keyEx.keySizes[0], |
| michael@0 | 51 | null, "rsa-ex", |
| michael@0 | 52 | crypto.algorithms.rsa.signing.keySizes[0], |
| michael@0 | 53 | null, "rsa-sign"); |
| michael@0 | 54 | } |
| michael@0 | 55 | |
| michael@0 | 56 | function generateDSAKey() { |
| michael@0 | 57 | request = crypto.generateCRMFRequest(requestedDN, null, null, null, "setRequest()", |
| michael@0 | 58 | crypto.algorithms.dsa.keySizes[0], |
| michael@0 | 59 | null, "dsa-sign-nonrepudiation"); |
| michael@0 | 60 | } |
| michael@0 | 61 | |
| michael@0 | 62 | function processForm(form) { |
| michael@0 | 63 | with (form) { |
| michael@0 | 64 | if (typeof(crypto.version) == "undefined") { |
| michael@0 | 65 | alert('You must be running PSM in order to use this page.'); |
| michael@0 | 66 | return false; |
| michael@0 | 67 | } |
| michael@0 | 68 | if (NSSDirectory.value == "") { |
| michael@0 | 69 | alert('You must provide a path for NSS to use.'); |
| michael@0 | 70 | return false; |
| michael@0 | 71 | } |
| michael@0 | 72 | if (dbPassword.value == "") { |
| michael@0 | 73 | alert('You must provide a password for the certificate database.'); |
| michael@0 | 74 | return false; |
| michael@0 | 75 | } |
| michael@0 | 76 | if (CANickname.value == "") { |
| michael@0 | 77 | alert('You must provide a CA Nickname to use.'); |
| michael@0 | 78 | return false; |
| michael@0 | 79 | } |
| michael@0 | 80 | //Now do the correct key generation. |
| michael@0 | 81 | if (keyGenType == "SignAndEncryptRSA") { |
| michael@0 | 82 | generateSignAndEncryptRSARequest(); |
| michael@0 | 83 | } else if (keyGenType == "SigningOnlyRSA") { |
| michael@0 | 84 | generateSigningOnlyRSARequest(); |
| michael@0 | 85 | } else if (keyGenType == "EncryptionOnlyRSA") { |
| michael@0 | 86 | generateEncryptionOnlyRSARequest(); |
| michael@0 | 87 | } else if (keyGenType == "DualRSAKeys") { |
| michael@0 | 88 | generateDualRSAKeys(); |
| michael@0 | 89 | } else if (keyGenType == "DSAKeyGen") { |
| michael@0 | 90 | generateDSAKey(); |
| michael@0 | 91 | } |
| michael@0 | 92 | } |
| michael@0 | 93 | return true; |
| michael@0 | 94 | } |
| michael@0 | 95 | </script> |
| michael@0 | 96 | </head> |
| michael@0 | 97 | <body> |
| michael@0 | 98 | <h1><center>CRMF Test page for PSM</center></h1> |
| michael@0 | 99 | This page is designed to be used in combination with the executable |
| michael@0 | 100 | produced by ns/security/cmd/crmf-cgi in a CGI environment. In order |
| michael@0 | 101 | to successfully use this page, modify its action to post to a a server |
| michael@0 | 102 | where you have installed the crmfcgi executable and you'll be able to |
| michael@0 | 103 | test the functionality. |
| michael@0 | 104 | <hr> |
| michael@0 | 105 | <form name="crmfForm" method=post action="http://www.cgi-site.com/cgi-bin/crmfcgi"> |
| michael@0 | 106 | <h2>Certificate Database information</h2> |
| michael@0 | 107 | First, enter all the information for the CGI to use for initializing |
| michael@0 | 108 | NSS. The CGI will use the directory entered below as the directory |
| michael@0 | 109 | where to look for the certificate and key databases. |
| michael@0 | 110 | <pre> |
| michael@0 | 111 | Path for NSS Config: <input size=40 type="text" name="NSSDirectory"> |
| michael@0 | 112 | </pre> |
| michael@0 | 113 | Enter the password for the certificate database found in the direcotry |
| michael@0 | 114 | above. |
| michael@0 | 115 | <pre> |
| michael@0 | 116 | Database Password: <input type="password" name="dbPassword" size=40> |
| michael@0 | 117 | </pre> |
| michael@0 | 118 | Now enter the nickname of the certificate to use for signing the |
| michael@0 | 119 | certificate issued during this test. |
| michael@0 | 120 | <pre> |
| michael@0 | 121 | CA Nickname: <input size=40 type="text" name="CANickname"> |
| michael@0 | 122 | </pre> |
| michael@0 | 123 | <h2>Now, figure out which type of key generation you want to test:</h2> |
| michael@0 | 124 | <select name="testType" onChange="setTestType()">` |
| michael@0 | 125 | <option value="SigningOnlyRSA">Signing Only-RSA |
| michael@0 | 126 | <option value="EncryptionOnlyRSA">Encryption Only-RSA |
| michael@0 | 127 | <option value="SignAndEncryptRSA">Sign and Encrypt Single Key -RSA |
| michael@0 | 128 | <option value="DualRSAKeys">Dual Keys-RSA |
| michael@0 | 129 | <option value="DSAKeyGen">DSA Key Gen |
| michael@0 | 130 | </select> |
| michael@0 | 131 | <input type="hidden" name=CRMFRequest value=""> |
| michael@0 | 132 | <hr> |
| michael@0 | 133 | <input type="button" value="OK" onclick="processForm(document.crmfForm)"> |
| michael@0 | 134 | </form> |
| michael@0 | 135 | </body> |
| michael@0 | 136 | </html> |
