protected void OnButtonOkClicked (object sender, EventArgs e)
{
try{
if (reqChooser.Filename != null) {
/*Füge den importierten Request der Datenbank hinzu und copiere diesen in den
* importedReq Ordner. Anschließen laden den reqStore neu.*/
caHandling.checkImportReq(reqChooser.Filename);
if(!caHandling.lastLine.Contains("error:0906D06C"))
{
insertImportedReq ();
caHandling.callProc ("/bin/cp", reqChooser.Filename + " " + firstSetup.mainDir + "/" +
mainWindow.selectedCA + "-ca/importedReqs/", "REQ: " + mainWindow.importedReqName + " imported");
mainWindow.clearREQStore ();
mainWindow.clearREQInfoStore ();
reqLoad ();
mWin = new msgWindow("Request: " + getFilename() + " imported","succes");
this.Destroy ();
}
else{
mWin = new msgWindow ("Request: " + getFilename() + " must be in PEM-Format","error");
}
} else {
mWin = new msgWindow ("No Request for import selected", "error");
}
}
catch(SqliteException ex){
mWin = new msgWindow (ex.Message,"error");
return;
}
}
protected void OnButtonOkClicked (object sender, EventArgs e)
{
//Prüfe auf die Korrektheit der Entrys
if (caCertChooser.Filename == null) {
errList.Add ("Please choose a valid path to export");
}
if (!Regex.IsMatch (caCertExportEntry.Text, regExCases.storageRegex)) {
errList.Add ("Filename must only contain A-Z, a-z and/or 0-9");
}
/*Rufe Exportfunktion auf. Hier wird nur im PEM-Format exportiert, da
* der private Schlüssel der CA nicht weitergegeben werden darf*/
if (errList.Count == 0) {
caHandling.exportCaCert (mainWindow.selectedCA,caCertChooser.Filename + "/" + caCertExportEntry.Text + ".pem");
mWin = new msgWindow ("CA-Certificate: " + caCertExportEntry.Text + " exported to \n " +
"path: " + caCertChooser.Filename, "succes");
this.Destroy ();
} else {
mWin = new msgWindow (errList, "error");
errList.Clear ();
}
}
protected void OnButtonOkClicked (object sender, EventArgs e)
{
caHandling.checkPass (revokeCAPass.Text);
if (!caHandling.lastLine.Contains("unable to load Private Key")) {
if (!delCert) {
caHandling.revokeCert (mainWindow.selectedCA, certNum, revokeCAPass.Text, reasonBox.ActiveText);
caHandling.genCRL (mainWindow.selectedCA, revokeCAPass.Text);
mainWindow.clearCertStore ();
mainWindow.clearInfoCertStore ();
certLoad ();
mWin = new msgWindow ("Certificate: " + certName + " revoked \n" +
"with Reason:" + reasonBox.ActiveText,"success");
this.Destroy ();
} else {
parser.checkValid(mainWindow.selectedCA,certNum);
if (!parser.valid.Equals ("R")) {
caHandling.revokeCert (mainWindow.selectedCA, certNum, revokeCAPass.Text, reasonBox.ActiveText);
caHandling.genCRL (mainWindow.selectedCA, revokeCAPass.Text);
mWin = new msgWindow ("Certificate: " + certName + " revoked \n" +
"with Reason:" + reasonBox.ActiveText,"success");
}
deleteCert ();
mainWindow.clearCertStore ();
mainWindow.clearInfoCertStore ();
certLoad ();
this.Destroy ();
}
} else {
mWin = new msgWindow ("Wrong CA-Password", "error");
}
}
//Führe das Script auf dem ausgewählten Pfad aus
protected void OnRunScriptClicked (object sender, EventArgs e)
{
if (scriptChooser.Filename != null) {
caHandling.runScript (scriptChooser.Filename);
} else {
mWin = new msgWindow ("Please select a valid Path","error");
}
}
protected void OnCrlWinCloseClicked (object sender, EventArgs e)
{
if (Regex.IsMatch (crlDays.Text, regExCases.validRegex)) {
createNewCA.crlDays = crlDays.Text;
this.Destroy ();
} else {
mWin = new msgWindow ("Entry: Days must contain 1 up to 4 decimal numbers", "error");
}
}
protected void OnButtonOkClicked (object sender, EventArgs e)
{
//Prüfe die Entryfelder per Regex
if (filechooserbuttonCert.Filename == null) {
errList.Add ("Path for export must not be empty");
}
if (!Regex.IsMatch (nameExCert.Text, regExCases.storageRegex)) {
errList.Add ("Export name must only contain A-Z, a-z and 0-9");
}
if (nameExCert.Text.Equals ("")) {
errList.Add ("Export name must not be empty");
}
if (nameExCert.Text.Length >= 100) {
errList.Add ("Export name max. length = 100 characters");
}
if (errList.Count == 0) {
/* Würde ein normales Export stattfinden, wird ins PKCS12 Format exportiert. Dieses
* Format enthält das Zertifikat, den öffentlichen und den privaten Schlüssel. Um
* letzteren verwenden zu können wird allerdings das Password benötigt. Bei einer
* nicht korrekten Eingabe wird von Openssl eine Errormeldung ausgegeben, welche hier
* wieder zum prüfen der Korrektheit des Passwortes verwendet wird.*/
if (!import) {
caHandling.checkCertPass (firstSetup.mainDir + "/" + mainWindow.selectedCA + "-ca/certreqs/" +
selectedNum + ".key", privPass.Text);
if (!caHandling.lastLine.Contains ("unable to load Private Key")) {
caHandling.exportpkcs12Cert (nameExCert.Text, selectedPath, filechooserbuttonCert.Filename, selectedNum,
certPass.Text, privPass.Text, firstSetup.mainDir + "/" + mainWindow.selectedCA + "-ca/certreqs/" +
selectedNum + ".key");
mWin = new msgWindow ("CA-Certificate: " + nameExCert.Text + " exported to \n " +
"path: " + filechooserbuttonCert.Filename, "succes");
this.Destroy ();
} else {
mWin = new msgWindow ("Wrong password for private key", "error");
}
} else {
caHandling.exportImportCert (nameExCert.Text, selectedPath, filechooserbuttonCert.Filename);
mWin = new msgWindow ("CA-Certificate: " + nameExCert.Text + " exported to \n " +
"path: " + filechooserbuttonCert.Filename, "succes");
this.Destroy ();
}
} else {
mWin = new msgWindow (errList, "error");
errList.Clear ();
}
}
protected void OnButtonGenerateClicked (object sender, EventArgs e)
{
if (!caPass.Text.Equals ("")) {
caHandling.checkPass (caPass.Text);
} else {
mWin = new msgWindow ("Entry: Password must not be empty!", "error");
}
if (!caHandling.lastLine.Contains ("unable to load Private Key")) {
caHandling.genCRL (mainWindow.selectedCA, caPass.Text);
this.Destroy ();
}
else {
mWin = new msgWindow ("Wrong CA-Password", "error");
}
}
//Erstelle eine Sqlite-Datei und erstelle die möglichen Tabellen
public static void createDB(string filename,string sql){
try{
SqliteConnection.CreateFile (filename);
using (SqliteConnection con = new SqliteConnection ("Data Source=" + filename)) {
con.Open ();
string stm = sql;
using (SqliteCommand cmd = new SqliteCommand (stm, con)) {
cmd.ExecuteNonQuery ();
}
con.Close ();
}
}
catch(SqliteException sqlex){
mWin = new msgWindow (sqlex.Message, "error");
}
}
//Erstelle Hauptverzeichniss des Programms, falss dieses noch nicht existiert
public static void createMainDir(string mainFolder){
try{
if (!Directory.Exists (homeFolder + "/" + mainFolder)) {
mainDir = homeFolder + "/" + mainFolder;
Directory.CreateDirectory (homeFolder + "/" + mainFolder);
createDB (firstSetup.mainDir + "/caDB.sqlite", "create table CA (caName varchar(100) primary key, path varchar (100))");
}
//Ansonsten setze nur den Pfad zum Hauptverzeichniss
else {
mainDir = homeFolder + "/" + mainFolder;
return;
}
}
catch(IOException ioex){
mWin = new msgWindow (ioex.Message, "error");
}
}
protected void OnCrlAddClicked (object sender, EventArgs e)
{
if (Regex.IsMatch (crlURIEntry.Text, regExCases.uriRegex)) {
createNewCA.usrList.Add ("crlDistributionPoints = URI:" + crlURIEntry.Text);
createNewCA.v3reqList.Add ("crlDistributionPoints = URI:" + crlURIEntry.Text);
createNewCA.v3caList.Add ("crlDistributionPoints = URI:" + crlURIEntry.Text);
createNewCA.crlList.Add ("crlDistributionPoints = URI:" + crlURIEntry.Text);
crlURIEntry.IsEditable = false;
crlURL = crlURIEntry.Text;
crlLabel.Text = "URL added";
crlDel.Sensitive = true;
crlAdd.Sensitive = false;
}
else{
mWin = new msgWindow("URI in CRLDistributionpoint not valid\n\n " +
"Example: (http|https|ftp)://www.example.com","error");
return;
}
}
public viewLog (string path, bool cert)
{
this.Build ();
try{
if(cert){
using (StreamReader sr = new StreamReader (path)){
certText = sr.ReadToEnd();
logView.Buffer.Text = certText;
}
}
else{
logText = File.ReadAllText (path);
logView.Buffer.Text = logText;
}
}
catch(FileNotFoundException e1){
mWin = new msgWindow (e1.Message, "error");
this.Destroy ();
}
catch(FileLoadException e2){
mWin = new msgWindow (e2.Message, "error");
this.Destroy ();
}
}
protected void OnOkCertButtonClicked (object sender, EventArgs e)
{
caHandling.checkPass (certCaPass.Text);
if (!caHandling.lastLine.Contains("unable to load Private Key")) {
//Bei korrektem CA-Passwort werden die Extensions ins Exfile geschrieben
if (hasMail) {
extList.AddRange (genAltNames ("email", mailList, 1));
} else {
extList.AddRange (genAltNames ("email", mailList, 0));
}
extList.AddRange (genAltNames ("DNS", dnsList,0));
extList.AddRange (genAltNames ("URI", uriList,0));
extList.AddRange (genAltNames ("IP", ipList, 0));
createExtFile.writeFile (extList,certTypeBox.ActiveText);
//Die aktuelle Serial-Nummer wird aus dem Serial File zur Speicherung ausgelesen
using (StreamReader sr = new StreamReader (firstSetup.mainDir + "/" + mainWindow.selectedCA + "-ca/serial")) {
serial = sr.ReadLine ();
sr.Close ();
}
//Die jeweilige Funktion wird bei Import/Nichtimport ausgeführt
if (!isImport) {
caHandling.signCert (firstSetup.mainDir + "/" + mainWindow.selectedCA + "-ca/openssl.conf",
firstSetup.mainDir + "/temp.ext", reqPath, certCaPass.Text);
} else {
caHandling.signCertImportedReq (firstSetup.mainDir + "/" + mainWindow.selectedCA + "-ca/openssl.conf",
firstSetup.mainDir + "/temp.ext", reqPath, certCaPass.Text, importInfo ["Commonname"],
importInfo ["Country"], importInfo ["State"], importInfo ["Locality"], importInfo ["Organization"],
importInfo ["Organizationunit"]);
}
/*Fange Openssl Errormeldungen und SQL Errormeldungen ab, wenn keine vorhanden:
* Eintrag in Datenbannk durch insertCert-Methode*/
if (!caHandling.lastLine.Contains ("error")){
try {
insertCert ();
} catch (SqliteException ex) {
mWin = new msgWindow (ex.Message, "error");
}
mWin = new msgWindow ("Certificate: " + storageName + " signed", "succes");
//Aktualisiere Certstore im Mainwindow
mainWindow.clearCertStore ();
certLoad ();
this.Destroy ();
} else {
/*Da Openssl trotz Errormeldungen in manchen Fällen eine nicht korrekt codierte
* Datei erstellt, wird bei nichtgelingen des Erstellungs/Insertvorgangs die aktuelle
* Zertifikatdatei wieder gelöscht*/
caHandling.callProc ("/bin/rm",firstSetup.mainDir + "/" + mainWindow.selectedCA + "-ca/certs/" +
serial + ".pem", "Certificate deleted: Name " + serial);
mWin = new msgWindow ("REQ already used", "error");
mainWindow.clearCertStore ();
certLoad ();
this.Destroy ();
}
} else {
mWin = new msgWindow ("Wrong Password", "error");
}
}
protected void OnaddSubjAltClicked (object sender, EventArgs e)
{
switch (subjAltReason.ActiveText) {
case "DNS":
if (Regex.IsMatch (subjAltEntry.Text, regExCases.dnsRegex)) {
dnsList.Add (subjAltEntry.Text);
subjAltBox.AppendText ("DNS:" + subjAltEntry.Text);
subjAltBox.Active = 0;
subAltremove.Sensitive = true;
} else {
mWin = new msgWindow ("DNS not valid","error");
}
break;
case "URI":
if (Regex.IsMatch (subjAltEntry.Text, regExCases.uriRegex)) {
uriList.Add (subjAltEntry.Text);
subjAltBox.AppendText ("URI:" + subjAltEntry.Text);
subjAltBox.Active = 0;
subAltremove.Sensitive = true;
} else {
mWin = new msgWindow ("URI not valid","error");
}
break;
case "eMail":
if (Regex.IsMatch (subjAltEntry.Text, regExCases.emailRegex)) {
mailList.Add (subjAltEntry.Text);
subjAltBox.AppendText ("email:" + subjAltEntry.Text);
subjAltBox.Active = 0;
subAltremove.Sensitive = true;
} else {
mWin = new msgWindow ("eMail not valid","error");
}
break;
case "IP":
if (Regex.IsMatch (subjAltEntry.Text, regExCases.ipRegex)) {
ipList.Add (subjAltEntry.Text);
subjAltBox.AppendText ("IP:" + subjAltEntry.Text);
subjAltBox.Active = 0;
subAltremove.Sensitive = true;
} else {
mWin = new msgWindow ("IP not valid","error");
}
break;
default:
break;
}
}
protected void OnOKButtonReqClicked (object sender, EventArgs e)
{
List<string> errList = new List<string> ();
//Prüfen der verschiedenen Entryfelder anhand von Regex.
if (!Regex.IsMatch (reqName.Text, regExCases.storageRegex)) {
errList.Add ("Entry: Storagename must only contain A-Z, a-z and/or 0-9, no whitespace allowed");
}
if (reqName.Text.Equals ("")) {
errList.Add ("Entry: Storagename must not be empty");
}
if (reqName.Text.Length > 100) {
errList.Add ("Entry: Storagename max. length = 100 characters");
}
if (!Regex.IsMatch (reqCommon.Text, regExCases.commonRegex)) {
errList.Add ("Entry: Commonname must only contain A-Z, a-z, 0-9 and/or - & . : /");
}
if (reqCommon.Text.Equals ("")) {
errList.Add ("Entry: Commonname must not be empty");
}
if (reqCommon.Text.Length > 100) {
errList.Add ("Entry: Commonname max. length = 100 characters");
}
if (!Regex.IsMatch (reqCountry.Text, regExCases.countryRegex)) {
errList.Add ("Entry: Country must be a 2 letter code (A-Z and a-z)");
}
if (reqCountry.Text.Equals ("")) {
errList.Add ("Entry: Country must not be empty");
}
if (reqState.Text.Equals ("")) {
errList.Add ("Entry: State/Province Name must not be empty");
}
if(!Regex.IsMatch (reqState.Text, regExCases.stateRegex)) {
errList.Add ("Entry: State/Province Name must only contain A-Z,a-z and/or -");
}
if (!reqLocality.Text.Equals ("")) {
if (!Regex.IsMatch (reqLocality.Text, regExCases.commonRegex)) {
errList.Add ("Entry: Locality must only contain A-Z, a-z, 0-9 and/or - & . : /");
}
}
if (reqOrga.Text.Equals ("")) {
errList.Add ("Entry: Organization must not be empty");
}
if (!Regex.IsMatch (reqOrga.Text, regExCases.commonRegex)) {
errList.Add ("Entry: Organization must only contain A-Z, a-z, 0-9 and/or - & . : /");
}
if (!reqOrgaUnit.Text.Equals ("")) {
if (!Regex.IsMatch (reqOrgaUnit.Text, regExCases.commonRegex)) {
errList.Add ("Entry: Organization Unit must only contain A-Z, a-z, 0-9 and/or - & . : /");
}
}
if (!reqeMail.Text.Equals ("")) {
if (!Regex.IsMatch (reqeMail.Text, regExCases.emailRegex)) {
errList.Add ("Entry: eMail has the wrong format");
}
if (reqeMail.Text.Length >= 64) {
errList.Add ("Entry: eMail max. length = 64 characters");
}
if (reqeMail.Text.Length < 6) {
errList.Add ("Entry: eMail min. length = 6 characters");
}
}
if (!Regex.IsMatch(reqDays.Text,regExCases.validRegex)){
errList.Add ("Entry: Days must contain 1 up to 4 decimal numbers");
}
if (!isimport) {
if (!Regex.IsMatch (reqKeyPass.Text, regExCases.passRegex)) {
errList.Add ("Entry: Password must contain 4 digits at least");
}
if (!(reqKeyPass.Text.Equals (reqKeyPassConf.Text))) {
errList.Add ("Please Confirm with the same Password");
}
}
if (errList.Count == 0) {
try{
//Lese aktuelle Seriennummer der CA
using (StreamReader sr = new StreamReader (firstSetup.mainDir + "/" + mainWindow.selectedCA + "-ca/serial")) {
string serial = sr.ReadLine ();
sr.Close ();
/*Handel es sich um einen nicht importierten Request, wird zuerst ein privater
* RSA-Schlüssel erstellt. Anschließen wird mit diesem Schlüssel ein Request
* erstellt. Anschließen wird der Datenbank ein neuer Eintrag hinzugefügt. Mit
diesem Request wird im nächsten Schritt das Fenster zur Erstellung des Zertifikats
geöffnet.*/
if(!isimport){
caHandling.createRSAREQKey(selectedCA,serial,reqCipherBox.ActiveText,
reqKeyPass.Text,reqKeySizeBox.ActiveText);
caHandling.createReqCert(selectedCA,serial,reqCommon.Text,reqKeyPass.Text,reqDays.Text,reqCountry.Text,
reqState.Text,reqLocality.Text,reqOrga.Text,reqOrgaUnit.Text);
insertReq(serial);
cWin = new createCert(certLoad,firstSetup.mainDir + "/" + mainWindow.selectedCA +"-ca/certreqs/"+serial+".csr",reqName.Text,reqeMail.Text);
Console.WriteLine(reqeMail.Text);
this.Destroy();
}
/*Bei einem importierten Request werden lediglich die Informationen bezüglich
* des Subjectnames ausgelesen, in ein Dictionary geschrieben und im nächsten
* Schritt an der Fenster zur Erstellung eines Zertifikats weitergereicht.*/
else{
collectImportInfo();
cWin = new createCert(certLoad,reqPath,importedInfo,reqeMail.Text);
this.Destroy();
}
}
}
catch (SqliteException sqle){
mWindow = new msgWindow (sqle.Message,"error");
return;
}
} else {
mWindow = new msgWindow (errList,"error");
}
}
//Lese die zu parsende Datei ein
public void readAll(string path){
subjAltList.Clear ();
if (File.Exists(path)) {
string s;
using (StreamReader sr = new StreamReader (path)) {
/*Da Requests nicht im Plaintext eingelesen werden können, wird auf den
* Bashoutput zurück gegriffen*/
if (path.Contains (".csr")) {
caHandling.startBash ("openssl req -in " + path + " -text", "readreq");
s = caHandling.getInfo;
} else {
s = sr.ReadToEnd ();
}
//Die einzelnen Bestandteile eines Cert./Req. werden per Regex ausgelesen
Match match = Regex.Match (s, @"X509v3 Basic Constraints:\s*(\n|\r|\r\n|\bcritical\b)?\s*(?<Basic>.*)");
this.basic = (match.Groups ["Basic"].Value);
match = Regex.Match (s, @"X509v3 Subject Key Identifier:\s*(\n|\r|\r\n)?\s*(?<subKey>.*)");
this.subKey = (match.Groups ["subKey"].Value);
match = Regex.Match (s, @"X509v3 Authority Key Identifier:\s*(\n|\r|\r\n)?\s*(?<authKey>.*)");
this.authKey = (match.Groups ["authKey"].Value);
match = Regex.Match (s, @"X509v3 Subject Alternative Name:\s*(\n|\r|\r\n)?\s*(?<subjAlt>.*)");
foreach(Match m in Regex.Matches(match.Groups ["subjAlt"].Value,@"(?<subjaltNames>((\bURI:\b.*?)|(\bDNS:\b.*?)|(\bemail:\b.*?)|(\bIP Address:\b).*?))(, |$)")){
this.subjAltList.Add (m.Groups ["subjaltNames"].Value);
}
match = Regex.Match (s, @"X509v3 Key Usage:\s*(\n|\r|\r\n|\s*)(?<keyusage>.*)");
this.keyusage = (match.Groups ["keyusage"].Value);
match = Regex.Match (s, @"X509v3 Extended Key Usage:\s*(\n|\r|\r\n|\s*)(?<usage>.*)");
this.certUsage = (match.Groups ["usage"].Value);
match = Regex.Match (s, @"X509v3 CRL Distribution Points:(\s*|(\n|\r|\r\n)|Full Name:)*URI:(?<crlUrl>.*)");
this.crlUrl = (match.Groups ["crlUrl"].Value);
match = Regex.Match (s, @"Signature Algorithm: (?<sigAlgo>.*)");
this.sigAlgo = (match.Groups ["sigAlgo"].Value);
match = Regex.Match (s, @"Issuer: C=(?<iCountry>.*), ST=(?<istate>.*?)(, L=(?<ilocal>.*))?, O=(?<iorga>.*?)(, OU=(?<iorgaUnit>.*))?, CN=(?<icommonName>.*)");
this.iCountry = match.Groups ["iCountry"].Value;
this.istate = match.Groups ["istate"].Value;
this.ilocal = match.Groups ["ilocal"].Value;
this.iorga = match.Groups ["iorga"].Value;
this.iorgaUnit = match.Groups ["iorgaUnit"].Value;
this.icommonName = match.Groups ["icommonName"].Value;
match = Regex.Match (s, @"Not Before: (?<notBefore>.*)");
this.notBefore = (match.Groups ["notBefore"].Value);
match = Regex.Match (s, @"Not After : (?<notAfter>.*)");
this.notAfter = (match.Groups ["notAfter"].Value);
match = Regex.Match (s, @"Public Key Algorithm: (?<pubKeyAlgo>.*)");
this.pubKeyAlgo = (match.Groups ["pubKeyAlgo"].Value);
match = Regex.Match (s, @"Subject: C=(?<sCountry>.*), ST=(?<sstate>.*?)(, L=(?<slocal>.*))?, O=(?<sorga>.*?)(, OU=(?<sorgaUnit>.*))?, CN=(?<scommonName>.*)");
this.sCountry = match.Groups ["sCountry"].Value;
this.sstate = match.Groups ["sstate"].Value;
this.slocal = match.Groups ["slocal"].Value;
this.sorga = match.Groups ["sorga"].Value;
this.sorgaUnit = match.Groups ["sorgaUnit"].Value;
this.scommonName = match.Groups ["scommonName"].Value;
}
} else {
mWin = new msgWindow ("PARSER: Path does not exist", "error");
}
}
protected void okButtonclicked (object sender, EventArgs e)
{
//Prüfen der verschiedenen Entryfelder anhand von Regex.
List<string> errList = new List<string> ();
if (!Regex.IsMatch (NameCA.Text, regExCases.storageRegex)) {
errList.Add ("Entry: Storagename must only contain A-Z, a-z and/or 0-9, no whitespace allowed");
}
if (NameCA.Text.Equals ("")) {
errList.Add ("Entry: Storagename must not be empty");
}
if (NameCA.Text.Length > 100) {
errList.Add ("Entry: Storagename max. length = 100 characters");
}
if (!Regex.IsMatch (commonNameCA.Text, regExCases.commonRegex)) {
errList.Add ("Entry: Commonname must only contain A-Z, a-z, 0-9 and/or - & . : /");
}
if (commonNameCA.Text.Equals ("")) {
errList.Add ("Entry: Commonname must not be empty");
}
if (commonNameCA.Text.Length > 100) {
errList.Add ("Entry: Commonname max. length = 100 characters");
}
if (!Regex.IsMatch (CountryCA.Text, regExCases.countryRegex)) {
errList.Add ("Entry: Country must be a 2 letter code (A-Z and a-z)");
}
if (CountryCA.Text.Equals ("")) {
errList.Add ("Entry: Country must not be empty");
}
if (StateProvinceCA.Text.Equals ("")) {
errList.Add ("Entry: State/Province Name must not be empty");
}
if(!Regex.IsMatch (StateProvinceCA.Text, regExCases.stateRegex)) {
errList.Add ("Entry: State/Province Name must only contain A-Z,a-z and/or -");
}
if (!LocalityCA.Text.Equals ("")) {
if (!Regex.IsMatch (LocalityCA.Text, regExCases.commonRegex)) {
errList.Add ("Entry: Locality must only contain A-Z, a-z, 0-9 and/or - & . : /");
}
}
if (OrganizationCA.Text.Equals ("")) {
errList.Add ("Entry: Organization must not be empty");
}
if (!Regex.IsMatch (OrganizationCA.Text, regExCases.commonRegex)) {
errList.Add ("Entry: Organization must only contain A-Z, a-z, 0-9 and/or - & . : /");
}
if (!OrganizationUnitCA.Text.Equals ("")) {
if (!Regex.IsMatch (OrganizationUnitCA.Text, regExCases.commonRegex)) {
errList.Add ("Entry: Organization Unit must only contain A-Z, a-z, 0-9 and/or - & . : /");
}
}
if (!eMailCA.Text.Equals ("")) {
if (!Regex.IsMatch (eMailCA.Text, regExCases.emailRegex)) {
errList.Add ("Entry: eMail has the wrong format");
}
if (eMailCA.Text.Length >= 64) {
errList.Add ("Entry: eMail max. length = 64 characters");
}
if (eMailCA.Text.Length < 6) {
errList.Add ("Entry: eMail min. length = 6 characters");
}
}
if (!Regex.IsMatch (PasswordCA.Text, regExCases.passRegex)) {
errList.Add ("Entry: Password must contain 4+ digits");
}
if (!(PasswordCA.Text.Equals (PasswordCAConfirmation.Text))) {
errList.Add ("Please Confirm with the same Password");
}
if (!Regex.IsMatch(ValidCA.Text,regExCases.validRegex)){
errList.Add ("Entry: Days must contain 1 up to 4 decimal numbers");
}
if (errList.Count == 0) {
//Lege Ordnerstruktur und Datenbanken der CA an
caHandling.createDirectorys (NameCA.Text);
firstSetup.createDB (firstSetup.mainDir + "/" + NameCA.Text + "-ca/certsdb/certDB.sqlite","create table certs (certName varchar(100) primary key, certNr varchar(10), certPath varchar(200), caName varchar(100), reqPath varchar(200))");
firstSetup.createDB (firstSetup.mainDir + "/" + NameCA.Text + "-ca/certsdb/reqDB.sqlite","create table reqs (reqName varchar(100) primary key, caName varchar(100), reqPath varchar(200))");
firstSetup.createDB (firstSetup.mainDir + "/" + NameCA.Text + "-ca/certsdb/importReqsDB.sqlite","create table importReqs (reqName varchar(100) primary key, caName varchar(100), reqPath varchar(200))");
//Setze Extensions für das Configfile der CA
setBasicExtensions ();
createConfigFile.writeUsrExt(usrList);
createConfigFile.writev3reqExt(v3reqList);
createConfigFile.writev3caExt(v3caList);
createConfigFile.writecrlExt(crlList);
createConfigFile.writeConfig (NameCA.Text,DigestCA.ActiveText,KeySizeBoxCA.ActiveText,crlDays);
//Erstelle Key, Request und Selfsigned Cert.
caHandling.createRSACAKey (NameCA.Text,cipherAlgoBox.ActiveText,PasswordCA.Text,KeySizeBoxCA.ActiveText);
caHandling.createReqCa (NameCA.Text, PasswordCA.Text, ValidCA.Text, CountryCA.Text,
StateProvinceCA.Text, LocalityCA.Text, OrganizationCA.Text, OrganizationUnitCA.Text,
commonNameCA.Text);
caHandling.selfsignCa (NameCA.Text, ValidCA.Text, PasswordCA.Text, DigestCA.ActiveText);
caHandling.genCRL (NameCA.Text, PasswordCA.Text);
usrList.Clear();
v3reqList.Clear();
v3caList.Clear();
crlList.Clear ();
//Bei Errormeldung durch Openssl wird das aktuelle Verzeichnis komplett gelöscht
if (!caHandling.lastLine.Contains ("error")) {
mainWindow.selectedCA = NameCA.Text;
mainWindow.clearCAStore ();
mainWindow.clearREQStore ();
mainWindow.clearCertStore ();
try{
insertIntoCA ();
}
catch(SqliteException ex){
mWindow = new msgWindow (ex.Message,"error");
return;
}
loadCA ();
mWindow = new msgWindow ("CA: " + NameCA.Text + " was created", "success");
} else {
caHandling.callProc ("/bin/rm", "-r " + firstSetup.mainDir + "/" + NameCA.Text + "-ca/", "CA: " + NameCA.Text + " deleted, error detected");
}
crlExt.crlURL = "";
this.Destroy ();
}
else {
mWindow = new msgWindow (errList,"error");
}
}
public static void createDirectorys(string caName){
caName = caName.Replace (" ", string.Empty);
try{
if (!Directory.Exists(firstSetup.mainDir +"/"+caName+"-ca")) {
Directory.CreateDirectory (firstSetup.mainDir+"/"+caName+"-ca");
DirectoryInfo di = new DirectoryInfo (firstSetup.mainDir+"/"+caName+"-ca");
for (int i = 0; i < directorysToCreate.Length; i++) {
di.CreateSubdirectory (directorysToCreate [i]);
}
callProc("/usr/bin/touch",firstSetup.mainDir +"/"+caName+"-ca/openssl.conf", "Config File Written");
callProc("/usr/bin/touch",firstSetup.mainDir +"/"+caName+"-ca/index.txt","Index File Written");
File.WriteAllText(firstSetup.mainDir + "/"+caName+"-ca/serial","1000");
File.WriteAllText(firstSetup.mainDir + "/"+caName+"-ca/crlnumber","1000");
}
else{
return;
}
}
catch(IOException exIO){
mWindow = new msgWindow (exIO.Message,"error");
}
}
