#!/usr/bin/perl## Certification Authority (HTML Interface)## (c) 1999 by Massimiliano Pala and OpenCA Group## All Rights Reserved#### Program currently tested with Perl5 Linux, Solaris and Apache.#### DISC CLAIMER: THIS SOFTWARE IS GIVEN AS IS WITHOUT ANY WARRANTIES## ABOUT ANY DAMAGE DERIVED BY THE USE ( CORRECT OR NOT ) OF THIS## SOFTWARE. THE AUTHOR IS THEREFORE NOT RESPONSABLE IN ANY WAY OF## DAMAGES RELATED IN ANY WAY TO THIS OR SUPPORTED SOFTWARE AS WELL.#### Thank you for using this software, and remember that Open Projects## are the future of mankind. Do not sleep, partecipate to world wide## efforts to make life easier for all!sub signData {	my $keys = { @_ };	my $ret;	return $ret;}sub cryptData {	my $keys = { @_ };	my $ret;	return $ret;}sub envelope {	return;}sub libCheckSignature {	my $keys 	= { @_ };	my $item 	= $keys->{OBJECT};	my $sig		= $keys->{SIGNATURE};	my $tempDir     = getRequired('tempDir');	my $opencaDir   = getRequired('BaseDir');	my ( $sigCert );	if( (not $item) and (not $sig) ) {		$errno = 5;		$errval = "Parameters error, needed at least item or object";		return;	}	## Get the signature Object if not already given	if( $item ) {		$sig = libGetSignatureObject( OBJECT=>$item );		if( not $sig ) {			$errno = 40;			$errval = "Signature not Found!";			return;		}	}	if( $sig->errno() != 0 ) {		$errno = $sig->errno();		$errval = "Not Valid ( $errno )";		return;	} else {		$errval = "Signature Correctly Verified";	}	## Get signer certificate (or it should be - serial oriented)	## form the local dB	$tmpCert = libGetSignerCertificateDB( SIGNATURE=> $sig );	if( not $tmpCert ) {		$errno = 404;		$errval = "Signer's Certificate Not Present in dB";		return;	}	## Get signer certificate from the pkcs7 structure	$sigCert = new OpenCA::X509 ( SHELL => $cryptoShell,			DATA => $sig->getSigner()->{CERTIFICATE});	if( not $sigCert ) {		$errno = 421;		$errval = "Signature Structure Error";		return;	}	if( $tmpCert->getParsed()->{DN} ne $sigCert->getParsed()->{DN} ) {		$errno = 415;		$errval = "Signer's Certificate and DB's Certificate do not" . 			   " match";		return;	}	return 1;}		sub libGetSignatureObject {	my $keys = { @_ };	my $item 	= $keys->{OBJECT};	my $tempDir     = getRequired('tempDir');	my $opencaDir   = getRequired('BaseDir');	my ( $sig, $parsed );	## Get Parsed Object	$parsed = $item->getParsed();	## Save signature and check it	$tools->saveFile( FILENAME=>"${tempDir}/${$}.req",                DATA=>$parsed->{BODY} );	$tools->saveFile( FILENAME=>"${tempDir}/${$}.sig",                DATA=>$parsed->{SIGNATURE} );	## Build a new PKCS7 object	$sig = new OpenCA::PKCS7( SHELL=>$cryptoShell,                                  INFILE=>"${tempDir}/${$}.sig",                                  DATAFILE=>"${tempDir}/${$}.req",                                  CA_DIR=>"${opencaDir}/chain" );	unlink( "${tempDir}/${$}.sig" );	unlink( "${tempDir}/${$}.req" );	return $sig;}sub libGetSignerCertificateDB {	my $keys = { @_ };	my $sig = $keys->{SIGNATURE};	my ( @searchList );	$sigCert = new OpenCA::X509 ( SHELL => $cryptoShell,                              	   DATA => $sig->getSigner()->{CERTIFICATE});	@searchList = $db->searchItems( DATATYPE => 'CERTIFICATE',				SERIAL => $sigCert->getParsed()->{SERIAL} );	if( $#searchList < 0 ) {		return;	} else {		return $searchList[0];	}}1;